vendor: make some transitive dependencies line up better

After a bunch of recent changes/rebasing our vendored dependencies got a
little out of sync w.r.t transitive dependencies through codebases that
are not themselves Go Modules yet.

go.mod

@@ -17,7 +17,7 @@ require (
 	github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e
 	github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da // indirect
 	github.com/armon/go-radix v0.0.0-20160115234725-4239b77079c7 // indirect
-	github.com/aws/aws-sdk-go v1.14.31
+	github.com/aws/aws-sdk-go v1.15.48
 	github.com/beevik/etree v0.0.0-20171015221209-af219c0c7ea1 // indirect
 	github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect
 	github.com/bgentry/speakeasy v0.0.0-20161015143505-675b82c74c0e // indirect
@@ -26,8 +26,8 @@ require (
 	github.com/chzyer/logex v1.1.10 // indirect
 	github.com/chzyer/readline v0.0.0-20161106042343-c914be64f07d
 	github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1 // indirect
-	github.com/cockroachdb/cmux v0.0.0-20170110192607-30d10be49292 // indirect
+	github.com/coreos/bbolt v1.3.0 // indirect
-	github.com/coreos/etcd v3.2.7+incompatible
+	github.com/coreos/etcd v3.3.10+incompatible
 	github.com/coreos/go-semver v0.2.0 // indirect
 	github.com/coreos/go-systemd v0.0.0-20181012123002-c6f51f82210d // indirect
 	github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f // indirect
@@ -48,6 +48,8 @@ require (
 	github.com/googleapis/gax-go v0.0.0-20161107002406-da06d194a00e // indirect
 	github.com/gophercloud/gophercloud v0.0.0-20170524130959-3027adb1ce72
 	github.com/gopherjs/gopherjs v0.0.0-20181004151105-1babbf986f6f // indirect
+	github.com/gorilla/websocket v1.4.0 // indirect
+	github.com/grpc-ecosystem/go-grpc-middleware v1.0.0 // indirect
 	github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 // indirect
 	github.com/grpc-ecosystem/grpc-gateway v1.5.1 // indirect
 	github.com/hashicorp/consul v0.0.0-20171026175957-610f3c86a089
@@ -111,13 +113,16 @@ require (
 	github.com/satori/go.uuid v0.0.0-20160927100844-b061729afc07 // indirect
 	github.com/satori/uuid v0.0.0-20160927100844-b061729afc07 // indirect
 	github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529 // indirect
+	github.com/sirupsen/logrus v1.1.1 // indirect
 	github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d // indirect
 	github.com/smartystreets/goconvey v0.0.0-20180222194500-ef6db91d284a // indirect
+	github.com/soheilhy/cmux v0.1.4 // indirect
 	github.com/spf13/afero v1.0.2
 	github.com/terraform-providers/terraform-provider-aws v1.40.0
 	github.com/terraform-providers/terraform-provider-openstack v0.0.0-20170616075611-4080a521c6ea
 	github.com/terraform-providers/terraform-provider-template v1.0.0 // indirect
 	github.com/terraform-providers/terraform-provider-tls v1.2.0 // indirect
+	github.com/tmc/grpc-websocket-proxy v0.0.0-20171017195756-830351dc03c6 // indirect
 	github.com/ugorji/go v0.0.0-20180813092308-00b869d2f4a5 // indirect
 	github.com/ulikunitz/xz v0.5.4 // indirect
 	github.com/vmihailenco/msgpack v4.0.0+incompatible // indirect
@@ -126,6 +131,9 @@ require (
 	github.com/xlab/treeprint v0.0.0-20161029104018-1d6e34225557
 	github.com/zclconf/go-cty v0.0.0-20180925180032-d9b87d891d0b
 	go.opencensus.io v0.17.0 // indirect
+	go.uber.org/atomic v1.3.2 // indirect
+	go.uber.org/multierr v1.1.0 // indirect
+	go.uber.org/zap v1.9.1 // indirect
 	golang.org/x/crypto v0.0.0-20180910181607-0e37d006457b
 	golang.org/x/net v0.0.0-20180925072008-f04abc6bdfa7
 	golang.org/x/oauth2 v0.0.0-20181003184128-c57b0facaced

go.sum

@@ -35,8 +35,8 @@ github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da h1:8GUt8eRujhVEGZ
 github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY=
 github.com/armon/go-radix v0.0.0-20160115234725-4239b77079c7 h1:MBXhrxjNkjdqJysfNbKMMPFNXlz6EzpOnPcsoYBeD3E=
 github.com/armon/go-radix v0.0.0-20160115234725-4239b77079c7/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8=
-github.com/aws/aws-sdk-go v1.14.31 h1:amhorvKh1zNxo9YCntvA5uDmgw+pCYXOp4xO8WS1oDg=
+github.com/aws/aws-sdk-go v1.15.48 h1:b4uYtqfWWATa/WaKyMM/s0bOiXC1yls+ogxPqAY2Bgs=
-github.com/aws/aws-sdk-go v1.14.31/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0=
+github.com/aws/aws-sdk-go v1.15.48/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0=
 github.com/beevik/etree v0.0.0-20171015221209-af219c0c7ea1 h1:6fqkBkx5cRbd8Pq0UEMxyteIAPoE1KiPptnx1yEzJLU=
 github.com/beevik/etree v0.0.0-20171015221209-af219c0c7ea1/go.mod h1:r8Aw8JqVegEf0w2fDnATrX9VpkMcyFeM0FhwO62wh+A=
 github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973 h1:xJ4a3vCFaGF/jqvzLMYoU8P317H5OQ+Via4RmuPwCS0=
@@ -55,10 +55,10 @@ github.com/chzyer/readline v0.0.0-20161106042343-c914be64f07d h1:aG5FcWiZTOhPQzY
 github.com/chzyer/readline v0.0.0-20161106042343-c914be64f07d/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
 github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1 h1:q763qf9huN11kDQavWsoZXJNW3xEE4JJyHa5Q25/sd8=
 github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
-github.com/cockroachdb/cmux v0.0.0-20170110192607-30d10be49292 h1:dzj1/xcivGjNPwwifh/dWTczkwcuqsXXFHY1X/TZMtw=
+github.com/coreos/bbolt v1.3.0 h1:HIgH5xUWXT914HCI671AxuTTqjj64UOFr7pHn48LUTI=
-github.com/cockroachdb/cmux v0.0.0-20170110192607-30d10be49292/go.mod h1:qRiX68mZX1lGBkTWyp3CLcenw9I94W2dLeRvMzcn9N4=
+github.com/coreos/bbolt v1.3.0/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk=
-github.com/coreos/etcd v3.2.7+incompatible h1:cVHxLUA04329hMmxYEBPWrZftvipxYbGln0FF8mk1l0=
+github.com/coreos/etcd v3.3.10+incompatible h1:KjVWqrZ5U0wa3CxY2AxlH6/UcB+PK2td1DcsYhA+HRs=
-github.com/coreos/etcd v3.2.7+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
+github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
 github.com/coreos/go-semver v0.2.0 h1:3Jm3tLmsgAYcjC+4Up7hJrFBPr+n7rAqYeSw/SZazuY=
 github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
 github.com/coreos/go-systemd v0.0.0-20181012123002-c6f51f82210d h1:t5Wuyh53qYyg9eqn4BbnlIT+vmhyww0TatL+zT3uWgI=
@@ -103,6 +103,10 @@ github.com/gophercloud/gophercloud v0.0.0-20170524130959-3027adb1ce72 h1:I0ssFkB
 github.com/gophercloud/gophercloud v0.0.0-20170524130959-3027adb1ce72/go.mod h1:3WdhXV3rUYy9p6AUW8d94kr+HS62Y4VL9mBnFxsD8q4=
 github.com/gopherjs/gopherjs v0.0.0-20181004151105-1babbf986f6f h1:JJ2EP5vV3LAD2U1CxQtD7PTOO15Y96kXmKDz7TjxGHs=
 github.com/gopherjs/gopherjs v0.0.0-20181004151105-1babbf986f6f/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
+github.com/gorilla/websocket v1.4.0 h1:WDFjx/TMzVgy9VdMMQi2K2Emtwi2QcUQsztZ/zLaH/Q=
+github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ=
+github.com/grpc-ecosystem/go-grpc-middleware v1.0.0 h1:BWIsLfhgKhV5g/oF34aRjniBHLTZe5DNekSjbAjIS6c=
+github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs=
 github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 h1:Ovs26xHkKqVztRpIrF/92BcuyuQ/YW4NSIpoGtfXNho=
 github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk=
 github.com/grpc-ecosystem/grpc-gateway v1.5.1 h1:3scN4iuXkNOyP98jF55Lv8a9j1o/IwvnDIZ0LHJK1nk=
@@ -176,6 +180,8 @@ github.com/kardianos/osext v0.0.0-20160811001526-c2c54e542fb7 h1:pKv4oHt3kat9yf1
 github.com/kardianos/osext v0.0.0-20160811001526-c2c54e542fb7/go.mod h1:1NbS8ALrpOvjt0rHPNLyCIeMtbizbir8U//inJ+zuB8=
 github.com/keybase/go-crypto v0.0.0-20161004153544-93f5b35093ba h1:NARVGAAgEXvoMeNPHhPFt1SBt1VMznA3Gnz9d0qj+co=
 github.com/keybase/go-crypto v0.0.0-20161004153544-93f5b35093ba/go.mod h1:ghbZscTyKdM07+Fw3KSi0hcJm+AlEUWj8QLlPtijN/M=
+github.com/konsorten/go-windows-terminal-sequences v0.0.0-20180402223658-b729f2633dfe h1:CHRGQ8V7OlCYtwaKPJi3iA7J+YdNKdo8j7nG5IgDhjs=
+github.com/konsorten/go-windows-terminal-sequences v0.0.0-20180402223658-b729f2633dfe/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
 github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
@@ -258,10 +264,14 @@ github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529 h1:nn5Wsu0esKSJiIVhscUt
 github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc=
 github.com/sergi/go-diff v1.0.0 h1:Kpca3qRNrduNnOQeazBd0ysaKrUJiIuISHxogkT9RPQ=
 github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo=
+github.com/sirupsen/logrus v1.1.1 h1:VzGj7lhU7KEB9e9gMpAV/v5XT2NVSvLJhJLCWbnkgXg=
+github.com/sirupsen/logrus v1.1.1/go.mod h1:zrgwTnHtNr00buQ1vSptGe8m1f/BbgsPukg8qsT7A+A=
 github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d h1:zE9ykElWQ6/NYmHa3jpm/yHnI4xSofP+UP6SpjHcSeM=
 github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc=
 github.com/smartystreets/goconvey v0.0.0-20180222194500-ef6db91d284a h1:JSvGDIbmil4Ui/dDdFBExb7/cmkNjyX5F97oglmvCDo=
 github.com/smartystreets/goconvey v0.0.0-20180222194500-ef6db91d284a/go.mod h1:XDJAKZRPZ1CvBcN2aX5YOUTYGHki24fSF0Iv48Ibg0s=
+github.com/soheilhy/cmux v0.1.4 h1:0HKaf1o97UwFjHH9o5XsHUOF+tqmdA7KEzXLpiyaw0E=
+github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM=
 github.com/spf13/afero v1.0.2 h1:5bRmqmInNmNFkI9NG9O0Xc/Lgl9wOWWUUA/O8XZqTCo=
 github.com/spf13/afero v1.0.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ=
 github.com/spf13/pflag v1.0.2/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
@@ -275,6 +285,8 @@ github.com/terraform-providers/terraform-provider-template v1.0.0 h1:g2pyFaAJu36
 github.com/terraform-providers/terraform-provider-template v1.0.0/go.mod h1:/J+B8me5DCMa0rEBH5ic2aKPjhtpWNeScmxFJWxB1EU=
 github.com/terraform-providers/terraform-provider-tls v1.2.0 h1:wcD0InKzNh8fanUYQwim62WCd4toeD9WJnPw/RjBI4o=
 github.com/terraform-providers/terraform-provider-tls v1.2.0/go.mod h1:Mxe/v5u31LDW4m32O1z6Ursdh95dpc9Puq6otkYg7tU=
+github.com/tmc/grpc-websocket-proxy v0.0.0-20171017195756-830351dc03c6 h1:lYIiVDtZnyTWlNwiAxLj0bbpTcx1BWCFhXjfsvmPdNc=
+github.com/tmc/grpc-websocket-proxy v0.0.0-20171017195756-830351dc03c6/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
 github.com/ugorji/go v0.0.0-20180813092308-00b869d2f4a5 h1:cMjKdf4PxEBN9K5HaD9UMW8gkTbM0kMzkTa9SJe0WNQ=
 github.com/ugorji/go v0.0.0-20180813092308-00b869d2f4a5/go.mod h1:hnLbHMwcvSihnDhEfx2/BzKp2xb0Y+ErdfYcrs9tkJQ=
 github.com/ulikunitz/xz v0.5.4 h1:zATC2OoZ8H1TZll3FpbX+ikwmadbO699PE06cIkm9oU=
@@ -294,8 +306,15 @@ github.com/zclconf/go-cty v0.0.0-20180925180032-d9b87d891d0b h1:9rQAtgrPBuyPjmPE
 github.com/zclconf/go-cty v0.0.0-20180925180032-d9b87d891d0b/go.mod h1:xnAOWiHeOqg2nWS62VtQ7pbOu17FtxJNW8RLEih+O3s=
 go.opencensus.io v0.17.0 h1:2Cu88MYg+1LU+WVD+NWwYhyP0kKgRlN9QjWGaX0jKTE=
 go.opencensus.io v0.17.0/go.mod h1:mp1VrMQxhlqqDpKvH4UcQUa4YwlzNmymAjPrDdfxNpI=
+go.uber.org/atomic v1.3.2 h1:2Oa65PReHzfn29GpvgsYwloV9AVFHPDk8tYxt2c2tr4=
+go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
+go.uber.org/multierr v1.1.0 h1:HoEmRHQPVSqub6w2z2d2EOVs2fjyFRGyofhKuyDq0QI=
+go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0=
+go.uber.org/zap v1.9.1 h1:XCJQEf3W6eZaVwhRBof6ImoYGJSITeKWsyeh3HFu/5o=
+go.uber.org/zap v1.9.1/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
 golang.org/x/crypto v0.0.0-20180816225734-aabede6cba87 h1:gCHhzI+1R9peHIMyiWVxoVaWlk1cYK7VThX5ptLtbXY=
 golang.org/x/crypto v0.0.0-20180816225734-aabede6cba87/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
+golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20180910181607-0e37d006457b h1:2b9XGzhjiYsYPnKXoEfL7klWZQIt8IfyRCz62gCqqlQ=
 golang.org/x/crypto v0.0.0-20180910181607-0e37d006457b/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -310,6 +329,7 @@ golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f h1:wMNYb4v58l5UBM7MYRLPG6Zh
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20180816055513-1c9583448a9c h1:uHnKXcvx6SNkuwC+nrzxkJ+TpPwZOtumbhWrrOYN5YA=
 golang.org/x/sys v0.0.0-20180816055513-1c9583448a9c/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180925112736-b09afc3d579e h1:LSlw/Dbj0MkNvPYAAkGinYmGliq+aqS7eKPYlE4oWC4=
 golang.org/x/sys v0.0.0-20180925112736-b09afc3d579e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=

vendor/github.com/aws/aws-sdk-go/aws/config.go

@@ -18,7 +18,7 @@ const UseServiceDefaultRetries = -1
 type RequestRetryer interface{}
 
 // A Config provides service configuration for service clients. By default,
-// all clients will use the defaults.DefaultConfig tructure.
+// all clients will use the defaults.DefaultConfig structure.
 //
 //     // Create Session with MaxRetry configuration to be shared by multiple
 //     // service clients.

vendor/github.com/aws/aws-sdk-go/aws/credentials/credentials.go

@@ -158,13 +158,14 @@ func (e *Expiry) SetExpiration(expiration time.Time, window time.Duration) {
 
 // IsExpired returns if the credentials are expired.
 func (e *Expiry) IsExpired() bool {
-	if e.CurrentTime == nil {
+	curTime := e.CurrentTime
-		e.CurrentTime = time.Now
+	if curTime == nil {
+		curTime = time.Now
 	}
-	return e.expiration.Before(e.CurrentTime())
+	return e.expiration.Before(curTime())
 }
 
-// A Credentials provides synchronous safe retrieval of AWS credentials Value.
+// A Credentials provides concurrency safe retrieval of AWS credentials Value.
 // Credentials will cache the credentials value until they expire. Once the value
 // expires the next Get will attempt to retrieve valid credentials.
 //

vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go

@@ -65,6 +65,10 @@ type Provider struct {
 	//
 	// If ExpiryWindow is 0 or less it will be ignored.
 	ExpiryWindow time.Duration
+
+	// Optional authorization token value if set will be used as the value of
+	// the Authorization header of the endpoint credential request.
+	AuthorizationToken string
 }
 
 // NewProviderClient returns a credentials Provider for retrieving AWS credentials
@@ -152,6 +156,9 @@ func (p *Provider) getCredentials() (*getCredentialsOutput, error) {
 	out := &getCredentialsOutput{}
 	req := p.Client.NewRequest(op, nil, out)
 	req.HTTPRequest.Header.Set("Accept", "application/json")
+	if authToken := p.AuthorizationToken; len(authToken) != 0 {
+		req.HTTPRequest.Header.Set("Authorization", authToken)
+	}
 
 	return out, req.Send()
 }

vendor/github.com/aws/aws-sdk-go/aws/csm/reporter.go

@@ -118,6 +118,7 @@ func (rep *Reporter) sendAPICallMetric(r *request.Request) {
 		Timestamp:     (*metricTime)(&now),
 		Type:          aws.String("ApiCall"),
 		AttemptCount:  aws.Int(r.RetryCount + 1),
+		Region:        r.Config.Region,
 		Latency:       aws.Int(int(time.Now().Sub(r.Time) / time.Millisecond)),
 		XAmzRequestID: aws.String(r.RequestID),
 	}

vendor/github.com/aws/aws-sdk-go/aws/defaults/defaults.go

@@ -112,6 +112,7 @@ func CredProviders(cfg *aws.Config, handlers request.Handlers) []credentials.Pro
 }
 
 const (
+	httpProviderAuthorizationEnvVar = "AWS_CONTAINER_AUTHORIZATION_TOKEN"
 	httpProviderEnvVar              = "AWS_CONTAINER_CREDENTIALS_FULL_URI"
 	ecsCredsProviderEnvVar          = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI"
 )
@@ -187,6 +188,7 @@ func httpCredProvider(cfg aws.Config, handlers request.Handlers, u string) crede
 	return endpointcreds.NewProviderClient(cfg, handlers, u,
 		func(p *endpointcreds.Provider) {
 			p.ExpiryWindow = 5 * time.Minute
+			p.AuthorizationToken = os.Getenv(httpProviderAuthorizationEnvVar)
 		},
 	)
 }

vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go

@@ -72,6 +72,7 @@ func NewClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio
 			cfg,
 			metadata.ClientInfo{
 				ServiceName: ServiceName,
+				ServiceID:   ServiceName,
 				Endpoint:    endpoint,
 				APIVersion:  "latest",
 			},

vendor/github.com/aws/aws-sdk-go/aws/endpoints/decode.go

@@ -84,6 +84,7 @@ func decodeV3Endpoints(modelDef modelDefinition, opts DecodeModelOptions) (Resol
 		custAddEC2Metadata(p)
 		custAddS3DualStack(p)
 		custRmIotDataService(p)
+		custFixAppAutoscalingChina(p)
 	}
 
 	return ps, nil
@@ -122,6 +123,27 @@ func custRmIotDataService(p *partition) {
 	delete(p.Services, "data.iot")
 }
 
+func custFixAppAutoscalingChina(p *partition) {
+	if p.ID != "aws-cn" {
+		return
+	}
+
+	const serviceName = "application-autoscaling"
+	s, ok := p.Services[serviceName]
+	if !ok {
+		return
+	}
+
+	const expectHostname = `autoscaling.{region}.amazonaws.com`
+	if e, a := s.Defaults.Hostname, expectHostname; e != a {
+		fmt.Printf("custFixAppAutoscalingChina: ignoring customization, expected %s, got %s\n", e, a)
+		return
+	}
+
+	s.Defaults.Hostname = expectHostname + ".cn"
+	p.Services[serviceName] = s
+}
+
 type decodeModelError struct {
 	awsError
 }

vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go

@@ -50,6 +50,7 @@ const (
 	AcmPcaServiceID                       = "acm-pca"                      // AcmPca.
 	ApiMediatailorServiceID               = "api.mediatailor"              // ApiMediatailor.
 	ApiPricingServiceID                   = "api.pricing"                  // ApiPricing.
+	ApiSagemakerServiceID                 = "api.sagemaker"                // ApiSagemaker.
 	ApigatewayServiceID                   = "apigateway"                   // Apigateway.
 	ApplicationAutoscalingServiceID       = "application-autoscaling"      // ApplicationAutoscaling.
 	Appstream2ServiceID                   = "appstream2"                   // Appstream2.
@@ -112,6 +113,7 @@ const (
 	ImportexportServiceID                 = "importexport"                 // Importexport.
 	InspectorServiceID                    = "inspector"                    // Inspector.
 	IotServiceID                          = "iot"                          // Iot.
+	IotanalyticsServiceID                 = "iotanalytics"                 // Iotanalytics.
 	KinesisServiceID                      = "kinesis"                      // Kinesis.
 	KinesisanalyticsServiceID             = "kinesisanalytics"             // Kinesisanalytics.
 	KinesisvideoServiceID                 = "kinesisvideo"                 // Kinesisvideo.
@@ -146,7 +148,6 @@ const (
 	RuntimeLexServiceID                   = "runtime.lex"                  // RuntimeLex.
 	RuntimeSagemakerServiceID             = "runtime.sagemaker"            // RuntimeSagemaker.
 	S3ServiceID                           = "s3"                           // S3.
-	SagemakerServiceID                    = "sagemaker"                    // Sagemaker.
 	SdbServiceID                          = "sdb"                          // Sdb.
 	SecretsmanagerServiceID               = "secretsmanager"               // Secretsmanager.
 	ServerlessrepoServiceID               = "serverlessrepo"               // Serverlessrepo.
@@ -304,6 +305,7 @@ var awsPartition = partition{
 				"ca-central-1":   endpoint{},
 				"eu-central-1":   endpoint{},
 				"eu-west-1":      endpoint{},
+				"eu-west-2":      endpoint{},
 				"us-east-1":      endpoint{},
 				"us-east-2":      endpoint{},
 				"us-west-2":      endpoint{},
@@ -330,6 +332,19 @@ var awsPartition = partition{
 				"us-east-1":  endpoint{},
 			},
 		},
+		"api.sagemaker": service{
+
+			Endpoints: endpoints{
+				"ap-northeast-1": endpoint{},
+				"ap-northeast-2": endpoint{},
+				"ap-southeast-2": endpoint{},
+				"eu-central-1":   endpoint{},
+				"eu-west-1":      endpoint{},
+				"us-east-1":      endpoint{},
+				"us-east-2":      endpoint{},
+				"us-west-2":      endpoint{},
+			},
+		},
 		"apigateway": service{
 
 			Endpoints: endpoints{
@@ -394,10 +409,13 @@ var awsPartition = partition{
 
 			Endpoints: endpoints{
 				"ap-northeast-1": endpoint{},
+				"ap-northeast-2": endpoint{},
+				"ap-south-1":     endpoint{},
 				"ap-southeast-1": endpoint{},
 				"ap-southeast-2": endpoint{},
 				"eu-central-1":   endpoint{},
 				"eu-west-1":      endpoint{},
+				"eu-west-2":      endpoint{},
 				"us-east-1":      endpoint{},
 				"us-east-2":      endpoint{},
 				"us-west-2":      endpoint{},
@@ -453,6 +471,7 @@ var awsPartition = partition{
 				"eu-central-1":   endpoint{},
 				"eu-west-1":      endpoint{},
 				"eu-west-2":      endpoint{},
+				"sa-east-1":      endpoint{},
 				"us-east-1":      endpoint{},
 				"us-east-2":      endpoint{},
 				"us-west-1":      endpoint{},
@@ -787,6 +806,7 @@ var awsPartition = partition{
 				Protocols: []string{"https"},
 			},
 			Endpoints: endpoints{
+				"ap-southeast-2": endpoint{},
 				"eu-west-1":      endpoint{},
 				"us-east-1":      endpoint{},
 				"us-east-2":      endpoint{},
@@ -1030,6 +1050,12 @@ var awsPartition = partition{
 				"eu-west-1":      endpoint{},
 				"eu-west-2":      endpoint{},
 				"eu-west-3":      endpoint{},
+				"fips": endpoint{
+					Hostname: "elasticache-fips.us-west-1.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "us-west-1",
+					},
+				},
 				"sa-east-1": endpoint{},
 				"us-east-1": endpoint{},
 				"us-east-2": endpoint{},
@@ -1060,7 +1086,9 @@ var awsPartition = partition{
 		"elasticfilesystem": service{
 
 			Endpoints: endpoints{
+				"ap-northeast-1": endpoint{},
 				"ap-northeast-2": endpoint{},
+				"ap-southeast-1": endpoint{},
 				"ap-southeast-2": endpoint{},
 				"eu-central-1":   endpoint{},
 				"eu-west-1":      endpoint{},
@@ -1095,7 +1123,7 @@ var awsPartition = partition{
 		"elasticmapreduce": service{
 			Defaults: endpoint{
 				SSLCommonName: "{region}.{service}.{dnsSuffix}",
-				Protocols:     []string{"http", "https"},
+				Protocols:     []string{"https"},
 			},
 			Endpoints: endpoints{
 				"ap-northeast-1": endpoint{},
@@ -1195,11 +1223,15 @@ var awsPartition = partition{
 			Endpoints: endpoints{
 				"ap-northeast-1": endpoint{},
 				"ap-northeast-2": endpoint{},
+				"ap-south-1":     endpoint{},
 				"ap-southeast-1": endpoint{},
 				"ap-southeast-2": endpoint{},
 				"ca-central-1":   endpoint{},
 				"eu-central-1":   endpoint{},
 				"eu-west-1":      endpoint{},
+				"eu-west-2":      endpoint{},
+				"eu-west-3":      endpoint{},
+				"sa-east-1":      endpoint{},
 				"us-east-1":      endpoint{},
 				"us-east-2":      endpoint{},
 				"us-west-1":      endpoint{},
@@ -1250,6 +1282,7 @@ var awsPartition = partition{
 				"eu-west-1":      endpoint{},
 				"eu-west-2":      endpoint{},
 				"eu-west-3":      endpoint{},
+				"sa-east-1":      endpoint{},
 				"us-east-1":      endpoint{},
 				"us-east-2":      endpoint{},
 				"us-west-1":      endpoint{},
@@ -1264,6 +1297,7 @@ var awsPartition = partition{
 				"ap-south-1":     endpoint{},
 				"ap-southeast-1": endpoint{},
 				"ap-southeast-2": endpoint{},
+				"ca-central-1":   endpoint{},
 				"eu-central-1":   endpoint{},
 				"eu-west-1":      endpoint{},
 				"eu-west-2":      endpoint{},
@@ -1281,6 +1315,7 @@ var awsPartition = partition{
 				"ap-northeast-1": endpoint{},
 				"ap-southeast-2": endpoint{},
 				"eu-central-1":   endpoint{},
+				"eu-west-1":      endpoint{},
 				"us-east-1":      endpoint{},
 				"us-west-2":      endpoint{},
 			},
@@ -1377,6 +1412,16 @@ var awsPartition = partition{
 				"us-west-2":      endpoint{},
 			},
 		},
+		"iotanalytics": service{
+
+			Endpoints: endpoints{
+				"ap-northeast-1": endpoint{},
+				"eu-west-1":      endpoint{},
+				"us-east-1":      endpoint{},
+				"us-east-2":      endpoint{},
+				"us-west-2":      endpoint{},
+			},
+		},
 		"kinesis": service{
 
 			Endpoints: endpoints{
@@ -1400,6 +1445,7 @@ var awsPartition = partition{
 		"kinesisanalytics": service{
 
 			Endpoints: endpoints{
+				"eu-central-1": endpoint{},
 				"eu-west-1":    endpoint{},
 				"us-east-1":    endpoint{},
 				"us-west-2":    endpoint{},
@@ -1530,6 +1576,7 @@ var awsPartition = partition{
 			Endpoints: endpoints{
 				"ap-northeast-1": endpoint{},
 				"ap-northeast-2": endpoint{},
+				"ap-south-1":     endpoint{},
 				"ap-southeast-1": endpoint{},
 				"ap-southeast-2": endpoint{},
 				"eu-central-1":   endpoint{},
@@ -1558,6 +1605,7 @@ var awsPartition = partition{
 
 			Endpoints: endpoints{
 				"ap-northeast-1": endpoint{},
+				"ap-northeast-2": endpoint{},
 				"ap-southeast-2": endpoint{},
 				"eu-central-1":   endpoint{},
 				"eu-west-1":      endpoint{},
@@ -1816,6 +1864,7 @@ var awsPartition = partition{
 				"eu-central-1":   endpoint{},
 				"eu-west-1":      endpoint{},
 				"eu-west-2":      endpoint{},
+				"eu-west-3":      endpoint{},
 				"sa-east-1":      endpoint{},
 				"us-east-1":      endpoint{},
 				"us-east-2":      endpoint{},
@@ -1858,6 +1907,9 @@ var awsPartition = partition{
 
 			Endpoints: endpoints{
 				"ap-northeast-1": endpoint{},
+				"ap-northeast-2": endpoint{},
+				"ap-southeast-2": endpoint{},
+				"eu-central-1":   endpoint{},
 				"eu-west-1":      endpoint{},
 				"us-east-1":      endpoint{},
 				"us-east-2":      endpoint{},
@@ -1923,17 +1975,6 @@ var awsPartition = partition{
 				},
 			},
 		},
-		"sagemaker": service{
-
-			Endpoints: endpoints{
-				"ap-northeast-1": endpoint{},
-				"ap-northeast-2": endpoint{},
-				"eu-west-1":      endpoint{},
-				"us-east-1":      endpoint{},
-				"us-east-2":      endpoint{},
-				"us-west-2":      endpoint{},
-			},
-		},
 		"sdb": service{
 			Defaults: endpoint{
 				Protocols:         []string{"http", "https"},
@@ -1964,11 +2005,36 @@ var awsPartition = partition{
 				"eu-central-1":   endpoint{},
 				"eu-west-1":      endpoint{},
 				"eu-west-2":      endpoint{},
+				"eu-west-3":      endpoint{},
 				"sa-east-1":      endpoint{},
 				"us-east-1":      endpoint{},
+				"us-east-1-fips": endpoint{
+					Hostname: "secretsmanager-fips.us-east-1.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "us-east-1",
+					},
+				},
 				"us-east-2": endpoint{},
+				"us-east-2-fips": endpoint{
+					Hostname: "secretsmanager-fips.us-east-2.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "us-east-2",
+					},
+				},
 				"us-west-1": endpoint{},
+				"us-west-1-fips": endpoint{
+					Hostname: "secretsmanager-fips.us-west-1.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "us-west-1",
+					},
+				},
 				"us-west-2": endpoint{},
+				"us-west-2-fips": endpoint{
+					Hostname: "secretsmanager-fips.us-west-2.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "us-west-2",
+					},
+				},
 			},
 		},
 		"serverlessrepo": service{
@@ -2043,7 +2109,17 @@ var awsPartition = partition{
 		"servicediscovery": service{
 
 			Endpoints: endpoints{
+				"ap-northeast-1": endpoint{},
+				"ap-northeast-2": endpoint{},
+				"ap-south-1":     endpoint{},
+				"ap-southeast-1": endpoint{},
+				"ap-southeast-2": endpoint{},
+				"ca-central-1":   endpoint{},
+				"eu-central-1":   endpoint{},
 				"eu-west-1":      endpoint{},
+				"eu-west-2":      endpoint{},
+				"eu-west-3":      endpoint{},
+				"sa-east-1":      endpoint{},
 				"us-east-1":      endpoint{},
 				"us-east-2":      endpoint{},
 				"us-west-1":      endpoint{},
@@ -2195,6 +2271,7 @@ var awsPartition = partition{
 			Endpoints: endpoints{
 				"ap-northeast-1": endpoint{},
 				"ap-northeast-2": endpoint{},
+				"ap-south-1":     endpoint{},
 				"ap-southeast-1": endpoint{},
 				"ap-southeast-2": endpoint{},
 				"ca-central-1":   endpoint{},
@@ -2368,8 +2445,26 @@ var awsPartition = partition{
 			Endpoints: endpoints{
 				"eu-west-1": endpoint{},
 				"us-east-1": endpoint{},
+				"us-east-1-fips": endpoint{
+					Hostname: "translate-fips.us-east-1.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "us-east-1",
+					},
+				},
 				"us-east-2": endpoint{},
+				"us-east-2-fips": endpoint{
+					Hostname: "translate-fips.us-east-2.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "us-east-2",
+					},
+				},
 				"us-west-2": endpoint{},
+				"us-west-2-fips": endpoint{
+					Hostname: "translate-fips.us-west-2.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "us-west-2",
+					},
+				},
 			},
 		},
 		"waf": service{
@@ -2495,7 +2590,7 @@ var awscnPartition = partition{
 		},
 		"application-autoscaling": service{
 			Defaults: endpoint{
-				Hostname:  "autoscaling.{region}.amazonaws.com",
+				Hostname:  "autoscaling.{region}.amazonaws.com.cn",
 				Protocols: []string{"http", "https"},
 				CredentialScope: credentialScope{
 					Service: "application-autoscaling",
@@ -2529,6 +2624,13 @@ var awscnPartition = partition{
 				"cn-northwest-1": endpoint{},
 			},
 		},
+		"codebuild": service{
+
+			Endpoints: endpoints{
+				"cn-north-1":     endpoint{},
+				"cn-northwest-1": endpoint{},
+			},
+		},
 		"codedeploy": service{
 
 			Endpoints: endpoints{
@@ -2631,7 +2733,7 @@ var awscnPartition = partition{
 		},
 		"elasticmapreduce": service{
 			Defaults: endpoint{
-				Protocols: []string{"http", "https"},
+				Protocols: []string{"https"},
 			},
 			Endpoints: endpoints{
 				"cn-north-1":     endpoint{},
@@ -2856,6 +2958,12 @@ var awsusgovPartition = partition{
 				"us-gov-west-1": endpoint{},
 			},
 		},
+		"application-autoscaling": service{
+
+			Endpoints: endpoints{
+				"us-gov-west-1": endpoint{},
+			},
+		},
 		"autoscaling": service{
 
 			Endpoints: endpoints{
@@ -2960,6 +3068,12 @@ var awsusgovPartition = partition{
 		"elasticache": service{
 
 			Endpoints: endpoints{
+				"fips": endpoint{
+					Hostname: "elasticache-fips.us-gov-west-1.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "us-gov-west-1",
+					},
+				},
 				"us-gov-west-1": endpoint{},
 			},
 		},
@@ -2981,7 +3095,7 @@ var awsusgovPartition = partition{
 
 			Endpoints: endpoints{
 				"us-gov-west-1": endpoint{
-					Protocols: []string{"http", "https"},
+					Protocols: []string{"https"},
 				},
 			},
 		},
@@ -3024,6 +3138,16 @@ var awsusgovPartition = partition{
 				"us-gov-west-1": endpoint{},
 			},
 		},
+		"iot": service{
+			Defaults: endpoint{
+				CredentialScope: credentialScope{
+					Service: "execute-api",
+				},
+			},
+			Endpoints: endpoints{
+				"us-gov-west-1": endpoint{},
+			},
+		},
 		"kinesis": service{
 
 			Endpoints: endpoints{
@@ -3140,6 +3264,12 @@ var awsusgovPartition = partition{
 				"us-gov-west-1": endpoint{},
 			},
 		},
+		"states": service{
+
+			Endpoints: endpoints{
+				"us-gov-west-1": endpoint{},
+			},
+		},
 		"storagegateway": service{
 
 			Endpoints: endpoints{
@@ -3186,6 +3316,12 @@ var awsusgovPartition = partition{
 			},
 			Endpoints: endpoints{
 				"us-gov-west-1": endpoint{},
+				"us-gov-west-1-fips": endpoint{
+					Hostname: "translate-fips.us-gov-west-1.amazonaws.com",
+					CredentialScope: credentialScope{
+						Region: "us-gov-west-1",
+					},
+				},
 			},
 		},
 	},

vendor/github.com/aws/aws-sdk-go/aws/request/validation.go

@@ -17,6 +17,10 @@ const (
 	ParamMinValueErrCode = "ParamMinValueError"
 	// ParamMinLenErrCode is the error code for fields without enough elements.
 	ParamMinLenErrCode = "ParamMinLenError"
+
+	// ParamFormatErrCode is the error code for a field with invalid
+	// format or characters.
+	ParamFormatErrCode = "ParamFormatInvalidError"
 )
 
 // Validator provides a way for types to perform validation logic on their
@@ -232,3 +236,26 @@ func NewErrParamMinLen(field string, min int) *ErrParamMinLen {
 func (e *ErrParamMinLen) MinLen() int {
 	return e.min
 }
+
+// An ErrParamFormat represents a invalid format parameter error.
+type ErrParamFormat struct {
+	errInvalidParam
+	format string
+}
+
+// NewErrParamFormat creates a new invalid format parameter error.
+func NewErrParamFormat(field string, format, value string) *ErrParamFormat {
+	return &ErrParamFormat{
+		errInvalidParam: errInvalidParam{
+			code:  ParamFormatErrCode,
+			field: field,
+			msg:   fmt.Sprintf("format %v, %v", format, value),
+		},
+		format: format,
+	}
+}
+
+// Format returns the field's required format.
+func (e *ErrParamFormat) Format() string {
+	return e.format
+}

vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go

@@ -739,7 +739,15 @@ func makeSha256Reader(reader io.ReadSeeker) []byte {
 	start, _ := reader.Seek(0, sdkio.SeekCurrent)
 	defer reader.Seek(start, sdkio.SeekStart)
 
+	// Use CopyN to avoid allocating the 32KB buffer in io.Copy for bodies
+	// smaller than 32KB. Fall back to io.Copy if we fail to determine the size.
+	size, err := aws.SeekerLen(reader)
+	if err != nil {
 		io.Copy(hash, reader)
+	} else {
+		io.CopyN(hash, reader, size)
+	}
+
 	return hash.Sum(nil)
 }
 

vendor/github.com/aws/aws-sdk-go/aws/version.go

@@ -5,4 +5,4 @@ package aws
 const SDKName = "aws-sdk-go"
 
 // SDKVersion is the version of this SDK
-const SDKVersion = "1.14.31"
+const SDKVersion = "1.15.48"

vendor/github.com/aws/aws-sdk-go/internal/s3err/error.go

@@ -0,0 +1,57 @@
+package s3err
+
+import (
+	"fmt"
+
+	"github.com/aws/aws-sdk-go/aws/awserr"
+	"github.com/aws/aws-sdk-go/aws/request"
+)
+
+// RequestFailure provides additional S3 specific metadata for the request
+// failure.
+type RequestFailure struct {
+	awserr.RequestFailure
+
+	hostID string
+}
+
+// NewRequestFailure returns a request failure error decordated with S3
+// specific metadata.
+func NewRequestFailure(err awserr.RequestFailure, hostID string) *RequestFailure {
+	return &RequestFailure{RequestFailure: err, hostID: hostID}
+}
+
+func (r RequestFailure) Error() string {
+	extra := fmt.Sprintf("status code: %d, request id: %s, host id: %s",
+		r.StatusCode(), r.RequestID(), r.hostID)
+	return awserr.SprintError(r.Code(), r.Message(), extra, r.OrigErr())
+}
+func (r RequestFailure) String() string {
+	return r.Error()
+}
+
+// HostID returns the HostID request response value.
+func (r RequestFailure) HostID() string {
+	return r.hostID
+}
+
+// RequestFailureWrapperHandler returns a handler to rap an
+// awserr.RequestFailure with the  S3 request ID 2 from the response.
+func RequestFailureWrapperHandler() request.NamedHandler {
+	return request.NamedHandler{
+		Name: "awssdk.s3.errorHandler",
+		Fn: func(req *request.Request) {
+			reqErr, ok := req.Error.(awserr.RequestFailure)
+			if !ok || reqErr == nil {
+				return
+			}
+
+			hostID := req.HTTPResponse.Header.Get("X-Amz-Id-2")
+			if req.Error == nil {
+				return
+			}
+
+			req.Error = NewRequestFailure(reqErr, hostID)
+		},
+	}
+}

vendor/github.com/aws/aws-sdk-go/private/protocol/ec2query/unmarshal.go

@@ -27,7 +27,11 @@ func Unmarshal(r *request.Request) {
 		decoder := xml.NewDecoder(r.HTTPResponse.Body)
 		err := xmlutil.UnmarshalXML(r.Data, decoder, "")
 		if err != nil {
-			r.Error = awserr.New("SerializationError", "failed decoding EC2 Query response", err)
+			r.Error = awserr.NewRequestFailure(
+				awserr.New("SerializationError", "failed decoding EC2 Query response", err),
+				r.HTTPResponse.StatusCode,
+				r.RequestID,
+			)
 			return
 		}
 	}
@@ -52,7 +56,11 @@ func UnmarshalError(r *request.Request) {
 	resp := &xmlErrorResponse{}
 	err := xml.NewDecoder(r.HTTPResponse.Body).Decode(resp)
 	if err != nil && err != io.EOF {
-		r.Error = awserr.New("SerializationError", "failed decoding EC2 Query error response", err)
+		r.Error = awserr.NewRequestFailure(
+			awserr.New("SerializationError", "failed decoding EC2 Query error response", err),
+			r.HTTPResponse.StatusCode,
+			r.RequestID,
+		)
 	} else {
 		r.Error = awserr.NewRequestFailure(
 			awserr.New(resp.Code, resp.Message, nil),

vendor/github.com/aws/aws-sdk-go/private/protocol/host.go

@@ -0,0 +1,21 @@
+package protocol
+
+// ValidHostLabel returns if the label is a valid RFC 1123 Section 2.1 domain
+// host label name.
+func ValidHostLabel(label string) bool {
+	if l := len(label); l == 0 || l > 63 {
+		return false
+	}
+	for _, r := range label {
+		switch {
+		case r >= '0' && r <= '9':
+		case r >= 'A' && r <= 'Z':
+		case r >= 'a' && r <= 'z':
+		case r == '-':
+		default:
+			return false
+		}
+	}
+
+	return true
+}

vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/unmarshal.go

@@ -5,7 +5,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"reflect"
 	"time"
 
@@ -17,16 +16,10 @@ import (
 func UnmarshalJSON(v interface{}, stream io.Reader) error {
 	var out interface{}
 
-	b, err := ioutil.ReadAll(stream)
+	err := json.NewDecoder(stream).Decode(&out)
-	if err != nil {
+	if err == io.EOF {
-		return err
-	}
-
-	if len(b) == 0 {
 		return nil
-	}
+	} else if err != nil {
-
-	if err := json.Unmarshal(b, &out); err != nil {
 		return err
 	}
 

vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/jsonrpc.go

@@ -7,7 +7,7 @@ package jsonrpc
 
 import (
 	"encoding/json"
-	"io/ioutil"
+	"io"
 	"strings"
 
 	"github.com/aws/aws-sdk-go/aws/awserr"
@@ -64,7 +64,11 @@ func Unmarshal(req *request.Request) {
 	if req.DataFilled() {
 		err := jsonutil.UnmarshalJSON(req.Data, req.HTTPResponse.Body)
 		if err != nil {
-			req.Error = awserr.New("SerializationError", "failed decoding JSON RPC response", err)
+			req.Error = awserr.NewRequestFailure(
+				awserr.New("SerializationError", "failed decoding JSON RPC response", err),
+				req.HTTPResponse.StatusCode,
+				req.RequestID,
+			)
 		}
 	}
 	return
@@ -78,22 +82,22 @@ func UnmarshalMeta(req *request.Request) {
 // UnmarshalError unmarshals an error response for a JSON RPC service.
 func UnmarshalError(req *request.Request) {
 	defer req.HTTPResponse.Body.Close()
-	bodyBytes, err := ioutil.ReadAll(req.HTTPResponse.Body)
+
-	if err != nil {
+	var jsonErr jsonErrorResponse
-		req.Error = awserr.New("SerializationError", "failed reading JSON RPC error response", err)
+	err := json.NewDecoder(req.HTTPResponse.Body).Decode(&jsonErr)
-		return
+	if err == io.EOF {
-	}
-	if len(bodyBytes) == 0 {
 		req.Error = awserr.NewRequestFailure(
 			awserr.New("SerializationError", req.HTTPResponse.Status, nil),
 			req.HTTPResponse.StatusCode,
-			"",
+			req.RequestID,
 		)
 		return
-	}
+	} else if err != nil {
-	var jsonErr jsonErrorResponse
+		req.Error = awserr.NewRequestFailure(
-	if err := json.Unmarshal(bodyBytes, &jsonErr); err != nil {
+			awserr.New("SerializationError", "failed decoding JSON RPC error response", err),
-		req.Error = awserr.New("SerializationError", "failed decoding JSON RPC error response", err)
+			req.HTTPResponse.StatusCode,
+			req.RequestID,
+		)
 		return
 	}
 

vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal.go

@@ -23,7 +23,11 @@ func Unmarshal(r *request.Request) {
 		decoder := xml.NewDecoder(r.HTTPResponse.Body)
 		err := xmlutil.UnmarshalXML(r.Data, decoder, r.Operation.Name+"Result")
 		if err != nil {
-			r.Error = awserr.New("SerializationError", "failed decoding Query response", err)
+			r.Error = awserr.NewRequestFailure(
+				awserr.New("SerializationError", "failed decoding Query response", err),
+				r.HTTPResponse.StatusCode,
+				r.RequestID,
+			)
 			return
 		}
 	}

vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal_error.go

@@ -28,7 +28,11 @@ func UnmarshalError(r *request.Request) {
 
 	bodyBytes, err := ioutil.ReadAll(r.HTTPResponse.Body)
 	if err != nil {
-		r.Error = awserr.New("SerializationError", "failed to read from query HTTP response body", err)
+		r.Error = awserr.NewRequestFailure(
+			awserr.New("SerializationError", "failed to read from query HTTP response body", err),
+			r.HTTPResponse.StatusCode,
+			r.RequestID,
+		)
 		return
 	}
 
@@ -61,6 +65,10 @@ func UnmarshalError(r *request.Request) {
 	}
 
 	// Failed to retrieve any error message from the response body
-	r.Error = awserr.New("SerializationError",
+	r.Error = awserr.NewRequestFailure(
-		"failed to decode query XML error response", decodeErr)
+		awserr.New("SerializationError",
+			"failed to decode query XML error response", decodeErr),
+		r.HTTPResponse.StatusCode,
+		r.RequestID,
+	)
 }

vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/restjson.go

@@ -7,7 +7,7 @@ package restjson
 
 import (
 	"encoding/json"
-	"io/ioutil"
+	"io"
 	"strings"
 
 	"github.com/aws/aws-sdk-go/aws/awserr"
@@ -54,26 +54,26 @@ func UnmarshalMeta(r *request.Request) {
 // UnmarshalError unmarshals a response error for the REST JSON protocol.
 func UnmarshalError(r *request.Request) {
 	defer r.HTTPResponse.Body.Close()
-	code := r.HTTPResponse.Header.Get("X-Amzn-Errortype")
+
-	bodyBytes, err := ioutil.ReadAll(r.HTTPResponse.Body)
+	var jsonErr jsonErrorResponse
-	if err != nil {
+	err := json.NewDecoder(r.HTTPResponse.Body).Decode(&jsonErr)
-		r.Error = awserr.New("SerializationError", "failed reading REST JSON error response", err)
+	if err == io.EOF {
-		return
-	}
-	if len(bodyBytes) == 0 {
 		r.Error = awserr.NewRequestFailure(
 			awserr.New("SerializationError", r.HTTPResponse.Status, nil),
 			r.HTTPResponse.StatusCode,
-			"",
+			r.RequestID,
+		)
+		return
+	} else if err != nil {
+		r.Error = awserr.NewRequestFailure(
+			awserr.New("SerializationError", "failed decoding REST JSON error response", err),
+			r.HTTPResponse.StatusCode,
+			r.RequestID,
 		)
 		return
 	}
-	var jsonErr jsonErrorResponse
-	if err := json.Unmarshal(bodyBytes, &jsonErr); err != nil {
-		r.Error = awserr.New("SerializationError", "failed decoding REST JSON error response", err)
-		return
-	}
 
+	code := r.HTTPResponse.Header.Get("X-Amzn-Errortype")
 	if code == "" {
 		code = jsonErr.Code
 	}

vendor/github.com/aws/aws-sdk-go/private/protocol/restxml/restxml.go

@@ -36,7 +36,11 @@ func Build(r *request.Request) {
 		var buf bytes.Buffer
 		err := xmlutil.BuildXML(r.Params, xml.NewEncoder(&buf))
 		if err != nil {
-			r.Error = awserr.New("SerializationError", "failed to encode rest XML request", err)
+			r.Error = awserr.NewRequestFailure(
+				awserr.New("SerializationError", "failed to encode rest XML request", err),
+				r.HTTPResponse.StatusCode,
+				r.RequestID,
+			)
 			return
 		}
 		r.SetBufferBody(buf.Bytes())
@@ -50,7 +54,11 @@ func Unmarshal(r *request.Request) {
 		decoder := xml.NewDecoder(r.HTTPResponse.Body)
 		err := xmlutil.UnmarshalXML(r.Data, decoder, "")
 		if err != nil {
-			r.Error = awserr.New("SerializationError", "failed to decode REST XML response", err)
+			r.Error = awserr.NewRequestFailure(
+				awserr.New("SerializationError", "failed to decode REST XML response", err),
+				r.HTTPResponse.StatusCode,
+				r.RequestID,
+			)
 			return
 		}
 	} else {

vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/build.go

@@ -94,8 +94,6 @@ func (b *xmlBuilder) buildStruct(value reflect.Value, current *XMLNode, tag refl
 		return nil
 	}
 
-	fieldAdded := false
-
 	// unwrap payloads
 	if payload := tag.Get("payload"); payload != "" {
 		field, _ := value.Type().FieldByName(payload)
@@ -123,6 +121,8 @@ func (b *xmlBuilder) buildStruct(value reflect.Value, current *XMLNode, tag refl
 		child.Attr = append(child.Attr, ns)
 	}
 
+	var payloadFields, nonPayloadFields int
+
 	t := value.Type()
 	for i := 0; i < value.NumField(); i++ {
 		member := elemOf(value.Field(i))
@@ -137,8 +137,10 @@ func (b *xmlBuilder) buildStruct(value reflect.Value, current *XMLNode, tag refl
 
 		mTag := field.Tag
 		if mTag.Get("location") != "" { // skip non-body members
+			nonPayloadFields++
 			continue
 		}
+		payloadFields++
 
 		if protocol.CanSetIdempotencyToken(value.Field(i), field) {
 			token := protocol.GetIdempotencyToken()
@@ -153,11 +155,11 @@ func (b *xmlBuilder) buildStruct(value reflect.Value, current *XMLNode, tag refl
 		if err := b.buildValue(member, child, mTag); err != nil {
 			return err
 		}
-
-		fieldAdded = true
 	}
 
-	if fieldAdded { // only append this child if we have one ore more valid members
+	// Only case where the child shape is not added is if the shape only contains
+	// non-payload fields, e.g headers/query.
+	if !(payloadFields == 0 && nonPayloadFields > 0) {
 		current.AddChild(child)
 	}
 

vendor/github.com/aws/aws-sdk-go/service/apigateway/api.go

@@ -56,7 +56,7 @@ func (c *APIGateway) CreateApiKeyRequest(input *CreateApiKeyInput) (req *request
 //
 // Create an ApiKey resource.
 //
-// AWS CLI (http://docs.aws.amazon.com/cli/latest/reference/apigateway/create-api-key.html)
+// AWS CLI ([[AwsDocsUrlPrefix]]/cli/latest/reference/apigateway/create-api-key.html)
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -152,7 +152,7 @@ func (c *APIGateway) CreateAuthorizerRequest(input *CreateAuthorizerInput) (req
 //
 // Adds a new Authorizer resource to an existing RestApi resource.
 //
-// AWS CLI (http://docs.aws.amazon.com/cli/latest/reference/apigateway/create-authorizer.html)
+// AWS CLI ([[AwsDocsUrlPrefix]]/cli/latest/reference/apigateway/create-authorizer.html)
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -1526,7 +1526,7 @@ func (c *APIGateway) DeleteAuthorizerRequest(input *DeleteAuthorizerInput) (req
 //
 // Deletes an existing Authorizer resource.
 //
-// AWS CLI (http://docs.aws.amazon.com/cli/latest/reference/apigateway/delete-authorizer.html)
+// AWS CLI ([[AwsDocsUrlPrefix]]/cli/latest/reference/apigateway/delete-authorizer.html)
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -3912,7 +3912,7 @@ func (c *APIGateway) GetAuthorizerRequest(input *GetAuthorizerInput) (req *reque
 //
 // Describe an existing Authorizer resource.
 //
-// AWS CLI (http://docs.aws.amazon.com/cli/latest/reference/apigateway/get-authorizer.html)
+// AWS CLI ([[AwsDocsUrlPrefix]]/cli/latest/reference/apigateway/get-authorizer.html)
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -3997,7 +3997,7 @@ func (c *APIGateway) GetAuthorizersRequest(input *GetAuthorizersInput) (req *req
 //
 // Describe an existing Authorizers resource.
 //
-// AWS CLI (http://docs.aws.amazon.com/cli/latest/reference/apigateway/get-authorizers.html)
+// AWS CLI ([[AwsDocsUrlPrefix]]/cli/latest/reference/apigateway/get-authorizers.html)
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -9120,7 +9120,7 @@ func (c *APIGateway) TestInvokeAuthorizerRequest(input *TestInvokeAuthorizerInpu
 // Simulate the execution of an Authorizer in your RestApi with headers, parameters,
 // and an incoming request body.
 //
-// Enable custom authorizers (http://docs.aws.amazon.com/apigateway/latest/developerguide/use-custom-authorizer.html)
+// Enable custom authorizers ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/use-custom-authorizer.html)
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -9568,7 +9568,7 @@ func (c *APIGateway) UpdateAuthorizerRequest(input *UpdateAuthorizerInput) (req
 //
 // Updates an existing Authorizer resource.
 //
-// AWS CLI (http://docs.aws.amazon.com/cli/latest/reference/apigateway/update-authorizer.html)
+// AWS CLI ([[AwsDocsUrlPrefix]]/cli/latest/reference/apigateway/update-authorizer.html)
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -11338,7 +11338,7 @@ type AccessLogSettings struct {
 	DestinationArn *string `locationName:"destinationArn" type:"string"`
 
 	// A single line format of the access logs of data, as specified by selected
-	// $context variables (http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-mapping-template-reference.html#context-variable-reference).
+	// $context variables ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/api-gateway-mapping-template-reference.html#context-variable-reference).
 	// The format must include at least $context.requestId.
 	Format *string `locationName:"format" type:"string"`
 }
@@ -11377,7 +11377,7 @@ func (s *AccessLogSettings) SetFormat(v string) *AccessLogSettings {
 // NotFoundException
 // TooManyRequestsException
 // For detailed error code information, including the corresponding HTTP Status
-// Codes, see API Gateway Error Codes (http://docs.aws.amazon.com/apigateway/api-reference/handling-errors/#api-error-codes)
+// Codes, see API Gateway Error Codes ([[AwsDocsUrlPrefix]]/apigateway/api-reference/handling-errors/#api-error-codes)
 //
 // Example: Get the information about an account.
 //
@@ -11391,16 +11391,16 @@ func (s *AccessLogSettings) SetFormat(v string) *AccessLogSettings {
 // The successful response returns a 200 OK status code and a payload similar
 // to the following:
 //
-// { "_links": { "curies": { "href": "http://docs.aws.amazon.com/apigateway/latest/developerguide/account-apigateway-{rel}.html",
+// { "_links": { "curies": { "href": "[[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/account-apigateway-{rel}.html",
 // "name": "account", "templated": true }, "self": { "href": "/account" }, "account:update":
 // { "href": "/account" } }, "cloudwatchRoleArn": "arn:aws:iam::123456789012:role/apigAwsProxyRole",
 // "throttleSettings": { "rateLimit": 500, "burstLimit": 1000 } }
 // In addition to making the REST API call directly, you can use the AWS CLI
 // and an AWS SDK to access this resource.
 //
-// API Gateway Limits (http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-limits.html)Developer
+// API Gateway Limits ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/api-gateway-limits.html)Developer
-// Guide (http://docs.aws.amazon.com/apigateway/latest/developerguide/welcome.html),
+// Guide ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/welcome.html),
-// AWS CLI (http://docs.aws.amazon.com/cli/latest/reference/apigateway/get-account.html)
+// AWS CLI ([[AwsDocsUrlPrefix]]/cli/latest/reference/apigateway/get-account.html)
 type Account struct {
 	_ struct{} `type:"structure"`
 
@@ -11457,7 +11457,7 @@ func (s *Account) SetThrottleSettings(v *ThrottleSettings) *Account {
 // which indicates that the callers with the API key can make requests to that
 // stage.
 //
-// Use API Keys (http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-api-keys.html)
+// Use API Keys ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/how-to-api-keys.html)
 type ApiKey struct {
 	_ struct{} `type:"structure"`
 
@@ -11600,7 +11600,7 @@ func (s *ApiStage) SetThrottle(v map[string]*ThrottleSettings) *ApiStage {
 // Represents an authorization layer for methods. If enabled on a method, API
 // Gateway will activate the authorizer when a client calls the method.
 //
-// Enable custom authorization (http://docs.aws.amazon.com/apigateway/latest/developerguide/use-custom-authorizer.html)
+// Enable custom authorization ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/use-custom-authorizer.html)
 type Authorizer struct {
 	_ struct{} `type:"structure"`
 
@@ -11750,7 +11750,7 @@ func (s *Authorizer) SetType(v string) *Authorizer {
 //
 // A custom domain name plus a BasePathMapping specification identifies a deployed
 // RestApi in a given stage of the owner Account.
-// Use Custom Domain Names (http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-custom-domains.html)
+// Use Custom Domain Names ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/how-to-custom-domains.html)
 type BasePathMapping struct {
 	_ struct{} `type:"structure"`
 
@@ -11853,7 +11853,7 @@ func (s *CanarySettings) SetUseStageCache(v bool) *CanarySettings {
 // Client certificates are used to authenticate an API by the backend server.
 // To authenticate an API client (or user), use IAM roles and policies, a custom
 // Authorizer or an Amazon Cognito user pool.
-// Use Client-Side Certificate (http://docs.aws.amazon.com/apigateway/latest/developerguide/getting-started-client-side-ssl-authentication.html)
+// Use Client-Side Certificate ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/getting-started-client-side-ssl-authentication.html)
 type ClientCertificate struct {
 	_ struct{} `type:"structure"`
 
@@ -12269,6 +12269,9 @@ type CreateDeploymentInput struct {
 	// The name of the Stage resource for the Deployment resource to create.
 	StageName *string `locationName:"stageName" type:"string"`
 
+	// Specifies whether active tracing with X-ray is enabled for the Stage.
+	TracingEnabled *bool `locationName:"tracingEnabled" type:"boolean"`
+
 	// A map that defines the stage variables for the Stage resource that is associated
 	// with the new deployment. Variable names can have alphanumeric and underscore
 	// characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+.
@@ -12340,6 +12343,12 @@ func (s *CreateDeploymentInput) SetStageName(v string) *CreateDeploymentInput {
 	return s
 }
 
+// SetTracingEnabled sets the TracingEnabled field's value.
+func (s *CreateDeploymentInput) SetTracingEnabled(v bool) *CreateDeploymentInput {
+	s.TracingEnabled = &v
+	return s
+}
+
 // SetVariables sets the Variables field's value.
 func (s *CreateDeploymentInput) SetVariables(v map[string]*string) *CreateDeploymentInput {
 	s.Variables = v
@@ -12641,7 +12650,7 @@ type CreateModelInput struct {
 	RestApiId *string `location:"uri" locationName:"restapi_id" type:"string" required:"true"`
 
 	// The schema for the model. For application/json models, this should be JSON
-	// schema draft 4 (https://tools.ietf.org/html/draft-zyp-json-schema-04) model.
+	// schema draft 4 ([[JsonSchemaUrl]]) model.
 	Schema *string `locationName:"schema" type:"string"`
 }
 
@@ -13000,6 +13009,9 @@ type CreateStageInput struct {
 	// tag value can be up to 256 characters.
 	Tags map[string]*string `locationName:"tags" type:"map"`
 
+	// Specifies whether active tracing with X-ray is enabled for the Stage.
+	TracingEnabled *bool `locationName:"tracingEnabled" type:"boolean"`
+
 	// A map that defines the stage variables for the new Stage resource. Variable
 	// names can have alphanumeric and underscore characters, and the values must
 	// match [A-Za-z0-9-._~:/?#&=,]+.
@@ -13089,6 +13101,12 @@ func (s *CreateStageInput) SetTags(v map[string]*string) *CreateStageInput {
 	return s
 }
 
+// SetTracingEnabled sets the TracingEnabled field's value.
+func (s *CreateStageInput) SetTracingEnabled(v bool) *CreateStageInput {
+	s.TracingEnabled = &v
+	return s
+}
+
 // SetVariables sets the Variables field's value.
 func (s *CreateStageInput) SetVariables(v map[string]*string) *CreateStageInput {
 	s.Variables = v
@@ -14747,8 +14765,8 @@ func (s DeleteVpcLinkOutput) GoString() string {
 // To view, update, or delete a deployment, call GET, PATCH, or DELETE on the
 // specified deployment resource (/restapis/{restapi_id}/deployments/{deployment_id}).
 //
-// RestApi, Deployments, Stage, AWS CLI (http://docs.aws.amazon.com/cli/latest/reference/apigateway/get-deployment.html),
+// RestApi, Deployments, Stage, AWS CLI ([[AwsDocsUrlPrefix]]/cli/latest/reference/apigateway/get-deployment.html),
-// AWS SDKs (https://aws.amazon.com/tools/)
+// AWS SDKs ([[AwsAmazonUrlPrefix]]/tools/)
 type Deployment struct {
 	_ struct{} `type:"structure"`
 
@@ -14860,7 +14878,7 @@ func (s *DeploymentCanarySettings) SetUseStageCache(v bool) *DeploymentCanarySet
 // documentation fields will be injected into the associated API entity definition
 // in the exported Swagger definition file.
 //
-// Documenting an API (http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-documenting-api.html),
+// Documenting an API ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/api-gateway-documenting-api.html),
 // DocumentationParts
 type DocumentationPart struct {
 	_ struct{} `type:"structure"`
@@ -15018,7 +15036,7 @@ func (s *DocumentationPartLocation) SetType(v string) *DocumentationPartLocation
 // with an API stage and exporting the versioned documentation to an external
 // (e.g., Swagger) file.
 //
-// Documenting an API (http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-documenting-api.html),
+// Documenting an API ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/api-gateway-documenting-api.html),
 // DocumentationPart, DocumentationVersions
 type DocumentationVersion struct {
 	_ struct{} `type:"structure"`
@@ -15072,7 +15090,7 @@ func (s *DocumentationVersion) SetVersion(v string) *DocumentationVersion {
 // where myApi is the base path mapping (BasePathMapping) of your API under
 // the custom domain name.
 //
-// Set a Custom Host Name for an API (http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-custom-domains.html)
+// Set a Custom Host Name for an API ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/how-to-custom-domains.html)
 type DomainName struct {
 	_ struct{} `type:"structure"`
 
@@ -15093,13 +15111,13 @@ type DomainName struct {
 	// custom domain name for an edge-optimized endpoint. You set up this association
 	// when adding a DNS record pointing the custom domain name to this distribution
 	// name. For more information about CloudFront distributions, see the Amazon
-	// CloudFront documentation (http://aws.amazon.com/documentation/cloudfront/).
+	// CloudFront documentation ([[AwsAmazonUrlPrefix]]/documentation/cloudfront/).
 	DistributionDomainName *string `locationName:"distributionDomainName" type:"string"`
 
 	// The region-agnostic Amazon Route 53 Hosted Zone ID of the edge-optimized
 	// endpoint. The valid value is Z2FDTNDATAQYW2 for all the regions. For more
-	// information, see Set up a Regional Custom Domain Name (https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-regional-api-custom-domain-create.html)
+	// information, see Set up a Regional Custom Domain Name ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/apigateway-regional-api-custom-domain-create.html)
-	// and AWS Regions and Endpoints for API Gateway (http://docs.aws.amazon.com/general/latest/gr/rande.html#apigateway_region).
+	// and AWS Regions and Endpoints for API Gateway ([[AwsDocsUrlPrefix]]/general/latest/gr/rande.html#apigateway_region).
 	DistributionHostedZoneId *string `locationName:"distributionHostedZoneId" type:"string"`
 
 	// The custom domain name as an API host name, for example, my-api.example.com.
@@ -15124,8 +15142,8 @@ type DomainName struct {
 	RegionalDomainName *string `locationName:"regionalDomainName" type:"string"`
 
 	// The region-specific Amazon Route 53 Hosted Zone ID of the regional endpoint.
-	// For more information, see Set up a Regional Custom Domain Name (https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-regional-api-custom-domain-create.html)
+	// For more information, see Set up a Regional Custom Domain Name ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/apigateway-regional-api-custom-domain-create.html)
-	// and AWS Regions and Endpoints for API Gateway (http://docs.aws.amazon.com/general/latest/gr/rande.html#apigateway_region).
+	// and AWS Regions and Endpoints for API Gateway ([[AwsDocsUrlPrefix]]/general/latest/gr/rande.html#apigateway_region).
 	RegionalHostedZoneId *string `locationName:"regionalHostedZoneId" type:"string"`
 }
 
@@ -15520,7 +15538,7 @@ func (s *GetApiKeysInput) SetPosition(v string) *GetApiKeysInput {
 
 // Represents a collection of API keys as represented by an ApiKeys resource.
 //
-// Use API Keys (http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-api-keys.html)
+// Use API Keys ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/how-to-api-keys.html)
 type GetApiKeysOutput struct {
 	_ struct{} `type:"structure"`
 
@@ -15675,7 +15693,7 @@ func (s *GetAuthorizersInput) SetRestApiId(v string) *GetAuthorizersInput {
 
 // Represents a collection of Authorizer resources.
 //
-// Enable custom authorization (http://docs.aws.amazon.com/apigateway/latest/developerguide/use-custom-authorizer.html)
+// Enable custom authorization ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/use-custom-authorizer.html)
 type GetAuthorizersOutput struct {
 	_ struct{} `type:"structure"`
 
@@ -15823,7 +15841,7 @@ func (s *GetBasePathMappingsInput) SetPosition(v string) *GetBasePathMappingsInp
 
 // Represents a collection of BasePathMapping resources.
 //
-// Use Custom Domain Names (http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-custom-domains.html)
+// Use Custom Domain Names ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/how-to-custom-domains.html)
 type GetBasePathMappingsOutput struct {
 	_ struct{} `type:"structure"`
 
@@ -15930,7 +15948,7 @@ func (s *GetClientCertificatesInput) SetPosition(v string) *GetClientCertificate
 
 // Represents a collection of ClientCertificate resources.
 //
-// Use Client-Side Certificate (http://docs.aws.amazon.com/apigateway/latest/developerguide/getting-started-client-side-ssl-authentication.html)
+// Use Client-Side Certificate ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/getting-started-client-side-ssl-authentication.html)
 type GetClientCertificatesOutput struct {
 	_ struct{} `type:"structure"`
 
@@ -16097,9 +16115,9 @@ func (s *GetDeploymentsInput) SetRestApiId(v string) *GetDeploymentsInput {
 // resource. To view, update, or delete an existing deployment, make a GET,
 // PATCH, or DELETE request, respectively, on a specified Deployment resource.
 //
-// Deploying an API (http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-deploy-api.html),
+// Deploying an API ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/how-to-deploy-api.html),
-// AWS CLI (http://docs.aws.amazon.com/cli/latest/reference/apigateway/get-deployment.html),
+// AWS CLI ([[AwsDocsUrlPrefix]]/cli/latest/reference/apigateway/get-deployment.html),
-// AWS SDKs (https://aws.amazon.com/tools/)
+// AWS SDKs ([[AwsAmazonUrlPrefix]]/tools/)
 type GetDeploymentsOutput struct {
 	_ struct{} `type:"structure"`
 
@@ -16283,7 +16301,7 @@ func (s *GetDocumentationPartsInput) SetType(v string) *GetDocumentationPartsInp
 
 // The collection of documentation parts of an API.
 //
-// Documenting an API (http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-documenting-api.html), DocumentationPart
+// Documenting an API ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/api-gateway-documenting-api.html), DocumentationPart
 type GetDocumentationPartsOutput struct {
 	_ struct{} `type:"structure"`
 
@@ -16431,7 +16449,7 @@ func (s *GetDocumentationVersionsInput) SetRestApiId(v string) *GetDocumentation
 // Use the DocumentationVersions to manage documentation snapshots associated
 // with various API stages.
 //
-// Documenting an API (http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-documenting-api.html),
+// Documenting an API ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/api-gateway-documenting-api.html),
 // DocumentationPart, DocumentationVersion
 type GetDocumentationVersionsOutput struct {
 	_ struct{} `type:"structure"`
@@ -16539,7 +16557,7 @@ func (s *GetDomainNamesInput) SetPosition(v string) *GetDomainNamesInput {
 
 // Represents a collection of DomainName resources.
 //
-// Use Client-Side Certificate (http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-custom-domains.html)
+// Use Client-Side Certificate ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/how-to-custom-domains.html)
 type GetDomainNamesOutput struct {
 	_ struct{} `type:"structure"`
 
@@ -16848,7 +16866,7 @@ func (s *GetGatewayResponsesInput) SetRestApiId(v string) *GetGatewayResponsesIn
 // this collection.
 //
 // For more information about valid gateway response types, see Gateway Response
-// Types Supported by API Gateway (http://docs.aws.amazon.com/apigateway/latest/developerguide/supported-gateway-response-types.html)Example:
+// Types Supported by API Gateway ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/supported-gateway-response-types.html)Example:
 // Get the collection of gateway responses of an API
 //
 // Request
@@ -17002,7 +17020,7 @@ func (s *GetGatewayResponsesInput) SetRestApiId(v string) *GetGatewayResponsesIn
 // { "application/json": "{\"message\":$context.error.messageString}" }, "responseType":
 // "AUTHORIZER_FAILURE", "statusCode": "500" } ] } }
 //
-// Customize Gateway Responses (http://docs.aws.amazon.com/apigateway/latest/developerguide/customize-gateway-responses.html)
+// Customize Gateway Responses ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/customize-gateway-responses.html)
 type GetGatewayResponsesOutput struct {
 	_ struct{} `type:"structure"`
 
@@ -17449,12 +17467,12 @@ func (s *GetModelTemplateInput) SetRestApiId(v string) *GetModelTemplateInput {
 
 // Represents a mapping template used to transform a payload.
 //
-// Mapping Templates (http://docs.aws.amazon.com/apigateway/latest/developerguide/models-mappings.html#models-mappings-mappings)
+// Mapping Templates ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/models-mappings.html#models-mappings-mappings)
 type GetModelTemplateOutput struct {
 	_ struct{} `type:"structure"`
 
-	// The Apache Velocity Template Language (VTL) (http://velocity.apache.org/engine/devel/vtl-reference-guide.html)
+	// The Apache Velocity Template Language (VTL) ([[ApacheVtlUrl]]) template content
-	// template content used for the template resource.
+	// used for the template resource.
 	Value *string `locationName:"value" type:"string"`
 }
 
@@ -17534,7 +17552,7 @@ func (s *GetModelsInput) SetRestApiId(v string) *GetModelsInput {
 
 // Represents a collection of Model resources.
 //
-// Method, MethodResponse, Models and Mappings (http://docs.aws.amazon.com/apigateway/latest/developerguide/models-mappings.html)
+// Method, MethodResponse, Models and Mappings ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/models-mappings.html)
 type GetModelsOutput struct {
 	_ struct{} `type:"structure"`
 
@@ -17680,10 +17698,10 @@ func (s *GetRequestValidatorsInput) SetRestApiId(v string) *GetRequestValidators
 // A collection of RequestValidator resources of a given RestApi.
 //
 // In Swagger, the RequestValidators of an API is defined by the x-amazon-apigateway-request-validators
-// (http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions.html#api-gateway-swagger-extensions-request-validators.html)
+// ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/api-gateway-swagger-extensions.html#api-gateway-swagger-extensions-request-validators.html)
 // extension.
 //
-// Enable Basic Request Validation in API Gateway (http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-method-request-validation.html)
+// Enable Basic Request Validation in API Gateway ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/api-gateway-method-request-validation.html)
 type GetRequestValidatorsOutput struct {
 	_ struct{} `type:"structure"`
 
@@ -17856,7 +17874,7 @@ func (s *GetResourcesInput) SetRestApiId(v string) *GetResourcesInput {
 
 // Represents a collection of Resource resources.
 //
-// Create an API (http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-create-api.html)
+// Create an API ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/how-to-create-api.html)
 type GetResourcesOutput struct {
 	_ struct{} `type:"structure"`
 
@@ -17964,7 +17982,7 @@ func (s *GetRestApisInput) SetPosition(v string) *GetRestApisInput {
 // Contains references to your APIs and links that guide you in how to interact
 // with your collection. A collection offers a paginated view of your APIs.
 //
-// Create an API (http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-create-api.html)
+// Create an API ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/how-to-create-api.html)
 type GetRestApisOutput struct {
 	_ struct{} `type:"structure"`
 
@@ -18327,7 +18345,7 @@ func (s *GetStagesInput) SetRestApiId(v string) *GetStagesInput {
 
 // A list of Stage resources that are associated with the ApiKey resource.
 //
-// Deploying API in Stages (http://docs.aws.amazon.com/apigateway/latest/developerguide/stages.html)
+// Deploying API in Stages ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/stages.html)
 type GetStagesOutput struct {
 	_ struct{} `type:"structure"`
 
@@ -18697,7 +18715,7 @@ func (s *GetUsagePlanKeysInput) SetUsagePlanId(v string) *GetUsagePlanKeysInput
 // Represents the collection of usage plan keys added to usage plans for the
 // associated API keys and, possibly, other types of keys.
 //
-// Create and Use Usage Plans (http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-api-usage-plans.html)
+// Create and Use Usage Plans ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/api-gateway-api-usage-plans.html)
 type GetUsagePlanKeysOutput struct {
 	_ struct{} `type:"structure"`
 
@@ -18774,7 +18792,7 @@ func (s *GetUsagePlansInput) SetPosition(v string) *GetUsagePlansInput {
 
 // Represents a collection of usage plans for an AWS account.
 //
-// Create and Use Usage Plans (http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-api-usage-plans.html)
+// Create and Use Usage Plans ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/api-gateway-api-usage-plans.html)
 type GetUsagePlansOutput struct {
 	_ struct{} `type:"structure"`
 
@@ -18882,8 +18900,8 @@ func (s *GetVpcLinksInput) SetPosition(v string) *GetVpcLinksInput {
 
 // The collection of VPC links under the caller's account in a region.
 //
-// Getting Started with Private Integrations (http://docs.aws.amazon.com/apigateway/latest/developerguide/getting-started-with-private-integration.html),
+// Getting Started with Private Integrations ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/getting-started-with-private-integration.html),
-// Set up Private Integrations (http://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-private-integration.html)
+// Set up Private Integrations ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/set-up-private-integration.html)
 type GetVpcLinksOutput struct {
 	_ struct{} `type:"structure"`
 
@@ -18921,7 +18939,7 @@ type ImportApiKeysInput struct {
 	_ struct{} `type:"structure" payload:"Body"`
 
 	// The payload of the POST request to import API keys. For the payload format,
-	// see API Key File Format (http://docs.aws.amazon.com/apigateway/latest/developerguide/api-key-file-format.html).
+	// see API Key File Format ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/api-key-file-format.html).
 	//
 	// Body is a required field
 	Body []byte `locationName:"body" type:"blob" required:"true"`
@@ -19094,8 +19112,8 @@ func (s *ImportDocumentationPartsInput) SetRestApiId(v string) *ImportDocumentat
 //
 // This is used to return the result when documentation parts in an external
 // (e.g., Swagger) file are imported into API Gateway
-// Documenting an API (http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-documenting-api.html),
+// Documenting an API ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/api-gateway-documenting-api.html),
-// documentationpart:import (http://docs.aws.amazon.com/apigateway/api-reference/link-relation/documentationpart-import/),
+// documentationpart:import ([[AwsDocsUrlPrefix]]/apigateway/api-reference/link-relation/documentationpart-import/),
 // DocumentationPart
 type ImportDocumentationPartsOutput struct {
 	_ struct{} `type:"structure"`
@@ -19215,7 +19233,7 @@ func (s *ImportRestApiInput) SetParameters(v map[string]*string) *ImportRestApiI
 //
 // In the API Gateway console, the built-in Lambda integration is an AWS integration.
 //
-// Creating an API (http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-create-api.html)
+// Creating an API ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/how-to-create-api.html)
 type Integration struct {
 	_ struct{} `type:"structure"`
 
@@ -19225,7 +19243,7 @@ type Integration struct {
 	// Specifies the integration's cache namespace.
 	CacheNamespace *string `locationName:"cacheNamespace" type:"string"`
 
-	// The (id (http://docs.aws.amazon.com/apigateway/api-reference/resource/vpc-link/#id))
+	// The (id ([[AwsDocsUrlPrefix]]/apigateway/api-reference/resource/vpc-link/#id))
 	// of the VpcLink used for the integration when connectionType=VPC_LINK and
 	// undefined, otherwise.
 	ConnectionId *string `locationName:"connectionId" type:"string"`
@@ -19274,7 +19292,7 @@ type Integration struct {
 	//
 	// The successful response returns 200 OKstatus and a payload as follows:
 	//
-	// { "_links": { "curies": { "href": "http://docs.aws.amazon.com/apigateway/latest/developerguide/restapi-integration-response-{rel}.html",
+	// { "_links": { "curies": { "href": "[[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/restapi-integration-response-{rel}.html",
 	// "name": "integrationresponse", "templated": true }, "self": { "href": "/restapis/fugvjdxtri/resources/3kzxbg5sa2/methods/GET/integration/responses/200",
 	// "title": "200" }, "integrationresponse:delete": { "href": "/restapis/fugvjdxtri/resources/3kzxbg5sa2/methods/GET/integration/responses/200"
 	// }, "integrationresponse:update": { "href": "/restapis/fugvjdxtri/resources/3kzxbg5sa2/methods/GET/integration/responses/200"
@@ -19367,7 +19385,7 @@ type Integration struct {
 	//    Alternatively, path can be used for an AWS service path-based API. The
 	//    ensuing service_api refers to the path to an AWS service resource, including
 	//    the region of the integrated AWS service, if applicable. For example,
-	//    for integration with the S3 API of GetObject (http://docs.aws.amazon.com/AmazonS3/latest/API/RESTObjectGET.html),
+	//    for integration with the S3 API of GetObject ([[AwsDocsUrlPrefix]]/AmazonS3/latest/API/RESTObjectGET.html),
 	//    the uri can be either arn:aws:apigateway:us-west-2:s3:action/GetObject&Bucket={bucket}&Key={key}
 	//    or arn:aws:apigateway:us-west-2:s3:path/{bucket}/{key}
 	Uri *string `locationName:"uri" type:"string"`
@@ -19471,7 +19489,7 @@ func (s *Integration) SetUri(v string) *Integration {
 // MethodResponse, and parameters and templates can be used to transform the
 // back-end response.
 //
-// Creating an API (http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-create-api.html)
+// Creating an API ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/how-to-create-api.html)
 type IntegrationResponse struct {
 	_ struct{} `type:"structure"`
 
@@ -19587,10 +19605,10 @@ func (s *IntegrationResponse) SetStatusCode(v string) *IntegrationResponse {
 // The successful response returns a 200 OK status code and a payload similar
 // to the following:
 //
-//    { "_links": { "curies": [ { "href": "http://docs.aws.amazon.com/apigateway/latest/developerguide/restapi-integration-{rel}.html",
+//    { "_links": { "curies": [ { "href": "[[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/restapi-integration-{rel}.html",
-//    "name": "integration", "templated": true }, { "href": "http://docs.aws.amazon.com/apigateway/latest/developerguide/restapi-integration-response-{rel}.html",
+//    "name": "integration", "templated": true }, { "href": "[[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/restapi-integration-response-{rel}.html",
-//    "name": "integrationresponse", "templated": true }, { "href": "http://docs.aws.amazon.com/apigateway/latest/developerguide/restapi-method-{rel}.html",
+//    "name": "integrationresponse", "templated": true }, { "href": "[[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/restapi-method-{rel}.html",
-//    "name": "method", "templated": true }, { "href": "http://docs.aws.amazon.com/apigateway/latest/developerguide/restapi-method-response-{rel}.html",
+//    "name": "method", "templated": true }, { "href": "[[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/restapi-method-response-{rel}.html",
 //    "name": "methodresponse", "templated": true } ], "self": { "href": "/restapis/fugvjdxtri/resources/3kzxbg5sa2/methods/GET",
 //    "name": "GET", "title": "GET" }, "integration:put": { "href": "/restapis/fugvjdxtri/resources/3kzxbg5sa2/methods/GET/integration"
 //    }, "method:delete": { "href": "/restapis/fugvjdxtri/resources/3kzxbg5sa2/methods/GET"
@@ -19627,10 +19645,10 @@ func (s *IntegrationResponse) SetStatusCode(v string) *IntegrationResponse {
 // In the example above, the response template for the 200 OK response maps
 // the JSON output from the ListStreams action in the back end to an XML output.
 // The mapping template is URL-encoded as %3CkinesisStreams%3E%23foreach(%24stream%20in%20%24input.path(%27%24.StreamNames%27))%3Cstream%3E%3Cname%3E%24stream%3C%2Fname%3E%3C%2Fstream%3E%23end%3C%2FkinesisStreams%3E
-// and the output is decoded using the $util.urlDecode() (http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-mapping-template-reference.html#util-templat-reference)
+// and the output is decoded using the $util.urlDecode() ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/api-gateway-mapping-template-reference.html#util-templat-reference)
 // helper function.
 //
-// MethodResponse, Integration, IntegrationResponse, Resource, Set up an API's method (http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-method-settings.html)
+// MethodResponse, Integration, IntegrationResponse, Resource, Set up an API's method ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/how-to-method-settings.html)
 type Method struct {
 	_ struct{} `type:"structure"`
 
@@ -19676,8 +19694,8 @@ type Method struct {
 	//
 	// The successful response returns a 200 OKstatus code and a payload similar to the following:
 	//
-	// { "_links": { "curies": [ { "href": "http://docs.aws.amazon.com/apigateway/latest/developerguide/restapi-integration-{rel}.html",
+	// { "_links": { "curies": [ { "href": "[[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/restapi-integration-{rel}.html",
-	// "name": "integration", "templated": true }, { "href": "http://docs.aws.amazon.com/apigateway/latest/developerguide/restapi-integration-response-{rel}.html",
+	// "name": "integration", "templated": true }, { "href": "[[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/restapi-integration-response-{rel}.html",
 	// "name": "integrationresponse", "templated": true } ], "self": { "href": "/restapis/uojnr9hd57/resources/0cjtch/methods/GET/integration"
 	// }, "integration:delete": { "href": "/restapis/uojnr9hd57/resources/0cjtch/methods/GET/integration"
 	// }, "integration:responses": { "href": "/restapis/uojnr9hd57/resources/0cjtch/methods/GET/integration/responses/200",
@@ -19722,7 +19740,7 @@ type Method struct {
 	// The successful response returns a 200 OK status code and a payload similar
 	// to the following:
 	//
-	//    { "_links": { "curies": { "href": "http://docs.aws.amazon.com/apigateway/latest/developerguide/restapi-method-response-{rel}.html",
+	//    { "_links": { "curies": { "href": "[[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/restapi-method-response-{rel}.html",
 	//    "name": "methodresponse", "templated": true }, "self": { "href": "/restapis/uojnr9hd57/resources/0cjtch/methods/GET/responses/200",
 	//    "title": "200" }, "methodresponse:delete": { "href": "/restapis/uojnr9hd57/resources/0cjtch/methods/GET/responses/200"
 	//    }, "methodresponse:update": { "href": "/restapis/uojnr9hd57/resources/0cjtch/methods/GET/responses/200"
@@ -19734,7 +19752,7 @@ type Method struct {
 
 	// A human-friendly operation identifier for the method. For example, you can
 	// assign the operationName of ListPets for the GET /pets method in PetStore
-	// (http://petstore-demo-endpoint.execute-api.com/petstore/pets) example.
+	// ([[PetstoreDemoUrl]]) example.
 	OperationName *string `locationName:"operationName" type:"string"`
 
 	// A key-value map specifying data schemas, represented by Model resources,
@@ -19850,7 +19868,7 @@ func (s *Method) SetRequestValidatorId(v string) *Method {
 //
 // The successful response returns 200 OK status and a payload as follows:
 //
-//    { "_links": { "curies": { "href": "http://docs.aws.amazon.com/apigateway/latest/developerguide/restapi-method-response-{rel}.html",
+//    { "_links": { "curies": { "href": "[[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/restapi-method-response-{rel}.html",
 //    "name": "methodresponse", "templated": true }, "self": { "href": "/restapis/fugvjdxtri/resources/3kzxbg5sa2/methods/GET/responses/200",
 //    "title": "200" }, "methodresponse:delete": { "href": "/restapis/fugvjdxtri/resources/3kzxbg5sa2/methods/GET/responses/200"
 //    }, "methodresponse:update": { "href": "/restapis/fugvjdxtri/resources/3kzxbg5sa2/methods/GET/responses/200"
@@ -19932,12 +19950,12 @@ type MethodSetting struct {
 	// the value is a Boolean.
 	CachingEnabled *bool `locationName:"cachingEnabled" type:"boolean"`
 
-	// Specifies whether data trace logging is enabled for this method, which effects
+	// Specifies whether data trace logging is enabled for this method, which affects
 	// the log entries pushed to Amazon CloudWatch Logs. The PATCH path for this
 	// setting is /{method_setting_key}/logging/dataTrace, and the value is a Boolean.
 	DataTraceEnabled *bool `locationName:"dataTraceEnabled" type:"boolean"`
 
-	// Specifies the logging level for this method, which effects the log entries
+	// Specifies the logging level for this method, which affects the log entries
 	// pushed to Amazon CloudWatch Logs. The PATCH path for this setting is /{method_setting_key}/logging/loglevel,
 	// and the available levels are OFF, ERROR, and INFO.
 	LoggingLevel *string `locationName:"loggingLevel" type:"string"`
@@ -20082,7 +20100,7 @@ func (s *MethodSnapshot) SetAuthorizationType(v string) *MethodSnapshot {
 // A model is used for generating an API's SDK, validating the input request
 // body, and creating a skeletal mapping template.
 //
-// Method, MethodResponse, Models and Mappings (http://docs.aws.amazon.com/apigateway/latest/developerguide/models-mappings.html)
+// Method, MethodResponse, Models and Mappings ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/models-mappings.html)
 type Model struct {
 	_ struct{} `type:"structure"`
 
@@ -20099,11 +20117,11 @@ type Model struct {
 	Name *string `locationName:"name" type:"string"`
 
 	// The schema for the model. For application/json models, this should be JSON
-	// schema draft 4 (https://tools.ietf.org/html/draft-zyp-json-schema-04) model.
+	// schema draft 4 ([[JsonSchemaUrl]]) model. Do not include "\*/" characters
-	// Do not include "\*/" characters in the description of any properties because
+	// in the description of any properties because such "\*/" characters may be
-	// such "\*/" characters may be interpreted as the closing marker for comments
+	// interpreted as the closing marker for comments in some languages, such as
-	// in some languages, such as Java or JavaScript, causing the installation of
+	// Java or JavaScript, causing the installation of your API's SDK generated
-	// your API's SDK generated by API Gateway to fail.
+	// by API Gateway to fail.
 	Schema *string `locationName:"schema" type:"string"`
 }
 
@@ -20167,7 +20185,7 @@ type PatchOperation struct {
 	// an error message.
 	Op *string `locationName:"op" type:"string" enum:"Op"`
 
-	// The op operation's target, as identified by a JSON Pointer (https://tools.ietf.org/html/draft-ietf-appsawg-json-pointer-08)
+	// The op operation's target, as identified by a JSON Pointer ([[JsonPointerRefUrl]])
 	// value that references a location within the targeted resource. For example,
 	// if the target resource has an updateable property of {"name":"value"}, the
 	// path for this property is /name. If the name property value is a JSON object
@@ -20180,7 +20198,7 @@ type PatchOperation struct {
 	// The new target value of the update operation. It is applicable for the add
 	// or replace operation. When using AWS CLI to update a property of a JSON value,
 	// enclose the JSON object with a pair of single quotes in a Linux shell, e.g.,
-	// '{"a": ...}'. In a Windows shell, see Using JSON for Parameters (http://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json).
+	// '{"a": ...}'. In a Windows shell, see Using JSON for Parameters ([[AwsDocsUrlPrefix]]/cli/latest/userguide/cli-using-param.html#cli-using-param-json).
 	Value *string `locationName:"value" type:"string"`
 }
 
@@ -20331,7 +20349,7 @@ type PutIntegrationInput struct {
 	// Specifies a put integration input's cache namespace.
 	CacheNamespace *string `locationName:"cacheNamespace" type:"string"`
 
-	// The (id (http://docs.aws.amazon.com/apigateway/api-reference/resource/vpc-link/#id))
+	// The (id ([[AwsDocsUrlPrefix]]/apigateway/api-reference/resource/vpc-link/#id))
 	// of the VpcLink used for the integration when connectionType=VPC_LINK and
 	// undefined, otherwise.
 	ConnectionId *string `locationName:"connectionId" type:"string"`
@@ -20436,7 +20454,7 @@ type PutIntegrationInput struct {
 	//    Alternatively, path can be used for an AWS service path-based API. The
 	//    ensuing service_api refers to the path to an AWS service resource, including
 	//    the region of the integrated AWS service, if applicable. For example,
-	//    for integration with the S3 API of GetObject (http://docs.aws.amazon.com/AmazonS3/latest/API/RESTObjectGET.html),
+	//    for integration with the S3 API of GetObject ([[AwsDocsUrlPrefix]]/AmazonS3/latest/API/RESTObjectGET.html),
 	//    the uri can be either arn:aws:apigateway:us-west-2:s3:action/GetObject&Bucket={bucket}&Key={key}
 	//    or arn:aws:apigateway:us-west-2:s3:path/{bucket}/{key}
 	Uri *string `locationName:"uri" type:"string"`
@@ -20743,7 +20761,7 @@ type PutMethodInput struct {
 
 	// A human-friendly operation identifier for the method. For example, you can
 	// assign the operationName of ListPets for the GET /pets method in PetStore
-	// (http://petstore-demo-endpoint.execute-api.com/petstore/pets) example.
+	// ([[PetstoreDemoUrl]]) example.
 	OperationName *string `locationName:"operationName" type:"string"`
 
 	// Specifies the Model resources used for the request's content type. Request
@@ -21118,7 +21136,7 @@ func (s *QuotaSettings) SetPeriod(v string) *QuotaSettings {
 
 // Represents an API resource.
 //
-// Create an API (http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-create-api.html)
+// Create an API ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/how-to-create-api.html)
 type Resource struct {
 	_ struct{} `type:"structure"`
 
@@ -21151,10 +21169,10 @@ type Resource struct {
 	// SignedHeaders=content-type;host;x-amz-date, Signature={sig4_hash}
 	// Response
 	//
-	// { "_links": { "curies": [ { "href": "http://docs.aws.amazon.com/apigateway/latest/developerguide/restapi-integration-{rel}.html",
+	// { "_links": { "curies": [ { "href": "[[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/restapi-integration-{rel}.html",
-	// "name": "integration", "templated": true }, { "href": "http://docs.aws.amazon.com/apigateway/latest/developerguide/restapi-integration-response-{rel}.html",
+	// "name": "integration", "templated": true }, { "href": "[[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/restapi-integration-response-{rel}.html",
-	// "name": "integrationresponse", "templated": true }, { "href": "http://docs.aws.amazon.com/apigateway/latest/developerguide/restapi-method-{rel}.html",
+	// "name": "integrationresponse", "templated": true }, { "href": "[[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/restapi-method-{rel}.html",
-	// "name": "method", "templated": true }, { "href": "http://docs.aws.amazon.com/apigateway/latest/developerguide/restapi-method-response-{rel}.html",
+	// "name": "method", "templated": true }, { "href": "[[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/restapi-method-response-{rel}.html",
 	// "name": "methodresponse", "templated": true } ], "self": { "href": "/restapis/fugvjdxtri/resources/3kzxbg5sa2/methods/GET",
 	// "name": "GET", "title": "GET" }, "integration:put": { "href": "/restapis/fugvjdxtri/resources/3kzxbg5sa2/methods/GET/integration"
 	// }, "method:delete": { "href": "/restapis/fugvjdxtri/resources/3kzxbg5sa2/methods/GET"
@@ -21236,7 +21254,7 @@ func (s *Resource) SetResourceMethods(v map[string]*Method) *Resource {
 
 // Represents a REST API.
 //
-// Create an API (http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-create-api.html)
+// Create an API ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/how-to-create-api.html)
 type RestApi struct {
 	_ struct{} `type:"structure"`
 
@@ -21478,7 +21496,7 @@ func (s *SdkType) SetId(v string) *SdkType {
 // Represents a unique identifier for a version of a deployed RestApi that is
 // callable by users.
 //
-// Deploy an API (http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-deploy-api.html)
+// Deploy an API ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/how-to-deploy-api.html)
 type Stage struct {
 	_ struct{} `type:"structure"`
 
@@ -21528,6 +21546,9 @@ type Stage struct {
 	// The collection of tags. Each tag element is associated with a given resource.
 	Tags map[string]*string `locationName:"tags" type:"map"`
 
+	// Specifies whether active tracing with X-ray is enabled for the Stage.
+	TracingEnabled *bool `locationName:"tracingEnabled" type:"boolean"`
+
 	// A map that defines the stage variables for a Stage resource. Variable names
 	// can have alphanumeric and underscore characters, and the values must match
 	// [A-Za-z0-9-._~:/?#&=,]+.
@@ -21628,6 +21649,12 @@ func (s *Stage) SetTags(v map[string]*string) *Stage {
 	return s
 }
 
+// SetTracingEnabled sets the TracingEnabled field's value.
+func (s *Stage) SetTracingEnabled(v bool) *Stage {
+	s.TracingEnabled = &v
+	return s
+}
+
 // SetVariables sets the Variables field's value.
 func (s *Stage) SetVariables(v map[string]*string) *Stage {
 	s.Variables = v
@@ -21757,6 +21784,11 @@ type TestInvokeAuthorizerInput struct {
 	// should be specified.
 	Headers map[string]*string `locationName:"headers" type:"map"`
 
+	// [Optional] The headers as a map from string to list of values to simulate
+	// an incoming invocation request. This is where the incoming authorization
+	// token, or identity source, may be specified.
+	MultiValueHeaders map[string][]*string `locationName:"multiValueHeaders" type:"map"`
+
 	// [Optional] The URI path, including query string, of the simulated invocation
 	// request. Use this to specify path parameters and query string parameters.
 	PathWithQueryString *string `locationName:"pathWithQueryString" type:"string"`
@@ -21821,6 +21853,12 @@ func (s *TestInvokeAuthorizerInput) SetHeaders(v map[string]*string) *TestInvoke
 	return s
 }
 
+// SetMultiValueHeaders sets the MultiValueHeaders field's value.
+func (s *TestInvokeAuthorizerInput) SetMultiValueHeaders(v map[string][]*string) *TestInvokeAuthorizerInput {
+	s.MultiValueHeaders = v
+	return s
+}
+
 // SetPathWithQueryString sets the PathWithQueryString field's value.
 func (s *TestInvokeAuthorizerInput) SetPathWithQueryString(v string) *TestInvokeAuthorizerInput {
 	s.PathWithQueryString = &v
@@ -21845,9 +21883,8 @@ type TestInvokeAuthorizerOutput struct {
 
 	Authorization map[string][]*string `locationName:"authorization" type:"map"`
 
-	// The open identity claims (http://openid.net/specs/openid-connect-core-1_0.html#StandardClaims),
+	// The open identity claims ([[OpenIdClaimsUrl]]), with any supported custom
-	// with any supported custom attributes, returned from the Cognito Your User
+	// attributes, returned from the Cognito Your User Pool configured for the API.
-	// Pool configured for the API.
 	Claims map[string]*string `locationName:"claims" type:"map"`
 
 	// The HTTP status code that the client would have received. Value is 0 if the
@@ -21939,6 +21976,10 @@ type TestInvokeMethodInput struct {
 	// HttpMethod is a required field
 	HttpMethod *string `location:"uri" locationName:"http_method" type:"string" required:"true"`
 
+	// The headers as a map from string to list of values to simulate an incoming
+	// invocation request.
+	MultiValueHeaders map[string][]*string `locationName:"multiValueHeaders" type:"map"`
+
 	// The URI path, including query string, of the simulated invocation request.
 	// Use this to specify path parameters and query string parameters.
 	PathWithQueryString *string `locationName:"pathWithQueryString" type:"string"`
@@ -22011,6 +22052,12 @@ func (s *TestInvokeMethodInput) SetHttpMethod(v string) *TestInvokeMethodInput {
 	return s
 }
 
+// SetMultiValueHeaders sets the MultiValueHeaders field's value.
+func (s *TestInvokeMethodInput) SetMultiValueHeaders(v map[string][]*string) *TestInvokeMethodInput {
+	s.MultiValueHeaders = v
+	return s
+}
+
 // SetPathWithQueryString sets the PathWithQueryString field's value.
 func (s *TestInvokeMethodInput) SetPathWithQueryString(v string) *TestInvokeMethodInput {
 	s.PathWithQueryString = &v
@@ -22037,7 +22084,7 @@ func (s *TestInvokeMethodInput) SetStageVariables(v map[string]*string) *TestInv
 
 // Represents the response of the test invoke request in the HTTP method.
 //
-// Test API using the API Gateway console (http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-test-method.html#how-to-test-method-console)
+// Test API using the API Gateway console ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/how-to-test-method.html#how-to-test-method-console)
 type TestInvokeMethodOutput struct {
 	_ struct{} `type:"structure"`
 
@@ -22053,6 +22100,9 @@ type TestInvokeMethodOutput struct {
 	// The API Gateway execution log for the test invoke request.
 	Log *string `locationName:"log" type:"string"`
 
+	// The headers of the HTTP response as a map from string to list of values.
+	MultiValueHeaders map[string][]*string `locationName:"multiValueHeaders" type:"map"`
+
 	// The HTTP status code.
 	Status *int64 `locationName:"status" type:"integer"`
 }
@@ -22091,6 +22141,12 @@ func (s *TestInvokeMethodOutput) SetLog(v string) *TestInvokeMethodOutput {
 	return s
 }
 
+// SetMultiValueHeaders sets the MultiValueHeaders field's value.
+func (s *TestInvokeMethodOutput) SetMultiValueHeaders(v map[string][]*string) *TestInvokeMethodOutput {
+	s.MultiValueHeaders = v
+	return s
+}
+
 // SetStatus sets the Status field's value.
 func (s *TestInvokeMethodOutput) SetStatus(v int64) *TestInvokeMethodOutput {
 	s.Status = &v
@@ -22775,7 +22831,7 @@ func (s *UpdateGatewayResponseInput) SetRestApiId(v string) *UpdateGatewayRespon
 // response parameters and mapping templates.
 //
 // For more information about valid gateway response types, see Gateway Response
-// Types Supported by API Gateway (http://docs.aws.amazon.com/apigateway/latest/developerguide/supported-gateway-response-types.html)Example:
+// Types Supported by API Gateway ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/supported-gateway-response-types.html)Example:
 // Get a Gateway Response of a given response type
 //
 // Request
@@ -22811,7 +22867,7 @@ func (s *UpdateGatewayResponseInput) SetRestApiId(v string) *UpdateGatewayRespon
 // \"statusCode\": \"'404'\"\n}" }, "responseType": "MISSING_AUTHENTICATION_TOKEN",
 // "statusCode": "404" }
 //
-// Customize Gateway Responses (http://docs.aws.amazon.com/apigateway/latest/developerguide/customize-gateway-responses.html)
+// Customize Gateway Responses ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/customize-gateway-responses.html)
 type UpdateGatewayResponseOutput struct {
 	_ struct{} `type:"structure"`
 
@@ -23360,12 +23416,12 @@ func (s *UpdateRequestValidatorInput) SetRestApiId(v string) *UpdateRequestValid
 // A set of validation rules for incoming Method requests.
 //
 // In Swagger, a RequestValidator of an API is defined by the x-amazon-apigateway-request-validators.requestValidator
-// (http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions.html#api-gateway-swagger-extensions-request-validators.requestValidator.html)
+// ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/api-gateway-swagger-extensions.html#api-gateway-swagger-extensions-request-validators.requestValidator.html)
 // object. It the referenced using the x-amazon-apigateway-request-validator
-// (http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions.html#api-gateway-swagger-extensions-request-validator)
+// ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/api-gateway-swagger-extensions.html#api-gateway-swagger-extensions-request-validator)
 // property.
 //
-// Enable Basic Request Validation in API Gateway (http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-method-request-validation.html)
+// Enable Basic Request Validation in API Gateway ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/api-gateway-method-request-validation.html)
 type UpdateRequestValidatorOutput struct {
 	_ struct{} `type:"structure"`
 
@@ -23841,7 +23897,7 @@ func (s *UpdateVpcLinkOutput) SetTargetArns(v []*string) *UpdateVpcLinkOutput {
 
 // Represents the usage data of a usage plan.
 //
-// Create and Use Usage Plans (http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-api-usage-plans.html), Manage Usage in a Usage Plan (http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-create-usage-plans-with-console.html#api-gateway-usage-plan-manage-usage)
+// Create and Use Usage Plans ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/api-gateway-api-usage-plans.html), Manage Usage in a Usage Plan ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/api-gateway-create-usage-plans-with-console.html#api-gateway-usage-plan-manage-usage)
 type Usage struct {
 	_ struct{} `type:"structure"`
 
@@ -23911,7 +23967,7 @@ func (s *Usage) SetUsagePlanId(v string) *Usage {
 // name of the specified API. You add plan customers by adding API keys to the
 // plan.
 //
-// Create and Use Usage Plans (http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-api-usage-plans.html)
+// Create and Use Usage Plans ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/api-gateway-api-usage-plans.html)
 type UsagePlan struct {
 	_ struct{} `type:"structure"`
 
@@ -23995,7 +24051,7 @@ func (s *UsagePlan) SetThrottle(v *ThrottleSettings) *UsagePlan {
 // To associate an API stage with a selected API key in a usage plan, you must
 // create a UsagePlanKey resource to represent the selected ApiKey.
 //
-// " Create and Use Usage Plans (http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-api-usage-plans.html)
+// " Create and Use Usage Plans ([[AwsDocsUrlPrefix]]/apigateway/latest/developerguide/api-gateway-api-usage-plans.html)
 type UsagePlanKey struct {
 	_ struct{} `type:"structure"`
 

vendor/github.com/aws/aws-sdk-go/service/cloudfront/doc.go

@@ -8,7 +8,7 @@
 // errors. For detailed information about CloudFront features, see the Amazon
 // CloudFront Developer Guide.
 //
-// See https://docs.aws.amazon.com/goto/WebAPI/cloudfront-2017-10-30 for more information on this service.
+// See https://docs.aws.amazon.com/goto/WebAPI/cloudfront-2018-06-18 for more information on this service.
 //
 // See cloudfront package documentation for more information.
 // https://docs.aws.amazon.com/sdk-for-go/api/service/cloudfront/

vendor/github.com/aws/aws-sdk-go/service/cloudfront/service.go

@@ -60,7 +60,7 @@ func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio
 				SigningName:   signingName,
 				SigningRegion: signingRegion,
 				Endpoint:      endpoint,
-				APIVersion:    "2017-10-30",
+				APIVersion:    "2018-06-18",
 			},
 			handlers,
 		),

vendor/github.com/aws/aws-sdk-go/service/cloudtrail/api.go

@@ -1993,6 +1993,8 @@ type CreateTrailOutput struct {
 	SnsTopicARN *string `type:"string"`
 
 	// This field is deprecated. Use SnsTopicARN.
+	//
+	// Deprecated: SnsTopicName has been deprecated
 	SnsTopicName *string `deprecated:"true" type:"string"`
 
 	// Specifies the ARN of the trail that was created. The format of a trail ARN
@@ -3624,6 +3626,8 @@ type Trail struct {
 	SnsTopicARN *string `type:"string"`
 
 	// This field is deprecated. Use SnsTopicARN.
+	//
+	// Deprecated: SnsTopicName has been deprecated
 	SnsTopicName *string `deprecated:"true" type:"string"`
 
 	// Specifies the ARN of the trail. The format of a trail ARN is:
@@ -3946,6 +3950,8 @@ type UpdateTrailOutput struct {
 	SnsTopicARN *string `type:"string"`
 
 	// This field is deprecated. Use SnsTopicARN.
+	//
+	// Deprecated: SnsTopicName has been deprecated
 	SnsTopicName *string `deprecated:"true" type:"string"`
 
 	// Specifies the ARN of the trail that was updated. The format of a trail ARN

vendor/github.com/aws/aws-sdk-go/service/cloudwatch/api.go

@@ -830,6 +830,29 @@ func (c *CloudWatch) GetMetricDataRequest(input *GetMetricDataInput) (req *reque
 // to GetMetricStatistics. For more information about pricing, see Amazon CloudWatch
 // Pricing (https://aws.amazon.com/cloudwatch/pricing/).
 //
+// Amazon CloudWatch retains metric data as follows:
+//
+//    * Data points with a period of less than 60 seconds are available for
+//    3 hours. These data points are high-resolution metrics and are available
+//    only for custom metrics that have been defined with a StorageResolution
+//    of 1.
+//
+//    * Data points with a period of 60 seconds (1-minute) are available for
+//    15 days.
+//
+//    * Data points with a period of 300 seconds (5-minute) are available for
+//    63 days.
+//
+//    * Data points with a period of 3600 seconds (1 hour) are available for
+//    455 days (15 months).
+//
+// Data points that are initially published with a shorter period are aggregated
+// together for long-term storage. For example, if you collect data using a
+// period of 1 minute, the data remains available for 15 days with 1-minute
+// resolution. After 15 days, this data is still available, but is aggregated
+// and retrievable only with a resolution of 5 minutes. After 63 days, the data
+// is further aggregated and is available with a resolution of 1 hour.
+//
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
 // the error.
@@ -929,6 +952,9 @@ func (c *CloudWatch) GetMetricStatisticsRequest(input *GetMetricStatisticsInput)
 //
 //    * The Min and the Max values of the statistic set are equal.
 //
+// Percentile statistics are not available for metrics when any of the metric
+// values are negative numbers.
+//
 // Amazon CloudWatch retains metric data as follows:
 //
 //    * Data points with a period of less than 60 seconds are available for
@@ -1001,6 +1027,94 @@ func (c *CloudWatch) GetMetricStatisticsWithContext(ctx aws.Context, input *GetM
 	return out, req.Send()
 }
 
+const opGetMetricWidgetImage = "GetMetricWidgetImage"
+
+// GetMetricWidgetImageRequest generates a "aws/request.Request" representing the
+// client's request for the GetMetricWidgetImage operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfuly.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See GetMetricWidgetImage for more information on using the GetMetricWidgetImage
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+//    // Example sending a request using the GetMetricWidgetImageRequest method.
+//    req, resp := client.GetMetricWidgetImageRequest(params)
+//
+//    err := req.Send()
+//    if err == nil { // resp is now filled
+//        fmt.Println(resp)
+//    }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/monitoring-2010-08-01/GetMetricWidgetImage
+func (c *CloudWatch) GetMetricWidgetImageRequest(input *GetMetricWidgetImageInput) (req *request.Request, output *GetMetricWidgetImageOutput) {
+	op := &request.Operation{
+		Name:       opGetMetricWidgetImage,
+		HTTPMethod: "POST",
+		HTTPPath:   "/",
+	}
+
+	if input == nil {
+		input = &GetMetricWidgetImageInput{}
+	}
+
+	output = &GetMetricWidgetImageOutput{}
+	req = c.newRequest(op, input, output)
+	return
+}
+
+// GetMetricWidgetImage API operation for Amazon CloudWatch.
+//
+// You can use the GetMetricWidgetImage API to retrieve a snapshot graph of
+// one or more Amazon CloudWatch metrics as a bitmap image. You can then embed
+// this image into your services and products, such as wiki pages, reports,
+// and documents. You could also retrieve images regularly, such as every minute,
+// and create your own custom live dashboard.
+//
+// The graph you retrieve can include all CloudWatch metric graph features,
+// including metric math and horizontal and vertical annotations.
+//
+// There is a limit of 20 transactions per second for this API. Each GetMetricWidgetImage
+// action has the following limits:
+//
+//    * As many as 100 metrics in the graph.
+//
+//    * Up to 100 KB uncompressed payload.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for Amazon CloudWatch's
+// API operation GetMetricWidgetImage for usage and error information.
+// See also, https://docs.aws.amazon.com/goto/WebAPI/monitoring-2010-08-01/GetMetricWidgetImage
+func (c *CloudWatch) GetMetricWidgetImage(input *GetMetricWidgetImageInput) (*GetMetricWidgetImageOutput, error) {
+	req, out := c.GetMetricWidgetImageRequest(input)
+	return out, req.Send()
+}
+
+// GetMetricWidgetImageWithContext is the same as GetMetricWidgetImage with the addition of
+// the ability to pass a context and additional request options.
+//
+// See GetMetricWidgetImage for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *CloudWatch) GetMetricWidgetImageWithContext(ctx aws.Context, input *GetMetricWidgetImageInput, opts ...request.Option) (*GetMetricWidgetImageOutput, error) {
+	req, out := c.GetMetricWidgetImageRequest(input)
+	req.SetContext(ctx)
+	req.ApplyOptions(opts...)
+	return out, req.Send()
+}
+
 const opListDashboards = "ListDashboards"
 
 // ListDashboardsRequest generates a "aws/request.Request" representing the
@@ -1049,6 +1163,10 @@ func (c *CloudWatch) ListDashboardsRequest(input *ListDashboardsInput) (req *req
 // only those dashboards with names starting with the prefix are listed. Otherwise,
 // all dashboards in your account are listed.
 //
+// ListDashboards returns up to 1000 results on one page. If there are more
+// than 1000 dashboards, you can call ListDashboards again and include the value
+// you received for NextToken in the first call, to receive the next 1000 results.
+//
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
 // the error.
@@ -1135,15 +1253,15 @@ func (c *CloudWatch) ListMetricsRequest(input *ListMetricsInput) (req *request.R
 
 // ListMetrics API operation for Amazon CloudWatch.
 //
-// List the specified metrics. You can use the returned metrics with GetMetricStatistics
+// List the specified metrics. You can use the returned metrics with GetMetricData
-// to obtain statistical data.
+// or GetMetricStatistics to obtain statistical data.
 //
 // Up to 500 results are returned for any one call. To retrieve additional results,
 // use the returned token with subsequent calls.
 //
 // After you create a metric, allow up to fifteen minutes before the metric
 // appears. Statistics about the metric, however, are available sooner using
-// GetMetricStatistics.
+// GetMetricData or GetMetricStatistics.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -1279,8 +1397,8 @@ func (c *CloudWatch) PutDashboardRequest(input *PutDashboardInput) (req *request
 // dashboard. If you update a dashboard, the entire contents are replaced with
 // what you specify here.
 //
-// You can have up to 500 dashboards per account. All dashboards in your account
+// There is no limit to the number of dashboards in your account. All dashboards
-// are global, not region-specific.
+// in your account are global, not region-specific.
 //
 // A simple way to create a dashboard using PutDashboard is to copy an existing
 // dashboard. To copy an existing dashboard using the console, you can load
@@ -1415,10 +1533,11 @@ func (c *CloudWatch) PutMetricAlarmRequest(input *PutMetricAlarmInput) (req *req
 // If you are using temporary security credentials granted using AWS STS, you
 // cannot stop or terminate an EC2 instance using alarm actions.
 //
-// You must create at least one stop, terminate, or reboot alarm using either
+// The first time you create an alarm in the AWS Management Console, the CLI,
-// the Amazon EC2 or CloudWatch consoles to create the EC2ActionsAccess IAM
+// or by using the PutMetricAlarm API, CloudWatch creates the necessary service-linked
-// role. After this IAM role is created, you can create stop, terminate, or
+// role for you. The service-linked role is called AWSServiceRoleForCloudWatchEvents.
-// reboot alarms using a command-line interface or API.
+// For more information about service-linked roles, see AWS service-linked role
+// (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html#iam-term-service-linked-role).
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -1499,12 +1618,21 @@ func (c *CloudWatch) PutMetricDataRequest(input *PutMetricDataInput) (req *reque
 
 // PutMetricData API operation for Amazon CloudWatch.
 //
-// Publishes metric data points to Amazon CloudWatch. CloudWatch associates
+// Publishes metric data to Amazon CloudWatch. CloudWatch associates the data
-// the data points with the specified metric. If the specified metric does not
+// with the specified metric. If the specified metric does not exist, CloudWatch
-// exist, CloudWatch creates the metric. When CloudWatch creates a metric, it
+// creates the metric. When CloudWatch creates a metric, it can take up to fifteen
-// can take up to fifteen minutes for the metric to appear in calls to ListMetrics.
+// minutes for the metric to appear in calls to ListMetrics.
+//
+// You can publish either individual data points in the Value field, or arrays
+// of values and the number of times each value occurred during the period by
+// using the Values and Counts fields in the MetricDatum structure. Using the
+// Values and Counts method enables you to publish up to 150 values per metric
+// with one PutMetricData request, and supports retrieving percentile statistics
+// on this data.
 //
 // Each PutMetricData request is limited to 40 KB in size for HTTP POST requests.
+// You can send a payload compressed by gzip. Each request is also limited to
+// no more than 20 different metrics.
 //
 // Although the Value parameter accepts numbers of type Double, CloudWatch rejects
 // values that are either too small or too large. Values must be in the range
@@ -1518,16 +1646,19 @@ func (c *CloudWatch) PutMetricDataRequest(input *PutMetricDataInput) (req *reque
 // in the Amazon CloudWatch User Guide.
 //
 // Data points with time stamps from 24 hours ago or longer can take at least
-// 48 hours to become available for GetMetricStatistics from the time they are
+// 48 hours to become available for GetMetricData or GetMetricStatistics from
-// submitted.
+// the time they are submitted.
 //
-// CloudWatch needs raw data points to calculate percentile statistics. If you
+// CloudWatch needs raw data points to calculate percentile statistics. These
-// publish data using a statistic set instead, you can only retrieve percentile
+// raw data points could be published individually or as part of Values and
-// statistics for this data if one of the following conditions is true:
+// Counts arrays. If you publish data using statistic sets in the StatisticValues
+// field instead, you can only retrieve percentile statistics for this data
+// if one of the following conditions is true:
 //
-//    * The SampleCount value of the statistic set is 1
+//    * The SampleCount value of the statistic set is 1 and Min, Max, and Sum
+//    are all equal.
 //
-//    * The Min and the Max values of the statistic set are equal
+//    * The Min and Max are equal, and Sum is equal to Min multiplied by SampleCount.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -2683,6 +2814,12 @@ type GetMetricDataInput struct {
 
 	// The time stamp indicating the latest data to be returned.
 	//
+	// For better performance, specify StartTime and EndTime values that align with
+	// the value of the metric's Period and sync up with the beginning and end of
+	// an hour. For example, if the Period of a metric is 5 minutes, specifying
+	// 12:05 or 12:30 as EndTime can get a faster response from CloudWatch then
+	// setting 12:07 or 12:29 as the EndTime.
+	//
 	// EndTime is a required field
 	EndTime *time.Time `type:"timestamp" required:"true"`
 
@@ -2710,6 +2847,12 @@ type GetMetricDataInput struct {
 
 	// The time stamp indicating the earliest data to be returned.
 	//
+	// For better performance, specify StartTime and EndTime values that align with
+	// the value of the metric's Period and sync up with the beginning and end of
+	// an hour. For example, if the Period of a metric is 5 minutes, specifying
+	// 12:05 or 12:30 as StartTime can get a faster response from CloudWatch then
+	// setting 12:07 or 12:29 as the StartTime.
+	//
 	// StartTime is a required field
 	StartTime *time.Time `type:"timestamp" required:"true"`
 }
@@ -2846,7 +2989,8 @@ type GetMetricStatisticsInput struct {
 
 	// The percentile statistics. Specify values between p0.0 and p100. When calling
 	// GetMetricStatistics, you must specify either Statistics or ExtendedStatistics,
-	// but not both.
+	// but not both. Percentile statistics are not available for metrics when any
+	// of the metric values are negative numbers.
 	ExtendedStatistics []*string `min:"1" type:"list"`
 
 	// The name of the metric, with or without spaces.
@@ -3067,6 +3211,115 @@ func (s *GetMetricStatisticsOutput) SetLabel(v string) *GetMetricStatisticsOutpu
 	return s
 }
 
+type GetMetricWidgetImageInput struct {
+	_ struct{} `type:"structure"`
+
+	// A JSON string that defines the bitmap graph to be retrieved. The string includes
+	// the metrics to include in the graph, statistics, annotations, title, axis
+	// limits, and so on. You can include only one MetricWidget parameter in each
+	// GetMetricWidgetImage call.
+	//
+	// For more information about the syntax of MetricWidget see CloudWatch-Metric-Widget-Structure.
+	//
+	// If any metric on the graph could not load all the requested data points,
+	// an orange triangle with an exclamation point appears next to the graph legend.
+	//
+	// MetricWidget is a required field
+	MetricWidget *string `type:"string" required:"true"`
+
+	// The format of the resulting image. Only PNG images are supported.
+	//
+	// The default is png. If you specify png, the API returns an HTTP response
+	// with the content-type set to text/xml. The image data is in a MetricWidgetImage
+	// field. For example:
+	//
+	// <GetMetricWidgetImageResponse xmlns="http://monitoring.amazonaws.com/doc/2010-08-01/">
+	//
+	// <GetMetricWidgetImageResult>
+	//
+	// <MetricWidgetImage>
+	//
+	// iVBORw0KGgoAAAANSUhEUgAAAlgAAAGQEAYAAAAip...
+	//
+	// </MetricWidgetImage>
+	//
+	// </GetMetricWidgetImageResult>
+	//
+	// <ResponseMetadata>
+	//
+	// <RequestId>6f0d4192-4d42-11e8-82c1-f539a07e0e3b</RequestId>
+	//
+	// </ResponseMetadata>
+	//
+	// </GetMetricWidgetImageResponse>
+	//
+	// The image/png setting is intended only for custom HTTP requests. For most
+	// use cases, and all actions using an AWS SDK, you should use png. If you specify
+	// image/png, the HTTP response has a content-type set to image/png, and the
+	// body of the response is a PNG image.
+	OutputFormat *string `type:"string"`
+}
+
+// String returns the string representation
+func (s GetMetricWidgetImageInput) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s GetMetricWidgetImageInput) GoString() string {
+	return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *GetMetricWidgetImageInput) Validate() error {
+	invalidParams := request.ErrInvalidParams{Context: "GetMetricWidgetImageInput"}
+	if s.MetricWidget == nil {
+		invalidParams.Add(request.NewErrParamRequired("MetricWidget"))
+	}
+
+	if invalidParams.Len() > 0 {
+		return invalidParams
+	}
+	return nil
+}
+
+// SetMetricWidget sets the MetricWidget field's value.
+func (s *GetMetricWidgetImageInput) SetMetricWidget(v string) *GetMetricWidgetImageInput {
+	s.MetricWidget = &v
+	return s
+}
+
+// SetOutputFormat sets the OutputFormat field's value.
+func (s *GetMetricWidgetImageInput) SetOutputFormat(v string) *GetMetricWidgetImageInput {
+	s.OutputFormat = &v
+	return s
+}
+
+type GetMetricWidgetImageOutput struct {
+	_ struct{} `type:"structure"`
+
+	// The image of the graph, in the output format specified.
+	//
+	// MetricWidgetImage is automatically base64 encoded/decoded by the SDK.
+	MetricWidgetImage []byte `type:"blob"`
+}
+
+// String returns the string representation
+func (s GetMetricWidgetImageOutput) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s GetMetricWidgetImageOutput) GoString() string {
+	return s.String()
+}
+
+// SetMetricWidgetImage sets the MetricWidgetImage field's value.
+func (s *GetMetricWidgetImageOutput) SetMetricWidgetImage(v []byte) *GetMetricWidgetImageOutput {
+	s.MetricWidgetImage = v
+	return s
+}
+
 type ListDashboardsInput struct {
 	_ struct{} `type:"structure"`
 
@@ -3792,6 +4045,15 @@ func (s *MetricDataResult) SetValues(v []*float64) *MetricDataResult {
 type MetricDatum struct {
 	_ struct{} `type:"structure"`
 
+	// Array of numbers that is used along with the Values array. Each number in
+	// the Count array is the number of times the corresponding value in the Values
+	// array occurred during the period.
+	//
+	// If you omit the Counts array, the default of 1 is used as the value for each
+	// count. If you include a Counts array, it must include the same amount of
+	// values as the Values array.
+	Counts []*float64 `type:"list"`
+
 	// The dimensions associated with the metric.
 	Dimensions []*Dimension `type:"list"`
 
@@ -3829,6 +4091,19 @@ type MetricDatum struct {
 	// In addition, special values (for example, NaN, +Infinity, -Infinity) are
 	// not supported.
 	Value *float64 `type:"double"`
+
+	// Array of numbers representing the values for the metric during the period.
+	// Each unique value is listed just once in this array, and the corresponding
+	// number in the Counts array specifies the number of times that value occurred
+	// during the period. You can include up to 150 unique values in each PutMetricData
+	// action that specifies a Values array.
+	//
+	// Although the Values array accepts numbers of type Double, CloudWatch rejects
+	// values that are either too small or too large. Values must be in the range
+	// of 8.515920e-109 to 1.174271e+108 (Base 10) or 2e-360 to 2e360 (Base 2).
+	// In addition, special values (for example, NaN, +Infinity, -Infinity) are
+	// not supported.
+	Values []*float64 `type:"list"`
 }
 
 // String returns the string representation
@@ -3875,6 +4150,12 @@ func (s *MetricDatum) Validate() error {
 	return nil
 }
 
+// SetCounts sets the Counts field's value.
+func (s *MetricDatum) SetCounts(v []*float64) *MetricDatum {
+	s.Counts = v
+	return s
+}
+
 // SetDimensions sets the Dimensions field's value.
 func (s *MetricDatum) SetDimensions(v []*Dimension) *MetricDatum {
 	s.Dimensions = v
@@ -3917,6 +4198,12 @@ func (s *MetricDatum) SetValue(v float64) *MetricDatum {
 	return s
 }
 
+// SetValues sets the Values field's value.
+func (s *MetricDatum) SetValues(v []*float64) *MetricDatum {
+	s.Values = v
+	return s
+}
+
 // This structure defines the metric to be returned, along with the statistics,
 // period, and units.
 type MetricStat struct {
@@ -4105,11 +4392,11 @@ type PutMetricAlarmInput struct {
 	//
 	// Valid Values: arn:aws:automate:region:ec2:stop | arn:aws:automate:region:ec2:terminate
 	// | arn:aws:automate:region:ec2:recover | arn:aws:sns:region:account-id:sns-topic-name
-	// | arn:aws:autoscaling:region:account-id:scalingPolicy:policy-id autoScalingGroupName/group-friendly-name:policyName/policy-friendly-name
+	// | arn:aws:autoscaling:region:account-id:scalingPolicy:policy-idautoScalingGroupName/group-friendly-name:policyName/policy-friendly-name
 	//
-	// Valid Values (for use with IAM roles): arn:aws:swf:region:{account-id}:action/actions/AWS_EC2.InstanceId.Stop/1.0
+	// Valid Values (for use with IAM roles): arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Stop/1.0
-	// | arn:aws:swf:region:{account-id}:action/actions/AWS_EC2.InstanceId.Terminate/1.0
+	// | arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Terminate/1.0
-	// | arn:aws:swf:region:{account-id}:action/actions/AWS_EC2.InstanceId.Reboot/1.0
+	// | arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Reboot/1.0
 	AlarmActions []*string `type:"list"`
 
 	// The description for the alarm.
@@ -4167,11 +4454,11 @@ type PutMetricAlarmInput struct {
 	//
 	// Valid Values: arn:aws:automate:region:ec2:stop | arn:aws:automate:region:ec2:terminate
 	// | arn:aws:automate:region:ec2:recover | arn:aws:sns:region:account-id:sns-topic-name
-	// | arn:aws:autoscaling:region:account-id:scalingPolicy:policy-id autoScalingGroupName/group-friendly-name:policyName/policy-friendly-name
+	// | arn:aws:autoscaling:region:account-id:scalingPolicy:policy-idautoScalingGroupName/group-friendly-name:policyName/policy-friendly-name
 	//
-	// Valid Values (for use with IAM roles): arn:aws:swf:region:{account-id}:action/actions/AWS_EC2.InstanceId.Stop/1.0
+	// Valid Values (for use with IAM roles): >arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Stop/1.0
-	// | arn:aws:swf:region:{account-id}:action/actions/AWS_EC2.InstanceId.Terminate/1.0
+	// | arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Terminate/1.0
-	// | arn:aws:swf:region:{account-id}:action/actions/AWS_EC2.InstanceId.Reboot/1.0
+	// | arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Reboot/1.0
 	InsufficientDataActions []*string `type:"list"`
 
 	// The name for the metric associated with the alarm.
@@ -4189,11 +4476,11 @@ type PutMetricAlarmInput struct {
 	//
 	// Valid Values: arn:aws:automate:region:ec2:stop | arn:aws:automate:region:ec2:terminate
 	// | arn:aws:automate:region:ec2:recover | arn:aws:sns:region:account-id:sns-topic-name
-	// | arn:aws:autoscaling:region:account-id:scalingPolicy:policy-id autoScalingGroupName/group-friendly-name:policyName/policy-friendly-name
+	// | arn:aws:autoscaling:region:account-id:scalingPolicy:policy-idautoScalingGroupName/group-friendly-name:policyName/policy-friendly-name
 	//
-	// Valid Values (for use with IAM roles): arn:aws:swf:region:{account-id}:action/actions/AWS_EC2.InstanceId.Stop/1.0
+	// Valid Values (for use with IAM roles): arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Stop/1.0
-	// | arn:aws:swf:region:{account-id}:action/actions/AWS_EC2.InstanceId.Terminate/1.0
+	// | arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Terminate/1.0
-	// | arn:aws:swf:region:{account-id}:action/actions/AWS_EC2.InstanceId.Reboot/1.0
+	// | arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Reboot/1.0
 	OKActions []*string `type:"list"`
 
 	// The period, in seconds, over which the specified statistic is applied. Valid
@@ -4450,7 +4737,8 @@ func (s PutMetricAlarmOutput) GoString() string {
 type PutMetricDataInput struct {
 	_ struct{} `type:"structure"`
 
-	// The data for the metric.
+	// The data for the metric. The array can include no more than 20 metrics per
+	// call.
 	//
 	// MetricData is a required field
 	MetricData []*MetricDatum `type:"list" required:"true"`

vendor/github.com/aws/aws-sdk-go/service/cloudwatchevents/api.go

@@ -61,11 +61,10 @@ func (c *CloudWatchEvents) DeleteRuleRequest(input *DeleteRuleInput) (req *reque
 //
 // Deletes the specified rule.
 //
-// You must remove all targets from a rule using RemoveTargets before you can
+// Before you can delete the rule, you must remove all targets, using RemoveTargets.
-// delete the rule.
 //
 // When you delete a rule, incoming events might continue to match to the deleted
-// rule. Please allow a short period of time for changes to take effect.
+// rule. Allow a short period of time for changes to take effect.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -233,6 +232,9 @@ func (c *CloudWatchEvents) DescribeRuleRequest(input *DescribeRuleInput) (req *r
 //
 // Describes the specified rule.
 //
+// DescribeRule does not list the targets of a rule. To see the targets associated
+// with a rule, use ListTargetsByRule.
+//
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
 // the error.
@@ -319,7 +321,7 @@ func (c *CloudWatchEvents) DisableRuleRequest(input *DisableRuleInput) (req *req
 // won't self-trigger if it has a schedule expression.
 //
 // When you disable a rule, incoming events might continue to match to the disabled
-// rule. Please allow a short period of time for changes to take effect.
+// rule. Allow a short period of time for changes to take effect.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -409,8 +411,8 @@ func (c *CloudWatchEvents) EnableRuleRequest(input *EnableRuleInput) (req *reque
 // Enables the specified rule. If the rule does not exist, the operation fails.
 //
 // When you enable a rule, incoming events might not immediately start matching
-// to a newly enabled rule. Please allow a short period of time for changes
+// to a newly enabled rule. Allow a short period of time for changes to take
-// to take effect.
+// effect.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -578,6 +580,9 @@ func (c *CloudWatchEvents) ListRulesRequest(input *ListRulesInput) (req *request
 // Lists your Amazon CloudWatch Events rules. You can either list all the rules
 // or you can provide a prefix to match to the rule names.
 //
+// ListRules does not list the targets of a rule. To see the targets associated
+// with a rule, use ListTargetsByRule.
+//
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
 // the error.
@@ -830,7 +835,7 @@ func (c *CloudWatchEvents) PutPermissionRequest(input *PutPermissionInput) (req
 // To enable multiple AWS accounts to put events to your default event bus,
 // run PutPermission once for each of these accounts.
 //
-// The permission policy on the default event bus cannot exceed 10KB in size.
+// The permission policy on the default event bus cannot exceed 10 KB in size.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -921,14 +926,14 @@ func (c *CloudWatchEvents) PutRuleRequest(input *PutRuleInput) (req *request.Req
 // Creates or updates the specified rule. Rules are enabled by default, or based
 // on value of the state. You can disable a rule using DisableRule.
 //
-// If you are updating an existing rule, the rule is completely replaced with
+// If you are updating an existing rule, the rule is replaced with what you
-// what you specify in this PutRule command. If you omit arguments in PutRule,
+// specify in this PutRule command. If you omit arguments in PutRule, the old
-// the old values for those arguments are not kept. Instead, they are replaced
+// values for those arguments are not kept. Instead, they are replaced with
-// with null values.
+// null values.
 //
 // When you create or update a rule, incoming events might not immediately start
-// matching to new or updated rules. Please allow a short period of time for
+// matching to new or updated rules. Allow a short period of time for changes
-// changes to take effect.
+// to take effect.
 //
 // A rule must contain at least an EventPattern or ScheduleExpression. Rules
 // with EventPatterns are triggered when a matching event is observed. Rules
@@ -1036,11 +1041,15 @@ func (c *CloudWatchEvents) PutTargetsRequest(input *PutTargetsInput) (req *reque
 //
 //    * EC2 instances
 //
+//    * SSM Run Command
+//
+//    * SSM Automation
+//
 //    * AWS Lambda functions
 //
-//    * Streams in Amazon Kinesis Streams
+//    * Data streams in Amazon Kinesis Data Streams
 //
-//    * Delivery streams in Amazon Kinesis Firehose
+//    * Data delivery streams in Amazon Kinesis Data Firehose
 //
 //    * Amazon ECS tasks
 //
@@ -1048,7 +1057,9 @@ func (c *CloudWatchEvents) PutTargetsRequest(input *PutTargetsInput) (req *reque
 //
 //    * AWS Batch jobs
 //
-//    * Pipelines in Amazon Code Pipeline
+//    * AWS CodeBuild projects
+//
+//    * Pipelines in AWS CodePipeline
 //
 //    * Amazon Inspector assessment templates
 //
@@ -1058,40 +1069,40 @@ func (c *CloudWatchEvents) PutTargetsRequest(input *PutTargetsInput) (req *reque
 //
 //    * The default event bus of another AWS account
 //
-// Note that creating rules with built-in targets is supported only in the AWS
+// Creating rules with built-in targets is supported only in the AWS Management
-// Management Console.
+// Console. The built-in targets are EC2 CreateSnapshot API call, EC2 RebootInstances
+// API call, EC2 StopInstances API call, and EC2 TerminateInstances API call.
 //
 // For some target types, PutTargets provides target-specific parameters. If
-// the target is an Amazon Kinesis stream, you can optionally specify which
+// the target is a Kinesis data stream, you can optionally specify which shard
-// shard the event goes to by using the KinesisParameters argument. To invoke
+// the event goes to by using the KinesisParameters argument. To invoke a command
-// a command on multiple EC2 instances with one rule, you can use the RunCommandParameters
+// on multiple EC2 instances with one rule, you can use the RunCommandParameters
 // field.
 //
 // To be able to make API calls against the resources that you own, Amazon CloudWatch
 // Events needs the appropriate permissions. For AWS Lambda and Amazon SNS resources,
-// CloudWatch Events relies on resource-based policies. For EC2 instances, Amazon
+// CloudWatch Events relies on resource-based policies. For EC2 instances, Kinesis
-// Kinesis streams, and AWS Step Functions state machines, CloudWatch Events
+// data streams, and AWS Step Functions state machines, CloudWatch Events relies
-// relies on IAM roles that you specify in the RoleARN argument in PutTargets.
+// on IAM roles that you specify in the RoleARN argument in PutTargets. For
-// For more information, see Authentication and Access Control (http://docs.aws.amazon.com/AmazonCloudWatch/latest/events/auth-and-access-control-cwe.html)
+// more information, see Authentication and Access Control (http://docs.aws.amazon.com/AmazonCloudWatch/latest/events/auth-and-access-control-cwe.html)
 // in the Amazon CloudWatch Events User Guide.
 //
 // If another AWS account is in the same region and has granted you permission
-// (using PutPermission), you can send events to that account by setting that
+// (using PutPermission), you can send events to that account. Set that account's
-// account's event bus as a target of the rules in your account. To send the
+// event bus as a target of the rules in your account. To send the matched events
-// matched events to the other account, specify that account's event bus as
+// to the other account, specify that account's event bus as the Arn value when
-// the Arn when you run PutTargets. If your account sends events to another
+// you run PutTargets. If your account sends events to another account, your
-// account, your account is charged for each sent event. Each event sent to
+// account is charged for each sent event. Each event sent to another account
-// antoher account is charged as a custom event. The account receiving the event
+// is charged as a custom event. The account receiving the event is not charged.
-// is not charged. For more information on pricing, see Amazon CloudWatch Pricing
+// For more information, see Amazon CloudWatch Pricing (https://aws.amazon.com/cloudwatch/pricing/).
-// (https://aws.amazon.com/cloudwatch/pricing/).
 //
 // For more information about enabling cross-account events, see PutPermission.
 //
-// Input, InputPath and InputTransformer are mutually exclusive and optional
+// Input, InputPath, and InputTransformer are mutually exclusive and optional
 // parameters of a target. When a rule is triggered due to a matched event:
 //
 //    * If none of the following arguments are specified for a target, then
-//    the entire event is passed to the target in JSON form (unless the target
+//    the entire event is passed to the target in JSON format (unless the target
 //    is Amazon EC2 Run Command or Amazon ECS task, in which case nothing from
 //    the event is passed to the target).
 //
@@ -1110,8 +1121,8 @@ func (c *CloudWatchEvents) PutTargetsRequest(input *PutTargetsInput) (req *reque
 // not bracket notation.
 //
 // When you add targets to a rule and the associated rule triggers soon after,
-// new or updated targets might not be immediately invoked. Please allow a short
+// new or updated targets might not be immediately invoked. Allow a short period
-// period of time for changes to take effect.
+// of time for changes to take effect.
 //
 // This action can partially fail if too many requests are made at the same
 // time. If that happens, FailedEntryCount is non-zero in the response and each
@@ -1298,8 +1309,8 @@ func (c *CloudWatchEvents) RemoveTargetsRequest(input *RemoveTargetsInput) (req
 // those targets are no longer be invoked.
 //
 // When you remove a target, when the associated rule triggers, removed targets
-// might continue to be invoked. Please allow a short period of time for changes
+// might continue to be invoked. Allow a short period of time for changes to
-// to take effect.
+// take effect.
 //
 // This action can partially fail if too many requests are made at the same
 // time. If that happens, FailedEntryCount is non-zero in the response and each
@@ -1432,6 +1443,71 @@ func (c *CloudWatchEvents) TestEventPatternWithContext(ctx aws.Context, input *T
 	return out, req.Send()
 }
 
+// This structure specifies the VPC subnets and security groups for the task,
+// and whether a public IP address is to be used. This structure is relevant
+// only for ECS tasks that use the awsvpc network mode.
+type AwsVpcConfiguration struct {
+	_ struct{} `type:"structure"`
+
+	// Specifies whether the task's elastic network interface receives a public
+	// IP address. You can specify ENABLED only when LaunchType in EcsParameters
+	// is set to FARGATE.
+	AssignPublicIp *string `type:"string" enum:"AssignPublicIp"`
+
+	// Specifies the security groups associated with the task. These security groups
+	// must all be in the same VPC. You can specify as many as five security groups.
+	// If you do not specify a security group, the default security group for the
+	// VPC is used.
+	SecurityGroups []*string `type:"list"`
+
+	// Specifies the subnets associated with the task. These subnets must all be
+	// in the same VPC. You can specify as many as 16 subnets.
+	//
+	// Subnets is a required field
+	Subnets []*string `type:"list" required:"true"`
+}
+
+// String returns the string representation
+func (s AwsVpcConfiguration) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s AwsVpcConfiguration) GoString() string {
+	return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *AwsVpcConfiguration) Validate() error {
+	invalidParams := request.ErrInvalidParams{Context: "AwsVpcConfiguration"}
+	if s.Subnets == nil {
+		invalidParams.Add(request.NewErrParamRequired("Subnets"))
+	}
+
+	if invalidParams.Len() > 0 {
+		return invalidParams
+	}
+	return nil
+}
+
+// SetAssignPublicIp sets the AssignPublicIp field's value.
+func (s *AwsVpcConfiguration) SetAssignPublicIp(v string) *AwsVpcConfiguration {
+	s.AssignPublicIp = &v
+	return s
+}
+
+// SetSecurityGroups sets the SecurityGroups field's value.
+func (s *AwsVpcConfiguration) SetSecurityGroups(v []*string) *AwsVpcConfiguration {
+	s.SecurityGroups = v
+	return s
+}
+
+// SetSubnets sets the Subnets field's value.
+func (s *AwsVpcConfiguration) SetSubnets(v []*string) *AwsVpcConfiguration {
+	s.Subnets = v
+	return s
+}
+
 // The array properties for the submitted job, such as the size of the array.
 // The array size can be between 2 and 10,000. If you specify array properties
 // for a job, it becomes an array job. This parameter is used only if the target
@@ -1484,7 +1560,7 @@ type BatchParameters struct {
 
 	// The retry strategy to use for failed jobs, if the target is an AWS Batch
 	// job. The retry strategy is the number of times to retry the failed job execution.
-	// Valid values are 1 to 10. When you specify a retry strategy here, it overrides
+	// Valid values are 1–10. When you specify a retry strategy here, it overrides
 	// the retry strategy defined in the job definition.
 	RetryStrategy *BatchRetryStrategy `type:"structure"`
 }
@@ -1546,7 +1622,7 @@ type BatchRetryStrategy struct {
 	_ struct{} `type:"structure"`
 
 	// The number of times to attempt to retry, if the job fails. Valid values are
-	// 1 to 10.
+	// 1–10.
 	Attempts *int64 `type:"integer"`
 }
 
@@ -1851,16 +1927,43 @@ func (s DisableRuleOutput) GoString() string {
 	return s.String()
 }
 
-// The custom parameters to be used when the target is an Amazon ECS cluster.
+// The custom parameters to be used when the target is an Amazon ECS task.
 type EcsParameters struct {
 	_ struct{} `type:"structure"`
 
-	// The number of tasks to create based on the TaskDefinition. The default is
+	// Specifies an ECS task group for the task. The maximum length is 255 characters.
-	// one.
+	Group *string `type:"string"`
+
+	// Specifies the launch type on which your task is running. The launch type
+	// that you specify here must match one of the launch type (compatibilities)
+	// of the target task. The FARGATE value is supported only in the Regions where
+	// AWS Fargate with Amazon ECS is supported. For more information, see AWS Fargate
+	// on Amazon ECS (http://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS-Fargate.html)
+	// in the Amazon Elastic Container Service Developer Guide.
+	LaunchType *string `type:"string" enum:"LaunchType"`
+
+	// Use this structure if the ECS task uses the awsvpc network mode. This structure
+	// specifies the VPC subnets and security groups associated with the task, and
+	// whether a public IP address is to be used. This structure is required if
+	// LaunchType is FARGATE because the awsvpc mode is required for Fargate tasks.
+	//
+	// If you specify NetworkConfiguration when the target ECS task does not use
+	// the awsvpc network mode, the task fails.
+	NetworkConfiguration *NetworkConfiguration `type:"structure"`
+
+	// Specifies the platform version for the task. Specify only the numeric portion
+	// of the platform version, such as 1.1.0.
+	//
+	// This structure is used only if LaunchType is FARGATE. For more information
+	// about valid platform versions, see AWS Fargate Platform Versions (http://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html)
+	// in the Amazon Elastic Container Service Developer Guide.
+	PlatformVersion *string `type:"string"`
+
+	// The number of tasks to create based on TaskDefinition. The default is 1.
 	TaskCount *int64 `min:"1" type:"integer"`
 
 	// The ARN of the task definition to use if the event target is an Amazon ECS
-	// cluster.
+	// task.
 	//
 	// TaskDefinitionArn is a required field
 	TaskDefinitionArn *string `min:"1" type:"string" required:"true"`
@@ -1888,6 +1991,11 @@ func (s *EcsParameters) Validate() error {
 	if s.TaskDefinitionArn != nil && len(*s.TaskDefinitionArn) < 1 {
 		invalidParams.Add(request.NewErrParamMinLen("TaskDefinitionArn", 1))
 	}
+	if s.NetworkConfiguration != nil {
+		if err := s.NetworkConfiguration.Validate(); err != nil {
+			invalidParams.AddNested("NetworkConfiguration", err.(request.ErrInvalidParams))
+		}
+	}
 
 	if invalidParams.Len() > 0 {
 		return invalidParams
@@ -1895,6 +2003,30 @@ func (s *EcsParameters) Validate() error {
 	return nil
 }
 
+// SetGroup sets the Group field's value.
+func (s *EcsParameters) SetGroup(v string) *EcsParameters {
+	s.Group = &v
+	return s
+}
+
+// SetLaunchType sets the LaunchType field's value.
+func (s *EcsParameters) SetLaunchType(v string) *EcsParameters {
+	s.LaunchType = &v
+	return s
+}
+
+// SetNetworkConfiguration sets the NetworkConfiguration field's value.
+func (s *EcsParameters) SetNetworkConfiguration(v *NetworkConfiguration) *EcsParameters {
+	s.NetworkConfiguration = v
+	return s
+}
+
+// SetPlatformVersion sets the PlatformVersion field's value.
+func (s *EcsParameters) SetPlatformVersion(v string) *EcsParameters {
+	s.PlatformVersion = &v
+	return s
+}
+
 // SetTaskCount sets the TaskCount field's value.
 func (s *EcsParameters) SetTaskCount(v int64) *EcsParameters {
 	s.TaskCount = &v
@@ -1967,13 +2099,53 @@ func (s EnableRuleOutput) GoString() string {
 type InputTransformer struct {
 	_ struct{} `type:"structure"`
 
-	// Map of JSON paths to be extracted from the event. These are key-value pairs,
+	// Map of JSON paths to be extracted from the event. You can then insert these
-	// where each value is a JSON path. You must use JSON dot notation, not bracket
+	// in the template in InputTemplate to produce the output you want to be sent
-	// notation.
+	// to the target.
+	//
+	// InputPathsMap is an array key-value pairs, where each value is a valid JSON
+	// path. You can have as many as 10 key-value pairs. You must use JSON dot notation,
+	// not bracket notation.
+	//
+	// The keys cannot start with "AWS."
 	InputPathsMap map[string]*string `type:"map"`
 
-	// Input template where you can use the values of the keys from InputPathsMap
+	// Input template where you specify placeholders that will be filled with the
-	// to customize the data sent to the target.
+	// values of the keys from InputPathsMap to customize the data sent to the target.
+	// Enclose each InputPathsMaps value in brackets: <value> The InputTemplate
+	// must be valid JSON.
+	//
+	// If InputTemplate is a JSON object (surrounded by curly braces), the following
+	// restrictions apply:
+	//
+	//    * The placeholder cannot be used as an object key.
+	//
+	//    * Object values cannot include quote marks.
+	//
+	// The following example shows the syntax for using InputPathsMap and InputTemplate.
+	//
+	// "InputTransformer":
+	//
+	// {
+	//
+	// "InputPathsMap": {"instance": "$.detail.instance","status": "$.detail.status"},
+	//
+	// "InputTemplate": "<instance> is in state <status>"
+	//
+	// }
+	//
+	// To have the InputTemplate include quote marks within a JSON string, escape
+	// each quote marks with a slash, as in the following example:
+	//
+	// "InputTransformer":
+	//
+	// {
+	//
+	// "InputPathsMap": {"instance": "$.detail.instance","status": "$.detail.status"},
+	//
+	// "InputTemplate": "<instance> is in state \"<status>\""
+	//
+	// }
 	//
 	// InputTemplate is a required field
 	InputTemplate *string `min:"1" type:"string" required:"true"`
@@ -2018,9 +2190,9 @@ func (s *InputTransformer) SetInputTemplate(v string) *InputTransformer {
 }
 
 // This object enables you to specify a JSON path to extract from the event
-// and use as the partition key for the Amazon Kinesis stream, so that you can
+// and use as the partition key for the Amazon Kinesis data stream, so that
-// control the shard to which the event goes. If you do not include this parameter,
+// you can control the shard to which the event goes. If you do not include
-// the default is to use the eventId as the partition key.
+// this parameter, the default is to use the eventId as the partition key.
 type KinesisParameters struct {
 	_ struct{} `type:"structure"`
 
@@ -2350,6 +2522,47 @@ func (s *ListTargetsByRuleOutput) SetTargets(v []*Target) *ListTargetsByRuleOutp
 	return s
 }
 
+// This structure specifies the network configuration for an ECS task.
+type NetworkConfiguration struct {
+	_ struct{} `type:"structure"`
+
+	// Use this structure to specify the VPC subnets and security groups for the
+	// task, and whether a public IP address is to be used. This structure is relevant
+	// only for ECS tasks that use the awsvpc network mode.
+	AwsvpcConfiguration *AwsVpcConfiguration `locationName:"awsvpcConfiguration" type:"structure"`
+}
+
+// String returns the string representation
+func (s NetworkConfiguration) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s NetworkConfiguration) GoString() string {
+	return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *NetworkConfiguration) Validate() error {
+	invalidParams := request.ErrInvalidParams{Context: "NetworkConfiguration"}
+	if s.AwsvpcConfiguration != nil {
+		if err := s.AwsvpcConfiguration.Validate(); err != nil {
+			invalidParams.AddNested("AwsvpcConfiguration", err.(request.ErrInvalidParams))
+		}
+	}
+
+	if invalidParams.Len() > 0 {
+		return invalidParams
+	}
+	return nil
+}
+
+// SetAwsvpcConfiguration sets the AwsvpcConfiguration field's value.
+func (s *NetworkConfiguration) SetAwsvpcConfiguration(v *AwsVpcConfiguration) *NetworkConfiguration {
+	s.AwsvpcConfiguration = v
+	return s
+}
+
 type PutEventsInput struct {
 	_ struct{} `type:"structure"`
 
@@ -2442,11 +2655,11 @@ type PutEventsRequestEntry struct {
 	// primarily concerns. Any number, including zero, may be present.
 	Resources []*string `type:"list"`
 
-	// The source of the event.
+	// The source of the event. This field is required.
 	Source *string `type:"string"`
 
-	// The timestamp of the event, per RFC3339 (https://www.rfc-editor.org/rfc/rfc3339.txt).
+	// The time stamp of the event, per RFC3339 (https://www.rfc-editor.org/rfc/rfc3339.txt).
-	// If no timestamp is provided, the timestamp of the PutEvents call is used.
+	// If no time stamp is provided, the time stamp of the PutEvents call is used.
 	Time *time.Time `type:"timestamp"`
 }
 
@@ -3300,10 +3513,8 @@ func (s *SqsParameters) SetMessageGroupId(v string) *SqsParameters {
 	return s
 }
 
-// Targets are the resources to be invoked when a rule is triggered. Target
+// Targets are the resources to be invoked when a rule is triggered. For a complete
-// types include EC2 instances, AWS Lambda functions, Amazon Kinesis streams,
+// list of services and resources that can be set as a target, see PutTargets.
-// Amazon ECS tasks, AWS Step Functions state machines, Run Command, and built-in
-// targets.
 type Target struct {
 	_ struct{} `type:"structure"`
 
@@ -3312,10 +3523,9 @@ type Target struct {
 	// Arn is a required field
 	Arn *string `min:"1" type:"string" required:"true"`
 
-	// Contains the job definition, job name, and other parameters if the event
+	// If the event target is an AWS Batch job, this contains the job definition,
-	// target is an AWS Batch job. For more information about AWS Batch, see Jobs
+	// job name, and other parameters. For more information, see Jobs (http://docs.aws.amazon.com/batch/latest/userguide/jobs.html)
-	// (http://docs.aws.amazon.com/batch/latest/userguide/jobs.html) in the AWS
+	// in the AWS Batch User Guide.
-	// Batch User Guide.
 	BatchParameters *BatchParameters `type:"structure"`
 
 	// Contains the Amazon ECS task definition and task count to be used, if the
@@ -3344,9 +3554,9 @@ type Target struct {
 	// then use that data to send customized input to the target.
 	InputTransformer *InputTransformer `type:"structure"`
 
-	// The custom parameter you can use to control shard assignment, when the target
+	// The custom parameter you can use to control the shard assignment, when the
-	// is an Amazon Kinesis stream. If you do not include this parameter, the default
+	// target is a Kinesis data stream. If you do not include this parameter, the
-	// is to use the eventId as the partition key.
+	// default is to use the eventId as the partition key.
 	KinesisParameters *KinesisParameters `type:"structure"`
 
 	// The Amazon Resource Name (ARN) of the IAM role to be used for this target
@@ -3358,6 +3568,9 @@ type Target struct {
 	RunCommandParameters *RunCommandParameters `type:"structure"`
 
 	// Contains the message group ID to use when the target is a FIFO queue.
+	//
+	// If you specify an SQS FIFO queue as a target, the queue must have content-based
+	// deduplication enabled.
 	SqsParameters *SqsParameters `type:"structure"`
 }
 
@@ -3563,6 +3776,22 @@ func (s *TestEventPatternOutput) SetResult(v bool) *TestEventPatternOutput {
 	return s
 }
 
+const (
+	// AssignPublicIpEnabled is a AssignPublicIp enum value
+	AssignPublicIpEnabled = "ENABLED"
+
+	// AssignPublicIpDisabled is a AssignPublicIp enum value
+	AssignPublicIpDisabled = "DISABLED"
+)
+
+const (
+	// LaunchTypeEc2 is a LaunchType enum value
+	LaunchTypeEc2 = "EC2"
+
+	// LaunchTypeFargate is a LaunchType enum value
+	LaunchTypeFargate = "FARGATE"
+)
+
 const (
 	// RuleStateEnabled is a RuleState enum value
 	RuleStateEnabled = "ENABLED"

vendor/github.com/aws/aws-sdk-go/service/cloudwatchevents/doc.go

@@ -13,8 +13,9 @@
 //    * Automatically invoke an AWS Lambda function to update DNS entries when
 //    an event notifies you that Amazon EC2 instance enters the running state.
 //
-//    * Direct specific API records from CloudTrail to an Amazon Kinesis stream
+//    * Direct specific API records from AWS CloudTrail to an Amazon Kinesis
-//    for detailed analysis of potential security or availability risks.
+//    data stream for detailed analysis of potential security or availability
+//    risks.
 //
 //    * Periodically invoke a built-in target to create a snapshot of an Amazon
 //    EBS volume.

vendor/github.com/aws/aws-sdk-go/service/cloudwatchlogs/api.go

@@ -2769,14 +2769,19 @@ func (c *CloudWatchLogs) PutLogEventsRequest(input *PutLogEventsInput) (req *req
 //    retention period of the log group.
 //
 //    * The log events in the batch must be in chronological ordered by their
-//    time stamp (the time the event occurred, expressed as the number of milliseconds
+//    time stamp. The time stamp is the time the event occurred, expressed as
-//    after Jan 1, 1970 00:00:00 UTC).
+//    the number of milliseconds after Jan 1, 1970 00:00:00 UTC. (In AWS Tools
+//    for PowerShell and the AWS SDK for .NET, the timestamp is specified in
+//    .NET format: yyyy-mm-ddThh:mm:ss. For example, 2017-09-15T13:45:30.)
 //
 //    * The maximum number of log events in a batch is 10,000.
 //
 //    * A batch of log events in a single request cannot span more than 24 hours.
 //    Otherwise, the operation fails.
 //
+// If a call to PutLogEvents returns "UnrecognizedClientException" the most
+// likely cause is an invalid AWS access key ID or secret key.
+//
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
 // the error.
@@ -2800,6 +2805,9 @@ func (c *CloudWatchLogs) PutLogEventsRequest(input *PutLogEventsInput) (req *req
 //   * ErrCodeServiceUnavailableException "ServiceUnavailableException"
 //   The service cannot complete the request.
 //
+//   * ErrCodeUnrecognizedClientException "UnrecognizedClientException"
+//   The most likely cause is an invalid AWS access key ID or secret key.
+//
 // See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutLogEvents
 func (c *CloudWatchLogs) PutLogEvents(input *PutLogEventsInput) (*PutLogEventsOutput, error) {
 	req, out := c.PutLogEventsRequest(input)
@@ -2966,7 +2974,7 @@ func (c *CloudWatchLogs) PutResourcePolicyRequest(input *PutResourcePolicyInput)
 //
 // Creates or updates a resource policy allowing other AWS services to put log
 // events to this account, such as Amazon Route 53. An account can have up to
-// 50 resource policies per region.
+// 10 resource policies per region.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -4629,7 +4637,7 @@ type DescribeLogStreamsInput struct {
 
 	// The prefix to match.
 	//
-	// iIf orderBy is LastEventTime,you cannot specify this parameter.
+	// If orderBy is LastEventTime,you cannot specify this parameter.
 	LogStreamNamePrefix *string `locationName:"logStreamNamePrefix" min:"1" type:"string"`
 
 	// The token for the next set of items to return. (You received this token from
@@ -4768,11 +4776,14 @@ type DescribeMetricFiltersInput struct {
 	// The name of the log group.
 	LogGroupName *string `locationName:"logGroupName" min:"1" type:"string"`
 
-	// The name of the CloudWatch metric to which the monitored log information
+	// Filters results to include only those with the specified metric name. If
-	// should be published. For example, you may publish to a metric called ErrorCount.
+	// you include this parameter in your request, you must also include the metricNamespace
+	// parameter.
 	MetricName *string `locationName:"metricName" type:"string"`
 
-	// The namespace of the CloudWatch metric.
+	// Filters results to include only those in the specified namespace. If you
+	// include this parameter in your request, you must also include the metricName
+	// parameter.
 	MetricNamespace *string `locationName:"metricNamespace" type:"string"`
 
 	// The token for the next set of items to return. (You received this token from
@@ -5377,7 +5388,10 @@ type FilterLogEventsInput struct {
 	// not returned.
 	EndTime *int64 `locationName:"endTime" type:"long"`
 
-	// The filter pattern to use. If not provided, all the events are matched.
+	// The filter pattern to use. For more information, see Filter and Pattern Syntax
+	// (http://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html).
+	//
+	// If not provided, all the events are matched.
 	FilterPattern *string `locationName:"filterPattern" type:"string"`
 
 	// If the value is true, the operation makes a best effort to provide responses
@@ -5390,12 +5404,24 @@ type FilterLogEventsInput struct {
 	// The maximum number of events to return. The default is 10,000 events.
 	Limit *int64 `locationName:"limit" min:"1" type:"integer"`
 
-	// The name of the log group.
+	// The name of the log group to search.
 	//
 	// LogGroupName is a required field
 	LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"`
 
-	// Optional list of log stream names.
+	// Filters the results to include only events from log streams that have names
+	// starting with this prefix.
+	//
+	// If you specify a value for both logStreamNamePrefix and logStreamNames, but
+	// the value for logStreamNamePrefix does not match any log stream names specified
+	// in logStreamNames, the action returns an InvalidParameterException error.
+	LogStreamNamePrefix *string `locationName:"logStreamNamePrefix" min:"1" type:"string"`
+
+	// Filters the results to only logs from the log streams in this list.
+	//
+	// If you specify a value for both logStreamNamePrefix and logStreamNames, but
+	// the value for logStreamNamePrefix does not match any log stream names specified
+	// in logStreamNames, the action returns an InvalidParameterException error.
 	LogStreamNames []*string `locationName:"logStreamNames" min:"1" type:"list"`
 
 	// The token for the next set of events to return. (You received this token
@@ -5430,6 +5456,9 @@ func (s *FilterLogEventsInput) Validate() error {
 	if s.LogGroupName != nil && len(*s.LogGroupName) < 1 {
 		invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1))
 	}
+	if s.LogStreamNamePrefix != nil && len(*s.LogStreamNamePrefix) < 1 {
+		invalidParams.Add(request.NewErrParamMinLen("LogStreamNamePrefix", 1))
+	}
 	if s.LogStreamNames != nil && len(s.LogStreamNames) < 1 {
 		invalidParams.Add(request.NewErrParamMinLen("LogStreamNames", 1))
 	}
@@ -5473,6 +5502,12 @@ func (s *FilterLogEventsInput) SetLogGroupName(v string) *FilterLogEventsInput {
 	return s
 }
 
+// SetLogStreamNamePrefix sets the LogStreamNamePrefix field's value.
+func (s *FilterLogEventsInput) SetLogStreamNamePrefix(v string) *FilterLogEventsInput {
+	s.LogStreamNamePrefix = &v
+	return s
+}
+
 // SetLogStreamNames sets the LogStreamNames field's value.
 func (s *FilterLogEventsInput) SetLogStreamNames(v []*string) *FilterLogEventsInput {
 	s.LogStreamNames = v
@@ -5600,8 +5635,8 @@ type GetLogEventsInput struct {
 	_ struct{} `type:"structure"`
 
 	// The end of the time range, expressed as the number of milliseconds after
-	// Jan 1, 1970 00:00:00 UTC. Events with a time stamp later than this time are
+	// Jan 1, 1970 00:00:00 UTC. Events with a time stamp equal to or later than
-	// not included.
+	// this time are not included.
 	EndTime *int64 `locationName:"endTime" type:"long"`
 
 	// The maximum number of log events returned. If you don't specify a value,
@@ -5629,8 +5664,9 @@ type GetLogEventsInput struct {
 	StartFromHead *bool `locationName:"startFromHead" type:"boolean"`
 
 	// The start of the time range, expressed as the number of milliseconds after
-	// Jan 1, 1970 00:00:00 UTC. Events with a time stamp earlier than this time
+	// Jan 1, 1970 00:00:00 UTC. Events with a time stamp equal to this time or
-	// are not included.
+	// later than this time are included. Events with a time stamp earlier than
+	// this time are not included.
 	StartTime *int64 `locationName:"startTime" type:"long"`
 }
 
@@ -5721,11 +5757,13 @@ type GetLogEventsOutput struct {
 	Events []*OutputLogEvent `locationName:"events" type:"list"`
 
 	// The token for the next set of items in the backward direction. The token
-	// expires after 24 hours.
+	// expires after 24 hours. This token will never be null. If you have reached
+	// the end of the stream, it will return the same token you passed in.
 	NextBackwardToken *string `locationName:"nextBackwardToken" min:"1" type:"string"`
 
 	// The token for the next set of items in the forward direction. The token expires
-	// after 24 hours.
+	// after 24 hours. If you have reached the end of the stream, it will return
+	// the same token you passed in.
 	NextForwardToken *string `locationName:"nextForwardToken" min:"1" type:"string"`
 }
 
@@ -5767,7 +5805,7 @@ type InputLogEvent struct {
 	// Message is a required field
 	Message *string `locationName:"message" min:"1" type:"string" required:"true"`
 
-	// The time the event occurred, expressed as the number of milliseconds fter
+	// The time the event occurred, expressed as the number of milliseconds after
 	// Jan 1, 1970 00:00:00 UTC.
 	//
 	// Timestamp is a required field
@@ -6714,9 +6752,9 @@ type PutResourcePolicyInput struct {
 	// to put DNS query logs in to the specified log group. Replace "logArn" with
 	// the ARN of your CloudWatch Logs resource, such as a log group or log stream.
 	//
-	// { "Version": "2012-10-17" "Statement": [ { "Sid": "Route53LogsToCloudWatchLogs",
+	// { "Version": "2012-10-17", "Statement": [ { "Sid": "Route53LogsToCloudWatchLogs",
 	// "Effect": "Allow", "Principal": { "Service": [ "route53.amazonaws.com" ]
-	// }, "Action":"logs:PutLogEvents", "Resource": logArn } ] }
+	// }, "Action":"logs:PutLogEvents", "Resource": "logArn" } ] }
 	PolicyDocument *string `locationName:"policyDocument" min:"1" type:"string"`
 
 	// Name of the new policy. This parameter is required.

vendor/github.com/aws/aws-sdk-go/service/cloudwatchlogs/errors.go

@@ -57,4 +57,10 @@ const (
 	//
 	// The service cannot complete the request.
 	ErrCodeServiceUnavailableException = "ServiceUnavailableException"
+
+	// ErrCodeUnrecognizedClientException for service response error code
+	// "UnrecognizedClientException".
+	//
+	// The most likely cause is an invalid AWS access key ID or secret key.
+	ErrCodeUnrecognizedClientException = "UnrecognizedClientException"
 )

vendor/github.com/aws/aws-sdk-go/service/codebuild/api.go

@@ -1585,6 +1585,13 @@ type Build struct {
 	// The current build phase.
 	CurrentPhase *string `locationName:"currentPhase" type:"string"`
 
+	// The AWS Key Management Service (AWS KMS) customer master key (CMK) to be
+	// used for encrypting the build output artifacts.
+	//
+	// This is expressed either as the CMK's Amazon Resource Name (ARN) or, if specified,
+	// the CMK's alias (using the format alias/alias-name).
+	EncryptionKey *string `locationName:"encryptionKey" min:"1" type:"string"`
+
 	// When the build process ended, expressed in Unix time format.
 	EndTime *time.Time `locationName:"endTime" type:"timestamp"`
 
@@ -1619,6 +1626,44 @@ type Build struct {
 	// The name of the AWS CodeBuild project.
 	ProjectName *string `locationName:"projectName" min:"1" type:"string"`
 
+	// An identifier for the version of this build's source code.
+	//
+	//    *  For AWS CodeCommit, GitHub, GitHub Enterprise, and BitBucket, the commit
+	//    ID.
+	//
+	//    *  For AWS CodePipeline, the source revision provided by AWS CodePipeline.
+	//
+	//
+	//    *  For Amazon Simple Storage Service (Amazon S3), this does not apply.
+	ResolvedSourceVersion *string `locationName:"resolvedSourceVersion" min:"1" type:"string"`
+
+	// An array of ProjectArtifacts objects.
+	SecondaryArtifacts []*BuildArtifacts `locationName:"secondaryArtifacts" type:"list"`
+
+	// An array of ProjectSourceVersion objects. Each ProjectSourceVersion must
+	// be one of:
+	//
+	//    * For AWS CodeCommit: the commit ID to use.
+	//
+	//    * For GitHub: the commit ID, pull request ID, branch name, or tag name
+	//    that corresponds to the version of the source code you want to build.
+	//    If a pull request ID is specified, it must use the format pr/pull-request-ID
+	//    (for example pr/25). If a branch name is specified, the branch's HEAD
+	//    commit ID will be used. If not specified, the default branch's HEAD commit
+	//    ID will be used.
+	//
+	//    * For Bitbucket: the commit ID, branch name, or tag name that corresponds
+	//    to the version of the source code you want to build. If a branch name
+	//    is specified, the branch's HEAD commit ID will be used. If not specified,
+	//    the default branch's HEAD commit ID will be used.
+	//
+	//    * For Amazon Simple Storage Service (Amazon S3): the version ID of the
+	//    object representing the build input ZIP file to use.
+	SecondarySourceVersions []*ProjectSourceVersion `locationName:"secondarySourceVersions" type:"list"`
+
+	// An array of ProjectSource objects.
+	SecondarySources []*ProjectSource `locationName:"secondarySources" type:"list"`
+
 	// The name of a service role used for this build.
 	ServiceRole *string `locationName:"serviceRole" min:"1" type:"string"`
 
@@ -1688,6 +1733,12 @@ func (s *Build) SetCurrentPhase(v string) *Build {
 	return s
 }
 
+// SetEncryptionKey sets the EncryptionKey field's value.
+func (s *Build) SetEncryptionKey(v string) *Build {
+	s.EncryptionKey = &v
+	return s
+}
+
 // SetEndTime sets the EndTime field's value.
 func (s *Build) SetEndTime(v time.Time) *Build {
 	s.EndTime = &v
@@ -1736,6 +1787,30 @@ func (s *Build) SetProjectName(v string) *Build {
 	return s
 }
 
+// SetResolvedSourceVersion sets the ResolvedSourceVersion field's value.
+func (s *Build) SetResolvedSourceVersion(v string) *Build {
+	s.ResolvedSourceVersion = &v
+	return s
+}
+
+// SetSecondaryArtifacts sets the SecondaryArtifacts field's value.
+func (s *Build) SetSecondaryArtifacts(v []*BuildArtifacts) *Build {
+	s.SecondaryArtifacts = v
+	return s
+}
+
+// SetSecondarySourceVersions sets the SecondarySourceVersions field's value.
+func (s *Build) SetSecondarySourceVersions(v []*ProjectSourceVersion) *Build {
+	s.SecondarySourceVersions = v
+	return s
+}
+
+// SetSecondarySources sets the SecondarySources field's value.
+func (s *Build) SetSecondarySources(v []*ProjectSource) *Build {
+	s.SecondarySources = v
+	return s
+}
+
 // SetServiceRole sets the ServiceRole field's value.
 func (s *Build) SetServiceRole(v string) *Build {
 	s.ServiceRole = &v
@@ -1776,6 +1851,12 @@ func (s *Build) SetVpcConfig(v *VpcConfig) *Build {
 type BuildArtifacts struct {
 	_ struct{} `type:"structure"`
 
+	// An identifier for this artifact definition.
+	ArtifactIdentifier *string `locationName:"artifactIdentifier" type:"string"`
+
+	// Information that tells you if encryption for build artifacts is disabled.
+	EncryptionDisabled *bool `locationName:"encryptionDisabled" type:"boolean"`
+
 	// Information about the location of the build artifacts.
 	Location *string `locationName:"location" type:"string"`
 
@@ -1788,6 +1869,12 @@ type BuildArtifacts struct {
 	// to ZIP.
 	Md5sum *string `locationName:"md5sum" type:"string"`
 
+	// If this flag is set, a name specified in the buildspec file overrides the
+	// artifact name. The name specified in a buildspec file is calculated at build
+	// time and uses the Shell Command Language. For example, you can append a date
+	// and time to your artifact name so that it is always unique.
+	OverrideArtifactName *bool `locationName:"overrideArtifactName" type:"boolean"`
+
 	// The SHA-256 hash of the build artifact.
 	//
 	// You can use this hash along with a checksum tool to confirm both file integrity
@@ -1808,6 +1895,18 @@ func (s BuildArtifacts) GoString() string {
 	return s.String()
 }
 
+// SetArtifactIdentifier sets the ArtifactIdentifier field's value.
+func (s *BuildArtifacts) SetArtifactIdentifier(v string) *BuildArtifacts {
+	s.ArtifactIdentifier = &v
+	return s
+}
+
+// SetEncryptionDisabled sets the EncryptionDisabled field's value.
+func (s *BuildArtifacts) SetEncryptionDisabled(v bool) *BuildArtifacts {
+	s.EncryptionDisabled = &v
+	return s
+}
+
 // SetLocation sets the Location field's value.
 func (s *BuildArtifacts) SetLocation(v string) *BuildArtifacts {
 	s.Location = &v
@@ -1820,6 +1919,12 @@ func (s *BuildArtifacts) SetMd5sum(v string) *BuildArtifacts {
 	return s
 }
 
+// SetOverrideArtifactName sets the OverrideArtifactName field's value.
+func (s *BuildArtifacts) SetOverrideArtifactName(v bool) *BuildArtifacts {
+	s.OverrideArtifactName = &v
+	return s
+}
+
 // SetSha256sum sets the Sha256sum field's value.
 func (s *BuildArtifacts) SetSha256sum(v string) *BuildArtifacts {
 	s.Sha256sum = &v
@@ -1963,6 +2068,70 @@ func (s *BuildPhase) SetStartTime(v time.Time) *BuildPhase {
 	return s
 }
 
+// Information about Amazon CloudWatch Logs for a build project.
+type CloudWatchLogsConfig struct {
+	_ struct{} `type:"structure"`
+
+	// The group name of the Amazon CloudWatch Logs. For more information, see Working
+	// with Log Groups and Log Streams (http://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html)
+	GroupName *string `locationName:"groupName" type:"string"`
+
+	// The current status of the Amazon CloudWatch Logs for a build project. Valid
+	// values are:
+	//
+	//    * ENABLED: Amazon CloudWatch Logs are enabled for this build project.
+	//
+	//    * DISABLED: Amazon CloudWatch Logs are not enabled for this build project.
+	//
+	// Status is a required field
+	Status *string `locationName:"status" type:"string" required:"true" enum:"LogsConfigStatusType"`
+
+	// The prefix of the stream name of the Amazon CloudWatch Logs. For more information,
+	// see Working with Log Groups and Log Streams (http://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html)
+	StreamName *string `locationName:"streamName" type:"string"`
+}
+
+// String returns the string representation
+func (s CloudWatchLogsConfig) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s CloudWatchLogsConfig) GoString() string {
+	return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *CloudWatchLogsConfig) Validate() error {
+	invalidParams := request.ErrInvalidParams{Context: "CloudWatchLogsConfig"}
+	if s.Status == nil {
+		invalidParams.Add(request.NewErrParamRequired("Status"))
+	}
+
+	if invalidParams.Len() > 0 {
+		return invalidParams
+	}
+	return nil
+}
+
+// SetGroupName sets the GroupName field's value.
+func (s *CloudWatchLogsConfig) SetGroupName(v string) *CloudWatchLogsConfig {
+	s.GroupName = &v
+	return s
+}
+
+// SetStatus sets the Status field's value.
+func (s *CloudWatchLogsConfig) SetStatus(v string) *CloudWatchLogsConfig {
+	s.Status = &v
+	return s
+}
+
+// SetStreamName sets the StreamName field's value.
+func (s *CloudWatchLogsConfig) SetStreamName(v string) *CloudWatchLogsConfig {
+	s.StreamName = &v
+	return s
+}
+
 type CreateProjectInput struct {
 	_ struct{} `type:"structure"`
 
@@ -1994,11 +2163,21 @@ type CreateProjectInput struct {
 	// Environment is a required field
 	Environment *ProjectEnvironment `locationName:"environment" type:"structure" required:"true"`
 
+	// Information about logs for the build project. Logs can be Amazon CloudWatch
+	// Logs, uploaded to a specified S3 bucket, or both.
+	LogsConfig *LogsConfig `locationName:"logsConfig" type:"structure"`
+
 	// The name of the build project.
 	//
 	// Name is a required field
 	Name *string `locationName:"name" min:"2" type:"string" required:"true"`
 
+	// An array of ProjectArtifacts objects.
+	SecondaryArtifacts []*ProjectArtifacts `locationName:"secondaryArtifacts" type:"list"`
+
+	// An array of ProjectSource objects.
+	SecondarySources []*ProjectSource `locationName:"secondarySources" type:"list"`
+
 	// The ARN of the AWS Identity and Access Management (IAM) role that enables
 	// AWS CodeBuild to interact with dependent AWS services on behalf of the AWS
 	// account.
@@ -2081,6 +2260,31 @@ func (s *CreateProjectInput) Validate() error {
 			invalidParams.AddNested("Environment", err.(request.ErrInvalidParams))
 		}
 	}
+	if s.LogsConfig != nil {
+		if err := s.LogsConfig.Validate(); err != nil {
+			invalidParams.AddNested("LogsConfig", err.(request.ErrInvalidParams))
+		}
+	}
+	if s.SecondaryArtifacts != nil {
+		for i, v := range s.SecondaryArtifacts {
+			if v == nil {
+				continue
+			}
+			if err := v.Validate(); err != nil {
+				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "SecondaryArtifacts", i), err.(request.ErrInvalidParams))
+			}
+		}
+	}
+	if s.SecondarySources != nil {
+		for i, v := range s.SecondarySources {
+			if v == nil {
+				continue
+			}
+			if err := v.Validate(); err != nil {
+				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "SecondarySources", i), err.(request.ErrInvalidParams))
+			}
+		}
+	}
 	if s.Source != nil {
 		if err := s.Source.Validate(); err != nil {
 			invalidParams.AddNested("Source", err.(request.ErrInvalidParams))
@@ -2144,12 +2348,30 @@ func (s *CreateProjectInput) SetEnvironment(v *ProjectEnvironment) *CreateProjec
 	return s
 }
 
+// SetLogsConfig sets the LogsConfig field's value.
+func (s *CreateProjectInput) SetLogsConfig(v *LogsConfig) *CreateProjectInput {
+	s.LogsConfig = v
+	return s
+}
+
 // SetName sets the Name field's value.
 func (s *CreateProjectInput) SetName(v string) *CreateProjectInput {
 	s.Name = &v
 	return s
 }
 
+// SetSecondaryArtifacts sets the SecondaryArtifacts field's value.
+func (s *CreateProjectInput) SetSecondaryArtifacts(v []*ProjectArtifacts) *CreateProjectInput {
+	s.SecondaryArtifacts = v
+	return s
+}
+
+// SetSecondarySources sets the SecondarySources field's value.
+func (s *CreateProjectInput) SetSecondarySources(v []*ProjectSource) *CreateProjectInput {
+	s.SecondarySources = v
+	return s
+}
+
 // SetServiceRole sets the ServiceRole field's value.
 func (s *CreateProjectInput) SetServiceRole(v string) *CreateProjectInput {
 	s.ServiceRole = &v
@@ -2961,16 +3183,81 @@ func (s *ListProjectsOutput) SetProjects(v []*string) *ListProjectsOutput {
 	return s
 }
 
+// Information about logs for a build project. Logs can be Amazon CloudWatch
+// Logs, built in a specified S3 bucket, or both.
+type LogsConfig struct {
+	_ struct{} `type:"structure"`
+
+	// Information about Amazon CloudWatch Logs for a build project. Amazon CloudWatch
+	// Logs are enabled by default.
+	CloudWatchLogs *CloudWatchLogsConfig `locationName:"cloudWatchLogs" type:"structure"`
+
+	// Information about logs built to an S3 bucket for a build project. S3 logs
+	// are not enabled by default.
+	S3Logs *S3LogsConfig `locationName:"s3Logs" type:"structure"`
+}
+
+// String returns the string representation
+func (s LogsConfig) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s LogsConfig) GoString() string {
+	return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *LogsConfig) Validate() error {
+	invalidParams := request.ErrInvalidParams{Context: "LogsConfig"}
+	if s.CloudWatchLogs != nil {
+		if err := s.CloudWatchLogs.Validate(); err != nil {
+			invalidParams.AddNested("CloudWatchLogs", err.(request.ErrInvalidParams))
+		}
+	}
+	if s.S3Logs != nil {
+		if err := s.S3Logs.Validate(); err != nil {
+			invalidParams.AddNested("S3Logs", err.(request.ErrInvalidParams))
+		}
+	}
+
+	if invalidParams.Len() > 0 {
+		return invalidParams
+	}
+	return nil
+}
+
+// SetCloudWatchLogs sets the CloudWatchLogs field's value.
+func (s *LogsConfig) SetCloudWatchLogs(v *CloudWatchLogsConfig) *LogsConfig {
+	s.CloudWatchLogs = v
+	return s
+}
+
+// SetS3Logs sets the S3Logs field's value.
+func (s *LogsConfig) SetS3Logs(v *S3LogsConfig) *LogsConfig {
+	s.S3Logs = v
+	return s
+}
+
 // Information about build logs in Amazon CloudWatch Logs.
 type LogsLocation struct {
 	_ struct{} `type:"structure"`
 
+	// Information about Amazon CloudWatch Logs for a build project.
+	CloudWatchLogs *CloudWatchLogsConfig `locationName:"cloudWatchLogs" type:"structure"`
+
 	// The URL to an individual build log in Amazon CloudWatch Logs.
 	DeepLink *string `locationName:"deepLink" type:"string"`
 
 	// The name of the Amazon CloudWatch Logs group for the build logs.
 	GroupName *string `locationName:"groupName" type:"string"`
 
+	// The URL to an individual build log in an S3 bucket.
+	S3DeepLink *string `locationName:"s3DeepLink" type:"string"`
+
+	// Information about S3 logs for a build project.
+	S3Logs *S3LogsConfig `locationName:"s3Logs" type:"structure"`
+
 	// The name of the Amazon CloudWatch Logs stream for the build logs.
 	StreamName *string `locationName:"streamName" type:"string"`
 }
@@ -2985,6 +3272,12 @@ func (s LogsLocation) GoString() string {
 	return s.String()
 }
 
+// SetCloudWatchLogs sets the CloudWatchLogs field's value.
+func (s *LogsLocation) SetCloudWatchLogs(v *CloudWatchLogsConfig) *LogsLocation {
+	s.CloudWatchLogs = v
+	return s
+}
+
 // SetDeepLink sets the DeepLink field's value.
 func (s *LogsLocation) SetDeepLink(v string) *LogsLocation {
 	s.DeepLink = &v
@@ -2997,6 +3290,18 @@ func (s *LogsLocation) SetGroupName(v string) *LogsLocation {
 	return s
 }
 
+// SetS3DeepLink sets the S3DeepLink field's value.
+func (s *LogsLocation) SetS3DeepLink(v string) *LogsLocation {
+	s.S3DeepLink = &v
+	return s
+}
+
+// SetS3Logs sets the S3Logs field's value.
+func (s *LogsLocation) SetS3Logs(v *S3LogsConfig) *LogsLocation {
+	s.S3Logs = v
+	return s
+}
+
 // SetStreamName sets the StreamName field's value.
 func (s *LogsLocation) SetStreamName(v string) *LogsLocation {
 	s.StreamName = &v
@@ -3107,9 +3412,19 @@ type Project struct {
 	// format.
 	LastModified *time.Time `locationName:"lastModified" type:"timestamp"`
 
+	// Information about logs for the build project. A project can create Amazon
+	// CloudWatch Logs, logs in an S3 bucket, or both.
+	LogsConfig *LogsConfig `locationName:"logsConfig" type:"structure"`
+
 	// The name of the build project.
 	Name *string `locationName:"name" min:"2" type:"string"`
 
+	// An array of ProjectArtifacts objects.
+	SecondaryArtifacts []*ProjectArtifacts `locationName:"secondaryArtifacts" type:"list"`
+
+	// An array of ProjectSource objects.
+	SecondarySources []*ProjectSource `locationName:"secondarySources" type:"list"`
+
 	// The ARN of the AWS Identity and Access Management (IAM) role that enables
 	// AWS CodeBuild to interact with dependent AWS services on behalf of the AWS
 	// account.
@@ -3201,12 +3516,30 @@ func (s *Project) SetLastModified(v time.Time) *Project {
 	return s
 }
 
+// SetLogsConfig sets the LogsConfig field's value.
+func (s *Project) SetLogsConfig(v *LogsConfig) *Project {
+	s.LogsConfig = v
+	return s
+}
+
 // SetName sets the Name field's value.
 func (s *Project) SetName(v string) *Project {
 	s.Name = &v
 	return s
 }
 
+// SetSecondaryArtifacts sets the SecondaryArtifacts field's value.
+func (s *Project) SetSecondaryArtifacts(v []*ProjectArtifacts) *Project {
+	s.SecondaryArtifacts = v
+	return s
+}
+
+// SetSecondarySources sets the SecondarySources field's value.
+func (s *Project) SetSecondarySources(v []*ProjectSource) *Project {
+	s.SecondarySources = v
+	return s
+}
+
 // SetServiceRole sets the ServiceRole field's value.
 func (s *Project) SetServiceRole(v string) *Project {
 	s.ServiceRole = &v
@@ -3247,6 +3580,14 @@ func (s *Project) SetWebhook(v *Webhook) *Project {
 type ProjectArtifacts struct {
 	_ struct{} `type:"structure"`
 
+	// An identifier for this artifact definition.
+	ArtifactIdentifier *string `locationName:"artifactIdentifier" type:"string"`
+
+	// Set to true if you do not want your output artifacts encrypted. This option
+	// is only valid if your artifacts type is Amazon S3. If this is set with another
+	// artifacts type, an invalidInputException will be thrown.
+	EncryptionDisabled *bool `locationName:"encryptionDisabled" type:"boolean"`
+
 	// Information about the build output artifact location, as follows:
 	//
 	//    * If type is set to CODEPIPELINE, then AWS CodePipeline will ignore this
@@ -3309,6 +3650,12 @@ type ProjectArtifacts struct {
 	// in MyArtifacts/build-ID/MyArtifact.zip.
 	NamespaceType *string `locationName:"namespaceType" type:"string" enum:"ArtifactNamespace"`
 
+	// If this flag is set, a name specified in the buildspec file overrides the
+	// artifact name. The name specified in a buildspec file is calculated at build
+	// time and uses the Shell Command Language. For example, you can append a date
+	// and time to your artifact name so that it is always unique.
+	OverrideArtifactName *bool `locationName:"overrideArtifactName" type:"boolean"`
+
 	// The type of build output artifact to create, as follows:
 	//
 	//    * If type is set to CODEPIPELINE, then AWS CodePipeline will ignore this
@@ -3382,6 +3729,18 @@ func (s *ProjectArtifacts) Validate() error {
 	return nil
 }
 
+// SetArtifactIdentifier sets the ArtifactIdentifier field's value.
+func (s *ProjectArtifacts) SetArtifactIdentifier(v string) *ProjectArtifacts {
+	s.ArtifactIdentifier = &v
+	return s
+}
+
+// SetEncryptionDisabled sets the EncryptionDisabled field's value.
+func (s *ProjectArtifacts) SetEncryptionDisabled(v bool) *ProjectArtifacts {
+	s.EncryptionDisabled = &v
+	return s
+}
+
 // SetLocation sets the Location field's value.
 func (s *ProjectArtifacts) SetLocation(v string) *ProjectArtifacts {
 	s.Location = &v
@@ -3400,6 +3759,12 @@ func (s *ProjectArtifacts) SetNamespaceType(v string) *ProjectArtifacts {
 	return s
 }
 
+// SetOverrideArtifactName sets the OverrideArtifactName field's value.
+func (s *ProjectArtifacts) SetOverrideArtifactName(v bool) *ProjectArtifacts {
+	s.OverrideArtifactName = &v
+	return s
+}
+
 // SetPackaging sets the Packaging field's value.
 func (s *ProjectArtifacts) SetPackaging(v string) *ProjectArtifacts {
 	s.Packaging = &v
@@ -3717,6 +4082,9 @@ type ProjectSource struct {
 	// is thrown.
 	ReportBuildStatus *bool `locationName:"reportBuildStatus" type:"boolean"`
 
+	// An identifier for this project source.
+	SourceIdentifier *string `locationName:"sourceIdentifier" type:"string"`
+
 	// The type of repository that contains the source code to be built. Valid values
 	// include:
 	//
@@ -3729,6 +4097,8 @@ type ProjectSource struct {
 	//
 	//    * GITHUB: The source code is in a GitHub repository.
 	//
+	//    * NO_SOURCE: The project does not have input source code.
+	//
 	//    * S3: The source code is in an Amazon Simple Storage Service (Amazon S3)
 	//    input bucket.
 	//
@@ -3800,12 +4170,143 @@ func (s *ProjectSource) SetReportBuildStatus(v bool) *ProjectSource {
 	return s
 }
 
+// SetSourceIdentifier sets the SourceIdentifier field's value.
+func (s *ProjectSource) SetSourceIdentifier(v string) *ProjectSource {
+	s.SourceIdentifier = &v
+	return s
+}
+
 // SetType sets the Type field's value.
 func (s *ProjectSource) SetType(v string) *ProjectSource {
 	s.Type = &v
 	return s
 }
 
+// A source identifier and its corresponding version.
+type ProjectSourceVersion struct {
+	_ struct{} `type:"structure"`
+
+	// An identifier for a source in the build project.
+	//
+	// SourceIdentifier is a required field
+	SourceIdentifier *string `locationName:"sourceIdentifier" type:"string" required:"true"`
+
+	// The source version for the corresponding source identifier. If specified,
+	// must be one of:
+	//
+	//    * For AWS CodeCommit: the commit ID to use.
+	//
+	//    * For GitHub: the commit ID, pull request ID, branch name, or tag name
+	//    that corresponds to the version of the source code you want to build.
+	//    If a pull request ID is specified, it must use the format pr/pull-request-ID
+	//    (for example pr/25). If a branch name is specified, the branch's HEAD
+	//    commit ID will be used. If not specified, the default branch's HEAD commit
+	//    ID will be used.
+	//
+	//    * For Bitbucket: the commit ID, branch name, or tag name that corresponds
+	//    to the version of the source code you want to build. If a branch name
+	//    is specified, the branch's HEAD commit ID will be used. If not specified,
+	//    the default branch's HEAD commit ID will be used.
+	//
+	//    * For Amazon Simple Storage Service (Amazon S3): the version ID of the
+	//    object representing the build input ZIP file to use.
+	//
+	// SourceVersion is a required field
+	SourceVersion *string `locationName:"sourceVersion" type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s ProjectSourceVersion) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ProjectSourceVersion) GoString() string {
+	return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *ProjectSourceVersion) Validate() error {
+	invalidParams := request.ErrInvalidParams{Context: "ProjectSourceVersion"}
+	if s.SourceIdentifier == nil {
+		invalidParams.Add(request.NewErrParamRequired("SourceIdentifier"))
+	}
+	if s.SourceVersion == nil {
+		invalidParams.Add(request.NewErrParamRequired("SourceVersion"))
+	}
+
+	if invalidParams.Len() > 0 {
+		return invalidParams
+	}
+	return nil
+}
+
+// SetSourceIdentifier sets the SourceIdentifier field's value.
+func (s *ProjectSourceVersion) SetSourceIdentifier(v string) *ProjectSourceVersion {
+	s.SourceIdentifier = &v
+	return s
+}
+
+// SetSourceVersion sets the SourceVersion field's value.
+func (s *ProjectSourceVersion) SetSourceVersion(v string) *ProjectSourceVersion {
+	s.SourceVersion = &v
+	return s
+}
+
+// Information about S3 logs for a build project.
+type S3LogsConfig struct {
+	_ struct{} `type:"structure"`
+
+	// The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3
+	// bucket name is my-bucket, and your path prefix is build-log, then acceptable
+	// formats are my-bucket/build-log or arn:aws:s3:::my-bucket/build-log.
+	Location *string `locationName:"location" type:"string"`
+
+	// The current status of the S3 build logs. Valid values are:
+	//
+	//    * ENABLED: S3 build logs are enabled for this build project.
+	//
+	//    * DISABLED: S3 build logs are not enabled for this build project.
+	//
+	// Status is a required field
+	Status *string `locationName:"status" type:"string" required:"true" enum:"LogsConfigStatusType"`
+}
+
+// String returns the string representation
+func (s S3LogsConfig) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s S3LogsConfig) GoString() string {
+	return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *S3LogsConfig) Validate() error {
+	invalidParams := request.ErrInvalidParams{Context: "S3LogsConfig"}
+	if s.Status == nil {
+		invalidParams.Add(request.NewErrParamRequired("Status"))
+	}
+
+	if invalidParams.Len() > 0 {
+		return invalidParams
+	}
+	return nil
+}
+
+// SetLocation sets the Location field's value.
+func (s *S3LogsConfig) SetLocation(v string) *S3LogsConfig {
+	s.Location = &v
+	return s
+}
+
+// SetStatus sets the Status field's value.
+func (s *S3LogsConfig) SetStatus(v string) *S3LogsConfig {
+	s.Status = &v
+	return s
+}
+
 // Information about the authorization settings for AWS CodeBuild to access
 // the source code to be built.
 //
@@ -3912,6 +4413,10 @@ type StartBuildInput struct {
 	// only if the build's source is GitHub Enterprise.
 	InsecureSslOverride *bool `locationName:"insecureSslOverride" type:"boolean"`
 
+	// Log settings for this build that override the log settings defined in the
+	// build project.
+	LogsConfigOverride *LogsConfig `locationName:"logsConfigOverride" type:"structure"`
+
 	// Enable this flag to override privileged mode in the build project.
 	PrivilegedModeOverride *bool `locationName:"privilegedModeOverride" type:"boolean"`
 
@@ -3925,6 +4430,16 @@ type StartBuildInput struct {
 	// GitHub, an invalidInputException is thrown.
 	ReportBuildStatusOverride *bool `locationName:"reportBuildStatusOverride" type:"boolean"`
 
+	// An array of ProjectArtifacts objects.
+	SecondaryArtifactsOverride []*ProjectArtifacts `locationName:"secondaryArtifactsOverride" type:"list"`
+
+	// An array of ProjectSource objects.
+	SecondarySourcesOverride []*ProjectSource `locationName:"secondarySourcesOverride" type:"list"`
+
+	// An array of ProjectSourceVersion objects that specify one or more versions
+	// of the project's secondary sources to be used for this build only.
+	SecondarySourcesVersionOverride []*ProjectSourceVersion `locationName:"secondarySourcesVersionOverride" type:"list"`
+
 	// The name of a service role for this build that overrides the one specified
 	// in the build project.
 	ServiceRoleOverride *string `locationName:"serviceRoleOverride" min:"1" type:"string"`
@@ -3939,7 +4454,7 @@ type StartBuildInput struct {
 	SourceLocationOverride *string `locationName:"sourceLocationOverride" type:"string"`
 
 	// A source input type for this build that overrides the source input defined
-	// in the build project
+	// in the build project.
 	SourceTypeOverride *string `locationName:"sourceTypeOverride" type:"string" enum:"SourceType"`
 
 	// A version of the build input to be built, for this build only. If not specified,
@@ -4016,6 +4531,41 @@ func (s *StartBuildInput) Validate() error {
 			}
 		}
 	}
+	if s.LogsConfigOverride != nil {
+		if err := s.LogsConfigOverride.Validate(); err != nil {
+			invalidParams.AddNested("LogsConfigOverride", err.(request.ErrInvalidParams))
+		}
+	}
+	if s.SecondaryArtifactsOverride != nil {
+		for i, v := range s.SecondaryArtifactsOverride {
+			if v == nil {
+				continue
+			}
+			if err := v.Validate(); err != nil {
+				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "SecondaryArtifactsOverride", i), err.(request.ErrInvalidParams))
+			}
+		}
+	}
+	if s.SecondarySourcesOverride != nil {
+		for i, v := range s.SecondarySourcesOverride {
+			if v == nil {
+				continue
+			}
+			if err := v.Validate(); err != nil {
+				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "SecondarySourcesOverride", i), err.(request.ErrInvalidParams))
+			}
+		}
+	}
+	if s.SecondarySourcesVersionOverride != nil {
+		for i, v := range s.SecondarySourcesVersionOverride {
+			if v == nil {
+				continue
+			}
+			if err := v.Validate(); err != nil {
+				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "SecondarySourcesVersionOverride", i), err.(request.ErrInvalidParams))
+			}
+		}
+	}
 	if s.SourceAuthOverride != nil {
 		if err := s.SourceAuthOverride.Validate(); err != nil {
 			invalidParams.AddNested("SourceAuthOverride", err.(request.ErrInvalidParams))
@@ -4094,6 +4644,12 @@ func (s *StartBuildInput) SetInsecureSslOverride(v bool) *StartBuildInput {
 	return s
 }
 
+// SetLogsConfigOverride sets the LogsConfigOverride field's value.
+func (s *StartBuildInput) SetLogsConfigOverride(v *LogsConfig) *StartBuildInput {
+	s.LogsConfigOverride = v
+	return s
+}
+
 // SetPrivilegedModeOverride sets the PrivilegedModeOverride field's value.
 func (s *StartBuildInput) SetPrivilegedModeOverride(v bool) *StartBuildInput {
 	s.PrivilegedModeOverride = &v
@@ -4112,6 +4668,24 @@ func (s *StartBuildInput) SetReportBuildStatusOverride(v bool) *StartBuildInput
 	return s
 }
 
+// SetSecondaryArtifactsOverride sets the SecondaryArtifactsOverride field's value.
+func (s *StartBuildInput) SetSecondaryArtifactsOverride(v []*ProjectArtifacts) *StartBuildInput {
+	s.SecondaryArtifactsOverride = v
+	return s
+}
+
+// SetSecondarySourcesOverride sets the SecondarySourcesOverride field's value.
+func (s *StartBuildInput) SetSecondarySourcesOverride(v []*ProjectSource) *StartBuildInput {
+	s.SecondarySourcesOverride = v
+	return s
+}
+
+// SetSecondarySourcesVersionOverride sets the SecondarySourcesVersionOverride field's value.
+func (s *StartBuildInput) SetSecondarySourcesVersionOverride(v []*ProjectSourceVersion) *StartBuildInput {
+	s.SecondarySourcesVersionOverride = v
+	return s
+}
+
 // SetServiceRoleOverride sets the ServiceRoleOverride field's value.
 func (s *StartBuildInput) SetServiceRoleOverride(v string) *StartBuildInput {
 	s.ServiceRoleOverride = &v
@@ -4314,6 +4888,10 @@ type UpdateProjectInput struct {
 	// Information to be changed about the build environment for the build project.
 	Environment *ProjectEnvironment `locationName:"environment" type:"structure"`
 
+	// Information about logs for the build project. A project can create Amazon
+	// CloudWatch Logs, logs in an S3 bucket, or both.
+	LogsConfig *LogsConfig `locationName:"logsConfig" type:"structure"`
+
 	// The name of the build project.
 	//
 	// You cannot change a build project's name.
@@ -4321,6 +4899,12 @@ type UpdateProjectInput struct {
 	// Name is a required field
 	Name *string `locationName:"name" min:"1" type:"string" required:"true"`
 
+	// An array of ProjectSource objects.
+	SecondaryArtifacts []*ProjectArtifacts `locationName:"secondaryArtifacts" type:"list"`
+
+	// An array of ProjectSource objects.
+	SecondarySources []*ProjectSource `locationName:"secondarySources" type:"list"`
+
 	// The replacement ARN of the AWS Identity and Access Management (IAM) role
 	// that enables AWS CodeBuild to interact with dependent AWS services on behalf
 	// of the AWS account.
@@ -4387,6 +4971,31 @@ func (s *UpdateProjectInput) Validate() error {
 			invalidParams.AddNested("Environment", err.(request.ErrInvalidParams))
 		}
 	}
+	if s.LogsConfig != nil {
+		if err := s.LogsConfig.Validate(); err != nil {
+			invalidParams.AddNested("LogsConfig", err.(request.ErrInvalidParams))
+		}
+	}
+	if s.SecondaryArtifacts != nil {
+		for i, v := range s.SecondaryArtifacts {
+			if v == nil {
+				continue
+			}
+			if err := v.Validate(); err != nil {
+				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "SecondaryArtifacts", i), err.(request.ErrInvalidParams))
+			}
+		}
+	}
+	if s.SecondarySources != nil {
+		for i, v := range s.SecondarySources {
+			if v == nil {
+				continue
+			}
+			if err := v.Validate(); err != nil {
+				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "SecondarySources", i), err.(request.ErrInvalidParams))
+			}
+		}
+	}
 	if s.Source != nil {
 		if err := s.Source.Validate(); err != nil {
 			invalidParams.AddNested("Source", err.(request.ErrInvalidParams))
@@ -4450,12 +5059,30 @@ func (s *UpdateProjectInput) SetEnvironment(v *ProjectEnvironment) *UpdateProjec
 	return s
 }
 
+// SetLogsConfig sets the LogsConfig field's value.
+func (s *UpdateProjectInput) SetLogsConfig(v *LogsConfig) *UpdateProjectInput {
+	s.LogsConfig = v
+	return s
+}
+
 // SetName sets the Name field's value.
 func (s *UpdateProjectInput) SetName(v string) *UpdateProjectInput {
 	s.Name = &v
 	return s
 }
 
+// SetSecondaryArtifacts sets the SecondaryArtifacts field's value.
+func (s *UpdateProjectInput) SetSecondaryArtifacts(v []*ProjectArtifacts) *UpdateProjectInput {
+	s.SecondaryArtifacts = v
+	return s
+}
+
+// SetSecondarySources sets the SecondarySources field's value.
+func (s *UpdateProjectInput) SetSecondarySources(v []*ProjectSource) *UpdateProjectInput {
+	s.SecondarySources = v
+	return s
+}
+
 // SetServiceRole sets the ServiceRole field's value.
 func (s *UpdateProjectInput) SetServiceRole(v string) *UpdateProjectInput {
 	s.ServiceRole = &v
@@ -4838,6 +5465,14 @@ const (
 	LanguageTypeBase = "BASE"
 )
 
+const (
+	// LogsConfigStatusTypeEnabled is a LogsConfigStatusType enum value
+	LogsConfigStatusTypeEnabled = "ENABLED"
+
+	// LogsConfigStatusTypeDisabled is a LogsConfigStatusType enum value
+	LogsConfigStatusTypeDisabled = "DISABLED"
+)
+
 const (
 	// PlatformTypeDebian is a PlatformType enum value
 	PlatformTypeDebian = "DEBIAN"
@@ -4894,6 +5529,9 @@ const (
 
 	// SourceTypeGithubEnterprise is a SourceType enum value
 	SourceTypeGithubEnterprise = "GITHUB_ENTERPRISE"
+
+	// SourceTypeNoSource is a SourceType enum value
+	SourceTypeNoSource = "NO_SOURCE"
 )
 
 const (

vendor/github.com/aws/aws-sdk-go/service/codecommit/doc.go

@@ -45,6 +45,13 @@
 //
 // Files, by calling the following:
 //
+//    * DeleteFile, which deletes the content of a specified file from a specified
+//    branch.
+//
+//    * GetFile, which returns the base-64 encoded content of a specified file.
+//
+//    * GetFolder, which returns the contents of a specified folder or directory.
+//
 //    * PutFile, which adds or modifies a file in a specified repository and
 //    branch.
 //

vendor/github.com/aws/aws-sdk-go/service/codecommit/errors.go

@@ -204,6 +204,13 @@ const (
 	// than 2 GB, add them using a Git client.
 	ErrCodeFileContentSizeLimitExceededException = "FileContentSizeLimitExceededException"
 
+	// ErrCodeFileDoesNotExistException for service response error code
+	// "FileDoesNotExistException".
+	//
+	// The specified file does not exist. Verify that you have provided the correct
+	// name of the file, including its full path and extension.
+	ErrCodeFileDoesNotExistException = "FileDoesNotExistException"
+
 	// ErrCodeFileNameConflictsWithDirectoryNameException for service response error code
 	// "FileNameConflictsWithDirectoryNameException".
 	//
@@ -221,6 +228,13 @@ const (
 	// (http://docs.aws.amazon.com/codecommit/latest/userguide/limits.html).
 	ErrCodeFileTooLargeException = "FileTooLargeException"
 
+	// ErrCodeFolderDoesNotExistException for service response error code
+	// "FolderDoesNotExistException".
+	//
+	// The specified folder does not exist. Either the folder name is not correct,
+	// or you did not provide the full path to the folder.
+	ErrCodeFolderDoesNotExistException = "FolderDoesNotExistException"
+
 	// ErrCodeIdempotencyParameterMismatchException for service response error code
 	// "IdempotencyParameterMismatchException".
 	//
@@ -286,6 +300,12 @@ const (
 	// The specified continuation token is not valid.
 	ErrCodeInvalidContinuationTokenException = "InvalidContinuationTokenException"
 
+	// ErrCodeInvalidDeletionParameterException for service response error code
+	// "InvalidDeletionParameterException".
+	//
+	// The specified deletion parameter is not valid.
+	ErrCodeInvalidDeletionParameterException = "InvalidDeletionParameterException"
+
 	// ErrCodeInvalidDescriptionException for service response error code
 	// "InvalidDescriptionException".
 	//
@@ -549,7 +569,7 @@ const (
 	// ErrCodeNameLengthExceededException for service response error code
 	// "NameLengthExceededException".
 	//
-	// The file name is not valid because it has exceeded the character limit for
+	// The user name is not valid because it has exceeded the character limit for
 	// file names. File names, including the path to the file, cannot exceed the
 	// character limit.
 	ErrCodeNameLengthExceededException = "NameLengthExceededException"
@@ -557,8 +577,8 @@ const (
 	// ErrCodeParentCommitDoesNotExistException for service response error code
 	// "ParentCommitDoesNotExistException".
 	//
-	// The parent commit ID is not valid. The specified parent commit ID does not
+	// The parent commit ID is not valid because it does not exist. The specified
-	// exist in the specified branch of the repository.
+	// parent commit ID does not exist in the specified branch of the repository.
 	ErrCodeParentCommitDoesNotExistException = "ParentCommitDoesNotExistException"
 
 	// ErrCodeParentCommitIdOutdatedException for service response error code
@@ -586,7 +606,7 @@ const (
 	// ErrCodePathRequiredException for service response error code
 	// "PathRequiredException".
 	//
-	// The filePath for a location cannot be empty or null.
+	// The folderPath for a location cannot be null.
 	ErrCodePathRequiredException = "PathRequiredException"
 
 	// ErrCodePullRequestAlreadyClosedException for service response error code

vendor/github.com/aws/aws-sdk-go/service/cognitoidentityprovider/api.go

@@ -4164,6 +4164,10 @@ func (c *CognitoIdentityProvider) CreateUserPoolDomainRequest(input *CreateUserP
 //   This exception is thrown when the Amazon Cognito service cannot find the
 //   requested resource.
 //
+//   * ErrCodeLimitExceededException "LimitExceededException"
+//   This exception is thrown when a user exceeds the limit for a requested AWS
+//   resource.
+//
 //   * ErrCodeInternalErrorException "InternalErrorException"
 //   This exception is thrown when Amazon Cognito encounters an internal error.
 //
@@ -5500,7 +5504,7 @@ func (c *CognitoIdentityProvider) DescribeUserPoolClientRequest(input *DescribeU
 // DescribeUserPoolClient API operation for Amazon Cognito Identity Provider.
 //
 // Client method for returning the configuration information and metadata of
-// the specified user pool client.
+// the specified user pool app client.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -9688,7 +9692,9 @@ func (c *CognitoIdentityProvider) UpdateUserPoolRequest(input *UpdateUserPoolInp
 
 // UpdateUserPool API operation for Amazon Cognito Identity Provider.
 //
-// Updates the specified user pool with the specified attributes.
+// Updates the specified user pool with the specified attributes. If you don't
+// provide a value for an attribute, it will be set to the default value. You
+// can get a list of the current user pool settings with .
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -9806,8 +9812,10 @@ func (c *CognitoIdentityProvider) UpdateUserPoolClientRequest(input *UpdateUserP
 
 // UpdateUserPoolClient API operation for Amazon Cognito Identity Provider.
 //
-// Allows the developer to update the specified user pool client and password
+// Updates the specified user pool app client with the specified attributes.
-// policy.
+// If you don't provide a value for an attribute, it will be set to the default
+// value. You can get a list of the current user pool app client settings with
+// .
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -14867,11 +14875,14 @@ type CreateUserPoolClientInput struct {
 	//
 	//    * Be registered with the authorization server.
 	//
-	//    * Not use HTTP without TLS (i.e. use HTTPS instead of HTTP).
-	//
 	//    * Not include a fragment component.
 	//
 	// See OAuth 2.0 - Redirection Endpoint (https://tools.ietf.org/html/rfc6749#section-3.1.2).
+	//
+	// Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing
+	// purposes only.
+	//
+	// App callback URLs such as myapp://example are also supported.
 	CallbackURLs []*string `type:"list"`
 
 	// The client name for the user pool client you would like to create.
@@ -14887,11 +14898,14 @@ type CreateUserPoolClientInput struct {
 	//
 	//    * Be registered with the authorization server.
 	//
-	//    * Not use HTTP without TLS (i.e. use HTTPS instead of HTTP).
-	//
 	//    * Not include a fragment component.
 	//
 	// See OAuth 2.0 - Redirection Endpoint (https://tools.ietf.org/html/rfc6749#section-3.1.2).
+	//
+	// Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing
+	// purposes only.
+	//
+	// App callback URLs such as myapp://example are also supported.
 	DefaultRedirectURI *string `min:"1" type:"string"`
 
 	// The explicit authentication flows.
@@ -15081,6 +15095,17 @@ func (s *CreateUserPoolClientOutput) SetUserPoolClient(v *UserPoolClientType) *C
 type CreateUserPoolDomainInput struct {
 	_ struct{} `type:"structure"`
 
+	// The configuration for a custom domain that hosts the sign-up and sign-in
+	// webpages for your application.
+	//
+	// Provide this parameter only if you want to use own custom domain for your
+	// user pool. Otherwise, you can exclude this parameter and use the Amazon Cognito
+	// hosted domain instead.
+	//
+	// For more information about the hosted domain and custom domains, see Configuring
+	// a User Pool Domain (http://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-assign-domain.html).
+	CustomDomainConfig *CustomDomainConfigType `type:"structure"`
+
 	// The domain string.
 	//
 	// Domain is a required field
@@ -15117,6 +15142,11 @@ func (s *CreateUserPoolDomainInput) Validate() error {
 	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
 		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
 	}
+	if s.CustomDomainConfig != nil {
+		if err := s.CustomDomainConfig.Validate(); err != nil {
+			invalidParams.AddNested("CustomDomainConfig", err.(request.ErrInvalidParams))
+		}
+	}
 
 	if invalidParams.Len() > 0 {
 		return invalidParams
@@ -15124,6 +15154,12 @@ func (s *CreateUserPoolDomainInput) Validate() error {
 	return nil
 }
 
+// SetCustomDomainConfig sets the CustomDomainConfig field's value.
+func (s *CreateUserPoolDomainInput) SetCustomDomainConfig(v *CustomDomainConfigType) *CreateUserPoolDomainInput {
+	s.CustomDomainConfig = v
+	return s
+}
+
 // SetDomain sets the Domain field's value.
 func (s *CreateUserPoolDomainInput) SetDomain(v string) *CreateUserPoolDomainInput {
 	s.Domain = &v
@@ -15138,6 +15174,10 @@ func (s *CreateUserPoolDomainInput) SetUserPoolId(v string) *CreateUserPoolDomai
 
 type CreateUserPoolDomainOutput struct {
 	_ struct{} `type:"structure"`
+
+	// The Amazon CloudFront endpoint that you use as the target of the alias that
+	// you set up with your Domain Name Service (DNS) provider.
+	CloudFrontDomain *string `min:"1" type:"string"`
 }
 
 // String returns the string representation
@@ -15150,6 +15190,12 @@ func (s CreateUserPoolDomainOutput) GoString() string {
 	return s.String()
 }
 
+// SetCloudFrontDomain sets the CloudFrontDomain field's value.
+func (s *CreateUserPoolDomainOutput) SetCloudFrontDomain(v string) *CreateUserPoolDomainOutput {
+	s.CloudFrontDomain = &v
+	return s
+}
+
 // Represents the request to create a user pool.
 type CreateUserPoolInput struct {
 	_ struct{} `type:"structure"`
@@ -15454,6 +15500,50 @@ func (s *CreateUserPoolOutput) SetUserPool(v *UserPoolType) *CreateUserPoolOutpu
 	return s
 }
 
+// The configuration for a custom domain that hosts the sign-up and sign-in
+// webpages for your application.
+type CustomDomainConfigType struct {
+	_ struct{} `type:"structure"`
+
+	// The Amazon Resource Name (ARN) of an AWS Certificate Manager SSL certificate.
+	// You use this certificate for the subdomain of your custom domain.
+	//
+	// CertificateArn is a required field
+	CertificateArn *string `min:"20" type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s CustomDomainConfigType) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s CustomDomainConfigType) GoString() string {
+	return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *CustomDomainConfigType) Validate() error {
+	invalidParams := request.ErrInvalidParams{Context: "CustomDomainConfigType"}
+	if s.CertificateArn == nil {
+		invalidParams.Add(request.NewErrParamRequired("CertificateArn"))
+	}
+	if s.CertificateArn != nil && len(*s.CertificateArn) < 20 {
+		invalidParams.Add(request.NewErrParamMinLen("CertificateArn", 20))
+	}
+
+	if invalidParams.Len() > 0 {
+		return invalidParams
+	}
+	return nil
+}
+
+// SetCertificateArn sets the CertificateArn field's value.
+func (s *CustomDomainConfigType) SetCertificateArn(v string) *CustomDomainConfigType {
+	s.CertificateArn = &v
+	return s
+}
+
 type DeleteGroupInput struct {
 	_ struct{} `type:"structure"`
 
@@ -16672,7 +16762,11 @@ type DomainDescriptionType struct {
 	AWSAccountId *string `type:"string"`
 
 	// The ARN of the CloudFront distribution.
-	CloudFrontDistribution *string `min:"20" type:"string"`
+	CloudFrontDistribution *string `type:"string"`
+
+	// The configuration for a custom domain that hosts the sign-up and sign-in
+	// webpages for your application.
+	CustomDomainConfig *CustomDomainConfigType `type:"structure"`
 
 	// The domain string.
 	Domain *string `min:"1" type:"string"`
@@ -16712,6 +16806,12 @@ func (s *DomainDescriptionType) SetCloudFrontDistribution(v string) *DomainDescr
 	return s
 }
 
+// SetCustomDomainConfig sets the CustomDomainConfig field's value.
+func (s *DomainDescriptionType) SetCustomDomainConfig(v *CustomDomainConfigType) *DomainDescriptionType {
+	s.CustomDomainConfig = v
+	return s
+}
+
 // SetDomain sets the Domain field's value.
 func (s *DomainDescriptionType) SetDomain(v string) *DomainDescriptionType {
 	s.Domain = &v
@@ -19320,9 +19420,9 @@ type ListUsersInput struct {
 	//
 	//    * preferred_username
 	//
-	//    * cognito:user_status (called Enabled in the Console) (case-sensitive)
+	//    * cognito:user_status (called Status in the Console) (case-insensitive)
 	//
-	//    * status (case-insensitive)
+	//    * status (called Enabled in the Console) (case-sensitive)
 	//
 	//    * sub
 	//
@@ -22384,11 +22484,14 @@ type UpdateUserPoolClientInput struct {
 	//
 	//    * Be registered with the authorization server.
 	//
-	//    * Not use HTTP without TLS (i.e. use HTTPS instead of HTTP).
-	//
 	//    * Not include a fragment component.
 	//
 	// See OAuth 2.0 - Redirection Endpoint (https://tools.ietf.org/html/rfc6749#section-3.1.2).
+	//
+	// Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing
+	// purposes only.
+	//
+	// App callback URLs such as myapp://example are also supported.
 	CallbackURLs []*string `type:"list"`
 
 	// The ID of the client associated with the user pool.
@@ -22407,11 +22510,14 @@ type UpdateUserPoolClientInput struct {
 	//
 	//    * Be registered with the authorization server.
 	//
-	//    * Not use HTTP without TLS (i.e. use HTTPS instead of HTTP).
-	//
 	//    * Not include a fragment component.
 	//
 	// See OAuth 2.0 - Redirection Endpoint (https://tools.ietf.org/html/rfc6749#section-3.1.2).
+	//
+	// Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing
+	// purposes only.
+	//
+	// App callback URLs such as myapp://example are also supported.
 	DefaultRedirectURI *string `min:"1" type:"string"`
 
 	// Explicit authentication flows.
@@ -23148,11 +23254,14 @@ type UserPoolClientType struct {
 	//
 	//    * Be registered with the authorization server.
 	//
-	//    * Not use HTTP without TLS (i.e. use HTTPS instead of HTTP).
-	//
 	//    * Not include a fragment component.
 	//
 	// See OAuth 2.0 - Redirection Endpoint (https://tools.ietf.org/html/rfc6749#section-3.1.2).
+	//
+	// Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing
+	// purposes only.
+	//
+	// App callback URLs such as myapp://example are also supported.
 	CallbackURLs []*string `type:"list"`
 
 	// The ID of the client associated with the user pool.
@@ -23175,11 +23284,14 @@ type UserPoolClientType struct {
 	//
 	//    * Be registered with the authorization server.
 	//
-	//    * Not use HTTP without TLS (i.e. use HTTPS instead of HTTP).
-	//
 	//    * Not include a fragment component.
 	//
 	// See OAuth 2.0 - Redirection Endpoint (https://tools.ietf.org/html/rfc6749#section-3.1.2).
+	//
+	// Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing
+	// purposes only.
+	//
+	// App callback URLs such as myapp://example are also supported.
 	DefaultRedirectURI *string `min:"1" type:"string"`
 
 	// The explicit authentication flows.
@@ -23454,6 +23566,8 @@ type UserPoolType struct {
 	// The date the user pool was created.
 	CreationDate *time.Time `type:"timestamp"`
 
+	CustomDomain *string `min:"1" type:"string"`
+
 	// The device configuration.
 	DeviceConfiguration *DeviceConfigurationType `type:"structure"`
 
@@ -23574,6 +23688,12 @@ func (s *UserPoolType) SetCreationDate(v time.Time) *UserPoolType {
 	return s
 }
 
+// SetCustomDomain sets the CustomDomain field's value.
+func (s *UserPoolType) SetCustomDomain(v string) *UserPoolType {
+	s.CustomDomain = &v
+	return s
+}
+
 // SetDeviceConfiguration sets the DeviceConfiguration field's value.
 func (s *UserPoolType) SetDeviceConfiguration(v *DeviceConfigurationType) *UserPoolType {
 	s.DeviceConfiguration = v

vendor/github.com/aws/aws-sdk-go/service/configservice/api.go

@@ -3355,8 +3355,12 @@ func (c *ConfigService) PutConfigurationAggregatorRequest(input *PutConfiguratio
 //   are valid and try again.
 //
 //   * ErrCodeLimitExceededException "LimitExceededException"
-//   This exception is thrown if an evaluation is in progress or if you call the
+//   For StartConfigRulesEvaluation API, this exception is thrown if an evaluation
-//   StartConfigRulesEvaluation API more than once per minute.
+//   is in progress or if you call the StartConfigRulesEvaluation API more than
+//   once per minute.
+//
+//   For PutConfigurationAggregator API, this exception is thrown if the number
+//   of accounts and aggregators exceeds the limit.
 //
 //   * ErrCodeInvalidRoleException "InvalidRoleException"
 //   You have provided a null or empty role ARN.
@@ -3875,8 +3879,12 @@ func (c *ConfigService) StartConfigRulesEvaluationRequest(input *StartConfigRule
 //   rule names are correct and try again.
 //
 //   * ErrCodeLimitExceededException "LimitExceededException"
-//   This exception is thrown if an evaluation is in progress or if you call the
+//   For StartConfigRulesEvaluation API, this exception is thrown if an evaluation
-//   StartConfigRulesEvaluation API more than once per minute.
+//   is in progress or if you call the StartConfigRulesEvaluation API more than
+//   once per minute.
+//
+//   For PutConfigurationAggregator API, this exception is thrown if the number
+//   of accounts and aggregators exceeds the limit.
 //
 //   * ErrCodeResourceInUseException "ResourceInUseException"
 //   The rule is currently being deleted or the rule is deleting your evaluation
@@ -5045,6 +5053,12 @@ type ConfigRule struct {
 	// available.
 	ConfigRuleState *string `type:"string" enum:"ConfigRuleState"`
 
+	// Service principal name of the service that created the rule.
+	//
+	// The field is populated only if the service linked rule is created by a service.
+	// The field is empty if you create your own rule.
+	CreatedBy *string `min:"1" type:"string"`
+
 	// The description that you provide for the AWS Config rule.
 	Description *string `type:"string"`
 
@@ -5095,6 +5109,9 @@ func (s *ConfigRule) Validate() error {
 	if s.ConfigRuleName != nil && len(*s.ConfigRuleName) < 1 {
 		invalidParams.Add(request.NewErrParamMinLen("ConfigRuleName", 1))
 	}
+	if s.CreatedBy != nil && len(*s.CreatedBy) < 1 {
+		invalidParams.Add(request.NewErrParamMinLen("CreatedBy", 1))
+	}
 	if s.InputParameters != nil && len(*s.InputParameters) < 1 {
 		invalidParams.Add(request.NewErrParamMinLen("InputParameters", 1))
 	}
@@ -5142,6 +5159,12 @@ func (s *ConfigRule) SetConfigRuleState(v string) *ConfigRule {
 	return s
 }
 
+// SetCreatedBy sets the CreatedBy field's value.
+func (s *ConfigRule) SetCreatedBy(v string) *ConfigRule {
+	s.CreatedBy = &v
+	return s
+}
+
 // SetDescription sets the Description field's value.
 func (s *ConfigRule) SetDescription(v string) *ConfigRule {
 	s.Description = &v

vendor/github.com/aws/aws-sdk-go/service/configservice/errors.go

@@ -102,8 +102,12 @@ const (
 	// ErrCodeLimitExceededException for service response error code
 	// "LimitExceededException".
 	//
-	// This exception is thrown if an evaluation is in progress or if you call the
+	// For StartConfigRulesEvaluation API, this exception is thrown if an evaluation
-	// StartConfigRulesEvaluation API more than once per minute.
+	// is in progress or if you call the StartConfigRulesEvaluation API more than
+	// once per minute.
+	//
+	// For PutConfigurationAggregator API, this exception is thrown if the number
+	// of accounts and aggregators exceeds the limit.
 	ErrCodeLimitExceededException = "LimitExceededException"
 
 	// ErrCodeMaxNumberOfConfigRulesExceededException for service response error code

vendor/github.com/aws/aws-sdk-go/service/databasemigrationservice/api.go

@@ -10025,12 +10025,16 @@ type ReplicationInstance struct {
 	ReplicationInstanceIdentifier *string `type:"string"`
 
 	// The private IP address of the replication instance.
+	//
+	// Deprecated: ReplicationInstancePrivateIpAddress has been deprecated
 	ReplicationInstancePrivateIpAddress *string `deprecated:"true" type:"string"`
 
 	// The private IP address of the replication instance.
 	ReplicationInstancePrivateIpAddresses []*string `type:"list"`
 
 	// The public IP address of the replication instance.
+	//
+	// Deprecated: ReplicationInstancePublicIpAddress has been deprecated
 	ReplicationInstancePublicIpAddress *string `deprecated:"true" type:"string"`
 
 	// The public IP address of the replication instance.

vendor/github.com/aws/aws-sdk-go/service/dax/api.go

@@ -100,6 +100,8 @@ func (c *DAX) CreateClusterRequest(input *CreateClusterInput) (req *request.Requ
 //   * ErrCodeTagQuotaPerResourceExceeded "TagQuotaPerResourceExceeded"
 //   You have exceeded the maximum number of tags for this DAX cluster.
 //
+//   * ErrCodeServiceLinkedRoleNotFoundFault "ServiceLinkedRoleNotFoundFault"
+//
 //   * ErrCodeInvalidParameterValueException "InvalidParameterValueException"
 //   The value for a parameter is invalid.
 //
@@ -192,6 +194,8 @@ func (c *DAX) CreateParameterGroupRequest(input *CreateParameterGroupInput) (req
 //   * ErrCodeInvalidParameterGroupStateFault "InvalidParameterGroupStateFault"
 //   One or more parameters in a parameter group are in an invalid state.
 //
+//   * ErrCodeServiceLinkedRoleNotFoundFault "ServiceLinkedRoleNotFoundFault"
+//
 //   * ErrCodeInvalidParameterValueException "InvalidParameterValueException"
 //   The value for a parameter is invalid.
 //
@@ -288,6 +292,8 @@ func (c *DAX) CreateSubnetGroupRequest(input *CreateSubnetGroupInput) (req *requ
 //   * ErrCodeInvalidSubnet "InvalidSubnet"
 //   An invalid subnet identifier was specified.
 //
+//   * ErrCodeServiceLinkedRoleNotFoundFault "ServiceLinkedRoleNotFoundFault"
+//
 // See also, https://docs.aws.amazon.com/goto/WebAPI/dax-2017-04-19/CreateSubnetGroup
 func (c *DAX) CreateSubnetGroup(input *CreateSubnetGroupInput) (*CreateSubnetGroupOutput, error) {
 	req, out := c.CreateSubnetGroupRequest(input)
@@ -376,6 +382,8 @@ func (c *DAX) DecreaseReplicationFactorRequest(input *DecreaseReplicationFactorI
 //   * ErrCodeInvalidClusterStateFault "InvalidClusterStateFault"
 //   The requested DAX cluster is not in the available state.
 //
+//   * ErrCodeServiceLinkedRoleNotFoundFault "ServiceLinkedRoleNotFoundFault"
+//
 //   * ErrCodeInvalidParameterValueException "InvalidParameterValueException"
 //   The value for a parameter is invalid.
 //
@@ -467,6 +475,8 @@ func (c *DAX) DeleteClusterRequest(input *DeleteClusterInput) (req *request.Requ
 //   * ErrCodeInvalidClusterStateFault "InvalidClusterStateFault"
 //   The requested DAX cluster is not in the available state.
 //
+//   * ErrCodeServiceLinkedRoleNotFoundFault "ServiceLinkedRoleNotFoundFault"
+//
 //   * ErrCodeInvalidParameterValueException "InvalidParameterValueException"
 //   The value for a parameter is invalid.
 //
@@ -556,6 +566,8 @@ func (c *DAX) DeleteParameterGroupRequest(input *DeleteParameterGroupInput) (req
 //   * ErrCodeParameterGroupNotFoundFault "ParameterGroupNotFoundFault"
 //   The specified parameter group does not exist.
 //
+//   * ErrCodeServiceLinkedRoleNotFoundFault "ServiceLinkedRoleNotFoundFault"
+//
 //   * ErrCodeInvalidParameterValueException "InvalidParameterValueException"
 //   The value for a parameter is invalid.
 //
@@ -646,6 +658,8 @@ func (c *DAX) DeleteSubnetGroupRequest(input *DeleteSubnetGroupInput) (req *requ
 //   * ErrCodeSubnetGroupNotFoundFault "SubnetGroupNotFoundFault"
 //   The requested subnet group name does not refer to an existing subnet group.
 //
+//   * ErrCodeServiceLinkedRoleNotFoundFault "ServiceLinkedRoleNotFoundFault"
+//
 // See also, https://docs.aws.amazon.com/goto/WebAPI/dax-2017-04-19/DeleteSubnetGroup
 func (c *DAX) DeleteSubnetGroup(input *DeleteSubnetGroupInput) (*DeleteSubnetGroupOutput, error) {
 	req, out := c.DeleteSubnetGroupRequest(input)
@@ -741,6 +755,8 @@ func (c *DAX) DescribeClustersRequest(input *DescribeClustersInput) (req *reques
 //   * ErrCodeClusterNotFoundFault "ClusterNotFoundFault"
 //   The requested cluster ID does not refer to an existing DAX cluster.
 //
+//   * ErrCodeServiceLinkedRoleNotFoundFault "ServiceLinkedRoleNotFoundFault"
+//
 //   * ErrCodeInvalidParameterValueException "InvalidParameterValueException"
 //   The value for a parameter is invalid.
 //
@@ -823,6 +839,8 @@ func (c *DAX) DescribeDefaultParametersRequest(input *DescribeDefaultParametersI
 // API operation DescribeDefaultParameters for usage and error information.
 //
 // Returned Error Codes:
+//   * ErrCodeServiceLinkedRoleNotFoundFault "ServiceLinkedRoleNotFoundFault"
+//
 //   * ErrCodeInvalidParameterValueException "InvalidParameterValueException"
 //   The value for a parameter is invalid.
 //
@@ -910,6 +928,8 @@ func (c *DAX) DescribeEventsRequest(input *DescribeEventsInput) (req *request.Re
 // API operation DescribeEvents for usage and error information.
 //
 // Returned Error Codes:
+//   * ErrCodeServiceLinkedRoleNotFoundFault "ServiceLinkedRoleNotFoundFault"
+//
 //   * ErrCodeInvalidParameterValueException "InvalidParameterValueException"
 //   The value for a parameter is invalid.
 //
@@ -996,6 +1016,8 @@ func (c *DAX) DescribeParameterGroupsRequest(input *DescribeParameterGroupsInput
 //   * ErrCodeParameterGroupNotFoundFault "ParameterGroupNotFoundFault"
 //   The specified parameter group does not exist.
 //
+//   * ErrCodeServiceLinkedRoleNotFoundFault "ServiceLinkedRoleNotFoundFault"
+//
 //   * ErrCodeInvalidParameterValueException "InvalidParameterValueException"
 //   The value for a parameter is invalid.
 //
@@ -1081,6 +1103,8 @@ func (c *DAX) DescribeParametersRequest(input *DescribeParametersInput) (req *re
 //   * ErrCodeParameterGroupNotFoundFault "ParameterGroupNotFoundFault"
 //   The specified parameter group does not exist.
 //
+//   * ErrCodeServiceLinkedRoleNotFoundFault "ServiceLinkedRoleNotFoundFault"
+//
 //   * ErrCodeInvalidParameterValueException "InvalidParameterValueException"
 //   The value for a parameter is invalid.
 //
@@ -1167,6 +1191,8 @@ func (c *DAX) DescribeSubnetGroupsRequest(input *DescribeSubnetGroupsInput) (req
 //   * ErrCodeSubnetGroupNotFoundFault "SubnetGroupNotFoundFault"
 //   The requested subnet group name does not refer to an existing subnet group.
 //
+//   * ErrCodeServiceLinkedRoleNotFoundFault "ServiceLinkedRoleNotFoundFault"
+//
 // See also, https://docs.aws.amazon.com/goto/WebAPI/dax-2017-04-19/DescribeSubnetGroups
 func (c *DAX) DescribeSubnetGroups(input *DescribeSubnetGroupsInput) (*DescribeSubnetGroupsOutput, error) {
 	req, out := c.DescribeSubnetGroupsRequest(input)
@@ -1262,6 +1288,8 @@ func (c *DAX) IncreaseReplicationFactorRequest(input *IncreaseReplicationFactorI
 //   * ErrCodeNodeQuotaForCustomerExceededFault "NodeQuotaForCustomerExceededFault"
 //   You have attempted to exceed the maximum number of nodes for your AWS account.
 //
+//   * ErrCodeServiceLinkedRoleNotFoundFault "ServiceLinkedRoleNotFoundFault"
+//
 //   * ErrCodeInvalidParameterValueException "InvalidParameterValueException"
 //   The value for a parameter is invalid.
 //
@@ -1354,6 +1382,8 @@ func (c *DAX) ListTagsRequest(input *ListTagsInput) (req *request.Request, outpu
 //   * ErrCodeInvalidClusterStateFault "InvalidClusterStateFault"
 //   The requested DAX cluster is not in the available state.
 //
+//   * ErrCodeServiceLinkedRoleNotFoundFault "ServiceLinkedRoleNotFoundFault"
+//
 //   * ErrCodeInvalidParameterValueException "InvalidParameterValueException"
 //   The value for a parameter is invalid.
 //
@@ -1446,6 +1476,8 @@ func (c *DAX) RebootNodeRequest(input *RebootNodeInput) (req *request.Request, o
 //   * ErrCodeInvalidClusterStateFault "InvalidClusterStateFault"
 //   The requested DAX cluster is not in the available state.
 //
+//   * ErrCodeServiceLinkedRoleNotFoundFault "ServiceLinkedRoleNotFoundFault"
+//
 //   * ErrCodeInvalidParameterValueException "InvalidParameterValueException"
 //   The value for a parameter is invalid.
 //
@@ -1541,6 +1573,8 @@ func (c *DAX) TagResourceRequest(input *TagResourceInput) (req *request.Request,
 //   * ErrCodeInvalidClusterStateFault "InvalidClusterStateFault"
 //   The requested DAX cluster is not in the available state.
 //
+//   * ErrCodeServiceLinkedRoleNotFoundFault "ServiceLinkedRoleNotFoundFault"
+//
 //   * ErrCodeInvalidParameterValueException "InvalidParameterValueException"
 //   The value for a parameter is invalid.
 //
@@ -1636,6 +1670,8 @@ func (c *DAX) UntagResourceRequest(input *UntagResourceInput) (req *request.Requ
 //   * ErrCodeInvalidClusterStateFault "InvalidClusterStateFault"
 //   The requested DAX cluster is not in the available state.
 //
+//   * ErrCodeServiceLinkedRoleNotFoundFault "ServiceLinkedRoleNotFoundFault"
+//
 //   * ErrCodeInvalidParameterValueException "InvalidParameterValueException"
 //   The value for a parameter is invalid.
 //
@@ -1732,6 +1768,8 @@ func (c *DAX) UpdateClusterRequest(input *UpdateClusterInput) (req *request.Requ
 //   * ErrCodeParameterGroupNotFoundFault "ParameterGroupNotFoundFault"
 //   The specified parameter group does not exist.
 //
+//   * ErrCodeServiceLinkedRoleNotFoundFault "ServiceLinkedRoleNotFoundFault"
+//
 //   * ErrCodeInvalidParameterValueException "InvalidParameterValueException"
 //   The value for a parameter is invalid.
 //
@@ -1821,6 +1859,8 @@ func (c *DAX) UpdateParameterGroupRequest(input *UpdateParameterGroupInput) (req
 //   * ErrCodeParameterGroupNotFoundFault "ParameterGroupNotFoundFault"
 //   The specified parameter group does not exist.
 //
+//   * ErrCodeServiceLinkedRoleNotFoundFault "ServiceLinkedRoleNotFoundFault"
+//
 //   * ErrCodeInvalidParameterValueException "InvalidParameterValueException"
 //   The value for a parameter is invalid.
 //
@@ -1916,6 +1956,8 @@ func (c *DAX) UpdateSubnetGroupRequest(input *UpdateSubnetGroupInput) (req *requ
 //   * ErrCodeInvalidSubnet "InvalidSubnet"
 //   An invalid subnet identifier was specified.
 //
+//   * ErrCodeServiceLinkedRoleNotFoundFault "ServiceLinkedRoleNotFoundFault"
+//
 // See also, https://docs.aws.amazon.com/goto/WebAPI/dax-2017-04-19/UpdateSubnetGroup
 func (c *DAX) UpdateSubnetGroup(input *UpdateSubnetGroupInput) (*UpdateSubnetGroupOutput, error) {
 	req, out := c.UpdateSubnetGroupRequest(input)
@@ -1989,6 +2031,10 @@ type Cluster struct {
 	// than 30 minutes, and is performed automatically within the maintenance window.
 	PreferredMaintenanceWindow *string `type:"string"`
 
+	// The description of the server-side encryption status on the specified DAX
+	// cluster.
+	SSEDescription *SSEDescription `type:"structure"`
+
 	// A list of security groups, and the status of each, for the nodes in the cluster.
 	SecurityGroups []*SecurityGroupMembership `type:"list"`
 
@@ -2084,6 +2130,12 @@ func (s *Cluster) SetPreferredMaintenanceWindow(v string) *Cluster {
 	return s
 }
 
+// SetSSEDescription sets the SSEDescription field's value.
+func (s *Cluster) SetSSEDescription(v *SSEDescription) *Cluster {
+	s.SSEDescription = v
+	return s
+}
+
 // SetSecurityGroups sets the SecurityGroups field's value.
 func (s *Cluster) SetSecurityGroups(v []*SecurityGroupMembership) *Cluster {
 	s.SecurityGroups = v
@@ -2189,6 +2241,9 @@ type CreateClusterInput struct {
 	// ReplicationFactor is a required field
 	ReplicationFactor *int64 `type:"integer" required:"true"`
 
+	// Represents the settings used to enable server-side encryption on the cluster.
+	SSESpecification *SSESpecification `type:"structure"`
+
 	// A list of security group IDs to be assigned to each node in the DAX cluster.
 	// (Each of the security group ID is system-generated.)
 	//
@@ -2231,6 +2286,11 @@ func (s *CreateClusterInput) Validate() error {
 	if s.ReplicationFactor == nil {
 		invalidParams.Add(request.NewErrParamRequired("ReplicationFactor"))
 	}
+	if s.SSESpecification != nil {
+		if err := s.SSESpecification.Validate(); err != nil {
+			invalidParams.AddNested("SSESpecification", err.(request.ErrInvalidParams))
+		}
+	}
 
 	if invalidParams.Len() > 0 {
 		return invalidParams
@@ -2292,6 +2352,12 @@ func (s *CreateClusterInput) SetReplicationFactor(v int64) *CreateClusterInput {
 	return s
 }
 
+// SetSSESpecification sets the SSESpecification field's value.
+func (s *CreateClusterInput) SetSSESpecification(v *SSESpecification) *CreateClusterInput {
+	s.SSESpecification = v
+	return s
+}
+
 // SetSecurityGroupIds sets the SecurityGroupIds field's value.
 func (s *CreateClusterInput) SetSecurityGroupIds(v []*string) *CreateClusterInput {
 	s.SecurityGroupIds = v
@@ -3992,6 +4058,79 @@ func (s *RebootNodeOutput) SetCluster(v *Cluster) *RebootNodeOutput {
 	return s
 }
 
+// The description of the server-side encryption status on the specified DAX
+// cluster.
+type SSEDescription struct {
+	_ struct{} `type:"structure"`
+
+	// The current state of server-side encryption:
+	//
+	//    * ENABLING - Server-side encryption is being enabled.
+	//
+	//    * ENABLED - Server-side encryption is enabled.
+	//
+	//    * DISABLING - Server-side encryption is being disabled.
+	//
+	//    * DISABLED - Server-side encryption is disabled.
+	Status *string `type:"string" enum:"SSEStatus"`
+}
+
+// String returns the string representation
+func (s SSEDescription) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s SSEDescription) GoString() string {
+	return s.String()
+}
+
+// SetStatus sets the Status field's value.
+func (s *SSEDescription) SetStatus(v string) *SSEDescription {
+	s.Status = &v
+	return s
+}
+
+// Represents the settings used to enable server-side encryption.
+type SSESpecification struct {
+	_ struct{} `type:"structure"`
+
+	// Indicates whether server-side encryption is enabled (true) or disabled (false)
+	// on the cluster.
+	//
+	// Enabled is a required field
+	Enabled *bool `type:"boolean" required:"true"`
+}
+
+// String returns the string representation
+func (s SSESpecification) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s SSESpecification) GoString() string {
+	return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *SSESpecification) Validate() error {
+	invalidParams := request.ErrInvalidParams{Context: "SSESpecification"}
+	if s.Enabled == nil {
+		invalidParams.Add(request.NewErrParamRequired("Enabled"))
+	}
+
+	if invalidParams.Len() > 0 {
+		return invalidParams
+	}
+	return nil
+}
+
+// SetEnabled sets the Enabled field's value.
+func (s *SSESpecification) SetEnabled(v bool) *SSESpecification {
+	s.Enabled = &v
+	return s
+}
+
 // An individual VPC security group and its status.
 type SecurityGroupMembership struct {
 	_ struct{} `type:"structure"`
@@ -4609,6 +4748,20 @@ const (
 	ParameterTypeNodeTypeSpecific = "NODE_TYPE_SPECIFIC"
 )
 
+const (
+	// SSEStatusEnabling is a SSEStatus enum value
+	SSEStatusEnabling = "ENABLING"
+
+	// SSEStatusEnabled is a SSEStatus enum value
+	SSEStatusEnabled = "ENABLED"
+
+	// SSEStatusDisabling is a SSEStatus enum value
+	SSEStatusDisabling = "DISABLING"
+
+	// SSEStatusDisabled is a SSEStatus enum value
+	SSEStatusDisabled = "DISABLED"
+)
+
 const (
 	// SourceTypeCluster is a SourceType enum value
 	SourceTypeCluster = "CLUSTER"

vendor/github.com/aws/aws-sdk-go/service/dax/errors.go

@@ -108,6 +108,10 @@ const (
 	// You have attempted to exceed the maximum number of parameter groups.
 	ErrCodeParameterGroupQuotaExceededFault = "ParameterGroupQuotaExceededFault"
 
+	// ErrCodeServiceLinkedRoleNotFoundFault for service response error code
+	// "ServiceLinkedRoleNotFoundFault".
+	ErrCodeServiceLinkedRoleNotFoundFault = "ServiceLinkedRoleNotFoundFault"
+
 	// ErrCodeSubnetGroupAlreadyExistsFault for service response error code
 	// "SubnetGroupAlreadyExistsFault".
 	//

vendor/github.com/aws/aws-sdk-go/service/devicefarm/api.go

@@ -5604,6 +5604,99 @@ func (c *DeviceFarm) ScheduleRunWithContext(ctx aws.Context, input *ScheduleRunI
 	return out, req.Send()
 }
 
+const opStopJob = "StopJob"
+
+// StopJobRequest generates a "aws/request.Request" representing the
+// client's request for the StopJob operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfuly.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See StopJob for more information on using the StopJob
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+//    // Example sending a request using the StopJobRequest method.
+//    req, resp := client.StopJobRequest(params)
+//
+//    err := req.Send()
+//    if err == nil { // resp is now filled
+//        fmt.Println(resp)
+//    }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/devicefarm-2015-06-23/StopJob
+func (c *DeviceFarm) StopJobRequest(input *StopJobInput) (req *request.Request, output *StopJobOutput) {
+	op := &request.Operation{
+		Name:       opStopJob,
+		HTTPMethod: "POST",
+		HTTPPath:   "/",
+	}
+
+	if input == nil {
+		input = &StopJobInput{}
+	}
+
+	output = &StopJobOutput{}
+	req = c.newRequest(op, input, output)
+	return
+}
+
+// StopJob API operation for AWS Device Farm.
+//
+// Initiates a stop request for the current job. AWS Device Farm will immediately
+// stop the job on the device where tests have not started executing, and you
+// will not be billed for this device. On the device where tests have started
+// executing, Setup Suite and Teardown Suite tests will run to completion before
+// stopping execution on the device. You will be billed for Setup, Teardown,
+// and any tests that were in progress or already completed.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Device Farm's
+// API operation StopJob for usage and error information.
+//
+// Returned Error Codes:
+//   * ErrCodeArgumentException "ArgumentException"
+//   An invalid argument was specified.
+//
+//   * ErrCodeNotFoundException "NotFoundException"
+//   The specified entity was not found.
+//
+//   * ErrCodeLimitExceededException "LimitExceededException"
+//   A limit was exceeded.
+//
+//   * ErrCodeServiceAccountException "ServiceAccountException"
+//   There was a problem with the service account.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/devicefarm-2015-06-23/StopJob
+func (c *DeviceFarm) StopJob(input *StopJobInput) (*StopJobOutput, error) {
+	req, out := c.StopJobRequest(input)
+	return out, req.Send()
+}
+
+// StopJobWithContext is the same as StopJob with the addition of
+// the ability to pass a context and additional request options.
+//
+// See StopJob for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *DeviceFarm) StopJobWithContext(ctx aws.Context, input *StopJobInput, opts ...request.Option) (*StopJobOutput, error) {
+	req, out := c.StopJobRequest(input)
+	req.SetContext(ctx)
+	req.ApplyOptions(opts...)
+	return out, req.Send()
+}
+
 const opStopRemoteAccessSession = "StopRemoteAccessSession"
 
 // StopRemoteAccessSessionRequest generates a "aws/request.Request" representing the
@@ -6227,6 +6320,94 @@ func (c *DeviceFarm) UpdateProjectWithContext(ctx aws.Context, input *UpdateProj
 	return out, req.Send()
 }
 
+const opUpdateUpload = "UpdateUpload"
+
+// UpdateUploadRequest generates a "aws/request.Request" representing the
+// client's request for the UpdateUpload operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfuly.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See UpdateUpload for more information on using the UpdateUpload
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+//    // Example sending a request using the UpdateUploadRequest method.
+//    req, resp := client.UpdateUploadRequest(params)
+//
+//    err := req.Send()
+//    if err == nil { // resp is now filled
+//        fmt.Println(resp)
+//    }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/devicefarm-2015-06-23/UpdateUpload
+func (c *DeviceFarm) UpdateUploadRequest(input *UpdateUploadInput) (req *request.Request, output *UpdateUploadOutput) {
+	op := &request.Operation{
+		Name:       opUpdateUpload,
+		HTTPMethod: "POST",
+		HTTPPath:   "/",
+	}
+
+	if input == nil {
+		input = &UpdateUploadInput{}
+	}
+
+	output = &UpdateUploadOutput{}
+	req = c.newRequest(op, input, output)
+	return
+}
+
+// UpdateUpload API operation for AWS Device Farm.
+//
+// Update an uploaded test specification (test spec).
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Device Farm's
+// API operation UpdateUpload for usage and error information.
+//
+// Returned Error Codes:
+//   * ErrCodeArgumentException "ArgumentException"
+//   An invalid argument was specified.
+//
+//   * ErrCodeNotFoundException "NotFoundException"
+//   The specified entity was not found.
+//
+//   * ErrCodeLimitExceededException "LimitExceededException"
+//   A limit was exceeded.
+//
+//   * ErrCodeServiceAccountException "ServiceAccountException"
+//   There was a problem with the service account.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/devicefarm-2015-06-23/UpdateUpload
+func (c *DeviceFarm) UpdateUpload(input *UpdateUploadInput) (*UpdateUploadOutput, error) {
+	req, out := c.UpdateUploadRequest(input)
+	return out, req.Send()
+}
+
+// UpdateUploadWithContext is the same as UpdateUpload with the addition of
+// the ability to pass a context and additional request options.
+//
+// See UpdateUpload for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *DeviceFarm) UpdateUploadWithContext(ctx aws.Context, input *UpdateUploadInput, opts ...request.Option) (*UpdateUploadOutput, error) {
+	req, out := c.UpdateUploadRequest(input)
+	req.SetContext(ctx)
+	req.ApplyOptions(opts...)
+	return out, req.Send()
+}
+
 const opUpdateVPCEConfiguration = "UpdateVPCEConfiguration"
 
 // UpdateVPCEConfigurationRequest generates a "aws/request.Request" representing the
@@ -7367,7 +7548,7 @@ type CreateUploadInput struct {
 	//
 	//    * IOS_APP: An iOS upload.
 	//
-	//    * WEB_APP: A web appliction upload.
+	//    * WEB_APP: A web application upload.
 	//
 	//    * EXTERNAL_DATA: An external data upload.
 	//
@@ -8549,6 +8730,10 @@ type ExecutionConfiguration struct {
 	// modify my app? (https://aws.amazon.com/device-farm/faq/) in the AWS Device
 	// Farm FAQs.
 	SkipAppResign *bool `locationName:"skipAppResign" type:"boolean"`
+
+	// Set to true to enable video capture; otherwise, set to false. The default
+	// is true.
+	VideoCapture *bool `locationName:"videoCapture" type:"boolean"`
 }
 
 // String returns the string representation
@@ -8585,6 +8770,12 @@ func (s *ExecutionConfiguration) SetSkipAppResign(v bool) *ExecutionConfiguratio
 	return s
 }
 
+// SetVideoCapture sets the VideoCapture field's value.
+func (s *ExecutionConfiguration) SetVideoCapture(v bool) *ExecutionConfiguration {
+	s.VideoCapture = &v
+	return s
+}
+
 // Represents the request sent to retrieve the account settings.
 type GetAccountSettingsInput struct {
 	_ struct{} `type:"structure"`
@@ -10037,6 +10228,13 @@ type Job struct {
 	//
 	//    * XCTEST_UI: The XCode UI test type.
 	Type *string `locationName:"type" type:"string" enum:"TestType"`
+
+	// This value is set to true if video capture is enabled; otherwise, it is set
+	// to false.
+	VideoCapture *bool `locationName:"videoCapture" type:"boolean"`
+
+	// The endpoint for streaming device video.
+	VideoEndpoint *string `locationName:"videoEndpoint" type:"string"`
 }
 
 // String returns the string representation
@@ -10127,6 +10325,18 @@ func (s *Job) SetType(v string) *Job {
 	return s
 }
 
+// SetVideoCapture sets the VideoCapture field's value.
+func (s *Job) SetVideoCapture(v bool) *Job {
+	s.VideoCapture = &v
+	return s
+}
+
+// SetVideoEndpoint sets the VideoEndpoint field's value.
+func (s *Job) SetVideoEndpoint(v string) *Job {
+	s.VideoEndpoint = &v
+	return s
+}
+
 // Represents a request to the list artifacts operation.
 type ListArtifactsInput struct {
 	_ struct{} `type:"structure"`
@@ -11653,6 +11863,62 @@ type ListUploadsInput struct {
 	// An identifier that was returned from the previous call to this operation,
 	// which can be used to return the next set of items in the list.
 	NextToken *string `locationName:"nextToken" min:"4" type:"string"`
+
+	// The type of upload.
+	//
+	// Must be one of the following values:
+	//
+	//    * ANDROID_APP: An Android upload.
+	//
+	//    * IOS_APP: An iOS upload.
+	//
+	//    * WEB_APP: A web appliction upload.
+	//
+	//    * EXTERNAL_DATA: An external data upload.
+	//
+	//    * APPIUM_JAVA_JUNIT_TEST_PACKAGE: An Appium Java JUnit test package upload.
+	//
+	//    * APPIUM_JAVA_TESTNG_TEST_PACKAGE: An Appium Java TestNG test package
+	//    upload.
+	//
+	//    * APPIUM_PYTHON_TEST_PACKAGE: An Appium Python test package upload.
+	//
+	//    * APPIUM_WEB_JAVA_JUNIT_TEST_PACKAGE: An Appium Java JUnit test package
+	//    upload.
+	//
+	//    * APPIUM_WEB_JAVA_TESTNG_TEST_PACKAGE: An Appium Java TestNG test package
+	//    upload.
+	//
+	//    * APPIUM_WEB_PYTHON_TEST_PACKAGE: An Appium Python test package upload.
+	//
+	//    * CALABASH_TEST_PACKAGE: A Calabash test package upload.
+	//
+	//    * INSTRUMENTATION_TEST_PACKAGE: An instrumentation upload.
+	//
+	//    * UIAUTOMATION_TEST_PACKAGE: A uiautomation test package upload.
+	//
+	//    * UIAUTOMATOR_TEST_PACKAGE: A uiautomator test package upload.
+	//
+	//    * XCTEST_TEST_PACKAGE: An XCode test package upload.
+	//
+	//    * XCTEST_UI_TEST_PACKAGE: An XCode UI test package upload.
+	//
+	//    * APPIUM_JAVA_JUNIT_TEST_SPEC: An Appium Java JUnit test spec upload.
+	//
+	//    * APPIUM_JAVA_TESTNG_TEST_SPEC: An Appium Java TestNG test spec upload.
+	//
+	//    * APPIUM_PYTHON_TEST_SPEC: An Appium Python test spec upload.
+	//
+	//    * APPIUM_WEB_JAVA_JUNIT_TEST_SPEC: An Appium Java JUnit test spec upload.
+	//
+	//    * APPIUM_WEB_JAVA_TESTNG_TEST_SPEC: An Appium Java TestNG test spec upload.
+	//
+	//    * APPIUM_WEB_PYTHON_TEST_SPEC: An Appium Python test spec upload.
+	//
+	//    * INSTRUMENTATION_TEST_SPEC: An instrumentation test spec upload.
+	//
+	//    * XCTEST_UI_TEST_SPEC: An XCode UI test spec upload.
+	Type *string `locationName:"type" type:"string" enum:"UploadType"`
 }
 
 // String returns the string representation
@@ -11696,6 +11962,12 @@ func (s *ListUploadsInput) SetNextToken(v string) *ListUploadsInput {
 	return s
 }
 
+// SetType sets the Type field's value.
+func (s *ListUploadsInput) SetType(v string) *ListUploadsInput {
+	s.Type = &v
+	return s
+}
+
 // Represents the result of a list uploads request.
 type ListUploadsOutput struct {
 	_ struct{} `type:"structure"`
@@ -13154,6 +13426,9 @@ type Run struct {
 	// The run's stop time.
 	Stopped *time.Time `locationName:"stopped" type:"timestamp"`
 
+	// The ARN of the YAML-formatted test specification for the run.
+	TestSpecArn *string `locationName:"testSpecArn" min:"32" type:"string"`
+
 	// The total number of jobs for the run.
 	TotalJobs *int64 `locationName:"totalJobs" type:"integer"`
 
@@ -13362,6 +13637,12 @@ func (s *Run) SetStopped(v time.Time) *Run {
 	return s
 }
 
+// SetTestSpecArn sets the TestSpecArn field's value.
+func (s *Run) SetTestSpecArn(v string) *Run {
+	s.TestSpecArn = &v
+	return s
+}
+
 // SetTotalJobs sets the TotalJobs field's value.
 func (s *Run) SetTotalJobs(v int64) *Run {
 	s.TotalJobs = &v
@@ -13817,6 +14098,9 @@ type ScheduleRunTest struct {
 	// The ARN of the uploaded test that will be run.
 	TestPackageArn *string `locationName:"testPackageArn" min:"32" type:"string"`
 
+	// The ARN of the YAML-formatted test specification.
+	TestSpecArn *string `locationName:"testSpecArn" min:"32" type:"string"`
+
 	// The test's type.
 	//
 	// Must be one of the following values:
@@ -13871,6 +14155,9 @@ func (s *ScheduleRunTest) Validate() error {
 	if s.TestPackageArn != nil && len(*s.TestPackageArn) < 32 {
 		invalidParams.Add(request.NewErrParamMinLen("TestPackageArn", 32))
 	}
+	if s.TestSpecArn != nil && len(*s.TestSpecArn) < 32 {
+		invalidParams.Add(request.NewErrParamMinLen("TestSpecArn", 32))
+	}
 	if s.Type == nil {
 		invalidParams.Add(request.NewErrParamRequired("Type"))
 	}
@@ -13899,12 +14186,83 @@ func (s *ScheduleRunTest) SetTestPackageArn(v string) *ScheduleRunTest {
 	return s
 }
 
+// SetTestSpecArn sets the TestSpecArn field's value.
+func (s *ScheduleRunTest) SetTestSpecArn(v string) *ScheduleRunTest {
+	s.TestSpecArn = &v
+	return s
+}
+
 // SetType sets the Type field's value.
 func (s *ScheduleRunTest) SetType(v string) *ScheduleRunTest {
 	s.Type = &v
 	return s
 }
 
+type StopJobInput struct {
+	_ struct{} `type:"structure"`
+
+	// Represents the Amazon Resource Name (ARN) of the Device Farm job you wish
+	// to stop.
+	//
+	// Arn is a required field
+	Arn *string `locationName:"arn" min:"32" type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s StopJobInput) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s StopJobInput) GoString() string {
+	return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *StopJobInput) Validate() error {
+	invalidParams := request.ErrInvalidParams{Context: "StopJobInput"}
+	if s.Arn == nil {
+		invalidParams.Add(request.NewErrParamRequired("Arn"))
+	}
+	if s.Arn != nil && len(*s.Arn) < 32 {
+		invalidParams.Add(request.NewErrParamMinLen("Arn", 32))
+	}
+
+	if invalidParams.Len() > 0 {
+		return invalidParams
+	}
+	return nil
+}
+
+// SetArn sets the Arn field's value.
+func (s *StopJobInput) SetArn(v string) *StopJobInput {
+	s.Arn = &v
+	return s
+}
+
+type StopJobOutput struct {
+	_ struct{} `type:"structure"`
+
+	// The job that was stopped.
+	Job *Job `locationName:"job" type:"structure"`
+}
+
+// String returns the string representation
+func (s StopJobOutput) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s StopJobOutput) GoString() string {
+	return s.String()
+}
+
+// SetJob sets the Job field's value.
+func (s *StopJobOutput) SetJob(v *Job) *StopJobOutput {
+	s.Job = v
+	return s
+}
+
 // Represents the request to stop the remote access session.
 type StopRemoteAccessSessionInput struct {
 	_ struct{} `type:"structure"`
@@ -15020,6 +15378,99 @@ func (s *UpdateProjectOutput) SetProject(v *Project) *UpdateProjectOutput {
 	return s
 }
 
+type UpdateUploadInput struct {
+	_ struct{} `type:"structure"`
+
+	// The Amazon Resource Name (ARN) of the uploaded test spec.
+	//
+	// Arn is a required field
+	Arn *string `locationName:"arn" min:"32" type:"string" required:"true"`
+
+	// The upload's content type (for example, "application/x-yaml").
+	ContentType *string `locationName:"contentType" type:"string"`
+
+	// Set to true if the YAML file has changed and needs to be updated; otherwise,
+	// set to false.
+	EditContent *bool `locationName:"editContent" type:"boolean"`
+
+	// The upload's test spec file name. The name should not contain the '/' character.
+	// The test spec file name must end with the .yaml or .yml file extension.
+	Name *string `locationName:"name" type:"string"`
+}
+
+// String returns the string representation
+func (s UpdateUploadInput) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s UpdateUploadInput) GoString() string {
+	return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *UpdateUploadInput) Validate() error {
+	invalidParams := request.ErrInvalidParams{Context: "UpdateUploadInput"}
+	if s.Arn == nil {
+		invalidParams.Add(request.NewErrParamRequired("Arn"))
+	}
+	if s.Arn != nil && len(*s.Arn) < 32 {
+		invalidParams.Add(request.NewErrParamMinLen("Arn", 32))
+	}
+
+	if invalidParams.Len() > 0 {
+		return invalidParams
+	}
+	return nil
+}
+
+// SetArn sets the Arn field's value.
+func (s *UpdateUploadInput) SetArn(v string) *UpdateUploadInput {
+	s.Arn = &v
+	return s
+}
+
+// SetContentType sets the ContentType field's value.
+func (s *UpdateUploadInput) SetContentType(v string) *UpdateUploadInput {
+	s.ContentType = &v
+	return s
+}
+
+// SetEditContent sets the EditContent field's value.
+func (s *UpdateUploadInput) SetEditContent(v bool) *UpdateUploadInput {
+	s.EditContent = &v
+	return s
+}
+
+// SetName sets the Name field's value.
+func (s *UpdateUploadInput) SetName(v string) *UpdateUploadInput {
+	s.Name = &v
+	return s
+}
+
+type UpdateUploadOutput struct {
+	_ struct{} `type:"structure"`
+
+	// A test spec uploaded to Device Farm.
+	Upload *Upload `locationName:"upload" type:"structure"`
+}
+
+// String returns the string representation
+func (s UpdateUploadOutput) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s UpdateUploadOutput) GoString() string {
+	return s.String()
+}
+
+// SetUpload sets the Upload field's value.
+func (s *UpdateUploadOutput) SetUpload(v *Upload) *UpdateUploadOutput {
+	s.Upload = v
+	return s
+}
+
 type UpdateVPCEConfigurationInput struct {
 	_ struct{} `type:"structure"`
 
@@ -15131,6 +15582,13 @@ type Upload struct {
 	// The upload's ARN.
 	Arn *string `locationName:"arn" min:"32" type:"string"`
 
+	// The upload's category. Allowed values include:
+	//
+	//    * CURATED: An upload managed by AWS Device Farm.
+	//
+	//    * PRIVATE: An upload managed by the AWS Device Farm customer.
+	Category *string `locationName:"category" type:"string" enum:"UploadCategory"`
+
 	// The upload's content type (for example, "application/octet-stream").
 	ContentType *string `locationName:"contentType" type:"string"`
 
@@ -15222,6 +15680,12 @@ func (s *Upload) SetArn(v string) *Upload {
 	return s
 }
 
+// SetCategory sets the Category field's value.
+func (s *Upload) SetCategory(v string) *Upload {
+	s.Category = &v
+	return s
+}
+
 // SetContentType sets the ContentType field's value.
 func (s *Upload) SetContentType(v string) *Upload {
 	s.ContentType = &v
@@ -15425,6 +15889,9 @@ const (
 
 	// ArtifactTypeCustomerArtifactLog is a ArtifactType enum value
 	ArtifactTypeCustomerArtifactLog = "CUSTOMER_ARTIFACT_LOG"
+
+	// ArtifactTypeTestspecOutput is a ArtifactType enum value
+	ArtifactTypeTestspecOutput = "TESTSPEC_OUTPUT"
 )
 
 const (
@@ -15736,6 +16203,14 @@ const (
 	TestTypeRemoteAccessReplay = "REMOTE_ACCESS_REPLAY"
 )
 
+const (
+	// UploadCategoryCurated is a UploadCategory enum value
+	UploadCategoryCurated = "CURATED"
+
+	// UploadCategoryPrivate is a UploadCategory enum value
+	UploadCategoryPrivate = "PRIVATE"
+)
+
 const (
 	// UploadStatusInitialized is a UploadStatus enum value
 	UploadStatusInitialized = "INITIALIZED"
@@ -15798,4 +16273,28 @@ const (
 
 	// UploadTypeXctestUiTestPackage is a UploadType enum value
 	UploadTypeXctestUiTestPackage = "XCTEST_UI_TEST_PACKAGE"
+
+	// UploadTypeAppiumJavaJunitTestSpec is a UploadType enum value
+	UploadTypeAppiumJavaJunitTestSpec = "APPIUM_JAVA_JUNIT_TEST_SPEC"
+
+	// UploadTypeAppiumJavaTestngTestSpec is a UploadType enum value
+	UploadTypeAppiumJavaTestngTestSpec = "APPIUM_JAVA_TESTNG_TEST_SPEC"
+
+	// UploadTypeAppiumPythonTestSpec is a UploadType enum value
+	UploadTypeAppiumPythonTestSpec = "APPIUM_PYTHON_TEST_SPEC"
+
+	// UploadTypeAppiumWebJavaJunitTestSpec is a UploadType enum value
+	UploadTypeAppiumWebJavaJunitTestSpec = "APPIUM_WEB_JAVA_JUNIT_TEST_SPEC"
+
+	// UploadTypeAppiumWebJavaTestngTestSpec is a UploadType enum value
+	UploadTypeAppiumWebJavaTestngTestSpec = "APPIUM_WEB_JAVA_TESTNG_TEST_SPEC"
+
+	// UploadTypeAppiumWebPythonTestSpec is a UploadType enum value
+	UploadTypeAppiumWebPythonTestSpec = "APPIUM_WEB_PYTHON_TEST_SPEC"
+
+	// UploadTypeInstrumentationTestSpec is a UploadType enum value
+	UploadTypeInstrumentationTestSpec = "INSTRUMENTATION_TEST_SPEC"
+
+	// UploadTypeXctestUiTestSpec is a UploadType enum value
+	UploadTypeXctestUiTestSpec = "XCTEST_UI_TEST_SPEC"
 )

vendor/github.com/aws/aws-sdk-go/service/directconnect/api.go

@@ -37,6 +37,8 @@ const opAllocateConnectionOnInterconnect = "AllocateConnectionOnInterconnect"
 //    }
 //
 // See also, https://docs.aws.amazon.com/goto/WebAPI/directconnect-2012-10-25/AllocateConnectionOnInterconnect
+//
+// Deprecated: AllocateConnectionOnInterconnect has been deprecated
 func (c *DirectConnect) AllocateConnectionOnInterconnectRequest(input *AllocateConnectionOnInterconnectInput) (req *request.Request, output *Connection) {
 	if c.Client.Config.Logger != nil {
 		c.Client.Config.Logger.Log("This operation, AllocateConnectionOnInterconnect, has been deprecated")
@@ -84,6 +86,8 @@ func (c *DirectConnect) AllocateConnectionOnInterconnectRequest(input *AllocateC
 //   additional details about the cause.
 //
 // See also, https://docs.aws.amazon.com/goto/WebAPI/directconnect-2012-10-25/AllocateConnectionOnInterconnect
+//
+// Deprecated: AllocateConnectionOnInterconnect has been deprecated
 func (c *DirectConnect) AllocateConnectionOnInterconnect(input *AllocateConnectionOnInterconnectInput) (*Connection, error) {
 	req, out := c.AllocateConnectionOnInterconnectRequest(input)
 	return out, req.Send()
@@ -98,6 +102,8 @@ func (c *DirectConnect) AllocateConnectionOnInterconnect(input *AllocateConnecti
 // the context is nil a panic will occur. In the future the SDK may create
 // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 // for more information on using Contexts.
+//
+// Deprecated: AllocateConnectionOnInterconnectWithContext has been deprecated
 func (c *DirectConnect) AllocateConnectionOnInterconnectWithContext(ctx aws.Context, input *AllocateConnectionOnInterconnectInput, opts ...request.Option) (*Connection, error) {
 	req, out := c.AllocateConnectionOnInterconnectRequest(input)
 	req.SetContext(ctx)
@@ -2324,6 +2330,8 @@ const opDescribeConnectionLoa = "DescribeConnectionLoa"
 //    }
 //
 // See also, https://docs.aws.amazon.com/goto/WebAPI/directconnect-2012-10-25/DescribeConnectionLoa
+//
+// Deprecated: DescribeConnectionLoa has been deprecated
 func (c *DirectConnect) DescribeConnectionLoaRequest(input *DescribeConnectionLoaInput) (req *request.Request, output *DescribeConnectionLoaOutput) {
 	if c.Client.Config.Logger != nil {
 		c.Client.Config.Logger.Log("This operation, DescribeConnectionLoa, has been deprecated")
@@ -2372,6 +2380,8 @@ func (c *DirectConnect) DescribeConnectionLoaRequest(input *DescribeConnectionLo
 //   additional details about the cause.
 //
 // See also, https://docs.aws.amazon.com/goto/WebAPI/directconnect-2012-10-25/DescribeConnectionLoa
+//
+// Deprecated: DescribeConnectionLoa has been deprecated
 func (c *DirectConnect) DescribeConnectionLoa(input *DescribeConnectionLoaInput) (*DescribeConnectionLoaOutput, error) {
 	req, out := c.DescribeConnectionLoaRequest(input)
 	return out, req.Send()
@@ -2386,6 +2396,8 @@ func (c *DirectConnect) DescribeConnectionLoa(input *DescribeConnectionLoaInput)
 // the context is nil a panic will occur. In the future the SDK may create
 // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 // for more information on using Contexts.
+//
+// Deprecated: DescribeConnectionLoaWithContext has been deprecated
 func (c *DirectConnect) DescribeConnectionLoaWithContext(ctx aws.Context, input *DescribeConnectionLoaInput, opts ...request.Option) (*DescribeConnectionLoaOutput, error) {
 	req, out := c.DescribeConnectionLoaRequest(input)
 	req.SetContext(ctx)
@@ -2505,6 +2517,8 @@ const opDescribeConnectionsOnInterconnect = "DescribeConnectionsOnInterconnect"
 //    }
 //
 // See also, https://docs.aws.amazon.com/goto/WebAPI/directconnect-2012-10-25/DescribeConnectionsOnInterconnect
+//
+// Deprecated: DescribeConnectionsOnInterconnect has been deprecated
 func (c *DirectConnect) DescribeConnectionsOnInterconnectRequest(input *DescribeConnectionsOnInterconnectInput) (req *request.Request, output *Connections) {
 	if c.Client.Config.Logger != nil {
 		c.Client.Config.Logger.Log("This operation, DescribeConnectionsOnInterconnect, has been deprecated")
@@ -2549,6 +2563,8 @@ func (c *DirectConnect) DescribeConnectionsOnInterconnectRequest(input *Describe
 //   additional details about the cause.
 //
 // See also, https://docs.aws.amazon.com/goto/WebAPI/directconnect-2012-10-25/DescribeConnectionsOnInterconnect
+//
+// Deprecated: DescribeConnectionsOnInterconnect has been deprecated
 func (c *DirectConnect) DescribeConnectionsOnInterconnect(input *DescribeConnectionsOnInterconnectInput) (*Connections, error) {
 	req, out := c.DescribeConnectionsOnInterconnectRequest(input)
 	return out, req.Send()
@@ -2563,6 +2579,8 @@ func (c *DirectConnect) DescribeConnectionsOnInterconnect(input *DescribeConnect
 // the context is nil a panic will occur. In the future the SDK may create
 // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 // for more information on using Contexts.
+//
+// Deprecated: DescribeConnectionsOnInterconnectWithContext has been deprecated
 func (c *DirectConnect) DescribeConnectionsOnInterconnectWithContext(ctx aws.Context, input *DescribeConnectionsOnInterconnectInput, opts ...request.Option) (*Connections, error) {
 	req, out := c.DescribeConnectionsOnInterconnectRequest(input)
 	req.SetContext(ctx)
@@ -2951,6 +2969,8 @@ const opDescribeInterconnectLoa = "DescribeInterconnectLoa"
 //    }
 //
 // See also, https://docs.aws.amazon.com/goto/WebAPI/directconnect-2012-10-25/DescribeInterconnectLoa
+//
+// Deprecated: DescribeInterconnectLoa has been deprecated
 func (c *DirectConnect) DescribeInterconnectLoaRequest(input *DescribeInterconnectLoaInput) (req *request.Request, output *DescribeInterconnectLoaOutput) {
 	if c.Client.Config.Logger != nil {
 		c.Client.Config.Logger.Log("This operation, DescribeInterconnectLoa, has been deprecated")
@@ -2999,6 +3019,8 @@ func (c *DirectConnect) DescribeInterconnectLoaRequest(input *DescribeInterconne
 //   additional details about the cause.
 //
 // See also, https://docs.aws.amazon.com/goto/WebAPI/directconnect-2012-10-25/DescribeInterconnectLoa
+//
+// Deprecated: DescribeInterconnectLoa has been deprecated
 func (c *DirectConnect) DescribeInterconnectLoa(input *DescribeInterconnectLoaInput) (*DescribeInterconnectLoaOutput, error) {
 	req, out := c.DescribeInterconnectLoaRequest(input)
 	return out, req.Send()
@@ -3013,6 +3035,8 @@ func (c *DirectConnect) DescribeInterconnectLoa(input *DescribeInterconnectLoaIn
 // the context is nil a panic will occur. In the future the SDK may create
 // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 // for more information on using Contexts.
+//
+// Deprecated: DescribeInterconnectLoaWithContext has been deprecated
 func (c *DirectConnect) DescribeInterconnectLoaWithContext(ctx aws.Context, input *DescribeInterconnectLoaInput, opts ...request.Option) (*DescribeInterconnectLoaOutput, error) {
 	req, out := c.DescribeInterconnectLoaRequest(input)
 	req.SetContext(ctx)
@@ -4605,6 +4629,9 @@ type BGPPeer struct {
 	// Example: asdf34example
 	AuthKey *string `locationName:"authKey" type:"string"`
 
+	// The Direct Connection endpoint which the BGP peer terminates on.
+	AwsDeviceV2 *string `locationName:"awsDeviceV2" type:"string"`
+
 	// The state of the BGP peer.
 	//
 	//    * Verifying: The BGP peering addresses or ASN require validation before
@@ -4625,6 +4652,9 @@ type BGPPeer struct {
 	//
 	//    * Up: The BGP peer is established.
 	//
+	// A state of up does not indicate the state of the routing function. Ensure
+	//    that you are receiving routes over the BGP session.
+	//
 	//    * Down: The BGP peer is down.
 	BgpStatus *string `locationName:"bgpStatus" type:"string" enum:"BGPStatus"`
 
@@ -4668,6 +4698,12 @@ func (s *BGPPeer) SetAuthKey(v string) *BGPPeer {
 	return s
 }
 
+// SetAwsDeviceV2 sets the AwsDeviceV2 field's value.
+func (s *BGPPeer) SetAwsDeviceV2(v string) *BGPPeer {
+	s.AwsDeviceV2 = &v
+	return s
+}
+
 // SetBgpPeerState sets the BgpPeerState field's value.
 func (s *BGPPeer) SetBgpPeerState(v string) *BGPPeer {
 	s.BgpPeerState = &v
@@ -4997,8 +5033,13 @@ func (s *ConfirmPublicVirtualInterfaceOutput) SetVirtualInterfaceState(v string)
 type Connection struct {
 	_ struct{} `type:"structure"`
 
+	// Deprecated in favor of awsDeviceV2.
+	//
 	// The Direct Connection endpoint which the physical connection terminates on.
-	AwsDevice *string `locationName:"awsDevice" type:"string"`
+	AwsDevice *string `locationName:"awsDevice" deprecated:"true" type:"string"`
+
+	// The Direct Connection endpoint which the physical connection terminates on.
+	AwsDeviceV2 *string `locationName:"awsDeviceV2" type:"string"`
 
 	// Bandwidth of the connection.
 	//
@@ -5096,6 +5137,12 @@ func (s *Connection) SetAwsDevice(v string) *Connection {
 	return s
 }
 
+// SetAwsDeviceV2 sets the AwsDeviceV2 field's value.
+func (s *Connection) SetAwsDeviceV2(v string) *Connection {
+	s.AwsDeviceV2 = &v
+	return s
+}
+
 // SetBandwidth sets the Bandwidth field's value.
 func (s *Connection) SetBandwidth(v string) *Connection {
 	s.Bandwidth = &v
@@ -7633,8 +7680,13 @@ func (s *GatewayAttachment) SetVirtualInterfaceRegion(v string) *GatewayAttachme
 type Interconnect struct {
 	_ struct{} `type:"structure"`
 
+	// Deprecated in favor of awsDeviceV2.
+	//
 	// The Direct Connection endpoint which the physical connection terminates on.
-	AwsDevice *string `locationName:"awsDevice" type:"string"`
+	AwsDevice *string `locationName:"awsDevice" deprecated:"true" type:"string"`
+
+	// The Direct Connection endpoint which the physical connection terminates on.
+	AwsDeviceV2 *string `locationName:"awsDeviceV2" type:"string"`
 
 	// Bandwidth of the connection.
 	//
@@ -7710,6 +7762,12 @@ func (s *Interconnect) SetAwsDevice(v string) *Interconnect {
 	return s
 }
 
+// SetAwsDeviceV2 sets the AwsDeviceV2 field's value.
+func (s *Interconnect) SetAwsDeviceV2(v string) *Interconnect {
+	s.AwsDeviceV2 = &v
+	return s
+}
+
 // SetBandwidth sets the Bandwidth field's value.
 func (s *Interconnect) SetBandwidth(v string) *Interconnect {
 	s.Bandwidth = &v
@@ -7771,8 +7829,13 @@ type Lag struct {
 	// This is intended for use by AWS Direct Connect partners only.
 	AllowsHostedConnections *bool `locationName:"allowsHostedConnections" type:"boolean"`
 
+	// Deprecated in favor of awsDeviceV2.
+	//
 	// The AWS Direct Connection endpoint that hosts the LAG.
-	AwsDevice *string `locationName:"awsDevice" type:"string"`
+	AwsDevice *string `locationName:"awsDevice" deprecated:"true" type:"string"`
+
+	// The AWS Direct Connection endpoint that hosts the LAG.
+	AwsDeviceV2 *string `locationName:"awsDeviceV2" type:"string"`
 
 	// A list of connections bundled by this LAG.
 	Connections []*Connection `locationName:"connections" type:"list"`
@@ -7858,6 +7921,12 @@ func (s *Lag) SetAwsDevice(v string) *Lag {
 	return s
 }
 
+// SetAwsDeviceV2 sets the AwsDeviceV2 field's value.
+func (s *Lag) SetAwsDeviceV2(v string) *Lag {
+	s.AwsDeviceV2 = &v
+	return s
+}
+
 // SetConnections sets the Connections field's value.
 func (s *Lag) SetConnections(v []*Connection) *Lag {
 	s.Connections = v
@@ -7968,6 +8037,13 @@ type Location struct {
 	// The name of the AWS Direct Connect location. The name includes the colocation
 	// partner name and the physical site of the lit building.
 	LocationName *string `locationName:"locationName" type:"string"`
+
+	// The AWS region where the AWS Direct connect location is located.
+	//
+	// Example: us-east-1
+	//
+	// Default: None
+	Region *string `locationName:"region" type:"string"`
 }
 
 // String returns the string representation
@@ -7992,6 +8068,12 @@ func (s *Location) SetLocationName(v string) *Location {
 	return s
 }
 
+// SetRegion sets the Region field's value.
+func (s *Location) SetRegion(v string) *Location {
+	s.Region = &v
+	return s
+}
+
 // A structure containing information about a new BGP peer.
 type NewBGPPeer struct {
 	_ struct{} `type:"structure"`
@@ -8997,6 +9079,9 @@ type VirtualInterface struct {
 	// Example: asdf34example
 	AuthKey *string `locationName:"authKey" type:"string"`
 
+	// The Direct Connection endpoint which the virtual interface terminates on.
+	AwsDeviceV2 *string `locationName:"awsDeviceV2" type:"string"`
+
 	// A list of the BGP peers configured on this virtual interface.
 	BgpPeers []*BGPPeer `locationName:"bgpPeers" type:"list"`
 
@@ -9031,6 +9116,13 @@ type VirtualInterface struct {
 	// The AWS account that will own the new virtual interface.
 	OwnerAccount *string `locationName:"ownerAccount" type:"string"`
 
+	// The AWS region where the virtual interface is located.
+	//
+	// Example: us-east-1
+	//
+	// Default: None
+	Region *string `locationName:"region" type:"string"`
+
 	// A list of routes to be advertised to the AWS network in this region (public
 	// virtual interface).
 	RouteFilterPrefixes []*RouteFilterPrefix `locationName:"routeFilterPrefixes" type:"list"`
@@ -9135,6 +9227,12 @@ func (s *VirtualInterface) SetAuthKey(v string) *VirtualInterface {
 	return s
 }
 
+// SetAwsDeviceV2 sets the AwsDeviceV2 field's value.
+func (s *VirtualInterface) SetAwsDeviceV2(v string) *VirtualInterface {
+	s.AwsDeviceV2 = &v
+	return s
+}
+
 // SetBgpPeers sets the BgpPeers field's value.
 func (s *VirtualInterface) SetBgpPeers(v []*BGPPeer) *VirtualInterface {
 	s.BgpPeers = v
@@ -9177,6 +9275,12 @@ func (s *VirtualInterface) SetOwnerAccount(v string) *VirtualInterface {
 	return s
 }
 
+// SetRegion sets the Region field's value.
+func (s *VirtualInterface) SetRegion(v string) *VirtualInterface {
+	s.Region = &v
+	return s
+}
+
 // SetRouteFilterPrefixes sets the RouteFilterPrefixes field's value.
 func (s *VirtualInterface) SetRouteFilterPrefixes(v []*RouteFilterPrefix) *VirtualInterface {
 	s.RouteFilterPrefixes = v
@@ -9267,6 +9371,9 @@ const (
 //
 //    * Up: The BGP peer is established.
 //
+// A state of up does not indicate the state of the routing function. Ensure
+//    that you are receiving routes over the BGP session.
+//
 //    * Down: The BGP peer is down.
 const (
 	// BGPStatusUp is a BGPStatus enum value

vendor/github.com/aws/aws-sdk-go/service/directoryservice/errors.go

@@ -4,6 +4,12 @@ package directoryservice
 
 const (
 
+	// ErrCodeAccessDeniedException for service response error code
+	// "AccessDeniedException".
+	//
+	// You do not have sufficient access to perform this action.
+	ErrCodeAccessDeniedException = "AccessDeniedException"
+
 	// ErrCodeAuthenticationFailedException for service response error code
 	// "AuthenticationFailedException".
 	//
@@ -16,6 +22,12 @@ const (
 	// A client exception has occurred.
 	ErrCodeClientException = "ClientException"
 
+	// ErrCodeDirectoryAlreadySharedException for service response error code
+	// "DirectoryAlreadySharedException".
+	//
+	// The specified directory has already been shared with this AWS account.
+	ErrCodeDirectoryAlreadySharedException = "DirectoryAlreadySharedException"
+
 	// ErrCodeDirectoryLimitExceededException for service response error code
 	// "DirectoryLimitExceededException".
 	//
@@ -24,6 +36,12 @@ const (
 	// the region.
 	ErrCodeDirectoryLimitExceededException = "DirectoryLimitExceededException"
 
+	// ErrCodeDirectoryNotSharedException for service response error code
+	// "DirectoryNotSharedException".
+	//
+	// The specified directory has not been shared with this AWS account.
+	ErrCodeDirectoryNotSharedException = "DirectoryNotSharedException"
+
 	// ErrCodeDirectoryUnavailableException for service response error code
 	// "DirectoryUnavailableException".
 	//
@@ -74,6 +92,12 @@ const (
 	// requirements defined in your directory.
 	ErrCodeInvalidPasswordException = "InvalidPasswordException"
 
+	// ErrCodeInvalidTargetException for service response error code
+	// "InvalidTargetException".
+	//
+	// The specified shared target is not valid.
+	ErrCodeInvalidTargetException = "InvalidTargetException"
+
 	// ErrCodeIpRouteLimitExceededException for service response error code
 	// "IpRouteLimitExceededException".
 	//
@@ -81,12 +105,25 @@ const (
 	// is 100 IP address blocks.
 	ErrCodeIpRouteLimitExceededException = "IpRouteLimitExceededException"
 
+	// ErrCodeOrganizationsException for service response error code
+	// "OrganizationsException".
+	//
+	// Exception encountered while trying to access your AWS organization.
+	ErrCodeOrganizationsException = "OrganizationsException"
+
 	// ErrCodeServiceException for service response error code
 	// "ServiceException".
 	//
 	// An exception has occurred in AWS Directory Service.
 	ErrCodeServiceException = "ServiceException"
 
+	// ErrCodeShareLimitExceededException for service response error code
+	// "ShareLimitExceededException".
+	//
+	// The maximum number of AWS accounts that you can share with this directory
+	// has been reached.
+	ErrCodeShareLimitExceededException = "ShareLimitExceededException"
+
 	// ErrCodeSnapshotLimitExceededException for service response error code
 	// "SnapshotLimitExceededException".
 	//

vendor/github.com/aws/aws-sdk-go/service/ec2/doc.go

@@ -3,9 +3,22 @@
 // Package ec2 provides the client and types for making API
 // requests to Amazon Elastic Compute Cloud.
 //
-// Amazon Elastic Compute Cloud (Amazon EC2) provides resizable computing capacity
+// Amazon Elastic Compute Cloud (Amazon EC2) provides secure and resizable computing
-// in the AWS Cloud. Using Amazon EC2 eliminates the need to invest in hardware
+// capacity in the AWS cloud. Using Amazon EC2 eliminates the need to invest
-// up front, so you can develop and deploy applications faster.
+// in hardware up front, so you can develop and deploy applications faster.
+//
+// To learn more about Amazon EC2, Amazon EBS, and Amazon VPC, see the following
+// resources:
+//
+//    * Amazon EC2 product page (http://aws.amazon.com/ec2)
+//
+//    * Amazon EC2 documentation (http://aws.amazon.com/documentation/ec2)
+//
+//    * Amazon EBS product page (http://aws.amazon.com/ebs)
+//
+//    * Amazon VPC product page (http://aws.amazon.com/vpc)
+//
+//    * Amazon VPC documentation (http://aws.amazon.com/documentation/vpc)
 //
 // See https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15 for more information on this service.
 //

vendor/github.com/aws/aws-sdk-go/service/ecs/errors.go

@@ -89,7 +89,7 @@ const (
 	// ErrCodePlatformTaskDefinitionIncompatibilityException for service response error code
 	// "PlatformTaskDefinitionIncompatibilityException".
 	//
-	// The specified platform version does not satisfy the task definition’s required
+	// The specified platform version does not satisfy the task definition's required
 	// capabilities.
 	ErrCodePlatformTaskDefinitionIncompatibilityException = "PlatformTaskDefinitionIncompatibilityException"
 

vendor/github.com/aws/aws-sdk-go/service/efs/api.go

@@ -39,7 +39,7 @@ const opCreateFileSystem = "CreateFileSystem"
 //    }
 //
 // See also, https://docs.aws.amazon.com/goto/WebAPI/elasticfilesystem-2015-02-01/CreateFileSystem
-func (c *EFS) CreateFileSystemRequest(input *CreateFileSystemInput) (req *request.Request, output *UpdateFileSystemOutput) {
+func (c *EFS) CreateFileSystemRequest(input *CreateFileSystemInput) (req *request.Request, output *FileSystemDescription) {
 	op := &request.Operation{
 		Name:       opCreateFileSystem,
 		HTTPMethod: "POST",
@@ -50,7 +50,7 @@ func (c *EFS) CreateFileSystemRequest(input *CreateFileSystemInput) (req *reques
 		input = &CreateFileSystemInput{}
 	}
 
-	output = &UpdateFileSystemOutput{}
+	output = &FileSystemDescription{}
 	req = c.newRequest(op, input, output)
 	return
 }
@@ -139,7 +139,7 @@ func (c *EFS) CreateFileSystemRequest(input *CreateFileSystemInput) (req *reques
 //   be changed because the throughput limit of 1024 MiB/s has been reached.
 //
 // See also, https://docs.aws.amazon.com/goto/WebAPI/elasticfilesystem-2015-02-01/CreateFileSystem
-func (c *EFS) CreateFileSystem(input *CreateFileSystemInput) (*UpdateFileSystemOutput, error) {
+func (c *EFS) CreateFileSystem(input *CreateFileSystemInput) (*FileSystemDescription, error) {
 	req, out := c.CreateFileSystemRequest(input)
 	return out, req.Send()
 }
@@ -153,7 +153,7 @@ func (c *EFS) CreateFileSystem(input *CreateFileSystemInput) (*UpdateFileSystemO
 // the context is nil a panic will occur. In the future the SDK may create
 // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 // for more information on using Contexts.
-func (c *EFS) CreateFileSystemWithContext(ctx aws.Context, input *CreateFileSystemInput, opts ...request.Option) (*UpdateFileSystemOutput, error) {
+func (c *EFS) CreateFileSystemWithContext(ctx aws.Context, input *CreateFileSystemInput, opts ...request.Option) (*FileSystemDescription, error) {
 	req, out := c.CreateFileSystemRequest(input)
 	req.SetContext(ctx)
 	req.ApplyOptions(opts...)
@@ -1931,7 +1931,7 @@ type DescribeFileSystemsOutput struct {
 	_ struct{} `type:"structure"`
 
 	// Array of file system descriptions.
-	FileSystems []*UpdateFileSystemOutput `type:"list"`
+	FileSystems []*FileSystemDescription `type:"list"`
 
 	// Present if provided by caller in the request (String).
 	Marker *string `type:"string"`
@@ -1952,7 +1952,7 @@ func (s DescribeFileSystemsOutput) GoString() string {
 }
 
 // SetFileSystems sets the FileSystems field's value.
-func (s *DescribeFileSystemsOutput) SetFileSystems(v []*UpdateFileSystemOutput) *DescribeFileSystemsOutput {
+func (s *DescribeFileSystemsOutput) SetFileSystems(v []*FileSystemDescription) *DescribeFileSystemsOutput {
 	s.FileSystems = v
 	return s
 }
@@ -2253,6 +2253,175 @@ func (s *DescribeTagsOutput) SetTags(v []*Tag) *DescribeTagsOutput {
 	return s
 }
 
+// Description of the file system.
+type FileSystemDescription struct {
+	_ struct{} `type:"structure"`
+
+	// Time that the file system was created, in seconds (since 1970-01-01T00:00:00Z).
+	//
+	// CreationTime is a required field
+	CreationTime *time.Time `type:"timestamp" required:"true"`
+
+	// Opaque string specified in the request.
+	//
+	// CreationToken is a required field
+	CreationToken *string `min:"1" type:"string" required:"true"`
+
+	// A Boolean value that, if true, indicates that the file system is encrypted.
+	Encrypted *bool `type:"boolean"`
+
+	// ID of the file system, assigned by Amazon EFS.
+	//
+	// FileSystemId is a required field
+	FileSystemId *string `type:"string" required:"true"`
+
+	// The ID of an AWS Key Management Service (AWS KMS) customer master key (CMK)
+	// that was used to protect the encrypted file system.
+	KmsKeyId *string `min:"1" type:"string"`
+
+	// Lifecycle phase of the file system.
+	//
+	// LifeCycleState is a required field
+	LifeCycleState *string `type:"string" required:"true" enum:"LifeCycleState"`
+
+	// You can add tags to a file system, including a Name tag. For more information,
+	// see CreateTags. If the file system has a Name tag, Amazon EFS returns the
+	// value in this field.
+	Name *string `type:"string"`
+
+	// Current number of mount targets that the file system has. For more information,
+	// see CreateMountTarget.
+	//
+	// NumberOfMountTargets is a required field
+	NumberOfMountTargets *int64 `type:"integer" required:"true"`
+
+	// AWS account that created the file system. If the file system was created
+	// by an IAM user, the parent account to which the user belongs is the owner.
+	//
+	// OwnerId is a required field
+	OwnerId *string `type:"string" required:"true"`
+
+	// The PerformanceMode of the file system.
+	//
+	// PerformanceMode is a required field
+	PerformanceMode *string `type:"string" required:"true" enum:"PerformanceMode"`
+
+	// The throughput, measured in MiB/s, that you want to provision for a file
+	// system. The limit on throughput is 1024 MiB/s. You can get these limits increased
+	// by contacting AWS Support. For more information, see Amazon EFS Limits That
+	// You Can Increase (http://docs.aws.amazon.com/efs/latest/ug/limits.html#soft-limits)
+	// in the Amazon EFS User Guide.
+	ProvisionedThroughputInMibps *float64 `type:"double"`
+
+	// Latest known metered size (in bytes) of data stored in the file system, in
+	// its Value field, and the time at which that size was determined in its Timestamp
+	// field. The Timestamp value is the integer number of seconds since 1970-01-01T00:00:00Z.
+	// The SizeInBytes value doesn't represent the size of a consistent snapshot
+	// of the file system, but it is eventually consistent when there are no writes
+	// to the file system. That is, SizeInBytes represents actual size only if the
+	// file system is not modified for a period longer than a couple of hours. Otherwise,
+	// the value is not the exact size that the file system was at any point in
+	// time.
+	//
+	// SizeInBytes is a required field
+	SizeInBytes *FileSystemSize `type:"structure" required:"true"`
+
+	// The throughput mode for a file system. There are two throughput modes to
+	// choose from for your file system: bursting and provisioned. You can decrease
+	// your file system's throughput in Provisioned Throughput mode or change between
+	// the throughput modes as long as it’s been more than 24 hours since the last
+	// decrease or throughput mode change.
+	ThroughputMode *string `type:"string" enum:"ThroughputMode"`
+}
+
+// String returns the string representation
+func (s FileSystemDescription) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s FileSystemDescription) GoString() string {
+	return s.String()
+}
+
+// SetCreationTime sets the CreationTime field's value.
+func (s *FileSystemDescription) SetCreationTime(v time.Time) *FileSystemDescription {
+	s.CreationTime = &v
+	return s
+}
+
+// SetCreationToken sets the CreationToken field's value.
+func (s *FileSystemDescription) SetCreationToken(v string) *FileSystemDescription {
+	s.CreationToken = &v
+	return s
+}
+
+// SetEncrypted sets the Encrypted field's value.
+func (s *FileSystemDescription) SetEncrypted(v bool) *FileSystemDescription {
+	s.Encrypted = &v
+	return s
+}
+
+// SetFileSystemId sets the FileSystemId field's value.
+func (s *FileSystemDescription) SetFileSystemId(v string) *FileSystemDescription {
+	s.FileSystemId = &v
+	return s
+}
+
+// SetKmsKeyId sets the KmsKeyId field's value.
+func (s *FileSystemDescription) SetKmsKeyId(v string) *FileSystemDescription {
+	s.KmsKeyId = &v
+	return s
+}
+
+// SetLifeCycleState sets the LifeCycleState field's value.
+func (s *FileSystemDescription) SetLifeCycleState(v string) *FileSystemDescription {
+	s.LifeCycleState = &v
+	return s
+}
+
+// SetName sets the Name field's value.
+func (s *FileSystemDescription) SetName(v string) *FileSystemDescription {
+	s.Name = &v
+	return s
+}
+
+// SetNumberOfMountTargets sets the NumberOfMountTargets field's value.
+func (s *FileSystemDescription) SetNumberOfMountTargets(v int64) *FileSystemDescription {
+	s.NumberOfMountTargets = &v
+	return s
+}
+
+// SetOwnerId sets the OwnerId field's value.
+func (s *FileSystemDescription) SetOwnerId(v string) *FileSystemDescription {
+	s.OwnerId = &v
+	return s
+}
+
+// SetPerformanceMode sets the PerformanceMode field's value.
+func (s *FileSystemDescription) SetPerformanceMode(v string) *FileSystemDescription {
+	s.PerformanceMode = &v
+	return s
+}
+
+// SetProvisionedThroughputInMibps sets the ProvisionedThroughputInMibps field's value.
+func (s *FileSystemDescription) SetProvisionedThroughputInMibps(v float64) *FileSystemDescription {
+	s.ProvisionedThroughputInMibps = &v
+	return s
+}
+
+// SetSizeInBytes sets the SizeInBytes field's value.
+func (s *FileSystemDescription) SetSizeInBytes(v *FileSystemSize) *FileSystemDescription {
+	s.SizeInBytes = v
+	return s
+}
+
+// SetThroughputMode sets the ThroughputMode field's value.
+func (s *FileSystemDescription) SetThroughputMode(v string) *FileSystemDescription {
+	s.ThroughputMode = &v
+	return s
+}
+
 // Latest known metered size (in bytes) of data stored in the file system, in
 // its Value field, and the time at which that size was determined in its Timestamp
 // field. Note that the value does not represent the size of a consistent snapshot

vendor/github.com/aws/aws-sdk-go/service/eks/api.go

@@ -104,11 +104,11 @@ func (c *EKS) CreateClusterRequest(input *CreateClusterInput) (req *request.Requ
 //   These errors are usually caused by a server-side issue.
 //
 //   * ErrCodeServiceUnavailableException "ServiceUnavailableException"
-//   The service is unavailable, back off and retry the operation.
+//   The service is unavailable. Back off and retry the operation.
 //
 //   * ErrCodeUnsupportedAvailabilityZoneException "UnsupportedAvailabilityZoneException"
 //   At least one of your specified cluster subnets is in an Availability Zone
-//   that does not support Amazon EKS. The exception output will specify the supported
+//   that does not support Amazon EKS. The exception output specifies the supported
 //   Availability Zones for your account, from which you can choose subnets for
 //   your cluster.
 //
@@ -200,7 +200,7 @@ func (c *EKS) DeleteClusterRequest(input *DeleteClusterInput) (req *request.Requ
 //
 //   * ErrCodeResourceNotFoundException "ResourceNotFoundException"
 //   The specified resource could not be found. You can view your available clusters
-//   with ListClusters. Amazon EKS clusters are region-specific.
+//   with ListClusters. Amazon EKS clusters are Region-specific.
 //
 //   * ErrCodeClientException "ClientException"
 //   These errors are usually caused by a client action, such as using an action
@@ -211,7 +211,7 @@ func (c *EKS) DeleteClusterRequest(input *DeleteClusterInput) (req *request.Requ
 //   These errors are usually caused by a server-side issue.
 //
 //   * ErrCodeServiceUnavailableException "ServiceUnavailableException"
-//   The service is unavailable, back off and retry the operation.
+//   The service is unavailable. Back off and retry the operation.
 //
 // See also, https://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DeleteCluster
 func (c *EKS) DeleteCluster(input *DeleteClusterInput) (*DeleteClusterOutput, error) {
@@ -299,7 +299,7 @@ func (c *EKS) DescribeClusterRequest(input *DescribeClusterInput) (req *request.
 // Returned Error Codes:
 //   * ErrCodeResourceNotFoundException "ResourceNotFoundException"
 //   The specified resource could not be found. You can view your available clusters
-//   with ListClusters. Amazon EKS clusters are region-specific.
+//   with ListClusters. Amazon EKS clusters are Region-specific.
 //
 //   * ErrCodeClientException "ClientException"
 //   These errors are usually caused by a client action, such as using an action
@@ -310,7 +310,7 @@ func (c *EKS) DescribeClusterRequest(input *DescribeClusterInput) (req *request.
 //   These errors are usually caused by a server-side issue.
 //
 //   * ErrCodeServiceUnavailableException "ServiceUnavailableException"
-//   The service is unavailable, back off and retry the operation.
+//   The service is unavailable. Back off and retry the operation.
 //
 // See also, https://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/DescribeCluster
 func (c *EKS) DescribeCluster(input *DescribeClusterInput) (*DescribeClusterOutput, error) {
@@ -378,7 +378,7 @@ func (c *EKS) ListClustersRequest(input *ListClustersInput) (req *request.Reques
 
 // ListClusters API operation for Amazon Elastic Container Service for Kubernetes.
 //
-// Lists the Amazon EKS clusters in your AWS account in the specified region.
+// Lists the Amazon EKS clusters in your AWS account in the specified Region.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -401,7 +401,7 @@ func (c *EKS) ListClustersRequest(input *ListClustersInput) (req *request.Reques
 //   These errors are usually caused by a server-side issue.
 //
 //   * ErrCodeServiceUnavailableException "ServiceUnavailableException"
-//   The service is unavailable, back off and retry the operation.
+//   The service is unavailable. Back off and retry the operation.
 //
 // See also, https://docs.aws.amazon.com/goto/WebAPI/eks-2017-11-01/ListClusters
 func (c *EKS) ListClusters(input *ListClustersInput) (*ListClustersOutput, error) {
@@ -474,6 +474,11 @@ type Cluster struct {
 	// The name of the cluster.
 	Name *string `locationName:"name" type:"string"`
 
+	// The platform version of your Amazon EKS cluster. For more information, see
+	// Platform Versions (eks/latest/userguide/platform-versions.html) in the Amazon
+	// EKS User Guide.
+	PlatformVersion *string `locationName:"platformVersion" type:"string"`
+
 	// The VPC subnets and security groups used by the cluster control plane. Amazon
 	// EKS VPC resources have specific requirements to work properly with Kubernetes.
 	// For more information, see Cluster VPC Considerations (http://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html)
@@ -539,6 +544,12 @@ func (s *Cluster) SetName(v string) *Cluster {
 	return s
 }
 
+// SetPlatformVersion sets the PlatformVersion field's value.
+func (s *Cluster) SetPlatformVersion(v string) *Cluster {
+	s.PlatformVersion = &v
+	return s
+}
+
 // SetResourcesVpcConfig sets the ResourcesVpcConfig field's value.
 func (s *Cluster) SetResourcesVpcConfig(v *VpcConfigResponse) *Cluster {
 	s.ResourcesVpcConfig = v
@@ -579,7 +590,9 @@ type CreateClusterInput struct {
 	// EKS VPC resources have specific requirements to work properly with Kubernetes.
 	// For more information, see Cluster VPC Considerations (http://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html)
 	// and Cluster Security Group Considerations (http://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html)
-	// in the Amazon EKS User Guide.
+	// in the Amazon EKS User Guide. You must specify at least two subnets. You
+	// may specify up to 5 security groups, but we recommend that you use a dedicated
+	// security group for your cluster control plane.
 	//
 	// ResourcesVpcConfig is a required field
 	ResourcesVpcConfig *VpcConfigRequest `locationName:"resourcesVpcConfig" type:"structure" required:"true"`
@@ -587,7 +600,7 @@ type CreateClusterInput struct {
 	// The Amazon Resource Name (ARN) of the IAM role that provides permissions
 	// for Amazon EKS to make calls to other AWS API operations on your behalf.
 	// For more information, see Amazon EKS Service IAM Role (http://docs.aws.amazon.com/eks/latest/userguide/service_IAM_role.html)
-	// in the Amazon EKS User Guide
+	// in the Amazon EKS User Guide.
 	//
 	// RoleArn is a required field
 	RoleArn *string `locationName:"roleArn" type:"string" required:"true"`
@@ -869,7 +882,7 @@ func (s *ListClustersInput) SetNextToken(v string) *ListClustersInput {
 type ListClustersOutput struct {
 	_ struct{} `type:"structure"`
 
-	// A list of all of the clusters for your account in the specified region.
+	// A list of all of the clusters for your account in the specified Region.
 	Clusters []*string `locationName:"clusters" type:"list"`
 
 	// The nextToken value to include in a future ListClusters request. When the

vendor/github.com/aws/aws-sdk-go/service/eks/doc.go

@@ -9,21 +9,7 @@
 // an open-source system for automating the deployment, scaling, and management
 // of containerized applications.
 //
-// Amazon EKS runs three Kubernetes control plane instances across three Availability
+// Amazon EKS runs up-to-date versions of the open-source Kubernetes software,
-// Zones to ensure high availability. Amazon EKS automatically detects and replaces
-// unhealthy control plane instances, and it provides automated version upgrades
-// and patching for them.
-//
-// Amazon EKS is also integrated with many AWS services to provide scalability
-// and security for your applications, including the following:
-//
-//    * Elastic Load Balancing for load distribution
-//
-//    * IAM for authentication
-//
-//    * Amazon VPC for isolation
-//
-// Amazon EKS runs up to date versions of the open-source Kubernetes software,
 // so you can use all the existing plugins and tooling from the Kubernetes community.
 // Applications running on Amazon EKS are fully compatible with applications
 // running on any standard Kubernetes environment, whether running in on-premises

vendor/github.com/aws/aws-sdk-go/service/eks/errors.go

@@ -35,7 +35,7 @@ const (
 	// "ResourceNotFoundException".
 	//
 	// The specified resource could not be found. You can view your available clusters
-	// with ListClusters. Amazon EKS clusters are region-specific.
+	// with ListClusters. Amazon EKS clusters are Region-specific.
 	ErrCodeResourceNotFoundException = "ResourceNotFoundException"
 
 	// ErrCodeServerException for service response error code
@@ -47,14 +47,14 @@ const (
 	// ErrCodeServiceUnavailableException for service response error code
 	// "ServiceUnavailableException".
 	//
-	// The service is unavailable, back off and retry the operation.
+	// The service is unavailable. Back off and retry the operation.
 	ErrCodeServiceUnavailableException = "ServiceUnavailableException"
 
 	// ErrCodeUnsupportedAvailabilityZoneException for service response error code
 	// "UnsupportedAvailabilityZoneException".
 	//
 	// At least one of your specified cluster subnets is in an Availability Zone
-	// that does not support Amazon EKS. The exception output will specify the supported
+	// that does not support Amazon EKS. The exception output specifies the supported
 	// Availability Zones for your account, from which you can choose subnets for
 	// your cluster.
 	ErrCodeUnsupportedAvailabilityZoneException = "UnsupportedAvailabilityZoneException"

vendor/github.com/aws/aws-sdk-go/service/elasticache/errors.go

@@ -186,6 +186,12 @@ const (
 	// The VPC network is in an invalid state.
 	ErrCodeInvalidVPCNetworkStateFault = "InvalidVPCNetworkStateFault"
 
+	// ErrCodeNoOperationFault for service response error code
+	// "NoOperationFault".
+	//
+	// The operation was not performed because no changes were required.
+	ErrCodeNoOperationFault = "NoOperationFault"
+
 	// ErrCodeNodeGroupNotFoundFault for service response error code
 	// "NodeGroupNotFoundFault".
 	//
@@ -253,6 +259,12 @@ const (
 	// The requested cache node offering does not exist.
 	ErrCodeReservedCacheNodesOfferingNotFoundFault = "ReservedCacheNodesOfferingNotFound"
 
+	// ErrCodeServiceLinkedRoleNotFoundFault for service response error code
+	// "ServiceLinkedRoleNotFoundFault".
+	//
+	// The specified service linked role (SLR) was not found.
+	ErrCodeServiceLinkedRoleNotFoundFault = "ServiceLinkedRoleNotFoundFault"
+
 	// ErrCodeSnapshotAlreadyExistsFault for service response error code
 	// "SnapshotAlreadyExistsFault".
 	//
@@ -308,5 +320,7 @@ const (
 
 	// ErrCodeTestFailoverNotAvailableFault for service response error code
 	// "TestFailoverNotAvailableFault".
+	//
+	// The TestFailover action is not available.
 	ErrCodeTestFailoverNotAvailableFault = "TestFailoverNotAvailableFault"
 )

vendor/github.com/aws/aws-sdk-go/service/elasticbeanstalk/api.go

@@ -586,6 +586,9 @@ func (c *ElasticBeanstalk) CreateConfigurationTemplateRequest(input *CreateConfi
 // application and are used to deploy different versions of the application
 // with the same configuration settings.
 //
+// Templates aren't associated with any environment. The EnvironmentName response
+// element is always null.
+//
 // Related Topics
 //
 //    * DescribeConfigurationOptions
@@ -4553,10 +4556,14 @@ func (s *Builder) SetARN(v string) *Builder {
 type CPUUtilization struct {
 	_ struct{} `type:"structure"`
 
+	// Available on Linux environments only.
+	//
 	// Percentage of time that the CPU has spent in the I/O Wait state over the
 	// last 10 seconds.
 	IOWait *float64 `type:"double"`
 
+	// Available on Linux environments only.
+	//
 	// Percentage of time that the CPU has spent in the IRQ state over the last
 	// 10 seconds.
 	IRQ *float64 `type:"double"`
@@ -4565,14 +4572,26 @@ type CPUUtilization struct {
 	// 10 seconds.
 	Idle *float64 `type:"double"`
 
+	// Available on Linux environments only.
+	//
 	// Percentage of time that the CPU has spent in the Nice state over the last
 	// 10 seconds.
 	Nice *float64 `type:"double"`
 
+	// Available on Windows environments only.
+	//
+	// Percentage of time that the CPU has spent in the Privileged state over the
+	// last 10 seconds.
+	Privileged *float64 `type:"double"`
+
+	// Available on Linux environments only.
+	//
 	// Percentage of time that the CPU has spent in the SoftIRQ state over the last
 	// 10 seconds.
 	SoftIRQ *float64 `type:"double"`
 
+	// Available on Linux environments only.
+	//
 	// Percentage of time that the CPU has spent in the System state over the last
 	// 10 seconds.
 	System *float64 `type:"double"`
@@ -4616,6 +4635,12 @@ func (s *CPUUtilization) SetNice(v float64) *CPUUtilization {
 	return s
 }
 
+// SetPrivileged sets the Privileged field's value.
+func (s *CPUUtilization) SetPrivileged(v float64) *CPUUtilization {
+	s.Privileged = &v
+	return s
+}
+
 // SetSoftIRQ sets the SoftIRQ field's value.
 func (s *CPUUtilization) SetSoftIRQ(v float64) *CPUUtilization {
 	s.SoftIRQ = &v
@@ -7548,6 +7573,10 @@ type DescribeInstancesHealthOutput struct {
 	_ struct{} `type:"structure"`
 
 	// Detailed health information about each instance.
+	//
+	// The output differs slightly between Linux and Windows environments. There
+	// is a difference in the members that are supported under the <CPUUtilization>
+	// type.
 	InstanceHealthList []*SingleInstanceHealth `type:"list"`
 
 	// Pagination token for the next page of results, if available.

vendor/github.com/aws/aws-sdk-go/service/elastictranscoder/api.go

@@ -1471,6 +1471,8 @@ const opTestRole = "TestRole"
 //    if err == nil { // resp is now filled
 //        fmt.Println(resp)
 //    }
+//
+// Deprecated: TestRole has been deprecated
 func (c *ElasticTranscoder) TestRoleRequest(input *TestRoleInput) (req *request.Request, output *TestRoleOutput) {
 	if c.Client.Config.Logger != nil {
 		c.Client.Config.Logger.Log("This operation, TestRole, has been deprecated")
@@ -1525,6 +1527,8 @@ func (c *ElasticTranscoder) TestRoleRequest(input *TestRoleInput) (req *request.
 //   Elastic Transcoder encountered an unexpected exception while trying to fulfill
 //   the request.
 //
+//
+// Deprecated: TestRole has been deprecated
 func (c *ElasticTranscoder) TestRole(input *TestRoleInput) (*TestRoleOutput, error) {
 	req, out := c.TestRoleRequest(input)
 	return out, req.Send()
@@ -1539,6 +1543,8 @@ func (c *ElasticTranscoder) TestRole(input *TestRoleInput) (*TestRoleOutput, err
 // the context is nil a panic will occur. In the future the SDK may create
 // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 // for more information on using Contexts.
+//
+// Deprecated: TestRoleWithContext has been deprecated
 func (c *ElasticTranscoder) TestRoleWithContext(ctx aws.Context, input *TestRoleInput, opts ...request.Option) (*TestRoleOutput, error) {
 	req, out := c.TestRoleRequest(input)
 	req.SetContext(ctx)
@@ -2539,6 +2545,8 @@ type Captions struct {
 
 	// Source files for the input sidecar captions used during the transcoding process.
 	// To omit all sidecar captions, leave CaptionSources blank.
+	//
+	// Deprecated: CaptionSources has been deprecated
 	CaptionSources []*CaptionSource `deprecated:"true" type:"list"`
 
 	// A policy that determines how Elastic Transcoder handles the existence of
@@ -2560,6 +2568,8 @@ type Captions struct {
 	//    you specify in CaptionSources.
 	//
 	// MergePolicy cannot be null.
+	//
+	// Deprecated: MergePolicy has been deprecated
 	MergePolicy *string `deprecated:"true" type:"string"`
 }
 
@@ -2613,6 +2623,8 @@ func (s *Captions) SetMergePolicy(v string) *Captions {
 
 // Settings for one clip in a composition. All jobs in a playlist must have
 // the same clip settings.
+//
+// Deprecated: Clip has been deprecated
 type Clip struct {
 	_ struct{} `deprecated:"true" type:"structure"`
 
@@ -2858,6 +2870,8 @@ type CreateJobOutput struct {
 	// of the file. The Composition object contains settings for the clips that
 	// make up an output file. For the current release, you can only specify settings
 	// for a single clip per output file. The Composition object cannot be null.
+	//
+	// Deprecated: Composition has been deprecated
 	Composition []*Clip `deprecated:"true" type:"list"`
 
 	// You can specify encryption settings for any output files that you want to
@@ -3211,11 +3225,11 @@ type CreatePipelineInput struct {
 	// The AWS Key Management Service (AWS KMS) key that you want to use with this
 	// pipeline.
 	//
-	// If you use either S3 or S3-AWS-KMS as your Encryption:Mode, you don't need
+	// If you use either s3 or s3-aws-kms as your Encryption:Mode, you don't need
 	// to provide a key with your job because a default key, known as an AWS-KMS
 	// key, is created for you automatically. You need to provide an AWS-KMS key
 	// only if you want to use a non-default AWS-KMS key, or if you are using an
-	// Encryption:Mode of AES-PKCS7, AES-CTR, or AES-GCM.
+	// Encryption:Mode of aes-cbc-pkcs7, aes-ctr, or aes-gcm.
 	AwsKmsKeyArn *string `type:"string"`
 
 	// The optional ContentConfig object specifies information about the Amazon
@@ -3311,7 +3325,7 @@ type CreatePipelineInput struct {
 	//    SNS returned when you created the topic. For more information, see Create
 	//    a Topic in the Amazon Simple Notification Service Developer Guide.
 	//
-	//    * Completed: The topic ARN for the Amazon SNS topic that you want to notify
+	//    * Complete: The topic ARN for the Amazon SNS topic that you want to notify
 	//    when Elastic Transcoder has finished processing a job in this pipeline.
 	//    This is the ARN that Amazon SNS returned when you created the topic.
 	//
@@ -3893,20 +3907,20 @@ type Encryption struct {
 	// to use when decrypting your input files or encrypting your output files.
 	// Elastic Transcoder supports the following options:
 	//
-	//    * S3: Amazon S3 creates and manages the keys used for encrypting your
+	//    * s3: Amazon S3 creates and manages the keys used for encrypting your
 	//    files.
 	//
-	//    * S3-AWS-KMS: Amazon S3 calls the Amazon Key Management Service, which
+	//    * s3-aws-kms: Amazon S3 calls the Amazon Key Management Service, which
 	//    creates and manages the keys that are used for encrypting your files.
-	//    If you specify S3-AWS-KMS and you don't want to use the default key, you
+	//    If you specify s3-aws-kms and you don't want to use the default key, you
 	//    must add the AWS-KMS key that you want to use to your pipeline.
 	//
-	//    * AES-CBC-PKCS7: A padded cipher-block mode of operation originally used
+	//    * aes-cbc-pkcs7: A padded cipher-block mode of operation originally used
 	//    for HLS files.
 	//
-	//    * AES-CTR: AES Counter Mode.
+	//    * aes-ctr: AES Counter Mode.
 	//
-	//    * AES-GCM: AES Galois Counter Mode, a mode of operation that is an authenticated
+	//    * aes-gcm: AES Galois Counter Mode, a mode of operation that is an authenticated
 	//    encryption format, meaning that a file, key, or initialization vector
 	//    that has been tampered with fails the decryption process.
 	//
@@ -4631,6 +4645,8 @@ type JobOutput struct {
 	// of the file. The Composition object contains settings for the clips that
 	// make up an output file. For the current release, you can only specify settings
 	// for a single clip per output file. The Composition object cannot be null.
+	//
+	// Deprecated: Composition has been deprecated
 	Composition []*Clip `deprecated:"true" type:"list"`
 
 	// Duration of the output file, in seconds.
@@ -5471,11 +5487,11 @@ type Pipeline struct {
 	// The AWS Key Management Service (AWS KMS) key that you want to use with this
 	// pipeline.
 	//
-	// If you use either S3 or S3-AWS-KMS as your Encryption:Mode, you don't need
+	// If you use either s3 or s3-aws-kms as your Encryption:Mode, you don't need
 	// to provide a key with your job because a default key, known as an AWS-KMS
 	// key, is created for you automatically. You need to provide an AWS-KMS key
 	// only if you want to use a non-default AWS-KMS key, or if you are using an
-	// Encryption:Mode of AES-PKCS7, AES-CTR, or AES-GCM.
+	// Encryption:Mode of aes-cbc-pkcs7, aes-ctr, or aes-gcm.
 	AwsKmsKeyArn *string `type:"string"`
 
 	// Information about the Amazon S3 bucket in which you want Elastic Transcoder
@@ -5547,7 +5563,7 @@ type Pipeline struct {
 	//    SNS) topic that you want to notify when Elastic Transcoder has started
 	//    to process the job.
 	//
-	//    * Completed (optional): The Amazon SNS topic that you want to notify when
+	//    * Complete (optional): The Amazon SNS topic that you want to notify when
 	//    Elastic Transcoder has finished processing the job.
 	//
 	//    * Warning (optional): The Amazon SNS topic that you want to notify when
@@ -5793,7 +5809,7 @@ func (s *PipelineOutputConfig) SetStorageClass(v string) *PipelineOutputConfig {
 // The PlayReady DRM settings, if any, that you want Elastic Transcoder to apply
 // to the output files associated with this playlist.
 //
-// PlayReady DRM encrypts your media files using AES-CTR encryption.
+// PlayReady DRM encrypts your media files using aes-ctr encryption.
 //
 // If you use DRM for an HLSv3 playlist, your outputs must have a master playlist.
 type PlayReadyDrm struct {
@@ -6589,6 +6605,8 @@ func (s *ReadPresetOutput) SetPreset(v *Preset) *ReadPresetOutput {
 }
 
 // The TestRoleRequest structure.
+//
+// Deprecated: TestRoleInput has been deprecated
 type TestRoleInput struct {
 	_ struct{} `deprecated:"true" type:"structure"`
 
@@ -6674,6 +6692,8 @@ func (s *TestRoleInput) SetTopics(v []*string) *TestRoleInput {
 }
 
 // The TestRoleResponse structure.
+//
+// Deprecated: TestRoleOutput has been deprecated
 type TestRoleOutput struct {
 	_ struct{} `deprecated:"true" type:"structure"`
 
@@ -6942,11 +6962,11 @@ type UpdatePipelineInput struct {
 	// The AWS Key Management Service (AWS KMS) key that you want to use with this
 	// pipeline.
 	//
-	// If you use either S3 or S3-AWS-KMS as your Encryption:Mode, you don't need
+	// If you use either s3 or s3-aws-kms as your Encryption:Mode, you don't need
 	// to provide a key with your job because a default key, known as an AWS-KMS
 	// key, is created for you automatically. You need to provide an AWS-KMS key
 	// only if you want to use a non-default AWS-KMS key, or if you are using an
-	// Encryption:Mode of AES-PKCS7, AES-CTR, or AES-GCM.
+	// Encryption:Mode of aes-cbc-pkcs7, aes-ctr, or aes-gcm.
 	AwsKmsKeyArn *string `type:"string"`
 
 	// The optional ContentConfig object specifies information about the Amazon
@@ -7042,7 +7062,7 @@ type UpdatePipelineInput struct {
 	//    started to process jobs that are added to this pipeline. This is the ARN
 	//    that Amazon SNS returned when you created the topic.
 	//
-	//    * Completed: The topic ARN for the Amazon SNS topic that you want to notify
+	//    * Complete: The topic ARN for the Amazon SNS topic that you want to notify
 	//    when Elastic Transcoder has finished processing a job. This is the ARN
 	//    that Amazon SNS returned when you created the topic.
 	//
@@ -7225,7 +7245,7 @@ type UpdatePipelineNotificationsInput struct {
 	//    started to process jobs that are added to this pipeline. This is the ARN
 	//    that Amazon SNS returned when you created the topic.
 	//
-	//    * Completed: The topic ARN for the Amazon SNS topic that you want to notify
+	//    * Complete: The topic ARN for the Amazon SNS topic that you want to notify
 	//    when Elastic Transcoder has finished processing a job. This is the ARN
 	//    that Amazon SNS returned when you created the topic.
 	//

vendor/github.com/aws/aws-sdk-go/service/elb/api.go

@@ -62,7 +62,7 @@ func (c *ELB) AddTagsRequest(input *AddTagsInput) (req *request.Request, output
 // key is already associated with the load balancer, AddTags updates its value.
 //
 // For more information, see Tag Your Classic Load Balancer (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/add-remove-tags.html)
-// in the Classic Load Balancer Guide.
+// in the Classic Load Balancers Guide.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -153,7 +153,7 @@ func (c *ELB) ApplySecurityGroupsToLoadBalancerRequest(input *ApplySecurityGroup
 // associated security groups.
 //
 // For more information, see Security Groups for Load Balancers in a VPC (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-security-groups.html#elb-vpc-security-groups)
-// in the Classic Load Balancer Guide.
+// in the Classic Load Balancers Guide.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -244,7 +244,7 @@ func (c *ELB) AttachLoadBalancerToSubnetsRequest(input *AttachLoadBalancerToSubn
 // The load balancer evenly distributes requests across all registered subnets.
 // For more information, see Add or Remove Subnets for Your Load Balancer in
 // a VPC (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-manage-subnets.html)
-// in the Classic Load Balancer Guide.
+// in the Classic Load Balancers Guide.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -337,7 +337,7 @@ func (c *ELB) ConfigureHealthCheckRequest(input *ConfigureHealthCheckInput) (req
 //
 // For more information, see Configure Health Checks for Your Load Balancer
 // (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-healthchecks.html)
-// in the Classic Load Balancer Guide.
+// in the Classic Load Balancers Guide.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -430,7 +430,7 @@ func (c *ELB) CreateAppCookieStickinessPolicyRequest(input *CreateAppCookieStick
 // being sticky until a new application cookie is issued.
 //
 // For more information, see Application-Controlled Session Stickiness (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-sticky-sessions.html#enable-sticky-sessions-application)
-// in the Classic Load Balancer Guide.
+// in the Classic Load Balancers Guide.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -534,7 +534,7 @@ func (c *ELB) CreateLBCookieStickinessPolicyRequest(input *CreateLBCookieStickin
 // cookie expiration time, which is specified in the policy configuration.
 //
 // For more information, see Duration-Based Session Stickiness (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-sticky-sessions.html#enable-sticky-sessions-duration)
-// in the Classic Load Balancer Guide.
+// in the Classic Load Balancers Guide.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -634,7 +634,7 @@ func (c *ELB) CreateLoadBalancerRequest(input *CreateLoadBalancerInput) (req *re
 // You can create up to 20 load balancers per region per account. You can request
 // an increase for the number of load balancers for your account. For more information,
 // see Limits for Your Classic Load Balancer (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-limits.html)
-// in the Classic Load Balancer Guide.
+// in the Classic Load Balancers Guide.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -757,7 +757,7 @@ func (c *ELB) CreateLoadBalancerListenersRequest(input *CreateLoadBalancerListen
 // listener.
 //
 // For more information, see Listeners for Your Classic Load Balancer (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-listener-config.html)
-// in the Classic Load Balancer Guide.
+// in the Classic Load Balancers Guide.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -1200,7 +1200,7 @@ func (c *ELB) DeregisterInstancesFromLoadBalancerRequest(input *DeregisterInstan
 // from the load balancer.
 //
 // For more information, see Register or De-Register EC2 Instances (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-deregister-register-instances.html)
-// in the Classic Load Balancer Guide.
+// in the Classic Load Balancers Guide.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -1286,7 +1286,7 @@ func (c *ELB) DescribeAccountLimitsRequest(input *DescribeAccountLimitsInput) (r
 // account.
 //
 // For more information, see Limits for Your Classic Load Balancer (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-limits.html)
-// in the Classic Load Balancer Guide.
+// in the Classic Load Balancers Guide.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -1729,6 +1729,8 @@ func (c *ELB) DescribeLoadBalancersRequest(input *DescribeLoadBalancersInput) (r
 //   The specified load balancer does not exist.
 //
 //   * ErrCodeDependencyThrottleException "DependencyThrottle"
+//   A request made by Elastic Load Balancing to another service exceeds the maximum
+//   request rate permitted for your account.
 //
 // See also, https://docs.aws.amazon.com/goto/WebAPI/elasticloadbalancing-2012-06-01/DescribeLoadBalancers
 func (c *ELB) DescribeLoadBalancers(input *DescribeLoadBalancersInput) (*DescribeLoadBalancersOutput, error) {
@@ -2013,7 +2015,9 @@ func (c *ELB) DisableAvailabilityZonesForLoadBalancerRequest(input *DisableAvail
 // DisableAvailabilityZonesForLoadBalancer API operation for Elastic Load Balancing.
 //
 // Removes the specified Availability Zones from the set of Availability Zones
-// for the specified load balancer.
+// for the specified load balancer in EC2-Classic or a default VPC.
+//
+// For load balancers in a non-default VPC, use DetachLoadBalancerFromSubnets.
 //
 // There must be at least one Availability Zone registered with a load balancer
 // at all times. After an Availability Zone is removed, all instances registered
@@ -2022,7 +2026,7 @@ func (c *ELB) DisableAvailabilityZonesForLoadBalancerRequest(input *DisableAvail
 // the traffic among its remaining Availability Zones.
 //
 // For more information, see Add or Remove Availability Zones (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-disable-az.html)
-// in the Classic Load Balancer Guide.
+// in the Classic Load Balancers Guide.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -2105,13 +2109,14 @@ func (c *ELB) EnableAvailabilityZonesForLoadBalancerRequest(input *EnableAvailab
 // EnableAvailabilityZonesForLoadBalancer API operation for Elastic Load Balancing.
 //
 // Adds the specified Availability Zones to the set of Availability Zones for
-// the specified load balancer.
+// the specified load balancer in EC2-Classic or a default VPC.
+//
+// For load balancers in a non-default VPC, use AttachLoadBalancerToSubnets.
 //
 // The load balancer evenly distributes requests across all its registered Availability
-// Zones that contain instances.
+// Zones that contain instances. For more information, see Add or Remove Availability
-//
+// Zones (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-disable-az.html)
-// For more information, see Add or Remove Availability Zones (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-disable-az.html)
+// in the Classic Load Balancers Guide.
-// in the Classic Load Balancer Guide.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -2197,7 +2202,7 @@ func (c *ELB) ModifyLoadBalancerAttributesRequest(input *ModifyLoadBalancerAttri
 // can modify the load balancer attribute ConnectionSettings by specifying an
 // idle connection timeout value for your load balancer.
 //
-// For more information, see the following in the Classic Load Balancer Guide:
+// For more information, see the following in the Classic Load Balancers Guide:
 //
 //    * Cross-Zone Load Balancing (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-disable-crosszone-lb.html)
 //
@@ -2312,7 +2317,7 @@ func (c *ELB) RegisterInstancesWithLoadBalancerRequest(input *RegisterInstancesW
 // To deregister instances from a load balancer, use DeregisterInstancesFromLoadBalancer.
 //
 // For more information, see Register or De-Register EC2 Instances (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-deregister-register-instances.html)
-// in the Classic Load Balancer Guide.
+// in the Classic Load Balancers Guide.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -2479,7 +2484,7 @@ func (c *ELB) SetLoadBalancerListenerSSLCertificateRequest(input *SetLoadBalance
 //
 // For more information about updating your SSL certificate, see Replace the
 // SSL Certificate for Your Load Balancer (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-update-ssl-cert.html)
-// in the Classic Load Balancer Guide.
+// in the Classic Load Balancers Guide.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -2586,9 +2591,9 @@ func (c *ELB) SetLoadBalancerPoliciesForBackendServerRequest(input *SetLoadBalan
 //
 // For more information about enabling back-end instance authentication, see
 // Configure Back-end Instance Authentication (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-create-https-ssl-load-balancer.html#configure_backendauth_clt)
-// in the Classic Load Balancer Guide. For more information about Proxy Protocol,
+// in the Classic Load Balancers Guide. For more information about Proxy Protocol,
 // see Configure Proxy Protocol Support (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-proxy-protocol.html)
-// in the Classic Load Balancer Guide.
+// in the Classic Load Balancers Guide.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -2682,7 +2687,7 @@ func (c *ELB) SetLoadBalancerPoliciesOfListenerRequest(input *SetLoadBalancerPol
 // Configuration (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/ssl-config-update.html),
 // Duration-Based Session Stickiness (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-sticky-sessions.html#enable-sticky-sessions-duration),
 // and Application-Controlled Session Stickiness (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-sticky-sessions.html#enable-sticky-sessions-application)
-// in the Classic Load Balancer Guide.
+// in the Classic Load Balancers Guide.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -3489,7 +3494,7 @@ type CreateLoadBalancerInput struct {
 	// The listeners.
 	//
 	// For more information, see Listeners for Your Classic Load Balancer (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-listener-config.html)
-	// in the Classic Load Balancer Guide.
+	// in the Classic Load Balancers Guide.
 	//
 	// Listeners is a required field
 	Listeners []*Listener `type:"list" required:"true"`
@@ -3526,7 +3531,7 @@ type CreateLoadBalancerInput struct {
 	//
 	// For more information about tagging your load balancer, see Tag Your Classic
 	// Load Balancer (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/add-remove-tags.html)
-	// in the Classic Load Balancer Guide.
+	// in the Classic Load Balancers Guide.
 	Tags []*Tag `min:"1" type:"list"`
 }
 
@@ -5115,6 +5120,8 @@ type Limit struct {
 	//    * classic-listeners
 	//
 	//    * classic-load-balancers
+	//
+	//    * classic-registered-instances
 	Name *string `type:"string"`
 }
 
@@ -5144,7 +5151,7 @@ func (s *Limit) SetName(v string) *Limit {
 //
 // For information about the protocols and the ports supported by Elastic Load
 // Balancing, see Listeners for Your Classic Load Balancer (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-listener-config.html)
-// in the Classic Load Balancer Guide.
+// in the Classic Load Balancers Guide.
 type Listener struct {
 	_ struct{} `type:"structure"`
 
@@ -5286,7 +5293,7 @@ type LoadBalancerAttributes struct {
 	// and delivers the information to the Amazon S3 bucket that you specify.
 	//
 	// For more information, see Enable Access Logs (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-access-logs.html)
-	// in the Classic Load Balancer Guide.
+	// in the Classic Load Balancers Guide.
 	AccessLog *AccessLog `type:"structure"`
 
 	// This parameter is reserved.
@@ -5296,7 +5303,7 @@ type LoadBalancerAttributes struct {
 	// the load balancer shifts traffic away from a deregistered or unhealthy instance.
 	//
 	// For more information, see Configure Connection Draining (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-conn-drain.html)
-	// in the Classic Load Balancer Guide.
+	// in the Classic Load Balancers Guide.
 	ConnectionDraining *ConnectionDraining `type:"structure"`
 
 	// If enabled, the load balancer allows the connections to remain idle (no data
@@ -5305,14 +5312,14 @@ type LoadBalancerAttributes struct {
 	// By default, Elastic Load Balancing maintains a 60-second idle connection
 	// timeout for both front-end and back-end connections of your load balancer.
 	// For more information, see Configure Idle Connection Timeout (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-idle-timeout.html)
-	// in the Classic Load Balancer Guide.
+	// in the Classic Load Balancers Guide.
 	ConnectionSettings *ConnectionSettings `type:"structure"`
 
 	// If enabled, the load balancer routes the request traffic evenly across all
 	// instances regardless of the Availability Zones.
 	//
 	// For more information, see Configure Cross-Zone Load Balancing (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-disable-crosszone-lb.html)
-	// in the Classic Load Balancer Guide.
+	// in the Classic Load Balancers Guide.
 	CrossZoneLoadBalancing *CrossZoneLoadBalancing `type:"structure"`
 }
 
@@ -5399,7 +5406,7 @@ type LoadBalancerDescription struct {
 	// The DNS name of the load balancer.
 	//
 	// For more information, see Configure a Custom Domain Name (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/using-domain-names-with-elb.html)
-	// in the Classic Load Balancer Guide.
+	// in the Classic Load Balancers Guide.
 	CanonicalHostedZoneName *string `type:"string"`
 
 	// The ID of the Amazon Route 53 hosted zone for the load balancer.

vendor/github.com/aws/aws-sdk-go/service/elb/errors.go

@@ -21,6 +21,9 @@ const (
 
 	// ErrCodeDependencyThrottleException for service response error code
 	// "DependencyThrottle".
+	//
+	// A request made by Elastic Load Balancing to another service exceeds the maximum
+	// request rate permitted for your account.
 	ErrCodeDependencyThrottleException = "DependencyThrottle"
 
 	// ErrCodeDuplicateAccessPointNameException for service response error code

vendor/github.com/aws/aws-sdk-go/service/elbv2/api.go

@@ -748,7 +748,7 @@ func (c *ELBV2) DeleteListenerRequest(input *DeleteListenerInput) (req *request.
 // Deletes the specified listener.
 //
 // Alternatively, your listener is deleted when you delete the load balancer
-// it is attached to using DeleteLoadBalancer.
+// to which it is attached, using DeleteLoadBalancer.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -3046,7 +3046,7 @@ func (c *ELBV2) SetIpAddressTypeRequest(input *SetIpAddressTypeInput) (req *requ
 // Sets the type of IP addresses used by the subnets of the specified Application
 // Load Balancer or Network Load Balancer.
 //
-// Note that Network Load Balancers must use ipv4.
+// Network Load Balancers must use ipv4.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -3224,7 +3224,7 @@ func (c *ELBV2) SetSecurityGroupsRequest(input *SetSecurityGroupsInput) (req *re
 // Balancer. The specified security groups override the previously associated
 // security groups.
 //
-// Note that you can't specify a security group for a Network Load Balancer.
+// You can't specify a security group for a Network Load Balancer.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -3313,7 +3313,7 @@ func (c *ELBV2) SetSubnetsRequest(input *SetSubnetsInput) (req *request.Request,
 // Application Load Balancer. The specified subnets replace the previously enabled
 // subnets.
 //
-// Note that you can't change the subnets for a Network Load Balancer.
+// You can't change the subnets for a Network Load Balancer.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -3375,19 +3375,25 @@ type Action struct {
 	// with OpenID Connect (OIDC). Specify only when Type is authenticate-oidc.
 	AuthenticateOidcConfig *AuthenticateOidcActionConfig `type:"structure"`
 
+	// [Application Load Balancer] Information for creating an action that returns
+	// a custom HTTP response. Specify only when Type is fixed-response.
+	FixedResponseConfig *FixedResponseActionConfig `type:"structure"`
+
 	// The order for the action. This value is required for rules with multiple
 	// actions. The action with the lowest value for order is performed first. The
-	// forward action must be performed last.
+	// final action to be performed must be a forward or a fixed-response action.
 	Order *int64 `min:"1" type:"integer"`
 
+	// [Application Load Balancer] Information for creating a redirect action. Specify
+	// only when Type is redirect.
+	RedirectConfig *RedirectActionConfig `type:"structure"`
+
 	// The Amazon Resource Name (ARN) of the target group. Specify only when Type
 	// is forward.
-	//
-	// For a default rule, the protocol of the target group must be HTTP or HTTPS
-	// for an Application Load Balancer or TCP for a Network Load Balancer.
 	TargetGroupArn *string `type:"string"`
 
-	// The type of action. Each rule must include one forward action.
+	// The type of action. Each rule must include exactly one of the following types
+	// of actions: forward, fixed-response, or redirect.
 	//
 	// Type is a required field
 	Type *string `type:"string" required:"true" enum:"ActionTypeEnum"`
@@ -3422,6 +3428,16 @@ func (s *Action) Validate() error {
 			invalidParams.AddNested("AuthenticateOidcConfig", err.(request.ErrInvalidParams))
 		}
 	}
+	if s.FixedResponseConfig != nil {
+		if err := s.FixedResponseConfig.Validate(); err != nil {
+			invalidParams.AddNested("FixedResponseConfig", err.(request.ErrInvalidParams))
+		}
+	}
+	if s.RedirectConfig != nil {
+		if err := s.RedirectConfig.Validate(); err != nil {
+			invalidParams.AddNested("RedirectConfig", err.(request.ErrInvalidParams))
+		}
+	}
 
 	if invalidParams.Len() > 0 {
 		return invalidParams
@@ -3441,12 +3457,24 @@ func (s *Action) SetAuthenticateOidcConfig(v *AuthenticateOidcActionConfig) *Act
 	return s
 }
 
+// SetFixedResponseConfig sets the FixedResponseConfig field's value.
+func (s *Action) SetFixedResponseConfig(v *FixedResponseActionConfig) *Action {
+	s.FixedResponseConfig = v
+	return s
+}
+
 // SetOrder sets the Order field's value.
 func (s *Action) SetOrder(v int64) *Action {
 	s.Order = &v
 	return s
 }
 
+// SetRedirectConfig sets the RedirectConfig field's value.
+func (s *Action) SetRedirectConfig(v *RedirectActionConfig) *Action {
+	s.RedirectConfig = v
+	return s
+}
+
 // SetTargetGroupArn sets the TargetGroupArn field's value.
 func (s *Action) SetTargetGroupArn(v string) *Action {
 	s.TargetGroupArn = &v
@@ -4024,21 +4052,28 @@ type CreateListenerInput struct {
 	_ struct{} `type:"structure"`
 
 	// [HTTPS listeners] The default SSL server certificate. You must provide exactly
-	// one certificate. To create a certificate list, use AddListenerCertificates.
+	// one default certificate. To create a certificate list, use AddListenerCertificates.
 	Certificates []*Certificate `type:"list"`
 
-	// The actions for the default rule. The rule must include one forward action.
+	// The actions for the default rule. The rule must include one forward action
+	// or one or more fixed-response actions.
 	//
 	// If the action type is forward, you can specify a single target group. The
 	// protocol of the target group must be HTTP or HTTPS for an Application Load
 	// Balancer or TCP for a Network Load Balancer.
 	//
-	// If the action type is authenticate-oidc, you can use an identity provider
+	// [HTTPS listener] If the action type is authenticate-oidc, you can use an
-	// that is OpenID Connect (OIDC) compliant to authenticate users as they access
+	// identity provider that is OpenID Connect (OIDC) compliant to authenticate
-	// your application.
+	// users as they access your application.
 	//
-	// If the action type is authenticate-cognito, you can use Amazon Cognito to
+	// [HTTPS listener] If the action type is authenticate-cognito, you can use
-	// authenticate users as they access your application.
+	// Amazon Cognito to authenticate users as they access your application.
+	//
+	// [Application Load Balancer] If the action type is redirect, you can redirect
+	// HTTP and HTTPS requests.
+	//
+	// [Application Load Balancer] If the action type is fixed-response, you can
+	// return a custom HTTP response.
 	//
 	// DefaultActions is a required field
 	DefaultActions []*Action `type:"list" required:"true"`
@@ -4190,7 +4225,7 @@ type CreateLoadBalancerInput struct {
 	// The nodes of an Internet-facing load balancer have public IP addresses. The
 	// DNS name of an Internet-facing load balancer is publicly resolvable to the
 	// public IP addresses of the nodes. Therefore, Internet-facing load balancers
-	// can route requests from clients over the Internet.
+	// can route requests from clients over the internet.
 	//
 	// The nodes of an internal load balancer have only private IP addresses. The
 	// DNS name of an internal load balancer is publicly resolvable to the private
@@ -4341,16 +4376,23 @@ func (s *CreateLoadBalancerOutput) SetLoadBalancers(v []*LoadBalancer) *CreateLo
 type CreateRuleInput struct {
 	_ struct{} `type:"structure"`
 
-	// The actions. Each rule must include one forward action.
+	// The actions. Each rule must include exactly one of the following types of
+	// actions: forward, fixed-response, or redirect.
 	//
 	// If the action type is forward, you can specify a single target group.
 	//
-	// If the action type is authenticate-oidc, you can use an identity provider
+	// [HTTPS listener] If the action type is authenticate-oidc, you can use an
-	// that is OpenID Connect (OIDC) compliant to authenticate users as they access
+	// identity provider that is OpenID Connect (OIDC) compliant to authenticate
-	// your application.
+	// users as they access your application.
 	//
-	// If the action type is authenticate-cognito, you can use Amazon Cognito to
+	// [HTTPS listener] If the action type is authenticate-cognito, you can use
-	// authenticate users as they access your application.
+	// Amazon Cognito to authenticate users as they access your application.
+	//
+	// [Application Load Balancer] If the action type is redirect, you can redirect
+	// HTTP and HTTPS requests.
+	//
+	// [Application Load Balancer] If the action type is fixed-response, you can
+	// return a custom HTTP response.
 	//
 	// Actions is a required field
 	Actions []*Action `type:"list" required:"true"`
@@ -4359,8 +4401,8 @@ type CreateRuleInput struct {
 	//
 	// If the field name is host-header, you can specify a single host name (for
 	// example, my.example.com). A host name is case insensitive, can be up to 128
-	// characters in length, and can contain any of the following characters. Note
+	// characters in length, and can contain any of the following characters. You
-	// that you can include up to three wildcard characters.
+	// can include up to three wildcard characters.
 	//
 	//    * A-Z, a-z, 0-9
 	//
@@ -4371,9 +4413,9 @@ type CreateRuleInput struct {
 	//    * ? (matches exactly 1 character)
 	//
 	// If the field name is path-pattern, you can specify a single path pattern.
-	// A path pattern is case sensitive, can be up to 128 characters in length,
+	// A path pattern is case-sensitive, can be up to 128 characters in length,
-	// and can contain any of the following characters. Note that you can include
+	// and can contain any of the following characters. You can include up to three
-	// up to three wildcard characters.
+	// wildcard characters.
 	//
 	//    * A-Z, a-z, 0-9
 	//
@@ -4495,9 +4537,9 @@ type CreateTargetGroupInput struct {
 	_ struct{} `type:"structure"`
 
 	// The approximate amount of time, in seconds, between health checks of an individual
-	// target. For Application Load Balancers, the range is 5 to 300 seconds. For
+	// target. For Application Load Balancers, the range is 5–300 seconds. For Network
-	// Network Load Balancers, the supported values are 10 or 30 seconds. The default
+	// Load Balancers, the supported values are 10 or 30 seconds. The default is
-	// is 30 seconds.
+	// 30 seconds.
 	HealthCheckIntervalSeconds *int64 `min:"5" type:"integer"`
 
 	// [HTTP/HTTPS health checks] The ping path that is the destination on the targets
@@ -4516,9 +4558,9 @@ type CreateTargetGroupInput struct {
 	HealthCheckProtocol *string `type:"string" enum:"ProtocolEnum"`
 
 	// The amount of time, in seconds, during which no response from a target means
-	// a failed health check. For Application Load Balancers, the range is 2 to
+	// a failed health check. For Application Load Balancers, the range is 2–60
-	// 60 seconds and the default is 5 seconds. For Network Load Balancers, this
+	// seconds and the default is 5 seconds. For Network Load Balancers, this is
-	// is 10 seconds for TCP and HTTPS health checks and 6 seconds for HTTP health
+	// 10 seconds for TCP and HTTPS health checks and 6 seconds for HTTP health
 	// checks.
 	HealthCheckTimeoutSeconds *int64 `min:"2" type:"integer"`
 
@@ -4556,8 +4598,8 @@ type CreateTargetGroupInput struct {
 	// The type of target that you must specify when registering targets with this
 	// target group. The possible values are instance (targets are specified by
 	// instance ID) or ip (targets are specified by IP address). The default is
-	// instance. Note that you can't specify targets for a target group using both
+	// instance. You can't specify targets for a target group using both instance
-	// instance IDs and IP addresses.
+	// IDs and IP addresses.
 	//
 	// If the target type is ip, specify IP addresses from the subnets of the virtual
 	// private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8,
@@ -5939,6 +5981,66 @@ func (s *DescribeTargetHealthOutput) SetTargetHealthDescriptions(v []*TargetHeal
 	return s
 }
 
+// Information about an action that returns a custom HTTP response.
+type FixedResponseActionConfig struct {
+	_ struct{} `type:"structure"`
+
+	// The content type.
+	//
+	// Valid Values: text/plain | text/css | text/html | application/javascript
+	// | application/json
+	ContentType *string `type:"string"`
+
+	// The message.
+	MessageBody *string `type:"string"`
+
+	// The HTTP response code (2XX, 4XX, or 5XX).
+	//
+	// StatusCode is a required field
+	StatusCode *string `type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s FixedResponseActionConfig) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s FixedResponseActionConfig) GoString() string {
+	return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *FixedResponseActionConfig) Validate() error {
+	invalidParams := request.ErrInvalidParams{Context: "FixedResponseActionConfig"}
+	if s.StatusCode == nil {
+		invalidParams.Add(request.NewErrParamRequired("StatusCode"))
+	}
+
+	if invalidParams.Len() > 0 {
+		return invalidParams
+	}
+	return nil
+}
+
+// SetContentType sets the ContentType field's value.
+func (s *FixedResponseActionConfig) SetContentType(v string) *FixedResponseActionConfig {
+	s.ContentType = &v
+	return s
+}
+
+// SetMessageBody sets the MessageBody field's value.
+func (s *FixedResponseActionConfig) SetMessageBody(v string) *FixedResponseActionConfig {
+	s.MessageBody = &v
+	return s
+}
+
+// SetStatusCode sets the StatusCode field's value.
+func (s *FixedResponseActionConfig) SetStatusCode(v string) *FixedResponseActionConfig {
+	s.StatusCode = &v
+	return s
+}
+
 // Information about an Elastic Load Balancing resource limit for your AWS account.
 type Limit struct {
 	_ struct{} `type:"structure"`
@@ -6100,7 +6202,7 @@ type LoadBalancer struct {
 	// The nodes of an Internet-facing load balancer have public IP addresses. The
 	// DNS name of an Internet-facing load balancer is publicly resolvable to the
 	// public IP addresses of the nodes. Therefore, Internet-facing load balancers
-	// can route requests from clients over the Internet.
+	// can route requests from clients over the internet.
 	//
 	// The nodes of an internal load balancer have only private IP addresses. The
 	// DNS name of an internal load balancer is publicly resolvable to the private
@@ -6256,7 +6358,7 @@ type LoadBalancerAttribute struct {
 	//    * access_logs.s3.bucket - The name of the S3 bucket for the access logs.
 	//    This attribute is required if access logs are enabled. The bucket must
 	//    exist in the same region as the load balancer and have a bucket policy
-	//    that grants Elastic Load Balancing permission to write to the bucket.
+	//    that grants Elastic Load Balancing permissions to write to the bucket.
 	//
 	//    * access_logs.s3.prefix - The prefix for the location in the S3 bucket
 	//    for the access logs.
@@ -6344,7 +6446,7 @@ type Matcher struct {
 	// and the default value is 200. You can specify multiple values (for example,
 	// "200,202") or a range of values (for example, "200-299").
 	//
-	// For Network Load Balancers, this is 200 to 399.
+	// For Network Load Balancers, this is 200–399.
 	//
 	// HttpCode is a required field
 	HttpCode *string `type:"string" required:"true"`
@@ -6383,21 +6485,28 @@ type ModifyListenerInput struct {
 	_ struct{} `type:"structure"`
 
 	// [HTTPS listeners] The default SSL server certificate. You must provide exactly
-	// one certificate. To create a certificate list, use AddListenerCertificates.
+	// one default certificate. To create a certificate list, use AddListenerCertificates.
 	Certificates []*Certificate `type:"list"`
 
-	// The actions for the default rule. The rule must include one forward action.
+	// The actions for the default rule. The rule must include one forward action
+	// or one or more fixed-response actions.
 	//
 	// If the action type is forward, you can specify a single target group. The
 	// protocol of the target group must be HTTP or HTTPS for an Application Load
 	// Balancer or TCP for a Network Load Balancer.
 	//
-	// If the action type is authenticate-oidc, you can use an identity provider
+	// [HTTPS listener] If the action type is authenticate-oidc, you can use an
-	// that is OpenID Connect (OIDC) compliant to authenticate users as they access
+	// identity provider that is OpenID Connect (OIDC) compliant to authenticate
-	// your application.
+	// users as they access your application.
 	//
-	// If the action type is authenticate-cognito, you can use Amazon Cognito to
+	// [HTTPS listener] If the action type is authenticate-cognito, you can use
-	// authenticate users as they access your application.
+	// Amazon Cognito to authenticate users as they access your application.
+	//
+	// [Application Load Balancer] If the action type is redirect, you can redirect
+	// HTTP and HTTPS requests.
+	//
+	// [Application Load Balancer] If the action type is fixed-response, you can
+	// return a custom HTTP response.
 	DefaultActions []*Action `type:"list"`
 
 	// The Amazon Resource Name (ARN) of the listener.
@@ -6608,8 +6717,8 @@ type ModifyRuleInput struct {
 	//
 	// If the field name is host-header, you can specify a single host name (for
 	// example, my.example.com). A host name is case insensitive, can be up to 128
-	// characters in length, and can contain any of the following characters. Note
+	// characters in length, and can contain any of the following characters. You
-	// that you can include up to three wildcard characters.
+	// can include up to three wildcard characters.
 	//
 	//    * A-Z, a-z, 0-9
 	//
@@ -6620,9 +6729,9 @@ type ModifyRuleInput struct {
 	//    * ? (matches exactly 1 character)
 	//
 	// If the field name is path-pattern, you can specify a single path pattern.
-	// A path pattern is case sensitive, can be up to 128 characters in length,
+	// A path pattern is case-sensitive, can be up to 128 characters in length,
-	// and can contain any of the following characters. Note that you can include
+	// and can contain any of the following characters. You can include up to three
-	// up to three wildcard characters.
+	// wildcard characters.
 	//
 	//    * A-Z, a-z, 0-9
 	//
@@ -6794,8 +6903,8 @@ type ModifyTargetGroupInput struct {
 	_ struct{} `type:"structure"`
 
 	// The approximate amount of time, in seconds, between health checks of an individual
-	// target. For Application Load Balancers, the range is 5 to 300 seconds. For
+	// target. For Application Load Balancers, the range is 5–300 seconds. For Network
-	// Network Load Balancers, the supported values are 10 or 30 seconds.
+	// Load Balancers, the supported values are 10 or 30 seconds.
 	HealthCheckIntervalSeconds *int64 `min:"5" type:"integer"`
 
 	// [HTTP/HTTPS health checks] The ping path that is the destination for the
@@ -6953,6 +7062,123 @@ func (s *ModifyTargetGroupOutput) SetTargetGroups(v []*TargetGroup) *ModifyTarge
 	return s
 }
 
+// Information about a redirect action.
+//
+// A URI consists of the following components: protocol://hostname:port/path?query.
+// You must modify at least one of the following components to avoid a redirect
+// loop: protocol, hostname, port, or path. Any components that you do not modify
+// retain their original values.
+//
+// You can reuse URI components using the following reserved keywords:
+//
+//    * #{protocol}
+//
+//    * #{host}
+//
+//    * #{port}
+//
+//    * #{path} (the leading "/" is removed)
+//
+//    * #{query}
+//
+// For example, you can change the path to "/new/#{path}", the hostname to "example.#{host}",
+// or the query to "#{query}&value=xyz".
+type RedirectActionConfig struct {
+	_ struct{} `type:"structure"`
+
+	// The hostname. This component is not percent-encoded. The hostname can contain
+	// #{host}.
+	Host *string `min:"1" type:"string"`
+
+	// The absolute path, starting with the leading "/". This component is not percent-encoded.
+	// The path can contain #{host}, #{path}, and #{port}.
+	Path *string `min:"1" type:"string"`
+
+	// The port. You can specify a value from 1 to 65535 or #{port}.
+	Port *string `type:"string"`
+
+	// The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect
+	// HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You cannot redirect HTTPS
+	// to HTTP.
+	Protocol *string `type:"string"`
+
+	// The query parameters, URL-encoded when necessary, but not percent-encoded.
+	// Do not include the leading "?", as it is automatically added. You can specify
+	// any of the reserved keywords.
+	Query *string `type:"string"`
+
+	// The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary
+	// (HTTP 302).
+	//
+	// StatusCode is a required field
+	StatusCode *string `type:"string" required:"true" enum:"RedirectActionStatusCodeEnum"`
+}
+
+// String returns the string representation
+func (s RedirectActionConfig) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s RedirectActionConfig) GoString() string {
+	return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *RedirectActionConfig) Validate() error {
+	invalidParams := request.ErrInvalidParams{Context: "RedirectActionConfig"}
+	if s.Host != nil && len(*s.Host) < 1 {
+		invalidParams.Add(request.NewErrParamMinLen("Host", 1))
+	}
+	if s.Path != nil && len(*s.Path) < 1 {
+		invalidParams.Add(request.NewErrParamMinLen("Path", 1))
+	}
+	if s.StatusCode == nil {
+		invalidParams.Add(request.NewErrParamRequired("StatusCode"))
+	}
+
+	if invalidParams.Len() > 0 {
+		return invalidParams
+	}
+	return nil
+}
+
+// SetHost sets the Host field's value.
+func (s *RedirectActionConfig) SetHost(v string) *RedirectActionConfig {
+	s.Host = &v
+	return s
+}
+
+// SetPath sets the Path field's value.
+func (s *RedirectActionConfig) SetPath(v string) *RedirectActionConfig {
+	s.Path = &v
+	return s
+}
+
+// SetPort sets the Port field's value.
+func (s *RedirectActionConfig) SetPort(v string) *RedirectActionConfig {
+	s.Port = &v
+	return s
+}
+
+// SetProtocol sets the Protocol field's value.
+func (s *RedirectActionConfig) SetProtocol(v string) *RedirectActionConfig {
+	s.Protocol = &v
+	return s
+}
+
+// SetQuery sets the Query field's value.
+func (s *RedirectActionConfig) SetQuery(v string) *RedirectActionConfig {
+	s.Query = &v
+	return s
+}
+
+// SetStatusCode sets the StatusCode field's value.
+func (s *RedirectActionConfig) SetStatusCode(v string) *RedirectActionConfig {
+	s.StatusCode = &v
+	return s
+}
+
 type RegisterTargetsInput struct {
 	_ struct{} `type:"structure"`
 
@@ -7232,8 +7458,8 @@ type RuleCondition struct {
 	//
 	// If the field name is host-header, you can specify a single host name (for
 	// example, my.example.com). A host name is case insensitive, can be up to 128
-	// characters in length, and can contain any of the following characters. Note
+	// characters in length, and can contain any of the following characters. You
-	// that you can include up to three wildcard characters.
+	// can include up to three wildcard characters.
 	//
 	//    * A-Z, a-z, 0-9
 	//
@@ -7244,9 +7470,9 @@ type RuleCondition struct {
 	//    * ? (matches exactly 1 character)
 	//
 	// If the field name is path-pattern, you can specify a single path pattern
-	// (for example, /img/*). A path pattern is case sensitive, can be up to 128
+	// (for example, /img/*). A path pattern is case-sensitive, can be up to 128
-	// characters in length, and can contain any of the following characters. Note
+	// characters in length, and can contain any of the following characters. You
-	// that you can include up to three wildcard characters.
+	// can include up to three wildcard characters.
 	//
 	//    * A-Z, a-z, 0-9
 	//
@@ -8226,6 +8452,12 @@ const (
 
 	// ActionTypeEnumAuthenticateCognito is a ActionTypeEnum enum value
 	ActionTypeEnumAuthenticateCognito = "authenticate-cognito"
+
+	// ActionTypeEnumRedirect is a ActionTypeEnum enum value
+	ActionTypeEnumRedirect = "redirect"
+
+	// ActionTypeEnumFixedResponse is a ActionTypeEnum enum value
+	ActionTypeEnumFixedResponse = "fixed-response"
 )
 
 const (
@@ -8299,6 +8531,14 @@ const (
 	ProtocolEnumTcp = "TCP"
 )
 
+const (
+	// RedirectActionStatusCodeEnumHttp301 is a RedirectActionStatusCodeEnum enum value
+	RedirectActionStatusCodeEnumHttp301 = "HTTP_301"
+
+	// RedirectActionStatusCodeEnumHttp302 is a RedirectActionStatusCodeEnum enum value
+	RedirectActionStatusCodeEnumHttp302 = "HTTP_302"
+)
+
 const (
 	// TargetHealthReasonEnumElbRegistrationInProgress is a TargetHealthReasonEnum enum value
 	TargetHealthReasonEnumElbRegistrationInProgress = "Elb.RegistrationInProgress"

vendor/github.com/aws/aws-sdk-go/service/emr/api.go

@@ -725,6 +725,8 @@ const opDescribeJobFlows = "DescribeJobFlows"
 //    }
 //
 // See also, https://docs.aws.amazon.com/goto/WebAPI/elasticmapreduce-2009-03-31/DescribeJobFlows
+//
+// Deprecated: DescribeJobFlows has been deprecated
 func (c *EMR) DescribeJobFlowsRequest(input *DescribeJobFlowsInput) (req *request.Request, output *DescribeJobFlowsOutput) {
 	if c.Client.Config.Logger != nil {
 		c.Client.Config.Logger.Log("This operation, DescribeJobFlows, has been deprecated")
@@ -780,6 +782,8 @@ func (c *EMR) DescribeJobFlowsRequest(input *DescribeJobFlowsInput) (req *reques
 //   request was not completed.
 //
 // See also, https://docs.aws.amazon.com/goto/WebAPI/elasticmapreduce-2009-03-31/DescribeJobFlows
+//
+// Deprecated: DescribeJobFlows has been deprecated
 func (c *EMR) DescribeJobFlows(input *DescribeJobFlowsInput) (*DescribeJobFlowsOutput, error) {
 	req, out := c.DescribeJobFlowsRequest(input)
 	return out, req.Send()
@@ -794,6 +798,8 @@ func (c *EMR) DescribeJobFlows(input *DescribeJobFlowsInput) (*DescribeJobFlowsO
 // the context is nil a panic will occur. In the future the SDK may create
 // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 // for more information on using Contexts.
+//
+// Deprecated: DescribeJobFlowsWithContext has been deprecated
 func (c *EMR) DescribeJobFlowsWithContext(ctx aws.Context, input *DescribeJobFlowsInput, opts ...request.Option) (*DescribeJobFlowsOutput, error) {
 	req, out := c.DescribeJobFlowsRequest(input)
 	req.SetContext(ctx)

vendor/github.com/aws/aws-sdk-go/service/firehose/api.go

@@ -1282,6 +1282,8 @@ type CreateDeliveryStreamInput struct {
 	RedshiftDestinationConfiguration *RedshiftDestinationConfiguration `type:"structure"`
 
 	// [Deprecated] The destination in Amazon S3. You can specify only one destination.
+	//
+	// Deprecated: S3DestinationConfiguration has been deprecated
 	S3DestinationConfiguration *S3DestinationConfiguration `deprecated:"true" type:"structure"`
 
 	// The destination in Splunk. You can specify only one destination.
@@ -5822,6 +5824,8 @@ type UpdateDestinationInput struct {
 	RedshiftDestinationUpdate *RedshiftDestinationUpdate `type:"structure"`
 
 	// [Deprecated] Describes an update for a destination in Amazon S3.
+	//
+	// Deprecated: S3DestinationUpdate has been deprecated
 	S3DestinationUpdate *S3DestinationUpdate `deprecated:"true" type:"structure"`
 
 	// Describes an update for a destination in Splunk.

vendor/github.com/aws/aws-sdk-go/service/fms/api.go

@@ -60,13 +60,13 @@ func (c *FMS) AssociateAdminAccountRequest(input *AssociateAdminAccountInput) (r
 // AssociateAdminAccount API operation for Firewall Management Service.
 //
 // Sets the AWS Firewall Manager administrator account. AWS Firewall Manager
-// must be associated with a master account in AWS Organizations or associated
+// must be associated with the master account your AWS organization or associated
 // with a member account that has the appropriate permissions. If the account
 // ID that you submit is not an AWS Organizations master account, AWS Firewall
 // Manager will set the appropriate permissions for the given member account.
 //
 // The account that you associate with AWS Firewall Manager is called the AWS
-// Firewall manager administrator account.
+// Firewall Manager administrator account.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -717,6 +717,9 @@ func (c *FMS) GetPolicyRequest(input *GetPolicyInput) (req *request.Request, out
 //   The operation failed because of a system problem, even though the request
 //   was valid. Retry your request.
 //
+//   * ErrCodeInvalidTypeException "InvalidTypeException"
+//   The value of the Type parameter is invalid.
+//
 // See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetPolicy
 func (c *FMS) GetPolicy(input *GetPolicyInput) (*GetPolicyOutput, error) {
 	req, out := c.GetPolicyRequest(input)
@@ -824,6 +827,93 @@ func (c *FMS) ListComplianceStatusWithContext(ctx aws.Context, input *ListCompli
 	return out, req.Send()
 }
 
+const opListMemberAccounts = "ListMemberAccounts"
+
+// ListMemberAccountsRequest generates a "aws/request.Request" representing the
+// client's request for the ListMemberAccounts operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfuly.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See ListMemberAccounts for more information on using the ListMemberAccounts
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+//    // Example sending a request using the ListMemberAccountsRequest method.
+//    req, resp := client.ListMemberAccountsRequest(params)
+//
+//    err := req.Send()
+//    if err == nil { // resp is now filled
+//        fmt.Println(resp)
+//    }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListMemberAccounts
+func (c *FMS) ListMemberAccountsRequest(input *ListMemberAccountsInput) (req *request.Request, output *ListMemberAccountsOutput) {
+	op := &request.Operation{
+		Name:       opListMemberAccounts,
+		HTTPMethod: "POST",
+		HTTPPath:   "/",
+	}
+
+	if input == nil {
+		input = &ListMemberAccountsInput{}
+	}
+
+	output = &ListMemberAccountsOutput{}
+	req = c.newRequest(op, input, output)
+	return
+}
+
+// ListMemberAccounts API operation for Firewall Management Service.
+//
+// Returns a MemberAccounts object that lists the member accounts in the administrator's
+// AWS organization.
+//
+// The ListMemberAccounts must be submitted by the account that is set as the
+// AWS Firewall Manager administrator.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for Firewall Management Service's
+// API operation ListMemberAccounts for usage and error information.
+//
+// Returned Error Codes:
+//   * ErrCodeResourceNotFoundException "ResourceNotFoundException"
+//   The specified resource was not found.
+//
+//   * ErrCodeInternalErrorException "InternalErrorException"
+//   The operation failed because of a system problem, even though the request
+//   was valid. Retry your request.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListMemberAccounts
+func (c *FMS) ListMemberAccounts(input *ListMemberAccountsInput) (*ListMemberAccountsOutput, error) {
+	req, out := c.ListMemberAccountsRequest(input)
+	return out, req.Send()
+}
+
+// ListMemberAccountsWithContext is the same as ListMemberAccounts with the addition of
+// the ability to pass a context and additional request options.
+//
+// See ListMemberAccounts for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *FMS) ListMemberAccountsWithContext(ctx aws.Context, input *ListMemberAccountsInput, opts ...request.Option) (*ListMemberAccountsOutput, error) {
+	req, out := c.ListMemberAccountsRequest(input)
+	req.SetContext(ctx)
+	req.ApplyOptions(opts...)
+	return out, req.Send()
+}
+
 const opListPolicies = "ListPolicies"
 
 // ListPoliciesRequest generates a "aws/request.Request" representing the
@@ -1074,10 +1164,19 @@ func (c *FMS) PutPolicyRequest(input *PutPolicyInput) (req *request.Request, out
 //   * ErrCodeInvalidInputException "InvalidInputException"
 //   The parameters of the request were invalid.
 //
+//   * ErrCodeLimitExceededException "LimitExceededException"
+//   The operation exceeds a resource limit, for example, the maximum number of
+//   policy objects that you can create for an AWS account. For more information,
+//   see Firewall Manager Limits (http://docs.aws.amazon.com/waf/latest/developerguide/fms-limits.html)
+//   in the AWS WAF Developer Guide.
+//
 //   * ErrCodeInternalErrorException "InternalErrorException"
 //   The operation failed because of a system problem, even though the request
 //   was valid. Retry your request.
 //
+//   * ErrCodeInvalidTypeException "InvalidTypeException"
+//   The value of the Type parameter is invalid.
+//
 // See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutPolicy
 func (c *FMS) PutPolicy(input *PutPolicyInput) (*PutPolicyOutput, error) {
 	req, out := c.PutPolicyRequest(input)
@@ -1379,6 +1478,9 @@ type GetAdminAccountOutput struct {
 
 	// The AWS account that is set as the AWS Firewall Manager administrator.
 	AdminAccount *string `min:"1" type:"string"`
+
+	// The status of the AWS account that you set as the AWS Firewall Manager administrator.
+	RoleStatus *string `type:"string" enum:"AccountRoleStatus"`
 }
 
 // String returns the string representation
@@ -1397,6 +1499,12 @@ func (s *GetAdminAccountOutput) SetAdminAccount(v string) *GetAdminAccountOutput
 	return s
 }
 
+// SetRoleStatus sets the RoleStatus field's value.
+func (s *GetAdminAccountOutput) SetRoleStatus(v string) *GetAdminAccountOutput {
+	s.RoleStatus = &v
+	return s
+}
+
 type GetComplianceDetailInput struct {
 	_ struct{} `type:"structure"`
 
@@ -1710,6 +1818,98 @@ func (s *ListComplianceStatusOutput) SetPolicyComplianceStatusList(v []*PolicyCo
 	return s
 }
 
+type ListMemberAccountsInput struct {
+	_ struct{} `type:"structure"`
+
+	// Specifies the number of member account IDs that you want AWS Firewall Manager
+	// to return for this request. If you have more IDs than the number that you
+	// specify for MaxResults, the response includes a NextToken value that you
+	// can use to get another batch of member account IDs. The maximum value for
+	// MaxResults is 100.
+	MaxResults *int64 `min:"1" type:"integer"`
+
+	// If you specify a value for MaxResults and you have more account IDs than
+	// the number that you specify for MaxResults, AWS Firewall Manager returns
+	// a NextToken value in the response that allows you to list another group of
+	// IDs. For the second and subsequent ListMemberAccountsRequest requests, specify
+	// the value of NextToken from the previous response to get information about
+	// another batch of member account IDs.
+	NextToken *string `min:"1" type:"string"`
+}
+
+// String returns the string representation
+func (s ListMemberAccountsInput) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListMemberAccountsInput) GoString() string {
+	return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *ListMemberAccountsInput) Validate() error {
+	invalidParams := request.ErrInvalidParams{Context: "ListMemberAccountsInput"}
+	if s.MaxResults != nil && *s.MaxResults < 1 {
+		invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
+	}
+	if s.NextToken != nil && len(*s.NextToken) < 1 {
+		invalidParams.Add(request.NewErrParamMinLen("NextToken", 1))
+	}
+
+	if invalidParams.Len() > 0 {
+		return invalidParams
+	}
+	return nil
+}
+
+// SetMaxResults sets the MaxResults field's value.
+func (s *ListMemberAccountsInput) SetMaxResults(v int64) *ListMemberAccountsInput {
+	s.MaxResults = &v
+	return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListMemberAccountsInput) SetNextToken(v string) *ListMemberAccountsInput {
+	s.NextToken = &v
+	return s
+}
+
+type ListMemberAccountsOutput struct {
+	_ struct{} `type:"structure"`
+
+	// An array of account IDs.
+	MemberAccounts []*string `type:"list"`
+
+	// If you have more member account IDs than the number that you specified for
+	// MaxResults in the request, the response includes a NextToken value. To list
+	// more IDs, submit another ListMemberAccounts request, and specify the NextToken
+	// value from the response in the NextToken value in the next request.
+	NextToken *string `min:"1" type:"string"`
+}
+
+// String returns the string representation
+func (s ListMemberAccountsOutput) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListMemberAccountsOutput) GoString() string {
+	return s.String()
+}
+
+// SetMemberAccounts sets the MemberAccounts field's value.
+func (s *ListMemberAccountsOutput) SetMemberAccounts(v []*string) *ListMemberAccountsOutput {
+	s.MemberAccounts = v
+	return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListMemberAccountsOutput) SetNextToken(v string) *ListMemberAccountsOutput {
+	s.NextToken = &v
+	return s
+}
+
 type ListPoliciesInput struct {
 	_ struct{} `type:"structure"`
 
@@ -1806,6 +2006,15 @@ func (s *ListPoliciesOutput) SetPolicyList(v []*PolicySummary) *ListPoliciesOutp
 type Policy struct {
 	_ struct{} `type:"structure"`
 
+	// Specifies the AWS account IDs to exclude from the policy. The IncludeMap
+	// values are evaluated first, with all of the appropriate account IDs added
+	// to the policy. Then the accounts listed in ExcludeMap are removed, resulting
+	// in the final list of accounts to add to the policy.
+	//
+	// The key to the map is ACCOUNT. For example, a valid ExcludeMap would be {“ACCOUNT”
+	// : [“accountID1”, “accountID2”]}.
+	ExcludeMap map[string][]*string `type:"map"`
+
 	// If set to True, resources with the tags that are specified in the ResourceTag
 	// array are not protected by the policy. If set to False, and the ResourceTag
 	// array is not null, only resources with the specified tags are associated
@@ -1814,6 +2023,15 @@ type Policy struct {
 	// ExcludeResourceTags is a required field
 	ExcludeResourceTags *bool `type:"boolean" required:"true"`
 
+	// Specifies the AWS account IDs to include in the policy. If IncludeMap is
+	// null, all accounts in the AWS Organization are included in the policy. If
+	// IncludeMap is not null, only values listed in IncludeMap will be included
+	// in the policy.
+	//
+	// The key to the map is ACCOUNT. For example, a valid IncludeMap would be {“ACCOUNT”
+	// : [“accountID1”, “accountID2”]}.
+	IncludeMap map[string][]*string `type:"map"`
+
 	// The ID of the AWS Firewall Manager policy.
 	PolicyId *string `min:"36" type:"string"`
 
@@ -1912,12 +2130,24 @@ func (s *Policy) Validate() error {
 	return nil
 }
 
+// SetExcludeMap sets the ExcludeMap field's value.
+func (s *Policy) SetExcludeMap(v map[string][]*string) *Policy {
+	s.ExcludeMap = v
+	return s
+}
+
 // SetExcludeResourceTags sets the ExcludeResourceTags field's value.
 func (s *Policy) SetExcludeResourceTags(v bool) *Policy {
 	s.ExcludeResourceTags = &v
 	return s
 }
 
+// SetIncludeMap sets the IncludeMap field's value.
+func (s *Policy) SetIncludeMap(v map[string][]*string) *Policy {
+	s.IncludeMap = v
+	return s
+}
+
 // SetPolicyId sets the PolicyId field's value.
 func (s *Policy) SetPolicyId(v string) *Policy {
 	s.PolicyId = &v
@@ -1974,6 +2204,12 @@ type PolicyComplianceDetail struct {
 	// out-of-date.
 	ExpiredAt *time.Time `type:"timestamp"`
 
+	// Details about problems with dependent services, such as AWS WAF or AWS Config,
+	// that are causing a resource to be non-compliant. The details include the
+	// name of the dependent service and the error message recieved indicating the
+	// problem with the service.
+	IssueInfoMap map[string]*string `type:"map"`
+
 	// The AWS account ID.
 	MemberAccount *string `min:"1" type:"string"`
 
@@ -2009,6 +2245,12 @@ func (s *PolicyComplianceDetail) SetExpiredAt(v time.Time) *PolicyComplianceDeta
 	return s
 }
 
+// SetIssueInfoMap sets the IssueInfoMap field's value.
+func (s *PolicyComplianceDetail) SetIssueInfoMap(v map[string]*string) *PolicyComplianceDetail {
+	s.IssueInfoMap = v
+	return s
+}
+
 // SetMemberAccount sets the MemberAccount field's value.
 func (s *PolicyComplianceDetail) SetMemberAccount(v string) *PolicyComplianceDetail {
 	s.MemberAccount = &v
@@ -2042,6 +2284,12 @@ type PolicyComplianceStatus struct {
 	// An array of EvaluationResult objects.
 	EvaluationResults []*EvaluationResult `type:"list"`
 
+	// Details about problems with dependent services, such as AWS WAF or AWS Config,
+	// that are causing a resource to be non-compliant. The details include the
+	// name of the dependent service and the error message recieved indicating the
+	// problem with the service.
+	IssueInfoMap map[string]*string `type:"map"`
+
 	// Time stamp of the last update to the EvaluationResult objects.
 	LastUpdated *time.Time `type:"timestamp"`
 
@@ -2074,6 +2322,12 @@ func (s *PolicyComplianceStatus) SetEvaluationResults(v []*EvaluationResult) *Po
 	return s
 }
 
+// SetIssueInfoMap sets the IssueInfoMap field's value.
+func (s *PolicyComplianceStatus) SetIssueInfoMap(v map[string]*string) *PolicyComplianceStatus {
+	s.IssueInfoMap = v
+	return s
+}
+
 // SetLastUpdated sets the LastUpdated field's value.
 func (s *PolicyComplianceStatus) SetLastUpdated(v time.Time) *PolicyComplianceStatus {
 	s.LastUpdated = &v
@@ -2441,6 +2695,36 @@ func (s *SecurityServicePolicyData) SetType(v string) *SecurityServicePolicyData
 	return s
 }
 
+const (
+	// AccountRoleStatusReady is a AccountRoleStatus enum value
+	AccountRoleStatusReady = "READY"
+
+	// AccountRoleStatusCreating is a AccountRoleStatus enum value
+	AccountRoleStatusCreating = "CREATING"
+
+	// AccountRoleStatusPendingDeletion is a AccountRoleStatus enum value
+	AccountRoleStatusPendingDeletion = "PENDING_DELETION"
+
+	// AccountRoleStatusDeleting is a AccountRoleStatus enum value
+	AccountRoleStatusDeleting = "DELETING"
+
+	// AccountRoleStatusDeleted is a AccountRoleStatus enum value
+	AccountRoleStatusDeleted = "DELETED"
+)
+
+const (
+	// CustomerPolicyScopeIdTypeAccount is a CustomerPolicyScopeIdType enum value
+	CustomerPolicyScopeIdTypeAccount = "ACCOUNT"
+)
+
+const (
+	// DependentServiceNameAwsconfig is a DependentServiceName enum value
+	DependentServiceNameAwsconfig = "AWSCONFIG"
+
+	// DependentServiceNameAwswaf is a DependentServiceName enum value
+	DependentServiceNameAwswaf = "AWSWAF"
+)
+
 const (
 	// PolicyComplianceStatusTypeCompliant is a PolicyComplianceStatusType enum value
 	PolicyComplianceStatusTypeCompliant = "COMPLIANT"

vendor/github.com/aws/aws-sdk-go/service/fms/errors.go

@@ -25,6 +25,12 @@ const (
 	// you submitted was already set as the AWS Firewall Manager administrator.
 	ErrCodeInvalidOperationException = "InvalidOperationException"
 
+	// ErrCodeInvalidTypeException for service response error code
+	// "InvalidTypeException".
+	//
+	// The value of the Type parameter is invalid.
+	ErrCodeInvalidTypeException = "InvalidTypeException"
+
 	// ErrCodeLimitExceededException for service response error code
 	// "LimitExceededException".
 	//

vendor/github.com/aws/aws-sdk-go/service/glacier/api.go

@@ -2207,7 +2207,7 @@ func (c *Glacier) ListJobsRequest(input *ListJobsInput) (req *request.Request, o
 // List Jobs request.
 //
 // You can set a maximum limit for the number of jobs returned in the response
-// by specifying the limit parameter in the request. The default limit is 1000.
+// by specifying the limit parameter in the request. The default limit is 50.
 // The number of jobs returned might be fewer than the limit, but the number
 // of returned jobs never exceeds the limit.
 //
@@ -2368,7 +2368,7 @@ func (c *Glacier) ListMultipartUploadsRequest(input *ListMultipartUploadsInput)
 // order.
 //
 // The List Multipart Uploads operation supports pagination. By default, this
-// operation returns up to 1,000 multipart uploads in the response. You should
+// operation returns up to 50 multipart uploads in the response. You should
 // always check the response for a marker at which to continue the list; if
 // there are no more items the marker is null. To return a list of multipart
 // uploads that begins at a specific upload, set the marker request parameter
@@ -2539,7 +2539,7 @@ func (c *Glacier) ListPartsRequest(input *ListPartsInput) (req *request.Request,
 // List Parts response is sorted by part range.
 //
 // The List Parts operation supports pagination. By default, this operation
-// returns up to 1,000 uploaded parts in the response. You should always check
+// returns up to 50 uploaded parts in the response. You should always check
 // the response for a marker at which to continue the list; if there are no
 // more items the marker is null. To return a list of parts that begins at a
 // specific part, set the marker request parameter to the value you obtained
@@ -2871,7 +2871,7 @@ func (c *Glacier) ListVaultsRequest(input *ListVaultsInput) (req *request.Reques
 // This operation lists all vaults owned by the calling user's account. The
 // list returned in the response is ASCII-sorted by vault name.
 //
-// By default, this operation returns up to 1,000 items. If there are more vaults
+// By default, this operation returns up to 10 items. If there are more vaults
 // to list, the response marker field contains the vault Amazon Resource Name
 // (ARN) at which to continue the list with a new List Vaults request; otherwise,
 // the marker field is null. To return a list of vaults that begins at a specific
@@ -6569,9 +6569,9 @@ type ListJobsInput struct {
 	// The state of the jobs to return. You can specify true or false.
 	Completed *string `location:"querystring" locationName:"completed" type:"string"`
 
-	// The maximum number of jobs to be returned. The default limit is 1000. The
+	// The maximum number of jobs to be returned. The default limit is 50. The number
-	// number of jobs returned might be fewer than the specified limit, but the
+	// of jobs returned might be fewer than the specified limit, but the number
-	// number of returned jobs never exceeds the limit.
+	// of returned jobs never exceeds the limit.
 	Limit *string `location:"querystring" locationName:"limit" type:"string"`
 
 	// An opaque string used for pagination. This value specifies the job at which
@@ -6703,7 +6703,7 @@ type ListMultipartUploadsInput struct {
 	AccountId *string `location:"uri" locationName:"accountId" type:"string" required:"true"`
 
 	// Specifies the maximum number of uploads returned in the response body. If
-	// this value is not specified, the List Uploads operation returns up to 1,000
+	// this value is not specified, the List Uploads operation returns up to 50
 	// uploads.
 	Limit *string `location:"querystring" locationName:"limit" type:"string"`
 
@@ -6818,7 +6818,7 @@ type ListPartsInput struct {
 	// AccountId is a required field
 	AccountId *string `location:"uri" locationName:"accountId" type:"string" required:"true"`
 
-	// The maximum number of parts to be returned. The default limit is 1000. The
+	// The maximum number of parts to be returned. The default limit is 50. The
 	// number of parts returned might be fewer than the specified limit, but the
 	// number of returned parts never exceeds the limit.
 	Limit *string `location:"querystring" locationName:"limit" type:"string"`
@@ -7145,7 +7145,7 @@ type ListVaultsInput struct {
 	// AccountId is a required field
 	AccountId *string `location:"uri" locationName:"accountId" type:"string" required:"true"`
 
-	// The maximum number of vaults to be returned. The default limit is 1000. The
+	// The maximum number of vaults to be returned. The default limit is 10. The
 	// number of vaults returned might be fewer than the specified limit, but the
 	// number of returned vaults never exceeds the limit.
 	Limit *string `location:"querystring" locationName:"limit" type:"string"`

vendor/github.com/aws/aws-sdk-go/service/glacier/doc.go

@@ -13,11 +13,10 @@
 // about capacity planning, hardware provisioning, data replication, hardware
 // failure and recovery, or time-consuming hardware migrations.
 //
-// Amazon Glacier is a great storage choice when low storage cost is paramount,
+// Amazon Glacier is a great storage choice when low storage cost is paramount
-// your data is rarely retrieved, and retrieval latency of several hours is
+// and your data is rarely retrieved. If your application requires fast or frequent
-// acceptable. If your application requires fast or frequent access to your
+// access to your data, consider using Amazon S3. For more information, see
-// data, consider using Amazon S3. For more information, see Amazon Simple Storage
+// Amazon Simple Storage Service (Amazon S3) (http://aws.amazon.com/s3/).
-// Service (Amazon S3) (http://aws.amazon.com/s3/).
 //
 // You can store any kind of data in any format. There is no maximum limit on
 // the total amount of data you can store in Amazon Glacier.

vendor/github.com/aws/aws-sdk-go/service/glue/errors.go

@@ -46,6 +46,12 @@ const (
 	// The specified crawler is stopping.
 	ErrCodeCrawlerStoppingException = "CrawlerStoppingException"
 
+	// ErrCodeEncryptionException for service response error code
+	// "GlueEncryptionException".
+	//
+	// An encryption operation failed.
+	ErrCodeEncryptionException = "GlueEncryptionException"
+
 	// ErrCodeEntityNotFoundException for service response error code
 	// "EntityNotFoundException".
 	//

vendor/github.com/aws/aws-sdk-go/service/guardduty/api.go

@@ -3880,10 +3880,14 @@ type AcceptInvitationInput struct {
 	DetectorId *string `location:"uri" locationName:"detectorId" type:"string" required:"true"`
 
 	// This value is used to validate the master account to the member account.
-	InvitationId *string `locationName:"invitationId" type:"string"`
+	//
+	// InvitationId is a required field
+	InvitationId *string `locationName:"invitationId" type:"string" required:"true"`
 
 	// The account ID of the master GuardDuty account whose invitation you're accepting.
-	MasterId *string `locationName:"masterId" type:"string"`
+	//
+	// MasterId is a required field
+	MasterId *string `locationName:"masterId" type:"string" required:"true"`
 }
 
 // String returns the string representation
@@ -3902,6 +3906,12 @@ func (s *AcceptInvitationInput) Validate() error {
 	if s.DetectorId == nil {
 		invalidParams.Add(request.NewErrParamRequired("DetectorId"))
 	}
+	if s.InvitationId == nil {
+		invalidParams.Add(request.NewErrParamRequired("InvitationId"))
+	}
+	if s.MasterId == nil {
+		invalidParams.Add(request.NewErrParamRequired("MasterId"))
+	}
 
 	if invalidParams.Len() > 0 {
 		return invalidParams
@@ -4114,7 +4124,9 @@ type ArchiveFindingsInput struct {
 	DetectorId *string `location:"uri" locationName:"detectorId" type:"string" required:"true"`
 
 	// IDs of the findings that you want to archive.
-	FindingIds []*string `locationName:"findingIds" type:"list"`
+	//
+	// FindingIds is a required field
+	FindingIds []*string `locationName:"findingIds" type:"list" required:"true"`
 }
 
 // String returns the string representation
@@ -4133,6 +4145,9 @@ func (s *ArchiveFindingsInput) Validate() error {
 	if s.DetectorId == nil {
 		invalidParams.Add(request.NewErrParamRequired("DetectorId"))
 	}
+	if s.FindingIds == nil {
+		invalidParams.Add(request.NewErrParamRequired("FindingIds"))
+	}
 
 	if invalidParams.Len() > 0 {
 		return invalidParams
@@ -4363,8 +4378,16 @@ func (s *Country) SetCountryName(v string) *Country {
 type CreateDetectorInput struct {
 	_ struct{} `type:"structure"`
 
+	// The idempotency token for the create request.
+	ClientToken *string `locationName:"clientToken" type:"string" idempotencyToken:"true"`
+
 	// A boolean value that specifies whether the detector is to be enabled.
-	Enable *bool `locationName:"enable" type:"boolean"`
+	//
+	// Enable is a required field
+	Enable *bool `locationName:"enable" type:"boolean" required:"true"`
+
+	// A enum value that specifies how frequently customer got Finding updates published.
+	FindingPublishingFrequency *string `locationName:"findingPublishingFrequency" type:"string" enum:"FindingPublishingFrequency"`
 }
 
 // String returns the string representation
@@ -4377,12 +4400,37 @@ func (s CreateDetectorInput) GoString() string {
 	return s.String()
 }
 
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *CreateDetectorInput) Validate() error {
+	invalidParams := request.ErrInvalidParams{Context: "CreateDetectorInput"}
+	if s.Enable == nil {
+		invalidParams.Add(request.NewErrParamRequired("Enable"))
+	}
+
+	if invalidParams.Len() > 0 {
+		return invalidParams
+	}
+	return nil
+}
+
+// SetClientToken sets the ClientToken field's value.
+func (s *CreateDetectorInput) SetClientToken(v string) *CreateDetectorInput {
+	s.ClientToken = &v
+	return s
+}
+
 // SetEnable sets the Enable field's value.
 func (s *CreateDetectorInput) SetEnable(v bool) *CreateDetectorInput {
 	s.Enable = &v
 	return s
 }
 
+// SetFindingPublishingFrequency sets the FindingPublishingFrequency field's value.
+func (s *CreateDetectorInput) SetFindingPublishingFrequency(v string) *CreateDetectorInput {
+	s.FindingPublishingFrequency = &v
+	return s
+}
+
 // CreateDetector response object.
 type CreateDetectorOutput struct {
 	_ struct{} `type:"structure"`
@@ -4425,10 +4473,14 @@ type CreateFilterInput struct {
 	DetectorId *string `location:"uri" locationName:"detectorId" type:"string" required:"true"`
 
 	// Represents the criteria to be used in the filter for querying findings.
-	FindingCriteria *FindingCriteria `locationName:"findingCriteria" type:"structure"`
+	//
+	// FindingCriteria is a required field
+	FindingCriteria *FindingCriteria `locationName:"findingCriteria" type:"structure" required:"true"`
 
 	// The name of the filter.
-	Name *string `locationName:"name" type:"string"`
+	//
+	// Name is a required field
+	Name *string `locationName:"name" type:"string" required:"true"`
 
 	// Specifies the position of the filter in the list of current filters. Also
 	// specifies the order in which this filter is applied to the findings.
@@ -4451,6 +4503,12 @@ func (s *CreateFilterInput) Validate() error {
 	if s.DetectorId == nil {
 		invalidParams.Add(request.NewErrParamRequired("DetectorId"))
 	}
+	if s.FindingCriteria == nil {
+		invalidParams.Add(request.NewErrParamRequired("FindingCriteria"))
+	}
+	if s.Name == nil {
+		invalidParams.Add(request.NewErrParamRequired("Name"))
+	}
 
 	if invalidParams.Len() > 0 {
 		return invalidParams
@@ -4530,21 +4588,32 @@ type CreateIPSetInput struct {
 
 	// A boolean value that indicates whether GuardDuty is to start using the uploaded
 	// IPSet.
-	Activate *bool `locationName:"activate" type:"boolean"`
+	//
+	// Activate is a required field
+	Activate *bool `locationName:"activate" type:"boolean" required:"true"`
+
+	// The idempotency token for the create request.
+	ClientToken *string `locationName:"clientToken" type:"string" idempotencyToken:"true"`
 
 	// DetectorId is a required field
 	DetectorId *string `location:"uri" locationName:"detectorId" type:"string" required:"true"`
 
 	// The format of the file that contains the IPSet.
-	Format *string `locationName:"format" type:"string" enum:"IpSetFormat"`
+	//
+	// Format is a required field
+	Format *string `locationName:"format" type:"string" required:"true" enum:"IpSetFormat"`
 
 	// The URI of the file that contains the IPSet. For example (https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key)
-	Location *string `locationName:"location" type:"string"`
+	//
+	// Location is a required field
+	Location *string `locationName:"location" type:"string" required:"true"`
 
 	// The user friendly name to identify the IPSet. This name is displayed in all
 	// findings that are triggered by activity that involves IP addresses included
 	// in this IPSet.
-	Name *string `locationName:"name" type:"string"`
+	//
+	// Name is a required field
+	Name *string `locationName:"name" type:"string" required:"true"`
 }
 
 // String returns the string representation
@@ -4560,9 +4629,21 @@ func (s CreateIPSetInput) GoString() string {
 // Validate inspects the fields of the type to determine if they are valid.
 func (s *CreateIPSetInput) Validate() error {
 	invalidParams := request.ErrInvalidParams{Context: "CreateIPSetInput"}
+	if s.Activate == nil {
+		invalidParams.Add(request.NewErrParamRequired("Activate"))
+	}
 	if s.DetectorId == nil {
 		invalidParams.Add(request.NewErrParamRequired("DetectorId"))
 	}
+	if s.Format == nil {
+		invalidParams.Add(request.NewErrParamRequired("Format"))
+	}
+	if s.Location == nil {
+		invalidParams.Add(request.NewErrParamRequired("Location"))
+	}
+	if s.Name == nil {
+		invalidParams.Add(request.NewErrParamRequired("Name"))
+	}
 
 	if invalidParams.Len() > 0 {
 		return invalidParams
@@ -4576,6 +4657,12 @@ func (s *CreateIPSetInput) SetActivate(v bool) *CreateIPSetInput {
 	return s
 }
 
+// SetClientToken sets the ClientToken field's value.
+func (s *CreateIPSetInput) SetClientToken(v string) *CreateIPSetInput {
+	s.ClientToken = &v
+	return s
+}
+
 // SetDetectorId sets the DetectorId field's value.
 func (s *CreateIPSetInput) SetDetectorId(v string) *CreateIPSetInput {
 	s.DetectorId = &v
@@ -4630,7 +4717,9 @@ type CreateMembersInput struct {
 
 	// A list of account ID and email address pairs of the accounts that you want
 	// to associate with the master GuardDuty account.
-	AccountDetails []*AccountDetail `locationName:"accountDetails" type:"list"`
+	//
+	// AccountDetails is a required field
+	AccountDetails []*AccountDetail `locationName:"accountDetails" type:"list" required:"true"`
 
 	// DetectorId is a required field
 	DetectorId *string `location:"uri" locationName:"detectorId" type:"string" required:"true"`
@@ -4649,6 +4738,9 @@ func (s CreateMembersInput) GoString() string {
 // Validate inspects the fields of the type to determine if they are valid.
 func (s *CreateMembersInput) Validate() error {
 	invalidParams := request.ErrInvalidParams{Context: "CreateMembersInput"}
+	if s.AccountDetails == nil {
+		invalidParams.Add(request.NewErrParamRequired("AccountDetails"))
+	}
 	if s.DetectorId == nil {
 		invalidParams.Add(request.NewErrParamRequired("DetectorId"))
 	}
@@ -4772,20 +4864,31 @@ type CreateThreatIntelSetInput struct {
 
 	// A boolean value that indicates whether GuardDuty is to start using the uploaded
 	// ThreatIntelSet.
-	Activate *bool `locationName:"activate" type:"boolean"`
+	//
+	// Activate is a required field
+	Activate *bool `locationName:"activate" type:"boolean" required:"true"`
+
+	// The idempotency token for the create request.
+	ClientToken *string `locationName:"clientToken" type:"string" idempotencyToken:"true"`
 
 	// DetectorId is a required field
 	DetectorId *string `location:"uri" locationName:"detectorId" type:"string" required:"true"`
 
 	// The format of the file that contains the ThreatIntelSet.
-	Format *string `locationName:"format" type:"string" enum:"ThreatIntelSetFormat"`
+	//
+	// Format is a required field
+	Format *string `locationName:"format" type:"string" required:"true" enum:"ThreatIntelSetFormat"`
 
 	// The URI of the file that contains the ThreatIntelSet. For example (https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key).
-	Location *string `locationName:"location" type:"string"`
+	//
+	// Location is a required field
+	Location *string `locationName:"location" type:"string" required:"true"`
 
 	// A user-friendly ThreatIntelSet name that is displayed in all finding generated
 	// by activity that involves IP addresses included in this ThreatIntelSet.
-	Name *string `locationName:"name" type:"string"`
+	//
+	// Name is a required field
+	Name *string `locationName:"name" type:"string" required:"true"`
 }
 
 // String returns the string representation
@@ -4801,9 +4904,21 @@ func (s CreateThreatIntelSetInput) GoString() string {
 // Validate inspects the fields of the type to determine if they are valid.
 func (s *CreateThreatIntelSetInput) Validate() error {
 	invalidParams := request.ErrInvalidParams{Context: "CreateThreatIntelSetInput"}
+	if s.Activate == nil {
+		invalidParams.Add(request.NewErrParamRequired("Activate"))
+	}
 	if s.DetectorId == nil {
 		invalidParams.Add(request.NewErrParamRequired("DetectorId"))
 	}
+	if s.Format == nil {
+		invalidParams.Add(request.NewErrParamRequired("Format"))
+	}
+	if s.Location == nil {
+		invalidParams.Add(request.NewErrParamRequired("Location"))
+	}
+	if s.Name == nil {
+		invalidParams.Add(request.NewErrParamRequired("Name"))
+	}
 
 	if invalidParams.Len() > 0 {
 		return invalidParams
@@ -4817,6 +4932,12 @@ func (s *CreateThreatIntelSetInput) SetActivate(v bool) *CreateThreatIntelSetInp
 	return s
 }
 
+// SetClientToken sets the ClientToken field's value.
+func (s *CreateThreatIntelSetInput) SetClientToken(v string) *CreateThreatIntelSetInput {
+	s.ClientToken = &v
+	return s
+}
+
 // SetDetectorId sets the DetectorId field's value.
 func (s *CreateThreatIntelSetInput) SetDetectorId(v string) *CreateThreatIntelSetInput {
 	s.DetectorId = &v
@@ -4871,7 +4992,9 @@ type DeclineInvitationsInput struct {
 
 	// A list of account IDs of the AWS accounts that sent invitations to the current
 	// member account that you want to decline invitations from.
-	AccountIds []*string `locationName:"accountIds" type:"list"`
+	//
+	// AccountIds is a required field
+	AccountIds []*string `locationName:"accountIds" type:"list" required:"true"`
 }
 
 // String returns the string representation
@@ -4884,6 +5007,19 @@ func (s DeclineInvitationsInput) GoString() string {
 	return s.String()
 }
 
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *DeclineInvitationsInput) Validate() error {
+	invalidParams := request.ErrInvalidParams{Context: "DeclineInvitationsInput"}
+	if s.AccountIds == nil {
+		invalidParams.Add(request.NewErrParamRequired("AccountIds"))
+	}
+
+	if invalidParams.Len() > 0 {
+		return invalidParams
+	}
+	return nil
+}
+
 // SetAccountIds sets the AccountIds field's value.
 func (s *DeclineInvitationsInput) SetAccountIds(v []*string) *DeclineInvitationsInput {
 	s.AccountIds = v
@@ -5095,7 +5231,9 @@ type DeleteInvitationsInput struct {
 
 	// A list of account IDs of the AWS accounts that sent invitations to the current
 	// member account that you want to delete invitations from.
-	AccountIds []*string `locationName:"accountIds" type:"list"`
+	//
+	// AccountIds is a required field
+	AccountIds []*string `locationName:"accountIds" type:"list" required:"true"`
 }
 
 // String returns the string representation
@@ -5108,6 +5246,19 @@ func (s DeleteInvitationsInput) GoString() string {
 	return s.String()
 }
 
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *DeleteInvitationsInput) Validate() error {
+	invalidParams := request.ErrInvalidParams{Context: "DeleteInvitationsInput"}
+	if s.AccountIds == nil {
+		invalidParams.Add(request.NewErrParamRequired("AccountIds"))
+	}
+
+	if invalidParams.Len() > 0 {
+		return invalidParams
+	}
+	return nil
+}
+
 // SetAccountIds sets the AccountIds field's value.
 func (s *DeleteInvitationsInput) SetAccountIds(v []*string) *DeleteInvitationsInput {
 	s.AccountIds = v
@@ -5144,7 +5295,9 @@ type DeleteMembersInput struct {
 	_ struct{} `type:"structure"`
 
 	// A list of account IDs of the GuardDuty member accounts that you want to delete.
-	AccountIds []*string `locationName:"accountIds" type:"list"`
+	//
+	// AccountIds is a required field
+	AccountIds []*string `locationName:"accountIds" type:"list" required:"true"`
 
 	// DetectorId is a required field
 	DetectorId *string `location:"uri" locationName:"detectorId" type:"string" required:"true"`
@@ -5163,6 +5316,9 @@ func (s DeleteMembersInput) GoString() string {
 // Validate inspects the fields of the type to determine if they are valid.
 func (s *DeleteMembersInput) Validate() error {
 	invalidParams := request.ErrInvalidParams{Context: "DeleteMembersInput"}
+	if s.AccountIds == nil {
+		invalidParams.Add(request.NewErrParamRequired("AccountIds"))
+	}
 	if s.DetectorId == nil {
 		invalidParams.Add(request.NewErrParamRequired("DetectorId"))
 	}
@@ -5328,7 +5484,9 @@ type DisassociateMembersInput struct {
 
 	// A list of account IDs of the GuardDuty member accounts that you want to disassociate
 	// from master.
-	AccountIds []*string `locationName:"accountIds" type:"list"`
+	//
+	// AccountIds is a required field
+	AccountIds []*string `locationName:"accountIds" type:"list" required:"true"`
 
 	// DetectorId is a required field
 	DetectorId *string `location:"uri" locationName:"detectorId" type:"string" required:"true"`
@@ -5347,6 +5505,9 @@ func (s DisassociateMembersInput) GoString() string {
 // Validate inspects the fields of the type to determine if they are valid.
 func (s *DisassociateMembersInput) Validate() error {
 	invalidParams := request.ErrInvalidParams{Context: "DisassociateMembersInput"}
+	if s.AccountIds == nil {
+		invalidParams.Add(request.NewErrParamRequired("AccountIds"))
+	}
 	if s.DetectorId == nil {
 		invalidParams.Add(request.NewErrParamRequired("DetectorId"))
 	}
@@ -5731,6 +5892,9 @@ type GetDetectorOutput struct {
 	// The first time a resource was created. The format will be ISO-8601.
 	CreatedAt *string `locationName:"createdAt" type:"string"`
 
+	// A enum value that specifies how frequently customer got Finding updates published.
+	FindingPublishingFrequency *string `locationName:"findingPublishingFrequency" type:"string" enum:"FindingPublishingFrequency"`
+
 	// Customer serviceRole name or ARN for accessing customer resources
 	ServiceRole *string `locationName:"serviceRole" type:"string"`
 
@@ -5757,6 +5921,12 @@ func (s *GetDetectorOutput) SetCreatedAt(v string) *GetDetectorOutput {
 	return s
 }
 
+// SetFindingPublishingFrequency sets the FindingPublishingFrequency field's value.
+func (s *GetDetectorOutput) SetFindingPublishingFrequency(v string) *GetDetectorOutput {
+	s.FindingPublishingFrequency = &v
+	return s
+}
+
 // SetServiceRole sets the ServiceRole field's value.
 func (s *GetDetectorOutput) SetServiceRole(v string) *GetDetectorOutput {
 	s.ServiceRole = &v
@@ -5893,7 +6063,9 @@ type GetFindingsInput struct {
 	DetectorId *string `location:"uri" locationName:"detectorId" type:"string" required:"true"`
 
 	// IDs of the findings that you want to retrieve.
-	FindingIds []*string `locationName:"findingIds" type:"list"`
+	//
+	// FindingIds is a required field
+	FindingIds []*string `locationName:"findingIds" type:"list" required:"true"`
 
 	// Represents the criteria used for sorting findings.
 	SortCriteria *SortCriteria `locationName:"sortCriteria" type:"structure"`
@@ -5915,6 +6087,9 @@ func (s *GetFindingsInput) Validate() error {
 	if s.DetectorId == nil {
 		invalidParams.Add(request.NewErrParamRequired("DetectorId"))
 	}
+	if s.FindingIds == nil {
+		invalidParams.Add(request.NewErrParamRequired("FindingIds"))
+	}
 
 	if invalidParams.Len() > 0 {
 		return invalidParams
@@ -5975,7 +6150,9 @@ type GetFindingsStatisticsInput struct {
 	FindingCriteria *FindingCriteria `locationName:"findingCriteria" type:"structure"`
 
 	// Types of finding statistics to retrieve.
-	FindingStatisticTypes []*string `locationName:"findingStatisticTypes" type:"list"`
+	//
+	// FindingStatisticTypes is a required field
+	FindingStatisticTypes []*string `locationName:"findingStatisticTypes" type:"list" required:"true"`
 }
 
 // String returns the string representation
@@ -5994,6 +6171,9 @@ func (s *GetFindingsStatisticsInput) Validate() error {
 	if s.DetectorId == nil {
 		invalidParams.Add(request.NewErrParamRequired("DetectorId"))
 	}
+	if s.FindingStatisticTypes == nil {
+		invalidParams.Add(request.NewErrParamRequired("FindingStatisticTypes"))
+	}
 
 	if invalidParams.Len() > 0 {
 		return invalidParams
@@ -6247,7 +6427,9 @@ type GetMembersInput struct {
 	_ struct{} `type:"structure"`
 
 	// A list of account IDs of the GuardDuty member accounts that you want to describe.
-	AccountIds []*string `locationName:"accountIds" type:"list"`
+	//
+	// AccountIds is a required field
+	AccountIds []*string `locationName:"accountIds" type:"list" required:"true"`
 
 	// DetectorId is a required field
 	DetectorId *string `location:"uri" locationName:"detectorId" type:"string" required:"true"`
@@ -6266,6 +6448,9 @@ func (s GetMembersInput) GoString() string {
 // Validate inspects the fields of the type to determine if they are valid.
 func (s *GetMembersInput) Validate() error {
 	invalidParams := request.ErrInvalidParams{Context: "GetMembersInput"}
+	if s.AccountIds == nil {
+		invalidParams.Add(request.NewErrParamRequired("AccountIds"))
+	}
 	if s.DetectorId == nil {
 		invalidParams.Add(request.NewErrParamRequired("DetectorId"))
 	}
@@ -6636,7 +6821,9 @@ type InviteMembersInput struct {
 
 	// A list of account IDs of the accounts that you want to invite to GuardDuty
 	// as members.
-	AccountIds []*string `locationName:"accountIds" type:"list"`
+	//
+	// AccountIds is a required field
+	AccountIds []*string `locationName:"accountIds" type:"list" required:"true"`
 
 	// DetectorId is a required field
 	DetectorId *string `location:"uri" locationName:"detectorId" type:"string" required:"true"`
@@ -6663,6 +6850,9 @@ func (s InviteMembersInput) GoString() string {
 // Validate inspects the fields of the type to determine if they are valid.
 func (s *InviteMembersInput) Validate() error {
 	invalidParams := request.ErrInvalidParams{Context: "InviteMembersInput"}
+	if s.AccountIds == nil {
+		invalidParams.Add(request.NewErrParamRequired("AccountIds"))
+	}
 	if s.DetectorId == nil {
 		invalidParams.Add(request.NewErrParamRequired("DetectorId"))
 	}
@@ -8218,7 +8408,9 @@ type StartMonitoringMembersInput struct {
 
 	// A list of account IDs of the GuardDuty member accounts whose findings you
 	// want the master account to monitor.
-	AccountIds []*string `locationName:"accountIds" type:"list"`
+	//
+	// AccountIds is a required field
+	AccountIds []*string `locationName:"accountIds" type:"list" required:"true"`
 
 	// DetectorId is a required field
 	DetectorId *string `location:"uri" locationName:"detectorId" type:"string" required:"true"`
@@ -8237,6 +8429,9 @@ func (s StartMonitoringMembersInput) GoString() string {
 // Validate inspects the fields of the type to determine if they are valid.
 func (s *StartMonitoringMembersInput) Validate() error {
 	invalidParams := request.ErrInvalidParams{Context: "StartMonitoringMembersInput"}
+	if s.AccountIds == nil {
+		invalidParams.Add(request.NewErrParamRequired("AccountIds"))
+	}
 	if s.DetectorId == nil {
 		invalidParams.Add(request.NewErrParamRequired("DetectorId"))
 	}
@@ -8290,7 +8485,9 @@ type StopMonitoringMembersInput struct {
 
 	// A list of account IDs of the GuardDuty member accounts whose findings you
 	// want the master account to stop monitoring.
-	AccountIds []*string `locationName:"accountIds" type:"list"`
+	//
+	// AccountIds is a required field
+	AccountIds []*string `locationName:"accountIds" type:"list" required:"true"`
 
 	// DetectorId is a required field
 	DetectorId *string `location:"uri" locationName:"detectorId" type:"string" required:"true"`
@@ -8309,6 +8506,9 @@ func (s StopMonitoringMembersInput) GoString() string {
 // Validate inspects the fields of the type to determine if they are valid.
 func (s *StopMonitoringMembersInput) Validate() error {
 	invalidParams := request.ErrInvalidParams{Context: "StopMonitoringMembersInput"}
+	if s.AccountIds == nil {
+		invalidParams.Add(request.NewErrParamRequired("AccountIds"))
+	}
 	if s.DetectorId == nil {
 		invalidParams.Add(request.NewErrParamRequired("DetectorId"))
 	}
@@ -8397,7 +8597,9 @@ type UnarchiveFindingsInput struct {
 	DetectorId *string `location:"uri" locationName:"detectorId" type:"string" required:"true"`
 
 	// IDs of the findings that you want to unarchive.
-	FindingIds []*string `locationName:"findingIds" type:"list"`
+	//
+	// FindingIds is a required field
+	FindingIds []*string `locationName:"findingIds" type:"list" required:"true"`
 }
 
 // String returns the string representation
@@ -8416,6 +8618,9 @@ func (s *UnarchiveFindingsInput) Validate() error {
 	if s.DetectorId == nil {
 		invalidParams.Add(request.NewErrParamRequired("DetectorId"))
 	}
+	if s.FindingIds == nil {
+		invalidParams.Add(request.NewErrParamRequired("FindingIds"))
+	}
 
 	if invalidParams.Len() > 0 {
 		return invalidParams
@@ -8497,6 +8702,9 @@ type UpdateDetectorInput struct {
 	// Updated boolean value for the detector that specifies whether the detector
 	// is enabled.
 	Enable *bool `locationName:"enable" type:"boolean"`
+
+	// A enum value that specifies how frequently customer got Finding updates published.
+	FindingPublishingFrequency *string `locationName:"findingPublishingFrequency" type:"string" enum:"FindingPublishingFrequency"`
 }
 
 // String returns the string representation
@@ -8534,6 +8742,12 @@ func (s *UpdateDetectorInput) SetEnable(v bool) *UpdateDetectorInput {
 	return s
 }
 
+// SetFindingPublishingFrequency sets the FindingPublishingFrequency field's value.
+func (s *UpdateDetectorInput) SetFindingPublishingFrequency(v string) *UpdateDetectorInput {
+	s.FindingPublishingFrequency = &v
+	return s
+}
+
 type UpdateDetectorOutput struct {
 	_ struct{} `type:"structure"`
 }
@@ -8670,10 +8884,14 @@ type UpdateFindingsFeedbackInput struct {
 	DetectorId *string `location:"uri" locationName:"detectorId" type:"string" required:"true"`
 
 	// Valid values: USEFUL | NOT_USEFUL
-	Feedback *string `locationName:"feedback" type:"string" enum:"Feedback"`
+	//
+	// Feedback is a required field
+	Feedback *string `locationName:"feedback" type:"string" required:"true" enum:"Feedback"`
 
 	// IDs of the findings that you want to mark as useful or not useful.
-	FindingIds []*string `locationName:"findingIds" type:"list"`
+	//
+	// FindingIds is a required field
+	FindingIds []*string `locationName:"findingIds" type:"list" required:"true"`
 }
 
 // String returns the string representation
@@ -8692,6 +8910,12 @@ func (s *UpdateFindingsFeedbackInput) Validate() error {
 	if s.DetectorId == nil {
 		invalidParams.Add(request.NewErrParamRequired("DetectorId"))
 	}
+	if s.Feedback == nil {
+		invalidParams.Add(request.NewErrParamRequired("Feedback"))
+	}
+	if s.FindingIds == nil {
+		invalidParams.Add(request.NewErrParamRequired("FindingIds"))
+	}
 
 	if invalidParams.Len() > 0 {
 		return invalidParams
@@ -8946,6 +9170,18 @@ const (
 	FilterActionArchive = "ARCHIVE"
 )
 
+// A enum value that specifies how frequently customer got Finding updates published.
+const (
+	// FindingPublishingFrequencyFifteenMinutes is a FindingPublishingFrequency enum value
+	FindingPublishingFrequencyFifteenMinutes = "FIFTEEN_MINUTES"
+
+	// FindingPublishingFrequencyOneHour is a FindingPublishingFrequency enum value
+	FindingPublishingFrequencyOneHour = "ONE_HOUR"
+
+	// FindingPublishingFrequencySixHours is a FindingPublishingFrequency enum value
+	FindingPublishingFrequencySixHours = "SIX_HOURS"
+)
+
 // The types of finding statistics.
 const (
 	// FindingStatisticTypeCountBySeverity is a FindingStatisticType enum value

vendor/github.com/aws/aws-sdk-go/service/inspector/api.go

@@ -82,6 +82,9 @@ func (c *Inspector) AddAttributesToFindingsRequest(input *AddAttributesToFinding
 //   The request was rejected because it referenced an entity that does not exist.
 //   The error code describes the entity.
 //
+//   * ErrCodeServiceTemporarilyUnavailableException "ServiceTemporarilyUnavailableException"
+//   The serice is temporary unavailable.
+//
 // See also, https://docs.aws.amazon.com/goto/WebAPI/inspector-2016-02-16/AddAttributesToFindings
 func (c *Inspector) AddAttributesToFindings(input *AddAttributesToFindingsInput) (*AddAttributesToFindingsOutput, error) {
 	req, out := c.AddAttributesToFindingsRequest(input)
@@ -149,9 +152,11 @@ func (c *Inspector) CreateAssessmentTargetRequest(input *CreateAssessmentTargetI
 // CreateAssessmentTarget API operation for Amazon Inspector.
 //
 // Creates a new assessment target using the ARN of the resource group that
-// is generated by CreateResourceGroup. If the service-linked role (https://docs.aws.amazon.com/inspector/latest/userguide/inspector_slr.html)
+// is generated by CreateResourceGroup. If resourceGroupArn is not specified,
-// isn’t already registered, also creates and registers a service-linked role
+// all EC2 instances in the current AWS account and region are included in the
-// to grant Amazon Inspector access to AWS Services needed to perform security
+// assessment target. If the service-linked role (https://docs.aws.amazon.com/inspector/latest/userguide/inspector_slr.html)
+// isn’t already registered, this action also creates and registers a service-linked
+// role to grant Amazon Inspector access to AWS Services needed to perform security
 // assessments. You can create up to 50 assessment targets per AWS account.
 // You can run up to 500 concurrent agents per AWS account. For more information,
 // see  Amazon Inspector Assessment Targets (http://docs.aws.amazon.com/inspector/latest/userguide/inspector_applications.html).
@@ -186,6 +191,9 @@ func (c *Inspector) CreateAssessmentTargetRequest(input *CreateAssessmentTargetI
 //   Amazon Inspector cannot assume the cross-account role that it needs to list
 //   your EC2 instances during the assessment run.
 //
+//   * ErrCodeServiceTemporarilyUnavailableException "ServiceTemporarilyUnavailableException"
+//   The serice is temporary unavailable.
+//
 // See also, https://docs.aws.amazon.com/goto/WebAPI/inspector-2016-02-16/CreateAssessmentTarget
 func (c *Inspector) CreateAssessmentTarget(input *CreateAssessmentTargetInput) (*CreateAssessmentTargetOutput, error) {
 	req, out := c.CreateAssessmentTargetRequest(input)
@@ -254,8 +262,8 @@ func (c *Inspector) CreateAssessmentTemplateRequest(input *CreateAssessmentTempl
 //
 // Creates an assessment template for the assessment target that is specified
 // by the ARN of the assessment target. If the service-linked role (https://docs.aws.amazon.com/inspector/latest/userguide/inspector_slr.html)
-// isn’t already registered, also creates and registers a service-linked role
+// isn’t already registered, this action also creates and registers a service-linked
-// to grant Amazon Inspector access to AWS Services needed to perform security
+// role to grant Amazon Inspector access to AWS Services needed to perform security
 // assessments.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
@@ -284,6 +292,9 @@ func (c *Inspector) CreateAssessmentTemplateRequest(input *CreateAssessmentTempl
 //   The request was rejected because it referenced an entity that does not exist.
 //   The error code describes the entity.
 //
+//   * ErrCodeServiceTemporarilyUnavailableException "ServiceTemporarilyUnavailableException"
+//   The serice is temporary unavailable.
+//
 // See also, https://docs.aws.amazon.com/goto/WebAPI/inspector-2016-02-16/CreateAssessmentTemplate
 func (c *Inspector) CreateAssessmentTemplate(input *CreateAssessmentTemplateInput) (*CreateAssessmentTemplateOutput, error) {
 	req, out := c.CreateAssessmentTemplateRequest(input)
@@ -380,6 +391,9 @@ func (c *Inspector) CreateExclusionsPreviewRequest(input *CreateExclusionsPrevie
 //   The request was rejected because it referenced an entity that does not exist.
 //   The error code describes the entity.
 //
+//   * ErrCodeServiceTemporarilyUnavailableException "ServiceTemporarilyUnavailableException"
+//   The serice is temporary unavailable.
+//
 // See also, https://docs.aws.amazon.com/goto/WebAPI/inspector-2016-02-16/CreateExclusionsPreview
 func (c *Inspector) CreateExclusionsPreview(input *CreateExclusionsPreviewInput) (*CreateExclusionsPreviewOutput, error) {
 	req, out := c.CreateExclusionsPreviewRequest(input)
@@ -473,6 +487,9 @@ func (c *Inspector) CreateResourceGroupRequest(input *CreateResourceGroupInput)
 //   * ErrCodeAccessDeniedException "AccessDeniedException"
 //   You do not have required permissions to access the requested resource.
 //
+//   * ErrCodeServiceTemporarilyUnavailableException "ServiceTemporarilyUnavailableException"
+//   The serice is temporary unavailable.
+//
 // See also, https://docs.aws.amazon.com/goto/WebAPI/inspector-2016-02-16/CreateResourceGroup
 func (c *Inspector) CreateResourceGroup(input *CreateResourceGroupInput) (*CreateResourceGroupOutput, error) {
 	req, out := c.CreateResourceGroupRequest(input)
@@ -570,6 +587,9 @@ func (c *Inspector) DeleteAssessmentRunRequest(input *DeleteAssessmentRunInput)
 //   The request was rejected because it referenced an entity that does not exist.
 //   The error code describes the entity.
 //
+//   * ErrCodeServiceTemporarilyUnavailableException "ServiceTemporarilyUnavailableException"
+//   The serice is temporary unavailable.
+//
 // See also, https://docs.aws.amazon.com/goto/WebAPI/inspector-2016-02-16/DeleteAssessmentRun
 func (c *Inspector) DeleteAssessmentRun(input *DeleteAssessmentRunInput) (*DeleteAssessmentRunOutput, error) {
 	req, out := c.DeleteAssessmentRunRequest(input)
@@ -667,6 +687,9 @@ func (c *Inspector) DeleteAssessmentTargetRequest(input *DeleteAssessmentTargetI
 //   The request was rejected because it referenced an entity that does not exist.
 //   The error code describes the entity.
 //
+//   * ErrCodeServiceTemporarilyUnavailableException "ServiceTemporarilyUnavailableException"
+//   The serice is temporary unavailable.
+//
 // See also, https://docs.aws.amazon.com/goto/WebAPI/inspector-2016-02-16/DeleteAssessmentTarget
 func (c *Inspector) DeleteAssessmentTarget(input *DeleteAssessmentTargetInput) (*DeleteAssessmentTargetOutput, error) {
 	req, out := c.DeleteAssessmentTargetRequest(input)
@@ -764,6 +787,9 @@ func (c *Inspector) DeleteAssessmentTemplateRequest(input *DeleteAssessmentTempl
 //   The request was rejected because it referenced an entity that does not exist.
 //   The error code describes the entity.
 //
+//   * ErrCodeServiceTemporarilyUnavailableException "ServiceTemporarilyUnavailableException"
+//   The serice is temporary unavailable.
+//
 // See also, https://docs.aws.amazon.com/goto/WebAPI/inspector-2016-02-16/DeleteAssessmentTemplate
 func (c *Inspector) DeleteAssessmentTemplate(input *DeleteAssessmentTemplateInput) (*DeleteAssessmentTemplateOutput, error) {
 	req, out := c.DeleteAssessmentTemplateRequest(input)
@@ -1531,6 +1557,9 @@ func (c *Inspector) GetAssessmentReportRequest(input *GetAssessmentReportInput)
 //   runs that took place or will take place after generating reports in Amazon
 //   Inspector became available.
 //
+//   * ErrCodeServiceTemporarilyUnavailableException "ServiceTemporarilyUnavailableException"
+//   The serice is temporary unavailable.
+//
 // See also, https://docs.aws.amazon.com/goto/WebAPI/inspector-2016-02-16/GetAssessmentReport
 func (c *Inspector) GetAssessmentReport(input *GetAssessmentReportInput) (*GetAssessmentReportOutput, error) {
 	req, out := c.GetAssessmentReportRequest(input)
@@ -3272,6 +3301,9 @@ func (c *Inspector) RegisterCrossAccountAccessRoleRequest(input *RegisterCrossAc
 //   Amazon Inspector cannot assume the cross-account role that it needs to list
 //   your EC2 instances during the assessment run.
 //
+//   * ErrCodeServiceTemporarilyUnavailableException "ServiceTemporarilyUnavailableException"
+//   The serice is temporary unavailable.
+//
 // See also, https://docs.aws.amazon.com/goto/WebAPI/inspector-2016-02-16/RegisterCrossAccountAccessRole
 func (c *Inspector) RegisterCrossAccountAccessRole(input *RegisterCrossAccountAccessRoleInput) (*RegisterCrossAccountAccessRoleOutput, error) {
 	req, out := c.RegisterCrossAccountAccessRoleRequest(input)
@@ -3364,6 +3396,9 @@ func (c *Inspector) RemoveAttributesFromFindingsRequest(input *RemoveAttributesF
 //   The request was rejected because it referenced an entity that does not exist.
 //   The error code describes the entity.
 //
+//   * ErrCodeServiceTemporarilyUnavailableException "ServiceTemporarilyUnavailableException"
+//   The serice is temporary unavailable.
+//
 // See also, https://docs.aws.amazon.com/goto/WebAPI/inspector-2016-02-16/RemoveAttributesFromFindings
 func (c *Inspector) RemoveAttributesFromFindings(input *RemoveAttributesFromFindingsInput) (*RemoveAttributesFromFindingsOutput, error) {
 	req, out := c.RemoveAttributesFromFindingsRequest(input)
@@ -3457,6 +3492,9 @@ func (c *Inspector) SetTagsForResourceRequest(input *SetTagsForResourceInput) (r
 //   The request was rejected because it referenced an entity that does not exist.
 //   The error code describes the entity.
 //
+//   * ErrCodeServiceTemporarilyUnavailableException "ServiceTemporarilyUnavailableException"
+//   The serice is temporary unavailable.
+//
 // See also, https://docs.aws.amazon.com/goto/WebAPI/inspector-2016-02-16/SetTagsForResource
 func (c *Inspector) SetTagsForResource(input *SetTagsForResourceInput) (*SetTagsForResourceOutput, error) {
 	req, out := c.SetTagsForResourceRequest(input)
@@ -3561,6 +3599,9 @@ func (c *Inspector) StartAssessmentRunRequest(input *StartAssessmentRunInput) (r
 //   You started an assessment run, but one of the instances is already participating
 //   in another assessment run.
 //
+//   * ErrCodeServiceTemporarilyUnavailableException "ServiceTemporarilyUnavailableException"
+//   The serice is temporary unavailable.
+//
 // See also, https://docs.aws.amazon.com/goto/WebAPI/inspector-2016-02-16/StartAssessmentRun
 func (c *Inspector) StartAssessmentRun(input *StartAssessmentRunInput) (*StartAssessmentRunOutput, error) {
 	req, out := c.StartAssessmentRunRequest(input)
@@ -3653,6 +3694,9 @@ func (c *Inspector) StopAssessmentRunRequest(input *StopAssessmentRunInput) (req
 //   The request was rejected because it referenced an entity that does not exist.
 //   The error code describes the entity.
 //
+//   * ErrCodeServiceTemporarilyUnavailableException "ServiceTemporarilyUnavailableException"
+//   The serice is temporary unavailable.
+//
 // See also, https://docs.aws.amazon.com/goto/WebAPI/inspector-2016-02-16/StopAssessmentRun
 func (c *Inspector) StopAssessmentRun(input *StopAssessmentRunInput) (*StopAssessmentRunOutput, error) {
 	req, out := c.StopAssessmentRunRequest(input)
@@ -3750,6 +3794,9 @@ func (c *Inspector) SubscribeToEventRequest(input *SubscribeToEventInput) (req *
 //   The request was rejected because it referenced an entity that does not exist.
 //   The error code describes the entity.
 //
+//   * ErrCodeServiceTemporarilyUnavailableException "ServiceTemporarilyUnavailableException"
+//   The serice is temporary unavailable.
+//
 // See also, https://docs.aws.amazon.com/goto/WebAPI/inspector-2016-02-16/SubscribeToEvent
 func (c *Inspector) SubscribeToEvent(input *SubscribeToEventInput) (*SubscribeToEventOutput, error) {
 	req, out := c.SubscribeToEventRequest(input)
@@ -3843,6 +3890,9 @@ func (c *Inspector) UnsubscribeFromEventRequest(input *UnsubscribeFromEventInput
 //   The request was rejected because it referenced an entity that does not exist.
 //   The error code describes the entity.
 //
+//   * ErrCodeServiceTemporarilyUnavailableException "ServiceTemporarilyUnavailableException"
+//   The serice is temporary unavailable.
+//
 // See also, https://docs.aws.amazon.com/goto/WebAPI/inspector-2016-02-16/UnsubscribeFromEvent
 func (c *Inspector) UnsubscribeFromEvent(input *UnsubscribeFromEventInput) (*UnsubscribeFromEventOutput, error) {
 	req, out := c.UnsubscribeFromEventRequest(input)
@@ -3914,6 +3964,9 @@ func (c *Inspector) UpdateAssessmentTargetRequest(input *UpdateAssessmentTargetI
 // Updates the assessment target that is specified by the ARN of the assessment
 // target.
 //
+// If resourceGroupArn is not specified, all EC2 instances in the current AWS
+// account and region are included in the assessment target.
+//
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
 // the error.
@@ -3936,6 +3989,9 @@ func (c *Inspector) UpdateAssessmentTargetRequest(input *UpdateAssessmentTargetI
 //   The request was rejected because it referenced an entity that does not exist.
 //   The error code describes the entity.
 //
+//   * ErrCodeServiceTemporarilyUnavailableException "ServiceTemporarilyUnavailableException"
+//   The serice is temporary unavailable.
+//
 // See also, https://docs.aws.amazon.com/goto/WebAPI/inspector-2016-02-16/UpdateAssessmentTarget
 func (c *Inspector) UpdateAssessmentTarget(input *UpdateAssessmentTargetInput) (*UpdateAssessmentTargetOutput, error) {
 	req, out := c.UpdateAssessmentTargetRequest(input)
@@ -5166,7 +5222,8 @@ type CreateAssessmentTargetInput struct {
 	AssessmentTargetName *string `locationName:"assessmentTargetName" min:"1" type:"string" required:"true"`
 
 	// The ARN that specifies the resource group that is used to create the assessment
-	// target.
+	// target. If resourceGroupArn is not specified, all EC2 instances in the current
+	// AWS account and region are included in the assessment target.
 	ResourceGroupArn *string `locationName:"resourceGroupArn" min:"1" type:"string"`
 }
 
@@ -5253,8 +5310,7 @@ type CreateAssessmentTemplateInput struct {
 	// AssessmentTemplateName is a required field
 	AssessmentTemplateName *string `locationName:"assessmentTemplateName" min:"1" type:"string" required:"true"`
 
-	// The duration of the assessment run in seconds. The default value is 3600
+	// The duration of the assessment run in seconds.
-	// seconds (one hour).
 	//
 	// DurationInSeconds is a required field
 	DurationInSeconds *int64 `locationName:"durationInSeconds" min:"180" type:"integer" required:"true"`

vendor/github.com/aws/aws-sdk-go/service/inspector/errors.go

@@ -65,6 +65,12 @@ const (
 	// an exclusions preview.
 	ErrCodePreviewGenerationInProgressException = "PreviewGenerationInProgressException"
 
+	// ErrCodeServiceTemporarilyUnavailableException for service response error code
+	// "ServiceTemporarilyUnavailableException".
+	//
+	// The serice is temporary unavailable.
+	ErrCodeServiceTemporarilyUnavailableException = "ServiceTemporarilyUnavailableException"
+
 	// ErrCodeUnsupportedFeatureException for service response error code
 	// "UnsupportedFeatureException".
 	//

vendor/github.com/aws/aws-sdk-go/service/iot/doc.go

@@ -12,6 +12,9 @@
 //
 // For more information about how AWS IoT works, see the Developer Guide (http://docs.aws.amazon.com/iot/latest/developerguide/aws-iot-how-it-works.html).
 //
+// For information about how to use the credentials provider for AWS IoT, see
+// Authorizing Direct Calls to AWS Services (http://docs.aws.amazon.com/iot/latest/developerguide/authorizing-direct-aws.html).
+//
 // See iot package documentation for more information.
 // https://docs.aws.amazon.com/sdk-for-go/api/service/iot/
 //

vendor/github.com/aws/aws-sdk-go/service/kinesis/errors.go

@@ -13,8 +13,7 @@ const (
 	// ErrCodeExpiredNextTokenException for service response error code
 	// "ExpiredNextTokenException".
 	//
-	// The pagination token passed to the ListShards operation is expired. For more
+	// The pagination token passed to the operation is expired.
-	// information, see ListShardsInput$NextToken.
 	ErrCodeExpiredNextTokenException = "ExpiredNextTokenException"
 
 	// ErrCodeInvalidArgumentException for service response error code

vendor/github.com/aws/aws-sdk-go/service/kms/api.go

@@ -66,6 +66,10 @@ func (c *KMS) CancelKeyDeletionRequest(input *CancelKeyDeletionInput) (req *requ
 // Deleting Customer Master Keys (http://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html)
 // in the AWS Key Management Service Developer Guide.
 //
+// The result of this operation varies with the key state of the CMK. For details,
+// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
+// in the AWS Key Management Service Developer Guide.
+//
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
 // the error.
@@ -165,8 +169,9 @@ func (c *KMS) CreateAliasRequest(input *CreateAliasInput) (req *request.Request,
 
 // CreateAlias API operation for AWS Key Management Service.
 //
-// Creates a display name for a customer master key (CMK). You can use an alias
+// Creates a display name for a customer-managed customer master key (CMK).
-// to identify a CMK in selected operations, such as Encrypt and GenerateDataKey.
+// You can use an alias to identify a CMK in selected operations, such as Encrypt
+// and GenerateDataKey.
 //
 // Each CMK can have multiple aliases, but each alias points to only one CMK.
 // The alias name must be unique in the AWS account and region. To simplify
@@ -178,10 +183,9 @@ func (c *KMS) CreateAliasRequest(input *CreateAliasInput) (req *request.Request,
 // the response from the DescribeKey operation. To get the aliases of all CMKs,
 // use the ListAliases operation.
 //
-// An alias must start with the word alias followed by a forward slash (alias/).
 // The alias name can contain only alphanumeric characters, forward slashes
-// (/), underscores (_), and dashes (-). Alias names cannot begin with aws;
+// (/), underscores (_), and dashes (-). Alias names cannot begin with aws/.
-// that alias name prefix is reserved by Amazon Web Services (AWS).
+// That alias name prefix is reserved for AWS managed CMKs.
 //
 // The alias and the CMK it is mapped to must be in the same AWS account and
 // the same region. You cannot perform this operation on an alias in a different
@@ -189,6 +193,10 @@ func (c *KMS) CreateAliasRequest(input *CreateAliasInput) (req *request.Request,
 //
 // To map an existing alias to a different CMK, call UpdateAlias.
 //
+// The result of this operation varies with the key state of the CMK. For details,
+// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
+// in the AWS Key Management Service Developer Guide.
+//
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
 // the error.
@@ -304,6 +312,10 @@ func (c *KMS) CreateGrantRequest(input *CreateGrantInput) (req *request.Request,
 // see Grants (http://docs.aws.amazon.com/kms/latest/developerguide/grants.html)
 // in the AWS Key Management Service Developer Guide.
 //
+// The result of this operation varies with the key state of the CMK. For details,
+// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
+// in the AWS Key Management Service Developer Guide.
+//
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
 // the error.
@@ -414,8 +426,8 @@ func (c *KMS) CreateKeyRequest(input *CreateKeyInput) (req *request.Request, out
 //
 // Creates a customer master key (CMK) in the caller's AWS account.
 //
-// You can use a CMK to encrypt small amounts of data (4 KiB or less) directly,
+// You can use a CMK to encrypt small amounts of data (4 KiB or less) directly.
-// but CMKs are more commonly used to encrypt data encryption keys (DEKs), which
+// But CMKs are more commonly used to encrypt data encryption keys (DEKs), which
 // are used to encrypt raw data. For more information about DEKs and the difference
 // between CMKs and DEKs, see the following:
 //
@@ -536,14 +548,17 @@ func (c *KMS) DecryptRequest(input *DecryptInput) (req *request.Request, output
 //
 //    * Encrypt
 //
-// Note that if a caller has been granted access permissions to all keys (through,
+// Whenever possible, use key policies to give users permission to call the
-// for example, IAM user policies that grant Decrypt permission on all resources),
+// Decrypt operation on the CMK, instead of IAM policies. Otherwise, you might
-// then ciphertext encrypted by using keys in other accounts where the key grants
+// create an IAM user policy that gives the user Decrypt permission on all CMKs.
-// access to the caller can be decrypted. To remedy this, we recommend that
+// This user could decrypt ciphertext that was encrypted by CMKs in other accounts
-// you do not grant Decrypt access in an IAM user policy. Instead grant Decrypt
+// if the key policy for the cross-account CMK permits it. If you must use an
-// access only in key policies. If you must grant Decrypt access in an IAM user
+// IAM policy for Decrypt permissions, limit the user to particular CMKs or
-// policy, you should scope the resource to specific keys or to specific trusted
+// particular trusted accounts.
-// accounts.
+//
+// The result of this operation varies with the key state of the CMK. For details,
+// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
+// in the AWS Key Management Service Developer Guide.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -776,6 +791,10 @@ func (c *KMS) DeleteImportedKeyMaterialRequest(input *DeleteImportedKeyMaterialI
 // After you delete key material, you can use ImportKeyMaterial to reimport
 // the same key material into the CMK.
 //
+// The result of this operation varies with the key state of the CMK. For details,
+// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
+// in the AWS Key Management Service Developer Guide.
+//
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
 // the error.
@@ -879,6 +898,11 @@ func (c *KMS) DescribeKeyRequest(input *DescribeKeyInput) (req *request.Request,
 //
 // Provides detailed information about the specified customer master key (CMK).
 //
+// You can use DescribeKey on a predefined AWS alias, that is, an AWS alias
+// with no key ID. When you do, AWS KMS associates the alias with an AWS managed
+// CMK (http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys)
+// and returns its KeyId and Arn in the response.
+//
 // To perform this operation on a CMK in a different AWS account, specify the
 // key ARN or alias ARN in the value of the KeyId parameter.
 //
@@ -981,6 +1005,10 @@ func (c *KMS) DisableKeyRequest(input *DisableKeyInput) (req *request.Request, o
 // Key State Affects the Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 // in the AWS Key Management Service Developer Guide.
 //
+// The result of this operation varies with the key state of the CMK. For details,
+// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
+// in the AWS Key Management Service Developer Guide.
+//
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
 // the error.
@@ -1080,9 +1108,13 @@ func (c *KMS) DisableKeyRotationRequest(input *DisableKeyRotationInput) (req *re
 
 // DisableKeyRotation API operation for AWS Key Management Service.
 //
-// Disables automatic rotation of the key material for the specified customer
+// Disables automatic rotation of the key material (http://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html)
-// master key (CMK). You cannot perform this operation on a CMK in a different
+// for the specified customer master key (CMK). You cannot perform this operation
-// AWS account.
+// on a CMK in a different AWS account.
+//
+// The result of this operation varies with the key state of the CMK. For details,
+// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
+// in the AWS Key Management Service Developer Guide.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -1194,6 +1226,10 @@ func (c *KMS) EnableKeyRequest(input *EnableKeyInput) (req *request.Request, out
 // its use for cryptographic operations. You cannot perform this operation on
 // a CMK in a different AWS account.
 //
+// The result of this operation varies with the key state of the CMK. For details,
+// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
+// in the AWS Key Management Service Developer Guide.
+//
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
 // the error.
@@ -1298,9 +1334,13 @@ func (c *KMS) EnableKeyRotationRequest(input *EnableKeyRotationInput) (req *requ
 
 // EnableKeyRotation API operation for AWS Key Management Service.
 //
-// Enables automatic rotation of the key material for the specified customer
+// Enables automatic rotation of the key material (http://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html)
-// master key (CMK). You cannot perform this operation on a CMK in a different
+// for the specified customer master key (CMK). You cannot perform this operation
-// AWS account.
+// on a CMK in a different AWS account.
+//
+// The result of this operation varies with the key state of the CMK. For details,
+// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
+// in the AWS Key Management Service Developer Guide.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -1412,24 +1452,28 @@ func (c *KMS) EncryptRequest(input *EncryptInput) (req *request.Request, output
 //    * You can encrypt up to 4 kilobytes (4096 bytes) of arbitrary data such
 //    as an RSA key, a database password, or other sensitive information.
 //
-//    * To move encrypted data from one AWS region to another, you can use this
+//    * You can use the Encrypt operation to move encrypted data from one AWS
-//    operation to encrypt in the new region the plaintext data key that was
+//    region to another. In the first region, generate a data key and use the
-//    used to encrypt the data in the original region. This provides you with
+//    plaintext key to encrypt the data. Then, in the new region, call the Encrypt
-//    an encrypted copy of the data key that can be decrypted in the new region
+//    method on same plaintext data key. Now, you can safely move the encrypted
-//    and used there to decrypt the encrypted data.
+//    data and encrypted data key to the new region, and decrypt in the new
+//    region when necessary.
+//
+// You don't need use this operation to encrypt a data key within a region.
+// The GenerateDataKey and GenerateDataKeyWithoutPlaintext operations return
+// an encrypted data key.
+//
+// Also, you don't need to use this operation to encrypt data in your application.
+// You can use the plaintext and encrypted data keys that the GenerateDataKey
+// operation returns.
+//
+// The result of this operation varies with the key state of the CMK. For details,
+// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
+// in the AWS Key Management Service Developer Guide.
 //
 // To perform this operation on a CMK in a different AWS account, specify the
 // key ARN or alias ARN in the value of the KeyId parameter.
 //
-// Unless you are moving encrypted data from one region to another, you don't
-// use this operation to encrypt a generated data key within a region. To get
-// data keys that are already encrypted, call the GenerateDataKey or GenerateDataKeyWithoutPlaintext
-// operation. Data keys don't need to be encrypted again by calling Encrypt.
-//
-// To encrypt data locally in your application, use the GenerateDataKey operation
-// to return a plaintext data encryption key and a copy of the key encrypted
-// under the CMK of your choosing.
-//
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
 // the error.
@@ -1584,6 +1628,10 @@ func (c *KMS) GenerateDataKeyRequest(input *GenerateDataKeyInput) (req *request.
 // Context (http://docs.aws.amazon.com/kms/latest/developerguide/encryption-context.html)
 // in the AWS Key Management Service Developer Guide.
 //
+// The result of this operation varies with the key state of the CMK. For details,
+// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
+// in the AWS Key Management Service Developer Guide.
+//
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
 // the error.
@@ -1706,9 +1754,14 @@ func (c *KMS) GenerateDataKeyWithoutPlaintextRequest(input *GenerateDataKeyWitho
 // (GenerateDataKeyWithoutPlaintext) to get an encrypted data key and then stores
 // it in the container. Later, a different component of the system, called the
 // data plane, puts encrypted data into the containers. To do this, it passes
-// the encrypted data key to the Decrypt operation, then uses the returned plaintext
+// the encrypted data key to the Decrypt operation. It then uses the returned
-// data key to encrypt data, and finally stores the encrypted data in the container.
+// plaintext data key to encrypt data and finally stores the encrypted data
-// In this system, the control plane never sees the plaintext data key.
+// in the container. In this system, the control plane never sees the plaintext
+// data key.
+//
+// The result of this operation varies with the key state of the CMK. For details,
+// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
+// in the AWS Key Management Service Developer Guide.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -2006,7 +2059,20 @@ func (c *KMS) GetKeyRotationStatusRequest(input *GetKeyRotationStatusInput) (req
 // GetKeyRotationStatus API operation for AWS Key Management Service.
 //
 // Gets a Boolean value that indicates whether automatic rotation of the key
-// material is enabled for the specified customer master key (CMK).
+// material (http://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html)
+// is enabled for the specified customer master key (CMK).
+//
+// The result of this operation varies with the key state of the CMK. For details,
+// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
+// in the AWS Key Management Service Developer Guide.
+//
+//    * Disabled: The key rotation status does not change when you disable a
+//    CMK. However, while the CMK is disabled, AWS KMS does not rotate the backing
+//    key.
+//
+//    * Pending deletion: While a CMK is pending deletion, its key rotation
+//    status is false and AWS KMS does not rotate the backing key. If you cancel
+//    the deletion, the original key rotation status is restored.
 //
 // To perform this operation on a CMK in a different AWS account, specify the
 // key ARN in the value of the KeyId parameter.
@@ -2130,6 +2196,10 @@ func (c *KMS) GetParametersForImportRequest(input *GetParametersForImportInput)
 // they expire, they cannot be used for a subsequent ImportKeyMaterial request.
 // To get new ones, send another GetParametersForImport request.
 //
+// The result of this operation varies with the key state of the CMK. For details,
+// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
+// in the AWS Key Management Service Developer Guide.
+//
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
 // the error.
@@ -2268,6 +2338,10 @@ func (c *KMS) ImportKeyMaterialRequest(input *ImportKeyMaterialInput) (req *requ
 // into a CMK, you can reimport the same key material into that CMK, but you
 // cannot import different key material.
 //
+// The result of this operation varies with the key state of the CMK. For details,
+// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
+// in the AWS Key Management Service Developer Guide.
+//
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
 // the error.
@@ -2394,14 +2468,22 @@ func (c *KMS) ListAliasesRequest(input *ListAliasesInput) (req *request.Request,
 
 // ListAliases API operation for AWS Key Management Service.
 //
-// Gets a list of all aliases in the caller's AWS account and region. You cannot
+// Gets a list of aliases in the caller's AWS account and region. You cannot
 // list aliases in other accounts. For more information about aliases, see CreateAlias.
 //
-// The response might include several aliases that do not have a TargetKeyId
+// By default, the ListAliases command returns all aliases in the account and
-// field because they are not associated with a CMK. These are predefined aliases
+// region. To get only the aliases that point to a particular customer master
-// that are reserved for CMKs managed by AWS services. If an alias is not associated
+// key (CMK), use the KeyId parameter.
-// with a CMK, the alias does not count against the alias limit (http://docs.aws.amazon.com/kms/latest/developerguide/limits.html#aliases-limit)
+//
-// for your account.
+// The ListAliases response can include aliases that you created and associated
+// with your customer managed CMKs, and aliases that AWS created and associated
+// with AWS managed CMKs in your account. You can recognize AWS aliases because
+// their names have the format aws/<service-name>, such as aws/dynamodb.
+//
+// The response might also include aliases that have no TargetKeyId field. These
+// are predefined aliases that AWS has created but has not yet associated with
+// a CMK. Aliases that AWS creates in your account, including predefined aliases,
+// do not count against your AWS KMS aliases limit (http://docs.aws.amazon.com/kms/latest/developerguide/limits.html#aliases-limit).
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -3325,10 +3407,14 @@ func (c *KMS) ReEncryptRequest(input *ReEncryptInput) (req *request.Request, out
 // on the source CMK and once as ReEncryptTo on the destination CMK. We recommend
 // that you include the "kms:ReEncrypt*" permission in your key policies (http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html)
 // to permit reencryption from or to the CMK. This permission is automatically
-// included in the key policy when you create a CMK through the console, but
+// included in the key policy when you create a CMK through the console. But
 // you must include it manually when you create a CMK programmatically or when
 // you set a key policy with the PutKeyPolicy operation.
 //
+// The result of this operation varies with the key state of the CMK. For details,
+// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
+// in the AWS Key Management Service Developer Guide.
+//
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
 // the error.
@@ -3690,6 +3776,10 @@ func (c *KMS) ScheduleKeyDeletionRequest(input *ScheduleKeyDeletionInput) (req *
 // Master Keys (http://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html)
 // in the AWS Key Management Service Developer Guide.
 //
+// The result of this operation varies with the key state of the CMK. For details,
+// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
+// in the AWS Key Management Service Developer Guide.
+//
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
 // the error.
@@ -3789,22 +3879,23 @@ func (c *KMS) TagResourceRequest(input *TagResourceInput) (req *request.Request,
 
 // TagResource API operation for AWS Key Management Service.
 //
-// Adds or overwrites one or more tags for the specified customer master key
+// Adds or edits tags for a customer master key (CMK). You cannot perform this
-// (CMK). You cannot perform this operation on a CMK in a different AWS account.
+// operation on a CMK in a different AWS account.
 //
 // Each tag consists of a tag key and a tag value. Tag keys and tag values are
 // both required, but tag values can be empty (null) strings.
 //
-// You cannot use the same tag key more than once per CMK. For example, consider
+// You can only use a tag key once for each CMK. If you use the tag key again,
-// a CMK with one tag whose tag key is Purpose and tag value is Test. If you
+// AWS KMS replaces the current tag value with the specified value.
-// send a TagResource request for this CMK with a tag key of Purpose and a tag
-// value of Prod, it does not create a second tag. Instead, the original tag
-// is overwritten with the new tag value.
 //
 // For information about the rules that apply to tag keys and tag values, see
 // User-Defined Tag Restrictions (http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/allocation-tag-restrictions.html)
 // in the AWS Billing and Cost Management User Guide.
 //
+// The result of this operation varies with the key state of the CMK. For details,
+// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
+// in the AWS Key Management Service Developer Guide.
+//
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
 // the error.
@@ -3908,12 +3999,15 @@ func (c *KMS) UntagResourceRequest(input *UntagResourceInput) (req *request.Requ
 
 // UntagResource API operation for AWS Key Management Service.
 //
-// Removes the specified tag or tags from the specified customer master key
+// Removes the specified tags from the specified customer master key (CMK).
-// (CMK). You cannot perform this operation on a CMK in a different AWS account.
+// You cannot perform this operation on a CMK in a different AWS account.
 //
-// To remove a tag, you specify the tag key for each tag to remove. You do not
+// To remove a tag, specify the tag key. To change the tag value of an existing
-// specify the tag value. To overwrite the tag value for an existing tag, use
+// tag key, use TagResource.
-// TagResource.
+//
+// The result of this operation varies with the key state of the CMK. For details,
+// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
+// in the AWS Key Management Service Developer Guide.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -4034,6 +4128,10 @@ func (c *KMS) UpdateAliasRequest(input *UpdateAliasInput) (req *request.Request,
 // cannot begin with aws; that alias name prefix is reserved by Amazon Web Services
 // (AWS).
 //
+// The result of this operation varies with the key state of the CMK. For details,
+// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
+// in the AWS Key Management Service Developer Guide.
+//
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
 // the error.
@@ -4130,11 +4228,15 @@ func (c *KMS) UpdateKeyDescriptionRequest(input *UpdateKeyDescriptionInput) (req
 
 // UpdateKeyDescription API operation for AWS Key Management Service.
 //
-// Updates the description of a customer master key (CMK). To see the decription
+// Updates the description of a customer master key (CMK). To see the description
 // of a CMK, use DescribeKey.
 //
 // You cannot perform this operation on a CMK in a different AWS account.
 //
+// The result of this operation varies with the key state of the CMK. For details,
+// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
+// in the AWS Key Management Service Developer Guide.
+//
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
 // the error.
@@ -4308,9 +4410,9 @@ func (s *CancelKeyDeletionOutput) SetKeyId(v string) *CancelKeyDeletionOutput {
 type CreateAliasInput struct {
 	_ struct{} `type:"structure"`
 
-	// String that contains the display name. The name must start with the word
+	// Specifies the alias name. This value must begin with alias/ followed by the
-	// "alias" followed by a forward slash (alias/). Aliases that begin with "alias/AWS"
+	// alias name, such as alias/ExampleAlias. The alias name cannot begin with
-	// are reserved.
+	// aws/. The alias/aws/ prefix is reserved for AWS managed CMKs.
 	//
 	// AliasName is a required field
 	AliasName *string `min:"1" type:"string" required:"true"`
@@ -4435,8 +4537,8 @@ type CreateGrantInput struct {
 	// KeyId is a required field
 	KeyId *string `min:"1" type:"string" required:"true"`
 
-	// A friendly name for identifying the grant. Use this value to prevent unintended
+	// A friendly name for identifying the grant. Use this value to prevent the
-	// creation of duplicate grants when retrying this request.
+	// unintended creation of duplicate grants when retrying this request.
 	//
 	// When this value is absent, all CreateGrant requests result in a new grant
 	// with a unique GrantId even if all the supplied parameters are identical.
@@ -4642,9 +4744,9 @@ type CreateKeyInput struct {
 	//    The principals in the key policy must exist and be visible to AWS KMS.
 	//    When you create a new AWS principal (for example, an IAM user or role),
 	//    you might need to enforce a delay before including the new principal in
-	//    a key policy because the new principal might not be immediately visible
+	//    a key policy. The reason for this is that the new principal might not
-	//    to AWS KMS. For more information, see Changes that I make are not always
+	//    be immediately visible to AWS KMS. For more information, see Changes that
-	//    immediately visible (http://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency)
+	//    I make are not always immediately visible (http://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency)
 	//    in the AWS Identity and Access Management User Guide.
 	//
 	// If you do not provide a key policy, AWS KMS attaches a default key policy
@@ -4987,7 +5089,11 @@ type DescribeKeyInput struct {
 	// in the AWS Key Management Service Developer Guide.
 	GrantTokens []*string `type:"list"`
 
-	// A unique identifier for the customer master key (CMK).
+	// Describes the specified customer master key (CMK).
+	//
+	// If you specify a predefined AWS alias (an AWS alias with no key ID), KMS
+	// associates the alias with an AWS managed CMK (http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys)
+	// and returns its KeyId and Arn in the response.
 	//
 	// To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name,
 	// or alias ARN. When using an alias name, prefix it with "alias/". To specify
@@ -6016,9 +6122,8 @@ type GetParametersForImportInput struct {
 	// KeyId is a required field
 	KeyId *string `min:"1" type:"string" required:"true"`
 
-	// The algorithm you will use to encrypt the key material before importing it
+	// The algorithm you use to encrypt the key material before importing it with
-	// with ImportKeyMaterial. For more information, see Encrypt the Key Material
+	// ImportKeyMaterial. For more information, see Encrypt the Key Material (http://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-encrypt-key-material.html)
-	// (http://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-encrypt-key-material.html)
 	// in the AWS Key Management Service Developer Guide.
 	//
 	// WrappingAlgorithm is a required field
@@ -6140,14 +6245,14 @@ func (s *GetParametersForImportOutput) SetPublicKey(v []byte) *GetParametersForI
 }
 
 // A structure that you can use to allow certain operations in the grant only
-// when the desired encryption context is present. For more information about
+// when the preferred encryption context is present. For more information about
 // encryption context, see Encryption Context (http://docs.aws.amazon.com/kms/latest/developerguide/encryption-context.html)
 // in the AWS Key Management Service Developer Guide.
 //
 // Grant constraints apply only to operations that accept encryption context
 // as input. For example, the DescribeKey operation does not accept encryption
 // context as input. A grant that allows the DescribeKey operation does so regardless
-// of the grant constraints. In constrast, the Encrypt operation accepts encryption
+// of the grant constraints. In contrast, the Encrypt operation accepts encryption
 // context as input. A grant that allows the Encrypt operation does so only
 // when the encryption context of the Encrypt operation satisfies the grant
 // constraints.
@@ -6492,7 +6597,7 @@ type KeyMetadata struct {
 	// KeyId is a required field
 	KeyId *string `min:"1" type:"string" required:"true"`
 
-	// The CMK's manager. CMKs are either customer-managed or AWS-managed. For more
+	// The CMK's manager. CMKs are either customer managed or AWS managed. For more
 	// information about the difference, see Customer Master Keys (http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys)
 	// in the AWS Key Management Service Developer Guide.
 	KeyManager *string `type:"string" enum:"KeyManagerType"`
@@ -6613,6 +6718,14 @@ func (s *KeyMetadata) SetValidTo(v time.Time) *KeyMetadata {
 type ListAliasesInput struct {
 	_ struct{} `type:"structure"`
 
+	// Lists only aliases that refer to the specified CMK. The value of this parameter
+	// can be the ID or Amazon Resource Name (ARN) of a CMK in the caller's account
+	// and region. You cannot use an alias name or alias ARN in this value.
+	//
+	// This parameter is optional. If you omit it, ListAliases returns all aliases
+	// in the account and region.
+	KeyId *string `min:"1" type:"string"`
+
 	// Use this parameter to specify the maximum number of items to return. When
 	// this value is present, AWS KMS does not return more than the specified number
 	// of items, but it might return fewer.
@@ -6640,6 +6753,9 @@ func (s ListAliasesInput) GoString() string {
 // Validate inspects the fields of the type to determine if they are valid.
 func (s *ListAliasesInput) Validate() error {
 	invalidParams := request.ErrInvalidParams{Context: "ListAliasesInput"}
+	if s.KeyId != nil && len(*s.KeyId) < 1 {
+		invalidParams.Add(request.NewErrParamMinLen("KeyId", 1))
+	}
 	if s.Limit != nil && *s.Limit < 1 {
 		invalidParams.Add(request.NewErrParamMinValue("Limit", 1))
 	}
@@ -6653,6 +6769,12 @@ func (s *ListAliasesInput) Validate() error {
 	return nil
 }
 
+// SetKeyId sets the KeyId field's value.
+func (s *ListAliasesInput) SetKeyId(v string) *ListAliasesInput {
+	s.KeyId = &v
+	return s
+}
+
 // SetLimit sets the Limit field's value.
 func (s *ListAliasesInput) SetLimit(v int64) *ListAliasesInput {
 	s.Limit = &v
@@ -7326,9 +7448,9 @@ type PutKeyPolicyInput struct {
 	//    The principals in the key policy must exist and be visible to AWS KMS.
 	//    When you create a new AWS principal (for example, an IAM user or role),
 	//    you might need to enforce a delay before including the new principal in
-	//    a key policy because the new principal might not be immediately visible
+	//    a key policy. The reason for this is that the new principal might not
-	//    to AWS KMS. For more information, see Changes that I make are not always
+	//    be immediately visible to AWS KMS. For more information, see Changes that
-	//    immediately visible (http://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency)
+	//    I make are not always immediately visible (http://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency)
 	//    in the AWS Identity and Access Management User Guide.
 	//
 	// The key policy size limit is 32 kilobytes (32768 bytes).

vendor/github.com/aws/aws-sdk-go/service/kms/doc.go

@@ -9,7 +9,7 @@
 // Management Service Developer Guide (http://docs.aws.amazon.com/kms/latest/developerguide/).
 //
 // AWS provides SDKs that consist of libraries and sample code for various programming
-// languages and platforms (Java, Ruby, .Net, iOS, Android, etc.). The SDKs
+// languages and platforms (Java, Ruby, .Net, macOS, Android, etc.). The SDKs
 // provide a convenient way to create programmatic access to AWS KMS and other
 // AWS services. For example, the SDKs take care of tasks such as signing requests
 // (see below), managing errors, and retrying requests automatically. For more
@@ -30,7 +30,7 @@
 // Requests must be signed by using an access key ID and a secret access key.
 // We strongly recommend that you do not use your AWS account (root) access
 // key ID and secret key for everyday work with AWS KMS. Instead, use the access
-// key ID and secret access key for an IAM user, or you can use the AWS Security
+// key ID and secret access key for an IAM user. You can also use the AWS Security
 // Token Service to generate temporary security credentials that you can use
 // to sign requests.
 //
@@ -61,11 +61,11 @@
 //    - This set of topics walks you through the process of signing a request
 //    using an access key ID and a secret access key.
 //
-// Commonly Used APIs
+// Commonly Used API Operations
 //
-// Of the APIs discussed in this guide, the following will prove the most useful
+// Of the API operations discussed in this guide, the following will prove the
-// for most applications. You will likely perform actions other than these,
+// most useful for most applications. You will likely perform operations other
-// such as creating keys and assigning policies, by using the console.
+// than these, such as creating keys and assigning policies, by using the console.
 //
 //    * Encrypt
 //

vendor/github.com/aws/aws-sdk-go/service/lambda/api.go

@@ -1601,6 +1601,8 @@ const opInvokeAsync = "InvokeAsync"
 //    }
 //
 // See also, https://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/InvokeAsync
+//
+// Deprecated: InvokeAsync has been deprecated
 func (c *Lambda) InvokeAsyncRequest(input *InvokeAsyncInput) (req *request.Request, output *InvokeAsyncOutput) {
 	if c.Client.Config.Logger != nil {
 		c.Client.Config.Logger.Log("This operation, InvokeAsync, has been deprecated")
@@ -1652,6 +1654,8 @@ func (c *Lambda) InvokeAsyncRequest(input *InvokeAsyncInput) (req *request.Reque
 //   The runtime or runtime version specified is not supported.
 //
 // See also, https://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/InvokeAsync
+//
+// Deprecated: InvokeAsync has been deprecated
 func (c *Lambda) InvokeAsync(input *InvokeAsyncInput) (*InvokeAsyncOutput, error) {
 	req, out := c.InvokeAsyncRequest(input)
 	return out, req.Send()
@@ -1666,6 +1670,8 @@ func (c *Lambda) InvokeAsync(input *InvokeAsyncInput) (*InvokeAsyncOutput, error
 // the context is nil a panic will occur. In the future the SDK may create
 // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 // for more information on using Contexts.
+//
+// Deprecated: InvokeAsyncWithContext has been deprecated
 func (c *Lambda) InvokeAsyncWithContext(ctx aws.Context, input *InvokeAsyncInput, opts ...request.Option) (*InvokeAsyncOutput, error) {
 	req, out := c.InvokeAsyncRequest(input)
 	req.SetContext(ctx)
@@ -5267,6 +5273,7 @@ func (s *GetPolicyOutput) SetRevisionId(v string) *GetPolicyOutput {
 	return s
 }
 
+// Deprecated: InvokeAsyncInput has been deprecated
 type InvokeAsyncInput struct {
 	_ struct{} `deprecated:"true" type:"structure" payload:"InvokeArgs"`
 
@@ -5325,6 +5332,8 @@ func (s *InvokeAsyncInput) SetInvokeArgs(v io.ReadSeeker) *InvokeAsyncInput {
 }
 
 // Upon success, it returns empty response. Otherwise, throws an exception.
+//
+// Deprecated: InvokeAsyncOutput has been deprecated
 type InvokeAsyncOutput struct {
 	_ struct{} `deprecated:"true" type:"structure"`
 

vendor/github.com/aws/aws-sdk-go/service/lexmodelbuildingservice/api.go

@@ -10771,6 +10771,9 @@ const (
 	// StatusReady is a Status enum value
 	StatusReady = "READY"
 
+	// StatusReadyBasicTesting is a Status enum value
+	StatusReadyBasicTesting = "READY_BASIC_TESTING"
+
 	// StatusFailed is a Status enum value
 	StatusFailed = "FAILED"
 

vendor/github.com/aws/aws-sdk-go/service/lightsail/api.go

@@ -8914,6 +8914,8 @@ type CreateInstancesInput struct {
 	//
 	// In releases prior to June 12, 2017, this parameter was ignored by the API.
 	// It is now deprecated.
+	//
+	// Deprecated: CustomImageName has been deprecated
 	CustomImageName *string `locationName:"customImageName" deprecated:"true" type:"string"`
 
 	// The names to use for your new Lightsail instances. Separate multiple values
@@ -10163,6 +10165,8 @@ type Disk struct {
 	// In releases prior to November 14, 2017, this parameter returned attached
 	// for system disks in the API response. It is now deprecated, but still included
 	// in the response. Use isAttached instead.
+	//
+	// Deprecated: AttachmentState has been deprecated
 	AttachmentState *string `locationName:"attachmentState" deprecated:"true" type:"string"`
 
 	// The date when the disk was created.
@@ -10172,6 +10176,8 @@ type Disk struct {
 	//
 	// In releases prior to November 14, 2017, this parameter was not included in
 	// the API response. It is now deprecated.
+	//
+	// Deprecated: GbInUse has been deprecated
 	GbInUse *int64 `locationName:"gbInUse" deprecated:"true" type:"integer"`
 
 	// The input/output operations per second (IOPS) of the disk.
@@ -10558,6 +10564,8 @@ type DomainEntry struct {
 	//
 	// In releases prior to November 29, 2017, this parameter was not included in
 	// the API response. It is now deprecated.
+	//
+	// Deprecated: Options has been deprecated
 	Options map[string]*string `locationName:"options" deprecated:"true" type:"map"`
 
 	// The target AWS name server (e.g., ns-111.awsdns-22.com.).
@@ -12548,6 +12556,8 @@ type GetOperationsForResourceOutput struct {
 	//
 	// In releases prior to June 12, 2017, this parameter returned null by the API.
 	// It is now deprecated, and the API returns the nextPageToken parameter instead.
+	//
+	// Deprecated: NextPageCount has been deprecated
 	NextPageCount *string `locationName:"nextPageCount" deprecated:"true" type:"string"`
 
 	// An identifier that was returned from the previous call to this operation,

vendor/github.com/aws/aws-sdk-go/service/mq/api.go

@@ -3,6 +3,8 @@
 package mq
 
 import (
+	"time"
+
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/aws/awsutil"
 	"github.com/aws/aws-sdk-go/aws/request"
@@ -65,10 +67,10 @@ func (c *MQ) CreateBrokerRequest(input *CreateBrokerRequest) (req *request.Reque
 //   * ErrCodeBadRequestException "BadRequestException"
 //   Returns information about an error.
 //
-//   * ErrCodeInternalServerErrorException "InternalServerErrorException"
+//   * ErrCodeUnauthorizedException "UnauthorizedException"
 //   Returns information about an error.
 //
-//   * ErrCodeUnauthorizedException "UnauthorizedException"
+//   * ErrCodeInternalServerErrorException "InternalServerErrorException"
 //   Returns information about an error.
 //
 //   * ErrCodeConflictException "ConflictException"
@@ -144,8 +146,7 @@ func (c *MQ) CreateConfigurationRequest(input *CreateConfigurationRequest) (req
 // CreateConfiguration API operation for AmazonMQ.
 //
 // Creates a new configuration for the specified configuration name. Amazon
-// MQ uses the default configuration (the engine type and version). Note: If
+// MQ uses the default configuration (the engine type and version).
-// the configuration name already exists, Amazon MQ doesn't create a configuration.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -1305,6 +1306,9 @@ func (c *MQ) UpdateBrokerRequest(input *UpdateBrokerRequest) (req *request.Reque
 //   * ErrCodeInternalServerErrorException "InternalServerErrorException"
 //   Returns information about an error.
 //
+//   * ErrCodeConflictException "ConflictException"
+//   Returns information about an error.
+//
 //   * ErrCodeForbiddenException "ForbiddenException"
 //   Returns information about an error.
 //
@@ -1521,6 +1525,9 @@ type BrokerInstance struct {
 
 	// The broker's wire-level protocol endpoints.
 	Endpoints []*string `locationName:"endpoints" type:"list"`
+
+	// The IP address of the Elastic Network Interface (ENI) attached to the broker.
+	IpAddress *string `locationName:"ipAddress" type:"string"`
 }
 
 // String returns the string representation
@@ -1545,6 +1552,12 @@ func (s *BrokerInstance) SetEndpoints(v []*string) *BrokerInstance {
 	return s
 }
 
+// SetIpAddress sets the IpAddress field's value.
+func (s *BrokerInstance) SetIpAddress(v string) *BrokerInstance {
+	s.IpAddress = &v
+	return s
+}
+
 // The Amazon Resource Name (ARN) of the broker.
 type BrokerSummary struct {
 	_ struct{} `type:"structure"`
@@ -1561,17 +1574,16 @@ type BrokerSummary struct {
 	// characters.
 	BrokerName *string `locationName:"brokerName" type:"string"`
 
-	// The status of the broker. Possible values: CREATION_IN_PROGRESS, CREATION_FAILED,
+	// The status of the broker.
-	// DELETION_IN_PROGRESS, RUNNING, REBOOT_IN_PROGRESS
 	BrokerState *string `locationName:"brokerState" type:"string" enum:"BrokerState"`
 
-	// Required. The deployment mode of the broker. Possible values: SINGLE_INSTANCE,
+	// The time when the broker was created.
-	// ACTIVE_STANDBY_MULTI_AZ SINGLE_INSTANCE creates a single-instance broker
+	Created *time.Time `locationName:"created" type:"timestamp" timestampFormat:"iso8601"`
-	// in a single Availability Zone. ACTIVE_STANDBY_MULTI_AZ creates an active/standby
+
-	// broker for high availability.
+	// Required. The deployment mode of the broker.
 	DeploymentMode *string `locationName:"deploymentMode" type:"string" enum:"DeploymentMode"`
 
-	// The broker's instance type. Possible values: mq.t2.micro, mq.m4.large
+	// The broker's instance type.
 	HostInstanceType *string `locationName:"hostInstanceType" type:"string"`
 }
 
@@ -1609,6 +1621,12 @@ func (s *BrokerSummary) SetBrokerState(v string) *BrokerSummary {
 	return s
 }
 
+// SetCreated sets the Created field's value.
+func (s *BrokerSummary) SetCreated(v time.Time) *BrokerSummary {
+	s.Created = &v
+	return s
+}
+
 // SetDeploymentMode sets the DeploymentMode field's value.
 func (s *BrokerSummary) SetDeploymentMode(v string) *BrokerSummary {
 	s.DeploymentMode = &v
@@ -1628,6 +1646,9 @@ type Configuration struct {
 	// Required. The ARN of the configuration.
 	Arn *string `locationName:"arn" type:"string"`
 
+	// Required. The date and time of the configuration revision.
+	Created *time.Time `locationName:"created" type:"timestamp" timestampFormat:"iso8601"`
+
 	// Required. The description of the configuration.
 	Description *string `locationName:"description" type:"string"`
 
@@ -1666,6 +1687,12 @@ func (s *Configuration) SetArn(v string) *Configuration {
 	return s
 }
 
+// SetCreated sets the Created field's value.
+func (s *Configuration) SetCreated(v time.Time) *Configuration {
+	s.Created = &v
+	return s
+}
+
 // SetDescription sets the Description field's value.
 func (s *Configuration) SetDescription(v string) *Configuration {
 	s.Description = &v
@@ -1709,7 +1736,7 @@ type ConfigurationId struct {
 	// Required. The unique ID that Amazon MQ generates for the configuration.
 	Id *string `locationName:"id" type:"string"`
 
-	// The Universally Unique Identifier (UUID) of the request.
+	// The revision number of the configuration.
 	Revision *int64 `locationName:"revision" type:"integer"`
 }
 
@@ -1739,10 +1766,13 @@ func (s *ConfigurationId) SetRevision(v int64) *ConfigurationId {
 type ConfigurationRevision struct {
 	_ struct{} `type:"structure"`
 
+	// Required. The date and time of the configuration revision.
+	Created *time.Time `locationName:"created" type:"timestamp" timestampFormat:"iso8601"`
+
 	// The description of the configuration revision.
 	Description *string `locationName:"description" type:"string"`
 
-	// Required. The revision of the configuration.
+	// Required. The revision number of the configuration.
 	Revision *int64 `locationName:"revision" type:"integer"`
 }
 
@@ -1756,6 +1786,12 @@ func (s ConfigurationRevision) GoString() string {
 	return s.String()
 }
 
+// SetCreated sets the Created field's value.
+func (s *ConfigurationRevision) SetCreated(v time.Time) *ConfigurationRevision {
+	s.Created = &v
+	return s
+}
+
 // SetDescription sets the Description field's value.
 func (s *ConfigurationRevision) SetDescription(v string) *ConfigurationRevision {
 	s.Description = &v
@@ -1822,9 +1858,7 @@ type CreateBrokerRequest struct {
 
 	CreatorRequestId *string `locationName:"creatorRequestId" type:"string" idempotencyToken:"true"`
 
-	// The deployment mode of the broker. Possible values: SINGLE_INSTANCE, ACTIVE_STANDBY_MULTI_AZ
+	// The deployment mode of the broker.
-	// SINGLE_INSTANCE creates a single-instance broker in a single Availability
-	// Zone. ACTIVE_STANDBY_MULTI_AZ creates an active/standby broker for high availability.
 	DeploymentMode *string `locationName:"deploymentMode" type:"string" enum:"DeploymentMode"`
 
 	// The type of broker engine. Note: Currently, Amazon MQ supports only ActiveMQ.
@@ -1834,6 +1868,9 @@ type CreateBrokerRequest struct {
 
 	HostInstanceType *string `locationName:"hostInstanceType" type:"string"`
 
+	// The list of information about logs to be enabled for the specified broker.
+	Logs *Logs `locationName:"logs" type:"structure"`
+
 	// The scheduled time period relative to UTC during which Amazon MQ begins to
 	// apply pending updates or patches to the broker.
 	MaintenanceWindowStartTime *WeeklyStartTime `locationName:"maintenanceWindowStartTime" type:"structure"`
@@ -1905,6 +1942,12 @@ func (s *CreateBrokerRequest) SetHostInstanceType(v string) *CreateBrokerRequest
 	return s
 }
 
+// SetLogs sets the Logs field's value.
+func (s *CreateBrokerRequest) SetLogs(v *Logs) *CreateBrokerRequest {
+	s.Logs = v
+	return s
+}
+
 // SetMaintenanceWindowStartTime sets the MaintenanceWindowStartTime field's value.
 func (s *CreateBrokerRequest) SetMaintenanceWindowStartTime(v *WeeklyStartTime) *CreateBrokerRequest {
 	s.MaintenanceWindowStartTime = v
@@ -2009,6 +2052,8 @@ type CreateConfigurationResponse struct {
 
 	Arn *string `locationName:"arn" type:"string"`
 
+	Created *time.Time `locationName:"created" type:"timestamp" timestampFormat:"iso8601"`
+
 	Id *string `locationName:"id" type:"string"`
 
 	// Returns information about the specified configuration revision.
@@ -2033,6 +2078,12 @@ func (s *CreateConfigurationResponse) SetArn(v string) *CreateConfigurationRespo
 	return s
 }
 
+// SetCreated sets the Created field's value.
+func (s *CreateConfigurationResponse) SetCreated(v time.Time) *CreateConfigurationResponse {
+	s.Created = &v
+	return s
+}
+
 // SetId sets the Id field's value.
 func (s *CreateConfigurationResponse) SetId(v string) *CreateConfigurationResponse {
 	s.Id = &v
@@ -2306,16 +2357,15 @@ type DescribeBrokerResponse struct {
 
 	BrokerName *string `locationName:"brokerName" type:"string"`
 
-	// The status of the broker. Possible values: CREATION_IN_PROGRESS, CREATION_FAILED,
+	// The status of the broker.
-	// DELETION_IN_PROGRESS, RUNNING, REBOOT_IN_PROGRESS
 	BrokerState *string `locationName:"brokerState" type:"string" enum:"BrokerState"`
 
 	// Broker configuration information
 	Configurations *Configurations `locationName:"configurations" type:"structure"`
 
-	// The deployment mode of the broker. Possible values: SINGLE_INSTANCE, ACTIVE_STANDBY_MULTI_AZ
+	Created *time.Time `locationName:"created" type:"timestamp" timestampFormat:"iso8601"`
-	// SINGLE_INSTANCE creates a single-instance broker in a single Availability
+
-	// Zone. ACTIVE_STANDBY_MULTI_AZ creates an active/standby broker for high availability.
+	// The deployment mode of the broker.
 	DeploymentMode *string `locationName:"deploymentMode" type:"string" enum:"DeploymentMode"`
 
 	// The type of broker engine. Note: Currently, Amazon MQ supports only ActiveMQ.
@@ -2325,10 +2375,16 @@ type DescribeBrokerResponse struct {
 
 	HostInstanceType *string `locationName:"hostInstanceType" type:"string"`
 
+	// The list of information about logs currently enabled and pending to be deployed
+	// for the specified broker.
+	Logs *LogsSummary `locationName:"logs" type:"structure"`
+
 	// The scheduled time period relative to UTC during which Amazon MQ begins to
 	// apply pending updates or patches to the broker.
 	MaintenanceWindowStartTime *WeeklyStartTime `locationName:"maintenanceWindowStartTime" type:"structure"`
 
+	PendingEngineVersion *string `locationName:"pendingEngineVersion" type:"string"`
+
 	PubliclyAccessible *bool `locationName:"publiclyAccessible" type:"boolean"`
 
 	SecurityGroups []*string `locationName:"securityGroups" type:"list"`
@@ -2390,6 +2446,12 @@ func (s *DescribeBrokerResponse) SetConfigurations(v *Configurations) *DescribeB
 	return s
 }
 
+// SetCreated sets the Created field's value.
+func (s *DescribeBrokerResponse) SetCreated(v time.Time) *DescribeBrokerResponse {
+	s.Created = &v
+	return s
+}
+
 // SetDeploymentMode sets the DeploymentMode field's value.
 func (s *DescribeBrokerResponse) SetDeploymentMode(v string) *DescribeBrokerResponse {
 	s.DeploymentMode = &v
@@ -2414,12 +2476,24 @@ func (s *DescribeBrokerResponse) SetHostInstanceType(v string) *DescribeBrokerRe
 	return s
 }
 
+// SetLogs sets the Logs field's value.
+func (s *DescribeBrokerResponse) SetLogs(v *LogsSummary) *DescribeBrokerResponse {
+	s.Logs = v
+	return s
+}
+
 // SetMaintenanceWindowStartTime sets the MaintenanceWindowStartTime field's value.
 func (s *DescribeBrokerResponse) SetMaintenanceWindowStartTime(v *WeeklyStartTime) *DescribeBrokerResponse {
 	s.MaintenanceWindowStartTime = v
 	return s
 }
 
+// SetPendingEngineVersion sets the PendingEngineVersion field's value.
+func (s *DescribeBrokerResponse) SetPendingEngineVersion(v string) *DescribeBrokerResponse {
+	s.PendingEngineVersion = &v
+	return s
+}
+
 // SetPubliclyAccessible sets the PubliclyAccessible field's value.
 func (s *DescribeBrokerResponse) SetPubliclyAccessible(v bool) *DescribeBrokerResponse {
 	s.PubliclyAccessible = &v
@@ -2485,6 +2559,8 @@ type DescribeConfigurationOutput struct {
 
 	Arn *string `locationName:"arn" type:"string"`
 
+	Created *time.Time `locationName:"created" type:"timestamp" timestampFormat:"iso8601"`
+
 	Description *string `locationName:"description" type:"string"`
 
 	// The type of broker engine. Note: Currently, Amazon MQ supports only ActiveMQ.
@@ -2516,6 +2592,12 @@ func (s *DescribeConfigurationOutput) SetArn(v string) *DescribeConfigurationOut
 	return s
 }
 
+// SetCreated sets the Created field's value.
+func (s *DescribeConfigurationOutput) SetCreated(v time.Time) *DescribeConfigurationOutput {
+	s.Created = &v
+	return s
+}
+
 // SetDescription sets the Description field's value.
 func (s *DescribeConfigurationOutput) SetDescription(v string) *DescribeConfigurationOutput {
 	s.Description = &v
@@ -2605,6 +2687,8 @@ type DescribeConfigurationRevisionResponse struct {
 
 	ConfigurationId *string `locationName:"configurationId" type:"string"`
 
+	Created *time.Time `locationName:"created" type:"timestamp" timestampFormat:"iso8601"`
+
 	Data *string `locationName:"data" type:"string"`
 
 	Description *string `locationName:"description" type:"string"`
@@ -2626,6 +2710,12 @@ func (s *DescribeConfigurationRevisionResponse) SetConfigurationId(v string) *De
 	return s
 }
 
+// SetCreated sets the Created field's value.
+func (s *DescribeConfigurationRevisionResponse) SetCreated(v time.Time) *DescribeConfigurationRevisionResponse {
+	s.Created = &v
+	return s
+}
+
 // SetData sets the Data field's value.
 func (s *DescribeConfigurationRevisionResponse) SetData(v string) *DescribeConfigurationRevisionResponse {
 	s.Data = &v
@@ -3057,7 +3147,7 @@ type ListUsersResponse struct {
 
 	BrokerId *string `locationName:"brokerId" type:"string"`
 
-	MaxResults *int64 `locationName:"maxResults" type:"integer"`
+	MaxResults *int64 `locationName:"maxResults" min:"5" type:"integer"`
 
 	NextToken *string `locationName:"nextToken" type:"string"`
 
@@ -3098,6 +3188,137 @@ func (s *ListUsersResponse) SetUsers(v []*UserSummary) *ListUsersResponse {
 	return s
 }
 
+// The list of information about logs to be enabled for the specified broker.
+type Logs struct {
+	_ struct{} `type:"structure"`
+
+	// Enables audit logging. Every user management action made using JMX or the
+	// ActiveMQ Web Console is logged.
+	Audit *bool `locationName:"audit" type:"boolean"`
+
+	// Enables general logging.
+	General *bool `locationName:"general" type:"boolean"`
+}
+
+// String returns the string representation
+func (s Logs) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s Logs) GoString() string {
+	return s.String()
+}
+
+// SetAudit sets the Audit field's value.
+func (s *Logs) SetAudit(v bool) *Logs {
+	s.Audit = &v
+	return s
+}
+
+// SetGeneral sets the General field's value.
+func (s *Logs) SetGeneral(v bool) *Logs {
+	s.General = &v
+	return s
+}
+
+// The list of information about logs currently enabled and pending to be deployed
+// for the specified broker.
+type LogsSummary struct {
+	_ struct{} `type:"structure"`
+
+	// Enables audit logging. Every user management action made using JMX or the
+	// ActiveMQ Web Console is logged.
+	Audit *bool `locationName:"audit" type:"boolean"`
+
+	// The location of the CloudWatch Logs log group where audit logs are sent.
+	AuditLogGroup *string `locationName:"auditLogGroup" type:"string"`
+
+	// Enables general logging.
+	General *bool `locationName:"general" type:"boolean"`
+
+	// The location of the CloudWatch Logs log group where general logs are sent.
+	GeneralLogGroup *string `locationName:"generalLogGroup" type:"string"`
+
+	// The list of information about logs pending to be deployed for the specified
+	// broker.
+	Pending *PendingLogs `locationName:"pending" type:"structure"`
+}
+
+// String returns the string representation
+func (s LogsSummary) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s LogsSummary) GoString() string {
+	return s.String()
+}
+
+// SetAudit sets the Audit field's value.
+func (s *LogsSummary) SetAudit(v bool) *LogsSummary {
+	s.Audit = &v
+	return s
+}
+
+// SetAuditLogGroup sets the AuditLogGroup field's value.
+func (s *LogsSummary) SetAuditLogGroup(v string) *LogsSummary {
+	s.AuditLogGroup = &v
+	return s
+}
+
+// SetGeneral sets the General field's value.
+func (s *LogsSummary) SetGeneral(v bool) *LogsSummary {
+	s.General = &v
+	return s
+}
+
+// SetGeneralLogGroup sets the GeneralLogGroup field's value.
+func (s *LogsSummary) SetGeneralLogGroup(v string) *LogsSummary {
+	s.GeneralLogGroup = &v
+	return s
+}
+
+// SetPending sets the Pending field's value.
+func (s *LogsSummary) SetPending(v *PendingLogs) *LogsSummary {
+	s.Pending = v
+	return s
+}
+
+// The list of information about logs to be enabled for the specified broker.
+type PendingLogs struct {
+	_ struct{} `type:"structure"`
+
+	// Enables audit logging. Every user management action made using JMX or the
+	// ActiveMQ Web Console is logged.
+	Audit *bool `locationName:"audit" type:"boolean"`
+
+	// Enables general logging.
+	General *bool `locationName:"general" type:"boolean"`
+}
+
+// String returns the string representation
+func (s PendingLogs) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s PendingLogs) GoString() string {
+	return s.String()
+}
+
+// SetAudit sets the Audit field's value.
+func (s *PendingLogs) SetAudit(v bool) *PendingLogs {
+	s.Audit = &v
+	return s
+}
+
+// SetGeneral sets the General field's value.
+func (s *PendingLogs) SetGeneral(v bool) *PendingLogs {
+	s.General = &v
+	return s
+}
+
 type RebootBrokerInput struct {
 	_ struct{} `type:"structure"`
 
@@ -3160,12 +3381,6 @@ type SanitizationWarning struct {
 	ElementName *string `locationName:"elementName" type:"string"`
 
 	// Required. The reason for which the XML elements or attributes were sanitized.
-	// Possible values: DISALLOWED_ELEMENT_REMOVED, DISALLOWED_ATTRIBUTE_REMOVED,
-	// INVALID_ATTRIBUTE_VALUE_REMOVED DISALLOWED_ELEMENT_REMOVED shows that the
-	// provided element isn't allowed and has been removed. DISALLOWED_ATTRIBUTE_REMOVED
-	// shows that the provided attribute isn't allowed and has been removed. INVALID_ATTRIBUTE_VALUE_REMOVED
-	// shows that the provided value for the attribute isn't allowed and has been
-	// removed.
 	Reason *string `locationName:"reason" type:"string" enum:"SanitizationWarningReason"`
 }
 
@@ -3200,11 +3415,18 @@ func (s *SanitizationWarning) SetReason(v string) *SanitizationWarning {
 type UpdateBrokerRequest struct {
 	_ struct{} `type:"structure"`
 
+	AutoMinorVersionUpgrade *bool `locationName:"autoMinorVersionUpgrade" type:"boolean"`
+
 	// BrokerId is a required field
 	BrokerId *string `location:"uri" locationName:"broker-id" type:"string" required:"true"`
 
 	// A list of information about the configuration.
 	Configuration *ConfigurationId `locationName:"configuration" type:"structure"`
+
+	EngineVersion *string `locationName:"engineVersion" type:"string"`
+
+	// The list of information about logs to be enabled for the specified broker.
+	Logs *Logs `locationName:"logs" type:"structure"`
 }
 
 // String returns the string representation
@@ -3230,6 +3452,12 @@ func (s *UpdateBrokerRequest) Validate() error {
 	return nil
 }
 
+// SetAutoMinorVersionUpgrade sets the AutoMinorVersionUpgrade field's value.
+func (s *UpdateBrokerRequest) SetAutoMinorVersionUpgrade(v bool) *UpdateBrokerRequest {
+	s.AutoMinorVersionUpgrade = &v
+	return s
+}
+
 // SetBrokerId sets the BrokerId field's value.
 func (s *UpdateBrokerRequest) SetBrokerId(v string) *UpdateBrokerRequest {
 	s.BrokerId = &v
@@ -3242,13 +3470,32 @@ func (s *UpdateBrokerRequest) SetConfiguration(v *ConfigurationId) *UpdateBroker
 	return s
 }
 
+// SetEngineVersion sets the EngineVersion field's value.
+func (s *UpdateBrokerRequest) SetEngineVersion(v string) *UpdateBrokerRequest {
+	s.EngineVersion = &v
+	return s
+}
+
+// SetLogs sets the Logs field's value.
+func (s *UpdateBrokerRequest) SetLogs(v *Logs) *UpdateBrokerRequest {
+	s.Logs = v
+	return s
+}
+
 type UpdateBrokerResponse struct {
 	_ struct{} `type:"structure"`
 
+	AutoMinorVersionUpgrade *bool `locationName:"autoMinorVersionUpgrade" type:"boolean"`
+
 	BrokerId *string `locationName:"brokerId" type:"string"`
 
 	// A list of information about the configuration.
 	Configuration *ConfigurationId `locationName:"configuration" type:"structure"`
+
+	EngineVersion *string `locationName:"engineVersion" type:"string"`
+
+	// The list of information about logs to be enabled for the specified broker.
+	Logs *Logs `locationName:"logs" type:"structure"`
 }
 
 // String returns the string representation
@@ -3261,6 +3508,12 @@ func (s UpdateBrokerResponse) GoString() string {
 	return s.String()
 }
 
+// SetAutoMinorVersionUpgrade sets the AutoMinorVersionUpgrade field's value.
+func (s *UpdateBrokerResponse) SetAutoMinorVersionUpgrade(v bool) *UpdateBrokerResponse {
+	s.AutoMinorVersionUpgrade = &v
+	return s
+}
+
 // SetBrokerId sets the BrokerId field's value.
 func (s *UpdateBrokerResponse) SetBrokerId(v string) *UpdateBrokerResponse {
 	s.BrokerId = &v
@@ -3273,6 +3526,18 @@ func (s *UpdateBrokerResponse) SetConfiguration(v *ConfigurationId) *UpdateBroke
 	return s
 }
 
+// SetEngineVersion sets the EngineVersion field's value.
+func (s *UpdateBrokerResponse) SetEngineVersion(v string) *UpdateBrokerResponse {
+	s.EngineVersion = &v
+	return s
+}
+
+// SetLogs sets the Logs field's value.
+func (s *UpdateBrokerResponse) SetLogs(v *Logs) *UpdateBrokerResponse {
+	s.Logs = v
+	return s
+}
+
 type UpdateConfigurationRequest struct {
 	_ struct{} `type:"structure"`
 
@@ -3330,6 +3595,8 @@ type UpdateConfigurationResponse struct {
 
 	Arn *string `locationName:"arn" type:"string"`
 
+	Created *time.Time `locationName:"created" type:"timestamp" timestampFormat:"iso8601"`
+
 	Id *string `locationName:"id" type:"string"`
 
 	// Returns information about the specified configuration revision.
@@ -3356,6 +3623,12 @@ func (s *UpdateConfigurationResponse) SetArn(v string) *UpdateConfigurationRespo
 	return s
 }
 
+// SetCreated sets the Created field's value.
+func (s *UpdateConfigurationResponse) SetCreated(v time.Time) *UpdateConfigurationResponse {
+	s.Created = &v
+	return s
+}
+
 // SetId sets the Id field's value.
 func (s *UpdateConfigurationResponse) SetId(v string) *UpdateConfigurationResponse {
 	s.Id = &v
@@ -3536,8 +3809,7 @@ type UserPendingChanges struct {
 	// and tildes (- . _ ~). This value must be 2-100 characters long.
 	Groups []*string `locationName:"groups" type:"list"`
 
-	// Required. The type of change pending for the ActiveMQ user. Possible values:
+	// Required. The type of change pending for the ActiveMQ user.
-	// CREATE, UPDATE, DELETE
 	PendingChange *string `locationName:"pendingChange" type:"string" enum:"ChangeType"`
 }
 
@@ -3573,8 +3845,7 @@ func (s *UserPendingChanges) SetPendingChange(v string) *UserPendingChanges {
 type UserSummary struct {
 	_ struct{} `type:"structure"`
 
-	// The type of change pending for the ActiveMQ user. Possible values: CREATE,
+	// The type of change pending for the ActiveMQ user.
-	// UPDATE, DELETE
 	PendingChange *string `locationName:"pendingChange" type:"string" enum:"ChangeType"`
 
 	// Required. The username of the ActiveMQ user. This value can contain only
@@ -3610,8 +3881,7 @@ func (s *UserSummary) SetUsername(v string) *UserSummary {
 type WeeklyStartTime struct {
 	_ struct{} `type:"structure"`
 
-	// Required. The day of the week. Possible values: MONDAY, TUESDAY, WEDNESDAY,
+	// Required. The day of the week.
-	// THURSDAY, FRIDAY, SATURDAY, SUNDAY
 	DayOfWeek *string `locationName:"dayOfWeek" type:"string" enum:"DayOfWeek"`
 
 	// Required. The time, in 24-hour format.
@@ -3650,8 +3920,7 @@ func (s *WeeklyStartTime) SetTimeZone(v string) *WeeklyStartTime {
 	return s
 }
 
-// The status of the broker. Possible values: CREATION_IN_PROGRESS, CREATION_FAILED,
+// The status of the broker.
-// DELETION_IN_PROGRESS, RUNNING, REBOOT_IN_PROGRESS
 const (
 	// BrokerStateCreationInProgress is a BrokerState enum value
 	BrokerStateCreationInProgress = "CREATION_IN_PROGRESS"
@@ -3669,8 +3938,7 @@ const (
 	BrokerStateRebootInProgress = "REBOOT_IN_PROGRESS"
 )
 
-// The type of change pending for the ActiveMQ user. Possible values: CREATE,
+// The type of change pending for the ActiveMQ user.
-// UPDATE, DELETE
 const (
 	// ChangeTypeCreate is a ChangeType enum value
 	ChangeTypeCreate = "CREATE"
@@ -3705,9 +3973,7 @@ const (
 	DayOfWeekSunday = "SUNDAY"
 )
 
-// The deployment mode of the broker. Possible values: SINGLE_INSTANCE, ACTIVE_STANDBY_MULTI_AZ
+// The deployment mode of the broker.
-// SINGLE_INSTANCE creates a single-instance broker in a single Availability
-// Zone. ACTIVE_STANDBY_MULTI_AZ creates an active/standby broker for high availability.
 const (
 	// DeploymentModeSingleInstance is a DeploymentMode enum value
 	DeploymentModeSingleInstance = "SINGLE_INSTANCE"
@@ -3722,13 +3988,7 @@ const (
 	EngineTypeActivemq = "ACTIVEMQ"
 )
 
-// The reason for which the XML elements or attributes were sanitized. Possible
+// The reason for which the XML elements or attributes were sanitized.
-// values: DISALLOWED_ELEMENT_REMOVED, DISALLOWED_ATTRIBUTE_REMOVED, INVALID_ATTRIBUTE_VALUE_REMOVED
-// DISALLOWED_ELEMENT_REMOVED shows that the provided element isn't allowed
-// and has been removed. DISALLOWED_ATTRIBUTE_REMOVED shows that the provided
-// attribute isn't allowed and has been removed. INVALID_ATTRIBUTE_VALUE_REMOVED
-// shows that the provided value for the attribute isn't allowed and has been
-// removed.
 const (
 	// SanitizationWarningReasonDisallowedElementRemoved is a SanitizationWarningReason enum value
 	SanitizationWarningReasonDisallowedElementRemoved = "DISALLOWED_ELEMENT_REMOVED"

vendor/github.com/aws/aws-sdk-go/service/neptune/api.go

@@ -7551,6 +7551,8 @@ type CreateDBInstanceInput struct {
 	PromotionTier *int64 `type:"integer"`
 
 	// This parameter is not supported.
+	//
+	// Deprecated: PubliclyAccessible has been deprecated
 	PubliclyAccessible *bool `deprecated:"true" type:"boolean"`
 
 	// Specifies whether the DB instance is encrypted.
@@ -9396,6 +9398,8 @@ type DBInstance struct {
 	PromotionTier *int64 `type:"integer"`
 
 	// This parameter is not supported.
+	//
+	// Deprecated: PubliclyAccessible has been deprecated
 	PubliclyAccessible *bool `deprecated:"true" type:"boolean"`
 
 	// Contains one or more identifiers of DB clusters that are Read Replicas of
@@ -14089,6 +14093,8 @@ type ModifyDBInstanceInput struct {
 	PromotionTier *int64 `type:"integer"`
 
 	// This parameter is not supported.
+	//
+	// Deprecated: PubliclyAccessible has been deprecated
 	PubliclyAccessible *bool `deprecated:"true" type:"boolean"`
 
 	// Specifies the storage type to be associated with the DB instance.

vendor/github.com/aws/aws-sdk-go/service/organizations/errors.go

@@ -7,7 +7,7 @@ const (
 	// ErrCodeAWSOrganizationsNotInUseException for service response error code
 	// "AWSOrganizationsNotInUseException".
 	//
-	// Your account is not a member of an organization. To make this request, you
+	// Your account isn't a member of an organization. To make this request, you
 	// must use the credentials of an account that belongs to an organization.
 	ErrCodeAWSOrganizationsNotInUseException = "AWSOrganizationsNotInUseException"
 
@@ -24,19 +24,28 @@ const (
 	// ErrCodeAccessDeniedForDependencyException for service response error code
 	// "AccessDeniedForDependencyException".
 	//
-	// The operation you attempted requires you to have the iam:CreateServiceLinkedRole
+	// The operation that you attempted requires you to have the iam:CreateServiceLinkedRole
-	// so that Organizations can create the required service-linked role. You do
+	// so that AWS Organizations can create the required service-linked role. You
-	// not have that permission.
+	// don't have that permission.
 	ErrCodeAccessDeniedForDependencyException = "AccessDeniedForDependencyException"
 
 	// ErrCodeAccountNotFoundException for service response error code
 	// "AccountNotFoundException".
 	//
 	// We can't find an AWS account with the AccountId that you specified, or the
-	// account whose credentials you used to make this request is not a member of
+	// account whose credentials you used to make this request isn't a member of
 	// an organization.
 	ErrCodeAccountNotFoundException = "AccountNotFoundException"
 
+	// ErrCodeAccountOwnerNotVerifiedException for service response error code
+	// "AccountOwnerNotVerifiedException".
+	//
+	// You can't invite an existing account to your organization until you verify
+	// that you own the email address associated with the master account. For more
+	// information, see Email Address Verification (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_create.html#about-email-verification)
+	// in the AWS Organizations User Guide.
+	ErrCodeAccountOwnerNotVerifiedException = "AccountOwnerNotVerifiedException"
+
 	// ErrCodeAlreadyInOrganizationException for service response error code
 	// "AlreadyInOrganizationException".
 	//
@@ -62,40 +71,42 @@ const (
 	// "ConstraintViolationException".
 	//
 	// Performing this operation violates a minimum or maximum value limit. For
-	// example, attempting to removing the last SCP from an OU or root, inviting
+	// example, attempting to removing the last service control policy (SCP) from
-	// or creating too many accounts to the organization, or attaching too many
+	// an OU or root, inviting or creating too many accounts to the organization,
-	// policies to an account, OU, or root. This exception includes a reason that
+	// or attaching too many policies to an account, OU, or root. This exception
-	// contains additional information about the violated limit:
+	// includes a reason that contains additional information about the violated
+	// limit.
 	//
 	// Some of the reasons in the following list might not be applicable to this
 	// specific API or operation:
 	//
-	// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
+	//    * ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on
-	// of accounts in an organization. If you need more accounts, contact AWS Support
+	//    the number of accounts in an organization. If you need more accounts,
-	// to request an increase in your limit.
+	//    contactAWS Support (https://console.aws.amazon.com/support/home#/) to
+	//    request an increase in your limit.
 	//
-	// Or, The number of invitations that you tried to send would cause you to exceed
+	// Or the number of invitations that you tried to send would cause you to exceed
-	// the limit of accounts in your organization. Send fewer invitations, or contact
+	//    the limit of accounts in your organization. Send fewer invitations or
-	// AWS Support to request an increase in the number of accounts.
+	//    contact AWS Support to request an increase in the number of accounts.
 	//
-	// Note: deleted and closed accounts still count toward your limit.
+	// Deleted and closed accounts still count toward your limit.
 	//
 	// If you get receive this exception when running a command immediately after
 	//    creating the organization, wait one hour and try again. If after an hour
-	// it continues to fail with this error, contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
+	//    it continues to fail with this error, contact AWS Support (https://console.aws.amazon.com/support/home#/).
 	//
 	//    * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
-	//    handshakes you can send in one day.
+	//    handshakes that you can send in one day.
 	//
-	//    * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
+	//    * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of OUs
-	//    units you can have in an organization.
+	//    that you can have in an organization.
 	//
-	//    * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
+	//    * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an OU tree that is
-	//    tree that is too many levels deep.
+	//    too many levels deep.
 	//
 	//    * ORGANIZATION_NOT_IN_ALL_FEATURES_MODE: You attempted to perform an operation
 	//    that requires the organization to be configured to support all features.
-	//    An organization that supports consolidated billing features only cannot
+	//    An organization that supports only consolidated billing features can't
 	//    perform this operation.
 	//
 	//    * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
@@ -110,23 +121,24 @@ const (
 	//    minimum number of policies of a certain type required.
 	//
 	//    * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
-	//    from the organization that does not yet have enough information to exist
+	//    from the organization that doesn't yet have enough information to exist
-	//    as a stand-alone account. This account requires you to first agree to
+	//    as a standalone account. This account requires you to first agree to the
-	//    the AWS Customer Agreement. Follow the steps at To leave an organization
+	//    AWS Customer Agreement. Follow the steps at To leave an organization when
-	//    when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
+	//    all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
 	//    in the AWS Organizations User Guide.
 	//
 	//    * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
-	//    an account from the organization that does not yet have enough information
+	//    an account from the organization that doesn't yet have enough information
-	//    to exist as a stand-alone account. This account requires you to first
+	//    to exist as a standalone account. This account requires you to first complete
-	//    complete phone verification. Follow the steps at To leave an organization
+	//    phone verification. Follow the steps at To leave an organization when
-	//    when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
+	//    all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
 	//    in the AWS Organizations User Guide.
 	//
 	//    * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
-	//    with this account, you first must associate a payment instrument, such
+	//    with this master account, you first must associate a payment instrument,
-	//    as a credit card, with the account. Follow the steps at To leave an organization
+	//    such as a credit card, with the account. Follow the steps at To leave
-	//    when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
+	//    an organization when all required account information has not yet been
+	//    provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
 	//    in the AWS Organizations User Guide.
 	//
 	//    * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
@@ -184,7 +196,7 @@ const (
 	// ErrCodeDuplicateOrganizationalUnitException for service response error code
 	// "DuplicateOrganizationalUnitException".
 	//
-	// An organizational unit (OU) with the same name already exists.
+	// An OU with the same name already exists.
 	ErrCodeDuplicateOrganizationalUnitException = "DuplicateOrganizationalUnitException"
 
 	// ErrCodeDuplicatePolicyAttachmentException for service response error code
@@ -202,10 +214,10 @@ const (
 	// ErrCodeFinalizingOrganizationException for service response error code
 	// "FinalizingOrganizationException".
 	//
-	// AWS Organizations could not perform the operation because your organization
+	// AWS Organizations couldn't perform the operation because your organization
-	// has not finished initializing. This can take up to an hour. Try again later.
+	// hasn't finished initializing. This can take up to an hour. Try again later.
-	// If after one hour you continue to receive this error, contact  AWS Customer
+	// If after one hour you continue to receive this error, contact AWS Support
-	// Support (https://console.aws.amazon.com/support/home#/).
+	// (https://console.aws.amazon.com/support/home#/).
 	ErrCodeFinalizingOrganizationException = "FinalizingOrganizationException"
 
 	// ErrCodeHandshakeAlreadyInStateException for service response error code
@@ -225,15 +237,15 @@ const (
 	// specific API or operation:
 	//
 	//    * ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on
-	//    the number of accounts in an organization. Note: deleted and closed accounts
+	//    the number of accounts in an organization. Note that deleted and closed
-	//    still count toward your limit.
+	//    accounts still count toward your limit.
 	//
 	// If you get this exception immediately after creating the organization, wait
 	//    one hour and try again. If after an hour it continues to fail with this
-	//    error, contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
+	//    error, contact AWS Support (https://console.aws.amazon.com/support/home#/).
 	//
 	//    * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
-	//    handshakes you can send in one day.
+	//    handshakes that you can send in one day.
 	//
 	//    * ALREADY_IN_AN_ORGANIZATION: The handshake request is invalid because
 	//    the invited account is already a member of an organization.
@@ -241,13 +253,13 @@ const (
 	//    * ORGANIZATION_ALREADY_HAS_ALL_FEATURES: The handshake request is invalid
 	//    because the organization has already enabled all features.
 	//
-	//    * INVITE_DISABLED_DURING_ENABLE_ALL_FEATURES: You cannot issue new invitations
+	//    * INVITE_DISABLED_DURING_ENABLE_ALL_FEATURES: You can't issue new invitations
-	//    to join an organization while it is in the process of enabling all features.
+	//    to join an organization while it's in the process of enabling all features.
 	//    You can resume inviting accounts after you finalize the process when all
 	//    accounts have agreed to the change.
 	//
-	//    * PAYMENT_INSTRUMENT_REQUIRED: You cannot complete the operation with
+	//    * PAYMENT_INSTRUMENT_REQUIRED: You can't complete the operation with an
-	//    an account that does not have a payment instrument, such as a credit card,
+	//    account that doesn't have a payment instrument, such as a credit card,
 	//    associated with it.
 	//
 	//    * ORGANIZATION_FROM_DIFFERENT_SELLER_OF_RECORD: The request failed because
@@ -270,7 +282,7 @@ const (
 	// "InvalidHandshakeTransitionException".
 	//
 	// You can't perform the operation on the handshake in its current state. For
-	// example, you can't cancel a handshake that was already accepted, or accept
+	// example, you can't cancel a handshake that was already accepted or accept
 	// a handshake that was already declined.
 	ErrCodeInvalidHandshakeTransitionException = "InvalidHandshakeTransitionException"
 
@@ -285,11 +297,11 @@ const (
 	// specific API or operation:
 	//
 	//    * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
-	//    cannot be modified.
+	//    can't be modified.
 	//
 	//    * INPUT_REQUIRED: You must include a value for all required parameters.
 	//
-	//    * INVALID_ENUM: You specified a value that is not valid for that parameter.
+	//    * INVALID_ENUM: You specified a value that isn't valid for that parameter.
 	//
 	//    * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
 	//    characters.
@@ -309,11 +321,11 @@ const (
 	//    * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
 	//    match the required pattern.
 	//
-	//    * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
+	//    * INVALID_ROLE_NAME: You provided a role name that isn't valid. A role
-	//    name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
+	//    name can't begin with the reserved prefix AWSServiceRoleFor.
 	//
-	//    * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
+	//    * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid Amazon Resource
-	//    organization.
+	//    Name (ARN) for the organization.
 	//
 	//    * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
 	//
@@ -339,7 +351,7 @@ const (
 	// ErrCodeMalformedPolicyDocumentException for service response error code
 	// "MalformedPolicyDocumentException".
 	//
-	// The provided policy document does not meet the requirements of the specified
+	// The provided policy document doesn't meet the requirements of the specified
 	// policy type. For example, the syntax might be incorrect. For details about
 	// service control policy syntax, see Service Control Policy Syntax (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html)
 	// in the AWS Organizations User Guide.
@@ -357,37 +369,33 @@ const (
 	// "OrganizationNotEmptyException".
 	//
 	// The organization isn't empty. To delete an organization, you must first remove
-	// all accounts except the master account, delete all organizational units (OUs),
+	// all accounts except the master account, delete all OUs, and delete all policies.
-	// and delete all policies.
 	ErrCodeOrganizationNotEmptyException = "OrganizationNotEmptyException"
 
 	// ErrCodeOrganizationalUnitNotEmptyException for service response error code
 	// "OrganizationalUnitNotEmptyException".
 	//
-	// The specified organizational unit (OU) is not empty. Move all accounts to
+	// The specified OU is not empty. Move all accounts to another root or to other
-	// another root or to other OUs, remove all child OUs, and then try the operation
+	// OUs, remove all child OUs, and try the operation again.
-	// again.
 	ErrCodeOrganizationalUnitNotEmptyException = "OrganizationalUnitNotEmptyException"
 
 	// ErrCodeOrganizationalUnitNotFoundException for service response error code
 	// "OrganizationalUnitNotFoundException".
 	//
-	// We can't find an organizational unit (OU) with the OrganizationalUnitId that
+	// We can't find an OU with the OrganizationalUnitId that you specified.
-	// you specified.
 	ErrCodeOrganizationalUnitNotFoundException = "OrganizationalUnitNotFoundException"
 
 	// ErrCodeParentNotFoundException for service response error code
 	// "ParentNotFoundException".
 	//
-	// We can't find a root or organizational unit (OU) with the ParentId that you
+	// We can't find a root or OU with the ParentId that you specified.
-	// specified.
 	ErrCodeParentNotFoundException = "ParentNotFoundException"
 
 	// ErrCodePolicyInUseException for service response error code
 	// "PolicyInUseException".
 	//
 	// The policy is attached to one or more entities. You must detach it from all
-	// roots, organizational units (OUs), and accounts before performing this operation.
+	// roots, OUs, and accounts before performing this operation.
 	ErrCodePolicyInUseException = "PolicyInUseException"
 
 	// ErrCodePolicyNotAttachedException for service response error code
@@ -412,16 +420,16 @@ const (
 	// "PolicyTypeNotAvailableForOrganizationException".
 	//
 	// You can't use the specified policy type with the feature set currently enabled
-	// for this organization. For example, you can enable service control policies
+	// for this organization. For example, you can enable SCPs only after you enable
-	// (SCPs) only after you enable all features in the organization. For more information,
+	// all features in the organization. For more information, see Enabling and
-	// see Enabling and Disabling a Policy Type on a Root (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html#enable_policies_on_root)
+	// Disabling a Policy Type on a Root (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html#enable_policies_on_root)
 	// in the AWS Organizations User Guide.
 	ErrCodePolicyTypeNotAvailableForOrganizationException = "PolicyTypeNotAvailableForOrganizationException"
 
 	// ErrCodePolicyTypeNotEnabledException for service response error code
 	// "PolicyTypeNotEnabledException".
 	//
-	// The specified policy type is not currently enabled in this root. You cannot
+	// The specified policy type isn't currently enabled in this root. You can't
 	// attach policies of the specified type to entities in a root until you enable
 	// that type in the root. For more information, see Enabling All Features in
 	// Your Organization (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html)

vendor/github.com/aws/aws-sdk-go/service/rds/errors.go

@@ -27,6 +27,10 @@ const (
 	// The DB security group authorization quota has been reached.
 	ErrCodeAuthorizationQuotaExceededFault = "AuthorizationQuotaExceeded"
 
+	// ErrCodeBackupPolicyNotFoundFault for service response error code
+	// "BackupPolicyNotFoundFault".
+	ErrCodeBackupPolicyNotFoundFault = "BackupPolicyNotFoundFault"
+
 	// ErrCodeCertificateNotFoundFault for service response error code
 	// "CertificateNotFound".
 	//
@@ -258,6 +262,13 @@ const (
 	// Availability Zones that have more storage available.
 	ErrCodeInsufficientStorageClusterCapacityFault = "InsufficientStorageClusterCapacity"
 
+	// ErrCodeInvalidDBClusterCapacityFault for service response error code
+	// "InvalidDBClusterCapacityFault".
+	//
+	// Capacity isn't a valid Aurora Serverless DB cluster capacity. Valid capacity
+	// values are 2, 4, 8, 16, 32, 64, 128, and 256.
+	ErrCodeInvalidDBClusterCapacityFault = "InvalidDBClusterCapacityFault"
+
 	// ErrCodeInvalidDBClusterSnapshotStateFault for service response error code
 	// "InvalidDBClusterSnapshotStateFault".
 	//
@@ -273,7 +284,7 @@ const (
 	// ErrCodeInvalidDBInstanceStateFault for service response error code
 	// "InvalidDBInstanceState".
 	//
-	// The specified DB instance isn't in the available state.
+	// The DB instance isn't in a valid state.
 	ErrCodeInvalidDBInstanceStateFault = "InvalidDBInstanceState"
 
 	// ErrCodeInvalidDBParameterGroupStateFault for service response error code

vendor/github.com/aws/aws-sdk-go/service/redshift/api.go

@@ -553,6 +553,9 @@ func (c *Redshift) CreateClusterRequest(input *CreateClusterInput) (req *request
 //   The request cannot be completed because a dependent service is throttling
 //   requests made by Amazon Redshift on your behalf. Wait and retry the request.
 //
+//   * ErrCodeInvalidClusterTrackFault "InvalidClusterTrack"
+//   The provided cluster track name is not valid.
+//
 // See also, https://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/CreateCluster
 func (c *Redshift) CreateCluster(input *CreateClusterInput) (*CreateClusterOutput, error) {
 	req, out := c.CreateClusterRequest(input)
@@ -3264,6 +3267,88 @@ func (c *Redshift) DescribeClusterSubnetGroupsPagesWithContext(ctx aws.Context,
 	return p.Err()
 }
 
+const opDescribeClusterTracks = "DescribeClusterTracks"
+
+// DescribeClusterTracksRequest generates a "aws/request.Request" representing the
+// client's request for the DescribeClusterTracks operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfuly.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See DescribeClusterTracks for more information on using the DescribeClusterTracks
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+//    // Example sending a request using the DescribeClusterTracksRequest method.
+//    req, resp := client.DescribeClusterTracksRequest(params)
+//
+//    err := req.Send()
+//    if err == nil { // resp is now filled
+//        fmt.Println(resp)
+//    }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/DescribeClusterTracks
+func (c *Redshift) DescribeClusterTracksRequest(input *DescribeClusterTracksInput) (req *request.Request, output *DescribeClusterTracksOutput) {
+	op := &request.Operation{
+		Name:       opDescribeClusterTracks,
+		HTTPMethod: "POST",
+		HTTPPath:   "/",
+	}
+
+	if input == nil {
+		input = &DescribeClusterTracksInput{}
+	}
+
+	output = &DescribeClusterTracksOutput{}
+	req = c.newRequest(op, input, output)
+	return
+}
+
+// DescribeClusterTracks API operation for Amazon Redshift.
+//
+// Returns a list of all the available maintenance tracks.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for Amazon Redshift's
+// API operation DescribeClusterTracks for usage and error information.
+//
+// Returned Error Codes:
+//   * ErrCodeInvalidClusterTrackFault "InvalidClusterTrack"
+//   The provided cluster track name is not valid.
+//
+//   * ErrCodeUnauthorizedOperation "UnauthorizedOperation"
+//   Your account is not authorized to perform the requested operation.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/DescribeClusterTracks
+func (c *Redshift) DescribeClusterTracks(input *DescribeClusterTracksInput) (*DescribeClusterTracksOutput, error) {
+	req, out := c.DescribeClusterTracksRequest(input)
+	return out, req.Send()
+}
+
+// DescribeClusterTracksWithContext is the same as DescribeClusterTracks with the addition of
+// the ability to pass a context and additional request options.
+//
+// See DescribeClusterTracks for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *Redshift) DescribeClusterTracksWithContext(ctx aws.Context, input *DescribeClusterTracksInput, opts ...request.Option) (*DescribeClusterTracksOutput, error) {
+	req, out := c.DescribeClusterTracksRequest(input)
+	req.SetContext(ctx)
+	req.ApplyOptions(opts...)
+	return out, req.Send()
+}
+
 const opDescribeClusterVersions = "DescribeClusterVersions"
 
 // DescribeClusterVersionsRequest generates a "aws/request.Request" representing the
@@ -5744,8 +5829,8 @@ func (c *Redshift) GetReservedNodeExchangeOfferingsRequest(input *GetReservedNod
 
 // GetReservedNodeExchangeOfferings API operation for Amazon Redshift.
 //
-// Returns an array of ReservedNodeOfferings which is filtered by payment type,
+// Returns an array of DC2 ReservedNodeOfferings that matches the payment type,
-// term, and instance type.
+// term, and usage price of the given DC1 reserved node.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -5917,6 +6002,9 @@ func (c *Redshift) ModifyClusterRequest(input *ModifyClusterInput) (req *request
 //   The number of tables in the cluster exceeds the limit for the requested new
 //   cluster node type.
 //
+//   * ErrCodeInvalidClusterTrackFault "InvalidClusterTrack"
+//   The provided cluster track name is not valid.
+//
 // See also, https://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/ModifyCluster
 func (c *Redshift) ModifyCluster(input *ModifyClusterInput) (*ModifyClusterOutput, error) {
 	req, out := c.ModifyClusterRequest(input)
@@ -6773,6 +6861,129 @@ func (c *Redshift) ResetClusterParameterGroupWithContext(ctx aws.Context, input
 	return out, req.Send()
 }
 
+const opResizeCluster = "ResizeCluster"
+
+// ResizeClusterRequest generates a "aws/request.Request" representing the
+// client's request for the ResizeCluster operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfuly.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See ResizeCluster for more information on using the ResizeCluster
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+//    // Example sending a request using the ResizeClusterRequest method.
+//    req, resp := client.ResizeClusterRequest(params)
+//
+//    err := req.Send()
+//    if err == nil { // resp is now filled
+//        fmt.Println(resp)
+//    }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/ResizeCluster
+func (c *Redshift) ResizeClusterRequest(input *ResizeClusterInput) (req *request.Request, output *ResizeClusterOutput) {
+	op := &request.Operation{
+		Name:       opResizeCluster,
+		HTTPMethod: "POST",
+		HTTPPath:   "/",
+	}
+
+	if input == nil {
+		input = &ResizeClusterInput{}
+	}
+
+	output = &ResizeClusterOutput{}
+	req = c.newRequest(op, input, output)
+	return
+}
+
+// ResizeCluster API operation for Amazon Redshift.
+//
+// Changes the size of the cluster. You can change the cluster's type, or change
+// the number or type of nodes. The default behavior is to use the elastic resize
+// method. With an elastic resize your cluster is avaialble for read and write
+// operations more quickly than with the classic resize method.
+//
+// Elastic resize operations have the following restrictions:
+//
+//    * You can only resize clusters of the following types:
+//
+// dc2.large
+//
+// dc2.8xlarge
+//
+// ds2.xlarge
+//
+// ds2.8xlarge
+//
+//    * The type of nodes you add must match the node type for the cluster.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for Amazon Redshift's
+// API operation ResizeCluster for usage and error information.
+//
+// Returned Error Codes:
+//   * ErrCodeInvalidClusterStateFault "InvalidClusterState"
+//   The specified cluster is not in the available state.
+//
+//   * ErrCodeClusterNotFoundFault "ClusterNotFound"
+//   The ClusterIdentifier parameter does not refer to an existing cluster.
+//
+//   * ErrCodeNumberOfNodesQuotaExceededFault "NumberOfNodesQuotaExceeded"
+//   The operation would exceed the number of nodes allotted to the account. For
+//   information about increasing your quota, go to Limits in Amazon Redshift
+//   (http://docs.aws.amazon.com/redshift/latest/mgmt/amazon-redshift-limits.html)
+//   in the Amazon Redshift Cluster Management Guide.
+//
+//   * ErrCodeNumberOfNodesPerClusterLimitExceededFault "NumberOfNodesPerClusterLimitExceeded"
+//   The operation would exceed the number of nodes allowed for a cluster.
+//
+//   * ErrCodeInsufficientClusterCapacityFault "InsufficientClusterCapacity"
+//   The number of nodes specified exceeds the allotted capacity of the cluster.
+//
+//   * ErrCodeUnsupportedOptionFault "UnsupportedOptionFault"
+//   A request option was specified that is not supported.
+//
+//   * ErrCodeUnsupportedOperationFault "UnsupportedOperation"
+//   The requested operation isn't supported.
+//
+//   * ErrCodeUnauthorizedOperation "UnauthorizedOperation"
+//   Your account is not authorized to perform the requested operation.
+//
+//   * ErrCodeLimitExceededFault "LimitExceededFault"
+//   The encryption key has exceeded its grant limit in AWS KMS.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/ResizeCluster
+func (c *Redshift) ResizeCluster(input *ResizeClusterInput) (*ResizeClusterOutput, error) {
+	req, out := c.ResizeClusterRequest(input)
+	return out, req.Send()
+}
+
+// ResizeClusterWithContext is the same as ResizeCluster with the addition of
+// the ability to pass a context and additional request options.
+//
+// See ResizeCluster for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *Redshift) ResizeClusterWithContext(ctx aws.Context, input *ResizeClusterInput, opts ...request.Option) (*ResizeClusterOutput, error) {
+	req, out := c.ResizeClusterRequest(input)
+	req.SetContext(ctx)
+	req.ApplyOptions(opts...)
+	return out, req.Send()
+}
+
 const opRestoreFromClusterSnapshot = "RestoreFromClusterSnapshot"
 
 // RestoreFromClusterSnapshotRequest generates a "aws/request.Request" representing the
@@ -6916,6 +7127,9 @@ func (c *Redshift) RestoreFromClusterSnapshotRequest(input *RestoreFromClusterSn
 //   The request cannot be completed because a dependent service is throttling
 //   requests made by Amazon Redshift on your behalf. Wait and retry the request.
 //
+//   * ErrCodeInvalidClusterTrackFault "InvalidClusterTrack"
+//   The provided cluster track name is not valid.
+//
 // See also, https://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/RestoreFromClusterSnapshot
 func (c *Redshift) RestoreFromClusterSnapshot(input *RestoreFromClusterSnapshotInput) (*RestoreFromClusterSnapshotOutput, error) {
 	req, out := c.RestoreFromClusterSnapshotRequest(input)
@@ -7323,12 +7537,14 @@ func (c *Redshift) RotateEncryptionKeyWithContext(ctx aws.Context, input *Rotate
 type AcceptReservedNodeExchangeInput struct {
 	_ struct{} `type:"structure"`
 
-	// A string representing the identifier of the Reserved Node to be exchanged.
+	// A string representing the node identifier of the DC1 Reserved Node to be
+	// exchanged.
 	//
 	// ReservedNodeId is a required field
 	ReservedNodeId *string `type:"string" required:"true"`
 
-	// The unique identifier of the Reserved Node offering to be used for the exchange.
+	// The unique identifier of the DC2 Reserved Node offering to be used for the
+	// exchange. You can obtain the value for the parameter by calling GetReservedNodeExchangeOfferings
 	//
 	// TargetReservedNodeOfferingId is a required field
 	TargetReservedNodeOfferingId *string `type:"string" required:"true"`
@@ -7739,6 +7955,10 @@ type Cluster struct {
 	// The status of the elastic IP (EIP) address.
 	ElasticIpStatus *ElasticIpStatus `type:"structure"`
 
+	// Indicates the number of nodes the cluster can be resized to with the elastic
+	// resize method.
+	ElasticResizeNumberOfNodeOptions *string `type:"string"`
+
 	// A Boolean value that, if true, indicates that data in the cluster is encrypted
 	// at rest.
 	Encrypted *bool `type:"boolean"`
@@ -7772,6 +7992,9 @@ type Cluster struct {
 	// to encrypt data in the cluster.
 	KmsKeyId *string `type:"string"`
 
+	// The name of the maintenance track for the cluster.
+	MaintenanceTrackName *string `type:"string"`
+
 	// The master user name for the cluster. This name is used to connect to the
 	// database that is specified in the DBName parameter.
 	MasterUsername *string `type:"string"`
@@ -7922,6 +8145,12 @@ func (s *Cluster) SetElasticIpStatus(v *ElasticIpStatus) *Cluster {
 	return s
 }
 
+// SetElasticResizeNumberOfNodeOptions sets the ElasticResizeNumberOfNodeOptions field's value.
+func (s *Cluster) SetElasticResizeNumberOfNodeOptions(v string) *Cluster {
+	s.ElasticResizeNumberOfNodeOptions = &v
+	return s
+}
+
 // SetEncrypted sets the Encrypted field's value.
 func (s *Cluster) SetEncrypted(v bool) *Cluster {
 	s.Encrypted = &v
@@ -7958,6 +8187,12 @@ func (s *Cluster) SetKmsKeyId(v string) *Cluster {
 	return s
 }
 
+// SetMaintenanceTrackName sets the MaintenanceTrackName field's value.
+func (s *Cluster) SetMaintenanceTrackName(v string) *Cluster {
+	s.MaintenanceTrackName = &v
+	return s
+}
+
 // SetMasterUsername sets the MasterUsername field's value.
 func (s *Cluster) SetMasterUsername(v string) *Cluster {
 	s.MasterUsername = &v
@@ -8896,6 +9131,11 @@ type CreateClusterInput struct {
 	// want to use to encrypt data in the cluster.
 	KmsKeyId *string `type:"string"`
 
+	// An optional parameter for the name of the maintenance track for the cluster.
+	// If you don't provide a maintenance track name, the cluster is assigned to
+	// the current track.
+	MaintenanceTrackName *string `type:"string"`
+
 	// The password associated with the master user account for the cluster that
 	// is being created.
 	//
@@ -9136,6 +9376,12 @@ func (s *CreateClusterInput) SetKmsKeyId(v string) *CreateClusterInput {
 	return s
 }
 
+// SetMaintenanceTrackName sets the MaintenanceTrackName field's value.
+func (s *CreateClusterInput) SetMaintenanceTrackName(v string) *CreateClusterInput {
+	s.MaintenanceTrackName = &v
+	return s
+}
+
 // SetMasterUserPassword sets the MasterUserPassword field's value.
 func (s *CreateClusterInput) SetMasterUserPassword(v string) *CreateClusterInput {
 	s.MasterUserPassword = &v
@@ -11621,6 +11867,86 @@ func (s *DescribeClusterSubnetGroupsOutput) SetMarker(v string) *DescribeCluster
 	return s
 }
 
+type DescribeClusterTracksInput struct {
+	_ struct{} `type:"structure"`
+
+	// The name of the maintenance track.
+	MaintenanceTrackName *string `type:"string"`
+
+	// An optional parameter that specifies the starting point to return a set of
+	// response records. When the results of a DescribeClusterTracks request exceed
+	// the value specified in MaxRecords, Amazon Redshift returns a value in the
+	// Marker field of the response. You can retrieve the next set of response records
+	// by providing the returned marker value in the Marker parameter and retrying
+	// the request.
+	Marker *string `type:"string"`
+
+	// An integer value for the maximum number of maintenance tracks to return.
+	MaxRecords *int64 `type:"integer"`
+}
+
+// String returns the string representation
+func (s DescribeClusterTracksInput) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DescribeClusterTracksInput) GoString() string {
+	return s.String()
+}
+
+// SetMaintenanceTrackName sets the MaintenanceTrackName field's value.
+func (s *DescribeClusterTracksInput) SetMaintenanceTrackName(v string) *DescribeClusterTracksInput {
+	s.MaintenanceTrackName = &v
+	return s
+}
+
+// SetMarker sets the Marker field's value.
+func (s *DescribeClusterTracksInput) SetMarker(v string) *DescribeClusterTracksInput {
+	s.Marker = &v
+	return s
+}
+
+// SetMaxRecords sets the MaxRecords field's value.
+func (s *DescribeClusterTracksInput) SetMaxRecords(v int64) *DescribeClusterTracksInput {
+	s.MaxRecords = &v
+	return s
+}
+
+type DescribeClusterTracksOutput struct {
+	_ struct{} `type:"structure"`
+
+	// A list of maintenance tracks output by the DescribeClusterTracks operation.
+	MaintenanceTracks []*MaintenanceTrack `locationNameList:"MaintenanceTrack" type:"list"`
+
+	// The starting point to return a set of response tracklist records. You can
+	// retrieve the next set of response records by providing the returned marker
+	// value in the Marker parameter and retrying the request.
+	Marker *string `type:"string"`
+}
+
+// String returns the string representation
+func (s DescribeClusterTracksOutput) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DescribeClusterTracksOutput) GoString() string {
+	return s.String()
+}
+
+// SetMaintenanceTracks sets the MaintenanceTracks field's value.
+func (s *DescribeClusterTracksOutput) SetMaintenanceTracks(v []*MaintenanceTrack) *DescribeClusterTracksOutput {
+	s.MaintenanceTracks = v
+	return s
+}
+
+// SetMarker sets the Marker field's value.
+func (s *DescribeClusterTracksOutput) SetMarker(v string) *DescribeClusterTracksOutput {
+	s.Marker = &v
+	return s
+}
+
 type DescribeClusterVersionsInput struct {
 	_ struct{} `type:"structure"`
 
@@ -12914,6 +13240,9 @@ type DescribeResizeOutput struct {
 	// Valid Values: List of table names
 	ImportTablesNotStarted []*string `type:"list"`
 
+	// An optional string to provide additional details about the resize action.
+	Message *string `type:"string"`
+
 	// While the resize operation is in progress, this value shows the current amount
 	// of data, in megabytes, that has been processed so far. When the resize operation
 	// is complete, this value shows the total amount of data, in megabytes, on
@@ -12921,6 +13250,10 @@ type DescribeResizeOutput struct {
 	// estimated total amount of data before resize).
 	ProgressInMegaBytes *int64 `type:"long"`
 
+	// An enum with possible values of ClassicResize and ElasticResize. These values
+	// describe the type of resize operation being performed.
+	ResizeType *string `type:"string"`
+
 	// The status of the resize operation.
 	//
 	// Valid Values: NONE | IN_PROGRESS | FAILED | SUCCEEDED
@@ -12931,6 +13264,12 @@ type DescribeResizeOutput struct {
 	// Valid Values: multi-node | single-node
 	TargetClusterType *string `type:"string"`
 
+	// The type of encryption for the cluster after the resize is complete.
+	//
+	// Possible values are KMS and None. In the China region possible values are:
+	// Legacy and None.
+	TargetEncryptionType *string `type:"string"`
+
 	// The node type that the cluster will have after the resize operation is complete.
 	TargetNodeType *string `type:"string"`
 
@@ -12989,12 +13328,24 @@ func (s *DescribeResizeOutput) SetImportTablesNotStarted(v []*string) *DescribeR
 	return s
 }
 
+// SetMessage sets the Message field's value.
+func (s *DescribeResizeOutput) SetMessage(v string) *DescribeResizeOutput {
+	s.Message = &v
+	return s
+}
+
 // SetProgressInMegaBytes sets the ProgressInMegaBytes field's value.
 func (s *DescribeResizeOutput) SetProgressInMegaBytes(v int64) *DescribeResizeOutput {
 	s.ProgressInMegaBytes = &v
 	return s
 }
 
+// SetResizeType sets the ResizeType field's value.
+func (s *DescribeResizeOutput) SetResizeType(v string) *DescribeResizeOutput {
+	s.ResizeType = &v
+	return s
+}
+
 // SetStatus sets the Status field's value.
 func (s *DescribeResizeOutput) SetStatus(v string) *DescribeResizeOutput {
 	s.Status = &v
@@ -13007,6 +13358,12 @@ func (s *DescribeResizeOutput) SetTargetClusterType(v string) *DescribeResizeOut
 	return s
 }
 
+// SetTargetEncryptionType sets the TargetEncryptionType field's value.
+func (s *DescribeResizeOutput) SetTargetEncryptionType(v string) *DescribeResizeOutput {
+	s.TargetEncryptionType = &v
+	return s
+}
+
 // SetTargetNodeType sets the TargetNodeType field's value.
 func (s *DescribeResizeOutput) SetTargetNodeType(v string) *DescribeResizeOutput {
 	s.TargetNodeType = &v
@@ -14316,7 +14673,8 @@ type GetReservedNodeExchangeOfferingsInput struct {
 	// An integer setting the maximum number of ReservedNodeOfferings to retrieve.
 	MaxRecords *int64 `type:"integer"`
 
-	// A string representing the node identifier for the Reserved Node to be exchanged.
+	// A string representing the node identifier for the DC1 Reserved Node to be
+	// exchanged.
 	//
 	// ReservedNodeId is a required field
 	ReservedNodeId *string `type:"string" required:"true"`
@@ -14666,6 +15024,52 @@ func (s *LoggingStatus) SetS3KeyPrefix(v string) *LoggingStatus {
 	return s
 }
 
+// Defines a maintenance track that determines which Amazon Redshift version
+// to apply during a maintenance window. If the value for MaintenanceTrack is
+// current, the cluster is updated to the most recently certified maintenance
+// release. If the value is trailing, the cluster is updated to the previously
+// certified maintenance release.
+type MaintenanceTrack struct {
+	_ struct{} `type:"structure"`
+
+	// The version number for the cluster release.
+	DatabaseVersion *string `type:"string"`
+
+	// The name of the maintenance track. Possible values are current and trailing.
+	MaintenanceTrackName *string `type:"string"`
+
+	// An array of UpdateTarget objects to update with the maintenance track.
+	UpdateTargets []*UpdateTarget `locationNameList:"UpdateTarget" type:"list"`
+}
+
+// String returns the string representation
+func (s MaintenanceTrack) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s MaintenanceTrack) GoString() string {
+	return s.String()
+}
+
+// SetDatabaseVersion sets the DatabaseVersion field's value.
+func (s *MaintenanceTrack) SetDatabaseVersion(v string) *MaintenanceTrack {
+	s.DatabaseVersion = &v
+	return s
+}
+
+// SetMaintenanceTrackName sets the MaintenanceTrackName field's value.
+func (s *MaintenanceTrack) SetMaintenanceTrackName(v string) *MaintenanceTrack {
+	s.MaintenanceTrackName = &v
+	return s
+}
+
+// SetUpdateTargets sets the UpdateTargets field's value.
+func (s *MaintenanceTrack) SetUpdateTargets(v []*UpdateTarget) *MaintenanceTrack {
+	s.UpdateTargets = v
+	return s
+}
+
 type ModifyClusterDbRevisionInput struct {
 	_ struct{} `type:"structure"`
 
@@ -14912,6 +15316,13 @@ type ModifyClusterInput struct {
 	// in the Amazon Redshift Cluster Management Guide.
 	ElasticIp *string `type:"string"`
 
+	// Indicates whether the cluster is encrypted. If the cluster is encrypted and
+	// you provide a value for the KmsKeyId parameter, we will encrypt the cluster
+	// with the provided KmsKeyId. If you don't provide a KmsKeyId, we will encrypt
+	// with the default key. In the China region we will use legacy encryption if
+	// you specify that the cluster is encrypted.
+	Encrypted *bool `type:"boolean"`
+
 	// An option that specifies whether to create the cluster with enhanced VPC
 	// routing enabled. To create a cluster that uses enhanced VPC routing, the
 	// cluster must be in a VPC. For more information, see Enhanced VPC Routing
@@ -14931,6 +15342,17 @@ type ModifyClusterInput struct {
 	// the Amazon Redshift cluster can use to retrieve and store keys in an HSM.
 	HsmConfigurationIdentifier *string `type:"string"`
 
+	// The AWS Key Management Service (KMS) key ID of the encryption key that you
+	// want to use to encrypt data in the cluster.
+	KmsKeyId *string `type:"string"`
+
+	// The name for the maintenance track that you want to assign for the cluster.
+	// This name change is asynchronous. The new track name stays in the PendingModifiedValues
+	// for the cluster until the next maintenance window. When the maintenance track
+	// changes, the cluster is switched to the latest cluster release available
+	// for the maintenance track. At this point, the maintenance track name is applied.
+	MaintenanceTrackName *string `type:"string"`
+
 	// The new password for the cluster master user. This change is asynchronously
 	// applied as soon as possible. Between the time of the request and the completion
 	// of the request, the MasterUserPassword element exists in the PendingModifiedValues
@@ -15100,6 +15522,12 @@ func (s *ModifyClusterInput) SetElasticIp(v string) *ModifyClusterInput {
 	return s
 }
 
+// SetEncrypted sets the Encrypted field's value.
+func (s *ModifyClusterInput) SetEncrypted(v bool) *ModifyClusterInput {
+	s.Encrypted = &v
+	return s
+}
+
 // SetEnhancedVpcRouting sets the EnhancedVpcRouting field's value.
 func (s *ModifyClusterInput) SetEnhancedVpcRouting(v bool) *ModifyClusterInput {
 	s.EnhancedVpcRouting = &v
@@ -15118,6 +15546,18 @@ func (s *ModifyClusterInput) SetHsmConfigurationIdentifier(v string) *ModifyClus
 	return s
 }
 
+// SetKmsKeyId sets the KmsKeyId field's value.
+func (s *ModifyClusterInput) SetKmsKeyId(v string) *ModifyClusterInput {
+	s.KmsKeyId = &v
+	return s
+}
+
+// SetMaintenanceTrackName sets the MaintenanceTrackName field's value.
+func (s *ModifyClusterInput) SetMaintenanceTrackName(v string) *ModifyClusterInput {
+	s.MaintenanceTrackName = &v
+	return s
+}
+
 // SetMasterUserPassword sets the MasterUserPassword field's value.
 func (s *ModifyClusterInput) SetMasterUserPassword(v string) *ModifyClusterInput {
 	s.MasterUserPassword = &v
@@ -15722,6 +16162,10 @@ type PendingModifiedValues struct {
 	// The pending or in-progress change of the service version.
 	ClusterVersion *string `type:"string"`
 
+	// The encryption type for a cluster. Possible values are: KMS and None. For
+	// the China region the possible values are None, and Legacy.
+	EncryptionType *string `type:"string"`
+
 	// An option that specifies whether to create the cluster with enhanced VPC
 	// routing enabled. To create a cluster that uses enhanced VPC routing, the
 	// cluster must be in a VPC. For more information, see Enhanced VPC Routing
@@ -15733,6 +16177,10 @@ type PendingModifiedValues struct {
 	// Default: false
 	EnhancedVpcRouting *bool `type:"boolean"`
 
+	// The name of the maintenance track that the cluster will change to during
+	// the next maintenance window.
+	MaintenanceTrackName *string `type:"string"`
+
 	// The pending or in-progress change of the master user password for the cluster.
 	MasterUserPassword *string `type:"string"`
 
@@ -15781,12 +16229,24 @@ func (s *PendingModifiedValues) SetClusterVersion(v string) *PendingModifiedValu
 	return s
 }
 
+// SetEncryptionType sets the EncryptionType field's value.
+func (s *PendingModifiedValues) SetEncryptionType(v string) *PendingModifiedValues {
+	s.EncryptionType = &v
+	return s
+}
+
 // SetEnhancedVpcRouting sets the EnhancedVpcRouting field's value.
 func (s *PendingModifiedValues) SetEnhancedVpcRouting(v bool) *PendingModifiedValues {
 	s.EnhancedVpcRouting = &v
 	return s
 }
 
+// SetMaintenanceTrackName sets the MaintenanceTrackName field's value.
+func (s *PendingModifiedValues) SetMaintenanceTrackName(v string) *PendingModifiedValues {
+	s.MaintenanceTrackName = &v
+	return s
+}
+
 // SetMasterUserPassword sets the MasterUserPassword field's value.
 func (s *PendingModifiedValues) SetMasterUserPassword(v string) *PendingModifiedValues {
 	s.MasterUserPassword = &v
@@ -16290,6 +16750,110 @@ func (s *ResetClusterParameterGroupInput) SetResetAllParameters(v bool) *ResetCl
 	return s
 }
 
+type ResizeClusterInput struct {
+	_ struct{} `type:"structure"`
+
+	// A boolean value indicating whether the resize operation is using the classic
+	// resize process. If you don't provide this parameter or set the value to false
+	// the resize type is elastic.
+	Classic *bool `type:"boolean"`
+
+	// The unique identifier for the cluster to resize.
+	//
+	// ClusterIdentifier is a required field
+	ClusterIdentifier *string `type:"string" required:"true"`
+
+	// The new cluster type for the specified cluster.
+	ClusterType *string `type:"string"`
+
+	// The new node type for the nodes you are adding.
+	NodeType *string `type:"string"`
+
+	// The new number of nodes for the cluster.
+	//
+	// NumberOfNodes is a required field
+	NumberOfNodes *int64 `type:"integer" required:"true"`
+}
+
+// String returns the string representation
+func (s ResizeClusterInput) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ResizeClusterInput) GoString() string {
+	return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *ResizeClusterInput) Validate() error {
+	invalidParams := request.ErrInvalidParams{Context: "ResizeClusterInput"}
+	if s.ClusterIdentifier == nil {
+		invalidParams.Add(request.NewErrParamRequired("ClusterIdentifier"))
+	}
+	if s.NumberOfNodes == nil {
+		invalidParams.Add(request.NewErrParamRequired("NumberOfNodes"))
+	}
+
+	if invalidParams.Len() > 0 {
+		return invalidParams
+	}
+	return nil
+}
+
+// SetClassic sets the Classic field's value.
+func (s *ResizeClusterInput) SetClassic(v bool) *ResizeClusterInput {
+	s.Classic = &v
+	return s
+}
+
+// SetClusterIdentifier sets the ClusterIdentifier field's value.
+func (s *ResizeClusterInput) SetClusterIdentifier(v string) *ResizeClusterInput {
+	s.ClusterIdentifier = &v
+	return s
+}
+
+// SetClusterType sets the ClusterType field's value.
+func (s *ResizeClusterInput) SetClusterType(v string) *ResizeClusterInput {
+	s.ClusterType = &v
+	return s
+}
+
+// SetNodeType sets the NodeType field's value.
+func (s *ResizeClusterInput) SetNodeType(v string) *ResizeClusterInput {
+	s.NodeType = &v
+	return s
+}
+
+// SetNumberOfNodes sets the NumberOfNodes field's value.
+func (s *ResizeClusterInput) SetNumberOfNodes(v int64) *ResizeClusterInput {
+	s.NumberOfNodes = &v
+	return s
+}
+
+type ResizeClusterOutput struct {
+	_ struct{} `type:"structure"`
+
+	// Describes a cluster.
+	Cluster *Cluster `type:"structure"`
+}
+
+// String returns the string representation
+func (s ResizeClusterOutput) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ResizeClusterOutput) GoString() string {
+	return s.String()
+}
+
+// SetCluster sets the Cluster field's value.
+func (s *ResizeClusterOutput) SetCluster(v *Cluster) *ResizeClusterOutput {
+	s.Cluster = v
+	return s
+}
+
 type RestoreFromClusterSnapshotInput struct {
 	_ struct{} `type:"structure"`
 
@@ -16398,6 +16962,15 @@ type RestoreFromClusterSnapshotInput struct {
 	// snapshot.
 	KmsKeyId *string `type:"string"`
 
+	// The name of the maintenance track for the restored cluster. When you take
+	// a snapshot, the snapshot inherits the MaintenanceTrack value from the cluster.
+	// The snapshot might be on a different track than the cluster that was the
+	// source for the snapshot. For example, suppose that you take a snapshot of
+	// a cluster that is on the current track and then change the cluster to be
+	// on the trailing track. In this case, the snapshot and the source cluster
+	// are on different tracks.
+	MaintenanceTrackName *string `type:"string"`
+
 	// The node type that the restored cluster will be provisioned with.
 	//
 	// Default: The node type of the cluster from which the snapshot was taken.
@@ -16574,6 +17147,12 @@ func (s *RestoreFromClusterSnapshotInput) SetKmsKeyId(v string) *RestoreFromClus
 	return s
 }
 
+// SetMaintenanceTrackName sets the MaintenanceTrackName field's value.
+func (s *RestoreFromClusterSnapshotInput) SetMaintenanceTrackName(v string) *RestoreFromClusterSnapshotInput {
+	s.MaintenanceTrackName = &v
+	return s
+}
+
 // SetNodeType sets the NodeType field's value.
 func (s *RestoreFromClusterSnapshotInput) SetNodeType(v string) *RestoreFromClusterSnapshotInput {
 	s.NodeType = &v
@@ -17222,6 +17801,9 @@ type Snapshot struct {
 	// used to encrypt data in the cluster from which the snapshot was taken.
 	KmsKeyId *string `type:"string"`
 
+	// The name of the maintenance track for the snapshot.
+	MaintenanceTrackName *string `type:"string"`
+
 	// The master user name for the cluster.
 	MasterUsername *string `type:"string"`
 
@@ -17380,6 +17962,12 @@ func (s *Snapshot) SetKmsKeyId(v string) *Snapshot {
 	return s
 }
 
+// SetMaintenanceTrackName sets the MaintenanceTrackName field's value.
+func (s *Snapshot) SetMaintenanceTrackName(v string) *Snapshot {
+	s.MaintenanceTrackName = &v
+	return s
+}
+
 // SetMasterUsername sets the MasterUsername field's value.
 func (s *Snapshot) SetMasterUsername(v string) *Snapshot {
 	s.MasterUsername = &v
@@ -17823,6 +18411,39 @@ func (s *TaggedResource) SetTag(v *Tag) *TaggedResource {
 	return s
 }
 
+// A maintenance track that you can switch the current track to.
+type UpdateTarget struct {
+	_ struct{} `type:"structure"`
+
+	// The cluster version for the new maintenance track.
+	DatabaseVersion *string `type:"string"`
+
+	// The name of the new maintenance track.
+	MaintenanceTrackName *string `type:"string"`
+}
+
+// String returns the string representation
+func (s UpdateTarget) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s UpdateTarget) GoString() string {
+	return s.String()
+}
+
+// SetDatabaseVersion sets the DatabaseVersion field's value.
+func (s *UpdateTarget) SetDatabaseVersion(v string) *UpdateTarget {
+	s.DatabaseVersion = &v
+	return s
+}
+
+// SetMaintenanceTrackName sets the MaintenanceTrackName field's value.
+func (s *UpdateTarget) SetMaintenanceTrackName(v string) *UpdateTarget {
+	s.MaintenanceTrackName = &v
+	return s
+}
+
 // Describes the members of a VPC security group.
 type VpcSecurityGroupMembership struct {
 	_ struct{} `type:"structure"`

vendor/github.com/aws/aws-sdk-go/service/redshift/errors.go

@@ -294,6 +294,12 @@ const (
 	// The state of the subnet is invalid.
 	ErrCodeInvalidClusterSubnetStateFault = "InvalidClusterSubnetStateFault"
 
+	// ErrCodeInvalidClusterTrackFault for service response error code
+	// "InvalidClusterTrack".
+	//
+	// The provided cluster track name is not valid.
+	ErrCodeInvalidClusterTrackFault = "InvalidClusterTrack"
+
 	// ErrCodeInvalidElasticIpFault for service response error code
 	// "InvalidElasticIpFault".
 	//

vendor/github.com/aws/aws-sdk-go/service/s3/api.go

@@ -1958,6 +1958,8 @@ const opGetBucketLifecycle = "GetBucketLifecycle"
 //    }
 //
 // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketLifecycle
+//
+// Deprecated: GetBucketLifecycle has been deprecated
 func (c *S3) GetBucketLifecycleRequest(input *GetBucketLifecycleInput) (req *request.Request, output *GetBucketLifecycleOutput) {
 	if c.Client.Config.Logger != nil {
 		c.Client.Config.Logger.Log("This operation, GetBucketLifecycle, has been deprecated")
@@ -1988,6 +1990,8 @@ func (c *S3) GetBucketLifecycleRequest(input *GetBucketLifecycleInput) (req *req
 // See the AWS API reference guide for Amazon Simple Storage Service's
 // API operation GetBucketLifecycle for usage and error information.
 // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketLifecycle
+//
+// Deprecated: GetBucketLifecycle has been deprecated
 func (c *S3) GetBucketLifecycle(input *GetBucketLifecycleInput) (*GetBucketLifecycleOutput, error) {
 	req, out := c.GetBucketLifecycleRequest(input)
 	return out, req.Send()
@@ -2002,6 +2006,8 @@ func (c *S3) GetBucketLifecycle(input *GetBucketLifecycleInput) (*GetBucketLifec
 // the context is nil a panic will occur. In the future the SDK may create
 // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 // for more information on using Contexts.
+//
+// Deprecated: GetBucketLifecycleWithContext has been deprecated
 func (c *S3) GetBucketLifecycleWithContext(ctx aws.Context, input *GetBucketLifecycleInput, opts ...request.Option) (*GetBucketLifecycleOutput, error) {
 	req, out := c.GetBucketLifecycleRequest(input)
 	req.SetContext(ctx)
@@ -2333,6 +2339,8 @@ const opGetBucketNotification = "GetBucketNotification"
 //    }
 //
 // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketNotification
+//
+// Deprecated: GetBucketNotification has been deprecated
 func (c *S3) GetBucketNotificationRequest(input *GetBucketNotificationConfigurationRequest) (req *request.Request, output *NotificationConfigurationDeprecated) {
 	if c.Client.Config.Logger != nil {
 		c.Client.Config.Logger.Log("This operation, GetBucketNotification, has been deprecated")
@@ -2363,6 +2371,8 @@ func (c *S3) GetBucketNotificationRequest(input *GetBucketNotificationConfigurat
 // See the AWS API reference guide for Amazon Simple Storage Service's
 // API operation GetBucketNotification for usage and error information.
 // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketNotification
+//
+// Deprecated: GetBucketNotification has been deprecated
 func (c *S3) GetBucketNotification(input *GetBucketNotificationConfigurationRequest) (*NotificationConfigurationDeprecated, error) {
 	req, out := c.GetBucketNotificationRequest(input)
 	return out, req.Send()
@@ -2377,6 +2387,8 @@ func (c *S3) GetBucketNotification(input *GetBucketNotificationConfigurationRequ
 // the context is nil a panic will occur. In the future the SDK may create
 // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 // for more information on using Contexts.
+//
+// Deprecated: GetBucketNotificationWithContext has been deprecated
 func (c *S3) GetBucketNotificationWithContext(ctx aws.Context, input *GetBucketNotificationConfigurationRequest, opts ...request.Option) (*NotificationConfigurationDeprecated, error) {
 	req, out := c.GetBucketNotificationRequest(input)
 	req.SetContext(ctx)
@@ -4815,6 +4827,8 @@ const opPutBucketLifecycle = "PutBucketLifecycle"
 //    }
 //
 // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketLifecycle
+//
+// Deprecated: PutBucketLifecycle has been deprecated
 func (c *S3) PutBucketLifecycleRequest(input *PutBucketLifecycleInput) (req *request.Request, output *PutBucketLifecycleOutput) {
 	if c.Client.Config.Logger != nil {
 		c.Client.Config.Logger.Log("This operation, PutBucketLifecycle, has been deprecated")
@@ -4847,6 +4861,8 @@ func (c *S3) PutBucketLifecycleRequest(input *PutBucketLifecycleInput) (req *req
 // See the AWS API reference guide for Amazon Simple Storage Service's
 // API operation PutBucketLifecycle for usage and error information.
 // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketLifecycle
+//
+// Deprecated: PutBucketLifecycle has been deprecated
 func (c *S3) PutBucketLifecycle(input *PutBucketLifecycleInput) (*PutBucketLifecycleOutput, error) {
 	req, out := c.PutBucketLifecycleRequest(input)
 	return out, req.Send()
@@ -4861,6 +4877,8 @@ func (c *S3) PutBucketLifecycle(input *PutBucketLifecycleInput) (*PutBucketLifec
 // the context is nil a panic will occur. In the future the SDK may create
 // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 // for more information on using Contexts.
+//
+// Deprecated: PutBucketLifecycleWithContext has been deprecated
 func (c *S3) PutBucketLifecycleWithContext(ctx aws.Context, input *PutBucketLifecycleInput, opts ...request.Option) (*PutBucketLifecycleOutput, error) {
 	req, out := c.PutBucketLifecycleRequest(input)
 	req.SetContext(ctx)
@@ -5126,6 +5144,8 @@ const opPutBucketNotification = "PutBucketNotification"
 //    }
 //
 // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketNotification
+//
+// Deprecated: PutBucketNotification has been deprecated
 func (c *S3) PutBucketNotificationRequest(input *PutBucketNotificationInput) (req *request.Request, output *PutBucketNotificationOutput) {
 	if c.Client.Config.Logger != nil {
 		c.Client.Config.Logger.Log("This operation, PutBucketNotification, has been deprecated")
@@ -5158,6 +5178,8 @@ func (c *S3) PutBucketNotificationRequest(input *PutBucketNotificationInput) (re
 // See the AWS API reference guide for Amazon Simple Storage Service's
 // API operation PutBucketNotification for usage and error information.
 // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketNotification
+//
+// Deprecated: PutBucketNotification has been deprecated
 func (c *S3) PutBucketNotification(input *PutBucketNotificationInput) (*PutBucketNotificationOutput, error) {
 	req, out := c.PutBucketNotificationRequest(input)
 	return out, req.Send()
@@ -5172,6 +5194,8 @@ func (c *S3) PutBucketNotification(input *PutBucketNotificationInput) (*PutBucke
 // the context is nil a panic will occur. In the future the SDK may create
 // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 // for more information on using Contexts.
+//
+// Deprecated: PutBucketNotificationWithContext has been deprecated
 func (c *S3) PutBucketNotificationWithContext(ctx aws.Context, input *PutBucketNotificationInput, opts ...request.Option) (*PutBucketNotificationOutput, error) {
 	req, out := c.PutBucketNotificationRequest(input)
 	req.SetContext(ctx)
@@ -5379,7 +5403,8 @@ func (c *S3) PutBucketReplicationRequest(input *PutBucketReplicationInput) (req
 // PutBucketReplication API operation for Amazon Simple Storage Service.
 //
 // Creates a new replication configuration (or replaces an existing one, if
-// present).
+// present). For more information, see Cross-Region Replication (CRR) ( https://docs.aws.amazon.com/AmazonS3/latest/dev/crr.html)
+// in the Amazon S3 Developer Guide.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 // with awserr.Error's Code and Message methods to get detailed information about
@@ -7212,6 +7237,8 @@ type CloudFunctionConfiguration struct {
 	CloudFunction *string `type:"string"`
 
 	// Bucket event for which to send notifications.
+	//
+	// Deprecated: Event has been deprecated
 	Event *string `deprecated:"true" type:"string" enum:"Event"`
 
 	Events []*string `locationName:"Event" type:"list" flattened:"true"`
@@ -9254,6 +9281,14 @@ func (s DeleteBucketPolicyOutput) GoString() string {
 type DeleteBucketReplicationInput struct {
 	_ struct{} `type:"structure"`
 
+	// Deletes the replication subresource associated with the specified bucket.
+	//
+	// There is usually some time lag before replication configuration deletion
+	// is fully propagated to all the Amazon S3 systems.
+	//
+	// For more information, see Cross-Region Replication (CRR) ( https://docs.aws.amazon.com/AmazonS3/latest/dev/crr.html)
+	// in the Amazon S3 Developer Guide.
+	//
 	// Bucket is a required field
 	Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
 }
@@ -9481,6 +9516,33 @@ func (s *DeleteMarkerEntry) SetVersionId(v string) *DeleteMarkerEntry {
 	return s
 }
 
+// Specifies whether Amazon S3 should replicate delete makers.
+type DeleteMarkerReplication struct {
+	_ struct{} `type:"structure"`
+
+	// The status of the delete marker replication.
+	//
+	// In the current implementation, Amazon S3 does not replicate the delete markers.
+	// Therefore, the status must be Disabled.
+	Status *string `type:"string" enum:"DeleteMarkerReplicationStatus"`
+}
+
+// String returns the string representation
+func (s DeleteMarkerReplication) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DeleteMarkerReplication) GoString() string {
+	return s.String()
+}
+
+// SetStatus sets the Status field's value.
+func (s *DeleteMarkerReplication) SetStatus(v string) *DeleteMarkerReplication {
+	s.Status = &v
+	return s
+}
+
 type DeleteObjectInput struct {
 	_ struct{} `type:"structure"`
 
@@ -9877,19 +9939,34 @@ type Destination struct {
 	_ struct{} `type:"structure"`
 
 	// Container for information regarding the access control for replicas.
+	//
+	// Use only in a cross-account scenario, where source and destination bucket
+	// owners are not the same, when you want to change replica ownership to the
+	// AWS account that owns the destination bucket. If you don't add this element
+	// to the replication configuration, the replicas are owned by same AWS account
+	// that owns the source object.
 	AccessControlTranslation *AccessControlTranslation `type:"structure"`
 
-	// Account ID of the destination bucket. Currently this is only being verified
+	// Account ID of the destination bucket. Currently Amazon S3 verifies this value
-	// if Access Control Translation is enabled
+	// only if Access Control Translation is enabled.
+	//
+	// In a cross-account scenario, if you tell Amazon S3 to change replica ownership
+	// to the AWS account that owns the destination bucket by adding the AccessControlTranslation
+	// element, this is the account ID of the destination bucket owner.
 	Account *string `type:"string"`
 
 	// Amazon resource name (ARN) of the bucket where you want Amazon S3 to store
 	// replicas of the object identified by the rule.
 	//
+	// If you have multiple rules in your replication configuration, all rules must
+	// specify the same bucket as the destination. A replication configuration can
+	// replicate objects only to one destination bucket.
+	//
 	// Bucket is a required field
 	Bucket *string `type:"string" required:"true"`
 
-	// Container for information regarding encryption based configuration for replicas.
+	// Container that provides encryption-related information. You must specify
+	// this element if the SourceSelectionCriteria is specified.
 	EncryptionConfiguration *EncryptionConfiguration `type:"structure"`
 
 	// The class of storage used to store the object.
@@ -10026,7 +10103,8 @@ func (s *Encryption) SetKMSKeyId(v string) *Encryption {
 type EncryptionConfiguration struct {
 	_ struct{} `type:"structure"`
 
-	// The id of the KMS key used to encrypt the replica object.
+	// The ID of the AWS KMS key for the region where the destination bucket resides.
+	// Amazon S3 uses this key to encrypt the replica object.
 	ReplicaKmsKeyID *string `type:"string"`
 }
 
@@ -13032,6 +13110,9 @@ type InputSerialization struct {
 
 	// Specifies JSON as object's input serialization format.
 	JSON *JSONInput `type:"structure"`
+
+	// Specifies Parquet as object's input serialization format.
+	Parquet *ParquetInput `type:"structure"`
 }
 
 // String returns the string representation
@@ -13062,6 +13143,12 @@ func (s *InputSerialization) SetJSON(v *JSONInput) *InputSerialization {
 	return s
 }
 
+// SetParquet sets the Parquet field's value.
+func (s *InputSerialization) SetParquet(v *ParquetInput) *InputSerialization {
+	s.Parquet = v
+	return s
+}
+
 type InventoryConfiguration struct {
 	_ struct{} `type:"structure"`
 
@@ -13715,6 +13802,8 @@ type LifecycleRule struct {
 
 	// Prefix identifying one or more objects to which the rule applies. This is
 	// deprecated; use Filter instead.
+	//
+	// Deprecated: Prefix has been deprecated
 	Prefix *string `deprecated:"true" type:"string"`
 
 	// If 'Enabled', the rule is currently being applied. If 'Disabled', the rule
@@ -16487,6 +16576,20 @@ func (s *Owner) SetID(v string) *Owner {
 	return s
 }
 
+type ParquetInput struct {
+	_ struct{} `type:"structure"`
+}
+
+// String returns the string representation
+func (s ParquetInput) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ParquetInput) GoString() string {
+	return s.String()
+}
+
 type Part struct {
 	_ struct{} `type:"structure"`
 
@@ -18817,6 +18920,8 @@ type QueueConfigurationDeprecated struct {
 	_ struct{} `type:"structure"`
 
 	// Bucket event for which to send notifications.
+	//
+	// Deprecated: Event has been deprecated
 	Event *string `deprecated:"true" type:"string" enum:"Event"`
 
 	Events []*string `locationName:"Event" type:"list" flattened:"true"`
@@ -19028,8 +19133,8 @@ type ReplicationConfiguration struct {
 	// Role is a required field
 	Role *string `type:"string" required:"true"`
 
-	// Container for information about a particular replication rule. Replication
+	// Container for one or more replication rules. Replication configuration must
-	// configuration must have at least one rule and can contain up to 1,000 rules.
+	// have at least one rule and can contain up to 1,000 rules.
 	//
 	// Rules is a required field
 	Rules []*ReplicationRule `locationName:"Rule" type:"list" flattened:"true" required:"true"`
@@ -19087,22 +19192,50 @@ func (s *ReplicationConfiguration) SetRules(v []*ReplicationRule) *ReplicationCo
 type ReplicationRule struct {
 	_ struct{} `type:"structure"`
 
+	// Specifies whether Amazon S3 should replicate delete makers.
+	DeleteMarkerReplication *DeleteMarkerReplication `type:"structure"`
+
 	// Container for replication destination information.
 	//
 	// Destination is a required field
 	Destination *Destination `type:"structure" required:"true"`
 
+	// Filter that identifies subset of objects to which the replication rule applies.
+	// A Filter must specify exactly one Prefix, Tag, or an And child element.
+	Filter *ReplicationRuleFilter `type:"structure"`
+
 	// Unique identifier for the rule. The value cannot be longer than 255 characters.
 	ID *string `type:"string"`
 
 	// Object keyname prefix identifying one or more objects to which the rule applies.
-	// Maximum prefix length can be up to 1,024 characters. Overlapping prefixes
+	// Maximum prefix length can be up to 1,024 characters.
-	// are not supported.
 	//
-	// Prefix is a required field
+	// Deprecated: Prefix has been deprecated
-	Prefix *string `type:"string" required:"true"`
+	Prefix *string `deprecated:"true" type:"string"`
 
-	// Container for filters that define which source objects should be replicated.
+	// The priority associated with the rule. If you specify multiple rules in a
+	// replication configuration, then Amazon S3 applies rule priority in the event
+	// there are conflicts (two or more rules identify the same object based on
+	// filter specified). The rule with higher priority takes precedence. For example,
+	//
+	//    * Same object quality prefix based filter criteria If prefixes you specified
+	//    in multiple rules overlap.
+	//
+	//    * Same object qualify tag based filter criteria specified in multiple
+	//    rules
+	//
+	// For more information, see Cross-Region Replication (CRR) ( https://docs.aws.amazon.com/AmazonS3/latest/dev/crr.html)
+	// in the Amazon S3 Developer Guide.
+	Priority *int64 `type:"integer"`
+
+	// Container that describes additional filters in identifying source objects
+	// that you want to replicate. Currently, Amazon S3 supports only the filter
+	// that you can specify for objects created with server-side encryption using
+	// an AWS KMS-managed key. You can choose to enable or disable replication of
+	// these objects.
+	//
+	// if you want Amazon S3 to replicate objects created with server-side encryption
+	// using AWS KMS-managed keys.
 	SourceSelectionCriteria *SourceSelectionCriteria `type:"structure"`
 
 	// The rule is ignored if status is not Enabled.
@@ -19127,9 +19260,6 @@ func (s *ReplicationRule) Validate() error {
 	if s.Destination == nil {
 		invalidParams.Add(request.NewErrParamRequired("Destination"))
 	}
-	if s.Prefix == nil {
-		invalidParams.Add(request.NewErrParamRequired("Prefix"))
-	}
 	if s.Status == nil {
 		invalidParams.Add(request.NewErrParamRequired("Status"))
 	}
@@ -19138,6 +19268,11 @@ func (s *ReplicationRule) Validate() error {
 			invalidParams.AddNested("Destination", err.(request.ErrInvalidParams))
 		}
 	}
+	if s.Filter != nil {
+		if err := s.Filter.Validate(); err != nil {
+			invalidParams.AddNested("Filter", err.(request.ErrInvalidParams))
+		}
+	}
 	if s.SourceSelectionCriteria != nil {
 		if err := s.SourceSelectionCriteria.Validate(); err != nil {
 			invalidParams.AddNested("SourceSelectionCriteria", err.(request.ErrInvalidParams))
@@ -19150,12 +19285,24 @@ func (s *ReplicationRule) Validate() error {
 	return nil
 }
 
+// SetDeleteMarkerReplication sets the DeleteMarkerReplication field's value.
+func (s *ReplicationRule) SetDeleteMarkerReplication(v *DeleteMarkerReplication) *ReplicationRule {
+	s.DeleteMarkerReplication = v
+	return s
+}
+
 // SetDestination sets the Destination field's value.
 func (s *ReplicationRule) SetDestination(v *Destination) *ReplicationRule {
 	s.Destination = v
 	return s
 }
 
+// SetFilter sets the Filter field's value.
+func (s *ReplicationRule) SetFilter(v *ReplicationRuleFilter) *ReplicationRule {
+	s.Filter = v
+	return s
+}
+
 // SetID sets the ID field's value.
 func (s *ReplicationRule) SetID(v string) *ReplicationRule {
 	s.ID = &v
@@ -19168,6 +19315,12 @@ func (s *ReplicationRule) SetPrefix(v string) *ReplicationRule {
 	return s
 }
 
+// SetPriority sets the Priority field's value.
+func (s *ReplicationRule) SetPriority(v int64) *ReplicationRule {
+	s.Priority = &v
+	return s
+}
+
 // SetSourceSelectionCriteria sets the SourceSelectionCriteria field's value.
 func (s *ReplicationRule) SetSourceSelectionCriteria(v *SourceSelectionCriteria) *ReplicationRule {
 	s.SourceSelectionCriteria = v
@@ -19180,6 +19333,130 @@ func (s *ReplicationRule) SetStatus(v string) *ReplicationRule {
 	return s
 }
 
+type ReplicationRuleAndOperator struct {
+	_ struct{} `type:"structure"`
+
+	Prefix *string `type:"string"`
+
+	Tags []*Tag `locationName:"Tag" locationNameList:"Tag" type:"list" flattened:"true"`
+}
+
+// String returns the string representation
+func (s ReplicationRuleAndOperator) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ReplicationRuleAndOperator) GoString() string {
+	return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *ReplicationRuleAndOperator) Validate() error {
+	invalidParams := request.ErrInvalidParams{Context: "ReplicationRuleAndOperator"}
+	if s.Tags != nil {
+		for i, v := range s.Tags {
+			if v == nil {
+				continue
+			}
+			if err := v.Validate(); err != nil {
+				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
+			}
+		}
+	}
+
+	if invalidParams.Len() > 0 {
+		return invalidParams
+	}
+	return nil
+}
+
+// SetPrefix sets the Prefix field's value.
+func (s *ReplicationRuleAndOperator) SetPrefix(v string) *ReplicationRuleAndOperator {
+	s.Prefix = &v
+	return s
+}
+
+// SetTags sets the Tags field's value.
+func (s *ReplicationRuleAndOperator) SetTags(v []*Tag) *ReplicationRuleAndOperator {
+	s.Tags = v
+	return s
+}
+
+// Filter that identifies subset of objects to which the replication rule applies.
+// A Filter must specify exactly one Prefix, Tag, or an And child element.
+type ReplicationRuleFilter struct {
+	_ struct{} `type:"structure"`
+
+	// Container for specifying rule filters. These filters determine the subset
+	// of objects to which the rule applies. The element is required only if you
+	// specify more than one filter. For example:
+	//
+	//    * You specify both a Prefix and a Tag filters. Then you wrap these in
+	//    an And tag.
+	//
+	//    * You specify filter based on multiple tags. Then you wrap the Tag elements
+	//    in an And tag.
+	And *ReplicationRuleAndOperator `type:"structure"`
+
+	// Object keyname prefix that identifies subset of objects to which the rule
+	// applies.
+	Prefix *string `type:"string"`
+
+	// Container for specifying a tag key and value.
+	//
+	// The rule applies only to objects having the tag in its tagset.
+	Tag *Tag `type:"structure"`
+}
+
+// String returns the string representation
+func (s ReplicationRuleFilter) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ReplicationRuleFilter) GoString() string {
+	return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *ReplicationRuleFilter) Validate() error {
+	invalidParams := request.ErrInvalidParams{Context: "ReplicationRuleFilter"}
+	if s.And != nil {
+		if err := s.And.Validate(); err != nil {
+			invalidParams.AddNested("And", err.(request.ErrInvalidParams))
+		}
+	}
+	if s.Tag != nil {
+		if err := s.Tag.Validate(); err != nil {
+			invalidParams.AddNested("Tag", err.(request.ErrInvalidParams))
+		}
+	}
+
+	if invalidParams.Len() > 0 {
+		return invalidParams
+	}
+	return nil
+}
+
+// SetAnd sets the And field's value.
+func (s *ReplicationRuleFilter) SetAnd(v *ReplicationRuleAndOperator) *ReplicationRuleFilter {
+	s.And = v
+	return s
+}
+
+// SetPrefix sets the Prefix field's value.
+func (s *ReplicationRuleFilter) SetPrefix(v string) *ReplicationRuleFilter {
+	s.Prefix = &v
+	return s
+}
+
+// SetTag sets the Tag field's value.
+func (s *ReplicationRuleFilter) SetTag(v *Tag) *ReplicationRuleFilter {
+	s.Tag = v
+	return s
+}
+
 type RequestPaymentConfiguration struct {
 	_ struct{} `type:"structure"`
 
@@ -20358,6 +20635,8 @@ type SourceSelectionCriteria struct {
 	_ struct{} `type:"structure"`
 
 	// Container for filter information of selection of KMS Encrypted S3 objects.
+	// The element is required if you include SourceSelectionCriteria in the replication
+	// configuration.
 	SseKmsEncryptedObjects *SseKmsEncryptedObjects `type:"structure"`
 }
 
@@ -20834,6 +21113,8 @@ type TopicConfigurationDeprecated struct {
 	_ struct{} `type:"structure"`
 
 	// Bucket event for which to send notifications.
+	//
+	// Deprecated: Event has been deprecated
 	Event *string `deprecated:"true" type:"string" enum:"Event"`
 
 	Events []*string `locationName:"Event" type:"list" flattened:"true"`
@@ -21705,6 +21986,14 @@ const (
 	CompressionTypeBzip2 = "BZIP2"
 )
 
+const (
+	// DeleteMarkerReplicationStatusEnabled is a DeleteMarkerReplicationStatus enum value
+	DeleteMarkerReplicationStatusEnabled = "Enabled"
+
+	// DeleteMarkerReplicationStatusDisabled is a DeleteMarkerReplicationStatus enum value
+	DeleteMarkerReplicationStatusDisabled = "Disabled"
+)
+
 // Requests Amazon S3 to encode the object keys in the response and specifies
 // the encoding method to use. An object key may contain any Unicode character;
 // however, XML 1.0 parser cannot parse some characters, such as characters

vendor/github.com/aws/aws-sdk-go/service/s3/customizations.go

@@ -3,6 +3,7 @@ package s3
 import (
 	"github.com/aws/aws-sdk-go/aws/client"
 	"github.com/aws/aws-sdk-go/aws/request"
+	"github.com/aws/aws-sdk-go/internal/s3err"
 )
 
 func init() {
@@ -21,6 +22,7 @@ func defaultInitClientFn(c *client.Client) {
 	// S3 uses custom error unmarshaling logic
 	c.Handlers.UnmarshalError.Clear()
 	c.Handlers.UnmarshalError.PushBack(unmarshalError)
+	c.Handlers.UnmarshalError.PushBackNamed(s3err.RequestFailureWrapperHandler())
 }
 
 func defaultInitRequestFn(r *request.Request) {
@@ -42,6 +44,7 @@ func defaultInitRequestFn(r *request.Request) {
 		r.Handlers.Validate.PushFront(populateLocationConstraint)
 	case opCopyObject, opUploadPartCopy, opCompleteMultipartUpload:
 		r.Handlers.Unmarshal.PushFront(copyMultipartStatusOKUnmarhsalError)
+		r.Handlers.Unmarshal.PushBackNamed(s3err.RequestFailureWrapperHandler())
 	case opPutObject, opUploadPart:
 		r.Handlers.Build.PushBack(computeBodyHashes)
 		// Disabled until #1837 root issue is resolved.

vendor/github.com/aws/aws-sdk-go/service/s3/service.go

@@ -67,7 +67,9 @@ func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio
 	}
 
 	// Handlers
-	svc.Handlers.Sign.PushBackNamed(v4.SignRequestHandler)
+	svc.Handlers.Sign.PushBackNamed(v4.BuildNamedHandler(v4.SignRequestHandler.Name, func(s *v4.Signer) {
+		s.DisableURIPathEscaping = true
+	}))
 	svc.Handlers.Build.PushBackNamed(restxml.BuildHandler)
 	svc.Handlers.Unmarshal.PushBackNamed(restxml.UnmarshalHandler)
 	svc.Handlers.UnmarshalMeta.PushBackNamed(restxml.UnmarshalMetaHandler)

vendor/github.com/aws/aws-sdk-go/service/s3/statusok_error.go

@@ -13,7 +13,11 @@ import (
 func copyMultipartStatusOKUnmarhsalError(r *request.Request) {
 	b, err := ioutil.ReadAll(r.HTTPResponse.Body)
 	if err != nil {
-		r.Error = awserr.New("SerializationError", "unable to read response body", err)
+		r.Error = awserr.NewRequestFailure(
+			awserr.New("SerializationError", "unable to read response body", err),
+			r.HTTPResponse.StatusCode,
+			r.RequestID,
+		)
 		return
 	}
 	body := bytes.NewReader(b)

vendor/github.com/aws/aws-sdk-go/service/s3/unmarshal_error.go

@@ -23,22 +23,17 @@ func unmarshalError(r *request.Request) {
 	defer r.HTTPResponse.Body.Close()
 	defer io.Copy(ioutil.Discard, r.HTTPResponse.Body)
 
-	hostID := r.HTTPResponse.Header.Get("X-Amz-Id-2")
-
 	// Bucket exists in a different region, and request needs
 	// to be made to the correct region.
 	if r.HTTPResponse.StatusCode == http.StatusMovedPermanently {
-		r.Error = requestFailure{
+		r.Error = awserr.NewRequestFailure(
-			RequestFailure: awserr.NewRequestFailure(
 			awserr.New("BucketRegionError",
 				fmt.Sprintf("incorrect region, the bucket is not in '%s' region",
 					aws.StringValue(r.Config.Region)),
 				nil),
 			r.HTTPResponse.StatusCode,
 			r.RequestID,
-			),
+		)
-			hostID: hostID,
-		}
 		return
 	}
 
@@ -63,14 +58,11 @@ func unmarshalError(r *request.Request) {
 		errMsg = statusText
 	}
 
-	r.Error = requestFailure{
+	r.Error = awserr.NewRequestFailure(
-		RequestFailure: awserr.NewRequestFailure(
 		awserr.New(errCode, errMsg, err),
 		r.HTTPResponse.StatusCode,
 		r.RequestID,
-		),
+	)
-		hostID: hostID,
-	}
 }
 
 // A RequestFailure provides access to the S3 Request ID and Host ID values
@@ -83,21 +75,3 @@ type RequestFailure interface {
 	// Host ID is the S3 Host ID needed for debug, and contacting support
 	HostID() string
 }
-
-type requestFailure struct {
-	awserr.RequestFailure
-
-	hostID string
-}
-
-func (r requestFailure) Error() string {
-	extra := fmt.Sprintf("status code: %d, request id: %s, host id: %s",
-		r.StatusCode(), r.RequestID(), r.hostID)
-	return awserr.SprintError(r.Code(), r.Message(), extra, r.OrigErr())
-}
-func (r requestFailure) String() string {
-	return r.Error()
-}
-func (r requestFailure) HostID() string {
-	return r.hostID
-}

vendor/github.com/aws/aws-sdk-go/service/secretsmanager/api.go

@@ -67,8 +67,8 @@ func (c *SecretsManager) CancelRotateSecretRequest(input *CancelRotateSecretInpu
 // If you cancel a rotation that is in progress, it can leave the VersionStage
 // labels in an unexpected state. Depending on what step of the rotation was
 // in progress, you might need to remove the staging label AWSPENDING from the
-// partially created version, specified by the SecretVersionId response value.
+// partially created version, specified by the VersionId response value. You
-// You should also evaluate the partially rotated new version to see if it should
+// should also evaluate the partially rotated new version to see if it should
 // be deleted, which you can do by removing all staging labels from the new
 // version's VersionStage field.
 //
@@ -1529,9 +1529,9 @@ func (c *SecretsManager) PutSecretValueRequest(input *PutSecretValueInput) (req
 //    then Secrets Manager also automatically moves the staging label AWSPREVIOUS
 //    to the version that AWSCURRENT was removed from.
 //
-//    * This operation is idempotent. If a version with a SecretVersionId with
+//    * This operation is idempotent. If a version with a VersionId with the
-//    the same value as the ClientRequestToken parameter already exists and
+//    same value as the ClientRequestToken parameter already exists and you
-//    you specify the same secret data, the operation succeeds but does nothing.
+//    specify the same secret data, the operation succeeds but does nothing.
 //    However, if the secret data is different, then the operation fails because
 //    you cannot modify an existing version; you can only create new ones.
 //
@@ -1813,6 +1813,13 @@ func (c *SecretsManager) RotateSecretRequest(input *RotateSecretInput) (req *req
 // (http://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html)
 // in the AWS Secrets Manager User Guide.
 //
+// Secrets Manager schedules the next rotation when the previous one is complete.
+// Secrets Manager schedules the date by adding the rotation interval (number
+// of days) to the actual date of the last rotation. The service chooses the
+// hour within that 24-hour date window randomly. The minute is also chosen
+// somewhat randomly, but weighted towards the top of the hour and influenced
+// by a variety of factors that help distribute load.
+//
 // The rotation function must end with the versions of the secret in one of
 // two states:
 //
@@ -2204,8 +2211,8 @@ func (c *SecretsManager) UpdateSecretRequest(input *UpdateSecretInput) (req *req
 
 // UpdateSecret API operation for AWS Secrets Manager.
 //
-// Modifies many of the details of a secret. If you include a ClientRequestToken
+// Modifies many of the details of the specified secret. If you include a ClientRequestToken
-// and either SecretString or SecretBinary then it also creates a new version
+// and eitherSecretString or SecretBinary then it also creates a new version
 // attached to the secret.
 //
 // To modify the rotation configuration of a secret, use RotateSecret instead.
@@ -2215,9 +2222,9 @@ func (c *SecretsManager) UpdateSecretRequest(input *UpdateSecretInput) (req *req
 // binary data as part of the version of a secret, you must use either the AWS
 // CLI or one of the AWS SDKs.
 //
-//    * If a version with a SecretVersionId with the same value as the ClientRequestToken
+//    * If a version with a VersionId with the same value as the ClientRequestToken
-//    parameter already exists, the operation generates an error. You cannot
+//    parameter already exists, the operation results in an error. You cannot
-//    modify an existing version, you can only create new ones.
+//    modify an existing version, you can only create a new version.
 //
 //    * If you include SecretString or SecretBinary to create a new secret version,
 //    Secrets Manager automatically attaches the staging label AWSCURRENT to
@@ -2480,6 +2487,18 @@ type CancelRotateSecretInput struct {
 	// can specify either the Amazon Resource Name (ARN) or the friendly name of
 	// the secret.
 	//
+	// If you specify an ARN, we generally recommend that you specify a complete
+	// ARN. You can specify a partial ARN too—for example, if you don’t include
+	// the final hyphen and six random characters that Secrets Manager adds at the
+	// end of the ARN when you created the secret. A partial ARN match can work
+	// as long as it uniquely matches only one secret. However, if your secret has
+	// a name that ends in a hyphen followed by six characters (before Secrets Manager
+	// adds the hyphen and six characters to the ARN) and you try to use that as
+	// a partial ARN, then those characters cause Secrets Manager to assume that
+	// you’re specifying a complete ARN. This confusion can cause unexpected results.
+	// To avoid this situation, we recommend that you don’t create secret names
+	// that end with a hyphen followed by six characters.
+	//
 	// SecretId is a required field
 	SecretId *string `min:"1" type:"string" required:"true"`
 }
@@ -2592,7 +2611,7 @@ type CreateSecretInput struct {
 	//    request fails because you cannot modify an existing version. Instead,
 	//    use PutSecretValue to create a new version.
 	//
-	// This value becomes the SecretVersionId of the new version.
+	// This value becomes the VersionId of the new version.
 	ClientRequestToken *string `min:"32" type:"string" idempotencyToken:"true"`
 
 	// (Optional) Specifies a user-provided description of the secret.
@@ -2623,6 +2642,11 @@ type CreateSecretInput struct {
 	// The secret name must be ASCII letters, digits, or the following characters
 	// : /_+=.@-
 	//
+	// Don't end your secret name with a hyphen followed by six characters. If you
+	// do so, you risk confusion and unexpected results when searching for a secret
+	// by partial ARN. This is because Secrets Manager automatically adds a hyphen
+	// and six random characters at the end of the ARN.
+	//
 	// Name is a required field
 	Name *string `min:"1" type:"string" required:"true"`
 
@@ -2847,6 +2871,18 @@ type DeleteResourcePolicyInput struct {
 	// policy for. You can specify either the Amazon Resource Name (ARN) or the
 	// friendly name of the secret.
 	//
+	// If you specify an ARN, we generally recommend that you specify a complete
+	// ARN. You can specify a partial ARN too—for example, if you don’t include
+	// the final hyphen and six random characters that Secrets Manager adds at the
+	// end of the ARN when you created the secret. A partial ARN match can work
+	// as long as it uniquely matches only one secret. However, if your secret has
+	// a name that ends in a hyphen followed by six characters (before Secrets Manager
+	// adds the hyphen and six characters to the ARN) and you try to use that as
+	// a partial ARN, then those characters cause Secrets Manager to assume that
+	// you’re specifying a complete ARN. This confusion can cause unexpected results.
+	// To avoid this situation, we recommend that you don’t create secret names
+	// that end with a hyphen followed by six characters.
+	//
 	// SecretId is a required field
 	SecretId *string `min:"1" type:"string" required:"true"`
 }
@@ -2919,8 +2955,25 @@ func (s *DeleteResourcePolicyOutput) SetName(v string) *DeleteResourcePolicyOutp
 type DeleteSecretInput struct {
 	_ struct{} `type:"structure"`
 
+	// (Optional) Specifies that the secret is to be deleted without any recovery
+	// window. You can't use both this parameter and the RecoveryWindowInDays parameter
+	// in the same API call.
+	//
+	// An asynchronous background process performs the actual deletion, so there
+	// can be a short delay before the operation completes. If you write code to
+	// delete and then immediately recreate a secret with the same name, ensure
+	// that your code includes appropriate back off and retry logic.
+	//
+	// Use this parameter with caution. This parameter causes the operation to skip
+	// the normal waiting period before the permanent deletion that AWS would normally
+	// impose with the RecoveryWindowInDays parameter. If you delete a secret with
+	// the ForceDeleteWithouRecovery parameter, then you have no opportunity to
+	// recover the secret. It is permanently lost.
+	ForceDeleteWithoutRecovery *bool `type:"boolean"`
+
 	// (Optional) Specifies the number of days that Secrets Manager waits before
-	// it can delete the secret.
+	// it can delete the secret. You can't use both this parameter and the ForceDeleteWithoutRecovery
+	// parameter in the same API call.
 	//
 	// This value can range from 7 to 30 days. The default value is 30.
 	RecoveryWindowInDays *int64 `type:"long"`
@@ -2928,6 +2981,18 @@ type DeleteSecretInput struct {
 	// Specifies the secret that you want to delete. You can specify either the
 	// Amazon Resource Name (ARN) or the friendly name of the secret.
 	//
+	// If you specify an ARN, we generally recommend that you specify a complete
+	// ARN. You can specify a partial ARN too—for example, if you don’t include
+	// the final hyphen and six random characters that Secrets Manager adds at the
+	// end of the ARN when you created the secret. A partial ARN match can work
+	// as long as it uniquely matches only one secret. However, if your secret has
+	// a name that ends in a hyphen followed by six characters (before Secrets Manager
+	// adds the hyphen and six characters to the ARN) and you try to use that as
+	// a partial ARN, then those characters cause Secrets Manager to assume that
+	// you’re specifying a complete ARN. This confusion can cause unexpected results.
+	// To avoid this situation, we recommend that you don’t create secret names
+	// that end with a hyphen followed by six characters.
+	//
 	// SecretId is a required field
 	SecretId *string `min:"1" type:"string" required:"true"`
 }
@@ -2958,6 +3023,12 @@ func (s *DeleteSecretInput) Validate() error {
 	return nil
 }
 
+// SetForceDeleteWithoutRecovery sets the ForceDeleteWithoutRecovery field's value.
+func (s *DeleteSecretInput) SetForceDeleteWithoutRecovery(v bool) *DeleteSecretInput {
+	s.ForceDeleteWithoutRecovery = &v
+	return s
+}
+
 // SetRecoveryWindowInDays sets the RecoveryWindowInDays field's value.
 func (s *DeleteSecretInput) SetRecoveryWindowInDays(v int64) *DeleteSecretInput {
 	s.RecoveryWindowInDays = &v
@@ -3020,6 +3091,18 @@ type DescribeSecretInput struct {
 	// specify either the Amazon Resource Name (ARN) or the friendly name of the
 	// secret.
 	//
+	// If you specify an ARN, we generally recommend that you specify a complete
+	// ARN. You can specify a partial ARN too—for example, if you don’t include
+	// the final hyphen and six random characters that Secrets Manager adds at the
+	// end of the ARN when you created the secret. A partial ARN match can work
+	// as long as it uniquely matches only one secret. However, if your secret has
+	// a name that ends in a hyphen followed by six characters (before Secrets Manager
+	// adds the hyphen and six characters to the ARN) and you try to use that as
+	// a partial ARN, then those characters cause Secrets Manager to assume that
+	// you’re specifying a complete ARN. This confusion can cause unexpected results.
+	// To avoid this situation, we recommend that you don’t create secret names
+	// that end with a hyphen followed by six characters.
+	//
 	// SecretId is a required field
 	SecretId *string `min:"1" type:"string" required:"true"`
 }
@@ -3088,8 +3171,8 @@ type DescribeSecretOutput struct {
 	// The last date and time that this secret was modified in any way.
 	LastChangedDate *time.Time `type:"timestamp"`
 
-	// The last date and time that the Secrets Manager rotation process for this
+	// The most recent date and time that the Secrets Manager rotation process was
-	// secret was invoked.
+	// successfully completed. This value is null if the secret has never rotated.
 	LastRotatedDate *time.Time `type:"timestamp"`
 
 	// The user-provided friendly name of the secret.
@@ -3114,8 +3197,8 @@ type DescribeSecretOutput struct {
 	Tags []*Tag `type:"list"`
 
 	// A list of all of the currently assigned VersionStage staging labels and the
-	// SecretVersionId that each is attached to. Staging labels are used to keep
+	// VersionId that each is attached to. Staging labels are used to keep track
-	// track of the different versions during the rotation process.
+	// of the different versions during the rotation process.
 	//
 	// A version that does not have any staging labels attached is considered deprecated
 	// and subject to deletion. Such versions are not included in this list.
@@ -3230,6 +3313,12 @@ type GetRandomPasswordInput struct {
 	// Specifies that the generated password should not include punctuation characters.
 	// The default if you do not include this switch parameter is that punctuation
 	// characters can be included.
+	//
+	// The following are the punctuation characters that can be included in the
+	// generated password if you don't explicitly exclude them with ExcludeCharacters
+	// or ExcludePunctuation:
+	//
+	// ! " # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~
 	ExcludePunctuation *bool `type:"boolean"`
 
 	// Specifies that the generated password should not include uppercase letters.
@@ -3353,6 +3442,18 @@ type GetResourcePolicyInput struct {
 	// policy for. You can specify either the Amazon Resource Name (ARN) or the
 	// friendly name of the secret.
 	//
+	// If you specify an ARN, we generally recommend that you specify a complete
+	// ARN. You can specify a partial ARN too—for example, if you don’t include
+	// the final hyphen and six random characters that Secrets Manager adds at the
+	// end of the ARN when you created the secret. A partial ARN match can work
+	// as long as it uniquely matches only one secret. However, if your secret has
+	// a name that ends in a hyphen followed by six characters (before Secrets Manager
+	// adds the hyphen and six characters to the ARN) and you try to use that as
+	// a partial ARN, then those characters cause Secrets Manager to assume that
+	// you’re specifying a complete ARN. This confusion can cause unexpected results.
+	// To avoid this situation, we recommend that you don’t create secret names
+	// that end with a hyphen followed by six characters.
+	//
 	// SecretId is a required field
 	SecretId *string `min:"1" type:"string" required:"true"`
 }
@@ -3444,12 +3545,24 @@ type GetSecretValueInput struct {
 	// can specify either the Amazon Resource Name (ARN) or the friendly name of
 	// the secret.
 	//
+	// If you specify an ARN, we generally recommend that you specify a complete
+	// ARN. You can specify a partial ARN too—for example, if you don’t include
+	// the final hyphen and six random characters that Secrets Manager adds at the
+	// end of the ARN when you created the secret. A partial ARN match can work
+	// as long as it uniquely matches only one secret. However, if your secret has
+	// a name that ends in a hyphen followed by six characters (before Secrets Manager
+	// adds the hyphen and six characters to the ARN) and you try to use that as
+	// a partial ARN, then those characters cause Secrets Manager to assume that
+	// you’re specifying a complete ARN. This confusion can cause unexpected results.
+	// To avoid this situation, we recommend that you don’t create secret names
+	// that end with a hyphen followed by six characters.
+	//
 	// SecretId is a required field
 	SecretId *string `min:"1" type:"string" required:"true"`
 
 	// Specifies the unique identifier of the version of the secret that you want
 	// to retrieve. If you specify this parameter then don't specify VersionStage.
-	// If you don't specify either a VersionStage or SecretVersionId then the default
+	// If you don't specify either a VersionStage or VersionId then the default
 	// is to perform the operation on the version with the VersionStage value of
 	// AWSCURRENT.
 	//
@@ -3461,10 +3574,9 @@ type GetSecretValueInput struct {
 	// attached to the version.
 	//
 	// Staging labels are used to keep track of different versions during the rotation
-	// process. If you use this parameter then don't specify SecretVersionId. If
+	// process. If you use this parameter then don't specify VersionId. If you don't
-	// you don't specify either a VersionStage or SecretVersionId, then the default
+	// specify either a VersionStage or VersionId, then the default is to perform
-	// is to perform the operation on the version with the VersionStage value of
+	// the operation on the version with the VersionStage value of AWSCURRENT.
-	// AWSCURRENT.
 	VersionStage *string `min:"1" type:"string"`
 }
 
@@ -3648,6 +3760,18 @@ type ListSecretVersionIdsInput struct {
 	// can specify either the Amazon Resource Name (ARN) or the friendly name of
 	// the secret.
 	//
+	// If you specify an ARN, we generally recommend that you specify a complete
+	// ARN. You can specify a partial ARN too—for example, if you don’t include
+	// the final hyphen and six random characters that Secrets Manager adds at the
+	// end of the ARN when you created the secret. A partial ARN match can work
+	// as long as it uniquely matches only one secret. However, if your secret has
+	// a name that ends in a hyphen followed by six characters (before Secrets Manager
+	// adds the hyphen and six characters to the ARN) and you try to use that as
+	// a partial ARN, then those characters cause Secrets Manager to assume that
+	// you’re specifying a complete ARN. This confusion can cause unexpected results.
+	// To avoid this situation, we recommend that you don’t create secret names
+	// that end with a hyphen followed by six characters.
+	//
 	// SecretId is a required field
 	SecretId *string `min:"1" type:"string" required:"true"`
 }
@@ -3884,6 +4008,18 @@ type PutResourcePolicyInput struct {
 	// Specifies the secret that you want to attach the resource-based policy to.
 	// You can specify either the ARN or the friendly name of the secret.
 	//
+	// If you specify an ARN, we generally recommend that you specify a complete
+	// ARN. You can specify a partial ARN too—for example, if you don’t include
+	// the final hyphen and six random characters that Secrets Manager adds at the
+	// end of the ARN when you created the secret. A partial ARN match can work
+	// as long as it uniquely matches only one secret. However, if your secret has
+	// a name that ends in a hyphen followed by six characters (before Secrets Manager
+	// adds the hyphen and six characters to the ARN) and you try to use that as
+	// a partial ARN, then those characters cause Secrets Manager to assume that
+	// you’re specifying a complete ARN. This confusion can cause unexpected results.
+	// To avoid this situation, we recommend that you don’t create secret names
+	// that end with a hyphen followed by six characters.
+	//
 	// SecretId is a required field
 	SecretId *string `min:"1" type:"string" required:"true"`
 }
@@ -3995,7 +4131,7 @@ type PutSecretValueInput struct {
 	//    request fails because you cannot modify an existing secret version. You
 	//    can only create new versions to store new secret values.
 	//
-	// This value becomes the SecretVersionId of the new version.
+	// This value becomes the VersionId of the new version.
 	ClientRequestToken *string `min:"32" type:"string" idempotencyToken:"true"`
 
 	// (Optional) Specifies binary data that you want to encrypt and store in the
@@ -4015,6 +4151,18 @@ type PutSecretValueInput struct {
 	// either the Amazon Resource Name (ARN) or the friendly name of the secret.
 	// The secret must already exist.
 	//
+	// If you specify an ARN, we generally recommend that you specify a complete
+	// ARN. You can specify a partial ARN too—for example, if you don’t include
+	// the final hyphen and six random characters that Secrets Manager adds at the
+	// end of the ARN when you created the secret. A partial ARN match can work
+	// as long as it uniquely matches only one secret. However, if your secret has
+	// a name that ends in a hyphen followed by six characters (before Secrets Manager
+	// adds the hyphen and six characters to the ARN) and you try to use that as
+	// a partial ARN, then those characters cause Secrets Manager to assume that
+	// you’re specifying a complete ARN. This confusion can cause unexpected results.
+	// To avoid this situation, we recommend that you don’t create secret names
+	// that end with a hyphen followed by six characters.
+	//
 	// SecretId is a required field
 	SecretId *string `min:"1" type:"string" required:"true"`
 
@@ -4178,6 +4326,18 @@ type RestoreSecretInput struct {
 	// deletion. You can specify either the Amazon Resource Name (ARN) or the friendly
 	// name of the secret.
 	//
+	// If you specify an ARN, we generally recommend that you specify a complete
+	// ARN. You can specify a partial ARN too—for example, if you don’t include
+	// the final hyphen and six random characters that Secrets Manager adds at the
+	// end of the ARN when you created the secret. A partial ARN match can work
+	// as long as it uniquely matches only one secret. However, if your secret has
+	// a name that ends in a hyphen followed by six characters (before Secrets Manager
+	// adds the hyphen and six characters to the ARN) and you try to use that as
+	// a partial ARN, then those characters cause Secrets Manager to assume that
+	// you’re specifying a complete ARN. This confusion can cause unexpected results.
+	// To avoid this situation, we recommend that you don’t create secret names
+	// that end with a hyphen followed by six characters.
+	//
 	// SecretId is a required field
 	SecretId *string `min:"1" type:"string" required:"true"`
 }
@@ -4266,19 +4426,7 @@ type RotateSecretInput struct {
 	//
 	// Secrets Manager uses this value to prevent the accidental creation of duplicate
 	// versions if there are failures and retries during the function's processing.
-	//
+	// This value becomes the VersionId of the new version.
-	//    * If the ClientRequestToken value isn't already associated with a version
-	//    of the secret then a new version of the secret is created.
-	//
-	//    * If a version with this value already exists and that version's SecretString
-	//    and SecretBinary values are the same as the request, then the request
-	//    is ignored (the operation is idempotent).
-	//
-	//    * If a version with this value already exists and that version's SecretString
-	//    and SecretBinary values are different from the request then an error occurs
-	//    because you cannot modify an existing secret value.
-	//
-	// This value becomes the SecretVersionId of the new version.
 	ClientRequestToken *string `min:"32" type:"string" idempotencyToken:"true"`
 
 	// (Optional) Specifies the ARN of the Lambda function that can rotate the secret.
@@ -4290,6 +4438,18 @@ type RotateSecretInput struct {
 	// Specifies the secret that you want to rotate. You can specify either the
 	// Amazon Resource Name (ARN) or the friendly name of the secret.
 	//
+	// If you specify an ARN, we generally recommend that you specify a complete
+	// ARN. You can specify a partial ARN too—for example, if you don’t include
+	// the final hyphen and six random characters that Secrets Manager adds at the
+	// end of the ARN when you created the secret. A partial ARN match can work
+	// as long as it uniquely matches only one secret. However, if your secret has
+	// a name that ends in a hyphen followed by six characters (before Secrets Manager
+	// adds the hyphen and six characters to the ARN) and you try to use that as
+	// a partial ARN, then those characters cause Secrets Manager to assume that
+	// you’re specifying a complete ARN. This confusion can cause unexpected results.
+	// To avoid this situation, we recommend that you don’t create secret names
+	// that end with a hyphen followed by six characters.
+	//
 	// SecretId is a required field
 	SecretId *string `min:"1" type:"string" required:"true"`
 }
@@ -4400,6 +4560,13 @@ type RotationRulesType struct {
 
 	// Specifies the number of days between automatic scheduled rotations of the
 	// secret.
+	//
+	// Secrets Manager schedules the next rotation when the previous one is complete.
+	// Secrets Manager schedules the date by adding the rotation interval (number
+	// of days) to the actual date of the last rotation. The service chooses the
+	// hour within that 24-hour date window randomly. The minute is also chosen
+	// somewhat randomly, but weighted towards the top of the hour and influenced
+	// by a variety of factors that help distribute load.
 	AutomaticallyAfterDays *int64 `min:"1" type:"long"`
 }
 
@@ -4694,6 +4861,18 @@ type TagResourceInput struct {
 	// The identifier for the secret that you want to attach tags to. You can specify
 	// either the Amazon Resource Name (ARN) or the friendly name of the secret.
 	//
+	// If you specify an ARN, we generally recommend that you specify a complete
+	// ARN. You can specify a partial ARN too—for example, if you don’t include
+	// the final hyphen and six random characters that Secrets Manager adds at the
+	// end of the ARN when you created the secret. A partial ARN match can work
+	// as long as it uniquely matches only one secret. However, if your secret has
+	// a name that ends in a hyphen followed by six characters (before Secrets Manager
+	// adds the hyphen and six characters to the ARN) and you try to use that as
+	// a partial ARN, then those characters cause Secrets Manager to assume that
+	// you’re specifying a complete ARN. This confusion can cause unexpected results.
+	// To avoid this situation, we recommend that you don’t create secret names
+	// that end with a hyphen followed by six characters.
+	//
 	// SecretId is a required field
 	SecretId *string `min:"1" type:"string" required:"true"`
 
@@ -4782,6 +4961,18 @@ type UntagResourceInput struct {
 	// specify either the Amazon Resource Name (ARN) or the friendly name of the
 	// secret.
 	//
+	// If you specify an ARN, we generally recommend that you specify a complete
+	// ARN. You can specify a partial ARN too—for example, if you don’t include
+	// the final hyphen and six random characters that Secrets Manager adds at the
+	// end of the ARN when you created the secret. A partial ARN match can work
+	// as long as it uniquely matches only one secret. However, if your secret has
+	// a name that ends in a hyphen followed by six characters (before Secrets Manager
+	// adds the hyphen and six characters to the ARN) and you try to use that as
+	// a partial ARN, then those characters cause Secrets Manager to assume that
+	// you’re specifying a complete ARN. This confusion can cause unexpected results.
+	// To avoid this situation, we recommend that you don’t create secret names
+	// that end with a hyphen followed by six characters.
+	//
 	// SecretId is a required field
 	SecretId *string `min:"1" type:"string" required:"true"`
 
@@ -4885,49 +5076,58 @@ type UpdateSecretInput struct {
 	//    and SecretBinary values are different from the request then an error occurs
 	//    because you cannot modify an existing secret value.
 	//
-	// This value becomes the SecretVersionId of the new version.
+	// This value becomes the VersionId of the new version.
 	ClientRequestToken *string `min:"32" type:"string" idempotencyToken:"true"`
 
-	// (Optional) Specifies a user-provided description of the secret.
+	// (Optional) Specifies an updated user-provided description of the secret.
 	Description *string `type:"string"`
 
-	// (Optional) Specifies the ARN or alias of the AWS KMS customer master key
+	// (Optional) Specifies an updated ARN or alias of the AWS KMS customer master
-	// (CMK) to be used to encrypt the protected text in the versions of this secret.
+	// key (CMK) to be used to encrypt the protected text in new versions of this
-	//
+	// secret.
-	// If you don't specify this value, then Secrets Manager defaults to using the
-	// default CMK in the account (the one named aws/secretsmanager). If a AWS KMS
-	// CMK with that name doesn't exist, then Secrets Manager creates it for you
-	// automatically the first time it needs to encrypt a version's Plaintext or
-	// PlaintextString fields.
 	//
 	// You can only use the account's default CMK to encrypt and decrypt if you
 	// call this operation using credentials from the same account that owns the
 	// secret. If the secret is in a different account, then you must create a custom
-	// CMK and provide the ARN in this field.
+	// CMK and provide the ARN of that CMK in this field. The user making the call
+	// must have permissions to both the secret and the CMK in their respective
+	// accounts.
 	KmsKeyId *string `type:"string"`
 
-	// (Optional) Specifies binary data that you want to encrypt and store in the
+	// (Optional) Specifies updated binary data that you want to encrypt and store
-	// new version of the secret. To use this parameter in the command-line tools,
+	// in the new version of the secret. To use this parameter in the command-line
-	// we recommend that you store your binary data in a file and then use the appropriate
+	// tools, we recommend that you store your binary data in a file and then use
-	// technique for your tool to pass the contents of the file as a parameter.
+	// the appropriate technique for your tool to pass the contents of the file
-	// Either SecretBinary or SecretString must have a value, but not both. They
+	// as a parameter. Either SecretBinary or SecretString must have a value, but
-	// cannot both be empty.
+	// not both. They cannot both be empty.
 	//
 	// This parameter is not accessible using the Secrets Manager console.
 	//
 	// SecretBinary is automatically base64 encoded/decoded by the SDK.
 	SecretBinary []byte `type:"blob"`
 
-	// Specifies the secret that you want to update or to which you want to add
+	// Specifies the secret that you want to modify or to which you want to add
 	// a new version. You can specify either the Amazon Resource Name (ARN) or the
 	// friendly name of the secret.
 	//
+	// If you specify an ARN, we generally recommend that you specify a complete
+	// ARN. You can specify a partial ARN too—for example, if you don’t include
+	// the final hyphen and six random characters that Secrets Manager adds at the
+	// end of the ARN when you created the secret. A partial ARN match can work
+	// as long as it uniquely matches only one secret. However, if your secret has
+	// a name that ends in a hyphen followed by six characters (before Secrets Manager
+	// adds the hyphen and six characters to the ARN) and you try to use that as
+	// a partial ARN, then those characters cause Secrets Manager to assume that
+	// you’re specifying a complete ARN. This confusion can cause unexpected results.
+	// To avoid this situation, we recommend that you don’t create secret names
+	// that end with a hyphen followed by six characters.
+	//
 	// SecretId is a required field
 	SecretId *string `min:"1" type:"string" required:"true"`
 
-	// (Optional) Specifies text data that you want to encrypt and store in this
+	// (Optional) Specifies updated text data that you want to encrypt and store
-	// new version of the secret. Either SecretBinary or SecretString must have
+	// in this new version of the secret. Either SecretBinary or SecretString must
-	// a value, but not both. They cannot both be empty.
+	// have a value, but not both. They cannot both be empty.
 	//
 	// If you create this secret by using the Secrets Manager console then Secrets
 	// Manager puts the protected secret text in only the SecretString parameter.
@@ -4944,7 +5144,12 @@ type UpdateSecretInput struct {
 	//
 	// If your command-line tool or SDK requires quotation marks around the parameter,
 	// you should use single quotes to avoid confusion with the double quotes required
-	// in the JSON text.
+	// in the JSON text. You can also 'escape' the double quote character in the
+	// embedded JSON text by prefacing each with a backslash. For example, the following
+	// string is surrounded by double-quotes. All of the embedded double quotes
+	// are escaped:
+	//
+	// "[{\"username\":\"bob\"},{\"password\":\"abc123xyz456\"}]"
 	SecretString *string `type:"string"`
 }
 
@@ -5016,7 +5221,7 @@ func (s *UpdateSecretInput) SetSecretString(v string) *UpdateSecretInput {
 type UpdateSecretOutput struct {
 	_ struct{} `type:"structure"`
 
-	// The ARN of this secret.
+	// The ARN of the secret that was updated.
 	//
 	// Secrets Manager automatically adds several random characters to the name
 	// at the end of the ARN when you initially create a secret. This affects only
@@ -5026,11 +5231,11 @@ type UpdateSecretOutput struct {
 	// the new secret because the ARNs are different.
 	ARN *string `min:"20" type:"string"`
 
-	// The friendly name of this secret.
+	// The friendly name of the secret that was updated.
 	Name *string `min:"1" type:"string"`
 
-	// If a version of the secret was created or updated by this operation, then
+	// If a new version of the secret was created by this operation, then VersionId
-	// its unique identifier is returned.
+	// contains the unique identifier of the new version.
 	VersionId *string `min:"32" type:"string"`
 }
 
@@ -5066,29 +5271,37 @@ type UpdateSecretVersionStageInput struct {
 	_ struct{} `type:"structure"`
 
 	// (Optional) The secret version ID that you want to add the staging labels
-	// to.
+	// to. If you want to remove a label from a version, then do not specify this
+	// parameter.
 	//
 	// If any of the staging labels are already attached to a different version
-	// of the secret, then they are removed from that version before adding them
+	// of the secret, then you must also specify the RemoveFromVersionId parameter.
-	// to this version.
 	MoveToVersionId *string `min:"32" type:"string"`
 
-	// (Optional) Specifies the secret version ID of the version that the staging
+	// Specifies the secret version ID of the version that the staging labels are
-	// labels are to be removed from.
+	// to be removed from. If the staging label you are trying to attach to one
-	//
+	// version is already attached to a different version, then you must include
-	// If you want to move a label to a new version, you do not have to explicitly
+	// this parameter and specify the version that the label is to be removed from.
-	// remove it with this parameter. Adding a label using the MoveToVersionId parameter
+	// If the label is attached and you either do not specify this parameter, or
-	// automatically removes it from the old version. However, if you do include
+	// the version ID does not match, then the operation fails.
-	// both the "MoveTo" and "RemoveFrom" parameters, then the move is successful
-	// only if the staging labels are actually present on the "RemoveFrom" version.
-	// If a staging label was on a different version than "RemoveFrom", then the
-	// request fails.
 	RemoveFromVersionId *string `min:"32" type:"string"`
 
 	// Specifies the secret with the version whose list of staging labels you want
 	// to modify. You can specify either the Amazon Resource Name (ARN) or the friendly
 	// name of the secret.
 	//
+	// If you specify an ARN, we generally recommend that you specify a complete
+	// ARN. You can specify a partial ARN too—for example, if you don’t include
+	// the final hyphen and six random characters that Secrets Manager adds at the
+	// end of the ARN when you created the secret. A partial ARN match can work
+	// as long as it uniquely matches only one secret. However, if your secret has
+	// a name that ends in a hyphen followed by six characters (before Secrets Manager
+	// adds the hyphen and six characters to the ARN) and you try to use that as
+	// a partial ARN, then those characters cause Secrets Manager to assume that
+	// you’re specifying a complete ARN. This confusion can cause unexpected results.
+	// To avoid this situation, we recommend that you don’t create secret names
+	// that end with a hyphen followed by six characters.
+	//
 	// SecretId is a required field
 	SecretId *string `min:"1" type:"string" required:"true"`