AWS SDK go model files v1.30.3 (#262)

- Sync models with aws-sdk-go v1.30.3
- Added "Do you want to continue" question in upload-models.sh if there are local changes
- Delayed macOS tests by 45 seconds
- Added AWS_ENABLE_LOGGING environment variable to control logging in tests

.github/workflows/ci.yml

@@ -26,7 +26,7 @@ jobs:
       run: |
         PATH=/Users/runner/Library/Python/3.7/bin:$PATH
         localstack start --host &
-        sleep 30
+        sleep 45
         swift test
 
   linux:

Sources/AWSSDKSwift/Services/ACM/ACM_API.swift

@@ -66,7 +66,7 @@ public struct ACM {
         return client.send(operation: "ExportCertificate", path: "/", httpMethod: "POST", input: input)
     }
 
-    ///  Retrieves a certificate specified by an ARN and its certificate chain . The chain is an ordered list of certificates that contains the end entity certificate, intermediate certificates of subordinate CAs, and the root certificate in that order. The certificate and certificate chain are base64 encoded. If you want to decode the certificate to see the individual fields, you can use OpenSSL.
+    ///  Retrieves an Amazon-issued certificate and its certificate chain. The chain consists of the certificate of the issuing CA and the intermediate certificates of any other subordinate CAs. All of the certificates are base64 encoded. You can use OpenSSL to decode the certificates and inspect individual fields.
     public func getCertificate(_ input: GetCertificateRequest) -> EventLoopFuture<GetCertificateResponse> {
         return client.send(operation: "GetCertificate", path: "/", httpMethod: "POST", input: input)
     }

Sources/AWSSDKSwift/Services/ACM/ACM_Shapes.swift

@@ -372,7 +372,7 @@ extension ACM {
 
         /// A fully qualified domain name (FQDN) in the certificate. For example, www.example.com or example.com. 
         public let domainName: String
-        /// Contains the CNAME record that you add to your DNS database for domain validation. For more information, see Use DNS to Validate Domain Ownership.
+        /// Contains the CNAME record that you add to your DNS database for domain validation. For more information, see Use DNS to Validate Domain Ownership. Note: The CNAME information that you need does not include the name of your domain. If you include
 your domain name in the DNS database CNAME record, validation fails.
 For example, if the name is "_a79865eb4cd1a6ab990a45779b4e0b96.yourdomain.com", only "_a79865eb4cd1a6ab990a45779b4e0b96" must be used.
         public let resourceRecord: ResourceRecord?
         /// The domain name that ACM used to send domain validation emails.
         public let validationDomain: String?
@@ -539,9 +539,9 @@ extension ACM {
 
     public struct GetCertificateResponse: AWSShape {
 
-        /// String that contains the ACM certificate represented by the ARN specified at input.
+        /// The ACM-issued certificate corresponding to the ARN specified as input.
         public let certificate: String?
-        /// The certificate chain that contains the root certificate issued by the certificate authority (CA).
+        /// Certificates forming the requested certificate's chain of trust. The chain consists of the certificate of the issuing CA and the intermediate certificates of any other subordinate CAs. 
         public let certificateChain: String?
 
         public init(certificate: String? = nil, certificateChain: String? = nil) {
@@ -584,7 +584,7 @@ extension ACM {
             try validate(self.certificateArn, name:"certificateArn", parent: name, pattern: "arn:[\\w+=/,.@-]+:[\\w+=/,.@-]+:[\\w+=/,.@-]*:[0-9]+:[\\w+=,.@-]+(/[\\w+=,.@-]+)*")
             try validate(self.certificateChain, name:"certificateChain", parent: name, max: 2097152)
             try validate(self.certificateChain, name:"certificateChain", parent: name, min: 1)
-            try validate(self.privateKey, name:"privateKey", parent: name, max: 524288)
+            try validate(self.privateKey, name:"privateKey", parent: name, max: 5120)
             try validate(self.privateKey, name:"privateKey", parent: name, min: 1)
             try self.tags?.forEach {
                 try $0.validate(name: "\(name).tags[]")
@@ -651,7 +651,7 @@ extension ACM {
         public func validate(name: String) throws {
             try validate(self.maxItems, name:"maxItems", parent: name, max: 1000)
             try validate(self.maxItems, name:"maxItems", parent: name, min: 1)
-            try validate(self.nextToken, name:"nextToken", parent: name, max: 320)
+            try validate(self.nextToken, name:"nextToken", parent: name, max: 10000)
             try validate(self.nextToken, name:"nextToken", parent: name, min: 1)
             try validate(self.nextToken, name:"nextToken", parent: name, pattern: "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]*")
         }
@@ -803,7 +803,7 @@ extension ACM {
         public let idempotencyToken: String?
         /// Currently, you can use this parameter to specify whether to add the certificate to a certificate transparency log. Certificate transparency makes it possible to detect SSL/TLS certificates that have been mistakenly or maliciously issued. Certificates that have not been logged typically produce an error message in a browser. For more information, see Opting Out of Certificate Transparency Logging.
         public let options: CertificateOptions?
-        /// Additional FQDNs to be included in the Subject Alternative Name extension of the ACM certificate. For example, add the name www.example.net to a certificate for which the DomainName field is www.example.com if users can reach your site by using either name. The maximum number of domain names that you can add to an ACM certificate is 100. However, the initial limit is 10 domain names. If you need more than 10 names, you must request a limit increase. For more information, see Limits.  The maximum length of a SAN DNS name is 253 octets. The name is made up of multiple labels separated by periods. No label can be longer than 63 octets. Consider the following examples:     (63 octets).(63 octets).(63 octets).(61 octets) is legal because the total length is 253 octets (63+1+63+1+63+1+61) and no label exceeds 63 octets.    (64 octets).(63 octets).(63 octets).(61 octets) is not legal because the total length exceeds 253 octets (64+1+63+1+63+1+61) and the first label exceeds 63 octets.    (63 octets).(63 octets).(63 octets).(62 octets) is not legal because the total length of the DNS name (63+1+63+1+63+1+62) exceeds 253 octets.  
+        /// Additional FQDNs to be included in the Subject Alternative Name extension of the ACM certificate. For example, add the name www.example.net to a certificate for which the DomainName field is www.example.com if users can reach your site by using either name. The maximum number of domain names that you can add to an ACM certificate is 100. However, the initial quota is 10 domain names. If you need more than 10 names, you must request a quota increase. For more information, see Quotas.  The maximum length of a SAN DNS name is 253 octets. The name is made up of multiple labels separated by periods. No label can be longer than 63 octets. Consider the following examples:     (63 octets).(63 octets).(63 octets).(61 octets) is legal because the total length is 253 octets (63+1+63+1+63+1+61) and no label exceeds 63 octets.    (64 octets).(63 octets).(63 octets).(61 octets) is not legal because the total length exceeds 253 octets (64+1+63+1+63+1+61) and the first label exceeds 63 octets.    (63 octets).(63 octets).(63 octets).(62 octets) is not legal because the total length of the DNS name (63+1+63+1+63+1+62) exceeds 253 octets.  
         public let subjectAlternativeNames: [String]?
         /// One or more resource tags to associate with the certificate.
         public let tags: [Tag]?

Sources/AWSSDKSwift/Services/AccessAnalyzer/AccessAnalyzer_Shapes.swift

@@ -6,6 +6,14 @@ import AWSSDKSwiftCore
 extension AccessAnalyzer {
     //MARK: Enums
 
+    public enum AnalyzerStatus: String, CustomStringConvertible, Codable {
+        case active = "ACTIVE"
+        case creating = "CREATING"
+        case disabled = "DISABLED"
+        case failed = "FAILED"
+        public var description: String { return self.rawValue }
+    }
+
     public enum FindingStatus: String, CustomStringConvertible, Codable {
         case active = "ACTIVE"
         case archived = "ARCHIVED"
@@ -25,6 +33,14 @@ extension AccessAnalyzer {
         public var description: String { return self.rawValue }
     }
 
+    public enum ReasonCode: String, CustomStringConvertible, Codable {
+        case awsServiceAccessDisabled = "AWS_SERVICE_ACCESS_DISABLED"
+        case delegatedAdministratorDeregistered = "DELEGATED_ADMINISTRATOR_DEREGISTERED"
+        case organizationDeleted = "ORGANIZATION_DELETED"
+        case serviceLinkedRoleCreationFailed = "SERVICE_LINKED_ROLE_CREATION_FAILED"
+        public var description: String { return self.rawValue }
+    }
+
     public enum ResourceType: String, CustomStringConvertible, Codable {
         case awsIamRole = "AWS::IAM::Role"
         case awsKmsKey = "AWS::KMS::Key"
@@ -37,6 +53,7 @@ extension AccessAnalyzer {
 
     public enum `Type`: String, CustomStringConvertible, Codable {
         case account = "ACCOUNT"
+        case organization = "ORGANIZATION"
         public var description: String { return self.rawValue }
     }
 
@@ -56,6 +73,8 @@ extension AccessAnalyzer {
         public let isPublic: Bool
         /// The ARN of the resource that was analyzed.
         public let resourceArn: String
+        /// The AWS account ID that owns the resource.
+        public let resourceOwnerAccount: String
         /// The type of the resource that was analyzed.
         public let resourceType: ResourceType
         /// Indicates how the access that generated the finding is granted.
@@ -65,13 +84,14 @@ extension AccessAnalyzer {
         /// The time at which the finding was updated.
         public let updatedAt: TimeStamp
 
-        public init(actions: [String]? = nil, analyzedAt: TimeStamp, createdAt: TimeStamp, error: String? = nil, isPublic: Bool, resourceArn: String, resourceType: ResourceType, sharedVia: [String]? = nil, status: FindingStatus? = nil, updatedAt: TimeStamp) {
+        public init(actions: [String]? = nil, analyzedAt: TimeStamp, createdAt: TimeStamp, error: String? = nil, isPublic: Bool, resourceArn: String, resourceOwnerAccount: String, resourceType: ResourceType, sharedVia: [String]? = nil, status: FindingStatus? = nil, updatedAt: TimeStamp) {
             self.actions = actions
             self.analyzedAt = analyzedAt
             self.createdAt = createdAt
             self.error = error
             self.isPublic = isPublic
             self.resourceArn = resourceArn
+            self.resourceOwnerAccount = resourceOwnerAccount
             self.resourceType = resourceType
             self.sharedVia = sharedVia
             self.status = status
@@ -85,6 +105,7 @@ extension AccessAnalyzer {
             case error = "error"
             case isPublic = "isPublic"
             case resourceArn = "resourceArn"
+            case resourceOwnerAccount = "resourceOwnerAccount"
             case resourceType = "resourceType"
             case sharedVia = "sharedVia"
             case status = "status"
@@ -96,16 +117,20 @@ extension AccessAnalyzer {
 
         /// The ARN of the analyzed resource.
         public let resourceArn: String
+        /// The AWS account ID that owns the resource.
+        public let resourceOwnerAccount: String
         /// The type of resource that was analyzed.
         public let resourceType: ResourceType
 
-        public init(resourceArn: String, resourceType: ResourceType) {
+        public init(resourceArn: String, resourceOwnerAccount: String, resourceType: ResourceType) {
             self.resourceArn = resourceArn
+            self.resourceOwnerAccount = resourceOwnerAccount
             self.resourceType = resourceType
         }
 
         private enum CodingKeys: String, CodingKey {
             case resourceArn = "resourceArn"
+            case resourceOwnerAccount = "resourceOwnerAccount"
             case resourceType = "resourceType"
         }
     }
@@ -122,17 +147,23 @@ extension AccessAnalyzer {
         public let lastResourceAnalyzedAt: TimeStamp?
         /// The name of the analyzer.
         public let name: String
+        /// The status of the analyzer. An Active analyzer successfully monitors supported resources and generates new findings. The analyzer is Disabled when a user action, such as removing trusted access for IAM Access Analyzer from AWS Organizations, causes the analyzer to stop generating new findings. The status is Creating when the analyzer creation is in progress and Failed when the analyzer creation has failed. 
+        public let status: AnalyzerStatus
+        /// The statusReason provides more details about the current status of the analyzer. For example, if the creation for the analyzer fails, a Failed status is displayed. For an analyzer with organization as the type, this failure can be due to an issue with creating the service-linked roles required in the member accounts of the AWS organization.
+        public let statusReason: StatusReason?
         /// The tags added to the analyzer.
         public let tags: [String: String]?
         /// The type of analyzer, which corresponds to the zone of trust chosen for the analyzer.
         public let `type`: `Type`
 
-        public init(arn: String, createdAt: TimeStamp, lastResourceAnalyzed: String? = nil, lastResourceAnalyzedAt: TimeStamp? = nil, name: String, tags: [String: String]? = nil, type: `Type`) {
+        public init(arn: String, createdAt: TimeStamp, lastResourceAnalyzed: String? = nil, lastResourceAnalyzedAt: TimeStamp? = nil, name: String, status: AnalyzerStatus, statusReason: StatusReason? = nil, tags: [String: String]? = nil, type: `Type`) {
             self.arn = arn
             self.createdAt = createdAt
             self.lastResourceAnalyzed = lastResourceAnalyzed
             self.lastResourceAnalyzedAt = lastResourceAnalyzedAt
             self.name = name
+            self.status = status
+            self.statusReason = statusReason
             self.tags = tags
             self.`type` = `type`
         }
@@ -143,6 +174,8 @@ extension AccessAnalyzer {
             case lastResourceAnalyzed = "lastResourceAnalyzed"
             case lastResourceAnalyzedAt = "lastResourceAnalyzedAt"
             case name = "name"
+            case status = "status"
+            case statusReason = "statusReason"
             case tags = "tags"
             case `type` = "type"
         }
@@ -387,14 +420,16 @@ extension AccessAnalyzer {
         public let principal: [String: String]?
         /// The resource that an external principal has access to.
         public let resource: String?
+        /// The AWS account ID that owns the resource.
+        public let resourceOwnerAccount: String
         /// The type of the resource reported in the finding.
         public let resourceType: ResourceType
         /// The current status of the finding.
         public let status: FindingStatus
         /// The time at which the finding was updated.
         public let updatedAt: TimeStamp
 
-        public init(action: [String]? = nil, analyzedAt: TimeStamp, condition: [String: String], createdAt: TimeStamp, error: String? = nil, id: String, isPublic: Bool? = nil, principal: [String: String]? = nil, resource: String? = nil, resourceType: ResourceType, status: FindingStatus, updatedAt: TimeStamp) {
+        public init(action: [String]? = nil, analyzedAt: TimeStamp, condition: [String: String], createdAt: TimeStamp, error: String? = nil, id: String, isPublic: Bool? = nil, principal: [String: String]? = nil, resource: String? = nil, resourceOwnerAccount: String, resourceType: ResourceType, status: FindingStatus, updatedAt: TimeStamp) {
             self.action = action
             self.analyzedAt = analyzedAt
             self.condition = condition
@@ -404,6 +439,7 @@ extension AccessAnalyzer {
             self.isPublic = isPublic
             self.principal = principal
             self.resource = resource
+            self.resourceOwnerAccount = resourceOwnerAccount
             self.resourceType = resourceType
             self.status = status
             self.updatedAt = updatedAt
@@ -419,6 +455,7 @@ extension AccessAnalyzer {
             case isPublic = "isPublic"
             case principal = "principal"
             case resource = "resource"
+            case resourceOwnerAccount = "resourceOwnerAccount"
             case resourceType = "resourceType"
             case status = "status"
             case updatedAt = "updatedAt"
@@ -445,14 +482,16 @@ extension AccessAnalyzer {
         public let principal: [String: String]?
         /// The resource that the external principal has access to.
         public let resource: String?
+        /// The AWS account ID that owns the resource.
+        public let resourceOwnerAccount: String
         /// The type of the resource that the external principal has access to.
         public let resourceType: ResourceType
         /// The status of the finding.
         public let status: FindingStatus
         /// The time at which the finding was most recently updated.
         public let updatedAt: TimeStamp
 
-        public init(action: [String]? = nil, analyzedAt: TimeStamp, condition: [String: String], createdAt: TimeStamp, error: String? = nil, id: String, isPublic: Bool? = nil, principal: [String: String]? = nil, resource: String? = nil, resourceType: ResourceType, status: FindingStatus, updatedAt: TimeStamp) {
+        public init(action: [String]? = nil, analyzedAt: TimeStamp, condition: [String: String], createdAt: TimeStamp, error: String? = nil, id: String, isPublic: Bool? = nil, principal: [String: String]? = nil, resource: String? = nil, resourceOwnerAccount: String, resourceType: ResourceType, status: FindingStatus, updatedAt: TimeStamp) {
             self.action = action
             self.analyzedAt = analyzedAt
             self.condition = condition
@@ -462,6 +501,7 @@ extension AccessAnalyzer {
             self.isPublic = isPublic
             self.principal = principal
             self.resource = resource
+            self.resourceOwnerAccount = resourceOwnerAccount
             self.resourceType = resourceType
             self.status = status
             self.updatedAt = updatedAt
@@ -477,6 +517,7 @@ extension AccessAnalyzer {
             case isPublic = "isPublic"
             case principal = "principal"
             case resource = "resource"
+            case resourceOwnerAccount = "resourceOwnerAccount"
             case resourceType = "resourceType"
             case status = "status"
             case updatedAt = "updatedAt"
@@ -943,6 +984,20 @@ extension AccessAnalyzer {
         }
     }
 
+    public struct StatusReason: AWSShape {
+
+        /// The reason code for the current status of the analyzer.
+        public let code: ReasonCode
+
+        public init(code: ReasonCode) {
+            self.code = code
+        }
+
+        private enum CodingKeys: String, CodingKey {
+            case code = "code"
+        }
+    }
+
     public struct TagResourceRequest: AWSShape {
         public static var _encoding = [
             AWSMemberEncoding(label: "resourceArn", location: .uri(locationName: "resourceArn"))