From e3e7a7438491344adc8f9f8b6ffd00769e81abb6 Mon Sep 17 00:00:00 2001
From: aws-sdk-cpp-automation <github-aws-sdk-cpp-automation@amazon.com>
Date: Thu, 1 Feb 2024 19:12:50 +0000
Subject: [PATCH] This release introduces a new resource Playback Restriction
 Policy which can be used to geo-restrict or domain-restrict channel stream
 playback when associated with a channel.  New APIs to support this resource
 were introduced in the form of Create/Delete/Get/Update/List. This release
 adds support for transactions that have not reached finality. It also removes
 support for the status property from the response of the GetTransaction
 operation. You can use the confirmationStatus and executionStatus properties
 to determine the status of the transaction. This release includes support for
 broadcast-mixed audio description tracks. Adding new APIs in SDK for Amazon
 Neptune Analytics. These APIs include operations to execute, cancel, list
 queries and get the graph summary. Added CreateIdentityProvider and
 UpdateIdentityProvider details for new SAML IdP features

---
 VERSION                                       |    2 +-
 .../CognitoIdentityProviderClient.h           |  303 ++--
 .../model/CreateIdentityProviderRequest.h     | 1313 ++++++++++++----
 .../model/CreateUserPoolClientRequest.h       |  128 +-
 .../model/CreateUserPoolDomainResult.h        |   35 +-
 .../cognito-idp/model/IdentityProviderType.h  | 1326 +++++++++++++----
 .../aws/cognito-idp/model/LambdaConfigType.h  |   84 +-
 .../model/UpdateIdentityProviderRequest.h     | 1079 +++++++++++++-
 .../source/model/LambdaConfigType.cpp         |   24 +-
 .../include/aws/ivs/IVSClient.h               |  203 ++-
 .../include/aws/ivs/IVSServiceClientModel.h   |   24 +
 .../include/aws/ivs/model/Channel.h           |  100 +-
 .../include/aws/ivs/model/ChannelSummary.h    |  100 +-
 .../aws/ivs/model/CreateChannelRequest.h      |   92 +-
 .../CreatePlaybackRestrictionPolicyRequest.h  |  399 +++++
 .../CreatePlaybackRestrictionPolicyResult.h   |   92 ++
 .../DeletePlaybackRestrictionPolicyRequest.h  |   83 ++
 .../GetPlaybackRestrictionPolicyRequest.h     |   83 ++
 .../GetPlaybackRestrictionPolicyResult.h      |   92 ++
 .../aws/ivs/model/ListChannelsRequest.h       |   44 +
 .../ListPlaybackRestrictionPoliciesRequest.h  |  115 ++
 .../ListPlaybackRestrictionPoliciesResult.h   |  148 ++
 .../aws/ivs/model/PlaybackRestrictionPolicy.h |  449 ++++++
 .../model/PlaybackRestrictionPolicySummary.h  |  449 ++++++
 .../aws/ivs/model/UntagResourceRequest.h      |   18 +-
 .../aws/ivs/model/UpdateChannelRequest.h      |  108 +-
 .../aws/ivs/model/UpdateChannelResult.h       |   20 +-
 .../UpdatePlaybackRestrictionPolicyRequest.h  |  308 ++++
 .../UpdatePlaybackRestrictionPolicyResult.h   |   92 ++
 .../src/aws-cpp-sdk-ivs/source/IVSClient.cpp  |  140 ++
 .../aws-cpp-sdk-ivs/source/model/Channel.cpp  |   15 +
 .../source/model/ChannelSummary.cpp           |   15 +
 .../source/model/CreateChannelRequest.cpp     |    7 +
 ...CreatePlaybackRestrictionPolicyRequest.cpp |   79 +
 .../CreatePlaybackRestrictionPolicyResult.cpp |   48 +
 ...DeletePlaybackRestrictionPolicyRequest.cpp |   35 +
 .../GetPlaybackRestrictionPolicyRequest.cpp   |   35 +
 .../GetPlaybackRestrictionPolicyResult.cpp    |   48 +
 .../source/model/ListChannelsRequest.cpp      |    7 +
 ...istPlaybackRestrictionPoliciesRequest.cpp} |   15 +-
 .../ListPlaybackRestrictionPoliciesResult.cpp |   57 +
 .../model/PlaybackRestrictionPolicy.cpp       |  160 ++
 .../PlaybackRestrictionPolicySummary.cpp      |  160 ++
 .../source/model/UpdateChannelRequest.cpp     |    7 +
 ...UpdatePlaybackRestrictionPolicyRequest.cpp |   74 +
 .../UpdatePlaybackRestrictionPolicyResult.cpp |   48 +
 .../ManagedBlockchainQueryClient.h            |   18 +-
 .../model/ConfirmationStatus.h                |    3 +-
 .../model/ConfirmationStatusFilter.h          |  116 ++
 .../model/ListAssetContractsRequest.h         |   28 +-
 .../model/ListTokenBalancesRequest.h          |   24 +
 .../model/ListTransactionEventsRequest.h      |   52 +-
 .../model/ListTransactionsRequest.h           |  137 +-
 .../model/TokenIdentifier.h                   |   52 +-
 .../model/TransactionOutputItem.h             |   35 +
 .../source/model/ConfirmationStatus.cpp       |    7 +
 .../source/model/ConfirmationStatusFilter.cpp |   67 +
 .../source/model/ListTransactionsRequest.cpp  |    9 +-
 .../source/model/TransactionOutputItem.cpp    |   20 +-
 .../aws/mediaconvert/MediaConvertClient.h     |   26 -
 .../MediaConvertServiceClientModel.h          |    5 -
 .../aws/mediaconvert/model/AacSettings.h      |  144 +-
 .../model/DescribeEndpointsRequest.h          |  175 ---
 .../model/DescribeEndpointsResult.h           |  141 --
 .../aws/mediaconvert/model/RemixSettings.h    |   88 ++
 .../source/MediaConvertClient.cpp             |   28 -
 .../source/model/RemixSettings.cpp            |   34 +
 .../aws/neptune-graph/NeptuneGraphClient.h    |  141 +-
 .../aws/neptune-graph/NeptuneGraphErrors.h    |    3 +-
 .../NeptuneGraphServiceClientModel.h          |   25 +
 .../model/CancelImportTaskResult.h            |   14 +-
 .../neptune-graph/model/CancelQueryRequest.h  |  133 ++
 .../neptune-graph/model/CreateGraphRequest.h  |    8 +-
 .../model/CreateGraphUsingImportTaskRequest.h |    8 +-
 .../aws/neptune-graph/model/EdgeStructure.h   |  119 ++
 .../neptune-graph/model/ExecuteQueryRequest.h |  304 ++++
 .../neptune-graph/model/ExecuteQueryResult.h  |   81 +
 .../aws/neptune-graph/model/ExplainMode.h     |   31 +
 .../model/GetGraphSummaryRequest.h            |  136 ++
 .../model/GetGraphSummaryResult.h             |  164 ++
 .../aws/neptune-graph/model/GetQueryRequest.h |  133 ++
 .../aws/neptune-graph/model/GetQueryResult.h  |  204 +++
 .../neptune-graph/model/GraphDataSummary.h    |  546 +++++++
 .../neptune-graph/model/GraphSummaryMode.h    |   31 +
 .../neptune-graph/model/ListQueriesRequest.h  |  154 ++
 .../neptune-graph/model/ListQueriesResult.h   |  103 ++
 .../model/NeptuneImportOptions.h              |    8 +-
 .../aws/neptune-graph/model/NodeStructure.h   |  167 +++
 .../aws/neptune-graph/model/PlanCacheType.h   |   32 +
 .../aws/neptune-graph/model/QueryLanguage.h   |   30 +
 .../aws/neptune-graph/model/QueryState.h      |   32 +
 .../aws/neptune-graph/model/QueryStateInput.h |   33 +
 .../aws/neptune-graph/model/QuerySummary.h    |  227 +++
 .../model/UnprocessableException.h            |  108 ++
 .../model/UnprocessableExceptionReason.h      |   34 +
 .../neptune-graph/model/ValidationException.h |    2 +-
 .../source/NeptuneGraphClient.cpp             |  192 +++
 .../source/NeptuneGraphErrors.cpp             |   12 +
 .../source/model/CancelQueryRequest.cpp       |   52 +
 .../source/model/EdgeStructure.cpp            |   84 ++
 .../source/model/ExecuteQueryRequest.cpp      |   89 ++
 .../source/model/ExecuteQueryResult.cpp       |   59 +
 .../source/model/ExplainMode.cpp              |   72 +
 .../source/model/GetGraphSummaryRequest.cpp   |   66 +
 .../source/model/GetGraphSummaryResult.cpp    |   60 +
 .../source/model/GetQueryRequest.cpp          |   52 +
 .../source/model/GetQueryResult.cpp           |   78 +
 .../source/model/GraphDataSummary.cpp         |  340 +++++
 .../source/model/GraphSummaryMode.cpp         |   72 +
 .../source/model/ListQueriesRequest.cpp       |   75 +
 .../source/model/ListQueriesResult.cpp}       |   24 +-
 .../source/model/NodeStructure.cpp            |  107 ++
 .../source/model/PlanCacheType.cpp            |   79 +
 .../source/model/QueryLanguage.cpp            |   65 +
 .../source/model/QueryState.cpp               |   79 +
 .../source/model/QueryStateInput.cpp          |   86 ++
 .../source/model/QuerySummary.cpp             |  124 ++
 .../source/model/UnprocessableException.cpp   |   75 +
 .../model/UnprocessableExceptionReason.cpp    |   93 ++
 .../include/aws/core/VersionConfig.h          |    4 +-
 .../cognito-idp-2016-04-18.normal.json        |   72 +-
 .../ivs-2020-07-14.normal.json                |  369 ++++-
 ...gedblockchain-query-2023-05-04.normal.json |   64 +-
 .../mediaconvert-2017-08-29.normal.json       |   63 +-
 .../neptune-graph-2023-11-29.normal.json      |  585 +++++++-
 125 files changed, 14010 insertions(+), 1665 deletions(-)
 create mode 100644 generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/CreatePlaybackRestrictionPolicyRequest.h
 create mode 100644 generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/CreatePlaybackRestrictionPolicyResult.h
 create mode 100644 generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/DeletePlaybackRestrictionPolicyRequest.h
 create mode 100644 generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/GetPlaybackRestrictionPolicyRequest.h
 create mode 100644 generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/GetPlaybackRestrictionPolicyResult.h
 create mode 100644 generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/ListPlaybackRestrictionPoliciesRequest.h
 create mode 100644 generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/ListPlaybackRestrictionPoliciesResult.h
 create mode 100644 generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/PlaybackRestrictionPolicy.h
 create mode 100644 generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/PlaybackRestrictionPolicySummary.h
 create mode 100644 generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/UpdatePlaybackRestrictionPolicyRequest.h
 create mode 100644 generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/UpdatePlaybackRestrictionPolicyResult.h
 create mode 100644 generated/src/aws-cpp-sdk-ivs/source/model/CreatePlaybackRestrictionPolicyRequest.cpp
 create mode 100644 generated/src/aws-cpp-sdk-ivs/source/model/CreatePlaybackRestrictionPolicyResult.cpp
 create mode 100644 generated/src/aws-cpp-sdk-ivs/source/model/DeletePlaybackRestrictionPolicyRequest.cpp
 create mode 100644 generated/src/aws-cpp-sdk-ivs/source/model/GetPlaybackRestrictionPolicyRequest.cpp
 create mode 100644 generated/src/aws-cpp-sdk-ivs/source/model/GetPlaybackRestrictionPolicyResult.cpp
 rename generated/src/{aws-cpp-sdk-mediaconvert/source/model/DescribeEndpointsRequest.cpp => aws-cpp-sdk-ivs/source/model/ListPlaybackRestrictionPoliciesRequest.cpp} (58%)
 create mode 100644 generated/src/aws-cpp-sdk-ivs/source/model/ListPlaybackRestrictionPoliciesResult.cpp
 create mode 100644 generated/src/aws-cpp-sdk-ivs/source/model/PlaybackRestrictionPolicy.cpp
 create mode 100644 generated/src/aws-cpp-sdk-ivs/source/model/PlaybackRestrictionPolicySummary.cpp
 create mode 100644 generated/src/aws-cpp-sdk-ivs/source/model/UpdatePlaybackRestrictionPolicyRequest.cpp
 create mode 100644 generated/src/aws-cpp-sdk-ivs/source/model/UpdatePlaybackRestrictionPolicyResult.cpp
 create mode 100644 generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/ConfirmationStatusFilter.h
 create mode 100644 generated/src/aws-cpp-sdk-managedblockchain-query/source/model/ConfirmationStatusFilter.cpp
 delete mode 100644 generated/src/aws-cpp-sdk-mediaconvert/include/aws/mediaconvert/model/DescribeEndpointsRequest.h
 delete mode 100644 generated/src/aws-cpp-sdk-mediaconvert/include/aws/mediaconvert/model/DescribeEndpointsResult.h
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/CancelQueryRequest.h
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/EdgeStructure.h
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/ExecuteQueryRequest.h
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/ExecuteQueryResult.h
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/ExplainMode.h
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/GetGraphSummaryRequest.h
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/GetGraphSummaryResult.h
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/GetQueryRequest.h
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/GetQueryResult.h
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/GraphDataSummary.h
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/GraphSummaryMode.h
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/ListQueriesRequest.h
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/ListQueriesResult.h
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/NodeStructure.h
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/PlanCacheType.h
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/QueryLanguage.h
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/QueryState.h
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/QueryStateInput.h
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/QuerySummary.h
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/UnprocessableException.h
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/UnprocessableExceptionReason.h
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/source/model/CancelQueryRequest.cpp
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/source/model/EdgeStructure.cpp
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/source/model/ExecuteQueryRequest.cpp
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/source/model/ExecuteQueryResult.cpp
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/source/model/ExplainMode.cpp
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/source/model/GetGraphSummaryRequest.cpp
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/source/model/GetGraphSummaryResult.cpp
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/source/model/GetQueryRequest.cpp
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/source/model/GetQueryResult.cpp
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/source/model/GraphDataSummary.cpp
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/source/model/GraphSummaryMode.cpp
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/source/model/ListQueriesRequest.cpp
 rename generated/src/{aws-cpp-sdk-mediaconvert/source/model/DescribeEndpointsResult.cpp => aws-cpp-sdk-neptune-graph/source/model/ListQueriesResult.cpp} (52%)
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/source/model/NodeStructure.cpp
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/source/model/PlanCacheType.cpp
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/source/model/QueryLanguage.cpp
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/source/model/QueryState.cpp
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/source/model/QueryStateInput.cpp
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/source/model/QuerySummary.cpp
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/source/model/UnprocessableException.cpp
 create mode 100644 generated/src/aws-cpp-sdk-neptune-graph/source/model/UnprocessableExceptionReason.cpp

diff --git a/VERSION b/VERSION
index c9258a50841..dfce3fc21ef 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-1.11.255
\ No newline at end of file
+1.11.256
\ No newline at end of file
diff --git a/generated/src/aws-cpp-sdk-cognito-idp/include/aws/cognito-idp/CognitoIdentityProviderClient.h b/generated/src/aws-cpp-sdk-cognito-idp/include/aws/cognito-idp/CognitoIdentityProviderClient.h
index b882f00b788..ce3d163e56c 100644
--- a/generated/src/aws-cpp-sdk-cognito-idp/include/aws/cognito-idp/CognitoIdentityProviderClient.h
+++ b/generated/src/aws-cpp-sdk-cognito-idp/include/aws/cognito-idp/CognitoIdentityProviderClient.h
@@ -1290,8 +1290,8 @@ namespace CognitoIdentityProvider
          * authorize requests, and you can't grant IAM permissions in policies. For more
          * information about authorization models in Amazon Cognito, see <a
          * href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using
-         * the Amazon Cognito native and OIDC APIs</a>.</p> <p><h3>See Also:</h3>  
-         * <a
+         * the Amazon Cognito user pools API and user pool endpoints</a>.</p>
+         * <p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AssociateSoftwareToken">AWS
          * API Reference</a></p>
          */
@@ -1316,15 +1316,16 @@ namespace CognitoIdentityProvider
         }
 
         /**
-         * <p>Changes the password for a specified user in a user pool.</p> 
-         * <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
-         * in requests for this API operation. For this operation, you can't use IAM
-         * credentials to authorize requests, and you can't grant IAM permissions in
-         * policies. For more information about authorization models in Amazon Cognito, see
-         * <a
+         * <p>Changes the password for a specified user in a user pool.</p> <p>Authorize
+         * this action with a signed-in user's access token. It must include the scope
+         * <code>aws.cognito.signin.user.admin</code>.</p>  <p>Amazon Cognito doesn't
+         * evaluate Identity and Access Management (IAM) policies in requests for this API
+         * operation. For this operation, you can't use IAM credentials to authorize
+         * requests, and you can't grant IAM permissions in policies. For more information
+         * about authorization models in Amazon Cognito, see <a
          * href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using
-         * the Amazon Cognito native and OIDC APIs</a>.</p> <p><h3>See Also:</h3>  
-         * <a
+         * the Amazon Cognito user pools API and user pool endpoints</a>.</p>
+         * <p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ChangePassword">AWS
          * API Reference</a></p>
          */
@@ -1350,14 +1351,18 @@ namespace CognitoIdentityProvider
 
         /**
          * <p>Confirms tracking of the device. This API call is the call that begins device
-         * tracking.</p>  <p>Amazon Cognito doesn't evaluate Identity and Access
-         * Management (IAM) policies in requests for this API operation. For this
-         * operation, you can't use IAM credentials to authorize requests, and you can't
-         * grant IAM permissions in policies. For more information about authorization
-         * models in Amazon Cognito, see <a
+         * tracking. For more information about device authentication, see <a
+         * href="https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html">Working
+         * with user devices in your user pool</a>.</p> <p>Authorize this action with a
+         * signed-in user's access token. It must include the scope
+         * <code>aws.cognito.signin.user.admin</code>.</p>  <p>Amazon Cognito doesn't
+         * evaluate Identity and Access Management (IAM) policies in requests for this API
+         * operation. For this operation, you can't use IAM credentials to authorize
+         * requests, and you can't grant IAM permissions in policies. For more information
+         * about authorization models in Amazon Cognito, see <a
          * href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using
-         * the Amazon Cognito native and OIDC APIs</a>.</p> <p><h3>See Also:</h3>  
-         * <a
+         * the Amazon Cognito user pools API and user pool endpoints</a>.</p>
+         * <p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ConfirmDevice">AWS
          * API Reference</a></p>
          */
@@ -1389,8 +1394,8 @@ namespace CognitoIdentityProvider
          * policies. For more information about authorization models in Amazon Cognito, see
          * <a
          * href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using
-         * the Amazon Cognito native and OIDC APIs</a>.</p> <p><h3>See Also:</h3>  
-         * <a
+         * the Amazon Cognito user pools API and user pool endpoints</a>.</p>
+         * <p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ConfirmForgotPassword">AWS
          * API Reference</a></p>
          */
@@ -1434,8 +1439,8 @@ namespace CognitoIdentityProvider
          * requests, and you can't grant IAM permissions in policies. For more information
          * about authorization models in Amazon Cognito, see <a
          * href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using
-         * the Amazon Cognito native and OIDC APIs</a>.</p> <p><h3>See Also:</h3>  
-         * <a
+         * the Amazon Cognito user pools API and user pool endpoints</a>.</p>
+         * <p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ConfirmSignUp">AWS
          * API Reference</a></p>
          */
@@ -1494,11 +1499,12 @@ namespace CognitoIdentityProvider
         }
 
         /**
-         * <p>Creates an IdP for a user pool.</p>  <p>Amazon Cognito evaluates
-         * Identity and Access Management (IAM) policies in requests for this API
-         * operation. For this operation, you must use IAM credentials to authorize
-         * requests, and you must grant yourself the corresponding IAM permission in a
-         * policy.</p> <p class="title"> <b>Learn more</b> </p> <ul> <li> <p> <a
+         * <p>Adds a configuration and trust relationship between a third-party identity
+         * provider (IdP) and a user pool.</p>  <p>Amazon Cognito evaluates Identity
+         * and Access Management (IAM) policies in requests for this API operation. For
+         * this operation, you must use IAM credentials to authorize requests, and you must
+         * grant yourself the corresponding IAM permission in a policy.</p> <p
+         * class="title"> <b>Learn more</b> </p> <ul> <li> <p> <a
          * href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Signing
          * Amazon Web Services API Requests</a> </p> </li> <li> <p> <a
          * href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using
@@ -1799,14 +1805,16 @@ namespace CognitoIdentityProvider
         }
 
         /**
-         * <p>Allows a user to delete their own user profile.</p>  <p>Amazon Cognito
-         * doesn't evaluate Identity and Access Management (IAM) policies in requests for
-         * this API operation. For this operation, you can't use IAM credentials to
-         * authorize requests, and you can't grant IAM permissions in policies. For more
-         * information about authorization models in Amazon Cognito, see <a
+         * <p>Allows a user to delete their own user profile.</p> <p>Authorize this action
+         * with a signed-in user's access token. It must include the scope
+         * <code>aws.cognito.signin.user.admin</code>.</p>  <p>Amazon Cognito doesn't
+         * evaluate Identity and Access Management (IAM) policies in requests for this API
+         * operation. For this operation, you can't use IAM credentials to authorize
+         * requests, and you can't grant IAM permissions in policies. For more information
+         * about authorization models in Amazon Cognito, see <a
          * href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using
-         * the Amazon Cognito native and OIDC APIs</a>.</p> <p><h3>See Also:</h3>  
-         * <a
+         * the Amazon Cognito user pools API and user pool endpoints</a>.</p>
+         * <p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteUser">AWS
          * API Reference</a></p>
          */
@@ -1831,14 +1839,16 @@ namespace CognitoIdentityProvider
         }
 
         /**
-         * <p>Deletes the attributes for a user.</p>  <p>Amazon Cognito doesn't
+         * <p>Deletes the attributes for a user.</p> <p>Authorize this action with a
+         * signed-in user's access token. It must include the scope
+         * <code>aws.cognito.signin.user.admin</code>.</p>  <p>Amazon Cognito doesn't
          * evaluate Identity and Access Management (IAM) policies in requests for this API
          * operation. For this operation, you can't use IAM credentials to authorize
          * requests, and you can't grant IAM permissions in policies. For more information
          * about authorization models in Amazon Cognito, see <a
          * href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using
-         * the Amazon Cognito native and OIDC APIs</a>.</p> <p><h3>See Also:</h3>  
-         * <a
+         * the Amazon Cognito user pools API and user pool endpoints</a>.</p>
+         * <p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteUserAttributes">AWS
          * API Reference</a></p>
          */
@@ -2134,14 +2144,19 @@ namespace CognitoIdentityProvider
         }
 
         /**
-         * <p>Forgets the specified device.</p>  <p>Amazon Cognito doesn't evaluate
-         * Identity and Access Management (IAM) policies in requests for this API
+         * <p>Forgets the specified device. For more information about device
+         * authentication, see <a
+         * href="https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html">Working
+         * with user devices in your user pool</a>.</p> <p>Authorize this action with a
+         * signed-in user's access token. It must include the scope
+         * <code>aws.cognito.signin.user.admin</code>.</p>  <p>Amazon Cognito doesn't
+         * evaluate Identity and Access Management (IAM) policies in requests for this API
          * operation. For this operation, you can't use IAM credentials to authorize
          * requests, and you can't grant IAM permissions in policies. For more information
          * about authorization models in Amazon Cognito, see <a
          * href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using
-         * the Amazon Cognito native and OIDC APIs</a>.</p> <p><h3>See Also:</h3>  
-         * <a
+         * the Amazon Cognito user pools API and user pool endpoints</a>.</p>
+         * <p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ForgetDevice">AWS
          * API Reference</a></p>
          */
@@ -2184,11 +2199,11 @@ namespace CognitoIdentityProvider
          * authorize requests, and you can't grant IAM permissions in policies. For more
          * information about authorization models in Amazon Cognito, see <a
          * href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using
-         * the Amazon Cognito native and OIDC APIs</a>.</p>   <p>This action
-         * might generate an SMS text message. Starting June 1, 2021, US telecom carriers
-         * require you to register an origination phone number before you can send SMS
-         * messages to US phone numbers. If you use SMS text messages in Amazon Cognito,
-         * you must register a phone number with <a
+         * the Amazon Cognito user pools API and user pool endpoints</a>.</p> 
+         *  <p>This action might generate an SMS text message. Starting June 1, 2021,
+         * US telecom carriers require you to register an origination phone number before
+         * you can send SMS messages to US phone numbers. If you use SMS text messages in
+         * Amazon Cognito, you must register a phone number with <a
          * href="https://console.aws.amazon.com/pinpoint/home/">Amazon Pinpoint</a>. Amazon
          * Cognito uses the registered number automatically. Otherwise, Amazon Cognito
          * users who must receive SMS messages might not be able to sign up, activate their
@@ -2252,14 +2267,18 @@ namespace CognitoIdentityProvider
         }
 
         /**
-         * <p>Gets the device.</p>  <p>Amazon Cognito doesn't evaluate Identity and
-         * Access Management (IAM) policies in requests for this API operation. For this
-         * operation, you can't use IAM credentials to authorize requests, and you can't
-         * grant IAM permissions in policies. For more information about authorization
-         * models in Amazon Cognito, see <a
+         * <p>Gets the device. For more information about device authentication, see <a
+         * href="https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html">Working
+         * with user devices in your user pool</a>.</p> <p>Authorize this action with a
+         * signed-in user's access token. It must include the scope
+         * <code>aws.cognito.signin.user.admin</code>.</p>  <p>Amazon Cognito doesn't
+         * evaluate Identity and Access Management (IAM) policies in requests for this API
+         * operation. For this operation, you can't use IAM credentials to authorize
+         * requests, and you can't grant IAM permissions in policies. For more information
+         * about authorization models in Amazon Cognito, see <a
          * href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using
-         * the Amazon Cognito native and OIDC APIs</a>.</p> <p><h3>See Also:</h3>  
-         * <a
+         * the Amazon Cognito user pools API and user pool endpoints</a>.</p>
+         * <p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetDevice">AWS
          * API Reference</a></p>
          */
@@ -2420,15 +2439,16 @@ namespace CognitoIdentityProvider
         }
 
         /**
-         * <p>Gets the user attributes and metadata for a user.</p>  <p>Amazon
-         * Cognito doesn't evaluate Identity and Access Management (IAM) policies in
-         * requests for this API operation. For this operation, you can't use IAM
-         * credentials to authorize requests, and you can't grant IAM permissions in
-         * policies. For more information about authorization models in Amazon Cognito, see
-         * <a
+         * <p>Gets the user attributes and metadata for a user.</p> <p>Authorize this
+         * action with a signed-in user's access token. It must include the scope
+         * <code>aws.cognito.signin.user.admin</code>.</p>  <p>Amazon Cognito doesn't
+         * evaluate Identity and Access Management (IAM) policies in requests for this API
+         * operation. For this operation, you can't use IAM credentials to authorize
+         * requests, and you can't grant IAM permissions in policies. For more information
+         * about authorization models in Amazon Cognito, see <a
          * href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using
-         * the Amazon Cognito native and OIDC APIs</a>.</p> <p><h3>See Also:</h3>  
-         * <a
+         * the Amazon Cognito user pools API and user pool endpoints</a>.</p>
+         * <p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetUser">AWS
          * API Reference</a></p>
          */
@@ -2455,17 +2475,19 @@ namespace CognitoIdentityProvider
         /**
          * <p>Generates a user attribute verification code for the specified attribute
          * name. Sends a message to a user with a code that they must return in a
-         * VerifyUserAttribute request.</p>  <p>Amazon Cognito doesn't evaluate
-         * Identity and Access Management (IAM) policies in requests for this API
+         * VerifyUserAttribute request.</p> <p>Authorize this action with a signed-in
+         * user's access token. It must include the scope
+         * <code>aws.cognito.signin.user.admin</code>.</p>  <p>Amazon Cognito doesn't
+         * evaluate Identity and Access Management (IAM) policies in requests for this API
          * operation. For this operation, you can't use IAM credentials to authorize
          * requests, and you can't grant IAM permissions in policies. For more information
          * about authorization models in Amazon Cognito, see <a
          * href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using
-         * the Amazon Cognito native and OIDC APIs</a>.</p>   <p>This action
-         * might generate an SMS text message. Starting June 1, 2021, US telecom carriers
-         * require you to register an origination phone number before you can send SMS
-         * messages to US phone numbers. If you use SMS text messages in Amazon Cognito,
-         * you must register a phone number with <a
+         * the Amazon Cognito user pools API and user pool endpoints</a>.</p> 
+         *  <p>This action might generate an SMS text message. Starting June 1, 2021,
+         * US telecom carriers require you to register an origination phone number before
+         * you can send SMS messages to US phone numbers. If you use SMS text messages in
+         * Amazon Cognito, you must register a phone number with <a
          * href="https://console.aws.amazon.com/pinpoint/home/">Amazon Pinpoint</a>. Amazon
          * Cognito uses the registered number automatically. Otherwise, Amazon Cognito
          * users who must receive SMS messages might not be able to sign up, activate their
@@ -2546,14 +2568,16 @@ namespace CognitoIdentityProvider
          * href="https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_CognitoIdentityProvider.html">CognitoIdentityProvider</a>.</p>
          * </li> <li> <p>Amazon Cognito no longer accepts a signed-out user's refresh
          * tokens in refresh requests.</p> </li> </ul> <p>Other requests might be valid
-         * until your user's token expires.</p>  <p>Amazon Cognito doesn't evaluate
-         * Identity and Access Management (IAM) policies in requests for this API
+         * until your user's token expires.</p> <p>Authorize this action with a signed-in
+         * user's access token. It must include the scope
+         * <code>aws.cognito.signin.user.admin</code>.</p>  <p>Amazon Cognito doesn't
+         * evaluate Identity and Access Management (IAM) policies in requests for this API
          * operation. For this operation, you can't use IAM credentials to authorize
          * requests, and you can't grant IAM permissions in policies. For more information
          * about authorization models in Amazon Cognito, see <a
          * href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using
-         * the Amazon Cognito native and OIDC APIs</a>.</p> <p><h3>See Also:</h3>  
-         * <a
+         * the Amazon Cognito user pools API and user pool endpoints</a>.</p>
+         * <p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GlobalSignOut">AWS
          * API Reference</a></p>
          */
@@ -2588,11 +2612,11 @@ namespace CognitoIdentityProvider
          * authorize requests, and you can't grant IAM permissions in policies. For more
          * information about authorization models in Amazon Cognito, see <a
          * href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using
-         * the Amazon Cognito native and OIDC APIs</a>.</p>   <p>This action
-         * might generate an SMS text message. Starting June 1, 2021, US telecom carriers
-         * require you to register an origination phone number before you can send SMS
-         * messages to US phone numbers. If you use SMS text messages in Amazon Cognito,
-         * you must register a phone number with <a
+         * the Amazon Cognito user pools API and user pool endpoints</a>.</p> 
+         *  <p>This action might generate an SMS text message. Starting June 1, 2021,
+         * US telecom carriers require you to register an origination phone number before
+         * you can send SMS messages to US phone numbers. If you use SMS text messages in
+         * Amazon Cognito, you must register a phone number with <a
          * href="https://console.aws.amazon.com/pinpoint/home/">Amazon Pinpoint</a>. Amazon
          * Cognito uses the registered number automatically. Otherwise, Amazon Cognito
          * users who must receive SMS messages might not be able to sign up, activate their
@@ -2631,14 +2655,18 @@ namespace CognitoIdentityProvider
 
         /**
          * <p>Lists the sign-in devices that Amazon Cognito has registered to the current
-         * user.</p>  <p>Amazon Cognito doesn't evaluate Identity and Access
-         * Management (IAM) policies in requests for this API operation. For this
-         * operation, you can't use IAM credentials to authorize requests, and you can't
-         * grant IAM permissions in policies. For more information about authorization
-         * models in Amazon Cognito, see <a
+         * user. For more information about device authentication, see <a
+         * href="https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html">Working
+         * with user devices in your user pool</a>.</p> <p>Authorize this action with a
+         * signed-in user's access token. It must include the scope
+         * <code>aws.cognito.signin.user.admin</code>.</p>  <p>Amazon Cognito doesn't
+         * evaluate Identity and Access Management (IAM) policies in requests for this API
+         * operation. For this operation, you can't use IAM credentials to authorize
+         * requests, and you can't grant IAM permissions in policies. For more information
+         * about authorization models in Amazon Cognito, see <a
          * href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using
-         * the Amazon Cognito native and OIDC APIs</a>.</p> <p><h3>See Also:</h3>  
-         * <a
+         * the Amazon Cognito user pools API and user pool endpoints</a>.</p>
+         * <p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListDevices">AWS
          * API Reference</a></p>
          */
@@ -2973,11 +3001,11 @@ namespace CognitoIdentityProvider
          * can't grant IAM permissions in policies. For more information about
          * authorization models in Amazon Cognito, see <a
          * href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using
-         * the Amazon Cognito native and OIDC APIs</a>.</p>   <p>This action
-         * might generate an SMS text message. Starting June 1, 2021, US telecom carriers
-         * require you to register an origination phone number before you can send SMS
-         * messages to US phone numbers. If you use SMS text messages in Amazon Cognito,
-         * you must register a phone number with <a
+         * the Amazon Cognito user pools API and user pool endpoints</a>.</p> 
+         *  <p>This action might generate an SMS text message. Starting June 1, 2021,
+         * US telecom carriers require you to register an origination phone number before
+         * you can send SMS messages to US phone numbers. If you use SMS text messages in
+         * Amazon Cognito, you must register a phone number with <a
          * href="https://console.aws.amazon.com/pinpoint/home/">Amazon Pinpoint</a>. Amazon
          * Cognito uses the registered number automatically. Otherwise, Amazon Cognito
          * users who must receive SMS messages might not be able to sign up, activate their
@@ -3029,11 +3057,11 @@ namespace CognitoIdentityProvider
          * authorize requests, and you can't grant IAM permissions in policies. For more
          * information about authorization models in Amazon Cognito, see <a
          * href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using
-         * the Amazon Cognito native and OIDC APIs</a>.</p>   <p>This action
-         * might generate an SMS text message. Starting June 1, 2021, US telecom carriers
-         * require you to register an origination phone number before you can send SMS
-         * messages to US phone numbers. If you use SMS text messages in Amazon Cognito,
-         * you must register a phone number with <a
+         * the Amazon Cognito user pools API and user pool endpoints</a>.</p> 
+         *  <p>This action might generate an SMS text message. Starting June 1, 2021,
+         * US telecom carriers require you to register an origination phone number before
+         * you can send SMS messages to US phone numbers. If you use SMS text messages in
+         * Amazon Cognito, you must register a phone number with <a
          * href="https://console.aws.amazon.com/pinpoint/home/">Amazon Pinpoint</a>. Amazon
          * Cognito uses the registered number automatically. Otherwise, Amazon Cognito
          * users who must receive SMS messages might not be able to sign up, activate their
@@ -3080,8 +3108,8 @@ namespace CognitoIdentityProvider
          * grant IAM permissions in policies. For more information about authorization
          * models in Amazon Cognito, see <a
          * href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using
-         * the Amazon Cognito native and OIDC APIs</a>.</p> <p><h3>See Also:</h3>  
-         * <a
+         * the Amazon Cognito user pools API and user pool endpoints</a>.</p>
+         * <p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/RevokeToken">AWS
          * API Reference</a></p>
          */
@@ -3204,14 +3232,16 @@ namespace CognitoIdentityProvider
          * MFA during all sign-in attempts unless device tracking is turned on and the
          * device has been trusted. If you want MFA to be applied selectively based on the
          * assessed risk level of sign-in attempts, deactivate MFA for users and turn on
-         * Adaptive Authentication for the user pool.</p>  <p>Amazon Cognito doesn't
+         * Adaptive Authentication for the user pool.</p> <p>Authorize this action with a
+         * signed-in user's access token. It must include the scope
+         * <code>aws.cognito.signin.user.admin</code>.</p>  <p>Amazon Cognito doesn't
          * evaluate Identity and Access Management (IAM) policies in requests for this API
          * operation. For this operation, you can't use IAM credentials to authorize
          * requests, and you can't grant IAM permissions in policies. For more information
          * about authorization models in Amazon Cognito, see <a
          * href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using
-         * the Amazon Cognito native and OIDC APIs</a>.</p> <p><h3>See Also:</h3>  
-         * <a
+         * the Amazon Cognito user pools API and user pool endpoints</a>.</p>
+         * <p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SetUserMFAPreference">AWS
          * API Reference</a></p>
          */
@@ -3282,14 +3312,16 @@ namespace CognitoIdentityProvider
          * SMS MFA. You can't use it to configure time-based one-time password (TOTP)
          * software token MFA. To configure either type of MFA, use <a
          * href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetUserMFAPreference.html">SetUserMFAPreference</a>
-         * instead.</p>  <p>Amazon Cognito doesn't evaluate Identity and Access
-         * Management (IAM) policies in requests for this API operation. For this
-         * operation, you can't use IAM credentials to authorize requests, and you can't
-         * grant IAM permissions in policies. For more information about authorization
-         * models in Amazon Cognito, see <a
-         * href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using
-         * the Amazon Cognito native and OIDC APIs</a>.</p> <p><h3>See Also:</h3>  
+         * instead.</p> <p>Authorize this action with a signed-in user's access token. It
+         * must include the scope <code>aws.cognito.signin.user.admin</code>.</p> 
+         * <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
+         * in requests for this API operation. For this operation, you can't use IAM
+         * credentials to authorize requests, and you can't grant IAM permissions in
+         * policies. For more information about authorization models in Amazon Cognito, see
          * <a
+         * href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using
+         * the Amazon Cognito user pools API and user pool endpoints</a>.</p>
+         * <p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SetUserSettings">AWS
          * API Reference</a></p>
          */
@@ -3321,11 +3353,11 @@ namespace CognitoIdentityProvider
          * requests, and you can't grant IAM permissions in policies. For more information
          * about authorization models in Amazon Cognito, see <a
          * href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using
-         * the Amazon Cognito native and OIDC APIs</a>.</p>   <p>This action
-         * might generate an SMS text message. Starting June 1, 2021, US telecom carriers
-         * require you to register an origination phone number before you can send SMS
-         * messages to US phone numbers. If you use SMS text messages in Amazon Cognito,
-         * you must register a phone number with <a
+         * the Amazon Cognito user pools API and user pool endpoints</a>.</p> 
+         *  <p>This action might generate an SMS text message. Starting June 1, 2021,
+         * US telecom carriers require you to register an origination phone number before
+         * you can send SMS messages to US phone numbers. If you use SMS text messages in
+         * Amazon Cognito, you must register a phone number with <a
          * href="https://console.aws.amazon.com/pinpoint/home/">Amazon Pinpoint</a>. Amazon
          * Cognito uses the registered number automatically. Otherwise, Amazon Cognito
          * users who must receive SMS messages might not be able to sign up, activate their
@@ -3486,8 +3518,8 @@ namespace CognitoIdentityProvider
          * policies. For more information about authorization models in Amazon Cognito, see
          * <a
          * href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using
-         * the Amazon Cognito native and OIDC APIs</a>.</p> <p><h3>See Also:</h3>  
-         * <a
+         * the Amazon Cognito user pools API and user pool endpoints</a>.</p>
+         * <p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateAuthEventFeedback">AWS
          * API Reference</a></p>
          */
@@ -3512,14 +3544,19 @@ namespace CognitoIdentityProvider
         }
 
         /**
-         * <p>Updates the device status.</p>  <p>Amazon Cognito doesn't evaluate
-         * Identity and Access Management (IAM) policies in requests for this API
+         * <p>Updates the device status. For more information about device authentication,
+         * see <a
+         * href="https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html">Working
+         * with user devices in your user pool</a>.</p> <p>Authorize this action with a
+         * signed-in user's access token. It must include the scope
+         * <code>aws.cognito.signin.user.admin</code>.</p>  <p>Amazon Cognito doesn't
+         * evaluate Identity and Access Management (IAM) policies in requests for this API
          * operation. For this operation, you can't use IAM credentials to authorize
          * requests, and you can't grant IAM permissions in policies. For more information
          * about authorization models in Amazon Cognito, see <a
          * href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using
-         * the Amazon Cognito native and OIDC APIs</a>.</p> <p><h3>See Also:</h3>  
-         * <a
+         * the Amazon Cognito user pools API and user pool endpoints</a>.</p>
+         * <p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateDeviceStatus">AWS
          * API Reference</a></p>
          */
@@ -3653,17 +3690,19 @@ namespace CognitoIdentityProvider
          * with their own credentials. You authorize this API request with the user's
          * access token. To delete an attribute from your user, submit the attribute in
          * your API request with a blank value. Custom attribute values in this request
-         * must include the <code>custom:</code> prefix.</p>  <p>Amazon Cognito
-         * doesn't evaluate Identity and Access Management (IAM) policies in requests for
-         * this API operation. For this operation, you can't use IAM credentials to
-         * authorize requests, and you can't grant IAM permissions in policies. For more
-         * information about authorization models in Amazon Cognito, see <a
+         * must include the <code>custom:</code> prefix.</p> <p>Authorize this action with
+         * a signed-in user's access token. It must include the scope
+         * <code>aws.cognito.signin.user.admin</code>.</p>  <p>Amazon Cognito doesn't
+         * evaluate Identity and Access Management (IAM) policies in requests for this API
+         * operation. For this operation, you can't use IAM credentials to authorize
+         * requests, and you can't grant IAM permissions in policies. For more information
+         * about authorization models in Amazon Cognito, see <a
          * href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using
-         * the Amazon Cognito native and OIDC APIs</a>.</p>   <p>This action
-         * might generate an SMS text message. Starting June 1, 2021, US telecom carriers
-         * require you to register an origination phone number before you can send SMS
-         * messages to US phone numbers. If you use SMS text messages in Amazon Cognito,
-         * you must register a phone number with <a
+         * the Amazon Cognito user pools API and user pool endpoints</a>.</p> 
+         *  <p>This action might generate an SMS text message. Starting June 1, 2021,
+         * US telecom carriers require you to register an origination phone number before
+         * you can send SMS messages to US phone numbers. If you use SMS text messages in
+         * Amazon Cognito, you must register a phone number with <a
          * href="https://console.aws.amazon.com/pinpoint/home/">Amazon Pinpoint</a>. Amazon
          * Cognito uses the registered number automatically. Otherwise, Amazon Cognito
          * users who must receive SMS messages might not be able to sign up, activate their
@@ -3861,8 +3900,8 @@ namespace CognitoIdentityProvider
          * policies. For more information about authorization models in Amazon Cognito, see
          * <a
          * href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using
-         * the Amazon Cognito native and OIDC APIs</a>.</p> <p><h3>See Also:</h3>  
-         * <a
+         * the Amazon Cognito user pools API and user pool endpoints</a>.</p>
+         * <p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/VerifySoftwareToken">AWS
          * API Reference</a></p>
          */
@@ -3892,14 +3931,16 @@ namespace CognitoIdentityProvider
          * VerifyUserAttribute updates the affected attribute to its pending value. For
          * more information, see <a
          * href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UserAttributeUpdateSettingsType.html">
-         * UserAttributeUpdateSettingsType</a>. </p>  <p>Amazon Cognito doesn't
+         * UserAttributeUpdateSettingsType</a>. </p> <p>Authorize this action with a
+         * signed-in user's access token. It must include the scope
+         * <code>aws.cognito.signin.user.admin</code>.</p>  <p>Amazon Cognito doesn't
          * evaluate Identity and Access Management (IAM) policies in requests for this API
          * operation. For this operation, you can't use IAM credentials to authorize
          * requests, and you can't grant IAM permissions in policies. For more information
          * about authorization models in Amazon Cognito, see <a
          * href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using
-         * the Amazon Cognito native and OIDC APIs</a>.</p> <p><h3>See Also:</h3>  
-         * <a
+         * the Amazon Cognito user pools API and user pool endpoints</a>.</p>
+         * <p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/VerifyUserAttribute">AWS
          * API Reference</a></p>
          */
diff --git a/generated/src/aws-cpp-sdk-cognito-idp/include/aws/cognito-idp/model/CreateIdentityProviderRequest.h b/generated/src/aws-cpp-sdk-cognito-idp/include/aws/cognito-idp/model/CreateIdentityProviderRequest.h
index 32afd7a5ec8..0b901f047f4 100644
--- a/generated/src/aws-cpp-sdk-cognito-idp/include/aws/cognito-idp/model/CreateIdentityProviderRequest.h
+++ b/generated/src/aws-cpp-sdk-cognito-idp/include/aws/cognito-idp/model/CreateIdentityProviderRequest.h
@@ -151,314 +151,1107 @@ namespace Model
 
 
     /**
-     * <p>The IdP details. The following list describes the provider detail keys for
-     * each IdP type.</p> <ul> <li> <p>For Google and Login with Amazon:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For Facebook:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>api_version</p> </li> </ul> </li> <li>
-     * <p>For Sign in with Apple:</p> <ul> <li> <p>client_id</p> </li> <li>
-     * <p>team_id</p> </li> <li> <p>key_id</p> </li> <li> <p>private_key</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For OpenID Connect (OIDC)
-     * providers:</p> <ul> <li> <p>client_id</p> </li> <li> <p>client_secret</p> </li>
-     * <li> <p>attributes_request_method</p> </li> <li> <p>oidc_issuer</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>The following keys are only present if
-     * Amazon Cognito didn't discover them at the <code>oidc_issuer</code> URL.</p>
-     * <ul> <li> <p>authorize_url </p> </li> <li> <p>token_url </p> </li> <li>
-     * <p>attributes_url </p> </li> <li> <p>jwks_uri </p> </li> </ul> </li> <li>
-     * <p>Amazon Cognito sets the value of the following keys automatically. They are
-     * read-only.</p> <ul> <li> <p>attributes_url_add_attributes </p> </li> </ul> </li>
-     * </ul> </li> <li> <p>For SAML providers:</p> <ul> <li> <p>MetadataFile or
-     * MetadataURL</p> </li> <li> <p>IDPSignout <i>optional</i> </p> </li> </ul> </li>
-     * </ul>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline const Aws::Map<Aws::String, Aws::String>& GetProviderDetails() const{ return m_providerDetails; }
 
     /**
-     * <p>The IdP details. The following list describes the provider detail keys for
-     * each IdP type.</p> <ul> <li> <p>For Google and Login with Amazon:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For Facebook:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>api_version</p> </li> </ul> </li> <li>
-     * <p>For Sign in with Apple:</p> <ul> <li> <p>client_id</p> </li> <li>
-     * <p>team_id</p> </li> <li> <p>key_id</p> </li> <li> <p>private_key</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For OpenID Connect (OIDC)
-     * providers:</p> <ul> <li> <p>client_id</p> </li> <li> <p>client_secret</p> </li>
-     * <li> <p>attributes_request_method</p> </li> <li> <p>oidc_issuer</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>The following keys are only present if
-     * Amazon Cognito didn't discover them at the <code>oidc_issuer</code> URL.</p>
-     * <ul> <li> <p>authorize_url </p> </li> <li> <p>token_url </p> </li> <li>
-     * <p>attributes_url </p> </li> <li> <p>jwks_uri </p> </li> </ul> </li> <li>
-     * <p>Amazon Cognito sets the value of the following keys automatically. They are
-     * read-only.</p> <ul> <li> <p>attributes_url_add_attributes </p> </li> </ul> </li>
-     * </ul> </li> <li> <p>For SAML providers:</p> <ul> <li> <p>MetadataFile or
-     * MetadataURL</p> </li> <li> <p>IDPSignout <i>optional</i> </p> </li> </ul> </li>
-     * </ul>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline bool ProviderDetailsHasBeenSet() const { return m_providerDetailsHasBeenSet; }
 
     /**
-     * <p>The IdP details. The following list describes the provider detail keys for
-     * each IdP type.</p> <ul> <li> <p>For Google and Login with Amazon:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For Facebook:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>api_version</p> </li> </ul> </li> <li>
-     * <p>For Sign in with Apple:</p> <ul> <li> <p>client_id</p> </li> <li>
-     * <p>team_id</p> </li> <li> <p>key_id</p> </li> <li> <p>private_key</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For OpenID Connect (OIDC)
-     * providers:</p> <ul> <li> <p>client_id</p> </li> <li> <p>client_secret</p> </li>
-     * <li> <p>attributes_request_method</p> </li> <li> <p>oidc_issuer</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>The following keys are only present if
-     * Amazon Cognito didn't discover them at the <code>oidc_issuer</code> URL.</p>
-     * <ul> <li> <p>authorize_url </p> </li> <li> <p>token_url </p> </li> <li>
-     * <p>attributes_url </p> </li> <li> <p>jwks_uri </p> </li> </ul> </li> <li>
-     * <p>Amazon Cognito sets the value of the following keys automatically. They are
-     * read-only.</p> <ul> <li> <p>attributes_url_add_attributes </p> </li> </ul> </li>
-     * </ul> </li> <li> <p>For SAML providers:</p> <ul> <li> <p>MetadataFile or
-     * MetadataURL</p> </li> <li> <p>IDPSignout <i>optional</i> </p> </li> </ul> </li>
-     * </ul>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline void SetProviderDetails(const Aws::Map<Aws::String, Aws::String>& value) { m_providerDetailsHasBeenSet = true; m_providerDetails = value; }
 
     /**
-     * <p>The IdP details. The following list describes the provider detail keys for
-     * each IdP type.</p> <ul> <li> <p>For Google and Login with Amazon:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For Facebook:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>api_version</p> </li> </ul> </li> <li>
-     * <p>For Sign in with Apple:</p> <ul> <li> <p>client_id</p> </li> <li>
-     * <p>team_id</p> </li> <li> <p>key_id</p> </li> <li> <p>private_key</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For OpenID Connect (OIDC)
-     * providers:</p> <ul> <li> <p>client_id</p> </li> <li> <p>client_secret</p> </li>
-     * <li> <p>attributes_request_method</p> </li> <li> <p>oidc_issuer</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>The following keys are only present if
-     * Amazon Cognito didn't discover them at the <code>oidc_issuer</code> URL.</p>
-     * <ul> <li> <p>authorize_url </p> </li> <li> <p>token_url </p> </li> <li>
-     * <p>attributes_url </p> </li> <li> <p>jwks_uri </p> </li> </ul> </li> <li>
-     * <p>Amazon Cognito sets the value of the following keys automatically. They are
-     * read-only.</p> <ul> <li> <p>attributes_url_add_attributes </p> </li> </ul> </li>
-     * </ul> </li> <li> <p>For SAML providers:</p> <ul> <li> <p>MetadataFile or
-     * MetadataURL</p> </li> <li> <p>IDPSignout <i>optional</i> </p> </li> </ul> </li>
-     * </ul>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline void SetProviderDetails(Aws::Map<Aws::String, Aws::String>&& value) { m_providerDetailsHasBeenSet = true; m_providerDetails = std::move(value); }
 
     /**
-     * <p>The IdP details. The following list describes the provider detail keys for
-     * each IdP type.</p> <ul> <li> <p>For Google and Login with Amazon:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For Facebook:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>api_version</p> </li> </ul> </li> <li>
-     * <p>For Sign in with Apple:</p> <ul> <li> <p>client_id</p> </li> <li>
-     * <p>team_id</p> </li> <li> <p>key_id</p> </li> <li> <p>private_key</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For OpenID Connect (OIDC)
-     * providers:</p> <ul> <li> <p>client_id</p> </li> <li> <p>client_secret</p> </li>
-     * <li> <p>attributes_request_method</p> </li> <li> <p>oidc_issuer</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>The following keys are only present if
-     * Amazon Cognito didn't discover them at the <code>oidc_issuer</code> URL.</p>
-     * <ul> <li> <p>authorize_url </p> </li> <li> <p>token_url </p> </li> <li>
-     * <p>attributes_url </p> </li> <li> <p>jwks_uri </p> </li> </ul> </li> <li>
-     * <p>Amazon Cognito sets the value of the following keys automatically. They are
-     * read-only.</p> <ul> <li> <p>attributes_url_add_attributes </p> </li> </ul> </li>
-     * </ul> </li> <li> <p>For SAML providers:</p> <ul> <li> <p>MetadataFile or
-     * MetadataURL</p> </li> <li> <p>IDPSignout <i>optional</i> </p> </li> </ul> </li>
-     * </ul>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline CreateIdentityProviderRequest& WithProviderDetails(const Aws::Map<Aws::String, Aws::String>& value) { SetProviderDetails(value); return *this;}
 
     /**
-     * <p>The IdP details. The following list describes the provider detail keys for
-     * each IdP type.</p> <ul> <li> <p>For Google and Login with Amazon:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For Facebook:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>api_version</p> </li> </ul> </li> <li>
-     * <p>For Sign in with Apple:</p> <ul> <li> <p>client_id</p> </li> <li>
-     * <p>team_id</p> </li> <li> <p>key_id</p> </li> <li> <p>private_key</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For OpenID Connect (OIDC)
-     * providers:</p> <ul> <li> <p>client_id</p> </li> <li> <p>client_secret</p> </li>
-     * <li> <p>attributes_request_method</p> </li> <li> <p>oidc_issuer</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>The following keys are only present if
-     * Amazon Cognito didn't discover them at the <code>oidc_issuer</code> URL.</p>
-     * <ul> <li> <p>authorize_url </p> </li> <li> <p>token_url </p> </li> <li>
-     * <p>attributes_url </p> </li> <li> <p>jwks_uri </p> </li> </ul> </li> <li>
-     * <p>Amazon Cognito sets the value of the following keys automatically. They are
-     * read-only.</p> <ul> <li> <p>attributes_url_add_attributes </p> </li> </ul> </li>
-     * </ul> </li> <li> <p>For SAML providers:</p> <ul> <li> <p>MetadataFile or
-     * MetadataURL</p> </li> <li> <p>IDPSignout <i>optional</i> </p> </li> </ul> </li>
-     * </ul>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline CreateIdentityProviderRequest& WithProviderDetails(Aws::Map<Aws::String, Aws::String>&& value) { SetProviderDetails(std::move(value)); return *this;}
 
     /**
-     * <p>The IdP details. The following list describes the provider detail keys for
-     * each IdP type.</p> <ul> <li> <p>For Google and Login with Amazon:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For Facebook:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>api_version</p> </li> </ul> </li> <li>
-     * <p>For Sign in with Apple:</p> <ul> <li> <p>client_id</p> </li> <li>
-     * <p>team_id</p> </li> <li> <p>key_id</p> </li> <li> <p>private_key</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For OpenID Connect (OIDC)
-     * providers:</p> <ul> <li> <p>client_id</p> </li> <li> <p>client_secret</p> </li>
-     * <li> <p>attributes_request_method</p> </li> <li> <p>oidc_issuer</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>The following keys are only present if
-     * Amazon Cognito didn't discover them at the <code>oidc_issuer</code> URL.</p>
-     * <ul> <li> <p>authorize_url </p> </li> <li> <p>token_url </p> </li> <li>
-     * <p>attributes_url </p> </li> <li> <p>jwks_uri </p> </li> </ul> </li> <li>
-     * <p>Amazon Cognito sets the value of the following keys automatically. They are
-     * read-only.</p> <ul> <li> <p>attributes_url_add_attributes </p> </li> </ul> </li>
-     * </ul> </li> <li> <p>For SAML providers:</p> <ul> <li> <p>MetadataFile or
-     * MetadataURL</p> </li> <li> <p>IDPSignout <i>optional</i> </p> </li> </ul> </li>
-     * </ul>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline CreateIdentityProviderRequest& AddProviderDetails(const Aws::String& key, const Aws::String& value) { m_providerDetailsHasBeenSet = true; m_providerDetails.emplace(key, value); return *this; }
 
     /**
-     * <p>The IdP details. The following list describes the provider detail keys for
-     * each IdP type.</p> <ul> <li> <p>For Google and Login with Amazon:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For Facebook:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>api_version</p> </li> </ul> </li> <li>
-     * <p>For Sign in with Apple:</p> <ul> <li> <p>client_id</p> </li> <li>
-     * <p>team_id</p> </li> <li> <p>key_id</p> </li> <li> <p>private_key</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For OpenID Connect (OIDC)
-     * providers:</p> <ul> <li> <p>client_id</p> </li> <li> <p>client_secret</p> </li>
-     * <li> <p>attributes_request_method</p> </li> <li> <p>oidc_issuer</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>The following keys are only present if
-     * Amazon Cognito didn't discover them at the <code>oidc_issuer</code> URL.</p>
-     * <ul> <li> <p>authorize_url </p> </li> <li> <p>token_url </p> </li> <li>
-     * <p>attributes_url </p> </li> <li> <p>jwks_uri </p> </li> </ul> </li> <li>
-     * <p>Amazon Cognito sets the value of the following keys automatically. They are
-     * read-only.</p> <ul> <li> <p>attributes_url_add_attributes </p> </li> </ul> </li>
-     * </ul> </li> <li> <p>For SAML providers:</p> <ul> <li> <p>MetadataFile or
-     * MetadataURL</p> </li> <li> <p>IDPSignout <i>optional</i> </p> </li> </ul> </li>
-     * </ul>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline CreateIdentityProviderRequest& AddProviderDetails(Aws::String&& key, const Aws::String& value) { m_providerDetailsHasBeenSet = true; m_providerDetails.emplace(std::move(key), value); return *this; }
 
     /**
-     * <p>The IdP details. The following list describes the provider detail keys for
-     * each IdP type.</p> <ul> <li> <p>For Google and Login with Amazon:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For Facebook:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>api_version</p> </li> </ul> </li> <li>
-     * <p>For Sign in with Apple:</p> <ul> <li> <p>client_id</p> </li> <li>
-     * <p>team_id</p> </li> <li> <p>key_id</p> </li> <li> <p>private_key</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For OpenID Connect (OIDC)
-     * providers:</p> <ul> <li> <p>client_id</p> </li> <li> <p>client_secret</p> </li>
-     * <li> <p>attributes_request_method</p> </li> <li> <p>oidc_issuer</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>The following keys are only present if
-     * Amazon Cognito didn't discover them at the <code>oidc_issuer</code> URL.</p>
-     * <ul> <li> <p>authorize_url </p> </li> <li> <p>token_url </p> </li> <li>
-     * <p>attributes_url </p> </li> <li> <p>jwks_uri </p> </li> </ul> </li> <li>
-     * <p>Amazon Cognito sets the value of the following keys automatically. They are
-     * read-only.</p> <ul> <li> <p>attributes_url_add_attributes </p> </li> </ul> </li>
-     * </ul> </li> <li> <p>For SAML providers:</p> <ul> <li> <p>MetadataFile or
-     * MetadataURL</p> </li> <li> <p>IDPSignout <i>optional</i> </p> </li> </ul> </li>
-     * </ul>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline CreateIdentityProviderRequest& AddProviderDetails(const Aws::String& key, Aws::String&& value) { m_providerDetailsHasBeenSet = true; m_providerDetails.emplace(key, std::move(value)); return *this; }
 
     /**
-     * <p>The IdP details. The following list describes the provider detail keys for
-     * each IdP type.</p> <ul> <li> <p>For Google and Login with Amazon:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For Facebook:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>api_version</p> </li> </ul> </li> <li>
-     * <p>For Sign in with Apple:</p> <ul> <li> <p>client_id</p> </li> <li>
-     * <p>team_id</p> </li> <li> <p>key_id</p> </li> <li> <p>private_key</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For OpenID Connect (OIDC)
-     * providers:</p> <ul> <li> <p>client_id</p> </li> <li> <p>client_secret</p> </li>
-     * <li> <p>attributes_request_method</p> </li> <li> <p>oidc_issuer</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>The following keys are only present if
-     * Amazon Cognito didn't discover them at the <code>oidc_issuer</code> URL.</p>
-     * <ul> <li> <p>authorize_url </p> </li> <li> <p>token_url </p> </li> <li>
-     * <p>attributes_url </p> </li> <li> <p>jwks_uri </p> </li> </ul> </li> <li>
-     * <p>Amazon Cognito sets the value of the following keys automatically. They are
-     * read-only.</p> <ul> <li> <p>attributes_url_add_attributes </p> </li> </ul> </li>
-     * </ul> </li> <li> <p>For SAML providers:</p> <ul> <li> <p>MetadataFile or
-     * MetadataURL</p> </li> <li> <p>IDPSignout <i>optional</i> </p> </li> </ul> </li>
-     * </ul>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline CreateIdentityProviderRequest& AddProviderDetails(Aws::String&& key, Aws::String&& value) { m_providerDetailsHasBeenSet = true; m_providerDetails.emplace(std::move(key), std::move(value)); return *this; }
 
     /**
-     * <p>The IdP details. The following list describes the provider detail keys for
-     * each IdP type.</p> <ul> <li> <p>For Google and Login with Amazon:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For Facebook:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>api_version</p> </li> </ul> </li> <li>
-     * <p>For Sign in with Apple:</p> <ul> <li> <p>client_id</p> </li> <li>
-     * <p>team_id</p> </li> <li> <p>key_id</p> </li> <li> <p>private_key</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For OpenID Connect (OIDC)
-     * providers:</p> <ul> <li> <p>client_id</p> </li> <li> <p>client_secret</p> </li>
-     * <li> <p>attributes_request_method</p> </li> <li> <p>oidc_issuer</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>The following keys are only present if
-     * Amazon Cognito didn't discover them at the <code>oidc_issuer</code> URL.</p>
-     * <ul> <li> <p>authorize_url </p> </li> <li> <p>token_url </p> </li> <li>
-     * <p>attributes_url </p> </li> <li> <p>jwks_uri </p> </li> </ul> </li> <li>
-     * <p>Amazon Cognito sets the value of the following keys automatically. They are
-     * read-only.</p> <ul> <li> <p>attributes_url_add_attributes </p> </li> </ul> </li>
-     * </ul> </li> <li> <p>For SAML providers:</p> <ul> <li> <p>MetadataFile or
-     * MetadataURL</p> </li> <li> <p>IDPSignout <i>optional</i> </p> </li> </ul> </li>
-     * </ul>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline CreateIdentityProviderRequest& AddProviderDetails(const char* key, Aws::String&& value) { m_providerDetailsHasBeenSet = true; m_providerDetails.emplace(key, std::move(value)); return *this; }
 
     /**
-     * <p>The IdP details. The following list describes the provider detail keys for
-     * each IdP type.</p> <ul> <li> <p>For Google and Login with Amazon:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For Facebook:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>api_version</p> </li> </ul> </li> <li>
-     * <p>For Sign in with Apple:</p> <ul> <li> <p>client_id</p> </li> <li>
-     * <p>team_id</p> </li> <li> <p>key_id</p> </li> <li> <p>private_key</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For OpenID Connect (OIDC)
-     * providers:</p> <ul> <li> <p>client_id</p> </li> <li> <p>client_secret</p> </li>
-     * <li> <p>attributes_request_method</p> </li> <li> <p>oidc_issuer</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>The following keys are only present if
-     * Amazon Cognito didn't discover them at the <code>oidc_issuer</code> URL.</p>
-     * <ul> <li> <p>authorize_url </p> </li> <li> <p>token_url </p> </li> <li>
-     * <p>attributes_url </p> </li> <li> <p>jwks_uri </p> </li> </ul> </li> <li>
-     * <p>Amazon Cognito sets the value of the following keys automatically. They are
-     * read-only.</p> <ul> <li> <p>attributes_url_add_attributes </p> </li> </ul> </li>
-     * </ul> </li> <li> <p>For SAML providers:</p> <ul> <li> <p>MetadataFile or
-     * MetadataURL</p> </li> <li> <p>IDPSignout <i>optional</i> </p> </li> </ul> </li>
-     * </ul>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline CreateIdentityProviderRequest& AddProviderDetails(Aws::String&& key, const char* value) { m_providerDetailsHasBeenSet = true; m_providerDetails.emplace(std::move(key), value); return *this; }
 
     /**
-     * <p>The IdP details. The following list describes the provider detail keys for
-     * each IdP type.</p> <ul> <li> <p>For Google and Login with Amazon:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For Facebook:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>api_version</p> </li> </ul> </li> <li>
-     * <p>For Sign in with Apple:</p> <ul> <li> <p>client_id</p> </li> <li>
-     * <p>team_id</p> </li> <li> <p>key_id</p> </li> <li> <p>private_key</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For OpenID Connect (OIDC)
-     * providers:</p> <ul> <li> <p>client_id</p> </li> <li> <p>client_secret</p> </li>
-     * <li> <p>attributes_request_method</p> </li> <li> <p>oidc_issuer</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>The following keys are only present if
-     * Amazon Cognito didn't discover them at the <code>oidc_issuer</code> URL.</p>
-     * <ul> <li> <p>authorize_url </p> </li> <li> <p>token_url </p> </li> <li>
-     * <p>attributes_url </p> </li> <li> <p>jwks_uri </p> </li> </ul> </li> <li>
-     * <p>Amazon Cognito sets the value of the following keys automatically. They are
-     * read-only.</p> <ul> <li> <p>attributes_url_add_attributes </p> </li> </ul> </li>
-     * </ul> </li> <li> <p>For SAML providers:</p> <ul> <li> <p>MetadataFile or
-     * MetadataURL</p> </li> <li> <p>IDPSignout <i>optional</i> </p> </li> </ul> </li>
-     * </ul>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline CreateIdentityProviderRequest& AddProviderDetails(const char* key, const char* value) { m_providerDetailsHasBeenSet = true; m_providerDetails.emplace(key, value); return *this; }
 
diff --git a/generated/src/aws-cpp-sdk-cognito-idp/include/aws/cognito-idp/model/CreateUserPoolClientRequest.h b/generated/src/aws-cpp-sdk-cognito-idp/include/aws/cognito-idp/model/CreateUserPoolClientRequest.h
index 3295cc5acc3..6ed6096b2d8 100644
--- a/generated/src/aws-cpp-sdk-cognito-idp/include/aws/cognito-idp/model/CreateUserPoolClientRequest.h
+++ b/generated/src/aws-cpp-sdk-cognito-idp/include/aws/cognito-idp/model/CreateUserPoolClientRequest.h
@@ -1365,97 +1365,113 @@ namespace Model
 
 
     /**
-     * <p>The allowed OAuth flows.</p> <dl> <dt>code</dt> <dd> <p>Use a code grant
-     * flow, which provides an authorization code as the response. This code can be
-     * exchanged for access tokens with the <code>/oauth2/token</code> endpoint.</p>
-     * </dd> <dt>implicit</dt> <dd> <p>Issue the access token (and, optionally, ID
-     * token, based on scopes) directly to your user.</p> </dd>
-     * <dt>client_credentials</dt> <dd> <p>Issue the access token from the
-     * <code>/oauth2/token</code> endpoint directly to a non-person user using a
+     * <p>The OAuth grant types that you want your app client to generate. To create an
+     * app client that generates client credentials grants, you must add
+     * <code>client_credentials</code> as the only allowed OAuth flow.</p> <dl>
+     * <dt>code</dt> <dd> <p>Use a code grant flow, which provides an authorization
+     * code as the response. This code can be exchanged for access tokens with the
+     * <code>/oauth2/token</code> endpoint.</p> </dd> <dt>implicit</dt> <dd> <p>Issue
+     * the access token (and, optionally, ID token, based on scopes) directly to your
+     * user.</p> </dd> <dt>client_credentials</dt> <dd> <p>Issue the access token from
+     * the <code>/oauth2/token</code> endpoint directly to a non-person user using a
      * combination of the client ID and client secret.</p> </dd> </dl>
      */
     inline const Aws::Vector<OAuthFlowType>& GetAllowedOAuthFlows() const{ return m_allowedOAuthFlows; }
 
     /**
-     * <p>The allowed OAuth flows.</p> <dl> <dt>code</dt> <dd> <p>Use a code grant
-     * flow, which provides an authorization code as the response. This code can be
-     * exchanged for access tokens with the <code>/oauth2/token</code> endpoint.</p>
-     * </dd> <dt>implicit</dt> <dd> <p>Issue the access token (and, optionally, ID
-     * token, based on scopes) directly to your user.</p> </dd>
-     * <dt>client_credentials</dt> <dd> <p>Issue the access token from the
-     * <code>/oauth2/token</code> endpoint directly to a non-person user using a
+     * <p>The OAuth grant types that you want your app client to generate. To create an
+     * app client that generates client credentials grants, you must add
+     * <code>client_credentials</code> as the only allowed OAuth flow.</p> <dl>
+     * <dt>code</dt> <dd> <p>Use a code grant flow, which provides an authorization
+     * code as the response. This code can be exchanged for access tokens with the
+     * <code>/oauth2/token</code> endpoint.</p> </dd> <dt>implicit</dt> <dd> <p>Issue
+     * the access token (and, optionally, ID token, based on scopes) directly to your
+     * user.</p> </dd> <dt>client_credentials</dt> <dd> <p>Issue the access token from
+     * the <code>/oauth2/token</code> endpoint directly to a non-person user using a
      * combination of the client ID and client secret.</p> </dd> </dl>
      */
     inline bool AllowedOAuthFlowsHasBeenSet() const { return m_allowedOAuthFlowsHasBeenSet; }
 
     /**
-     * <p>The allowed OAuth flows.</p> <dl> <dt>code</dt> <dd> <p>Use a code grant
-     * flow, which provides an authorization code as the response. This code can be
-     * exchanged for access tokens with the <code>/oauth2/token</code> endpoint.</p>
-     * </dd> <dt>implicit</dt> <dd> <p>Issue the access token (and, optionally, ID
-     * token, based on scopes) directly to your user.</p> </dd>
-     * <dt>client_credentials</dt> <dd> <p>Issue the access token from the
-     * <code>/oauth2/token</code> endpoint directly to a non-person user using a
+     * <p>The OAuth grant types that you want your app client to generate. To create an
+     * app client that generates client credentials grants, you must add
+     * <code>client_credentials</code> as the only allowed OAuth flow.</p> <dl>
+     * <dt>code</dt> <dd> <p>Use a code grant flow, which provides an authorization
+     * code as the response. This code can be exchanged for access tokens with the
+     * <code>/oauth2/token</code> endpoint.</p> </dd> <dt>implicit</dt> <dd> <p>Issue
+     * the access token (and, optionally, ID token, based on scopes) directly to your
+     * user.</p> </dd> <dt>client_credentials</dt> <dd> <p>Issue the access token from
+     * the <code>/oauth2/token</code> endpoint directly to a non-person user using a
      * combination of the client ID and client secret.</p> </dd> </dl>
      */
     inline void SetAllowedOAuthFlows(const Aws::Vector<OAuthFlowType>& value) { m_allowedOAuthFlowsHasBeenSet = true; m_allowedOAuthFlows = value; }
 
     /**
-     * <p>The allowed OAuth flows.</p> <dl> <dt>code</dt> <dd> <p>Use a code grant
-     * flow, which provides an authorization code as the response. This code can be
-     * exchanged for access tokens with the <code>/oauth2/token</code> endpoint.</p>
-     * </dd> <dt>implicit</dt> <dd> <p>Issue the access token (and, optionally, ID
-     * token, based on scopes) directly to your user.</p> </dd>
-     * <dt>client_credentials</dt> <dd> <p>Issue the access token from the
-     * <code>/oauth2/token</code> endpoint directly to a non-person user using a
+     * <p>The OAuth grant types that you want your app client to generate. To create an
+     * app client that generates client credentials grants, you must add
+     * <code>client_credentials</code> as the only allowed OAuth flow.</p> <dl>
+     * <dt>code</dt> <dd> <p>Use a code grant flow, which provides an authorization
+     * code as the response. This code can be exchanged for access tokens with the
+     * <code>/oauth2/token</code> endpoint.</p> </dd> <dt>implicit</dt> <dd> <p>Issue
+     * the access token (and, optionally, ID token, based on scopes) directly to your
+     * user.</p> </dd> <dt>client_credentials</dt> <dd> <p>Issue the access token from
+     * the <code>/oauth2/token</code> endpoint directly to a non-person user using a
      * combination of the client ID and client secret.</p> </dd> </dl>
      */
     inline void SetAllowedOAuthFlows(Aws::Vector<OAuthFlowType>&& value) { m_allowedOAuthFlowsHasBeenSet = true; m_allowedOAuthFlows = std::move(value); }
 
     /**
-     * <p>The allowed OAuth flows.</p> <dl> <dt>code</dt> <dd> <p>Use a code grant
-     * flow, which provides an authorization code as the response. This code can be
-     * exchanged for access tokens with the <code>/oauth2/token</code> endpoint.</p>
-     * </dd> <dt>implicit</dt> <dd> <p>Issue the access token (and, optionally, ID
-     * token, based on scopes) directly to your user.</p> </dd>
-     * <dt>client_credentials</dt> <dd> <p>Issue the access token from the
-     * <code>/oauth2/token</code> endpoint directly to a non-person user using a
+     * <p>The OAuth grant types that you want your app client to generate. To create an
+     * app client that generates client credentials grants, you must add
+     * <code>client_credentials</code> as the only allowed OAuth flow.</p> <dl>
+     * <dt>code</dt> <dd> <p>Use a code grant flow, which provides an authorization
+     * code as the response. This code can be exchanged for access tokens with the
+     * <code>/oauth2/token</code> endpoint.</p> </dd> <dt>implicit</dt> <dd> <p>Issue
+     * the access token (and, optionally, ID token, based on scopes) directly to your
+     * user.</p> </dd> <dt>client_credentials</dt> <dd> <p>Issue the access token from
+     * the <code>/oauth2/token</code> endpoint directly to a non-person user using a
      * combination of the client ID and client secret.</p> </dd> </dl>
      */
     inline CreateUserPoolClientRequest& WithAllowedOAuthFlows(const Aws::Vector<OAuthFlowType>& value) { SetAllowedOAuthFlows(value); return *this;}
 
     /**
-     * <p>The allowed OAuth flows.</p> <dl> <dt>code</dt> <dd> <p>Use a code grant
-     * flow, which provides an authorization code as the response. This code can be
-     * exchanged for access tokens with the <code>/oauth2/token</code> endpoint.</p>
-     * </dd> <dt>implicit</dt> <dd> <p>Issue the access token (and, optionally, ID
-     * token, based on scopes) directly to your user.</p> </dd>
-     * <dt>client_credentials</dt> <dd> <p>Issue the access token from the
-     * <code>/oauth2/token</code> endpoint directly to a non-person user using a
+     * <p>The OAuth grant types that you want your app client to generate. To create an
+     * app client that generates client credentials grants, you must add
+     * <code>client_credentials</code> as the only allowed OAuth flow.</p> <dl>
+     * <dt>code</dt> <dd> <p>Use a code grant flow, which provides an authorization
+     * code as the response. This code can be exchanged for access tokens with the
+     * <code>/oauth2/token</code> endpoint.</p> </dd> <dt>implicit</dt> <dd> <p>Issue
+     * the access token (and, optionally, ID token, based on scopes) directly to your
+     * user.</p> </dd> <dt>client_credentials</dt> <dd> <p>Issue the access token from
+     * the <code>/oauth2/token</code> endpoint directly to a non-person user using a
      * combination of the client ID and client secret.</p> </dd> </dl>
      */
     inline CreateUserPoolClientRequest& WithAllowedOAuthFlows(Aws::Vector<OAuthFlowType>&& value) { SetAllowedOAuthFlows(std::move(value)); return *this;}
 
     /**
-     * <p>The allowed OAuth flows.</p> <dl> <dt>code</dt> <dd> <p>Use a code grant
-     * flow, which provides an authorization code as the response. This code can be
-     * exchanged for access tokens with the <code>/oauth2/token</code> endpoint.</p>
-     * </dd> <dt>implicit</dt> <dd> <p>Issue the access token (and, optionally, ID
-     * token, based on scopes) directly to your user.</p> </dd>
-     * <dt>client_credentials</dt> <dd> <p>Issue the access token from the
-     * <code>/oauth2/token</code> endpoint directly to a non-person user using a
+     * <p>The OAuth grant types that you want your app client to generate. To create an
+     * app client that generates client credentials grants, you must add
+     * <code>client_credentials</code> as the only allowed OAuth flow.</p> <dl>
+     * <dt>code</dt> <dd> <p>Use a code grant flow, which provides an authorization
+     * code as the response. This code can be exchanged for access tokens with the
+     * <code>/oauth2/token</code> endpoint.</p> </dd> <dt>implicit</dt> <dd> <p>Issue
+     * the access token (and, optionally, ID token, based on scopes) directly to your
+     * user.</p> </dd> <dt>client_credentials</dt> <dd> <p>Issue the access token from
+     * the <code>/oauth2/token</code> endpoint directly to a non-person user using a
      * combination of the client ID and client secret.</p> </dd> </dl>
      */
     inline CreateUserPoolClientRequest& AddAllowedOAuthFlows(const OAuthFlowType& value) { m_allowedOAuthFlowsHasBeenSet = true; m_allowedOAuthFlows.push_back(value); return *this; }
 
     /**
-     * <p>The allowed OAuth flows.</p> <dl> <dt>code</dt> <dd> <p>Use a code grant
-     * flow, which provides an authorization code as the response. This code can be
-     * exchanged for access tokens with the <code>/oauth2/token</code> endpoint.</p>
-     * </dd> <dt>implicit</dt> <dd> <p>Issue the access token (and, optionally, ID
-     * token, based on scopes) directly to your user.</p> </dd>
-     * <dt>client_credentials</dt> <dd> <p>Issue the access token from the
-     * <code>/oauth2/token</code> endpoint directly to a non-person user using a
+     * <p>The OAuth grant types that you want your app client to generate. To create an
+     * app client that generates client credentials grants, you must add
+     * <code>client_credentials</code> as the only allowed OAuth flow.</p> <dl>
+     * <dt>code</dt> <dd> <p>Use a code grant flow, which provides an authorization
+     * code as the response. This code can be exchanged for access tokens with the
+     * <code>/oauth2/token</code> endpoint.</p> </dd> <dt>implicit</dt> <dd> <p>Issue
+     * the access token (and, optionally, ID token, based on scopes) directly to your
+     * user.</p> </dd> <dt>client_credentials</dt> <dd> <p>Issue the access token from
+     * the <code>/oauth2/token</code> endpoint directly to a non-person user using a
      * combination of the client ID and client secret.</p> </dd> </dl>
      */
     inline CreateUserPoolClientRequest& AddAllowedOAuthFlows(OAuthFlowType&& value) { m_allowedOAuthFlowsHasBeenSet = true; m_allowedOAuthFlows.push_back(std::move(value)); return *this; }
diff --git a/generated/src/aws-cpp-sdk-cognito-idp/include/aws/cognito-idp/model/CreateUserPoolDomainResult.h b/generated/src/aws-cpp-sdk-cognito-idp/include/aws/cognito-idp/model/CreateUserPoolDomainResult.h
index d24c8f3240b..5510f4c29d1 100644
--- a/generated/src/aws-cpp-sdk-cognito-idp/include/aws/cognito-idp/model/CreateUserPoolDomainResult.h
+++ b/generated/src/aws-cpp-sdk-cognito-idp/include/aws/cognito-idp/model/CreateUserPoolDomainResult.h
@@ -34,43 +34,64 @@ namespace Model
 
     /**
      * <p>The Amazon CloudFront endpoint that you use as the target of the alias that
-     * you set up with your Domain Name Service (DNS) provider.</p>
+     * you set up with your Domain Name Service (DNS) provider. Amazon Cognito returns
+     * this value if you set a custom domain with <code>CustomDomainConfig</code>. If
+     * you set an Amazon Cognito prefix domain, this operation returns a blank
+     * response.</p>
      */
     inline const Aws::String& GetCloudFrontDomain() const{ return m_cloudFrontDomain; }
 
     /**
      * <p>The Amazon CloudFront endpoint that you use as the target of the alias that
-     * you set up with your Domain Name Service (DNS) provider.</p>
+     * you set up with your Domain Name Service (DNS) provider. Amazon Cognito returns
+     * this value if you set a custom domain with <code>CustomDomainConfig</code>. If
+     * you set an Amazon Cognito prefix domain, this operation returns a blank
+     * response.</p>
      */
     inline void SetCloudFrontDomain(const Aws::String& value) { m_cloudFrontDomain = value; }
 
     /**
      * <p>The Amazon CloudFront endpoint that you use as the target of the alias that
-     * you set up with your Domain Name Service (DNS) provider.</p>
+     * you set up with your Domain Name Service (DNS) provider. Amazon Cognito returns
+     * this value if you set a custom domain with <code>CustomDomainConfig</code>. If
+     * you set an Amazon Cognito prefix domain, this operation returns a blank
+     * response.</p>
      */
     inline void SetCloudFrontDomain(Aws::String&& value) { m_cloudFrontDomain = std::move(value); }
 
     /**
      * <p>The Amazon CloudFront endpoint that you use as the target of the alias that
-     * you set up with your Domain Name Service (DNS) provider.</p>
+     * you set up with your Domain Name Service (DNS) provider. Amazon Cognito returns
+     * this value if you set a custom domain with <code>CustomDomainConfig</code>. If
+     * you set an Amazon Cognito prefix domain, this operation returns a blank
+     * response.</p>
      */
     inline void SetCloudFrontDomain(const char* value) { m_cloudFrontDomain.assign(value); }
 
     /**
      * <p>The Amazon CloudFront endpoint that you use as the target of the alias that
-     * you set up with your Domain Name Service (DNS) provider.</p>
+     * you set up with your Domain Name Service (DNS) provider. Amazon Cognito returns
+     * this value if you set a custom domain with <code>CustomDomainConfig</code>. If
+     * you set an Amazon Cognito prefix domain, this operation returns a blank
+     * response.</p>
      */
     inline CreateUserPoolDomainResult& WithCloudFrontDomain(const Aws::String& value) { SetCloudFrontDomain(value); return *this;}
 
     /**
      * <p>The Amazon CloudFront endpoint that you use as the target of the alias that
-     * you set up with your Domain Name Service (DNS) provider.</p>
+     * you set up with your Domain Name Service (DNS) provider. Amazon Cognito returns
+     * this value if you set a custom domain with <code>CustomDomainConfig</code>. If
+     * you set an Amazon Cognito prefix domain, this operation returns a blank
+     * response.</p>
      */
     inline CreateUserPoolDomainResult& WithCloudFrontDomain(Aws::String&& value) { SetCloudFrontDomain(std::move(value)); return *this;}
 
     /**
      * <p>The Amazon CloudFront endpoint that you use as the target of the alias that
-     * you set up with your Domain Name Service (DNS) provider.</p>
+     * you set up with your Domain Name Service (DNS) provider. Amazon Cognito returns
+     * this value if you set a custom domain with <code>CustomDomainConfig</code>. If
+     * you set an Amazon Cognito prefix domain, this operation returns a blank
+     * response.</p>
      */
     inline CreateUserPoolDomainResult& WithCloudFrontDomain(const char* value) { SetCloudFrontDomain(value); return *this;}
 
diff --git a/generated/src/aws-cpp-sdk-cognito-idp/include/aws/cognito-idp/model/IdentityProviderType.h b/generated/src/aws-cpp-sdk-cognito-idp/include/aws/cognito-idp/model/IdentityProviderType.h
index fae1486c506..cad5e09b525 100644
--- a/generated/src/aws-cpp-sdk-cognito-idp/include/aws/cognito-idp/model/IdentityProviderType.h
+++ b/generated/src/aws-cpp-sdk-cognito-idp/include/aws/cognito-idp/model/IdentityProviderType.h
@@ -155,327 +155,1107 @@ namespace Model
 
 
     /**
-     * <p>The IdP details. The following list describes the provider detail keys for
-     * each IdP type.</p> <ul> <li> <p>For Google and Login with Amazon:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For Facebook:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>api_version</p> </li> </ul> </li> <li>
-     * <p>For Sign in with Apple:</p> <ul> <li> <p>client_id</p> </li> <li>
-     * <p>team_id</p> </li> <li> <p>key_id</p> </li> <li> <p>private_key</p> <p> <i>You
-     * can submit a private_key when you add or update an IdP. Describe operations
-     * don't return the private key.</i> </p> </li> <li> <p>authorize_scopes</p> </li>
-     * </ul> </li> <li> <p>For OIDC providers:</p> <ul> <li> <p>client_id</p> </li>
-     * <li> <p>client_secret</p> </li> <li> <p>attributes_request_method</p> </li> <li>
-     * <p>oidc_issuer</p> </li> <li> <p>authorize_scopes</p> </li> <li> <p>The
-     * following keys are only present if Amazon Cognito didn't discover them at the
-     * <code>oidc_issuer</code> URL.</p> <ul> <li> <p>authorize_url </p> </li> <li>
-     * <p>token_url </p> </li> <li> <p>attributes_url </p> </li> <li> <p>jwks_uri </p>
-     * </li> </ul> </li> <li> <p>Amazon Cognito sets the value of the following keys
-     * automatically. They are read-only.</p> <ul> <li>
-     * <p>attributes_url_add_attributes </p> </li> </ul> </li> </ul> </li> <li> <p>For
-     * SAML providers:</p> <ul> <li> <p>MetadataFile or MetadataURL</p> </li> <li>
-     * <p>IDPSignout <i>optional</i> </p> </li> </ul> </li> </ul>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline const Aws::Map<Aws::String, Aws::String>& GetProviderDetails() const{ return m_providerDetails; }
 
     /**
-     * <p>The IdP details. The following list describes the provider detail keys for
-     * each IdP type.</p> <ul> <li> <p>For Google and Login with Amazon:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For Facebook:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>api_version</p> </li> </ul> </li> <li>
-     * <p>For Sign in with Apple:</p> <ul> <li> <p>client_id</p> </li> <li>
-     * <p>team_id</p> </li> <li> <p>key_id</p> </li> <li> <p>private_key</p> <p> <i>You
-     * can submit a private_key when you add or update an IdP. Describe operations
-     * don't return the private key.</i> </p> </li> <li> <p>authorize_scopes</p> </li>
-     * </ul> </li> <li> <p>For OIDC providers:</p> <ul> <li> <p>client_id</p> </li>
-     * <li> <p>client_secret</p> </li> <li> <p>attributes_request_method</p> </li> <li>
-     * <p>oidc_issuer</p> </li> <li> <p>authorize_scopes</p> </li> <li> <p>The
-     * following keys are only present if Amazon Cognito didn't discover them at the
-     * <code>oidc_issuer</code> URL.</p> <ul> <li> <p>authorize_url </p> </li> <li>
-     * <p>token_url </p> </li> <li> <p>attributes_url </p> </li> <li> <p>jwks_uri </p>
-     * </li> </ul> </li> <li> <p>Amazon Cognito sets the value of the following keys
-     * automatically. They are read-only.</p> <ul> <li>
-     * <p>attributes_url_add_attributes </p> </li> </ul> </li> </ul> </li> <li> <p>For
-     * SAML providers:</p> <ul> <li> <p>MetadataFile or MetadataURL</p> </li> <li>
-     * <p>IDPSignout <i>optional</i> </p> </li> </ul> </li> </ul>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline bool ProviderDetailsHasBeenSet() const { return m_providerDetailsHasBeenSet; }
 
     /**
-     * <p>The IdP details. The following list describes the provider detail keys for
-     * each IdP type.</p> <ul> <li> <p>For Google and Login with Amazon:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For Facebook:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>api_version</p> </li> </ul> </li> <li>
-     * <p>For Sign in with Apple:</p> <ul> <li> <p>client_id</p> </li> <li>
-     * <p>team_id</p> </li> <li> <p>key_id</p> </li> <li> <p>private_key</p> <p> <i>You
-     * can submit a private_key when you add or update an IdP. Describe operations
-     * don't return the private key.</i> </p> </li> <li> <p>authorize_scopes</p> </li>
-     * </ul> </li> <li> <p>For OIDC providers:</p> <ul> <li> <p>client_id</p> </li>
-     * <li> <p>client_secret</p> </li> <li> <p>attributes_request_method</p> </li> <li>
-     * <p>oidc_issuer</p> </li> <li> <p>authorize_scopes</p> </li> <li> <p>The
-     * following keys are only present if Amazon Cognito didn't discover them at the
-     * <code>oidc_issuer</code> URL.</p> <ul> <li> <p>authorize_url </p> </li> <li>
-     * <p>token_url </p> </li> <li> <p>attributes_url </p> </li> <li> <p>jwks_uri </p>
-     * </li> </ul> </li> <li> <p>Amazon Cognito sets the value of the following keys
-     * automatically. They are read-only.</p> <ul> <li>
-     * <p>attributes_url_add_attributes </p> </li> </ul> </li> </ul> </li> <li> <p>For
-     * SAML providers:</p> <ul> <li> <p>MetadataFile or MetadataURL</p> </li> <li>
-     * <p>IDPSignout <i>optional</i> </p> </li> </ul> </li> </ul>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline void SetProviderDetails(const Aws::Map<Aws::String, Aws::String>& value) { m_providerDetailsHasBeenSet = true; m_providerDetails = value; }
 
     /**
-     * <p>The IdP details. The following list describes the provider detail keys for
-     * each IdP type.</p> <ul> <li> <p>For Google and Login with Amazon:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For Facebook:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>api_version</p> </li> </ul> </li> <li>
-     * <p>For Sign in with Apple:</p> <ul> <li> <p>client_id</p> </li> <li>
-     * <p>team_id</p> </li> <li> <p>key_id</p> </li> <li> <p>private_key</p> <p> <i>You
-     * can submit a private_key when you add or update an IdP. Describe operations
-     * don't return the private key.</i> </p> </li> <li> <p>authorize_scopes</p> </li>
-     * </ul> </li> <li> <p>For OIDC providers:</p> <ul> <li> <p>client_id</p> </li>
-     * <li> <p>client_secret</p> </li> <li> <p>attributes_request_method</p> </li> <li>
-     * <p>oidc_issuer</p> </li> <li> <p>authorize_scopes</p> </li> <li> <p>The
-     * following keys are only present if Amazon Cognito didn't discover them at the
-     * <code>oidc_issuer</code> URL.</p> <ul> <li> <p>authorize_url </p> </li> <li>
-     * <p>token_url </p> </li> <li> <p>attributes_url </p> </li> <li> <p>jwks_uri </p>
-     * </li> </ul> </li> <li> <p>Amazon Cognito sets the value of the following keys
-     * automatically. They are read-only.</p> <ul> <li>
-     * <p>attributes_url_add_attributes </p> </li> </ul> </li> </ul> </li> <li> <p>For
-     * SAML providers:</p> <ul> <li> <p>MetadataFile or MetadataURL</p> </li> <li>
-     * <p>IDPSignout <i>optional</i> </p> </li> </ul> </li> </ul>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline void SetProviderDetails(Aws::Map<Aws::String, Aws::String>&& value) { m_providerDetailsHasBeenSet = true; m_providerDetails = std::move(value); }
 
     /**
-     * <p>The IdP details. The following list describes the provider detail keys for
-     * each IdP type.</p> <ul> <li> <p>For Google and Login with Amazon:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For Facebook:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>api_version</p> </li> </ul> </li> <li>
-     * <p>For Sign in with Apple:</p> <ul> <li> <p>client_id</p> </li> <li>
-     * <p>team_id</p> </li> <li> <p>key_id</p> </li> <li> <p>private_key</p> <p> <i>You
-     * can submit a private_key when you add or update an IdP. Describe operations
-     * don't return the private key.</i> </p> </li> <li> <p>authorize_scopes</p> </li>
-     * </ul> </li> <li> <p>For OIDC providers:</p> <ul> <li> <p>client_id</p> </li>
-     * <li> <p>client_secret</p> </li> <li> <p>attributes_request_method</p> </li> <li>
-     * <p>oidc_issuer</p> </li> <li> <p>authorize_scopes</p> </li> <li> <p>The
-     * following keys are only present if Amazon Cognito didn't discover them at the
-     * <code>oidc_issuer</code> URL.</p> <ul> <li> <p>authorize_url </p> </li> <li>
-     * <p>token_url </p> </li> <li> <p>attributes_url </p> </li> <li> <p>jwks_uri </p>
-     * </li> </ul> </li> <li> <p>Amazon Cognito sets the value of the following keys
-     * automatically. They are read-only.</p> <ul> <li>
-     * <p>attributes_url_add_attributes </p> </li> </ul> </li> </ul> </li> <li> <p>For
-     * SAML providers:</p> <ul> <li> <p>MetadataFile or MetadataURL</p> </li> <li>
-     * <p>IDPSignout <i>optional</i> </p> </li> </ul> </li> </ul>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline IdentityProviderType& WithProviderDetails(const Aws::Map<Aws::String, Aws::String>& value) { SetProviderDetails(value); return *this;}
 
     /**
-     * <p>The IdP details. The following list describes the provider detail keys for
-     * each IdP type.</p> <ul> <li> <p>For Google and Login with Amazon:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For Facebook:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>api_version</p> </li> </ul> </li> <li>
-     * <p>For Sign in with Apple:</p> <ul> <li> <p>client_id</p> </li> <li>
-     * <p>team_id</p> </li> <li> <p>key_id</p> </li> <li> <p>private_key</p> <p> <i>You
-     * can submit a private_key when you add or update an IdP. Describe operations
-     * don't return the private key.</i> </p> </li> <li> <p>authorize_scopes</p> </li>
-     * </ul> </li> <li> <p>For OIDC providers:</p> <ul> <li> <p>client_id</p> </li>
-     * <li> <p>client_secret</p> </li> <li> <p>attributes_request_method</p> </li> <li>
-     * <p>oidc_issuer</p> </li> <li> <p>authorize_scopes</p> </li> <li> <p>The
-     * following keys are only present if Amazon Cognito didn't discover them at the
-     * <code>oidc_issuer</code> URL.</p> <ul> <li> <p>authorize_url </p> </li> <li>
-     * <p>token_url </p> </li> <li> <p>attributes_url </p> </li> <li> <p>jwks_uri </p>
-     * </li> </ul> </li> <li> <p>Amazon Cognito sets the value of the following keys
-     * automatically. They are read-only.</p> <ul> <li>
-     * <p>attributes_url_add_attributes </p> </li> </ul> </li> </ul> </li> <li> <p>For
-     * SAML providers:</p> <ul> <li> <p>MetadataFile or MetadataURL</p> </li> <li>
-     * <p>IDPSignout <i>optional</i> </p> </li> </ul> </li> </ul>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline IdentityProviderType& WithProviderDetails(Aws::Map<Aws::String, Aws::String>&& value) { SetProviderDetails(std::move(value)); return *this;}
 
     /**
-     * <p>The IdP details. The following list describes the provider detail keys for
-     * each IdP type.</p> <ul> <li> <p>For Google and Login with Amazon:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For Facebook:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>api_version</p> </li> </ul> </li> <li>
-     * <p>For Sign in with Apple:</p> <ul> <li> <p>client_id</p> </li> <li>
-     * <p>team_id</p> </li> <li> <p>key_id</p> </li> <li> <p>private_key</p> <p> <i>You
-     * can submit a private_key when you add or update an IdP. Describe operations
-     * don't return the private key.</i> </p> </li> <li> <p>authorize_scopes</p> </li>
-     * </ul> </li> <li> <p>For OIDC providers:</p> <ul> <li> <p>client_id</p> </li>
-     * <li> <p>client_secret</p> </li> <li> <p>attributes_request_method</p> </li> <li>
-     * <p>oidc_issuer</p> </li> <li> <p>authorize_scopes</p> </li> <li> <p>The
-     * following keys are only present if Amazon Cognito didn't discover them at the
-     * <code>oidc_issuer</code> URL.</p> <ul> <li> <p>authorize_url </p> </li> <li>
-     * <p>token_url </p> </li> <li> <p>attributes_url </p> </li> <li> <p>jwks_uri </p>
-     * </li> </ul> </li> <li> <p>Amazon Cognito sets the value of the following keys
-     * automatically. They are read-only.</p> <ul> <li>
-     * <p>attributes_url_add_attributes </p> </li> </ul> </li> </ul> </li> <li> <p>For
-     * SAML providers:</p> <ul> <li> <p>MetadataFile or MetadataURL</p> </li> <li>
-     * <p>IDPSignout <i>optional</i> </p> </li> </ul> </li> </ul>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline IdentityProviderType& AddProviderDetails(const Aws::String& key, const Aws::String& value) { m_providerDetailsHasBeenSet = true; m_providerDetails.emplace(key, value); return *this; }
 
     /**
-     * <p>The IdP details. The following list describes the provider detail keys for
-     * each IdP type.</p> <ul> <li> <p>For Google and Login with Amazon:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For Facebook:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>api_version</p> </li> </ul> </li> <li>
-     * <p>For Sign in with Apple:</p> <ul> <li> <p>client_id</p> </li> <li>
-     * <p>team_id</p> </li> <li> <p>key_id</p> </li> <li> <p>private_key</p> <p> <i>You
-     * can submit a private_key when you add or update an IdP. Describe operations
-     * don't return the private key.</i> </p> </li> <li> <p>authorize_scopes</p> </li>
-     * </ul> </li> <li> <p>For OIDC providers:</p> <ul> <li> <p>client_id</p> </li>
-     * <li> <p>client_secret</p> </li> <li> <p>attributes_request_method</p> </li> <li>
-     * <p>oidc_issuer</p> </li> <li> <p>authorize_scopes</p> </li> <li> <p>The
-     * following keys are only present if Amazon Cognito didn't discover them at the
-     * <code>oidc_issuer</code> URL.</p> <ul> <li> <p>authorize_url </p> </li> <li>
-     * <p>token_url </p> </li> <li> <p>attributes_url </p> </li> <li> <p>jwks_uri </p>
-     * </li> </ul> </li> <li> <p>Amazon Cognito sets the value of the following keys
-     * automatically. They are read-only.</p> <ul> <li>
-     * <p>attributes_url_add_attributes </p> </li> </ul> </li> </ul> </li> <li> <p>For
-     * SAML providers:</p> <ul> <li> <p>MetadataFile or MetadataURL</p> </li> <li>
-     * <p>IDPSignout <i>optional</i> </p> </li> </ul> </li> </ul>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline IdentityProviderType& AddProviderDetails(Aws::String&& key, const Aws::String& value) { m_providerDetailsHasBeenSet = true; m_providerDetails.emplace(std::move(key), value); return *this; }
 
     /**
-     * <p>The IdP details. The following list describes the provider detail keys for
-     * each IdP type.</p> <ul> <li> <p>For Google and Login with Amazon:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For Facebook:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>api_version</p> </li> </ul> </li> <li>
-     * <p>For Sign in with Apple:</p> <ul> <li> <p>client_id</p> </li> <li>
-     * <p>team_id</p> </li> <li> <p>key_id</p> </li> <li> <p>private_key</p> <p> <i>You
-     * can submit a private_key when you add or update an IdP. Describe operations
-     * don't return the private key.</i> </p> </li> <li> <p>authorize_scopes</p> </li>
-     * </ul> </li> <li> <p>For OIDC providers:</p> <ul> <li> <p>client_id</p> </li>
-     * <li> <p>client_secret</p> </li> <li> <p>attributes_request_method</p> </li> <li>
-     * <p>oidc_issuer</p> </li> <li> <p>authorize_scopes</p> </li> <li> <p>The
-     * following keys are only present if Amazon Cognito didn't discover them at the
-     * <code>oidc_issuer</code> URL.</p> <ul> <li> <p>authorize_url </p> </li> <li>
-     * <p>token_url </p> </li> <li> <p>attributes_url </p> </li> <li> <p>jwks_uri </p>
-     * </li> </ul> </li> <li> <p>Amazon Cognito sets the value of the following keys
-     * automatically. They are read-only.</p> <ul> <li>
-     * <p>attributes_url_add_attributes </p> </li> </ul> </li> </ul> </li> <li> <p>For
-     * SAML providers:</p> <ul> <li> <p>MetadataFile or MetadataURL</p> </li> <li>
-     * <p>IDPSignout <i>optional</i> </p> </li> </ul> </li> </ul>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline IdentityProviderType& AddProviderDetails(const Aws::String& key, Aws::String&& value) { m_providerDetailsHasBeenSet = true; m_providerDetails.emplace(key, std::move(value)); return *this; }
 
     /**
-     * <p>The IdP details. The following list describes the provider detail keys for
-     * each IdP type.</p> <ul> <li> <p>For Google and Login with Amazon:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For Facebook:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>api_version</p> </li> </ul> </li> <li>
-     * <p>For Sign in with Apple:</p> <ul> <li> <p>client_id</p> </li> <li>
-     * <p>team_id</p> </li> <li> <p>key_id</p> </li> <li> <p>private_key</p> <p> <i>You
-     * can submit a private_key when you add or update an IdP. Describe operations
-     * don't return the private key.</i> </p> </li> <li> <p>authorize_scopes</p> </li>
-     * </ul> </li> <li> <p>For OIDC providers:</p> <ul> <li> <p>client_id</p> </li>
-     * <li> <p>client_secret</p> </li> <li> <p>attributes_request_method</p> </li> <li>
-     * <p>oidc_issuer</p> </li> <li> <p>authorize_scopes</p> </li> <li> <p>The
-     * following keys are only present if Amazon Cognito didn't discover them at the
-     * <code>oidc_issuer</code> URL.</p> <ul> <li> <p>authorize_url </p> </li> <li>
-     * <p>token_url </p> </li> <li> <p>attributes_url </p> </li> <li> <p>jwks_uri </p>
-     * </li> </ul> </li> <li> <p>Amazon Cognito sets the value of the following keys
-     * automatically. They are read-only.</p> <ul> <li>
-     * <p>attributes_url_add_attributes </p> </li> </ul> </li> </ul> </li> <li> <p>For
-     * SAML providers:</p> <ul> <li> <p>MetadataFile or MetadataURL</p> </li> <li>
-     * <p>IDPSignout <i>optional</i> </p> </li> </ul> </li> </ul>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline IdentityProviderType& AddProviderDetails(Aws::String&& key, Aws::String&& value) { m_providerDetailsHasBeenSet = true; m_providerDetails.emplace(std::move(key), std::move(value)); return *this; }
 
     /**
-     * <p>The IdP details. The following list describes the provider detail keys for
-     * each IdP type.</p> <ul> <li> <p>For Google and Login with Amazon:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For Facebook:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>api_version</p> </li> </ul> </li> <li>
-     * <p>For Sign in with Apple:</p> <ul> <li> <p>client_id</p> </li> <li>
-     * <p>team_id</p> </li> <li> <p>key_id</p> </li> <li> <p>private_key</p> <p> <i>You
-     * can submit a private_key when you add or update an IdP. Describe operations
-     * don't return the private key.</i> </p> </li> <li> <p>authorize_scopes</p> </li>
-     * </ul> </li> <li> <p>For OIDC providers:</p> <ul> <li> <p>client_id</p> </li>
-     * <li> <p>client_secret</p> </li> <li> <p>attributes_request_method</p> </li> <li>
-     * <p>oidc_issuer</p> </li> <li> <p>authorize_scopes</p> </li> <li> <p>The
-     * following keys are only present if Amazon Cognito didn't discover them at the
-     * <code>oidc_issuer</code> URL.</p> <ul> <li> <p>authorize_url </p> </li> <li>
-     * <p>token_url </p> </li> <li> <p>attributes_url </p> </li> <li> <p>jwks_uri </p>
-     * </li> </ul> </li> <li> <p>Amazon Cognito sets the value of the following keys
-     * automatically. They are read-only.</p> <ul> <li>
-     * <p>attributes_url_add_attributes </p> </li> </ul> </li> </ul> </li> <li> <p>For
-     * SAML providers:</p> <ul> <li> <p>MetadataFile or MetadataURL</p> </li> <li>
-     * <p>IDPSignout <i>optional</i> </p> </li> </ul> </li> </ul>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline IdentityProviderType& AddProviderDetails(const char* key, Aws::String&& value) { m_providerDetailsHasBeenSet = true; m_providerDetails.emplace(key, std::move(value)); return *this; }
 
     /**
-     * <p>The IdP details. The following list describes the provider detail keys for
-     * each IdP type.</p> <ul> <li> <p>For Google and Login with Amazon:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For Facebook:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>api_version</p> </li> </ul> </li> <li>
-     * <p>For Sign in with Apple:</p> <ul> <li> <p>client_id</p> </li> <li>
-     * <p>team_id</p> </li> <li> <p>key_id</p> </li> <li> <p>private_key</p> <p> <i>You
-     * can submit a private_key when you add or update an IdP. Describe operations
-     * don't return the private key.</i> </p> </li> <li> <p>authorize_scopes</p> </li>
-     * </ul> </li> <li> <p>For OIDC providers:</p> <ul> <li> <p>client_id</p> </li>
-     * <li> <p>client_secret</p> </li> <li> <p>attributes_request_method</p> </li> <li>
-     * <p>oidc_issuer</p> </li> <li> <p>authorize_scopes</p> </li> <li> <p>The
-     * following keys are only present if Amazon Cognito didn't discover them at the
-     * <code>oidc_issuer</code> URL.</p> <ul> <li> <p>authorize_url </p> </li> <li>
-     * <p>token_url </p> </li> <li> <p>attributes_url </p> </li> <li> <p>jwks_uri </p>
-     * </li> </ul> </li> <li> <p>Amazon Cognito sets the value of the following keys
-     * automatically. They are read-only.</p> <ul> <li>
-     * <p>attributes_url_add_attributes </p> </li> </ul> </li> </ul> </li> <li> <p>For
-     * SAML providers:</p> <ul> <li> <p>MetadataFile or MetadataURL</p> </li> <li>
-     * <p>IDPSignout <i>optional</i> </p> </li> </ul> </li> </ul>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline IdentityProviderType& AddProviderDetails(Aws::String&& key, const char* value) { m_providerDetailsHasBeenSet = true; m_providerDetails.emplace(std::move(key), value); return *this; }
 
     /**
-     * <p>The IdP details. The following list describes the provider detail keys for
-     * each IdP type.</p> <ul> <li> <p>For Google and Login with Amazon:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For Facebook:</p> <ul> <li>
-     * <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li>
-     * <p>authorize_scopes</p> </li> <li> <p>api_version</p> </li> </ul> </li> <li>
-     * <p>For Sign in with Apple:</p> <ul> <li> <p>client_id</p> </li> <li>
-     * <p>team_id</p> </li> <li> <p>key_id</p> </li> <li> <p>private_key</p> <p> <i>You
-     * can submit a private_key when you add or update an IdP. Describe operations
-     * don't return the private key.</i> </p> </li> <li> <p>authorize_scopes</p> </li>
-     * </ul> </li> <li> <p>For OIDC providers:</p> <ul> <li> <p>client_id</p> </li>
-     * <li> <p>client_secret</p> </li> <li> <p>attributes_request_method</p> </li> <li>
-     * <p>oidc_issuer</p> </li> <li> <p>authorize_scopes</p> </li> <li> <p>The
-     * following keys are only present if Amazon Cognito didn't discover them at the
-     * <code>oidc_issuer</code> URL.</p> <ul> <li> <p>authorize_url </p> </li> <li>
-     * <p>token_url </p> </li> <li> <p>attributes_url </p> </li> <li> <p>jwks_uri </p>
-     * </li> </ul> </li> <li> <p>Amazon Cognito sets the value of the following keys
-     * automatically. They are read-only.</p> <ul> <li>
-     * <p>attributes_url_add_attributes </p> </li> </ul> </li> </ul> </li> <li> <p>For
-     * SAML providers:</p> <ul> <li> <p>MetadataFile or MetadataURL</p> </li> <li>
-     * <p>IDPSignout <i>optional</i> </p> </li> </ul> </li> </ul>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline IdentityProviderType& AddProviderDetails(const char* key, const char* value) { m_providerDetailsHasBeenSet = true; m_providerDetails.emplace(key, value); return *this; }
 
diff --git a/generated/src/aws-cpp-sdk-cognito-idp/include/aws/cognito-idp/model/LambdaConfigType.h b/generated/src/aws-cpp-sdk-cognito-idp/include/aws/cognito-idp/model/LambdaConfigType.h
index 6375de2ffa1..1e84ff3c244 100644
--- a/generated/src/aws-cpp-sdk-cognito-idp/include/aws/cognito-idp/model/LambdaConfigType.h
+++ b/generated/src/aws-cpp-sdk-cognito-idp/include/aws/cognito-idp/model/LambdaConfigType.h
@@ -451,87 +451,87 @@ namespace Model
 
 
     /**
-     * <p>The detailed configuration of a pre token generation trigger. If you also set
-     * an ARN in <code>PreTokenGeneration</code>, its value must be identical to
-     * <code>PreTokenGenerationConfig</code>.</p>
+     * <p>The user migration Lambda config type.</p>
      */
-    inline const PreTokenGenerationVersionConfigType& GetPreTokenGenerationConfig() const{ return m_preTokenGenerationConfig; }
+    inline const Aws::String& GetUserMigration() const{ return m_userMigration; }
 
     /**
-     * <p>The detailed configuration of a pre token generation trigger. If you also set
-     * an ARN in <code>PreTokenGeneration</code>, its value must be identical to
-     * <code>PreTokenGenerationConfig</code>.</p>
+     * <p>The user migration Lambda config type.</p>
      */
-    inline bool PreTokenGenerationConfigHasBeenSet() const { return m_preTokenGenerationConfigHasBeenSet; }
+    inline bool UserMigrationHasBeenSet() const { return m_userMigrationHasBeenSet; }
 
     /**
-     * <p>The detailed configuration of a pre token generation trigger. If you also set
-     * an ARN in <code>PreTokenGeneration</code>, its value must be identical to
-     * <code>PreTokenGenerationConfig</code>.</p>
+     * <p>The user migration Lambda config type.</p>
      */
-    inline void SetPreTokenGenerationConfig(const PreTokenGenerationVersionConfigType& value) { m_preTokenGenerationConfigHasBeenSet = true; m_preTokenGenerationConfig = value; }
+    inline void SetUserMigration(const Aws::String& value) { m_userMigrationHasBeenSet = true; m_userMigration = value; }
 
     /**
-     * <p>The detailed configuration of a pre token generation trigger. If you also set
-     * an ARN in <code>PreTokenGeneration</code>, its value must be identical to
-     * <code>PreTokenGenerationConfig</code>.</p>
+     * <p>The user migration Lambda config type.</p>
      */
-    inline void SetPreTokenGenerationConfig(PreTokenGenerationVersionConfigType&& value) { m_preTokenGenerationConfigHasBeenSet = true; m_preTokenGenerationConfig = std::move(value); }
+    inline void SetUserMigration(Aws::String&& value) { m_userMigrationHasBeenSet = true; m_userMigration = std::move(value); }
 
     /**
-     * <p>The detailed configuration of a pre token generation trigger. If you also set
-     * an ARN in <code>PreTokenGeneration</code>, its value must be identical to
-     * <code>PreTokenGenerationConfig</code>.</p>
+     * <p>The user migration Lambda config type.</p>
      */
-    inline LambdaConfigType& WithPreTokenGenerationConfig(const PreTokenGenerationVersionConfigType& value) { SetPreTokenGenerationConfig(value); return *this;}
+    inline void SetUserMigration(const char* value) { m_userMigrationHasBeenSet = true; m_userMigration.assign(value); }
 
     /**
-     * <p>The detailed configuration of a pre token generation trigger. If you also set
-     * an ARN in <code>PreTokenGeneration</code>, its value must be identical to
-     * <code>PreTokenGenerationConfig</code>.</p>
+     * <p>The user migration Lambda config type.</p>
      */
-    inline LambdaConfigType& WithPreTokenGenerationConfig(PreTokenGenerationVersionConfigType&& value) { SetPreTokenGenerationConfig(std::move(value)); return *this;}
-
+    inline LambdaConfigType& WithUserMigration(const Aws::String& value) { SetUserMigration(value); return *this;}
 
     /**
      * <p>The user migration Lambda config type.</p>
      */
-    inline const Aws::String& GetUserMigration() const{ return m_userMigration; }
+    inline LambdaConfigType& WithUserMigration(Aws::String&& value) { SetUserMigration(std::move(value)); return *this;}
 
     /**
      * <p>The user migration Lambda config type.</p>
      */
-    inline bool UserMigrationHasBeenSet() const { return m_userMigrationHasBeenSet; }
+    inline LambdaConfigType& WithUserMigration(const char* value) { SetUserMigration(value); return *this;}
+
 
     /**
-     * <p>The user migration Lambda config type.</p>
+     * <p>The detailed configuration of a pre token generation trigger. If you also set
+     * an ARN in <code>PreTokenGeneration</code>, its value must be identical to
+     * <code>PreTokenGenerationConfig</code>.</p>
      */
-    inline void SetUserMigration(const Aws::String& value) { m_userMigrationHasBeenSet = true; m_userMigration = value; }
+    inline const PreTokenGenerationVersionConfigType& GetPreTokenGenerationConfig() const{ return m_preTokenGenerationConfig; }
 
     /**
-     * <p>The user migration Lambda config type.</p>
+     * <p>The detailed configuration of a pre token generation trigger. If you also set
+     * an ARN in <code>PreTokenGeneration</code>, its value must be identical to
+     * <code>PreTokenGenerationConfig</code>.</p>
      */
-    inline void SetUserMigration(Aws::String&& value) { m_userMigrationHasBeenSet = true; m_userMigration = std::move(value); }
+    inline bool PreTokenGenerationConfigHasBeenSet() const { return m_preTokenGenerationConfigHasBeenSet; }
 
     /**
-     * <p>The user migration Lambda config type.</p>
+     * <p>The detailed configuration of a pre token generation trigger. If you also set
+     * an ARN in <code>PreTokenGeneration</code>, its value must be identical to
+     * <code>PreTokenGenerationConfig</code>.</p>
      */
-    inline void SetUserMigration(const char* value) { m_userMigrationHasBeenSet = true; m_userMigration.assign(value); }
+    inline void SetPreTokenGenerationConfig(const PreTokenGenerationVersionConfigType& value) { m_preTokenGenerationConfigHasBeenSet = true; m_preTokenGenerationConfig = value; }
 
     /**
-     * <p>The user migration Lambda config type.</p>
+     * <p>The detailed configuration of a pre token generation trigger. If you also set
+     * an ARN in <code>PreTokenGeneration</code>, its value must be identical to
+     * <code>PreTokenGenerationConfig</code>.</p>
      */
-    inline LambdaConfigType& WithUserMigration(const Aws::String& value) { SetUserMigration(value); return *this;}
+    inline void SetPreTokenGenerationConfig(PreTokenGenerationVersionConfigType&& value) { m_preTokenGenerationConfigHasBeenSet = true; m_preTokenGenerationConfig = std::move(value); }
 
     /**
-     * <p>The user migration Lambda config type.</p>
+     * <p>The detailed configuration of a pre token generation trigger. If you also set
+     * an ARN in <code>PreTokenGeneration</code>, its value must be identical to
+     * <code>PreTokenGenerationConfig</code>.</p>
      */
-    inline LambdaConfigType& WithUserMigration(Aws::String&& value) { SetUserMigration(std::move(value)); return *this;}
+    inline LambdaConfigType& WithPreTokenGenerationConfig(const PreTokenGenerationVersionConfigType& value) { SetPreTokenGenerationConfig(value); return *this;}
 
     /**
-     * <p>The user migration Lambda config type.</p>
+     * <p>The detailed configuration of a pre token generation trigger. If you also set
+     * an ARN in <code>PreTokenGeneration</code>, its value must be identical to
+     * <code>PreTokenGenerationConfig</code>.</p>
      */
-    inline LambdaConfigType& WithUserMigration(const char* value) { SetUserMigration(value); return *this;}
+    inline LambdaConfigType& WithPreTokenGenerationConfig(PreTokenGenerationVersionConfigType&& value) { SetPreTokenGenerationConfig(std::move(value)); return *this;}
 
 
     /**
@@ -689,12 +689,12 @@ namespace Model
     Aws::String m_preTokenGeneration;
     bool m_preTokenGenerationHasBeenSet = false;
 
-    PreTokenGenerationVersionConfigType m_preTokenGenerationConfig;
-    bool m_preTokenGenerationConfigHasBeenSet = false;
-
     Aws::String m_userMigration;
     bool m_userMigrationHasBeenSet = false;
 
+    PreTokenGenerationVersionConfigType m_preTokenGenerationConfig;
+    bool m_preTokenGenerationConfigHasBeenSet = false;
+
     CustomSMSLambdaVersionConfigType m_customSMSSender;
     bool m_customSMSSenderHasBeenSet = false;
 
diff --git a/generated/src/aws-cpp-sdk-cognito-idp/include/aws/cognito-idp/model/UpdateIdentityProviderRequest.h b/generated/src/aws-cpp-sdk-cognito-idp/include/aws/cognito-idp/model/UpdateIdentityProviderRequest.h
index 27bf0ed7e9a..beed003b70a 100644
--- a/generated/src/aws-cpp-sdk-cognito-idp/include/aws/cognito-idp/model/UpdateIdentityProviderRequest.h
+++ b/generated/src/aws-cpp-sdk-cognito-idp/include/aws/cognito-idp/model/UpdateIdentityProviderRequest.h
@@ -119,80 +119,1107 @@ namespace Model
 
 
     /**
-     * <p>The IdP details to be updated, such as <code>MetadataURL</code> and
-     * <code>MetadataFile</code>.</p>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline const Aws::Map<Aws::String, Aws::String>& GetProviderDetails() const{ return m_providerDetails; }
 
     /**
-     * <p>The IdP details to be updated, such as <code>MetadataURL</code> and
-     * <code>MetadataFile</code>.</p>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline bool ProviderDetailsHasBeenSet() const { return m_providerDetailsHasBeenSet; }
 
     /**
-     * <p>The IdP details to be updated, such as <code>MetadataURL</code> and
-     * <code>MetadataFile</code>.</p>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline void SetProviderDetails(const Aws::Map<Aws::String, Aws::String>& value) { m_providerDetailsHasBeenSet = true; m_providerDetails = value; }
 
     /**
-     * <p>The IdP details to be updated, such as <code>MetadataURL</code> and
-     * <code>MetadataFile</code>.</p>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline void SetProviderDetails(Aws::Map<Aws::String, Aws::String>&& value) { m_providerDetailsHasBeenSet = true; m_providerDetails = std::move(value); }
 
     /**
-     * <p>The IdP details to be updated, such as <code>MetadataURL</code> and
-     * <code>MetadataFile</code>.</p>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline UpdateIdentityProviderRequest& WithProviderDetails(const Aws::Map<Aws::String, Aws::String>& value) { SetProviderDetails(value); return *this;}
 
     /**
-     * <p>The IdP details to be updated, such as <code>MetadataURL</code> and
-     * <code>MetadataFile</code>.</p>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline UpdateIdentityProviderRequest& WithProviderDetails(Aws::Map<Aws::String, Aws::String>&& value) { SetProviderDetails(std::move(value)); return *this;}
 
     /**
-     * <p>The IdP details to be updated, such as <code>MetadataURL</code> and
-     * <code>MetadataFile</code>.</p>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline UpdateIdentityProviderRequest& AddProviderDetails(const Aws::String& key, const Aws::String& value) { m_providerDetailsHasBeenSet = true; m_providerDetails.emplace(key, value); return *this; }
 
     /**
-     * <p>The IdP details to be updated, such as <code>MetadataURL</code> and
-     * <code>MetadataFile</code>.</p>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline UpdateIdentityProviderRequest& AddProviderDetails(Aws::String&& key, const Aws::String& value) { m_providerDetailsHasBeenSet = true; m_providerDetails.emplace(std::move(key), value); return *this; }
 
     /**
-     * <p>The IdP details to be updated, such as <code>MetadataURL</code> and
-     * <code>MetadataFile</code>.</p>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline UpdateIdentityProviderRequest& AddProviderDetails(const Aws::String& key, Aws::String&& value) { m_providerDetailsHasBeenSet = true; m_providerDetails.emplace(key, std::move(value)); return *this; }
 
     /**
-     * <p>The IdP details to be updated, such as <code>MetadataURL</code> and
-     * <code>MetadataFile</code>.</p>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline UpdateIdentityProviderRequest& AddProviderDetails(Aws::String&& key, Aws::String&& value) { m_providerDetailsHasBeenSet = true; m_providerDetails.emplace(std::move(key), std::move(value)); return *this; }
 
     /**
-     * <p>The IdP details to be updated, such as <code>MetadataURL</code> and
-     * <code>MetadataFile</code>.</p>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline UpdateIdentityProviderRequest& AddProviderDetails(const char* key, Aws::String&& value) { m_providerDetailsHasBeenSet = true; m_providerDetails.emplace(key, std::move(value)); return *this; }
 
     /**
-     * <p>The IdP details to be updated, such as <code>MetadataURL</code> and
-     * <code>MetadataFile</code>.</p>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline UpdateIdentityProviderRequest& AddProviderDetails(Aws::String&& key, const char* value) { m_providerDetailsHasBeenSet = true; m_providerDetails.emplace(std::move(key), value); return *this; }
 
     /**
-     * <p>The IdP details to be updated, such as <code>MetadataURL</code> and
-     * <code>MetadataFile</code>.</p>
+     * <p>The scopes, URLs, and identifiers for your external identity provider. The
+     * following examples describe the provider detail keys for each IdP type. These
+     * values and their schema are subject to change. Social IdP
+     * <code>authorize_scopes</code> values must match the values listed here.</p> <dl>
+     * <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following
+     * elements when it can't discover endpoint URLs from <code>oidc_issuer</code>:
+     * <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>,
+     * <code>token_url</code>.</p> <p>Create or update request:
+     * <code>"ProviderDetails": { "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email",
+     * "authorize_url": "https://auth.example.com/authorize", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> <p>Describe response: <code>"ProviderDetails": {
+     * "attributes_request_method": "GET", "attributes_url":
+     * "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "openid profile email", "authorize_url":
+     * "https://auth.example.com/authorize", "client_id": "1example23456789",
+     * "client_secret": "provider-app-client-secret", "jwks_uri":
+     * "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
+     * "https://auth.example.com", "token_url": "https://example.com/token" }</code>
+     * </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataURL":
+     * "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
+     * "rsa-sha256" }</code> </p> <p>Create or update request with Metadata file:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]",
+     * "RequestSigningAlgorithm": "rsa-sha256" }</code> </p> <p>The value of
+     * <code>MetadataFile</code> must be the plaintext metadata document with all quote
+     * (") characters escaped by backslashes.</p> <p>Describe response:
+     * <code>"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true",
+     * "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
+     * "MetadataURL": "https://auth.example.com/sso/saml/metadata",
+     * "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
+     * "https://auth.example.com/slo/saml", "SSORedirectBindingURI":
+     * "https://auth.example.com/sso/saml" }</code> </p> </dd> <dt>LoginWithAmazon</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "profile postal_code", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret"</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "profile postal_code", "authorize_url":
+     * "https://www.amazon.com/ap/oa", "client_id":
+     * "amzn1.application-oa2-client.1example23456789", "client_secret":
+     * "provider-app-client-secret", "token_request_method": "POST", "token_url":
+     * "https://api.amazon.com/auth/o2/token" }</code> </p> </dd> <dt>Google</dt> <dd>
+     * <p>Create or update request: <code>"ProviderDetails": { "authorize_scopes":
+     * "email profile openid", "client_id":
+     * "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url":
+     * "https://people.googleapis.com/v1/people/me?personFields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
+     * openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
+     * "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
+     * "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
+     * "token_request_method": "POST", "token_url":
+     * "https://www.googleapis.com/oauth2/v4/token" }</code> </p> </dd>
+     * <dt>SignInWithApple</dt> <dd> <p>Create or update request:
+     * <code>"ProviderDetails": { "authorize_scopes": "email name", "client_id":
+     * "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE",
+     * "team_id": "3EXAMPLE" }</code> </p> <p>Describe response:
+     * <code>"ProviderDetails": { "attributes_url_add_attributes": "false",
+     * "authorize_scopes": "email name", "authorize_url":
+     * "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito",
+     * "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id":
+     * "2EXAMPLE", "token_request_method": "POST", "token_url":
+     * "https://appleid.apple.com/auth/token" }</code> </p> </dd> <dt>Facebook</dt>
+     * <dd> <p>Create or update request: <code>"ProviderDetails": { "api_version":
+     * "v17.0", "authorize_scopes": "public_profile, email", "client_id":
+     * "1example23456789", "client_secret": "provider-app-client-secret" }</code> </p>
+     * <p>Describe response: <code>"ProviderDetails": { "api_version": "v17.0",
+     * "attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
+     * "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile,
+     * email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
+     * "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
+     * "token_request_method": "GET", "token_url":
+     * "https://graph.facebook.com/v17.0/oauth/access_token" }</code> </p> </dd> </dl>
      */
     inline UpdateIdentityProviderRequest& AddProviderDetails(const char* key, const char* value) { m_providerDetailsHasBeenSet = true; m_providerDetails.emplace(key, value); return *this; }
 
diff --git a/generated/src/aws-cpp-sdk-cognito-idp/source/model/LambdaConfigType.cpp b/generated/src/aws-cpp-sdk-cognito-idp/source/model/LambdaConfigType.cpp
index 7630ab6c06c..06404e4ff52 100644
--- a/generated/src/aws-cpp-sdk-cognito-idp/source/model/LambdaConfigType.cpp
+++ b/generated/src/aws-cpp-sdk-cognito-idp/source/model/LambdaConfigType.cpp
@@ -28,8 +28,8 @@ LambdaConfigType::LambdaConfigType() :
     m_createAuthChallengeHasBeenSet(false),
     m_verifyAuthChallengeResponseHasBeenSet(false),
     m_preTokenGenerationHasBeenSet(false),
-    m_preTokenGenerationConfigHasBeenSet(false),
     m_userMigrationHasBeenSet(false),
+    m_preTokenGenerationConfigHasBeenSet(false),
     m_customSMSSenderHasBeenSet(false),
     m_customEmailSenderHasBeenSet(false),
     m_kMSKeyIDHasBeenSet(false)
@@ -46,8 +46,8 @@ LambdaConfigType::LambdaConfigType(JsonView jsonValue) :
     m_createAuthChallengeHasBeenSet(false),
     m_verifyAuthChallengeResponseHasBeenSet(false),
     m_preTokenGenerationHasBeenSet(false),
-    m_preTokenGenerationConfigHasBeenSet(false),
     m_userMigrationHasBeenSet(false),
+    m_preTokenGenerationConfigHasBeenSet(false),
     m_customSMSSenderHasBeenSet(false),
     m_customEmailSenderHasBeenSet(false),
     m_kMSKeyIDHasBeenSet(false)
@@ -120,18 +120,18 @@ LambdaConfigType& LambdaConfigType::operator =(JsonView jsonValue)
     m_preTokenGenerationHasBeenSet = true;
   }
 
-  if(jsonValue.ValueExists("PreTokenGenerationConfig"))
+  if(jsonValue.ValueExists("UserMigration"))
   {
-    m_preTokenGenerationConfig = jsonValue.GetObject("PreTokenGenerationConfig");
+    m_userMigration = jsonValue.GetString("UserMigration");
 
-    m_preTokenGenerationConfigHasBeenSet = true;
+    m_userMigrationHasBeenSet = true;
   }
 
-  if(jsonValue.ValueExists("UserMigration"))
+  if(jsonValue.ValueExists("PreTokenGenerationConfig"))
   {
-    m_userMigration = jsonValue.GetString("UserMigration");
+    m_preTokenGenerationConfig = jsonValue.GetObject("PreTokenGenerationConfig");
 
-    m_userMigrationHasBeenSet = true;
+    m_preTokenGenerationConfigHasBeenSet = true;
   }
 
   if(jsonValue.ValueExists("CustomSMSSender"))
@@ -216,15 +216,15 @@ JsonValue LambdaConfigType::Jsonize() const
 
   }
 
-  if(m_preTokenGenerationConfigHasBeenSet)
+  if(m_userMigrationHasBeenSet)
   {
-   payload.WithObject("PreTokenGenerationConfig", m_preTokenGenerationConfig.Jsonize());
+   payload.WithString("UserMigration", m_userMigration);
 
   }
 
-  if(m_userMigrationHasBeenSet)
+  if(m_preTokenGenerationConfigHasBeenSet)
   {
-   payload.WithString("UserMigration", m_userMigration);
+   payload.WithObject("PreTokenGenerationConfig", m_preTokenGenerationConfig.Jsonize());
 
   }
 
diff --git a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/IVSClient.h b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/IVSClient.h
index 44b7824a482..772ce269d16 100644
--- a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/IVSClient.h
+++ b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/IVSClient.h
@@ -47,11 +47,14 @@ namespace IVS
    * for more information.</p> </li> <li> <p> <b>Recording configuration</b> — Stores
    * configuration related to recording a live stream and where to store the recorded
    * content. Multiple channels can reference the same recording configuration. See
-   * the Recording Configuration endpoints for more information.</p> </li> </ul> <p>
-   * <b>Tagging</b> </p> <p>A <i>tag</i> is a metadata label that you assign to an
-   * Amazon Web Services resource. A tag comprises a <i>key</i> and a <i>value</i>,
-   * both set by you. For example, you might set a tag as <code>topic:nature</code>
-   * to label a particular video category. See <a
+   * the Recording Configuration endpoints for more information.</p> </li> <li> <p>
+   * <b>Playback restriction policy</b> — Restricts playback by countries and/or
+   * origin sites. See the Playback Restriction Policy endpoints for more
+   * information.</p> </li> </ul> <p> <b>Tagging</b> </p> <p>A <i>tag</i> is a
+   * metadata label that you assign to an Amazon Web Services resource. A tag
+   * comprises a <i>key</i> and a <i>value</i>, both set by you. For example, you
+   * might set a tag as <code>topic:nature</code> to label a particular video
+   * category. See <a
    * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
    * Amazon Web Services Resources</a> for more information, including restrictions
    * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
@@ -107,31 +110,17 @@ namespace IVS
    * Updates a channel's configuration. This does not affect an ongoing stream of
    * this channel. You must stop and restart the stream for the changes to take
    * effect.</p> </li> <li> <p> <a>DeleteChannel</a> — Deletes the specified
-   * channel.</p> </li> </ul> <p> <b>StreamKey Endpoints</b> </p> <ul> <li> <p>
-   * <a>CreateStreamKey</a> — Creates a stream key, used to initiate a stream, for
-   * the specified channel ARN.</p> </li> <li> <p> <a>GetStreamKey</a> — Gets stream
-   * key information for the specified ARN.</p> </li> <li> <p>
-   * <a>BatchGetStreamKey</a> — Performs <a>GetStreamKey</a> on multiple ARNs
-   * simultaneously.</p> </li> <li> <p> <a>ListStreamKeys</a> — Gets summary
-   * information about stream keys for the specified channel.</p> </li> <li> <p>
-   * <a>DeleteStreamKey</a> — Deletes the stream key for the specified ARN, so it can
-   * no longer be used to stream.</p> </li> </ul> <p> <b>Stream Endpoints</b> </p>
-   * <ul> <li> <p> <a>GetStream</a> — Gets information about the active (live) stream
-   * on a specified channel.</p> </li> <li> <p> <a>GetStreamSession</a> — Gets
-   * metadata on a specified stream.</p> </li> <li> <p> <a>ListStreams</a> — Gets
-   * summary information about live streams in your account, in the Amazon Web
-   * Services region where the API request is processed.</p> </li> <li> <p>
-   * <a>ListStreamSessions</a> — Gets a summary of current and previous streams for a
-   * specified channel in your account, in the AWS region where the API request is
-   * processed.</p> </li> <li> <p> <a>StopStream</a> — Disconnects the incoming RTMPS
-   * stream for the specified channel. Can be used in conjunction with
-   * <a>DeleteStreamKey</a> to prevent further streaming to a channel.</p> </li> <li>
-   * <p> <a>PutMetadata</a> — Inserts metadata into the active stream of the
-   * specified channel. At most 5 requests per second per channel are allowed, each
-   * with a maximum 1 KB payload. (If 5 TPS is not sufficient for your needs, we
-   * recommend batching your data into a single PutMetadata call.) At most 155
-   * requests per second per account are allowed.</p> </li> </ul> <p> <b>Private
-   * Channel Endpoints</b> </p> <p>For more information, see <a
+   * channel.</p> </li> </ul> <p> <b>Playback Restriction Policy Endpoints</b> </p>
+   * <ul> <li> <p> <a>CreatePlaybackRestrictionPolicy</a> — Creates a new playback
+   * restriction policy, for constraining playback by countries and/or origins.</p>
+   * </li> <li> <p> <a>DeletePlaybackRestrictionPolicy</a> — Deletes the specified
+   * playback restriction policy</p> </li> <li> <p>
+   * <a>GetPlaybackRestrictionPolicy</a> — Gets the specified playback restriction
+   * policy.</p> </li> <li> <p> <a>ListPlaybackRestrictionPolicies</a> — Gets summary
+   * information about playback restriction policies.</p> </li> <li> <p>
+   * <a>UpdatePlaybackRestrictionPolicy</a> — Updates a specified playback
+   * restriction policy.</p> </li> </ul> <p> <b>Private Channel Endpoints</b> </p>
+   * <p>For more information, see <a
    * href="https://docs.aws.amazon.com/ivs/latest/userguide/private-channels.html">Setting
    * Up Private Channels</a> in the <i>Amazon IVS User Guide</i>.</p> <ul> <li> <p>
    * <a>ImportPlaybackKeyPair</a> — Imports the public portion of a new key pair and
@@ -160,7 +149,30 @@ namespace IVS
    * summary information about all recording configurations in your account, in the
    * Amazon Web Services region where the API request is processed.</p> </li> <li>
    * <p> <a>DeleteRecordingConfiguration</a> — Deletes the recording configuration
-   * for the specified ARN.</p> </li> </ul> <p> <b>Amazon Web Services Tags
+   * for the specified ARN.</p> </li> </ul> <p> <b>Stream Endpoints</b> </p> <ul>
+   * <li> <p> <a>GetStream</a> — Gets information about the active (live) stream on a
+   * specified channel.</p> </li> <li> <p> <a>GetStreamSession</a> — Gets metadata on
+   * a specified stream.</p> </li> <li> <p> <a>ListStreams</a> — Gets summary
+   * information about live streams in your account, in the Amazon Web Services
+   * region where the API request is processed.</p> </li> <li> <p>
+   * <a>ListStreamSessions</a> — Gets a summary of current and previous streams for a
+   * specified channel in your account, in the AWS region where the API request is
+   * processed.</p> </li> <li> <p> <a>StopStream</a> — Disconnects the incoming RTMPS
+   * stream for the specified channel. Can be used in conjunction with
+   * <a>DeleteStreamKey</a> to prevent further streaming to a channel.</p> </li> <li>
+   * <p> <a>PutMetadata</a> — Inserts metadata into the active stream of the
+   * specified channel. At most 5 requests per second per channel are allowed, each
+   * with a maximum 1 KB payload. (If 5 TPS is not sufficient for your needs, we
+   * recommend batching your data into a single PutMetadata call.) At most 155
+   * requests per second per account are allowed.</p> </li> </ul> <p> <b>StreamKey
+   * Endpoints</b> </p> <ul> <li> <p> <a>CreateStreamKey</a> — Creates a stream key,
+   * used to initiate a stream, for the specified channel ARN.</p> </li> <li> <p>
+   * <a>GetStreamKey</a> — Gets stream key information for the specified ARN.</p>
+   * </li> <li> <p> <a>BatchGetStreamKey</a> — Performs <a>GetStreamKey</a> on
+   * multiple ARNs simultaneously.</p> </li> <li> <p> <a>ListStreamKeys</a> — Gets
+   * summary information about stream keys for the specified channel.</p> </li> <li>
+   * <p> <a>DeleteStreamKey</a> — Deletes the stream key for the specified ARN, so it
+   * can no longer be used to stream.</p> </li> </ul> <p> <b>Amazon Web Services Tags
    * Endpoints</b> </p> <ul> <li> <p> <a>TagResource</a> — Adds or updates tags for
    * the Amazon Web Services resource with the specified ARN.</p> </li> <li> <p>
    * <a>UntagResource</a> — Removes tags from the resource with the specified
@@ -329,6 +341,32 @@ namespace IVS
             return SubmitAsync(&IVSClient::CreateChannel, request, handler, context);
         }
 
+        /**
+         * <p>Creates a new playback restriction policy, for constraining playback by
+         * countries and/or origins.</p><p><h3>See Also:</h3>   <a
+         * href="http://docs.aws.amazon.com/goto/WebAPI/ivs-2020-07-14/CreatePlaybackRestrictionPolicy">AWS
+         * API Reference</a></p>
+         */
+        virtual Model::CreatePlaybackRestrictionPolicyOutcome CreatePlaybackRestrictionPolicy(const Model::CreatePlaybackRestrictionPolicyRequest& request) const;
+
+        /**
+         * A Callable wrapper for CreatePlaybackRestrictionPolicy that returns a future to the operation so that it can be executed in parallel to other requests.
+         */
+        template<typename CreatePlaybackRestrictionPolicyRequestT = Model::CreatePlaybackRestrictionPolicyRequest>
+        Model::CreatePlaybackRestrictionPolicyOutcomeCallable CreatePlaybackRestrictionPolicyCallable(const CreatePlaybackRestrictionPolicyRequestT& request) const
+        {
+            return SubmitCallable(&IVSClient::CreatePlaybackRestrictionPolicy, request);
+        }
+
+        /**
+         * An Async wrapper for CreatePlaybackRestrictionPolicy that queues the request into a thread executor and triggers associated callback when operation has finished.
+         */
+        template<typename CreatePlaybackRestrictionPolicyRequestT = Model::CreatePlaybackRestrictionPolicyRequest>
+        void CreatePlaybackRestrictionPolicyAsync(const CreatePlaybackRestrictionPolicyRequestT& request, const CreatePlaybackRestrictionPolicyResponseReceivedHandler& handler, const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context = nullptr) const
+        {
+            return SubmitAsync(&IVSClient::CreatePlaybackRestrictionPolicy, request, handler, context);
+        }
+
         /**
          * <p>Creates a new recording configuration, used to enable recording to Amazon
          * S3.</p> <p> <b>Known issue:</b> In the us-east-1 region, if you use the Amazon
@@ -455,6 +493,32 @@ namespace IVS
             return SubmitAsync(&IVSClient::DeletePlaybackKeyPair, request, handler, context);
         }
 
+        /**
+         * <p>Deletes the specified playback restriction policy.</p><p><h3>See Also:</h3>  
+         * <a
+         * href="http://docs.aws.amazon.com/goto/WebAPI/ivs-2020-07-14/DeletePlaybackRestrictionPolicy">AWS
+         * API Reference</a></p>
+         */
+        virtual Model::DeletePlaybackRestrictionPolicyOutcome DeletePlaybackRestrictionPolicy(const Model::DeletePlaybackRestrictionPolicyRequest& request) const;
+
+        /**
+         * A Callable wrapper for DeletePlaybackRestrictionPolicy that returns a future to the operation so that it can be executed in parallel to other requests.
+         */
+        template<typename DeletePlaybackRestrictionPolicyRequestT = Model::DeletePlaybackRestrictionPolicyRequest>
+        Model::DeletePlaybackRestrictionPolicyOutcomeCallable DeletePlaybackRestrictionPolicyCallable(const DeletePlaybackRestrictionPolicyRequestT& request) const
+        {
+            return SubmitCallable(&IVSClient::DeletePlaybackRestrictionPolicy, request);
+        }
+
+        /**
+         * An Async wrapper for DeletePlaybackRestrictionPolicy that queues the request into a thread executor and triggers associated callback when operation has finished.
+         */
+        template<typename DeletePlaybackRestrictionPolicyRequestT = Model::DeletePlaybackRestrictionPolicyRequest>
+        void DeletePlaybackRestrictionPolicyAsync(const DeletePlaybackRestrictionPolicyRequestT& request, const DeletePlaybackRestrictionPolicyResponseReceivedHandler& handler, const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context = nullptr) const
+        {
+            return SubmitAsync(&IVSClient::DeletePlaybackRestrictionPolicy, request, handler, context);
+        }
+
         /**
          * <p>Deletes the recording configuration for the specified ARN.</p> <p>If you try
          * to delete a recording configuration that is associated with a channel, you will
@@ -568,6 +632,31 @@ namespace IVS
             return SubmitAsync(&IVSClient::GetPlaybackKeyPair, request, handler, context);
         }
 
+        /**
+         * <p>Gets the specified playback restriction policy.</p><p><h3>See Also:</h3>   <a
+         * href="http://docs.aws.amazon.com/goto/WebAPI/ivs-2020-07-14/GetPlaybackRestrictionPolicy">AWS
+         * API Reference</a></p>
+         */
+        virtual Model::GetPlaybackRestrictionPolicyOutcome GetPlaybackRestrictionPolicy(const Model::GetPlaybackRestrictionPolicyRequest& request) const;
+
+        /**
+         * A Callable wrapper for GetPlaybackRestrictionPolicy that returns a future to the operation so that it can be executed in parallel to other requests.
+         */
+        template<typename GetPlaybackRestrictionPolicyRequestT = Model::GetPlaybackRestrictionPolicyRequest>
+        Model::GetPlaybackRestrictionPolicyOutcomeCallable GetPlaybackRestrictionPolicyCallable(const GetPlaybackRestrictionPolicyRequestT& request) const
+        {
+            return SubmitCallable(&IVSClient::GetPlaybackRestrictionPolicy, request);
+        }
+
+        /**
+         * An Async wrapper for GetPlaybackRestrictionPolicy that queues the request into a thread executor and triggers associated callback when operation has finished.
+         */
+        template<typename GetPlaybackRestrictionPolicyRequestT = Model::GetPlaybackRestrictionPolicyRequest>
+        void GetPlaybackRestrictionPolicyAsync(const GetPlaybackRestrictionPolicyRequestT& request, const GetPlaybackRestrictionPolicyResponseReceivedHandler& handler, const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context = nullptr) const
+        {
+            return SubmitAsync(&IVSClient::GetPlaybackRestrictionPolicy, request, handler, context);
+        }
+
         /**
          * <p>Gets the recording configuration for the specified ARN.</p><p><h3>See
          * Also:</h3>   <a
@@ -759,6 +848,32 @@ namespace IVS
             return SubmitAsync(&IVSClient::ListPlaybackKeyPairs, request, handler, context);
         }
 
+        /**
+         * <p>Gets summary information about playback restriction policies.</p><p><h3>See
+         * Also:</h3>   <a
+         * href="http://docs.aws.amazon.com/goto/WebAPI/ivs-2020-07-14/ListPlaybackRestrictionPolicies">AWS
+         * API Reference</a></p>
+         */
+        virtual Model::ListPlaybackRestrictionPoliciesOutcome ListPlaybackRestrictionPolicies(const Model::ListPlaybackRestrictionPoliciesRequest& request) const;
+
+        /**
+         * A Callable wrapper for ListPlaybackRestrictionPolicies that returns a future to the operation so that it can be executed in parallel to other requests.
+         */
+        template<typename ListPlaybackRestrictionPoliciesRequestT = Model::ListPlaybackRestrictionPoliciesRequest>
+        Model::ListPlaybackRestrictionPoliciesOutcomeCallable ListPlaybackRestrictionPoliciesCallable(const ListPlaybackRestrictionPoliciesRequestT& request) const
+        {
+            return SubmitCallable(&IVSClient::ListPlaybackRestrictionPolicies, request);
+        }
+
+        /**
+         * An Async wrapper for ListPlaybackRestrictionPolicies that queues the request into a thread executor and triggers associated callback when operation has finished.
+         */
+        template<typename ListPlaybackRestrictionPoliciesRequestT = Model::ListPlaybackRestrictionPoliciesRequest>
+        void ListPlaybackRestrictionPoliciesAsync(const ListPlaybackRestrictionPoliciesRequestT& request, const ListPlaybackRestrictionPoliciesResponseReceivedHandler& handler, const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context = nullptr) const
+        {
+            return SubmitAsync(&IVSClient::ListPlaybackRestrictionPolicies, request, handler, context);
+        }
+
         /**
          * <p>Gets summary information about all recording configurations in your account,
          * in the Amazon Web Services region where the API request is
@@ -1062,6 +1177,32 @@ namespace IVS
             return SubmitAsync(&IVSClient::UpdateChannel, request, handler, context);
         }
 
+        /**
+         * <p>Updates a specified playback restriction policy.</p><p><h3>See Also:</h3>  
+         * <a
+         * href="http://docs.aws.amazon.com/goto/WebAPI/ivs-2020-07-14/UpdatePlaybackRestrictionPolicy">AWS
+         * API Reference</a></p>
+         */
+        virtual Model::UpdatePlaybackRestrictionPolicyOutcome UpdatePlaybackRestrictionPolicy(const Model::UpdatePlaybackRestrictionPolicyRequest& request) const;
+
+        /**
+         * A Callable wrapper for UpdatePlaybackRestrictionPolicy that returns a future to the operation so that it can be executed in parallel to other requests.
+         */
+        template<typename UpdatePlaybackRestrictionPolicyRequestT = Model::UpdatePlaybackRestrictionPolicyRequest>
+        Model::UpdatePlaybackRestrictionPolicyOutcomeCallable UpdatePlaybackRestrictionPolicyCallable(const UpdatePlaybackRestrictionPolicyRequestT& request) const
+        {
+            return SubmitCallable(&IVSClient::UpdatePlaybackRestrictionPolicy, request);
+        }
+
+        /**
+         * An Async wrapper for UpdatePlaybackRestrictionPolicy that queues the request into a thread executor and triggers associated callback when operation has finished.
+         */
+        template<typename UpdatePlaybackRestrictionPolicyRequestT = Model::UpdatePlaybackRestrictionPolicyRequest>
+        void UpdatePlaybackRestrictionPolicyAsync(const UpdatePlaybackRestrictionPolicyRequestT& request, const UpdatePlaybackRestrictionPolicyResponseReceivedHandler& handler, const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context = nullptr) const
+        {
+            return SubmitAsync(&IVSClient::UpdatePlaybackRestrictionPolicy, request, handler, context);
+        }
+
 
       void OverrideEndpoint(const Aws::String& endpoint);
       std::shared_ptr<IVSEndpointProviderBase>& accessEndpointProvider();
diff --git a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/IVSServiceClientModel.h b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/IVSServiceClientModel.h
index 25961bdd9ff..f1fcaf8f5a1 100644
--- a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/IVSServiceClientModel.h
+++ b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/IVSServiceClientModel.h
@@ -22,11 +22,13 @@
 #include <aws/ivs/model/BatchGetStreamKeyResult.h>
 #include <aws/ivs/model/BatchStartViewerSessionRevocationResult.h>
 #include <aws/ivs/model/CreateChannelResult.h>
+#include <aws/ivs/model/CreatePlaybackRestrictionPolicyResult.h>
 #include <aws/ivs/model/CreateRecordingConfigurationResult.h>
 #include <aws/ivs/model/CreateStreamKeyResult.h>
 #include <aws/ivs/model/DeletePlaybackKeyPairResult.h>
 #include <aws/ivs/model/GetChannelResult.h>
 #include <aws/ivs/model/GetPlaybackKeyPairResult.h>
+#include <aws/ivs/model/GetPlaybackRestrictionPolicyResult.h>
 #include <aws/ivs/model/GetRecordingConfigurationResult.h>
 #include <aws/ivs/model/GetStreamResult.h>
 #include <aws/ivs/model/GetStreamKeyResult.h>
@@ -34,6 +36,7 @@
 #include <aws/ivs/model/ImportPlaybackKeyPairResult.h>
 #include <aws/ivs/model/ListChannelsResult.h>
 #include <aws/ivs/model/ListPlaybackKeyPairsResult.h>
+#include <aws/ivs/model/ListPlaybackRestrictionPoliciesResult.h>
 #include <aws/ivs/model/ListRecordingConfigurationsResult.h>
 #include <aws/ivs/model/ListStreamKeysResult.h>
 #include <aws/ivs/model/ListStreamSessionsResult.h>
@@ -44,6 +47,7 @@
 #include <aws/ivs/model/TagResourceResult.h>
 #include <aws/ivs/model/UntagResourceResult.h>
 #include <aws/ivs/model/UpdateChannelResult.h>
+#include <aws/ivs/model/UpdatePlaybackRestrictionPolicyResult.h>
 #include <aws/core/NoResult.h>
 /* End of service model headers required in IVSClient header */
 
@@ -89,14 +93,17 @@ namespace Aws
       class BatchGetStreamKeyRequest;
       class BatchStartViewerSessionRevocationRequest;
       class CreateChannelRequest;
+      class CreatePlaybackRestrictionPolicyRequest;
       class CreateRecordingConfigurationRequest;
       class CreateStreamKeyRequest;
       class DeleteChannelRequest;
       class DeletePlaybackKeyPairRequest;
+      class DeletePlaybackRestrictionPolicyRequest;
       class DeleteRecordingConfigurationRequest;
       class DeleteStreamKeyRequest;
       class GetChannelRequest;
       class GetPlaybackKeyPairRequest;
+      class GetPlaybackRestrictionPolicyRequest;
       class GetRecordingConfigurationRequest;
       class GetStreamRequest;
       class GetStreamKeyRequest;
@@ -104,6 +111,7 @@ namespace Aws
       class ImportPlaybackKeyPairRequest;
       class ListChannelsRequest;
       class ListPlaybackKeyPairsRequest;
+      class ListPlaybackRestrictionPoliciesRequest;
       class ListRecordingConfigurationsRequest;
       class ListStreamKeysRequest;
       class ListStreamSessionsRequest;
@@ -115,6 +123,7 @@ namespace Aws
       class TagResourceRequest;
       class UntagResourceRequest;
       class UpdateChannelRequest;
+      class UpdatePlaybackRestrictionPolicyRequest;
       /* End of service model forward declarations required in IVSClient header */
 
       /* Service model Outcome class definitions */
@@ -122,14 +131,17 @@ namespace Aws
       typedef Aws::Utils::Outcome<BatchGetStreamKeyResult, IVSError> BatchGetStreamKeyOutcome;
       typedef Aws::Utils::Outcome<BatchStartViewerSessionRevocationResult, IVSError> BatchStartViewerSessionRevocationOutcome;
       typedef Aws::Utils::Outcome<CreateChannelResult, IVSError> CreateChannelOutcome;
+      typedef Aws::Utils::Outcome<CreatePlaybackRestrictionPolicyResult, IVSError> CreatePlaybackRestrictionPolicyOutcome;
       typedef Aws::Utils::Outcome<CreateRecordingConfigurationResult, IVSError> CreateRecordingConfigurationOutcome;
       typedef Aws::Utils::Outcome<CreateStreamKeyResult, IVSError> CreateStreamKeyOutcome;
       typedef Aws::Utils::Outcome<Aws::NoResult, IVSError> DeleteChannelOutcome;
       typedef Aws::Utils::Outcome<DeletePlaybackKeyPairResult, IVSError> DeletePlaybackKeyPairOutcome;
+      typedef Aws::Utils::Outcome<Aws::NoResult, IVSError> DeletePlaybackRestrictionPolicyOutcome;
       typedef Aws::Utils::Outcome<Aws::NoResult, IVSError> DeleteRecordingConfigurationOutcome;
       typedef Aws::Utils::Outcome<Aws::NoResult, IVSError> DeleteStreamKeyOutcome;
       typedef Aws::Utils::Outcome<GetChannelResult, IVSError> GetChannelOutcome;
       typedef Aws::Utils::Outcome<GetPlaybackKeyPairResult, IVSError> GetPlaybackKeyPairOutcome;
+      typedef Aws::Utils::Outcome<GetPlaybackRestrictionPolicyResult, IVSError> GetPlaybackRestrictionPolicyOutcome;
       typedef Aws::Utils::Outcome<GetRecordingConfigurationResult, IVSError> GetRecordingConfigurationOutcome;
       typedef Aws::Utils::Outcome<GetStreamResult, IVSError> GetStreamOutcome;
       typedef Aws::Utils::Outcome<GetStreamKeyResult, IVSError> GetStreamKeyOutcome;
@@ -137,6 +149,7 @@ namespace Aws
       typedef Aws::Utils::Outcome<ImportPlaybackKeyPairResult, IVSError> ImportPlaybackKeyPairOutcome;
       typedef Aws::Utils::Outcome<ListChannelsResult, IVSError> ListChannelsOutcome;
       typedef Aws::Utils::Outcome<ListPlaybackKeyPairsResult, IVSError> ListPlaybackKeyPairsOutcome;
+      typedef Aws::Utils::Outcome<ListPlaybackRestrictionPoliciesResult, IVSError> ListPlaybackRestrictionPoliciesOutcome;
       typedef Aws::Utils::Outcome<ListRecordingConfigurationsResult, IVSError> ListRecordingConfigurationsOutcome;
       typedef Aws::Utils::Outcome<ListStreamKeysResult, IVSError> ListStreamKeysOutcome;
       typedef Aws::Utils::Outcome<ListStreamSessionsResult, IVSError> ListStreamSessionsOutcome;
@@ -148,6 +161,7 @@ namespace Aws
       typedef Aws::Utils::Outcome<TagResourceResult, IVSError> TagResourceOutcome;
       typedef Aws::Utils::Outcome<UntagResourceResult, IVSError> UntagResourceOutcome;
       typedef Aws::Utils::Outcome<UpdateChannelResult, IVSError> UpdateChannelOutcome;
+      typedef Aws::Utils::Outcome<UpdatePlaybackRestrictionPolicyResult, IVSError> UpdatePlaybackRestrictionPolicyOutcome;
       /* End of service model Outcome class definitions */
 
       /* Service model Outcome callable definitions */
@@ -155,14 +169,17 @@ namespace Aws
       typedef std::future<BatchGetStreamKeyOutcome> BatchGetStreamKeyOutcomeCallable;
       typedef std::future<BatchStartViewerSessionRevocationOutcome> BatchStartViewerSessionRevocationOutcomeCallable;
       typedef std::future<CreateChannelOutcome> CreateChannelOutcomeCallable;
+      typedef std::future<CreatePlaybackRestrictionPolicyOutcome> CreatePlaybackRestrictionPolicyOutcomeCallable;
       typedef std::future<CreateRecordingConfigurationOutcome> CreateRecordingConfigurationOutcomeCallable;
       typedef std::future<CreateStreamKeyOutcome> CreateStreamKeyOutcomeCallable;
       typedef std::future<DeleteChannelOutcome> DeleteChannelOutcomeCallable;
       typedef std::future<DeletePlaybackKeyPairOutcome> DeletePlaybackKeyPairOutcomeCallable;
+      typedef std::future<DeletePlaybackRestrictionPolicyOutcome> DeletePlaybackRestrictionPolicyOutcomeCallable;
       typedef std::future<DeleteRecordingConfigurationOutcome> DeleteRecordingConfigurationOutcomeCallable;
       typedef std::future<DeleteStreamKeyOutcome> DeleteStreamKeyOutcomeCallable;
       typedef std::future<GetChannelOutcome> GetChannelOutcomeCallable;
       typedef std::future<GetPlaybackKeyPairOutcome> GetPlaybackKeyPairOutcomeCallable;
+      typedef std::future<GetPlaybackRestrictionPolicyOutcome> GetPlaybackRestrictionPolicyOutcomeCallable;
       typedef std::future<GetRecordingConfigurationOutcome> GetRecordingConfigurationOutcomeCallable;
       typedef std::future<GetStreamOutcome> GetStreamOutcomeCallable;
       typedef std::future<GetStreamKeyOutcome> GetStreamKeyOutcomeCallable;
@@ -170,6 +187,7 @@ namespace Aws
       typedef std::future<ImportPlaybackKeyPairOutcome> ImportPlaybackKeyPairOutcomeCallable;
       typedef std::future<ListChannelsOutcome> ListChannelsOutcomeCallable;
       typedef std::future<ListPlaybackKeyPairsOutcome> ListPlaybackKeyPairsOutcomeCallable;
+      typedef std::future<ListPlaybackRestrictionPoliciesOutcome> ListPlaybackRestrictionPoliciesOutcomeCallable;
       typedef std::future<ListRecordingConfigurationsOutcome> ListRecordingConfigurationsOutcomeCallable;
       typedef std::future<ListStreamKeysOutcome> ListStreamKeysOutcomeCallable;
       typedef std::future<ListStreamSessionsOutcome> ListStreamSessionsOutcomeCallable;
@@ -181,6 +199,7 @@ namespace Aws
       typedef std::future<TagResourceOutcome> TagResourceOutcomeCallable;
       typedef std::future<UntagResourceOutcome> UntagResourceOutcomeCallable;
       typedef std::future<UpdateChannelOutcome> UpdateChannelOutcomeCallable;
+      typedef std::future<UpdatePlaybackRestrictionPolicyOutcome> UpdatePlaybackRestrictionPolicyOutcomeCallable;
       /* End of service model Outcome callable definitions */
     } // namespace Model
 
@@ -191,14 +210,17 @@ namespace Aws
     typedef std::function<void(const IVSClient*, const Model::BatchGetStreamKeyRequest&, const Model::BatchGetStreamKeyOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > BatchGetStreamKeyResponseReceivedHandler;
     typedef std::function<void(const IVSClient*, const Model::BatchStartViewerSessionRevocationRequest&, const Model::BatchStartViewerSessionRevocationOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > BatchStartViewerSessionRevocationResponseReceivedHandler;
     typedef std::function<void(const IVSClient*, const Model::CreateChannelRequest&, const Model::CreateChannelOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > CreateChannelResponseReceivedHandler;
+    typedef std::function<void(const IVSClient*, const Model::CreatePlaybackRestrictionPolicyRequest&, const Model::CreatePlaybackRestrictionPolicyOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > CreatePlaybackRestrictionPolicyResponseReceivedHandler;
     typedef std::function<void(const IVSClient*, const Model::CreateRecordingConfigurationRequest&, const Model::CreateRecordingConfigurationOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > CreateRecordingConfigurationResponseReceivedHandler;
     typedef std::function<void(const IVSClient*, const Model::CreateStreamKeyRequest&, const Model::CreateStreamKeyOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > CreateStreamKeyResponseReceivedHandler;
     typedef std::function<void(const IVSClient*, const Model::DeleteChannelRequest&, const Model::DeleteChannelOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > DeleteChannelResponseReceivedHandler;
     typedef std::function<void(const IVSClient*, const Model::DeletePlaybackKeyPairRequest&, const Model::DeletePlaybackKeyPairOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > DeletePlaybackKeyPairResponseReceivedHandler;
+    typedef std::function<void(const IVSClient*, const Model::DeletePlaybackRestrictionPolicyRequest&, const Model::DeletePlaybackRestrictionPolicyOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > DeletePlaybackRestrictionPolicyResponseReceivedHandler;
     typedef std::function<void(const IVSClient*, const Model::DeleteRecordingConfigurationRequest&, const Model::DeleteRecordingConfigurationOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > DeleteRecordingConfigurationResponseReceivedHandler;
     typedef std::function<void(const IVSClient*, const Model::DeleteStreamKeyRequest&, const Model::DeleteStreamKeyOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > DeleteStreamKeyResponseReceivedHandler;
     typedef std::function<void(const IVSClient*, const Model::GetChannelRequest&, const Model::GetChannelOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > GetChannelResponseReceivedHandler;
     typedef std::function<void(const IVSClient*, const Model::GetPlaybackKeyPairRequest&, const Model::GetPlaybackKeyPairOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > GetPlaybackKeyPairResponseReceivedHandler;
+    typedef std::function<void(const IVSClient*, const Model::GetPlaybackRestrictionPolicyRequest&, const Model::GetPlaybackRestrictionPolicyOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > GetPlaybackRestrictionPolicyResponseReceivedHandler;
     typedef std::function<void(const IVSClient*, const Model::GetRecordingConfigurationRequest&, const Model::GetRecordingConfigurationOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > GetRecordingConfigurationResponseReceivedHandler;
     typedef std::function<void(const IVSClient*, const Model::GetStreamRequest&, const Model::GetStreamOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > GetStreamResponseReceivedHandler;
     typedef std::function<void(const IVSClient*, const Model::GetStreamKeyRequest&, const Model::GetStreamKeyOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > GetStreamKeyResponseReceivedHandler;
@@ -206,6 +228,7 @@ namespace Aws
     typedef std::function<void(const IVSClient*, const Model::ImportPlaybackKeyPairRequest&, const Model::ImportPlaybackKeyPairOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > ImportPlaybackKeyPairResponseReceivedHandler;
     typedef std::function<void(const IVSClient*, const Model::ListChannelsRequest&, const Model::ListChannelsOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > ListChannelsResponseReceivedHandler;
     typedef std::function<void(const IVSClient*, const Model::ListPlaybackKeyPairsRequest&, const Model::ListPlaybackKeyPairsOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > ListPlaybackKeyPairsResponseReceivedHandler;
+    typedef std::function<void(const IVSClient*, const Model::ListPlaybackRestrictionPoliciesRequest&, const Model::ListPlaybackRestrictionPoliciesOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > ListPlaybackRestrictionPoliciesResponseReceivedHandler;
     typedef std::function<void(const IVSClient*, const Model::ListRecordingConfigurationsRequest&, const Model::ListRecordingConfigurationsOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > ListRecordingConfigurationsResponseReceivedHandler;
     typedef std::function<void(const IVSClient*, const Model::ListStreamKeysRequest&, const Model::ListStreamKeysOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > ListStreamKeysResponseReceivedHandler;
     typedef std::function<void(const IVSClient*, const Model::ListStreamSessionsRequest&, const Model::ListStreamSessionsOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > ListStreamSessionsResponseReceivedHandler;
@@ -217,6 +240,7 @@ namespace Aws
     typedef std::function<void(const IVSClient*, const Model::TagResourceRequest&, const Model::TagResourceOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > TagResourceResponseReceivedHandler;
     typedef std::function<void(const IVSClient*, const Model::UntagResourceRequest&, const Model::UntagResourceOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > UntagResourceResponseReceivedHandler;
     typedef std::function<void(const IVSClient*, const Model::UpdateChannelRequest&, const Model::UpdateChannelOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > UpdateChannelResponseReceivedHandler;
+    typedef std::function<void(const IVSClient*, const Model::UpdatePlaybackRestrictionPolicyRequest&, const Model::UpdatePlaybackRestrictionPolicyOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > UpdatePlaybackRestrictionPolicyResponseReceivedHandler;
     /* End of service model async handlers definitions */
   } // namespace IVS
 } // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/Channel.h b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/Channel.h
index 37ff6cd132a..870d87443fe 100644
--- a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/Channel.h
+++ b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/Channel.h
@@ -277,6 +277,63 @@ namespace Model
     inline Channel& WithName(const char* value) { SetName(value); return *this;}
 
 
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. Default: "" (empty string, no playback
+     * restriction policy is applied).</p>
+     */
+    inline const Aws::String& GetPlaybackRestrictionPolicyArn() const{ return m_playbackRestrictionPolicyArn; }
+
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. Default: "" (empty string, no playback
+     * restriction policy is applied).</p>
+     */
+    inline bool PlaybackRestrictionPolicyArnHasBeenSet() const { return m_playbackRestrictionPolicyArnHasBeenSet; }
+
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. Default: "" (empty string, no playback
+     * restriction policy is applied).</p>
+     */
+    inline void SetPlaybackRestrictionPolicyArn(const Aws::String& value) { m_playbackRestrictionPolicyArnHasBeenSet = true; m_playbackRestrictionPolicyArn = value; }
+
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. Default: "" (empty string, no playback
+     * restriction policy is applied).</p>
+     */
+    inline void SetPlaybackRestrictionPolicyArn(Aws::String&& value) { m_playbackRestrictionPolicyArnHasBeenSet = true; m_playbackRestrictionPolicyArn = std::move(value); }
+
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. Default: "" (empty string, no playback
+     * restriction policy is applied).</p>
+     */
+    inline void SetPlaybackRestrictionPolicyArn(const char* value) { m_playbackRestrictionPolicyArnHasBeenSet = true; m_playbackRestrictionPolicyArn.assign(value); }
+
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. Default: "" (empty string, no playback
+     * restriction policy is applied).</p>
+     */
+    inline Channel& WithPlaybackRestrictionPolicyArn(const Aws::String& value) { SetPlaybackRestrictionPolicyArn(value); return *this;}
+
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. Default: "" (empty string, no playback
+     * restriction policy is applied).</p>
+     */
+    inline Channel& WithPlaybackRestrictionPolicyArn(Aws::String&& value) { SetPlaybackRestrictionPolicyArn(std::move(value)); return *this;}
+
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. Default: "" (empty string, no playback
+     * restriction policy is applied).</p>
+     */
+    inline Channel& WithPlaybackRestrictionPolicyArn(const char* value) { SetPlaybackRestrictionPolicyArn(value); return *this;}
+
+
     /**
      * <p>Channel playback URL.</p>
      */
@@ -380,58 +437,50 @@ namespace Model
 
 
     /**
-     * <p>Recording-configuration ARN. A value other than an empty string indicates
-     * that recording is enabled. Default: "" (empty string, recording is
-     * disabled).</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. Default: "" (empty string, recording is disabled).</p>
      */
     inline const Aws::String& GetRecordingConfigurationArn() const{ return m_recordingConfigurationArn; }
 
     /**
-     * <p>Recording-configuration ARN. A value other than an empty string indicates
-     * that recording is enabled. Default: "" (empty string, recording is
-     * disabled).</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. Default: "" (empty string, recording is disabled).</p>
      */
     inline bool RecordingConfigurationArnHasBeenSet() const { return m_recordingConfigurationArnHasBeenSet; }
 
     /**
-     * <p>Recording-configuration ARN. A value other than an empty string indicates
-     * that recording is enabled. Default: "" (empty string, recording is
-     * disabled).</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. Default: "" (empty string, recording is disabled).</p>
      */
     inline void SetRecordingConfigurationArn(const Aws::String& value) { m_recordingConfigurationArnHasBeenSet = true; m_recordingConfigurationArn = value; }
 
     /**
-     * <p>Recording-configuration ARN. A value other than an empty string indicates
-     * that recording is enabled. Default: "" (empty string, recording is
-     * disabled).</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. Default: "" (empty string, recording is disabled).</p>
      */
     inline void SetRecordingConfigurationArn(Aws::String&& value) { m_recordingConfigurationArnHasBeenSet = true; m_recordingConfigurationArn = std::move(value); }
 
     /**
-     * <p>Recording-configuration ARN. A value other than an empty string indicates
-     * that recording is enabled. Default: "" (empty string, recording is
-     * disabled).</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. Default: "" (empty string, recording is disabled).</p>
      */
     inline void SetRecordingConfigurationArn(const char* value) { m_recordingConfigurationArnHasBeenSet = true; m_recordingConfigurationArn.assign(value); }
 
     /**
-     * <p>Recording-configuration ARN. A value other than an empty string indicates
-     * that recording is enabled. Default: "" (empty string, recording is
-     * disabled).</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. Default: "" (empty string, recording is disabled).</p>
      */
     inline Channel& WithRecordingConfigurationArn(const Aws::String& value) { SetRecordingConfigurationArn(value); return *this;}
 
     /**
-     * <p>Recording-configuration ARN. A value other than an empty string indicates
-     * that recording is enabled. Default: "" (empty string, recording is
-     * disabled).</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. Default: "" (empty string, recording is disabled).</p>
      */
     inline Channel& WithRecordingConfigurationArn(Aws::String&& value) { SetRecordingConfigurationArn(std::move(value)); return *this;}
 
     /**
-     * <p>Recording-configuration ARN. A value other than an empty string indicates
-     * that recording is enabled. Default: "" (empty string, recording is
-     * disabled).</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. Default: "" (empty string, recording is disabled).</p>
      */
     inline Channel& WithRecordingConfigurationArn(const char* value) { SetRecordingConfigurationArn(value); return *this;}
 
@@ -641,6 +690,9 @@ namespace Model
     Aws::String m_name;
     bool m_nameHasBeenSet = false;
 
+    Aws::String m_playbackRestrictionPolicyArn;
+    bool m_playbackRestrictionPolicyArnHasBeenSet = false;
+
     Aws::String m_playbackUrl;
     bool m_playbackUrlHasBeenSet = false;
 
diff --git a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/ChannelSummary.h b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/ChannelSummary.h
index 422e836edd3..a9bd4701a36 100644
--- a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/ChannelSummary.h
+++ b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/ChannelSummary.h
@@ -228,6 +228,63 @@ namespace Model
     inline ChannelSummary& WithName(const char* value) { SetName(value); return *this;}
 
 
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. Default: "" (empty string, no playback
+     * restriction policy is applied).</p>
+     */
+    inline const Aws::String& GetPlaybackRestrictionPolicyArn() const{ return m_playbackRestrictionPolicyArn; }
+
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. Default: "" (empty string, no playback
+     * restriction policy is applied).</p>
+     */
+    inline bool PlaybackRestrictionPolicyArnHasBeenSet() const { return m_playbackRestrictionPolicyArnHasBeenSet; }
+
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. Default: "" (empty string, no playback
+     * restriction policy is applied).</p>
+     */
+    inline void SetPlaybackRestrictionPolicyArn(const Aws::String& value) { m_playbackRestrictionPolicyArnHasBeenSet = true; m_playbackRestrictionPolicyArn = value; }
+
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. Default: "" (empty string, no playback
+     * restriction policy is applied).</p>
+     */
+    inline void SetPlaybackRestrictionPolicyArn(Aws::String&& value) { m_playbackRestrictionPolicyArnHasBeenSet = true; m_playbackRestrictionPolicyArn = std::move(value); }
+
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. Default: "" (empty string, no playback
+     * restriction policy is applied).</p>
+     */
+    inline void SetPlaybackRestrictionPolicyArn(const char* value) { m_playbackRestrictionPolicyArnHasBeenSet = true; m_playbackRestrictionPolicyArn.assign(value); }
+
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. Default: "" (empty string, no playback
+     * restriction policy is applied).</p>
+     */
+    inline ChannelSummary& WithPlaybackRestrictionPolicyArn(const Aws::String& value) { SetPlaybackRestrictionPolicyArn(value); return *this;}
+
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. Default: "" (empty string, no playback
+     * restriction policy is applied).</p>
+     */
+    inline ChannelSummary& WithPlaybackRestrictionPolicyArn(Aws::String&& value) { SetPlaybackRestrictionPolicyArn(std::move(value)); return *this;}
+
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. Default: "" (empty string, no playback
+     * restriction policy is applied).</p>
+     */
+    inline ChannelSummary& WithPlaybackRestrictionPolicyArn(const char* value) { SetPlaybackRestrictionPolicyArn(value); return *this;}
+
+
     /**
      * <p>Optional transcode preset for the channel. This is selectable only for
      * <code>ADVANCED_HD</code> and <code>ADVANCED_SD</code> channel types. For those
@@ -290,58 +347,50 @@ namespace Model
 
 
     /**
-     * <p>Recording-configuration ARN. A value other than an empty string indicates
-     * that recording is enabled. Default: "" (empty string, recording is
-     * disabled).</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. Default: "" (empty string, recording is disabled).</p>
      */
     inline const Aws::String& GetRecordingConfigurationArn() const{ return m_recordingConfigurationArn; }
 
     /**
-     * <p>Recording-configuration ARN. A value other than an empty string indicates
-     * that recording is enabled. Default: "" (empty string, recording is
-     * disabled).</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. Default: "" (empty string, recording is disabled).</p>
      */
     inline bool RecordingConfigurationArnHasBeenSet() const { return m_recordingConfigurationArnHasBeenSet; }
 
     /**
-     * <p>Recording-configuration ARN. A value other than an empty string indicates
-     * that recording is enabled. Default: "" (empty string, recording is
-     * disabled).</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. Default: "" (empty string, recording is disabled).</p>
      */
     inline void SetRecordingConfigurationArn(const Aws::String& value) { m_recordingConfigurationArnHasBeenSet = true; m_recordingConfigurationArn = value; }
 
     /**
-     * <p>Recording-configuration ARN. A value other than an empty string indicates
-     * that recording is enabled. Default: "" (empty string, recording is
-     * disabled).</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. Default: "" (empty string, recording is disabled).</p>
      */
     inline void SetRecordingConfigurationArn(Aws::String&& value) { m_recordingConfigurationArnHasBeenSet = true; m_recordingConfigurationArn = std::move(value); }
 
     /**
-     * <p>Recording-configuration ARN. A value other than an empty string indicates
-     * that recording is enabled. Default: "" (empty string, recording is
-     * disabled).</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. Default: "" (empty string, recording is disabled).</p>
      */
     inline void SetRecordingConfigurationArn(const char* value) { m_recordingConfigurationArnHasBeenSet = true; m_recordingConfigurationArn.assign(value); }
 
     /**
-     * <p>Recording-configuration ARN. A value other than an empty string indicates
-     * that recording is enabled. Default: "" (empty string, recording is
-     * disabled).</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. Default: "" (empty string, recording is disabled).</p>
      */
     inline ChannelSummary& WithRecordingConfigurationArn(const Aws::String& value) { SetRecordingConfigurationArn(value); return *this;}
 
     /**
-     * <p>Recording-configuration ARN. A value other than an empty string indicates
-     * that recording is enabled. Default: "" (empty string, recording is
-     * disabled).</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. Default: "" (empty string, recording is disabled).</p>
      */
     inline ChannelSummary& WithRecordingConfigurationArn(Aws::String&& value) { SetRecordingConfigurationArn(std::move(value)); return *this;}
 
     /**
-     * <p>Recording-configuration ARN. A value other than an empty string indicates
-     * that recording is enabled. Default: "" (empty string, recording is
-     * disabled).</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. Default: "" (empty string, recording is disabled).</p>
      */
     inline ChannelSummary& WithRecordingConfigurationArn(const char* value) { SetRecordingConfigurationArn(value); return *this;}
 
@@ -548,6 +597,9 @@ namespace Model
     Aws::String m_name;
     bool m_nameHasBeenSet = false;
 
+    Aws::String m_playbackRestrictionPolicyArn;
+    bool m_playbackRestrictionPolicyArnHasBeenSet = false;
+
     TranscodePreset m_preset;
     bool m_presetHasBeenSet = false;
 
diff --git a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/CreateChannelRequest.h b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/CreateChannelRequest.h
index 4fea3b35cd0..3e11aa21bb0 100644
--- a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/CreateChannelRequest.h
+++ b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/CreateChannelRequest.h
@@ -182,6 +182,63 @@ namespace Model
     inline CreateChannelRequest& WithName(const char* value) { SetName(value); return *this;}
 
 
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. Default: "" (empty string, no playback
+     * restriction policy is applied).</p>
+     */
+    inline const Aws::String& GetPlaybackRestrictionPolicyArn() const{ return m_playbackRestrictionPolicyArn; }
+
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. Default: "" (empty string, no playback
+     * restriction policy is applied).</p>
+     */
+    inline bool PlaybackRestrictionPolicyArnHasBeenSet() const { return m_playbackRestrictionPolicyArnHasBeenSet; }
+
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. Default: "" (empty string, no playback
+     * restriction policy is applied).</p>
+     */
+    inline void SetPlaybackRestrictionPolicyArn(const Aws::String& value) { m_playbackRestrictionPolicyArnHasBeenSet = true; m_playbackRestrictionPolicyArn = value; }
+
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. Default: "" (empty string, no playback
+     * restriction policy is applied).</p>
+     */
+    inline void SetPlaybackRestrictionPolicyArn(Aws::String&& value) { m_playbackRestrictionPolicyArnHasBeenSet = true; m_playbackRestrictionPolicyArn = std::move(value); }
+
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. Default: "" (empty string, no playback
+     * restriction policy is applied).</p>
+     */
+    inline void SetPlaybackRestrictionPolicyArn(const char* value) { m_playbackRestrictionPolicyArnHasBeenSet = true; m_playbackRestrictionPolicyArn.assign(value); }
+
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. Default: "" (empty string, no playback
+     * restriction policy is applied).</p>
+     */
+    inline CreateChannelRequest& WithPlaybackRestrictionPolicyArn(const Aws::String& value) { SetPlaybackRestrictionPolicyArn(value); return *this;}
+
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. Default: "" (empty string, no playback
+     * restriction policy is applied).</p>
+     */
+    inline CreateChannelRequest& WithPlaybackRestrictionPolicyArn(Aws::String&& value) { SetPlaybackRestrictionPolicyArn(std::move(value)); return *this;}
+
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. Default: "" (empty string, no playback
+     * restriction policy is applied).</p>
+     */
+    inline CreateChannelRequest& WithPlaybackRestrictionPolicyArn(const char* value) { SetPlaybackRestrictionPolicyArn(value); return *this;}
+
+
     /**
      * <p>Optional transcode preset for the channel. This is selectable only for
      * <code>ADVANCED_HD</code> and <code>ADVANCED_SD</code> channel types. For those
@@ -244,50 +301,50 @@ namespace Model
 
 
     /**
-     * <p>Recording-configuration ARN. Default: "" (empty string, recording is
-     * disabled).</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. Default: "" (empty string, recording is disabled).</p>
      */
     inline const Aws::String& GetRecordingConfigurationArn() const{ return m_recordingConfigurationArn; }
 
     /**
-     * <p>Recording-configuration ARN. Default: "" (empty string, recording is
-     * disabled).</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. Default: "" (empty string, recording is disabled).</p>
      */
     inline bool RecordingConfigurationArnHasBeenSet() const { return m_recordingConfigurationArnHasBeenSet; }
 
     /**
-     * <p>Recording-configuration ARN. Default: "" (empty string, recording is
-     * disabled).</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. Default: "" (empty string, recording is disabled).</p>
      */
     inline void SetRecordingConfigurationArn(const Aws::String& value) { m_recordingConfigurationArnHasBeenSet = true; m_recordingConfigurationArn = value; }
 
     /**
-     * <p>Recording-configuration ARN. Default: "" (empty string, recording is
-     * disabled).</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. Default: "" (empty string, recording is disabled).</p>
      */
     inline void SetRecordingConfigurationArn(Aws::String&& value) { m_recordingConfigurationArnHasBeenSet = true; m_recordingConfigurationArn = std::move(value); }
 
     /**
-     * <p>Recording-configuration ARN. Default: "" (empty string, recording is
-     * disabled).</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. Default: "" (empty string, recording is disabled).</p>
      */
     inline void SetRecordingConfigurationArn(const char* value) { m_recordingConfigurationArnHasBeenSet = true; m_recordingConfigurationArn.assign(value); }
 
     /**
-     * <p>Recording-configuration ARN. Default: "" (empty string, recording is
-     * disabled).</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. Default: "" (empty string, recording is disabled).</p>
      */
     inline CreateChannelRequest& WithRecordingConfigurationArn(const Aws::String& value) { SetRecordingConfigurationArn(value); return *this;}
 
     /**
-     * <p>Recording-configuration ARN. Default: "" (empty string, recording is
-     * disabled).</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. Default: "" (empty string, recording is disabled).</p>
      */
     inline CreateChannelRequest& WithRecordingConfigurationArn(Aws::String&& value) { SetRecordingConfigurationArn(std::move(value)); return *this;}
 
     /**
-     * <p>Recording-configuration ARN. Default: "" (empty string, recording is
-     * disabled).</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. Default: "" (empty string, recording is disabled).</p>
      */
     inline CreateChannelRequest& WithRecordingConfigurationArn(const char* value) { SetRecordingConfigurationArn(value); return *this;}
 
@@ -491,6 +548,9 @@ namespace Model
     Aws::String m_name;
     bool m_nameHasBeenSet = false;
 
+    Aws::String m_playbackRestrictionPolicyArn;
+    bool m_playbackRestrictionPolicyArnHasBeenSet = false;
+
     TranscodePreset m_preset;
     bool m_presetHasBeenSet = false;
 
diff --git a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/CreatePlaybackRestrictionPolicyRequest.h b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/CreatePlaybackRestrictionPolicyRequest.h
new file mode 100644
index 00000000000..520562594d9
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/CreatePlaybackRestrictionPolicyRequest.h
@@ -0,0 +1,399 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/ivs/IVS_EXPORTS.h>
+#include <aws/ivs/IVSRequest.h>
+#include <aws/core/utils/memory/stl/AWSVector.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+#include <aws/core/utils/memory/stl/AWSMap.h>
+#include <utility>
+
+namespace Aws
+{
+namespace IVS
+{
+namespace Model
+{
+
+  /**
+   */
+  class CreatePlaybackRestrictionPolicyRequest : public IVSRequest
+  {
+  public:
+    AWS_IVS_API CreatePlaybackRestrictionPolicyRequest();
+
+    // Service request name is the Operation name which will send this request out,
+    // each operation should has unique request name, so that we can get operation's name from this request.
+    // Note: this is not true for response, multiple operations may have the same response name,
+    // so we can not get operation's name from response.
+    inline virtual const char* GetServiceRequestName() const override { return "CreatePlaybackRestrictionPolicy"; }
+
+    AWS_IVS_API Aws::String SerializePayload() const override;
+
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline const Aws::Vector<Aws::String>& GetAllowedCountries() const{ return m_allowedCountries; }
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline bool AllowedCountriesHasBeenSet() const { return m_allowedCountriesHasBeenSet; }
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline void SetAllowedCountries(const Aws::Vector<Aws::String>& value) { m_allowedCountriesHasBeenSet = true; m_allowedCountries = value; }
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline void SetAllowedCountries(Aws::Vector<Aws::String>&& value) { m_allowedCountriesHasBeenSet = true; m_allowedCountries = std::move(value); }
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline CreatePlaybackRestrictionPolicyRequest& WithAllowedCountries(const Aws::Vector<Aws::String>& value) { SetAllowedCountries(value); return *this;}
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline CreatePlaybackRestrictionPolicyRequest& WithAllowedCountries(Aws::Vector<Aws::String>&& value) { SetAllowedCountries(std::move(value)); return *this;}
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline CreatePlaybackRestrictionPolicyRequest& AddAllowedCountries(const Aws::String& value) { m_allowedCountriesHasBeenSet = true; m_allowedCountries.push_back(value); return *this; }
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline CreatePlaybackRestrictionPolicyRequest& AddAllowedCountries(Aws::String&& value) { m_allowedCountriesHasBeenSet = true; m_allowedCountries.push_back(std::move(value)); return *this; }
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline CreatePlaybackRestrictionPolicyRequest& AddAllowedCountries(const char* value) { m_allowedCountriesHasBeenSet = true; m_allowedCountries.push_back(value); return *this; }
+
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline const Aws::Vector<Aws::String>& GetAllowedOrigins() const{ return m_allowedOrigins; }
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline bool AllowedOriginsHasBeenSet() const { return m_allowedOriginsHasBeenSet; }
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline void SetAllowedOrigins(const Aws::Vector<Aws::String>& value) { m_allowedOriginsHasBeenSet = true; m_allowedOrigins = value; }
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline void SetAllowedOrigins(Aws::Vector<Aws::String>&& value) { m_allowedOriginsHasBeenSet = true; m_allowedOrigins = std::move(value); }
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline CreatePlaybackRestrictionPolicyRequest& WithAllowedOrigins(const Aws::Vector<Aws::String>& value) { SetAllowedOrigins(value); return *this;}
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline CreatePlaybackRestrictionPolicyRequest& WithAllowedOrigins(Aws::Vector<Aws::String>&& value) { SetAllowedOrigins(std::move(value)); return *this;}
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline CreatePlaybackRestrictionPolicyRequest& AddAllowedOrigins(const Aws::String& value) { m_allowedOriginsHasBeenSet = true; m_allowedOrigins.push_back(value); return *this; }
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline CreatePlaybackRestrictionPolicyRequest& AddAllowedOrigins(Aws::String&& value) { m_allowedOriginsHasBeenSet = true; m_allowedOrigins.push_back(std::move(value)); return *this; }
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline CreatePlaybackRestrictionPolicyRequest& AddAllowedOrigins(const char* value) { m_allowedOriginsHasBeenSet = true; m_allowedOrigins.push_back(value); return *this; }
+
+
+    /**
+     * <p>Whether channel playback is constrained by origin site. Default:
+     * <code>false</code>.</p>
+     */
+    inline bool GetEnableStrictOriginEnforcement() const{ return m_enableStrictOriginEnforcement; }
+
+    /**
+     * <p>Whether channel playback is constrained by origin site. Default:
+     * <code>false</code>.</p>
+     */
+    inline bool EnableStrictOriginEnforcementHasBeenSet() const { return m_enableStrictOriginEnforcementHasBeenSet; }
+
+    /**
+     * <p>Whether channel playback is constrained by origin site. Default:
+     * <code>false</code>.</p>
+     */
+    inline void SetEnableStrictOriginEnforcement(bool value) { m_enableStrictOriginEnforcementHasBeenSet = true; m_enableStrictOriginEnforcement = value; }
+
+    /**
+     * <p>Whether channel playback is constrained by origin site. Default:
+     * <code>false</code>.</p>
+     */
+    inline CreatePlaybackRestrictionPolicyRequest& WithEnableStrictOriginEnforcement(bool value) { SetEnableStrictOriginEnforcement(value); return *this;}
+
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline const Aws::String& GetName() const{ return m_name; }
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline bool NameHasBeenSet() const { return m_nameHasBeenSet; }
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline void SetName(const Aws::String& value) { m_nameHasBeenSet = true; m_name = value; }
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline void SetName(Aws::String&& value) { m_nameHasBeenSet = true; m_name = std::move(value); }
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline void SetName(const char* value) { m_nameHasBeenSet = true; m_name.assign(value); }
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline CreatePlaybackRestrictionPolicyRequest& WithName(const Aws::String& value) { SetName(value); return *this;}
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline CreatePlaybackRestrictionPolicyRequest& WithName(Aws::String&& value) { SetName(std::move(value)); return *this;}
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline CreatePlaybackRestrictionPolicyRequest& WithName(const char* value) { SetName(value); return *this;}
+
+
+    /**
+     * <p>Array of 1-50 maps, each of the form <code>string:string (key:value)</code>.
+     * See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline const Aws::Map<Aws::String, Aws::String>& GetTags() const{ return m_tags; }
+
+    /**
+     * <p>Array of 1-50 maps, each of the form <code>string:string (key:value)</code>.
+     * See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline bool TagsHasBeenSet() const { return m_tagsHasBeenSet; }
+
+    /**
+     * <p>Array of 1-50 maps, each of the form <code>string:string (key:value)</code>.
+     * See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline void SetTags(const Aws::Map<Aws::String, Aws::String>& value) { m_tagsHasBeenSet = true; m_tags = value; }
+
+    /**
+     * <p>Array of 1-50 maps, each of the form <code>string:string (key:value)</code>.
+     * See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline void SetTags(Aws::Map<Aws::String, Aws::String>&& value) { m_tagsHasBeenSet = true; m_tags = std::move(value); }
+
+    /**
+     * <p>Array of 1-50 maps, each of the form <code>string:string (key:value)</code>.
+     * See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline CreatePlaybackRestrictionPolicyRequest& WithTags(const Aws::Map<Aws::String, Aws::String>& value) { SetTags(value); return *this;}
+
+    /**
+     * <p>Array of 1-50 maps, each of the form <code>string:string (key:value)</code>.
+     * See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline CreatePlaybackRestrictionPolicyRequest& WithTags(Aws::Map<Aws::String, Aws::String>&& value) { SetTags(std::move(value)); return *this;}
+
+    /**
+     * <p>Array of 1-50 maps, each of the form <code>string:string (key:value)</code>.
+     * See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline CreatePlaybackRestrictionPolicyRequest& AddTags(const Aws::String& key, const Aws::String& value) { m_tagsHasBeenSet = true; m_tags.emplace(key, value); return *this; }
+
+    /**
+     * <p>Array of 1-50 maps, each of the form <code>string:string (key:value)</code>.
+     * See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline CreatePlaybackRestrictionPolicyRequest& AddTags(Aws::String&& key, const Aws::String& value) { m_tagsHasBeenSet = true; m_tags.emplace(std::move(key), value); return *this; }
+
+    /**
+     * <p>Array of 1-50 maps, each of the form <code>string:string (key:value)</code>.
+     * See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline CreatePlaybackRestrictionPolicyRequest& AddTags(const Aws::String& key, Aws::String&& value) { m_tagsHasBeenSet = true; m_tags.emplace(key, std::move(value)); return *this; }
+
+    /**
+     * <p>Array of 1-50 maps, each of the form <code>string:string (key:value)</code>.
+     * See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline CreatePlaybackRestrictionPolicyRequest& AddTags(Aws::String&& key, Aws::String&& value) { m_tagsHasBeenSet = true; m_tags.emplace(std::move(key), std::move(value)); return *this; }
+
+    /**
+     * <p>Array of 1-50 maps, each of the form <code>string:string (key:value)</code>.
+     * See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline CreatePlaybackRestrictionPolicyRequest& AddTags(const char* key, Aws::String&& value) { m_tagsHasBeenSet = true; m_tags.emplace(key, std::move(value)); return *this; }
+
+    /**
+     * <p>Array of 1-50 maps, each of the form <code>string:string (key:value)</code>.
+     * See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline CreatePlaybackRestrictionPolicyRequest& AddTags(Aws::String&& key, const char* value) { m_tagsHasBeenSet = true; m_tags.emplace(std::move(key), value); return *this; }
+
+    /**
+     * <p>Array of 1-50 maps, each of the form <code>string:string (key:value)</code>.
+     * See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline CreatePlaybackRestrictionPolicyRequest& AddTags(const char* key, const char* value) { m_tagsHasBeenSet = true; m_tags.emplace(key, value); return *this; }
+
+  private:
+
+    Aws::Vector<Aws::String> m_allowedCountries;
+    bool m_allowedCountriesHasBeenSet = false;
+
+    Aws::Vector<Aws::String> m_allowedOrigins;
+    bool m_allowedOriginsHasBeenSet = false;
+
+    bool m_enableStrictOriginEnforcement;
+    bool m_enableStrictOriginEnforcementHasBeenSet = false;
+
+    Aws::String m_name;
+    bool m_nameHasBeenSet = false;
+
+    Aws::Map<Aws::String, Aws::String> m_tags;
+    bool m_tagsHasBeenSet = false;
+  };
+
+} // namespace Model
+} // namespace IVS
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/CreatePlaybackRestrictionPolicyResult.h b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/CreatePlaybackRestrictionPolicyResult.h
new file mode 100644
index 00000000000..25da43dc80f
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/CreatePlaybackRestrictionPolicyResult.h
@@ -0,0 +1,92 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/ivs/IVS_EXPORTS.h>
+#include <aws/ivs/model/PlaybackRestrictionPolicy.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+#include <utility>
+
+namespace Aws
+{
+template<typename RESULT_TYPE>
+class AmazonWebServiceResult;
+
+namespace Utils
+{
+namespace Json
+{
+  class JsonValue;
+} // namespace Json
+} // namespace Utils
+namespace IVS
+{
+namespace Model
+{
+  class CreatePlaybackRestrictionPolicyResult
+  {
+  public:
+    AWS_IVS_API CreatePlaybackRestrictionPolicyResult();
+    AWS_IVS_API CreatePlaybackRestrictionPolicyResult(const Aws::AmazonWebServiceResult<Aws::Utils::Json::JsonValue>& result);
+    AWS_IVS_API CreatePlaybackRestrictionPolicyResult& operator=(const Aws::AmazonWebServiceResult<Aws::Utils::Json::JsonValue>& result);
+
+
+    /**
+     * <p/>
+     */
+    inline const PlaybackRestrictionPolicy& GetPlaybackRestrictionPolicy() const{ return m_playbackRestrictionPolicy; }
+
+    /**
+     * <p/>
+     */
+    inline void SetPlaybackRestrictionPolicy(const PlaybackRestrictionPolicy& value) { m_playbackRestrictionPolicy = value; }
+
+    /**
+     * <p/>
+     */
+    inline void SetPlaybackRestrictionPolicy(PlaybackRestrictionPolicy&& value) { m_playbackRestrictionPolicy = std::move(value); }
+
+    /**
+     * <p/>
+     */
+    inline CreatePlaybackRestrictionPolicyResult& WithPlaybackRestrictionPolicy(const PlaybackRestrictionPolicy& value) { SetPlaybackRestrictionPolicy(value); return *this;}
+
+    /**
+     * <p/>
+     */
+    inline CreatePlaybackRestrictionPolicyResult& WithPlaybackRestrictionPolicy(PlaybackRestrictionPolicy&& value) { SetPlaybackRestrictionPolicy(std::move(value)); return *this;}
+
+
+    
+    inline const Aws::String& GetRequestId() const{ return m_requestId; }
+
+    
+    inline void SetRequestId(const Aws::String& value) { m_requestId = value; }
+
+    
+    inline void SetRequestId(Aws::String&& value) { m_requestId = std::move(value); }
+
+    
+    inline void SetRequestId(const char* value) { m_requestId.assign(value); }
+
+    
+    inline CreatePlaybackRestrictionPolicyResult& WithRequestId(const Aws::String& value) { SetRequestId(value); return *this;}
+
+    
+    inline CreatePlaybackRestrictionPolicyResult& WithRequestId(Aws::String&& value) { SetRequestId(std::move(value)); return *this;}
+
+    
+    inline CreatePlaybackRestrictionPolicyResult& WithRequestId(const char* value) { SetRequestId(value); return *this;}
+
+  private:
+
+    PlaybackRestrictionPolicy m_playbackRestrictionPolicy;
+
+    Aws::String m_requestId;
+  };
+
+} // namespace Model
+} // namespace IVS
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/DeletePlaybackRestrictionPolicyRequest.h b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/DeletePlaybackRestrictionPolicyRequest.h
new file mode 100644
index 00000000000..134468cbdb7
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/DeletePlaybackRestrictionPolicyRequest.h
@@ -0,0 +1,83 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/ivs/IVS_EXPORTS.h>
+#include <aws/ivs/IVSRequest.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+#include <utility>
+
+namespace Aws
+{
+namespace IVS
+{
+namespace Model
+{
+
+  /**
+   */
+  class DeletePlaybackRestrictionPolicyRequest : public IVSRequest
+  {
+  public:
+    AWS_IVS_API DeletePlaybackRestrictionPolicyRequest();
+
+    // Service request name is the Operation name which will send this request out,
+    // each operation should has unique request name, so that we can get operation's name from this request.
+    // Note: this is not true for response, multiple operations may have the same response name,
+    // so we can not get operation's name from response.
+    inline virtual const char* GetServiceRequestName() const override { return "DeletePlaybackRestrictionPolicy"; }
+
+    AWS_IVS_API Aws::String SerializePayload() const override;
+
+
+    /**
+     * <p>ARN of the playback restriction policy to be deleted.</p>
+     */
+    inline const Aws::String& GetArn() const{ return m_arn; }
+
+    /**
+     * <p>ARN of the playback restriction policy to be deleted.</p>
+     */
+    inline bool ArnHasBeenSet() const { return m_arnHasBeenSet; }
+
+    /**
+     * <p>ARN of the playback restriction policy to be deleted.</p>
+     */
+    inline void SetArn(const Aws::String& value) { m_arnHasBeenSet = true; m_arn = value; }
+
+    /**
+     * <p>ARN of the playback restriction policy to be deleted.</p>
+     */
+    inline void SetArn(Aws::String&& value) { m_arnHasBeenSet = true; m_arn = std::move(value); }
+
+    /**
+     * <p>ARN of the playback restriction policy to be deleted.</p>
+     */
+    inline void SetArn(const char* value) { m_arnHasBeenSet = true; m_arn.assign(value); }
+
+    /**
+     * <p>ARN of the playback restriction policy to be deleted.</p>
+     */
+    inline DeletePlaybackRestrictionPolicyRequest& WithArn(const Aws::String& value) { SetArn(value); return *this;}
+
+    /**
+     * <p>ARN of the playback restriction policy to be deleted.</p>
+     */
+    inline DeletePlaybackRestrictionPolicyRequest& WithArn(Aws::String&& value) { SetArn(std::move(value)); return *this;}
+
+    /**
+     * <p>ARN of the playback restriction policy to be deleted.</p>
+     */
+    inline DeletePlaybackRestrictionPolicyRequest& WithArn(const char* value) { SetArn(value); return *this;}
+
+  private:
+
+    Aws::String m_arn;
+    bool m_arnHasBeenSet = false;
+  };
+
+} // namespace Model
+} // namespace IVS
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/GetPlaybackRestrictionPolicyRequest.h b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/GetPlaybackRestrictionPolicyRequest.h
new file mode 100644
index 00000000000..1d4ee0e7fc8
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/GetPlaybackRestrictionPolicyRequest.h
@@ -0,0 +1,83 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/ivs/IVS_EXPORTS.h>
+#include <aws/ivs/IVSRequest.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+#include <utility>
+
+namespace Aws
+{
+namespace IVS
+{
+namespace Model
+{
+
+  /**
+   */
+  class GetPlaybackRestrictionPolicyRequest : public IVSRequest
+  {
+  public:
+    AWS_IVS_API GetPlaybackRestrictionPolicyRequest();
+
+    // Service request name is the Operation name which will send this request out,
+    // each operation should has unique request name, so that we can get operation's name from this request.
+    // Note: this is not true for response, multiple operations may have the same response name,
+    // so we can not get operation's name from response.
+    inline virtual const char* GetServiceRequestName() const override { return "GetPlaybackRestrictionPolicy"; }
+
+    AWS_IVS_API Aws::String SerializePayload() const override;
+
+
+    /**
+     * <p>ARN of the playback restriction policy to be returned.</p>
+     */
+    inline const Aws::String& GetArn() const{ return m_arn; }
+
+    /**
+     * <p>ARN of the playback restriction policy to be returned.</p>
+     */
+    inline bool ArnHasBeenSet() const { return m_arnHasBeenSet; }
+
+    /**
+     * <p>ARN of the playback restriction policy to be returned.</p>
+     */
+    inline void SetArn(const Aws::String& value) { m_arnHasBeenSet = true; m_arn = value; }
+
+    /**
+     * <p>ARN of the playback restriction policy to be returned.</p>
+     */
+    inline void SetArn(Aws::String&& value) { m_arnHasBeenSet = true; m_arn = std::move(value); }
+
+    /**
+     * <p>ARN of the playback restriction policy to be returned.</p>
+     */
+    inline void SetArn(const char* value) { m_arnHasBeenSet = true; m_arn.assign(value); }
+
+    /**
+     * <p>ARN of the playback restriction policy to be returned.</p>
+     */
+    inline GetPlaybackRestrictionPolicyRequest& WithArn(const Aws::String& value) { SetArn(value); return *this;}
+
+    /**
+     * <p>ARN of the playback restriction policy to be returned.</p>
+     */
+    inline GetPlaybackRestrictionPolicyRequest& WithArn(Aws::String&& value) { SetArn(std::move(value)); return *this;}
+
+    /**
+     * <p>ARN of the playback restriction policy to be returned.</p>
+     */
+    inline GetPlaybackRestrictionPolicyRequest& WithArn(const char* value) { SetArn(value); return *this;}
+
+  private:
+
+    Aws::String m_arn;
+    bool m_arnHasBeenSet = false;
+  };
+
+} // namespace Model
+} // namespace IVS
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/GetPlaybackRestrictionPolicyResult.h b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/GetPlaybackRestrictionPolicyResult.h
new file mode 100644
index 00000000000..cc2f6698a96
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/GetPlaybackRestrictionPolicyResult.h
@@ -0,0 +1,92 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/ivs/IVS_EXPORTS.h>
+#include <aws/ivs/model/PlaybackRestrictionPolicy.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+#include <utility>
+
+namespace Aws
+{
+template<typename RESULT_TYPE>
+class AmazonWebServiceResult;
+
+namespace Utils
+{
+namespace Json
+{
+  class JsonValue;
+} // namespace Json
+} // namespace Utils
+namespace IVS
+{
+namespace Model
+{
+  class GetPlaybackRestrictionPolicyResult
+  {
+  public:
+    AWS_IVS_API GetPlaybackRestrictionPolicyResult();
+    AWS_IVS_API GetPlaybackRestrictionPolicyResult(const Aws::AmazonWebServiceResult<Aws::Utils::Json::JsonValue>& result);
+    AWS_IVS_API GetPlaybackRestrictionPolicyResult& operator=(const Aws::AmazonWebServiceResult<Aws::Utils::Json::JsonValue>& result);
+
+
+    /**
+     * <p/>
+     */
+    inline const PlaybackRestrictionPolicy& GetPlaybackRestrictionPolicy() const{ return m_playbackRestrictionPolicy; }
+
+    /**
+     * <p/>
+     */
+    inline void SetPlaybackRestrictionPolicy(const PlaybackRestrictionPolicy& value) { m_playbackRestrictionPolicy = value; }
+
+    /**
+     * <p/>
+     */
+    inline void SetPlaybackRestrictionPolicy(PlaybackRestrictionPolicy&& value) { m_playbackRestrictionPolicy = std::move(value); }
+
+    /**
+     * <p/>
+     */
+    inline GetPlaybackRestrictionPolicyResult& WithPlaybackRestrictionPolicy(const PlaybackRestrictionPolicy& value) { SetPlaybackRestrictionPolicy(value); return *this;}
+
+    /**
+     * <p/>
+     */
+    inline GetPlaybackRestrictionPolicyResult& WithPlaybackRestrictionPolicy(PlaybackRestrictionPolicy&& value) { SetPlaybackRestrictionPolicy(std::move(value)); return *this;}
+
+
+    
+    inline const Aws::String& GetRequestId() const{ return m_requestId; }
+
+    
+    inline void SetRequestId(const Aws::String& value) { m_requestId = value; }
+
+    
+    inline void SetRequestId(Aws::String&& value) { m_requestId = std::move(value); }
+
+    
+    inline void SetRequestId(const char* value) { m_requestId.assign(value); }
+
+    
+    inline GetPlaybackRestrictionPolicyResult& WithRequestId(const Aws::String& value) { SetRequestId(value); return *this;}
+
+    
+    inline GetPlaybackRestrictionPolicyResult& WithRequestId(Aws::String&& value) { SetRequestId(std::move(value)); return *this;}
+
+    
+    inline GetPlaybackRestrictionPolicyResult& WithRequestId(const char* value) { SetRequestId(value); return *this;}
+
+  private:
+
+    PlaybackRestrictionPolicy m_playbackRestrictionPolicy;
+
+    Aws::String m_requestId;
+  };
+
+} // namespace Model
+} // namespace IVS
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/ListChannelsRequest.h b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/ListChannelsRequest.h
index 1d2be04d4f3..ce89633f3de 100644
--- a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/ListChannelsRequest.h
+++ b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/ListChannelsRequest.h
@@ -73,6 +73,47 @@ namespace Model
     inline ListChannelsRequest& WithFilterByName(const char* value) { SetFilterByName(value); return *this;}
 
 
+    /**
+     * <p>Filters the channel list to match the specified policy.</p>
+     */
+    inline const Aws::String& GetFilterByPlaybackRestrictionPolicyArn() const{ return m_filterByPlaybackRestrictionPolicyArn; }
+
+    /**
+     * <p>Filters the channel list to match the specified policy.</p>
+     */
+    inline bool FilterByPlaybackRestrictionPolicyArnHasBeenSet() const { return m_filterByPlaybackRestrictionPolicyArnHasBeenSet; }
+
+    /**
+     * <p>Filters the channel list to match the specified policy.</p>
+     */
+    inline void SetFilterByPlaybackRestrictionPolicyArn(const Aws::String& value) { m_filterByPlaybackRestrictionPolicyArnHasBeenSet = true; m_filterByPlaybackRestrictionPolicyArn = value; }
+
+    /**
+     * <p>Filters the channel list to match the specified policy.</p>
+     */
+    inline void SetFilterByPlaybackRestrictionPolicyArn(Aws::String&& value) { m_filterByPlaybackRestrictionPolicyArnHasBeenSet = true; m_filterByPlaybackRestrictionPolicyArn = std::move(value); }
+
+    /**
+     * <p>Filters the channel list to match the specified policy.</p>
+     */
+    inline void SetFilterByPlaybackRestrictionPolicyArn(const char* value) { m_filterByPlaybackRestrictionPolicyArnHasBeenSet = true; m_filterByPlaybackRestrictionPolicyArn.assign(value); }
+
+    /**
+     * <p>Filters the channel list to match the specified policy.</p>
+     */
+    inline ListChannelsRequest& WithFilterByPlaybackRestrictionPolicyArn(const Aws::String& value) { SetFilterByPlaybackRestrictionPolicyArn(value); return *this;}
+
+    /**
+     * <p>Filters the channel list to match the specified policy.</p>
+     */
+    inline ListChannelsRequest& WithFilterByPlaybackRestrictionPolicyArn(Aws::String&& value) { SetFilterByPlaybackRestrictionPolicyArn(std::move(value)); return *this;}
+
+    /**
+     * <p>Filters the channel list to match the specified policy.</p>
+     */
+    inline ListChannelsRequest& WithFilterByPlaybackRestrictionPolicyArn(const char* value) { SetFilterByPlaybackRestrictionPolicyArn(value); return *this;}
+
+
     /**
      * <p>Filters the channel list to match the specified recording-configuration
      * ARN.</p>
@@ -196,6 +237,9 @@ namespace Model
     Aws::String m_filterByName;
     bool m_filterByNameHasBeenSet = false;
 
+    Aws::String m_filterByPlaybackRestrictionPolicyArn;
+    bool m_filterByPlaybackRestrictionPolicyArnHasBeenSet = false;
+
     Aws::String m_filterByRecordingConfigurationArn;
     bool m_filterByRecordingConfigurationArnHasBeenSet = false;
 
diff --git a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/ListPlaybackRestrictionPoliciesRequest.h b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/ListPlaybackRestrictionPoliciesRequest.h
new file mode 100644
index 00000000000..d17712e8018
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/ListPlaybackRestrictionPoliciesRequest.h
@@ -0,0 +1,115 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/ivs/IVS_EXPORTS.h>
+#include <aws/ivs/IVSRequest.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+#include <utility>
+
+namespace Aws
+{
+namespace IVS
+{
+namespace Model
+{
+
+  /**
+   */
+  class ListPlaybackRestrictionPoliciesRequest : public IVSRequest
+  {
+  public:
+    AWS_IVS_API ListPlaybackRestrictionPoliciesRequest();
+
+    // Service request name is the Operation name which will send this request out,
+    // each operation should has unique request name, so that we can get operation's name from this request.
+    // Note: this is not true for response, multiple operations may have the same response name,
+    // so we can not get operation's name from response.
+    inline virtual const char* GetServiceRequestName() const override { return "ListPlaybackRestrictionPolicies"; }
+
+    AWS_IVS_API Aws::String SerializePayload() const override;
+
+
+    /**
+     * <p>Maximum number of policies to return. Default: 1.</p>
+     */
+    inline int GetMaxResults() const{ return m_maxResults; }
+
+    /**
+     * <p>Maximum number of policies to return. Default: 1.</p>
+     */
+    inline bool MaxResultsHasBeenSet() const { return m_maxResultsHasBeenSet; }
+
+    /**
+     * <p>Maximum number of policies to return. Default: 1.</p>
+     */
+    inline void SetMaxResults(int value) { m_maxResultsHasBeenSet = true; m_maxResults = value; }
+
+    /**
+     * <p>Maximum number of policies to return. Default: 1.</p>
+     */
+    inline ListPlaybackRestrictionPoliciesRequest& WithMaxResults(int value) { SetMaxResults(value); return *this;}
+
+
+    /**
+     * <p>The first policy to retrieve. This is used for pagination; see the
+     * <code>nextToken</code> response field.</p>
+     */
+    inline const Aws::String& GetNextToken() const{ return m_nextToken; }
+
+    /**
+     * <p>The first policy to retrieve. This is used for pagination; see the
+     * <code>nextToken</code> response field.</p>
+     */
+    inline bool NextTokenHasBeenSet() const { return m_nextTokenHasBeenSet; }
+
+    /**
+     * <p>The first policy to retrieve. This is used for pagination; see the
+     * <code>nextToken</code> response field.</p>
+     */
+    inline void SetNextToken(const Aws::String& value) { m_nextTokenHasBeenSet = true; m_nextToken = value; }
+
+    /**
+     * <p>The first policy to retrieve. This is used for pagination; see the
+     * <code>nextToken</code> response field.</p>
+     */
+    inline void SetNextToken(Aws::String&& value) { m_nextTokenHasBeenSet = true; m_nextToken = std::move(value); }
+
+    /**
+     * <p>The first policy to retrieve. This is used for pagination; see the
+     * <code>nextToken</code> response field.</p>
+     */
+    inline void SetNextToken(const char* value) { m_nextTokenHasBeenSet = true; m_nextToken.assign(value); }
+
+    /**
+     * <p>The first policy to retrieve. This is used for pagination; see the
+     * <code>nextToken</code> response field.</p>
+     */
+    inline ListPlaybackRestrictionPoliciesRequest& WithNextToken(const Aws::String& value) { SetNextToken(value); return *this;}
+
+    /**
+     * <p>The first policy to retrieve. This is used for pagination; see the
+     * <code>nextToken</code> response field.</p>
+     */
+    inline ListPlaybackRestrictionPoliciesRequest& WithNextToken(Aws::String&& value) { SetNextToken(std::move(value)); return *this;}
+
+    /**
+     * <p>The first policy to retrieve. This is used for pagination; see the
+     * <code>nextToken</code> response field.</p>
+     */
+    inline ListPlaybackRestrictionPoliciesRequest& WithNextToken(const char* value) { SetNextToken(value); return *this;}
+
+  private:
+
+    int m_maxResults;
+    bool m_maxResultsHasBeenSet = false;
+
+    Aws::String m_nextToken;
+    bool m_nextTokenHasBeenSet = false;
+  };
+
+} // namespace Model
+} // namespace IVS
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/ListPlaybackRestrictionPoliciesResult.h b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/ListPlaybackRestrictionPoliciesResult.h
new file mode 100644
index 00000000000..4a9f5ea5d21
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/ListPlaybackRestrictionPoliciesResult.h
@@ -0,0 +1,148 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/ivs/IVS_EXPORTS.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+#include <aws/core/utils/memory/stl/AWSVector.h>
+#include <aws/ivs/model/PlaybackRestrictionPolicySummary.h>
+#include <utility>
+
+namespace Aws
+{
+template<typename RESULT_TYPE>
+class AmazonWebServiceResult;
+
+namespace Utils
+{
+namespace Json
+{
+  class JsonValue;
+} // namespace Json
+} // namespace Utils
+namespace IVS
+{
+namespace Model
+{
+  class ListPlaybackRestrictionPoliciesResult
+  {
+  public:
+    AWS_IVS_API ListPlaybackRestrictionPoliciesResult();
+    AWS_IVS_API ListPlaybackRestrictionPoliciesResult(const Aws::AmazonWebServiceResult<Aws::Utils::Json::JsonValue>& result);
+    AWS_IVS_API ListPlaybackRestrictionPoliciesResult& operator=(const Aws::AmazonWebServiceResult<Aws::Utils::Json::JsonValue>& result);
+
+
+    /**
+     * <p>If there are more channels than <code>maxResults</code>, use
+     * <code>nextToken</code> in the request to get the next set.</p>
+     */
+    inline const Aws::String& GetNextToken() const{ return m_nextToken; }
+
+    /**
+     * <p>If there are more channels than <code>maxResults</code>, use
+     * <code>nextToken</code> in the request to get the next set.</p>
+     */
+    inline void SetNextToken(const Aws::String& value) { m_nextToken = value; }
+
+    /**
+     * <p>If there are more channels than <code>maxResults</code>, use
+     * <code>nextToken</code> in the request to get the next set.</p>
+     */
+    inline void SetNextToken(Aws::String&& value) { m_nextToken = std::move(value); }
+
+    /**
+     * <p>If there are more channels than <code>maxResults</code>, use
+     * <code>nextToken</code> in the request to get the next set.</p>
+     */
+    inline void SetNextToken(const char* value) { m_nextToken.assign(value); }
+
+    /**
+     * <p>If there are more channels than <code>maxResults</code>, use
+     * <code>nextToken</code> in the request to get the next set.</p>
+     */
+    inline ListPlaybackRestrictionPoliciesResult& WithNextToken(const Aws::String& value) { SetNextToken(value); return *this;}
+
+    /**
+     * <p>If there are more channels than <code>maxResults</code>, use
+     * <code>nextToken</code> in the request to get the next set.</p>
+     */
+    inline ListPlaybackRestrictionPoliciesResult& WithNextToken(Aws::String&& value) { SetNextToken(std::move(value)); return *this;}
+
+    /**
+     * <p>If there are more channels than <code>maxResults</code>, use
+     * <code>nextToken</code> in the request to get the next set.</p>
+     */
+    inline ListPlaybackRestrictionPoliciesResult& WithNextToken(const char* value) { SetNextToken(value); return *this;}
+
+
+    /**
+     * <p>List of the matching policies.</p>
+     */
+    inline const Aws::Vector<PlaybackRestrictionPolicySummary>& GetPlaybackRestrictionPolicies() const{ return m_playbackRestrictionPolicies; }
+
+    /**
+     * <p>List of the matching policies.</p>
+     */
+    inline void SetPlaybackRestrictionPolicies(const Aws::Vector<PlaybackRestrictionPolicySummary>& value) { m_playbackRestrictionPolicies = value; }
+
+    /**
+     * <p>List of the matching policies.</p>
+     */
+    inline void SetPlaybackRestrictionPolicies(Aws::Vector<PlaybackRestrictionPolicySummary>&& value) { m_playbackRestrictionPolicies = std::move(value); }
+
+    /**
+     * <p>List of the matching policies.</p>
+     */
+    inline ListPlaybackRestrictionPoliciesResult& WithPlaybackRestrictionPolicies(const Aws::Vector<PlaybackRestrictionPolicySummary>& value) { SetPlaybackRestrictionPolicies(value); return *this;}
+
+    /**
+     * <p>List of the matching policies.</p>
+     */
+    inline ListPlaybackRestrictionPoliciesResult& WithPlaybackRestrictionPolicies(Aws::Vector<PlaybackRestrictionPolicySummary>&& value) { SetPlaybackRestrictionPolicies(std::move(value)); return *this;}
+
+    /**
+     * <p>List of the matching policies.</p>
+     */
+    inline ListPlaybackRestrictionPoliciesResult& AddPlaybackRestrictionPolicies(const PlaybackRestrictionPolicySummary& value) { m_playbackRestrictionPolicies.push_back(value); return *this; }
+
+    /**
+     * <p>List of the matching policies.</p>
+     */
+    inline ListPlaybackRestrictionPoliciesResult& AddPlaybackRestrictionPolicies(PlaybackRestrictionPolicySummary&& value) { m_playbackRestrictionPolicies.push_back(std::move(value)); return *this; }
+
+
+    
+    inline const Aws::String& GetRequestId() const{ return m_requestId; }
+
+    
+    inline void SetRequestId(const Aws::String& value) { m_requestId = value; }
+
+    
+    inline void SetRequestId(Aws::String&& value) { m_requestId = std::move(value); }
+
+    
+    inline void SetRequestId(const char* value) { m_requestId.assign(value); }
+
+    
+    inline ListPlaybackRestrictionPoliciesResult& WithRequestId(const Aws::String& value) { SetRequestId(value); return *this;}
+
+    
+    inline ListPlaybackRestrictionPoliciesResult& WithRequestId(Aws::String&& value) { SetRequestId(std::move(value)); return *this;}
+
+    
+    inline ListPlaybackRestrictionPoliciesResult& WithRequestId(const char* value) { SetRequestId(value); return *this;}
+
+  private:
+
+    Aws::String m_nextToken;
+
+    Aws::Vector<PlaybackRestrictionPolicySummary> m_playbackRestrictionPolicies;
+
+    Aws::String m_requestId;
+  };
+
+} // namespace Model
+} // namespace IVS
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/PlaybackRestrictionPolicy.h b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/PlaybackRestrictionPolicy.h
new file mode 100644
index 00000000000..688ff83d4e6
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/PlaybackRestrictionPolicy.h
@@ -0,0 +1,449 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/ivs/IVS_EXPORTS.h>
+#include <aws/core/utils/memory/stl/AWSVector.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+#include <aws/core/utils/memory/stl/AWSMap.h>
+#include <utility>
+
+namespace Aws
+{
+namespace Utils
+{
+namespace Json
+{
+  class JsonValue;
+  class JsonView;
+} // namespace Json
+} // namespace Utils
+namespace IVS
+{
+namespace Model
+{
+
+  /**
+   * <p>An object representing a policy to constrain playback by country and/or
+   * origin sites.</p><p><h3>See Also:</h3>   <a
+   * href="http://docs.aws.amazon.com/goto/WebAPI/ivs-2020-07-14/PlaybackRestrictionPolicy">AWS
+   * API Reference</a></p>
+   */
+  class PlaybackRestrictionPolicy
+  {
+  public:
+    AWS_IVS_API PlaybackRestrictionPolicy();
+    AWS_IVS_API PlaybackRestrictionPolicy(Aws::Utils::Json::JsonView jsonValue);
+    AWS_IVS_API PlaybackRestrictionPolicy& operator=(Aws::Utils::Json::JsonView jsonValue);
+    AWS_IVS_API Aws::Utils::Json::JsonValue Jsonize() const;
+
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline const Aws::Vector<Aws::String>& GetAllowedCountries() const{ return m_allowedCountries; }
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline bool AllowedCountriesHasBeenSet() const { return m_allowedCountriesHasBeenSet; }
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline void SetAllowedCountries(const Aws::Vector<Aws::String>& value) { m_allowedCountriesHasBeenSet = true; m_allowedCountries = value; }
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline void SetAllowedCountries(Aws::Vector<Aws::String>&& value) { m_allowedCountriesHasBeenSet = true; m_allowedCountries = std::move(value); }
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline PlaybackRestrictionPolicy& WithAllowedCountries(const Aws::Vector<Aws::String>& value) { SetAllowedCountries(value); return *this;}
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline PlaybackRestrictionPolicy& WithAllowedCountries(Aws::Vector<Aws::String>&& value) { SetAllowedCountries(std::move(value)); return *this;}
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline PlaybackRestrictionPolicy& AddAllowedCountries(const Aws::String& value) { m_allowedCountriesHasBeenSet = true; m_allowedCountries.push_back(value); return *this; }
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline PlaybackRestrictionPolicy& AddAllowedCountries(Aws::String&& value) { m_allowedCountriesHasBeenSet = true; m_allowedCountries.push_back(std::move(value)); return *this; }
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline PlaybackRestrictionPolicy& AddAllowedCountries(const char* value) { m_allowedCountriesHasBeenSet = true; m_allowedCountries.push_back(value); return *this; }
+
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline const Aws::Vector<Aws::String>& GetAllowedOrigins() const{ return m_allowedOrigins; }
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline bool AllowedOriginsHasBeenSet() const { return m_allowedOriginsHasBeenSet; }
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline void SetAllowedOrigins(const Aws::Vector<Aws::String>& value) { m_allowedOriginsHasBeenSet = true; m_allowedOrigins = value; }
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline void SetAllowedOrigins(Aws::Vector<Aws::String>&& value) { m_allowedOriginsHasBeenSet = true; m_allowedOrigins = std::move(value); }
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline PlaybackRestrictionPolicy& WithAllowedOrigins(const Aws::Vector<Aws::String>& value) { SetAllowedOrigins(value); return *this;}
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline PlaybackRestrictionPolicy& WithAllowedOrigins(Aws::Vector<Aws::String>&& value) { SetAllowedOrigins(std::move(value)); return *this;}
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline PlaybackRestrictionPolicy& AddAllowedOrigins(const Aws::String& value) { m_allowedOriginsHasBeenSet = true; m_allowedOrigins.push_back(value); return *this; }
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline PlaybackRestrictionPolicy& AddAllowedOrigins(Aws::String&& value) { m_allowedOriginsHasBeenSet = true; m_allowedOrigins.push_back(std::move(value)); return *this; }
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline PlaybackRestrictionPolicy& AddAllowedOrigins(const char* value) { m_allowedOriginsHasBeenSet = true; m_allowedOrigins.push_back(value); return *this; }
+
+
+    /**
+     * <p>Playback-restriction-policy ARN</p>
+     */
+    inline const Aws::String& GetArn() const{ return m_arn; }
+
+    /**
+     * <p>Playback-restriction-policy ARN</p>
+     */
+    inline bool ArnHasBeenSet() const { return m_arnHasBeenSet; }
+
+    /**
+     * <p>Playback-restriction-policy ARN</p>
+     */
+    inline void SetArn(const Aws::String& value) { m_arnHasBeenSet = true; m_arn = value; }
+
+    /**
+     * <p>Playback-restriction-policy ARN</p>
+     */
+    inline void SetArn(Aws::String&& value) { m_arnHasBeenSet = true; m_arn = std::move(value); }
+
+    /**
+     * <p>Playback-restriction-policy ARN</p>
+     */
+    inline void SetArn(const char* value) { m_arnHasBeenSet = true; m_arn.assign(value); }
+
+    /**
+     * <p>Playback-restriction-policy ARN</p>
+     */
+    inline PlaybackRestrictionPolicy& WithArn(const Aws::String& value) { SetArn(value); return *this;}
+
+    /**
+     * <p>Playback-restriction-policy ARN</p>
+     */
+    inline PlaybackRestrictionPolicy& WithArn(Aws::String&& value) { SetArn(std::move(value)); return *this;}
+
+    /**
+     * <p>Playback-restriction-policy ARN</p>
+     */
+    inline PlaybackRestrictionPolicy& WithArn(const char* value) { SetArn(value); return *this;}
+
+
+    /**
+     * <p>Whether channel playback is constrained by origin site. Default:
+     * <code>false</code>.</p>
+     */
+    inline bool GetEnableStrictOriginEnforcement() const{ return m_enableStrictOriginEnforcement; }
+
+    /**
+     * <p>Whether channel playback is constrained by origin site. Default:
+     * <code>false</code>.</p>
+     */
+    inline bool EnableStrictOriginEnforcementHasBeenSet() const { return m_enableStrictOriginEnforcementHasBeenSet; }
+
+    /**
+     * <p>Whether channel playback is constrained by origin site. Default:
+     * <code>false</code>.</p>
+     */
+    inline void SetEnableStrictOriginEnforcement(bool value) { m_enableStrictOriginEnforcementHasBeenSet = true; m_enableStrictOriginEnforcement = value; }
+
+    /**
+     * <p>Whether channel playback is constrained by origin site. Default:
+     * <code>false</code>.</p>
+     */
+    inline PlaybackRestrictionPolicy& WithEnableStrictOriginEnforcement(bool value) { SetEnableStrictOriginEnforcement(value); return *this;}
+
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline const Aws::String& GetName() const{ return m_name; }
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline bool NameHasBeenSet() const { return m_nameHasBeenSet; }
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline void SetName(const Aws::String& value) { m_nameHasBeenSet = true; m_name = value; }
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline void SetName(Aws::String&& value) { m_nameHasBeenSet = true; m_name = std::move(value); }
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline void SetName(const char* value) { m_nameHasBeenSet = true; m_name.assign(value); }
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline PlaybackRestrictionPolicy& WithName(const Aws::String& value) { SetName(value); return *this;}
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline PlaybackRestrictionPolicy& WithName(Aws::String&& value) { SetName(std::move(value)); return *this;}
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline PlaybackRestrictionPolicy& WithName(const char* value) { SetName(value); return *this;}
+
+
+    /**
+     * <p>Tags attached to the resource. Array of 1-50 maps, each of the form
+     * <code>string:string (key:value)</code>. See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline const Aws::Map<Aws::String, Aws::String>& GetTags() const{ return m_tags; }
+
+    /**
+     * <p>Tags attached to the resource. Array of 1-50 maps, each of the form
+     * <code>string:string (key:value)</code>. See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline bool TagsHasBeenSet() const { return m_tagsHasBeenSet; }
+
+    /**
+     * <p>Tags attached to the resource. Array of 1-50 maps, each of the form
+     * <code>string:string (key:value)</code>. See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline void SetTags(const Aws::Map<Aws::String, Aws::String>& value) { m_tagsHasBeenSet = true; m_tags = value; }
+
+    /**
+     * <p>Tags attached to the resource. Array of 1-50 maps, each of the form
+     * <code>string:string (key:value)</code>. See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline void SetTags(Aws::Map<Aws::String, Aws::String>&& value) { m_tagsHasBeenSet = true; m_tags = std::move(value); }
+
+    /**
+     * <p>Tags attached to the resource. Array of 1-50 maps, each of the form
+     * <code>string:string (key:value)</code>. See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline PlaybackRestrictionPolicy& WithTags(const Aws::Map<Aws::String, Aws::String>& value) { SetTags(value); return *this;}
+
+    /**
+     * <p>Tags attached to the resource. Array of 1-50 maps, each of the form
+     * <code>string:string (key:value)</code>. See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline PlaybackRestrictionPolicy& WithTags(Aws::Map<Aws::String, Aws::String>&& value) { SetTags(std::move(value)); return *this;}
+
+    /**
+     * <p>Tags attached to the resource. Array of 1-50 maps, each of the form
+     * <code>string:string (key:value)</code>. See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline PlaybackRestrictionPolicy& AddTags(const Aws::String& key, const Aws::String& value) { m_tagsHasBeenSet = true; m_tags.emplace(key, value); return *this; }
+
+    /**
+     * <p>Tags attached to the resource. Array of 1-50 maps, each of the form
+     * <code>string:string (key:value)</code>. See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline PlaybackRestrictionPolicy& AddTags(Aws::String&& key, const Aws::String& value) { m_tagsHasBeenSet = true; m_tags.emplace(std::move(key), value); return *this; }
+
+    /**
+     * <p>Tags attached to the resource. Array of 1-50 maps, each of the form
+     * <code>string:string (key:value)</code>. See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline PlaybackRestrictionPolicy& AddTags(const Aws::String& key, Aws::String&& value) { m_tagsHasBeenSet = true; m_tags.emplace(key, std::move(value)); return *this; }
+
+    /**
+     * <p>Tags attached to the resource. Array of 1-50 maps, each of the form
+     * <code>string:string (key:value)</code>. See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline PlaybackRestrictionPolicy& AddTags(Aws::String&& key, Aws::String&& value) { m_tagsHasBeenSet = true; m_tags.emplace(std::move(key), std::move(value)); return *this; }
+
+    /**
+     * <p>Tags attached to the resource. Array of 1-50 maps, each of the form
+     * <code>string:string (key:value)</code>. See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline PlaybackRestrictionPolicy& AddTags(const char* key, Aws::String&& value) { m_tagsHasBeenSet = true; m_tags.emplace(key, std::move(value)); return *this; }
+
+    /**
+     * <p>Tags attached to the resource. Array of 1-50 maps, each of the form
+     * <code>string:string (key:value)</code>. See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline PlaybackRestrictionPolicy& AddTags(Aws::String&& key, const char* value) { m_tagsHasBeenSet = true; m_tags.emplace(std::move(key), value); return *this; }
+
+    /**
+     * <p>Tags attached to the resource. Array of 1-50 maps, each of the form
+     * <code>string:string (key:value)</code>. See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline PlaybackRestrictionPolicy& AddTags(const char* key, const char* value) { m_tagsHasBeenSet = true; m_tags.emplace(key, value); return *this; }
+
+  private:
+
+    Aws::Vector<Aws::String> m_allowedCountries;
+    bool m_allowedCountriesHasBeenSet = false;
+
+    Aws::Vector<Aws::String> m_allowedOrigins;
+    bool m_allowedOriginsHasBeenSet = false;
+
+    Aws::String m_arn;
+    bool m_arnHasBeenSet = false;
+
+    bool m_enableStrictOriginEnforcement;
+    bool m_enableStrictOriginEnforcementHasBeenSet = false;
+
+    Aws::String m_name;
+    bool m_nameHasBeenSet = false;
+
+    Aws::Map<Aws::String, Aws::String> m_tags;
+    bool m_tagsHasBeenSet = false;
+  };
+
+} // namespace Model
+} // namespace IVS
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/PlaybackRestrictionPolicySummary.h b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/PlaybackRestrictionPolicySummary.h
new file mode 100644
index 00000000000..893dbf89659
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/PlaybackRestrictionPolicySummary.h
@@ -0,0 +1,449 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/ivs/IVS_EXPORTS.h>
+#include <aws/core/utils/memory/stl/AWSVector.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+#include <aws/core/utils/memory/stl/AWSMap.h>
+#include <utility>
+
+namespace Aws
+{
+namespace Utils
+{
+namespace Json
+{
+  class JsonValue;
+  class JsonView;
+} // namespace Json
+} // namespace Utils
+namespace IVS
+{
+namespace Model
+{
+
+  /**
+   * <p>Summary information about a PlaybackRestrictionPolicy.</p><p><h3>See
+   * Also:</h3>   <a
+   * href="http://docs.aws.amazon.com/goto/WebAPI/ivs-2020-07-14/PlaybackRestrictionPolicySummary">AWS
+   * API Reference</a></p>
+   */
+  class PlaybackRestrictionPolicySummary
+  {
+  public:
+    AWS_IVS_API PlaybackRestrictionPolicySummary();
+    AWS_IVS_API PlaybackRestrictionPolicySummary(Aws::Utils::Json::JsonView jsonValue);
+    AWS_IVS_API PlaybackRestrictionPolicySummary& operator=(Aws::Utils::Json::JsonView jsonValue);
+    AWS_IVS_API Aws::Utils::Json::JsonValue Jsonize() const;
+
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline const Aws::Vector<Aws::String>& GetAllowedCountries() const{ return m_allowedCountries; }
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline bool AllowedCountriesHasBeenSet() const { return m_allowedCountriesHasBeenSet; }
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline void SetAllowedCountries(const Aws::Vector<Aws::String>& value) { m_allowedCountriesHasBeenSet = true; m_allowedCountries = value; }
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline void SetAllowedCountries(Aws::Vector<Aws::String>&& value) { m_allowedCountriesHasBeenSet = true; m_allowedCountries = std::move(value); }
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline PlaybackRestrictionPolicySummary& WithAllowedCountries(const Aws::Vector<Aws::String>& value) { SetAllowedCountries(value); return *this;}
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline PlaybackRestrictionPolicySummary& WithAllowedCountries(Aws::Vector<Aws::String>&& value) { SetAllowedCountries(std::move(value)); return *this;}
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline PlaybackRestrictionPolicySummary& AddAllowedCountries(const Aws::String& value) { m_allowedCountriesHasBeenSet = true; m_allowedCountries.push_back(value); return *this; }
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline PlaybackRestrictionPolicySummary& AddAllowedCountries(Aws::String&& value) { m_allowedCountriesHasBeenSet = true; m_allowedCountries.push_back(std::move(value)); return *this; }
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline PlaybackRestrictionPolicySummary& AddAllowedCountries(const char* value) { m_allowedCountriesHasBeenSet = true; m_allowedCountries.push_back(value); return *this; }
+
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline const Aws::Vector<Aws::String>& GetAllowedOrigins() const{ return m_allowedOrigins; }
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline bool AllowedOriginsHasBeenSet() const { return m_allowedOriginsHasBeenSet; }
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline void SetAllowedOrigins(const Aws::Vector<Aws::String>& value) { m_allowedOriginsHasBeenSet = true; m_allowedOrigins = value; }
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline void SetAllowedOrigins(Aws::Vector<Aws::String>&& value) { m_allowedOriginsHasBeenSet = true; m_allowedOrigins = std::move(value); }
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline PlaybackRestrictionPolicySummary& WithAllowedOrigins(const Aws::Vector<Aws::String>& value) { SetAllowedOrigins(value); return *this;}
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline PlaybackRestrictionPolicySummary& WithAllowedOrigins(Aws::Vector<Aws::String>&& value) { SetAllowedOrigins(std::move(value)); return *this;}
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline PlaybackRestrictionPolicySummary& AddAllowedOrigins(const Aws::String& value) { m_allowedOriginsHasBeenSet = true; m_allowedOrigins.push_back(value); return *this; }
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline PlaybackRestrictionPolicySummary& AddAllowedOrigins(Aws::String&& value) { m_allowedOriginsHasBeenSet = true; m_allowedOrigins.push_back(std::move(value)); return *this; }
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline PlaybackRestrictionPolicySummary& AddAllowedOrigins(const char* value) { m_allowedOriginsHasBeenSet = true; m_allowedOrigins.push_back(value); return *this; }
+
+
+    /**
+     * <p>Playback-restriction-policy ARN</p>
+     */
+    inline const Aws::String& GetArn() const{ return m_arn; }
+
+    /**
+     * <p>Playback-restriction-policy ARN</p>
+     */
+    inline bool ArnHasBeenSet() const { return m_arnHasBeenSet; }
+
+    /**
+     * <p>Playback-restriction-policy ARN</p>
+     */
+    inline void SetArn(const Aws::String& value) { m_arnHasBeenSet = true; m_arn = value; }
+
+    /**
+     * <p>Playback-restriction-policy ARN</p>
+     */
+    inline void SetArn(Aws::String&& value) { m_arnHasBeenSet = true; m_arn = std::move(value); }
+
+    /**
+     * <p>Playback-restriction-policy ARN</p>
+     */
+    inline void SetArn(const char* value) { m_arnHasBeenSet = true; m_arn.assign(value); }
+
+    /**
+     * <p>Playback-restriction-policy ARN</p>
+     */
+    inline PlaybackRestrictionPolicySummary& WithArn(const Aws::String& value) { SetArn(value); return *this;}
+
+    /**
+     * <p>Playback-restriction-policy ARN</p>
+     */
+    inline PlaybackRestrictionPolicySummary& WithArn(Aws::String&& value) { SetArn(std::move(value)); return *this;}
+
+    /**
+     * <p>Playback-restriction-policy ARN</p>
+     */
+    inline PlaybackRestrictionPolicySummary& WithArn(const char* value) { SetArn(value); return *this;}
+
+
+    /**
+     * <p>Whether channel playback is constrained by origin site. Default:
+     * <code>false</code>.</p>
+     */
+    inline bool GetEnableStrictOriginEnforcement() const{ return m_enableStrictOriginEnforcement; }
+
+    /**
+     * <p>Whether channel playback is constrained by origin site. Default:
+     * <code>false</code>.</p>
+     */
+    inline bool EnableStrictOriginEnforcementHasBeenSet() const { return m_enableStrictOriginEnforcementHasBeenSet; }
+
+    /**
+     * <p>Whether channel playback is constrained by origin site. Default:
+     * <code>false</code>.</p>
+     */
+    inline void SetEnableStrictOriginEnforcement(bool value) { m_enableStrictOriginEnforcementHasBeenSet = true; m_enableStrictOriginEnforcement = value; }
+
+    /**
+     * <p>Whether channel playback is constrained by origin site. Default:
+     * <code>false</code>.</p>
+     */
+    inline PlaybackRestrictionPolicySummary& WithEnableStrictOriginEnforcement(bool value) { SetEnableStrictOriginEnforcement(value); return *this;}
+
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline const Aws::String& GetName() const{ return m_name; }
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline bool NameHasBeenSet() const { return m_nameHasBeenSet; }
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline void SetName(const Aws::String& value) { m_nameHasBeenSet = true; m_name = value; }
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline void SetName(Aws::String&& value) { m_nameHasBeenSet = true; m_name = std::move(value); }
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline void SetName(const char* value) { m_nameHasBeenSet = true; m_name.assign(value); }
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline PlaybackRestrictionPolicySummary& WithName(const Aws::String& value) { SetName(value); return *this;}
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline PlaybackRestrictionPolicySummary& WithName(Aws::String&& value) { SetName(std::move(value)); return *this;}
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline PlaybackRestrictionPolicySummary& WithName(const char* value) { SetName(value); return *this;}
+
+
+    /**
+     * <p>Tags attached to the resource. Array of 1-50 maps, each of the form
+     * <code>string:string (key:value)</code>. See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline const Aws::Map<Aws::String, Aws::String>& GetTags() const{ return m_tags; }
+
+    /**
+     * <p>Tags attached to the resource. Array of 1-50 maps, each of the form
+     * <code>string:string (key:value)</code>. See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline bool TagsHasBeenSet() const { return m_tagsHasBeenSet; }
+
+    /**
+     * <p>Tags attached to the resource. Array of 1-50 maps, each of the form
+     * <code>string:string (key:value)</code>. See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline void SetTags(const Aws::Map<Aws::String, Aws::String>& value) { m_tagsHasBeenSet = true; m_tags = value; }
+
+    /**
+     * <p>Tags attached to the resource. Array of 1-50 maps, each of the form
+     * <code>string:string (key:value)</code>. See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline void SetTags(Aws::Map<Aws::String, Aws::String>&& value) { m_tagsHasBeenSet = true; m_tags = std::move(value); }
+
+    /**
+     * <p>Tags attached to the resource. Array of 1-50 maps, each of the form
+     * <code>string:string (key:value)</code>. See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline PlaybackRestrictionPolicySummary& WithTags(const Aws::Map<Aws::String, Aws::String>& value) { SetTags(value); return *this;}
+
+    /**
+     * <p>Tags attached to the resource. Array of 1-50 maps, each of the form
+     * <code>string:string (key:value)</code>. See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline PlaybackRestrictionPolicySummary& WithTags(Aws::Map<Aws::String, Aws::String>&& value) { SetTags(std::move(value)); return *this;}
+
+    /**
+     * <p>Tags attached to the resource. Array of 1-50 maps, each of the form
+     * <code>string:string (key:value)</code>. See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline PlaybackRestrictionPolicySummary& AddTags(const Aws::String& key, const Aws::String& value) { m_tagsHasBeenSet = true; m_tags.emplace(key, value); return *this; }
+
+    /**
+     * <p>Tags attached to the resource. Array of 1-50 maps, each of the form
+     * <code>string:string (key:value)</code>. See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline PlaybackRestrictionPolicySummary& AddTags(Aws::String&& key, const Aws::String& value) { m_tagsHasBeenSet = true; m_tags.emplace(std::move(key), value); return *this; }
+
+    /**
+     * <p>Tags attached to the resource. Array of 1-50 maps, each of the form
+     * <code>string:string (key:value)</code>. See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline PlaybackRestrictionPolicySummary& AddTags(const Aws::String& key, Aws::String&& value) { m_tagsHasBeenSet = true; m_tags.emplace(key, std::move(value)); return *this; }
+
+    /**
+     * <p>Tags attached to the resource. Array of 1-50 maps, each of the form
+     * <code>string:string (key:value)</code>. See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline PlaybackRestrictionPolicySummary& AddTags(Aws::String&& key, Aws::String&& value) { m_tagsHasBeenSet = true; m_tags.emplace(std::move(key), std::move(value)); return *this; }
+
+    /**
+     * <p>Tags attached to the resource. Array of 1-50 maps, each of the form
+     * <code>string:string (key:value)</code>. See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline PlaybackRestrictionPolicySummary& AddTags(const char* key, Aws::String&& value) { m_tagsHasBeenSet = true; m_tags.emplace(key, std::move(value)); return *this; }
+
+    /**
+     * <p>Tags attached to the resource. Array of 1-50 maps, each of the form
+     * <code>string:string (key:value)</code>. See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline PlaybackRestrictionPolicySummary& AddTags(Aws::String&& key, const char* value) { m_tagsHasBeenSet = true; m_tags.emplace(std::move(key), value); return *this; }
+
+    /**
+     * <p>Tags attached to the resource. Array of 1-50 maps, each of the form
+     * <code>string:string (key:value)</code>. See <a
+     * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
+     * Amazon Web Services Resources</a> for more information, including restrictions
+     * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
+     * service-specific constraints beyond what is documented there.</p>
+     */
+    inline PlaybackRestrictionPolicySummary& AddTags(const char* key, const char* value) { m_tagsHasBeenSet = true; m_tags.emplace(key, value); return *this; }
+
+  private:
+
+    Aws::Vector<Aws::String> m_allowedCountries;
+    bool m_allowedCountriesHasBeenSet = false;
+
+    Aws::Vector<Aws::String> m_allowedOrigins;
+    bool m_allowedOriginsHasBeenSet = false;
+
+    Aws::String m_arn;
+    bool m_arnHasBeenSet = false;
+
+    bool m_enableStrictOriginEnforcement;
+    bool m_enableStrictOriginEnforcementHasBeenSet = false;
+
+    Aws::String m_name;
+    bool m_nameHasBeenSet = false;
+
+    Aws::Map<Aws::String, Aws::String> m_tags;
+    bool m_tagsHasBeenSet = false;
+  };
+
+} // namespace Model
+} // namespace IVS
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/UntagResourceRequest.h b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/UntagResourceRequest.h
index fdbbfcbfd42..503c4fd6da0 100644
--- a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/UntagResourceRequest.h
+++ b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/UntagResourceRequest.h
@@ -90,7 +90,7 @@ namespace Model
 
     /**
      * <p>Array of tags to be removed. Array of maps, each of the form
-     * s<code>tring:string (key:value)</code>. See <a
+     * <code>string:string (key:value)</code>. See <a
      * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
      * Amazon Web Services Resources</a> for more information, including restrictions
      * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
@@ -100,7 +100,7 @@ namespace Model
 
     /**
      * <p>Array of tags to be removed. Array of maps, each of the form
-     * s<code>tring:string (key:value)</code>. See <a
+     * <code>string:string (key:value)</code>. See <a
      * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
      * Amazon Web Services Resources</a> for more information, including restrictions
      * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
@@ -110,7 +110,7 @@ namespace Model
 
     /**
      * <p>Array of tags to be removed. Array of maps, each of the form
-     * s<code>tring:string (key:value)</code>. See <a
+     * <code>string:string (key:value)</code>. See <a
      * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
      * Amazon Web Services Resources</a> for more information, including restrictions
      * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
@@ -120,7 +120,7 @@ namespace Model
 
     /**
      * <p>Array of tags to be removed. Array of maps, each of the form
-     * s<code>tring:string (key:value)</code>. See <a
+     * <code>string:string (key:value)</code>. See <a
      * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
      * Amazon Web Services Resources</a> for more information, including restrictions
      * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
@@ -130,7 +130,7 @@ namespace Model
 
     /**
      * <p>Array of tags to be removed. Array of maps, each of the form
-     * s<code>tring:string (key:value)</code>. See <a
+     * <code>string:string (key:value)</code>. See <a
      * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
      * Amazon Web Services Resources</a> for more information, including restrictions
      * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
@@ -140,7 +140,7 @@ namespace Model
 
     /**
      * <p>Array of tags to be removed. Array of maps, each of the form
-     * s<code>tring:string (key:value)</code>. See <a
+     * <code>string:string (key:value)</code>. See <a
      * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
      * Amazon Web Services Resources</a> for more information, including restrictions
      * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
@@ -150,7 +150,7 @@ namespace Model
 
     /**
      * <p>Array of tags to be removed. Array of maps, each of the form
-     * s<code>tring:string (key:value)</code>. See <a
+     * <code>string:string (key:value)</code>. See <a
      * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
      * Amazon Web Services Resources</a> for more information, including restrictions
      * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
@@ -160,7 +160,7 @@ namespace Model
 
     /**
      * <p>Array of tags to be removed. Array of maps, each of the form
-     * s<code>tring:string (key:value)</code>. See <a
+     * <code>string:string (key:value)</code>. See <a
      * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
      * Amazon Web Services Resources</a> for more information, including restrictions
      * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
@@ -170,7 +170,7 @@ namespace Model
 
     /**
      * <p>Array of tags to be removed. Array of maps, each of the form
-     * s<code>tring:string (key:value)</code>. See <a
+     * <code>string:string (key:value)</code>. See <a
      * href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging
      * Amazon Web Services Resources</a> for more information, including restrictions
      * that apply to tags and "Tag naming limits and requirements"; Amazon IVS has no
diff --git a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/UpdateChannelRequest.h b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/UpdateChannelRequest.h
index 23aa4cd02c4..ad49263d994 100644
--- a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/UpdateChannelRequest.h
+++ b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/UpdateChannelRequest.h
@@ -212,6 +212,63 @@ namespace Model
     inline UpdateChannelRequest& WithName(const char* value) { SetName(value); return *this;}
 
 
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. If this is set to an empty string,
+     * playback restriction policy is disabled.</p>
+     */
+    inline const Aws::String& GetPlaybackRestrictionPolicyArn() const{ return m_playbackRestrictionPolicyArn; }
+
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. If this is set to an empty string,
+     * playback restriction policy is disabled.</p>
+     */
+    inline bool PlaybackRestrictionPolicyArnHasBeenSet() const { return m_playbackRestrictionPolicyArnHasBeenSet; }
+
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. If this is set to an empty string,
+     * playback restriction policy is disabled.</p>
+     */
+    inline void SetPlaybackRestrictionPolicyArn(const Aws::String& value) { m_playbackRestrictionPolicyArnHasBeenSet = true; m_playbackRestrictionPolicyArn = value; }
+
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. If this is set to an empty string,
+     * playback restriction policy is disabled.</p>
+     */
+    inline void SetPlaybackRestrictionPolicyArn(Aws::String&& value) { m_playbackRestrictionPolicyArnHasBeenSet = true; m_playbackRestrictionPolicyArn = std::move(value); }
+
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. If this is set to an empty string,
+     * playback restriction policy is disabled.</p>
+     */
+    inline void SetPlaybackRestrictionPolicyArn(const char* value) { m_playbackRestrictionPolicyArnHasBeenSet = true; m_playbackRestrictionPolicyArn.assign(value); }
+
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. If this is set to an empty string,
+     * playback restriction policy is disabled.</p>
+     */
+    inline UpdateChannelRequest& WithPlaybackRestrictionPolicyArn(const Aws::String& value) { SetPlaybackRestrictionPolicyArn(value); return *this;}
+
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. If this is set to an empty string,
+     * playback restriction policy is disabled.</p>
+     */
+    inline UpdateChannelRequest& WithPlaybackRestrictionPolicyArn(Aws::String&& value) { SetPlaybackRestrictionPolicyArn(std::move(value)); return *this;}
+
+    /**
+     * <p>Playback-restriction-policy ARN. A valid ARN value here both specifies the
+     * ARN and enables playback restriction. If this is set to an empty string,
+     * playback restriction policy is disabled.</p>
+     */
+    inline UpdateChannelRequest& WithPlaybackRestrictionPolicyArn(const char* value) { SetPlaybackRestrictionPolicyArn(value); return *this;}
+
+
     /**
      * <p>Optional transcode preset for the channel. This is selectable only for
      * <code>ADVANCED_HD</code> and <code>ADVANCED_SD</code> channel types. For those
@@ -274,58 +331,58 @@ namespace Model
 
 
     /**
-     * <p>Recording-configuration ARN. If this is set to an empty string, recording is
-     * disabled. A value other than an empty string indicates that recording is
-     * enabled</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. If this is set to an empty string, recording is
+     * disabled.</p>
      */
     inline const Aws::String& GetRecordingConfigurationArn() const{ return m_recordingConfigurationArn; }
 
     /**
-     * <p>Recording-configuration ARN. If this is set to an empty string, recording is
-     * disabled. A value other than an empty string indicates that recording is
-     * enabled</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. If this is set to an empty string, recording is
+     * disabled.</p>
      */
     inline bool RecordingConfigurationArnHasBeenSet() const { return m_recordingConfigurationArnHasBeenSet; }
 
     /**
-     * <p>Recording-configuration ARN. If this is set to an empty string, recording is
-     * disabled. A value other than an empty string indicates that recording is
-     * enabled</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. If this is set to an empty string, recording is
+     * disabled.</p>
      */
     inline void SetRecordingConfigurationArn(const Aws::String& value) { m_recordingConfigurationArnHasBeenSet = true; m_recordingConfigurationArn = value; }
 
     /**
-     * <p>Recording-configuration ARN. If this is set to an empty string, recording is
-     * disabled. A value other than an empty string indicates that recording is
-     * enabled</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. If this is set to an empty string, recording is
+     * disabled.</p>
      */
     inline void SetRecordingConfigurationArn(Aws::String&& value) { m_recordingConfigurationArnHasBeenSet = true; m_recordingConfigurationArn = std::move(value); }
 
     /**
-     * <p>Recording-configuration ARN. If this is set to an empty string, recording is
-     * disabled. A value other than an empty string indicates that recording is
-     * enabled</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. If this is set to an empty string, recording is
+     * disabled.</p>
      */
     inline void SetRecordingConfigurationArn(const char* value) { m_recordingConfigurationArnHasBeenSet = true; m_recordingConfigurationArn.assign(value); }
 
     /**
-     * <p>Recording-configuration ARN. If this is set to an empty string, recording is
-     * disabled. A value other than an empty string indicates that recording is
-     * enabled</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. If this is set to an empty string, recording is
+     * disabled.</p>
      */
     inline UpdateChannelRequest& WithRecordingConfigurationArn(const Aws::String& value) { SetRecordingConfigurationArn(value); return *this;}
 
     /**
-     * <p>Recording-configuration ARN. If this is set to an empty string, recording is
-     * disabled. A value other than an empty string indicates that recording is
-     * enabled</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. If this is set to an empty string, recording is
+     * disabled.</p>
      */
     inline UpdateChannelRequest& WithRecordingConfigurationArn(Aws::String&& value) { SetRecordingConfigurationArn(std::move(value)); return *this;}
 
     /**
-     * <p>Recording-configuration ARN. If this is set to an empty string, recording is
-     * disabled. A value other than an empty string indicates that recording is
-     * enabled</p>
+     * <p>Recording-configuration ARN. A valid ARN value here both specifies the ARN
+     * and enables recording. If this is set to an empty string, recording is
+     * disabled.</p>
      */
     inline UpdateChannelRequest& WithRecordingConfigurationArn(const char* value) { SetRecordingConfigurationArn(value); return *this;}
 
@@ -401,6 +458,9 @@ namespace Model
     Aws::String m_name;
     bool m_nameHasBeenSet = false;
 
+    Aws::String m_playbackRestrictionPolicyArn;
+    bool m_playbackRestrictionPolicyArnHasBeenSet = false;
+
     TranscodePreset m_preset;
     bool m_presetHasBeenSet = false;
 
diff --git a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/UpdateChannelResult.h b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/UpdateChannelResult.h
index 17e42284db6..f9c725ddb81 100644
--- a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/UpdateChannelResult.h
+++ b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/UpdateChannelResult.h
@@ -33,19 +33,29 @@ namespace Model
     AWS_IVS_API UpdateChannelResult& operator=(const Aws::AmazonWebServiceResult<Aws::Utils::Json::JsonValue>& result);
 
 
-    
+    /**
+     * <p>Object specifying the updated channel.</p>
+     */
     inline const Channel& GetChannel() const{ return m_channel; }
 
-    
+    /**
+     * <p>Object specifying the updated channel.</p>
+     */
     inline void SetChannel(const Channel& value) { m_channel = value; }
 
-    
+    /**
+     * <p>Object specifying the updated channel.</p>
+     */
     inline void SetChannel(Channel&& value) { m_channel = std::move(value); }
 
-    
+    /**
+     * <p>Object specifying the updated channel.</p>
+     */
     inline UpdateChannelResult& WithChannel(const Channel& value) { SetChannel(value); return *this;}
 
-    
+    /**
+     * <p>Object specifying the updated channel.</p>
+     */
     inline UpdateChannelResult& WithChannel(Channel&& value) { SetChannel(std::move(value)); return *this;}
 
 
diff --git a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/UpdatePlaybackRestrictionPolicyRequest.h b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/UpdatePlaybackRestrictionPolicyRequest.h
new file mode 100644
index 00000000000..4b9b4b9c885
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/UpdatePlaybackRestrictionPolicyRequest.h
@@ -0,0 +1,308 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/ivs/IVS_EXPORTS.h>
+#include <aws/ivs/IVSRequest.h>
+#include <aws/core/utils/memory/stl/AWSVector.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+#include <utility>
+
+namespace Aws
+{
+namespace IVS
+{
+namespace Model
+{
+
+  /**
+   */
+  class UpdatePlaybackRestrictionPolicyRequest : public IVSRequest
+  {
+  public:
+    AWS_IVS_API UpdatePlaybackRestrictionPolicyRequest();
+
+    // Service request name is the Operation name which will send this request out,
+    // each operation should has unique request name, so that we can get operation's name from this request.
+    // Note: this is not true for response, multiple operations may have the same response name,
+    // so we can not get operation's name from response.
+    inline virtual const char* GetServiceRequestName() const override { return "UpdatePlaybackRestrictionPolicy"; }
+
+    AWS_IVS_API Aws::String SerializePayload() const override;
+
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline const Aws::Vector<Aws::String>& GetAllowedCountries() const{ return m_allowedCountries; }
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline bool AllowedCountriesHasBeenSet() const { return m_allowedCountriesHasBeenSet; }
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline void SetAllowedCountries(const Aws::Vector<Aws::String>& value) { m_allowedCountriesHasBeenSet = true; m_allowedCountries = value; }
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline void SetAllowedCountries(Aws::Vector<Aws::String>&& value) { m_allowedCountriesHasBeenSet = true; m_allowedCountries = std::move(value); }
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline UpdatePlaybackRestrictionPolicyRequest& WithAllowedCountries(const Aws::Vector<Aws::String>& value) { SetAllowedCountries(value); return *this;}
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline UpdatePlaybackRestrictionPolicyRequest& WithAllowedCountries(Aws::Vector<Aws::String>&& value) { SetAllowedCountries(std::move(value)); return *this;}
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline UpdatePlaybackRestrictionPolicyRequest& AddAllowedCountries(const Aws::String& value) { m_allowedCountriesHasBeenSet = true; m_allowedCountries.push_back(value); return *this; }
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline UpdatePlaybackRestrictionPolicyRequest& AddAllowedCountries(Aws::String&& value) { m_allowedCountriesHasBeenSet = true; m_allowedCountries.push_back(std::move(value)); return *this; }
+
+    /**
+     * <p>A list of country codes that control geoblocking restriction. Allowed values
+     * are the officially assigned <a
+     * href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2">ISO 3166-1 alpha-2</a>
+     * codes. Default: All countries (an empty array).</p>
+     */
+    inline UpdatePlaybackRestrictionPolicyRequest& AddAllowedCountries(const char* value) { m_allowedCountriesHasBeenSet = true; m_allowedCountries.push_back(value); return *this; }
+
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline const Aws::Vector<Aws::String>& GetAllowedOrigins() const{ return m_allowedOrigins; }
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline bool AllowedOriginsHasBeenSet() const { return m_allowedOriginsHasBeenSet; }
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline void SetAllowedOrigins(const Aws::Vector<Aws::String>& value) { m_allowedOriginsHasBeenSet = true; m_allowedOrigins = value; }
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline void SetAllowedOrigins(Aws::Vector<Aws::String>&& value) { m_allowedOriginsHasBeenSet = true; m_allowedOrigins = std::move(value); }
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline UpdatePlaybackRestrictionPolicyRequest& WithAllowedOrigins(const Aws::Vector<Aws::String>& value) { SetAllowedOrigins(value); return *this;}
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline UpdatePlaybackRestrictionPolicyRequest& WithAllowedOrigins(Aws::Vector<Aws::String>&& value) { SetAllowedOrigins(std::move(value)); return *this;}
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline UpdatePlaybackRestrictionPolicyRequest& AddAllowedOrigins(const Aws::String& value) { m_allowedOriginsHasBeenSet = true; m_allowedOrigins.push_back(value); return *this; }
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline UpdatePlaybackRestrictionPolicyRequest& AddAllowedOrigins(Aws::String&& value) { m_allowedOriginsHasBeenSet = true; m_allowedOrigins.push_back(std::move(value)); return *this; }
+
+    /**
+     * <p>A list of origin sites that control CORS restriction. Allowed values are the
+     * same as valid values of the Origin header defined at <a
+     * href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>.
+     * Default: All origins (an empty array).</p>
+     */
+    inline UpdatePlaybackRestrictionPolicyRequest& AddAllowedOrigins(const char* value) { m_allowedOriginsHasBeenSet = true; m_allowedOrigins.push_back(value); return *this; }
+
+
+    /**
+     * <p>ARN of the playback-restriction-policy to be updated.</p>
+     */
+    inline const Aws::String& GetArn() const{ return m_arn; }
+
+    /**
+     * <p>ARN of the playback-restriction-policy to be updated.</p>
+     */
+    inline bool ArnHasBeenSet() const { return m_arnHasBeenSet; }
+
+    /**
+     * <p>ARN of the playback-restriction-policy to be updated.</p>
+     */
+    inline void SetArn(const Aws::String& value) { m_arnHasBeenSet = true; m_arn = value; }
+
+    /**
+     * <p>ARN of the playback-restriction-policy to be updated.</p>
+     */
+    inline void SetArn(Aws::String&& value) { m_arnHasBeenSet = true; m_arn = std::move(value); }
+
+    /**
+     * <p>ARN of the playback-restriction-policy to be updated.</p>
+     */
+    inline void SetArn(const char* value) { m_arnHasBeenSet = true; m_arn.assign(value); }
+
+    /**
+     * <p>ARN of the playback-restriction-policy to be updated.</p>
+     */
+    inline UpdatePlaybackRestrictionPolicyRequest& WithArn(const Aws::String& value) { SetArn(value); return *this;}
+
+    /**
+     * <p>ARN of the playback-restriction-policy to be updated.</p>
+     */
+    inline UpdatePlaybackRestrictionPolicyRequest& WithArn(Aws::String&& value) { SetArn(std::move(value)); return *this;}
+
+    /**
+     * <p>ARN of the playback-restriction-policy to be updated.</p>
+     */
+    inline UpdatePlaybackRestrictionPolicyRequest& WithArn(const char* value) { SetArn(value); return *this;}
+
+
+    /**
+     * <p>Whether channel playback is constrained by origin site. Default:
+     * <code>false</code>.</p>
+     */
+    inline bool GetEnableStrictOriginEnforcement() const{ return m_enableStrictOriginEnforcement; }
+
+    /**
+     * <p>Whether channel playback is constrained by origin site. Default:
+     * <code>false</code>.</p>
+     */
+    inline bool EnableStrictOriginEnforcementHasBeenSet() const { return m_enableStrictOriginEnforcementHasBeenSet; }
+
+    /**
+     * <p>Whether channel playback is constrained by origin site. Default:
+     * <code>false</code>.</p>
+     */
+    inline void SetEnableStrictOriginEnforcement(bool value) { m_enableStrictOriginEnforcementHasBeenSet = true; m_enableStrictOriginEnforcement = value; }
+
+    /**
+     * <p>Whether channel playback is constrained by origin site. Default:
+     * <code>false</code>.</p>
+     */
+    inline UpdatePlaybackRestrictionPolicyRequest& WithEnableStrictOriginEnforcement(bool value) { SetEnableStrictOriginEnforcement(value); return *this;}
+
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline const Aws::String& GetName() const{ return m_name; }
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline bool NameHasBeenSet() const { return m_nameHasBeenSet; }
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline void SetName(const Aws::String& value) { m_nameHasBeenSet = true; m_name = value; }
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline void SetName(Aws::String&& value) { m_nameHasBeenSet = true; m_name = std::move(value); }
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline void SetName(const char* value) { m_nameHasBeenSet = true; m_name.assign(value); }
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline UpdatePlaybackRestrictionPolicyRequest& WithName(const Aws::String& value) { SetName(value); return *this;}
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline UpdatePlaybackRestrictionPolicyRequest& WithName(Aws::String&& value) { SetName(std::move(value)); return *this;}
+
+    /**
+     * <p>Playback-restriction-policy name. The value does not need to be unique.</p>
+     */
+    inline UpdatePlaybackRestrictionPolicyRequest& WithName(const char* value) { SetName(value); return *this;}
+
+  private:
+
+    Aws::Vector<Aws::String> m_allowedCountries;
+    bool m_allowedCountriesHasBeenSet = false;
+
+    Aws::Vector<Aws::String> m_allowedOrigins;
+    bool m_allowedOriginsHasBeenSet = false;
+
+    Aws::String m_arn;
+    bool m_arnHasBeenSet = false;
+
+    bool m_enableStrictOriginEnforcement;
+    bool m_enableStrictOriginEnforcementHasBeenSet = false;
+
+    Aws::String m_name;
+    bool m_nameHasBeenSet = false;
+  };
+
+} // namespace Model
+} // namespace IVS
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/UpdatePlaybackRestrictionPolicyResult.h b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/UpdatePlaybackRestrictionPolicyResult.h
new file mode 100644
index 00000000000..2f17b4bbddf
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-ivs/include/aws/ivs/model/UpdatePlaybackRestrictionPolicyResult.h
@@ -0,0 +1,92 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/ivs/IVS_EXPORTS.h>
+#include <aws/ivs/model/PlaybackRestrictionPolicy.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+#include <utility>
+
+namespace Aws
+{
+template<typename RESULT_TYPE>
+class AmazonWebServiceResult;
+
+namespace Utils
+{
+namespace Json
+{
+  class JsonValue;
+} // namespace Json
+} // namespace Utils
+namespace IVS
+{
+namespace Model
+{
+  class UpdatePlaybackRestrictionPolicyResult
+  {
+  public:
+    AWS_IVS_API UpdatePlaybackRestrictionPolicyResult();
+    AWS_IVS_API UpdatePlaybackRestrictionPolicyResult(const Aws::AmazonWebServiceResult<Aws::Utils::Json::JsonValue>& result);
+    AWS_IVS_API UpdatePlaybackRestrictionPolicyResult& operator=(const Aws::AmazonWebServiceResult<Aws::Utils::Json::JsonValue>& result);
+
+
+    /**
+     * <p>Object specifying the updated policy.</p>
+     */
+    inline const PlaybackRestrictionPolicy& GetPlaybackRestrictionPolicy() const{ return m_playbackRestrictionPolicy; }
+
+    /**
+     * <p>Object specifying the updated policy.</p>
+     */
+    inline void SetPlaybackRestrictionPolicy(const PlaybackRestrictionPolicy& value) { m_playbackRestrictionPolicy = value; }
+
+    /**
+     * <p>Object specifying the updated policy.</p>
+     */
+    inline void SetPlaybackRestrictionPolicy(PlaybackRestrictionPolicy&& value) { m_playbackRestrictionPolicy = std::move(value); }
+
+    /**
+     * <p>Object specifying the updated policy.</p>
+     */
+    inline UpdatePlaybackRestrictionPolicyResult& WithPlaybackRestrictionPolicy(const PlaybackRestrictionPolicy& value) { SetPlaybackRestrictionPolicy(value); return *this;}
+
+    /**
+     * <p>Object specifying the updated policy.</p>
+     */
+    inline UpdatePlaybackRestrictionPolicyResult& WithPlaybackRestrictionPolicy(PlaybackRestrictionPolicy&& value) { SetPlaybackRestrictionPolicy(std::move(value)); return *this;}
+
+
+    
+    inline const Aws::String& GetRequestId() const{ return m_requestId; }
+
+    
+    inline void SetRequestId(const Aws::String& value) { m_requestId = value; }
+
+    
+    inline void SetRequestId(Aws::String&& value) { m_requestId = std::move(value); }
+
+    
+    inline void SetRequestId(const char* value) { m_requestId.assign(value); }
+
+    
+    inline UpdatePlaybackRestrictionPolicyResult& WithRequestId(const Aws::String& value) { SetRequestId(value); return *this;}
+
+    
+    inline UpdatePlaybackRestrictionPolicyResult& WithRequestId(Aws::String&& value) { SetRequestId(std::move(value)); return *this;}
+
+    
+    inline UpdatePlaybackRestrictionPolicyResult& WithRequestId(const char* value) { SetRequestId(value); return *this;}
+
+  private:
+
+    PlaybackRestrictionPolicy m_playbackRestrictionPolicy;
+
+    Aws::String m_requestId;
+  };
+
+} // namespace Model
+} // namespace IVS
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-ivs/source/IVSClient.cpp b/generated/src/aws-cpp-sdk-ivs/source/IVSClient.cpp
index 231c64e9e3d..c248b173ba3 100644
--- a/generated/src/aws-cpp-sdk-ivs/source/IVSClient.cpp
+++ b/generated/src/aws-cpp-sdk-ivs/source/IVSClient.cpp
@@ -25,14 +25,17 @@
 #include <aws/ivs/model/BatchGetStreamKeyRequest.h>
 #include <aws/ivs/model/BatchStartViewerSessionRevocationRequest.h>
 #include <aws/ivs/model/CreateChannelRequest.h>
+#include <aws/ivs/model/CreatePlaybackRestrictionPolicyRequest.h>
 #include <aws/ivs/model/CreateRecordingConfigurationRequest.h>
 #include <aws/ivs/model/CreateStreamKeyRequest.h>
 #include <aws/ivs/model/DeleteChannelRequest.h>
 #include <aws/ivs/model/DeletePlaybackKeyPairRequest.h>
+#include <aws/ivs/model/DeletePlaybackRestrictionPolicyRequest.h>
 #include <aws/ivs/model/DeleteRecordingConfigurationRequest.h>
 #include <aws/ivs/model/DeleteStreamKeyRequest.h>
 #include <aws/ivs/model/GetChannelRequest.h>
 #include <aws/ivs/model/GetPlaybackKeyPairRequest.h>
+#include <aws/ivs/model/GetPlaybackRestrictionPolicyRequest.h>
 #include <aws/ivs/model/GetRecordingConfigurationRequest.h>
 #include <aws/ivs/model/GetStreamRequest.h>
 #include <aws/ivs/model/GetStreamKeyRequest.h>
@@ -40,6 +43,7 @@
 #include <aws/ivs/model/ImportPlaybackKeyPairRequest.h>
 #include <aws/ivs/model/ListChannelsRequest.h>
 #include <aws/ivs/model/ListPlaybackKeyPairsRequest.h>
+#include <aws/ivs/model/ListPlaybackRestrictionPoliciesRequest.h>
 #include <aws/ivs/model/ListRecordingConfigurationsRequest.h>
 #include <aws/ivs/model/ListStreamKeysRequest.h>
 #include <aws/ivs/model/ListStreamSessionsRequest.h>
@@ -51,6 +55,7 @@
 #include <aws/ivs/model/TagResourceRequest.h>
 #include <aws/ivs/model/UntagResourceRequest.h>
 #include <aws/ivs/model/UpdateChannelRequest.h>
+#include <aws/ivs/model/UpdatePlaybackRestrictionPolicyRequest.h>
 
 #include <smithy/tracing/TracingUtils.h>
 
@@ -292,6 +297,33 @@ CreateChannelOutcome IVSClient::CreateChannel(const CreateChannelRequest& reques
     {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
 }
 
+CreatePlaybackRestrictionPolicyOutcome IVSClient::CreatePlaybackRestrictionPolicy(const CreatePlaybackRestrictionPolicyRequest& request) const
+{
+  AWS_OPERATION_GUARD(CreatePlaybackRestrictionPolicy);
+  AWS_OPERATION_CHECK_PTR(m_endpointProvider, CreatePlaybackRestrictionPolicy, CoreErrors, CoreErrors::ENDPOINT_RESOLUTION_FAILURE);
+  AWS_OPERATION_CHECK_PTR(m_telemetryProvider, CreatePlaybackRestrictionPolicy, CoreErrors, CoreErrors::NOT_INITIALIZED);
+  auto tracer = m_telemetryProvider->getTracer(this->GetServiceClientName(), {});
+  auto meter = m_telemetryProvider->getMeter(this->GetServiceClientName(), {});
+  AWS_OPERATION_CHECK_PTR(meter, CreatePlaybackRestrictionPolicy, CoreErrors, CoreErrors::NOT_INITIALIZED);
+  auto span = tracer->CreateSpan(Aws::String(this->GetServiceClientName()) + ".CreatePlaybackRestrictionPolicy",
+    {{ TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName() }, { TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName() }, { TracingUtils::SMITHY_SYSTEM_DIMENSION, TracingUtils::SMITHY_METHOD_AWS_VALUE }},
+    smithy::components::tracing::SpanKind::CLIENT);
+  return TracingUtils::MakeCallWithTiming<CreatePlaybackRestrictionPolicyOutcome>(
+    [&]()-> CreatePlaybackRestrictionPolicyOutcome {
+      auto endpointResolutionOutcome = TracingUtils::MakeCallWithTiming<ResolveEndpointOutcome>(
+          [&]() -> ResolveEndpointOutcome { return m_endpointProvider->ResolveEndpoint(request.GetEndpointContextParams()); },
+          TracingUtils::SMITHY_CLIENT_ENDPOINT_RESOLUTION_METRIC,
+          *meter,
+          {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
+      AWS_OPERATION_CHECK_SUCCESS(endpointResolutionOutcome, CreatePlaybackRestrictionPolicy, CoreErrors, CoreErrors::ENDPOINT_RESOLUTION_FAILURE, endpointResolutionOutcome.GetError().GetMessage());
+      endpointResolutionOutcome.GetResult().AddPathSegments("/CreatePlaybackRestrictionPolicy");
+      return CreatePlaybackRestrictionPolicyOutcome(MakeRequest(request, endpointResolutionOutcome.GetResult(), Aws::Http::HttpMethod::HTTP_POST, Aws::Auth::SIGV4_SIGNER));
+    },
+    TracingUtils::SMITHY_CLIENT_DURATION_METRIC,
+    *meter,
+    {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
+}
+
 CreateRecordingConfigurationOutcome IVSClient::CreateRecordingConfiguration(const CreateRecordingConfigurationRequest& request) const
 {
   AWS_OPERATION_GUARD(CreateRecordingConfiguration);
@@ -400,6 +432,33 @@ DeletePlaybackKeyPairOutcome IVSClient::DeletePlaybackKeyPair(const DeletePlayba
     {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
 }
 
+DeletePlaybackRestrictionPolicyOutcome IVSClient::DeletePlaybackRestrictionPolicy(const DeletePlaybackRestrictionPolicyRequest& request) const
+{
+  AWS_OPERATION_GUARD(DeletePlaybackRestrictionPolicy);
+  AWS_OPERATION_CHECK_PTR(m_endpointProvider, DeletePlaybackRestrictionPolicy, CoreErrors, CoreErrors::ENDPOINT_RESOLUTION_FAILURE);
+  AWS_OPERATION_CHECK_PTR(m_telemetryProvider, DeletePlaybackRestrictionPolicy, CoreErrors, CoreErrors::NOT_INITIALIZED);
+  auto tracer = m_telemetryProvider->getTracer(this->GetServiceClientName(), {});
+  auto meter = m_telemetryProvider->getMeter(this->GetServiceClientName(), {});
+  AWS_OPERATION_CHECK_PTR(meter, DeletePlaybackRestrictionPolicy, CoreErrors, CoreErrors::NOT_INITIALIZED);
+  auto span = tracer->CreateSpan(Aws::String(this->GetServiceClientName()) + ".DeletePlaybackRestrictionPolicy",
+    {{ TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName() }, { TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName() }, { TracingUtils::SMITHY_SYSTEM_DIMENSION, TracingUtils::SMITHY_METHOD_AWS_VALUE }},
+    smithy::components::tracing::SpanKind::CLIENT);
+  return TracingUtils::MakeCallWithTiming<DeletePlaybackRestrictionPolicyOutcome>(
+    [&]()-> DeletePlaybackRestrictionPolicyOutcome {
+      auto endpointResolutionOutcome = TracingUtils::MakeCallWithTiming<ResolveEndpointOutcome>(
+          [&]() -> ResolveEndpointOutcome { return m_endpointProvider->ResolveEndpoint(request.GetEndpointContextParams()); },
+          TracingUtils::SMITHY_CLIENT_ENDPOINT_RESOLUTION_METRIC,
+          *meter,
+          {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
+      AWS_OPERATION_CHECK_SUCCESS(endpointResolutionOutcome, DeletePlaybackRestrictionPolicy, CoreErrors, CoreErrors::ENDPOINT_RESOLUTION_FAILURE, endpointResolutionOutcome.GetError().GetMessage());
+      endpointResolutionOutcome.GetResult().AddPathSegments("/DeletePlaybackRestrictionPolicy");
+      return DeletePlaybackRestrictionPolicyOutcome(MakeRequest(request, endpointResolutionOutcome.GetResult(), Aws::Http::HttpMethod::HTTP_POST, Aws::Auth::SIGV4_SIGNER));
+    },
+    TracingUtils::SMITHY_CLIENT_DURATION_METRIC,
+    *meter,
+    {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
+}
+
 DeleteRecordingConfigurationOutcome IVSClient::DeleteRecordingConfiguration(const DeleteRecordingConfigurationRequest& request) const
 {
   AWS_OPERATION_GUARD(DeleteRecordingConfiguration);
@@ -508,6 +567,33 @@ GetPlaybackKeyPairOutcome IVSClient::GetPlaybackKeyPair(const GetPlaybackKeyPair
     {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
 }
 
+GetPlaybackRestrictionPolicyOutcome IVSClient::GetPlaybackRestrictionPolicy(const GetPlaybackRestrictionPolicyRequest& request) const
+{
+  AWS_OPERATION_GUARD(GetPlaybackRestrictionPolicy);
+  AWS_OPERATION_CHECK_PTR(m_endpointProvider, GetPlaybackRestrictionPolicy, CoreErrors, CoreErrors::ENDPOINT_RESOLUTION_FAILURE);
+  AWS_OPERATION_CHECK_PTR(m_telemetryProvider, GetPlaybackRestrictionPolicy, CoreErrors, CoreErrors::NOT_INITIALIZED);
+  auto tracer = m_telemetryProvider->getTracer(this->GetServiceClientName(), {});
+  auto meter = m_telemetryProvider->getMeter(this->GetServiceClientName(), {});
+  AWS_OPERATION_CHECK_PTR(meter, GetPlaybackRestrictionPolicy, CoreErrors, CoreErrors::NOT_INITIALIZED);
+  auto span = tracer->CreateSpan(Aws::String(this->GetServiceClientName()) + ".GetPlaybackRestrictionPolicy",
+    {{ TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName() }, { TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName() }, { TracingUtils::SMITHY_SYSTEM_DIMENSION, TracingUtils::SMITHY_METHOD_AWS_VALUE }},
+    smithy::components::tracing::SpanKind::CLIENT);
+  return TracingUtils::MakeCallWithTiming<GetPlaybackRestrictionPolicyOutcome>(
+    [&]()-> GetPlaybackRestrictionPolicyOutcome {
+      auto endpointResolutionOutcome = TracingUtils::MakeCallWithTiming<ResolveEndpointOutcome>(
+          [&]() -> ResolveEndpointOutcome { return m_endpointProvider->ResolveEndpoint(request.GetEndpointContextParams()); },
+          TracingUtils::SMITHY_CLIENT_ENDPOINT_RESOLUTION_METRIC,
+          *meter,
+          {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
+      AWS_OPERATION_CHECK_SUCCESS(endpointResolutionOutcome, GetPlaybackRestrictionPolicy, CoreErrors, CoreErrors::ENDPOINT_RESOLUTION_FAILURE, endpointResolutionOutcome.GetError().GetMessage());
+      endpointResolutionOutcome.GetResult().AddPathSegments("/GetPlaybackRestrictionPolicy");
+      return GetPlaybackRestrictionPolicyOutcome(MakeRequest(request, endpointResolutionOutcome.GetResult(), Aws::Http::HttpMethod::HTTP_POST, Aws::Auth::SIGV4_SIGNER));
+    },
+    TracingUtils::SMITHY_CLIENT_DURATION_METRIC,
+    *meter,
+    {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
+}
+
 GetRecordingConfigurationOutcome IVSClient::GetRecordingConfiguration(const GetRecordingConfigurationRequest& request) const
 {
   AWS_OPERATION_GUARD(GetRecordingConfiguration);
@@ -697,6 +783,33 @@ ListPlaybackKeyPairsOutcome IVSClient::ListPlaybackKeyPairs(const ListPlaybackKe
     {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
 }
 
+ListPlaybackRestrictionPoliciesOutcome IVSClient::ListPlaybackRestrictionPolicies(const ListPlaybackRestrictionPoliciesRequest& request) const
+{
+  AWS_OPERATION_GUARD(ListPlaybackRestrictionPolicies);
+  AWS_OPERATION_CHECK_PTR(m_endpointProvider, ListPlaybackRestrictionPolicies, CoreErrors, CoreErrors::ENDPOINT_RESOLUTION_FAILURE);
+  AWS_OPERATION_CHECK_PTR(m_telemetryProvider, ListPlaybackRestrictionPolicies, CoreErrors, CoreErrors::NOT_INITIALIZED);
+  auto tracer = m_telemetryProvider->getTracer(this->GetServiceClientName(), {});
+  auto meter = m_telemetryProvider->getMeter(this->GetServiceClientName(), {});
+  AWS_OPERATION_CHECK_PTR(meter, ListPlaybackRestrictionPolicies, CoreErrors, CoreErrors::NOT_INITIALIZED);
+  auto span = tracer->CreateSpan(Aws::String(this->GetServiceClientName()) + ".ListPlaybackRestrictionPolicies",
+    {{ TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName() }, { TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName() }, { TracingUtils::SMITHY_SYSTEM_DIMENSION, TracingUtils::SMITHY_METHOD_AWS_VALUE }},
+    smithy::components::tracing::SpanKind::CLIENT);
+  return TracingUtils::MakeCallWithTiming<ListPlaybackRestrictionPoliciesOutcome>(
+    [&]()-> ListPlaybackRestrictionPoliciesOutcome {
+      auto endpointResolutionOutcome = TracingUtils::MakeCallWithTiming<ResolveEndpointOutcome>(
+          [&]() -> ResolveEndpointOutcome { return m_endpointProvider->ResolveEndpoint(request.GetEndpointContextParams()); },
+          TracingUtils::SMITHY_CLIENT_ENDPOINT_RESOLUTION_METRIC,
+          *meter,
+          {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
+      AWS_OPERATION_CHECK_SUCCESS(endpointResolutionOutcome, ListPlaybackRestrictionPolicies, CoreErrors, CoreErrors::ENDPOINT_RESOLUTION_FAILURE, endpointResolutionOutcome.GetError().GetMessage());
+      endpointResolutionOutcome.GetResult().AddPathSegments("/ListPlaybackRestrictionPolicies");
+      return ListPlaybackRestrictionPoliciesOutcome(MakeRequest(request, endpointResolutionOutcome.GetResult(), Aws::Http::HttpMethod::HTTP_POST, Aws::Auth::SIGV4_SIGNER));
+    },
+    TracingUtils::SMITHY_CLIENT_DURATION_METRIC,
+    *meter,
+    {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
+}
+
 ListRecordingConfigurationsOutcome IVSClient::ListRecordingConfigurations(const ListRecordingConfigurationsRequest& request) const
 {
   AWS_OPERATION_GUARD(ListRecordingConfigurations);
@@ -1017,3 +1130,30 @@ UpdateChannelOutcome IVSClient::UpdateChannel(const UpdateChannelRequest& reques
     {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
 }
 
+UpdatePlaybackRestrictionPolicyOutcome IVSClient::UpdatePlaybackRestrictionPolicy(const UpdatePlaybackRestrictionPolicyRequest& request) const
+{
+  AWS_OPERATION_GUARD(UpdatePlaybackRestrictionPolicy);
+  AWS_OPERATION_CHECK_PTR(m_endpointProvider, UpdatePlaybackRestrictionPolicy, CoreErrors, CoreErrors::ENDPOINT_RESOLUTION_FAILURE);
+  AWS_OPERATION_CHECK_PTR(m_telemetryProvider, UpdatePlaybackRestrictionPolicy, CoreErrors, CoreErrors::NOT_INITIALIZED);
+  auto tracer = m_telemetryProvider->getTracer(this->GetServiceClientName(), {});
+  auto meter = m_telemetryProvider->getMeter(this->GetServiceClientName(), {});
+  AWS_OPERATION_CHECK_PTR(meter, UpdatePlaybackRestrictionPolicy, CoreErrors, CoreErrors::NOT_INITIALIZED);
+  auto span = tracer->CreateSpan(Aws::String(this->GetServiceClientName()) + ".UpdatePlaybackRestrictionPolicy",
+    {{ TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName() }, { TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName() }, { TracingUtils::SMITHY_SYSTEM_DIMENSION, TracingUtils::SMITHY_METHOD_AWS_VALUE }},
+    smithy::components::tracing::SpanKind::CLIENT);
+  return TracingUtils::MakeCallWithTiming<UpdatePlaybackRestrictionPolicyOutcome>(
+    [&]()-> UpdatePlaybackRestrictionPolicyOutcome {
+      auto endpointResolutionOutcome = TracingUtils::MakeCallWithTiming<ResolveEndpointOutcome>(
+          [&]() -> ResolveEndpointOutcome { return m_endpointProvider->ResolveEndpoint(request.GetEndpointContextParams()); },
+          TracingUtils::SMITHY_CLIENT_ENDPOINT_RESOLUTION_METRIC,
+          *meter,
+          {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
+      AWS_OPERATION_CHECK_SUCCESS(endpointResolutionOutcome, UpdatePlaybackRestrictionPolicy, CoreErrors, CoreErrors::ENDPOINT_RESOLUTION_FAILURE, endpointResolutionOutcome.GetError().GetMessage());
+      endpointResolutionOutcome.GetResult().AddPathSegments("/UpdatePlaybackRestrictionPolicy");
+      return UpdatePlaybackRestrictionPolicyOutcome(MakeRequest(request, endpointResolutionOutcome.GetResult(), Aws::Http::HttpMethod::HTTP_POST, Aws::Auth::SIGV4_SIGNER));
+    },
+    TracingUtils::SMITHY_CLIENT_DURATION_METRIC,
+    *meter,
+    {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
+}
+
diff --git a/generated/src/aws-cpp-sdk-ivs/source/model/Channel.cpp b/generated/src/aws-cpp-sdk-ivs/source/model/Channel.cpp
index 3121bed4993..e77aded0b97 100644
--- a/generated/src/aws-cpp-sdk-ivs/source/model/Channel.cpp
+++ b/generated/src/aws-cpp-sdk-ivs/source/model/Channel.cpp
@@ -28,6 +28,7 @@ Channel::Channel() :
     m_latencyMode(ChannelLatencyMode::NOT_SET),
     m_latencyModeHasBeenSet(false),
     m_nameHasBeenSet(false),
+    m_playbackRestrictionPolicyArnHasBeenSet(false),
     m_playbackUrlHasBeenSet(false),
     m_preset(TranscodePreset::NOT_SET),
     m_presetHasBeenSet(false),
@@ -48,6 +49,7 @@ Channel::Channel(JsonView jsonValue) :
     m_latencyMode(ChannelLatencyMode::NOT_SET),
     m_latencyModeHasBeenSet(false),
     m_nameHasBeenSet(false),
+    m_playbackRestrictionPolicyArnHasBeenSet(false),
     m_playbackUrlHasBeenSet(false),
     m_preset(TranscodePreset::NOT_SET),
     m_presetHasBeenSet(false),
@@ -103,6 +105,13 @@ Channel& Channel::operator =(JsonView jsonValue)
     m_nameHasBeenSet = true;
   }
 
+  if(jsonValue.ValueExists("playbackRestrictionPolicyArn"))
+  {
+    m_playbackRestrictionPolicyArn = jsonValue.GetString("playbackRestrictionPolicyArn");
+
+    m_playbackRestrictionPolicyArnHasBeenSet = true;
+  }
+
   if(jsonValue.ValueExists("playbackUrl"))
   {
     m_playbackUrl = jsonValue.GetString("playbackUrl");
@@ -183,6 +192,12 @@ JsonValue Channel::Jsonize() const
 
   }
 
+  if(m_playbackRestrictionPolicyArnHasBeenSet)
+  {
+   payload.WithString("playbackRestrictionPolicyArn", m_playbackRestrictionPolicyArn);
+
+  }
+
   if(m_playbackUrlHasBeenSet)
   {
    payload.WithString("playbackUrl", m_playbackUrl);
diff --git a/generated/src/aws-cpp-sdk-ivs/source/model/ChannelSummary.cpp b/generated/src/aws-cpp-sdk-ivs/source/model/ChannelSummary.cpp
index e62741f3151..1c0f6bd3525 100644
--- a/generated/src/aws-cpp-sdk-ivs/source/model/ChannelSummary.cpp
+++ b/generated/src/aws-cpp-sdk-ivs/source/model/ChannelSummary.cpp
@@ -27,6 +27,7 @@ ChannelSummary::ChannelSummary() :
     m_latencyMode(ChannelLatencyMode::NOT_SET),
     m_latencyModeHasBeenSet(false),
     m_nameHasBeenSet(false),
+    m_playbackRestrictionPolicyArnHasBeenSet(false),
     m_preset(TranscodePreset::NOT_SET),
     m_presetHasBeenSet(false),
     m_recordingConfigurationArnHasBeenSet(false),
@@ -45,6 +46,7 @@ ChannelSummary::ChannelSummary(JsonView jsonValue) :
     m_latencyMode(ChannelLatencyMode::NOT_SET),
     m_latencyModeHasBeenSet(false),
     m_nameHasBeenSet(false),
+    m_playbackRestrictionPolicyArnHasBeenSet(false),
     m_preset(TranscodePreset::NOT_SET),
     m_presetHasBeenSet(false),
     m_recordingConfigurationArnHasBeenSet(false),
@@ -92,6 +94,13 @@ ChannelSummary& ChannelSummary::operator =(JsonView jsonValue)
     m_nameHasBeenSet = true;
   }
 
+  if(jsonValue.ValueExists("playbackRestrictionPolicyArn"))
+  {
+    m_playbackRestrictionPolicyArn = jsonValue.GetString("playbackRestrictionPolicyArn");
+
+    m_playbackRestrictionPolicyArnHasBeenSet = true;
+  }
+
   if(jsonValue.ValueExists("preset"))
   {
     m_preset = TranscodePresetMapper::GetTranscodePresetForName(jsonValue.GetString("preset"));
@@ -159,6 +168,12 @@ JsonValue ChannelSummary::Jsonize() const
 
   }
 
+  if(m_playbackRestrictionPolicyArnHasBeenSet)
+  {
+   payload.WithString("playbackRestrictionPolicyArn", m_playbackRestrictionPolicyArn);
+
+  }
+
   if(m_presetHasBeenSet)
   {
    payload.WithString("preset", TranscodePresetMapper::GetNameForTranscodePreset(m_preset));
diff --git a/generated/src/aws-cpp-sdk-ivs/source/model/CreateChannelRequest.cpp b/generated/src/aws-cpp-sdk-ivs/source/model/CreateChannelRequest.cpp
index 0923eec7d4f..4d72dc4cba6 100644
--- a/generated/src/aws-cpp-sdk-ivs/source/model/CreateChannelRequest.cpp
+++ b/generated/src/aws-cpp-sdk-ivs/source/model/CreateChannelRequest.cpp
@@ -20,6 +20,7 @@ CreateChannelRequest::CreateChannelRequest() :
     m_latencyMode(ChannelLatencyMode::NOT_SET),
     m_latencyModeHasBeenSet(false),
     m_nameHasBeenSet(false),
+    m_playbackRestrictionPolicyArnHasBeenSet(false),
     m_preset(TranscodePreset::NOT_SET),
     m_presetHasBeenSet(false),
     m_recordingConfigurationArnHasBeenSet(false),
@@ -56,6 +57,12 @@ Aws::String CreateChannelRequest::SerializePayload() const
 
   }
 
+  if(m_playbackRestrictionPolicyArnHasBeenSet)
+  {
+   payload.WithString("playbackRestrictionPolicyArn", m_playbackRestrictionPolicyArn);
+
+  }
+
   if(m_presetHasBeenSet)
   {
    payload.WithString("preset", TranscodePresetMapper::GetNameForTranscodePreset(m_preset));
diff --git a/generated/src/aws-cpp-sdk-ivs/source/model/CreatePlaybackRestrictionPolicyRequest.cpp b/generated/src/aws-cpp-sdk-ivs/source/model/CreatePlaybackRestrictionPolicyRequest.cpp
new file mode 100644
index 00000000000..99777c83b04
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-ivs/source/model/CreatePlaybackRestrictionPolicyRequest.cpp
@@ -0,0 +1,79 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/ivs/model/CreatePlaybackRestrictionPolicyRequest.h>
+#include <aws/core/utils/json/JsonSerializer.h>
+
+#include <utility>
+
+using namespace Aws::IVS::Model;
+using namespace Aws::Utils::Json;
+using namespace Aws::Utils;
+
+CreatePlaybackRestrictionPolicyRequest::CreatePlaybackRestrictionPolicyRequest() : 
+    m_allowedCountriesHasBeenSet(false),
+    m_allowedOriginsHasBeenSet(false),
+    m_enableStrictOriginEnforcement(false),
+    m_enableStrictOriginEnforcementHasBeenSet(false),
+    m_nameHasBeenSet(false),
+    m_tagsHasBeenSet(false)
+{
+}
+
+Aws::String CreatePlaybackRestrictionPolicyRequest::SerializePayload() const
+{
+  JsonValue payload;
+
+  if(m_allowedCountriesHasBeenSet)
+  {
+   Aws::Utils::Array<JsonValue> allowedCountriesJsonList(m_allowedCountries.size());
+   for(unsigned allowedCountriesIndex = 0; allowedCountriesIndex < allowedCountriesJsonList.GetLength(); ++allowedCountriesIndex)
+   {
+     allowedCountriesJsonList[allowedCountriesIndex].AsString(m_allowedCountries[allowedCountriesIndex]);
+   }
+   payload.WithArray("allowedCountries", std::move(allowedCountriesJsonList));
+
+  }
+
+  if(m_allowedOriginsHasBeenSet)
+  {
+   Aws::Utils::Array<JsonValue> allowedOriginsJsonList(m_allowedOrigins.size());
+   for(unsigned allowedOriginsIndex = 0; allowedOriginsIndex < allowedOriginsJsonList.GetLength(); ++allowedOriginsIndex)
+   {
+     allowedOriginsJsonList[allowedOriginsIndex].AsString(m_allowedOrigins[allowedOriginsIndex]);
+   }
+   payload.WithArray("allowedOrigins", std::move(allowedOriginsJsonList));
+
+  }
+
+  if(m_enableStrictOriginEnforcementHasBeenSet)
+  {
+   payload.WithBool("enableStrictOriginEnforcement", m_enableStrictOriginEnforcement);
+
+  }
+
+  if(m_nameHasBeenSet)
+  {
+   payload.WithString("name", m_name);
+
+  }
+
+  if(m_tagsHasBeenSet)
+  {
+   JsonValue tagsJsonMap;
+   for(auto& tagsItem : m_tags)
+   {
+     tagsJsonMap.WithString(tagsItem.first, tagsItem.second);
+   }
+   payload.WithObject("tags", std::move(tagsJsonMap));
+
+  }
+
+  return payload.View().WriteReadable();
+}
+
+
+
+
diff --git a/generated/src/aws-cpp-sdk-ivs/source/model/CreatePlaybackRestrictionPolicyResult.cpp b/generated/src/aws-cpp-sdk-ivs/source/model/CreatePlaybackRestrictionPolicyResult.cpp
new file mode 100644
index 00000000000..051e85f3554
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-ivs/source/model/CreatePlaybackRestrictionPolicyResult.cpp
@@ -0,0 +1,48 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/ivs/model/CreatePlaybackRestrictionPolicyResult.h>
+#include <aws/core/utils/json/JsonSerializer.h>
+#include <aws/core/AmazonWebServiceResult.h>
+#include <aws/core/utils/StringUtils.h>
+#include <aws/core/utils/UnreferencedParam.h>
+#include <aws/core/utils/memory/stl/AWSStringStream.h>
+
+#include <utility>
+
+using namespace Aws::IVS::Model;
+using namespace Aws::Utils::Json;
+using namespace Aws::Utils;
+using namespace Aws;
+
+CreatePlaybackRestrictionPolicyResult::CreatePlaybackRestrictionPolicyResult()
+{
+}
+
+CreatePlaybackRestrictionPolicyResult::CreatePlaybackRestrictionPolicyResult(const Aws::AmazonWebServiceResult<JsonValue>& result)
+{
+  *this = result;
+}
+
+CreatePlaybackRestrictionPolicyResult& CreatePlaybackRestrictionPolicyResult::operator =(const Aws::AmazonWebServiceResult<JsonValue>& result)
+{
+  JsonView jsonValue = result.GetPayload().View();
+  if(jsonValue.ValueExists("playbackRestrictionPolicy"))
+  {
+    m_playbackRestrictionPolicy = jsonValue.GetObject("playbackRestrictionPolicy");
+
+  }
+
+
+  const auto& headers = result.GetHeaderValueCollection();
+  const auto& requestIdIter = headers.find("x-amzn-requestid");
+  if(requestIdIter != headers.end())
+  {
+    m_requestId = requestIdIter->second;
+  }
+
+
+  return *this;
+}
diff --git a/generated/src/aws-cpp-sdk-ivs/source/model/DeletePlaybackRestrictionPolicyRequest.cpp b/generated/src/aws-cpp-sdk-ivs/source/model/DeletePlaybackRestrictionPolicyRequest.cpp
new file mode 100644
index 00000000000..6d3df99c6cc
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-ivs/source/model/DeletePlaybackRestrictionPolicyRequest.cpp
@@ -0,0 +1,35 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/ivs/model/DeletePlaybackRestrictionPolicyRequest.h>
+#include <aws/core/utils/json/JsonSerializer.h>
+
+#include <utility>
+
+using namespace Aws::IVS::Model;
+using namespace Aws::Utils::Json;
+using namespace Aws::Utils;
+
+DeletePlaybackRestrictionPolicyRequest::DeletePlaybackRestrictionPolicyRequest() : 
+    m_arnHasBeenSet(false)
+{
+}
+
+Aws::String DeletePlaybackRestrictionPolicyRequest::SerializePayload() const
+{
+  JsonValue payload;
+
+  if(m_arnHasBeenSet)
+  {
+   payload.WithString("arn", m_arn);
+
+  }
+
+  return payload.View().WriteReadable();
+}
+
+
+
+
diff --git a/generated/src/aws-cpp-sdk-ivs/source/model/GetPlaybackRestrictionPolicyRequest.cpp b/generated/src/aws-cpp-sdk-ivs/source/model/GetPlaybackRestrictionPolicyRequest.cpp
new file mode 100644
index 00000000000..7398428f30d
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-ivs/source/model/GetPlaybackRestrictionPolicyRequest.cpp
@@ -0,0 +1,35 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/ivs/model/GetPlaybackRestrictionPolicyRequest.h>
+#include <aws/core/utils/json/JsonSerializer.h>
+
+#include <utility>
+
+using namespace Aws::IVS::Model;
+using namespace Aws::Utils::Json;
+using namespace Aws::Utils;
+
+GetPlaybackRestrictionPolicyRequest::GetPlaybackRestrictionPolicyRequest() : 
+    m_arnHasBeenSet(false)
+{
+}
+
+Aws::String GetPlaybackRestrictionPolicyRequest::SerializePayload() const
+{
+  JsonValue payload;
+
+  if(m_arnHasBeenSet)
+  {
+   payload.WithString("arn", m_arn);
+
+  }
+
+  return payload.View().WriteReadable();
+}
+
+
+
+
diff --git a/generated/src/aws-cpp-sdk-ivs/source/model/GetPlaybackRestrictionPolicyResult.cpp b/generated/src/aws-cpp-sdk-ivs/source/model/GetPlaybackRestrictionPolicyResult.cpp
new file mode 100644
index 00000000000..86a10626d80
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-ivs/source/model/GetPlaybackRestrictionPolicyResult.cpp
@@ -0,0 +1,48 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/ivs/model/GetPlaybackRestrictionPolicyResult.h>
+#include <aws/core/utils/json/JsonSerializer.h>
+#include <aws/core/AmazonWebServiceResult.h>
+#include <aws/core/utils/StringUtils.h>
+#include <aws/core/utils/UnreferencedParam.h>
+#include <aws/core/utils/memory/stl/AWSStringStream.h>
+
+#include <utility>
+
+using namespace Aws::IVS::Model;
+using namespace Aws::Utils::Json;
+using namespace Aws::Utils;
+using namespace Aws;
+
+GetPlaybackRestrictionPolicyResult::GetPlaybackRestrictionPolicyResult()
+{
+}
+
+GetPlaybackRestrictionPolicyResult::GetPlaybackRestrictionPolicyResult(const Aws::AmazonWebServiceResult<JsonValue>& result)
+{
+  *this = result;
+}
+
+GetPlaybackRestrictionPolicyResult& GetPlaybackRestrictionPolicyResult::operator =(const Aws::AmazonWebServiceResult<JsonValue>& result)
+{
+  JsonView jsonValue = result.GetPayload().View();
+  if(jsonValue.ValueExists("playbackRestrictionPolicy"))
+  {
+    m_playbackRestrictionPolicy = jsonValue.GetObject("playbackRestrictionPolicy");
+
+  }
+
+
+  const auto& headers = result.GetHeaderValueCollection();
+  const auto& requestIdIter = headers.find("x-amzn-requestid");
+  if(requestIdIter != headers.end())
+  {
+    m_requestId = requestIdIter->second;
+  }
+
+
+  return *this;
+}
diff --git a/generated/src/aws-cpp-sdk-ivs/source/model/ListChannelsRequest.cpp b/generated/src/aws-cpp-sdk-ivs/source/model/ListChannelsRequest.cpp
index 70da565dc8a..6c35e44a3f6 100644
--- a/generated/src/aws-cpp-sdk-ivs/source/model/ListChannelsRequest.cpp
+++ b/generated/src/aws-cpp-sdk-ivs/source/model/ListChannelsRequest.cpp
@@ -14,6 +14,7 @@ using namespace Aws::Utils;
 
 ListChannelsRequest::ListChannelsRequest() : 
     m_filterByNameHasBeenSet(false),
+    m_filterByPlaybackRestrictionPolicyArnHasBeenSet(false),
     m_filterByRecordingConfigurationArnHasBeenSet(false),
     m_maxResults(0),
     m_maxResultsHasBeenSet(false),
@@ -31,6 +32,12 @@ Aws::String ListChannelsRequest::SerializePayload() const
 
   }
 
+  if(m_filterByPlaybackRestrictionPolicyArnHasBeenSet)
+  {
+   payload.WithString("filterByPlaybackRestrictionPolicyArn", m_filterByPlaybackRestrictionPolicyArn);
+
+  }
+
   if(m_filterByRecordingConfigurationArnHasBeenSet)
   {
    payload.WithString("filterByRecordingConfigurationArn", m_filterByRecordingConfigurationArn);
diff --git a/generated/src/aws-cpp-sdk-mediaconvert/source/model/DescribeEndpointsRequest.cpp b/generated/src/aws-cpp-sdk-ivs/source/model/ListPlaybackRestrictionPoliciesRequest.cpp
similarity index 58%
rename from generated/src/aws-cpp-sdk-mediaconvert/source/model/DescribeEndpointsRequest.cpp
rename to generated/src/aws-cpp-sdk-ivs/source/model/ListPlaybackRestrictionPoliciesRequest.cpp
index 9fa33faba35..60849ea466b 100644
--- a/generated/src/aws-cpp-sdk-mediaconvert/source/model/DescribeEndpointsRequest.cpp
+++ b/generated/src/aws-cpp-sdk-ivs/source/model/ListPlaybackRestrictionPoliciesRequest.cpp
@@ -3,25 +3,23 @@
  * SPDX-License-Identifier: Apache-2.0.
  */
 
-#include <aws/mediaconvert/model/DescribeEndpointsRequest.h>
+#include <aws/ivs/model/ListPlaybackRestrictionPoliciesRequest.h>
 #include <aws/core/utils/json/JsonSerializer.h>
 
 #include <utility>
 
-using namespace Aws::MediaConvert::Model;
+using namespace Aws::IVS::Model;
 using namespace Aws::Utils::Json;
 using namespace Aws::Utils;
 
-DescribeEndpointsRequest::DescribeEndpointsRequest() : 
+ListPlaybackRestrictionPoliciesRequest::ListPlaybackRestrictionPoliciesRequest() : 
     m_maxResults(0),
     m_maxResultsHasBeenSet(false),
-    m_mode(DescribeEndpointsMode::NOT_SET),
-    m_modeHasBeenSet(false),
     m_nextTokenHasBeenSet(false)
 {
 }
 
-Aws::String DescribeEndpointsRequest::SerializePayload() const
+Aws::String ListPlaybackRestrictionPoliciesRequest::SerializePayload() const
 {
   JsonValue payload;
 
@@ -31,11 +29,6 @@ Aws::String DescribeEndpointsRequest::SerializePayload() const
 
   }
 
-  if(m_modeHasBeenSet)
-  {
-   payload.WithString("mode", DescribeEndpointsModeMapper::GetNameForDescribeEndpointsMode(m_mode));
-  }
-
   if(m_nextTokenHasBeenSet)
   {
    payload.WithString("nextToken", m_nextToken);
diff --git a/generated/src/aws-cpp-sdk-ivs/source/model/ListPlaybackRestrictionPoliciesResult.cpp b/generated/src/aws-cpp-sdk-ivs/source/model/ListPlaybackRestrictionPoliciesResult.cpp
new file mode 100644
index 00000000000..01dedc1b7bb
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-ivs/source/model/ListPlaybackRestrictionPoliciesResult.cpp
@@ -0,0 +1,57 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/ivs/model/ListPlaybackRestrictionPoliciesResult.h>
+#include <aws/core/utils/json/JsonSerializer.h>
+#include <aws/core/AmazonWebServiceResult.h>
+#include <aws/core/utils/StringUtils.h>
+#include <aws/core/utils/UnreferencedParam.h>
+#include <aws/core/utils/memory/stl/AWSStringStream.h>
+
+#include <utility>
+
+using namespace Aws::IVS::Model;
+using namespace Aws::Utils::Json;
+using namespace Aws::Utils;
+using namespace Aws;
+
+ListPlaybackRestrictionPoliciesResult::ListPlaybackRestrictionPoliciesResult()
+{
+}
+
+ListPlaybackRestrictionPoliciesResult::ListPlaybackRestrictionPoliciesResult(const Aws::AmazonWebServiceResult<JsonValue>& result)
+{
+  *this = result;
+}
+
+ListPlaybackRestrictionPoliciesResult& ListPlaybackRestrictionPoliciesResult::operator =(const Aws::AmazonWebServiceResult<JsonValue>& result)
+{
+  JsonView jsonValue = result.GetPayload().View();
+  if(jsonValue.ValueExists("nextToken"))
+  {
+    m_nextToken = jsonValue.GetString("nextToken");
+
+  }
+
+  if(jsonValue.ValueExists("playbackRestrictionPolicies"))
+  {
+    Aws::Utils::Array<JsonView> playbackRestrictionPoliciesJsonList = jsonValue.GetArray("playbackRestrictionPolicies");
+    for(unsigned playbackRestrictionPoliciesIndex = 0; playbackRestrictionPoliciesIndex < playbackRestrictionPoliciesJsonList.GetLength(); ++playbackRestrictionPoliciesIndex)
+    {
+      m_playbackRestrictionPolicies.push_back(playbackRestrictionPoliciesJsonList[playbackRestrictionPoliciesIndex].AsObject());
+    }
+  }
+
+
+  const auto& headers = result.GetHeaderValueCollection();
+  const auto& requestIdIter = headers.find("x-amzn-requestid");
+  if(requestIdIter != headers.end())
+  {
+    m_requestId = requestIdIter->second;
+  }
+
+
+  return *this;
+}
diff --git a/generated/src/aws-cpp-sdk-ivs/source/model/PlaybackRestrictionPolicy.cpp b/generated/src/aws-cpp-sdk-ivs/source/model/PlaybackRestrictionPolicy.cpp
new file mode 100644
index 00000000000..d6c94f6d1d5
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-ivs/source/model/PlaybackRestrictionPolicy.cpp
@@ -0,0 +1,160 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/ivs/model/PlaybackRestrictionPolicy.h>
+#include <aws/core/utils/json/JsonSerializer.h>
+
+#include <utility>
+
+using namespace Aws::Utils::Json;
+using namespace Aws::Utils;
+
+namespace Aws
+{
+namespace IVS
+{
+namespace Model
+{
+
+PlaybackRestrictionPolicy::PlaybackRestrictionPolicy() : 
+    m_allowedCountriesHasBeenSet(false),
+    m_allowedOriginsHasBeenSet(false),
+    m_arnHasBeenSet(false),
+    m_enableStrictOriginEnforcement(false),
+    m_enableStrictOriginEnforcementHasBeenSet(false),
+    m_nameHasBeenSet(false),
+    m_tagsHasBeenSet(false)
+{
+}
+
+PlaybackRestrictionPolicy::PlaybackRestrictionPolicy(JsonView jsonValue) : 
+    m_allowedCountriesHasBeenSet(false),
+    m_allowedOriginsHasBeenSet(false),
+    m_arnHasBeenSet(false),
+    m_enableStrictOriginEnforcement(false),
+    m_enableStrictOriginEnforcementHasBeenSet(false),
+    m_nameHasBeenSet(false),
+    m_tagsHasBeenSet(false)
+{
+  *this = jsonValue;
+}
+
+PlaybackRestrictionPolicy& PlaybackRestrictionPolicy::operator =(JsonView jsonValue)
+{
+  if(jsonValue.ValueExists("allowedCountries"))
+  {
+    Aws::Utils::Array<JsonView> allowedCountriesJsonList = jsonValue.GetArray("allowedCountries");
+    for(unsigned allowedCountriesIndex = 0; allowedCountriesIndex < allowedCountriesJsonList.GetLength(); ++allowedCountriesIndex)
+    {
+      m_allowedCountries.push_back(allowedCountriesJsonList[allowedCountriesIndex].AsString());
+    }
+    m_allowedCountriesHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("allowedOrigins"))
+  {
+    Aws::Utils::Array<JsonView> allowedOriginsJsonList = jsonValue.GetArray("allowedOrigins");
+    for(unsigned allowedOriginsIndex = 0; allowedOriginsIndex < allowedOriginsJsonList.GetLength(); ++allowedOriginsIndex)
+    {
+      m_allowedOrigins.push_back(allowedOriginsJsonList[allowedOriginsIndex].AsString());
+    }
+    m_allowedOriginsHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("arn"))
+  {
+    m_arn = jsonValue.GetString("arn");
+
+    m_arnHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("enableStrictOriginEnforcement"))
+  {
+    m_enableStrictOriginEnforcement = jsonValue.GetBool("enableStrictOriginEnforcement");
+
+    m_enableStrictOriginEnforcementHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("name"))
+  {
+    m_name = jsonValue.GetString("name");
+
+    m_nameHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("tags"))
+  {
+    Aws::Map<Aws::String, JsonView> tagsJsonMap = jsonValue.GetObject("tags").GetAllObjects();
+    for(auto& tagsItem : tagsJsonMap)
+    {
+      m_tags[tagsItem.first] = tagsItem.second.AsString();
+    }
+    m_tagsHasBeenSet = true;
+  }
+
+  return *this;
+}
+
+JsonValue PlaybackRestrictionPolicy::Jsonize() const
+{
+  JsonValue payload;
+
+  if(m_allowedCountriesHasBeenSet)
+  {
+   Aws::Utils::Array<JsonValue> allowedCountriesJsonList(m_allowedCountries.size());
+   for(unsigned allowedCountriesIndex = 0; allowedCountriesIndex < allowedCountriesJsonList.GetLength(); ++allowedCountriesIndex)
+   {
+     allowedCountriesJsonList[allowedCountriesIndex].AsString(m_allowedCountries[allowedCountriesIndex]);
+   }
+   payload.WithArray("allowedCountries", std::move(allowedCountriesJsonList));
+
+  }
+
+  if(m_allowedOriginsHasBeenSet)
+  {
+   Aws::Utils::Array<JsonValue> allowedOriginsJsonList(m_allowedOrigins.size());
+   for(unsigned allowedOriginsIndex = 0; allowedOriginsIndex < allowedOriginsJsonList.GetLength(); ++allowedOriginsIndex)
+   {
+     allowedOriginsJsonList[allowedOriginsIndex].AsString(m_allowedOrigins[allowedOriginsIndex]);
+   }
+   payload.WithArray("allowedOrigins", std::move(allowedOriginsJsonList));
+
+  }
+
+  if(m_arnHasBeenSet)
+  {
+   payload.WithString("arn", m_arn);
+
+  }
+
+  if(m_enableStrictOriginEnforcementHasBeenSet)
+  {
+   payload.WithBool("enableStrictOriginEnforcement", m_enableStrictOriginEnforcement);
+
+  }
+
+  if(m_nameHasBeenSet)
+  {
+   payload.WithString("name", m_name);
+
+  }
+
+  if(m_tagsHasBeenSet)
+  {
+   JsonValue tagsJsonMap;
+   for(auto& tagsItem : m_tags)
+   {
+     tagsJsonMap.WithString(tagsItem.first, tagsItem.second);
+   }
+   payload.WithObject("tags", std::move(tagsJsonMap));
+
+  }
+
+  return payload;
+}
+
+} // namespace Model
+} // namespace IVS
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-ivs/source/model/PlaybackRestrictionPolicySummary.cpp b/generated/src/aws-cpp-sdk-ivs/source/model/PlaybackRestrictionPolicySummary.cpp
new file mode 100644
index 00000000000..86f6cbb966e
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-ivs/source/model/PlaybackRestrictionPolicySummary.cpp
@@ -0,0 +1,160 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/ivs/model/PlaybackRestrictionPolicySummary.h>
+#include <aws/core/utils/json/JsonSerializer.h>
+
+#include <utility>
+
+using namespace Aws::Utils::Json;
+using namespace Aws::Utils;
+
+namespace Aws
+{
+namespace IVS
+{
+namespace Model
+{
+
+PlaybackRestrictionPolicySummary::PlaybackRestrictionPolicySummary() : 
+    m_allowedCountriesHasBeenSet(false),
+    m_allowedOriginsHasBeenSet(false),
+    m_arnHasBeenSet(false),
+    m_enableStrictOriginEnforcement(false),
+    m_enableStrictOriginEnforcementHasBeenSet(false),
+    m_nameHasBeenSet(false),
+    m_tagsHasBeenSet(false)
+{
+}
+
+PlaybackRestrictionPolicySummary::PlaybackRestrictionPolicySummary(JsonView jsonValue) : 
+    m_allowedCountriesHasBeenSet(false),
+    m_allowedOriginsHasBeenSet(false),
+    m_arnHasBeenSet(false),
+    m_enableStrictOriginEnforcement(false),
+    m_enableStrictOriginEnforcementHasBeenSet(false),
+    m_nameHasBeenSet(false),
+    m_tagsHasBeenSet(false)
+{
+  *this = jsonValue;
+}
+
+PlaybackRestrictionPolicySummary& PlaybackRestrictionPolicySummary::operator =(JsonView jsonValue)
+{
+  if(jsonValue.ValueExists("allowedCountries"))
+  {
+    Aws::Utils::Array<JsonView> allowedCountriesJsonList = jsonValue.GetArray("allowedCountries");
+    for(unsigned allowedCountriesIndex = 0; allowedCountriesIndex < allowedCountriesJsonList.GetLength(); ++allowedCountriesIndex)
+    {
+      m_allowedCountries.push_back(allowedCountriesJsonList[allowedCountriesIndex].AsString());
+    }
+    m_allowedCountriesHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("allowedOrigins"))
+  {
+    Aws::Utils::Array<JsonView> allowedOriginsJsonList = jsonValue.GetArray("allowedOrigins");
+    for(unsigned allowedOriginsIndex = 0; allowedOriginsIndex < allowedOriginsJsonList.GetLength(); ++allowedOriginsIndex)
+    {
+      m_allowedOrigins.push_back(allowedOriginsJsonList[allowedOriginsIndex].AsString());
+    }
+    m_allowedOriginsHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("arn"))
+  {
+    m_arn = jsonValue.GetString("arn");
+
+    m_arnHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("enableStrictOriginEnforcement"))
+  {
+    m_enableStrictOriginEnforcement = jsonValue.GetBool("enableStrictOriginEnforcement");
+
+    m_enableStrictOriginEnforcementHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("name"))
+  {
+    m_name = jsonValue.GetString("name");
+
+    m_nameHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("tags"))
+  {
+    Aws::Map<Aws::String, JsonView> tagsJsonMap = jsonValue.GetObject("tags").GetAllObjects();
+    for(auto& tagsItem : tagsJsonMap)
+    {
+      m_tags[tagsItem.first] = tagsItem.second.AsString();
+    }
+    m_tagsHasBeenSet = true;
+  }
+
+  return *this;
+}
+
+JsonValue PlaybackRestrictionPolicySummary::Jsonize() const
+{
+  JsonValue payload;
+
+  if(m_allowedCountriesHasBeenSet)
+  {
+   Aws::Utils::Array<JsonValue> allowedCountriesJsonList(m_allowedCountries.size());
+   for(unsigned allowedCountriesIndex = 0; allowedCountriesIndex < allowedCountriesJsonList.GetLength(); ++allowedCountriesIndex)
+   {
+     allowedCountriesJsonList[allowedCountriesIndex].AsString(m_allowedCountries[allowedCountriesIndex]);
+   }
+   payload.WithArray("allowedCountries", std::move(allowedCountriesJsonList));
+
+  }
+
+  if(m_allowedOriginsHasBeenSet)
+  {
+   Aws::Utils::Array<JsonValue> allowedOriginsJsonList(m_allowedOrigins.size());
+   for(unsigned allowedOriginsIndex = 0; allowedOriginsIndex < allowedOriginsJsonList.GetLength(); ++allowedOriginsIndex)
+   {
+     allowedOriginsJsonList[allowedOriginsIndex].AsString(m_allowedOrigins[allowedOriginsIndex]);
+   }
+   payload.WithArray("allowedOrigins", std::move(allowedOriginsJsonList));
+
+  }
+
+  if(m_arnHasBeenSet)
+  {
+   payload.WithString("arn", m_arn);
+
+  }
+
+  if(m_enableStrictOriginEnforcementHasBeenSet)
+  {
+   payload.WithBool("enableStrictOriginEnforcement", m_enableStrictOriginEnforcement);
+
+  }
+
+  if(m_nameHasBeenSet)
+  {
+   payload.WithString("name", m_name);
+
+  }
+
+  if(m_tagsHasBeenSet)
+  {
+   JsonValue tagsJsonMap;
+   for(auto& tagsItem : m_tags)
+   {
+     tagsJsonMap.WithString(tagsItem.first, tagsItem.second);
+   }
+   payload.WithObject("tags", std::move(tagsJsonMap));
+
+  }
+
+  return payload;
+}
+
+} // namespace Model
+} // namespace IVS
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-ivs/source/model/UpdateChannelRequest.cpp b/generated/src/aws-cpp-sdk-ivs/source/model/UpdateChannelRequest.cpp
index 519bdaf5e35..317a3bac4dd 100644
--- a/generated/src/aws-cpp-sdk-ivs/source/model/UpdateChannelRequest.cpp
+++ b/generated/src/aws-cpp-sdk-ivs/source/model/UpdateChannelRequest.cpp
@@ -21,6 +21,7 @@ UpdateChannelRequest::UpdateChannelRequest() :
     m_latencyMode(ChannelLatencyMode::NOT_SET),
     m_latencyModeHasBeenSet(false),
     m_nameHasBeenSet(false),
+    m_playbackRestrictionPolicyArnHasBeenSet(false),
     m_preset(TranscodePreset::NOT_SET),
     m_presetHasBeenSet(false),
     m_recordingConfigurationArnHasBeenSet(false),
@@ -62,6 +63,12 @@ Aws::String UpdateChannelRequest::SerializePayload() const
 
   }
 
+  if(m_playbackRestrictionPolicyArnHasBeenSet)
+  {
+   payload.WithString("playbackRestrictionPolicyArn", m_playbackRestrictionPolicyArn);
+
+  }
+
   if(m_presetHasBeenSet)
   {
    payload.WithString("preset", TranscodePresetMapper::GetNameForTranscodePreset(m_preset));
diff --git a/generated/src/aws-cpp-sdk-ivs/source/model/UpdatePlaybackRestrictionPolicyRequest.cpp b/generated/src/aws-cpp-sdk-ivs/source/model/UpdatePlaybackRestrictionPolicyRequest.cpp
new file mode 100644
index 00000000000..b369801abbc
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-ivs/source/model/UpdatePlaybackRestrictionPolicyRequest.cpp
@@ -0,0 +1,74 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/ivs/model/UpdatePlaybackRestrictionPolicyRequest.h>
+#include <aws/core/utils/json/JsonSerializer.h>
+
+#include <utility>
+
+using namespace Aws::IVS::Model;
+using namespace Aws::Utils::Json;
+using namespace Aws::Utils;
+
+UpdatePlaybackRestrictionPolicyRequest::UpdatePlaybackRestrictionPolicyRequest() : 
+    m_allowedCountriesHasBeenSet(false),
+    m_allowedOriginsHasBeenSet(false),
+    m_arnHasBeenSet(false),
+    m_enableStrictOriginEnforcement(false),
+    m_enableStrictOriginEnforcementHasBeenSet(false),
+    m_nameHasBeenSet(false)
+{
+}
+
+Aws::String UpdatePlaybackRestrictionPolicyRequest::SerializePayload() const
+{
+  JsonValue payload;
+
+  if(m_allowedCountriesHasBeenSet)
+  {
+   Aws::Utils::Array<JsonValue> allowedCountriesJsonList(m_allowedCountries.size());
+   for(unsigned allowedCountriesIndex = 0; allowedCountriesIndex < allowedCountriesJsonList.GetLength(); ++allowedCountriesIndex)
+   {
+     allowedCountriesJsonList[allowedCountriesIndex].AsString(m_allowedCountries[allowedCountriesIndex]);
+   }
+   payload.WithArray("allowedCountries", std::move(allowedCountriesJsonList));
+
+  }
+
+  if(m_allowedOriginsHasBeenSet)
+  {
+   Aws::Utils::Array<JsonValue> allowedOriginsJsonList(m_allowedOrigins.size());
+   for(unsigned allowedOriginsIndex = 0; allowedOriginsIndex < allowedOriginsJsonList.GetLength(); ++allowedOriginsIndex)
+   {
+     allowedOriginsJsonList[allowedOriginsIndex].AsString(m_allowedOrigins[allowedOriginsIndex]);
+   }
+   payload.WithArray("allowedOrigins", std::move(allowedOriginsJsonList));
+
+  }
+
+  if(m_arnHasBeenSet)
+  {
+   payload.WithString("arn", m_arn);
+
+  }
+
+  if(m_enableStrictOriginEnforcementHasBeenSet)
+  {
+   payload.WithBool("enableStrictOriginEnforcement", m_enableStrictOriginEnforcement);
+
+  }
+
+  if(m_nameHasBeenSet)
+  {
+   payload.WithString("name", m_name);
+
+  }
+
+  return payload.View().WriteReadable();
+}
+
+
+
+
diff --git a/generated/src/aws-cpp-sdk-ivs/source/model/UpdatePlaybackRestrictionPolicyResult.cpp b/generated/src/aws-cpp-sdk-ivs/source/model/UpdatePlaybackRestrictionPolicyResult.cpp
new file mode 100644
index 00000000000..af32b2074ca
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-ivs/source/model/UpdatePlaybackRestrictionPolicyResult.cpp
@@ -0,0 +1,48 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/ivs/model/UpdatePlaybackRestrictionPolicyResult.h>
+#include <aws/core/utils/json/JsonSerializer.h>
+#include <aws/core/AmazonWebServiceResult.h>
+#include <aws/core/utils/StringUtils.h>
+#include <aws/core/utils/UnreferencedParam.h>
+#include <aws/core/utils/memory/stl/AWSStringStream.h>
+
+#include <utility>
+
+using namespace Aws::IVS::Model;
+using namespace Aws::Utils::Json;
+using namespace Aws::Utils;
+using namespace Aws;
+
+UpdatePlaybackRestrictionPolicyResult::UpdatePlaybackRestrictionPolicyResult()
+{
+}
+
+UpdatePlaybackRestrictionPolicyResult::UpdatePlaybackRestrictionPolicyResult(const Aws::AmazonWebServiceResult<JsonValue>& result)
+{
+  *this = result;
+}
+
+UpdatePlaybackRestrictionPolicyResult& UpdatePlaybackRestrictionPolicyResult::operator =(const Aws::AmazonWebServiceResult<JsonValue>& result)
+{
+  JsonView jsonValue = result.GetPayload().View();
+  if(jsonValue.ValueExists("playbackRestrictionPolicy"))
+  {
+    m_playbackRestrictionPolicy = jsonValue.GetObject("playbackRestrictionPolicy");
+
+  }
+
+
+  const auto& headers = result.GetHeaderValueCollection();
+  const auto& requestIdIter = headers.find("x-amzn-requestid");
+  if(requestIdIter != headers.end())
+  {
+    m_requestId = requestIdIter->second;
+  }
+
+
+  return *this;
+}
diff --git a/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/ManagedBlockchainQueryClient.h b/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/ManagedBlockchainQueryClient.h
index e3c6bbb4347..3f981497089 100644
--- a/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/ManagedBlockchainQueryClient.h
+++ b/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/ManagedBlockchainQueryClient.h
@@ -87,8 +87,8 @@ namespace ManagedBlockchainQuery
         /**
          * <p>Gets the token balance for a batch of tokens by using the
          * <code>BatchGetTokenBalance</code> action for every token in the request.</p>
-         *  <p>Only the native tokens BTC,ETH, and the ERC-20, ERC-721, and ERC 1155
-         * token standards are supported.</p> <p><h3>See Also:</h3>   <a
+         *  <p>Only the native tokens BTC and ETH, and the ERC-20, ERC-721, and ERC
+         * 1155 token standards are supported.</p> <p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/managedblockchain-query-2023-05-04/BatchGetTokenBalance">AWS
          * API Reference</a></p>
          */
@@ -145,7 +145,7 @@ namespace ManagedBlockchainQuery
         /**
          * <p>Gets the balance of a specific token, including native tokens, for a given
          * address (wallet or contract) on the blockchain.</p>  <p>Only the native
-         * tokens BTC,ETH, and the ERC-20, ERC-721, and ERC 1155 token standards are
+         * tokens BTC and ETH, and the ERC-20, ERC-721, and ERC 1155 token standards are
          * supported.</p> <p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/managedblockchain-query-2023-05-04/GetTokenBalance">AWS
          * API Reference</a></p>
@@ -171,7 +171,11 @@ namespace ManagedBlockchainQuery
         }
 
         /**
-         * <p>Get the details of a transaction.</p><p><h3>See Also:</h3>   <a
+         * <p>Gets the details of a transaction.</p>  <p>This action will return
+         * transaction details for all transactions that are <i>confirmed</i> on the
+         * blockchain, even if they have not reached <a
+         * href="https://docs.aws.amazon.com/managed-blockchain/latest/ambq-dg/key-concepts.html#finality">finality</a>.
+         * </p> <p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/managedblockchain-query-2023-05-04/GetTransaction">AWS
          * API Reference</a></p>
          */
@@ -255,7 +259,11 @@ namespace ManagedBlockchainQuery
 
         /**
          * <p>An array of <code>TransactionEvent</code> objects. Each object contains
-         * details about the transaction event.</p><p><h3>See Also:</h3>   <a
+         * details about the transaction event.</p>  <p>This action will return
+         * transaction details for all transactions that are <i>confirmed</i> on the
+         * blockchain, even if they have not reached <a
+         * href="https://docs.aws.amazon.com/managed-blockchain/latest/ambq-dg/key-concepts.html#finality">finality</a>.
+         * </p> <p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/managedblockchain-query-2023-05-04/ListTransactionEvents">AWS
          * API Reference</a></p>
          */
diff --git a/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/ConfirmationStatus.h b/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/ConfirmationStatus.h
index 0f440c6c258..d5a390e1c74 100644
--- a/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/ConfirmationStatus.h
+++ b/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/ConfirmationStatus.h
@@ -16,7 +16,8 @@ namespace Model
   enum class ConfirmationStatus
   {
     NOT_SET,
-    FINAL
+    FINAL,
+    NONFINAL
   };
 
 namespace ConfirmationStatusMapper
diff --git a/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/ConfirmationStatusFilter.h b/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/ConfirmationStatusFilter.h
new file mode 100644
index 00000000000..3e52491f798
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/ConfirmationStatusFilter.h
@@ -0,0 +1,116 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/managedblockchain-query/ManagedBlockchainQuery_EXPORTS.h>
+#include <aws/core/utils/memory/stl/AWSVector.h>
+#include <aws/managedblockchain-query/model/ConfirmationStatus.h>
+#include <utility>
+
+namespace Aws
+{
+namespace Utils
+{
+namespace Json
+{
+  class JsonValue;
+  class JsonView;
+} // namespace Json
+} // namespace Utils
+namespace ManagedBlockchainQuery
+{
+namespace Model
+{
+
+  /**
+   * <p>The container for the <code>ConfirmationStatusFilter</code> that filters for
+   * the <a
+   * href="https://docs.aws.amazon.com/managed-blockchain/latest/ambq-dg/key-concepts.html#finality">
+   * <i>finality</i> </a> of the results.</p><p><h3>See Also:</h3>   <a
+   * href="http://docs.aws.amazon.com/goto/WebAPI/managedblockchain-query-2023-05-04/ConfirmationStatusFilter">AWS
+   * API Reference</a></p>
+   */
+  class ConfirmationStatusFilter
+  {
+  public:
+    AWS_MANAGEDBLOCKCHAINQUERY_API ConfirmationStatusFilter();
+    AWS_MANAGEDBLOCKCHAINQUERY_API ConfirmationStatusFilter(Aws::Utils::Json::JsonView jsonValue);
+    AWS_MANAGEDBLOCKCHAINQUERY_API ConfirmationStatusFilter& operator=(Aws::Utils::Json::JsonView jsonValue);
+    AWS_MANAGEDBLOCKCHAINQUERY_API Aws::Utils::Json::JsonValue Jsonize() const;
+
+
+    /**
+     * <p>The container to determine whether to list results that have only reached <a
+     * href="https://docs.aws.amazon.com/managed-blockchain/latest/ambq-dg/key-concepts.html#finality">
+     * <i>finality</i> </a>. Transactions that have reached finality are always part of
+     * the response.</p>
+     */
+    inline const Aws::Vector<ConfirmationStatus>& GetInclude() const{ return m_include; }
+
+    /**
+     * <p>The container to determine whether to list results that have only reached <a
+     * href="https://docs.aws.amazon.com/managed-blockchain/latest/ambq-dg/key-concepts.html#finality">
+     * <i>finality</i> </a>. Transactions that have reached finality are always part of
+     * the response.</p>
+     */
+    inline bool IncludeHasBeenSet() const { return m_includeHasBeenSet; }
+
+    /**
+     * <p>The container to determine whether to list results that have only reached <a
+     * href="https://docs.aws.amazon.com/managed-blockchain/latest/ambq-dg/key-concepts.html#finality">
+     * <i>finality</i> </a>. Transactions that have reached finality are always part of
+     * the response.</p>
+     */
+    inline void SetInclude(const Aws::Vector<ConfirmationStatus>& value) { m_includeHasBeenSet = true; m_include = value; }
+
+    /**
+     * <p>The container to determine whether to list results that have only reached <a
+     * href="https://docs.aws.amazon.com/managed-blockchain/latest/ambq-dg/key-concepts.html#finality">
+     * <i>finality</i> </a>. Transactions that have reached finality are always part of
+     * the response.</p>
+     */
+    inline void SetInclude(Aws::Vector<ConfirmationStatus>&& value) { m_includeHasBeenSet = true; m_include = std::move(value); }
+
+    /**
+     * <p>The container to determine whether to list results that have only reached <a
+     * href="https://docs.aws.amazon.com/managed-blockchain/latest/ambq-dg/key-concepts.html#finality">
+     * <i>finality</i> </a>. Transactions that have reached finality are always part of
+     * the response.</p>
+     */
+    inline ConfirmationStatusFilter& WithInclude(const Aws::Vector<ConfirmationStatus>& value) { SetInclude(value); return *this;}
+
+    /**
+     * <p>The container to determine whether to list results that have only reached <a
+     * href="https://docs.aws.amazon.com/managed-blockchain/latest/ambq-dg/key-concepts.html#finality">
+     * <i>finality</i> </a>. Transactions that have reached finality are always part of
+     * the response.</p>
+     */
+    inline ConfirmationStatusFilter& WithInclude(Aws::Vector<ConfirmationStatus>&& value) { SetInclude(std::move(value)); return *this;}
+
+    /**
+     * <p>The container to determine whether to list results that have only reached <a
+     * href="https://docs.aws.amazon.com/managed-blockchain/latest/ambq-dg/key-concepts.html#finality">
+     * <i>finality</i> </a>. Transactions that have reached finality are always part of
+     * the response.</p>
+     */
+    inline ConfirmationStatusFilter& AddInclude(const ConfirmationStatus& value) { m_includeHasBeenSet = true; m_include.push_back(value); return *this; }
+
+    /**
+     * <p>The container to determine whether to list results that have only reached <a
+     * href="https://docs.aws.amazon.com/managed-blockchain/latest/ambq-dg/key-concepts.html#finality">
+     * <i>finality</i> </a>. Transactions that have reached finality are always part of
+     * the response.</p>
+     */
+    inline ConfirmationStatusFilter& AddInclude(ConfirmationStatus&& value) { m_includeHasBeenSet = true; m_include.push_back(std::move(value)); return *this; }
+
+  private:
+
+    Aws::Vector<ConfirmationStatus> m_include;
+    bool m_includeHasBeenSet = false;
+  };
+
+} // namespace Model
+} // namespace ManagedBlockchainQuery
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/ListAssetContractsRequest.h b/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/ListAssetContractsRequest.h
index 39db0ec48ee..20639137b4b 100644
--- a/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/ListAssetContractsRequest.h
+++ b/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/ListAssetContractsRequest.h
@@ -106,22 +106,42 @@ namespace Model
 
 
     /**
-     * <p>The maximum number of contracts to list.</p>
+     * <p>The maximum number of contracts to list.</p> <p>Default:<code>100</code> </p>
+     *  <p>Even if additional results can be retrieved, the request can return
+     * less results than <code>maxResults</code> or an empty array of results.</p>
+     * <p>To retrieve the next set of results, make another request with the returned
+     * <code>nextToken</code> value. The value of <code>nextToken</code> is
+     * <code>null</code> when there are no more results to return</p> 
      */
     inline int GetMaxResults() const{ return m_maxResults; }
 
     /**
-     * <p>The maximum number of contracts to list.</p>
+     * <p>The maximum number of contracts to list.</p> <p>Default:<code>100</code> </p>
+     *  <p>Even if additional results can be retrieved, the request can return
+     * less results than <code>maxResults</code> or an empty array of results.</p>
+     * <p>To retrieve the next set of results, make another request with the returned
+     * <code>nextToken</code> value. The value of <code>nextToken</code> is
+     * <code>null</code> when there are no more results to return</p> 
      */
     inline bool MaxResultsHasBeenSet() const { return m_maxResultsHasBeenSet; }
 
     /**
-     * <p>The maximum number of contracts to list.</p>
+     * <p>The maximum number of contracts to list.</p> <p>Default:<code>100</code> </p>
+     *  <p>Even if additional results can be retrieved, the request can return
+     * less results than <code>maxResults</code> or an empty array of results.</p>
+     * <p>To retrieve the next set of results, make another request with the returned
+     * <code>nextToken</code> value. The value of <code>nextToken</code> is
+     * <code>null</code> when there are no more results to return</p> 
      */
     inline void SetMaxResults(int value) { m_maxResultsHasBeenSet = true; m_maxResults = value; }
 
     /**
-     * <p>The maximum number of contracts to list.</p>
+     * <p>The maximum number of contracts to list.</p> <p>Default:<code>100</code> </p>
+     *  <p>Even if additional results can be retrieved, the request can return
+     * less results than <code>maxResults</code> or an empty array of results.</p>
+     * <p>To retrieve the next set of results, make another request with the returned
+     * <code>nextToken</code> value. The value of <code>nextToken</code> is
+     * <code>null</code> when there are no more results to return</p> 
      */
     inline ListAssetContractsRequest& WithMaxResults(int value) { SetMaxResults(value); return *this;}
 
diff --git a/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/ListTokenBalancesRequest.h b/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/ListTokenBalancesRequest.h
index 5b7fb4a2e5a..a18bd6d4047 100644
--- a/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/ListTokenBalancesRequest.h
+++ b/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/ListTokenBalancesRequest.h
@@ -181,21 +181,45 @@ namespace Model
 
     /**
      * <p>The maximum number of token balances to return.</p>
+     * <p>Default:<code>100</code> </p>  <p>Even if additional results can be
+     * retrieved, the request can return less results than <code>maxResults</code> or
+     * an empty array of results.</p> <p>To retrieve the next set of results, make
+     * another request with the returned <code>nextToken</code> value. The value of
+     * <code>nextToken</code> is <code>null</code> when there are no more results to
+     * return</p> 
      */
     inline int GetMaxResults() const{ return m_maxResults; }
 
     /**
      * <p>The maximum number of token balances to return.</p>
+     * <p>Default:<code>100</code> </p>  <p>Even if additional results can be
+     * retrieved, the request can return less results than <code>maxResults</code> or
+     * an empty array of results.</p> <p>To retrieve the next set of results, make
+     * another request with the returned <code>nextToken</code> value. The value of
+     * <code>nextToken</code> is <code>null</code> when there are no more results to
+     * return</p> 
      */
     inline bool MaxResultsHasBeenSet() const { return m_maxResultsHasBeenSet; }
 
     /**
      * <p>The maximum number of token balances to return.</p>
+     * <p>Default:<code>100</code> </p>  <p>Even if additional results can be
+     * retrieved, the request can return less results than <code>maxResults</code> or
+     * an empty array of results.</p> <p>To retrieve the next set of results, make
+     * another request with the returned <code>nextToken</code> value. The value of
+     * <code>nextToken</code> is <code>null</code> when there are no more results to
+     * return</p> 
      */
     inline void SetMaxResults(int value) { m_maxResultsHasBeenSet = true; m_maxResults = value; }
 
     /**
      * <p>The maximum number of token balances to return.</p>
+     * <p>Default:<code>100</code> </p>  <p>Even if additional results can be
+     * retrieved, the request can return less results than <code>maxResults</code> or
+     * an empty array of results.</p> <p>To retrieve the next set of results, make
+     * another request with the returned <code>nextToken</code> value. The value of
+     * <code>nextToken</code> is <code>null</code> when there are no more results to
+     * return</p> 
      */
     inline ListTokenBalancesRequest& WithMaxResults(int value) { SetMaxResults(value); return *this;}
 
diff --git a/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/ListTransactionEventsRequest.h b/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/ListTransactionEventsRequest.h
index bceb53fb722..396c429a635 100644
--- a/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/ListTransactionEventsRequest.h
+++ b/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/ListTransactionEventsRequest.h
@@ -155,42 +155,46 @@ namespace Model
 
 
     /**
-     * <p>The maximum number of transaction events to list.</p>  <p>Even if
-     * additional results can be retrieved, the request can return less results than
-     * <code>maxResults</code> or an empty array of results.</p> <p>To retrieve the
-     * next set of results, make another request with the returned
-     * <code>nextToken</code> value. The value of <code>nextToken</code> is
-     * <code>null</code> when there are no more results to return</p> 
+     * <p>The maximum number of transaction events to list.</p>
+     * <p>Default:<code>100</code> </p>  <p>Even if additional results can be
+     * retrieved, the request can return less results than <code>maxResults</code> or
+     * an empty array of results.</p> <p>To retrieve the next set of results, make
+     * another request with the returned <code>nextToken</code> value. The value of
+     * <code>nextToken</code> is <code>null</code> when there are no more results to
+     * return</p> 
      */
     inline int GetMaxResults() const{ return m_maxResults; }
 
     /**
-     * <p>The maximum number of transaction events to list.</p>  <p>Even if
-     * additional results can be retrieved, the request can return less results than
-     * <code>maxResults</code> or an empty array of results.</p> <p>To retrieve the
-     * next set of results, make another request with the returned
-     * <code>nextToken</code> value. The value of <code>nextToken</code> is
-     * <code>null</code> when there are no more results to return</p> 
+     * <p>The maximum number of transaction events to list.</p>
+     * <p>Default:<code>100</code> </p>  <p>Even if additional results can be
+     * retrieved, the request can return less results than <code>maxResults</code> or
+     * an empty array of results.</p> <p>To retrieve the next set of results, make
+     * another request with the returned <code>nextToken</code> value. The value of
+     * <code>nextToken</code> is <code>null</code> when there are no more results to
+     * return</p> 
      */
     inline bool MaxResultsHasBeenSet() const { return m_maxResultsHasBeenSet; }
 
     /**
-     * <p>The maximum number of transaction events to list.</p>  <p>Even if
-     * additional results can be retrieved, the request can return less results than
-     * <code>maxResults</code> or an empty array of results.</p> <p>To retrieve the
-     * next set of results, make another request with the returned
-     * <code>nextToken</code> value. The value of <code>nextToken</code> is
-     * <code>null</code> when there are no more results to return</p> 
+     * <p>The maximum number of transaction events to list.</p>
+     * <p>Default:<code>100</code> </p>  <p>Even if additional results can be
+     * retrieved, the request can return less results than <code>maxResults</code> or
+     * an empty array of results.</p> <p>To retrieve the next set of results, make
+     * another request with the returned <code>nextToken</code> value. The value of
+     * <code>nextToken</code> is <code>null</code> when there are no more results to
+     * return</p> 
      */
     inline void SetMaxResults(int value) { m_maxResultsHasBeenSet = true; m_maxResults = value; }
 
     /**
-     * <p>The maximum number of transaction events to list.</p>  <p>Even if
-     * additional results can be retrieved, the request can return less results than
-     * <code>maxResults</code> or an empty array of results.</p> <p>To retrieve the
-     * next set of results, make another request with the returned
-     * <code>nextToken</code> value. The value of <code>nextToken</code> is
-     * <code>null</code> when there are no more results to return</p> 
+     * <p>The maximum number of transaction events to list.</p>
+     * <p>Default:<code>100</code> </p>  <p>Even if additional results can be
+     * retrieved, the request can return less results than <code>maxResults</code> or
+     * an empty array of results.</p> <p>To retrieve the next set of results, make
+     * another request with the returned <code>nextToken</code> value. The value of
+     * <code>nextToken</code> is <code>null</code> when there are no more results to
+     * return</p> 
      */
     inline ListTransactionEventsRequest& WithMaxResults(int value) { SetMaxResults(value); return *this;}
 
diff --git a/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/ListTransactionsRequest.h b/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/ListTransactionsRequest.h
index 7c029a574c9..a18142b9719 100644
--- a/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/ListTransactionsRequest.h
+++ b/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/ListTransactionsRequest.h
@@ -10,6 +10,7 @@
 #include <aws/managedblockchain-query/model/QueryNetwork.h>
 #include <aws/managedblockchain-query/model/BlockchainInstant.h>
 #include <aws/managedblockchain-query/model/ListTransactionsSort.h>
+#include <aws/managedblockchain-query/model/ConfirmationStatusFilter.h>
 #include <utility>
 
 namespace Aws
@@ -154,44 +155,38 @@ namespace Model
 
 
     /**
-     * <p>Sorts items in an ascending order if the first page starts at
-     * <code>fromTime</code>. Sorts items in a descending order if the first page
-     * starts at <code>toTime</code>.</p>
+     * <p>The order by which the results will be sorted. If <code>ASCENNDING</code> is
+     * selected, the results will be ordered by <code>fromTime</code>. </p>
      */
     inline const ListTransactionsSort& GetSort() const{ return m_sort; }
 
     /**
-     * <p>Sorts items in an ascending order if the first page starts at
-     * <code>fromTime</code>. Sorts items in a descending order if the first page
-     * starts at <code>toTime</code>.</p>
+     * <p>The order by which the results will be sorted. If <code>ASCENNDING</code> is
+     * selected, the results will be ordered by <code>fromTime</code>. </p>
      */
     inline bool SortHasBeenSet() const { return m_sortHasBeenSet; }
 
     /**
-     * <p>Sorts items in an ascending order if the first page starts at
-     * <code>fromTime</code>. Sorts items in a descending order if the first page
-     * starts at <code>toTime</code>.</p>
+     * <p>The order by which the results will be sorted. If <code>ASCENNDING</code> is
+     * selected, the results will be ordered by <code>fromTime</code>. </p>
      */
     inline void SetSort(const ListTransactionsSort& value) { m_sortHasBeenSet = true; m_sort = value; }
 
     /**
-     * <p>Sorts items in an ascending order if the first page starts at
-     * <code>fromTime</code>. Sorts items in a descending order if the first page
-     * starts at <code>toTime</code>.</p>
+     * <p>The order by which the results will be sorted. If <code>ASCENNDING</code> is
+     * selected, the results will be ordered by <code>fromTime</code>. </p>
      */
     inline void SetSort(ListTransactionsSort&& value) { m_sortHasBeenSet = true; m_sort = std::move(value); }
 
     /**
-     * <p>Sorts items in an ascending order if the first page starts at
-     * <code>fromTime</code>. Sorts items in a descending order if the first page
-     * starts at <code>toTime</code>.</p>
+     * <p>The order by which the results will be sorted. If <code>ASCENNDING</code> is
+     * selected, the results will be ordered by <code>fromTime</code>. </p>
      */
     inline ListTransactionsRequest& WithSort(const ListTransactionsSort& value) { SetSort(value); return *this;}
 
     /**
-     * <p>Sorts items in an ascending order if the first page starts at
-     * <code>fromTime</code>. Sorts items in a descending order if the first page
-     * starts at <code>toTime</code>.</p>
+     * <p>The order by which the results will be sorted. If <code>ASCENNDING</code> is
+     * selected, the results will be ordered by <code>fromTime</code>. </p>
      */
     inline ListTransactionsRequest& WithSort(ListTransactionsSort&& value) { SetSort(std::move(value)); return *this;}
 
@@ -238,45 +233,100 @@ namespace Model
 
 
     /**
-     * <p>The maximum number of transactions to list.</p>  <p>Even if additional
-     * results can be retrieved, the request can return less results than
-     * <code>maxResults</code> or an empty array of results.</p> <p>To retrieve the
-     * next set of results, make another request with the returned
-     * <code>nextToken</code> value. The value of <code>nextToken</code> is
-     * <code>null</code> when there are no more results to return</p> 
+     * <p>The maximum number of transactions to list.</p> <p>Default:<code>100</code>
+     * </p>  <p>Even if additional results can be retrieved, the request can
+     * return less results than <code>maxResults</code> or an empty array of
+     * results.</p> <p>To retrieve the next set of results, make another request with
+     * the returned <code>nextToken</code> value. The value of <code>nextToken</code>
+     * is <code>null</code> when there are no more results to return</p> 
      */
     inline int GetMaxResults() const{ return m_maxResults; }
 
     /**
-     * <p>The maximum number of transactions to list.</p>  <p>Even if additional
-     * results can be retrieved, the request can return less results than
-     * <code>maxResults</code> or an empty array of results.</p> <p>To retrieve the
-     * next set of results, make another request with the returned
-     * <code>nextToken</code> value. The value of <code>nextToken</code> is
-     * <code>null</code> when there are no more results to return</p> 
+     * <p>The maximum number of transactions to list.</p> <p>Default:<code>100</code>
+     * </p>  <p>Even if additional results can be retrieved, the request can
+     * return less results than <code>maxResults</code> or an empty array of
+     * results.</p> <p>To retrieve the next set of results, make another request with
+     * the returned <code>nextToken</code> value. The value of <code>nextToken</code>
+     * is <code>null</code> when there are no more results to return</p> 
      */
     inline bool MaxResultsHasBeenSet() const { return m_maxResultsHasBeenSet; }
 
     /**
-     * <p>The maximum number of transactions to list.</p>  <p>Even if additional
-     * results can be retrieved, the request can return less results than
-     * <code>maxResults</code> or an empty array of results.</p> <p>To retrieve the
-     * next set of results, make another request with the returned
-     * <code>nextToken</code> value. The value of <code>nextToken</code> is
-     * <code>null</code> when there are no more results to return</p> 
+     * <p>The maximum number of transactions to list.</p> <p>Default:<code>100</code>
+     * </p>  <p>Even if additional results can be retrieved, the request can
+     * return less results than <code>maxResults</code> or an empty array of
+     * results.</p> <p>To retrieve the next set of results, make another request with
+     * the returned <code>nextToken</code> value. The value of <code>nextToken</code>
+     * is <code>null</code> when there are no more results to return</p> 
      */
     inline void SetMaxResults(int value) { m_maxResultsHasBeenSet = true; m_maxResults = value; }
 
     /**
-     * <p>The maximum number of transactions to list.</p>  <p>Even if additional
-     * results can be retrieved, the request can return less results than
-     * <code>maxResults</code> or an empty array of results.</p> <p>To retrieve the
-     * next set of results, make another request with the returned
-     * <code>nextToken</code> value. The value of <code>nextToken</code> is
-     * <code>null</code> when there are no more results to return</p> 
+     * <p>The maximum number of transactions to list.</p> <p>Default:<code>100</code>
+     * </p>  <p>Even if additional results can be retrieved, the request can
+     * return less results than <code>maxResults</code> or an empty array of
+     * results.</p> <p>To retrieve the next set of results, make another request with
+     * the returned <code>nextToken</code> value. The value of <code>nextToken</code>
+     * is <code>null</code> when there are no more results to return</p> 
      */
     inline ListTransactionsRequest& WithMaxResults(int value) { SetMaxResults(value); return *this;}
 
+
+    /**
+     * <p>This filter is used to include transactions in the response that haven't
+     * reached <a
+     * href="https://docs.aws.amazon.com/managed-blockchain/latest/ambq-dg/key-concepts.html#finality">
+     * <i>finality</i> </a>. Transactions that have reached finiality are always part
+     * of the response.</p>
+     */
+    inline const ConfirmationStatusFilter& GetConfirmationStatusFilter() const{ return m_confirmationStatusFilter; }
+
+    /**
+     * <p>This filter is used to include transactions in the response that haven't
+     * reached <a
+     * href="https://docs.aws.amazon.com/managed-blockchain/latest/ambq-dg/key-concepts.html#finality">
+     * <i>finality</i> </a>. Transactions that have reached finiality are always part
+     * of the response.</p>
+     */
+    inline bool ConfirmationStatusFilterHasBeenSet() const { return m_confirmationStatusFilterHasBeenSet; }
+
+    /**
+     * <p>This filter is used to include transactions in the response that haven't
+     * reached <a
+     * href="https://docs.aws.amazon.com/managed-blockchain/latest/ambq-dg/key-concepts.html#finality">
+     * <i>finality</i> </a>. Transactions that have reached finiality are always part
+     * of the response.</p>
+     */
+    inline void SetConfirmationStatusFilter(const ConfirmationStatusFilter& value) { m_confirmationStatusFilterHasBeenSet = true; m_confirmationStatusFilter = value; }
+
+    /**
+     * <p>This filter is used to include transactions in the response that haven't
+     * reached <a
+     * href="https://docs.aws.amazon.com/managed-blockchain/latest/ambq-dg/key-concepts.html#finality">
+     * <i>finality</i> </a>. Transactions that have reached finiality are always part
+     * of the response.</p>
+     */
+    inline void SetConfirmationStatusFilter(ConfirmationStatusFilter&& value) { m_confirmationStatusFilterHasBeenSet = true; m_confirmationStatusFilter = std::move(value); }
+
+    /**
+     * <p>This filter is used to include transactions in the response that haven't
+     * reached <a
+     * href="https://docs.aws.amazon.com/managed-blockchain/latest/ambq-dg/key-concepts.html#finality">
+     * <i>finality</i> </a>. Transactions that have reached finiality are always part
+     * of the response.</p>
+     */
+    inline ListTransactionsRequest& WithConfirmationStatusFilter(const ConfirmationStatusFilter& value) { SetConfirmationStatusFilter(value); return *this;}
+
+    /**
+     * <p>This filter is used to include transactions in the response that haven't
+     * reached <a
+     * href="https://docs.aws.amazon.com/managed-blockchain/latest/ambq-dg/key-concepts.html#finality">
+     * <i>finality</i> </a>. Transactions that have reached finiality are always part
+     * of the response.</p>
+     */
+    inline ListTransactionsRequest& WithConfirmationStatusFilter(ConfirmationStatusFilter&& value) { SetConfirmationStatusFilter(std::move(value)); return *this;}
+
   private:
 
     Aws::String m_address;
@@ -299,6 +349,9 @@ namespace Model
 
     int m_maxResults;
     bool m_maxResultsHasBeenSet = false;
+
+    ConfirmationStatusFilter m_confirmationStatusFilter;
+    bool m_confirmationStatusFilterHasBeenSet = false;
   };
 
 } // namespace Model
diff --git a/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/TokenIdentifier.h b/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/TokenIdentifier.h
index b0649503512..b10b1a16f37 100644
--- a/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/TokenIdentifier.h
+++ b/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/TokenIdentifier.h
@@ -26,8 +26,8 @@ namespace Model
 
   /**
    * <p>The container for the identifier for the token including the unique token ID
-   * and its blockchain network.</p>  <p>Only the native tokens BTC,ETH, and
-   * the ERC-20, ERC-721, and ERC 1155 token standards are supported.</p>
+   * and its blockchain network.</p>  <p>Only the native tokens BTC and ETH,
+   * and the ERC-20, ERC-721, and ERC 1155 token standards are supported.</p>
    * <p><h3>See Also:</h3>   <a
    * href="http://docs.aws.amazon.com/goto/WebAPI/managedblockchain-query-2023-05-04/TokenIdentifier">AWS
    * API Reference</a></p>
@@ -114,72 +114,72 @@ namespace Model
 
 
     /**
-     * <p>The unique identifier of the token.</p>  <p>You must specify this
-     * container with <code>btc</code> for the native BTC token, and <code>eth</code>
-     * for the native ETH token. For all other token types you must specify the
+     * <p>The unique identifier of the token.</p>  <p>For native tokens, use the
+     * 3 character abbreviation that best matches your token. For example, btc for
+     * Bitcoin, eth for Ether, etc. For all other token types you must specify the
      * <code>tokenId</code> in the 64 character hexadecimal <code>tokenid</code>
      * format.</p> 
      */
     inline const Aws::String& GetTokenId() const{ return m_tokenId; }
 
     /**
-     * <p>The unique identifier of the token.</p>  <p>You must specify this
-     * container with <code>btc</code> for the native BTC token, and <code>eth</code>
-     * for the native ETH token. For all other token types you must specify the
+     * <p>The unique identifier of the token.</p>  <p>For native tokens, use the
+     * 3 character abbreviation that best matches your token. For example, btc for
+     * Bitcoin, eth for Ether, etc. For all other token types you must specify the
      * <code>tokenId</code> in the 64 character hexadecimal <code>tokenid</code>
      * format.</p> 
      */
     inline bool TokenIdHasBeenSet() const { return m_tokenIdHasBeenSet; }
 
     /**
-     * <p>The unique identifier of the token.</p>  <p>You must specify this
-     * container with <code>btc</code> for the native BTC token, and <code>eth</code>
-     * for the native ETH token. For all other token types you must specify the
+     * <p>The unique identifier of the token.</p>  <p>For native tokens, use the
+     * 3 character abbreviation that best matches your token. For example, btc for
+     * Bitcoin, eth for Ether, etc. For all other token types you must specify the
      * <code>tokenId</code> in the 64 character hexadecimal <code>tokenid</code>
      * format.</p> 
      */
     inline void SetTokenId(const Aws::String& value) { m_tokenIdHasBeenSet = true; m_tokenId = value; }
 
     /**
-     * <p>The unique identifier of the token.</p>  <p>You must specify this
-     * container with <code>btc</code> for the native BTC token, and <code>eth</code>
-     * for the native ETH token. For all other token types you must specify the
+     * <p>The unique identifier of the token.</p>  <p>For native tokens, use the
+     * 3 character abbreviation that best matches your token. For example, btc for
+     * Bitcoin, eth for Ether, etc. For all other token types you must specify the
      * <code>tokenId</code> in the 64 character hexadecimal <code>tokenid</code>
      * format.</p> 
      */
     inline void SetTokenId(Aws::String&& value) { m_tokenIdHasBeenSet = true; m_tokenId = std::move(value); }
 
     /**
-     * <p>The unique identifier of the token.</p>  <p>You must specify this
-     * container with <code>btc</code> for the native BTC token, and <code>eth</code>
-     * for the native ETH token. For all other token types you must specify the
+     * <p>The unique identifier of the token.</p>  <p>For native tokens, use the
+     * 3 character abbreviation that best matches your token. For example, btc for
+     * Bitcoin, eth for Ether, etc. For all other token types you must specify the
      * <code>tokenId</code> in the 64 character hexadecimal <code>tokenid</code>
      * format.</p> 
      */
     inline void SetTokenId(const char* value) { m_tokenIdHasBeenSet = true; m_tokenId.assign(value); }
 
     /**
-     * <p>The unique identifier of the token.</p>  <p>You must specify this
-     * container with <code>btc</code> for the native BTC token, and <code>eth</code>
-     * for the native ETH token. For all other token types you must specify the
+     * <p>The unique identifier of the token.</p>  <p>For native tokens, use the
+     * 3 character abbreviation that best matches your token. For example, btc for
+     * Bitcoin, eth for Ether, etc. For all other token types you must specify the
      * <code>tokenId</code> in the 64 character hexadecimal <code>tokenid</code>
      * format.</p> 
      */
     inline TokenIdentifier& WithTokenId(const Aws::String& value) { SetTokenId(value); return *this;}
 
     /**
-     * <p>The unique identifier of the token.</p>  <p>You must specify this
-     * container with <code>btc</code> for the native BTC token, and <code>eth</code>
-     * for the native ETH token. For all other token types you must specify the
+     * <p>The unique identifier of the token.</p>  <p>For native tokens, use the
+     * 3 character abbreviation that best matches your token. For example, btc for
+     * Bitcoin, eth for Ether, etc. For all other token types you must specify the
      * <code>tokenId</code> in the 64 character hexadecimal <code>tokenid</code>
      * format.</p> 
      */
     inline TokenIdentifier& WithTokenId(Aws::String&& value) { SetTokenId(std::move(value)); return *this;}
 
     /**
-     * <p>The unique identifier of the token.</p>  <p>You must specify this
-     * container with <code>btc</code> for the native BTC token, and <code>eth</code>
-     * for the native ETH token. For all other token types you must specify the
+     * <p>The unique identifier of the token.</p>  <p>For native tokens, use the
+     * 3 character abbreviation that best matches your token. For example, btc for
+     * Bitcoin, eth for Ether, etc. For all other token types you must specify the
      * <code>tokenId</code> in the 64 character hexadecimal <code>tokenid</code>
      * format.</p> 
      */
diff --git a/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/TransactionOutputItem.h b/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/TransactionOutputItem.h
index 82211a5bcfa..43d0340c296 100644
--- a/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/TransactionOutputItem.h
+++ b/generated/src/aws-cpp-sdk-managedblockchain-query/include/aws/managedblockchain-query/model/TransactionOutputItem.h
@@ -8,6 +8,7 @@
 #include <aws/core/utils/memory/stl/AWSString.h>
 #include <aws/managedblockchain-query/model/QueryNetwork.h>
 #include <aws/core/utils/DateTime.h>
+#include <aws/managedblockchain-query/model/ConfirmationStatus.h>
 #include <utility>
 
 namespace Aws
@@ -149,6 +150,37 @@ namespace Model
      */
     inline TransactionOutputItem& WithTransactionTimestamp(Aws::Utils::DateTime&& value) { SetTransactionTimestamp(std::move(value)); return *this;}
 
+
+    /**
+     * <p>Specifies whether to list transactions that have not reached Finality.</p>
+     */
+    inline const ConfirmationStatus& GetConfirmationStatus() const{ return m_confirmationStatus; }
+
+    /**
+     * <p>Specifies whether to list transactions that have not reached Finality.</p>
+     */
+    inline bool ConfirmationStatusHasBeenSet() const { return m_confirmationStatusHasBeenSet; }
+
+    /**
+     * <p>Specifies whether to list transactions that have not reached Finality.</p>
+     */
+    inline void SetConfirmationStatus(const ConfirmationStatus& value) { m_confirmationStatusHasBeenSet = true; m_confirmationStatus = value; }
+
+    /**
+     * <p>Specifies whether to list transactions that have not reached Finality.</p>
+     */
+    inline void SetConfirmationStatus(ConfirmationStatus&& value) { m_confirmationStatusHasBeenSet = true; m_confirmationStatus = std::move(value); }
+
+    /**
+     * <p>Specifies whether to list transactions that have not reached Finality.</p>
+     */
+    inline TransactionOutputItem& WithConfirmationStatus(const ConfirmationStatus& value) { SetConfirmationStatus(value); return *this;}
+
+    /**
+     * <p>Specifies whether to list transactions that have not reached Finality.</p>
+     */
+    inline TransactionOutputItem& WithConfirmationStatus(ConfirmationStatus&& value) { SetConfirmationStatus(std::move(value)); return *this;}
+
   private:
 
     Aws::String m_transactionHash;
@@ -159,6 +191,9 @@ namespace Model
 
     Aws::Utils::DateTime m_transactionTimestamp;
     bool m_transactionTimestampHasBeenSet = false;
+
+    ConfirmationStatus m_confirmationStatus;
+    bool m_confirmationStatusHasBeenSet = false;
   };
 
 } // namespace Model
diff --git a/generated/src/aws-cpp-sdk-managedblockchain-query/source/model/ConfirmationStatus.cpp b/generated/src/aws-cpp-sdk-managedblockchain-query/source/model/ConfirmationStatus.cpp
index 28d7694457c..0c42ead1498 100644
--- a/generated/src/aws-cpp-sdk-managedblockchain-query/source/model/ConfirmationStatus.cpp
+++ b/generated/src/aws-cpp-sdk-managedblockchain-query/source/model/ConfirmationStatus.cpp
@@ -21,6 +21,7 @@ namespace Aws
       {
 
         static const int FINAL_HASH = HashingUtils::HashString("FINAL");
+        static const int NONFINAL_HASH = HashingUtils::HashString("NONFINAL");
 
 
         ConfirmationStatus GetConfirmationStatusForName(const Aws::String& name)
@@ -30,6 +31,10 @@ namespace Aws
           {
             return ConfirmationStatus::FINAL;
           }
+          else if (hashCode == NONFINAL_HASH)
+          {
+            return ConfirmationStatus::NONFINAL;
+          }
           EnumParseOverflowContainer* overflowContainer = Aws::GetEnumOverflowContainer();
           if(overflowContainer)
           {
@@ -48,6 +53,8 @@ namespace Aws
             return {};
           case ConfirmationStatus::FINAL:
             return "FINAL";
+          case ConfirmationStatus::NONFINAL:
+            return "NONFINAL";
           default:
             EnumParseOverflowContainer* overflowContainer = Aws::GetEnumOverflowContainer();
             if(overflowContainer)
diff --git a/generated/src/aws-cpp-sdk-managedblockchain-query/source/model/ConfirmationStatusFilter.cpp b/generated/src/aws-cpp-sdk-managedblockchain-query/source/model/ConfirmationStatusFilter.cpp
new file mode 100644
index 00000000000..9c64f0db20a
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-managedblockchain-query/source/model/ConfirmationStatusFilter.cpp
@@ -0,0 +1,67 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/managedblockchain-query/model/ConfirmationStatusFilter.h>
+#include <aws/core/utils/json/JsonSerializer.h>
+
+#include <utility>
+
+using namespace Aws::Utils::Json;
+using namespace Aws::Utils;
+
+namespace Aws
+{
+namespace ManagedBlockchainQuery
+{
+namespace Model
+{
+
+ConfirmationStatusFilter::ConfirmationStatusFilter() : 
+    m_includeHasBeenSet(false)
+{
+}
+
+ConfirmationStatusFilter::ConfirmationStatusFilter(JsonView jsonValue) : 
+    m_includeHasBeenSet(false)
+{
+  *this = jsonValue;
+}
+
+ConfirmationStatusFilter& ConfirmationStatusFilter::operator =(JsonView jsonValue)
+{
+  if(jsonValue.ValueExists("include"))
+  {
+    Aws::Utils::Array<JsonView> includeJsonList = jsonValue.GetArray("include");
+    for(unsigned includeIndex = 0; includeIndex < includeJsonList.GetLength(); ++includeIndex)
+    {
+      m_include.push_back(ConfirmationStatusMapper::GetConfirmationStatusForName(includeJsonList[includeIndex].AsString()));
+    }
+    m_includeHasBeenSet = true;
+  }
+
+  return *this;
+}
+
+JsonValue ConfirmationStatusFilter::Jsonize() const
+{
+  JsonValue payload;
+
+  if(m_includeHasBeenSet)
+  {
+   Aws::Utils::Array<JsonValue> includeJsonList(m_include.size());
+   for(unsigned includeIndex = 0; includeIndex < includeJsonList.GetLength(); ++includeIndex)
+   {
+     includeJsonList[includeIndex].AsString(ConfirmationStatusMapper::GetNameForConfirmationStatus(m_include[includeIndex]));
+   }
+   payload.WithArray("include", std::move(includeJsonList));
+
+  }
+
+  return payload;
+}
+
+} // namespace Model
+} // namespace ManagedBlockchainQuery
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-managedblockchain-query/source/model/ListTransactionsRequest.cpp b/generated/src/aws-cpp-sdk-managedblockchain-query/source/model/ListTransactionsRequest.cpp
index 22e7ccb9a2a..75f90a15433 100644
--- a/generated/src/aws-cpp-sdk-managedblockchain-query/source/model/ListTransactionsRequest.cpp
+++ b/generated/src/aws-cpp-sdk-managedblockchain-query/source/model/ListTransactionsRequest.cpp
@@ -21,7 +21,8 @@ ListTransactionsRequest::ListTransactionsRequest() :
     m_sortHasBeenSet(false),
     m_nextTokenHasBeenSet(false),
     m_maxResults(0),
-    m_maxResultsHasBeenSet(false)
+    m_maxResultsHasBeenSet(false),
+    m_confirmationStatusFilterHasBeenSet(false)
 {
 }
 
@@ -70,6 +71,12 @@ Aws::String ListTransactionsRequest::SerializePayload() const
 
   }
 
+  if(m_confirmationStatusFilterHasBeenSet)
+  {
+   payload.WithObject("confirmationStatusFilter", m_confirmationStatusFilter.Jsonize());
+
+  }
+
   return payload.View().WriteReadable();
 }
 
diff --git a/generated/src/aws-cpp-sdk-managedblockchain-query/source/model/TransactionOutputItem.cpp b/generated/src/aws-cpp-sdk-managedblockchain-query/source/model/TransactionOutputItem.cpp
index 3139bf3e79b..0511c8256a3 100644
--- a/generated/src/aws-cpp-sdk-managedblockchain-query/source/model/TransactionOutputItem.cpp
+++ b/generated/src/aws-cpp-sdk-managedblockchain-query/source/model/TransactionOutputItem.cpp
@@ -22,7 +22,9 @@ TransactionOutputItem::TransactionOutputItem() :
     m_transactionHashHasBeenSet(false),
     m_network(QueryNetwork::NOT_SET),
     m_networkHasBeenSet(false),
-    m_transactionTimestampHasBeenSet(false)
+    m_transactionTimestampHasBeenSet(false),
+    m_confirmationStatus(ConfirmationStatus::NOT_SET),
+    m_confirmationStatusHasBeenSet(false)
 {
 }
 
@@ -30,7 +32,9 @@ TransactionOutputItem::TransactionOutputItem(JsonView jsonValue) :
     m_transactionHashHasBeenSet(false),
     m_network(QueryNetwork::NOT_SET),
     m_networkHasBeenSet(false),
-    m_transactionTimestampHasBeenSet(false)
+    m_transactionTimestampHasBeenSet(false),
+    m_confirmationStatus(ConfirmationStatus::NOT_SET),
+    m_confirmationStatusHasBeenSet(false)
 {
   *this = jsonValue;
 }
@@ -58,6 +62,13 @@ TransactionOutputItem& TransactionOutputItem::operator =(JsonView jsonValue)
     m_transactionTimestampHasBeenSet = true;
   }
 
+  if(jsonValue.ValueExists("confirmationStatus"))
+  {
+    m_confirmationStatus = ConfirmationStatusMapper::GetConfirmationStatusForName(jsonValue.GetString("confirmationStatus"));
+
+    m_confirmationStatusHasBeenSet = true;
+  }
+
   return *this;
 }
 
@@ -81,6 +92,11 @@ JsonValue TransactionOutputItem::Jsonize() const
    payload.WithDouble("transactionTimestamp", m_transactionTimestamp.SecondsWithMSPrecision());
   }
 
+  if(m_confirmationStatusHasBeenSet)
+  {
+   payload.WithString("confirmationStatus", ConfirmationStatusMapper::GetNameForConfirmationStatus(m_confirmationStatus));
+  }
+
   return payload;
 }
 
diff --git a/generated/src/aws-cpp-sdk-mediaconvert/include/aws/mediaconvert/MediaConvertClient.h b/generated/src/aws-cpp-sdk-mediaconvert/include/aws/mediaconvert/MediaConvertClient.h
index f2d0a2f764a..a72d0e506fe 100644
--- a/generated/src/aws-cpp-sdk-mediaconvert/include/aws/mediaconvert/MediaConvertClient.h
+++ b/generated/src/aws-cpp-sdk-mediaconvert/include/aws/mediaconvert/MediaConvertClient.h
@@ -339,32 +339,6 @@ namespace MediaConvert
             return SubmitAsync(&MediaConvertClient::DeleteQueue, request, handler, context);
         }
 
-        /**
-         * Send an request with an empty body to the regional API endpoint to get your
-         * account API endpoint.<p><h3>See Also:</h3>   <a
-         * href="http://docs.aws.amazon.com/goto/WebAPI/mediaconvert-2017-08-29/DescribeEndpoints">AWS
-         * API Reference</a></p>
-         */
-        virtual Model::DescribeEndpointsOutcome DescribeEndpoints(const Model::DescribeEndpointsRequest& request) const;
-
-        /**
-         * A Callable wrapper for DescribeEndpoints that returns a future to the operation so that it can be executed in parallel to other requests.
-         */
-        template<typename DescribeEndpointsRequestT = Model::DescribeEndpointsRequest>
-        Model::DescribeEndpointsOutcomeCallable DescribeEndpointsCallable(const DescribeEndpointsRequestT& request) const
-        {
-            return SubmitCallable(&MediaConvertClient::DescribeEndpoints, request);
-        }
-
-        /**
-         * An Async wrapper for DescribeEndpoints that queues the request into a thread executor and triggers associated callback when operation has finished.
-         */
-        template<typename DescribeEndpointsRequestT = Model::DescribeEndpointsRequest>
-        void DescribeEndpointsAsync(const DescribeEndpointsRequestT& request, const DescribeEndpointsResponseReceivedHandler& handler, const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context = nullptr) const
-        {
-            return SubmitAsync(&MediaConvertClient::DescribeEndpoints, request, handler, context);
-        }
-
         /**
          * Removes an association between the Amazon Resource Name (ARN) of an AWS
          * Certificate Manager (ACM) certificate and an AWS Elemental MediaConvert
diff --git a/generated/src/aws-cpp-sdk-mediaconvert/include/aws/mediaconvert/MediaConvertServiceClientModel.h b/generated/src/aws-cpp-sdk-mediaconvert/include/aws/mediaconvert/MediaConvertServiceClientModel.h
index 13f01e290bd..abdbe2457fc 100644
--- a/generated/src/aws-cpp-sdk-mediaconvert/include/aws/mediaconvert/MediaConvertServiceClientModel.h
+++ b/generated/src/aws-cpp-sdk-mediaconvert/include/aws/mediaconvert/MediaConvertServiceClientModel.h
@@ -28,7 +28,6 @@
 #include <aws/mediaconvert/model/DeletePolicyResult.h>
 #include <aws/mediaconvert/model/DeletePresetResult.h>
 #include <aws/mediaconvert/model/DeleteQueueResult.h>
-#include <aws/mediaconvert/model/DescribeEndpointsResult.h>
 #include <aws/mediaconvert/model/DisassociateCertificateResult.h>
 #include <aws/mediaconvert/model/GetJobResult.h>
 #include <aws/mediaconvert/model/GetJobTemplateResult.h>
@@ -96,7 +95,6 @@ namespace Aws
       class DeletePolicyRequest;
       class DeletePresetRequest;
       class DeleteQueueRequest;
-      class DescribeEndpointsRequest;
       class DisassociateCertificateRequest;
       class GetJobRequest;
       class GetJobTemplateRequest;
@@ -127,7 +125,6 @@ namespace Aws
       typedef Aws::Utils::Outcome<DeletePolicyResult, MediaConvertError> DeletePolicyOutcome;
       typedef Aws::Utils::Outcome<DeletePresetResult, MediaConvertError> DeletePresetOutcome;
       typedef Aws::Utils::Outcome<DeleteQueueResult, MediaConvertError> DeleteQueueOutcome;
-      typedef Aws::Utils::Outcome<DescribeEndpointsResult, MediaConvertError> DescribeEndpointsOutcome;
       typedef Aws::Utils::Outcome<DisassociateCertificateResult, MediaConvertError> DisassociateCertificateOutcome;
       typedef Aws::Utils::Outcome<GetJobResult, MediaConvertError> GetJobOutcome;
       typedef Aws::Utils::Outcome<GetJobTemplateResult, MediaConvertError> GetJobTemplateOutcome;
@@ -158,7 +155,6 @@ namespace Aws
       typedef std::future<DeletePolicyOutcome> DeletePolicyOutcomeCallable;
       typedef std::future<DeletePresetOutcome> DeletePresetOutcomeCallable;
       typedef std::future<DeleteQueueOutcome> DeleteQueueOutcomeCallable;
-      typedef std::future<DescribeEndpointsOutcome> DescribeEndpointsOutcomeCallable;
       typedef std::future<DisassociateCertificateOutcome> DisassociateCertificateOutcomeCallable;
       typedef std::future<GetJobOutcome> GetJobOutcomeCallable;
       typedef std::future<GetJobTemplateOutcome> GetJobTemplateOutcomeCallable;
@@ -192,7 +188,6 @@ namespace Aws
     typedef std::function<void(const MediaConvertClient*, const Model::DeletePolicyRequest&, const Model::DeletePolicyOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > DeletePolicyResponseReceivedHandler;
     typedef std::function<void(const MediaConvertClient*, const Model::DeletePresetRequest&, const Model::DeletePresetOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > DeletePresetResponseReceivedHandler;
     typedef std::function<void(const MediaConvertClient*, const Model::DeleteQueueRequest&, const Model::DeleteQueueOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > DeleteQueueResponseReceivedHandler;
-    typedef std::function<void(const MediaConvertClient*, const Model::DescribeEndpointsRequest&, const Model::DescribeEndpointsOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > DescribeEndpointsResponseReceivedHandler;
     typedef std::function<void(const MediaConvertClient*, const Model::DisassociateCertificateRequest&, const Model::DisassociateCertificateOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > DisassociateCertificateResponseReceivedHandler;
     typedef std::function<void(const MediaConvertClient*, const Model::GetJobRequest&, const Model::GetJobOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > GetJobResponseReceivedHandler;
     typedef std::function<void(const MediaConvertClient*, const Model::GetJobTemplateRequest&, const Model::GetJobTemplateOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > GetJobTemplateResponseReceivedHandler;
diff --git a/generated/src/aws-cpp-sdk-mediaconvert/include/aws/mediaconvert/model/AacSettings.h b/generated/src/aws-cpp-sdk-mediaconvert/include/aws/mediaconvert/model/AacSettings.h
index b6a0b4c10d4..2f857d39393 100644
--- a/generated/src/aws-cpp-sdk-mediaconvert/include/aws/mediaconvert/model/AacSettings.h
+++ b/generated/src/aws-cpp-sdk-mediaconvert/include/aws/mediaconvert/model/AacSettings.h
@@ -173,62 +173,32 @@ namespace Model
 
 
     /**
-     * Specify the AAC profile. For the widest player compatibility and where higher
-     * bitrates are acceptable: Keep the default profile, LC (AAC-LC) For improved
-     * audio performance at lower bitrates: Choose HEV1 or HEV2. HEV1 (AAC-HE v1) adds
-     * spectral band replication to improve speech audio at low bitrates. HEV2 (AAC-HE
-     * v2) adds parametric stereo, which optimizes for encoding stereo audio at very
-     * low bitrates.
+     * AAC Profile.
      */
     inline const AacCodecProfile& GetCodecProfile() const{ return m_codecProfile; }
 
     /**
-     * Specify the AAC profile. For the widest player compatibility and where higher
-     * bitrates are acceptable: Keep the default profile, LC (AAC-LC) For improved
-     * audio performance at lower bitrates: Choose HEV1 or HEV2. HEV1 (AAC-HE v1) adds
-     * spectral band replication to improve speech audio at low bitrates. HEV2 (AAC-HE
-     * v2) adds parametric stereo, which optimizes for encoding stereo audio at very
-     * low bitrates.
+     * AAC Profile.
      */
     inline bool CodecProfileHasBeenSet() const { return m_codecProfileHasBeenSet; }
 
     /**
-     * Specify the AAC profile. For the widest player compatibility and where higher
-     * bitrates are acceptable: Keep the default profile, LC (AAC-LC) For improved
-     * audio performance at lower bitrates: Choose HEV1 or HEV2. HEV1 (AAC-HE v1) adds
-     * spectral band replication to improve speech audio at low bitrates. HEV2 (AAC-HE
-     * v2) adds parametric stereo, which optimizes for encoding stereo audio at very
-     * low bitrates.
+     * AAC Profile.
      */
     inline void SetCodecProfile(const AacCodecProfile& value) { m_codecProfileHasBeenSet = true; m_codecProfile = value; }
 
     /**
-     * Specify the AAC profile. For the widest player compatibility and where higher
-     * bitrates are acceptable: Keep the default profile, LC (AAC-LC) For improved
-     * audio performance at lower bitrates: Choose HEV1 or HEV2. HEV1 (AAC-HE v1) adds
-     * spectral band replication to improve speech audio at low bitrates. HEV2 (AAC-HE
-     * v2) adds parametric stereo, which optimizes for encoding stereo audio at very
-     * low bitrates.
+     * AAC Profile.
      */
     inline void SetCodecProfile(AacCodecProfile&& value) { m_codecProfileHasBeenSet = true; m_codecProfile = std::move(value); }
 
     /**
-     * Specify the AAC profile. For the widest player compatibility and where higher
-     * bitrates are acceptable: Keep the default profile, LC (AAC-LC) For improved
-     * audio performance at lower bitrates: Choose HEV1 or HEV2. HEV1 (AAC-HE v1) adds
-     * spectral band replication to improve speech audio at low bitrates. HEV2 (AAC-HE
-     * v2) adds parametric stereo, which optimizes for encoding stereo audio at very
-     * low bitrates.
+     * AAC Profile.
      */
     inline AacSettings& WithCodecProfile(const AacCodecProfile& value) { SetCodecProfile(value); return *this;}
 
     /**
-     * Specify the AAC profile. For the widest player compatibility and where higher
-     * bitrates are acceptable: Keep the default profile, LC (AAC-LC) For improved
-     * audio performance at lower bitrates: Choose HEV1 or HEV2. HEV1 (AAC-HE v1) adds
-     * spectral band replication to improve speech audio at low bitrates. HEV2 (AAC-HE
-     * v2) adds parametric stereo, which optimizes for encoding stereo audio at very
-     * low bitrates.
+     * AAC Profile.
      */
     inline AacSettings& WithCodecProfile(AacCodecProfile&& value) { SetCodecProfile(std::move(value)); return *this;}
 
@@ -307,50 +277,32 @@ namespace Model
 
 
     /**
-     * Specify the AAC rate control mode. For a constant bitrate: Choose CBR. Your AAC
-     * output bitrate will be equal to the value that you choose for Bitrate. For a
-     * variable bitrate: Choose VBR. Your AAC output bitrate will vary according to
-     * your audio content and the value that you choose for Bitrate quality.
+     * Rate Control Mode.
      */
     inline const AacRateControlMode& GetRateControlMode() const{ return m_rateControlMode; }
 
     /**
-     * Specify the AAC rate control mode. For a constant bitrate: Choose CBR. Your AAC
-     * output bitrate will be equal to the value that you choose for Bitrate. For a
-     * variable bitrate: Choose VBR. Your AAC output bitrate will vary according to
-     * your audio content and the value that you choose for Bitrate quality.
+     * Rate Control Mode.
      */
     inline bool RateControlModeHasBeenSet() const { return m_rateControlModeHasBeenSet; }
 
     /**
-     * Specify the AAC rate control mode. For a constant bitrate: Choose CBR. Your AAC
-     * output bitrate will be equal to the value that you choose for Bitrate. For a
-     * variable bitrate: Choose VBR. Your AAC output bitrate will vary according to
-     * your audio content and the value that you choose for Bitrate quality.
+     * Rate Control Mode.
      */
     inline void SetRateControlMode(const AacRateControlMode& value) { m_rateControlModeHasBeenSet = true; m_rateControlMode = value; }
 
     /**
-     * Specify the AAC rate control mode. For a constant bitrate: Choose CBR. Your AAC
-     * output bitrate will be equal to the value that you choose for Bitrate. For a
-     * variable bitrate: Choose VBR. Your AAC output bitrate will vary according to
-     * your audio content and the value that you choose for Bitrate quality.
+     * Rate Control Mode.
      */
     inline void SetRateControlMode(AacRateControlMode&& value) { m_rateControlModeHasBeenSet = true; m_rateControlMode = std::move(value); }
 
     /**
-     * Specify the AAC rate control mode. For a constant bitrate: Choose CBR. Your AAC
-     * output bitrate will be equal to the value that you choose for Bitrate. For a
-     * variable bitrate: Choose VBR. Your AAC output bitrate will vary according to
-     * your audio content and the value that you choose for Bitrate quality.
+     * Rate Control Mode.
      */
     inline AacSettings& WithRateControlMode(const AacRateControlMode& value) { SetRateControlMode(value); return *this;}
 
     /**
-     * Specify the AAC rate control mode. For a constant bitrate: Choose CBR. Your AAC
-     * output bitrate will be equal to the value that you choose for Bitrate. For a
-     * variable bitrate: Choose VBR. Your AAC output bitrate will vary according to
-     * your audio content and the value that you choose for Bitrate quality.
+     * Rate Control Mode.
      */
     inline AacSettings& WithRateControlMode(AacRateControlMode&& value) { SetRateControlMode(std::move(value)); return *this;}
 
@@ -393,34 +345,50 @@ namespace Model
 
 
     /**
-     * Specify the AAC sample rate in samples per second (Hz). Valid sample rates
-     * depend on the AAC profile and Coding mode that you select. For a list of
-     * supported sample rates, see:
-     * https://docs.aws.amazon.com/mediaconvert/latest/ug/aac-support.html
+     * Specify the Sample rate in Hz. Valid sample rates depend on the Profile and
+     * Coding mode that you select. The following list shows valid sample rates for
+     * each Profile and Coding mode. * LC Profile, Coding mode 1.0, 2.0, and Receiver
+     * Mix: 8000, 12000, 16000, 22050, 24000, 32000, 44100, 48000, 88200, 96000. * LC
+     * Profile, Coding mode 5.1: 32000, 44100, 48000, 96000. * HEV1 Profile, Coding
+     * mode 1.0 and Receiver Mix: 22050, 24000, 32000, 44100, 48000. * HEV1 Profile,
+     * Coding mode 2.0 and 5.1: 32000, 44100, 48000, 96000. * HEV2 Profile, Coding mode
+     * 2.0: 22050, 24000, 32000, 44100, 48000.
      */
     inline int GetSampleRate() const{ return m_sampleRate; }
 
     /**
-     * Specify the AAC sample rate in samples per second (Hz). Valid sample rates
-     * depend on the AAC profile and Coding mode that you select. For a list of
-     * supported sample rates, see:
-     * https://docs.aws.amazon.com/mediaconvert/latest/ug/aac-support.html
+     * Specify the Sample rate in Hz. Valid sample rates depend on the Profile and
+     * Coding mode that you select. The following list shows valid sample rates for
+     * each Profile and Coding mode. * LC Profile, Coding mode 1.0, 2.0, and Receiver
+     * Mix: 8000, 12000, 16000, 22050, 24000, 32000, 44100, 48000, 88200, 96000. * LC
+     * Profile, Coding mode 5.1: 32000, 44100, 48000, 96000. * HEV1 Profile, Coding
+     * mode 1.0 and Receiver Mix: 22050, 24000, 32000, 44100, 48000. * HEV1 Profile,
+     * Coding mode 2.0 and 5.1: 32000, 44100, 48000, 96000. * HEV2 Profile, Coding mode
+     * 2.0: 22050, 24000, 32000, 44100, 48000.
      */
     inline bool SampleRateHasBeenSet() const { return m_sampleRateHasBeenSet; }
 
     /**
-     * Specify the AAC sample rate in samples per second (Hz). Valid sample rates
-     * depend on the AAC profile and Coding mode that you select. For a list of
-     * supported sample rates, see:
-     * https://docs.aws.amazon.com/mediaconvert/latest/ug/aac-support.html
+     * Specify the Sample rate in Hz. Valid sample rates depend on the Profile and
+     * Coding mode that you select. The following list shows valid sample rates for
+     * each Profile and Coding mode. * LC Profile, Coding mode 1.0, 2.0, and Receiver
+     * Mix: 8000, 12000, 16000, 22050, 24000, 32000, 44100, 48000, 88200, 96000. * LC
+     * Profile, Coding mode 5.1: 32000, 44100, 48000, 96000. * HEV1 Profile, Coding
+     * mode 1.0 and Receiver Mix: 22050, 24000, 32000, 44100, 48000. * HEV1 Profile,
+     * Coding mode 2.0 and 5.1: 32000, 44100, 48000, 96000. * HEV2 Profile, Coding mode
+     * 2.0: 22050, 24000, 32000, 44100, 48000.
      */
     inline void SetSampleRate(int value) { m_sampleRateHasBeenSet = true; m_sampleRate = value; }
 
     /**
-     * Specify the AAC sample rate in samples per second (Hz). Valid sample rates
-     * depend on the AAC profile and Coding mode that you select. For a list of
-     * supported sample rates, see:
-     * https://docs.aws.amazon.com/mediaconvert/latest/ug/aac-support.html
+     * Specify the Sample rate in Hz. Valid sample rates depend on the Profile and
+     * Coding mode that you select. The following list shows valid sample rates for
+     * each Profile and Coding mode. * LC Profile, Coding mode 1.0, 2.0, and Receiver
+     * Mix: 8000, 12000, 16000, 22050, 24000, 32000, 44100, 48000, 88200, 96000. * LC
+     * Profile, Coding mode 5.1: 32000, 44100, 48000, 96000. * HEV1 Profile, Coding
+     * mode 1.0 and Receiver Mix: 22050, 24000, 32000, 44100, 48000. * HEV1 Profile,
+     * Coding mode 2.0 and 5.1: 32000, 44100, 48000, 96000. * HEV2 Profile, Coding mode
+     * 2.0: 22050, 24000, 32000, 44100, 48000.
      */
     inline AacSettings& WithSampleRate(int value) { SetSampleRate(value); return *this;}
 
@@ -463,44 +431,32 @@ namespace Model
 
 
     /**
-     * Specify the quality of your variable bitrate (VBR) AAC audio. For a list of
-     * approximate VBR bitrates, see:
-     * https://docs.aws.amazon.com/mediaconvert/latest/ug/aac-support.html#aac_vbr
+     * VBR Quality Level - Only used if rate_control_mode is VBR.
      */
     inline const AacVbrQuality& GetVbrQuality() const{ return m_vbrQuality; }
 
     /**
-     * Specify the quality of your variable bitrate (VBR) AAC audio. For a list of
-     * approximate VBR bitrates, see:
-     * https://docs.aws.amazon.com/mediaconvert/latest/ug/aac-support.html#aac_vbr
+     * VBR Quality Level - Only used if rate_control_mode is VBR.
      */
     inline bool VbrQualityHasBeenSet() const { return m_vbrQualityHasBeenSet; }
 
     /**
-     * Specify the quality of your variable bitrate (VBR) AAC audio. For a list of
-     * approximate VBR bitrates, see:
-     * https://docs.aws.amazon.com/mediaconvert/latest/ug/aac-support.html#aac_vbr
+     * VBR Quality Level - Only used if rate_control_mode is VBR.
      */
     inline void SetVbrQuality(const AacVbrQuality& value) { m_vbrQualityHasBeenSet = true; m_vbrQuality = value; }
 
     /**
-     * Specify the quality of your variable bitrate (VBR) AAC audio. For a list of
-     * approximate VBR bitrates, see:
-     * https://docs.aws.amazon.com/mediaconvert/latest/ug/aac-support.html#aac_vbr
+     * VBR Quality Level - Only used if rate_control_mode is VBR.
      */
     inline void SetVbrQuality(AacVbrQuality&& value) { m_vbrQualityHasBeenSet = true; m_vbrQuality = std::move(value); }
 
     /**
-     * Specify the quality of your variable bitrate (VBR) AAC audio. For a list of
-     * approximate VBR bitrates, see:
-     * https://docs.aws.amazon.com/mediaconvert/latest/ug/aac-support.html#aac_vbr
+     * VBR Quality Level - Only used if rate_control_mode is VBR.
      */
     inline AacSettings& WithVbrQuality(const AacVbrQuality& value) { SetVbrQuality(value); return *this;}
 
     /**
-     * Specify the quality of your variable bitrate (VBR) AAC audio. For a list of
-     * approximate VBR bitrates, see:
-     * https://docs.aws.amazon.com/mediaconvert/latest/ug/aac-support.html#aac_vbr
+     * VBR Quality Level - Only used if rate_control_mode is VBR.
      */
     inline AacSettings& WithVbrQuality(AacVbrQuality&& value) { SetVbrQuality(std::move(value)); return *this;}
 
diff --git a/generated/src/aws-cpp-sdk-mediaconvert/include/aws/mediaconvert/model/DescribeEndpointsRequest.h b/generated/src/aws-cpp-sdk-mediaconvert/include/aws/mediaconvert/model/DescribeEndpointsRequest.h
deleted file mode 100644
index 517b10bea0a..00000000000
--- a/generated/src/aws-cpp-sdk-mediaconvert/include/aws/mediaconvert/model/DescribeEndpointsRequest.h
+++ /dev/null
@@ -1,175 +0,0 @@
-/**
- * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
- * SPDX-License-Identifier: Apache-2.0.
- */
-
-#pragma once
-#include <aws/mediaconvert/MediaConvert_EXPORTS.h>
-#include <aws/mediaconvert/MediaConvertRequest.h>
-#include <aws/mediaconvert/model/DescribeEndpointsMode.h>
-#include <aws/core/utils/memory/stl/AWSString.h>
-#include <utility>
-
-namespace Aws
-{
-namespace MediaConvert
-{
-namespace Model
-{
-
-  /**
-   * DescribeEndpointsRequest<p><h3>See Also:</h3>   <a
-   * href="http://docs.aws.amazon.com/goto/WebAPI/mediaconvert-2017-08-29/DescribeEndpointsRequest">AWS
-   * API Reference</a></p>
-   */
-  class DescribeEndpointsRequest : public MediaConvertRequest
-  {
-  public:
-    AWS_MEDIACONVERT_API DescribeEndpointsRequest();
-
-    // Service request name is the Operation name which will send this request out,
-    // each operation should has unique request name, so that we can get operation's name from this request.
-    // Note: this is not true for response, multiple operations may have the same response name,
-    // so we can not get operation's name from response.
-    inline virtual const char* GetServiceRequestName() const override { return "DescribeEndpoints"; }
-
-    AWS_MEDIACONVERT_API Aws::String SerializePayload() const override;
-
-
-    /**
-     * Optional. Max number of endpoints, up to twenty, that will be returned at one
-     * time.
-     */
-    inline int GetMaxResults() const{ return m_maxResults; }
-
-    /**
-     * Optional. Max number of endpoints, up to twenty, that will be returned at one
-     * time.
-     */
-    inline bool MaxResultsHasBeenSet() const { return m_maxResultsHasBeenSet; }
-
-    /**
-     * Optional. Max number of endpoints, up to twenty, that will be returned at one
-     * time.
-     */
-    inline void SetMaxResults(int value) { m_maxResultsHasBeenSet = true; m_maxResults = value; }
-
-    /**
-     * Optional. Max number of endpoints, up to twenty, that will be returned at one
-     * time.
-     */
-    inline DescribeEndpointsRequest& WithMaxResults(int value) { SetMaxResults(value); return *this;}
-
-
-    /**
-     * Optional field, defaults to DEFAULT. Specify DEFAULT for this operation to
-     * return your endpoints if any exist, or to create an endpoint for you and return
-     * it if one doesn't already exist. Specify GET_ONLY to return your endpoints if
-     * any exist, or an empty list if none exist.
-     */
-    inline const DescribeEndpointsMode& GetMode() const{ return m_mode; }
-
-    /**
-     * Optional field, defaults to DEFAULT. Specify DEFAULT for this operation to
-     * return your endpoints if any exist, or to create an endpoint for you and return
-     * it if one doesn't already exist. Specify GET_ONLY to return your endpoints if
-     * any exist, or an empty list if none exist.
-     */
-    inline bool ModeHasBeenSet() const { return m_modeHasBeenSet; }
-
-    /**
-     * Optional field, defaults to DEFAULT. Specify DEFAULT for this operation to
-     * return your endpoints if any exist, or to create an endpoint for you and return
-     * it if one doesn't already exist. Specify GET_ONLY to return your endpoints if
-     * any exist, or an empty list if none exist.
-     */
-    inline void SetMode(const DescribeEndpointsMode& value) { m_modeHasBeenSet = true; m_mode = value; }
-
-    /**
-     * Optional field, defaults to DEFAULT. Specify DEFAULT for this operation to
-     * return your endpoints if any exist, or to create an endpoint for you and return
-     * it if one doesn't already exist. Specify GET_ONLY to return your endpoints if
-     * any exist, or an empty list if none exist.
-     */
-    inline void SetMode(DescribeEndpointsMode&& value) { m_modeHasBeenSet = true; m_mode = std::move(value); }
-
-    /**
-     * Optional field, defaults to DEFAULT. Specify DEFAULT for this operation to
-     * return your endpoints if any exist, or to create an endpoint for you and return
-     * it if one doesn't already exist. Specify GET_ONLY to return your endpoints if
-     * any exist, or an empty list if none exist.
-     */
-    inline DescribeEndpointsRequest& WithMode(const DescribeEndpointsMode& value) { SetMode(value); return *this;}
-
-    /**
-     * Optional field, defaults to DEFAULT. Specify DEFAULT for this operation to
-     * return your endpoints if any exist, or to create an endpoint for you and return
-     * it if one doesn't already exist. Specify GET_ONLY to return your endpoints if
-     * any exist, or an empty list if none exist.
-     */
-    inline DescribeEndpointsRequest& WithMode(DescribeEndpointsMode&& value) { SetMode(std::move(value)); return *this;}
-
-
-    /**
-     * Use this string, provided with the response to a previous request, to request
-     * the next batch of endpoints.
-     */
-    inline const Aws::String& GetNextToken() const{ return m_nextToken; }
-
-    /**
-     * Use this string, provided with the response to a previous request, to request
-     * the next batch of endpoints.
-     */
-    inline bool NextTokenHasBeenSet() const { return m_nextTokenHasBeenSet; }
-
-    /**
-     * Use this string, provided with the response to a previous request, to request
-     * the next batch of endpoints.
-     */
-    inline void SetNextToken(const Aws::String& value) { m_nextTokenHasBeenSet = true; m_nextToken = value; }
-
-    /**
-     * Use this string, provided with the response to a previous request, to request
-     * the next batch of endpoints.
-     */
-    inline void SetNextToken(Aws::String&& value) { m_nextTokenHasBeenSet = true; m_nextToken = std::move(value); }
-
-    /**
-     * Use this string, provided with the response to a previous request, to request
-     * the next batch of endpoints.
-     */
-    inline void SetNextToken(const char* value) { m_nextTokenHasBeenSet = true; m_nextToken.assign(value); }
-
-    /**
-     * Use this string, provided with the response to a previous request, to request
-     * the next batch of endpoints.
-     */
-    inline DescribeEndpointsRequest& WithNextToken(const Aws::String& value) { SetNextToken(value); return *this;}
-
-    /**
-     * Use this string, provided with the response to a previous request, to request
-     * the next batch of endpoints.
-     */
-    inline DescribeEndpointsRequest& WithNextToken(Aws::String&& value) { SetNextToken(std::move(value)); return *this;}
-
-    /**
-     * Use this string, provided with the response to a previous request, to request
-     * the next batch of endpoints.
-     */
-    inline DescribeEndpointsRequest& WithNextToken(const char* value) { SetNextToken(value); return *this;}
-
-  private:
-
-    int m_maxResults;
-    bool m_maxResultsHasBeenSet = false;
-
-    DescribeEndpointsMode m_mode;
-    bool m_modeHasBeenSet = false;
-
-    Aws::String m_nextToken;
-    bool m_nextTokenHasBeenSet = false;
-  };
-
-} // namespace Model
-} // namespace MediaConvert
-} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-mediaconvert/include/aws/mediaconvert/model/DescribeEndpointsResult.h b/generated/src/aws-cpp-sdk-mediaconvert/include/aws/mediaconvert/model/DescribeEndpointsResult.h
deleted file mode 100644
index 19347687666..00000000000
--- a/generated/src/aws-cpp-sdk-mediaconvert/include/aws/mediaconvert/model/DescribeEndpointsResult.h
+++ /dev/null
@@ -1,141 +0,0 @@
-/**
- * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
- * SPDX-License-Identifier: Apache-2.0.
- */
-
-#pragma once
-#include <aws/mediaconvert/MediaConvert_EXPORTS.h>
-#include <aws/core/utils/memory/stl/AWSVector.h>
-#include <aws/core/utils/memory/stl/AWSString.h>
-#include <aws/mediaconvert/model/Endpoint.h>
-#include <utility>
-
-namespace Aws
-{
-template<typename RESULT_TYPE>
-class AmazonWebServiceResult;
-
-namespace Utils
-{
-namespace Json
-{
-  class JsonValue;
-} // namespace Json
-} // namespace Utils
-namespace MediaConvert
-{
-namespace Model
-{
-  class DescribeEndpointsResult
-  {
-  public:
-    AWS_MEDIACONVERT_API DescribeEndpointsResult();
-    AWS_MEDIACONVERT_API DescribeEndpointsResult(const Aws::AmazonWebServiceResult<Aws::Utils::Json::JsonValue>& result);
-    AWS_MEDIACONVERT_API DescribeEndpointsResult& operator=(const Aws::AmazonWebServiceResult<Aws::Utils::Json::JsonValue>& result);
-
-
-    /**
-     * List of endpoints
-     */
-    inline const Aws::Vector<Endpoint>& GetEndpoints() const{ return m_endpoints; }
-
-    /**
-     * List of endpoints
-     */
-    inline void SetEndpoints(const Aws::Vector<Endpoint>& value) { m_endpoints = value; }
-
-    /**
-     * List of endpoints
-     */
-    inline void SetEndpoints(Aws::Vector<Endpoint>&& value) { m_endpoints = std::move(value); }
-
-    /**
-     * List of endpoints
-     */
-    inline DescribeEndpointsResult& WithEndpoints(const Aws::Vector<Endpoint>& value) { SetEndpoints(value); return *this;}
-
-    /**
-     * List of endpoints
-     */
-    inline DescribeEndpointsResult& WithEndpoints(Aws::Vector<Endpoint>&& value) { SetEndpoints(std::move(value)); return *this;}
-
-    /**
-     * List of endpoints
-     */
-    inline DescribeEndpointsResult& AddEndpoints(const Endpoint& value) { m_endpoints.push_back(value); return *this; }
-
-    /**
-     * List of endpoints
-     */
-    inline DescribeEndpointsResult& AddEndpoints(Endpoint&& value) { m_endpoints.push_back(std::move(value)); return *this; }
-
-
-    /**
-     * Use this string to request the next batch of endpoints.
-     */
-    inline const Aws::String& GetNextToken() const{ return m_nextToken; }
-
-    /**
-     * Use this string to request the next batch of endpoints.
-     */
-    inline void SetNextToken(const Aws::String& value) { m_nextToken = value; }
-
-    /**
-     * Use this string to request the next batch of endpoints.
-     */
-    inline void SetNextToken(Aws::String&& value) { m_nextToken = std::move(value); }
-
-    /**
-     * Use this string to request the next batch of endpoints.
-     */
-    inline void SetNextToken(const char* value) { m_nextToken.assign(value); }
-
-    /**
-     * Use this string to request the next batch of endpoints.
-     */
-    inline DescribeEndpointsResult& WithNextToken(const Aws::String& value) { SetNextToken(value); return *this;}
-
-    /**
-     * Use this string to request the next batch of endpoints.
-     */
-    inline DescribeEndpointsResult& WithNextToken(Aws::String&& value) { SetNextToken(std::move(value)); return *this;}
-
-    /**
-     * Use this string to request the next batch of endpoints.
-     */
-    inline DescribeEndpointsResult& WithNextToken(const char* value) { SetNextToken(value); return *this;}
-
-
-    
-    inline const Aws::String& GetRequestId() const{ return m_requestId; }
-
-    
-    inline void SetRequestId(const Aws::String& value) { m_requestId = value; }
-
-    
-    inline void SetRequestId(Aws::String&& value) { m_requestId = std::move(value); }
-
-    
-    inline void SetRequestId(const char* value) { m_requestId.assign(value); }
-
-    
-    inline DescribeEndpointsResult& WithRequestId(const Aws::String& value) { SetRequestId(value); return *this;}
-
-    
-    inline DescribeEndpointsResult& WithRequestId(Aws::String&& value) { SetRequestId(std::move(value)); return *this;}
-
-    
-    inline DescribeEndpointsResult& WithRequestId(const char* value) { SetRequestId(value); return *this;}
-
-  private:
-
-    Aws::Vector<Endpoint> m_endpoints;
-
-    Aws::String m_nextToken;
-
-    Aws::String m_requestId;
-  };
-
-} // namespace Model
-} // namespace MediaConvert
-} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-mediaconvert/include/aws/mediaconvert/model/RemixSettings.h b/generated/src/aws-cpp-sdk-mediaconvert/include/aws/mediaconvert/model/RemixSettings.h
index 0bf6d7c559c..b9985b1416d 100644
--- a/generated/src/aws-cpp-sdk-mediaconvert/include/aws/mediaconvert/model/RemixSettings.h
+++ b/generated/src/aws-cpp-sdk-mediaconvert/include/aws/mediaconvert/model/RemixSettings.h
@@ -39,6 +39,88 @@ namespace Model
     AWS_MEDIACONVERT_API Aws::Utils::Json::JsonValue Jsonize() const;
 
 
+    /**
+     * Optionally specify the channel in your input that contains your audio
+     * description audio signal. MediaConvert mixes your audio signal across all output
+     * channels, while reducing their volume according to your data stream. When you
+     * specify an audio description audio channel, you must also specify an audio
+     * description data channel. For more information about audio description signals,
+     * see the BBC WHP 198 and 051 white papers.
+     */
+    inline int GetAudioDescriptionAudioChannel() const{ return m_audioDescriptionAudioChannel; }
+
+    /**
+     * Optionally specify the channel in your input that contains your audio
+     * description audio signal. MediaConvert mixes your audio signal across all output
+     * channels, while reducing their volume according to your data stream. When you
+     * specify an audio description audio channel, you must also specify an audio
+     * description data channel. For more information about audio description signals,
+     * see the BBC WHP 198 and 051 white papers.
+     */
+    inline bool AudioDescriptionAudioChannelHasBeenSet() const { return m_audioDescriptionAudioChannelHasBeenSet; }
+
+    /**
+     * Optionally specify the channel in your input that contains your audio
+     * description audio signal. MediaConvert mixes your audio signal across all output
+     * channels, while reducing their volume according to your data stream. When you
+     * specify an audio description audio channel, you must also specify an audio
+     * description data channel. For more information about audio description signals,
+     * see the BBC WHP 198 and 051 white papers.
+     */
+    inline void SetAudioDescriptionAudioChannel(int value) { m_audioDescriptionAudioChannelHasBeenSet = true; m_audioDescriptionAudioChannel = value; }
+
+    /**
+     * Optionally specify the channel in your input that contains your audio
+     * description audio signal. MediaConvert mixes your audio signal across all output
+     * channels, while reducing their volume according to your data stream. When you
+     * specify an audio description audio channel, you must also specify an audio
+     * description data channel. For more information about audio description signals,
+     * see the BBC WHP 198 and 051 white papers.
+     */
+    inline RemixSettings& WithAudioDescriptionAudioChannel(int value) { SetAudioDescriptionAudioChannel(value); return *this;}
+
+
+    /**
+     * Optionally specify the channel in your input that contains your audio
+     * description data stream. MediaConvert mixes your audio signal across all output
+     * channels, while reducing their volume according to your data stream. When you
+     * specify an audio description data channel, you must also specify an audio
+     * description audio channel. For more information about audio description signals,
+     * see the BBC WHP 198 and 051 white papers.
+     */
+    inline int GetAudioDescriptionDataChannel() const{ return m_audioDescriptionDataChannel; }
+
+    /**
+     * Optionally specify the channel in your input that contains your audio
+     * description data stream. MediaConvert mixes your audio signal across all output
+     * channels, while reducing their volume according to your data stream. When you
+     * specify an audio description data channel, you must also specify an audio
+     * description audio channel. For more information about audio description signals,
+     * see the BBC WHP 198 and 051 white papers.
+     */
+    inline bool AudioDescriptionDataChannelHasBeenSet() const { return m_audioDescriptionDataChannelHasBeenSet; }
+
+    /**
+     * Optionally specify the channel in your input that contains your audio
+     * description data stream. MediaConvert mixes your audio signal across all output
+     * channels, while reducing their volume according to your data stream. When you
+     * specify an audio description data channel, you must also specify an audio
+     * description audio channel. For more information about audio description signals,
+     * see the BBC WHP 198 and 051 white papers.
+     */
+    inline void SetAudioDescriptionDataChannel(int value) { m_audioDescriptionDataChannelHasBeenSet = true; m_audioDescriptionDataChannel = value; }
+
+    /**
+     * Optionally specify the channel in your input that contains your audio
+     * description data stream. MediaConvert mixes your audio signal across all output
+     * channels, while reducing their volume according to your data stream. When you
+     * specify an audio description data channel, you must also specify an audio
+     * description audio channel. For more information about audio description signals,
+     * see the BBC WHP 198 and 051 white papers.
+     */
+    inline RemixSettings& WithAudioDescriptionDataChannel(int value) { SetAudioDescriptionDataChannel(value); return *this;}
+
+
     /**
      * Channel mapping contains the group of fields that hold the remixing value for
      * each channel, in dB. Specify remix values to indicate how much of the content
@@ -209,6 +291,12 @@ namespace Model
 
   private:
 
+    int m_audioDescriptionAudioChannel;
+    bool m_audioDescriptionAudioChannelHasBeenSet = false;
+
+    int m_audioDescriptionDataChannel;
+    bool m_audioDescriptionDataChannelHasBeenSet = false;
+
     ChannelMapping m_channelMapping;
     bool m_channelMappingHasBeenSet = false;
 
diff --git a/generated/src/aws-cpp-sdk-mediaconvert/source/MediaConvertClient.cpp b/generated/src/aws-cpp-sdk-mediaconvert/source/MediaConvertClient.cpp
index d5b9545a53f..7e981ec3b38 100644
--- a/generated/src/aws-cpp-sdk-mediaconvert/source/MediaConvertClient.cpp
+++ b/generated/src/aws-cpp-sdk-mediaconvert/source/MediaConvertClient.cpp
@@ -31,7 +31,6 @@
 #include <aws/mediaconvert/model/DeletePolicyRequest.h>
 #include <aws/mediaconvert/model/DeletePresetRequest.h>
 #include <aws/mediaconvert/model/DeleteQueueRequest.h>
-#include <aws/mediaconvert/model/DescribeEndpointsRequest.h>
 #include <aws/mediaconvert/model/DisassociateCertificateRequest.h>
 #include <aws/mediaconvert/model/GetJobRequest.h>
 #include <aws/mediaconvert/model/GetJobTemplateRequest.h>
@@ -476,33 +475,6 @@ DeleteQueueOutcome MediaConvertClient::DeleteQueue(const DeleteQueueRequest& req
     {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
 }
 
-DescribeEndpointsOutcome MediaConvertClient::DescribeEndpoints(const DescribeEndpointsRequest& request) const
-{
-  AWS_OPERATION_GUARD(DescribeEndpoints);
-  AWS_OPERATION_CHECK_PTR(m_endpointProvider, DescribeEndpoints, CoreErrors, CoreErrors::ENDPOINT_RESOLUTION_FAILURE);
-  AWS_OPERATION_CHECK_PTR(m_telemetryProvider, DescribeEndpoints, CoreErrors, CoreErrors::NOT_INITIALIZED);
-  auto tracer = m_telemetryProvider->getTracer(this->GetServiceClientName(), {});
-  auto meter = m_telemetryProvider->getMeter(this->GetServiceClientName(), {});
-  AWS_OPERATION_CHECK_PTR(meter, DescribeEndpoints, CoreErrors, CoreErrors::NOT_INITIALIZED);
-  auto span = tracer->CreateSpan(Aws::String(this->GetServiceClientName()) + ".DescribeEndpoints",
-    {{ TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName() }, { TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName() }, { TracingUtils::SMITHY_SYSTEM_DIMENSION, TracingUtils::SMITHY_METHOD_AWS_VALUE }},
-    smithy::components::tracing::SpanKind::CLIENT);
-  return TracingUtils::MakeCallWithTiming<DescribeEndpointsOutcome>(
-    [&]()-> DescribeEndpointsOutcome {
-      auto endpointResolutionOutcome = TracingUtils::MakeCallWithTiming<ResolveEndpointOutcome>(
-          [&]() -> ResolveEndpointOutcome { return m_endpointProvider->ResolveEndpoint(request.GetEndpointContextParams()); },
-          TracingUtils::SMITHY_CLIENT_ENDPOINT_RESOLUTION_METRIC,
-          *meter,
-          {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
-      AWS_OPERATION_CHECK_SUCCESS(endpointResolutionOutcome, DescribeEndpoints, CoreErrors, CoreErrors::ENDPOINT_RESOLUTION_FAILURE, endpointResolutionOutcome.GetError().GetMessage());
-      endpointResolutionOutcome.GetResult().AddPathSegments("/2017-08-29/endpoints");
-      return DescribeEndpointsOutcome(MakeRequest(request, endpointResolutionOutcome.GetResult(), Aws::Http::HttpMethod::HTTP_POST, Aws::Auth::SIGV4_SIGNER));
-    },
-    TracingUtils::SMITHY_CLIENT_DURATION_METRIC,
-    *meter,
-    {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
-}
-
 DisassociateCertificateOutcome MediaConvertClient::DisassociateCertificate(const DisassociateCertificateRequest& request) const
 {
   AWS_OPERATION_GUARD(DisassociateCertificate);
diff --git a/generated/src/aws-cpp-sdk-mediaconvert/source/model/RemixSettings.cpp b/generated/src/aws-cpp-sdk-mediaconvert/source/model/RemixSettings.cpp
index 30f79db5f92..518687d2230 100644
--- a/generated/src/aws-cpp-sdk-mediaconvert/source/model/RemixSettings.cpp
+++ b/generated/src/aws-cpp-sdk-mediaconvert/source/model/RemixSettings.cpp
@@ -19,6 +19,10 @@ namespace Model
 {
 
 RemixSettings::RemixSettings() : 
+    m_audioDescriptionAudioChannel(0),
+    m_audioDescriptionAudioChannelHasBeenSet(false),
+    m_audioDescriptionDataChannel(0),
+    m_audioDescriptionDataChannelHasBeenSet(false),
     m_channelMappingHasBeenSet(false),
     m_channelsIn(0),
     m_channelsInHasBeenSet(false),
@@ -28,6 +32,10 @@ RemixSettings::RemixSettings() :
 }
 
 RemixSettings::RemixSettings(JsonView jsonValue) : 
+    m_audioDescriptionAudioChannel(0),
+    m_audioDescriptionAudioChannelHasBeenSet(false),
+    m_audioDescriptionDataChannel(0),
+    m_audioDescriptionDataChannelHasBeenSet(false),
     m_channelMappingHasBeenSet(false),
     m_channelsIn(0),
     m_channelsInHasBeenSet(false),
@@ -39,6 +47,20 @@ RemixSettings::RemixSettings(JsonView jsonValue) :
 
 RemixSettings& RemixSettings::operator =(JsonView jsonValue)
 {
+  if(jsonValue.ValueExists("audioDescriptionAudioChannel"))
+  {
+    m_audioDescriptionAudioChannel = jsonValue.GetInteger("audioDescriptionAudioChannel");
+
+    m_audioDescriptionAudioChannelHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("audioDescriptionDataChannel"))
+  {
+    m_audioDescriptionDataChannel = jsonValue.GetInteger("audioDescriptionDataChannel");
+
+    m_audioDescriptionDataChannelHasBeenSet = true;
+  }
+
   if(jsonValue.ValueExists("channelMapping"))
   {
     m_channelMapping = jsonValue.GetObject("channelMapping");
@@ -67,6 +89,18 @@ JsonValue RemixSettings::Jsonize() const
 {
   JsonValue payload;
 
+  if(m_audioDescriptionAudioChannelHasBeenSet)
+  {
+   payload.WithInteger("audioDescriptionAudioChannel", m_audioDescriptionAudioChannel);
+
+  }
+
+  if(m_audioDescriptionDataChannelHasBeenSet)
+  {
+   payload.WithInteger("audioDescriptionDataChannel", m_audioDescriptionDataChannel);
+
+  }
+
   if(m_channelMappingHasBeenSet)
   {
    payload.WithObject("channelMapping", m_channelMapping.Jsonize());
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/NeptuneGraphClient.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/NeptuneGraphClient.h
index 7d0c64a11bb..dfd5592bb37 100644
--- a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/NeptuneGraphClient.h
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/NeptuneGraphClient.h
@@ -16,10 +16,10 @@ namespace Aws
 namespace NeptuneGraph
 {
   /**
-   * <p>Neptune Analytics is a serverless in-memory graph database service for
-   * analytics that delivers high-performance analytics and real-time queries for any
-   * graph type. It complements the Amazon Neptune Database, an industry-leading
-   * managed graph database.</p>
+   * <p>Neptune Analytics is a new analytics database engine for Amazon Neptune that
+   * helps customers get to insights faster by quickly processing large amounts of
+   * graph data, invoking popular graph analytic algorithms in low-latency queries,
+   * and getting analytics results in seconds.</p>
    */
   class AWS_NEPTUNEGRAPH_API NeptuneGraphClient : public Aws::Client::AWSJsonClient, public Aws::Client::ClientWithAsyncTemplateMethods<NeptuneGraphClient>
   {
@@ -80,7 +80,7 @@ namespace NeptuneGraph
         virtual ~NeptuneGraphClient();
 
         /**
-         * <p>Deletes the specified import task</p><p><h3>See Also:</h3>   <a
+         * <p>Deletes the specified import task.</p><p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/neptune-graph-2023-11-29/CancelImportTask">AWS
          * API Reference</a></p>
          */
@@ -104,6 +104,31 @@ namespace NeptuneGraph
             return SubmitAsync(&NeptuneGraphClient::CancelImportTask, request, handler, context);
         }
 
+        /**
+         * <p>Cancels a specified query.</p><p><h3>See Also:</h3>   <a
+         * href="http://docs.aws.amazon.com/goto/WebAPI/neptune-graph-2023-11-29/CancelQuery">AWS
+         * API Reference</a></p>
+         */
+        virtual Model::CancelQueryOutcome CancelQuery(const Model::CancelQueryRequest& request) const;
+
+        /**
+         * A Callable wrapper for CancelQuery that returns a future to the operation so that it can be executed in parallel to other requests.
+         */
+        template<typename CancelQueryRequestT = Model::CancelQueryRequest>
+        Model::CancelQueryOutcomeCallable CancelQueryCallable(const CancelQueryRequestT& request) const
+        {
+            return SubmitCallable(&NeptuneGraphClient::CancelQuery, request);
+        }
+
+        /**
+         * An Async wrapper for CancelQuery that queues the request into a thread executor and triggers associated callback when operation has finished.
+         */
+        template<typename CancelQueryRequestT = Model::CancelQueryRequest>
+        void CancelQueryAsync(const CancelQueryRequestT& request, const CancelQueryResponseReceivedHandler& handler, const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context = nullptr) const
+        {
+            return SubmitAsync(&NeptuneGraphClient::CancelQuery, request, handler, context);
+        }
+
         /**
          * <p>Creates a new Neptune Analytics graph.</p><p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/neptune-graph-2023-11-29/CreateGraph">AWS
@@ -289,6 +314,37 @@ namespace NeptuneGraph
             return SubmitAsync(&NeptuneGraphClient::DeletePrivateGraphEndpoint, request, handler, context);
         }
 
+        /**
+         * <p>Execute an openCypher query. Currently, the SDK does not support
+         * parameterized queries. If you want to make a parameterized query call, you can
+         * use an HTTP request. </p>  <p> Non-parametrized queries are not considered
+         * for plan caching. You can force plan caching with
+         * <code>planCache=enabled</code>. The plan cache will be reused only for the same
+         * exact query. Slight variations in the query will not be able to reuse the query
+         * plan cache. </p> <p><h3>See Also:</h3>   <a
+         * href="http://docs.aws.amazon.com/goto/WebAPI/neptune-graph-2023-11-29/ExecuteQuery">AWS
+         * API Reference</a></p>
+         */
+        virtual Model::ExecuteQueryOutcome ExecuteQuery(const Model::ExecuteQueryRequest& request) const;
+
+        /**
+         * A Callable wrapper for ExecuteQuery that returns a future to the operation so that it can be executed in parallel to other requests.
+         */
+        template<typename ExecuteQueryRequestT = Model::ExecuteQueryRequest>
+        Model::ExecuteQueryOutcomeCallable ExecuteQueryCallable(const ExecuteQueryRequestT& request) const
+        {
+            return SubmitCallable(&NeptuneGraphClient::ExecuteQuery, request);
+        }
+
+        /**
+         * An Async wrapper for ExecuteQuery that queues the request into a thread executor and triggers associated callback when operation has finished.
+         */
+        template<typename ExecuteQueryRequestT = Model::ExecuteQueryRequest>
+        void ExecuteQueryAsync(const ExecuteQueryRequestT& request, const ExecuteQueryResponseReceivedHandler& handler, const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context = nullptr) const
+        {
+            return SubmitAsync(&NeptuneGraphClient::ExecuteQuery, request, handler, context);
+        }
+
         /**
          * <p>Gets information about a specified graph.</p><p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/neptune-graph-2023-11-29/GetGraph">AWS
@@ -339,6 +395,31 @@ namespace NeptuneGraph
             return SubmitAsync(&NeptuneGraphClient::GetGraphSnapshot, request, handler, context);
         }
 
+        /**
+         * <p>Gets a graph summary for a property graph.</p><p><h3>See Also:</h3>   <a
+         * href="http://docs.aws.amazon.com/goto/WebAPI/neptune-graph-2023-11-29/GetGraphSummary">AWS
+         * API Reference</a></p>
+         */
+        virtual Model::GetGraphSummaryOutcome GetGraphSummary(const Model::GetGraphSummaryRequest& request) const;
+
+        /**
+         * A Callable wrapper for GetGraphSummary that returns a future to the operation so that it can be executed in parallel to other requests.
+         */
+        template<typename GetGraphSummaryRequestT = Model::GetGraphSummaryRequest>
+        Model::GetGraphSummaryOutcomeCallable GetGraphSummaryCallable(const GetGraphSummaryRequestT& request) const
+        {
+            return SubmitCallable(&NeptuneGraphClient::GetGraphSummary, request);
+        }
+
+        /**
+         * An Async wrapper for GetGraphSummary that queues the request into a thread executor and triggers associated callback when operation has finished.
+         */
+        template<typename GetGraphSummaryRequestT = Model::GetGraphSummaryRequest>
+        void GetGraphSummaryAsync(const GetGraphSummaryRequestT& request, const GetGraphSummaryResponseReceivedHandler& handler, const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context = nullptr) const
+        {
+            return SubmitAsync(&NeptuneGraphClient::GetGraphSummary, request, handler, context);
+        }
+
         /**
          * <p>Retrieves a specified import task.</p><p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/neptune-graph-2023-11-29/GetImportTask">AWS
@@ -390,6 +471,31 @@ namespace NeptuneGraph
             return SubmitAsync(&NeptuneGraphClient::GetPrivateGraphEndpoint, request, handler, context);
         }
 
+        /**
+         * <p>Retrieves the status of a specified query.</p><p><h3>See Also:</h3>   <a
+         * href="http://docs.aws.amazon.com/goto/WebAPI/neptune-graph-2023-11-29/GetQuery">AWS
+         * API Reference</a></p>
+         */
+        virtual Model::GetQueryOutcome GetQuery(const Model::GetQueryRequest& request) const;
+
+        /**
+         * A Callable wrapper for GetQuery that returns a future to the operation so that it can be executed in parallel to other requests.
+         */
+        template<typename GetQueryRequestT = Model::GetQueryRequest>
+        Model::GetQueryOutcomeCallable GetQueryCallable(const GetQueryRequestT& request) const
+        {
+            return SubmitCallable(&NeptuneGraphClient::GetQuery, request);
+        }
+
+        /**
+         * An Async wrapper for GetQuery that queues the request into a thread executor and triggers associated callback when operation has finished.
+         */
+        template<typename GetQueryRequestT = Model::GetQueryRequest>
+        void GetQueryAsync(const GetQueryRequestT& request, const GetQueryResponseReceivedHandler& handler, const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context = nullptr) const
+        {
+            return SubmitAsync(&NeptuneGraphClient::GetQuery, request, handler, context);
+        }
+
         /**
          * <p>Lists available snapshots of a specified Neptune Analytics
          * graph.</p><p><h3>See Also:</h3>   <a
@@ -492,6 +598,31 @@ namespace NeptuneGraph
             return SubmitAsync(&NeptuneGraphClient::ListPrivateGraphEndpoints, request, handler, context);
         }
 
+        /**
+         * <p>Lists active openCypher queries.</p><p><h3>See Also:</h3>   <a
+         * href="http://docs.aws.amazon.com/goto/WebAPI/neptune-graph-2023-11-29/ListQueries">AWS
+         * API Reference</a></p>
+         */
+        virtual Model::ListQueriesOutcome ListQueries(const Model::ListQueriesRequest& request) const;
+
+        /**
+         * A Callable wrapper for ListQueries that returns a future to the operation so that it can be executed in parallel to other requests.
+         */
+        template<typename ListQueriesRequestT = Model::ListQueriesRequest>
+        Model::ListQueriesOutcomeCallable ListQueriesCallable(const ListQueriesRequestT& request) const
+        {
+            return SubmitCallable(&NeptuneGraphClient::ListQueries, request);
+        }
+
+        /**
+         * An Async wrapper for ListQueries that queues the request into a thread executor and triggers associated callback when operation has finished.
+         */
+        template<typename ListQueriesRequestT = Model::ListQueriesRequest>
+        void ListQueriesAsync(const ListQueriesRequestT& request, const ListQueriesResponseReceivedHandler& handler, const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context = nullptr) const
+        {
+            return SubmitAsync(&NeptuneGraphClient::ListQueries, request, handler, context);
+        }
+
         /**
          * <p>Lists tags associated with a specified resource.</p><p><h3>See Also:</h3>  
          * <a
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/NeptuneGraphErrors.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/NeptuneGraphErrors.h
index 88adb2bbeb2..f03377f8b9a 100644
--- a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/NeptuneGraphErrors.h
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/NeptuneGraphErrors.h
@@ -49,7 +49,8 @@ enum class NeptuneGraphErrors
 
   CONFLICT= static_cast<int>(Aws::Client::CoreErrors::SERVICE_EXTENSION_START_RANGE) + 1,
   INTERNAL_SERVER,
-  SERVICE_QUOTA_EXCEEDED
+  SERVICE_QUOTA_EXCEEDED,
+  UNPROCESSABLE
 };
 
 class AWS_NEPTUNEGRAPH_API NeptuneGraphError : public Aws::Client::AWSError<NeptuneGraphErrors>
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/NeptuneGraphServiceClientModel.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/NeptuneGraphServiceClientModel.h
index 28d6813dc0f..74cb0918fa3 100644
--- a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/NeptuneGraphServiceClientModel.h
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/NeptuneGraphServiceClientModel.h
@@ -26,20 +26,25 @@
 #include <aws/neptune-graph/model/DeleteGraphResult.h>
 #include <aws/neptune-graph/model/DeleteGraphSnapshotResult.h>
 #include <aws/neptune-graph/model/DeletePrivateGraphEndpointResult.h>
+#include <aws/neptune-graph/model/ExecuteQueryResult.h>
 #include <aws/neptune-graph/model/GetGraphResult.h>
 #include <aws/neptune-graph/model/GetGraphSnapshotResult.h>
+#include <aws/neptune-graph/model/GetGraphSummaryResult.h>
 #include <aws/neptune-graph/model/GetImportTaskResult.h>
 #include <aws/neptune-graph/model/GetPrivateGraphEndpointResult.h>
+#include <aws/neptune-graph/model/GetQueryResult.h>
 #include <aws/neptune-graph/model/ListGraphSnapshotsResult.h>
 #include <aws/neptune-graph/model/ListGraphsResult.h>
 #include <aws/neptune-graph/model/ListImportTasksResult.h>
 #include <aws/neptune-graph/model/ListPrivateGraphEndpointsResult.h>
+#include <aws/neptune-graph/model/ListQueriesResult.h>
 #include <aws/neptune-graph/model/ListTagsForResourceResult.h>
 #include <aws/neptune-graph/model/ResetGraphResult.h>
 #include <aws/neptune-graph/model/RestoreGraphFromSnapshotResult.h>
 #include <aws/neptune-graph/model/TagResourceResult.h>
 #include <aws/neptune-graph/model/UntagResourceResult.h>
 #include <aws/neptune-graph/model/UpdateGraphResult.h>
+#include <aws/core/NoResult.h>
 /* End of service model headers required in NeptuneGraphClient header */
 
 namespace Aws
@@ -81,6 +86,7 @@ namespace Aws
     {
       /* Service model forward declarations required in NeptuneGraphClient header */
       class CancelImportTaskRequest;
+      class CancelQueryRequest;
       class CreateGraphRequest;
       class CreateGraphSnapshotRequest;
       class CreateGraphUsingImportTaskRequest;
@@ -88,14 +94,18 @@ namespace Aws
       class DeleteGraphRequest;
       class DeleteGraphSnapshotRequest;
       class DeletePrivateGraphEndpointRequest;
+      class ExecuteQueryRequest;
       class GetGraphRequest;
       class GetGraphSnapshotRequest;
+      class GetGraphSummaryRequest;
       class GetImportTaskRequest;
       class GetPrivateGraphEndpointRequest;
+      class GetQueryRequest;
       class ListGraphSnapshotsRequest;
       class ListGraphsRequest;
       class ListImportTasksRequest;
       class ListPrivateGraphEndpointsRequest;
+      class ListQueriesRequest;
       class ListTagsForResourceRequest;
       class ResetGraphRequest;
       class RestoreGraphFromSnapshotRequest;
@@ -106,6 +116,7 @@ namespace Aws
 
       /* Service model Outcome class definitions */
       typedef Aws::Utils::Outcome<CancelImportTaskResult, NeptuneGraphError> CancelImportTaskOutcome;
+      typedef Aws::Utils::Outcome<Aws::NoResult, NeptuneGraphError> CancelQueryOutcome;
       typedef Aws::Utils::Outcome<CreateGraphResult, NeptuneGraphError> CreateGraphOutcome;
       typedef Aws::Utils::Outcome<CreateGraphSnapshotResult, NeptuneGraphError> CreateGraphSnapshotOutcome;
       typedef Aws::Utils::Outcome<CreateGraphUsingImportTaskResult, NeptuneGraphError> CreateGraphUsingImportTaskOutcome;
@@ -113,14 +124,18 @@ namespace Aws
       typedef Aws::Utils::Outcome<DeleteGraphResult, NeptuneGraphError> DeleteGraphOutcome;
       typedef Aws::Utils::Outcome<DeleteGraphSnapshotResult, NeptuneGraphError> DeleteGraphSnapshotOutcome;
       typedef Aws::Utils::Outcome<DeletePrivateGraphEndpointResult, NeptuneGraphError> DeletePrivateGraphEndpointOutcome;
+      typedef Aws::Utils::Outcome<ExecuteQueryResult, NeptuneGraphError> ExecuteQueryOutcome;
       typedef Aws::Utils::Outcome<GetGraphResult, NeptuneGraphError> GetGraphOutcome;
       typedef Aws::Utils::Outcome<GetGraphSnapshotResult, NeptuneGraphError> GetGraphSnapshotOutcome;
+      typedef Aws::Utils::Outcome<GetGraphSummaryResult, NeptuneGraphError> GetGraphSummaryOutcome;
       typedef Aws::Utils::Outcome<GetImportTaskResult, NeptuneGraphError> GetImportTaskOutcome;
       typedef Aws::Utils::Outcome<GetPrivateGraphEndpointResult, NeptuneGraphError> GetPrivateGraphEndpointOutcome;
+      typedef Aws::Utils::Outcome<GetQueryResult, NeptuneGraphError> GetQueryOutcome;
       typedef Aws::Utils::Outcome<ListGraphSnapshotsResult, NeptuneGraphError> ListGraphSnapshotsOutcome;
       typedef Aws::Utils::Outcome<ListGraphsResult, NeptuneGraphError> ListGraphsOutcome;
       typedef Aws::Utils::Outcome<ListImportTasksResult, NeptuneGraphError> ListImportTasksOutcome;
       typedef Aws::Utils::Outcome<ListPrivateGraphEndpointsResult, NeptuneGraphError> ListPrivateGraphEndpointsOutcome;
+      typedef Aws::Utils::Outcome<ListQueriesResult, NeptuneGraphError> ListQueriesOutcome;
       typedef Aws::Utils::Outcome<ListTagsForResourceResult, NeptuneGraphError> ListTagsForResourceOutcome;
       typedef Aws::Utils::Outcome<ResetGraphResult, NeptuneGraphError> ResetGraphOutcome;
       typedef Aws::Utils::Outcome<RestoreGraphFromSnapshotResult, NeptuneGraphError> RestoreGraphFromSnapshotOutcome;
@@ -131,6 +146,7 @@ namespace Aws
 
       /* Service model Outcome callable definitions */
       typedef std::future<CancelImportTaskOutcome> CancelImportTaskOutcomeCallable;
+      typedef std::future<CancelQueryOutcome> CancelQueryOutcomeCallable;
       typedef std::future<CreateGraphOutcome> CreateGraphOutcomeCallable;
       typedef std::future<CreateGraphSnapshotOutcome> CreateGraphSnapshotOutcomeCallable;
       typedef std::future<CreateGraphUsingImportTaskOutcome> CreateGraphUsingImportTaskOutcomeCallable;
@@ -138,14 +154,18 @@ namespace Aws
       typedef std::future<DeleteGraphOutcome> DeleteGraphOutcomeCallable;
       typedef std::future<DeleteGraphSnapshotOutcome> DeleteGraphSnapshotOutcomeCallable;
       typedef std::future<DeletePrivateGraphEndpointOutcome> DeletePrivateGraphEndpointOutcomeCallable;
+      typedef std::future<ExecuteQueryOutcome> ExecuteQueryOutcomeCallable;
       typedef std::future<GetGraphOutcome> GetGraphOutcomeCallable;
       typedef std::future<GetGraphSnapshotOutcome> GetGraphSnapshotOutcomeCallable;
+      typedef std::future<GetGraphSummaryOutcome> GetGraphSummaryOutcomeCallable;
       typedef std::future<GetImportTaskOutcome> GetImportTaskOutcomeCallable;
       typedef std::future<GetPrivateGraphEndpointOutcome> GetPrivateGraphEndpointOutcomeCallable;
+      typedef std::future<GetQueryOutcome> GetQueryOutcomeCallable;
       typedef std::future<ListGraphSnapshotsOutcome> ListGraphSnapshotsOutcomeCallable;
       typedef std::future<ListGraphsOutcome> ListGraphsOutcomeCallable;
       typedef std::future<ListImportTasksOutcome> ListImportTasksOutcomeCallable;
       typedef std::future<ListPrivateGraphEndpointsOutcome> ListPrivateGraphEndpointsOutcomeCallable;
+      typedef std::future<ListQueriesOutcome> ListQueriesOutcomeCallable;
       typedef std::future<ListTagsForResourceOutcome> ListTagsForResourceOutcomeCallable;
       typedef std::future<ResetGraphOutcome> ResetGraphOutcomeCallable;
       typedef std::future<RestoreGraphFromSnapshotOutcome> RestoreGraphFromSnapshotOutcomeCallable;
@@ -159,6 +179,7 @@ namespace Aws
 
     /* Service model async handlers definitions */
     typedef std::function<void(const NeptuneGraphClient*, const Model::CancelImportTaskRequest&, const Model::CancelImportTaskOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > CancelImportTaskResponseReceivedHandler;
+    typedef std::function<void(const NeptuneGraphClient*, const Model::CancelQueryRequest&, const Model::CancelQueryOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > CancelQueryResponseReceivedHandler;
     typedef std::function<void(const NeptuneGraphClient*, const Model::CreateGraphRequest&, const Model::CreateGraphOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > CreateGraphResponseReceivedHandler;
     typedef std::function<void(const NeptuneGraphClient*, const Model::CreateGraphSnapshotRequest&, const Model::CreateGraphSnapshotOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > CreateGraphSnapshotResponseReceivedHandler;
     typedef std::function<void(const NeptuneGraphClient*, const Model::CreateGraphUsingImportTaskRequest&, const Model::CreateGraphUsingImportTaskOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > CreateGraphUsingImportTaskResponseReceivedHandler;
@@ -166,14 +187,18 @@ namespace Aws
     typedef std::function<void(const NeptuneGraphClient*, const Model::DeleteGraphRequest&, const Model::DeleteGraphOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > DeleteGraphResponseReceivedHandler;
     typedef std::function<void(const NeptuneGraphClient*, const Model::DeleteGraphSnapshotRequest&, const Model::DeleteGraphSnapshotOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > DeleteGraphSnapshotResponseReceivedHandler;
     typedef std::function<void(const NeptuneGraphClient*, const Model::DeletePrivateGraphEndpointRequest&, const Model::DeletePrivateGraphEndpointOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > DeletePrivateGraphEndpointResponseReceivedHandler;
+    typedef std::function<void(const NeptuneGraphClient*, const Model::ExecuteQueryRequest&, Model::ExecuteQueryOutcome, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > ExecuteQueryResponseReceivedHandler;
     typedef std::function<void(const NeptuneGraphClient*, const Model::GetGraphRequest&, const Model::GetGraphOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > GetGraphResponseReceivedHandler;
     typedef std::function<void(const NeptuneGraphClient*, const Model::GetGraphSnapshotRequest&, const Model::GetGraphSnapshotOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > GetGraphSnapshotResponseReceivedHandler;
+    typedef std::function<void(const NeptuneGraphClient*, const Model::GetGraphSummaryRequest&, const Model::GetGraphSummaryOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > GetGraphSummaryResponseReceivedHandler;
     typedef std::function<void(const NeptuneGraphClient*, const Model::GetImportTaskRequest&, const Model::GetImportTaskOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > GetImportTaskResponseReceivedHandler;
     typedef std::function<void(const NeptuneGraphClient*, const Model::GetPrivateGraphEndpointRequest&, const Model::GetPrivateGraphEndpointOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > GetPrivateGraphEndpointResponseReceivedHandler;
+    typedef std::function<void(const NeptuneGraphClient*, const Model::GetQueryRequest&, const Model::GetQueryOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > GetQueryResponseReceivedHandler;
     typedef std::function<void(const NeptuneGraphClient*, const Model::ListGraphSnapshotsRequest&, const Model::ListGraphSnapshotsOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > ListGraphSnapshotsResponseReceivedHandler;
     typedef std::function<void(const NeptuneGraphClient*, const Model::ListGraphsRequest&, const Model::ListGraphsOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > ListGraphsResponseReceivedHandler;
     typedef std::function<void(const NeptuneGraphClient*, const Model::ListImportTasksRequest&, const Model::ListImportTasksOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > ListImportTasksResponseReceivedHandler;
     typedef std::function<void(const NeptuneGraphClient*, const Model::ListPrivateGraphEndpointsRequest&, const Model::ListPrivateGraphEndpointsOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > ListPrivateGraphEndpointsResponseReceivedHandler;
+    typedef std::function<void(const NeptuneGraphClient*, const Model::ListQueriesRequest&, const Model::ListQueriesOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > ListQueriesResponseReceivedHandler;
     typedef std::function<void(const NeptuneGraphClient*, const Model::ListTagsForResourceRequest&, const Model::ListTagsForResourceOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > ListTagsForResourceResponseReceivedHandler;
     typedef std::function<void(const NeptuneGraphClient*, const Model::ResetGraphRequest&, const Model::ResetGraphOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > ResetGraphResponseReceivedHandler;
     typedef std::function<void(const NeptuneGraphClient*, const Model::RestoreGraphFromSnapshotRequest&, const Model::RestoreGraphFromSnapshotOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > RestoreGraphFromSnapshotResponseReceivedHandler;
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/CancelImportTaskResult.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/CancelImportTaskResult.h
index 40197e0a9cf..064a101aec5 100644
--- a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/CancelImportTaskResult.h
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/CancelImportTaskResult.h
@@ -108,43 +108,43 @@ namespace Model
 
     /**
      * <p>A URL identifying to the location of the data to be imported. This can be an
-     * Amazon S3 path, or can point to a Neptune database endpoint or snapshot</p>
+     * Amazon S3 path, or can point to a Neptune database endpoint or snapshot.</p>
      */
     inline const Aws::String& GetSource() const{ return m_source; }
 
     /**
      * <p>A URL identifying to the location of the data to be imported. This can be an
-     * Amazon S3 path, or can point to a Neptune database endpoint or snapshot</p>
+     * Amazon S3 path, or can point to a Neptune database endpoint or snapshot.</p>
      */
     inline void SetSource(const Aws::String& value) { m_source = value; }
 
     /**
      * <p>A URL identifying to the location of the data to be imported. This can be an
-     * Amazon S3 path, or can point to a Neptune database endpoint or snapshot</p>
+     * Amazon S3 path, or can point to a Neptune database endpoint or snapshot.</p>
      */
     inline void SetSource(Aws::String&& value) { m_source = std::move(value); }
 
     /**
      * <p>A URL identifying to the location of the data to be imported. This can be an
-     * Amazon S3 path, or can point to a Neptune database endpoint or snapshot</p>
+     * Amazon S3 path, or can point to a Neptune database endpoint or snapshot.</p>
      */
     inline void SetSource(const char* value) { m_source.assign(value); }
 
     /**
      * <p>A URL identifying to the location of the data to be imported. This can be an
-     * Amazon S3 path, or can point to a Neptune database endpoint or snapshot</p>
+     * Amazon S3 path, or can point to a Neptune database endpoint or snapshot.</p>
      */
     inline CancelImportTaskResult& WithSource(const Aws::String& value) { SetSource(value); return *this;}
 
     /**
      * <p>A URL identifying to the location of the data to be imported. This can be an
-     * Amazon S3 path, or can point to a Neptune database endpoint or snapshot</p>
+     * Amazon S3 path, or can point to a Neptune database endpoint or snapshot.</p>
      */
     inline CancelImportTaskResult& WithSource(Aws::String&& value) { SetSource(std::move(value)); return *this;}
 
     /**
      * <p>A URL identifying to the location of the data to be imported. This can be an
-     * Amazon S3 path, or can point to a Neptune database endpoint or snapshot</p>
+     * Amazon S3 path, or can point to a Neptune database endpoint or snapshot.</p>
      */
     inline CancelImportTaskResult& WithSource(const char* value) { SetSource(value); return *this;}
 
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/CancelQueryRequest.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/CancelQueryRequest.h
new file mode 100644
index 00000000000..aa1898c5c63
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/CancelQueryRequest.h
@@ -0,0 +1,133 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/neptune-graph/NeptuneGraph_EXPORTS.h>
+#include <aws/neptune-graph/NeptuneGraphRequest.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+#include <utility>
+
+namespace Aws
+{
+namespace NeptuneGraph
+{
+namespace Model
+{
+
+  /**
+   */
+  class CancelQueryRequest : public NeptuneGraphRequest
+  {
+  public:
+    AWS_NEPTUNEGRAPH_API CancelQueryRequest();
+
+    // Service request name is the Operation name which will send this request out,
+    // each operation should has unique request name, so that we can get operation's name from this request.
+    // Note: this is not true for response, multiple operations may have the same response name,
+    // so we can not get operation's name from response.
+    inline virtual const char* GetServiceRequestName() const override { return "CancelQuery"; }
+
+    AWS_NEPTUNEGRAPH_API Aws::String SerializePayload() const override;
+
+    AWS_NEPTUNEGRAPH_API Aws::Http::HeaderValueCollection GetRequestSpecificHeaders() const override;
+
+    /**
+     * Helper function to collect parameters (configurable and static hardcoded) required for endpoint computation.
+     */
+    AWS_NEPTUNEGRAPH_API EndpointParameters GetEndpointContextParams() const override;
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline const Aws::String& GetGraphIdentifier() const{ return m_graphIdentifier; }
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline bool GraphIdentifierHasBeenSet() const { return m_graphIdentifierHasBeenSet; }
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline void SetGraphIdentifier(const Aws::String& value) { m_graphIdentifierHasBeenSet = true; m_graphIdentifier = value; }
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline void SetGraphIdentifier(Aws::String&& value) { m_graphIdentifierHasBeenSet = true; m_graphIdentifier = std::move(value); }
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline void SetGraphIdentifier(const char* value) { m_graphIdentifierHasBeenSet = true; m_graphIdentifier.assign(value); }
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline CancelQueryRequest& WithGraphIdentifier(const Aws::String& value) { SetGraphIdentifier(value); return *this;}
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline CancelQueryRequest& WithGraphIdentifier(Aws::String&& value) { SetGraphIdentifier(std::move(value)); return *this;}
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline CancelQueryRequest& WithGraphIdentifier(const char* value) { SetGraphIdentifier(value); return *this;}
+
+
+    /**
+     * <p>The unique identifier of the query to cancel.</p>
+     */
+    inline const Aws::String& GetQueryId() const{ return m_queryId; }
+
+    /**
+     * <p>The unique identifier of the query to cancel.</p>
+     */
+    inline bool QueryIdHasBeenSet() const { return m_queryIdHasBeenSet; }
+
+    /**
+     * <p>The unique identifier of the query to cancel.</p>
+     */
+    inline void SetQueryId(const Aws::String& value) { m_queryIdHasBeenSet = true; m_queryId = value; }
+
+    /**
+     * <p>The unique identifier of the query to cancel.</p>
+     */
+    inline void SetQueryId(Aws::String&& value) { m_queryIdHasBeenSet = true; m_queryId = std::move(value); }
+
+    /**
+     * <p>The unique identifier of the query to cancel.</p>
+     */
+    inline void SetQueryId(const char* value) { m_queryIdHasBeenSet = true; m_queryId.assign(value); }
+
+    /**
+     * <p>The unique identifier of the query to cancel.</p>
+     */
+    inline CancelQueryRequest& WithQueryId(const Aws::String& value) { SetQueryId(value); return *this;}
+
+    /**
+     * <p>The unique identifier of the query to cancel.</p>
+     */
+    inline CancelQueryRequest& WithQueryId(Aws::String&& value) { SetQueryId(std::move(value)); return *this;}
+
+    /**
+     * <p>The unique identifier of the query to cancel.</p>
+     */
+    inline CancelQueryRequest& WithQueryId(const char* value) { SetQueryId(value); return *this;}
+
+  private:
+
+    Aws::String m_graphIdentifier;
+    bool m_graphIdentifierHasBeenSet = false;
+
+    Aws::String m_queryId;
+    bool m_queryIdHasBeenSet = false;
+  };
+
+} // namespace Model
+} // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/CreateGraphRequest.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/CreateGraphRequest.h
index 1d59de3ef7c..bf56bf1798f 100644
--- a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/CreateGraphRequest.h
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/CreateGraphRequest.h
@@ -296,22 +296,22 @@ namespace Model
 
 
     /**
-     * <p>The number of replicas in other AZs. Min =0, Max = 2, Default =1</p>
+     * <p>The number of replicas in other AZs. Min =0, Max = 2, Default = 1.</p>
      */
     inline int GetReplicaCount() const{ return m_replicaCount; }
 
     /**
-     * <p>The number of replicas in other AZs. Min =0, Max = 2, Default =1</p>
+     * <p>The number of replicas in other AZs. Min =0, Max = 2, Default = 1.</p>
      */
     inline bool ReplicaCountHasBeenSet() const { return m_replicaCountHasBeenSet; }
 
     /**
-     * <p>The number of replicas in other AZs. Min =0, Max = 2, Default =1</p>
+     * <p>The number of replicas in other AZs. Min =0, Max = 2, Default = 1.</p>
      */
     inline void SetReplicaCount(int value) { m_replicaCountHasBeenSet = true; m_replicaCount = value; }
 
     /**
-     * <p>The number of replicas in other AZs. Min =0, Max = 2, Default =1</p>
+     * <p>The number of replicas in other AZs. Min =0, Max = 2, Default = 1.</p>
      */
     inline CreateGraphRequest& WithReplicaCount(int value) { SetReplicaCount(value); return *this;}
 
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/CreateGraphUsingImportTaskRequest.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/CreateGraphUsingImportTaskRequest.h
index 7183ac2cf10..9abc585539e 100644
--- a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/CreateGraphUsingImportTaskRequest.h
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/CreateGraphUsingImportTaskRequest.h
@@ -187,28 +187,28 @@ namespace Model
     /**
      * <p>Specifies whether or not the graph can be reachable over the internet. All
      * access to graphs IAM authenticated. (<code>true</code> to enable, or
-     * <code>false</code> to disable.</p>
+     * <code>false</code> to disable).</p>
      */
     inline bool GetPublicConnectivity() const{ return m_publicConnectivity; }
 
     /**
      * <p>Specifies whether or not the graph can be reachable over the internet. All
      * access to graphs IAM authenticated. (<code>true</code> to enable, or
-     * <code>false</code> to disable.</p>
+     * <code>false</code> to disable).</p>
      */
     inline bool PublicConnectivityHasBeenSet() const { return m_publicConnectivityHasBeenSet; }
 
     /**
      * <p>Specifies whether or not the graph can be reachable over the internet. All
      * access to graphs IAM authenticated. (<code>true</code> to enable, or
-     * <code>false</code> to disable.</p>
+     * <code>false</code> to disable).</p>
      */
     inline void SetPublicConnectivity(bool value) { m_publicConnectivityHasBeenSet = true; m_publicConnectivity = value; }
 
     /**
      * <p>Specifies whether or not the graph can be reachable over the internet. All
      * access to graphs IAM authenticated. (<code>true</code> to enable, or
-     * <code>false</code> to disable.</p>
+     * <code>false</code> to disable).</p>
      */
     inline CreateGraphUsingImportTaskRequest& WithPublicConnectivity(bool value) { SetPublicConnectivity(value); return *this;}
 
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/EdgeStructure.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/EdgeStructure.h
new file mode 100644
index 00000000000..91a3b40ae86
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/EdgeStructure.h
@@ -0,0 +1,119 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/neptune-graph/NeptuneGraph_EXPORTS.h>
+#include <aws/core/utils/memory/stl/AWSVector.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+#include <utility>
+
+namespace Aws
+{
+namespace Utils
+{
+namespace Json
+{
+  class JsonValue;
+  class JsonView;
+} // namespace Json
+} // namespace Utils
+namespace NeptuneGraph
+{
+namespace Model
+{
+
+  /**
+   * <p>Contains information about an edge in a Neptune Analytics
+   * graph.</p><p><h3>See Also:</h3>   <a
+   * href="http://docs.aws.amazon.com/goto/WebAPI/neptune-graph-2023-11-29/EdgeStructure">AWS
+   * API Reference</a></p>
+   */
+  class EdgeStructure
+  {
+  public:
+    AWS_NEPTUNEGRAPH_API EdgeStructure();
+    AWS_NEPTUNEGRAPH_API EdgeStructure(Aws::Utils::Json::JsonView jsonValue);
+    AWS_NEPTUNEGRAPH_API EdgeStructure& operator=(Aws::Utils::Json::JsonView jsonValue);
+    AWS_NEPTUNEGRAPH_API Aws::Utils::Json::JsonValue Jsonize() const;
+
+
+    /**
+     * <p>The number of instances of the edge in the graph.</p>
+     */
+    inline long long GetCount() const{ return m_count; }
+
+    /**
+     * <p>The number of instances of the edge in the graph.</p>
+     */
+    inline bool CountHasBeenSet() const { return m_countHasBeenSet; }
+
+    /**
+     * <p>The number of instances of the edge in the graph.</p>
+     */
+    inline void SetCount(long long value) { m_countHasBeenSet = true; m_count = value; }
+
+    /**
+     * <p>The number of instances of the edge in the graph.</p>
+     */
+    inline EdgeStructure& WithCount(long long value) { SetCount(value); return *this;}
+
+
+    /**
+     * <p>A list of the properties associated with the edge.</p>
+     */
+    inline const Aws::Vector<Aws::String>& GetEdgeProperties() const{ return m_edgeProperties; }
+
+    /**
+     * <p>A list of the properties associated with the edge.</p>
+     */
+    inline bool EdgePropertiesHasBeenSet() const { return m_edgePropertiesHasBeenSet; }
+
+    /**
+     * <p>A list of the properties associated with the edge.</p>
+     */
+    inline void SetEdgeProperties(const Aws::Vector<Aws::String>& value) { m_edgePropertiesHasBeenSet = true; m_edgeProperties = value; }
+
+    /**
+     * <p>A list of the properties associated with the edge.</p>
+     */
+    inline void SetEdgeProperties(Aws::Vector<Aws::String>&& value) { m_edgePropertiesHasBeenSet = true; m_edgeProperties = std::move(value); }
+
+    /**
+     * <p>A list of the properties associated with the edge.</p>
+     */
+    inline EdgeStructure& WithEdgeProperties(const Aws::Vector<Aws::String>& value) { SetEdgeProperties(value); return *this;}
+
+    /**
+     * <p>A list of the properties associated with the edge.</p>
+     */
+    inline EdgeStructure& WithEdgeProperties(Aws::Vector<Aws::String>&& value) { SetEdgeProperties(std::move(value)); return *this;}
+
+    /**
+     * <p>A list of the properties associated with the edge.</p>
+     */
+    inline EdgeStructure& AddEdgeProperties(const Aws::String& value) { m_edgePropertiesHasBeenSet = true; m_edgeProperties.push_back(value); return *this; }
+
+    /**
+     * <p>A list of the properties associated with the edge.</p>
+     */
+    inline EdgeStructure& AddEdgeProperties(Aws::String&& value) { m_edgePropertiesHasBeenSet = true; m_edgeProperties.push_back(std::move(value)); return *this; }
+
+    /**
+     * <p>A list of the properties associated with the edge.</p>
+     */
+    inline EdgeStructure& AddEdgeProperties(const char* value) { m_edgePropertiesHasBeenSet = true; m_edgeProperties.push_back(value); return *this; }
+
+  private:
+
+    long long m_count;
+    bool m_countHasBeenSet = false;
+
+    Aws::Vector<Aws::String> m_edgeProperties;
+    bool m_edgePropertiesHasBeenSet = false;
+  };
+
+} // namespace Model
+} // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/ExecuteQueryRequest.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/ExecuteQueryRequest.h
new file mode 100644
index 00000000000..f06b9640b5a
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/ExecuteQueryRequest.h
@@ -0,0 +1,304 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/neptune-graph/NeptuneGraph_EXPORTS.h>
+#include <aws/neptune-graph/NeptuneGraphRequest.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+#include <aws/neptune-graph/model/QueryLanguage.h>
+#include <aws/neptune-graph/model/PlanCacheType.h>
+#include <aws/neptune-graph/model/ExplainMode.h>
+#include <utility>
+
+namespace Aws
+{
+namespace NeptuneGraph
+{
+namespace Model
+{
+
+  /**
+   */
+  class ExecuteQueryRequest : public NeptuneGraphRequest
+  {
+  public:
+    AWS_NEPTUNEGRAPH_API ExecuteQueryRequest();
+
+    // Service request name is the Operation name which will send this request out,
+    // each operation should has unique request name, so that we can get operation's name from this request.
+    // Note: this is not true for response, multiple operations may have the same response name,
+    // so we can not get operation's name from response.
+    inline virtual const char* GetServiceRequestName() const override { return "ExecuteQuery"; }
+
+    AWS_NEPTUNEGRAPH_API Aws::String SerializePayload() const override;
+
+    AWS_NEPTUNEGRAPH_API Aws::Http::HeaderValueCollection GetRequestSpecificHeaders() const override;
+
+    /**
+     * Helper function to collect parameters (configurable and static hardcoded) required for endpoint computation.
+     */
+    AWS_NEPTUNEGRAPH_API EndpointParameters GetEndpointContextParams() const override;
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline const Aws::String& GetGraphIdentifier() const{ return m_graphIdentifier; }
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline bool GraphIdentifierHasBeenSet() const { return m_graphIdentifierHasBeenSet; }
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline void SetGraphIdentifier(const Aws::String& value) { m_graphIdentifierHasBeenSet = true; m_graphIdentifier = value; }
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline void SetGraphIdentifier(Aws::String&& value) { m_graphIdentifierHasBeenSet = true; m_graphIdentifier = std::move(value); }
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline void SetGraphIdentifier(const char* value) { m_graphIdentifierHasBeenSet = true; m_graphIdentifier.assign(value); }
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline ExecuteQueryRequest& WithGraphIdentifier(const Aws::String& value) { SetGraphIdentifier(value); return *this;}
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline ExecuteQueryRequest& WithGraphIdentifier(Aws::String&& value) { SetGraphIdentifier(std::move(value)); return *this;}
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline ExecuteQueryRequest& WithGraphIdentifier(const char* value) { SetGraphIdentifier(value); return *this;}
+
+
+    /**
+     * <p>The query string to be executed.</p>
+     */
+    inline const Aws::String& GetQueryString() const{ return m_queryString; }
+
+    /**
+     * <p>The query string to be executed.</p>
+     */
+    inline bool QueryStringHasBeenSet() const { return m_queryStringHasBeenSet; }
+
+    /**
+     * <p>The query string to be executed.</p>
+     */
+    inline void SetQueryString(const Aws::String& value) { m_queryStringHasBeenSet = true; m_queryString = value; }
+
+    /**
+     * <p>The query string to be executed.</p>
+     */
+    inline void SetQueryString(Aws::String&& value) { m_queryStringHasBeenSet = true; m_queryString = std::move(value); }
+
+    /**
+     * <p>The query string to be executed.</p>
+     */
+    inline void SetQueryString(const char* value) { m_queryStringHasBeenSet = true; m_queryString.assign(value); }
+
+    /**
+     * <p>The query string to be executed.</p>
+     */
+    inline ExecuteQueryRequest& WithQueryString(const Aws::String& value) { SetQueryString(value); return *this;}
+
+    /**
+     * <p>The query string to be executed.</p>
+     */
+    inline ExecuteQueryRequest& WithQueryString(Aws::String&& value) { SetQueryString(std::move(value)); return *this;}
+
+    /**
+     * <p>The query string to be executed.</p>
+     */
+    inline ExecuteQueryRequest& WithQueryString(const char* value) { SetQueryString(value); return *this;}
+
+
+    /**
+     * <p>The query language the query is written in. Currently only openCypher is
+     * supported.</p>
+     */
+    inline const QueryLanguage& GetLanguage() const{ return m_language; }
+
+    /**
+     * <p>The query language the query is written in. Currently only openCypher is
+     * supported.</p>
+     */
+    inline bool LanguageHasBeenSet() const { return m_languageHasBeenSet; }
+
+    /**
+     * <p>The query language the query is written in. Currently only openCypher is
+     * supported.</p>
+     */
+    inline void SetLanguage(const QueryLanguage& value) { m_languageHasBeenSet = true; m_language = value; }
+
+    /**
+     * <p>The query language the query is written in. Currently only openCypher is
+     * supported.</p>
+     */
+    inline void SetLanguage(QueryLanguage&& value) { m_languageHasBeenSet = true; m_language = std::move(value); }
+
+    /**
+     * <p>The query language the query is written in. Currently only openCypher is
+     * supported.</p>
+     */
+    inline ExecuteQueryRequest& WithLanguage(const QueryLanguage& value) { SetLanguage(value); return *this;}
+
+    /**
+     * <p>The query language the query is written in. Currently only openCypher is
+     * supported.</p>
+     */
+    inline ExecuteQueryRequest& WithLanguage(QueryLanguage&& value) { SetLanguage(std::move(value)); return *this;}
+
+
+    /**
+     * <p>Query plan cache is a feature that saves the query plan and reuses it on
+     * successive executions of the same query. This reduces query latency, and works
+     * for both <code>READ</code> and <code>UPDATE</code> queries. The plan cache is an
+     * LRU cache with a 5 minute TTL and a capacity of 1000.</p>
+     */
+    inline const PlanCacheType& GetPlanCache() const{ return m_planCache; }
+
+    /**
+     * <p>Query plan cache is a feature that saves the query plan and reuses it on
+     * successive executions of the same query. This reduces query latency, and works
+     * for both <code>READ</code> and <code>UPDATE</code> queries. The plan cache is an
+     * LRU cache with a 5 minute TTL and a capacity of 1000.</p>
+     */
+    inline bool PlanCacheHasBeenSet() const { return m_planCacheHasBeenSet; }
+
+    /**
+     * <p>Query plan cache is a feature that saves the query plan and reuses it on
+     * successive executions of the same query. This reduces query latency, and works
+     * for both <code>READ</code> and <code>UPDATE</code> queries. The plan cache is an
+     * LRU cache with a 5 minute TTL and a capacity of 1000.</p>
+     */
+    inline void SetPlanCache(const PlanCacheType& value) { m_planCacheHasBeenSet = true; m_planCache = value; }
+
+    /**
+     * <p>Query plan cache is a feature that saves the query plan and reuses it on
+     * successive executions of the same query. This reduces query latency, and works
+     * for both <code>READ</code> and <code>UPDATE</code> queries. The plan cache is an
+     * LRU cache with a 5 minute TTL and a capacity of 1000.</p>
+     */
+    inline void SetPlanCache(PlanCacheType&& value) { m_planCacheHasBeenSet = true; m_planCache = std::move(value); }
+
+    /**
+     * <p>Query plan cache is a feature that saves the query plan and reuses it on
+     * successive executions of the same query. This reduces query latency, and works
+     * for both <code>READ</code> and <code>UPDATE</code> queries. The plan cache is an
+     * LRU cache with a 5 minute TTL and a capacity of 1000.</p>
+     */
+    inline ExecuteQueryRequest& WithPlanCache(const PlanCacheType& value) { SetPlanCache(value); return *this;}
+
+    /**
+     * <p>Query plan cache is a feature that saves the query plan and reuses it on
+     * successive executions of the same query. This reduces query latency, and works
+     * for both <code>READ</code> and <code>UPDATE</code> queries. The plan cache is an
+     * LRU cache with a 5 minute TTL and a capacity of 1000.</p>
+     */
+    inline ExecuteQueryRequest& WithPlanCache(PlanCacheType&& value) { SetPlanCache(std::move(value)); return *this;}
+
+
+    /**
+     * <p>The explain mode parameter returns a query explain instead of the actual
+     * query results. A query explain can be used to gather insights about the query
+     * execution such as planning decisions, time spent on each operator, solutions
+     * flowing etc.</p>
+     */
+    inline const ExplainMode& GetExplainMode() const{ return m_explainMode; }
+
+    /**
+     * <p>The explain mode parameter returns a query explain instead of the actual
+     * query results. A query explain can be used to gather insights about the query
+     * execution such as planning decisions, time spent on each operator, solutions
+     * flowing etc.</p>
+     */
+    inline bool ExplainModeHasBeenSet() const { return m_explainModeHasBeenSet; }
+
+    /**
+     * <p>The explain mode parameter returns a query explain instead of the actual
+     * query results. A query explain can be used to gather insights about the query
+     * execution such as planning decisions, time spent on each operator, solutions
+     * flowing etc.</p>
+     */
+    inline void SetExplainMode(const ExplainMode& value) { m_explainModeHasBeenSet = true; m_explainMode = value; }
+
+    /**
+     * <p>The explain mode parameter returns a query explain instead of the actual
+     * query results. A query explain can be used to gather insights about the query
+     * execution such as planning decisions, time spent on each operator, solutions
+     * flowing etc.</p>
+     */
+    inline void SetExplainMode(ExplainMode&& value) { m_explainModeHasBeenSet = true; m_explainMode = std::move(value); }
+
+    /**
+     * <p>The explain mode parameter returns a query explain instead of the actual
+     * query results. A query explain can be used to gather insights about the query
+     * execution such as planning decisions, time spent on each operator, solutions
+     * flowing etc.</p>
+     */
+    inline ExecuteQueryRequest& WithExplainMode(const ExplainMode& value) { SetExplainMode(value); return *this;}
+
+    /**
+     * <p>The explain mode parameter returns a query explain instead of the actual
+     * query results. A query explain can be used to gather insights about the query
+     * execution such as planning decisions, time spent on each operator, solutions
+     * flowing etc.</p>
+     */
+    inline ExecuteQueryRequest& WithExplainMode(ExplainMode&& value) { SetExplainMode(std::move(value)); return *this;}
+
+
+    /**
+     * <p>Specifies the query timeout duration, in milliseconds. (optional)</p>
+     */
+    inline int GetQueryTimeoutMilliseconds() const{ return m_queryTimeoutMilliseconds; }
+
+    /**
+     * <p>Specifies the query timeout duration, in milliseconds. (optional)</p>
+     */
+    inline bool QueryTimeoutMillisecondsHasBeenSet() const { return m_queryTimeoutMillisecondsHasBeenSet; }
+
+    /**
+     * <p>Specifies the query timeout duration, in milliseconds. (optional)</p>
+     */
+    inline void SetQueryTimeoutMilliseconds(int value) { m_queryTimeoutMillisecondsHasBeenSet = true; m_queryTimeoutMilliseconds = value; }
+
+    /**
+     * <p>Specifies the query timeout duration, in milliseconds. (optional)</p>
+     */
+    inline ExecuteQueryRequest& WithQueryTimeoutMilliseconds(int value) { SetQueryTimeoutMilliseconds(value); return *this;}
+
+  private:
+
+    Aws::String m_graphIdentifier;
+    bool m_graphIdentifierHasBeenSet = false;
+
+    Aws::String m_queryString;
+    bool m_queryStringHasBeenSet = false;
+
+    QueryLanguage m_language;
+    bool m_languageHasBeenSet = false;
+
+    PlanCacheType m_planCache;
+    bool m_planCacheHasBeenSet = false;
+
+    ExplainMode m_explainMode;
+    bool m_explainModeHasBeenSet = false;
+
+    int m_queryTimeoutMilliseconds;
+    bool m_queryTimeoutMillisecondsHasBeenSet = false;
+  };
+
+} // namespace Model
+} // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/ExecuteQueryResult.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/ExecuteQueryResult.h
new file mode 100644
index 00000000000..8af53564e9c
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/ExecuteQueryResult.h
@@ -0,0 +1,81 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/neptune-graph/NeptuneGraph_EXPORTS.h>
+#include <aws/core/utils/stream/ResponseStream.h>
+#include <aws/core/utils/Array.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+#include <utility>
+
+namespace Aws
+{
+template<typename RESULT_TYPE>
+class AmazonWebServiceResult;
+
+namespace NeptuneGraph
+{
+namespace Model
+{
+  class ExecuteQueryResult
+  {
+  public:
+    AWS_NEPTUNEGRAPH_API ExecuteQueryResult();
+    //We have to define these because Microsoft doesn't auto generate them
+    AWS_NEPTUNEGRAPH_API ExecuteQueryResult(ExecuteQueryResult&&);
+    AWS_NEPTUNEGRAPH_API ExecuteQueryResult& operator=(ExecuteQueryResult&&);
+    //we delete these because Microsoft doesn't handle move generation correctly
+    //and we therefore don't trust them to get it right here either.
+    ExecuteQueryResult(const ExecuteQueryResult&) = delete;
+    ExecuteQueryResult& operator=(const ExecuteQueryResult&) = delete;
+
+
+    AWS_NEPTUNEGRAPH_API ExecuteQueryResult(Aws::AmazonWebServiceResult<Aws::Utils::Stream::ResponseStream>&& result);
+    AWS_NEPTUNEGRAPH_API ExecuteQueryResult& operator=(Aws::AmazonWebServiceResult<Aws::Utils::Stream::ResponseStream>&& result);
+
+
+
+    /**
+     * <p>The query results.</p>
+     */
+    inline Aws::IOStream& GetPayload() const { return m_payload.GetUnderlyingStream(); }
+
+    /**
+     * <p>The query results.</p>
+     */
+    inline void ReplaceBody(Aws::IOStream* body) { m_payload = Aws::Utils::Stream::ResponseStream(body); }
+
+
+    
+    inline const Aws::String& GetRequestId() const{ return m_requestId; }
+
+    
+    inline void SetRequestId(const Aws::String& value) { m_requestId = value; }
+
+    
+    inline void SetRequestId(Aws::String&& value) { m_requestId = std::move(value); }
+
+    
+    inline void SetRequestId(const char* value) { m_requestId.assign(value); }
+
+    
+    inline ExecuteQueryResult& WithRequestId(const Aws::String& value) { SetRequestId(value); return *this;}
+
+    
+    inline ExecuteQueryResult& WithRequestId(Aws::String&& value) { SetRequestId(std::move(value)); return *this;}
+
+    
+    inline ExecuteQueryResult& WithRequestId(const char* value) { SetRequestId(value); return *this;}
+
+  private:
+
+    Aws::Utils::Stream::ResponseStream m_payload;
+
+    Aws::String m_requestId;
+  };
+
+} // namespace Model
+} // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/ExplainMode.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/ExplainMode.h
new file mode 100644
index 00000000000..5e129bf2720
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/ExplainMode.h
@@ -0,0 +1,31 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/neptune-graph/NeptuneGraph_EXPORTS.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+
+namespace Aws
+{
+namespace NeptuneGraph
+{
+namespace Model
+{
+  enum class ExplainMode
+  {
+    NOT_SET,
+    STATIC_,
+    DETAILS
+  };
+
+namespace ExplainModeMapper
+{
+AWS_NEPTUNEGRAPH_API ExplainMode GetExplainModeForName(const Aws::String& name);
+
+AWS_NEPTUNEGRAPH_API Aws::String GetNameForExplainMode(ExplainMode value);
+} // namespace ExplainModeMapper
+} // namespace Model
+} // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/GetGraphSummaryRequest.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/GetGraphSummaryRequest.h
new file mode 100644
index 00000000000..96e9a9267df
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/GetGraphSummaryRequest.h
@@ -0,0 +1,136 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/neptune-graph/NeptuneGraph_EXPORTS.h>
+#include <aws/neptune-graph/NeptuneGraphRequest.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+#include <aws/neptune-graph/model/GraphSummaryMode.h>
+#include <utility>
+
+namespace Aws
+{
+namespace Http
+{
+    class URI;
+} //namespace Http
+namespace NeptuneGraph
+{
+namespace Model
+{
+
+  /**
+   */
+  class GetGraphSummaryRequest : public NeptuneGraphRequest
+  {
+  public:
+    AWS_NEPTUNEGRAPH_API GetGraphSummaryRequest();
+
+    // Service request name is the Operation name which will send this request out,
+    // each operation should has unique request name, so that we can get operation's name from this request.
+    // Note: this is not true for response, multiple operations may have the same response name,
+    // so we can not get operation's name from response.
+    inline virtual const char* GetServiceRequestName() const override { return "GetGraphSummary"; }
+
+    AWS_NEPTUNEGRAPH_API Aws::String SerializePayload() const override;
+
+    AWS_NEPTUNEGRAPH_API void AddQueryStringParameters(Aws::Http::URI& uri) const override;
+
+    AWS_NEPTUNEGRAPH_API Aws::Http::HeaderValueCollection GetRequestSpecificHeaders() const override;
+
+    /**
+     * Helper function to collect parameters (configurable and static hardcoded) required for endpoint computation.
+     */
+    AWS_NEPTUNEGRAPH_API EndpointParameters GetEndpointContextParams() const override;
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline const Aws::String& GetGraphIdentifier() const{ return m_graphIdentifier; }
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline bool GraphIdentifierHasBeenSet() const { return m_graphIdentifierHasBeenSet; }
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline void SetGraphIdentifier(const Aws::String& value) { m_graphIdentifierHasBeenSet = true; m_graphIdentifier = value; }
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline void SetGraphIdentifier(Aws::String&& value) { m_graphIdentifierHasBeenSet = true; m_graphIdentifier = std::move(value); }
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline void SetGraphIdentifier(const char* value) { m_graphIdentifierHasBeenSet = true; m_graphIdentifier.assign(value); }
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline GetGraphSummaryRequest& WithGraphIdentifier(const Aws::String& value) { SetGraphIdentifier(value); return *this;}
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline GetGraphSummaryRequest& WithGraphIdentifier(Aws::String&& value) { SetGraphIdentifier(std::move(value)); return *this;}
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline GetGraphSummaryRequest& WithGraphIdentifier(const char* value) { SetGraphIdentifier(value); return *this;}
+
+
+    /**
+     * <p>The summary mode can take one of two values: <code>basic</code> (the
+     * default), and <code>detailed</code>.</p>
+     */
+    inline const GraphSummaryMode& GetMode() const{ return m_mode; }
+
+    /**
+     * <p>The summary mode can take one of two values: <code>basic</code> (the
+     * default), and <code>detailed</code>.</p>
+     */
+    inline bool ModeHasBeenSet() const { return m_modeHasBeenSet; }
+
+    /**
+     * <p>The summary mode can take one of two values: <code>basic</code> (the
+     * default), and <code>detailed</code>.</p>
+     */
+    inline void SetMode(const GraphSummaryMode& value) { m_modeHasBeenSet = true; m_mode = value; }
+
+    /**
+     * <p>The summary mode can take one of two values: <code>basic</code> (the
+     * default), and <code>detailed</code>.</p>
+     */
+    inline void SetMode(GraphSummaryMode&& value) { m_modeHasBeenSet = true; m_mode = std::move(value); }
+
+    /**
+     * <p>The summary mode can take one of two values: <code>basic</code> (the
+     * default), and <code>detailed</code>.</p>
+     */
+    inline GetGraphSummaryRequest& WithMode(const GraphSummaryMode& value) { SetMode(value); return *this;}
+
+    /**
+     * <p>The summary mode can take one of two values: <code>basic</code> (the
+     * default), and <code>detailed</code>.</p>
+     */
+    inline GetGraphSummaryRequest& WithMode(GraphSummaryMode&& value) { SetMode(std::move(value)); return *this;}
+
+  private:
+
+    Aws::String m_graphIdentifier;
+    bool m_graphIdentifierHasBeenSet = false;
+
+    GraphSummaryMode m_mode;
+    bool m_modeHasBeenSet = false;
+  };
+
+} // namespace Model
+} // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/GetGraphSummaryResult.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/GetGraphSummaryResult.h
new file mode 100644
index 00000000000..250e4c0692f
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/GetGraphSummaryResult.h
@@ -0,0 +1,164 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/neptune-graph/NeptuneGraph_EXPORTS.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+#include <aws/core/utils/DateTime.h>
+#include <aws/neptune-graph/model/GraphDataSummary.h>
+#include <utility>
+
+namespace Aws
+{
+template<typename RESULT_TYPE>
+class AmazonWebServiceResult;
+
+namespace Utils
+{
+namespace Json
+{
+  class JsonValue;
+} // namespace Json
+} // namespace Utils
+namespace NeptuneGraph
+{
+namespace Model
+{
+  class GetGraphSummaryResult
+  {
+  public:
+    AWS_NEPTUNEGRAPH_API GetGraphSummaryResult();
+    AWS_NEPTUNEGRAPH_API GetGraphSummaryResult(const Aws::AmazonWebServiceResult<Aws::Utils::Json::JsonValue>& result);
+    AWS_NEPTUNEGRAPH_API GetGraphSummaryResult& operator=(const Aws::AmazonWebServiceResult<Aws::Utils::Json::JsonValue>& result);
+
+
+    /**
+     * <p>Display the version of this tool.</p>
+     */
+    inline const Aws::String& GetVersion() const{ return m_version; }
+
+    /**
+     * <p>Display the version of this tool.</p>
+     */
+    inline void SetVersion(const Aws::String& value) { m_version = value; }
+
+    /**
+     * <p>Display the version of this tool.</p>
+     */
+    inline void SetVersion(Aws::String&& value) { m_version = std::move(value); }
+
+    /**
+     * <p>Display the version of this tool.</p>
+     */
+    inline void SetVersion(const char* value) { m_version.assign(value); }
+
+    /**
+     * <p>Display the version of this tool.</p>
+     */
+    inline GetGraphSummaryResult& WithVersion(const Aws::String& value) { SetVersion(value); return *this;}
+
+    /**
+     * <p>Display the version of this tool.</p>
+     */
+    inline GetGraphSummaryResult& WithVersion(Aws::String&& value) { SetVersion(std::move(value)); return *this;}
+
+    /**
+     * <p>Display the version of this tool.</p>
+     */
+    inline GetGraphSummaryResult& WithVersion(const char* value) { SetVersion(value); return *this;}
+
+
+    /**
+     * <p>The timestamp, in ISO 8601 format, of the time at which Neptune Analytics
+     * last computed statistics.</p>
+     */
+    inline const Aws::Utils::DateTime& GetLastStatisticsComputationTime() const{ return m_lastStatisticsComputationTime; }
+
+    /**
+     * <p>The timestamp, in ISO 8601 format, of the time at which Neptune Analytics
+     * last computed statistics.</p>
+     */
+    inline void SetLastStatisticsComputationTime(const Aws::Utils::DateTime& value) { m_lastStatisticsComputationTime = value; }
+
+    /**
+     * <p>The timestamp, in ISO 8601 format, of the time at which Neptune Analytics
+     * last computed statistics.</p>
+     */
+    inline void SetLastStatisticsComputationTime(Aws::Utils::DateTime&& value) { m_lastStatisticsComputationTime = std::move(value); }
+
+    /**
+     * <p>The timestamp, in ISO 8601 format, of the time at which Neptune Analytics
+     * last computed statistics.</p>
+     */
+    inline GetGraphSummaryResult& WithLastStatisticsComputationTime(const Aws::Utils::DateTime& value) { SetLastStatisticsComputationTime(value); return *this;}
+
+    /**
+     * <p>The timestamp, in ISO 8601 format, of the time at which Neptune Analytics
+     * last computed statistics.</p>
+     */
+    inline GetGraphSummaryResult& WithLastStatisticsComputationTime(Aws::Utils::DateTime&& value) { SetLastStatisticsComputationTime(std::move(value)); return *this;}
+
+
+    /**
+     * <p>The graph summary.</p>
+     */
+    inline const GraphDataSummary& GetGraphSummary() const{ return m_graphSummary; }
+
+    /**
+     * <p>The graph summary.</p>
+     */
+    inline void SetGraphSummary(const GraphDataSummary& value) { m_graphSummary = value; }
+
+    /**
+     * <p>The graph summary.</p>
+     */
+    inline void SetGraphSummary(GraphDataSummary&& value) { m_graphSummary = std::move(value); }
+
+    /**
+     * <p>The graph summary.</p>
+     */
+    inline GetGraphSummaryResult& WithGraphSummary(const GraphDataSummary& value) { SetGraphSummary(value); return *this;}
+
+    /**
+     * <p>The graph summary.</p>
+     */
+    inline GetGraphSummaryResult& WithGraphSummary(GraphDataSummary&& value) { SetGraphSummary(std::move(value)); return *this;}
+
+
+    
+    inline const Aws::String& GetRequestId() const{ return m_requestId; }
+
+    
+    inline void SetRequestId(const Aws::String& value) { m_requestId = value; }
+
+    
+    inline void SetRequestId(Aws::String&& value) { m_requestId = std::move(value); }
+
+    
+    inline void SetRequestId(const char* value) { m_requestId.assign(value); }
+
+    
+    inline GetGraphSummaryResult& WithRequestId(const Aws::String& value) { SetRequestId(value); return *this;}
+
+    
+    inline GetGraphSummaryResult& WithRequestId(Aws::String&& value) { SetRequestId(std::move(value)); return *this;}
+
+    
+    inline GetGraphSummaryResult& WithRequestId(const char* value) { SetRequestId(value); return *this;}
+
+  private:
+
+    Aws::String m_version;
+
+    Aws::Utils::DateTime m_lastStatisticsComputationTime;
+
+    GraphDataSummary m_graphSummary;
+
+    Aws::String m_requestId;
+  };
+
+} // namespace Model
+} // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/GetQueryRequest.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/GetQueryRequest.h
new file mode 100644
index 00000000000..ecec3b0f7d9
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/GetQueryRequest.h
@@ -0,0 +1,133 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/neptune-graph/NeptuneGraph_EXPORTS.h>
+#include <aws/neptune-graph/NeptuneGraphRequest.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+#include <utility>
+
+namespace Aws
+{
+namespace NeptuneGraph
+{
+namespace Model
+{
+
+  /**
+   */
+  class GetQueryRequest : public NeptuneGraphRequest
+  {
+  public:
+    AWS_NEPTUNEGRAPH_API GetQueryRequest();
+
+    // Service request name is the Operation name which will send this request out,
+    // each operation should has unique request name, so that we can get operation's name from this request.
+    // Note: this is not true for response, multiple operations may have the same response name,
+    // so we can not get operation's name from response.
+    inline virtual const char* GetServiceRequestName() const override { return "GetQuery"; }
+
+    AWS_NEPTUNEGRAPH_API Aws::String SerializePayload() const override;
+
+    AWS_NEPTUNEGRAPH_API Aws::Http::HeaderValueCollection GetRequestSpecificHeaders() const override;
+
+    /**
+     * Helper function to collect parameters (configurable and static hardcoded) required for endpoint computation.
+     */
+    AWS_NEPTUNEGRAPH_API EndpointParameters GetEndpointContextParams() const override;
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline const Aws::String& GetGraphIdentifier() const{ return m_graphIdentifier; }
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline bool GraphIdentifierHasBeenSet() const { return m_graphIdentifierHasBeenSet; }
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline void SetGraphIdentifier(const Aws::String& value) { m_graphIdentifierHasBeenSet = true; m_graphIdentifier = value; }
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline void SetGraphIdentifier(Aws::String&& value) { m_graphIdentifierHasBeenSet = true; m_graphIdentifier = std::move(value); }
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline void SetGraphIdentifier(const char* value) { m_graphIdentifierHasBeenSet = true; m_graphIdentifier.assign(value); }
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline GetQueryRequest& WithGraphIdentifier(const Aws::String& value) { SetGraphIdentifier(value); return *this;}
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline GetQueryRequest& WithGraphIdentifier(Aws::String&& value) { SetGraphIdentifier(std::move(value)); return *this;}
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline GetQueryRequest& WithGraphIdentifier(const char* value) { SetGraphIdentifier(value); return *this;}
+
+
+    /**
+     * <p>The ID of the query in question.</p>
+     */
+    inline const Aws::String& GetQueryId() const{ return m_queryId; }
+
+    /**
+     * <p>The ID of the query in question.</p>
+     */
+    inline bool QueryIdHasBeenSet() const { return m_queryIdHasBeenSet; }
+
+    /**
+     * <p>The ID of the query in question.</p>
+     */
+    inline void SetQueryId(const Aws::String& value) { m_queryIdHasBeenSet = true; m_queryId = value; }
+
+    /**
+     * <p>The ID of the query in question.</p>
+     */
+    inline void SetQueryId(Aws::String&& value) { m_queryIdHasBeenSet = true; m_queryId = std::move(value); }
+
+    /**
+     * <p>The ID of the query in question.</p>
+     */
+    inline void SetQueryId(const char* value) { m_queryIdHasBeenSet = true; m_queryId.assign(value); }
+
+    /**
+     * <p>The ID of the query in question.</p>
+     */
+    inline GetQueryRequest& WithQueryId(const Aws::String& value) { SetQueryId(value); return *this;}
+
+    /**
+     * <p>The ID of the query in question.</p>
+     */
+    inline GetQueryRequest& WithQueryId(Aws::String&& value) { SetQueryId(std::move(value)); return *this;}
+
+    /**
+     * <p>The ID of the query in question.</p>
+     */
+    inline GetQueryRequest& WithQueryId(const char* value) { SetQueryId(value); return *this;}
+
+  private:
+
+    Aws::String m_graphIdentifier;
+    bool m_graphIdentifierHasBeenSet = false;
+
+    Aws::String m_queryId;
+    bool m_queryIdHasBeenSet = false;
+  };
+
+} // namespace Model
+} // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/GetQueryResult.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/GetQueryResult.h
new file mode 100644
index 00000000000..b7e7e413ca0
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/GetQueryResult.h
@@ -0,0 +1,204 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/neptune-graph/NeptuneGraph_EXPORTS.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+#include <aws/neptune-graph/model/QueryState.h>
+#include <utility>
+
+namespace Aws
+{
+template<typename RESULT_TYPE>
+class AmazonWebServiceResult;
+
+namespace Utils
+{
+namespace Json
+{
+  class JsonValue;
+} // namespace Json
+} // namespace Utils
+namespace NeptuneGraph
+{
+namespace Model
+{
+  class GetQueryResult
+  {
+  public:
+    AWS_NEPTUNEGRAPH_API GetQueryResult();
+    AWS_NEPTUNEGRAPH_API GetQueryResult(const Aws::AmazonWebServiceResult<Aws::Utils::Json::JsonValue>& result);
+    AWS_NEPTUNEGRAPH_API GetQueryResult& operator=(const Aws::AmazonWebServiceResult<Aws::Utils::Json::JsonValue>& result);
+
+
+    /**
+     * <p>The ID of the query in question.</p>
+     */
+    inline const Aws::String& GetId() const{ return m_id; }
+
+    /**
+     * <p>The ID of the query in question.</p>
+     */
+    inline void SetId(const Aws::String& value) { m_id = value; }
+
+    /**
+     * <p>The ID of the query in question.</p>
+     */
+    inline void SetId(Aws::String&& value) { m_id = std::move(value); }
+
+    /**
+     * <p>The ID of the query in question.</p>
+     */
+    inline void SetId(const char* value) { m_id.assign(value); }
+
+    /**
+     * <p>The ID of the query in question.</p>
+     */
+    inline GetQueryResult& WithId(const Aws::String& value) { SetId(value); return *this;}
+
+    /**
+     * <p>The ID of the query in question.</p>
+     */
+    inline GetQueryResult& WithId(Aws::String&& value) { SetId(std::move(value)); return *this;}
+
+    /**
+     * <p>The ID of the query in question.</p>
+     */
+    inline GetQueryResult& WithId(const char* value) { SetId(value); return *this;}
+
+
+    /**
+     * <p>The query in question.</p>
+     */
+    inline const Aws::String& GetQueryString() const{ return m_queryString; }
+
+    /**
+     * <p>The query in question.</p>
+     */
+    inline void SetQueryString(const Aws::String& value) { m_queryString = value; }
+
+    /**
+     * <p>The query in question.</p>
+     */
+    inline void SetQueryString(Aws::String&& value) { m_queryString = std::move(value); }
+
+    /**
+     * <p>The query in question.</p>
+     */
+    inline void SetQueryString(const char* value) { m_queryString.assign(value); }
+
+    /**
+     * <p>The query in question.</p>
+     */
+    inline GetQueryResult& WithQueryString(const Aws::String& value) { SetQueryString(value); return *this;}
+
+    /**
+     * <p>The query in question.</p>
+     */
+    inline GetQueryResult& WithQueryString(Aws::String&& value) { SetQueryString(std::move(value)); return *this;}
+
+    /**
+     * <p>The query in question.</p>
+     */
+    inline GetQueryResult& WithQueryString(const char* value) { SetQueryString(value); return *this;}
+
+
+    /**
+     * <p>Indicates how long the query waited, in milliseconds.</p>
+     */
+    inline int GetWaited() const{ return m_waited; }
+
+    /**
+     * <p>Indicates how long the query waited, in milliseconds.</p>
+     */
+    inline void SetWaited(int value) { m_waited = value; }
+
+    /**
+     * <p>Indicates how long the query waited, in milliseconds.</p>
+     */
+    inline GetQueryResult& WithWaited(int value) { SetWaited(value); return *this;}
+
+
+    /**
+     * <p>The number of milliseconds the query has been running.</p>
+     */
+    inline int GetElapsed() const{ return m_elapsed; }
+
+    /**
+     * <p>The number of milliseconds the query has been running.</p>
+     */
+    inline void SetElapsed(int value) { m_elapsed = value; }
+
+    /**
+     * <p>The number of milliseconds the query has been running.</p>
+     */
+    inline GetQueryResult& WithElapsed(int value) { SetElapsed(value); return *this;}
+
+
+    /**
+     * <p>State of the query.</p>
+     */
+    inline const QueryState& GetState() const{ return m_state; }
+
+    /**
+     * <p>State of the query.</p>
+     */
+    inline void SetState(const QueryState& value) { m_state = value; }
+
+    /**
+     * <p>State of the query.</p>
+     */
+    inline void SetState(QueryState&& value) { m_state = std::move(value); }
+
+    /**
+     * <p>State of the query.</p>
+     */
+    inline GetQueryResult& WithState(const QueryState& value) { SetState(value); return *this;}
+
+    /**
+     * <p>State of the query.</p>
+     */
+    inline GetQueryResult& WithState(QueryState&& value) { SetState(std::move(value)); return *this;}
+
+
+    
+    inline const Aws::String& GetRequestId() const{ return m_requestId; }
+
+    
+    inline void SetRequestId(const Aws::String& value) { m_requestId = value; }
+
+    
+    inline void SetRequestId(Aws::String&& value) { m_requestId = std::move(value); }
+
+    
+    inline void SetRequestId(const char* value) { m_requestId.assign(value); }
+
+    
+    inline GetQueryResult& WithRequestId(const Aws::String& value) { SetRequestId(value); return *this;}
+
+    
+    inline GetQueryResult& WithRequestId(Aws::String&& value) { SetRequestId(std::move(value)); return *this;}
+
+    
+    inline GetQueryResult& WithRequestId(const char* value) { SetRequestId(value); return *this;}
+
+  private:
+
+    Aws::String m_id;
+
+    Aws::String m_queryString;
+
+    int m_waited;
+
+    int m_elapsed;
+
+    QueryState m_state;
+
+    Aws::String m_requestId;
+  };
+
+} // namespace Model
+} // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/GraphDataSummary.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/GraphDataSummary.h
new file mode 100644
index 00000000000..3c34c2b17a5
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/GraphDataSummary.h
@@ -0,0 +1,546 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/neptune-graph/NeptuneGraph_EXPORTS.h>
+#include <aws/core/utils/memory/stl/AWSVector.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+#include <aws/core/utils/memory/stl/AWSMap.h>
+#include <aws/neptune-graph/model/NodeStructure.h>
+#include <aws/neptune-graph/model/EdgeStructure.h>
+#include <utility>
+
+namespace Aws
+{
+namespace Utils
+{
+namespace Json
+{
+  class JsonValue;
+  class JsonView;
+} // namespace Json
+} // namespace Utils
+namespace NeptuneGraph
+{
+namespace Model
+{
+
+  /**
+   * <p>Summary information about the graph.</p><p><h3>See Also:</h3>   <a
+   * href="http://docs.aws.amazon.com/goto/WebAPI/neptune-graph-2023-11-29/GraphDataSummary">AWS
+   * API Reference</a></p>
+   */
+  class GraphDataSummary
+  {
+  public:
+    AWS_NEPTUNEGRAPH_API GraphDataSummary();
+    AWS_NEPTUNEGRAPH_API GraphDataSummary(Aws::Utils::Json::JsonView jsonValue);
+    AWS_NEPTUNEGRAPH_API GraphDataSummary& operator=(Aws::Utils::Json::JsonView jsonValue);
+    AWS_NEPTUNEGRAPH_API Aws::Utils::Json::JsonValue Jsonize() const;
+
+
+    /**
+     * <p>The number of nodes in the graph.</p>
+     */
+    inline long long GetNumNodes() const{ return m_numNodes; }
+
+    /**
+     * <p>The number of nodes in the graph.</p>
+     */
+    inline bool NumNodesHasBeenSet() const { return m_numNodesHasBeenSet; }
+
+    /**
+     * <p>The number of nodes in the graph.</p>
+     */
+    inline void SetNumNodes(long long value) { m_numNodesHasBeenSet = true; m_numNodes = value; }
+
+    /**
+     * <p>The number of nodes in the graph.</p>
+     */
+    inline GraphDataSummary& WithNumNodes(long long value) { SetNumNodes(value); return *this;}
+
+
+    /**
+     * <p>The number of edges in the graph.</p>
+     */
+    inline long long GetNumEdges() const{ return m_numEdges; }
+
+    /**
+     * <p>The number of edges in the graph.</p>
+     */
+    inline bool NumEdgesHasBeenSet() const { return m_numEdgesHasBeenSet; }
+
+    /**
+     * <p>The number of edges in the graph.</p>
+     */
+    inline void SetNumEdges(long long value) { m_numEdgesHasBeenSet = true; m_numEdges = value; }
+
+    /**
+     * <p>The number of edges in the graph.</p>
+     */
+    inline GraphDataSummary& WithNumEdges(long long value) { SetNumEdges(value); return *this;}
+
+
+    /**
+     * <p>The number of distinct node labels in the graph.</p>
+     */
+    inline long long GetNumNodeLabels() const{ return m_numNodeLabels; }
+
+    /**
+     * <p>The number of distinct node labels in the graph.</p>
+     */
+    inline bool NumNodeLabelsHasBeenSet() const { return m_numNodeLabelsHasBeenSet; }
+
+    /**
+     * <p>The number of distinct node labels in the graph.</p>
+     */
+    inline void SetNumNodeLabels(long long value) { m_numNodeLabelsHasBeenSet = true; m_numNodeLabels = value; }
+
+    /**
+     * <p>The number of distinct node labels in the graph.</p>
+     */
+    inline GraphDataSummary& WithNumNodeLabels(long long value) { SetNumNodeLabels(value); return *this;}
+
+
+    /**
+     * <p>The number of unique edge labels in the graph.</p>
+     */
+    inline long long GetNumEdgeLabels() const{ return m_numEdgeLabels; }
+
+    /**
+     * <p>The number of unique edge labels in the graph.</p>
+     */
+    inline bool NumEdgeLabelsHasBeenSet() const { return m_numEdgeLabelsHasBeenSet; }
+
+    /**
+     * <p>The number of unique edge labels in the graph.</p>
+     */
+    inline void SetNumEdgeLabels(long long value) { m_numEdgeLabelsHasBeenSet = true; m_numEdgeLabels = value; }
+
+    /**
+     * <p>The number of unique edge labels in the graph.</p>
+     */
+    inline GraphDataSummary& WithNumEdgeLabels(long long value) { SetNumEdgeLabels(value); return *this;}
+
+
+    /**
+     * <p>A list of distinct node labels in the graph.</p>
+     */
+    inline const Aws::Vector<Aws::String>& GetNodeLabels() const{ return m_nodeLabels; }
+
+    /**
+     * <p>A list of distinct node labels in the graph.</p>
+     */
+    inline bool NodeLabelsHasBeenSet() const { return m_nodeLabelsHasBeenSet; }
+
+    /**
+     * <p>A list of distinct node labels in the graph.</p>
+     */
+    inline void SetNodeLabels(const Aws::Vector<Aws::String>& value) { m_nodeLabelsHasBeenSet = true; m_nodeLabels = value; }
+
+    /**
+     * <p>A list of distinct node labels in the graph.</p>
+     */
+    inline void SetNodeLabels(Aws::Vector<Aws::String>&& value) { m_nodeLabelsHasBeenSet = true; m_nodeLabels = std::move(value); }
+
+    /**
+     * <p>A list of distinct node labels in the graph.</p>
+     */
+    inline GraphDataSummary& WithNodeLabels(const Aws::Vector<Aws::String>& value) { SetNodeLabels(value); return *this;}
+
+    /**
+     * <p>A list of distinct node labels in the graph.</p>
+     */
+    inline GraphDataSummary& WithNodeLabels(Aws::Vector<Aws::String>&& value) { SetNodeLabels(std::move(value)); return *this;}
+
+    /**
+     * <p>A list of distinct node labels in the graph.</p>
+     */
+    inline GraphDataSummary& AddNodeLabels(const Aws::String& value) { m_nodeLabelsHasBeenSet = true; m_nodeLabels.push_back(value); return *this; }
+
+    /**
+     * <p>A list of distinct node labels in the graph.</p>
+     */
+    inline GraphDataSummary& AddNodeLabels(Aws::String&& value) { m_nodeLabelsHasBeenSet = true; m_nodeLabels.push_back(std::move(value)); return *this; }
+
+    /**
+     * <p>A list of distinct node labels in the graph.</p>
+     */
+    inline GraphDataSummary& AddNodeLabels(const char* value) { m_nodeLabelsHasBeenSet = true; m_nodeLabels.push_back(value); return *this; }
+
+
+    /**
+     * <p>A list of the edge labels in the graph.</p>
+     */
+    inline const Aws::Vector<Aws::String>& GetEdgeLabels() const{ return m_edgeLabels; }
+
+    /**
+     * <p>A list of the edge labels in the graph.</p>
+     */
+    inline bool EdgeLabelsHasBeenSet() const { return m_edgeLabelsHasBeenSet; }
+
+    /**
+     * <p>A list of the edge labels in the graph.</p>
+     */
+    inline void SetEdgeLabels(const Aws::Vector<Aws::String>& value) { m_edgeLabelsHasBeenSet = true; m_edgeLabels = value; }
+
+    /**
+     * <p>A list of the edge labels in the graph.</p>
+     */
+    inline void SetEdgeLabels(Aws::Vector<Aws::String>&& value) { m_edgeLabelsHasBeenSet = true; m_edgeLabels = std::move(value); }
+
+    /**
+     * <p>A list of the edge labels in the graph.</p>
+     */
+    inline GraphDataSummary& WithEdgeLabels(const Aws::Vector<Aws::String>& value) { SetEdgeLabels(value); return *this;}
+
+    /**
+     * <p>A list of the edge labels in the graph.</p>
+     */
+    inline GraphDataSummary& WithEdgeLabels(Aws::Vector<Aws::String>&& value) { SetEdgeLabels(std::move(value)); return *this;}
+
+    /**
+     * <p>A list of the edge labels in the graph.</p>
+     */
+    inline GraphDataSummary& AddEdgeLabels(const Aws::String& value) { m_edgeLabelsHasBeenSet = true; m_edgeLabels.push_back(value); return *this; }
+
+    /**
+     * <p>A list of the edge labels in the graph.</p>
+     */
+    inline GraphDataSummary& AddEdgeLabels(Aws::String&& value) { m_edgeLabelsHasBeenSet = true; m_edgeLabels.push_back(std::move(value)); return *this; }
+
+    /**
+     * <p>A list of the edge labels in the graph.</p>
+     */
+    inline GraphDataSummary& AddEdgeLabels(const char* value) { m_edgeLabelsHasBeenSet = true; m_edgeLabels.push_back(value); return *this; }
+
+
+    /**
+     * <p>The number of distinct node properties in the graph.</p>
+     */
+    inline long long GetNumNodeProperties() const{ return m_numNodeProperties; }
+
+    /**
+     * <p>The number of distinct node properties in the graph.</p>
+     */
+    inline bool NumNodePropertiesHasBeenSet() const { return m_numNodePropertiesHasBeenSet; }
+
+    /**
+     * <p>The number of distinct node properties in the graph.</p>
+     */
+    inline void SetNumNodeProperties(long long value) { m_numNodePropertiesHasBeenSet = true; m_numNodeProperties = value; }
+
+    /**
+     * <p>The number of distinct node properties in the graph.</p>
+     */
+    inline GraphDataSummary& WithNumNodeProperties(long long value) { SetNumNodeProperties(value); return *this;}
+
+
+    /**
+     * <p>The number of edge properties in the graph.</p>
+     */
+    inline long long GetNumEdgeProperties() const{ return m_numEdgeProperties; }
+
+    /**
+     * <p>The number of edge properties in the graph.</p>
+     */
+    inline bool NumEdgePropertiesHasBeenSet() const { return m_numEdgePropertiesHasBeenSet; }
+
+    /**
+     * <p>The number of edge properties in the graph.</p>
+     */
+    inline void SetNumEdgeProperties(long long value) { m_numEdgePropertiesHasBeenSet = true; m_numEdgeProperties = value; }
+
+    /**
+     * <p>The number of edge properties in the graph.</p>
+     */
+    inline GraphDataSummary& WithNumEdgeProperties(long long value) { SetNumEdgeProperties(value); return *this;}
+
+
+    /**
+     * <p>A list of the distinct node properties in the graph, along with the count of
+     * nodes where each property is used.</p>
+     */
+    inline const Aws::Vector<Aws::Map<Aws::String, long long>>& GetNodeProperties() const{ return m_nodeProperties; }
+
+    /**
+     * <p>A list of the distinct node properties in the graph, along with the count of
+     * nodes where each property is used.</p>
+     */
+    inline bool NodePropertiesHasBeenSet() const { return m_nodePropertiesHasBeenSet; }
+
+    /**
+     * <p>A list of the distinct node properties in the graph, along with the count of
+     * nodes where each property is used.</p>
+     */
+    inline void SetNodeProperties(const Aws::Vector<Aws::Map<Aws::String, long long>>& value) { m_nodePropertiesHasBeenSet = true; m_nodeProperties = value; }
+
+    /**
+     * <p>A list of the distinct node properties in the graph, along with the count of
+     * nodes where each property is used.</p>
+     */
+    inline void SetNodeProperties(Aws::Vector<Aws::Map<Aws::String, long long>>&& value) { m_nodePropertiesHasBeenSet = true; m_nodeProperties = std::move(value); }
+
+    /**
+     * <p>A list of the distinct node properties in the graph, along with the count of
+     * nodes where each property is used.</p>
+     */
+    inline GraphDataSummary& WithNodeProperties(const Aws::Vector<Aws::Map<Aws::String, long long>>& value) { SetNodeProperties(value); return *this;}
+
+    /**
+     * <p>A list of the distinct node properties in the graph, along with the count of
+     * nodes where each property is used.</p>
+     */
+    inline GraphDataSummary& WithNodeProperties(Aws::Vector<Aws::Map<Aws::String, long long>>&& value) { SetNodeProperties(std::move(value)); return *this;}
+
+    /**
+     * <p>A list of the distinct node properties in the graph, along with the count of
+     * nodes where each property is used.</p>
+     */
+    inline GraphDataSummary& AddNodeProperties(const Aws::Map<Aws::String, long long>& value) { m_nodePropertiesHasBeenSet = true; m_nodeProperties.push_back(value); return *this; }
+
+    /**
+     * <p>A list of the distinct node properties in the graph, along with the count of
+     * nodes where each property is used.</p>
+     */
+    inline GraphDataSummary& AddNodeProperties(Aws::Map<Aws::String, long long>&& value) { m_nodePropertiesHasBeenSet = true; m_nodeProperties.push_back(std::move(value)); return *this; }
+
+
+    /**
+     * <p>A list of the distinct edge properties in the graph, along with the count of
+     * edges where each property is used.</p>
+     */
+    inline const Aws::Vector<Aws::Map<Aws::String, long long>>& GetEdgeProperties() const{ return m_edgeProperties; }
+
+    /**
+     * <p>A list of the distinct edge properties in the graph, along with the count of
+     * edges where each property is used.</p>
+     */
+    inline bool EdgePropertiesHasBeenSet() const { return m_edgePropertiesHasBeenSet; }
+
+    /**
+     * <p>A list of the distinct edge properties in the graph, along with the count of
+     * edges where each property is used.</p>
+     */
+    inline void SetEdgeProperties(const Aws::Vector<Aws::Map<Aws::String, long long>>& value) { m_edgePropertiesHasBeenSet = true; m_edgeProperties = value; }
+
+    /**
+     * <p>A list of the distinct edge properties in the graph, along with the count of
+     * edges where each property is used.</p>
+     */
+    inline void SetEdgeProperties(Aws::Vector<Aws::Map<Aws::String, long long>>&& value) { m_edgePropertiesHasBeenSet = true; m_edgeProperties = std::move(value); }
+
+    /**
+     * <p>A list of the distinct edge properties in the graph, along with the count of
+     * edges where each property is used.</p>
+     */
+    inline GraphDataSummary& WithEdgeProperties(const Aws::Vector<Aws::Map<Aws::String, long long>>& value) { SetEdgeProperties(value); return *this;}
+
+    /**
+     * <p>A list of the distinct edge properties in the graph, along with the count of
+     * edges where each property is used.</p>
+     */
+    inline GraphDataSummary& WithEdgeProperties(Aws::Vector<Aws::Map<Aws::String, long long>>&& value) { SetEdgeProperties(std::move(value)); return *this;}
+
+    /**
+     * <p>A list of the distinct edge properties in the graph, along with the count of
+     * edges where each property is used.</p>
+     */
+    inline GraphDataSummary& AddEdgeProperties(const Aws::Map<Aws::String, long long>& value) { m_edgePropertiesHasBeenSet = true; m_edgeProperties.push_back(value); return *this; }
+
+    /**
+     * <p>A list of the distinct edge properties in the graph, along with the count of
+     * edges where each property is used.</p>
+     */
+    inline GraphDataSummary& AddEdgeProperties(Aws::Map<Aws::String, long long>&& value) { m_edgePropertiesHasBeenSet = true; m_edgeProperties.push_back(std::move(value)); return *this; }
+
+
+    /**
+     * <p>The total number of usages of all node properties.</p>
+     */
+    inline long long GetTotalNodePropertyValues() const{ return m_totalNodePropertyValues; }
+
+    /**
+     * <p>The total number of usages of all node properties.</p>
+     */
+    inline bool TotalNodePropertyValuesHasBeenSet() const { return m_totalNodePropertyValuesHasBeenSet; }
+
+    /**
+     * <p>The total number of usages of all node properties.</p>
+     */
+    inline void SetTotalNodePropertyValues(long long value) { m_totalNodePropertyValuesHasBeenSet = true; m_totalNodePropertyValues = value; }
+
+    /**
+     * <p>The total number of usages of all node properties.</p>
+     */
+    inline GraphDataSummary& WithTotalNodePropertyValues(long long value) { SetTotalNodePropertyValues(value); return *this;}
+
+
+    /**
+     * <p>The total number of usages of all edge properties.</p>
+     */
+    inline long long GetTotalEdgePropertyValues() const{ return m_totalEdgePropertyValues; }
+
+    /**
+     * <p>The total number of usages of all edge properties.</p>
+     */
+    inline bool TotalEdgePropertyValuesHasBeenSet() const { return m_totalEdgePropertyValuesHasBeenSet; }
+
+    /**
+     * <p>The total number of usages of all edge properties.</p>
+     */
+    inline void SetTotalEdgePropertyValues(long long value) { m_totalEdgePropertyValuesHasBeenSet = true; m_totalEdgePropertyValues = value; }
+
+    /**
+     * <p>The total number of usages of all edge properties.</p>
+     */
+    inline GraphDataSummary& WithTotalEdgePropertyValues(long long value) { SetTotalEdgePropertyValues(value); return *this;}
+
+
+    /**
+     * <p>This field is only present when the requested mode is DETAILED. It contains a
+     * list of node structures.</p>
+     */
+    inline const Aws::Vector<NodeStructure>& GetNodeStructures() const{ return m_nodeStructures; }
+
+    /**
+     * <p>This field is only present when the requested mode is DETAILED. It contains a
+     * list of node structures.</p>
+     */
+    inline bool NodeStructuresHasBeenSet() const { return m_nodeStructuresHasBeenSet; }
+
+    /**
+     * <p>This field is only present when the requested mode is DETAILED. It contains a
+     * list of node structures.</p>
+     */
+    inline void SetNodeStructures(const Aws::Vector<NodeStructure>& value) { m_nodeStructuresHasBeenSet = true; m_nodeStructures = value; }
+
+    /**
+     * <p>This field is only present when the requested mode is DETAILED. It contains a
+     * list of node structures.</p>
+     */
+    inline void SetNodeStructures(Aws::Vector<NodeStructure>&& value) { m_nodeStructuresHasBeenSet = true; m_nodeStructures = std::move(value); }
+
+    /**
+     * <p>This field is only present when the requested mode is DETAILED. It contains a
+     * list of node structures.</p>
+     */
+    inline GraphDataSummary& WithNodeStructures(const Aws::Vector<NodeStructure>& value) { SetNodeStructures(value); return *this;}
+
+    /**
+     * <p>This field is only present when the requested mode is DETAILED. It contains a
+     * list of node structures.</p>
+     */
+    inline GraphDataSummary& WithNodeStructures(Aws::Vector<NodeStructure>&& value) { SetNodeStructures(std::move(value)); return *this;}
+
+    /**
+     * <p>This field is only present when the requested mode is DETAILED. It contains a
+     * list of node structures.</p>
+     */
+    inline GraphDataSummary& AddNodeStructures(const NodeStructure& value) { m_nodeStructuresHasBeenSet = true; m_nodeStructures.push_back(value); return *this; }
+
+    /**
+     * <p>This field is only present when the requested mode is DETAILED. It contains a
+     * list of node structures.</p>
+     */
+    inline GraphDataSummary& AddNodeStructures(NodeStructure&& value) { m_nodeStructuresHasBeenSet = true; m_nodeStructures.push_back(std::move(value)); return *this; }
+
+
+    /**
+     * <p>This field is only present when the requested mode is DETAILED. It contains a
+     * list of edge structures.</p>
+     */
+    inline const Aws::Vector<EdgeStructure>& GetEdgeStructures() const{ return m_edgeStructures; }
+
+    /**
+     * <p>This field is only present when the requested mode is DETAILED. It contains a
+     * list of edge structures.</p>
+     */
+    inline bool EdgeStructuresHasBeenSet() const { return m_edgeStructuresHasBeenSet; }
+
+    /**
+     * <p>This field is only present when the requested mode is DETAILED. It contains a
+     * list of edge structures.</p>
+     */
+    inline void SetEdgeStructures(const Aws::Vector<EdgeStructure>& value) { m_edgeStructuresHasBeenSet = true; m_edgeStructures = value; }
+
+    /**
+     * <p>This field is only present when the requested mode is DETAILED. It contains a
+     * list of edge structures.</p>
+     */
+    inline void SetEdgeStructures(Aws::Vector<EdgeStructure>&& value) { m_edgeStructuresHasBeenSet = true; m_edgeStructures = std::move(value); }
+
+    /**
+     * <p>This field is only present when the requested mode is DETAILED. It contains a
+     * list of edge structures.</p>
+     */
+    inline GraphDataSummary& WithEdgeStructures(const Aws::Vector<EdgeStructure>& value) { SetEdgeStructures(value); return *this;}
+
+    /**
+     * <p>This field is only present when the requested mode is DETAILED. It contains a
+     * list of edge structures.</p>
+     */
+    inline GraphDataSummary& WithEdgeStructures(Aws::Vector<EdgeStructure>&& value) { SetEdgeStructures(std::move(value)); return *this;}
+
+    /**
+     * <p>This field is only present when the requested mode is DETAILED. It contains a
+     * list of edge structures.</p>
+     */
+    inline GraphDataSummary& AddEdgeStructures(const EdgeStructure& value) { m_edgeStructuresHasBeenSet = true; m_edgeStructures.push_back(value); return *this; }
+
+    /**
+     * <p>This field is only present when the requested mode is DETAILED. It contains a
+     * list of edge structures.</p>
+     */
+    inline GraphDataSummary& AddEdgeStructures(EdgeStructure&& value) { m_edgeStructuresHasBeenSet = true; m_edgeStructures.push_back(std::move(value)); return *this; }
+
+  private:
+
+    long long m_numNodes;
+    bool m_numNodesHasBeenSet = false;
+
+    long long m_numEdges;
+    bool m_numEdgesHasBeenSet = false;
+
+    long long m_numNodeLabels;
+    bool m_numNodeLabelsHasBeenSet = false;
+
+    long long m_numEdgeLabels;
+    bool m_numEdgeLabelsHasBeenSet = false;
+
+    Aws::Vector<Aws::String> m_nodeLabels;
+    bool m_nodeLabelsHasBeenSet = false;
+
+    Aws::Vector<Aws::String> m_edgeLabels;
+    bool m_edgeLabelsHasBeenSet = false;
+
+    long long m_numNodeProperties;
+    bool m_numNodePropertiesHasBeenSet = false;
+
+    long long m_numEdgeProperties;
+    bool m_numEdgePropertiesHasBeenSet = false;
+
+    Aws::Vector<Aws::Map<Aws::String, long long>> m_nodeProperties;
+    bool m_nodePropertiesHasBeenSet = false;
+
+    Aws::Vector<Aws::Map<Aws::String, long long>> m_edgeProperties;
+    bool m_edgePropertiesHasBeenSet = false;
+
+    long long m_totalNodePropertyValues;
+    bool m_totalNodePropertyValuesHasBeenSet = false;
+
+    long long m_totalEdgePropertyValues;
+    bool m_totalEdgePropertyValuesHasBeenSet = false;
+
+    Aws::Vector<NodeStructure> m_nodeStructures;
+    bool m_nodeStructuresHasBeenSet = false;
+
+    Aws::Vector<EdgeStructure> m_edgeStructures;
+    bool m_edgeStructuresHasBeenSet = false;
+  };
+
+} // namespace Model
+} // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/GraphSummaryMode.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/GraphSummaryMode.h
new file mode 100644
index 00000000000..f96dc7866d0
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/GraphSummaryMode.h
@@ -0,0 +1,31 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/neptune-graph/NeptuneGraph_EXPORTS.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+
+namespace Aws
+{
+namespace NeptuneGraph
+{
+namespace Model
+{
+  enum class GraphSummaryMode
+  {
+    NOT_SET,
+    BASIC,
+    DETAILED
+  };
+
+namespace GraphSummaryModeMapper
+{
+AWS_NEPTUNEGRAPH_API GraphSummaryMode GetGraphSummaryModeForName(const Aws::String& name);
+
+AWS_NEPTUNEGRAPH_API Aws::String GetNameForGraphSummaryMode(GraphSummaryMode value);
+} // namespace GraphSummaryModeMapper
+} // namespace Model
+} // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/ListQueriesRequest.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/ListQueriesRequest.h
new file mode 100644
index 00000000000..b1b85d79cf7
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/ListQueriesRequest.h
@@ -0,0 +1,154 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/neptune-graph/NeptuneGraph_EXPORTS.h>
+#include <aws/neptune-graph/NeptuneGraphRequest.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+#include <aws/neptune-graph/model/QueryStateInput.h>
+#include <utility>
+
+namespace Aws
+{
+namespace Http
+{
+    class URI;
+} //namespace Http
+namespace NeptuneGraph
+{
+namespace Model
+{
+
+  /**
+   */
+  class ListQueriesRequest : public NeptuneGraphRequest
+  {
+  public:
+    AWS_NEPTUNEGRAPH_API ListQueriesRequest();
+
+    // Service request name is the Operation name which will send this request out,
+    // each operation should has unique request name, so that we can get operation's name from this request.
+    // Note: this is not true for response, multiple operations may have the same response name,
+    // so we can not get operation's name from response.
+    inline virtual const char* GetServiceRequestName() const override { return "ListQueries"; }
+
+    AWS_NEPTUNEGRAPH_API Aws::String SerializePayload() const override;
+
+    AWS_NEPTUNEGRAPH_API void AddQueryStringParameters(Aws::Http::URI& uri) const override;
+
+    AWS_NEPTUNEGRAPH_API Aws::Http::HeaderValueCollection GetRequestSpecificHeaders() const override;
+
+    /**
+     * Helper function to collect parameters (configurable and static hardcoded) required for endpoint computation.
+     */
+    AWS_NEPTUNEGRAPH_API EndpointParameters GetEndpointContextParams() const override;
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline const Aws::String& GetGraphIdentifier() const{ return m_graphIdentifier; }
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline bool GraphIdentifierHasBeenSet() const { return m_graphIdentifierHasBeenSet; }
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline void SetGraphIdentifier(const Aws::String& value) { m_graphIdentifierHasBeenSet = true; m_graphIdentifier = value; }
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline void SetGraphIdentifier(Aws::String&& value) { m_graphIdentifierHasBeenSet = true; m_graphIdentifier = std::move(value); }
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline void SetGraphIdentifier(const char* value) { m_graphIdentifierHasBeenSet = true; m_graphIdentifier.assign(value); }
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline ListQueriesRequest& WithGraphIdentifier(const Aws::String& value) { SetGraphIdentifier(value); return *this;}
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline ListQueriesRequest& WithGraphIdentifier(Aws::String&& value) { SetGraphIdentifier(std::move(value)); return *this;}
+
+    /**
+     * <p>The unique identifier of the Neptune Analytics graph.</p>
+     */
+    inline ListQueriesRequest& WithGraphIdentifier(const char* value) { SetGraphIdentifier(value); return *this;}
+
+
+    /**
+     * <p>The maximum number of results to be fetched by the API.</p>
+     */
+    inline int GetMaxResults() const{ return m_maxResults; }
+
+    /**
+     * <p>The maximum number of results to be fetched by the API.</p>
+     */
+    inline bool MaxResultsHasBeenSet() const { return m_maxResultsHasBeenSet; }
+
+    /**
+     * <p>The maximum number of results to be fetched by the API.</p>
+     */
+    inline void SetMaxResults(int value) { m_maxResultsHasBeenSet = true; m_maxResults = value; }
+
+    /**
+     * <p>The maximum number of results to be fetched by the API.</p>
+     */
+    inline ListQueriesRequest& WithMaxResults(int value) { SetMaxResults(value); return *this;}
+
+
+    /**
+     * <p>Filtered list of queries based on state.</p>
+     */
+    inline const QueryStateInput& GetState() const{ return m_state; }
+
+    /**
+     * <p>Filtered list of queries based on state.</p>
+     */
+    inline bool StateHasBeenSet() const { return m_stateHasBeenSet; }
+
+    /**
+     * <p>Filtered list of queries based on state.</p>
+     */
+    inline void SetState(const QueryStateInput& value) { m_stateHasBeenSet = true; m_state = value; }
+
+    /**
+     * <p>Filtered list of queries based on state.</p>
+     */
+    inline void SetState(QueryStateInput&& value) { m_stateHasBeenSet = true; m_state = std::move(value); }
+
+    /**
+     * <p>Filtered list of queries based on state.</p>
+     */
+    inline ListQueriesRequest& WithState(const QueryStateInput& value) { SetState(value); return *this;}
+
+    /**
+     * <p>Filtered list of queries based on state.</p>
+     */
+    inline ListQueriesRequest& WithState(QueryStateInput&& value) { SetState(std::move(value)); return *this;}
+
+  private:
+
+    Aws::String m_graphIdentifier;
+    bool m_graphIdentifierHasBeenSet = false;
+
+    int m_maxResults;
+    bool m_maxResultsHasBeenSet = false;
+
+    QueryStateInput m_state;
+    bool m_stateHasBeenSet = false;
+  };
+
+} // namespace Model
+} // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/ListQueriesResult.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/ListQueriesResult.h
new file mode 100644
index 00000000000..64170f39c85
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/ListQueriesResult.h
@@ -0,0 +1,103 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/neptune-graph/NeptuneGraph_EXPORTS.h>
+#include <aws/core/utils/memory/stl/AWSVector.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+#include <aws/neptune-graph/model/QuerySummary.h>
+#include <utility>
+
+namespace Aws
+{
+template<typename RESULT_TYPE>
+class AmazonWebServiceResult;
+
+namespace Utils
+{
+namespace Json
+{
+  class JsonValue;
+} // namespace Json
+} // namespace Utils
+namespace NeptuneGraph
+{
+namespace Model
+{
+  class ListQueriesResult
+  {
+  public:
+    AWS_NEPTUNEGRAPH_API ListQueriesResult();
+    AWS_NEPTUNEGRAPH_API ListQueriesResult(const Aws::AmazonWebServiceResult<Aws::Utils::Json::JsonValue>& result);
+    AWS_NEPTUNEGRAPH_API ListQueriesResult& operator=(const Aws::AmazonWebServiceResult<Aws::Utils::Json::JsonValue>& result);
+
+
+    /**
+     * <p>A list of current openCypher queries.</p>
+     */
+    inline const Aws::Vector<QuerySummary>& GetQueries() const{ return m_queries; }
+
+    /**
+     * <p>A list of current openCypher queries.</p>
+     */
+    inline void SetQueries(const Aws::Vector<QuerySummary>& value) { m_queries = value; }
+
+    /**
+     * <p>A list of current openCypher queries.</p>
+     */
+    inline void SetQueries(Aws::Vector<QuerySummary>&& value) { m_queries = std::move(value); }
+
+    /**
+     * <p>A list of current openCypher queries.</p>
+     */
+    inline ListQueriesResult& WithQueries(const Aws::Vector<QuerySummary>& value) { SetQueries(value); return *this;}
+
+    /**
+     * <p>A list of current openCypher queries.</p>
+     */
+    inline ListQueriesResult& WithQueries(Aws::Vector<QuerySummary>&& value) { SetQueries(std::move(value)); return *this;}
+
+    /**
+     * <p>A list of current openCypher queries.</p>
+     */
+    inline ListQueriesResult& AddQueries(const QuerySummary& value) { m_queries.push_back(value); return *this; }
+
+    /**
+     * <p>A list of current openCypher queries.</p>
+     */
+    inline ListQueriesResult& AddQueries(QuerySummary&& value) { m_queries.push_back(std::move(value)); return *this; }
+
+
+    
+    inline const Aws::String& GetRequestId() const{ return m_requestId; }
+
+    
+    inline void SetRequestId(const Aws::String& value) { m_requestId = value; }
+
+    
+    inline void SetRequestId(Aws::String&& value) { m_requestId = std::move(value); }
+
+    
+    inline void SetRequestId(const char* value) { m_requestId.assign(value); }
+
+    
+    inline ListQueriesResult& WithRequestId(const Aws::String& value) { SetRequestId(value); return *this;}
+
+    
+    inline ListQueriesResult& WithRequestId(Aws::String&& value) { SetRequestId(std::move(value)); return *this;}
+
+    
+    inline ListQueriesResult& WithRequestId(const char* value) { SetRequestId(value); return *this;}
+
+  private:
+
+    Aws::Vector<QuerySummary> m_queries;
+
+    Aws::String m_requestId;
+  };
+
+} // namespace Model
+} // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/NeptuneImportOptions.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/NeptuneImportOptions.h
index 3903bc3b4a7..ccbc9c97c84 100644
--- a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/NeptuneImportOptions.h
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/NeptuneImportOptions.h
@@ -176,7 +176,7 @@ namespace Model
      * <p>Neptune Analytics currently does not support user defined edge ids. The edge
      * ids are not imported by default. They are imported if <i>preserveEdgeIds</i> is
      * set to true, and ids are stored as properties on the relationships with the
-     * property name neptuneEdgeId.</p>
+     * property name <i>neptuneEdgeId</i>.</p>
      */
     inline bool GetPreserveEdgeIds() const{ return m_preserveEdgeIds; }
 
@@ -184,7 +184,7 @@ namespace Model
      * <p>Neptune Analytics currently does not support user defined edge ids. The edge
      * ids are not imported by default. They are imported if <i>preserveEdgeIds</i> is
      * set to true, and ids are stored as properties on the relationships with the
-     * property name neptuneEdgeId.</p>
+     * property name <i>neptuneEdgeId</i>.</p>
      */
     inline bool PreserveEdgeIdsHasBeenSet() const { return m_preserveEdgeIdsHasBeenSet; }
 
@@ -192,7 +192,7 @@ namespace Model
      * <p>Neptune Analytics currently does not support user defined edge ids. The edge
      * ids are not imported by default. They are imported if <i>preserveEdgeIds</i> is
      * set to true, and ids are stored as properties on the relationships with the
-     * property name neptuneEdgeId.</p>
+     * property name <i>neptuneEdgeId</i>.</p>
      */
     inline void SetPreserveEdgeIds(bool value) { m_preserveEdgeIdsHasBeenSet = true; m_preserveEdgeIds = value; }
 
@@ -200,7 +200,7 @@ namespace Model
      * <p>Neptune Analytics currently does not support user defined edge ids. The edge
      * ids are not imported by default. They are imported if <i>preserveEdgeIds</i> is
      * set to true, and ids are stored as properties on the relationships with the
-     * property name neptuneEdgeId.</p>
+     * property name <i>neptuneEdgeId</i>.</p>
      */
     inline NeptuneImportOptions& WithPreserveEdgeIds(bool value) { SetPreserveEdgeIds(value); return *this;}
 
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/NodeStructure.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/NodeStructure.h
new file mode 100644
index 00000000000..c9d5cdce542
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/NodeStructure.h
@@ -0,0 +1,167 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/neptune-graph/NeptuneGraph_EXPORTS.h>
+#include <aws/core/utils/memory/stl/AWSVector.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+#include <utility>
+
+namespace Aws
+{
+namespace Utils
+{
+namespace Json
+{
+  class JsonValue;
+  class JsonView;
+} // namespace Json
+} // namespace Utils
+namespace NeptuneGraph
+{
+namespace Model
+{
+
+  /**
+   * <p>Information about a node.</p><p><h3>See Also:</h3>   <a
+   * href="http://docs.aws.amazon.com/goto/WebAPI/neptune-graph-2023-11-29/NodeStructure">AWS
+   * API Reference</a></p>
+   */
+  class NodeStructure
+  {
+  public:
+    AWS_NEPTUNEGRAPH_API NodeStructure();
+    AWS_NEPTUNEGRAPH_API NodeStructure(Aws::Utils::Json::JsonView jsonValue);
+    AWS_NEPTUNEGRAPH_API NodeStructure& operator=(Aws::Utils::Json::JsonView jsonValue);
+    AWS_NEPTUNEGRAPH_API Aws::Utils::Json::JsonValue Jsonize() const;
+
+
+    /**
+     * <p>The number of instances of this node.</p>
+     */
+    inline long long GetCount() const{ return m_count; }
+
+    /**
+     * <p>The number of instances of this node.</p>
+     */
+    inline bool CountHasBeenSet() const { return m_countHasBeenSet; }
+
+    /**
+     * <p>The number of instances of this node.</p>
+     */
+    inline void SetCount(long long value) { m_countHasBeenSet = true; m_count = value; }
+
+    /**
+     * <p>The number of instances of this node.</p>
+     */
+    inline NodeStructure& WithCount(long long value) { SetCount(value); return *this;}
+
+
+    /**
+     * <p>Properties associated with this node.</p>
+     */
+    inline const Aws::Vector<Aws::String>& GetNodeProperties() const{ return m_nodeProperties; }
+
+    /**
+     * <p>Properties associated with this node.</p>
+     */
+    inline bool NodePropertiesHasBeenSet() const { return m_nodePropertiesHasBeenSet; }
+
+    /**
+     * <p>Properties associated with this node.</p>
+     */
+    inline void SetNodeProperties(const Aws::Vector<Aws::String>& value) { m_nodePropertiesHasBeenSet = true; m_nodeProperties = value; }
+
+    /**
+     * <p>Properties associated with this node.</p>
+     */
+    inline void SetNodeProperties(Aws::Vector<Aws::String>&& value) { m_nodePropertiesHasBeenSet = true; m_nodeProperties = std::move(value); }
+
+    /**
+     * <p>Properties associated with this node.</p>
+     */
+    inline NodeStructure& WithNodeProperties(const Aws::Vector<Aws::String>& value) { SetNodeProperties(value); return *this;}
+
+    /**
+     * <p>Properties associated with this node.</p>
+     */
+    inline NodeStructure& WithNodeProperties(Aws::Vector<Aws::String>&& value) { SetNodeProperties(std::move(value)); return *this;}
+
+    /**
+     * <p>Properties associated with this node.</p>
+     */
+    inline NodeStructure& AddNodeProperties(const Aws::String& value) { m_nodePropertiesHasBeenSet = true; m_nodeProperties.push_back(value); return *this; }
+
+    /**
+     * <p>Properties associated with this node.</p>
+     */
+    inline NodeStructure& AddNodeProperties(Aws::String&& value) { m_nodePropertiesHasBeenSet = true; m_nodeProperties.push_back(std::move(value)); return *this; }
+
+    /**
+     * <p>Properties associated with this node.</p>
+     */
+    inline NodeStructure& AddNodeProperties(const char* value) { m_nodePropertiesHasBeenSet = true; m_nodeProperties.push_back(value); return *this; }
+
+
+    /**
+     * <p>The outgoing edge labels associated with this node.</p>
+     */
+    inline const Aws::Vector<Aws::String>& GetDistinctOutgoingEdgeLabels() const{ return m_distinctOutgoingEdgeLabels; }
+
+    /**
+     * <p>The outgoing edge labels associated with this node.</p>
+     */
+    inline bool DistinctOutgoingEdgeLabelsHasBeenSet() const { return m_distinctOutgoingEdgeLabelsHasBeenSet; }
+
+    /**
+     * <p>The outgoing edge labels associated with this node.</p>
+     */
+    inline void SetDistinctOutgoingEdgeLabels(const Aws::Vector<Aws::String>& value) { m_distinctOutgoingEdgeLabelsHasBeenSet = true; m_distinctOutgoingEdgeLabels = value; }
+
+    /**
+     * <p>The outgoing edge labels associated with this node.</p>
+     */
+    inline void SetDistinctOutgoingEdgeLabels(Aws::Vector<Aws::String>&& value) { m_distinctOutgoingEdgeLabelsHasBeenSet = true; m_distinctOutgoingEdgeLabels = std::move(value); }
+
+    /**
+     * <p>The outgoing edge labels associated with this node.</p>
+     */
+    inline NodeStructure& WithDistinctOutgoingEdgeLabels(const Aws::Vector<Aws::String>& value) { SetDistinctOutgoingEdgeLabels(value); return *this;}
+
+    /**
+     * <p>The outgoing edge labels associated with this node.</p>
+     */
+    inline NodeStructure& WithDistinctOutgoingEdgeLabels(Aws::Vector<Aws::String>&& value) { SetDistinctOutgoingEdgeLabels(std::move(value)); return *this;}
+
+    /**
+     * <p>The outgoing edge labels associated with this node.</p>
+     */
+    inline NodeStructure& AddDistinctOutgoingEdgeLabels(const Aws::String& value) { m_distinctOutgoingEdgeLabelsHasBeenSet = true; m_distinctOutgoingEdgeLabels.push_back(value); return *this; }
+
+    /**
+     * <p>The outgoing edge labels associated with this node.</p>
+     */
+    inline NodeStructure& AddDistinctOutgoingEdgeLabels(Aws::String&& value) { m_distinctOutgoingEdgeLabelsHasBeenSet = true; m_distinctOutgoingEdgeLabels.push_back(std::move(value)); return *this; }
+
+    /**
+     * <p>The outgoing edge labels associated with this node.</p>
+     */
+    inline NodeStructure& AddDistinctOutgoingEdgeLabels(const char* value) { m_distinctOutgoingEdgeLabelsHasBeenSet = true; m_distinctOutgoingEdgeLabels.push_back(value); return *this; }
+
+  private:
+
+    long long m_count;
+    bool m_countHasBeenSet = false;
+
+    Aws::Vector<Aws::String> m_nodeProperties;
+    bool m_nodePropertiesHasBeenSet = false;
+
+    Aws::Vector<Aws::String> m_distinctOutgoingEdgeLabels;
+    bool m_distinctOutgoingEdgeLabelsHasBeenSet = false;
+  };
+
+} // namespace Model
+} // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/PlanCacheType.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/PlanCacheType.h
new file mode 100644
index 00000000000..1c79113ba78
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/PlanCacheType.h
@@ -0,0 +1,32 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/neptune-graph/NeptuneGraph_EXPORTS.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+
+namespace Aws
+{
+namespace NeptuneGraph
+{
+namespace Model
+{
+  enum class PlanCacheType
+  {
+    NOT_SET,
+    ENABLED,
+    DISABLED,
+    AUTO
+  };
+
+namespace PlanCacheTypeMapper
+{
+AWS_NEPTUNEGRAPH_API PlanCacheType GetPlanCacheTypeForName(const Aws::String& name);
+
+AWS_NEPTUNEGRAPH_API Aws::String GetNameForPlanCacheType(PlanCacheType value);
+} // namespace PlanCacheTypeMapper
+} // namespace Model
+} // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/QueryLanguage.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/QueryLanguage.h
new file mode 100644
index 00000000000..18e1c12e4a9
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/QueryLanguage.h
@@ -0,0 +1,30 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/neptune-graph/NeptuneGraph_EXPORTS.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+
+namespace Aws
+{
+namespace NeptuneGraph
+{
+namespace Model
+{
+  enum class QueryLanguage
+  {
+    NOT_SET,
+    OPEN_CYPHER
+  };
+
+namespace QueryLanguageMapper
+{
+AWS_NEPTUNEGRAPH_API QueryLanguage GetQueryLanguageForName(const Aws::String& name);
+
+AWS_NEPTUNEGRAPH_API Aws::String GetNameForQueryLanguage(QueryLanguage value);
+} // namespace QueryLanguageMapper
+} // namespace Model
+} // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/QueryState.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/QueryState.h
new file mode 100644
index 00000000000..f0fe84e1a5e
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/QueryState.h
@@ -0,0 +1,32 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/neptune-graph/NeptuneGraph_EXPORTS.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+
+namespace Aws
+{
+namespace NeptuneGraph
+{
+namespace Model
+{
+  enum class QueryState
+  {
+    NOT_SET,
+    RUNNING,
+    WAITING,
+    CANCELLING
+  };
+
+namespace QueryStateMapper
+{
+AWS_NEPTUNEGRAPH_API QueryState GetQueryStateForName(const Aws::String& name);
+
+AWS_NEPTUNEGRAPH_API Aws::String GetNameForQueryState(QueryState value);
+} // namespace QueryStateMapper
+} // namespace Model
+} // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/QueryStateInput.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/QueryStateInput.h
new file mode 100644
index 00000000000..82e2b2ad4a2
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/QueryStateInput.h
@@ -0,0 +1,33 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/neptune-graph/NeptuneGraph_EXPORTS.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+
+namespace Aws
+{
+namespace NeptuneGraph
+{
+namespace Model
+{
+  enum class QueryStateInput
+  {
+    NOT_SET,
+    ALL,
+    RUNNING,
+    WAITING,
+    CANCELLING
+  };
+
+namespace QueryStateInputMapper
+{
+AWS_NEPTUNEGRAPH_API QueryStateInput GetQueryStateInputForName(const Aws::String& name);
+
+AWS_NEPTUNEGRAPH_API Aws::String GetNameForQueryStateInput(QueryStateInput value);
+} // namespace QueryStateInputMapper
+} // namespace Model
+} // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/QuerySummary.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/QuerySummary.h
new file mode 100644
index 00000000000..94364665510
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/QuerySummary.h
@@ -0,0 +1,227 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/neptune-graph/NeptuneGraph_EXPORTS.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+#include <aws/neptune-graph/model/QueryState.h>
+#include <utility>
+
+namespace Aws
+{
+namespace Utils
+{
+namespace Json
+{
+  class JsonValue;
+  class JsonView;
+} // namespace Json
+} // namespace Utils
+namespace NeptuneGraph
+{
+namespace Model
+{
+
+  /**
+   * <p>Details of the query listed.</p><p><h3>See Also:</h3>   <a
+   * href="http://docs.aws.amazon.com/goto/WebAPI/neptune-graph-2023-11-29/QuerySummary">AWS
+   * API Reference</a></p>
+   */
+  class QuerySummary
+  {
+  public:
+    AWS_NEPTUNEGRAPH_API QuerySummary();
+    AWS_NEPTUNEGRAPH_API QuerySummary(Aws::Utils::Json::JsonView jsonValue);
+    AWS_NEPTUNEGRAPH_API QuerySummary& operator=(Aws::Utils::Json::JsonView jsonValue);
+    AWS_NEPTUNEGRAPH_API Aws::Utils::Json::JsonValue Jsonize() const;
+
+
+    /**
+     * <p>A string representation of the id of the query.</p>
+     */
+    inline const Aws::String& GetId() const{ return m_id; }
+
+    /**
+     * <p>A string representation of the id of the query.</p>
+     */
+    inline bool IdHasBeenSet() const { return m_idHasBeenSet; }
+
+    /**
+     * <p>A string representation of the id of the query.</p>
+     */
+    inline void SetId(const Aws::String& value) { m_idHasBeenSet = true; m_id = value; }
+
+    /**
+     * <p>A string representation of the id of the query.</p>
+     */
+    inline void SetId(Aws::String&& value) { m_idHasBeenSet = true; m_id = std::move(value); }
+
+    /**
+     * <p>A string representation of the id of the query.</p>
+     */
+    inline void SetId(const char* value) { m_idHasBeenSet = true; m_id.assign(value); }
+
+    /**
+     * <p>A string representation of the id of the query.</p>
+     */
+    inline QuerySummary& WithId(const Aws::String& value) { SetId(value); return *this;}
+
+    /**
+     * <p>A string representation of the id of the query.</p>
+     */
+    inline QuerySummary& WithId(Aws::String&& value) { SetId(std::move(value)); return *this;}
+
+    /**
+     * <p>A string representation of the id of the query.</p>
+     */
+    inline QuerySummary& WithId(const char* value) { SetId(value); return *this;}
+
+
+    /**
+     * <p>The actual query text. The <code>queryString</code> may be truncated if the
+     * actual query string is too long.</p>
+     */
+    inline const Aws::String& GetQueryString() const{ return m_queryString; }
+
+    /**
+     * <p>The actual query text. The <code>queryString</code> may be truncated if the
+     * actual query string is too long.</p>
+     */
+    inline bool QueryStringHasBeenSet() const { return m_queryStringHasBeenSet; }
+
+    /**
+     * <p>The actual query text. The <code>queryString</code> may be truncated if the
+     * actual query string is too long.</p>
+     */
+    inline void SetQueryString(const Aws::String& value) { m_queryStringHasBeenSet = true; m_queryString = value; }
+
+    /**
+     * <p>The actual query text. The <code>queryString</code> may be truncated if the
+     * actual query string is too long.</p>
+     */
+    inline void SetQueryString(Aws::String&& value) { m_queryStringHasBeenSet = true; m_queryString = std::move(value); }
+
+    /**
+     * <p>The actual query text. The <code>queryString</code> may be truncated if the
+     * actual query string is too long.</p>
+     */
+    inline void SetQueryString(const char* value) { m_queryStringHasBeenSet = true; m_queryString.assign(value); }
+
+    /**
+     * <p>The actual query text. The <code>queryString</code> may be truncated if the
+     * actual query string is too long.</p>
+     */
+    inline QuerySummary& WithQueryString(const Aws::String& value) { SetQueryString(value); return *this;}
+
+    /**
+     * <p>The actual query text. The <code>queryString</code> may be truncated if the
+     * actual query string is too long.</p>
+     */
+    inline QuerySummary& WithQueryString(Aws::String&& value) { SetQueryString(std::move(value)); return *this;}
+
+    /**
+     * <p>The actual query text. The <code>queryString</code> may be truncated if the
+     * actual query string is too long.</p>
+     */
+    inline QuerySummary& WithQueryString(const char* value) { SetQueryString(value); return *this;}
+
+
+    /**
+     * <p>The amount of time, in milliseconds, the query has waited in the queue before
+     * being picked up by a worker thread.</p>
+     */
+    inline int GetWaited() const{ return m_waited; }
+
+    /**
+     * <p>The amount of time, in milliseconds, the query has waited in the queue before
+     * being picked up by a worker thread.</p>
+     */
+    inline bool WaitedHasBeenSet() const { return m_waitedHasBeenSet; }
+
+    /**
+     * <p>The amount of time, in milliseconds, the query has waited in the queue before
+     * being picked up by a worker thread.</p>
+     */
+    inline void SetWaited(int value) { m_waitedHasBeenSet = true; m_waited = value; }
+
+    /**
+     * <p>The amount of time, in milliseconds, the query has waited in the queue before
+     * being picked up by a worker thread.</p>
+     */
+    inline QuerySummary& WithWaited(int value) { SetWaited(value); return *this;}
+
+
+    /**
+     * <p>The running time of the query, in milliseconds.</p>
+     */
+    inline int GetElapsed() const{ return m_elapsed; }
+
+    /**
+     * <p>The running time of the query, in milliseconds.</p>
+     */
+    inline bool ElapsedHasBeenSet() const { return m_elapsedHasBeenSet; }
+
+    /**
+     * <p>The running time of the query, in milliseconds.</p>
+     */
+    inline void SetElapsed(int value) { m_elapsedHasBeenSet = true; m_elapsed = value; }
+
+    /**
+     * <p>The running time of the query, in milliseconds.</p>
+     */
+    inline QuerySummary& WithElapsed(int value) { SetElapsed(value); return *this;}
+
+
+    /**
+     * <p>State of the query.</p>
+     */
+    inline const QueryState& GetState() const{ return m_state; }
+
+    /**
+     * <p>State of the query.</p>
+     */
+    inline bool StateHasBeenSet() const { return m_stateHasBeenSet; }
+
+    /**
+     * <p>State of the query.</p>
+     */
+    inline void SetState(const QueryState& value) { m_stateHasBeenSet = true; m_state = value; }
+
+    /**
+     * <p>State of the query.</p>
+     */
+    inline void SetState(QueryState&& value) { m_stateHasBeenSet = true; m_state = std::move(value); }
+
+    /**
+     * <p>State of the query.</p>
+     */
+    inline QuerySummary& WithState(const QueryState& value) { SetState(value); return *this;}
+
+    /**
+     * <p>State of the query.</p>
+     */
+    inline QuerySummary& WithState(QueryState&& value) { SetState(std::move(value)); return *this;}
+
+  private:
+
+    Aws::String m_id;
+    bool m_idHasBeenSet = false;
+
+    Aws::String m_queryString;
+    bool m_queryStringHasBeenSet = false;
+
+    int m_waited;
+    bool m_waitedHasBeenSet = false;
+
+    int m_elapsed;
+    bool m_elapsedHasBeenSet = false;
+
+    QueryState m_state;
+    bool m_stateHasBeenSet = false;
+  };
+
+} // namespace Model
+} // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/UnprocessableException.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/UnprocessableException.h
new file mode 100644
index 00000000000..4821e84868a
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/UnprocessableException.h
@@ -0,0 +1,108 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/neptune-graph/NeptuneGraph_EXPORTS.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+#include <aws/neptune-graph/model/UnprocessableExceptionReason.h>
+#include <utility>
+
+namespace Aws
+{
+namespace Utils
+{
+namespace Json
+{
+  class JsonValue;
+  class JsonView;
+} // namespace Json
+} // namespace Utils
+namespace NeptuneGraph
+{
+namespace Model
+{
+
+  /**
+   * <p>Request cannot be processed due to known reasons. Eg. partition
+   * full.</p><p><h3>See Also:</h3>   <a
+   * href="http://docs.aws.amazon.com/goto/WebAPI/neptune-graph-2023-11-29/UnprocessableException">AWS
+   * API Reference</a></p>
+   */
+  class UnprocessableException
+  {
+  public:
+    AWS_NEPTUNEGRAPH_API UnprocessableException();
+    AWS_NEPTUNEGRAPH_API UnprocessableException(Aws::Utils::Json::JsonView jsonValue);
+    AWS_NEPTUNEGRAPH_API UnprocessableException& operator=(Aws::Utils::Json::JsonView jsonValue);
+    AWS_NEPTUNEGRAPH_API Aws::Utils::Json::JsonValue Jsonize() const;
+
+
+    
+    inline const Aws::String& GetMessage() const{ return m_message; }
+
+    
+    inline bool MessageHasBeenSet() const { return m_messageHasBeenSet; }
+
+    
+    inline void SetMessage(const Aws::String& value) { m_messageHasBeenSet = true; m_message = value; }
+
+    
+    inline void SetMessage(Aws::String&& value) { m_messageHasBeenSet = true; m_message = std::move(value); }
+
+    
+    inline void SetMessage(const char* value) { m_messageHasBeenSet = true; m_message.assign(value); }
+
+    
+    inline UnprocessableException& WithMessage(const Aws::String& value) { SetMessage(value); return *this;}
+
+    
+    inline UnprocessableException& WithMessage(Aws::String&& value) { SetMessage(std::move(value)); return *this;}
+
+    
+    inline UnprocessableException& WithMessage(const char* value) { SetMessage(value); return *this;}
+
+
+    /**
+     * <p>The reason for the unprocessable exception.</p>
+     */
+    inline const UnprocessableExceptionReason& GetReason() const{ return m_reason; }
+
+    /**
+     * <p>The reason for the unprocessable exception.</p>
+     */
+    inline bool ReasonHasBeenSet() const { return m_reasonHasBeenSet; }
+
+    /**
+     * <p>The reason for the unprocessable exception.</p>
+     */
+    inline void SetReason(const UnprocessableExceptionReason& value) { m_reasonHasBeenSet = true; m_reason = value; }
+
+    /**
+     * <p>The reason for the unprocessable exception.</p>
+     */
+    inline void SetReason(UnprocessableExceptionReason&& value) { m_reasonHasBeenSet = true; m_reason = std::move(value); }
+
+    /**
+     * <p>The reason for the unprocessable exception.</p>
+     */
+    inline UnprocessableException& WithReason(const UnprocessableExceptionReason& value) { SetReason(value); return *this;}
+
+    /**
+     * <p>The reason for the unprocessable exception.</p>
+     */
+    inline UnprocessableException& WithReason(UnprocessableExceptionReason&& value) { SetReason(std::move(value)); return *this;}
+
+  private:
+
+    Aws::String m_message;
+    bool m_messageHasBeenSet = false;
+
+    UnprocessableExceptionReason m_reason;
+    bool m_reasonHasBeenSet = false;
+  };
+
+} // namespace Model
+} // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/UnprocessableExceptionReason.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/UnprocessableExceptionReason.h
new file mode 100644
index 00000000000..cf1d789984e
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/UnprocessableExceptionReason.h
@@ -0,0 +1,34 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#pragma once
+#include <aws/neptune-graph/NeptuneGraph_EXPORTS.h>
+#include <aws/core/utils/memory/stl/AWSString.h>
+
+namespace Aws
+{
+namespace NeptuneGraph
+{
+namespace Model
+{
+  enum class UnprocessableExceptionReason
+  {
+    NOT_SET,
+    QUERY_TIMEOUT,
+    INTERNAL_LIMIT_EXCEEDED,
+    MEMORY_LIMIT_EXCEEDED,
+    STORAGE_LIMIT_EXCEEDED,
+    PARTITION_FULL
+  };
+
+namespace UnprocessableExceptionReasonMapper
+{
+AWS_NEPTUNEGRAPH_API UnprocessableExceptionReason GetUnprocessableExceptionReasonForName(const Aws::String& name);
+
+AWS_NEPTUNEGRAPH_API Aws::String GetNameForUnprocessableExceptionReason(UnprocessableExceptionReason value);
+} // namespace UnprocessableExceptionReasonMapper
+} // namespace Model
+} // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/ValidationException.h b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/ValidationException.h
index bb6e5087922..39aa299ec48 100644
--- a/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/ValidationException.h
+++ b/generated/src/aws-cpp-sdk-neptune-graph/include/aws/neptune-graph/model/ValidationException.h
@@ -25,7 +25,7 @@ namespace Model
 {
 
   /**
-   * <p>A resource could not be validated</p><p><h3>See Also:</h3>   <a
+   * <p>A resource could not be validated.</p><p><h3>See Also:</h3>   <a
    * href="http://docs.aws.amazon.com/goto/WebAPI/neptune-graph-2023-11-29/ValidationException">AWS
    * API Reference</a></p>
    */
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/source/NeptuneGraphClient.cpp b/generated/src/aws-cpp-sdk-neptune-graph/source/NeptuneGraphClient.cpp
index 7d1c7465356..0db99d697fc 100644
--- a/generated/src/aws-cpp-sdk-neptune-graph/source/NeptuneGraphClient.cpp
+++ b/generated/src/aws-cpp-sdk-neptune-graph/source/NeptuneGraphClient.cpp
@@ -22,6 +22,7 @@
 #include <aws/neptune-graph/NeptuneGraphErrorMarshaller.h>
 #include <aws/neptune-graph/NeptuneGraphEndpointProvider.h>
 #include <aws/neptune-graph/model/CancelImportTaskRequest.h>
+#include <aws/neptune-graph/model/CancelQueryRequest.h>
 #include <aws/neptune-graph/model/CreateGraphRequest.h>
 #include <aws/neptune-graph/model/CreateGraphSnapshotRequest.h>
 #include <aws/neptune-graph/model/CreateGraphUsingImportTaskRequest.h>
@@ -29,14 +30,18 @@
 #include <aws/neptune-graph/model/DeleteGraphRequest.h>
 #include <aws/neptune-graph/model/DeleteGraphSnapshotRequest.h>
 #include <aws/neptune-graph/model/DeletePrivateGraphEndpointRequest.h>
+#include <aws/neptune-graph/model/ExecuteQueryRequest.h>
 #include <aws/neptune-graph/model/GetGraphRequest.h>
 #include <aws/neptune-graph/model/GetGraphSnapshotRequest.h>
+#include <aws/neptune-graph/model/GetGraphSummaryRequest.h>
 #include <aws/neptune-graph/model/GetImportTaskRequest.h>
 #include <aws/neptune-graph/model/GetPrivateGraphEndpointRequest.h>
+#include <aws/neptune-graph/model/GetQueryRequest.h>
 #include <aws/neptune-graph/model/ListGraphSnapshotsRequest.h>
 #include <aws/neptune-graph/model/ListGraphsRequest.h>
 #include <aws/neptune-graph/model/ListImportTasksRequest.h>
 #include <aws/neptune-graph/model/ListPrivateGraphEndpointsRequest.h>
+#include <aws/neptune-graph/model/ListQueriesRequest.h>
 #include <aws/neptune-graph/model/ListTagsForResourceRequest.h>
 #include <aws/neptune-graph/model/ResetGraphRequest.h>
 #include <aws/neptune-graph/model/RestoreGraphFromSnapshotRequest.h>
@@ -209,6 +214,46 @@ CancelImportTaskOutcome NeptuneGraphClient::CancelImportTask(const CancelImportT
     {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
 }
 
+CancelQueryOutcome NeptuneGraphClient::CancelQuery(const CancelQueryRequest& request) const
+{
+  AWS_OPERATION_GUARD(CancelQuery);
+  AWS_OPERATION_CHECK_PTR(m_endpointProvider, CancelQuery, CoreErrors, CoreErrors::ENDPOINT_RESOLUTION_FAILURE);
+  if (!request.GraphIdentifierHasBeenSet())
+  {
+    AWS_LOGSTREAM_ERROR("CancelQuery", "Required field: GraphIdentifier, is not set");
+    return CancelQueryOutcome(Aws::Client::AWSError<NeptuneGraphErrors>(NeptuneGraphErrors::MISSING_PARAMETER, "MISSING_PARAMETER", "Missing required field [GraphIdentifier]", false));
+  }
+  if (!request.QueryIdHasBeenSet())
+  {
+    AWS_LOGSTREAM_ERROR("CancelQuery", "Required field: QueryId, is not set");
+    return CancelQueryOutcome(Aws::Client::AWSError<NeptuneGraphErrors>(NeptuneGraphErrors::MISSING_PARAMETER, "MISSING_PARAMETER", "Missing required field [QueryId]", false));
+  }
+  AWS_OPERATION_CHECK_PTR(m_telemetryProvider, CancelQuery, CoreErrors, CoreErrors::NOT_INITIALIZED);
+  auto tracer = m_telemetryProvider->getTracer(this->GetServiceClientName(), {});
+  auto meter = m_telemetryProvider->getMeter(this->GetServiceClientName(), {});
+  AWS_OPERATION_CHECK_PTR(meter, CancelQuery, CoreErrors, CoreErrors::NOT_INITIALIZED);
+  auto span = tracer->CreateSpan(Aws::String(this->GetServiceClientName()) + ".CancelQuery",
+    {{ TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName() }, { TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName() }, { TracingUtils::SMITHY_SYSTEM_DIMENSION, TracingUtils::SMITHY_METHOD_AWS_VALUE }},
+    smithy::components::tracing::SpanKind::CLIENT);
+  return TracingUtils::MakeCallWithTiming<CancelQueryOutcome>(
+    [&]()-> CancelQueryOutcome {
+      auto endpointResolutionOutcome = TracingUtils::MakeCallWithTiming<ResolveEndpointOutcome>(
+          [&]() -> ResolveEndpointOutcome { return m_endpointProvider->ResolveEndpoint(request.GetEndpointContextParams()); },
+          TracingUtils::SMITHY_CLIENT_ENDPOINT_RESOLUTION_METRIC,
+          *meter,
+          {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
+      AWS_OPERATION_CHECK_SUCCESS(endpointResolutionOutcome, CancelQuery, CoreErrors, CoreErrors::ENDPOINT_RESOLUTION_FAILURE, endpointResolutionOutcome.GetError().GetMessage());
+      auto addPrefixErr = endpointResolutionOutcome.GetResult().AddPrefixIfMissing("" + request.GetGraphIdentifier() + ".");
+      AWS_CHECK(SERVICE_NAME, !addPrefixErr, addPrefixErr->GetMessage(), CancelQueryOutcome(addPrefixErr.value()));
+      endpointResolutionOutcome.GetResult().AddPathSegments("/queries/");
+      endpointResolutionOutcome.GetResult().AddPathSegment(request.GetQueryId());
+      return CancelQueryOutcome(MakeRequest(request, endpointResolutionOutcome.GetResult(), Aws::Http::HttpMethod::HTTP_DELETE, Aws::Auth::SIGV4_SIGNER));
+    },
+    TracingUtils::SMITHY_CLIENT_DURATION_METRIC,
+    *meter,
+    {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
+}
+
 CreateGraphOutcome NeptuneGraphClient::CreateGraph(const CreateGraphRequest& request) const
 {
   AWS_OPERATION_GUARD(CreateGraph);
@@ -435,6 +480,40 @@ DeletePrivateGraphEndpointOutcome NeptuneGraphClient::DeletePrivateGraphEndpoint
     {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
 }
 
+ExecuteQueryOutcome NeptuneGraphClient::ExecuteQuery(const ExecuteQueryRequest& request) const
+{
+  AWS_OPERATION_GUARD(ExecuteQuery);
+  AWS_OPERATION_CHECK_PTR(m_endpointProvider, ExecuteQuery, CoreErrors, CoreErrors::ENDPOINT_RESOLUTION_FAILURE);
+  if (!request.GraphIdentifierHasBeenSet())
+  {
+    AWS_LOGSTREAM_ERROR("ExecuteQuery", "Required field: GraphIdentifier, is not set");
+    return ExecuteQueryOutcome(Aws::Client::AWSError<NeptuneGraphErrors>(NeptuneGraphErrors::MISSING_PARAMETER, "MISSING_PARAMETER", "Missing required field [GraphIdentifier]", false));
+  }
+  AWS_OPERATION_CHECK_PTR(m_telemetryProvider, ExecuteQuery, CoreErrors, CoreErrors::NOT_INITIALIZED);
+  auto tracer = m_telemetryProvider->getTracer(this->GetServiceClientName(), {});
+  auto meter = m_telemetryProvider->getMeter(this->GetServiceClientName(), {});
+  AWS_OPERATION_CHECK_PTR(meter, ExecuteQuery, CoreErrors, CoreErrors::NOT_INITIALIZED);
+  auto span = tracer->CreateSpan(Aws::String(this->GetServiceClientName()) + ".ExecuteQuery",
+    {{ TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName() }, { TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName() }, { TracingUtils::SMITHY_SYSTEM_DIMENSION, TracingUtils::SMITHY_METHOD_AWS_VALUE }},
+    smithy::components::tracing::SpanKind::CLIENT);
+  return TracingUtils::MakeCallWithTiming<ExecuteQueryOutcome>(
+    [&]()-> ExecuteQueryOutcome {
+      auto endpointResolutionOutcome = TracingUtils::MakeCallWithTiming<ResolveEndpointOutcome>(
+          [&]() -> ResolveEndpointOutcome { return m_endpointProvider->ResolveEndpoint(request.GetEndpointContextParams()); },
+          TracingUtils::SMITHY_CLIENT_ENDPOINT_RESOLUTION_METRIC,
+          *meter,
+          {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
+      AWS_OPERATION_CHECK_SUCCESS(endpointResolutionOutcome, ExecuteQuery, CoreErrors, CoreErrors::ENDPOINT_RESOLUTION_FAILURE, endpointResolutionOutcome.GetError().GetMessage());
+      auto addPrefixErr = endpointResolutionOutcome.GetResult().AddPrefixIfMissing("" + request.GetGraphIdentifier() + ".");
+      AWS_CHECK(SERVICE_NAME, !addPrefixErr, addPrefixErr->GetMessage(), ExecuteQueryOutcome(addPrefixErr.value()));
+      endpointResolutionOutcome.GetResult().AddPathSegments("/queries");
+      return ExecuteQueryOutcome(MakeRequestWithUnparsedResponse(request, endpointResolutionOutcome.GetResult(), Aws::Http::HttpMethod::HTTP_POST));
+    },
+    TracingUtils::SMITHY_CLIENT_DURATION_METRIC,
+    *meter,
+    {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
+}
+
 GetGraphOutcome NeptuneGraphClient::GetGraph(const GetGraphRequest& request) const
 {
   AWS_OPERATION_GUARD(GetGraph);
@@ -501,6 +580,40 @@ GetGraphSnapshotOutcome NeptuneGraphClient::GetGraphSnapshot(const GetGraphSnaps
     {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
 }
 
+GetGraphSummaryOutcome NeptuneGraphClient::GetGraphSummary(const GetGraphSummaryRequest& request) const
+{
+  AWS_OPERATION_GUARD(GetGraphSummary);
+  AWS_OPERATION_CHECK_PTR(m_endpointProvider, GetGraphSummary, CoreErrors, CoreErrors::ENDPOINT_RESOLUTION_FAILURE);
+  if (!request.GraphIdentifierHasBeenSet())
+  {
+    AWS_LOGSTREAM_ERROR("GetGraphSummary", "Required field: GraphIdentifier, is not set");
+    return GetGraphSummaryOutcome(Aws::Client::AWSError<NeptuneGraphErrors>(NeptuneGraphErrors::MISSING_PARAMETER, "MISSING_PARAMETER", "Missing required field [GraphIdentifier]", false));
+  }
+  AWS_OPERATION_CHECK_PTR(m_telemetryProvider, GetGraphSummary, CoreErrors, CoreErrors::NOT_INITIALIZED);
+  auto tracer = m_telemetryProvider->getTracer(this->GetServiceClientName(), {});
+  auto meter = m_telemetryProvider->getMeter(this->GetServiceClientName(), {});
+  AWS_OPERATION_CHECK_PTR(meter, GetGraphSummary, CoreErrors, CoreErrors::NOT_INITIALIZED);
+  auto span = tracer->CreateSpan(Aws::String(this->GetServiceClientName()) + ".GetGraphSummary",
+    {{ TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName() }, { TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName() }, { TracingUtils::SMITHY_SYSTEM_DIMENSION, TracingUtils::SMITHY_METHOD_AWS_VALUE }},
+    smithy::components::tracing::SpanKind::CLIENT);
+  return TracingUtils::MakeCallWithTiming<GetGraphSummaryOutcome>(
+    [&]()-> GetGraphSummaryOutcome {
+      auto endpointResolutionOutcome = TracingUtils::MakeCallWithTiming<ResolveEndpointOutcome>(
+          [&]() -> ResolveEndpointOutcome { return m_endpointProvider->ResolveEndpoint(request.GetEndpointContextParams()); },
+          TracingUtils::SMITHY_CLIENT_ENDPOINT_RESOLUTION_METRIC,
+          *meter,
+          {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
+      AWS_OPERATION_CHECK_SUCCESS(endpointResolutionOutcome, GetGraphSummary, CoreErrors, CoreErrors::ENDPOINT_RESOLUTION_FAILURE, endpointResolutionOutcome.GetError().GetMessage());
+      auto addPrefixErr = endpointResolutionOutcome.GetResult().AddPrefixIfMissing("" + request.GetGraphIdentifier() + ".");
+      AWS_CHECK(SERVICE_NAME, !addPrefixErr, addPrefixErr->GetMessage(), GetGraphSummaryOutcome(addPrefixErr.value()));
+      endpointResolutionOutcome.GetResult().AddPathSegments("/summary");
+      return GetGraphSummaryOutcome(MakeRequest(request, endpointResolutionOutcome.GetResult(), Aws::Http::HttpMethod::HTTP_GET, Aws::Auth::SIGV4_SIGNER));
+    },
+    TracingUtils::SMITHY_CLIENT_DURATION_METRIC,
+    *meter,
+    {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
+}
+
 GetImportTaskOutcome NeptuneGraphClient::GetImportTask(const GetImportTaskRequest& request) const
 {
   AWS_OPERATION_GUARD(GetImportTask);
@@ -574,6 +687,46 @@ GetPrivateGraphEndpointOutcome NeptuneGraphClient::GetPrivateGraphEndpoint(const
     {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
 }
 
+GetQueryOutcome NeptuneGraphClient::GetQuery(const GetQueryRequest& request) const
+{
+  AWS_OPERATION_GUARD(GetQuery);
+  AWS_OPERATION_CHECK_PTR(m_endpointProvider, GetQuery, CoreErrors, CoreErrors::ENDPOINT_RESOLUTION_FAILURE);
+  if (!request.GraphIdentifierHasBeenSet())
+  {
+    AWS_LOGSTREAM_ERROR("GetQuery", "Required field: GraphIdentifier, is not set");
+    return GetQueryOutcome(Aws::Client::AWSError<NeptuneGraphErrors>(NeptuneGraphErrors::MISSING_PARAMETER, "MISSING_PARAMETER", "Missing required field [GraphIdentifier]", false));
+  }
+  if (!request.QueryIdHasBeenSet())
+  {
+    AWS_LOGSTREAM_ERROR("GetQuery", "Required field: QueryId, is not set");
+    return GetQueryOutcome(Aws::Client::AWSError<NeptuneGraphErrors>(NeptuneGraphErrors::MISSING_PARAMETER, "MISSING_PARAMETER", "Missing required field [QueryId]", false));
+  }
+  AWS_OPERATION_CHECK_PTR(m_telemetryProvider, GetQuery, CoreErrors, CoreErrors::NOT_INITIALIZED);
+  auto tracer = m_telemetryProvider->getTracer(this->GetServiceClientName(), {});
+  auto meter = m_telemetryProvider->getMeter(this->GetServiceClientName(), {});
+  AWS_OPERATION_CHECK_PTR(meter, GetQuery, CoreErrors, CoreErrors::NOT_INITIALIZED);
+  auto span = tracer->CreateSpan(Aws::String(this->GetServiceClientName()) + ".GetQuery",
+    {{ TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName() }, { TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName() }, { TracingUtils::SMITHY_SYSTEM_DIMENSION, TracingUtils::SMITHY_METHOD_AWS_VALUE }},
+    smithy::components::tracing::SpanKind::CLIENT);
+  return TracingUtils::MakeCallWithTiming<GetQueryOutcome>(
+    [&]()-> GetQueryOutcome {
+      auto endpointResolutionOutcome = TracingUtils::MakeCallWithTiming<ResolveEndpointOutcome>(
+          [&]() -> ResolveEndpointOutcome { return m_endpointProvider->ResolveEndpoint(request.GetEndpointContextParams()); },
+          TracingUtils::SMITHY_CLIENT_ENDPOINT_RESOLUTION_METRIC,
+          *meter,
+          {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
+      AWS_OPERATION_CHECK_SUCCESS(endpointResolutionOutcome, GetQuery, CoreErrors, CoreErrors::ENDPOINT_RESOLUTION_FAILURE, endpointResolutionOutcome.GetError().GetMessage());
+      auto addPrefixErr = endpointResolutionOutcome.GetResult().AddPrefixIfMissing("" + request.GetGraphIdentifier() + ".");
+      AWS_CHECK(SERVICE_NAME, !addPrefixErr, addPrefixErr->GetMessage(), GetQueryOutcome(addPrefixErr.value()));
+      endpointResolutionOutcome.GetResult().AddPathSegments("/queries/");
+      endpointResolutionOutcome.GetResult().AddPathSegment(request.GetQueryId());
+      return GetQueryOutcome(MakeRequest(request, endpointResolutionOutcome.GetResult(), Aws::Http::HttpMethod::HTTP_GET, Aws::Auth::SIGV4_SIGNER));
+    },
+    TracingUtils::SMITHY_CLIENT_DURATION_METRIC,
+    *meter,
+    {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
+}
+
 ListGraphSnapshotsOutcome NeptuneGraphClient::ListGraphSnapshots(const ListGraphSnapshotsRequest& request) const
 {
   AWS_OPERATION_GUARD(ListGraphSnapshots);
@@ -689,6 +842,45 @@ ListPrivateGraphEndpointsOutcome NeptuneGraphClient::ListPrivateGraphEndpoints(c
     {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
 }
 
+ListQueriesOutcome NeptuneGraphClient::ListQueries(const ListQueriesRequest& request) const
+{
+  AWS_OPERATION_GUARD(ListQueries);
+  AWS_OPERATION_CHECK_PTR(m_endpointProvider, ListQueries, CoreErrors, CoreErrors::ENDPOINT_RESOLUTION_FAILURE);
+  if (!request.GraphIdentifierHasBeenSet())
+  {
+    AWS_LOGSTREAM_ERROR("ListQueries", "Required field: GraphIdentifier, is not set");
+    return ListQueriesOutcome(Aws::Client::AWSError<NeptuneGraphErrors>(NeptuneGraphErrors::MISSING_PARAMETER, "MISSING_PARAMETER", "Missing required field [GraphIdentifier]", false));
+  }
+  if (!request.MaxResultsHasBeenSet())
+  {
+    AWS_LOGSTREAM_ERROR("ListQueries", "Required field: MaxResults, is not set");
+    return ListQueriesOutcome(Aws::Client::AWSError<NeptuneGraphErrors>(NeptuneGraphErrors::MISSING_PARAMETER, "MISSING_PARAMETER", "Missing required field [MaxResults]", false));
+  }
+  AWS_OPERATION_CHECK_PTR(m_telemetryProvider, ListQueries, CoreErrors, CoreErrors::NOT_INITIALIZED);
+  auto tracer = m_telemetryProvider->getTracer(this->GetServiceClientName(), {});
+  auto meter = m_telemetryProvider->getMeter(this->GetServiceClientName(), {});
+  AWS_OPERATION_CHECK_PTR(meter, ListQueries, CoreErrors, CoreErrors::NOT_INITIALIZED);
+  auto span = tracer->CreateSpan(Aws::String(this->GetServiceClientName()) + ".ListQueries",
+    {{ TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName() }, { TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName() }, { TracingUtils::SMITHY_SYSTEM_DIMENSION, TracingUtils::SMITHY_METHOD_AWS_VALUE }},
+    smithy::components::tracing::SpanKind::CLIENT);
+  return TracingUtils::MakeCallWithTiming<ListQueriesOutcome>(
+    [&]()-> ListQueriesOutcome {
+      auto endpointResolutionOutcome = TracingUtils::MakeCallWithTiming<ResolveEndpointOutcome>(
+          [&]() -> ResolveEndpointOutcome { return m_endpointProvider->ResolveEndpoint(request.GetEndpointContextParams()); },
+          TracingUtils::SMITHY_CLIENT_ENDPOINT_RESOLUTION_METRIC,
+          *meter,
+          {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
+      AWS_OPERATION_CHECK_SUCCESS(endpointResolutionOutcome, ListQueries, CoreErrors, CoreErrors::ENDPOINT_RESOLUTION_FAILURE, endpointResolutionOutcome.GetError().GetMessage());
+      auto addPrefixErr = endpointResolutionOutcome.GetResult().AddPrefixIfMissing("" + request.GetGraphIdentifier() + ".");
+      AWS_CHECK(SERVICE_NAME, !addPrefixErr, addPrefixErr->GetMessage(), ListQueriesOutcome(addPrefixErr.value()));
+      endpointResolutionOutcome.GetResult().AddPathSegments("/queries");
+      return ListQueriesOutcome(MakeRequest(request, endpointResolutionOutcome.GetResult(), Aws::Http::HttpMethod::HTTP_GET, Aws::Auth::SIGV4_SIGNER));
+    },
+    TracingUtils::SMITHY_CLIENT_DURATION_METRIC,
+    *meter,
+    {{TracingUtils::SMITHY_METHOD_DIMENSION, request.GetServiceRequestName()}, {TracingUtils::SMITHY_SERVICE_DIMENSION, this->GetServiceClientName()}});
+}
+
 ListTagsForResourceOutcome NeptuneGraphClient::ListTagsForResource(const ListTagsForResourceRequest& request) const
 {
   AWS_OPERATION_GUARD(ListTagsForResource);
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/source/NeptuneGraphErrors.cpp b/generated/src/aws-cpp-sdk-neptune-graph/source/NeptuneGraphErrors.cpp
index 3851501656f..f14f8a0a8e4 100644
--- a/generated/src/aws-cpp-sdk-neptune-graph/source/NeptuneGraphErrors.cpp
+++ b/generated/src/aws-cpp-sdk-neptune-graph/source/NeptuneGraphErrors.cpp
@@ -9,6 +9,7 @@
 #include <aws/neptune-graph/model/ConflictException.h>
 #include <aws/neptune-graph/model/ServiceQuotaExceededException.h>
 #include <aws/neptune-graph/model/ValidationException.h>
+#include <aws/neptune-graph/model/UnprocessableException.h>
 
 using namespace Aws::Client;
 using namespace Aws::Utils;
@@ -37,12 +38,19 @@ template<> AWS_NEPTUNEGRAPH_API ValidationException NeptuneGraphError::GetModele
   return ValidationException(this->GetJsonPayload().View());
 }
 
+template<> AWS_NEPTUNEGRAPH_API UnprocessableException NeptuneGraphError::GetModeledError()
+{
+  assert(this->GetErrorType() == NeptuneGraphErrors::UNPROCESSABLE);
+  return UnprocessableException(this->GetJsonPayload().View());
+}
+
 namespace NeptuneGraphErrorMapper
 {
 
 static const int CONFLICT_HASH = HashingUtils::HashString("ConflictException");
 static const int SERVICE_QUOTA_EXCEEDED_HASH = HashingUtils::HashString("ServiceQuotaExceededException");
 static const int INTERNAL_SERVER_HASH = HashingUtils::HashString("InternalServerException");
+static const int UNPROCESSABLE_HASH = HashingUtils::HashString("UnprocessableException");
 
 
 AWSError<CoreErrors> GetErrorForName(const char* errorName)
@@ -61,6 +69,10 @@ AWSError<CoreErrors> GetErrorForName(const char* errorName)
   {
     return AWSError<CoreErrors>(static_cast<CoreErrors>(NeptuneGraphErrors::INTERNAL_SERVER), RetryableType::RETRYABLE);
   }
+  else if (hashCode == UNPROCESSABLE_HASH)
+  {
+    return AWSError<CoreErrors>(static_cast<CoreErrors>(NeptuneGraphErrors::UNPROCESSABLE), RetryableType::NOT_RETRYABLE);
+  }
   return AWSError<CoreErrors>(CoreErrors::UNKNOWN, false);
 }
 
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/source/model/CancelQueryRequest.cpp b/generated/src/aws-cpp-sdk-neptune-graph/source/model/CancelQueryRequest.cpp
new file mode 100644
index 00000000000..df1ae2a0cd7
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/source/model/CancelQueryRequest.cpp
@@ -0,0 +1,52 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/neptune-graph/model/CancelQueryRequest.h>
+#include <aws/core/utils/json/JsonSerializer.h>
+#include <aws/core/utils/memory/stl/AWSStringStream.h>
+
+#include <utility>
+
+using namespace Aws::NeptuneGraph::Model;
+using namespace Aws::Utils::Json;
+using namespace Aws::Utils;
+
+CancelQueryRequest::CancelQueryRequest() : 
+    m_graphIdentifierHasBeenSet(false),
+    m_queryIdHasBeenSet(false)
+{
+}
+
+Aws::String CancelQueryRequest::SerializePayload() const
+{
+  return {};
+}
+
+Aws::Http::HeaderValueCollection CancelQueryRequest::GetRequestSpecificHeaders() const
+{
+  Aws::Http::HeaderValueCollection headers;
+  Aws::StringStream ss;
+  if(m_graphIdentifierHasBeenSet)
+  {
+    ss << m_graphIdentifier;
+    headers.emplace("graphidentifier",  ss.str());
+    ss.str("");
+  }
+
+  return headers;
+
+}
+
+
+
+CancelQueryRequest::EndpointParameters CancelQueryRequest::GetEndpointContextParams() const
+{
+    EndpointParameters parameters;
+    // Static context parameters
+    parameters.emplace_back(Aws::String("ApiType"), "DataPlane", Aws::Endpoint::EndpointParameter::ParameterOrigin::STATIC_CONTEXT);
+    return parameters;
+}
+
+
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/source/model/EdgeStructure.cpp b/generated/src/aws-cpp-sdk-neptune-graph/source/model/EdgeStructure.cpp
new file mode 100644
index 00000000000..4edd0dc491a
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/source/model/EdgeStructure.cpp
@@ -0,0 +1,84 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/neptune-graph/model/EdgeStructure.h>
+#include <aws/core/utils/json/JsonSerializer.h>
+
+#include <utility>
+
+using namespace Aws::Utils::Json;
+using namespace Aws::Utils;
+
+namespace Aws
+{
+namespace NeptuneGraph
+{
+namespace Model
+{
+
+EdgeStructure::EdgeStructure() : 
+    m_count(0),
+    m_countHasBeenSet(false),
+    m_edgePropertiesHasBeenSet(false)
+{
+}
+
+EdgeStructure::EdgeStructure(JsonView jsonValue) : 
+    m_count(0),
+    m_countHasBeenSet(false),
+    m_edgePropertiesHasBeenSet(false)
+{
+  *this = jsonValue;
+}
+
+EdgeStructure& EdgeStructure::operator =(JsonView jsonValue)
+{
+  if(jsonValue.ValueExists("count"))
+  {
+    m_count = jsonValue.GetInt64("count");
+
+    m_countHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("edgeProperties"))
+  {
+    Aws::Utils::Array<JsonView> edgePropertiesJsonList = jsonValue.GetArray("edgeProperties");
+    for(unsigned edgePropertiesIndex = 0; edgePropertiesIndex < edgePropertiesJsonList.GetLength(); ++edgePropertiesIndex)
+    {
+      m_edgeProperties.push_back(edgePropertiesJsonList[edgePropertiesIndex].AsString());
+    }
+    m_edgePropertiesHasBeenSet = true;
+  }
+
+  return *this;
+}
+
+JsonValue EdgeStructure::Jsonize() const
+{
+  JsonValue payload;
+
+  if(m_countHasBeenSet)
+  {
+   payload.WithInt64("count", m_count);
+
+  }
+
+  if(m_edgePropertiesHasBeenSet)
+  {
+   Aws::Utils::Array<JsonValue> edgePropertiesJsonList(m_edgeProperties.size());
+   for(unsigned edgePropertiesIndex = 0; edgePropertiesIndex < edgePropertiesJsonList.GetLength(); ++edgePropertiesIndex)
+   {
+     edgePropertiesJsonList[edgePropertiesIndex].AsString(m_edgeProperties[edgePropertiesIndex]);
+   }
+   payload.WithArray("edgeProperties", std::move(edgePropertiesJsonList));
+
+  }
+
+  return payload;
+}
+
+} // namespace Model
+} // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/source/model/ExecuteQueryRequest.cpp b/generated/src/aws-cpp-sdk-neptune-graph/source/model/ExecuteQueryRequest.cpp
new file mode 100644
index 00000000000..efd9b655590
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/source/model/ExecuteQueryRequest.cpp
@@ -0,0 +1,89 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/neptune-graph/model/ExecuteQueryRequest.h>
+#include <aws/core/utils/json/JsonSerializer.h>
+#include <aws/core/utils/memory/stl/AWSStringStream.h>
+
+#include <utility>
+
+using namespace Aws::NeptuneGraph::Model;
+using namespace Aws::Utils::Json;
+using namespace Aws::Utils;
+
+ExecuteQueryRequest::ExecuteQueryRequest() : 
+    m_graphIdentifierHasBeenSet(false),
+    m_queryStringHasBeenSet(false),
+    m_language(QueryLanguage::NOT_SET),
+    m_languageHasBeenSet(false),
+    m_planCache(PlanCacheType::NOT_SET),
+    m_planCacheHasBeenSet(false),
+    m_explainMode(ExplainMode::NOT_SET),
+    m_explainModeHasBeenSet(false),
+    m_queryTimeoutMilliseconds(0),
+    m_queryTimeoutMillisecondsHasBeenSet(false)
+{
+}
+
+Aws::String ExecuteQueryRequest::SerializePayload() const
+{
+  JsonValue payload;
+
+  if(m_queryStringHasBeenSet)
+  {
+   payload.WithString("query", m_queryString);
+
+  }
+
+  if(m_languageHasBeenSet)
+  {
+   payload.WithString("language", QueryLanguageMapper::GetNameForQueryLanguage(m_language));
+  }
+
+  if(m_planCacheHasBeenSet)
+  {
+   payload.WithString("planCache", PlanCacheTypeMapper::GetNameForPlanCacheType(m_planCache));
+  }
+
+  if(m_explainModeHasBeenSet)
+  {
+   payload.WithString("explain", ExplainModeMapper::GetNameForExplainMode(m_explainMode));
+  }
+
+  if(m_queryTimeoutMillisecondsHasBeenSet)
+  {
+   payload.WithInteger("queryTimeoutMilliseconds", m_queryTimeoutMilliseconds);
+
+  }
+
+  return payload.View().WriteReadable();
+}
+
+Aws::Http::HeaderValueCollection ExecuteQueryRequest::GetRequestSpecificHeaders() const
+{
+  Aws::Http::HeaderValueCollection headers;
+  Aws::StringStream ss;
+  if(m_graphIdentifierHasBeenSet)
+  {
+    ss << m_graphIdentifier;
+    headers.emplace("graphidentifier",  ss.str());
+    ss.str("");
+  }
+
+  return headers;
+
+}
+
+
+
+ExecuteQueryRequest::EndpointParameters ExecuteQueryRequest::GetEndpointContextParams() const
+{
+    EndpointParameters parameters;
+    // Static context parameters
+    parameters.emplace_back(Aws::String("ApiType"), "DataPlane", Aws::Endpoint::EndpointParameter::ParameterOrigin::STATIC_CONTEXT);
+    return parameters;
+}
+
+
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/source/model/ExecuteQueryResult.cpp b/generated/src/aws-cpp-sdk-neptune-graph/source/model/ExecuteQueryResult.cpp
new file mode 100644
index 00000000000..a8b5251ff6e
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/source/model/ExecuteQueryResult.cpp
@@ -0,0 +1,59 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/neptune-graph/model/ExecuteQueryResult.h>
+#include <aws/core/AmazonWebServiceResult.h>
+#include <aws/core/utils/StringUtils.h>
+#include <aws/core/utils/HashingUtils.h>
+#include <aws/core/utils/memory/stl/AWSStringStream.h>
+
+#include <utility>
+
+using namespace Aws::NeptuneGraph::Model;
+using namespace Aws::Utils::Stream;
+using namespace Aws::Utils;
+using namespace Aws;
+
+ExecuteQueryResult::ExecuteQueryResult()
+{
+}
+
+ExecuteQueryResult::ExecuteQueryResult(ExecuteQueryResult&& toMove) : 
+    m_payload(std::move(toMove.m_payload)),
+    m_requestId(std::move(toMove.m_requestId))
+{
+}
+
+ExecuteQueryResult& ExecuteQueryResult::operator=(ExecuteQueryResult&& toMove)
+{
+   if(this == &toMove)
+   {
+      return *this;
+   }
+
+   m_payload = std::move(toMove.m_payload);
+   m_requestId = std::move(toMove.m_requestId);
+
+   return *this;
+}
+
+ExecuteQueryResult::ExecuteQueryResult(Aws::AmazonWebServiceResult<ResponseStream>&& result)
+{
+  *this = std::move(result);
+}
+
+ExecuteQueryResult& ExecuteQueryResult::operator =(Aws::AmazonWebServiceResult<ResponseStream>&& result)
+{
+  m_payload = result.TakeOwnershipOfPayload();
+
+  const auto& headers = result.GetHeaderValueCollection();
+  const auto& requestIdIter = headers.find("x-amzn-requestid");
+  if(requestIdIter != headers.end())
+  {
+    m_requestId = requestIdIter->second;
+  }
+
+   return *this;
+}
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/source/model/ExplainMode.cpp b/generated/src/aws-cpp-sdk-neptune-graph/source/model/ExplainMode.cpp
new file mode 100644
index 00000000000..f2d04418ff5
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/source/model/ExplainMode.cpp
@@ -0,0 +1,72 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/neptune-graph/model/ExplainMode.h>
+#include <aws/core/utils/HashingUtils.h>
+#include <aws/core/Globals.h>
+#include <aws/core/utils/EnumParseOverflowContainer.h>
+
+using namespace Aws::Utils;
+
+
+namespace Aws
+{
+  namespace NeptuneGraph
+  {
+    namespace Model
+    {
+      namespace ExplainModeMapper
+      {
+
+        static const int STATIC__HASH = HashingUtils::HashString("STATIC");
+        static const int DETAILS_HASH = HashingUtils::HashString("DETAILS");
+
+
+        ExplainMode GetExplainModeForName(const Aws::String& name)
+        {
+          int hashCode = HashingUtils::HashString(name.c_str());
+          if (hashCode == STATIC__HASH)
+          {
+            return ExplainMode::STATIC_;
+          }
+          else if (hashCode == DETAILS_HASH)
+          {
+            return ExplainMode::DETAILS;
+          }
+          EnumParseOverflowContainer* overflowContainer = Aws::GetEnumOverflowContainer();
+          if(overflowContainer)
+          {
+            overflowContainer->StoreOverflow(hashCode, name);
+            return static_cast<ExplainMode>(hashCode);
+          }
+
+          return ExplainMode::NOT_SET;
+        }
+
+        Aws::String GetNameForExplainMode(ExplainMode enumValue)
+        {
+          switch(enumValue)
+          {
+          case ExplainMode::NOT_SET:
+            return {};
+          case ExplainMode::STATIC_:
+            return "STATIC";
+          case ExplainMode::DETAILS:
+            return "DETAILS";
+          default:
+            EnumParseOverflowContainer* overflowContainer = Aws::GetEnumOverflowContainer();
+            if(overflowContainer)
+            {
+              return overflowContainer->RetrieveOverflow(static_cast<int>(enumValue));
+            }
+
+            return {};
+          }
+        }
+
+      } // namespace ExplainModeMapper
+    } // namespace Model
+  } // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/source/model/GetGraphSummaryRequest.cpp b/generated/src/aws-cpp-sdk-neptune-graph/source/model/GetGraphSummaryRequest.cpp
new file mode 100644
index 00000000000..37a687ec494
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/source/model/GetGraphSummaryRequest.cpp
@@ -0,0 +1,66 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/neptune-graph/model/GetGraphSummaryRequest.h>
+#include <aws/core/utils/json/JsonSerializer.h>
+#include <aws/core/http/URI.h>
+#include <aws/core/utils/memory/stl/AWSStringStream.h>
+
+#include <utility>
+
+using namespace Aws::NeptuneGraph::Model;
+using namespace Aws::Utils::Json;
+using namespace Aws::Utils;
+using namespace Aws::Http;
+
+GetGraphSummaryRequest::GetGraphSummaryRequest() : 
+    m_graphIdentifierHasBeenSet(false),
+    m_mode(GraphSummaryMode::NOT_SET),
+    m_modeHasBeenSet(false)
+{
+}
+
+Aws::String GetGraphSummaryRequest::SerializePayload() const
+{
+  return {};
+}
+
+Aws::Http::HeaderValueCollection GetGraphSummaryRequest::GetRequestSpecificHeaders() const
+{
+  Aws::Http::HeaderValueCollection headers;
+  Aws::StringStream ss;
+  if(m_graphIdentifierHasBeenSet)
+  {
+    ss << m_graphIdentifier;
+    headers.emplace("graphidentifier",  ss.str());
+    ss.str("");
+  }
+
+  return headers;
+
+}
+
+void GetGraphSummaryRequest::AddQueryStringParameters(URI& uri) const
+{
+    Aws::StringStream ss;
+    if(m_modeHasBeenSet)
+    {
+      ss << GraphSummaryModeMapper::GetNameForGraphSummaryMode(m_mode);
+      uri.AddQueryStringParameter("mode", ss.str());
+      ss.str("");
+    }
+
+}
+
+
+GetGraphSummaryRequest::EndpointParameters GetGraphSummaryRequest::GetEndpointContextParams() const
+{
+    EndpointParameters parameters;
+    // Static context parameters
+    parameters.emplace_back(Aws::String("ApiType"), "DataPlane", Aws::Endpoint::EndpointParameter::ParameterOrigin::STATIC_CONTEXT);
+    return parameters;
+}
+
+
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/source/model/GetGraphSummaryResult.cpp b/generated/src/aws-cpp-sdk-neptune-graph/source/model/GetGraphSummaryResult.cpp
new file mode 100644
index 00000000000..a6d0063150e
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/source/model/GetGraphSummaryResult.cpp
@@ -0,0 +1,60 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/neptune-graph/model/GetGraphSummaryResult.h>
+#include <aws/core/utils/json/JsonSerializer.h>
+#include <aws/core/AmazonWebServiceResult.h>
+#include <aws/core/utils/StringUtils.h>
+#include <aws/core/utils/UnreferencedParam.h>
+#include <aws/core/utils/memory/stl/AWSStringStream.h>
+
+#include <utility>
+
+using namespace Aws::NeptuneGraph::Model;
+using namespace Aws::Utils::Json;
+using namespace Aws::Utils;
+using namespace Aws;
+
+GetGraphSummaryResult::GetGraphSummaryResult()
+{
+}
+
+GetGraphSummaryResult::GetGraphSummaryResult(const Aws::AmazonWebServiceResult<JsonValue>& result)
+{
+  *this = result;
+}
+
+GetGraphSummaryResult& GetGraphSummaryResult::operator =(const Aws::AmazonWebServiceResult<JsonValue>& result)
+{
+  JsonView jsonValue = result.GetPayload().View();
+  if(jsonValue.ValueExists("version"))
+  {
+    m_version = jsonValue.GetString("version");
+
+  }
+
+  if(jsonValue.ValueExists("lastStatisticsComputationTime"))
+  {
+    m_lastStatisticsComputationTime = jsonValue.GetString("lastStatisticsComputationTime");
+
+  }
+
+  if(jsonValue.ValueExists("graphSummary"))
+  {
+    m_graphSummary = jsonValue.GetObject("graphSummary");
+
+  }
+
+
+  const auto& headers = result.GetHeaderValueCollection();
+  const auto& requestIdIter = headers.find("x-amzn-requestid");
+  if(requestIdIter != headers.end())
+  {
+    m_requestId = requestIdIter->second;
+  }
+
+
+  return *this;
+}
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/source/model/GetQueryRequest.cpp b/generated/src/aws-cpp-sdk-neptune-graph/source/model/GetQueryRequest.cpp
new file mode 100644
index 00000000000..4fc44fa9823
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/source/model/GetQueryRequest.cpp
@@ -0,0 +1,52 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/neptune-graph/model/GetQueryRequest.h>
+#include <aws/core/utils/json/JsonSerializer.h>
+#include <aws/core/utils/memory/stl/AWSStringStream.h>
+
+#include <utility>
+
+using namespace Aws::NeptuneGraph::Model;
+using namespace Aws::Utils::Json;
+using namespace Aws::Utils;
+
+GetQueryRequest::GetQueryRequest() : 
+    m_graphIdentifierHasBeenSet(false),
+    m_queryIdHasBeenSet(false)
+{
+}
+
+Aws::String GetQueryRequest::SerializePayload() const
+{
+  return {};
+}
+
+Aws::Http::HeaderValueCollection GetQueryRequest::GetRequestSpecificHeaders() const
+{
+  Aws::Http::HeaderValueCollection headers;
+  Aws::StringStream ss;
+  if(m_graphIdentifierHasBeenSet)
+  {
+    ss << m_graphIdentifier;
+    headers.emplace("graphidentifier",  ss.str());
+    ss.str("");
+  }
+
+  return headers;
+
+}
+
+
+
+GetQueryRequest::EndpointParameters GetQueryRequest::GetEndpointContextParams() const
+{
+    EndpointParameters parameters;
+    // Static context parameters
+    parameters.emplace_back(Aws::String("ApiType"), "DataPlane", Aws::Endpoint::EndpointParameter::ParameterOrigin::STATIC_CONTEXT);
+    return parameters;
+}
+
+
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/source/model/GetQueryResult.cpp b/generated/src/aws-cpp-sdk-neptune-graph/source/model/GetQueryResult.cpp
new file mode 100644
index 00000000000..4c21cf06084
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/source/model/GetQueryResult.cpp
@@ -0,0 +1,78 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/neptune-graph/model/GetQueryResult.h>
+#include <aws/core/utils/json/JsonSerializer.h>
+#include <aws/core/AmazonWebServiceResult.h>
+#include <aws/core/utils/StringUtils.h>
+#include <aws/core/utils/UnreferencedParam.h>
+#include <aws/core/utils/memory/stl/AWSStringStream.h>
+
+#include <utility>
+
+using namespace Aws::NeptuneGraph::Model;
+using namespace Aws::Utils::Json;
+using namespace Aws::Utils;
+using namespace Aws;
+
+GetQueryResult::GetQueryResult() : 
+    m_waited(0),
+    m_elapsed(0),
+    m_state(QueryState::NOT_SET)
+{
+}
+
+GetQueryResult::GetQueryResult(const Aws::AmazonWebServiceResult<JsonValue>& result) : 
+    m_waited(0),
+    m_elapsed(0),
+    m_state(QueryState::NOT_SET)
+{
+  *this = result;
+}
+
+GetQueryResult& GetQueryResult::operator =(const Aws::AmazonWebServiceResult<JsonValue>& result)
+{
+  JsonView jsonValue = result.GetPayload().View();
+  if(jsonValue.ValueExists("id"))
+  {
+    m_id = jsonValue.GetString("id");
+
+  }
+
+  if(jsonValue.ValueExists("queryString"))
+  {
+    m_queryString = jsonValue.GetString("queryString");
+
+  }
+
+  if(jsonValue.ValueExists("waited"))
+  {
+    m_waited = jsonValue.GetInteger("waited");
+
+  }
+
+  if(jsonValue.ValueExists("elapsed"))
+  {
+    m_elapsed = jsonValue.GetInteger("elapsed");
+
+  }
+
+  if(jsonValue.ValueExists("state"))
+  {
+    m_state = QueryStateMapper::GetQueryStateForName(jsonValue.GetString("state"));
+
+  }
+
+
+  const auto& headers = result.GetHeaderValueCollection();
+  const auto& requestIdIter = headers.find("x-amzn-requestid");
+  if(requestIdIter != headers.end())
+  {
+    m_requestId = requestIdIter->second;
+  }
+
+
+  return *this;
+}
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/source/model/GraphDataSummary.cpp b/generated/src/aws-cpp-sdk-neptune-graph/source/model/GraphDataSummary.cpp
new file mode 100644
index 00000000000..e2569e9527b
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/source/model/GraphDataSummary.cpp
@@ -0,0 +1,340 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/neptune-graph/model/GraphDataSummary.h>
+#include <aws/core/utils/json/JsonSerializer.h>
+
+#include <utility>
+
+using namespace Aws::Utils::Json;
+using namespace Aws::Utils;
+
+namespace Aws
+{
+namespace NeptuneGraph
+{
+namespace Model
+{
+
+GraphDataSummary::GraphDataSummary() : 
+    m_numNodes(0),
+    m_numNodesHasBeenSet(false),
+    m_numEdges(0),
+    m_numEdgesHasBeenSet(false),
+    m_numNodeLabels(0),
+    m_numNodeLabelsHasBeenSet(false),
+    m_numEdgeLabels(0),
+    m_numEdgeLabelsHasBeenSet(false),
+    m_nodeLabelsHasBeenSet(false),
+    m_edgeLabelsHasBeenSet(false),
+    m_numNodeProperties(0),
+    m_numNodePropertiesHasBeenSet(false),
+    m_numEdgeProperties(0),
+    m_numEdgePropertiesHasBeenSet(false),
+    m_nodePropertiesHasBeenSet(false),
+    m_edgePropertiesHasBeenSet(false),
+    m_totalNodePropertyValues(0),
+    m_totalNodePropertyValuesHasBeenSet(false),
+    m_totalEdgePropertyValues(0),
+    m_totalEdgePropertyValuesHasBeenSet(false),
+    m_nodeStructuresHasBeenSet(false),
+    m_edgeStructuresHasBeenSet(false)
+{
+}
+
+GraphDataSummary::GraphDataSummary(JsonView jsonValue) : 
+    m_numNodes(0),
+    m_numNodesHasBeenSet(false),
+    m_numEdges(0),
+    m_numEdgesHasBeenSet(false),
+    m_numNodeLabels(0),
+    m_numNodeLabelsHasBeenSet(false),
+    m_numEdgeLabels(0),
+    m_numEdgeLabelsHasBeenSet(false),
+    m_nodeLabelsHasBeenSet(false),
+    m_edgeLabelsHasBeenSet(false),
+    m_numNodeProperties(0),
+    m_numNodePropertiesHasBeenSet(false),
+    m_numEdgeProperties(0),
+    m_numEdgePropertiesHasBeenSet(false),
+    m_nodePropertiesHasBeenSet(false),
+    m_edgePropertiesHasBeenSet(false),
+    m_totalNodePropertyValues(0),
+    m_totalNodePropertyValuesHasBeenSet(false),
+    m_totalEdgePropertyValues(0),
+    m_totalEdgePropertyValuesHasBeenSet(false),
+    m_nodeStructuresHasBeenSet(false),
+    m_edgeStructuresHasBeenSet(false)
+{
+  *this = jsonValue;
+}
+
+GraphDataSummary& GraphDataSummary::operator =(JsonView jsonValue)
+{
+  if(jsonValue.ValueExists("numNodes"))
+  {
+    m_numNodes = jsonValue.GetInt64("numNodes");
+
+    m_numNodesHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("numEdges"))
+  {
+    m_numEdges = jsonValue.GetInt64("numEdges");
+
+    m_numEdgesHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("numNodeLabels"))
+  {
+    m_numNodeLabels = jsonValue.GetInt64("numNodeLabels");
+
+    m_numNodeLabelsHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("numEdgeLabels"))
+  {
+    m_numEdgeLabels = jsonValue.GetInt64("numEdgeLabels");
+
+    m_numEdgeLabelsHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("nodeLabels"))
+  {
+    Aws::Utils::Array<JsonView> nodeLabelsJsonList = jsonValue.GetArray("nodeLabels");
+    for(unsigned nodeLabelsIndex = 0; nodeLabelsIndex < nodeLabelsJsonList.GetLength(); ++nodeLabelsIndex)
+    {
+      m_nodeLabels.push_back(nodeLabelsJsonList[nodeLabelsIndex].AsString());
+    }
+    m_nodeLabelsHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("edgeLabels"))
+  {
+    Aws::Utils::Array<JsonView> edgeLabelsJsonList = jsonValue.GetArray("edgeLabels");
+    for(unsigned edgeLabelsIndex = 0; edgeLabelsIndex < edgeLabelsJsonList.GetLength(); ++edgeLabelsIndex)
+    {
+      m_edgeLabels.push_back(edgeLabelsJsonList[edgeLabelsIndex].AsString());
+    }
+    m_edgeLabelsHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("numNodeProperties"))
+  {
+    m_numNodeProperties = jsonValue.GetInt64("numNodeProperties");
+
+    m_numNodePropertiesHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("numEdgeProperties"))
+  {
+    m_numEdgeProperties = jsonValue.GetInt64("numEdgeProperties");
+
+    m_numEdgePropertiesHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("nodeProperties"))
+  {
+    Aws::Utils::Array<JsonView> nodePropertiesJsonList = jsonValue.GetArray("nodeProperties");
+    for(unsigned nodePropertiesIndex = 0; nodePropertiesIndex < nodePropertiesJsonList.GetLength(); ++nodePropertiesIndex)
+    {
+      Aws::Map<Aws::String, JsonView> longValuedMapJsonMap = nodePropertiesJsonList[nodePropertiesIndex].GetAllObjects();
+      Aws::Map<Aws::String, long long> longValuedMapMap;
+      for(auto& longValuedMapItem : longValuedMapJsonMap)
+      {
+        longValuedMapMap[longValuedMapItem.first] = longValuedMapItem.second.AsInt64();
+      }
+      m_nodeProperties.push_back(std::move(longValuedMapMap));
+    }
+    m_nodePropertiesHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("edgeProperties"))
+  {
+    Aws::Utils::Array<JsonView> edgePropertiesJsonList = jsonValue.GetArray("edgeProperties");
+    for(unsigned edgePropertiesIndex = 0; edgePropertiesIndex < edgePropertiesJsonList.GetLength(); ++edgePropertiesIndex)
+    {
+      Aws::Map<Aws::String, JsonView> longValuedMapJsonMap = edgePropertiesJsonList[edgePropertiesIndex].GetAllObjects();
+      Aws::Map<Aws::String, long long> longValuedMapMap;
+      for(auto& longValuedMapItem : longValuedMapJsonMap)
+      {
+        longValuedMapMap[longValuedMapItem.first] = longValuedMapItem.second.AsInt64();
+      }
+      m_edgeProperties.push_back(std::move(longValuedMapMap));
+    }
+    m_edgePropertiesHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("totalNodePropertyValues"))
+  {
+    m_totalNodePropertyValues = jsonValue.GetInt64("totalNodePropertyValues");
+
+    m_totalNodePropertyValuesHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("totalEdgePropertyValues"))
+  {
+    m_totalEdgePropertyValues = jsonValue.GetInt64("totalEdgePropertyValues");
+
+    m_totalEdgePropertyValuesHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("nodeStructures"))
+  {
+    Aws::Utils::Array<JsonView> nodeStructuresJsonList = jsonValue.GetArray("nodeStructures");
+    for(unsigned nodeStructuresIndex = 0; nodeStructuresIndex < nodeStructuresJsonList.GetLength(); ++nodeStructuresIndex)
+    {
+      m_nodeStructures.push_back(nodeStructuresJsonList[nodeStructuresIndex].AsObject());
+    }
+    m_nodeStructuresHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("edgeStructures"))
+  {
+    Aws::Utils::Array<JsonView> edgeStructuresJsonList = jsonValue.GetArray("edgeStructures");
+    for(unsigned edgeStructuresIndex = 0; edgeStructuresIndex < edgeStructuresJsonList.GetLength(); ++edgeStructuresIndex)
+    {
+      m_edgeStructures.push_back(edgeStructuresJsonList[edgeStructuresIndex].AsObject());
+    }
+    m_edgeStructuresHasBeenSet = true;
+  }
+
+  return *this;
+}
+
+JsonValue GraphDataSummary::Jsonize() const
+{
+  JsonValue payload;
+
+  if(m_numNodesHasBeenSet)
+  {
+   payload.WithInt64("numNodes", m_numNodes);
+
+  }
+
+  if(m_numEdgesHasBeenSet)
+  {
+   payload.WithInt64("numEdges", m_numEdges);
+
+  }
+
+  if(m_numNodeLabelsHasBeenSet)
+  {
+   payload.WithInt64("numNodeLabels", m_numNodeLabels);
+
+  }
+
+  if(m_numEdgeLabelsHasBeenSet)
+  {
+   payload.WithInt64("numEdgeLabels", m_numEdgeLabels);
+
+  }
+
+  if(m_nodeLabelsHasBeenSet)
+  {
+   Aws::Utils::Array<JsonValue> nodeLabelsJsonList(m_nodeLabels.size());
+   for(unsigned nodeLabelsIndex = 0; nodeLabelsIndex < nodeLabelsJsonList.GetLength(); ++nodeLabelsIndex)
+   {
+     nodeLabelsJsonList[nodeLabelsIndex].AsString(m_nodeLabels[nodeLabelsIndex]);
+   }
+   payload.WithArray("nodeLabels", std::move(nodeLabelsJsonList));
+
+  }
+
+  if(m_edgeLabelsHasBeenSet)
+  {
+   Aws::Utils::Array<JsonValue> edgeLabelsJsonList(m_edgeLabels.size());
+   for(unsigned edgeLabelsIndex = 0; edgeLabelsIndex < edgeLabelsJsonList.GetLength(); ++edgeLabelsIndex)
+   {
+     edgeLabelsJsonList[edgeLabelsIndex].AsString(m_edgeLabels[edgeLabelsIndex]);
+   }
+   payload.WithArray("edgeLabels", std::move(edgeLabelsJsonList));
+
+  }
+
+  if(m_numNodePropertiesHasBeenSet)
+  {
+   payload.WithInt64("numNodeProperties", m_numNodeProperties);
+
+  }
+
+  if(m_numEdgePropertiesHasBeenSet)
+  {
+   payload.WithInt64("numEdgeProperties", m_numEdgeProperties);
+
+  }
+
+  if(m_nodePropertiesHasBeenSet)
+  {
+   Aws::Utils::Array<JsonValue> nodePropertiesJsonList(m_nodeProperties.size());
+   for(unsigned nodePropertiesIndex = 0; nodePropertiesIndex < nodePropertiesJsonList.GetLength(); ++nodePropertiesIndex)
+   {
+     JsonValue longValuedMapJsonMap;
+     for(auto& longValuedMapItem : m_nodeProperties[nodePropertiesIndex])
+     {
+       longValuedMapJsonMap.WithInt64(longValuedMapItem.first, longValuedMapItem.second);
+     }
+     nodePropertiesJsonList[nodePropertiesIndex].AsObject(std::move(longValuedMapJsonMap));
+   }
+   payload.WithArray("nodeProperties", std::move(nodePropertiesJsonList));
+
+  }
+
+  if(m_edgePropertiesHasBeenSet)
+  {
+   Aws::Utils::Array<JsonValue> edgePropertiesJsonList(m_edgeProperties.size());
+   for(unsigned edgePropertiesIndex = 0; edgePropertiesIndex < edgePropertiesJsonList.GetLength(); ++edgePropertiesIndex)
+   {
+     JsonValue longValuedMapJsonMap;
+     for(auto& longValuedMapItem : m_edgeProperties[edgePropertiesIndex])
+     {
+       longValuedMapJsonMap.WithInt64(longValuedMapItem.first, longValuedMapItem.second);
+     }
+     edgePropertiesJsonList[edgePropertiesIndex].AsObject(std::move(longValuedMapJsonMap));
+   }
+   payload.WithArray("edgeProperties", std::move(edgePropertiesJsonList));
+
+  }
+
+  if(m_totalNodePropertyValuesHasBeenSet)
+  {
+   payload.WithInt64("totalNodePropertyValues", m_totalNodePropertyValues);
+
+  }
+
+  if(m_totalEdgePropertyValuesHasBeenSet)
+  {
+   payload.WithInt64("totalEdgePropertyValues", m_totalEdgePropertyValues);
+
+  }
+
+  if(m_nodeStructuresHasBeenSet)
+  {
+   Aws::Utils::Array<JsonValue> nodeStructuresJsonList(m_nodeStructures.size());
+   for(unsigned nodeStructuresIndex = 0; nodeStructuresIndex < nodeStructuresJsonList.GetLength(); ++nodeStructuresIndex)
+   {
+     nodeStructuresJsonList[nodeStructuresIndex].AsObject(m_nodeStructures[nodeStructuresIndex].Jsonize());
+   }
+   payload.WithArray("nodeStructures", std::move(nodeStructuresJsonList));
+
+  }
+
+  if(m_edgeStructuresHasBeenSet)
+  {
+   Aws::Utils::Array<JsonValue> edgeStructuresJsonList(m_edgeStructures.size());
+   for(unsigned edgeStructuresIndex = 0; edgeStructuresIndex < edgeStructuresJsonList.GetLength(); ++edgeStructuresIndex)
+   {
+     edgeStructuresJsonList[edgeStructuresIndex].AsObject(m_edgeStructures[edgeStructuresIndex].Jsonize());
+   }
+   payload.WithArray("edgeStructures", std::move(edgeStructuresJsonList));
+
+  }
+
+  return payload;
+}
+
+} // namespace Model
+} // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/source/model/GraphSummaryMode.cpp b/generated/src/aws-cpp-sdk-neptune-graph/source/model/GraphSummaryMode.cpp
new file mode 100644
index 00000000000..d087a7b614e
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/source/model/GraphSummaryMode.cpp
@@ -0,0 +1,72 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/neptune-graph/model/GraphSummaryMode.h>
+#include <aws/core/utils/HashingUtils.h>
+#include <aws/core/Globals.h>
+#include <aws/core/utils/EnumParseOverflowContainer.h>
+
+using namespace Aws::Utils;
+
+
+namespace Aws
+{
+  namespace NeptuneGraph
+  {
+    namespace Model
+    {
+      namespace GraphSummaryModeMapper
+      {
+
+        static const int BASIC_HASH = HashingUtils::HashString("BASIC");
+        static const int DETAILED_HASH = HashingUtils::HashString("DETAILED");
+
+
+        GraphSummaryMode GetGraphSummaryModeForName(const Aws::String& name)
+        {
+          int hashCode = HashingUtils::HashString(name.c_str());
+          if (hashCode == BASIC_HASH)
+          {
+            return GraphSummaryMode::BASIC;
+          }
+          else if (hashCode == DETAILED_HASH)
+          {
+            return GraphSummaryMode::DETAILED;
+          }
+          EnumParseOverflowContainer* overflowContainer = Aws::GetEnumOverflowContainer();
+          if(overflowContainer)
+          {
+            overflowContainer->StoreOverflow(hashCode, name);
+            return static_cast<GraphSummaryMode>(hashCode);
+          }
+
+          return GraphSummaryMode::NOT_SET;
+        }
+
+        Aws::String GetNameForGraphSummaryMode(GraphSummaryMode enumValue)
+        {
+          switch(enumValue)
+          {
+          case GraphSummaryMode::NOT_SET:
+            return {};
+          case GraphSummaryMode::BASIC:
+            return "BASIC";
+          case GraphSummaryMode::DETAILED:
+            return "DETAILED";
+          default:
+            EnumParseOverflowContainer* overflowContainer = Aws::GetEnumOverflowContainer();
+            if(overflowContainer)
+            {
+              return overflowContainer->RetrieveOverflow(static_cast<int>(enumValue));
+            }
+
+            return {};
+          }
+        }
+
+      } // namespace GraphSummaryModeMapper
+    } // namespace Model
+  } // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/source/model/ListQueriesRequest.cpp b/generated/src/aws-cpp-sdk-neptune-graph/source/model/ListQueriesRequest.cpp
new file mode 100644
index 00000000000..668ecd98439
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/source/model/ListQueriesRequest.cpp
@@ -0,0 +1,75 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/neptune-graph/model/ListQueriesRequest.h>
+#include <aws/core/utils/json/JsonSerializer.h>
+#include <aws/core/http/URI.h>
+#include <aws/core/utils/memory/stl/AWSStringStream.h>
+
+#include <utility>
+
+using namespace Aws::NeptuneGraph::Model;
+using namespace Aws::Utils::Json;
+using namespace Aws::Utils;
+using namespace Aws::Http;
+
+ListQueriesRequest::ListQueriesRequest() : 
+    m_graphIdentifierHasBeenSet(false),
+    m_maxResults(0),
+    m_maxResultsHasBeenSet(false),
+    m_state(QueryStateInput::NOT_SET),
+    m_stateHasBeenSet(false)
+{
+}
+
+Aws::String ListQueriesRequest::SerializePayload() const
+{
+  return {};
+}
+
+Aws::Http::HeaderValueCollection ListQueriesRequest::GetRequestSpecificHeaders() const
+{
+  Aws::Http::HeaderValueCollection headers;
+  Aws::StringStream ss;
+  if(m_graphIdentifierHasBeenSet)
+  {
+    ss << m_graphIdentifier;
+    headers.emplace("graphidentifier",  ss.str());
+    ss.str("");
+  }
+
+  return headers;
+
+}
+
+void ListQueriesRequest::AddQueryStringParameters(URI& uri) const
+{
+    Aws::StringStream ss;
+    if(m_maxResultsHasBeenSet)
+    {
+      ss << m_maxResults;
+      uri.AddQueryStringParameter("maxResults", ss.str());
+      ss.str("");
+    }
+
+    if(m_stateHasBeenSet)
+    {
+      ss << QueryStateInputMapper::GetNameForQueryStateInput(m_state);
+      uri.AddQueryStringParameter("state", ss.str());
+      ss.str("");
+    }
+
+}
+
+
+ListQueriesRequest::EndpointParameters ListQueriesRequest::GetEndpointContextParams() const
+{
+    EndpointParameters parameters;
+    // Static context parameters
+    parameters.emplace_back(Aws::String("ApiType"), "DataPlane", Aws::Endpoint::EndpointParameter::ParameterOrigin::STATIC_CONTEXT);
+    return parameters;
+}
+
+
diff --git a/generated/src/aws-cpp-sdk-mediaconvert/source/model/DescribeEndpointsResult.cpp b/generated/src/aws-cpp-sdk-neptune-graph/source/model/ListQueriesResult.cpp
similarity index 52%
rename from generated/src/aws-cpp-sdk-mediaconvert/source/model/DescribeEndpointsResult.cpp
rename to generated/src/aws-cpp-sdk-neptune-graph/source/model/ListQueriesResult.cpp
index 7dc2a26a511..e988f6974eb 100644
--- a/generated/src/aws-cpp-sdk-mediaconvert/source/model/DescribeEndpointsResult.cpp
+++ b/generated/src/aws-cpp-sdk-neptune-graph/source/model/ListQueriesResult.cpp
@@ -3,7 +3,7 @@
  * SPDX-License-Identifier: Apache-2.0.
  */
 
-#include <aws/mediaconvert/model/DescribeEndpointsResult.h>
+#include <aws/neptune-graph/model/ListQueriesResult.h>
 #include <aws/core/utils/json/JsonSerializer.h>
 #include <aws/core/AmazonWebServiceResult.h>
 #include <aws/core/utils/StringUtils.h>
@@ -12,38 +12,32 @@
 
 #include <utility>
 
-using namespace Aws::MediaConvert::Model;
+using namespace Aws::NeptuneGraph::Model;
 using namespace Aws::Utils::Json;
 using namespace Aws::Utils;
 using namespace Aws;
 
-DescribeEndpointsResult::DescribeEndpointsResult()
+ListQueriesResult::ListQueriesResult()
 {
 }
 
-DescribeEndpointsResult::DescribeEndpointsResult(const Aws::AmazonWebServiceResult<JsonValue>& result)
+ListQueriesResult::ListQueriesResult(const Aws::AmazonWebServiceResult<JsonValue>& result)
 {
   *this = result;
 }
 
-DescribeEndpointsResult& DescribeEndpointsResult::operator =(const Aws::AmazonWebServiceResult<JsonValue>& result)
+ListQueriesResult& ListQueriesResult::operator =(const Aws::AmazonWebServiceResult<JsonValue>& result)
 {
   JsonView jsonValue = result.GetPayload().View();
-  if(jsonValue.ValueExists("endpoints"))
+  if(jsonValue.ValueExists("queries"))
   {
-    Aws::Utils::Array<JsonView> endpointsJsonList = jsonValue.GetArray("endpoints");
-    for(unsigned endpointsIndex = 0; endpointsIndex < endpointsJsonList.GetLength(); ++endpointsIndex)
+    Aws::Utils::Array<JsonView> queriesJsonList = jsonValue.GetArray("queries");
+    for(unsigned queriesIndex = 0; queriesIndex < queriesJsonList.GetLength(); ++queriesIndex)
     {
-      m_endpoints.push_back(endpointsJsonList[endpointsIndex].AsObject());
+      m_queries.push_back(queriesJsonList[queriesIndex].AsObject());
     }
   }
 
-  if(jsonValue.ValueExists("nextToken"))
-  {
-    m_nextToken = jsonValue.GetString("nextToken");
-
-  }
-
 
   const auto& headers = result.GetHeaderValueCollection();
   const auto& requestIdIter = headers.find("x-amzn-requestid");
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/source/model/NodeStructure.cpp b/generated/src/aws-cpp-sdk-neptune-graph/source/model/NodeStructure.cpp
new file mode 100644
index 00000000000..2aa598e817c
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/source/model/NodeStructure.cpp
@@ -0,0 +1,107 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/neptune-graph/model/NodeStructure.h>
+#include <aws/core/utils/json/JsonSerializer.h>
+
+#include <utility>
+
+using namespace Aws::Utils::Json;
+using namespace Aws::Utils;
+
+namespace Aws
+{
+namespace NeptuneGraph
+{
+namespace Model
+{
+
+NodeStructure::NodeStructure() : 
+    m_count(0),
+    m_countHasBeenSet(false),
+    m_nodePropertiesHasBeenSet(false),
+    m_distinctOutgoingEdgeLabelsHasBeenSet(false)
+{
+}
+
+NodeStructure::NodeStructure(JsonView jsonValue) : 
+    m_count(0),
+    m_countHasBeenSet(false),
+    m_nodePropertiesHasBeenSet(false),
+    m_distinctOutgoingEdgeLabelsHasBeenSet(false)
+{
+  *this = jsonValue;
+}
+
+NodeStructure& NodeStructure::operator =(JsonView jsonValue)
+{
+  if(jsonValue.ValueExists("count"))
+  {
+    m_count = jsonValue.GetInt64("count");
+
+    m_countHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("nodeProperties"))
+  {
+    Aws::Utils::Array<JsonView> nodePropertiesJsonList = jsonValue.GetArray("nodeProperties");
+    for(unsigned nodePropertiesIndex = 0; nodePropertiesIndex < nodePropertiesJsonList.GetLength(); ++nodePropertiesIndex)
+    {
+      m_nodeProperties.push_back(nodePropertiesJsonList[nodePropertiesIndex].AsString());
+    }
+    m_nodePropertiesHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("distinctOutgoingEdgeLabels"))
+  {
+    Aws::Utils::Array<JsonView> distinctOutgoingEdgeLabelsJsonList = jsonValue.GetArray("distinctOutgoingEdgeLabels");
+    for(unsigned distinctOutgoingEdgeLabelsIndex = 0; distinctOutgoingEdgeLabelsIndex < distinctOutgoingEdgeLabelsJsonList.GetLength(); ++distinctOutgoingEdgeLabelsIndex)
+    {
+      m_distinctOutgoingEdgeLabels.push_back(distinctOutgoingEdgeLabelsJsonList[distinctOutgoingEdgeLabelsIndex].AsString());
+    }
+    m_distinctOutgoingEdgeLabelsHasBeenSet = true;
+  }
+
+  return *this;
+}
+
+JsonValue NodeStructure::Jsonize() const
+{
+  JsonValue payload;
+
+  if(m_countHasBeenSet)
+  {
+   payload.WithInt64("count", m_count);
+
+  }
+
+  if(m_nodePropertiesHasBeenSet)
+  {
+   Aws::Utils::Array<JsonValue> nodePropertiesJsonList(m_nodeProperties.size());
+   for(unsigned nodePropertiesIndex = 0; nodePropertiesIndex < nodePropertiesJsonList.GetLength(); ++nodePropertiesIndex)
+   {
+     nodePropertiesJsonList[nodePropertiesIndex].AsString(m_nodeProperties[nodePropertiesIndex]);
+   }
+   payload.WithArray("nodeProperties", std::move(nodePropertiesJsonList));
+
+  }
+
+  if(m_distinctOutgoingEdgeLabelsHasBeenSet)
+  {
+   Aws::Utils::Array<JsonValue> distinctOutgoingEdgeLabelsJsonList(m_distinctOutgoingEdgeLabels.size());
+   for(unsigned distinctOutgoingEdgeLabelsIndex = 0; distinctOutgoingEdgeLabelsIndex < distinctOutgoingEdgeLabelsJsonList.GetLength(); ++distinctOutgoingEdgeLabelsIndex)
+   {
+     distinctOutgoingEdgeLabelsJsonList[distinctOutgoingEdgeLabelsIndex].AsString(m_distinctOutgoingEdgeLabels[distinctOutgoingEdgeLabelsIndex]);
+   }
+   payload.WithArray("distinctOutgoingEdgeLabels", std::move(distinctOutgoingEdgeLabelsJsonList));
+
+  }
+
+  return payload;
+}
+
+} // namespace Model
+} // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/source/model/PlanCacheType.cpp b/generated/src/aws-cpp-sdk-neptune-graph/source/model/PlanCacheType.cpp
new file mode 100644
index 00000000000..3f38fa70603
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/source/model/PlanCacheType.cpp
@@ -0,0 +1,79 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/neptune-graph/model/PlanCacheType.h>
+#include <aws/core/utils/HashingUtils.h>
+#include <aws/core/Globals.h>
+#include <aws/core/utils/EnumParseOverflowContainer.h>
+
+using namespace Aws::Utils;
+
+
+namespace Aws
+{
+  namespace NeptuneGraph
+  {
+    namespace Model
+    {
+      namespace PlanCacheTypeMapper
+      {
+
+        static const int ENABLED_HASH = HashingUtils::HashString("ENABLED");
+        static const int DISABLED_HASH = HashingUtils::HashString("DISABLED");
+        static const int AUTO_HASH = HashingUtils::HashString("AUTO");
+
+
+        PlanCacheType GetPlanCacheTypeForName(const Aws::String& name)
+        {
+          int hashCode = HashingUtils::HashString(name.c_str());
+          if (hashCode == ENABLED_HASH)
+          {
+            return PlanCacheType::ENABLED;
+          }
+          else if (hashCode == DISABLED_HASH)
+          {
+            return PlanCacheType::DISABLED;
+          }
+          else if (hashCode == AUTO_HASH)
+          {
+            return PlanCacheType::AUTO;
+          }
+          EnumParseOverflowContainer* overflowContainer = Aws::GetEnumOverflowContainer();
+          if(overflowContainer)
+          {
+            overflowContainer->StoreOverflow(hashCode, name);
+            return static_cast<PlanCacheType>(hashCode);
+          }
+
+          return PlanCacheType::NOT_SET;
+        }
+
+        Aws::String GetNameForPlanCacheType(PlanCacheType enumValue)
+        {
+          switch(enumValue)
+          {
+          case PlanCacheType::NOT_SET:
+            return {};
+          case PlanCacheType::ENABLED:
+            return "ENABLED";
+          case PlanCacheType::DISABLED:
+            return "DISABLED";
+          case PlanCacheType::AUTO:
+            return "AUTO";
+          default:
+            EnumParseOverflowContainer* overflowContainer = Aws::GetEnumOverflowContainer();
+            if(overflowContainer)
+            {
+              return overflowContainer->RetrieveOverflow(static_cast<int>(enumValue));
+            }
+
+            return {};
+          }
+        }
+
+      } // namespace PlanCacheTypeMapper
+    } // namespace Model
+  } // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/source/model/QueryLanguage.cpp b/generated/src/aws-cpp-sdk-neptune-graph/source/model/QueryLanguage.cpp
new file mode 100644
index 00000000000..43254cc21f3
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/source/model/QueryLanguage.cpp
@@ -0,0 +1,65 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/neptune-graph/model/QueryLanguage.h>
+#include <aws/core/utils/HashingUtils.h>
+#include <aws/core/Globals.h>
+#include <aws/core/utils/EnumParseOverflowContainer.h>
+
+using namespace Aws::Utils;
+
+
+namespace Aws
+{
+  namespace NeptuneGraph
+  {
+    namespace Model
+    {
+      namespace QueryLanguageMapper
+      {
+
+        static const int OPEN_CYPHER_HASH = HashingUtils::HashString("OPEN_CYPHER");
+
+
+        QueryLanguage GetQueryLanguageForName(const Aws::String& name)
+        {
+          int hashCode = HashingUtils::HashString(name.c_str());
+          if (hashCode == OPEN_CYPHER_HASH)
+          {
+            return QueryLanguage::OPEN_CYPHER;
+          }
+          EnumParseOverflowContainer* overflowContainer = Aws::GetEnumOverflowContainer();
+          if(overflowContainer)
+          {
+            overflowContainer->StoreOverflow(hashCode, name);
+            return static_cast<QueryLanguage>(hashCode);
+          }
+
+          return QueryLanguage::NOT_SET;
+        }
+
+        Aws::String GetNameForQueryLanguage(QueryLanguage enumValue)
+        {
+          switch(enumValue)
+          {
+          case QueryLanguage::NOT_SET:
+            return {};
+          case QueryLanguage::OPEN_CYPHER:
+            return "OPEN_CYPHER";
+          default:
+            EnumParseOverflowContainer* overflowContainer = Aws::GetEnumOverflowContainer();
+            if(overflowContainer)
+            {
+              return overflowContainer->RetrieveOverflow(static_cast<int>(enumValue));
+            }
+
+            return {};
+          }
+        }
+
+      } // namespace QueryLanguageMapper
+    } // namespace Model
+  } // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/source/model/QueryState.cpp b/generated/src/aws-cpp-sdk-neptune-graph/source/model/QueryState.cpp
new file mode 100644
index 00000000000..dbaaddb5f29
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/source/model/QueryState.cpp
@@ -0,0 +1,79 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/neptune-graph/model/QueryState.h>
+#include <aws/core/utils/HashingUtils.h>
+#include <aws/core/Globals.h>
+#include <aws/core/utils/EnumParseOverflowContainer.h>
+
+using namespace Aws::Utils;
+
+
+namespace Aws
+{
+  namespace NeptuneGraph
+  {
+    namespace Model
+    {
+      namespace QueryStateMapper
+      {
+
+        static const int RUNNING_HASH = HashingUtils::HashString("RUNNING");
+        static const int WAITING_HASH = HashingUtils::HashString("WAITING");
+        static const int CANCELLING_HASH = HashingUtils::HashString("CANCELLING");
+
+
+        QueryState GetQueryStateForName(const Aws::String& name)
+        {
+          int hashCode = HashingUtils::HashString(name.c_str());
+          if (hashCode == RUNNING_HASH)
+          {
+            return QueryState::RUNNING;
+          }
+          else if (hashCode == WAITING_HASH)
+          {
+            return QueryState::WAITING;
+          }
+          else if (hashCode == CANCELLING_HASH)
+          {
+            return QueryState::CANCELLING;
+          }
+          EnumParseOverflowContainer* overflowContainer = Aws::GetEnumOverflowContainer();
+          if(overflowContainer)
+          {
+            overflowContainer->StoreOverflow(hashCode, name);
+            return static_cast<QueryState>(hashCode);
+          }
+
+          return QueryState::NOT_SET;
+        }
+
+        Aws::String GetNameForQueryState(QueryState enumValue)
+        {
+          switch(enumValue)
+          {
+          case QueryState::NOT_SET:
+            return {};
+          case QueryState::RUNNING:
+            return "RUNNING";
+          case QueryState::WAITING:
+            return "WAITING";
+          case QueryState::CANCELLING:
+            return "CANCELLING";
+          default:
+            EnumParseOverflowContainer* overflowContainer = Aws::GetEnumOverflowContainer();
+            if(overflowContainer)
+            {
+              return overflowContainer->RetrieveOverflow(static_cast<int>(enumValue));
+            }
+
+            return {};
+          }
+        }
+
+      } // namespace QueryStateMapper
+    } // namespace Model
+  } // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/source/model/QueryStateInput.cpp b/generated/src/aws-cpp-sdk-neptune-graph/source/model/QueryStateInput.cpp
new file mode 100644
index 00000000000..522fca8b358
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/source/model/QueryStateInput.cpp
@@ -0,0 +1,86 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/neptune-graph/model/QueryStateInput.h>
+#include <aws/core/utils/HashingUtils.h>
+#include <aws/core/Globals.h>
+#include <aws/core/utils/EnumParseOverflowContainer.h>
+
+using namespace Aws::Utils;
+
+
+namespace Aws
+{
+  namespace NeptuneGraph
+  {
+    namespace Model
+    {
+      namespace QueryStateInputMapper
+      {
+
+        static const int ALL_HASH = HashingUtils::HashString("ALL");
+        static const int RUNNING_HASH = HashingUtils::HashString("RUNNING");
+        static const int WAITING_HASH = HashingUtils::HashString("WAITING");
+        static const int CANCELLING_HASH = HashingUtils::HashString("CANCELLING");
+
+
+        QueryStateInput GetQueryStateInputForName(const Aws::String& name)
+        {
+          int hashCode = HashingUtils::HashString(name.c_str());
+          if (hashCode == ALL_HASH)
+          {
+            return QueryStateInput::ALL;
+          }
+          else if (hashCode == RUNNING_HASH)
+          {
+            return QueryStateInput::RUNNING;
+          }
+          else if (hashCode == WAITING_HASH)
+          {
+            return QueryStateInput::WAITING;
+          }
+          else if (hashCode == CANCELLING_HASH)
+          {
+            return QueryStateInput::CANCELLING;
+          }
+          EnumParseOverflowContainer* overflowContainer = Aws::GetEnumOverflowContainer();
+          if(overflowContainer)
+          {
+            overflowContainer->StoreOverflow(hashCode, name);
+            return static_cast<QueryStateInput>(hashCode);
+          }
+
+          return QueryStateInput::NOT_SET;
+        }
+
+        Aws::String GetNameForQueryStateInput(QueryStateInput enumValue)
+        {
+          switch(enumValue)
+          {
+          case QueryStateInput::NOT_SET:
+            return {};
+          case QueryStateInput::ALL:
+            return "ALL";
+          case QueryStateInput::RUNNING:
+            return "RUNNING";
+          case QueryStateInput::WAITING:
+            return "WAITING";
+          case QueryStateInput::CANCELLING:
+            return "CANCELLING";
+          default:
+            EnumParseOverflowContainer* overflowContainer = Aws::GetEnumOverflowContainer();
+            if(overflowContainer)
+            {
+              return overflowContainer->RetrieveOverflow(static_cast<int>(enumValue));
+            }
+
+            return {};
+          }
+        }
+
+      } // namespace QueryStateInputMapper
+    } // namespace Model
+  } // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/source/model/QuerySummary.cpp b/generated/src/aws-cpp-sdk-neptune-graph/source/model/QuerySummary.cpp
new file mode 100644
index 00000000000..98d53d83228
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/source/model/QuerySummary.cpp
@@ -0,0 +1,124 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/neptune-graph/model/QuerySummary.h>
+#include <aws/core/utils/json/JsonSerializer.h>
+
+#include <utility>
+
+using namespace Aws::Utils::Json;
+using namespace Aws::Utils;
+
+namespace Aws
+{
+namespace NeptuneGraph
+{
+namespace Model
+{
+
+QuerySummary::QuerySummary() : 
+    m_idHasBeenSet(false),
+    m_queryStringHasBeenSet(false),
+    m_waited(0),
+    m_waitedHasBeenSet(false),
+    m_elapsed(0),
+    m_elapsedHasBeenSet(false),
+    m_state(QueryState::NOT_SET),
+    m_stateHasBeenSet(false)
+{
+}
+
+QuerySummary::QuerySummary(JsonView jsonValue) : 
+    m_idHasBeenSet(false),
+    m_queryStringHasBeenSet(false),
+    m_waited(0),
+    m_waitedHasBeenSet(false),
+    m_elapsed(0),
+    m_elapsedHasBeenSet(false),
+    m_state(QueryState::NOT_SET),
+    m_stateHasBeenSet(false)
+{
+  *this = jsonValue;
+}
+
+QuerySummary& QuerySummary::operator =(JsonView jsonValue)
+{
+  if(jsonValue.ValueExists("id"))
+  {
+    m_id = jsonValue.GetString("id");
+
+    m_idHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("queryString"))
+  {
+    m_queryString = jsonValue.GetString("queryString");
+
+    m_queryStringHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("waited"))
+  {
+    m_waited = jsonValue.GetInteger("waited");
+
+    m_waitedHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("elapsed"))
+  {
+    m_elapsed = jsonValue.GetInteger("elapsed");
+
+    m_elapsedHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("state"))
+  {
+    m_state = QueryStateMapper::GetQueryStateForName(jsonValue.GetString("state"));
+
+    m_stateHasBeenSet = true;
+  }
+
+  return *this;
+}
+
+JsonValue QuerySummary::Jsonize() const
+{
+  JsonValue payload;
+
+  if(m_idHasBeenSet)
+  {
+   payload.WithString("id", m_id);
+
+  }
+
+  if(m_queryStringHasBeenSet)
+  {
+   payload.WithString("queryString", m_queryString);
+
+  }
+
+  if(m_waitedHasBeenSet)
+  {
+   payload.WithInteger("waited", m_waited);
+
+  }
+
+  if(m_elapsedHasBeenSet)
+  {
+   payload.WithInteger("elapsed", m_elapsed);
+
+  }
+
+  if(m_stateHasBeenSet)
+  {
+   payload.WithString("state", QueryStateMapper::GetNameForQueryState(m_state));
+  }
+
+  return payload;
+}
+
+} // namespace Model
+} // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/source/model/UnprocessableException.cpp b/generated/src/aws-cpp-sdk-neptune-graph/source/model/UnprocessableException.cpp
new file mode 100644
index 00000000000..32c541633e4
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/source/model/UnprocessableException.cpp
@@ -0,0 +1,75 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/neptune-graph/model/UnprocessableException.h>
+#include <aws/core/utils/json/JsonSerializer.h>
+
+#include <utility>
+
+using namespace Aws::Utils::Json;
+using namespace Aws::Utils;
+
+namespace Aws
+{
+namespace NeptuneGraph
+{
+namespace Model
+{
+
+UnprocessableException::UnprocessableException() : 
+    m_messageHasBeenSet(false),
+    m_reason(UnprocessableExceptionReason::NOT_SET),
+    m_reasonHasBeenSet(false)
+{
+}
+
+UnprocessableException::UnprocessableException(JsonView jsonValue) : 
+    m_messageHasBeenSet(false),
+    m_reason(UnprocessableExceptionReason::NOT_SET),
+    m_reasonHasBeenSet(false)
+{
+  *this = jsonValue;
+}
+
+UnprocessableException& UnprocessableException::operator =(JsonView jsonValue)
+{
+  if(jsonValue.ValueExists("message"))
+  {
+    m_message = jsonValue.GetString("message");
+
+    m_messageHasBeenSet = true;
+  }
+
+  if(jsonValue.ValueExists("reason"))
+  {
+    m_reason = UnprocessableExceptionReasonMapper::GetUnprocessableExceptionReasonForName(jsonValue.GetString("reason"));
+
+    m_reasonHasBeenSet = true;
+  }
+
+  return *this;
+}
+
+JsonValue UnprocessableException::Jsonize() const
+{
+  JsonValue payload;
+
+  if(m_messageHasBeenSet)
+  {
+   payload.WithString("message", m_message);
+
+  }
+
+  if(m_reasonHasBeenSet)
+  {
+   payload.WithString("reason", UnprocessableExceptionReasonMapper::GetNameForUnprocessableExceptionReason(m_reason));
+  }
+
+  return payload;
+}
+
+} // namespace Model
+} // namespace NeptuneGraph
+} // namespace Aws
diff --git a/generated/src/aws-cpp-sdk-neptune-graph/source/model/UnprocessableExceptionReason.cpp b/generated/src/aws-cpp-sdk-neptune-graph/source/model/UnprocessableExceptionReason.cpp
new file mode 100644
index 00000000000..b554251043d
--- /dev/null
+++ b/generated/src/aws-cpp-sdk-neptune-graph/source/model/UnprocessableExceptionReason.cpp
@@ -0,0 +1,93 @@
+/**
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+#include <aws/neptune-graph/model/UnprocessableExceptionReason.h>
+#include <aws/core/utils/HashingUtils.h>
+#include <aws/core/Globals.h>
+#include <aws/core/utils/EnumParseOverflowContainer.h>
+
+using namespace Aws::Utils;
+
+
+namespace Aws
+{
+  namespace NeptuneGraph
+  {
+    namespace Model
+    {
+      namespace UnprocessableExceptionReasonMapper
+      {
+
+        static const int QUERY_TIMEOUT_HASH = HashingUtils::HashString("QUERY_TIMEOUT");
+        static const int INTERNAL_LIMIT_EXCEEDED_HASH = HashingUtils::HashString("INTERNAL_LIMIT_EXCEEDED");
+        static const int MEMORY_LIMIT_EXCEEDED_HASH = HashingUtils::HashString("MEMORY_LIMIT_EXCEEDED");
+        static const int STORAGE_LIMIT_EXCEEDED_HASH = HashingUtils::HashString("STORAGE_LIMIT_EXCEEDED");
+        static const int PARTITION_FULL_HASH = HashingUtils::HashString("PARTITION_FULL");
+
+
+        UnprocessableExceptionReason GetUnprocessableExceptionReasonForName(const Aws::String& name)
+        {
+          int hashCode = HashingUtils::HashString(name.c_str());
+          if (hashCode == QUERY_TIMEOUT_HASH)
+          {
+            return UnprocessableExceptionReason::QUERY_TIMEOUT;
+          }
+          else if (hashCode == INTERNAL_LIMIT_EXCEEDED_HASH)
+          {
+            return UnprocessableExceptionReason::INTERNAL_LIMIT_EXCEEDED;
+          }
+          else if (hashCode == MEMORY_LIMIT_EXCEEDED_HASH)
+          {
+            return UnprocessableExceptionReason::MEMORY_LIMIT_EXCEEDED;
+          }
+          else if (hashCode == STORAGE_LIMIT_EXCEEDED_HASH)
+          {
+            return UnprocessableExceptionReason::STORAGE_LIMIT_EXCEEDED;
+          }
+          else if (hashCode == PARTITION_FULL_HASH)
+          {
+            return UnprocessableExceptionReason::PARTITION_FULL;
+          }
+          EnumParseOverflowContainer* overflowContainer = Aws::GetEnumOverflowContainer();
+          if(overflowContainer)
+          {
+            overflowContainer->StoreOverflow(hashCode, name);
+            return static_cast<UnprocessableExceptionReason>(hashCode);
+          }
+
+          return UnprocessableExceptionReason::NOT_SET;
+        }
+
+        Aws::String GetNameForUnprocessableExceptionReason(UnprocessableExceptionReason enumValue)
+        {
+          switch(enumValue)
+          {
+          case UnprocessableExceptionReason::NOT_SET:
+            return {};
+          case UnprocessableExceptionReason::QUERY_TIMEOUT:
+            return "QUERY_TIMEOUT";
+          case UnprocessableExceptionReason::INTERNAL_LIMIT_EXCEEDED:
+            return "INTERNAL_LIMIT_EXCEEDED";
+          case UnprocessableExceptionReason::MEMORY_LIMIT_EXCEEDED:
+            return "MEMORY_LIMIT_EXCEEDED";
+          case UnprocessableExceptionReason::STORAGE_LIMIT_EXCEEDED:
+            return "STORAGE_LIMIT_EXCEEDED";
+          case UnprocessableExceptionReason::PARTITION_FULL:
+            return "PARTITION_FULL";
+          default:
+            EnumParseOverflowContainer* overflowContainer = Aws::GetEnumOverflowContainer();
+            if(overflowContainer)
+            {
+              return overflowContainer->RetrieveOverflow(static_cast<int>(enumValue));
+            }
+
+            return {};
+          }
+        }
+
+      } // namespace UnprocessableExceptionReasonMapper
+    } // namespace Model
+  } // namespace NeptuneGraph
+} // namespace Aws
diff --git a/src/aws-cpp-sdk-core/include/aws/core/VersionConfig.h b/src/aws-cpp-sdk-core/include/aws/core/VersionConfig.h
index b885ec55f33..0543028ecf5 100644
--- a/src/aws-cpp-sdk-core/include/aws/core/VersionConfig.h
+++ b/src/aws-cpp-sdk-core/include/aws/core/VersionConfig.h
@@ -4,7 +4,7 @@
  */
 #pragma once
 
-#define AWS_SDK_VERSION_STRING "1.11.255"
+#define AWS_SDK_VERSION_STRING "1.11.256"
 #define AWS_SDK_VERSION_MAJOR 1
 #define AWS_SDK_VERSION_MINOR 11
-#define AWS_SDK_VERSION_PATCH 255
+#define AWS_SDK_VERSION_PATCH 256
diff --git a/tools/code-generation/api-descriptions/cognito-idp-2016-04-18.normal.json b/tools/code-generation/api-descriptions/cognito-idp-2016-04-18.normal.json
index e51eafdfd9c..6812d20ff79 100644
--- a/tools/code-generation/api-descriptions/cognito-idp-2016-04-18.normal.json
+++ b/tools/code-generation/api-descriptions/cognito-idp-2016-04-18.normal.json
@@ -571,7 +571,7 @@
         {"shape":"SoftwareTokenMFANotFoundException"},
         {"shape":"ForbiddenException"}
       ],
-      "documentation":"<p>Begins setup of time-based one-time password (TOTP) multi-factor authentication (MFA) for a user, with a unique private key that Amazon Cognito generates and returns in the API response. You can authorize an <code>AssociateSoftwareToken</code> request with either the user's access token, or a session string from a challenge response that you received from Amazon Cognito.</p> <note> <p>Amazon Cognito disassociates an existing software token when you verify the new token in a <a href=\"https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerifySoftwareToken.html\"> VerifySoftwareToken</a> API request. If you don't verify the software token and your user pool doesn't require MFA, the user can then authenticate with user name and password credentials alone. If your user pool requires TOTP MFA, Amazon Cognito generates an <code>MFA_SETUP</code> or <code>SOFTWARE_TOKEN_SETUP</code> challenge each time your user signs. Complete setup with <code>AssociateSoftwareToken</code> and <code>VerifySoftwareToken</code>.</p> <p>After you set up software token MFA for your user, Amazon Cognito generates a <code>SOFTWARE_TOKEN_MFA</code> challenge when they authenticate. Respond to this challenge with your user's TOTP.</p> </note> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito native and OIDC APIs</a>.</p> </note>",
+      "documentation":"<p>Begins setup of time-based one-time password (TOTP) multi-factor authentication (MFA) for a user, with a unique private key that Amazon Cognito generates and returns in the API response. You can authorize an <code>AssociateSoftwareToken</code> request with either the user's access token, or a session string from a challenge response that you received from Amazon Cognito.</p> <note> <p>Amazon Cognito disassociates an existing software token when you verify the new token in a <a href=\"https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerifySoftwareToken.html\"> VerifySoftwareToken</a> API request. If you don't verify the software token and your user pool doesn't require MFA, the user can then authenticate with user name and password credentials alone. If your user pool requires TOTP MFA, Amazon Cognito generates an <code>MFA_SETUP</code> or <code>SOFTWARE_TOKEN_SETUP</code> challenge each time your user signs. Complete setup with <code>AssociateSoftwareToken</code> and <code>VerifySoftwareToken</code>.</p> <p>After you set up software token MFA for your user, Amazon Cognito generates a <code>SOFTWARE_TOKEN_MFA</code> challenge when they authenticate. Respond to this challenge with your user's TOTP.</p> </note> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p> </note>",
       "authtype":"none"
     },
     "ChangePassword":{
@@ -595,7 +595,7 @@
         {"shape":"InternalErrorException"},
         {"shape":"ForbiddenException"}
       ],
-      "documentation":"<p>Changes the password for a specified user in a user pool.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito native and OIDC APIs</a>.</p> </note>",
+      "documentation":"<p>Changes the password for a specified user in a user pool.</p> <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p> </note>",
       "authtype":"none"
     },
     "ConfirmDevice":{
@@ -621,7 +621,7 @@
         {"shape":"InternalErrorException"},
         {"shape":"ForbiddenException"}
       ],
-      "documentation":"<p>Confirms tracking of the device. This API call is the call that begins device tracking.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito native and OIDC APIs</a>.</p> </note>",
+      "documentation":"<p>Confirms tracking of the device. This API call is the call that begins device tracking. For more information about device authentication, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html\">Working with user devices in your user pool</a>.</p> <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p> </note>",
       "authtype":"none"
     },
     "ConfirmForgotPassword":{
@@ -650,7 +650,7 @@
         {"shape":"InternalErrorException"},
         {"shape":"ForbiddenException"}
       ],
-      "documentation":"<p>Allows a user to enter a confirmation code to reset a forgotten password.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito native and OIDC APIs</a>.</p> </note>",
+      "documentation":"<p>Allows a user to enter a confirmation code to reset a forgotten password.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p> </note>",
       "authtype":"none"
     },
     "ConfirmSignUp":{
@@ -678,7 +678,7 @@
         {"shape":"InternalErrorException"},
         {"shape":"ForbiddenException"}
       ],
-      "documentation":"<p>This public API operation provides a code that Amazon Cognito sent to your user when they signed up in your user pool via the <a href=\"https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SignUp.html\">SignUp</a> API operation. After your user enters their code, they confirm ownership of the email address or phone number that they provided, and their user account becomes active. Depending on your user pool configuration, your users will receive their confirmation code in an email or SMS message.</p> <p>Local users who signed up in your user pool are the only type of user who can confirm sign-up with a code. Users who federate through an external identity provider (IdP) have already been confirmed by their IdP. Administrator-created users, users created with the <a href=\"https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminCreateUser.html\">AdminCreateUser</a> API operation, confirm their accounts when they respond to their invitation email message and choose a password. They do not receive a confirmation code. Instead, they receive a temporary password.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito native and OIDC APIs</a>.</p> </note>",
+      "documentation":"<p>This public API operation provides a code that Amazon Cognito sent to your user when they signed up in your user pool via the <a href=\"https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SignUp.html\">SignUp</a> API operation. After your user enters their code, they confirm ownership of the email address or phone number that they provided, and their user account becomes active. Depending on your user pool configuration, your users will receive their confirmation code in an email or SMS message.</p> <p>Local users who signed up in your user pool are the only type of user who can confirm sign-up with a code. Users who federate through an external identity provider (IdP) have already been confirmed by their IdP. Administrator-created users, users created with the <a href=\"https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminCreateUser.html\">AdminCreateUser</a> API operation, confirm their accounts when they respond to their invitation email message and choose a password. They do not receive a confirmation code. Instead, they receive a temporary password.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p> </note>",
       "authtype":"none"
     },
     "CreateGroup":{
@@ -717,7 +717,7 @@
         {"shape":"LimitExceededException"},
         {"shape":"InternalErrorException"}
       ],
-      "documentation":"<p>Creates an IdP for a user pool.</p> <note> <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.</p> <p class=\"title\"> <b>Learn more</b> </p> <ul> <li> <p> <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html\">Signing Amazon Web Services API Requests</a> </p> </li> <li> <p> <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a> </p> </li> </ul> </note>"
+      "documentation":"<p>Adds a configuration and trust relationship between a third-party identity provider (IdP) and a user pool.</p> <note> <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.</p> <p class=\"title\"> <b>Learn more</b> </p> <ul> <li> <p> <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html\">Signing Amazon Web Services API Requests</a> </p> </li> <li> <p> <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a> </p> </li> </ul> </note>"
     },
     "CreateResourceServer":{
       "name":"CreateResourceServer",
@@ -882,7 +882,7 @@
         {"shape":"InternalErrorException"},
         {"shape":"ForbiddenException"}
       ],
-      "documentation":"<p>Allows a user to delete their own user profile.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito native and OIDC APIs</a>.</p> </note>",
+      "documentation":"<p>Allows a user to delete their own user profile.</p> <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p> </note>",
       "authtype":"none"
     },
     "DeleteUserAttributes":{
@@ -904,7 +904,7 @@
         {"shape":"InternalErrorException"},
         {"shape":"ForbiddenException"}
       ],
-      "documentation":"<p>Deletes the attributes for a user.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito native and OIDC APIs</a>.</p> </note>",
+      "documentation":"<p>Deletes the attributes for a user.</p> <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p> </note>",
       "authtype":"none"
     },
     "DeleteUserPool":{
@@ -1096,7 +1096,7 @@
         {"shape":"InternalErrorException"},
         {"shape":"ForbiddenException"}
       ],
-      "documentation":"<p>Forgets the specified device.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito native and OIDC APIs</a>.</p> </note>",
+      "documentation":"<p>Forgets the specified device. For more information about device authentication, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html\">Working with user devices in your user pool</a>.</p> <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p> </note>",
       "authtype":"none"
     },
     "ForgotPassword":{
@@ -1124,7 +1124,7 @@
         {"shape":"InternalErrorException"},
         {"shape":"ForbiddenException"}
       ],
-      "documentation":"<p>Calling this API causes a message to be sent to the end user with a confirmation code that is required to change the user's password. For the <code>Username</code> parameter, you can use the username or user alias. The method used to send the confirmation code is sent according to the specified AccountRecoverySetting. For more information, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/how-to-recover-a-user-account.html\">Recovering User Accounts</a> in the <i>Amazon Cognito Developer Guide</i>. To use the confirmation code for resetting the password, call <a href=\"https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmForgotPassword.html\">ConfirmForgotPassword</a>. </p> <p>If neither a verified phone number nor a verified email exists, this API returns <code>InvalidParameterException</code>. If your app client has a client secret and you don't provide a <code>SECRET_HASH</code> parameter, this API returns <code>NotAuthorizedException</code>.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito native and OIDC APIs</a>.</p> </note> <note> <p>This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with <a href=\"https://console.aws.amazon.com/pinpoint/home/\">Amazon Pinpoint</a>. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.</p> <p>If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In <i> <a href=\"https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html\">sandbox mode</a> </i>, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html\"> SMS message settings for Amazon Cognito user pools</a> in the <i>Amazon Cognito Developer Guide</i>.</p> </note>",
+      "documentation":"<p>Calling this API causes a message to be sent to the end user with a confirmation code that is required to change the user's password. For the <code>Username</code> parameter, you can use the username or user alias. The method used to send the confirmation code is sent according to the specified AccountRecoverySetting. For more information, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/how-to-recover-a-user-account.html\">Recovering User Accounts</a> in the <i>Amazon Cognito Developer Guide</i>. To use the confirmation code for resetting the password, call <a href=\"https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmForgotPassword.html\">ConfirmForgotPassword</a>. </p> <p>If neither a verified phone number nor a verified email exists, this API returns <code>InvalidParameterException</code>. If your app client has a client secret and you don't provide a <code>SECRET_HASH</code> parameter, this API returns <code>NotAuthorizedException</code>.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p> </note> <note> <p>This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with <a href=\"https://console.aws.amazon.com/pinpoint/home/\">Amazon Pinpoint</a>. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.</p> <p>If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In <i> <a href=\"https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html\">sandbox mode</a> </i>, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html\"> SMS message settings for Amazon Cognito user pools</a> in the <i>Amazon Cognito Developer Guide</i>.</p> </note>",
       "authtype":"none"
     },
     "GetCSVHeader":{
@@ -1164,7 +1164,7 @@
         {"shape":"InternalErrorException"},
         {"shape":"ForbiddenException"}
       ],
-      "documentation":"<p>Gets the device.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito native and OIDC APIs</a>.</p> </note>",
+      "documentation":"<p>Gets the device. For more information about device authentication, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html\">Working with user devices in your user pool</a>.</p> <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p> </note>",
       "authtype":"none"
     },
     "GetGroup":{
@@ -1269,7 +1269,7 @@
         {"shape":"InternalErrorException"},
         {"shape":"ForbiddenException"}
       ],
-      "documentation":"<p>Gets the user attributes and metadata for a user.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito native and OIDC APIs</a>.</p> </note>",
+      "documentation":"<p>Gets the user attributes and metadata for a user.</p> <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p> </note>",
       "authtype":"none"
     },
     "GetUserAttributeVerificationCode":{
@@ -1299,7 +1299,7 @@
         {"shape":"InternalErrorException"},
         {"shape":"ForbiddenException"}
       ],
-      "documentation":"<p>Generates a user attribute verification code for the specified attribute name. Sends a message to a user with a code that they must return in a VerifyUserAttribute request.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito native and OIDC APIs</a>.</p> </note> <note> <p>This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with <a href=\"https://console.aws.amazon.com/pinpoint/home/\">Amazon Pinpoint</a>. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.</p> <p>If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In <i> <a href=\"https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html\">sandbox mode</a> </i>, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html\"> SMS message settings for Amazon Cognito user pools</a> in the <i>Amazon Cognito Developer Guide</i>.</p> </note>",
+      "documentation":"<p>Generates a user attribute verification code for the specified attribute name. Sends a message to a user with a code that they must return in a VerifyUserAttribute request.</p> <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p> </note> <note> <p>This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with <a href=\"https://console.aws.amazon.com/pinpoint/home/\">Amazon Pinpoint</a>. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.</p> <p>If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In <i> <a href=\"https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html\">sandbox mode</a> </i>, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html\"> SMS message settings for Amazon Cognito user pools</a> in the <i>Amazon Cognito Developer Guide</i>.</p> </note>",
       "authtype":"none"
     },
     "GetUserPoolMfaConfig":{
@@ -1337,7 +1337,7 @@
         {"shape":"InternalErrorException"},
         {"shape":"ForbiddenException"}
       ],
-      "documentation":"<p>Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user. Call this operation when your user signs out of your app. This results in the following behavior. </p> <ul> <li> <p>Amazon Cognito no longer accepts <i>token-authorized</i> user operations that you authorize with a signed-out user's access tokens. For more information, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p> <p>Amazon Cognito returns an <code>Access Token has been revoked</code> error when your app attempts to authorize a user pools API request with a revoked access token that contains the scope <code>aws.cognito.signin.user.admin</code>.</p> </li> <li> <p>Amazon Cognito no longer accepts a signed-out user's ID token in a <a href=\"https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_GetId.html\">GetId </a> request to an identity pool with <code>ServerSideTokenCheck</code> enabled for its user pool IdP configuration in <a href=\"https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_CognitoIdentityProvider.html\">CognitoIdentityProvider</a>.</p> </li> <li> <p>Amazon Cognito no longer accepts a signed-out user's refresh tokens in refresh requests.</p> </li> </ul> <p>Other requests might be valid until your user's token expires.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito native and OIDC APIs</a>.</p> </note>",
+      "documentation":"<p>Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user. Call this operation when your user signs out of your app. This results in the following behavior. </p> <ul> <li> <p>Amazon Cognito no longer accepts <i>token-authorized</i> user operations that you authorize with a signed-out user's access tokens. For more information, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p> <p>Amazon Cognito returns an <code>Access Token has been revoked</code> error when your app attempts to authorize a user pools API request with a revoked access token that contains the scope <code>aws.cognito.signin.user.admin</code>.</p> </li> <li> <p>Amazon Cognito no longer accepts a signed-out user's ID token in a <a href=\"https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_GetId.html\">GetId </a> request to an identity pool with <code>ServerSideTokenCheck</code> enabled for its user pool IdP configuration in <a href=\"https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_CognitoIdentityProvider.html\">CognitoIdentityProvider</a>.</p> </li> <li> <p>Amazon Cognito no longer accepts a signed-out user's refresh tokens in refresh requests.</p> </li> </ul> <p>Other requests might be valid until your user's token expires.</p> <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p> </note>",
       "authtype":"none"
     },
     "InitiateAuth":{
@@ -1365,7 +1365,7 @@
         {"shape":"InvalidSmsRoleTrustRelationshipException"},
         {"shape":"ForbiddenException"}
       ],
-      "documentation":"<p>Initiates sign-in for a user in the Amazon Cognito user directory. You can't sign in a user with a federated IdP with <code>InitiateAuth</code>. For more information, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation.html\"> Adding user pool sign-in through a third party</a>.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito native and OIDC APIs</a>.</p> </note> <note> <p>This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with <a href=\"https://console.aws.amazon.com/pinpoint/home/\">Amazon Pinpoint</a>. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.</p> <p>If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In <i> <a href=\"https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html\">sandbox mode</a> </i>, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html\"> SMS message settings for Amazon Cognito user pools</a> in the <i>Amazon Cognito Developer Guide</i>.</p> </note>",
+      "documentation":"<p>Initiates sign-in for a user in the Amazon Cognito user directory. You can't sign in a user with a federated IdP with <code>InitiateAuth</code>. For more information, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation.html\"> Adding user pool sign-in through a third party</a>.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p> </note> <note> <p>This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with <a href=\"https://console.aws.amazon.com/pinpoint/home/\">Amazon Pinpoint</a>. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.</p> <p>If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In <i> <a href=\"https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html\">sandbox mode</a> </i>, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html\"> SMS message settings for Amazon Cognito user pools</a> in the <i>Amazon Cognito Developer Guide</i>.</p> </note>",
       "authtype":"none"
     },
     "ListDevices":{
@@ -1388,7 +1388,7 @@
         {"shape":"InternalErrorException"},
         {"shape":"ForbiddenException"}
       ],
-      "documentation":"<p>Lists the sign-in devices that Amazon Cognito has registered to the current user.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito native and OIDC APIs</a>.</p> </note>",
+      "documentation":"<p>Lists the sign-in devices that Amazon Cognito has registered to the current user. For more information about device authentication, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html\">Working with user devices in your user pool</a>.</p> <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p> </note>",
       "authtype":"none"
     },
     "ListGroups":{
@@ -1568,7 +1568,7 @@
         {"shape":"InternalErrorException"},
         {"shape":"ForbiddenException"}
       ],
-      "documentation":"<p>Resends the confirmation (for confirmation of registration) to a specific user in the user pool.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito native and OIDC APIs</a>.</p> </note> <note> <p>This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with <a href=\"https://console.aws.amazon.com/pinpoint/home/\">Amazon Pinpoint</a>. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.</p> <p>If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In <i> <a href=\"https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html\">sandbox mode</a> </i>, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html\"> SMS message settings for Amazon Cognito user pools</a> in the <i>Amazon Cognito Developer Guide</i>.</p> </note>",
+      "documentation":"<p>Resends the confirmation (for confirmation of registration) to a specific user in the user pool.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p> </note> <note> <p>This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with <a href=\"https://console.aws.amazon.com/pinpoint/home/\">Amazon Pinpoint</a>. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.</p> <p>If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In <i> <a href=\"https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html\">sandbox mode</a> </i>, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html\"> SMS message settings for Amazon Cognito user pools</a> in the <i>Amazon Cognito Developer Guide</i>.</p> </note>",
       "authtype":"none"
     },
     "RespondToAuthChallenge":{
@@ -1602,7 +1602,7 @@
         {"shape":"SoftwareTokenMFANotFoundException"},
         {"shape":"ForbiddenException"}
       ],
-      "documentation":"<p>Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge. A <code>RespondToAuthChallenge</code> API request provides the answer to that challenge, like a code or a secure remote password (SRP). The parameters of a response to an authentication challenge vary with the type of challenge.</p> <p>For more information about custom authentication challenges, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html\">Custom authentication challenge Lambda triggers</a>.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito native and OIDC APIs</a>.</p> </note> <note> <p>This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with <a href=\"https://console.aws.amazon.com/pinpoint/home/\">Amazon Pinpoint</a>. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.</p> <p>If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In <i> <a href=\"https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html\">sandbox mode</a> </i>, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html\"> SMS message settings for Amazon Cognito user pools</a> in the <i>Amazon Cognito Developer Guide</i>.</p> </note>",
+      "documentation":"<p>Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge. A <code>RespondToAuthChallenge</code> API request provides the answer to that challenge, like a code or a secure remote password (SRP). The parameters of a response to an authentication challenge vary with the type of challenge.</p> <p>For more information about custom authentication challenges, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html\">Custom authentication challenge Lambda triggers</a>.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p> </note> <note> <p>This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with <a href=\"https://console.aws.amazon.com/pinpoint/home/\">Amazon Pinpoint</a>. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.</p> <p>If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In <i> <a href=\"https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html\">sandbox mode</a> </i>, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html\"> SMS message settings for Amazon Cognito user pools</a> in the <i>Amazon Cognito Developer Guide</i>.</p> </note>",
       "authtype":"none"
     },
     "RevokeToken":{
@@ -1622,7 +1622,7 @@
         {"shape":"UnsupportedTokenTypeException"},
         {"shape":"ForbiddenException"}
       ],
-      "documentation":"<p>Revokes all of the access tokens generated by, and at the same time as, the specified refresh token. After a token is revoked, you can't use the revoked token to access Amazon Cognito user APIs, or to authorize access to your resource server.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito native and OIDC APIs</a>.</p> </note>",
+      "documentation":"<p>Revokes all of the access tokens generated by, and at the same time as, the specified refresh token. After a token is revoked, you can't use the revoked token to access Amazon Cognito user APIs, or to authorize access to your resource server.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p> </note>",
       "authtype":"none"
     },
     "SetLogDeliveryConfiguration":{
@@ -1697,7 +1697,7 @@
         {"shape":"InternalErrorException"},
         {"shape":"ForbiddenException"}
       ],
-      "documentation":"<p>Set the user's multi-factor authentication (MFA) method preference, including which MFA factors are activated and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA option will be returned during sign-in. If an MFA type is activated for a user, the user will be prompted for MFA during all sign-in attempts unless device tracking is turned on and the device has been trusted. If you want MFA to be applied selectively based on the assessed risk level of sign-in attempts, deactivate MFA for users and turn on Adaptive Authentication for the user pool.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito native and OIDC APIs</a>.</p> </note>",
+      "documentation":"<p>Set the user's multi-factor authentication (MFA) method preference, including which MFA factors are activated and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA option will be returned during sign-in. If an MFA type is activated for a user, the user will be prompted for MFA during all sign-in attempts unless device tracking is turned on and the device has been trusted. If you want MFA to be applied selectively based on the assessed risk level of sign-in attempts, deactivate MFA for users and turn on Adaptive Authentication for the user pool.</p> <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p> </note>",
       "authtype":"none"
     },
     "SetUserPoolMfaConfig":{
@@ -1737,7 +1737,7 @@
         {"shape":"InternalErrorException"},
         {"shape":"ForbiddenException"}
       ],
-      "documentation":"<p> <i>This action is no longer supported.</i> You can use it to configure only SMS MFA. You can't use it to configure time-based one-time password (TOTP) software token MFA. To configure either type of MFA, use <a href=\"https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetUserMFAPreference.html\">SetUserMFAPreference</a> instead.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito native and OIDC APIs</a>.</p> </note>",
+      "documentation":"<p> <i>This action is no longer supported.</i> You can use it to configure only SMS MFA. You can't use it to configure time-based one-time password (TOTP) software token MFA. To configure either type of MFA, use <a href=\"https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetUserMFAPreference.html\">SetUserMFAPreference</a> instead.</p> <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p> </note>",
       "authtype":"none"
     },
     "SignUp":{
@@ -1765,7 +1765,7 @@
         {"shape":"CodeDeliveryFailureException"},
         {"shape":"ForbiddenException"}
       ],
-      "documentation":"<p>Registers the user in the specified user pool and creates a user name, password, and user attributes.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito native and OIDC APIs</a>.</p> </note> <note> <p>This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with <a href=\"https://console.aws.amazon.com/pinpoint/home/\">Amazon Pinpoint</a>. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.</p> <p>If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In <i> <a href=\"https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html\">sandbox mode</a> </i>, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html\"> SMS message settings for Amazon Cognito user pools</a> in the <i>Amazon Cognito Developer Guide</i>.</p> </note>",
+      "documentation":"<p>Registers the user in the specified user pool and creates a user name, password, and user attributes.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p> </note> <note> <p>This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with <a href=\"https://console.aws.amazon.com/pinpoint/home/\">Amazon Pinpoint</a>. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.</p> <p>If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In <i> <a href=\"https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html\">sandbox mode</a> </i>, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html\"> SMS message settings for Amazon Cognito user pools</a> in the <i>Amazon Cognito Developer Guide</i>.</p> </note>",
       "authtype":"none"
     },
     "StartUserImportJob":{
@@ -1855,7 +1855,7 @@
         {"shape":"UserPoolAddOnNotEnabledException"},
         {"shape":"InternalErrorException"}
       ],
-      "documentation":"<p>Provides the feedback for an authentication event, whether it was from a valid user or not. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito native and OIDC APIs</a>.</p> </note>",
+      "documentation":"<p>Provides the feedback for an authentication event, whether it was from a valid user or not. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p> </note>",
       "authtype":"none"
     },
     "UpdateDeviceStatus":{
@@ -1878,7 +1878,7 @@
         {"shape":"InternalErrorException"},
         {"shape":"ForbiddenException"}
       ],
-      "documentation":"<p>Updates the device status.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito native and OIDC APIs</a>.</p> </note>",
+      "documentation":"<p>Updates the device status. For more information about device authentication, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html\">Working with user devices in your user pool</a>.</p> <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p> </note>",
       "authtype":"none"
     },
     "UpdateGroup":{
@@ -1963,7 +1963,7 @@
         {"shape":"InternalErrorException"},
         {"shape":"ForbiddenException"}
       ],
-      "documentation":"<p>With this operation, your users can update one or more of their attributes with their own credentials. You authorize this API request with the user's access token. To delete an attribute from your user, submit the attribute in your API request with a blank value. Custom attribute values in this request must include the <code>custom:</code> prefix.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito native and OIDC APIs</a>.</p> </note> <note> <p>This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with <a href=\"https://console.aws.amazon.com/pinpoint/home/\">Amazon Pinpoint</a>. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.</p> <p>If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In <i> <a href=\"https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html\">sandbox mode</a> </i>, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html\"> SMS message settings for Amazon Cognito user pools</a> in the <i>Amazon Cognito Developer Guide</i>.</p> </note>",
+      "documentation":"<p>With this operation, your users can update one or more of their attributes with their own credentials. You authorize this API request with the user's access token. To delete an attribute from your user, submit the attribute in your API request with a blank value. Custom attribute values in this request must include the <code>custom:</code> prefix.</p> <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p> </note> <note> <p>This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with <a href=\"https://console.aws.amazon.com/pinpoint/home/\">Amazon Pinpoint</a>. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.</p> <p>If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In <i> <a href=\"https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html\">sandbox mode</a> </i>, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html\"> SMS message settings for Amazon Cognito user pools</a> in the <i>Amazon Cognito Developer Guide</i>.</p> </note>",
       "authtype":"none"
     },
     "UpdateUserPool":{
@@ -2050,7 +2050,7 @@
         {"shape":"CodeMismatchException"},
         {"shape":"ForbiddenException"}
       ],
-      "documentation":"<p>Use this API to register a user's entered time-based one-time password (TOTP) code and mark the user's software token MFA status as \"verified\" if successful. The request takes an access token or a session string, but not both.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito native and OIDC APIs</a>.</p> </note>",
+      "documentation":"<p>Use this API to register a user's entered time-based one-time password (TOTP) code and mark the user's software token MFA status as \"verified\" if successful. The request takes an access token or a session string, but not both.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p> </note>",
       "authtype":"none"
     },
     "VerifyUserAttribute":{
@@ -2076,7 +2076,7 @@
         {"shape":"AliasExistsException"},
         {"shape":"ForbiddenException"}
       ],
-      "documentation":"<p>Verifies the specified user attributes in the user pool.</p> <p> If your user pool requires verification before Amazon Cognito updates the attribute value, VerifyUserAttribute updates the affected attribute to its pending value. For more information, see <a href=\"https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UserAttributeUpdateSettingsType.html\"> UserAttributeUpdateSettingsType</a>. </p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito native and OIDC APIs</a>.</p> </note>",
+      "documentation":"<p>Verifies the specified user attributes in the user pool.</p> <p> If your user pool requires verification before Amazon Cognito updates the attribute value, VerifyUserAttribute updates the affected attribute to its pending value. For more information, see <a href=\"https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UserAttributeUpdateSettingsType.html\"> UserAttributeUpdateSettingsType</a>. </p> <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p> <note> <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html\">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p> </note>",
       "authtype":"none"
     }
   },
@@ -3809,7 +3809,7 @@
         },
         "ProviderDetails":{
           "shape":"ProviderDetailsType",
-          "documentation":"<p>The IdP details. The following list describes the provider detail keys for each IdP type.</p> <ul> <li> <p>For Google and Login with Amazon:</p> <ul> <li> <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li> <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For Facebook:</p> <ul> <li> <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li> <p>authorize_scopes</p> </li> <li> <p>api_version</p> </li> </ul> </li> <li> <p>For Sign in with Apple:</p> <ul> <li> <p>client_id</p> </li> <li> <p>team_id</p> </li> <li> <p>key_id</p> </li> <li> <p>private_key</p> </li> <li> <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For OpenID Connect (OIDC) providers:</p> <ul> <li> <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li> <p>attributes_request_method</p> </li> <li> <p>oidc_issuer</p> </li> <li> <p>authorize_scopes</p> </li> <li> <p>The following keys are only present if Amazon Cognito didn't discover them at the <code>oidc_issuer</code> URL.</p> <ul> <li> <p>authorize_url </p> </li> <li> <p>token_url </p> </li> <li> <p>attributes_url </p> </li> <li> <p>jwks_uri </p> </li> </ul> </li> <li> <p>Amazon Cognito sets the value of the following keys automatically. They are read-only.</p> <ul> <li> <p>attributes_url_add_attributes </p> </li> </ul> </li> </ul> </li> <li> <p>For SAML providers:</p> <ul> <li> <p>MetadataFile or MetadataURL</p> </li> <li> <p>IDPSignout <i>optional</i> </p> </li> </ul> </li> </ul>"
+          "documentation":"<p>The scopes, URLs, and identifiers for your external identity provider. The following examples describe the provider detail keys for each IdP type. These values and their schema are subject to change. Social IdP <code>authorize_scopes</code> values must match the values listed here.</p> <dl> <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following elements when it can't discover endpoint URLs from <code>oidc_issuer</code>: <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>, <code>token_url</code>.</p> <p>Create or update request: <code>\"ProviderDetails\": { \"attributes_request_method\": \"GET\", \"attributes_url\": \"https://auth.example.com/userInfo\", \"authorize_scopes\": \"openid profile email\", \"authorize_url\": \"https://auth.example.com/authorize\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"jwks_uri\": \"https://auth.example.com/.well-known/jwks.json\", \"oidc_issuer\": \"https://auth.example.com\", \"token_url\": \"https://example.com/token\" }</code> </p> <p>Describe response: <code>\"ProviderDetails\": { \"attributes_request_method\": \"GET\", \"attributes_url\": \"https://auth.example.com/userInfo\", \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"openid profile email\", \"authorize_url\": \"https://auth.example.com/authorize\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"jwks_uri\": \"https://auth.example.com/.well-known/jwks.json\", \"oidc_issuer\": \"https://auth.example.com\", \"token_url\": \"https://example.com/token\" }</code> </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL: <code>\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"MetadataURL\": \"https://auth.example.com/sso/saml/metadata\", \"RequestSigningAlgorithm\": \"rsa-sha256\" }</code> </p> <p>Create or update request with Metadata file: <code>\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"MetadataFile\": \"[metadata XML]\", \"RequestSigningAlgorithm\": \"rsa-sha256\" }</code> </p> <p>The value of <code>MetadataFile</code> must be the plaintext metadata document with all quote (\") characters escaped by backslashes.</p> <p>Describe response: <code>\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"ActiveEncryptionCertificate\": \"[certificate]\", \"MetadataURL\": \"https://auth.example.com/sso/saml/metadata\", \"RequestSigningAlgorithm\": \"rsa-sha256\", \"SLORedirectBindingURI\": \"https://auth.example.com/slo/saml\", \"SSORedirectBindingURI\": \"https://auth.example.com/sso/saml\" }</code> </p> </dd> <dt>LoginWithAmazon</dt> <dd> <p>Create or update request: <code>\"ProviderDetails\": { \"authorize_scopes\": \"profile postal_code\", \"client_id\": \"amzn1.application-oa2-client.1example23456789\", \"client_secret\": \"provider-app-client-secret\"</code> </p> <p>Describe response: <code>\"ProviderDetails\": { \"attributes_url\": \"https://api.amazon.com/user/profile\", \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"profile postal_code\", \"authorize_url\": \"https://www.amazon.com/ap/oa\", \"client_id\": \"amzn1.application-oa2-client.1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"token_request_method\": \"POST\", \"token_url\": \"https://api.amazon.com/auth/o2/token\" }</code> </p> </dd> <dt>Google</dt> <dd> <p>Create or update request: <code>\"ProviderDetails\": { \"authorize_scopes\": \"email profile openid\", \"client_id\": \"1example23456789.apps.googleusercontent.com\", \"client_secret\": \"provider-app-client-secret\" }</code> </p> <p>Describe response: <code>\"ProviderDetails\": { \"attributes_url\": \"https://people.googleapis.com/v1/people/me?personFields=\", \"attributes_url_add_attributes\": \"true\", \"authorize_scopes\": \"email profile openid\", \"authorize_url\": \"https://accounts.google.com/o/oauth2/v2/auth\", \"client_id\": \"1example23456789.apps.googleusercontent.com\", \"client_secret\": \"provider-app-client-secret\", \"oidc_issuer\": \"https://accounts.google.com\", \"token_request_method\": \"POST\", \"token_url\": \"https://www.googleapis.com/oauth2/v4/token\" }</code> </p> </dd> <dt>SignInWithApple</dt> <dd> <p>Create or update request: <code>\"ProviderDetails\": { \"authorize_scopes\": \"email name\", \"client_id\": \"com.example.cognito\", \"private_key\": \"1EXAMPLE\", \"key_id\": \"2EXAMPLE\", \"team_id\": \"3EXAMPLE\" }</code> </p> <p>Describe response: <code>\"ProviderDetails\": { \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"email name\", \"authorize_url\": \"https://appleid.apple.com/auth/authorize\", \"client_id\": \"com.example.cognito\", \"key_id\": \"1EXAMPLE\", \"oidc_issuer\": \"https://appleid.apple.com\", \"team_id\": \"2EXAMPLE\", \"token_request_method\": \"POST\", \"token_url\": \"https://appleid.apple.com/auth/token\" }</code> </p> </dd> <dt>Facebook</dt> <dd> <p>Create or update request: <code>\"ProviderDetails\": { \"api_version\": \"v17.0\", \"authorize_scopes\": \"public_profile, email\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\" }</code> </p> <p>Describe response: <code>\"ProviderDetails\": { \"api_version\": \"v17.0\", \"attributes_url\": \"https://graph.facebook.com/v17.0/me?fields=\", \"attributes_url_add_attributes\": \"true\", \"authorize_scopes\": \"public_profile, email\", \"authorize_url\": \"https://www.facebook.com/v17.0/dialog/oauth\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"token_request_method\": \"GET\", \"token_url\": \"https://graph.facebook.com/v17.0/oauth/access_token\" }</code> </p> </dd> </dl>"
         },
         "AttributeMapping":{
           "shape":"AttributeMappingType",
@@ -3965,7 +3965,7 @@
         },
         "AllowedOAuthFlows":{
           "shape":"OAuthFlowsType",
-          "documentation":"<p>The allowed OAuth flows.</p> <dl> <dt>code</dt> <dd> <p>Use a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the <code>/oauth2/token</code> endpoint.</p> </dd> <dt>implicit</dt> <dd> <p>Issue the access token (and, optionally, ID token, based on scopes) directly to your user.</p> </dd> <dt>client_credentials</dt> <dd> <p>Issue the access token from the <code>/oauth2/token</code> endpoint directly to a non-person user using a combination of the client ID and client secret.</p> </dd> </dl>"
+          "documentation":"<p>The OAuth grant types that you want your app client to generate. To create an app client that generates client credentials grants, you must add <code>client_credentials</code> as the only allowed OAuth flow.</p> <dl> <dt>code</dt> <dd> <p>Use a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the <code>/oauth2/token</code> endpoint.</p> </dd> <dt>implicit</dt> <dd> <p>Issue the access token (and, optionally, ID token, based on scopes) directly to your user.</p> </dd> <dt>client_credentials</dt> <dd> <p>Issue the access token from the <code>/oauth2/token</code> endpoint directly to a non-person user using a combination of the client ID and client secret.</p> </dd> </dl>"
         },
         "AllowedOAuthScopes":{
           "shape":"ScopeListType",
@@ -4034,7 +4034,7 @@
       "members":{
         "CloudFrontDomain":{
           "shape":"DomainType",
-          "documentation":"<p>The Amazon CloudFront endpoint that you use as the target of the alias that you set up with your Domain Name Service (DNS) provider.</p>"
+          "documentation":"<p>The Amazon CloudFront endpoint that you use as the target of the alias that you set up with your Domain Name Service (DNS) provider. Amazon Cognito returns this value if you set a custom domain with <code>CustomDomainConfig</code>. If you set an Amazon Cognito prefix domain, this operation returns a blank response.</p>"
         }
       }
     },
@@ -5373,7 +5373,7 @@
         },
         "ProviderDetails":{
           "shape":"ProviderDetailsType",
-          "documentation":"<p>The IdP details. The following list describes the provider detail keys for each IdP type.</p> <ul> <li> <p>For Google and Login with Amazon:</p> <ul> <li> <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li> <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For Facebook:</p> <ul> <li> <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li> <p>authorize_scopes</p> </li> <li> <p>api_version</p> </li> </ul> </li> <li> <p>For Sign in with Apple:</p> <ul> <li> <p>client_id</p> </li> <li> <p>team_id</p> </li> <li> <p>key_id</p> </li> <li> <p>private_key</p> <p> <i>You can submit a private_key when you add or update an IdP. Describe operations don't return the private key.</i> </p> </li> <li> <p>authorize_scopes</p> </li> </ul> </li> <li> <p>For OIDC providers:</p> <ul> <li> <p>client_id</p> </li> <li> <p>client_secret</p> </li> <li> <p>attributes_request_method</p> </li> <li> <p>oidc_issuer</p> </li> <li> <p>authorize_scopes</p> </li> <li> <p>The following keys are only present if Amazon Cognito didn't discover them at the <code>oidc_issuer</code> URL.</p> <ul> <li> <p>authorize_url </p> </li> <li> <p>token_url </p> </li> <li> <p>attributes_url </p> </li> <li> <p>jwks_uri </p> </li> </ul> </li> <li> <p>Amazon Cognito sets the value of the following keys automatically. They are read-only.</p> <ul> <li> <p>attributes_url_add_attributes </p> </li> </ul> </li> </ul> </li> <li> <p>For SAML providers:</p> <ul> <li> <p>MetadataFile or MetadataURL</p> </li> <li> <p>IDPSignout <i>optional</i> </p> </li> </ul> </li> </ul>"
+          "documentation":"<p>The scopes, URLs, and identifiers for your external identity provider. The following examples describe the provider detail keys for each IdP type. These values and their schema are subject to change. Social IdP <code>authorize_scopes</code> values must match the values listed here.</p> <dl> <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following elements when it can't discover endpoint URLs from <code>oidc_issuer</code>: <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>, <code>token_url</code>.</p> <p>Create or update request: <code>\"ProviderDetails\": { \"attributes_request_method\": \"GET\", \"attributes_url\": \"https://auth.example.com/userInfo\", \"authorize_scopes\": \"openid profile email\", \"authorize_url\": \"https://auth.example.com/authorize\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"jwks_uri\": \"https://auth.example.com/.well-known/jwks.json\", \"oidc_issuer\": \"https://auth.example.com\", \"token_url\": \"https://example.com/token\" }</code> </p> <p>Describe response: <code>\"ProviderDetails\": { \"attributes_request_method\": \"GET\", \"attributes_url\": \"https://auth.example.com/userInfo\", \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"openid profile email\", \"authorize_url\": \"https://auth.example.com/authorize\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"jwks_uri\": \"https://auth.example.com/.well-known/jwks.json\", \"oidc_issuer\": \"https://auth.example.com\", \"token_url\": \"https://example.com/token\" }</code> </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL: <code>\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"MetadataURL\": \"https://auth.example.com/sso/saml/metadata\", \"RequestSigningAlgorithm\": \"rsa-sha256\" }</code> </p> <p>Create or update request with Metadata file: <code>\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"MetadataFile\": \"[metadata XML]\", \"RequestSigningAlgorithm\": \"rsa-sha256\" }</code> </p> <p>The value of <code>MetadataFile</code> must be the plaintext metadata document with all quote (\") characters escaped by backslashes.</p> <p>Describe response: <code>\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"ActiveEncryptionCertificate\": \"[certificate]\", \"MetadataURL\": \"https://auth.example.com/sso/saml/metadata\", \"RequestSigningAlgorithm\": \"rsa-sha256\", \"SLORedirectBindingURI\": \"https://auth.example.com/slo/saml\", \"SSORedirectBindingURI\": \"https://auth.example.com/sso/saml\" }</code> </p> </dd> <dt>LoginWithAmazon</dt> <dd> <p>Create or update request: <code>\"ProviderDetails\": { \"authorize_scopes\": \"profile postal_code\", \"client_id\": \"amzn1.application-oa2-client.1example23456789\", \"client_secret\": \"provider-app-client-secret\"</code> </p> <p>Describe response: <code>\"ProviderDetails\": { \"attributes_url\": \"https://api.amazon.com/user/profile\", \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"profile postal_code\", \"authorize_url\": \"https://www.amazon.com/ap/oa\", \"client_id\": \"amzn1.application-oa2-client.1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"token_request_method\": \"POST\", \"token_url\": \"https://api.amazon.com/auth/o2/token\" }</code> </p> </dd> <dt>Google</dt> <dd> <p>Create or update request: <code>\"ProviderDetails\": { \"authorize_scopes\": \"email profile openid\", \"client_id\": \"1example23456789.apps.googleusercontent.com\", \"client_secret\": \"provider-app-client-secret\" }</code> </p> <p>Describe response: <code>\"ProviderDetails\": { \"attributes_url\": \"https://people.googleapis.com/v1/people/me?personFields=\", \"attributes_url_add_attributes\": \"true\", \"authorize_scopes\": \"email profile openid\", \"authorize_url\": \"https://accounts.google.com/o/oauth2/v2/auth\", \"client_id\": \"1example23456789.apps.googleusercontent.com\", \"client_secret\": \"provider-app-client-secret\", \"oidc_issuer\": \"https://accounts.google.com\", \"token_request_method\": \"POST\", \"token_url\": \"https://www.googleapis.com/oauth2/v4/token\" }</code> </p> </dd> <dt>SignInWithApple</dt> <dd> <p>Create or update request: <code>\"ProviderDetails\": { \"authorize_scopes\": \"email name\", \"client_id\": \"com.example.cognito\", \"private_key\": \"1EXAMPLE\", \"key_id\": \"2EXAMPLE\", \"team_id\": \"3EXAMPLE\" }</code> </p> <p>Describe response: <code>\"ProviderDetails\": { \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"email name\", \"authorize_url\": \"https://appleid.apple.com/auth/authorize\", \"client_id\": \"com.example.cognito\", \"key_id\": \"1EXAMPLE\", \"oidc_issuer\": \"https://appleid.apple.com\", \"team_id\": \"2EXAMPLE\", \"token_request_method\": \"POST\", \"token_url\": \"https://appleid.apple.com/auth/token\" }</code> </p> </dd> <dt>Facebook</dt> <dd> <p>Create or update request: <code>\"ProviderDetails\": { \"api_version\": \"v17.0\", \"authorize_scopes\": \"public_profile, email\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\" }</code> </p> <p>Describe response: <code>\"ProviderDetails\": { \"api_version\": \"v17.0\", \"attributes_url\": \"https://graph.facebook.com/v17.0/me?fields=\", \"attributes_url_add_attributes\": \"true\", \"authorize_scopes\": \"public_profile, email\", \"authorize_url\": \"https://www.facebook.com/v17.0/dialog/oauth\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"token_request_method\": \"GET\", \"token_url\": \"https://graph.facebook.com/v17.0/oauth/access_token\" }</code> </p> </dd> </dl>"
         },
         "AttributeMapping":{
           "shape":"AttributeMappingType",
@@ -5616,14 +5616,14 @@
           "shape":"ArnType",
           "documentation":"<p>The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.</p> <p>Set this parameter for legacy purposes. If you also set an ARN in <code>PreTokenGenerationConfig</code>, its value must be identical to <code>PreTokenGeneration</code>. For new instances of pre token generation triggers, set the <code>LambdaArn</code> of <code>PreTokenGenerationConfig</code>.</p> <p>You can set <code/> </p>"
         },
-        "PreTokenGenerationConfig":{
-          "shape":"PreTokenGenerationVersionConfigType",
-          "documentation":"<p>The detailed configuration of a pre token generation trigger. If you also set an ARN in <code>PreTokenGeneration</code>, its value must be identical to <code>PreTokenGenerationConfig</code>.</p>"
-        },
         "UserMigration":{
           "shape":"ArnType",
           "documentation":"<p>The user migration Lambda config type.</p>"
         },
+        "PreTokenGenerationConfig":{
+          "shape":"PreTokenGenerationVersionConfigType",
+          "documentation":"<p>The detailed configuration of a pre token generation trigger. If you also set an ARN in <code>PreTokenGeneration</code>, its value must be identical to <code>PreTokenGenerationConfig</code>.</p>"
+        },
         "CustomSMSSender":{
           "shape":"CustomSMSLambdaVersionConfigType",
           "documentation":"<p>A custom SMS sender Lambda trigger.</p>"
@@ -7577,7 +7577,7 @@
         },
         "ProviderDetails":{
           "shape":"ProviderDetailsType",
-          "documentation":"<p>The IdP details to be updated, such as <code>MetadataURL</code> and <code>MetadataFile</code>.</p>"
+          "documentation":"<p>The scopes, URLs, and identifiers for your external identity provider. The following examples describe the provider detail keys for each IdP type. These values and their schema are subject to change. Social IdP <code>authorize_scopes</code> values must match the values listed here.</p> <dl> <dt>OpenID Connect (OIDC)</dt> <dd> <p>Amazon Cognito accepts the following elements when it can't discover endpoint URLs from <code>oidc_issuer</code>: <code>attributes_url</code>, <code>authorize_url</code>, <code>jwks_uri</code>, <code>token_url</code>.</p> <p>Create or update request: <code>\"ProviderDetails\": { \"attributes_request_method\": \"GET\", \"attributes_url\": \"https://auth.example.com/userInfo\", \"authorize_scopes\": \"openid profile email\", \"authorize_url\": \"https://auth.example.com/authorize\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"jwks_uri\": \"https://auth.example.com/.well-known/jwks.json\", \"oidc_issuer\": \"https://auth.example.com\", \"token_url\": \"https://example.com/token\" }</code> </p> <p>Describe response: <code>\"ProviderDetails\": { \"attributes_request_method\": \"GET\", \"attributes_url\": \"https://auth.example.com/userInfo\", \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"openid profile email\", \"authorize_url\": \"https://auth.example.com/authorize\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"jwks_uri\": \"https://auth.example.com/.well-known/jwks.json\", \"oidc_issuer\": \"https://auth.example.com\", \"token_url\": \"https://example.com/token\" }</code> </p> </dd> <dt>SAML</dt> <dd> <p>Create or update request with Metadata URL: <code>\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"MetadataURL\": \"https://auth.example.com/sso/saml/metadata\", \"RequestSigningAlgorithm\": \"rsa-sha256\" }</code> </p> <p>Create or update request with Metadata file: <code>\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"MetadataFile\": \"[metadata XML]\", \"RequestSigningAlgorithm\": \"rsa-sha256\" }</code> </p> <p>The value of <code>MetadataFile</code> must be the plaintext metadata document with all quote (\") characters escaped by backslashes.</p> <p>Describe response: <code>\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"ActiveEncryptionCertificate\": \"[certificate]\", \"MetadataURL\": \"https://auth.example.com/sso/saml/metadata\", \"RequestSigningAlgorithm\": \"rsa-sha256\", \"SLORedirectBindingURI\": \"https://auth.example.com/slo/saml\", \"SSORedirectBindingURI\": \"https://auth.example.com/sso/saml\" }</code> </p> </dd> <dt>LoginWithAmazon</dt> <dd> <p>Create or update request: <code>\"ProviderDetails\": { \"authorize_scopes\": \"profile postal_code\", \"client_id\": \"amzn1.application-oa2-client.1example23456789\", \"client_secret\": \"provider-app-client-secret\"</code> </p> <p>Describe response: <code>\"ProviderDetails\": { \"attributes_url\": \"https://api.amazon.com/user/profile\", \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"profile postal_code\", \"authorize_url\": \"https://www.amazon.com/ap/oa\", \"client_id\": \"amzn1.application-oa2-client.1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"token_request_method\": \"POST\", \"token_url\": \"https://api.amazon.com/auth/o2/token\" }</code> </p> </dd> <dt>Google</dt> <dd> <p>Create or update request: <code>\"ProviderDetails\": { \"authorize_scopes\": \"email profile openid\", \"client_id\": \"1example23456789.apps.googleusercontent.com\", \"client_secret\": \"provider-app-client-secret\" }</code> </p> <p>Describe response: <code>\"ProviderDetails\": { \"attributes_url\": \"https://people.googleapis.com/v1/people/me?personFields=\", \"attributes_url_add_attributes\": \"true\", \"authorize_scopes\": \"email profile openid\", \"authorize_url\": \"https://accounts.google.com/o/oauth2/v2/auth\", \"client_id\": \"1example23456789.apps.googleusercontent.com\", \"client_secret\": \"provider-app-client-secret\", \"oidc_issuer\": \"https://accounts.google.com\", \"token_request_method\": \"POST\", \"token_url\": \"https://www.googleapis.com/oauth2/v4/token\" }</code> </p> </dd> <dt>SignInWithApple</dt> <dd> <p>Create or update request: <code>\"ProviderDetails\": { \"authorize_scopes\": \"email name\", \"client_id\": \"com.example.cognito\", \"private_key\": \"1EXAMPLE\", \"key_id\": \"2EXAMPLE\", \"team_id\": \"3EXAMPLE\" }</code> </p> <p>Describe response: <code>\"ProviderDetails\": { \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"email name\", \"authorize_url\": \"https://appleid.apple.com/auth/authorize\", \"client_id\": \"com.example.cognito\", \"key_id\": \"1EXAMPLE\", \"oidc_issuer\": \"https://appleid.apple.com\", \"team_id\": \"2EXAMPLE\", \"token_request_method\": \"POST\", \"token_url\": \"https://appleid.apple.com/auth/token\" }</code> </p> </dd> <dt>Facebook</dt> <dd> <p>Create or update request: <code>\"ProviderDetails\": { \"api_version\": \"v17.0\", \"authorize_scopes\": \"public_profile, email\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\" }</code> </p> <p>Describe response: <code>\"ProviderDetails\": { \"api_version\": \"v17.0\", \"attributes_url\": \"https://graph.facebook.com/v17.0/me?fields=\", \"attributes_url_add_attributes\": \"true\", \"authorize_scopes\": \"public_profile, email\", \"authorize_url\": \"https://www.facebook.com/v17.0/dialog/oauth\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"token_request_method\": \"GET\", \"token_url\": \"https://graph.facebook.com/v17.0/oauth/access_token\" }</code> </p> </dd> </dl>"
         },
         "AttributeMapping":{
           "shape":"AttributeMappingType",
diff --git a/tools/code-generation/api-descriptions/ivs-2020-07-14.normal.json b/tools/code-generation/api-descriptions/ivs-2020-07-14.normal.json
index a3d77d7a0ce..c1a7604dda7 100644
--- a/tools/code-generation/api-descriptions/ivs-2020-07-14.normal.json
+++ b/tools/code-generation/api-descriptions/ivs-2020-07-14.normal.json
@@ -70,6 +70,24 @@
       ],
       "documentation":"<p>Creates a new channel and an associated stream key to start streaming.</p>"
     },
+    "CreatePlaybackRestrictionPolicy":{
+      "name":"CreatePlaybackRestrictionPolicy",
+      "http":{
+        "method":"POST",
+        "requestUri":"/CreatePlaybackRestrictionPolicy",
+        "responseCode":200
+      },
+      "input":{"shape":"CreatePlaybackRestrictionPolicyRequest"},
+      "output":{"shape":"CreatePlaybackRestrictionPolicyResponse"},
+      "errors":[
+        {"shape":"AccessDeniedException"},
+        {"shape":"ValidationException"},
+        {"shape":"PendingVerification"},
+        {"shape":"ThrottlingException"},
+        {"shape":"ServiceQuotaExceededException"}
+      ],
+      "documentation":"<p>Creates a new playback restriction policy, for constraining playback by countries and/or origins.</p>"
+    },
     "CreateRecordingConfiguration":{
       "name":"CreateRecordingConfiguration",
       "http":{
@@ -141,6 +159,23 @@
       ],
       "documentation":"<p>Deletes a specified authorization key pair. This invalidates future viewer tokens generated using the key pair’s <code>privateKey</code>. For more information, see <a href=\"https://docs.aws.amazon.com/ivs/latest/userguide/private-channels.html\">Setting Up Private Channels</a> in the <i>Amazon IVS User Guide</i>.</p>"
     },
+    "DeletePlaybackRestrictionPolicy":{
+      "name":"DeletePlaybackRestrictionPolicy",
+      "http":{
+        "method":"POST",
+        "requestUri":"/DeletePlaybackRestrictionPolicy",
+        "responseCode":204
+      },
+      "input":{"shape":"DeletePlaybackRestrictionPolicyRequest"},
+      "errors":[
+        {"shape":"ResourceNotFoundException"},
+        {"shape":"AccessDeniedException"},
+        {"shape":"ValidationException"},
+        {"shape":"PendingVerification"},
+        {"shape":"ConflictException"}
+      ],
+      "documentation":"<p>Deletes the specified playback restriction policy.</p>"
+    },
     "DeleteRecordingConfiguration":{
       "name":"DeleteRecordingConfiguration",
       "http":{
@@ -206,6 +241,23 @@
       ],
       "documentation":"<p>Gets a specified playback authorization key pair and returns the <code>arn</code> and <code>fingerprint</code>. The <code>privateKey</code> held by the caller can be used to generate viewer authorization tokens, to grant viewers access to private channels. For more information, see <a href=\"https://docs.aws.amazon.com/ivs/latest/userguide/private-channels.html\">Setting Up Private Channels</a> in the <i>Amazon IVS User Guide</i>.</p>"
     },
+    "GetPlaybackRestrictionPolicy":{
+      "name":"GetPlaybackRestrictionPolicy",
+      "http":{
+        "method":"POST",
+        "requestUri":"/GetPlaybackRestrictionPolicy",
+        "responseCode":200
+      },
+      "input":{"shape":"GetPlaybackRestrictionPolicyRequest"},
+      "output":{"shape":"GetPlaybackRestrictionPolicyResponse"},
+      "errors":[
+        {"shape":"ResourceNotFoundException"},
+        {"shape":"AccessDeniedException"},
+        {"shape":"ValidationException"},
+        {"shape":"PendingVerification"}
+      ],
+      "documentation":"<p>Gets the specified playback restriction policy.</p>"
+    },
     "GetRecordingConfiguration":{
       "name":"GetRecordingConfiguration",
       "http":{
@@ -321,6 +373,23 @@
       ],
       "documentation":"<p>Gets summary information about playback key pairs. For more information, see <a href=\"https://docs.aws.amazon.com/ivs/latest/userguide/private-channels.html\">Setting Up Private Channels</a> in the <i>Amazon IVS User Guide</i>.</p>"
     },
+    "ListPlaybackRestrictionPolicies":{
+      "name":"ListPlaybackRestrictionPolicies",
+      "http":{
+        "method":"POST",
+        "requestUri":"/ListPlaybackRestrictionPolicies",
+        "responseCode":200
+      },
+      "input":{"shape":"ListPlaybackRestrictionPoliciesRequest"},
+      "output":{"shape":"ListPlaybackRestrictionPoliciesResponse"},
+      "errors":[
+        {"shape":"AccessDeniedException"},
+        {"shape":"ValidationException"},
+        {"shape":"PendingVerification"},
+        {"shape":"ConflictException"}
+      ],
+      "documentation":"<p>Gets summary information about playback restriction policies.</p>"
+    },
     "ListRecordingConfigurations":{
       "name":"ListRecordingConfigurations",
       "http":{
@@ -504,6 +573,24 @@
         {"shape":"ConflictException"}
       ],
       "documentation":"<p>Updates a channel's configuration. Live channels cannot be updated. You must stop the ongoing stream, update the channel, and restart the stream for the changes to take effect.</p>"
+    },
+    "UpdatePlaybackRestrictionPolicy":{
+      "name":"UpdatePlaybackRestrictionPolicy",
+      "http":{
+        "method":"POST",
+        "requestUri":"/UpdatePlaybackRestrictionPolicy",
+        "responseCode":200
+      },
+      "input":{"shape":"UpdatePlaybackRestrictionPolicyRequest"},
+      "output":{"shape":"UpdatePlaybackRestrictionPolicyResponse"},
+      "errors":[
+        {"shape":"ResourceNotFoundException"},
+        {"shape":"AccessDeniedException"},
+        {"shape":"ValidationException"},
+        {"shape":"PendingVerification"},
+        {"shape":"ConflictException"}
+      ],
+      "documentation":"<p>Updates a specified playback restriction policy.</p>"
     }
   },
   "shapes":{
@@ -717,6 +804,10 @@
           "shape":"ChannelName",
           "documentation":"<p>Channel name.</p>"
         },
+        "playbackRestrictionPolicyArn":{
+          "shape":"ChannelPlaybackRestrictionPolicyArn",
+          "documentation":"<p>Playback-restriction-policy ARN. A valid ARN value here both specifies the ARN and enables playback restriction. Default: \"\" (empty string, no playback restriction policy is applied).</p>"
+        },
         "playbackUrl":{
           "shape":"PlaybackURL",
           "documentation":"<p>Channel playback URL.</p>"
@@ -727,7 +818,7 @@
         },
         "recordingConfigurationArn":{
           "shape":"ChannelRecordingConfigurationArn",
-          "documentation":"<p>Recording-configuration ARN. A value other than an empty string indicates that recording is enabled. Default: \"\" (empty string, recording is disabled).</p>"
+          "documentation":"<p>Recording-configuration ARN. A valid ARN value here both specifies the ARN and enables recording. Default: \"\" (empty string, recording is disabled).</p>"
         },
         "tags":{
           "shape":"Tags",
@@ -784,6 +875,12 @@
       },
       "exception":true
     },
+    "ChannelPlaybackRestrictionPolicyArn":{
+      "type":"string",
+      "max":128,
+      "min":0,
+      "pattern":"^$|^arn:aws:ivs:[a-z0-9-]+:[0-9]+:playback-restriction-policy/[a-zA-Z0-9-]+$"
+    },
     "ChannelRecordingConfigurationArn":{
       "type":"string",
       "max":128,
@@ -813,13 +910,17 @@
           "shape":"ChannelName",
           "documentation":"<p>Channel name.</p>"
         },
+        "playbackRestrictionPolicyArn":{
+          "shape":"ChannelPlaybackRestrictionPolicyArn",
+          "documentation":"<p>Playback-restriction-policy ARN. A valid ARN value here both specifies the ARN and enables playback restriction. Default: \"\" (empty string, no playback restriction policy is applied).</p>"
+        },
         "preset":{
           "shape":"TranscodePreset",
           "documentation":"<p>Optional transcode preset for the channel. This is selectable only for <code>ADVANCED_HD</code> and <code>ADVANCED_SD</code> channel types. For those channel types, the default <code>preset</code> is <code>HIGHER_BANDWIDTH_DELIVERY</code>. For other channel types (<code>BASIC</code> and <code>STANDARD</code>), <code>preset</code> is the empty string (<code>\"\"</code>).</p>"
         },
         "recordingConfigurationArn":{
           "shape":"ChannelRecordingConfigurationArn",
-          "documentation":"<p>Recording-configuration ARN. A value other than an empty string indicates that recording is enabled. Default: \"\" (empty string, recording is disabled).</p>"
+          "documentation":"<p>Recording-configuration ARN. A valid ARN value here both specifies the ARN and enables recording. Default: \"\" (empty string, recording is disabled).</p>"
         },
         "tags":{
           "shape":"Tags",
@@ -879,13 +980,17 @@
           "shape":"ChannelName",
           "documentation":"<p>Channel name.</p>"
         },
+        "playbackRestrictionPolicyArn":{
+          "shape":"ChannelPlaybackRestrictionPolicyArn",
+          "documentation":"<p>Playback-restriction-policy ARN. A valid ARN value here both specifies the ARN and enables playback restriction. Default: \"\" (empty string, no playback restriction policy is applied).</p>"
+        },
         "preset":{
           "shape":"TranscodePreset",
           "documentation":"<p>Optional transcode preset for the channel. This is selectable only for <code>ADVANCED_HD</code> and <code>ADVANCED_SD</code> channel types. For those channel types, the default <code>preset</code> is <code>HIGHER_BANDWIDTH_DELIVERY</code>. For other channel types (<code>BASIC</code> and <code>STANDARD</code>), <code>preset</code> is the empty string (<code>\"\"</code>).</p>"
         },
         "recordingConfigurationArn":{
           "shape":"ChannelRecordingConfigurationArn",
-          "documentation":"<p>Recording-configuration ARN. Default: \"\" (empty string, recording is disabled).</p>"
+          "documentation":"<p>Recording-configuration ARN. A valid ARN value here both specifies the ARN and enables recording. Default: \"\" (empty string, recording is disabled).</p>"
         },
         "tags":{
           "shape":"Tags",
@@ -910,6 +1015,40 @@
         }
       }
     },
+    "CreatePlaybackRestrictionPolicyRequest":{
+      "type":"structure",
+      "members":{
+        "allowedCountries":{
+          "shape":"PlaybackRestrictionPolicyAllowedCountryList",
+          "documentation":"<p>A list of country codes that control geoblocking restriction. Allowed values are the officially assigned <a href=\"https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2\">ISO 3166-1 alpha-2</a> codes. Default: All countries (an empty array).</p>"
+        },
+        "allowedOrigins":{
+          "shape":"PlaybackRestrictionPolicyAllowedOriginList",
+          "documentation":"<p>A list of origin sites that control CORS restriction. Allowed values are the same as valid values of the Origin header defined at <a href=\"https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin\">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>. Default: All origins (an empty array).</p>"
+        },
+        "enableStrictOriginEnforcement":{
+          "shape":"PlaybackRestrictionPolicyEnableStrictOriginEnforcement",
+          "documentation":"<p>Whether channel playback is constrained by origin site. Default: <code>false</code>.</p>"
+        },
+        "name":{
+          "shape":"PlaybackRestrictionPolicyName",
+          "documentation":"<p>Playback-restriction-policy name. The value does not need to be unique.</p>"
+        },
+        "tags":{
+          "shape":"Tags",
+          "documentation":"<p>Array of 1-50 maps, each of the form <code>string:string (key:value)</code>. See <a href=\"https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html\">Tagging Amazon Web Services Resources</a> for more information, including restrictions that apply to tags and \"Tag naming limits and requirements\"; Amazon IVS has no service-specific constraints beyond what is documented there.</p>"
+        }
+      }
+    },
+    "CreatePlaybackRestrictionPolicyResponse":{
+      "type":"structure",
+      "members":{
+        "playbackRestrictionPolicy":{
+          "shape":"PlaybackRestrictionPolicy",
+          "documentation":"<p/>"
+        }
+      }
+    },
     "CreateRecordingConfigurationRequest":{
       "type":"structure",
       "required":["destinationConfiguration"],
@@ -997,6 +1136,16 @@
       "members":{
       }
     },
+    "DeletePlaybackRestrictionPolicyRequest":{
+      "type":"structure",
+      "required":["arn"],
+      "members":{
+        "arn":{
+          "shape":"PlaybackRestrictionPolicyArn",
+          "documentation":"<p>ARN of the playback restriction policy to be deleted.</p>"
+        }
+      }
+    },
     "DeleteRecordingConfigurationRequest":{
       "type":"structure",
       "required":["arn"],
@@ -1065,6 +1214,25 @@
         }
       }
     },
+    "GetPlaybackRestrictionPolicyRequest":{
+      "type":"structure",
+      "required":["arn"],
+      "members":{
+        "arn":{
+          "shape":"PlaybackRestrictionPolicyArn",
+          "documentation":"<p>ARN of the playback restriction policy to be returned.</p>"
+        }
+      }
+    },
+    "GetPlaybackRestrictionPolicyResponse":{
+      "type":"structure",
+      "members":{
+        "playbackRestrictionPolicy":{
+          "shape":"PlaybackRestrictionPolicy",
+          "documentation":"<p/>"
+        }
+      }
+    },
     "GetRecordingConfigurationRequest":{
       "type":"structure",
       "required":["arn"],
@@ -1210,6 +1378,10 @@
           "shape":"ChannelName",
           "documentation":"<p>Filters the channel list to match the specified name.</p>"
         },
+        "filterByPlaybackRestrictionPolicyArn":{
+          "shape":"ChannelPlaybackRestrictionPolicyArn",
+          "documentation":"<p>Filters the channel list to match the specified policy.</p>"
+        },
         "filterByRecordingConfigurationArn":{
           "shape":"ChannelRecordingConfigurationArn",
           "documentation":"<p>Filters the channel list to match the specified recording-configuration ARN.</p>"
@@ -1265,6 +1437,33 @@
         }
       }
     },
+    "ListPlaybackRestrictionPoliciesRequest":{
+      "type":"structure",
+      "members":{
+        "maxResults":{
+          "shape":"MaxPlaybackRestrictionPolicyResults",
+          "documentation":"<p>Maximum number of policies to return. Default: 1.</p>"
+        },
+        "nextToken":{
+          "shape":"PaginationToken",
+          "documentation":"<p>The first policy to retrieve. This is used for pagination; see the <code>nextToken</code> response field.</p>"
+        }
+      }
+    },
+    "ListPlaybackRestrictionPoliciesResponse":{
+      "type":"structure",
+      "required":["playbackRestrictionPolicies"],
+      "members":{
+        "nextToken":{
+          "shape":"PaginationToken",
+          "documentation":"<p>If there are more channels than <code>maxResults</code>, use <code>nextToken</code> in the request to get the next set.</p>"
+        },
+        "playbackRestrictionPolicies":{
+          "shape":"PlaybackRestrictionPolicyList",
+          "documentation":"<p>List of the matching policies.</p>"
+        }
+      }
+    },
     "ListRecordingConfigurationsRequest":{
       "type":"structure",
       "members":{
@@ -1421,6 +1620,12 @@
       "max":100,
       "min":1
     },
+    "MaxPlaybackRestrictionPolicyResults":{
+      "type":"integer",
+      "box":true,
+      "max":100,
+      "min":1
+    },
     "MaxRecordingConfigurationResults":{
       "type":"integer",
       "box":true,
@@ -1518,6 +1723,114 @@
       "documentation":"<p>Summary information about a playback key pair.</p>"
     },
     "PlaybackPublicKeyMaterial":{"type":"string"},
+    "PlaybackRestrictionPolicy":{
+      "type":"structure",
+      "required":[
+        "allowedCountries",
+        "allowedOrigins",
+        "arn"
+      ],
+      "members":{
+        "allowedCountries":{
+          "shape":"PlaybackRestrictionPolicyAllowedCountryList",
+          "documentation":"<p>A list of country codes that control geoblocking restriction. Allowed values are the officially assigned <a href=\"https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2\">ISO 3166-1 alpha-2</a> codes. Default: All countries (an empty array).</p>"
+        },
+        "allowedOrigins":{
+          "shape":"PlaybackRestrictionPolicyAllowedOriginList",
+          "documentation":"<p>A list of origin sites that control CORS restriction. Allowed values are the same as valid values of the Origin header defined at <a href=\"https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin\">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>. Default: All origins (an empty array).</p>"
+        },
+        "arn":{
+          "shape":"PlaybackRestrictionPolicyArn",
+          "documentation":"<p>Playback-restriction-policy ARN</p>"
+        },
+        "enableStrictOriginEnforcement":{
+          "shape":"PlaybackRestrictionPolicyEnableStrictOriginEnforcement",
+          "documentation":"<p>Whether channel playback is constrained by origin site. Default: <code>false</code>.</p>"
+        },
+        "name":{
+          "shape":"PlaybackRestrictionPolicyName",
+          "documentation":"<p>Playback-restriction-policy name. The value does not need to be unique.</p>"
+        },
+        "tags":{
+          "shape":"Tags",
+          "documentation":"<p>Tags attached to the resource. Array of 1-50 maps, each of the form <code>string:string (key:value)</code>. See <a href=\"https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html\">Tagging Amazon Web Services Resources</a> for more information, including restrictions that apply to tags and \"Tag naming limits and requirements\"; Amazon IVS has no service-specific constraints beyond what is documented there.</p>"
+        }
+      },
+      "documentation":"<p>An object representing a policy to constrain playback by country and/or origin sites.</p>"
+    },
+    "PlaybackRestrictionPolicyAllowedCountry":{
+      "type":"string",
+      "max":2,
+      "min":2
+    },
+    "PlaybackRestrictionPolicyAllowedCountryList":{
+      "type":"list",
+      "member":{"shape":"PlaybackRestrictionPolicyAllowedCountry"}
+    },
+    "PlaybackRestrictionPolicyAllowedOrigin":{
+      "type":"string",
+      "max":128,
+      "min":0
+    },
+    "PlaybackRestrictionPolicyAllowedOriginList":{
+      "type":"list",
+      "member":{"shape":"PlaybackRestrictionPolicyAllowedOrigin"}
+    },
+    "PlaybackRestrictionPolicyArn":{
+      "type":"string",
+      "max":128,
+      "min":1,
+      "pattern":"^arn:aws:ivs:[a-z0-9-]+:[0-9]+:playback-restriction-policy/[a-zA-Z0-9-]+$"
+    },
+    "PlaybackRestrictionPolicyEnableStrictOriginEnforcement":{
+      "type":"boolean",
+      "box":true
+    },
+    "PlaybackRestrictionPolicyList":{
+      "type":"list",
+      "member":{"shape":"PlaybackRestrictionPolicySummary"}
+    },
+    "PlaybackRestrictionPolicyName":{
+      "type":"string",
+      "max":128,
+      "min":0,
+      "pattern":"^[a-zA-Z0-9-_]*$"
+    },
+    "PlaybackRestrictionPolicySummary":{
+      "type":"structure",
+      "required":[
+        "allowedCountries",
+        "allowedOrigins",
+        "arn"
+      ],
+      "members":{
+        "allowedCountries":{
+          "shape":"PlaybackRestrictionPolicyAllowedCountryList",
+          "documentation":"<p>A list of country codes that control geoblocking restriction. Allowed values are the officially assigned <a href=\"https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2\">ISO 3166-1 alpha-2</a> codes. Default: All countries (an empty array).</p>"
+        },
+        "allowedOrigins":{
+          "shape":"PlaybackRestrictionPolicyAllowedOriginList",
+          "documentation":"<p>A list of origin sites that control CORS restriction. Allowed values are the same as valid values of the Origin header defined at <a href=\"https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin\">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>. Default: All origins (an empty array).</p>"
+        },
+        "arn":{
+          "shape":"PlaybackRestrictionPolicyArn",
+          "documentation":"<p>Playback-restriction-policy ARN</p>"
+        },
+        "enableStrictOriginEnforcement":{
+          "shape":"PlaybackRestrictionPolicyEnableStrictOriginEnforcement",
+          "documentation":"<p>Whether channel playback is constrained by origin site. Default: <code>false</code>.</p>"
+        },
+        "name":{
+          "shape":"PlaybackRestrictionPolicyName",
+          "documentation":"<p>Playback-restriction-policy name. The value does not need to be unique.</p>"
+        },
+        "tags":{
+          "shape":"Tags",
+          "documentation":"<p>Tags attached to the resource. Array of 1-50 maps, each of the form <code>string:string (key:value)</code>. See <a href=\"https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html\">Tagging Amazon Web Services Resources</a> for more information, including restrictions that apply to tags and \"Tag naming limits and requirements\"; Amazon IVS has no service-specific constraints beyond what is documented there.</p>"
+        }
+      },
+      "documentation":"<p>Summary information about a PlaybackRestrictionPolicy.</p>"
+    },
     "PlaybackURL":{"type":"string"},
     "PutMetadataRequest":{
       "type":"structure",
@@ -2182,7 +2495,7 @@
         },
         "tagKeys":{
           "shape":"TagKeyList",
-          "documentation":"<p>Array of tags to be removed. Array of maps, each of the form s<code>tring:string (key:value)</code>. See <a href=\"https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html\">Tagging Amazon Web Services Resources</a> for more information, including restrictions that apply to tags and \"Tag naming limits and requirements\"; Amazon IVS has no service-specific constraints beyond what is documented there.</p>",
+          "documentation":"<p>Array of tags to be removed. Array of maps, each of the form <code>string:string (key:value)</code>. See <a href=\"https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html\">Tagging Amazon Web Services Resources</a> for more information, including restrictions that apply to tags and \"Tag naming limits and requirements\"; Amazon IVS has no service-specific constraints beyond what is documented there.</p>",
           "location":"querystring",
           "locationName":"tagKeys"
         }
@@ -2217,13 +2530,17 @@
           "shape":"ChannelName",
           "documentation":"<p>Channel name.</p>"
         },
+        "playbackRestrictionPolicyArn":{
+          "shape":"ChannelPlaybackRestrictionPolicyArn",
+          "documentation":"<p>Playback-restriction-policy ARN. A valid ARN value here both specifies the ARN and enables playback restriction. If this is set to an empty string, playback restriction policy is disabled.</p>"
+        },
         "preset":{
           "shape":"TranscodePreset",
           "documentation":"<p>Optional transcode preset for the channel. This is selectable only for <code>ADVANCED_HD</code> and <code>ADVANCED_SD</code> channel types. For those channel types, the default <code>preset</code> is <code>HIGHER_BANDWIDTH_DELIVERY</code>. For other channel types (<code>BASIC</code> and <code>STANDARD</code>), <code>preset</code> is the empty string (<code>\"\"</code>).</p>"
         },
         "recordingConfigurationArn":{
           "shape":"ChannelRecordingConfigurationArn",
-          "documentation":"<p>Recording-configuration ARN. If this is set to an empty string, recording is disabled. A value other than an empty string indicates that recording is enabled</p>"
+          "documentation":"<p>Recording-configuration ARN. A valid ARN value here both specifies the ARN and enables recording. If this is set to an empty string, recording is disabled.</p>"
         },
         "type":{
           "shape":"ChannelType",
@@ -2234,7 +2551,45 @@
     "UpdateChannelResponse":{
       "type":"structure",
       "members":{
-        "channel":{"shape":"Channel"}
+        "channel":{
+          "shape":"Channel",
+          "documentation":"<p>Object specifying the updated channel.</p>"
+        }
+      }
+    },
+    "UpdatePlaybackRestrictionPolicyRequest":{
+      "type":"structure",
+      "required":["arn"],
+      "members":{
+        "allowedCountries":{
+          "shape":"PlaybackRestrictionPolicyAllowedCountryList",
+          "documentation":"<p>A list of country codes that control geoblocking restriction. Allowed values are the officially assigned <a href=\"https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2\">ISO 3166-1 alpha-2</a> codes. Default: All countries (an empty array).</p>"
+        },
+        "allowedOrigins":{
+          "shape":"PlaybackRestrictionPolicyAllowedOriginList",
+          "documentation":"<p>A list of origin sites that control CORS restriction. Allowed values are the same as valid values of the Origin header defined at <a href=\"https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin\">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin</a>. Default: All origins (an empty array).</p>"
+        },
+        "arn":{
+          "shape":"PlaybackRestrictionPolicyArn",
+          "documentation":"<p>ARN of the playback-restriction-policy to be updated.</p>"
+        },
+        "enableStrictOriginEnforcement":{
+          "shape":"PlaybackRestrictionPolicyEnableStrictOriginEnforcement",
+          "documentation":"<p>Whether channel playback is constrained by origin site. Default: <code>false</code>.</p>"
+        },
+        "name":{
+          "shape":"PlaybackRestrictionPolicyName",
+          "documentation":"<p>Playback-restriction-policy name. The value does not need to be unique.</p>"
+        }
+      }
+    },
+    "UpdatePlaybackRestrictionPolicyResponse":{
+      "type":"structure",
+      "members":{
+        "playbackRestrictionPolicy":{
+          "shape":"PlaybackRestrictionPolicy",
+          "documentation":"<p>Object specifying the updated policy.</p>"
+        }
       }
     },
     "ValidationException":{
@@ -2302,5 +2657,5 @@
     "errorCode":{"type":"string"},
     "errorMessage":{"type":"string"}
   },
-  "documentation":"<p> <b>Introduction</b> </p> <p>The Amazon Interactive Video Service (IVS) API is REST compatible, using a standard HTTP API and an Amazon Web Services EventBridge event stream for responses. JSON is used for both requests and responses, including errors.</p> <p>The API is an Amazon Web Services regional service. For a list of supported regions and Amazon IVS HTTPS service endpoints, see the <a href=\"https://docs.aws.amazon.com/general/latest/gr/ivs.html\">Amazon IVS page</a> in the <i>Amazon Web Services General Reference</i>.</p> <p> <i> <b>All API request parameters and URLs are case sensitive. </b> </i> </p> <p>For a summary of notable documentation changes in each release, see <a href=\"https://docs.aws.amazon.com/ivs/latest/userguide/doc-history.html\"> Document History</a>.</p> <p> <b>Allowed Header Values</b> </p> <ul> <li> <p> <code> <b>Accept:</b> </code> application/json</p> </li> <li> <p> <code> <b>Accept-Encoding:</b> </code> gzip, deflate</p> </li> <li> <p> <code> <b>Content-Type:</b> </code>application/json</p> </li> </ul> <p> <b>Resources</b> </p> <p>The following resources contain information about your IVS live stream (see <a href=\"https://docs.aws.amazon.com/ivs/latest/userguide/getting-started.html\"> Getting Started with Amazon IVS</a>):</p> <ul> <li> <p> <b>Channel</b> — Stores configuration data related to your live stream. You first create a channel and then use the channel’s stream key to start your live stream. See the Channel endpoints for more information. </p> </li> <li> <p> <b>Stream key</b> — An identifier assigned by Amazon IVS when you create a channel, which is then used to authorize streaming. See the StreamKey endpoints for more information. <i> <b>Treat the stream key like a secret, since it allows anyone to stream to the channel.</b> </i> </p> </li> <li> <p> <b>Playback key pair</b> — Video playback may be restricted using playback-authorization tokens, which use public-key encryption. A playback key pair is the public-private pair of keys used to sign and validate the playback-authorization token. See the PlaybackKeyPair endpoints for more information.</p> </li> <li> <p> <b>Recording configuration</b> — Stores configuration related to recording a live stream and where to store the recorded content. Multiple channels can reference the same recording configuration. See the Recording Configuration endpoints for more information.</p> </li> </ul> <p> <b>Tagging</b> </p> <p>A <i>tag</i> is a metadata label that you assign to an Amazon Web Services resource. A tag comprises a <i>key</i> and a <i>value</i>, both set by you. For example, you might set a tag as <code>topic:nature</code> to label a particular video category. See <a href=\"https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html\">Tagging Amazon Web Services Resources</a> for more information, including restrictions that apply to tags and \"Tag naming limits and requirements\"; Amazon IVS has no service-specific constraints beyond what is documented there.</p> <p>Tags can help you identify and organize your Amazon Web Services resources. For example, you can use the same tag for different resources to indicate that they are related. You can also use tags to manage access (see <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html\"> Access Tags</a>). </p> <p>The Amazon IVS API has these tag-related endpoints: <a>TagResource</a>, <a>UntagResource</a>, and <a>ListTagsForResource</a>. The following resources support tagging: Channels, Stream Keys, Playback Key Pairs, and Recording Configurations.</p> <p>At most 50 tags can be applied to a resource. </p> <p> <b>Authentication versus Authorization</b> </p> <p>Note the differences between these concepts:</p> <ul> <li> <p> <i>Authentication</i> is about verifying identity. You need to be authenticated to sign Amazon IVS API requests.</p> </li> <li> <p> <i>Authorization</i> is about granting permissions. Your IAM roles need to have permissions for Amazon IVS API requests. In addition, authorization is needed to view <a href=\"https://docs.aws.amazon.com/ivs/latest/userguide/private-channels.html\">Amazon IVS private channels</a>. (Private channels are channels that are enabled for \"playback authorization.\")</p> </li> </ul> <p> <b>Authentication</b> </p> <p>All Amazon IVS API requests must be authenticated with a signature. The Amazon Web Services Command-Line Interface (CLI) and Amazon IVS Player SDKs take care of signing the underlying API calls for you. However, if your application calls the Amazon IVS API directly, it’s your responsibility to sign the requests.</p> <p>You generate a signature using valid Amazon Web Services credentials that have permission to perform the requested action. For example, you must sign PutMetadata requests with a signature generated from a user account that has the <code>ivs:PutMetadata</code> permission.</p> <p>For more information:</p> <ul> <li> <p>Authentication and generating signatures — See <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html\">Authenticating Requests (Amazon Web Services Signature Version 4)</a> in the <i>Amazon Web Services General Reference</i>.</p> </li> <li> <p>Managing Amazon IVS permissions — See <a href=\"https://docs.aws.amazon.com/ivs/latest/userguide/security-iam.html\">Identity and Access Management</a> on the Security page of the <i>Amazon IVS User Guide</i>.</p> </li> </ul> <p> <b>Amazon Resource Names (ARNs)</b> </p> <p>ARNs uniquely identify AWS resources. An ARN is required when you need to specify a resource unambiguously across all of AWS, such as in IAM policies and API calls. For more information, see <a href=\"https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html\">Amazon Resource Names</a> in the <i>AWS General Reference</i>.</p> <p> <b>Channel Endpoints</b> </p> <ul> <li> <p> <a>CreateChannel</a> — Creates a new channel and an associated stream key to start streaming.</p> </li> <li> <p> <a>GetChannel</a> — Gets the channel configuration for the specified channel ARN.</p> </li> <li> <p> <a>BatchGetChannel</a> — Performs <a>GetChannel</a> on multiple ARNs simultaneously.</p> </li> <li> <p> <a>ListChannels</a> — Gets summary information about all channels in your account, in the Amazon Web Services region where the API request is processed. This list can be filtered to match a specified name or recording-configuration ARN. Filters are mutually exclusive and cannot be used together. If you try to use both filters, you will get an error (409 Conflict Exception).</p> </li> <li> <p> <a>UpdateChannel</a> — Updates a channel's configuration. This does not affect an ongoing stream of this channel. You must stop and restart the stream for the changes to take effect.</p> </li> <li> <p> <a>DeleteChannel</a> — Deletes the specified channel.</p> </li> </ul> <p> <b>StreamKey Endpoints</b> </p> <ul> <li> <p> <a>CreateStreamKey</a> — Creates a stream key, used to initiate a stream, for the specified channel ARN.</p> </li> <li> <p> <a>GetStreamKey</a> — Gets stream key information for the specified ARN.</p> </li> <li> <p> <a>BatchGetStreamKey</a> — Performs <a>GetStreamKey</a> on multiple ARNs simultaneously.</p> </li> <li> <p> <a>ListStreamKeys</a> — Gets summary information about stream keys for the specified channel.</p> </li> <li> <p> <a>DeleteStreamKey</a> — Deletes the stream key for the specified ARN, so it can no longer be used to stream.</p> </li> </ul> <p> <b>Stream Endpoints</b> </p> <ul> <li> <p> <a>GetStream</a> — Gets information about the active (live) stream on a specified channel.</p> </li> <li> <p> <a>GetStreamSession</a> — Gets metadata on a specified stream.</p> </li> <li> <p> <a>ListStreams</a> — Gets summary information about live streams in your account, in the Amazon Web Services region where the API request is processed.</p> </li> <li> <p> <a>ListStreamSessions</a> — Gets a summary of current and previous streams for a specified channel in your account, in the AWS region where the API request is processed.</p> </li> <li> <p> <a>StopStream</a> — Disconnects the incoming RTMPS stream for the specified channel. Can be used in conjunction with <a>DeleteStreamKey</a> to prevent further streaming to a channel.</p> </li> <li> <p> <a>PutMetadata</a> — Inserts metadata into the active stream of the specified channel. At most 5 requests per second per channel are allowed, each with a maximum 1 KB payload. (If 5 TPS is not sufficient for your needs, we recommend batching your data into a single PutMetadata call.) At most 155 requests per second per account are allowed.</p> </li> </ul> <p> <b>Private Channel Endpoints</b> </p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/ivs/latest/userguide/private-channels.html\">Setting Up Private Channels</a> in the <i>Amazon IVS User Guide</i>.</p> <ul> <li> <p> <a>ImportPlaybackKeyPair</a> — Imports the public portion of a new key pair and returns its <code>arn</code> and <code>fingerprint</code>. The <code>privateKey</code> can then be used to generate viewer authorization tokens, to grant viewers access to private channels (channels enabled for playback authorization).</p> </li> <li> <p> <a>GetPlaybackKeyPair</a> — Gets a specified playback authorization key pair and returns the <code>arn</code> and <code>fingerprint</code>. The <code>privateKey</code> held by the caller can be used to generate viewer authorization tokens, to grant viewers access to private channels.</p> </li> <li> <p> <a>ListPlaybackKeyPairs</a> — Gets summary information about playback key pairs.</p> </li> <li> <p> <a>DeletePlaybackKeyPair</a> — Deletes a specified authorization key pair. This invalidates future viewer tokens generated using the key pair’s <code>privateKey</code>.</p> </li> <li> <p> <a>StartViewerSessionRevocation</a> — Starts the process of revoking the viewer session associated with a specified channel ARN and viewer ID. Optionally, you can provide a version to revoke viewer sessions less than and including that version.</p> </li> <li> <p> <a>BatchStartViewerSessionRevocation</a> — Performs <a>StartViewerSessionRevocation</a> on multiple channel ARN and viewer ID pairs simultaneously.</p> </li> </ul> <p> <b>RecordingConfiguration Endpoints</b> </p> <ul> <li> <p> <a>CreateRecordingConfiguration</a> — Creates a new recording configuration, used to enable recording to Amazon S3.</p> </li> <li> <p> <a>GetRecordingConfiguration</a> — Gets the recording-configuration metadata for the specified ARN.</p> </li> <li> <p> <a>ListRecordingConfigurations</a> — Gets summary information about all recording configurations in your account, in the Amazon Web Services region where the API request is processed.</p> </li> <li> <p> <a>DeleteRecordingConfiguration</a> — Deletes the recording configuration for the specified ARN.</p> </li> </ul> <p> <b>Amazon Web Services Tags Endpoints</b> </p> <ul> <li> <p> <a>TagResource</a> — Adds or updates tags for the Amazon Web Services resource with the specified ARN.</p> </li> <li> <p> <a>UntagResource</a> — Removes tags from the resource with the specified ARN.</p> </li> <li> <p> <a>ListTagsForResource</a> — Gets information about Amazon Web Services tags for the specified ARN.</p> </li> </ul>"
+  "documentation":"<p> <b>Introduction</b> </p> <p>The Amazon Interactive Video Service (IVS) API is REST compatible, using a standard HTTP API and an Amazon Web Services EventBridge event stream for responses. JSON is used for both requests and responses, including errors.</p> <p>The API is an Amazon Web Services regional service. For a list of supported regions and Amazon IVS HTTPS service endpoints, see the <a href=\"https://docs.aws.amazon.com/general/latest/gr/ivs.html\">Amazon IVS page</a> in the <i>Amazon Web Services General Reference</i>.</p> <p> <i> <b>All API request parameters and URLs are case sensitive. </b> </i> </p> <p>For a summary of notable documentation changes in each release, see <a href=\"https://docs.aws.amazon.com/ivs/latest/userguide/doc-history.html\"> Document History</a>.</p> <p> <b>Allowed Header Values</b> </p> <ul> <li> <p> <code> <b>Accept:</b> </code> application/json</p> </li> <li> <p> <code> <b>Accept-Encoding:</b> </code> gzip, deflate</p> </li> <li> <p> <code> <b>Content-Type:</b> </code>application/json</p> </li> </ul> <p> <b>Resources</b> </p> <p>The following resources contain information about your IVS live stream (see <a href=\"https://docs.aws.amazon.com/ivs/latest/userguide/getting-started.html\"> Getting Started with Amazon IVS</a>):</p> <ul> <li> <p> <b>Channel</b> — Stores configuration data related to your live stream. You first create a channel and then use the channel’s stream key to start your live stream. See the Channel endpoints for more information. </p> </li> <li> <p> <b>Stream key</b> — An identifier assigned by Amazon IVS when you create a channel, which is then used to authorize streaming. See the StreamKey endpoints for more information. <i> <b>Treat the stream key like a secret, since it allows anyone to stream to the channel.</b> </i> </p> </li> <li> <p> <b>Playback key pair</b> — Video playback may be restricted using playback-authorization tokens, which use public-key encryption. A playback key pair is the public-private pair of keys used to sign and validate the playback-authorization token. See the PlaybackKeyPair endpoints for more information.</p> </li> <li> <p> <b>Recording configuration</b> — Stores configuration related to recording a live stream and where to store the recorded content. Multiple channels can reference the same recording configuration. See the Recording Configuration endpoints for more information.</p> </li> <li> <p> <b>Playback restriction policy</b> — Restricts playback by countries and/or origin sites. See the Playback Restriction Policy endpoints for more information.</p> </li> </ul> <p> <b>Tagging</b> </p> <p>A <i>tag</i> is a metadata label that you assign to an Amazon Web Services resource. A tag comprises a <i>key</i> and a <i>value</i>, both set by you. For example, you might set a tag as <code>topic:nature</code> to label a particular video category. See <a href=\"https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html\">Tagging Amazon Web Services Resources</a> for more information, including restrictions that apply to tags and \"Tag naming limits and requirements\"; Amazon IVS has no service-specific constraints beyond what is documented there.</p> <p>Tags can help you identify and organize your Amazon Web Services resources. For example, you can use the same tag for different resources to indicate that they are related. You can also use tags to manage access (see <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html\"> Access Tags</a>). </p> <p>The Amazon IVS API has these tag-related endpoints: <a>TagResource</a>, <a>UntagResource</a>, and <a>ListTagsForResource</a>. The following resources support tagging: Channels, Stream Keys, Playback Key Pairs, and Recording Configurations.</p> <p>At most 50 tags can be applied to a resource. </p> <p> <b>Authentication versus Authorization</b> </p> <p>Note the differences between these concepts:</p> <ul> <li> <p> <i>Authentication</i> is about verifying identity. You need to be authenticated to sign Amazon IVS API requests.</p> </li> <li> <p> <i>Authorization</i> is about granting permissions. Your IAM roles need to have permissions for Amazon IVS API requests. In addition, authorization is needed to view <a href=\"https://docs.aws.amazon.com/ivs/latest/userguide/private-channels.html\">Amazon IVS private channels</a>. (Private channels are channels that are enabled for \"playback authorization.\")</p> </li> </ul> <p> <b>Authentication</b> </p> <p>All Amazon IVS API requests must be authenticated with a signature. The Amazon Web Services Command-Line Interface (CLI) and Amazon IVS Player SDKs take care of signing the underlying API calls for you. However, if your application calls the Amazon IVS API directly, it’s your responsibility to sign the requests.</p> <p>You generate a signature using valid Amazon Web Services credentials that have permission to perform the requested action. For example, you must sign PutMetadata requests with a signature generated from a user account that has the <code>ivs:PutMetadata</code> permission.</p> <p>For more information:</p> <ul> <li> <p>Authentication and generating signatures — See <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html\">Authenticating Requests (Amazon Web Services Signature Version 4)</a> in the <i>Amazon Web Services General Reference</i>.</p> </li> <li> <p>Managing Amazon IVS permissions — See <a href=\"https://docs.aws.amazon.com/ivs/latest/userguide/security-iam.html\">Identity and Access Management</a> on the Security page of the <i>Amazon IVS User Guide</i>.</p> </li> </ul> <p> <b>Amazon Resource Names (ARNs)</b> </p> <p>ARNs uniquely identify AWS resources. An ARN is required when you need to specify a resource unambiguously across all of AWS, such as in IAM policies and API calls. For more information, see <a href=\"https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html\">Amazon Resource Names</a> in the <i>AWS General Reference</i>.</p> <p> <b>Channel Endpoints</b> </p> <ul> <li> <p> <a>CreateChannel</a> — Creates a new channel and an associated stream key to start streaming.</p> </li> <li> <p> <a>GetChannel</a> — Gets the channel configuration for the specified channel ARN.</p> </li> <li> <p> <a>BatchGetChannel</a> — Performs <a>GetChannel</a> on multiple ARNs simultaneously.</p> </li> <li> <p> <a>ListChannels</a> — Gets summary information about all channels in your account, in the Amazon Web Services region where the API request is processed. This list can be filtered to match a specified name or recording-configuration ARN. Filters are mutually exclusive and cannot be used together. If you try to use both filters, you will get an error (409 Conflict Exception).</p> </li> <li> <p> <a>UpdateChannel</a> — Updates a channel's configuration. This does not affect an ongoing stream of this channel. You must stop and restart the stream for the changes to take effect.</p> </li> <li> <p> <a>DeleteChannel</a> — Deletes the specified channel.</p> </li> </ul> <p> <b>Playback Restriction Policy Endpoints</b> </p> <ul> <li> <p> <a>CreatePlaybackRestrictionPolicy</a> — Creates a new playback restriction policy, for constraining playback by countries and/or origins.</p> </li> <li> <p> <a>DeletePlaybackRestrictionPolicy</a> — Deletes the specified playback restriction policy</p> </li> <li> <p> <a>GetPlaybackRestrictionPolicy</a> — Gets the specified playback restriction policy.</p> </li> <li> <p> <a>ListPlaybackRestrictionPolicies</a> — Gets summary information about playback restriction policies.</p> </li> <li> <p> <a>UpdatePlaybackRestrictionPolicy</a> — Updates a specified playback restriction policy.</p> </li> </ul> <p> <b>Private Channel Endpoints</b> </p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/ivs/latest/userguide/private-channels.html\">Setting Up Private Channels</a> in the <i>Amazon IVS User Guide</i>.</p> <ul> <li> <p> <a>ImportPlaybackKeyPair</a> — Imports the public portion of a new key pair and returns its <code>arn</code> and <code>fingerprint</code>. The <code>privateKey</code> can then be used to generate viewer authorization tokens, to grant viewers access to private channels (channels enabled for playback authorization).</p> </li> <li> <p> <a>GetPlaybackKeyPair</a> — Gets a specified playback authorization key pair and returns the <code>arn</code> and <code>fingerprint</code>. The <code>privateKey</code> held by the caller can be used to generate viewer authorization tokens, to grant viewers access to private channels.</p> </li> <li> <p> <a>ListPlaybackKeyPairs</a> — Gets summary information about playback key pairs.</p> </li> <li> <p> <a>DeletePlaybackKeyPair</a> — Deletes a specified authorization key pair. This invalidates future viewer tokens generated using the key pair’s <code>privateKey</code>.</p> </li> <li> <p> <a>StartViewerSessionRevocation</a> — Starts the process of revoking the viewer session associated with a specified channel ARN and viewer ID. Optionally, you can provide a version to revoke viewer sessions less than and including that version.</p> </li> <li> <p> <a>BatchStartViewerSessionRevocation</a> — Performs <a>StartViewerSessionRevocation</a> on multiple channel ARN and viewer ID pairs simultaneously.</p> </li> </ul> <p> <b>RecordingConfiguration Endpoints</b> </p> <ul> <li> <p> <a>CreateRecordingConfiguration</a> — Creates a new recording configuration, used to enable recording to Amazon S3.</p> </li> <li> <p> <a>GetRecordingConfiguration</a> — Gets the recording-configuration metadata for the specified ARN.</p> </li> <li> <p> <a>ListRecordingConfigurations</a> — Gets summary information about all recording configurations in your account, in the Amazon Web Services region where the API request is processed.</p> </li> <li> <p> <a>DeleteRecordingConfiguration</a> — Deletes the recording configuration for the specified ARN.</p> </li> </ul> <p> <b>Stream Endpoints</b> </p> <ul> <li> <p> <a>GetStream</a> — Gets information about the active (live) stream on a specified channel.</p> </li> <li> <p> <a>GetStreamSession</a> — Gets metadata on a specified stream.</p> </li> <li> <p> <a>ListStreams</a> — Gets summary information about live streams in your account, in the Amazon Web Services region where the API request is processed.</p> </li> <li> <p> <a>ListStreamSessions</a> — Gets a summary of current and previous streams for a specified channel in your account, in the AWS region where the API request is processed.</p> </li> <li> <p> <a>StopStream</a> — Disconnects the incoming RTMPS stream for the specified channel. Can be used in conjunction with <a>DeleteStreamKey</a> to prevent further streaming to a channel.</p> </li> <li> <p> <a>PutMetadata</a> — Inserts metadata into the active stream of the specified channel. At most 5 requests per second per channel are allowed, each with a maximum 1 KB payload. (If 5 TPS is not sufficient for your needs, we recommend batching your data into a single PutMetadata call.) At most 155 requests per second per account are allowed.</p> </li> </ul> <p> <b>StreamKey Endpoints</b> </p> <ul> <li> <p> <a>CreateStreamKey</a> — Creates a stream key, used to initiate a stream, for the specified channel ARN.</p> </li> <li> <p> <a>GetStreamKey</a> — Gets stream key information for the specified ARN.</p> </li> <li> <p> <a>BatchGetStreamKey</a> — Performs <a>GetStreamKey</a> on multiple ARNs simultaneously.</p> </li> <li> <p> <a>ListStreamKeys</a> — Gets summary information about stream keys for the specified channel.</p> </li> <li> <p> <a>DeleteStreamKey</a> — Deletes the stream key for the specified ARN, so it can no longer be used to stream.</p> </li> </ul> <p> <b>Amazon Web Services Tags Endpoints</b> </p> <ul> <li> <p> <a>TagResource</a> — Adds or updates tags for the Amazon Web Services resource with the specified ARN.</p> </li> <li> <p> <a>UntagResource</a> — Removes tags from the resource with the specified ARN.</p> </li> <li> <p> <a>ListTagsForResource</a> — Gets information about Amazon Web Services tags for the specified ARN.</p> </li> </ul>"
 }
diff --git a/tools/code-generation/api-descriptions/managedblockchain-query-2023-05-04.normal.json b/tools/code-generation/api-descriptions/managedblockchain-query-2023-05-04.normal.json
index 079d0b26ad3..2aed3aba3bc 100644
--- a/tools/code-generation/api-descriptions/managedblockchain-query-2023-05-04.normal.json
+++ b/tools/code-generation/api-descriptions/managedblockchain-query-2023-05-04.normal.json
@@ -30,7 +30,7 @@
         {"shape":"InternalServerException"},
         {"shape":"ServiceQuotaExceededException"}
       ],
-      "documentation":"<p>Gets the token balance for a batch of tokens by using the <code>BatchGetTokenBalance</code> action for every token in the request.</p> <note> <p>Only the native tokens BTC,ETH, and the ERC-20, ERC-721, and ERC 1155 token standards are supported.</p> </note>"
+      "documentation":"<p>Gets the token balance for a batch of tokens by using the <code>BatchGetTokenBalance</code> action for every token in the request.</p> <note> <p>Only the native tokens BTC and ETH, and the ERC-20, ERC-721, and ERC 1155 token standards are supported.</p> </note>"
     },
     "GetAssetContract":{
       "name":"GetAssetContract",
@@ -68,7 +68,7 @@
         {"shape":"InternalServerException"},
         {"shape":"ServiceQuotaExceededException"}
       ],
-      "documentation":"<p>Gets the balance of a specific token, including native tokens, for a given address (wallet or contract) on the blockchain.</p> <note> <p>Only the native tokens BTC,ETH, and the ERC-20, ERC-721, and ERC 1155 token standards are supported.</p> </note>"
+      "documentation":"<p>Gets the balance of a specific token, including native tokens, for a given address (wallet or contract) on the blockchain.</p> <note> <p>Only the native tokens BTC and ETH, and the ERC-20, ERC-721, and ERC 1155 token standards are supported.</p> </note>"
     },
     "GetTransaction":{
       "name":"GetTransaction",
@@ -87,7 +87,7 @@
         {"shape":"InternalServerException"},
         {"shape":"ServiceQuotaExceededException"}
       ],
-      "documentation":"<p>Get the details of a transaction.</p>"
+      "documentation":"<p>Gets the details of a transaction.</p> <note> <p>This action will return transaction details for all transactions that are <i>confirmed</i> on the blockchain, even if they have not reached <a href=\"https://docs.aws.amazon.com/managed-blockchain/latest/ambq-dg/key-concepts.html#finality\">finality</a>. </p> </note>"
     },
     "ListAssetContracts":{
       "name":"ListAssetContracts",
@@ -141,7 +141,7 @@
         {"shape":"InternalServerException"},
         {"shape":"ServiceQuotaExceededException"}
       ],
-      "documentation":"<p>An array of <code>TransactionEvent</code> objects. Each object contains details about the transaction event.</p>"
+      "documentation":"<p>An array of <code>TransactionEvent</code> objects. Each object contains details about the transaction event.</p> <note> <p>This action will return transaction details for all transactions that are <i>confirmed</i> on the blockchain, even if they have not reached <a href=\"https://docs.aws.amazon.com/managed-blockchain/latest/ambq-dg/key-concepts.html#finality\">finality</a>. </p> </note>"
     },
     "ListTransactions":{
       "name":"ListTransactions",
@@ -323,7 +323,26 @@
     },
     "ConfirmationStatus":{
       "type":"string",
-      "enum":["FINAL"]
+      "enum":[
+        "FINAL",
+        "NONFINAL"
+      ]
+    },
+    "ConfirmationStatusFilter":{
+      "type":"structure",
+      "required":["include"],
+      "members":{
+        "include":{
+          "shape":"ConfirmationStatusIncludeList",
+          "documentation":"<p>The container to determine whether to list results that have only reached <a href=\"https://docs.aws.amazon.com/managed-blockchain/latest/ambq-dg/key-concepts.html#finality\"> <i>finality</i> </a>. Transactions that have reached finality are always part of the response.</p>"
+        }
+      },
+      "documentation":"<p>The container for the <code>ConfirmationStatusFilter</code> that filters for the <a href=\"https://docs.aws.amazon.com/managed-blockchain/latest/ambq-dg/key-concepts.html#finality\"> <i>finality</i> </a> of the results.</p>"
+    },
+    "ConfirmationStatusIncludeList":{
+      "type":"list",
+      "member":{"shape":"ConfirmationStatus"},
+      "min":1
     },
     "ContractFilter":{
       "type":"structure",
@@ -545,7 +564,7 @@
         },
         "maxResults":{
           "shape":"ListAssetContractsInputMaxResultsInteger",
-          "documentation":"<p>The maximum number of contracts to list.</p>"
+          "documentation":"<p>The maximum number of contracts to list.</p> <p>Default:<code>100</code> </p> <note> <p>Even if additional results can be retrieved, the request can return less results than <code>maxResults</code> or an empty array of results.</p> <p>To retrieve the next set of results, make another request with the returned <code>nextToken</code> value. The value of <code>nextToken</code> is <code>null</code> when there are no more results to return</p> </note>"
         }
       }
     },
@@ -587,7 +606,7 @@
         },
         "maxResults":{
           "shape":"ListTokenBalancesInputMaxResultsInteger",
-          "documentation":"<p>The maximum number of token balances to return.</p>"
+          "documentation":"<p>The maximum number of token balances to return.</p> <p>Default:<code>100</code> </p> <note> <p>Even if additional results can be retrieved, the request can return less results than <code>maxResults</code> or an empty array of results.</p> <p>To retrieve the next set of results, make another request with the returned <code>nextToken</code> value. The value of <code>nextToken</code> is <code>null</code> when there are no more results to return</p> </note>"
         }
       }
     },
@@ -632,7 +651,7 @@
         },
         "maxResults":{
           "shape":"ListTransactionEventsInputMaxResultsInteger",
-          "documentation":"<p>The maximum number of transaction events to list.</p> <note> <p>Even if additional results can be retrieved, the request can return less results than <code>maxResults</code> or an empty array of results.</p> <p>To retrieve the next set of results, make another request with the returned <code>nextToken</code> value. The value of <code>nextToken</code> is <code>null</code> when there are no more results to return</p> </note>"
+          "documentation":"<p>The maximum number of transaction events to list.</p> <p>Default:<code>100</code> </p> <note> <p>Even if additional results can be retrieved, the request can return less results than <code>maxResults</code> or an empty array of results.</p> <p>To retrieve the next set of results, make another request with the returned <code>nextToken</code> value. The value of <code>nextToken</code> is <code>null</code> when there are no more results to return</p> </note>"
         }
       }
     },
@@ -675,7 +694,7 @@
         "toBlockchainInstant":{"shape":"BlockchainInstant"},
         "sort":{
           "shape":"ListTransactionsSort",
-          "documentation":"<p>Sorts items in an ascending order if the first page starts at <code>fromTime</code>. Sorts items in a descending order if the first page starts at <code>toTime</code>.</p>"
+          "documentation":"<p>The order by which the results will be sorted. If <code>ASCENNDING</code> is selected, the results will be ordered by <code>fromTime</code>. </p>"
         },
         "nextToken":{
           "shape":"NextToken",
@@ -683,7 +702,11 @@
         },
         "maxResults":{
           "shape":"ListTransactionsInputMaxResultsInteger",
-          "documentation":"<p>The maximum number of transactions to list.</p> <note> <p>Even if additional results can be retrieved, the request can return less results than <code>maxResults</code> or an empty array of results.</p> <p>To retrieve the next set of results, make another request with the returned <code>nextToken</code> value. The value of <code>nextToken</code> is <code>null</code> when there are no more results to return</p> </note>"
+          "documentation":"<p>The maximum number of transactions to list.</p> <p>Default:<code>100</code> </p> <note> <p>Even if additional results can be retrieved, the request can return less results than <code>maxResults</code> or an empty array of results.</p> <p>To retrieve the next set of results, make another request with the returned <code>nextToken</code> value. The value of <code>nextToken</code> is <code>null</code> when there are no more results to return</p> </note>"
+        },
+        "confirmationStatusFilter":{
+          "shape":"ConfirmationStatusFilter",
+          "documentation":"<p>This filter is used to include transactions in the response that haven't reached <a href=\"https://docs.aws.amazon.com/managed-blockchain/latest/ambq-dg/key-concepts.html#finality\"> <i>finality</i> </a>. Transactions that have reached finiality are always part of the response.</p>"
         }
       }
     },
@@ -797,13 +820,6 @@
       "type":"string",
       "pattern":"(0x[A-Fa-f0-9]{64}|[A-Fa-f0-9]{64})"
     },
-    "QueryTransactionStatus":{
-      "type":"string",
-      "enum":[
-        "FINAL",
-        "FAILED"
-      ]
-    },
     "QuotaCode":{"type":"string"},
     "ResourceId":{"type":"string"},
     "ResourceNotFoundException":{
@@ -990,10 +1006,10 @@
         },
         "tokenId":{
           "shape":"QueryTokenId",
-          "documentation":"<p>The unique identifier of the token.</p> <note> <p>You must specify this container with <code>btc</code> for the native BTC token, and <code>eth</code> for the native ETH token. For all other token types you must specify the <code>tokenId</code> in the 64 character hexadecimal <code>tokenid</code> format.</p> </note>"
+          "documentation":"<p>The unique identifier of the token.</p> <note> <p>For native tokens, use the 3 character abbreviation that best matches your token. For example, btc for Bitcoin, eth for Ether, etc. For all other token types you must specify the <code>tokenId</code> in the 64 character hexadecimal <code>tokenid</code> format.</p> </note>"
         }
       },
-      "documentation":"<p>The container for the identifier for the token including the unique token ID and its blockchain network.</p> <note> <p>Only the native tokens BTC,ETH, and the ERC-20, ERC-721, and ERC 1155 token standards are supported.</p> </note>"
+      "documentation":"<p>The container for the identifier for the token including the unique token ID and its blockchain network.</p> <note> <p>Only the native tokens BTC and ETH, and the ERC-20, ERC-721, and ERC 1155 token standards are supported.</p> </note>"
     },
     "Transaction":{
       "type":"structure",
@@ -1034,12 +1050,6 @@
           "shape":"Long",
           "documentation":"<p>The number of transactions in the block.</p>"
         },
-        "status":{
-          "shape":"QueryTransactionStatus",
-          "documentation":"<p>The status of the transaction.</p> <important> <p>This property is deprecated. You must use the <code>confirmationStatus</code> and the <code>executionStatus</code> properties to determine if the <code>status</code> of the transaction is <code>FINAL</code> or <code>FAILED</code>.</p> <ul> <li> <p>Transactions with a <code>status</code> of <code>FINAL</code> will now have the <code>confirmationStatus</code> set to <code>FINAL</code> and the <code>executionStatus</code> set to <code>SUCCEEDED</code>.</p> </li> <li> <p>Transactions with a <code>status</code> of <code>FAILED</code> will now have the <code>confirmationStatus</code> set to <code>FINAL</code> and the <code>executionStatus</code> set to <code>FAILED</code>.</p> </li> </ul> </important>",
-          "deprecated":true,
-          "deprecatedMessage":"The status field in the GetTransaction response is deprecated and is replaced with the confirmationStatus and executionStatus fields."
-        },
         "to":{
           "shape":"ChainAddress",
           "documentation":"<p>The identifier of the transaction. It is generated whenever a transaction is verified and added to the blockchain.</p>"
@@ -1171,6 +1181,10 @@
         "transactionTimestamp":{
           "shape":"Timestamp",
           "documentation":"<p>The time when the transaction occurred.</p>"
+        },
+        "confirmationStatus":{
+          "shape":"ConfirmationStatus",
+          "documentation":"<p>Specifies whether to list transactions that have not reached Finality.</p>"
         }
       },
       "documentation":"<p>The container of the transaction output.</p>"
diff --git a/tools/code-generation/api-descriptions/mediaconvert-2017-08-29.normal.json b/tools/code-generation/api-descriptions/mediaconvert-2017-08-29.normal.json
index 93dfe8f7fb5..4970aa6d812 100644
--- a/tools/code-generation/api-descriptions/mediaconvert-2017-08-29.normal.json
+++ b/tools/code-generation/api-descriptions/mediaconvert-2017-08-29.normal.json
@@ -461,7 +461,9 @@
           "documentation": "ResourceInUseException"
         }
       ],
-      "documentation": "Send an request with an empty body to the regional API endpoint to get your account API endpoint."
+      "documentation": "Send an request with an empty body to the regional API endpoint to get your account API endpoint.",
+      "deprecated": true,
+      "deprecatedMessage": "DescribeEndpoints and account specific endpoints are no longer required. We recommend that you send your requests directly to the regional endpoint instead."
     },
     "DisassociateCertificate": {
       "name": "DisassociateCertificate",
@@ -1172,7 +1174,7 @@
     },
     "AacCodecProfile": {
       "type": "string",
-      "documentation": "Specify the AAC profile. For the widest player compatibility and where higher bitrates are acceptable: Keep the default profile, LC (AAC-LC) For improved audio performance at lower bitrates: Choose HEV1 or HEV2. HEV1 (AAC-HE v1) adds spectral band replication to improve speech audio at low bitrates. HEV2 (AAC-HE v2) adds parametric stereo, which optimizes for encoding stereo audio at very low bitrates.",
+      "documentation": "AAC Profile.",
       "enum": [
         "LC",
         "HEV1",
@@ -1192,7 +1194,7 @@
     },
     "AacRateControlMode": {
       "type": "string",
-      "documentation": "Specify the AAC rate control mode. For a constant bitrate: Choose CBR. Your AAC output bitrate will be equal to the value that you choose for Bitrate. For a variable bitrate: Choose VBR. Your AAC output bitrate will vary according to your audio content and the value that you choose for Bitrate quality.",
+      "documentation": "Rate Control Mode.",
       "enum": [
         "CBR",
         "VBR"
@@ -1222,7 +1224,7 @@
         "CodecProfile": {
           "shape": "AacCodecProfile",
           "locationName": "codecProfile",
-          "documentation": "Specify the AAC profile. For the widest player compatibility and where higher bitrates are acceptable: Keep the default profile, LC (AAC-LC) For improved audio performance at lower bitrates: Choose HEV1 or HEV2. HEV1 (AAC-HE v1) adds spectral band replication to improve speech audio at low bitrates. HEV2 (AAC-HE v2) adds parametric stereo, which optimizes for encoding stereo audio at very low bitrates."
+          "documentation": "AAC Profile."
         },
         "CodingMode": {
           "shape": "AacCodingMode",
@@ -1232,7 +1234,7 @@
         "RateControlMode": {
           "shape": "AacRateControlMode",
           "locationName": "rateControlMode",
-          "documentation": "Specify the AAC rate control mode. For a constant bitrate: Choose CBR. Your AAC output bitrate will be equal to the value that you choose for Bitrate. For a variable bitrate: Choose VBR. Your AAC output bitrate will vary according to your audio content and the value that you choose for Bitrate quality."
+          "documentation": "Rate Control Mode."
         },
         "RawFormat": {
           "shape": "AacRawFormat",
@@ -1242,7 +1244,7 @@
         "SampleRate": {
           "shape": "__integerMin8000Max96000",
           "locationName": "sampleRate",
-          "documentation": "Specify the AAC sample rate in samples per second (Hz). Valid sample rates depend on the AAC profile and Coding mode that you select. For a list of supported sample rates, see: https://docs.aws.amazon.com/mediaconvert/latest/ug/aac-support.html"
+          "documentation": "Specify the Sample rate in Hz. Valid sample rates depend on the Profile and Coding mode that you select. The following list shows valid sample rates for each Profile and Coding mode. * LC Profile, Coding mode 1.0, 2.0, and Receiver Mix: 8000, 12000, 16000, 22050, 24000, 32000, 44100, 48000, 88200, 96000. * LC Profile, Coding mode 5.1: 32000, 44100, 48000, 96000. * HEV1 Profile, Coding mode 1.0 and Receiver Mix: 22050, 24000, 32000, 44100, 48000. * HEV1 Profile, Coding mode 2.0 and 5.1: 32000, 44100, 48000, 96000. * HEV2 Profile, Coding mode 2.0: 22050, 24000, 32000, 44100, 48000."
         },
         "Specification": {
           "shape": "AacSpecification",
@@ -1252,7 +1254,7 @@
         "VbrQuality": {
           "shape": "AacVbrQuality",
           "locationName": "vbrQuality",
-          "documentation": "Specify the quality of your variable bitrate (VBR) AAC audio. For a list of approximate VBR bitrates, see: https://docs.aws.amazon.com/mediaconvert/latest/ug/aac-support.html#aac_vbr"
+          "documentation": "VBR Quality Level - Only used if rate_control_mode is VBR."
         }
       },
       "documentation": "Required when you set Codec to the value AAC. The service accepts one of two mutually exclusive groups of AAC settings--VBR and CBR. To select one of these modes, set the value of Bitrate control mode to \"VBR\" or \"CBR\". In VBR mode, you control the audio quality with the setting VBR quality. In CBR mode, you use the setting Bitrate. Defaults and valid values depend on the rate control mode."
@@ -1267,7 +1269,7 @@
     },
     "AacVbrQuality": {
       "type": "string",
-      "documentation": "Specify the quality of your variable bitrate (VBR) AAC audio. For a list of approximate VBR bitrates, see: https://docs.aws.amazon.com/mediaconvert/latest/ug/aac-support.html#aac_vbr",
+      "documentation": "VBR Quality Level - Only used if rate_control_mode is VBR.",
       "enum": [
         "LOW",
         "MEDIUM_LOW",
@@ -1775,7 +1777,7 @@
           "documentation": "Settings related to audio encoding. The settings in this group vary depending on the value that you choose for your audio codec."
         },
         "CustomLanguageCode": {
-          "shape": "__stringPatternAZaZ23AZaZ",
+          "shape": "__stringPatternAZaZ23AZaZ09",
           "locationName": "customLanguageCode",
           "documentation": "Specify the language for this audio output track. The service puts this language code into your output audio track when you set Language code control to Use configured. The service also uses your specified custom language code when you set Language code control to Follow input, but your input file doesn't specify a language code. For all outputs, you can use an ISO 639-2 or ISO 639-3 code. For streaming outputs, you can also use any other code in the full RFC-5646 specification. Streaming outputs are those that are in one of the following output groups: CMAF, DASH ISO, Apple HLS, or Microsoft Smooth Streaming."
         },
@@ -3500,13 +3502,6 @@
       },
       "documentation": "Custom 3D lut settings"
     },
-    "ColorConversion3DLUTSettings": {
-      "type": "list",
-      "documentation": "Use 3D LUTs to specify custom color mapping behavior when you convert from one color space into another. You can include up to 8 different 3D LUTs.",
-      "member": {
-        "shape": "ColorConversion3DLUTSetting"
-      }
-    },
     "ColorCorrector": {
       "type": "structure",
       "members": {
@@ -4373,7 +4368,9 @@
       "enum": [
         "DEFAULT",
         "GET_ONLY"
-      ]
+      ],
+      "deprecated": true,
+      "deprecatedMessage": "DescribeEndpoints and account specific endpoints are no longer required. We recommend that you send your requests directly to the regional endpoint instead."
     },
     "DescribeEndpointsRequest": {
       "type": "structure",
@@ -4394,7 +4391,9 @@
           "documentation": "Use this string, provided with the response to a previous request, to request the next batch of endpoints."
         }
       },
-      "documentation": "DescribeEndpointsRequest"
+      "documentation": "DescribeEndpointsRequest",
+      "deprecated": true,
+      "deprecatedMessage": "DescribeEndpoints and account specific endpoints are no longer required. We recommend that you send your requests directly to the regional endpoint instead."
     },
     "DescribeEndpointsResponse": {
       "type": "structure",
@@ -4409,7 +4408,9 @@
           "locationName": "nextToken",
           "documentation": "Use this string to request the next batch of endpoints."
         }
-      }
+      },
+      "deprecated": true,
+      "deprecatedMessage": "DescribeEndpoints and account specific endpoints are no longer required. We recommend that you send your requests directly to the regional endpoint instead."
     },
     "DestinationSettings": {
       "type": "structure",
@@ -8024,7 +8025,7 @@
           "documentation": "Settings for ad avail blanking. Video can be blanked or overlaid with an image, and audio muted during SCTE-35 triggered ad avails."
         },
         "ColorConversion3DLUTSettings": {
-          "shape": "ColorConversion3DLUTSettings",
+          "shape": "__listOfColorConversion3DLUTSetting",
           "locationName": "colorConversion3DLUTSettings",
           "documentation": "Use 3D LUTs to specify custom color mapping behavior when you convert from one color space into another. You can include up to 8 different 3D LUTs."
         },
@@ -8195,7 +8196,7 @@
           "documentation": "Settings for ad avail blanking. Video can be blanked or overlaid with an image, and audio muted during SCTE-35 triggered ad avails."
         },
         "ColorConversion3DLUTSettings": {
-          "shape": "ColorConversion3DLUTSettings",
+          "shape": "__listOfColorConversion3DLUTSetting",
           "locationName": "colorConversion3DLUTSettings",
           "documentation": "Use 3D LUTs to specify custom color mapping behavior when you convert from one color space into another. You can include up to 8 different 3D LUTs."
         },
@@ -11095,6 +11096,16 @@
     "RemixSettings": {
       "type": "structure",
       "members": {
+        "AudioDescriptionAudioChannel": {
+          "shape": "__integerMin1Max64",
+          "locationName": "audioDescriptionAudioChannel",
+          "documentation": "Optionally specify the channel in your input that contains your audio description audio signal. MediaConvert mixes your audio signal across all output channels, while reducing their volume according to your data stream. When you specify an audio description audio channel, you must also specify an audio description data channel. For more information about audio description signals, see the BBC WHP 198 and 051 white papers."
+        },
+        "AudioDescriptionDataChannel": {
+          "shape": "__integerMin1Max64",
+          "locationName": "audioDescriptionDataChannel",
+          "documentation": "Optionally specify the channel in your input that contains your audio description data stream. MediaConvert mixes your audio signal across all output channels, while reducing their volume according to your data stream. When you specify an audio description data channel, you must also specify an audio description audio channel. For more information about audio description signals, see the BBC WHP 198 and 051 white papers."
+        },
         "ChannelMapping": {
           "shape": "ChannelMapping",
           "locationName": "channelMapping",
@@ -13816,6 +13827,12 @@
         "shape": "CmafAdditionalManifest"
       }
     },
+    "__listOfColorConversion3DLUTSetting": {
+      "type": "list",
+      "member": {
+        "shape": "ColorConversion3DLUTSetting"
+      }
+    },
     "__listOfDashAdditionalManifest": {
       "type": "list",
       "member": {
@@ -14235,6 +14252,10 @@
       "type": "string",
       "pattern": "^[A-Za-z]{2,3}(-[A-Za-z-]+)?$"
     },
+    "__stringPatternAZaZ23AZaZ09": {
+      "type": "string",
+      "pattern": "^[A-Za-z]{2,3}(-[A-Za-z0-9-]+)?$"
+    },
     "__stringPatternArnAwsUsGovAcm": {
       "type": "string",
       "pattern": "^arn:aws(-us-gov)?:acm:"
diff --git a/tools/code-generation/api-descriptions/neptune-graph-2023-11-29.normal.json b/tools/code-generation/api-descriptions/neptune-graph-2023-11-29.normal.json
index b81dcd685d0..97110e7f3c5 100644
--- a/tools/code-generation/api-descriptions/neptune-graph-2023-11-29.normal.json
+++ b/tools/code-generation/api-descriptions/neptune-graph-2023-11-29.normal.json
@@ -30,11 +30,35 @@
         {"shape":"InternalServerException"},
         {"shape":"ResourceNotFoundException"}
       ],
-      "documentation":"<p>Deletes the specified import task</p>",
+      "documentation":"<p>Deletes the specified import task.</p>",
       "staticContextParams":{
         "ApiType":{"value":"ControlPlane"}
       }
     },
+    "CancelQuery":{
+      "name":"CancelQuery",
+      "http":{
+        "method":"DELETE",
+        "requestUri":"/queries/{queryId}",
+        "responseCode":200
+      },
+      "input":{"shape":"CancelQueryInput"},
+      "errors":[
+        {"shape":"ThrottlingException"},
+        {"shape":"ValidationException"},
+        {"shape":"AccessDeniedException"},
+        {"shape":"InternalServerException"},
+        {"shape":"ResourceNotFoundException"}
+      ],
+      "documentation":"<p>Cancels a specified query.</p>",
+      "endpoint":{
+        "hostPrefix":"{graphIdentifier}."
+      },
+      "idempotent":true,
+      "staticContextParams":{
+        "ApiType":{"value":"DataPlane"}
+      }
+    },
     "CreateGraph":{
       "name":"CreateGraph",
       "http":{
@@ -184,6 +208,31 @@
         "ApiType":{"value":"ControlPlane"}
       }
     },
+    "ExecuteQuery":{
+      "name":"ExecuteQuery",
+      "http":{
+        "method":"POST",
+        "requestUri":"/queries",
+        "responseCode":200
+      },
+      "input":{"shape":"ExecuteQueryInput"},
+      "output":{"shape":"ExecuteQueryOutput"},
+      "errors":[
+        {"shape":"UnprocessableException"},
+        {"shape":"ThrottlingException"},
+        {"shape":"ValidationException"},
+        {"shape":"ConflictException"},
+        {"shape":"AccessDeniedException"},
+        {"shape":"InternalServerException"}
+      ],
+      "documentation":"<p>Execute an openCypher query. Currently, the SDK does not support parameterized queries. If you want to make a parameterized query call, you can use an HTTP request. </p> <note> <p> Non-parametrized queries are not considered for plan caching. You can force plan caching with <code>planCache=enabled</code>. The plan cache will be reused only for the same exact query. Slight variations in the query will not be able to reuse the query plan cache. </p> </note>",
+      "endpoint":{
+        "hostPrefix":"{graphIdentifier}."
+      },
+      "staticContextParams":{
+        "ApiType":{"value":"DataPlane"}
+      }
+    },
     "GetGraph":{
       "name":"GetGraph",
       "http":{
@@ -224,6 +273,30 @@
         "ApiType":{"value":"ControlPlane"}
       }
     },
+    "GetGraphSummary":{
+      "name":"GetGraphSummary",
+      "http":{
+        "method":"GET",
+        "requestUri":"/summary",
+        "responseCode":200
+      },
+      "input":{"shape":"GetGraphSummaryInput"},
+      "output":{"shape":"GetGraphSummaryOutput"},
+      "errors":[
+        {"shape":"ThrottlingException"},
+        {"shape":"ValidationException"},
+        {"shape":"AccessDeniedException"},
+        {"shape":"InternalServerException"},
+        {"shape":"ResourceNotFoundException"}
+      ],
+      "documentation":"<p>Gets a graph summary for a property graph.</p>",
+      "endpoint":{
+        "hostPrefix":"{graphIdentifier}."
+      },
+      "staticContextParams":{
+        "ApiType":{"value":"DataPlane"}
+      }
+    },
     "GetImportTask":{
       "name":"GetImportTask",
       "http":{
@@ -264,6 +337,30 @@
         "ApiType":{"value":"ControlPlane"}
       }
     },
+    "GetQuery":{
+      "name":"GetQuery",
+      "http":{
+        "method":"GET",
+        "requestUri":"/queries/{queryId}",
+        "responseCode":200
+      },
+      "input":{"shape":"GetQueryInput"},
+      "output":{"shape":"GetQueryOutput"},
+      "errors":[
+        {"shape":"ThrottlingException"},
+        {"shape":"ValidationException"},
+        {"shape":"AccessDeniedException"},
+        {"shape":"InternalServerException"},
+        {"shape":"ResourceNotFoundException"}
+      ],
+      "documentation":"<p>Retrieves the status of a specified query.</p>",
+      "endpoint":{
+        "hostPrefix":"{graphIdentifier}."
+      },
+      "staticContextParams":{
+        "ApiType":{"value":"DataPlane"}
+      }
+    },
     "ListGraphSnapshots":{
       "name":"ListGraphSnapshots",
       "http":{
@@ -343,6 +440,29 @@
         "ApiType":{"value":"ControlPlane"}
       }
     },
+    "ListQueries":{
+      "name":"ListQueries",
+      "http":{
+        "method":"GET",
+        "requestUri":"/queries",
+        "responseCode":200
+      },
+      "input":{"shape":"ListQueriesInput"},
+      "output":{"shape":"ListQueriesOutput"},
+      "errors":[
+        {"shape":"ThrottlingException"},
+        {"shape":"ValidationException"},
+        {"shape":"AccessDeniedException"},
+        {"shape":"InternalServerException"}
+      ],
+      "documentation":"<p>Lists active openCypher queries.</p>",
+      "endpoint":{
+        "hostPrefix":"{graphIdentifier}."
+      },
+      "staticContextParams":{
+        "ApiType":{"value":"DataPlane"}
+      }
+    },
     "ListTagsForResource":{
       "name":"ListTagsForResource",
       "http":{
@@ -471,6 +591,22 @@
     }
   },
   "shapes":{
+    "AccessDeniedException":{
+      "type":"structure",
+      "required":["message"],
+      "members":{
+        "message":{
+          "shape":"String",
+          "documentation":"<p>A message describing the problem.</p>"
+        }
+      },
+      "documentation":"<p>Raised in case of an authentication or authorization failure.</p>",
+      "error":{
+        "httpStatusCode":403,
+        "senderFault":true
+      },
+      "exception":true
+    },
     "Arn":{
       "type":"string",
       "max":1011,
@@ -512,7 +648,7 @@
         },
         "source":{
           "shape":"String",
-          "documentation":"<p>A URL identifying to the location of the data to be imported. This can be an Amazon S3 path, or can point to a Neptune database endpoint or snapshot</p>"
+          "documentation":"<p>A URL identifying to the location of the data to be imported. This can be an Amazon S3 path, or can point to a Neptune database endpoint or snapshot.</p>"
         },
         "format":{
           "shape":"Format",
@@ -528,6 +664,28 @@
         }
       }
     },
+    "CancelQueryInput":{
+      "type":"structure",
+      "required":[
+        "graphIdentifier",
+        "queryId"
+      ],
+      "members":{
+        "graphIdentifier":{
+          "shape":"GraphIdentifier",
+          "documentation":"<p>The unique identifier of the Neptune Analytics graph.</p>",
+          "hostLabel":true,
+          "location":"header",
+          "locationName":"graphIdentifier"
+        },
+        "queryId":{
+          "shape":"String",
+          "documentation":"<p>The unique identifier of the query to cancel.</p>",
+          "location":"uri",
+          "locationName":"queryId"
+        }
+      }
+    },
     "ConflictException":{
       "type":"structure",
       "required":["message"],
@@ -581,7 +739,7 @@
         },
         "replicaCount":{
           "shape":"ReplicaCount",
-          "documentation":"<p>The number of replicas in other AZs. Min =0, Max = 2, Default =1</p>"
+          "documentation":"<p>The number of replicas in other AZs. Min =0, Max = 2, Default = 1.</p>"
         },
         "deletionProtection":{
           "shape":"Boolean",
@@ -740,7 +898,7 @@
         },
         "publicConnectivity":{
           "shape":"Boolean",
-          "documentation":"<p>Specifies whether or not the graph can be reachable over the internet. All access to graphs IAM authenticated. (<code>true</code> to enable, or <code>false</code> to disable.</p>"
+          "documentation":"<p>Specifies whether or not the graph can be reachable over the internet. All access to graphs IAM authenticated. (<code>true</code> to enable, or <code>false</code> to disable).</p>"
         },
         "kmsKeyIdentifier":{
           "shape":"KmsKeyArn",
@@ -1062,6 +1220,89 @@
         }
       }
     },
+    "EdgeLabels":{
+      "type":"list",
+      "member":{"shape":"String"}
+    },
+    "EdgeProperties":{
+      "type":"list",
+      "member":{"shape":"String"}
+    },
+    "EdgeStructure":{
+      "type":"structure",
+      "members":{
+        "count":{
+          "shape":"Long",
+          "documentation":"<p>The number of instances of the edge in the graph.</p>"
+        },
+        "edgeProperties":{
+          "shape":"EdgeProperties",
+          "documentation":"<p>A list of the properties associated with the edge.</p>"
+        }
+      },
+      "documentation":"<p>Contains information about an edge in a Neptune Analytics graph.</p>"
+    },
+    "EdgeStructures":{
+      "type":"list",
+      "member":{"shape":"EdgeStructure"}
+    },
+    "ExecuteQueryInput":{
+      "type":"structure",
+      "required":[
+        "graphIdentifier",
+        "queryString",
+        "language"
+      ],
+      "members":{
+        "graphIdentifier":{
+          "shape":"GraphIdentifier",
+          "documentation":"<p>The unique identifier of the Neptune Analytics graph.</p>",
+          "hostLabel":true,
+          "location":"header",
+          "locationName":"graphIdentifier"
+        },
+        "queryString":{
+          "shape":"String",
+          "documentation":"<p>The query string to be executed.</p>",
+          "locationName":"query"
+        },
+        "language":{
+          "shape":"QueryLanguage",
+          "documentation":"<p>The query language the query is written in. Currently only openCypher is supported.</p>"
+        },
+        "planCache":{
+          "shape":"PlanCacheType",
+          "documentation":"<p>Query plan cache is a feature that saves the query plan and reuses it on successive executions of the same query. This reduces query latency, and works for both <code>READ</code> and <code>UPDATE</code> queries. The plan cache is an LRU cache with a 5 minute TTL and a capacity of 1000.</p>"
+        },
+        "explainMode":{
+          "shape":"ExplainMode",
+          "documentation":"<p>The explain mode parameter returns a query explain instead of the actual query results. A query explain can be used to gather insights about the query execution such as planning decisions, time spent on each operator, solutions flowing etc.</p>",
+          "locationName":"explain"
+        },
+        "queryTimeoutMilliseconds":{
+          "shape":"Integer",
+          "documentation":"<p>Specifies the query timeout duration, in milliseconds. (optional)</p>"
+        }
+      }
+    },
+    "ExecuteQueryOutput":{
+      "type":"structure",
+      "required":["payload"],
+      "members":{
+        "payload":{
+          "shape":"QueryResponseBlob",
+          "documentation":"<p>The query results.</p>"
+        }
+      },
+      "payload":"payload"
+    },
+    "ExplainMode":{
+      "type":"string",
+      "enum":[
+        "STATIC",
+        "DETAILS"
+      ]
+    },
     "Format":{
       "type":"string",
       "enum":[
@@ -1198,6 +1439,42 @@
         }
       }
     },
+    "GetGraphSummaryInput":{
+      "type":"structure",
+      "required":["graphIdentifier"],
+      "members":{
+        "graphIdentifier":{
+          "shape":"GraphIdentifier",
+          "documentation":"<p>The unique identifier of the Neptune Analytics graph.</p>",
+          "hostLabel":true,
+          "location":"header",
+          "locationName":"graphIdentifier"
+        },
+        "mode":{
+          "shape":"GraphSummaryMode",
+          "documentation":"<p>The summary mode can take one of two values: <code>basic</code> (the default), and <code>detailed</code>.</p>",
+          "location":"querystring",
+          "locationName":"mode"
+        }
+      }
+    },
+    "GetGraphSummaryOutput":{
+      "type":"structure",
+      "members":{
+        "version":{
+          "shape":"String",
+          "documentation":"<p>Display the version of this tool.</p>"
+        },
+        "lastStatisticsComputationTime":{
+          "shape":"SyntheticTimestamp_date_time",
+          "documentation":"<p>The timestamp, in ISO 8601 format, of the time at which Neptune Analytics last computed statistics.</p>"
+        },
+        "graphSummary":{
+          "shape":"GraphDataSummary",
+          "documentation":"<p>The graph summary.</p>"
+        }
+      }
+    },
     "GetImportTaskInput":{
       "type":"structure",
       "required":["taskIdentifier"],
@@ -1308,6 +1585,115 @@
         }
       }
     },
+    "GetQueryInput":{
+      "type":"structure",
+      "required":[
+        "graphIdentifier",
+        "queryId"
+      ],
+      "members":{
+        "graphIdentifier":{
+          "shape":"GraphIdentifier",
+          "documentation":"<p>The unique identifier of the Neptune Analytics graph.</p>",
+          "hostLabel":true,
+          "location":"header",
+          "locationName":"graphIdentifier"
+        },
+        "queryId":{
+          "shape":"String",
+          "documentation":"<p>The ID of the query in question.</p>",
+          "location":"uri",
+          "locationName":"queryId"
+        }
+      }
+    },
+    "GetQueryOutput":{
+      "type":"structure",
+      "members":{
+        "id":{
+          "shape":"String",
+          "documentation":"<p>The ID of the query in question.</p>"
+        },
+        "queryString":{
+          "shape":"String",
+          "documentation":"<p>The query in question.</p>"
+        },
+        "waited":{
+          "shape":"Integer",
+          "documentation":"<p>Indicates how long the query waited, in milliseconds.</p>"
+        },
+        "elapsed":{
+          "shape":"Integer",
+          "documentation":"<p>The number of milliseconds the query has been running.</p>"
+        },
+        "state":{
+          "shape":"QueryState",
+          "documentation":"<p>State of the query.</p>"
+        }
+      }
+    },
+    "GraphDataSummary":{
+      "type":"structure",
+      "members":{
+        "numNodes":{
+          "shape":"Long",
+          "documentation":"<p>The number of nodes in the graph.</p>"
+        },
+        "numEdges":{
+          "shape":"Long",
+          "documentation":"<p>The number of edges in the graph.</p>"
+        },
+        "numNodeLabels":{
+          "shape":"Long",
+          "documentation":"<p>The number of distinct node labels in the graph.</p>"
+        },
+        "numEdgeLabels":{
+          "shape":"Long",
+          "documentation":"<p>The number of unique edge labels in the graph.</p>"
+        },
+        "nodeLabels":{
+          "shape":"NodeLabels",
+          "documentation":"<p>A list of distinct node labels in the graph.</p>"
+        },
+        "edgeLabels":{
+          "shape":"EdgeLabels",
+          "documentation":"<p>A list of the edge labels in the graph.</p>"
+        },
+        "numNodeProperties":{
+          "shape":"Long",
+          "documentation":"<p>The number of distinct node properties in the graph.</p>"
+        },
+        "numEdgeProperties":{
+          "shape":"Long",
+          "documentation":"<p>The number of edge properties in the graph.</p>"
+        },
+        "nodeProperties":{
+          "shape":"LongValuedMapList",
+          "documentation":"<p>A list of the distinct node properties in the graph, along with the count of nodes where each property is used.</p>"
+        },
+        "edgeProperties":{
+          "shape":"LongValuedMapList",
+          "documentation":"<p>A list of the distinct edge properties in the graph, along with the count of edges where each property is used.</p>"
+        },
+        "totalNodePropertyValues":{
+          "shape":"Long",
+          "documentation":"<p>The total number of usages of all node properties.</p>"
+        },
+        "totalEdgePropertyValues":{
+          "shape":"Long",
+          "documentation":"<p>The total number of usages of all edge properties.</p>"
+        },
+        "nodeStructures":{
+          "shape":"NodeStructures",
+          "documentation":"<p>This field is only present when the requested mode is DETAILED. It contains a list of node structures.</p>"
+        },
+        "edgeStructures":{
+          "shape":"EdgeStructures",
+          "documentation":"<p>This field is only present when the requested mode is DETAILED. It contains a list of edge structures.</p>"
+        }
+      },
+      "documentation":"<p>Summary information about the graph.</p>"
+    },
     "GraphId":{
       "type":"string",
       "pattern":"g-[a-z0-9]{10}"
@@ -1432,6 +1818,13 @@
       "type":"list",
       "member":{"shape":"GraphSummary"}
     },
+    "GraphSummaryMode":{
+      "type":"string",
+      "enum":[
+        "BASIC",
+        "DETAILED"
+      ]
+    },
     "ImportOptions":{
       "type":"structure",
       "members":{
@@ -1707,6 +2100,44 @@
         }
       }
     },
+    "ListQueriesInput":{
+      "type":"structure",
+      "required":[
+        "graphIdentifier",
+        "maxResults"
+      ],
+      "members":{
+        "graphIdentifier":{
+          "shape":"GraphIdentifier",
+          "documentation":"<p>The unique identifier of the Neptune Analytics graph.</p>",
+          "hostLabel":true,
+          "location":"header",
+          "locationName":"graphIdentifier"
+        },
+        "maxResults":{
+          "shape":"Integer",
+          "documentation":"<p>The maximum number of results to be fetched by the API.</p>",
+          "location":"querystring",
+          "locationName":"maxResults"
+        },
+        "state":{
+          "shape":"QueryStateInput",
+          "documentation":"<p>Filtered list of queries based on state.</p>",
+          "location":"querystring",
+          "locationName":"state"
+        }
+      }
+    },
+    "ListQueriesOutput":{
+      "type":"structure",
+      "required":["queries"],
+      "members":{
+        "queries":{
+          "shape":"QuerySummaryList",
+          "documentation":"<p>A list of current openCypher queries.</p>"
+        }
+      }
+    },
     "ListTagsForResourceInput":{
       "type":"structure",
       "required":["resourceArn"],
@@ -1732,6 +2163,15 @@
       "type":"long",
       "box":true
     },
+    "LongValuedMap":{
+      "type":"map",
+      "key":{"shape":"String"},
+      "value":{"shape":"Long"}
+    },
+    "LongValuedMapList":{
+      "type":"list",
+      "member":{"shape":"LongValuedMap"}
+    },
     "MaxResults":{
       "type":"integer",
       "box":true,
@@ -1759,7 +2199,7 @@
         },
         "preserveEdgeIds":{
           "shape":"Boolean",
-          "documentation":"<p>Neptune Analytics currently does not support user defined edge ids. The edge ids are not imported by default. They are imported if <i>preserveEdgeIds</i> is set to true, and ids are stored as properties on the relationships with the property name neptuneEdgeId.</p>"
+          "documentation":"<p>Neptune Analytics currently does not support user defined edge ids. The edge ids are not imported by default. They are imported if <i>preserveEdgeIds</i> is set to true, and ids are stored as properties on the relationships with the property name <i>neptuneEdgeId</i>.</p>"
         }
       },
       "documentation":"<p>Options for how to import Neptune data.</p>"
@@ -1774,11 +2214,53 @@
       "max":1024,
       "min":1
     },
+    "NodeLabels":{
+      "type":"list",
+      "member":{"shape":"String"}
+    },
+    "NodeProperties":{
+      "type":"list",
+      "member":{"shape":"String"}
+    },
+    "NodeStructure":{
+      "type":"structure",
+      "members":{
+        "count":{
+          "shape":"Long",
+          "documentation":"<p>The number of instances of this node.</p>"
+        },
+        "nodeProperties":{
+          "shape":"NodeProperties",
+          "documentation":"<p>Properties associated with this node.</p>"
+        },
+        "distinctOutgoingEdgeLabels":{
+          "shape":"OutgoingEdgeLabels",
+          "documentation":"<p>The outgoing edge labels associated with this node.</p>"
+        }
+      },
+      "documentation":"<p>Information about a node.</p>"
+    },
+    "NodeStructures":{
+      "type":"list",
+      "member":{"shape":"NodeStructure"}
+    },
+    "OutgoingEdgeLabels":{
+      "type":"list",
+      "member":{"shape":"String"}
+    },
     "PaginationToken":{
       "type":"string",
       "max":8192,
       "min":1
     },
+    "PlanCacheType":{
+      "type":"string",
+      "enum":[
+        "ENABLED",
+        "DISABLED",
+        "AUTO"
+      ]
+    },
     "PrivateGraphEndpointStatus":{
       "type":"string",
       "enum":[
@@ -1825,6 +2307,61 @@
       "max":24576,
       "min":128
     },
+    "QueryLanguage":{
+      "type":"string",
+      "enum":["OPEN_CYPHER"]
+    },
+    "QueryResponseBlob":{
+      "type":"blob",
+      "streaming":true
+    },
+    "QueryState":{
+      "type":"string",
+      "enum":[
+        "RUNNING",
+        "WAITING",
+        "CANCELLING"
+      ]
+    },
+    "QueryStateInput":{
+      "type":"string",
+      "enum":[
+        "ALL",
+        "RUNNING",
+        "WAITING",
+        "CANCELLING"
+      ]
+    },
+    "QuerySummary":{
+      "type":"structure",
+      "members":{
+        "id":{
+          "shape":"String",
+          "documentation":"<p>A string representation of the id of the query.</p>"
+        },
+        "queryString":{
+          "shape":"String",
+          "documentation":"<p>The actual query text. The <code>queryString</code> may be truncated if the actual query string is too long.</p>"
+        },
+        "waited":{
+          "shape":"Integer",
+          "documentation":"<p>The amount of time, in milliseconds, the query has waited in the queue before being picked up by a worker thread.</p>"
+        },
+        "elapsed":{
+          "shape":"Integer",
+          "documentation":"<p>The running time of the query, in milliseconds.</p>"
+        },
+        "state":{
+          "shape":"QueryState",
+          "documentation":"<p>State of the query.</p>"
+        }
+      },
+      "documentation":"<p>Details of the query listed.</p>"
+    },
+    "QuerySummaryList":{
+      "type":"list",
+      "member":{"shape":"QuerySummary"}
+    },
     "ReplicaCount":{
       "type":"integer",
       "box":true,
@@ -2116,6 +2653,10 @@
       "max":6,
       "min":1
     },
+    "SyntheticTimestamp_date_time":{
+      "type":"timestamp",
+      "timestampFormat":"iso8601"
+    },
     "TagKey":{
       "type":"string",
       "max":128,
@@ -2186,6 +2727,36 @@
       "retryable":{"throttling":true}
     },
     "Timestamp":{"type":"timestamp"},
+    "UnprocessableException":{
+      "type":"structure",
+      "required":[
+        "message",
+        "reason"
+      ],
+      "members":{
+        "message":{"shape":"String"},
+        "reason":{
+          "shape":"UnprocessableExceptionReason",
+          "documentation":"<p>The reason for the unprocessable exception.</p>"
+        }
+      },
+      "documentation":"<p>Request cannot be processed due to known reasons. Eg. partition full.</p>",
+      "error":{
+        "httpStatusCode":422,
+        "senderFault":true
+      },
+      "exception":true
+    },
+    "UnprocessableExceptionReason":{
+      "type":"string",
+      "enum":[
+        "QUERY_TIMEOUT",
+        "INTERNAL_LIMIT_EXCEEDED",
+        "MEMORY_LIMIT_EXCEEDED",
+        "STORAGE_LIMIT_EXCEEDED",
+        "PARTITION_FULL"
+      ]
+    },
     "UntagResourceInput":{
       "type":"structure",
       "required":[
@@ -2316,7 +2887,7 @@
           "documentation":"<p>The reason that the resource could not be validated.</p>"
         }
       },
-      "documentation":"<p>A resource could not be validated</p>",
+      "documentation":"<p>A resource could not be validated.</p>",
       "error":{
         "httpStatusCode":400,
         "senderFault":true
@@ -2361,5 +2932,5 @@
       "pattern":"vpc-[a-z0-9]+"
     }
   },
-  "documentation":"<p>Neptune Analytics is a serverless in-memory graph database service for analytics that delivers high-performance analytics and real-time queries for any graph type. It complements the Amazon Neptune Database, an industry-leading managed graph database.</p>"
+  "documentation":"<p>Neptune Analytics is a new analytics database engine for Amazon Neptune that helps customers get to insights faster by quickly processing large amounts of graph data, invoking popular graph analytic algorithms in low-latency queries, and getting analytics results in seconds.</p>"
 }