type AccountRecoverySettingType struct {

	// The list of RecoveryOptionTypes.
	RecoveryMechanisms []*RecoveryOptionType
}

type AccountTakeoverActionType struct {

	// The event action.
	//
	//     * BLOCK Choosing this action will block the request.
	//
	//
	// * MFA_IF_CONFIGURED Throw MFA challenge if user has configured it, else allow
	// the request.
	//
	//     * MFA_REQUIRED Throw MFA challenge if user has configured it,
	// else block the request.
	//
	//     * NO_ACTION Allow the user sign-in.
	//
	// This member is required.
	EventAction AccountTakeoverEventActionType

	// Flag specifying whether to send a notification.
	//
	// This member is required.
	Notify *bool
}

type AccountTakeoverActionsType struct {

	// Action to take for a high risk.
	HighAction *AccountTakeoverActionType

	// Action to take for a low risk.
	LowAction *AccountTakeoverActionType

	// Action to take for a medium risk.
	MediumAction *AccountTakeoverActionType
}

type AccountTakeoverEventActionType string

const (
	AccountTakeoverEventActionTypeBlock             AccountTakeoverEventActionType = "BLOCK"
	AccountTakeoverEventActionTypeMfa_if_configured AccountTakeoverEventActionType = "MFA_IF_CONFIGURED"
	AccountTakeoverEventActionTypeMfa_required      AccountTakeoverEventActionType = "MFA_REQUIRED"
	AccountTakeoverEventActionTypeNo_action         AccountTakeoverEventActionType = "NO_ACTION"
)

type AccountTakeoverRiskConfigurationType struct {

	// Account takeover risk configuration actions
	//
	// This member is required.
	Actions *AccountTakeoverActionsType

	// The notify configuration used to construct email notifications.
	NotifyConfiguration *NotifyConfigurationType
}

type AdminCreateUserConfigType struct {

	// Set to True if only the administrator is allowed to create user profiles. Set to
	// False if users can sign themselves up via an app.
	AllowAdminCreateUserOnly *bool

	// The message template to be used for the welcome message to new users. See also
	// Customizing User Invitation Messages
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-message-customizations.html#cognito-user-pool-settings-user-invitation-message-customization).
	InviteMessageTemplate *MessageTemplateType

	// The user account expiration limit, in days, after which the account is no longer
	// usable. To reset the account after that time limit, you must call
	// AdminCreateUser again, specifying "RESEND" for the MessageAction parameter. The
	// default value for this parameter is 7. If you set a value for
	// TemporaryPasswordValidityDays in PasswordPolicy, that value will be used and
	// UnusedAccountValidityDays will be deprecated for that user pool.
	UnusedAccountValidityDays *int32
}

type AdvancedSecurityModeType string

const (
	AdvancedSecurityModeTypeOff      AdvancedSecurityModeType = "OFF"
	AdvancedSecurityModeTypeAudit    AdvancedSecurityModeType = "AUDIT"
	AdvancedSecurityModeTypeEnforced AdvancedSecurityModeType = "ENFORCED"
)

type AliasAttributeType string

const (
	AliasAttributeTypePhone_number       AliasAttributeType = "phone_number"
	AliasAttributeTypeEmail              AliasAttributeType = "email"
	AliasAttributeTypePreferred_username AliasAttributeType = "preferred_username"
)

type AliasExistsException struct {
	Message *string
}

type AnalyticsConfigurationType struct {

	// The application ID for an Amazon Pinpoint application.
	//
	// This member is required.
	ApplicationId *string

	// The external ID.
	//
	// This member is required.
	ExternalId *string

	// The ARN of an IAM role that authorizes Amazon Cognito to publish events to
	// Amazon Pinpoint analytics.
	//
	// This member is required.
	RoleArn *string

	// If UserDataShared is true, Amazon Cognito will include user data in the events
	// it publishes to Amazon Pinpoint analytics.
	UserDataShared *bool
}

type AnalyticsMetadataType struct {

	// The endpoint ID.
	AnalyticsEndpointId *string
}

type AttributeDataType string

const (
	AttributeDataTypeString   AttributeDataType = "String"
	AttributeDataTypeNumber   AttributeDataType = "Number"
	AttributeDataTypeDatetime AttributeDataType = "DateTime"
	AttributeDataTypeBoolean  AttributeDataType = "Boolean"
)

type AttributeType struct {

	// The name of the attribute.
	//
	// This member is required.
	Name *string

	// The value of the attribute.
	Value *string
}

type AuthEventType struct {

	// The challenge responses.
	ChallengeResponses []*ChallengeResponseType

	// The creation date
	CreationDate *time.Time

	// The user context data captured at the time of an event request. It provides
	// additional information about the client from which event the request is
	// received.
	EventContextData *EventContextDataType

	// A flag specifying the user feedback captured at the time of an event request is
	// good or bad.
	EventFeedback *EventFeedbackType

	// The event ID.
	EventId *string

	// The event response.
	EventResponse EventResponseType

	// The event risk.
	EventRisk *EventRiskType

	// The event type.
	EventType EventType
}

type AuthFlowType string

const (
	AuthFlowTypeUser_srp_auth            AuthFlowType = "USER_SRP_AUTH"
	AuthFlowTypeRefresh_token_auth       AuthFlowType = "REFRESH_TOKEN_AUTH"
	AuthFlowTypeRefresh_token            AuthFlowType = "REFRESH_TOKEN"
	AuthFlowTypeCustom_auth              AuthFlowType = "CUSTOM_AUTH"
	AuthFlowTypeAdmin_no_srp_auth        AuthFlowType = "ADMIN_NO_SRP_AUTH"
	AuthFlowTypeUser_password_auth       AuthFlowType = "USER_PASSWORD_AUTH"
	AuthFlowTypeAdmin_user_password_auth AuthFlowType = "ADMIN_USER_PASSWORD_AUTH"
)

type AuthenticationResultType struct {

	// The access token.
	AccessToken *string

	// The expiration period of the authentication result in seconds.
	ExpiresIn *int32

	// The ID token.
	IdToken *string

	// The new device metadata from an authentication result.
	NewDeviceMetadata *NewDeviceMetadataType

	// The refresh token.
	RefreshToken *string

	// The token type.
	TokenType *string
}

type ChallengeName string

const (
	ChallengeNamePassword ChallengeName = "Password"
	ChallengeNameMfa      ChallengeName = "Mfa"
)

type ChallengeNameType string

const (
	ChallengeNameTypeSms_mfa                  ChallengeNameType = "SMS_MFA"
	ChallengeNameTypeSoftware_token_mfa       ChallengeNameType = "SOFTWARE_TOKEN_MFA"
	ChallengeNameTypeSelect_mfa_type          ChallengeNameType = "SELECT_MFA_TYPE"
	ChallengeNameTypeMfa_setup                ChallengeNameType = "MFA_SETUP"
	ChallengeNameTypePassword_verifier        ChallengeNameType = "PASSWORD_VERIFIER"
	ChallengeNameTypeCustom_challenge         ChallengeNameType = "CUSTOM_CHALLENGE"
	ChallengeNameTypeDevice_srp_auth          ChallengeNameType = "DEVICE_SRP_AUTH"
	ChallengeNameTypeDevice_password_verifier ChallengeNameType = "DEVICE_PASSWORD_VERIFIER"
	ChallengeNameTypeAdmin_no_srp_auth        ChallengeNameType = "ADMIN_NO_SRP_AUTH"
	ChallengeNameTypeNew_password_required    ChallengeNameType = "NEW_PASSWORD_REQUIRED"
)

type ChallengeResponse string

const (
	ChallengeResponseSuccess ChallengeResponse = "Success"
	ChallengeResponseFailure ChallengeResponse = "Failure"
)

type ChallengeResponseType struct {

	// The challenge name
	ChallengeName ChallengeName

	// The challenge response.
	ChallengeResponse ChallengeResponse
}

type CodeDeliveryDetailsType struct {

	// The attribute name.
	AttributeName *string

	// The delivery medium (email message or phone number).
	DeliveryMedium DeliveryMediumType

	// The destination for the code delivery details.
	Destination *string
}

type CodeDeliveryFailureException struct {
	Message *string
}

type CodeMismatchException struct {
	Message *string
}

type CompromisedCredentialsActionsType struct {

	// The event action.
	//
	// This member is required.
	EventAction CompromisedCredentialsEventActionType
}

type CompromisedCredentialsEventActionType string

const (
	CompromisedCredentialsEventActionTypeBlock     CompromisedCredentialsEventActionType = "BLOCK"
	CompromisedCredentialsEventActionTypeNo_action CompromisedCredentialsEventActionType = "NO_ACTION"
)

type CompromisedCredentialsRiskConfigurationType struct {

	// The compromised credentials risk configuration actions.
	//
	// This member is required.
	Actions *CompromisedCredentialsActionsType

	// Perform the action for these events. The default is to perform all events if no
	// event filter is specified.
	EventFilter []EventFilterType
}

type ConcurrentModificationException struct {
	Message *string
}

type ContextDataType struct {

	// HttpHeaders received on your server in same order.
	//
	// This member is required.
	HttpHeaders []*HttpHeader

	// Source IP address of your user.
	//
	// This member is required.
	IpAddress *string

	// Your server endpoint where this API is invoked.
	//
	// This member is required.
	ServerName *string

	// Your server path where this API is invoked.
	//
	// This member is required.
	ServerPath *string

	// Encoded data containing device fingerprinting details, collected using the
	// Amazon Cognito context data collection library.
	EncodedData *string
}

type CustomDomainConfigType struct {

	// The Amazon Resource Name (ARN) of an AWS Certificate Manager SSL certificate.
	// You use this certificate for the subdomain of your custom domain.
	//
	// This member is required.
	CertificateArn *string
}

type DefaultEmailOptionType string

const (
	DefaultEmailOptionTypeConfirm_with_link DefaultEmailOptionType = "CONFIRM_WITH_LINK"
	DefaultEmailOptionTypeConfirm_with_code DefaultEmailOptionType = "CONFIRM_WITH_CODE"
)

type DeliveryMediumType string

const (
	DeliveryMediumTypeSms   DeliveryMediumType = "SMS"
	DeliveryMediumTypeEmail DeliveryMediumType = "EMAIL"
)

type DeviceConfigurationType struct {

	// Indicates whether a challenge is required on a new device. Only applicable to a
	// new device.
	ChallengeRequiredOnNewDevice *bool

	// If true, a device is only remembered on user prompt.
	DeviceOnlyRememberedOnUserPrompt *bool
}

type DeviceRememberedStatusType string

const (
	DeviceRememberedStatusTypeRemembered     DeviceRememberedStatusType = "remembered"
	DeviceRememberedStatusTypeNot_remembered DeviceRememberedStatusType = "not_remembered"
)

type DeviceSecretVerifierConfigType struct {

	// The password verifier.
	PasswordVerifier *string

	// The salt.
	Salt *string
}

type DeviceType struct {

	// The device attributes.
	DeviceAttributes []*AttributeType

	// The creation date of the device.
	DeviceCreateDate *time.Time

	// The device key.
	DeviceKey *string

	// The date in which the device was last authenticated.
	DeviceLastAuthenticatedDate *time.Time

	// The last modified date of the device.
	DeviceLastModifiedDate *time.Time
}

type DomainDescriptionType struct {

	// The AWS account ID for the user pool owner.
	AWSAccountId *string

	// The ARN of the CloudFront distribution.
	CloudFrontDistribution *string

	// The configuration for a custom domain that hosts the sign-up and sign-in
	// webpages for your application.
	CustomDomainConfig *CustomDomainConfigType

	// The domain string.
	Domain *string

	// The S3 bucket where the static files for this domain are stored.
	S3Bucket *string

	// The domain status.
	Status DomainStatusType

	// The user pool ID.
	UserPoolId *string

	// The app version.
	Version *string
}

type DomainStatusType string

const (
	DomainStatusTypeCreating DomainStatusType = "CREATING"
	DomainStatusTypeDeleting DomainStatusType = "DELETING"
	DomainStatusTypeUpdating DomainStatusType = "UPDATING"
	DomainStatusTypeActive   DomainStatusType = "ACTIVE"
	DomainStatusTypeFailed   DomainStatusType = "FAILED"
)

type DuplicateProviderException struct {
	Message *string
}

type EmailConfigurationType struct {

	// The set of configuration rules that can be applied to emails sent using Amazon
	// SES. A configuration set is applied to an email by including a reference to the
	// configuration set in the headers of the email. Once applied, all of the rules in
	// that configuration set are applied to the email. Configuration sets can be used
	// to apply the following types of rules to emails:
	//
	//     * Event publishing –
	// Amazon SES can track the number of send, delivery, open, click, bounce, and
	// complaint events for each email sent. Use event publishing to send information
	// about these events to other AWS services such as SNS and CloudWatch.
	//
	//     * IP
	// pool management – When leasing dedicated IP addresses with Amazon SES, you can
	// create groups of IP addresses, called dedicated IP pools. You can then associate
	// the dedicated IP pools with configuration sets.
	ConfigurationSet *string

	// Specifies whether Amazon Cognito emails your users by using its built-in email
	// functionality or your Amazon SES email configuration. Specify one of the
	// following values: COGNITO_DEFAULT When Amazon Cognito emails your users, it uses
	// its built-in email functionality. When you use the default option, Amazon
	// Cognito allows only a limited number of emails each day for your user pool. For
	// typical production environments, the default email limit is below the required
	// delivery volume. To achieve a higher delivery volume, specify DEVELOPER to use
	// your Amazon SES email configuration. To look up the email delivery limit for the
	// default option, see Limits in Amazon Cognito
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/limits.html) in the
	// Amazon Cognito Developer Guide. The default FROM address is
	// no-reply@verificationemail.com. To customize the FROM address, provide the ARN
	// of an Amazon SES verified email address for the SourceArn parameter. DEVELOPER
	// When Amazon Cognito emails your users, it uses your Amazon SES configuration.
	// Amazon Cognito calls Amazon SES on your behalf to send email from your verified
	// email address. When you use this option, the email delivery limits are the same
	// limits that apply to your Amazon SES verified email address in your AWS account.
	// If you use this option, you must provide the ARN of an Amazon SES verified email
	// address for the SourceArn parameter. Before Amazon Cognito can email your users,
	// it requires additional permissions to call Amazon SES on your behalf. When you
	// update your user pool with this option, Amazon Cognito creates a service-linked
	// role, which is a type of IAM role, in your AWS account. This role contains the
	// permissions that allow Amazon Cognito to access Amazon SES and send email
	// messages with your address. For more information about the service-linked role
	// that Amazon Cognito creates, see Using Service-Linked Roles for Amazon Cognito
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/using-service-linked-roles.html)
	// in the Amazon Cognito Developer Guide.
	EmailSendingAccount EmailSendingAccountType

	// Identifies either the sender’s email address or the sender’s name with their
	// email address. For example, testuser@example.com or Test User . This address
	// will appear before the body of the email.
	From *string

	// The destination to which the receiver of the email should reply to.
	ReplyToEmailAddress *string

	// The Amazon Resource Name (ARN) of a verified email address in Amazon SES. This
	// email address is used in one of the following ways, depending on the value that
	// you specify for the EmailSendingAccount parameter:
	//
	//     * If you specify
	// COGNITO_DEFAULT, Amazon Cognito uses this address as the custom FROM address
	// when it emails your users by using its built-in email account.
	//
	//     * If you
	// specify DEVELOPER, Amazon Cognito emails your users with this address by calling
	// Amazon SES on your behalf.
	SourceArn *string
}

type EmailSendingAccountType string

const (
	EmailSendingAccountTypeCognito_default EmailSendingAccountType = "COGNITO_DEFAULT"
	EmailSendingAccountTypeDeveloper       EmailSendingAccountType = "DEVELOPER"
)

type EnableSoftwareTokenMFAException struct {
	Message *string
}

type EventContextDataType struct {

	// The user's city.
	City *string

	// The user's country.
	Country *string

	// The user's device name.
	DeviceName *string

	// The user's IP address.
	IpAddress *string

	// The user's time zone.
	Timezone *string
}

type EventFeedbackType struct {

	// The event feedback value.
	//
	// This member is required.
	FeedbackValue FeedbackValueType

	// The provider.
	//
	// This member is required.
	Provider *string

	// The event feedback date.
	FeedbackDate *time.Time
}

type EventFilterType string

const (
	EventFilterTypeSign_in         EventFilterType = "SIGN_IN"
	EventFilterTypePassword_change EventFilterType = "PASSWORD_CHANGE"
	EventFilterTypeSign_up         EventFilterType = "SIGN_UP"
)

type EventResponseType string

const (
	EventResponseTypeSuccess EventResponseType = "Success"
	EventResponseTypeFailure EventResponseType = "Failure"
)

type EventRiskType struct {

	// Indicates whether compromised credentials were detected during an authentication
	// event.
	CompromisedCredentialsDetected *bool

	// The risk decision.
	RiskDecision RiskDecisionType

	// The risk level.
	RiskLevel RiskLevelType
}

type EventType string

const (
	EventTypeSignin         EventType = "SignIn"
	EventTypeSignup         EventType = "SignUp"
	EventTypeForgotpassword EventType = "ForgotPassword"
)

type ExpiredCodeException struct {
	Message *string
}

type ExplicitAuthFlowsType string

const (
	ExplicitAuthFlowsTypeAdmin_no_srp_auth              ExplicitAuthFlowsType = "ADMIN_NO_SRP_AUTH"
	ExplicitAuthFlowsTypeCustom_auth_flow_only          ExplicitAuthFlowsType = "CUSTOM_AUTH_FLOW_ONLY"
	ExplicitAuthFlowsTypeUser_password_auth             ExplicitAuthFlowsType = "USER_PASSWORD_AUTH"
	ExplicitAuthFlowsTypeAllow_admin_user_password_auth ExplicitAuthFlowsType = "ALLOW_ADMIN_USER_PASSWORD_AUTH"
	ExplicitAuthFlowsTypeAllow_custom_auth              ExplicitAuthFlowsType = "ALLOW_CUSTOM_AUTH"
	ExplicitAuthFlowsTypeAllow_user_password_auth       ExplicitAuthFlowsType = "ALLOW_USER_PASSWORD_AUTH"
	ExplicitAuthFlowsTypeAllow_user_srp_auth            ExplicitAuthFlowsType = "ALLOW_USER_SRP_AUTH"
	ExplicitAuthFlowsTypeAllow_refresh_token_auth       ExplicitAuthFlowsType = "ALLOW_REFRESH_TOKEN_AUTH"
)

type FeedbackValueType string

const (
	FeedbackValueTypeValid   FeedbackValueType = "Valid"
	FeedbackValueTypeInvalid FeedbackValueType = "Invalid"
)

type GroupExistsException struct {
	Message *string
}

type GroupType struct {

	// The date the group was created.
	CreationDate *time.Time

	// A string containing the description of the group.
	Description *string

	// The name of the group.
	GroupName *string

	// The date the group was last modified.
	LastModifiedDate *time.Time

	// A nonnegative integer value that specifies the precedence of this group relative
	// to the other groups that a user can belong to in the user pool. If a user
	// belongs to two or more groups, it is the group with the highest precedence whose
	// role ARN will be used in the cognito:roles and cognito:preferred_role claims in
	// the user's tokens. Groups with higher Precedence values take precedence over
	// groups with lower Precedence values or with null Precedence values. Two groups
	// can have the same Precedence value. If this happens, neither group takes
	// precedence over the other. If two groups with the same Precedence have the same
	// role ARN, that role is used in the cognito:preferred_role claim in tokens for
	// users in each group. If the two groups have different role ARNs, the
	// cognito:preferred_role claim is not set in users' tokens. The default Precedence
	// value is null.
	Precedence *int32

	// The role ARN for the group.
	RoleArn *string

	// The user pool ID for the user pool.
	UserPoolId *string
}

type HttpHeader struct {

	// The header name
	HeaderName *string

	// The header value.
	HeaderValue *string
}

type IdentityProviderType struct {

	// A mapping of identity provider attributes to standard and custom user pool
	// attributes.
	AttributeMapping map[string]*string

	// The date the identity provider was created.
	CreationDate *time.Time

	// A list of identity provider identifiers.
	IdpIdentifiers []*string

	// The date the identity provider was last modified.
	LastModifiedDate *time.Time

	// The identity provider details. The following list describes the provider detail
	// keys for each identity provider type.
	//
	//     * For Google, Facebook and Login with
	// Amazon:
	//
	//         * client_id
	//
	//         * client_secret
	//
	//         *
	// authorize_scopes
	//
	//     * For Sign in with Apple:
	//
	//         * client_id
	//
	//         *
	// team_id
	//
	//         * key_id
	//
	//         * private_key
	//
	//         * authorize_scopes
	//
	//
	// * For OIDC providers:
	//
	//         * client_id
	//
	//         * client_secret
	//
	//         *
	// attributes_request_method
	//
	//         * oidc_issuer
	//
	//         * authorize_scopes
	//
	//
	// * authorize_url if not available from discovery URL specified by oidc_issuer
	// key
	//
	//         * token_url if not available from discovery URL specified by
	// oidc_issuer key
	//
	//         * attributes_url if not available from discovery URL
	// specified by oidc_issuer key
	//
	//         * jwks_uri if not available from discovery
	// URL specified by oidc_issuer key
	//
	//         * authorize_scopes
	//
	//     * For SAML
	// providers:
	//
	//         * MetadataFile OR MetadataURL
	//
	//         * IDPSignOut optional
	ProviderDetails map[string]*string

	// The identity provider name.
	ProviderName *string

	// The identity provider type.
	ProviderType IdentityProviderTypeType

	// The user pool ID.
	UserPoolId *string
}

type IdentityProviderTypeType string

const (
	IdentityProviderTypeTypeSaml            IdentityProviderTypeType = "SAML"
	IdentityProviderTypeTypeFacebook        IdentityProviderTypeType = "Facebook"
	IdentityProviderTypeTypeGoogle          IdentityProviderTypeType = "Google"
	IdentityProviderTypeTypeLoginwithamazon IdentityProviderTypeType = "LoginWithAmazon"
	IdentityProviderTypeTypeSigninwithapple IdentityProviderTypeType = "SignInWithApple"
	IdentityProviderTypeTypeOidc            IdentityProviderTypeType = "OIDC"
)

type InternalErrorException struct {
	Message *string
}

type InvalidEmailRoleAccessPolicyException struct {
	Message *string
}

type InvalidLambdaResponseException struct {
	Message *string
}

type InvalidOAuthFlowException struct {
	Message *string
}

type InvalidParameterException struct {
	Message *string
}

type InvalidPasswordException struct {
	Message *string
}

type InvalidSmsRoleAccessPolicyException struct {
	Message *string
}

type InvalidSmsRoleTrustRelationshipException struct {
	Message *string
}

type InvalidUserPoolConfigurationException struct {
	Message *string
}

type LambdaConfigType struct {

	// Creates an authentication challenge.
	CreateAuthChallenge *string

	// A custom Message AWS Lambda trigger.
	CustomMessage *string

	// Defines the authentication challenge.
	DefineAuthChallenge *string

	// A post-authentication AWS Lambda trigger.
	PostAuthentication *string

	// A post-confirmation AWS Lambda trigger.
	PostConfirmation *string

	// A pre-authentication AWS Lambda trigger.
	PreAuthentication *string

	// A pre-registration AWS Lambda trigger.
	PreSignUp *string

	// A Lambda trigger that is invoked before token generation.
	PreTokenGeneration *string

	// The user migration Lambda config type.
	UserMigration *string

	// Verifies the authentication challenge response.
	VerifyAuthChallengeResponse *string
}

type LimitExceededException struct {
	Message *string
}

type MFAMethodNotFoundException struct {
	Message *string
}

type MFAOptionType struct {

	// The attribute name of the MFA option type. The only valid value is phone_number.
	AttributeName *string

	// The delivery medium to send the MFA code. You can use this parameter to set only
	// the SMS delivery medium value.
	DeliveryMedium DeliveryMediumType
}

type MessageActionType string

const (
	MessageActionTypeResend   MessageActionType = "RESEND"
	MessageActionTypeSuppress MessageActionType = "SUPPRESS"
)

type MessageTemplateType struct {

	// The message template for email messages.
	EmailMessage *string

	// The subject line for email messages.
	EmailSubject *string

	// The message template for SMS messages.
	SMSMessage *string
}

type NewDeviceMetadataType struct {

	// The device group key.
	DeviceGroupKey *string

	// The device key.
	DeviceKey *string
}

type NotAuthorizedException struct {
	Message *string
}

type NotifyConfigurationType struct {

	// The Amazon Resource Name (ARN) of the identity that is associated with the
	// sending authorization policy. It permits Amazon Cognito to send for the email
	// address specified in the From parameter.
	//
	// This member is required.
	SourceArn *string

	// Email template used when a detected risk event is blocked.
	BlockEmail *NotifyEmailType

	// The email address that is sending the email. It must be either individually
	// verified with Amazon SES, or from a domain that has been verified with Amazon
	// SES.
	From *string

	// The MFA email template used when MFA is challenged as part of a detected risk.
	MfaEmail *NotifyEmailType

	// The email template used when a detected risk event is allowed.
	NoActionEmail *NotifyEmailType

	// The destination to which the receiver of an email should reply to.
	ReplyTo *string
}

type NotifyEmailType struct {

	// The subject.
	//
	// This member is required.
	Subject *string

	// The HTML body.
	HtmlBody *string

	// The text body.
	TextBody *string
}

type NumberAttributeConstraintsType struct {

	// The maximum value of an attribute that is of the number data type.
	MaxValue *string

	// The minimum value of an attribute that is of the number data type.
	MinValue *string
}

type OAuthFlowType string

const (
	OAuthFlowTypeCode               OAuthFlowType = "code"
	OAuthFlowTypeImplicit           OAuthFlowType = "implicit"
	OAuthFlowTypeClient_credentials OAuthFlowType = "client_credentials"
)

type PasswordPolicyType struct {

	// The minimum length of the password policy that you have set. Cannot be less than
	// 6.
	MinimumLength *int32

	// In the password policy that you have set, refers to whether you have required
	// users to use at least one lowercase letter in their password.
	RequireLowercase *bool

	// In the password policy that you have set, refers to whether you have required
	// users to use at least one number in their password.
	RequireNumbers *bool

	// In the password policy that you have set, refers to whether you have required
	// users to use at least one symbol in their password.
	RequireSymbols *bool

	// In the password policy that you have set, refers to whether you have required
	// users to use at least one uppercase letter in their password.
	RequireUppercase *bool

	// In the password policy you have set, refers to the number of days a temporary
	// password is valid. If the user does not sign-in during this time, their password
	// will need to be reset by an administrator. When you set
	// TemporaryPasswordValidityDays for a user pool, you will no longer be able to set
	// the deprecated UnusedAccountValidityDays value for that user pool.
	TemporaryPasswordValidityDays *int32
}

type PasswordResetRequiredException struct {
	Message *string
}

type PreconditionNotMetException struct {
	Message *string
}

type PreventUserExistenceErrorTypes string

const (
	PreventUserExistenceErrorTypesLegacy  PreventUserExistenceErrorTypes = "LEGACY"
	PreventUserExistenceErrorTypesEnabled PreventUserExistenceErrorTypes = "ENABLED"
)

type ProviderDescription struct {

	// The date the provider was added to the user pool.
	CreationDate *time.Time

	// The date the provider was last modified.
	LastModifiedDate *time.Time

	// The identity provider name.
	ProviderName *string

	// The identity provider type.
	ProviderType IdentityProviderTypeType
}

type ProviderUserIdentifierType struct {

	// The name of the provider attribute to link to, for example, NameID.
	ProviderAttributeName *string

	// The value of the provider attribute to link to, for example, xxxxx_account.
	ProviderAttributeValue *string

	// The name of the provider, for example, Facebook, Google, or Login with Amazon.
	ProviderName *string
}

type RecoveryOptionNameType string

const (
	RecoveryOptionNameTypeVerified_email        RecoveryOptionNameType = "verified_email"
	RecoveryOptionNameTypeVerified_phone_number RecoveryOptionNameType = "verified_phone_number"
	RecoveryOptionNameTypeAdmin_only            RecoveryOptionNameType = "admin_only"
)

type RecoveryOptionType struct {

	// Specifies the recovery method for a user.
	//
	// This member is required.
	Name RecoveryOptionNameType

	// A positive integer specifying priority of a method with 1 being the highest
	// priority.
	//
	// This member is required.
	Priority *int32
}

type ResourceNotFoundException struct {
	Message *string
}

type ResourceServerScopeType struct {

	// A description of the scope.
	//
	// This member is required.
	ScopeDescription *string

	// The name of the scope.
	//
	// This member is required.
	ScopeName *string
}

type ResourceServerType struct {

	// The identifier for the resource server.
	Identifier *string

	// The name of the resource server.
	Name *string

	// A list of scopes that are defined for the resource server.
	Scopes []*ResourceServerScopeType

	// The user pool ID for the user pool that hosts the resource server.
	UserPoolId *string
}

type RiskConfigurationType struct {

	// The account takeover risk configuration object including the NotifyConfiguration
	// object and Actions to take in the case of an account takeover.
	AccountTakeoverRiskConfiguration *AccountTakeoverRiskConfigurationType

	// The app client ID.
	ClientId *string

	// The compromised credentials risk configuration object including the EventFilter
	// and the EventAction
	CompromisedCredentialsRiskConfiguration *CompromisedCredentialsRiskConfigurationType

	// The last modified date.
	LastModifiedDate *time.Time

	// The configuration to override the risk decision.
	RiskExceptionConfiguration *RiskExceptionConfigurationType

	// The user pool ID.
	UserPoolId *string
}

type RiskDecisionType string

const (
	RiskDecisionTypeNorisk          RiskDecisionType = "NoRisk"
	RiskDecisionTypeAccounttakeover RiskDecisionType = "AccountTakeover"
	RiskDecisionTypeBlock           RiskDecisionType = "Block"
)

type RiskExceptionConfigurationType struct {

	// Overrides the risk decision to always block the pre-authentication requests. The
	// IP range is in CIDR notation: a compact representation of an IP address and its
	// associated routing prefix.
	BlockedIPRangeList []*string

	// Risk detection is not performed on the IP addresses in the range list. The IP
	// range is in CIDR notation.
	SkippedIPRangeList []*string
}

type RiskLevelType string

const (
	RiskLevelTypeLow    RiskLevelType = "Low"
	RiskLevelTypeMedium RiskLevelType = "Medium"
	RiskLevelTypeHigh   RiskLevelType = "High"
)

type SMSMfaSettingsType struct {

	// Specifies whether SMS text message MFA is enabled.
	Enabled *bool

	// Specifies whether SMS is the preferred MFA method.
	PreferredMfa *bool
}

type SchemaAttributeType struct {

	// The attribute data type.
	AttributeDataType AttributeDataType

	// We recommend that you use WriteAttributes
	// (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UserPoolClientType.html#CognitoUserPools-Type-UserPoolClientType-WriteAttributes)
	// in the user pool client to control how attributes can be mutated for new use
	// cases instead of using DeveloperOnlyAttribute. Specifies whether the attribute
	// type is developer only. This attribute can only be modified by an administrator.
	// Users will not be able to modify this attribute using their access token. For
	// example, DeveloperOnlyAttribute can be modified using the API but cannot be
	// updated using the API.
	DeveloperOnlyAttribute *bool

	// Specifies whether the value of the attribute can be changed. For any user pool
	// attribute that's mapped to an identity provider attribute, you must set this
	// parameter to true. Amazon Cognito updates mapped attributes when users sign in
	// to your application through an identity provider. If an attribute is immutable,
	// Amazon Cognito throws an error when it attempts to update the attribute. For
	// more information, see Specifying Identity Provider Attribute Mappings for Your
	// User Pool
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html).
	Mutable *bool

	// A schema attribute of the name type.
	Name *string

	// Specifies the constraints for an attribute of the number type.
	NumberAttributeConstraints *NumberAttributeConstraintsType

	// Specifies whether a user pool attribute is required. If the attribute is
	// required and the user does not provide a value, registration or sign-in will
	// fail.
	Required *bool

	// Specifies the constraints for an attribute of the string type.
	StringAttributeConstraints *StringAttributeConstraintsType
}

type ScopeDoesNotExistException struct {
	Message *string
}

type SmsConfigurationType struct {

	// The Amazon Resource Name (ARN) of the Amazon Simple Notification Service (SNS)
	// caller. This is the ARN of the IAM role in your AWS account which Cognito will
	// use to send SMS messages.
	//
	// This member is required.
	SnsCallerArn *string

	// The external ID is a value that we recommend you use to add security to your IAM
	// role which is used to call Amazon SNS to send SMS messages for your user pool.
	// If you provide an ExternalId, the Cognito User Pool will include it when
	// attempting to assume your IAM role, so that you can set your roles trust policy
	// to require the ExternalID. If you use the Cognito Management Console to create a
	// role for SMS MFA, Cognito will create a role with the required permissions and a
	// trust policy that demonstrates use of the ExternalId.
	ExternalId *string
}

type SmsMfaConfigType struct {

	// The SMS authentication message that will be sent to users with the code they
	// need to sign in. The message must contain the ‘{####}’ placeholder, which will
	// be replaced with the code. If the message is not included, and default message
	// will be used.
	SmsAuthenticationMessage *string

	// The SMS configuration.
	SmsConfiguration *SmsConfigurationType
}

type SoftwareTokenMFANotFoundException struct {
	Message *string
}

type SoftwareTokenMfaConfigType struct {

	// Specifies whether software token MFA is enabled.
	Enabled *bool
}

type SoftwareTokenMfaSettingsType struct {

	// Specifies whether software token MFA is enabled.
	Enabled *bool

	// Specifies whether software token MFA is the preferred MFA method.
	PreferredMfa *bool
}

type StatusType string

const (
	StatusTypeEnabled  StatusType = "Enabled"
	StatusTypeDisabled StatusType = "Disabled"
)

type StringAttributeConstraintsType struct {

	// The maximum length.
	MaxLength *string

	// The minimum length.
	MinLength *string
}

type TooManyFailedAttemptsException struct {
	Message *string
}

type TooManyRequestsException struct {
	Message *string
}

type UICustomizationType struct {

	// The CSS values in the UI customization.
	CSS *string

	// The CSS version number.
	CSSVersion *string

	// The client ID for the client app.
	ClientId *string

	// The creation date for the UI customization.
	CreationDate *time.Time

	// The logo image for the UI customization.
	ImageUrl *string

	// The last-modified date for the UI customization.
	LastModifiedDate *time.Time

	// The user pool ID for the user pool.
	UserPoolId *string
}

type UnexpectedLambdaException struct {
	Message *string
}

type UnsupportedIdentityProviderException struct {
	Message *string
}

type UnsupportedUserStateException struct {
	Message *string
}

type UserContextDataType struct {

	// Contextual data such as the user's device fingerprint, IP address, or location
	// used for evaluating the risk of an unexpected event by Amazon Cognito advanced
	// security.
	EncodedData *string
}

type UserImportInProgressException struct {
	Message *string
}

type UserImportJobStatusType string

const (
	UserImportJobStatusTypeCreated    UserImportJobStatusType = "Created"
	UserImportJobStatusTypePending    UserImportJobStatusType = "Pending"
	UserImportJobStatusTypeInprogress UserImportJobStatusType = "InProgress"
	UserImportJobStatusTypeStopping   UserImportJobStatusType = "Stopping"
	UserImportJobStatusTypeExpired    UserImportJobStatusType = "Expired"
	UserImportJobStatusTypeStopped    UserImportJobStatusType = "Stopped"
	UserImportJobStatusTypeFailed     UserImportJobStatusType = "Failed"
	UserImportJobStatusTypeSucceeded  UserImportJobStatusType = "Succeeded"
)

type UserImportJobType struct {

	// The role ARN for the Amazon CloudWatch Logging role for the user import job. For
	// more information, see "Creating the CloudWatch Logs IAM Role" in the Amazon
	// Cognito Developer Guide.
	CloudWatchLogsRoleArn *string

	// The date when the user import job was completed.
	CompletionDate *time.Time

	// The message returned when the user import job is completed.
	CompletionMessage *string

	// The date the user import job was created.
	CreationDate *time.Time

	// The number of users that could not be imported.
	FailedUsers *int64

	// The number of users that were successfully imported.
	ImportedUsers *int64

	// The job ID for the user import job.
	JobId *string

	// The job name for the user import job.
	JobName *string

	// The pre-signed URL to be used to upload the .csv file.
	PreSignedUrl *string

	// The number of users that were skipped.
	SkippedUsers *int64

	// The date when the user import job was started.
	StartDate *time.Time

	// The status of the user import job. One of the following:
	//
	//     * Created - The
	// job was created but not started.
	//
	//     * Pending - A transition state. You have
	// started the job, but it has not begun importing users yet.
	//
	//     * InProgress -
	// The job has started, and users are being imported.
	//
	//     * Stopping - You have
	// stopped the job, but the job has not stopped importing users yet.
	//
	//     * Stopped
	// - You have stopped the job, and the job has stopped importing users.
	//
	//     *
	// Succeeded - The job has completed successfully.
	//
	//     * Failed - The job has
	// stopped due to an error.
	//
	//     * Expired - You created a job, but did not start
	// the job within 24-48 hours. All data associated with the job was deleted, and
	// the job cannot be started.
	Status UserImportJobStatusType

	// The user pool ID for the user pool that the users are being imported into.
	UserPoolId *string
}

type UserLambdaValidationException struct {
	Message *string
}

type UserNotConfirmedException struct {
	Message *string
}

type UserNotFoundException struct {
	Message *string
}

type UserPoolAddOnNotEnabledException struct {
	Message *string
}

type UserPoolAddOnsType struct {

	// The advanced security mode.
	//
	// This member is required.
	AdvancedSecurityMode AdvancedSecurityModeType
}

type UserPoolClientDescription struct {

	// The ID of the client associated with the user pool.
	ClientId *string

	// The client name from the user pool client description.
	ClientName *string

	// The user pool ID for the user pool where you want to describe the user pool
	// client.
	UserPoolId *string
}

type UserPoolClientType struct {

	// The allowed OAuth flows. Set to code to initiate a code grant flow, which
	// provides an authorization code as the response. This code can be exchanged for
	// access tokens with the token endpoint. Set to implicit to specify that the
	// client should get the access token (and, optionally, ID token, based on scopes)
	// directly. Set to client_credentials to specify that the client should get the
	// access token (and, optionally, ID token, based on scopes) from the token
	// endpoint using a combination of client and client_secret.
	AllowedOAuthFlows []OAuthFlowType

	// Set to true if the client is allowed to follow the OAuth protocol when
	// interacting with Cognito user pools.
	AllowedOAuthFlowsUserPoolClient *bool

	// The allowed OAuth scopes. Possible values provided by OAuth are: phone, email,
	// openid, and profile. Possible values provided by AWS are:
	// aws.cognito.signin.user.admin. Custom scopes created in Resource Servers are
	// also supported.
	AllowedOAuthScopes []*string

	// The Amazon Pinpoint analytics configuration for the user pool client. Cognito
	// User Pools only supports sending events to Amazon Pinpoint projects in the US
	// East (N. Virginia) us-east-1 Region, regardless of the region in which the user
	// pool resides.
	AnalyticsConfiguration *AnalyticsConfigurationType

	// A list of allowed redirect (callback) URLs for the identity providers. A
	// redirect URI must:
	//
	//     * Be an absolute URI.
	//
	//     * Be registered with the
	// authorization server.
	//
	//     * Not include a fragment component.
	//
	// See OAuth 2.0 -
	// Redirection Endpoint (https://tools.ietf.org/html/rfc6749#section-3.1.2). Amazon
	// Cognito requires HTTPS over HTTP except for http://localhost for testing
	// purposes only. App callback URLs such as myapp://example are also supported.
	CallbackURLs []*string

	// The ID of the client associated with the user pool.
	ClientId *string

	// The client name from the user pool request of the client type.
	ClientName *string

	// The client secret from the user pool request of the client type.
	ClientSecret *string

	// The date the user pool client was created.
	CreationDate *time.Time

	// The default redirect URI. Must be in the CallbackURLs list. A redirect URI
	// must:
	//
	//     * Be an absolute URI.
	//
	//     * Be registered with the authorization
	// server.
	//
	//     * Not include a fragment component.
	//
	// See OAuth 2.0 - Redirection
	// Endpoint (https://tools.ietf.org/html/rfc6749#section-3.1.2). Amazon Cognito
	// requires HTTPS over HTTP except for http://localhost for testing purposes only.
	// App callback URLs such as myapp://example are also supported.
	DefaultRedirectURI *string

	// The authentication flows that are supported by the user pool clients. Flow names
	// without the ALLOW_ prefix are deprecated in favor of new names with the ALLOW_
	// prefix. Note that values with ALLOW_ prefix cannot be used along with values
	// without ALLOW_ prefix. Valid values include:
	//
	//     *
	// ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication
	// flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH
	// setting. With this authentication flow, Cognito receives the password in the
	// request instead of using the SRP (Secure Remote Password protocol) protocol to
	// verify passwords.
	//
	//     * ALLOW_CUSTOM_AUTH: Enable Lambda trigger based
	// authentication.
	//
	//     * ALLOW_USER_PASSWORD_AUTH: Enable user password-based
	// authentication. In this flow, Cognito receives the password in the request
	// instead of using the SRP protocol to verify passwords.
	//
	//     *
	// ALLOW_USER_SRP_AUTH: Enable SRP based authentication.
	//
	//     *
	// ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
	ExplicitAuthFlows []ExplicitAuthFlowsType

	// The date the user pool client was last modified.
	LastModifiedDate *time.Time

	// A list of allowed logout URLs for the identity providers.
	LogoutURLs []*string

	// Use this setting to choose which errors and responses are returned by Cognito
	// APIs during authentication, account confirmation, and password recovery when the
	// user does not exist in the user pool. When set to ENABLED and the user does not
	// exist, authentication returns an error indicating either the username or
	// password was incorrect, and account confirmation and password recovery return a
	// response indicating a code was sent to a simulated destination. When set to
	// LEGACY, those APIs will return a UserNotFoundException exception if the user
	// does not exist in the user pool. Valid values include:
	//
	//     * ENABLED - This
	// prevents user existence-related errors.
	//
	//     * LEGACY - This represents the old
	// behavior of Cognito where user existence related errors are not prevented.
	//
	// This
	// setting affects the behavior of following APIs:
	//
	//     * AdminInitiateAuth
	//
	//     *
	// AdminRespondToAuthChallenge
	//
	//     * InitiateAuth
	//
	//     * RespondToAuthChallenge
	//
	//
	// * ForgotPassword
	//
	//     * ConfirmForgotPassword
	//
	//     * ConfirmSignUp
	//
	//     *
	// ResendConfirmationCode
	//
	// After February 15th 2020, the value of
	// PreventUserExistenceErrors will default to ENABLED for newly created user pool
	// clients if no value is provided.
	PreventUserExistenceErrors PreventUserExistenceErrorTypes

	// The Read-only attributes.
	ReadAttributes []*string

	// The time limit, in days, after which the refresh token is no longer valid and
	// cannot be used.
	RefreshTokenValidity *int32

	// A list of provider names for the identity providers that are supported on this
	// client.
	SupportedIdentityProviders []*string

	// The user pool ID for the user pool client.
	UserPoolId *string

	// The writeable attributes.
	WriteAttributes []*string
}

type UserPoolDescriptionType struct {

	// The date the user pool description was created.
	CreationDate *time.Time

	// The ID in a user pool description.
	Id *string

	// The AWS Lambda configuration information in a user pool description.
	LambdaConfig *LambdaConfigType

	// The date the user pool description was last modified.
	LastModifiedDate *time.Time

	// The name in a user pool description.
	Name *string

	// The user pool status in a user pool description.
	Status StatusType
}

type UserPoolMfaType string

const (
	UserPoolMfaTypeOff      UserPoolMfaType = "OFF"
	UserPoolMfaTypeOn       UserPoolMfaType = "ON"
	UserPoolMfaTypeOptional UserPoolMfaType = "OPTIONAL"
)

type UserPoolPolicyType struct {

	// The password policy.
	PasswordPolicy *PasswordPolicyType
}

type UserPoolTaggingException struct {
	Message *string
}

type UserPoolType struct {

	// Use this setting to define which verified available method a user can use to
	// recover their password when they call ForgotPassword. It allows you to define a
	// preferred method when a user has more than one method available. With this
	// setting, SMS does not qualify for a valid password recovery mechanism if the
	// user also has SMS MFA enabled. In the absence of this setting, Cognito uses the
	// legacy behavior to determine the recovery method where SMS is preferred over
	// email.
	AccountRecoverySetting *AccountRecoverySettingType

	// The configuration for AdminCreateUser requests.
	AdminCreateUserConfig *AdminCreateUserConfigType

	// Specifies the attributes that are aliased in a user pool.
	AliasAttributes []AliasAttributeType

	// The Amazon Resource Name (ARN) for the user pool.
	Arn *string

	// Specifies the attributes that are auto-verified in a user pool.
	AutoVerifiedAttributes []VerifiedAttributeType

	// The date the user pool was created.
	CreationDate *time.Time

	// A custom domain name that you provide to Amazon Cognito. This parameter applies
	// only if you use a custom domain to host the sign-up and sign-in pages for your
	// application. For example: auth.example.com. For more information about adding a
	// custom domain to your user pool, see Using Your Own Domain for the Hosted UI
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-add-custom-domain.html).
	CustomDomain *string

	// The device configuration.
	DeviceConfiguration *DeviceConfigurationType

	// Holds the domain prefix if the user pool has a domain associated with it.
	Domain *string

	// The email configuration.
	EmailConfiguration *EmailConfigurationType

	// The reason why the email configuration cannot send the messages to your users.
	EmailConfigurationFailure *string

	// The contents of the email verification message.
	EmailVerificationMessage *string

	// The subject of the email verification message.
	EmailVerificationSubject *string

	// A number estimating the size of the user pool.
	EstimatedNumberOfUsers *int32

	// The ID of the user pool.
	Id *string

	// The AWS Lambda triggers associated with the user pool.
	LambdaConfig *LambdaConfigType

	// The date the user pool was last modified.
	LastModifiedDate *time.Time

	// Can be one of the following values:
	//
	//     * OFF - MFA tokens are not required and
	// cannot be specified during user registration.
	//
	//     * ON - MFA tokens are
	// required for all user registrations. You can only specify required when you are
	// initially creating a user pool.
	//
	//     * OPTIONAL - Users have the option when
	// registering to create an MFA token.
	MfaConfiguration UserPoolMfaType

	// The name of the user pool.
	Name *string

	// The policies associated with the user pool.
	Policies *UserPoolPolicyType

	// A container with the schema attributes of a user pool.
	SchemaAttributes []*SchemaAttributeType

	// The contents of the SMS authentication message.
	SmsAuthenticationMessage *string

	// The SMS configuration.
	SmsConfiguration *SmsConfigurationType

	// The reason why the SMS configuration cannot send the messages to your users.
	SmsConfigurationFailure *string

	// The contents of the SMS verification message.
	SmsVerificationMessage *string

	// The status of a user pool.
	Status StatusType

	// The user pool add-ons.
	UserPoolAddOns *UserPoolAddOnsType

	// The tags that are assigned to the user pool. A tag is a label that you can apply
	// to user pools to categorize and manage them in different ways, such as by
	// purpose, owner, environment, or other criteria.
	UserPoolTags map[string]*string

	// Specifies whether email addresses or phone numbers can be specified as usernames
	// when a user signs up.
	UsernameAttributes []UsernameAttributeType

	// You can choose to enable case sensitivity on the username input for the selected
	// sign-in option. For example, when this is set to False, users will be able to
	// sign in using either "username" or "Username". This configuration is immutable
	// once it has been set. For more information, see .
	UsernameConfiguration *UsernameConfigurationType

	// The template for verification messages.
	VerificationMessageTemplate *VerificationMessageTemplateType
}

type UserStatusType string

const (
	UserStatusTypeUnconfirmed           UserStatusType = "UNCONFIRMED"
	UserStatusTypeConfirmed             UserStatusType = "CONFIRMED"
	UserStatusTypeArchived              UserStatusType = "ARCHIVED"
	UserStatusTypeCompromised           UserStatusType = "COMPROMISED"
	UserStatusTypeUnknown               UserStatusType = "UNKNOWN"
	UserStatusTypeReset_required        UserStatusType = "RESET_REQUIRED"
	UserStatusTypeForce_change_password UserStatusType = "FORCE_CHANGE_PASSWORD"
)

type UserType struct {

	// A container with information about the user type attributes.
	Attributes []*AttributeType

	// Specifies whether the user is enabled.
	Enabled *bool

	// The MFA options for the user.
	MFAOptions []*MFAOptionType

	// The creation date of the user.
	UserCreateDate *time.Time

	// The last modified date of the user.
	UserLastModifiedDate *time.Time

	// The user status. Can be one of the following:
	//
	//     * UNCONFIRMED - User has been
	// created but not confirmed.
	//
	//     * CONFIRMED - User has been confirmed.
	//
	//     *
	// ARCHIVED - User is no longer active.
	//
	//     * COMPROMISED - User is disabled due
	// to a potential security threat.
	//
	//     * UNKNOWN - User status is not known.
	//
	//
	// * RESET_REQUIRED - User is confirmed, but the user must request a code and reset
	// his or her password before he or she can sign in.
	//
	//     * FORCE_CHANGE_PASSWORD -
	// The user is confirmed and the user can sign in using a temporary password, but
	// on first sign-in, the user must change his or her password to a new value before
	// doing anything else.
	UserStatus UserStatusType

	// The user name of the user you wish to describe.
	Username *string
}

type UsernameAttributeType string

const (
	UsernameAttributeTypePhone_number UsernameAttributeType = "phone_number"
	UsernameAttributeTypeEmail        UsernameAttributeType = "email"
)

type UsernameConfigurationType struct {

	// Specifies whether username case sensitivity will be applied for all users in the
	// user pool through Cognito APIs. Valid values include:
	//
	//     * True : Enables case
	// sensitivity for all username input. When this option is set to True, users must
	// sign in using the exact capitalization of their given username. For example,
	// “UserName”. This is the default value.
	//
	//     * False : Enables case insensitivity
	// for all username input. For example, when this option is set to False, users
	// will be able to sign in using either "username" or "Username". This option also
	// enables both preferred_username and email alias to be case insensitive, in
	// addition to the username attribute.
	//
	// This member is required.
	CaseSensitive *bool
}

type UsernameExistsException struct {
	Message *string
}

type VerificationMessageTemplateType struct {

	// The default email option.
	DefaultEmailOption DefaultEmailOptionType

	// The email message template.
	EmailMessage *string

	// The email message template for sending a confirmation link to the user.
	EmailMessageByLink *string

	// The subject line for the email message template.
	EmailSubject *string

	// The subject line for the email message template for sending a confirmation link
	// to the user.
	EmailSubjectByLink *string

	// The SMS message template.
	SmsMessage *string
}

type VerifiedAttributeType string

const (
	VerifiedAttributeTypePhone_number VerifiedAttributeType = "phone_number"
	VerifiedAttributeTypeEmail        VerifiedAttributeType = "email"
)

type VerifySoftwareTokenResponseType string

const (
	VerifySoftwareTokenResponseTypeSuccess VerifySoftwareTokenResponseType = "SUCCESS"
	VerifySoftwareTokenResponseTypeError   VerifySoftwareTokenResponseType = "ERROR"
)