type AccessControlList struct {
	// Specifies whether the ACL grants the general public with read access permissions
	// for the bucket.
	AllowsPublicReadAccess *bool
	// Specifies whether the ACL grants the general public with write access
	// permissions for the bucket.
	AllowsPublicWriteAccess *bool
}

type AccessDeniedException struct {
	Message *string
}

type AccountDetail struct {
	// The AWS account ID for the account.
	AccountId *string
	// The email address for the account.
	Email *string
}

type AccountLevelPermissions struct {
	// The block public access settings for the bucket.
	BlockPublicAccess *BlockPublicAccess
}

type AdminAccount struct {
	// The AWS account ID for the account.
	AccountId *string
	// The current status of the account as a delegated administrator of Amazon Macie
	// for the organization.
	Status AdminStatus
}

type AdminStatus string

const (
	AdminStatusEnabled               AdminStatus = "ENABLED"
	AdminStatusDisabling_in_progress AdminStatus = "DISABLING_IN_PROGRESS"
)

type ApiCallDetails struct {
	// The most recent date and time, in UTC and extended ISO 8601 format, when the
	// specified operation (api) was invoked and produced the finding.
	LastSeen *time.Time
	// The first date and time, in UTC and extended ISO 8601 format, when any operation
	// was invoked and produced the finding.
	FirstSeen *time.Time
	// The URL of the AWS service that provides the operation, for example:
	// s3.amazonaws.com.
	ApiServiceName *string
	// The name of the operation that was invoked most recently and produced the
	// finding.
	Api *string
}

type AssumedRole struct {
	// The unique identifier for the entity that was used to get the credentials.
	PrincipalId *string
	// The AWS access key ID that identifies the credentials.
	AccessKeyId *string
	// The unique identifier for the AWS account that owns the entity that was used to
	// get the credentials.
	AccountId *string
	// The details of the session that was created for the credentials, including the
	// entity that issued the session.
	SessionContext *SessionContext
	// The Amazon Resource Name (ARN) of the entity that was used to get the
	// credentials.
	Arn *string
}

type AwsAccount struct {
	// The unique identifier for the entity that performed the action.
	PrincipalId *string
	// The unique identifier for the AWS account.
	AccountId *string
}

type AwsService struct {
	// The name of the AWS service that performed the action.
	InvokedBy *string
}

type BatchGetCustomDataIdentifierSummary struct {
	// The Amazon Resource Name (ARN) of the custom data identifier.
	Arn *string
	// The unique identifier for the custom data identifier.
	Id *string
	// Specifies whether the custom data identifier was deleted. If you delete a custom
	// data identifier, Amazon Macie doesn't delete it permanently. Instead, it soft
	// deletes the identifier.
	Deleted *bool
	// The date and time, in UTC and extended ISO 8601 format, when the custom data
	// identifier was created.
	CreatedAt *time.Time
	// The custom description of the custom data identifier.
	Description *string
	// The custom name of the custom data identifier.
	Name *string
}

type BlockPublicAccess struct {
	// Specifies whether Amazon S3 restricts public bucket policies for the bucket.
	RestrictPublicBuckets *bool
	// Specifies whether Amazon S3 blocks public access control lists (ACLs) for the
	// bucket and objects in the bucket.
	BlockPublicAcls *bool
	// Specifies whether Amazon S3 ignores public ACLs for the bucket and objects in
	// the bucket.
	IgnorePublicAcls *bool
	// Specifies whether Amazon S3 blocks public bucket policies for the bucket.
	BlockPublicPolicy *bool
}

type BucketCountByEffectivePermission struct {
	// The total number of buckets that allow the general public to have read or write
	// access to the bucket.
	PubliclyAccessible *int64
	// The total number of buckets that allow the general public to have read access to
	// the bucket.
	PubliclyReadable *int64
	// The total number of buckets that allow the general public to have write access
	// to the bucket.
	PubliclyWritable *int64
}

type BucketCountByEncryptionType struct {
	// The total number of buckets that use an AWS Key Management Service (AWS KMS)
	// customer master key (CMK) to encrypt objects. These buckets use AWS KMS
	// AWS-managed (AWS-KMS) encryption or AWS KMS customer-managed (SSE-KMS)
	// encryption.
	KmsManaged *int64
	// The total number of buckets that don't encrypt objects by default. Default
	// encryption is disabled for these buckets.
	Unencrypted *int64
	// The total number of buckets that use an Amazon S3-managed key to encrypt
	// objects. These buckets use Amazon S3-managed (SSE-S3) encryption.
	S3Managed *int64
}

type BucketCountBySharedAccessType struct {
	// The total number of buckets that are shared with an AWS account that isn't part
	// of the same Amazon Macie organization.
	External *int64
	// The total number of buckets that aren't shared with any other AWS accounts.
	NotShared *int64
	// The total number of buckets that are shared with an AWS account that's part of
	// the same Amazon Macie organization.
	Internal *int64
}

type BucketCriteriaAdditionalProperties struct {
	// An equal to condition to apply to a specified attribute value for buckets.
	Eq []*string
	// The prefix of the buckets to include in the results.
	Prefix *string
	// A less than or equal to condition to apply to a specified attribute value for
	// buckets.
	Lte *int64
	// A greater than condition to apply to a specified attribute value for buckets.
	Gt *int64
	// A less than condition to apply to a specified attribute value for buckets.
	Lt *int64
	// A not equal to condition to apply to a specified attribute value for buckets.
	Neq []*string
	// A greater than or equal to condition to apply to a specified attribute value for
	// buckets.
	Gte *int64
}

type BucketLevelPermissions struct {
	// The permissions settings of the access control list (ACL) for the bucket. This
	// value is null if an ACL hasn't been defined for the bucket.
	AccessControlList *AccessControlList
	// The block public access settings for the bucket.
	BlockPublicAccess *BlockPublicAccess
	// The permissions settings of the bucket policy for the bucket. This value is null
	// if a bucket policy hasn't been defined for the bucket.
	BucketPolicy *BucketPolicy
}

type BucketMetadata struct {
	// The total number of objects in the bucket.
	ObjectCount *int64
	// The total number of objects that Amazon Macie can analyze in the bucket. These
	// objects use a file format, file extension, or content type that Amazon Macie
	// supports.
	ClassifiableObjectCount *int64
	// The total storage size, in bytes, of the bucket.
	SizeInBytes *int64
	// Specifies whether the bucket is shared with another AWS account. Valid values
	// are:
	//
	//     * EXTERNAL - The bucket is shared with an AWS account that isn’t part
	// of the same Amazon Macie organization.
	//
	//     * INTERNAL - The bucket is shared
	// with an AWS account that's part of the same Amazon Macie organization.
	//
	//     *
	// NOT_SHARED - The bucket isn't shared with other AWS accounts.
	SharedAccess SharedAccess
	// The name of the bucket.
	BucketName *string
	// The total number of objects that are in the bucket, grouped by server-side
	// encryption type. This includes a grouping that reports the total number of
	// objects that aren't encrypted or use client-side encryption.
	ObjectCountByEncryptionType *ObjectCountByEncryptionType
	// Specifies whether the bucket is configured to replicate one or more objects to
	// buckets for other AWS accounts and, if so, which accounts.
	ReplicationDetails *ReplicationDetails
	// The AWS Region that hosts the bucket.
	Region *string
	// The date and time, in UTC and extended ISO 8601 format, when the bucket was
	// created.
	BucketCreatedAt *time.Time
	// The total compressed storage size, in bytes, of the bucket.
	SizeInBytesCompressed *int64
	// The unique identifier for the AWS account that's associated with the bucket.
	AccountId *string
	// The Amazon Resource Name (ARN) of the bucket.
	BucketArn *string
	// An array that specifies the tags (keys and values) that are associated with the
	// bucket.
	Tags []*KeyValuePair
	// Specifies whether the bucket is publicly accessible. If this value is true, an
	// access control list (ACL), bucket policy, or block public access settings allow
	// the bucket to be accessed by the general public.
	PublicAccess *BucketPublicAccess
	// The date and time, in UTC and extended ISO 8601 format, when Amazon Macie last
	// analyzed the bucket.
	LastUpdated *time.Time
	// Specifies whether versioning is enabled for the bucket.
	Versioning *bool
}

type BucketPermissionConfiguration struct {
	// The bucket-level permissions settings for the bucket.
	BucketLevelPermissions *BucketLevelPermissions
	// The account-level permissions settings that apply to the bucket.
	AccountLevelPermissions *AccountLevelPermissions
}

type BucketPolicy struct {
	// Specifies whether the bucket policy allows the general public to have read
	// access to the bucket.
	AllowsPublicReadAccess *bool
	// Specifies whether the bucket policy allows the general public to have write
	// access to the bucket.
	AllowsPublicWriteAccess *bool
}

type BucketPublicAccess struct {
	// Specifies whether the bucket is publicly accessible due to the combination of
	// permissions settings that apply to the bucket. Possible values are: PUBLIC, the
	// bucket is publicly accessible; and, NOT_PUBLIC, the bucket isn't publicly
	// accessible.
	EffectivePermission EffectivePermission
	// The account-level and bucket-level permissions for the bucket.
	PermissionConfiguration *BucketPermissionConfiguration
}

type BucketSortCriteria struct {
	// The name of the attribute to sort the results by. This value can be the name of
	// any property that Amazon Macie defines as bucket metadata, such as bucketName,
	// accountId, or lastUpdated.
	AttributeName *string
	// The sort order to apply to the results, based on the value for the property
	// specified by the attributeName property. Valid values are: ASC, sort the results
	// in ascending order; and, DESC, sort the results in descending order.
	OrderBy OrderBy
}

type ClassificationDetails struct {
	// The Amazon Resource Name (ARN) of the classification job that produced the
	// finding.
	JobArn *string
	// The Amazon Resource Name (ARN) of the file that contains the detailed record,
	// including offsets, for the finding.
	DetailedResultsLocation *string
	// The status and detailed results of the finding.
	Result *ClassificationResult
	// The unique identifier for the classification job that produced the finding.
	JobId *string
}

type ClassificationExportConfiguration struct {
	// The S3 bucket to store data classification results in, and the encryption
	// settings to use when storing results in that bucket.
	S3Destination *S3Destination
}

type ClassificationResult struct {
	// The category and number of occurrences of the sensitive data that produced the
	// finding.
	SensitiveData []*SensitiveDataItem
	// The type of content, expressed as a MIME type, that the finding applies to. For
	// example, application/gzip, for a GNU Gzip compressed archive file, or
	// application/pdf, for an Adobe PDF file.
	MimeType *string
	// The total size, in bytes, of the data that the finding applies to.
	SizeClassified *int64
	// The status of the finding.
	Status *ClassificationResultStatus
	// The number of occurrences of the data that produced the finding, and the custom
	// data identifiers that detected the data.
	CustomDataIdentifiers *CustomDataIdentifiers
}

type ClassificationResultStatus struct {
	// The status of the finding, such as COMPLETE.
	Code *string
	// A brief description of the status of the finding. Amazon Macie uses this value
	// to notify you of any errors, warnings, or considerations that might impact your
	// analysis of the finding.
	Reason *string
}

type ConflictException struct {
	Message *string
}

type CriterionAdditionalProperties struct {
	// An equal to condition to apply to a specified property value for findings.
	Eq []*string
	// A less than or equal to condition to apply to a specified property value for
	// findings.
	Lte *int64
	// A greater than condition to apply to a specified property value for findings.
	Gt *int64
	// A less than condition to apply to a specified property value for findings.
	Lt *int64
	// A not equal to condition to apply to a specified property value for findings.
	Neq []*string
	// A greater than or equal to condition to apply to a specified property value for
	// findings.
	Gte *int64
}

type Currency string

const (
	CurrencyUsd Currency = "USD"
)

type CustomDataIdentifierSummary struct {
	// The custom name of the custom data identifier.
	Name *string
	// The custom description of the custom data identifier.
	Description *string
	// The unique identifier for the custom data identifier.
	Id *string
	// The Amazon Resource Name (ARN) of the custom data identifier.
	Arn *string
	// The date and time, in UTC and extended ISO 8601 format, when the custom data
	// identifier was created.
	CreatedAt *time.Time
}

type CustomDataIdentifiers struct {
	// The custom data identifiers that detected the data, and the number of
	// occurrences of the data that each identifier detected.
	Detections []*CustomDetection
	// The total number of occurrences of the data that was detected by the custom data
	// identifiers and produced the finding.
	TotalCount *int64
}

type CustomDetection struct {
	// The total number of occurrences of the data that the custom data identifier
	// detected for the finding.
	Count *int64
	// The name of the custom data identifier.
	Name *string
	// The Amazon Resource Name (ARN) of the custom data identifier.
	Arn *string
}

type DailySchedule struct {
}

type DayOfWeek string

const (
	DayOfWeekSunday    DayOfWeek = "SUNDAY"
	DayOfWeekMonday    DayOfWeek = "MONDAY"
	DayOfWeekTuesday   DayOfWeek = "TUESDAY"
	DayOfWeekWednesday DayOfWeek = "WEDNESDAY"
	DayOfWeekThursday  DayOfWeek = "THURSDAY"
	DayOfWeekFriday    DayOfWeek = "FRIDAY"
	DayOfWeekSaturday  DayOfWeek = "SATURDAY"
)

type DefaultDetection struct {
	// The total number of occurrences of the type of data that was detected.
	Count *int64
	// The type of data that was detected. For example, AWS_CREDENTIALS, PHONE_NUMBER,
	// or ADDRESS.
	Type *string
}

type DomainDetails struct {
	// The name of the domain.
	DomainName *string
}

type EffectivePermission string

const (
	EffectivePermissionPublic     EffectivePermission = "PUBLIC"
	EffectivePermissionNot_public EffectivePermission = "NOT_PUBLIC"
)

type EncryptionType string

const (
	EncryptionTypeNone    EncryptionType = "NONE"
	EncryptionTypeAes256  EncryptionType = "AES256"
	EncryptionTypeAws_kms EncryptionType = "aws:kms"
	EncryptionTypeUnknown EncryptionType = "UNKNOWN"
)

type ErrorCode string

const (
	ErrorCodeClienterror   ErrorCode = "ClientError"
	ErrorCodeInternalerror ErrorCode = "InternalError"
)

type FederatedUser struct {
	// The details of the session that was created for the credentials, including the
	// entity that issued the session.
	SessionContext *SessionContext
	// The unique identifier for the AWS account that owns the entity that was used to
	// get the credentials.
	AccountId *string
	// The Amazon Resource Name (ARN) of the entity that was used to get the
	// credentials.
	Arn *string
	// The unique identifier for the entity that was used to get the credentials.
	PrincipalId *string
	// The AWS access key ID that identifies the credentials.
	AccessKeyId *string
}

type Finding struct {
	// The unique identifier for the finding. This is a random string that Amazon Macie
	// generates and assigns to a finding when it creates the finding.
	Id *string
	// The date and time, in UTC and extended ISO 8601 format, when the finding was
	// last updated. For sensitive data findings, this value is the same as the value
	// for the createdAt property. Sensitive data findings aren't updated.
	UpdatedAt *time.Time
	// The details of a sensitive data finding. This value is null for a policy
	// finding.
	ClassificationDetails *ClassificationDetails
	// The category of the finding. Possible values are: CLASSIFICATION, for a
	// sensitive data finding; and, POLICY, for a policy finding.
	Category FindingCategory
	// The resources that the finding applies to.
	ResourcesAffected *ResourcesAffected
	// The date and time, in UTC and extended ISO 8601 format, when the finding was
	// created.
	CreatedAt *time.Time
	// The AWS partition that Amazon Macie created the finding in.
	Partition *string
	// The version of the schema that was used to define the data structures in the
	// finding.
	SchemaVersion *string
	// The brief description of the finding.
	Title *string
	// The total number of occurrences of this finding.
	Count *int64
	// The AWS Region that Amazon Macie created the finding in.
	Region *string
	// The unique identifier for the AWS account that the finding applies to. This is
	// typically the account that owns the affected resource.
	AccountId *string
	// Specifies whether the finding is a sample finding. A sample finding is a finding
	// that uses example data to demonstrate what a finding might contain.
	Sample *bool
	// The description of the finding.
	Description *string
	// The type of the finding.
	Type FindingType
	// The severity of the finding.
	Severity *Severity
	// Specifies whether the finding is archived.
	Archived *bool
	// The details of a policy finding. This value is null for a sensitive data
	// finding.
	PolicyDetails *PolicyDetails
}

type FindingAction struct {
	// The type of action that occurred for the affected resource. This value is
	// typically AWS_API_CALL, which indicates that an entity invoked an API operation
	// for the resource.
	ActionType FindingActionType
	// The invocation details of the API operation that an entity invoked for the
	// affected resource, if the value for the actionType property is AWS_API_CALL.
	ApiCallDetails *ApiCallDetails
}

type FindingActionType string

const (
	FindingActionTypeAws_api_call FindingActionType = "AWS_API_CALL"
)

type FindingActor struct {
	// The domain name of the device that the entity used to perform the action on the
	// affected resource.
	DomainDetails *DomainDetails
	// The IP address of the device that the entity used to perform the action on the
	// affected resource. This object also provides information such as the owner and
	// geographic location for the IP address.
	IpAddressDetails *IpAddressDetails
	// The type and other characteristics of the entity that performed the action on
	// the affected resource.
	UserIdentity *UserIdentity
}

type FindingCategory string

const (
	FindingCategoryClassification FindingCategory = "CLASSIFICATION"
	FindingCategoryPolicy         FindingCategory = "POLICY"
)

type FindingCriteria struct {
	// A condition that specifies the property, operator, and value to use to filter
	// the results.
	Criterion map[string]*CriterionAdditionalProperties
}

type FindingPublishingFrequency string

const (
	FindingPublishingFrequencyFifteen_minutes FindingPublishingFrequency = "FIFTEEN_MINUTES"
	FindingPublishingFrequencyOne_hour        FindingPublishingFrequency = "ONE_HOUR"
	FindingPublishingFrequencySix_hours       FindingPublishingFrequency = "SIX_HOURS"
)

type FindingStatisticsSortAttributeName string

const (
	FindingStatisticsSortAttributeNameGroupkey FindingStatisticsSortAttributeName = "groupKey"
	FindingStatisticsSortAttributeNameCount    FindingStatisticsSortAttributeName = "count"
)

type FindingStatisticsSortCriteria struct {
	// The grouping to sort the results by. Valid values are: count, sort the results
	// by the number of findings in each group of results; and, groupKey, sort the
	// results by the name of each group of results.
	AttributeName FindingStatisticsSortAttributeName
	// The sort order to apply to the results, based on the value for the property
	// specified by the attributeName property. Valid values are: ASC, sort the results
	// in ascending order; and, DESC, sort the results in descending order.
	OrderBy OrderBy
}

type FindingType string

const (
	FindingTypeSensitivedata_s3object_multiple             FindingType = "SensitiveData:S3Object/Multiple"
	FindingTypeSensitivedata_s3object_financial            FindingType = "SensitiveData:S3Object/Financial"
	FindingTypeSensitivedata_s3object_personal             FindingType = "SensitiveData:S3Object/Personal"
	FindingTypeSensitivedata_s3object_credentials          FindingType = "SensitiveData:S3Object/Credentials"
	FindingTypeSensitivedata_s3object_customidentifier     FindingType = "SensitiveData:S3Object/CustomIdentifier"
	FindingTypePolicy_iamuser_s3bucketpublic               FindingType = "Policy:IAMUser/S3BucketPublic"
	FindingTypePolicy_iamuser_s3bucketsharedexternally     FindingType = "Policy:IAMUser/S3BucketSharedExternally"
	FindingTypePolicy_iamuser_s3bucketreplicatedexternally FindingType = "Policy:IAMUser/S3BucketReplicatedExternally"
	FindingTypePolicy_iamuser_s3bucketencryptiondisabled   FindingType = "Policy:IAMUser/S3BucketEncryptionDisabled"
	FindingTypePolicy_iamuser_s3blockpublicaccessdisabled  FindingType = "Policy:IAMUser/S3BlockPublicAccessDisabled"
)

type FindingsFilterAction string

const (
	FindingsFilterActionArchive FindingsFilterAction = "ARCHIVE"
	FindingsFilterActionNoop    FindingsFilterAction = "NOOP"
)

type FindingsFilterListItem struct {
	// The action that's performed on findings that meet the filter criteria. Possible
	// values are: ARCHIVE, suppress (automatically archive) the findings; and, NOOP,
	// don't perform any action on the findings.
	Action FindingsFilterAction
	// The custom name of the filter.
	Name *string
	// The Amazon Resource Name (ARN) of the filter.
	Arn *string
	// The unique identifier for the filter.
	Id *string
	// A map of key-value pairs that identifies the tags (keys and values) that are
	// associated with the filter.
	Tags map[string]*string
}

type GroupBy string

const (
	GroupByResourcesaffected_s3bucket_name GroupBy = "resourcesAffected.s3Bucket.name"
	GroupByType                            GroupBy = "type"
	GroupByClassificationdetails_jobid     GroupBy = "classificationDetails.jobId"
	GroupBySeverity_description            GroupBy = "severity.description"
)

type GroupCount struct {
	// The name of the property that defines the group in the query results, as
	// specified by the groupBy property in the query request.
	GroupKey *string
	// The total number of findings in the group of query results.
	Count *int64
}

type IamUser struct {
	// The user name of the IAM user who performed the action.
	UserName *string
	// The Amazon Resource Name (ARN) of the principal that performed the action. The
	// last section of the ARN contains the name of the user who performed the action.
	Arn *string
	// The unique identifier for the AWS account that's associated with the IAM user
	// who performed the action.
	AccountId *string
	// The unique identifier for the IAM user who performed the action.
	PrincipalId *string
}

type InternalServerException struct {
	Message *string
}

type Invitation struct {
	// The AWS account ID for the account that sent the invitation.
	AccountId *string
	// The date and time, in UTC and extended ISO 8601 format, when the invitation was
	// sent.
	InvitedAt *time.Time
	// The status of the relationship between the account that sent the invitation
	// (inviter account) and the account that received the invitation (invitee
	// account).
	RelationshipStatus RelationshipStatus
	// The unique identifier for the invitation. Amazon Macie uses this identifier to
	// validate the inviter account with the invitee account.
	InvitationId *string
}

type IpAddressDetails struct {
	// The city that the IP address originated from.
	IpCity *IpCity
	// The geographic coordinates of the location that the IP address originated from.
	IpGeoLocation *IpGeoLocation
	// The country that the IP address originated from.
	IpCountry *IpCountry
	// The registered owner of the IP address.
	IpOwner *IpOwner
	// The Internet Protocol version 4 (IPv4) address of the device.
	IpAddressV4 *string
}

type IpCity struct {
	// The name of the city.
	Name *string
}

type IpCountry struct {
	// The two-character code, in ISO 3166-1 alpha-2 format, for the country that the
	// IP address originated from. For example, US for the United States.
	Code *string
	// The name of the country that the IP address originated from.
	Name *string
}

type IpGeoLocation struct {
	// The longitude coordinate of the location, rounded to four decimal places.
	Lon *float64
	// The latitude coordinate of the location, rounded to four decimal places.
	Lat *float64
}

type IpOwner struct {
	// The name of the internet service provider (ISP) that owned the IP address.
	Isp *string
	// The autonomous system number (ASN) for the autonomous system that included the
	// IP address.
	Asn *string
	// The name of the organization that owned the IP address.
	Org *string
	// The organization identifier that's associated with the autonomous system number
	// (ASN) for the autonomous system that included the IP address.
	AsnOrg *string
}

type JobComparator string

const (
	JobComparatorEq       JobComparator = "EQ"
	JobComparatorGt       JobComparator = "GT"
	JobComparatorGte      JobComparator = "GTE"
	JobComparatorLt       JobComparator = "LT"
	JobComparatorLte      JobComparator = "LTE"
	JobComparatorNe       JobComparator = "NE"
	JobComparatorContains JobComparator = "CONTAINS"
)

type JobScheduleFrequency struct {
	// Specifies a weekly recurrence pattern for running the job.
	WeeklySchedule *WeeklySchedule
	// Specifies a monthly recurrence pattern for running the job.
	MonthlySchedule *MonthlySchedule
	// Specifies a daily recurrence pattern for running the job.
	DailySchedule *DailySchedule
}

type JobScopeTerm struct {
	// A tag-based condition that defines the operator and a tag key or tag keys and
	// values for including or excluding an object from the job.
	TagScopeTerm *TagScopeTerm
	// A property-based condition that defines a property, operator, and one or more
	// values for including or excluding an object from the job.
	SimpleScopeTerm *SimpleScopeTerm
}

type JobScopingBlock struct {
	// An array of conditions, one for each condition that determines which objects to
	// include or exclude from the job.
	And []*JobScopeTerm
}

type JobStatus string

const (
	JobStatusRunning   JobStatus = "RUNNING"
	JobStatusPaused    JobStatus = "PAUSED"
	JobStatusCancelled JobStatus = "CANCELLED"
	JobStatusComplete  JobStatus = "COMPLETE"
	JobStatusIdle      JobStatus = "IDLE"
)

type JobSummary struct {
	// The date and time, in UTC and extended ISO 8601 format, when the job was
	// created.
	CreatedAt *time.Time
	// The schedule for running the job. Possible values are:
	//
	//     * ONE_TIME - The job
	// ran or will run only once.
	//
	//     * SCHEDULED - The job runs on a daily, weekly,
	// or monthly basis.
	JobType JobType
	// The unique identifier for the job.
	JobId *string
	// The current status of the job. Possible values are:
	//
	//     * CANCELLED - The job
	// was cancelled by you or a user of the master account for your organization. A
	// job might also be cancelled if ownership of an S3 bucket changed while the job
	// was running, and that change affected the job's access to the bucket.
	//
	//     *
	// COMPLETE - Amazon Macie finished processing all the data specified for the
	// job.
	//
	//     * IDLE - For a recurring job, the previous scheduled run is complete
	// and the next scheduled run is pending. This value doesn't apply to jobs that
	// occur only once.
	//
	//     * PAUSED - Amazon Macie started the job, but completion of
	// the job would exceed one or more quotas for your account.
	//
	//     * RUNNING - The
	// job is in progress.
	JobStatus JobStatus
	// The custom name of the job.
	Name *string
	// The S3 buckets that the job is configured to analyze.
	BucketDefinitions []*S3BucketDefinitionForJob
}

type JobType string

const (
	JobTypeOne_time  JobType = "ONE_TIME"
	JobTypeScheduled JobType = "SCHEDULED"
)

type KeyValuePair struct {
	// One part of a key-value pair that comprises a tag. A tag value acts as a
	// descriptor for a tag key. A tag value can be empty or null.
	Value *string
	// One part of a key-value pair that comprises a tag. A tag key is a general label
	// that acts as a category for more specific tag values.
	Key *string
}

type ListJobsFilterCriteria struct {
	// An array of objects, one for each condition that determines which jobs to
	// exclude from the results.
	Excludes []*ListJobsFilterTerm
	// An array of objects, one for each condition that determines which jobs to
	// include in the results.
	Includes []*ListJobsFilterTerm
}

type ListJobsFilterKey string

const (
	ListJobsFilterKeyJobtype   ListJobsFilterKey = "jobType"
	ListJobsFilterKeyJobstatus ListJobsFilterKey = "jobStatus"
	ListJobsFilterKeyCreatedat ListJobsFilterKey = "createdAt"
	ListJobsFilterKeyName      ListJobsFilterKey = "name"
)

type ListJobsFilterTerm struct {
	// The property to use to filter the results.
	Key ListJobsFilterKey
	// The operator to use to filter the results.
	Comparator JobComparator
	// An array that lists one or more values to use to filter the results.
	Values []*string
}

type ListJobsSortAttributeName string

const (
	ListJobsSortAttributeNameCreatedat ListJobsSortAttributeName = "createdAt"
	ListJobsSortAttributeNameJobstatus ListJobsSortAttributeName = "jobStatus"
	ListJobsSortAttributeNameName      ListJobsSortAttributeName = "name"
	ListJobsSortAttributeNameJobtype   ListJobsSortAttributeName = "jobType"
)

type ListJobsSortCriteria struct {
	// The sort order to apply to the results, based on the value for the property
	// specified by the attributeName property. Valid values are: ASC, sort the results
	// in ascending order; and, DESC, sort the results in descending order.
	OrderBy OrderBy
	// The property to sort the results by.
	AttributeName ListJobsSortAttributeName
}

type MacieStatus string

const (
	MacieStatusPaused  MacieStatus = "PAUSED"
	MacieStatusEnabled MacieStatus = "ENABLED"
)

type Member struct {
	// A map of key-value pairs that identifies the tags (keys and values) that are
	// associated with the account in Amazon Macie.
	Tags map[string]*string
	// The current status of the relationship between the account and the master
	// account.
	RelationshipStatus RelationshipStatus
	// The email address for the account.
	Email *string
	// The AWS account ID for the master account.
	MasterAccountId *string
	// The AWS account ID for the account.
	AccountId *string
	// The date and time, in UTC and extended ISO 8601 format, when an Amazon Macie
	// membership invitation was last sent to the account. This value is null if a
	// Macie invitation hasn't been sent to the account.
	InvitedAt *time.Time
	// The date and time, in UTC and extended ISO 8601 format, of the most recent
	// change to the status of the relationship between the account and the master
	// account.
	UpdatedAt *time.Time
	// The Amazon Resource Name (ARN) of the account.
	Arn *string
}

type MonthlySchedule struct {
	// The numeric day of the month when Amazon Macie runs the job. This value can be
	// an integer from 1 through 30.
	DayOfMonth *int32
}

type ObjectCountByEncryptionType struct {
	// The total number of objects that aren't encrypted or use client-side encryption.
	Unencrypted *int64
	// The total number of objects that are encrypted using a customer-managed key. The
	// objects use customer-provided server-side (SSE-C) encryption.
	CustomerManaged *int64
	// The total number of objects that are encrypted using an Amazon S3-managed key.
	// The objects use Amazon S3-managed (SSE-S3) encryption.
	S3Managed *int64
	// The total number of objects that are encrypted using an AWS Key Management
	// Service (AWS KMS) customer master key (CMK). The objects use AWS KMS AWS-managed
	// (AWS-KMS) encryption or AWS KMS customer-managed (SSE-KMS) encryption.
	KmsManaged *int64
}

type OrderBy string

const (
	OrderByAsc  OrderBy = "ASC"
	OrderByDesc OrderBy = "DESC"
)

type PolicyDetails struct {
	// The entity that performed the action that produced the finding.
	Actor *FindingActor
	// The action that produced the finding.
	Action *FindingAction
}

type RelationshipStatus string

const (
	RelationshipStatusEnabled                     RelationshipStatus = "Enabled"
	RelationshipStatusPaused                      RelationshipStatus = "Paused"
	RelationshipStatusInvited                     RelationshipStatus = "Invited"
	RelationshipStatusCreated                     RelationshipStatus = "Created"
	RelationshipStatusRemoved                     RelationshipStatus = "Removed"
	RelationshipStatusResigned                    RelationshipStatus = "Resigned"
	RelationshipStatusEmailverificationinprogress RelationshipStatus = "EmailVerificationInProgress"
	RelationshipStatusEmailverificationfailed     RelationshipStatus = "EmailVerificationFailed"
	RelationshipStatusRegiondisabled              RelationshipStatus = "RegionDisabled"
	RelationshipStatusAccountsuspended            RelationshipStatus = "AccountSuspended"
)

type ReplicationDetails struct {
	// Specifies whether the bucket is configured to replicate one or more objects to
	// any destination.
	Replicated *bool
	// Specifies whether the bucket is configured to replicate one or more objects to
	// an AWS account that isn't part of the Amazon Macie organization.
	ReplicatedExternally *bool
	// An array of AWS account IDs, one for each AWS account that the bucket is
	// configured to replicate one or more objects to.
	ReplicationAccounts []*string
}

type ResourceNotFoundException struct {
	Message *string
}

type ResourcesAffected struct {
	// An array of objects, one for each S3 bucket that the finding applies to. Each
	// object provides a set of metadata about an affected S3 bucket.
	S3Bucket *S3Bucket
	// An array of objects, one for each S3 object that the finding applies to. Each
	// object provides a set of metadata about an affected S3 object.
	S3Object *S3Object
}

type S3Bucket struct {
	// The display name and account identifier for the user who owns the bucket.
	Owner *S3BucketOwner
	// The Amazon Resource Name (ARN) of the bucket.
	Arn *string
	// The date and time, in UTC and extended ISO 8601 format, when the bucket was
	// created.
	CreatedAt *time.Time
	// The permissions settings that determine whether the bucket is publicly
	// accessible.
	PublicAccess *BucketPublicAccess
	// The name of the bucket.
	Name *string
	// The server-side encryption settings for the bucket.
	DefaultServerSideEncryption *ServerSideEncryption
	// The tags that are associated with the bucket.
	Tags []*KeyValuePair
}

type S3BucketDefinitionForJob struct {
	// An array that lists the names of the buckets.
	Buckets []*string
	// The unique identifier for the AWS account that owns one or more of the buckets.
	// If specified, the job analyzes objects in all the buckets that are owned by the
	// account and meet other conditions specified for the job.
	AccountId *string
}

type S3BucketOwner struct {
	// The AWS account ID for the user who owns the bucket.
	Id *string
	// The display name of the user who owns the bucket.
	DisplayName *string
}

type S3Destination struct {
	// The name of the bucket.
	BucketName *string
	// The path prefix to use in the path to the location in the bucket. This prefix
	// specifies where to store classification results in the bucket.
	KeyPrefix *string
	// The Amazon Resource Name (ARN) of the AWS Key Management Service (AWS KMS)
	// customer master key (CMK) to use for encryption of the results. This must be the
	// ARN of an existing CMK that's in the same AWS Region as the bucket.
	KmsKeyArn *string
}

type S3JobDefinition struct {
	// An array of objects, one for each bucket that contains objects to analyze.
	BucketDefinitions []*S3BucketDefinitionForJob
	// The property- and tag-based conditions that determine which objects to include
	// or exclude from the analysis.
	Scoping *Scoping
}

type S3Object struct {
	// The Amazon Resource Name (ARN) of the bucket that contains the object.
	BucketArn *string
	// The file extension of the object. If the object doesn't have a file extension,
	// this value is "".
	Extension *string
	// The identifier for the affected version of the object.
	VersionId *string
	// The entity tag (ETag) that identifies the affected version of the object. If the
	// object was overwritten or changed after Amazon Macie produced the finding, this
	// value might be different from the current ETag for the object.
	ETag *string
	// The path to the object, including the full key (name).
	Path *string
	// The total storage size, in bytes, of the object.
	Size *int64
	// Specifies whether the object is publicly accessible due to the combination of
	// permissions settings that apply to the object.
	PublicAccess *bool
	// The storage class of the object.
	StorageClass StorageClass
	// The date and time, in UTC and extended ISO 8601 format, when the object was last
	// modified.
	LastModified *time.Time
	// The server-side encryption settings for the object.
	ServerSideEncryption *ServerSideEncryption
	// The tags that are associated with the object.
	Tags []*KeyValuePair
	// The full key (name) that's assigned to the object.
	Key *string
}

type ScopeFilterKey string

const (
	ScopeFilterKeyBucket_creation_date      ScopeFilterKey = "BUCKET_CREATION_DATE"
	ScopeFilterKeyObject_extension          ScopeFilterKey = "OBJECT_EXTENSION"
	ScopeFilterKeyObject_last_modified_date ScopeFilterKey = "OBJECT_LAST_MODIFIED_DATE"
	ScopeFilterKeyObject_size               ScopeFilterKey = "OBJECT_SIZE"
	ScopeFilterKeyTag                       ScopeFilterKey = "TAG"
)

type Scoping struct {
	// The property- or tag-based conditions that determine which objects to exclude
	// from the analysis.
	Excludes *JobScopingBlock
	// The property- or tag-based conditions that determine which objects to include in
	// the analysis.
	Includes *JobScopingBlock
}

type SensitiveDataItem struct {
	// The total number of occurrences of the sensitive data that was detected.
	TotalCount *int64
	// The category of sensitive data that was detected. For example:
	// FINANCIAL_INFORMATION, for financial information such as credit card numbers;
	// PERSONAL_INFORMATION, for personally identifiable information such as full names
	// and mailing addresses; or, CUSTOM_IDENTIFIER, for data that was detected by a
	// custom data identifier.
	Category SensitiveDataItemCategory
	// An array of objects, one for each type of sensitive data that was detected. Each
	// object reports the number of occurrences of a specific type of sensitive data
	// that was detected.
	Detections []*DefaultDetection
}

type SensitiveDataItemCategory string

const (
	SensitiveDataItemCategoryFinancial_information SensitiveDataItemCategory = "FINANCIAL_INFORMATION"
	SensitiveDataItemCategoryPersonal_information  SensitiveDataItemCategory = "PERSONAL_INFORMATION"
	SensitiveDataItemCategoryCredentials           SensitiveDataItemCategory = "CREDENTIALS"
	SensitiveDataItemCategoryCustom_identifier     SensitiveDataItemCategory = "CUSTOM_IDENTIFIER"
)

type ServerSideEncryption struct {
	// The server-side encryption algorithm that's used when storing data in the bucket
	// or object. If encryption is disabled for the bucket or object, this value is
	// NONE.
	EncryptionType EncryptionType
	// The Amazon Resource Name (ARN) of the AWS Key Management Service (AWS KMS)
	// master key that's used to encrypt the bucket or object. This value is null if
	// KMS isn't used to encrypt the bucket or object.
	KmsMasterKeyId *string
}

type ServiceLimit struct {
	// Specifies whether the account has met the quota that corresponds to the metric
	// specified by the UsageByAccount.type field in the response.
	IsServiceLimited *bool
	// The unit of measurement for the value specified by the value field.
	Unit Unit
	// The value for the metric specified by the UsageByAccount.type field in the
	// response.
	Value *int64
}

type ServiceQuotaExceededException struct {
	Message *string
}

type SessionContext struct {
	// The date and time when the credentials were issued, and whether the credentials
	// were authenticated with a multi-factor authentication (MFA) device.
	Attributes *SessionContextAttributes
	// The source and type of credentials that were issued to the entity.
	SessionIssuer *SessionIssuer
}

type SessionContextAttributes struct {
	// Specifies whether the credentials were authenticated with a multi-factor
	// authentication (MFA) device.
	MfaAuthenticated *bool
	// The date and time, in UTC and ISO 8601 format, when the credentials were issued.
	CreationDate *time.Time
}

type SessionIssuer struct {
	// The unique identifier for the AWS account that owns the entity that was used to
	// get the credentials.
	AccountId *string
	// The source of the temporary security credentials, such as Root, IAMUser, or
	// Role.
	Type *string
	// The name or alias of the user or role that issued the session. This value is
	// null if the credentials were obtained from a root account that doesn't have an
	// alias.
	UserName *string
	// The Amazon Resource Name (ARN) of the source account, IAM user, or role that was
	// used to get the credentials.
	Arn *string
	// The unique identifier for the entity that was used to get the credentials.
	PrincipalId *string
}

type Severity struct {
	// The textual representation of the severity value, such as Low or High.
	Description SeverityDescription
	// The numeric score for the severity value, ranging from 0 (least severe) to 4
	// (most severe).
	Score *int64
}

type SeverityDescription string

const (
	SeverityDescriptionLow    SeverityDescription = "Low"
	SeverityDescriptionMedium SeverityDescription = "Medium"
	SeverityDescriptionHigh   SeverityDescription = "High"
)

type SharedAccess string

const (
	SharedAccessExternal   SharedAccess = "EXTERNAL"
	SharedAccessInternal   SharedAccess = "INTERNAL"
	SharedAccessNot_shared SharedAccess = "NOT_SHARED"
)

type SimpleScopeTerm struct {
	// The operator to use in the condition.
	Comparator JobComparator
	// An array that lists one or more values to use in the condition.
	Values []*string
	// The property to use in the condition.
	Key ScopeFilterKey
}

type SortCriteria struct {
	// The name of the property to sort the results by. This value can be the name of
	// any property that Amazon Macie defines for a finding.
	AttributeName *string
	// The sort order to apply to the results, based on the value for the property
	// specified by the attributeName property. Valid values are: ASC, sort the results
	// in ascending order; and, DESC, sort the results in descending order.
	OrderBy OrderBy
}

type Statistics struct {
	// The approximate number of objects that the job has yet to process during its
	// current run.
	ApproximateNumberOfObjectsToProcess *float64
	// The number of times that the job has run.
	NumberOfRuns *float64
}

type StorageClass string

const (
	StorageClassStandard            StorageClass = "STANDARD"
	StorageClassReduced_redundancy  StorageClass = "REDUCED_REDUNDANCY"
	StorageClassStandard_ia         StorageClass = "STANDARD_IA"
	StorageClassIntelligent_tiering StorageClass = "INTELLIGENT_TIERING"
	StorageClassDeep_archive        StorageClass = "DEEP_ARCHIVE"
	StorageClassOnezone_ia          StorageClass = "ONEZONE_IA"
	StorageClassGlacier             StorageClass = "GLACIER"
)

type TagScopeTerm struct {
	// The tag key and value pairs to use in the condition.
	TagValues []*TagValuePair
	// The tag key to use in the condition.
	Key *string
	// The type of object to apply the condition to.
	Target TagTarget
	// The operator to use in the condition.
	Comparator JobComparator
}

type TagTarget string

const (
	TagTargetS3_object TagTarget = "S3_OBJECT"
)

type TagValuePair struct {
	// The tag value, associated with the specified tag key, to use in the condition.
	Value *string
	// The value for the tag key to use in the condition.
	Key *string
}

type ThrottlingException struct {
	Message *string
}

type Unit string

const (
	UnitTerabytes Unit = "TERABYTES"
)

type UnprocessedAccount struct {
	// The AWS account ID for the account that the request applies to.
	AccountId *string
	// The reason why the request hasn't been processed.
	ErrorMessage *string
	// The source of the issue or delay in processing the request.
	ErrorCode ErrorCode
}

type UsageByAccount struct {
	// The estimated value for the metric.
	EstimatedCost *string
	// The type of currency that the value for the metric (estimatedCost) is reported
	// in.
	Currency Currency
	// The current value for the quota that corresponds to the metric specified by the
	// type field.
	ServiceLimit *ServiceLimit
	// The name of the metric. Possible values are: DATA_INVENTORY_EVALUATION, for
	// monitoring S3 buckets; and, SENSITIVE_DATA_DISCOVERY, for analyzing sensitive
	// data.
	Type UsageType
}

type UsageRecord struct {
	// The date and time, in UTC and extended ISO 8601 format, when the free trial
	// started for the account.
	FreeTrialStartDate *time.Time
	// The unique identifier for the AWS account that the data applies to.
	AccountId *string
	// An array of objects that contains usage data and quotas for the account. Each
	// object contains the data for a specific usage metric and the corresponding
	// quota.
	Usage []*UsageByAccount
}

type UsageStatisticsFilter struct {
	// An array that lists values to use in the condition, based on the value for the
	// field specified by the key property. If the value for the key property is
	// accountId, this array can specify multiple values. Otherwise, this array can
	// specify only one value. Valid values for each supported field are:
	//
	//     *
	// accountId - The unique identifier for an AWS account.
	//
	//     * freeTrialStartDate
	// - The date and time, in UTC and extended ISO 8601 format, when the free trial
	// started for an account.
	//
	//     * serviceLimit - A Boolean (true or false) value
	// that indicates whether an account has reached its monthly quota.
	//
	//     * total -
	// A string that represents the current, estimated month-to-date cost for an
	// account.
	Values []*string
	// The field to use in the condition.
	Key UsageStatisticsFilterKey
	// The operator to use in the condition. If the value for the key property is
	// accountId, this value must be CONTAINS. If the value for the key property is any
	// other supported field, this value can be EQ, GT, GTE, LT, LTE, or NE.
	Comparator UsageStatisticsFilterComparator
}

type UsageStatisticsFilterComparator string

const (
	UsageStatisticsFilterComparatorGt       UsageStatisticsFilterComparator = "GT"
	UsageStatisticsFilterComparatorGte      UsageStatisticsFilterComparator = "GTE"
	UsageStatisticsFilterComparatorLt       UsageStatisticsFilterComparator = "LT"
	UsageStatisticsFilterComparatorLte      UsageStatisticsFilterComparator = "LTE"
	UsageStatisticsFilterComparatorEq       UsageStatisticsFilterComparator = "EQ"
	UsageStatisticsFilterComparatorNe       UsageStatisticsFilterComparator = "NE"
	UsageStatisticsFilterComparatorContains UsageStatisticsFilterComparator = "CONTAINS"
)

type UsageStatisticsFilterKey string

const (
	UsageStatisticsFilterKeyAccountid          UsageStatisticsFilterKey = "accountId"
	UsageStatisticsFilterKeyServicelimit       UsageStatisticsFilterKey = "serviceLimit"
	UsageStatisticsFilterKeyFreetrialstartdate UsageStatisticsFilterKey = "freeTrialStartDate"
	UsageStatisticsFilterKeyTotal              UsageStatisticsFilterKey = "total"
)

type UsageStatisticsSortBy struct {
	// The field to sort the results by.
	Key UsageStatisticsSortKey
	// The sort order to apply to the results, based on the value for the field
	// specified by the key property. Valid values are: ASC, sort the results in
	// ascending order; and, DESC, sort the results in descending order.
	OrderBy OrderBy
}

type UsageStatisticsSortKey string

const (
	UsageStatisticsSortKeyAccountid          UsageStatisticsSortKey = "accountId"
	UsageStatisticsSortKeyTotal              UsageStatisticsSortKey = "total"
	UsageStatisticsSortKeyServicelimitvalue  UsageStatisticsSortKey = "serviceLimitValue"
	UsageStatisticsSortKeyFreetrialstartdate UsageStatisticsSortKey = "freeTrialStartDate"
)

type UsageTotal struct {
	// The type of currency that the value for the metric (estimatedCost) is reported
	// in.
	Currency Currency
	// The estimated value for the metric.
	EstimatedCost *string
	// The name of the metric. Possible values are: DATA_INVENTORY_EVALUATION, for
	// monitoring S3 buckets; and, SENSITIVE_DATA_DISCOVERY, for analyzing sensitive
	// data.
	Type UsageType
}

type UsageType string

const (
	UsageTypeData_inventory_evaluation UsageType = "DATA_INVENTORY_EVALUATION"
	UsageTypeSensitive_data_discovery  UsageType = "SENSITIVE_DATA_DISCOVERY"
)

type UserIdentity struct {
	// If the action was performed with temporary security credentials that were
	// obtained using the AssumeRole operation of the AWS Security Token Service (AWS
	// STS) API, the identifiers, session context, and other details about the
	// identity.
	AssumedRole *AssumedRole
	// If the action was performed using the credentials for another AWS account, the
	// details of that account.
	AwsAccount *AwsAccount
	// The type of entity that performed the action.
	Type UserIdentityType
	// If the action was performed by an AWS account that belongs to an AWS service,
	// the name of the service.
	AwsService *AwsService
	// If the action was performed using the credentials for an AWS Identity and Access
	// Management (IAM) user, the name and other details about the user.
	IamUser *IamUser
	// If the action was performed with temporary security credentials that were
	// obtained using the GetFederationToken operation of the AWS Security Token
	// Service (AWS STS) API, the identifiers, session context, and other details about
	// the identity.
	FederatedUser *FederatedUser
	// If the action was performed using the credentials for your AWS account, the
	// details of your account.
	Root *UserIdentityRoot
}

type UserIdentityRoot struct {
	// The unique identifier for the entity that performed the action.
	PrincipalId *string
	// The Amazon Resource Name (ARN) of the principal that performed the action. The
	// last section of the ARN contains the name of the user or role that performed the
	// action.
	Arn *string
	// The unique identifier for the AWS account.
	AccountId *string
}

type UserIdentityType string

const (
	UserIdentityTypeAssumedrole   UserIdentityType = "AssumedRole"
	UserIdentityTypeIamuser       UserIdentityType = "IAMUser"
	UserIdentityTypeFederateduser UserIdentityType = "FederatedUser"
	UserIdentityTypeRoot          UserIdentityType = "Root"
	UserIdentityTypeAwsaccount    UserIdentityType = "AWSAccount"
	UserIdentityTypeAwsservice    UserIdentityType = "AWSService"
)

type ValidationException struct {
	Message *string
}

type WeeklySchedule struct {
	// The day of the week when Amazon Macie runs the job.
	DayOfWeek DayOfWeek
}