aws-sdk-iam 1.51.0 → 1.56.0

data/lib/aws-sdk-iam/client_api.rb

@@ -2739,6 +2739,7 @@ module Aws::IAM
         o.http_request_uri = "/"
         o.input = Shapes::ShapeRef.new(shape: GetAccessKeyLastUsedRequest)
         o.output = Shapes::ShapeRef.new(shape: GetAccessKeyLastUsedResponse)
+        o.errors << Shapes::ShapeRef.new(shape: NoSuchEntityException)
       end)
 
       api.add_operation(:get_account_authorization_details, Seahorse::Model::Operation.new.tap do |o|
@@ -3456,6 +3457,13 @@ module Aws::IAM
         o.output = Shapes::ShapeRef.new(shape: ListUserTagsResponse)
         o.errors << Shapes::ShapeRef.new(shape: NoSuchEntityException)
         o.errors << Shapes::ShapeRef.new(shape: ServiceFailureException)
+        o[:pager] = Aws::Pager.new(
+          more_results: "is_truncated",
+          limit_key: "max_items",
+          tokens: {
+            "marker" => "marker"
+          }
+        )
       end)
 
       api.add_operation(:list_users, Seahorse::Model::Operation.new.tap do |o|

data/lib/aws-sdk-iam/current_user.rb

@@ -80,12 +80,13 @@ module Aws::IAM
     end
 
     # The date and time, in [ISO 8601 date-time format][1], when the user's
-    # password was last used to sign in to an AWS website. For a list of AWS
-    # websites that capture a user's last sign-in time, see the [Credential
-    # reports][2] topic in the *IAM User Guide*. If a password is used more
-    # than once in a five-minute span, only the first use is returned in
-    # this field. If the field is null (no value), then it indicates that
-    # they never signed in with a password. This can be because:
+    # password was last used to sign in to an Amazon Web Services website.
+    # For a list of Amazon Web Services websites that capture a user's last
+    # sign-in time, see the [Credential reports][2] topic in the *IAM User
+    # Guide*. If a password is used more than once in a five-minute span,
+    # only the first use is returned in this field. If the field is null (no
+    # value), then it indicates that they never signed in with a password.
+    # This can be because:
     #
     # * The user never had a password.
     #

data/lib/aws-sdk-iam/group.rb

@@ -249,7 +249,7 @@ module Aws::IAM
     #   The Amazon Resource Name (ARN) of the IAM policy you want to attach.
     #
     #   For more information about ARNs, see [Amazon Resource Names (ARNs)][1]
-    #   in the *AWS General Reference*.
+    #   in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -317,10 +317,10 @@ module Aws::IAM
     # @option options [required, String] :policy_document
     #   The policy document.
     #
-    #   You must provide policies in JSON format in IAM. However, for AWS
+    #   You must provide policies in JSON format in IAM. However, for
     #   CloudFormation templates formatted in YAML, you can provide the policy
-    #   in JSON or YAML format. AWS CloudFormation always converts a YAML
-    #   policy to JSON format before submitting it to IAM.
+    #   in JSON or YAML format. CloudFormation always converts a YAML policy
+    #   to JSON format before submitting it to = IAM.
     #
     #   The [regex pattern][1] used to validate this parameter is a string of
     #   characters consisting of the following:
@@ -369,7 +369,7 @@ module Aws::IAM
     #   The Amazon Resource Name (ARN) of the IAM policy you want to detach.
     #
     #   For more information about ARNs, see [Amazon Resource Names (ARNs)][1]
-    #   in the *AWS General Reference*.
+    #   in the *Amazon Web Services General Reference*.
     #
     #
     #

data/lib/aws-sdk-iam/group_policy.rb

@@ -46,8 +46,8 @@ module Aws::IAM
     # The policy document.
     #
     # IAM stores policies in JSON format. However, resources that were
-    # created using AWS CloudFormation templates can be formatted in YAML.
-    # AWS CloudFormation always converts a YAML policy to JSON format before
+    # created using CloudFormation templates can be formatted in YAML.
+    # CloudFormation always converts a YAML policy to JSON format before
     # submitting it to IAM.
     # @return [String]
     def policy_document
@@ -214,10 +214,10 @@ module Aws::IAM
     # @option options [required, String] :policy_document
     #   The policy document.
     #
-    #   You must provide policies in JSON format in IAM. However, for AWS
+    #   You must provide policies in JSON format in IAM. However, for
     #   CloudFormation templates formatted in YAML, you can provide the policy
-    #   in JSON or YAML format. AWS CloudFormation always converts a YAML
-    #   policy to JSON format before submitting it to IAM.
+    #   in JSON or YAML format. CloudFormation always converts a YAML policy
+    #   to JSON format before submitting it to = IAM.
     #
     #   The [regex pattern][1] used to validate this parameter is a string of
     #   characters consisting of the following:

data/lib/aws-sdk-iam/login_profile.rb

@@ -197,8 +197,8 @@ module Aws::IAM
     #   character range (`\u00FF`). You can also include the tab (`\u0009`),
     #   line feed (`\u000A`), and carriage return (`\u000D`) characters. Any
     #   of these characters are valid in a password. However, many tools, such
-    #   as the AWS Management Console, might restrict the ability to type
-    #   certain characters because they have special meaning within that tool.
+    #   as the Management Console, might restrict the ability to type certain
+    #   characters because they have special meaning within that tool.
     #
     #
     #
@@ -251,8 +251,8 @@ module Aws::IAM
     #     carriage return (`\u000D`)
     #
     #   However, the format can be further restricted by the account
-    #   administrator by setting a password policy on the AWS account. For
-    #   more information, see UpdateAccountPasswordPolicy.
+    #   administrator by setting a password policy on the account. For more
+    #   information, see UpdateAccountPasswordPolicy.
     #
     #
     #

data/lib/aws-sdk-iam/policy.rb

@@ -368,12 +368,17 @@ module Aws::IAM
     #   The JSON policy document that you want to use as the content for this
     #   new version of the policy.
     #
-    #   You must provide policies in JSON format in IAM. However, for AWS
+    #   You must provide policies in JSON format in IAM. However, for
     #   CloudFormation templates formatted in YAML, you can provide the policy
-    #   in JSON or YAML format. AWS CloudFormation always converts a YAML
-    #   policy to JSON format before submitting it to IAM.
+    #   in JSON or YAML format. CloudFormation always converts a YAML policy
+    #   to JSON format before submitting it to IAM.
     #
-    #   The [regex pattern][1] used to validate this parameter is a string of
+    #   The maximum length of the policy document that you can pass in this
+    #   operation, including whitespace, is listed below. To view the maximum
+    #   character counts of a managed policy with no whitespaces, see [IAM and
+    #   STS character quotas][1].
+    #
+    #   The [regex pattern][2] used to validate this parameter is a string of
     #   characters consisting of the following:
     #
     #   * Any printable ASCII character ranging from the space character
@@ -387,7 +392,8 @@ module Aws::IAM
     #
     #
     #
-    #   [1]: http://wikipedia.org/wiki/regex
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length
+    #   [2]: http://wikipedia.org/wiki/regex
     # @option options [Boolean] :set_as_default
     #   Specifies whether to set this version as the policy's default
     #   version.

data/lib/aws-sdk-iam/resource.rb

@@ -45,7 +45,7 @@ module Aws::IAM
     # @option options [required, String] :old_password
     #   The IAM user's current password.
     # @option options [required, String] :new_password
-    #   The new password. The new password must conform to the AWS account's
+    #   The new password. The new password must conform to the account's
     #   password policy, if one exists.
     #
     #   The [regex pattern][1] that is used to validate this parameter is a
@@ -54,8 +54,8 @@ module Aws::IAM
     #   character range (`\u00FF`). You can also include the tab (`\u0009`),
     #   line feed (`\u000A`), and carriage return (`\u000D`) characters. Any
     #   of these characters are valid in a password. However, many tools, such
-    #   as the AWS Management Console, might restrict the ability to type
-    #   certain characters because they have special meaning within that tool.
+    #   as the Management Console, might restrict the ability to type certain
+    #   characters because they have special meaning within that tool.
     #
     #
     #
@@ -139,8 +139,8 @@ module Aws::IAM
     #   uses the default value of `false`. The result is that passwords do not
     #   require at least one lowercase character.
     # @option options [Boolean] :allow_users_to_change_password
-    #   Allows all IAM users in your account to use the AWS Management Console
-    #   to change their own passwords. For more information, see [Letting IAM
+    #   Allows all IAM users in your account to use the Management Console to
+    #   change their own passwords. For more information, see [Letting IAM
     #   users change their own passwords][1] in the *IAM User Guide*.
     #
     #   If you do not specify a value for this parameter, then the operation
@@ -333,12 +333,20 @@ module Aws::IAM
     #   The JSON policy document that you want to use as the content for the
     #   new policy.
     #
-    #   You must provide policies in JSON format in IAM. However, for AWS
+    #   You must provide policies in JSON format in IAM. However, for
     #   CloudFormation templates formatted in YAML, you can provide the policy
-    #   in JSON or YAML format. AWS CloudFormation always converts a YAML
-    #   policy to JSON format before submitting it to IAM.
+    #   in JSON or YAML format. CloudFormation always converts a YAML policy
+    #   to JSON format before submitting it to IAM.
     #
-    #   The [regex pattern][1] used to validate this parameter is a string of
+    #   The maximum length of the policy document that you can pass in this
+    #   operation, including whitespace, is listed below. To view the maximum
+    #   character counts of a managed policy with no whitespaces, see [IAM and
+    #   STS character quotas][1].
+    #
+    #   To learn more about JSON policy grammar, see [Grammar of the IAM JSON
+    #   policy language][2] in the *IAM User Guide*.
+    #
+    #   The [regex pattern][3] used to validate this parameter is a string of
     #   characters consisting of the following:
     #
     #   * Any printable ASCII character ranging from the space character
@@ -352,7 +360,9 @@ module Aws::IAM
     #
     #
     #
-    #   [1]: http://wikipedia.org/wiki/regex
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length
+    #   [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html
+    #   [3]: http://wikipedia.org/wiki/regex
     # @option options [String] :description
     #   A friendly description of the policy.
     #
@@ -432,10 +442,9 @@ module Aws::IAM
     #   permission to assume the role.
     #
     #   In IAM, you must provide a JSON policy that has been converted to a
-    #   string. However, for AWS CloudFormation templates formatted in YAML,
-    #   you can provide the policy in JSON or YAML format. AWS CloudFormation
-    #   always converts a YAML policy to JSON format before submitting it to
-    #   IAM.
+    #   string. However, for CloudFormation templates formatted in YAML, you
+    #   can provide the policy in JSON or YAML format. CloudFormation always
+    #   converts a YAML policy to JSON format before submitting it to IAM.
     #
     #   The [regex pattern][1] used to validate this parameter is a string of
     #   characters consisting of the following:
@@ -463,7 +472,7 @@ module Aws::IAM
     #   default maximum of one hour is applied. This setting can have a value
     #   from 1 hour to 12 hours.
     #
-    #   Anyone who assumes the role from the AWS CLI or API can use the
+    #   Anyone who assumes the role from the or API can use the
     #   `DurationSeconds` API parameter or the `duration-seconds` CLI
     #   parameter to request a longer session. The `MaxSessionDuration`
     #   setting determines the maximum duration that can be requested using
@@ -1005,9 +1014,9 @@ module Aws::IAM
     # @option options [String] :scope
     #   The scope to use for filtering the results.
     #
-    #   To list only AWS managed policies, set `Scope` to `AWS`. To list only
-    #   the customer managed policies in your AWS account, set `Scope` to
-    #   `Local`.
+    #   To list only Amazon Web Services managed policies, set `Scope` to
+    #   `AWS`. To list only the customer managed policies in your account, set
+    #   `Scope` to `Local`.
     #
     #   This parameter is optional. If it is not included, or if it is set to
     #   `All`, all policies are returned.

data/lib/aws-sdk-iam/role.rb

@@ -94,7 +94,7 @@ module Aws::IAM
     end
 
     # The maximum session duration (in seconds) for the specified role.
-    # Anyone who uses the AWS CLI, or API to assume the role can specify the
+    # Anyone who uses the CLI, or API to assume the role can specify the
     # duration using the optional `DurationSeconds` API parameter or
     # `duration-seconds` CLI parameter.
     # @return [Integer]
@@ -287,7 +287,7 @@ module Aws::IAM
     #   The Amazon Resource Name (ARN) of the IAM policy you want to attach.
     #
     #   For more information about ARNs, see [Amazon Resource Names (ARNs)][1]
-    #   in the *AWS General Reference*.
+    #   in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -320,7 +320,7 @@ module Aws::IAM
     #   The Amazon Resource Name (ARN) of the IAM policy you want to detach.
     #
     #   For more information about ARNs, see [Amazon Resource Names (ARNs)][1]
-    #   in the *AWS General Reference*.
+    #   in the *Amazon Web Services General Reference*.
     #
     #
     #

data/lib/aws-sdk-iam/role_policy.rb

@@ -46,8 +46,8 @@ module Aws::IAM
     # The policy document.
     #
     # IAM stores policies in JSON format. However, resources that were
-    # created using AWS CloudFormation templates can be formatted in YAML.
-    # AWS CloudFormation always converts a YAML policy to JSON format before
+    # created using CloudFormation templates can be formatted in YAML.
+    # CloudFormation always converts a YAML policy to JSON format before
     # submitting it to IAM.
     # @return [String]
     def policy_document
@@ -214,10 +214,10 @@ module Aws::IAM
     # @option options [required, String] :policy_document
     #   The policy document.
     #
-    #   You must provide policies in JSON format in IAM. However, for AWS
+    #   You must provide policies in JSON format in IAM. However, for
     #   CloudFormation templates formatted in YAML, you can provide the policy
-    #   in JSON or YAML format. AWS CloudFormation always converts a YAML
-    #   policy to JSON format before submitting it to IAM.
+    #   in JSON or YAML format. CloudFormation always converts a YAML policy
+    #   to JSON format before submitting it to IAM.
     #
     #   The [regex pattern][1] used to validate this parameter is a string of
     #   characters consisting of the following:

data/lib/aws-sdk-iam/types.rb

@@ -11,9 +11,10 @@ module Aws::IAM
   module Types
 
     # An object that contains details about when a principal in the reported
-    # AWS Organizations entity last attempted to access an AWS service. A
-    # principal can be an IAM user, an IAM role, or the AWS account root
-    # user within the reported Organizations entity.
+    # Organizations entity last attempted to access an Amazon Web Services
+    # service. A principal can be an IAM user, an IAM role, or the Amazon
+    # Web Services account root user within the reported Organizations
+    # entity.
     #
     # This data type is a response element in the
     # GetOrganizationsAccessReport operation.
@@ -26,12 +27,13 @@ module Aws::IAM
     #   The namespace of the service in which access was attempted.
     #
     #   To learn the service namespace of a service, see [Actions,
-    #   resources, and condition keys for AWS services][1] in the *Service
-    #   Authorization Reference*. Choose the name of the service to view
-    #   details for that service. In the first paragraph, find the service
-    #   prefix. For example, `(service prefix: a4b)`. For more information
-    #   about service namespaces, see [AWS service namespaces][2] in
-    #   the *AWS General Reference*.
+    #   resources, and condition keys for Amazon Web Services services][1]
+    #   in the *Service Authorization Reference*. Choose the name of the
+    #   service to view details for that service. In the first paragraph,
+    #   find the service prefix. For example, `(service prefix: a4b)`. For
+    #   more information about service namespaces, see [Amazon Web Services
+    #   service namespaces][2] in the *Amazon Web Services General
+    #   Reference*.
     #
     #
     #
@@ -54,7 +56,8 @@ module Aws::IAM
     # @!attribute [rw] entity_path
     #   The path of the Organizations entity (root, organizational unit, or
     #   account) from which an authenticated principal last attempted to
-    #   access the service. AWS does not report unauthenticated requests.
+    #   access the service. Amazon Web Services does not report
+    #   unauthenticated requests.
     #
     #   This field is null if no principals (IAM users, IAM roles, or root
     #   users) in the reported Organizations entity attempted to access the
@@ -68,7 +71,8 @@ module Aws::IAM
     # @!attribute [rw] last_authenticated_time
     #   The date and time, in [ISO 8601 date-time format][1], when an
     #   authenticated principal most recently attempted to access the
-    #   service. AWS does not report unauthenticated requests.
+    #   service. Amazon Web Services does not report unauthenticated
+    #   requests.
     #
     #   This field is null if no principals in the reported Organizations
     #   entity attempted to access the service within the [reporting
@@ -99,7 +103,7 @@ module Aws::IAM
       include Aws::Structure
     end
 
-    # Contains information about an AWS access key.
+    # Contains information about an Amazon Web Services access key.
     #
     # This data type is used as a response element in the CreateAccessKey
     # and ListAccessKeys operations.
@@ -144,8 +148,9 @@ module Aws::IAM
       include Aws::Structure
     end
 
-    # Contains information about the last time an AWS access key was used
-    # since IAM began tracking this information on April 22, 2015.
+    # Contains information about the last time an Amazon Web Services access
+    # key was used since IAM began tracking this information on April 22,
+    # 2015.
     #
     # This data type is used as a response element in the
     # GetAccessKeyLastUsed operation.
@@ -168,9 +173,9 @@ module Aws::IAM
     #   @return [Time]
     #
     # @!attribute [rw] service_name
-    #   The name of the AWS service with which this access key was most
-    #   recently used. The value of this field is "N/A" in the following
-    #   situations:
+    #   The name of the Amazon Web Services service with which this access
+    #   key was most recently used. The value of this field is "N/A" in
+    #   the following situations:
     #
     #   * The user does not have an access key.
     #
@@ -181,8 +186,8 @@ module Aws::IAM
     #   @return [String]
     #
     # @!attribute [rw] region
-    #   The AWS Region where this access key was most recently used. The
-    #   value for this field is "N/A" in the following situations:
+    #   The Region where this access key was most recently used. The value
+    #   for this field is "N/A" in the following situations:
     #
     #   * The user does not have an access key.
     #
@@ -191,8 +196,8 @@ module Aws::IAM
     #
     #   * There is no sign-in data associated with the user.
     #
-    #   For more information about AWS Regions, see [Regions and
-    #   endpoints][1] in the Amazon Web Services General Reference.
+    #   For more information about Regions, see [Regions and endpoints][1]
+    #   in the Amazon Web Services General Reference.
     #
     #
     #
@@ -209,7 +214,8 @@ module Aws::IAM
       include Aws::Structure
     end
 
-    # Contains information about an AWS access key, without its secret key.
+    # Contains information about an Amazon Web Services access key, without
+    # its secret key.
     #
     # This data type is used as a response element in the ListAccessKeys
     # operation.
@@ -383,7 +389,7 @@ module Aws::IAM
     #   The Amazon Resource Name (ARN) of the IAM policy you want to attach.
     #
     #   For more information about ARNs, see [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -425,7 +431,7 @@ module Aws::IAM
     #   The Amazon Resource Name (ARN) of the IAM policy you want to attach.
     #
     #   For more information about ARNs, see [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -467,7 +473,7 @@ module Aws::IAM
     #   The Amazon Resource Name (ARN) of the IAM policy you want to attach.
     #
     #   For more information about ARNs, see [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -535,11 +541,11 @@ module Aws::IAM
     #   @return [String]
     #
     # @!attribute [rw] policy_arn
-    #   The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS
-    #   resources.
+    #   The Amazon Resource Name (ARN). ARNs are unique identifiers for
+    #   Amazon Web Services resources.
     #
     #   For more information about ARNs, go to [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -568,8 +574,8 @@ module Aws::IAM
     #   @return [String]
     #
     # @!attribute [rw] new_password
-    #   The new password. The new password must conform to the AWS
-    #   account's password policy, if one exists.
+    #   The new password. The new password must conform to the account's
+    #   password policy, if one exists.
     #
     #   The [regex pattern][1] that is used to validate this parameter is a
     #   string of characters. That string can include almost any printable
@@ -577,9 +583,9 @@ module Aws::IAM
     #   ASCII character range (`\u00FF`). You can also include the tab
     #   (`\u0009`), line feed (`\u000A`), and carriage return (`\u000D`)
     #   characters. Any of these characters are valid in a password.
-    #   However, many tools, such as the AWS Management Console, might
-    #   restrict the ability to type certain characters because they have
-    #   special meaning within that tool.
+    #   However, many tools, such as the Management Console, might restrict
+    #   the ability to type certain characters because they have special
+    #   meaning within that tool.
     #
     #
     #
@@ -905,9 +911,9 @@ module Aws::IAM
     #   ASCII character range (`\u00FF`). You can also include the tab
     #   (`\u0009`), line feed (`\u000A`), and carriage return (`\u000D`)
     #   characters. Any of these characters are valid in a password.
-    #   However, many tools, such as the AWS Management Console, might
-    #   restrict the ability to type certain characters because they have
-    #   special meaning within that tool.
+    #   However, many tools, such as the Management Console, might restrict
+    #   the ability to type certain characters because they have special
+    #   meaning within that tool.
     #
     #
     #
@@ -966,10 +972,9 @@ module Aws::IAM
     #   only a hostname, like `https://server.example.org` or
     #   `https://example.com`.
     #
-    #   You cannot register the same provider multiple times in a single AWS
+    #   You cannot register the same provider multiple times in a single
     #   account. If you try to submit a URL that has already been used for
-    #   an OpenID Connect provider in the AWS account, you will get an
-    #   error.
+    #   an OpenID Connect provider in the account, you will get an error.
     #   @return [String]
     #
     # @!attribute [rw] client_id_list
@@ -1124,12 +1129,20 @@ module Aws::IAM
     #   The JSON policy document that you want to use as the content for the
     #   new policy.
     #
-    #   You must provide policies in JSON format in IAM. However, for AWS
+    #   You must provide policies in JSON format in IAM. However, for
     #   CloudFormation templates formatted in YAML, you can provide the
-    #   policy in JSON or YAML format. AWS CloudFormation always converts a
-    #   YAML policy to JSON format before submitting it to IAM.
+    #   policy in JSON or YAML format. CloudFormation always converts a YAML
+    #   policy to JSON format before submitting it to IAM.
     #
-    #   The [regex pattern][1] used to validate this parameter is a string
+    #   The maximum length of the policy document that you can pass in this
+    #   operation, including whitespace, is listed below. To view the
+    #   maximum character counts of a managed policy with no whitespaces,
+    #   see [IAM and STS character quotas][1].
+    #
+    #   To learn more about JSON policy grammar, see [Grammar of the IAM
+    #   JSON policy language][2] in the *IAM User Guide*.
+    #
+    #   The [regex pattern][3] used to validate this parameter is a string
     #   of characters consisting of the following:
     #
     #   * Any printable ASCII character ranging from the space character
@@ -1143,7 +1156,9 @@ module Aws::IAM
     #
     #
     #
-    #   [1]: http://wikipedia.org/wiki/regex
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length
+    #   [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html
+    #   [3]: http://wikipedia.org/wiki/regex
     #   @return [String]
     #
     # @!attribute [rw] description
@@ -1214,7 +1229,7 @@ module Aws::IAM
     #   to add a new version.
     #
     #   For more information about ARNs, see [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -1225,12 +1240,17 @@ module Aws::IAM
     #   The JSON policy document that you want to use as the content for
     #   this new version of the policy.
     #
-    #   You must provide policies in JSON format in IAM. However, for AWS
+    #   You must provide policies in JSON format in IAM. However, for
     #   CloudFormation templates formatted in YAML, you can provide the
-    #   policy in JSON or YAML format. AWS CloudFormation always converts a
-    #   YAML policy to JSON format before submitting it to IAM.
+    #   policy in JSON or YAML format. CloudFormation always converts a YAML
+    #   policy to JSON format before submitting it to IAM.
     #
-    #   The [regex pattern][1] used to validate this parameter is a string
+    #   The maximum length of the policy document that you can pass in this
+    #   operation, including whitespace, is listed below. To view the
+    #   maximum character counts of a managed policy with no whitespaces,
+    #   see [IAM and STS character quotas][1].
+    #
+    #   The [regex pattern][2] used to validate this parameter is a string
     #   of characters consisting of the following:
     #
     #   * Any printable ASCII character ranging from the space character
@@ -1244,7 +1264,8 @@ module Aws::IAM
     #
     #
     #
-    #   [1]: http://wikipedia.org/wiki/regex
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length
+    #   [2]: http://wikipedia.org/wiki/regex
     #   @return [String]
     #
     # @!attribute [rw] set_as_default
@@ -1339,10 +1360,9 @@ module Aws::IAM
     #   permission to assume the role.
     #
     #   In IAM, you must provide a JSON policy that has been converted to a
-    #   string. However, for AWS CloudFormation templates formatted in YAML,
-    #   you can provide the policy in JSON or YAML format. AWS
-    #   CloudFormation always converts a YAML policy to JSON format before
-    #   submitting it to IAM.
+    #   string. However, for CloudFormation templates formatted in YAML, you
+    #   can provide the policy in JSON or YAML format. CloudFormation always
+    #   converts a YAML policy to JSON format before submitting it to IAM.
     #
     #   The [regex pattern][1] used to validate this parameter is a string
     #   of characters consisting of the following:
@@ -1374,7 +1394,7 @@ module Aws::IAM
     #   the default maximum of one hour is applied. This setting can have a
     #   value from 1 hour to 12 hours.
     #
-    #   Anyone who assumes the role from the AWS CLI or API can use the
+    #   Anyone who assumes the role from the or API can use the
     #   `DurationSeconds` API parameter or the `duration-seconds` CLI
     #   parameter to request a longer session. The `MaxSessionDuration`
     #   setting determines the maximum duration that can be requested using
@@ -1548,16 +1568,16 @@ module Aws::IAM
     #       }
     #
     # @!attribute [rw] aws_service_name
-    #   The service principal for the AWS service to which this role is
-    #   attached. You use a string similar to a URL but without the http://
-    #   in front. For example: `elasticbeanstalk.amazonaws.com`.
+    #   The service principal for the Amazon Web Services service to which
+    #   this role is attached. You use a string similar to a URL but without
+    #   the http:// in front. For example: `elasticbeanstalk.amazonaws.com`.
     #
     #   Service principals are unique and case-sensitive. To find the exact
-    #   service principal for your service-linked role, see [AWS services
-    #   that work with IAM][1] in the *IAM User Guide*. Look for the
-    #   services that have <b>Yes </b>in the **Service-Linked Role** column.
-    #   Choose the **Yes** link to view the service-linked role
-    #   documentation for that service.
+    #   service principal for your service-linked role, see [Amazon Web
+    #   Services services that work with IAM][1] in the *IAM User Guide*.
+    #   Look for the services that have <b>Yes </b>in the **Service-Linked
+    #   Role** column. Choose the **Yes** link to view the service-linked
+    #   role documentation for that service.
     #
     #
     #
@@ -1628,9 +1648,9 @@ module Aws::IAM
     #   @return [String]
     #
     # @!attribute [rw] service_name
-    #   The name of the AWS service that is to be associated with the
-    #   credentials. The service you specify here is the only service that
-    #   can be accessed using these credentials.
+    #   The name of the Amazon Web Services service that is to be associated
+    #   with the credentials. The service you specify here is the only
+    #   service that can be accessed using these credentials.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceSpecificCredentialRequest AWS API Documentation
@@ -2179,7 +2199,7 @@ module Aws::IAM
     #   The Amazon Resource Name (ARN) of the IAM policy you want to delete.
     #
     #   For more information about ARNs, see [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -2207,7 +2227,7 @@ module Aws::IAM
     #   to delete a version.
     #
     #   For more information about ARNs, see [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -2717,7 +2737,7 @@ module Aws::IAM
     #   The Amazon Resource Name (ARN) of the IAM policy you want to detach.
     #
     #   For more information about ARNs, see [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -2759,7 +2779,7 @@ module Aws::IAM
     #   The Amazon Resource Name (ARN) of the IAM policy you want to detach.
     #
     #   For more information about ARNs, see [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -2801,7 +2821,7 @@ module Aws::IAM
     #   The Amazon Resource Name (ARN) of the IAM policy you want to detach.
     #
     #   For more information about ARNs, see [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -2942,8 +2962,8 @@ module Aws::IAM
     end
 
     # An object that contains details about when the IAM entities (users or
-    # roles) were last used in an attempt to access the specified AWS
-    # service.
+    # roles) were last used in an attempt to access the specified Amazon Web
+    # Services service.
     #
     # This data type is a response element in the
     # GetServiceLastAccessedDetailsWithEntities operation.
@@ -2955,8 +2975,8 @@ module Aws::IAM
     #
     # @!attribute [rw] last_authenticated
     #   The date and time, in [ISO 8601 date-time format][1], when the
-    #   authenticated entity last attempted to access AWS. AWS does not
-    #   report unauthenticated requests.
+    #   authenticated entity last attempted to access Amazon Web Services.
+    #   Amazon Web Services does not report unauthenticated requests.
     #
     #   This field is null if no IAM entities attempted to access the
     #   service within the [reporting period][2].
@@ -2981,11 +3001,11 @@ module Aws::IAM
     # This data type is an element of the EntityDetails object.
     #
     # @!attribute [rw] arn
-    #   The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS
-    #   resources.
+    #   The Amazon Resource Name (ARN). ARNs are unique identifiers for
+    #   Amazon Web Services resources.
     #
     #   For more information about ARNs, go to [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -3127,15 +3147,15 @@ module Aws::IAM
     #   same account and specifies all resources (`*`), then the parameter
     #   is not returned.
     #
-    #   When you make a cross-account request, AWS evaluates the request in
-    #   the trusting account and the trusted account. The request is allowed
-    #   only if both evaluations return `true`. For more information about
-    #   how policies are evaluated, see [Evaluating policies within a single
-    #   account][1].
+    #   When you make a cross-account request, Amazon Web Services evaluates
+    #   the request in the trusting account and the trusted account. The
+    #   request is allowed only if both evaluations return `true`. For more
+    #   information about how policies are evaluated, see [Evaluating
+    #   policies within a single account][1].
     #
-    #   If an AWS Organizations SCP included in the evaluation denies
-    #   access, the simulation ends. In this case, policy evaluation does
-    #   not proceed any further and this parameter is not returned.
+    #   If an Organizations SCP included in the evaluation denies access,
+    #   the simulation ends. In this case, policy evaluation does not
+    #   proceed any further and this parameter is not returned.
     #
     #
     #
@@ -3192,22 +3212,22 @@ module Aws::IAM
     #       }
     #
     # @!attribute [rw] entity_path
-    #   The path of the AWS Organizations entity (root, OU, or account). You
-    #   can build an entity path using the known structure of your
-    #   organization. For example, assume that your account ID is
-    #   `123456789012` and its parent OU ID is `ou-rge0-awsabcde`. The
-    #   organization root ID is `r-f6g7h8i9j0example` and your organization
-    #   ID is `o-a1b2c3d4e5`. Your entity path is
+    #   The path of the Organizations entity (root, OU, or account). You can
+    #   build an entity path using the known structure of your organization.
+    #   For example, assume that your account ID is `123456789012` and its
+    #   parent OU ID is `ou-rge0-awsabcde`. The organization root ID is
+    #   `r-f6g7h8i9j0example` and your organization ID is `o-a1b2c3d4e5`.
+    #   Your entity path is
     #   `o-a1b2c3d4e5/r-f6g7h8i9j0example/ou-rge0-awsabcde/123456789012`.
     #   @return [String]
     #
     # @!attribute [rw] organizations_policy_id
-    #   The identifier of the AWS Organizations service control policy
-    #   (SCP). This parameter is optional.
+    #   The identifier of the Organizations service control policy (SCP).
+    #   This parameter is optional.
     #
     #   This ID is used to generate information about when an account
-    #   principal that is limited by the SCP attempted to access an AWS
-    #   service.
+    #   principal that is limited by the SCP attempted to access an Amazon
+    #   Web Services service.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateOrganizationsAccessReportRequest AWS API Documentation
@@ -3243,7 +3263,7 @@ module Aws::IAM
     # @!attribute [rw] arn
     #   The ARN of the IAM resource (user, group, role, or managed policy)
     #   used to generate information about when the resource was last used
-    #   in an attempt to access an AWS service.
+    #   in an attempt to access an Amazon Web Services service.
     #   @return [String]
     #
     # @!attribute [rw] granularity
@@ -3313,7 +3333,7 @@ module Aws::IAM
     # returned by the ListAccessKeys action.
     #
     # @!attribute [rw] user_name
-    #   The name of the AWS IAM user that owns this access key.
+    #   The name of the IAM user that owns this access key.
     #   @return [String]
     #
     # @!attribute [rw] access_key_last_used
@@ -3529,7 +3549,7 @@ module Aws::IAM
     #   HTML request.
     #
     #   For more information about ARNs, see [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -3652,9 +3672,9 @@ module Aws::IAM
     #   The policy document.
     #
     #   IAM stores policies in JSON format. However, resources that were
-    #   created using AWS CloudFormation templates can be formatted in YAML.
-    #   AWS CloudFormation always converts a YAML policy to JSON format
-    #   before submitting it to IAM.
+    #   created using CloudFormation templates can be formatted in YAML.
+    #   CloudFormation always converts a YAML policy to JSON format before
+    #   submitting it to IAM.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetGroupPolicyResponse AWS API Documentation
@@ -3829,8 +3849,8 @@ module Aws::IAM
     # Contains the response to a successful GetLoginProfile request.
     #
     # @!attribute [rw] login_profile
-    #   A structure containing the user name and password create date for
-    #   the user.
+    #   A structure containing the user name and the profile creation date
+    #   for the user.
     #   @return [Types::LoginProfile]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetLoginProfileResponse AWS API Documentation
@@ -3854,7 +3874,7 @@ module Aws::IAM
     #   resource ARNs by using the ListOpenIDConnectProviders operation.
     #
     #   For more information about ARNs, see [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -3891,7 +3911,7 @@ module Aws::IAM
     #
     # @!attribute [rw] create_date
     #   The date and time when the IAM OIDC provider resource object was
-    #   created in the AWS account.
+    #   created in the account.
     #   @return [Time]
     #
     # @!attribute [rw] tags
@@ -4062,7 +4082,7 @@ module Aws::IAM
     #   information about.
     #
     #   For more information about ARNs, see [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -4104,7 +4124,7 @@ module Aws::IAM
     #   information about.
     #
     #   For more information about ARNs, see [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -4204,9 +4224,9 @@ module Aws::IAM
     #   The policy document.
     #
     #   IAM stores policies in JSON format. However, resources that were
-    #   created using AWS CloudFormation templates can be formatted in YAML.
-    #   AWS CloudFormation always converts a YAML policy to JSON format
-    #   before submitting it to IAM.
+    #   created using CloudFormation templates can be formatted in YAML.
+    #   CloudFormation always converts a YAML policy to JSON format before
+    #   submitting it to IAM.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRolePolicyResponse AWS API Documentation
@@ -4273,7 +4293,7 @@ module Aws::IAM
     #   in IAM to get information about.
     #
     #   For more information about ARNs, see [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -4567,17 +4587,17 @@ module Aws::IAM
     #   @return [String]
     #
     # @!attribute [rw] service_namespace
-    #   The service namespace for an AWS service. Provide the service
-    #   namespace to learn when the IAM entity last attempted to access the
-    #   specified service.
+    #   The service namespace for an Amazon Web Services service. Provide
+    #   the service namespace to learn when the IAM entity last attempted to
+    #   access the specified service.
     #
     #   To learn the service namespace for a service, see [Actions,
-    #   resources, and condition keys for AWS services][1] in the *IAM User
-    #   Guide*. Choose the name of the service to view details for that
-    #   service. In the first paragraph, find the service prefix. For
-    #   example, `(service prefix: a4b)`. For more information about service
-    #   namespaces, see [AWS service namespaces][2] in the *AWS General
-    #   Reference*.
+    #   resources, and condition keys for Amazon Web Services services][1]
+    #   in the *IAM User Guide*. Choose the name of the service to view
+    #   details for that service. In the first paragraph, find the service
+    #   prefix. For example, `(service prefix: a4b)`. For more information
+    #   about service namespaces, see [Amazon Web Services service
+    #   namespaces][2] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -4644,7 +4664,7 @@ module Aws::IAM
     # @!attribute [rw] entity_details_list
     #   An `EntityDetailsList` object that contains details about when an
     #   IAM entity (user or role) used group or policy permissions in an
-    #   attempt to access the specified AWS service.
+    #   attempt to access the specified Amazon Web Services service.
     #   @return [Array<Types::EntityDetails>]
     #
     # @!attribute [rw] is_truncated
@@ -4778,9 +4798,9 @@ module Aws::IAM
     #   The policy document.
     #
     #   IAM stores policies in JSON format. However, resources that were
-    #   created using AWS CloudFormation templates can be formatted in YAML.
-    #   AWS CloudFormation always converts a YAML policy to JSON format
-    #   before submitting it to IAM.
+    #   created using CloudFormation templates can be formatted in YAML.
+    #   CloudFormation always converts a YAML policy to JSON format before
+    #   submitting it to IAM.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUserPolicyResponse AWS API Documentation
@@ -4839,11 +4859,12 @@ module Aws::IAM
     #
     #    You can use password last used information to identify unused
     #   credentials for deletion. For example, you might delete users who
-    #   did not sign in to AWS in the last 90 days. In cases like this, we
-    #   recommend that you adjust your evaluation window to include dates
-    #   after May 23, 2018. Alternatively, if your users use access keys to
-    #   access AWS programmatically you can refer to access key last used
-    #   information because it is accurate for all dates.
+    #   did not sign in to Amazon Web Services in the last 90 days. In cases
+    #   like this, we recommend that you adjust your evaluation window to
+    #   include dates after May 23, 2018. Alternatively, if your users use
+    #   access keys to access Amazon Web Services programmatically you can
+    #   refer to access key last used information because it is accurate for
+    #   all dates.
     #
     #
     #
@@ -4954,11 +4975,11 @@ module Aws::IAM
     #   @return [String]
     #
     # @!attribute [rw] arn
-    #   The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS
-    #   resources.
+    #   The Amazon Resource Name (ARN). ARNs are unique identifiers for
+    #   Amazon Web Services resources.
     #
     #   For more information about ARNs, go to [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -5158,8 +5179,8 @@ module Aws::IAM
     end
 
     # The request was rejected because it attempted to create resources
-    # beyond the current AWS account limits. The error message describes the
-    # limit exceeded.
+    # beyond the current Amazon Web Services account limits. The error
+    # message describes the limit exceeded.
     #
     # @!attribute [rw] message
     #   @return [String]
@@ -5296,8 +5317,8 @@ module Aws::IAM
     # Contains the response to a successful ListAccountAliases request.
     #
     # @!attribute [rw] account_aliases
-    #   A list of aliases associated with the account. AWS supports only one
-    #   alias per account.
+    #   A list of aliases associated with the account. Amazon Web Services
+    #   supports only one alias per account.
     #   @return [Array<String>]
     #
     # @!attribute [rw] is_truncated
@@ -5658,7 +5679,7 @@ module Aws::IAM
     #   the versions.
     #
     #   For more information about ARNs, see [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -6058,10 +6079,10 @@ module Aws::IAM
     # @!attribute [rw] instance_profile_name
     #   The name of the IAM instance profile whose tags you want to see.
     #
-    #   This parameter accepts (through its [regex pattern][1]) a string of
-    #   characters that consist of upper and lowercase alphanumeric
-    #   characters with no spaces. You can also include any of the following
-    #   characters: =,.@-
+    #   This parameter allows (through its [regex pattern][1]) a string of
+    #   characters consisting of upper and lowercase alphanumeric characters
+    #   with no spaces. You can also include any of the following
+    #   characters: \_+=,.@-
     #
     #
     #
@@ -6076,16 +6097,16 @@ module Aws::IAM
     #   @return [String]
     #
     # @!attribute [rw] max_items
-    #   (Optional) Use this only when paginating results to indicate the
-    #   maximum number of items that you want in the response. If additional
-    #   items exist beyond the maximum that you specify, the `IsTruncated`
-    #   response element is `true`.
-    #
-    #   If you do not include this parameter, it defaults to 100. Note that
-    #   IAM might return fewer results, even when more results are
-    #   available. In that case, the `IsTruncated` response element returns
-    #   `true`, and `Marker` contains a value to include in the subsequent
-    #   call that tells the service where to continue from.
+    #   Use this only when paginating results to indicate the maximum number
+    #   of items you want in the response. If additional items exist beyond
+    #   the maximum you specify, the `IsTruncated` response element is
+    #   `true`.
+    #
+    #   If you do not include this parameter, the number of items defaults
+    #   to 100. Note that IAM might return fewer results, even when there
+    #   are more results available. In that case, the `IsTruncated` response
+    #   element returns `true`, and `Marker` contains a value to include in
+    #   the subsequent call that tells the service where to continue from.
     #   @return [Integer]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfileTagsRequest AWS API Documentation
@@ -6107,12 +6128,12 @@ module Aws::IAM
     #
     # @!attribute [rw] is_truncated
     #   A flag that indicates whether there are more items to return. If
-    #   your results were truncated, you can use the `Marker` request
-    #   parameter to make a subsequent pagination request that retrieves
-    #   more items. Note that IAM might return fewer than the `MaxItems`
-    #   number of results even when more results are available. Check
-    #   `IsTruncated` after every call to ensure that you receive all of
-    #   your results.
+    #   your results were truncated, you can make a subsequent pagination
+    #   request using the `Marker` request parameter to retrieve more items.
+    #   Note that IAM might return fewer than the `MaxItems` number of
+    #   results even when there are more results available. We recommend
+    #   that you check `IsTruncated` after every call to ensure that you
+    #   receive all your results.
     #   @return [Boolean]
     #
     # @!attribute [rw] marker
@@ -6320,10 +6341,10 @@ module Aws::IAM
     #   want to see. For virtual MFA devices, the serial number is the same
     #   as the ARN.
     #
-    #   This parameter accepts (through its [regex pattern][1]) a string of
-    #   characters that consist of upper and lowercase alphanumeric
-    #   characters with no spaces. You can also include any of the following
-    #   characters: =,.@-
+    #   This parameter allows (through its [regex pattern][1]) a string of
+    #   characters consisting of upper and lowercase alphanumeric characters
+    #   with no spaces. You can also include any of the following
+    #   characters: \_+=,.@-
     #
     #
     #
@@ -6338,16 +6359,16 @@ module Aws::IAM
     #   @return [String]
     #
     # @!attribute [rw] max_items
-    #   (Optional) Use this only when paginating results to indicate the
-    #   maximum number of items that you want in the response. If additional
-    #   items exist beyond the maximum that you specify, the `IsTruncated`
-    #   response element is `true`.
-    #
-    #   If you do not include this parameter, it defaults to 100. Note that
-    #   IAM might return fewer results, even when more results are
-    #   available. In that case, the `IsTruncated` response element returns
-    #   `true`, and `Marker` contains a value to include in the subsequent
-    #   call that tells the service where to continue from.
+    #   Use this only when paginating results to indicate the maximum number
+    #   of items you want in the response. If additional items exist beyond
+    #   the maximum you specify, the `IsTruncated` response element is
+    #   `true`.
+    #
+    #   If you do not include this parameter, the number of items defaults
+    #   to 100. Note that IAM might return fewer results, even when there
+    #   are more results available. In that case, the `IsTruncated` response
+    #   element returns `true`, and `Marker` contains a value to include in
+    #   the subsequent call that tells the service where to continue from.
     #   @return [Integer]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListMFADeviceTagsRequest AWS API Documentation
@@ -6369,12 +6390,12 @@ module Aws::IAM
     #
     # @!attribute [rw] is_truncated
     #   A flag that indicates whether there are more items to return. If
-    #   your results were truncated, you can use the `Marker` request
-    #   parameter to make a subsequent pagination request that retrieves
-    #   more items. Note that IAM might return fewer than the `MaxItems`
-    #   number of results even when more results are available. Check
-    #   `IsTruncated` after every call to ensure that you receive all of
-    #   your results.
+    #   your results were truncated, you can make a subsequent pagination
+    #   request using the `Marker` request parameter to retrieve more items.
+    #   Note that IAM might return fewer than the `MaxItems` number of
+    #   results even when there are more results available. We recommend
+    #   that you check `IsTruncated` after every call to ensure that you
+    #   receive all your results.
     #   @return [Boolean]
     #
     # @!attribute [rw] marker
@@ -6490,10 +6511,10 @@ module Aws::IAM
     #   The ARN of the OpenID Connect (OIDC) identity provider whose tags
     #   you want to see.
     #
-    #   This parameter accepts (through its [regex pattern][1]) a string of
-    #   characters that consist of upper and lowercase alphanumeric
-    #   characters with no spaces. You can also include any of the following
-    #   characters: =,.@-
+    #   This parameter allows (through its [regex pattern][1]) a string of
+    #   characters consisting of upper and lowercase alphanumeric characters
+    #   with no spaces. You can also include any of the following
+    #   characters: \_+=,.@-
     #
     #
     #
@@ -6508,16 +6529,16 @@ module Aws::IAM
     #   @return [String]
     #
     # @!attribute [rw] max_items
-    #   (Optional) Use this only when paginating results to indicate the
-    #   maximum number of items that you want in the response. If additional
-    #   items exist beyond the maximum that you specify, the `IsTruncated`
-    #   response element is `true`.
-    #
-    #   If you do not include this parameter, it defaults to 100. Note that
-    #   IAM might return fewer results, even when more results are
-    #   available. In that case, the `IsTruncated` response element returns
-    #   `true`, and `Marker` contains a value to include in the subsequent
-    #   call that tells the service where to continue from.
+    #   Use this only when paginating results to indicate the maximum number
+    #   of items you want in the response. If additional items exist beyond
+    #   the maximum you specify, the `IsTruncated` response element is
+    #   `true`.
+    #
+    #   If you do not include this parameter, the number of items defaults
+    #   to 100. Note that IAM might return fewer results, even when there
+    #   are more results available. In that case, the `IsTruncated` response
+    #   element returns `true`, and `Marker` contains a value to include in
+    #   the subsequent call that tells the service where to continue from.
     #   @return [Integer]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListOpenIDConnectProviderTagsRequest AWS API Documentation
@@ -6539,12 +6560,12 @@ module Aws::IAM
     #
     # @!attribute [rw] is_truncated
     #   A flag that indicates whether there are more items to return. If
-    #   your results were truncated, you can use the `Marker` request
-    #   parameter to make a subsequent pagination request that retrieves
-    #   more items. Note that IAM might return fewer than the `MaxItems`
-    #   number of results even when more results are available. Check
-    #   `IsTruncated` after every call to ensure that you receive all of
-    #   your results.
+    #   your results were truncated, you can make a subsequent pagination
+    #   request using the `Marker` request parameter to retrieve more items.
+    #   Note that IAM might return fewer than the `MaxItems` number of
+    #   results even when there are more results available. We recommend
+    #   that you check `IsTruncated` after every call to ensure that you
+    #   receive all your results.
     #   @return [Boolean]
     #
     # @!attribute [rw] marker
@@ -6573,7 +6594,7 @@ module Aws::IAM
     # request.
     #
     # @!attribute [rw] open_id_connect_provider_list
-    #   The list of IAM OIDC provider resource objects defined in the AWS
+    #   The list of IAM OIDC provider resource objects defined in the
     #   account.
     #   @return [Array<Types::OpenIDConnectProviderListEntry>]
     #
@@ -6595,12 +6616,13 @@ module Aws::IAM
     #   The namespace of the service that was accessed.
     #
     #   To learn the service namespace of a service, see [Actions,
-    #   resources, and condition keys for AWS services][1] in the *Service
-    #   Authorization Reference*. Choose the name of the service to view
-    #   details for that service. In the first paragraph, find the service
-    #   prefix. For example, `(service prefix: a4b)`. For more information
-    #   about service namespaces, see [AWS service namespaces][2] in
-    #   the *AWS General Reference*.
+    #   resources, and condition keys for Amazon Web Services services][1]
+    #   in the *Service Authorization Reference*. Choose the name of the
+    #   service to view details for that service. In the first paragraph,
+    #   find the service prefix. For example, `(service prefix: a4b)`. For
+    #   more information about service namespaces, see [Amazon Web Services
+    #   service namespaces][2] in the *Amazon Web Services General
+    #   Reference*.
     #
     #
     #
@@ -6644,16 +6666,16 @@ module Aws::IAM
     #   @return [String]
     #
     # @!attribute [rw] service_namespaces
-    #   The service namespace for the AWS services whose policies you want
-    #   to list.
+    #   The service namespace for the Amazon Web Services services whose
+    #   policies you want to list.
     #
     #   To learn the service namespace for a service, see [Actions,
-    #   resources, and condition keys for AWS services][1] in the *IAM User
-    #   Guide*. Choose the name of the service to view details for that
-    #   service. In the first paragraph, find the service prefix. For
-    #   example, `(service prefix: a4b)`. For more information about service
-    #   namespaces, see [AWS service namespaces][2] in the *AWS General
-    #   Reference*.
+    #   resources, and condition keys for Amazon Web Services services][1]
+    #   in the *IAM User Guide*. Choose the name of the service to view
+    #   details for that service. In the first paragraph, find the service
+    #   prefix. For example, `(service prefix: a4b)`. For more information
+    #   about service namespaces, see [Amazon Web Services service
+    #   namespaces][2] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -6716,9 +6738,9 @@ module Aws::IAM
     # @!attribute [rw] scope
     #   The scope to use for filtering the results.
     #
-    #   To list only AWS managed policies, set `Scope` to `AWS`. To list
-    #   only the customer managed policies in your AWS account, set `Scope`
-    #   to `Local`.
+    #   To list only Amazon Web Services managed policies, set `Scope` to
+    #   `AWS`. To list only the customer managed policies in your account,
+    #   set `Scope` to `Local`.
     #
     #   This parameter is optional. If it is not included, or if it is set
     #   to `All`, all policies are returned.
@@ -6838,10 +6860,10 @@ module Aws::IAM
     #   The ARN of the IAM customer managed policy whose tags you want to
     #   see.
     #
-    #   This parameter accepts (through its [regex pattern][1]) a string of
-    #   characters that consist of upper and lowercase alphanumeric
-    #   characters with no spaces. You can also include any of the following
-    #   characters: =,.@-
+    #   This parameter allows (through its [regex pattern][1]) a string of
+    #   characters consisting of upper and lowercase alphanumeric characters
+    #   with no spaces. You can also include any of the following
+    #   characters: \_+=,.@-
     #
     #
     #
@@ -6856,16 +6878,16 @@ module Aws::IAM
     #   @return [String]
     #
     # @!attribute [rw] max_items
-    #   (Optional) Use this only when paginating results to indicate the
-    #   maximum number of items that you want in the response. If additional
-    #   items exist beyond the maximum that you specify, the `IsTruncated`
-    #   response element is `true`.
-    #
-    #   If you do not include this parameter, it defaults to 100. Note that
-    #   IAM might return fewer results, even when more results are
-    #   available. In that case, the `IsTruncated` response element returns
-    #   `true`, and `Marker` contains a value to include in the subsequent
-    #   call that tells the service where to continue from.
+    #   Use this only when paginating results to indicate the maximum number
+    #   of items you want in the response. If additional items exist beyond
+    #   the maximum you specify, the `IsTruncated` response element is
+    #   `true`.
+    #
+    #   If you do not include this parameter, the number of items defaults
+    #   to 100. Note that IAM might return fewer results, even when there
+    #   are more results available. In that case, the `IsTruncated` response
+    #   element returns `true`, and `Marker` contains a value to include in
+    #   the subsequent call that tells the service where to continue from.
     #   @return [Integer]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicyTagsRequest AWS API Documentation
@@ -6887,12 +6909,12 @@ module Aws::IAM
     #
     # @!attribute [rw] is_truncated
     #   A flag that indicates whether there are more items to return. If
-    #   your results were truncated, you can use the `Marker` request
-    #   parameter to make a subsequent pagination request that retrieves
-    #   more items. Note that IAM might return fewer than the `MaxItems`
-    #   number of results even when more results are available. Check
-    #   `IsTruncated` after every call to ensure that you receive all of
-    #   your results.
+    #   your results were truncated, you can make a subsequent pagination
+    #   request using the `Marker` request parameter to retrieve more items.
+    #   Note that IAM might return fewer than the `MaxItems` number of
+    #   results even when there are more results available. We recommend
+    #   that you check `IsTruncated` after every call to ensure that you
+    #   receive all your results.
     #   @return [Boolean]
     #
     # @!attribute [rw] marker
@@ -6925,7 +6947,7 @@ module Aws::IAM
     #   the versions.
     #
     #   For more information about ARNs, see [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -7115,16 +7137,16 @@ module Aws::IAM
     #   @return [String]
     #
     # @!attribute [rw] max_items
-    #   (Optional) Use this only when paginating results to indicate the
-    #   maximum number of items that you want in the response. If additional
-    #   items exist beyond the maximum that you specify, the `IsTruncated`
-    #   response element is `true`.
-    #
-    #   If you do not include this parameter, it defaults to 100. Note that
-    #   IAM might return fewer results, even when more results are
-    #   available. In that case, the `IsTruncated` response element returns
-    #   `true`, and `Marker` contains a value to include in the subsequent
-    #   call that tells the service where to continue from.
+    #   Use this only when paginating results to indicate the maximum number
+    #   of items you want in the response. If additional items exist beyond
+    #   the maximum you specify, the `IsTruncated` response element is
+    #   `true`.
+    #
+    #   If you do not include this parameter, the number of items defaults
+    #   to 100. Note that IAM might return fewer results, even when there
+    #   are more results available. In that case, the `IsTruncated` response
+    #   element returns `true`, and `Marker` contains a value to include in
+    #   the subsequent call that tells the service where to continue from.
     #   @return [Integer]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRoleTagsRequest AWS API Documentation
@@ -7146,12 +7168,12 @@ module Aws::IAM
     #
     # @!attribute [rw] is_truncated
     #   A flag that indicates whether there are more items to return. If
-    #   your results were truncated, you can use the `Marker` request
-    #   parameter to make a subsequent pagination request that retrieves
-    #   more items. Note that IAM might return fewer than the `MaxItems`
-    #   number of results even when more results are available. Check
-    #   `IsTruncated` after every call to ensure that you receive all of
-    #   your results.
+    #   your results were truncated, you can make a subsequent pagination
+    #   request using the `Marker` request parameter to retrieve more items.
+    #   Note that IAM might return fewer than the `MaxItems` number of
+    #   results even when there are more results available. We recommend
+    #   that you check `IsTruncated` after every call to ensure that you
+    #   receive all your results.
     #   @return [Boolean]
     #
     # @!attribute [rw] marker
@@ -7273,10 +7295,10 @@ module Aws::IAM
     #   The ARN of the Security Assertion Markup Language (SAML) identity
     #   provider whose tags you want to see.
     #
-    #   This parameter accepts (through its [regex pattern][1]) a string of
-    #   characters that consist of upper and lowercase alphanumeric
-    #   characters with no spaces. You can also include any of the following
-    #   characters: =,.@-
+    #   This parameter allows (through its [regex pattern][1]) a string of
+    #   characters consisting of upper and lowercase alphanumeric characters
+    #   with no spaces. You can also include any of the following
+    #   characters: \_+=,.@-
     #
     #
     #
@@ -7291,16 +7313,16 @@ module Aws::IAM
     #   @return [String]
     #
     # @!attribute [rw] max_items
-    #   (Optional) Use this only when paginating results to indicate the
-    #   maximum number of items that you want in the response. If additional
-    #   items exist beyond the maximum that you specify, the `IsTruncated`
-    #   response element is `true`.
-    #
-    #   If you do not include this parameter, it defaults to 100. Note that
-    #   IAM might return fewer results, even when more results are
-    #   available. In that case, the `IsTruncated` response element returns
-    #   `true`, and `Marker` contains a value to include in the subsequent
-    #   call that tells the service where to continue from.
+    #   Use this only when paginating results to indicate the maximum number
+    #   of items you want in the response. If additional items exist beyond
+    #   the maximum you specify, the `IsTruncated` response element is
+    #   `true`.
+    #
+    #   If you do not include this parameter, the number of items defaults
+    #   to 100. Note that IAM might return fewer results, even when there
+    #   are more results available. In that case, the `IsTruncated` response
+    #   element returns `true`, and `Marker` contains a value to include in
+    #   the subsequent call that tells the service where to continue from.
     #   @return [Integer]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSAMLProviderTagsRequest AWS API Documentation
@@ -7323,12 +7345,12 @@ module Aws::IAM
     #
     # @!attribute [rw] is_truncated
     #   A flag that indicates whether there are more items to return. If
-    #   your results were truncated, you can use the `Marker` request
-    #   parameter to make a subsequent pagination request that retrieves
-    #   more items. Note that IAM might return fewer than the `MaxItems`
-    #   number of results even when more results are available. Check
-    #   `IsTruncated` after every call to ensure that you receive all of
-    #   your results.
+    #   your results were truncated, you can make a subsequent pagination
+    #   request using the `Marker` request parameter to retrieve more items.
+    #   Note that IAM might return fewer than the `MaxItems` number of
+    #   results even when there are more results available. We recommend
+    #   that you check `IsTruncated` after every call to ensure that you
+    #   receive all your results.
     #   @return [Boolean]
     #
     # @!attribute [rw] marker
@@ -7357,7 +7379,7 @@ module Aws::IAM
     #
     # @!attribute [rw] saml_provider_list
     #   The list of SAML provider resource objects defined in IAM for this
-    #   AWS account.
+    #   Amazon Web Services account.
     #   @return [Array<Types::SAMLProviderListEntry>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSAMLProvidersResponse AWS API Documentation
@@ -7380,7 +7402,7 @@ module Aws::IAM
     # @!attribute [rw] user_name
     #   The name of the IAM user to list SSH public keys for. If none is
     #   specified, the `UserName` field is determined implicitly based on
-    #   the AWS access key used to sign the request.
+    #   the Amazon Web Services access key used to sign the request.
     #
     #   This parameter allows (through its [regex pattern][1]) a string of
     #   characters consisting of upper and lowercase alphanumeric characters
@@ -7466,10 +7488,10 @@ module Aws::IAM
     # @!attribute [rw] server_certificate_name
     #   The name of the IAM server certificate whose tags you want to see.
     #
-    #   This parameter accepts (through its [regex pattern][1]) a string of
-    #   characters that consist of upper and lowercase alphanumeric
-    #   characters with no spaces. You can also include any of the following
-    #   characters: =,.@-
+    #   This parameter allows (through its [regex pattern][1]) a string of
+    #   characters consisting of upper and lowercase alphanumeric characters
+    #   with no spaces. You can also include any of the following
+    #   characters: \_+=,.@-
     #
     #
     #
@@ -7484,16 +7506,16 @@ module Aws::IAM
     #   @return [String]
     #
     # @!attribute [rw] max_items
-    #   (Optional) Use this only when paginating results to indicate the
-    #   maximum number of items that you want in the response. If additional
-    #   items exist beyond the maximum that you specify, the `IsTruncated`
-    #   response element is `true`.
-    #
-    #   If you do not include this parameter, it defaults to 100. Note that
-    #   IAM might return fewer results, even when more results are
-    #   available. In that case, the `IsTruncated` response element returns
-    #   `true`, and `Marker` contains a value to include in the subsequent
-    #   call that tells the service where to continue from.
+    #   Use this only when paginating results to indicate the maximum number
+    #   of items you want in the response. If additional items exist beyond
+    #   the maximum you specify, the `IsTruncated` response element is
+    #   `true`.
+    #
+    #   If you do not include this parameter, the number of items defaults
+    #   to 100. Note that IAM might return fewer results, even when there
+    #   are more results available. In that case, the `IsTruncated` response
+    #   element returns `true`, and `Marker` contains a value to include in
+    #   the subsequent call that tells the service where to continue from.
     #   @return [Integer]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServerCertificateTagsRequest AWS API Documentation
@@ -7515,12 +7537,12 @@ module Aws::IAM
     #
     # @!attribute [rw] is_truncated
     #   A flag that indicates whether there are more items to return. If
-    #   your results were truncated, you can use the `Marker` request
-    #   parameter to make a subsequent pagination request that retrieves
-    #   more items. Note that IAM might return fewer than the `MaxItems`
-    #   number of results even when more results are available. Check
-    #   `IsTruncated` after every call to ensure that you receive all of
-    #   your results.
+    #   your results were truncated, you can make a subsequent pagination
+    #   request using the `Marker` request parameter to retrieve more items.
+    #   Note that IAM might return fewer than the `MaxItems` number of
+    #   results even when there are more results available. We recommend
+    #   that you check `IsTruncated` after every call to ensure that you
+    #   receive all your results.
     #   @return [Boolean]
     #
     # @!attribute [rw] marker
@@ -7654,9 +7676,9 @@ module Aws::IAM
     #   @return [String]
     #
     # @!attribute [rw] service_name
-    #   Filters the returned results to only those for the specified AWS
-    #   service. If not specified, then AWS returns service-specific
-    #   credentials for all services.
+    #   Filters the returned results to only those for the specified Amazon
+    #   Web Services service. If not specified, then Amazon Web Services
+    #   returns service-specific credentials for all services.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServiceSpecificCredentialsRequest AWS API Documentation
@@ -7862,10 +7884,10 @@ module Aws::IAM
     # @!attribute [rw] user_name
     #   The name of the IAM user whose tags you want to see.
     #
-    #   This parameter accepts (through its [regex pattern][1]) a string of
-    #   characters that consist of upper and lowercase alphanumeric
-    #   characters with no spaces. You can also include any of the following
-    #   characters: =,.@-
+    #   This parameter allows (through its [regex pattern][1]) a string of
+    #   characters consisting of upper and lowercase alphanumeric characters
+    #   with no spaces. You can also include any of the following
+    #   characters: \_+=,.@-
     #
     #
     #
@@ -7880,16 +7902,16 @@ module Aws::IAM
     #   @return [String]
     #
     # @!attribute [rw] max_items
-    #   (Optional) Use this only when paginating results to indicate the
-    #   maximum number of items that you want in the response. If additional
-    #   items exist beyond the maximum that you specify, the `IsTruncated`
-    #   response element is `true`.
-    #
-    #   If you do not include this parameter, it defaults to 100. Note that
-    #   IAM might return fewer results, even when more results are
-    #   available. In that case, the `IsTruncated` response element returns
-    #   `true`, and `Marker` contains a value to include in the subsequent
-    #   call that tells the service where to continue from.
+    #   Use this only when paginating results to indicate the maximum number
+    #   of items you want in the response. If additional items exist beyond
+    #   the maximum you specify, the `IsTruncated` response element is
+    #   `true`.
+    #
+    #   If you do not include this parameter, the number of items defaults
+    #   to 100. Note that IAM might return fewer results, even when there
+    #   are more results available. In that case, the `IsTruncated` response
+    #   element returns `true`, and `Marker` contains a value to include in
+    #   the subsequent call that tells the service where to continue from.
     #   @return [Integer]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUserTagsRequest AWS API Documentation
@@ -7911,12 +7933,12 @@ module Aws::IAM
     #
     # @!attribute [rw] is_truncated
     #   A flag that indicates whether there are more items to return. If
-    #   your results were truncated, you can use the `Marker` request
-    #   parameter to make a subsequent pagination request that retrieves
-    #   more items. Note that IAM might return fewer than the `MaxItems`
-    #   number of results even when more results are available. Check
-    #   `IsTruncated` after every call to ensure that you receive all of
-    #   your results.
+    #   your results were truncated, you can make a subsequent pagination
+    #   request using the `Marker` request parameter to retrieve more items.
+    #   Note that IAM might return fewer than the `MaxItems` number of
+    #   results even when there are more results available. We recommend
+    #   that you check `IsTruncated` after every call to ensure that you
+    #   receive all your results.
     #   @return [Boolean]
     #
     # @!attribute [rw] marker
@@ -8110,7 +8132,7 @@ module Aws::IAM
     # and GetLoginProfile operations.
     #
     # @!attribute [rw] user_name
-    #   The name of the user, which can be used for signing in to the AWS
+    #   The name of the user, which can be used for signing in to the
     #   Management Console.
     #   @return [String]
     #
@@ -8219,11 +8241,11 @@ module Aws::IAM
     #   @return [String]
     #
     # @!attribute [rw] arn
-    #   The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS
-    #   resources.
+    #   The Amazon Resource Name (ARN). ARNs are unique identifiers for
+    #   Amazon Web Services resources.
     #
     #   For more information about ARNs, go to [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -8343,11 +8365,11 @@ module Aws::IAM
     # provider.
     #
     # @!attribute [rw] arn
-    #   The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS
-    #   resources.
+    #   The Amazon Resource Name (ARN). ARNs are unique identifiers for
+    #   Amazon Web Services resources.
     #
     #   For more information about ARNs, go to [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -8518,11 +8540,11 @@ module Aws::IAM
     #   @return [String]
     #
     # @!attribute [rw] arn
-    #   The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS
-    #   resources.
+    #   The Amazon Resource Name (ARN). ARNs are unique identifiers for
+    #   Amazon Web Services resources.
     #
     #   For more information about ARNs, go to [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -8684,11 +8706,11 @@ module Aws::IAM
     #   @return [String]
     #
     # @!attribute [rw] policy_arn
-    #   The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS
-    #   resources.
+    #   The Amazon Resource Name (ARN). ARNs are unique identifiers for
+    #   Amazon Web Services resources.
     #
     #   For more information about ARNs, go to [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -8769,8 +8791,8 @@ module Aws::IAM
       include Aws::Structure
     end
 
-    # The request failed because AWS service role policies can only be
-    # attached to the service-linked role for that service.
+    # The request failed because Amazon Web Services service role policies
+    # can only be attached to the service-linked role for that service.
     #
     # @!attribute [rw] message
     #   @return [String]
@@ -8981,10 +9003,10 @@ module Aws::IAM
     # @!attribute [rw] policy_document
     #   The policy document.
     #
-    #   You must provide policies in JSON format in IAM. However, for AWS
+    #   You must provide policies in JSON format in IAM. However, for
     #   CloudFormation templates formatted in YAML, you can provide the
-    #   policy in JSON or YAML format. AWS CloudFormation always converts a
-    #   YAML policy to JSON format before submitting it to IAM.
+    #   policy in JSON or YAML format. CloudFormation always converts a YAML
+    #   policy to JSON format before submitting it to = IAM.
     #
     #   The [regex pattern][1] used to validate this parameter is a string
     #   of characters consisting of the following:
@@ -9078,10 +9100,10 @@ module Aws::IAM
     # @!attribute [rw] policy_document
     #   The policy document.
     #
-    #   You must provide policies in JSON format in IAM. However, for AWS
+    #   You must provide policies in JSON format in IAM. However, for
     #   CloudFormation templates formatted in YAML, you can provide the
-    #   policy in JSON or YAML format. AWS CloudFormation always converts a
-    #   YAML policy to JSON format before submitting it to IAM.
+    #   policy in JSON or YAML format. CloudFormation always converts a YAML
+    #   policy to JSON format before submitting it to IAM.
     #
     #   The [regex pattern][1] used to validate this parameter is a string
     #   of characters consisting of the following:
@@ -9175,10 +9197,10 @@ module Aws::IAM
     # @!attribute [rw] policy_document
     #   The policy document.
     #
-    #   You must provide policies in JSON format in IAM. However, for AWS
+    #   You must provide policies in JSON format in IAM. However, for
     #   CloudFormation templates formatted in YAML, you can provide the
-    #   policy in JSON or YAML format. AWS CloudFormation always converts a
-    #   YAML policy to JSON format before submitting it to IAM.
+    #   policy in JSON or YAML format. CloudFormation always converts a YAML
+    #   policy to JSON format before submitting it to IAM.
     #
     #   The [regex pattern][1] used to validate this parameter is a string
     #   of characters consisting of the following:
@@ -9221,7 +9243,7 @@ module Aws::IAM
     #   by using the ListOpenIDConnectProviders operation.
     #
     #   For more information about ARNs, see [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -9579,8 +9601,8 @@ module Aws::IAM
     #
     # @!attribute [rw] max_session_duration
     #   The maximum session duration (in seconds) for the specified role.
-    #   Anyone who uses the AWS CLI, or API to assume the role can specify
-    #   the duration using the optional `DurationSeconds` API parameter or
+    #   Anyone who uses the CLI, or API to assume the role can specify the
+    #   duration using the optional `DurationSeconds` API parameter or
     #   `duration-seconds` CLI parameter.
     #   @return [Integer]
     #
@@ -9668,11 +9690,11 @@ module Aws::IAM
     #   @return [String]
     #
     # @!attribute [rw] arn
-    #   The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS
-    #   resources.
+    #   The Amazon Resource Name (ARN). ARNs are unique identifiers for
+    #   Amazon Web Services resources.
     #
     #   For more information about ARNs, go to [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -9791,7 +9813,7 @@ module Aws::IAM
     #   @return [Time]
     #
     # @!attribute [rw] region
-    #   The name of the AWS Region in which the role was last used.
+    #   The name of the Region in which the role was last used.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RoleLastUsed AWS API Documentation
@@ -9873,8 +9895,8 @@ module Aws::IAM
     #
     # @!attribute [rw] status
     #   The status of the SSH public key. `Active` means that the key can be
-    #   used for authentication with an AWS CodeCommit repository.
-    #   `Inactive` means that the key cannot be used.
+    #   used for authentication with an CodeCommit repository. `Inactive`
+    #   means that the key cannot be used.
     #   @return [String]
     #
     # @!attribute [rw] upload_date
@@ -9915,8 +9937,8 @@ module Aws::IAM
     #
     # @!attribute [rw] status
     #   The status of the SSH public key. `Active` means that the key can be
-    #   used for authentication with an AWS CodeCommit repository.
-    #   `Inactive` means that the key cannot be used.
+    #   used for authentication with an CodeCommit repository. `Inactive`
+    #   means that the key cannot be used.
     #   @return [String]
     #
     # @!attribute [rw] upload_date
@@ -10064,7 +10086,7 @@ module Aws::IAM
     # @!attribute [rw] last_authenticated
     #   The date and time, in [ISO 8601 date-time format][1], when an
     #   authenticated entity most recently attempted to access the service.
-    #   AWS does not report unauthenticated requests.
+    #   Amazon Web Services does not report unauthenticated requests.
     #
     #   This field is null if no IAM entities attempted to access the
     #   service within the [reporting period][2].
@@ -10079,12 +10101,13 @@ module Aws::IAM
     #   The namespace of the service in which access was attempted.
     #
     #   To learn the service namespace of a service, see [Actions,
-    #   resources, and condition keys for AWS services][1] in the *Service
-    #   Authorization Reference*. Choose the name of the service to view
-    #   details for that service. In the first paragraph, find the service
-    #   prefix. For example, `(service prefix: a4b)`. For more information
-    #   about service namespaces, see [AWS Service Namespaces][2] in
-    #   the *AWS General Reference*.
+    #   resources, and condition keys for Amazon Web Services services][1]
+    #   in the *Service Authorization Reference*. Choose the name of the
+    #   service to view details for that service. In the first paragraph,
+    #   find the service prefix. For example, `(service prefix: a4b)`. For
+    #   more information about service namespaces, see [Amazon Web Services
+    #   Service Namespaces][2] in the *Amazon Web Services General
+    #   Reference*.
     #
     #
     #
@@ -10094,8 +10117,8 @@ module Aws::IAM
     #
     # @!attribute [rw] last_authenticated_entity
     #   The ARN of the authenticated entity (user or role) that last
-    #   attempted to access the service. AWS does not report unauthenticated
-    #   requests.
+    #   attempted to access the service. Amazon Web Services does not report
+    #   unauthenticated requests.
     #
     #   This field is null if no IAM entities attempted to access the
     #   service within the [reporting period][1].
@@ -10107,8 +10130,8 @@ module Aws::IAM
     #
     # @!attribute [rw] last_authenticated_region
     #   The Region from which the authenticated entity (user or role) last
-    #   attempted to access the service. AWS does not report unauthenticated
-    #   requests.
+    #   attempted to access the service. Amazon Web Services does not report
+    #   unauthenticated requests.
     #
     #   This field is null if no IAM entities attempted to access the
     #   service within the [reporting period][1].
@@ -10191,8 +10214,9 @@ module Aws::IAM
     # @!attribute [rw] service_user_name
     #   The generated user name for the service-specific credential. This
     #   value is generated by combining the IAM user's name combined with
-    #   the ID number of the AWS account, as in `jane-at-123456789012`, for
-    #   example. This value cannot be configured by the user.
+    #   the ID number of the Amazon Web Services account, as in
+    #   `jane-at-123456789012`, for example. This value cannot be configured
+    #   by the user.
     #   @return [String]
     #
     # @!attribute [rw] service_password
@@ -10287,7 +10311,7 @@ module Aws::IAM
     #   version you want to set.
     #
     #   For more information about ARNs, see [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -10323,14 +10347,14 @@ module Aws::IAM
     #
     # @!attribute [rw] global_endpoint_token_version
     #   The version of the global endpoint token. Version 1 tokens are valid
-    #   only in AWS Regions that are available by default. These tokens do
-    #   not work in manually enabled Regions, such as Asia Pacific (Hong
-    #   Kong). Version 2 tokens are valid in all Regions. However, version 2
-    #   tokens are longer and might affect systems where you temporarily
-    #   store tokens.
+    #   only in Regions that are available by default. These tokens do not
+    #   work in manually enabled Regions, such as Asia Pacific (Hong Kong).
+    #   Version 2 tokens are valid in all Regions. However, version 2 tokens
+    #   are longer and might affect systems where you temporarily store
+    #   tokens.
     #
-    #   For information, see [Activating and deactivating STS in an AWS
-    #   region][1] in the *IAM User Guide*.
+    #   For information, see [Activating and deactivating STS in an
+    #   Region][1] in the *IAM User Guide*.
     #
     #
     #
@@ -10417,7 +10441,12 @@ module Aws::IAM
     #   operations. In other words, do not use policies designed to restrict
     #   what a user can do while using the temporary credentials.
     #
-    #   The [regex pattern][3] used to validate this parameter is a string
+    #   The maximum length of the policy document that you can pass in this
+    #   operation, including whitespace, is listed below. To view the
+    #   maximum character counts of a managed policy with no whitespaces,
+    #   see [IAM and STS character quotas][3].
+    #
+    #   The [regex pattern][4] used to validate this parameter is a string
     #   of characters consisting of the following:
     #
     #   * Any printable ASCII character ranging from the space character
@@ -10433,7 +10462,8 @@ module Aws::IAM
     #
     #   [1]: https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetFederationToken.html
     #   [2]: https://docs.aws.amazon.com/IAM/latest/APIReference/API_AssumeRole.html
-    #   [3]: http://wikipedia.org/wiki/regex
+    #   [3]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length
+    #   [4]: http://wikipedia.org/wiki/regex
     #   @return [Array<String>]
     #
     # @!attribute [rw] permissions_boundary_policy_input_list
@@ -10446,7 +10476,12 @@ module Aws::IAM
     #   contains the complete, valid JSON text of a permissions boundary
     #   policy.
     #
-    #   The [regex pattern][2] used to validate this parameter is a string
+    #   The maximum length of the policy document that you can pass in this
+    #   operation, including whitespace, is listed below. To view the
+    #   maximum character counts of a managed policy with no whitespaces,
+    #   see [IAM and STS character quotas][2].
+    #
+    #   The [regex pattern][3] used to validate this parameter is a string
     #   of characters consisting of the following:
     #
     #   * Any printable ASCII character ranging from the space character
@@ -10461,7 +10496,8 @@ module Aws::IAM
     #
     #
     #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html
-    #   [2]: http://wikipedia.org/wiki/regex
+    #   [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length
+    #   [3]: http://wikipedia.org/wiki/regex
     #   @return [Array<String>]
     #
     # @!attribute [rw] action_names
@@ -10472,13 +10508,13 @@ module Aws::IAM
     #   @return [Array<String>]
     #
     # @!attribute [rw] resource_arns
-    #   A list of ARNs of AWS resources to include in the simulation. If
-    #   this parameter is not provided, then the value defaults to `*` (all
-    #   resources). Each API in the `ActionNames` parameter is evaluated for
-    #   each resource in this list. The simulation determines the access
-    #   result (allowed or denied) of each combination and reports it in the
-    #   response. You can simulate resources that don't exist in your
-    #   account.
+    #   A list of ARNs of Amazon Web Services resources to include in the
+    #   simulation. If this parameter is not provided, then the value
+    #   defaults to `*` (all resources). Each API in the `ActionNames`
+    #   parameter is evaluated for each resource in this list. The
+    #   simulation determines the access result (allowed or denied) of each
+    #   combination and reports it in the response. You can simulate
+    #   resources that don't exist in your account.
     #
     #   The simulation does not automatically retrieve policies for the
     #   specified resources. If you want to include a resource policy in the
@@ -10490,7 +10526,7 @@ module Aws::IAM
     #   invalid input error.
     #
     #   For more information about ARNs, see [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -10503,7 +10539,12 @@ module Aws::IAM
     #   policy attached. You can include only one resource-based policy in a
     #   simulation.
     #
-    #   The [regex pattern][1] used to validate this parameter is a string
+    #   The maximum length of the policy document that you can pass in this
+    #   operation, including whitespace, is listed below. To view the
+    #   maximum character counts of a managed policy with no whitespaces,
+    #   see [IAM and STS character quotas][1].
+    #
+    #   The [regex pattern][2] used to validate this parameter is a string
     #   of characters consisting of the following:
     #
     #   * Any printable ASCII character ranging from the space character
@@ -10517,17 +10558,18 @@ module Aws::IAM
     #
     #
     #
-    #   [1]: http://wikipedia.org/wiki/regex
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length
+    #   [2]: http://wikipedia.org/wiki/regex
     #   @return [String]
     #
     # @!attribute [rw] resource_owner
-    #   An ARN representing the AWS account ID that specifies the owner of
-    #   any simulated resource that does not identify its owner in the
-    #   resource ARN. Examples of resource ARNs include an S3 bucket or
-    #   object. If `ResourceOwner` is specified, it is also used as the
-    #   account owner of any `ResourcePolicy` included in the simulation. If
-    #   the `ResourceOwner` parameter is not specified, then the owner of
-    #   the resources and the resource policy defaults to the account of the
+    #   An ARN representing the account ID that specifies the owner of any
+    #   simulated resource that does not identify its owner in the resource
+    #   ARN. Examples of resource ARNs include an S3 bucket or object. If
+    #   `ResourceOwner` is specified, it is also used as the account owner
+    #   of any `ResourcePolicy` included in the simulation. If the
+    #   `ResourceOwner` parameter is not specified, then the owner of the
+    #   resources and the resource policy defaults to the account of the
     #   identity provided in `CallerArn`. This parameter is required only if
     #   you specify a resource-based policy and account that owns the
     #   resource is different from the account that owns the simulated
@@ -10706,12 +10748,18 @@ module Aws::IAM
     #   also includes all policies that are attached to any groups the user
     #   belongs to.
     #
+    #   The maximum length of the policy document that you can pass in this
+    #   operation, including whitespace, is listed below. To view the
+    #   maximum character counts of a managed policy with no whitespaces,
+    #   see [IAM and STS character quotas][1].
+    #
     #   For more information about ARNs, see [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][2] in the *Amazon Web Services General Reference*.
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length
+    #   [2]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
     #   @return [String]
     #
     # @!attribute [rw] policy_input_list
@@ -10750,7 +10798,12 @@ module Aws::IAM
     #   as a string containing the complete, valid JSON text of a
     #   permissions boundary policy.
     #
-    #   The [regex pattern][2] used to validate this parameter is a string
+    #   The maximum length of the policy document that you can pass in this
+    #   operation, including whitespace, is listed below. To view the
+    #   maximum character counts of a managed policy with no whitespaces,
+    #   see [IAM and STS character quotas][2].
+    #
+    #   The [regex pattern][3] used to validate this parameter is a string
     #   of characters consisting of the following:
     #
     #   * Any printable ASCII character ranging from the space character
@@ -10765,7 +10818,8 @@ module Aws::IAM
     #
     #
     #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html
-    #   [2]: http://wikipedia.org/wiki/regex
+    #   [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length
+    #   [3]: http://wikipedia.org/wiki/regex
     #   @return [Array<String>]
     #
     # @!attribute [rw] action_names
@@ -10775,13 +10829,13 @@ module Aws::IAM
     #   @return [Array<String>]
     #
     # @!attribute [rw] resource_arns
-    #   A list of ARNs of AWS resources to include in the simulation. If
-    #   this parameter is not provided, then the value defaults to `*` (all
-    #   resources). Each API in the `ActionNames` parameter is evaluated for
-    #   each resource in this list. The simulation determines the access
-    #   result (allowed or denied) of each combination and reports it in the
-    #   response. You can simulate resources that don't exist in your
-    #   account.
+    #   A list of ARNs of Amazon Web Services resources to include in the
+    #   simulation. If this parameter is not provided, then the value
+    #   defaults to `*` (all resources). Each API in the `ActionNames`
+    #   parameter is evaluated for each resource in this list. The
+    #   simulation determines the access result (allowed or denied) of each
+    #   combination and reports it in the response. You can simulate
+    #   resources that don't exist in your account.
     #
     #   The simulation does not automatically retrieve policies for the
     #   specified resources. If you want to include a resource policy in the
@@ -10789,7 +10843,7 @@ module Aws::IAM
     #   `ResourcePolicy` parameter.
     #
     #   For more information about ARNs, see [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -10802,7 +10856,12 @@ module Aws::IAM
     #   policy attached. You can include only one resource-based policy in a
     #   simulation.
     #
-    #   The [regex pattern][1] used to validate this parameter is a string
+    #   The maximum length of the policy document that you can pass in this
+    #   operation, including whitespace, is listed below. To view the
+    #   maximum character counts of a managed policy with no whitespaces,
+    #   see [IAM and STS character quotas][1].
+    #
+    #   The [regex pattern][2] used to validate this parameter is a string
     #   of characters consisting of the following:
     #
     #   * Any printable ASCII character ranging from the space character
@@ -10816,11 +10875,12 @@ module Aws::IAM
     #
     #
     #
-    #   [1]: http://wikipedia.org/wiki/regex
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length
+    #   [2]: http://wikipedia.org/wiki/regex
     #   @return [String]
     #
     # @!attribute [rw] resource_owner
-    #   An AWS account ID that specifies the owner of any simulated resource
+    #   An account ID that specifies the owner of any simulated resource
     #   that does not identify its owner in the resource ARN. Examples of
     #   resource ARNs include an S3 bucket or object. If `ResourceOwner` is
     #   specified, it is also used as the account owner of any
@@ -10853,7 +10913,7 @@ module Aws::IAM
     #   to use in evaluating the policy.
     #
     #   For more information about ARNs, see [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -11017,9 +11077,10 @@ module Aws::IAM
     #   different cost centers in your company. Typically, many resources
     #   have tags with the same key name but with different values.
     #
-    #   <note markdown="1"> AWS always interprets the tag `Value` as a single string. If you
-    #   need to store an array, you can store comma-separated values in the
-    #   string. However, you must interpret the value in your code.
+    #   <note markdown="1"> Amazon Web Services always interprets the tag `Value` as a single
+    #   string. If you need to store an array, you can store comma-separated
+    #   values in the string. However, you must interpret the value in your
+    #   code.
     #
     #    </note>
     #   @return [String]
@@ -11049,10 +11110,10 @@ module Aws::IAM
     # @!attribute [rw] instance_profile_name
     #   The name of the IAM instance profile to which you want to add tags.
     #
-    #   This parameter accepts (through its [regex pattern][1]) a string of
-    #   characters that consist of upper and lowercase alphanumeric
-    #   characters with no spaces. You can also include any of the following
-    #   characters: =,.@-
+    #   This parameter allows (through its [regex pattern][1]) a string of
+    #   characters consisting of upper and lowercase alphanumeric characters
+    #   with no spaces. You can also include any of the following
+    #   characters: \_+=,.@-
     #
     #
     #
@@ -11091,10 +11152,10 @@ module Aws::IAM
     #   want to add tags. For virtual MFA devices, the serial number is the
     #   same as the ARN.
     #
-    #   This parameter accepts (through its [regex pattern][1]) a string of
-    #   characters that consist of upper and lowercase alphanumeric
-    #   characters with no spaces. You can also include any of the following
-    #   characters: =,.@-
+    #   This parameter allows (through its [regex pattern][1]) a string of
+    #   characters consisting of upper and lowercase alphanumeric characters
+    #   with no spaces. You can also include any of the following
+    #   characters: \_+=,.@-
     #
     #
     #
@@ -11132,10 +11193,10 @@ module Aws::IAM
     #   The ARN of the OIDC identity provider in IAM to which you want to
     #   add tags.
     #
-    #   This parameter accepts (through its [regex pattern][1]) a string of
-    #   characters that consist of upper and lowercase alphanumeric
-    #   characters with no spaces. You can also include any of the following
-    #   characters: =,.@-
+    #   This parameter allows (through its [regex pattern][1]) a string of
+    #   characters consisting of upper and lowercase alphanumeric characters
+    #   with no spaces. You can also include any of the following
+    #   characters: \_+=,.@-
     #
     #
     #
@@ -11174,10 +11235,10 @@ module Aws::IAM
     #   The ARN of the IAM customer managed policy to which you want to add
     #   tags.
     #
-    #   This parameter accepts (through its [regex pattern][1]) a string of
-    #   characters that consist of upper and lowercase alphanumeric
-    #   characters with no spaces. You can also include any of the following
-    #   characters: =,.@-
+    #   This parameter allows (through its [regex pattern][1]) a string of
+    #   characters consisting of upper and lowercase alphanumeric characters
+    #   with no spaces. You can also include any of the following
+    #   characters: \_+=,.@-
     #
     #
     #
@@ -11255,10 +11316,10 @@ module Aws::IAM
     #   The ARN of the SAML identity provider in IAM to which you want to
     #   add tags.
     #
-    #   This parameter accepts (through its [regex pattern][1]) a string of
-    #   characters that consist of upper and lowercase alphanumeric
-    #   characters with no spaces. You can also include any of the following
-    #   characters: =,.@-
+    #   This parameter allows (through its [regex pattern][1]) a string of
+    #   characters consisting of upper and lowercase alphanumeric characters
+    #   with no spaces. You can also include any of the following
+    #   characters: \_+=,.@-
     #
     #
     #
@@ -11297,10 +11358,10 @@ module Aws::IAM
     #   The name of the IAM server certificate to which you want to add
     #   tags.
     #
-    #   This parameter accepts (through its [regex pattern][1]) a string of
-    #   characters that consist of upper and lowercase alphanumeric
-    #   characters with no spaces. You can also include any of the following
-    #   characters: =,.@-
+    #   This parameter allows (through its [regex pattern][1]) a string of
+    #   characters consisting of upper and lowercase alphanumeric characters
+    #   with no spaces. You can also include any of the following
+    #   characters: \_+=,.@-
     #
     #
     #
@@ -11338,10 +11399,10 @@ module Aws::IAM
     # @!attribute [rw] user_name
     #   The name of the IAM user to which you want to add tags.
     #
-    #   This parameter accepts (through its [regex pattern][1]) a string of
-    #   characters that consist of upper and lowercase alphanumeric
-    #   characters with no spaces. You can also include any of the following
-    #   characters: =,.@-
+    #   This parameter allows (through its [regex pattern][1]) a string of
+    #   characters consisting of upper and lowercase alphanumeric characters
+    #   with no spaces. You can also include any of the following
+    #   characters: \_+=,.@-
     #
     #
     #
@@ -11374,11 +11435,11 @@ module Aws::IAM
     #   @return [String]
     #
     # @!attribute [rw] last_accessed_entity
-    #   The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS
-    #   resources.
+    #   The Amazon Resource Name (ARN). ARNs are unique identifiers for
+    #   Amazon Web Services resources.
     #
     #   For more information about ARNs, go to [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -11388,7 +11449,8 @@ module Aws::IAM
     # @!attribute [rw] last_accessed_time
     #   The date and time, in [ISO 8601 date-time format][1], when an
     #   authenticated entity most recently attempted to access the tracked
-    #   service. AWS does not report unauthenticated requests.
+    #   service. Amazon Web Services does not report unauthenticated
+    #   requests.
     #
     #   This field is null if no IAM entities attempted to access the
     #   service within the [reporting period][2].
@@ -11401,8 +11463,8 @@ module Aws::IAM
     #
     # @!attribute [rw] last_accessed_region
     #   The Region from which the authenticated entity (user or role) last
-    #   attempted to access the tracked action. AWS does not report
-    #   unauthenticated requests.
+    #   attempted to access the tracked action. Amazon Web Services does not
+    #   report unauthenticated requests.
     #
     #   This field is null if no IAM entities attempted to access the
     #   service within the [reporting period][1].
@@ -11465,10 +11527,10 @@ module Aws::IAM
     #   The name of the IAM instance profile from which you want to remove
     #   tags.
     #
-    #   This parameter accepts (through its [regex pattern][1]) a string of
-    #   characters that consist of upper and lowercase alphanumeric
-    #   characters with no spaces. You can also include any of the following
-    #   characters: =,.@-
+    #   This parameter allows (through its [regex pattern][1]) a string of
+    #   characters consisting of upper and lowercase alphanumeric characters
+    #   with no spaces. You can also include any of the following
+    #   characters: \_+=,.@-
     #
     #
     #
@@ -11502,10 +11564,10 @@ module Aws::IAM
     #   want to remove tags. For virtual MFA devices, the serial number is
     #   the same as the ARN.
     #
-    #   This parameter accepts (through its [regex pattern][1]) a string of
-    #   characters that consist of upper and lowercase alphanumeric
-    #   characters with no spaces. You can also include any of the following
-    #   characters: =,.@-
+    #   This parameter allows (through its [regex pattern][1]) a string of
+    #   characters consisting of upper and lowercase alphanumeric characters
+    #   with no spaces. You can also include any of the following
+    #   characters: \_+=,.@-
     #
     #
     #
@@ -11538,10 +11600,10 @@ module Aws::IAM
     #   The ARN of the OIDC provider in IAM from which you want to remove
     #   tags.
     #
-    #   This parameter accepts (through its [regex pattern][1]) a string of
-    #   characters that consist of upper and lowercase alphanumeric
-    #   characters with no spaces. You can also include any of the following
-    #   characters: =,.@-
+    #   This parameter allows (through its [regex pattern][1]) a string of
+    #   characters consisting of upper and lowercase alphanumeric characters
+    #   with no spaces. You can also include any of the following
+    #   characters: \_+=,.@-
     #
     #
     #
@@ -11574,10 +11636,10 @@ module Aws::IAM
     #   The ARN of the IAM customer managed policy from which you want to
     #   remove tags.
     #
-    #   This parameter accepts (through its [regex pattern][1]) a string of
-    #   characters that consist of upper and lowercase alphanumeric
-    #   characters with no spaces. You can also include any of the following
-    #   characters: =,.@-
+    #   This parameter allows (through its [regex pattern][1]) a string of
+    #   characters consisting of upper and lowercase alphanumeric characters
+    #   with no spaces. You can also include any of the following
+    #   characters: \_+=,.@-
     #
     #
     #
@@ -11645,10 +11707,10 @@ module Aws::IAM
     #   The ARN of the SAML identity provider in IAM from which you want to
     #   remove tags.
     #
-    #   This parameter accepts (through its [regex pattern][1]) a string of
-    #   characters that consist of upper and lowercase alphanumeric
-    #   characters with no spaces. You can also include any of the following
-    #   characters: =,.@-
+    #   This parameter allows (through its [regex pattern][1]) a string of
+    #   characters consisting of upper and lowercase alphanumeric characters
+    #   with no spaces. You can also include any of the following
+    #   characters: \_+=,.@-
     #
     #
     #
@@ -11681,10 +11743,10 @@ module Aws::IAM
     #   The name of the IAM server certificate from which you want to remove
     #   tags.
     #
-    #   This parameter accepts (through its [regex pattern][1]) a string of
-    #   characters that consist of upper and lowercase alphanumeric
-    #   characters with no spaces. You can also include any of the following
-    #   characters: =,.@-
+    #   This parameter allows (through its [regex pattern][1]) a string of
+    #   characters consisting of upper and lowercase alphanumeric characters
+    #   with no spaces. You can also include any of the following
+    #   characters: \_+=,.@-
     #
     #
     #
@@ -11716,10 +11778,10 @@ module Aws::IAM
     # @!attribute [rw] user_name
     #   The name of the IAM user from which you want to remove tags.
     #
-    #   This parameter accepts (through its [regex pattern][1]) a string of
-    #   characters that consist of upper and lowercase alphanumeric
-    #   characters with no spaces. You can also include any of the following
-    #   characters: =,.@-
+    #   This parameter allows (through its [regex pattern][1]) a string of
+    #   characters consisting of upper and lowercase alphanumeric characters
+    #   with no spaces. You can also include any of the following
+    #   characters: \_+=,.@-
     #
     #
     #
@@ -11776,8 +11838,8 @@ module Aws::IAM
     #
     # @!attribute [rw] status
     #   The status you want to assign to the secret access key. `Active`
-    #   means that the key can be used for programmatic calls to AWS, while
-    #   `Inactive` means that the key cannot be used.
+    #   means that the key can be used for programmatic calls to Amazon Web
+    #   Services, while `Inactive` means that the key cannot be used.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccessKeyRequest AWS API Documentation
@@ -11851,10 +11913,9 @@ module Aws::IAM
     #   @return [Boolean]
     #
     # @!attribute [rw] allow_users_to_change_password
-    #   Allows all IAM users in your account to use the AWS Management
-    #   Console to change their own passwords. For more information, see
-    #   [Letting IAM users change their own passwords][1] in the *IAM User
-    #   Guide*.
+    #   Allows all IAM users in your account to use the Management Console
+    #   to change their own passwords. For more information, see [Letting
+    #   IAM users change their own passwords][1] in the *IAM User Guide*.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users in
@@ -11934,10 +11995,10 @@ module Aws::IAM
     # @!attribute [rw] policy_document
     #   The policy that grants an entity permission to assume the role.
     #
-    #   You must provide policies in JSON format in IAM. However, for AWS
+    #   You must provide policies in JSON format in IAM. However, for
     #   CloudFormation templates formatted in YAML, you can provide the
-    #   policy in JSON or YAML format. AWS CloudFormation always converts a
-    #   YAML policy to JSON format before submitting it to IAM.
+    #   policy in JSON or YAML format. CloudFormation always converts a YAML
+    #   policy to JSON format before submitting it to IAM.
     #
     #   The [regex pattern][1] used to validate this parameter is a string
     #   of characters consisting of the following:
@@ -12062,8 +12123,8 @@ module Aws::IAM
     #     carriage return (`\u000D`)
     #
     #   However, the format can be further restricted by the account
-    #   administrator by setting a password policy on the AWS account. For
-    #   more information, see UpdateAccountPasswordPolicy.
+    #   administrator by setting a password policy on the account. For more
+    #   information, see UpdateAccountPasswordPolicy.
     #
     #
     #
@@ -12100,7 +12161,7 @@ module Aws::IAM
     #   operation.
     #
     #   For more information about ARNs, see [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -12182,7 +12243,7 @@ module Aws::IAM
     #   the default maximum of one hour is applied. This setting can have a
     #   value from 1 hour to 12 hours.
     #
-    #   Anyone who assumes the role from the AWS CLI or API can use the
+    #   Anyone who assumes the role from the CLI or API can use the
     #   `DurationSeconds` API parameter or the `duration-seconds` CLI
     #   parameter to request a longer session. The `MaxSessionDuration`
     #   setting determines the maximum duration that can be requested using
@@ -12234,7 +12295,7 @@ module Aws::IAM
     #   The Amazon Resource Name (ARN) of the SAML provider to update.
     #
     #   For more information about ARNs, see [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -12301,8 +12362,8 @@ module Aws::IAM
     #
     # @!attribute [rw] status
     #   The status to assign to the SSH public key. `Active` means that the
-    #   key can be used for authentication with an AWS CodeCommit
-    #   repository. `Inactive` means that the key cannot be used.
+    #   key can be used for authentication with an CodeCommit repository.
+    #   `Inactive` means that the key cannot be used.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSSHPublicKeyRequest AWS API Documentation
@@ -12464,8 +12525,8 @@ module Aws::IAM
     #
     # @!attribute [rw] status
     #   The status you want to assign to the certificate. `Active` means
-    #   that the certificate can be used for programmatic calls to AWS
-    #   `Inactive` means that the certificate cannot be used.
+    #   that the certificate can be used for programmatic calls to Amazon
+    #   Web Services `Inactive` means that the certificate cannot be used.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSigningCertificateRequest AWS API Documentation
@@ -12902,13 +12963,13 @@ module Aws::IAM
     #
     # @!attribute [rw] password_last_used
     #   The date and time, in [ISO 8601 date-time format][1], when the
-    #   user's password was last used to sign in to an AWS website. For a
-    #   list of AWS websites that capture a user's last sign-in time, see
-    #   the [Credential reports][2] topic in the *IAM User Guide*. If a
-    #   password is used more than once in a five-minute span, only the
-    #   first use is returned in this field. If the field is null (no
-    #   value), then it indicates that they never signed in with a password.
-    #   This can be because:
+    #   user's password was last used to sign in to an Amazon Web Services
+    #   website. For a list of Amazon Web Services websites that capture a
+    #   user's last sign-in time, see the [Credential reports][2] topic in
+    #   the *IAM User Guide*. If a password is used more than once in a
+    #   five-minute span, only the first use is returned in this field. If
+    #   the field is null (no value), then it indicates that they never
+    #   signed in with a password. This can be because:
     #
     #   * The user never had a password.
     #
@@ -12992,11 +13053,11 @@ module Aws::IAM
     #   @return [String]
     #
     # @!attribute [rw] arn
-    #   The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS
-    #   resources.
+    #   The Amazon Resource Name (ARN). ARNs are unique identifiers for
+    #   Amazon Web Services resources.
     #
     #   For more information about ARNs, go to [Amazon Resource Names
-    #   (ARNs)][1] in the *AWS General Reference*.
+    #   (ARNs)][1] in the *Amazon Web Services General Reference*.
     #
     #
     #