@aws-sdk/client-pca-connector-ad 3.686.0 → 3.691.0

package/dist-types/models/models_0.d.ts

@@ -23,13 +23,13 @@ export interface AccessRights {
      *          template.</p>
      * @public
      */
-    Enroll?: AccessRight;
+    Enroll?: AccessRight | undefined;
     /**
      * <p>Allow or deny an Active Directory group from autoenrolling certificates issued against a template.
      *          The Active Directory group must be allowed to enroll to allow autoenrollment</p>
      * @public
      */
-    AutoEnroll?: AccessRight;
+    AutoEnroll?: AccessRight | undefined;
 }
 /**
  * <p> An access control entry allows or denies Active Directory groups based on their security
@@ -41,34 +41,34 @@ export interface AccessControlEntry {
      * <p>Name of the Active Directory group. This name does not need to match the group name in Active Directory.</p>
      * @public
      */
-    GroupDisplayName?: string;
+    GroupDisplayName?: string | undefined;
     /**
      * <p>Security identifier (SID) of the group object from Active Directory. The SID starts with
      *          "S-".</p>
      * @public
      */
-    GroupSecurityIdentifier?: string;
+    GroupSecurityIdentifier?: string | undefined;
     /**
      * <p>Permissions to allow or deny an Active Directory group to enroll or autoenroll certificates issued
      *          against a template.</p>
      * @public
      */
-    AccessRights?: AccessRights;
+    AccessRights?: AccessRights | undefined;
     /**
      * <p>The Amazon Resource Name (ARN) that was returned when you called <a href="https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateTemplate.html">CreateTemplate</a>.</p>
      * @public
      */
-    TemplateArn?: string;
+    TemplateArn?: string | undefined;
     /**
      * <p>The date and time that the Access Control Entry was created.</p>
      * @public
      */
-    CreatedAt?: Date;
+    CreatedAt?: Date | undefined;
     /**
      * <p>The date and time that the Access Control Entry was updated.</p>
      * @public
      */
-    UpdatedAt?: Date;
+    UpdatedAt?: Date | undefined;
 }
 /**
  * <p>Summary of group access control entries that allow or deny Active Directory groups based on their
@@ -80,34 +80,34 @@ export interface AccessControlEntrySummary {
      * <p>Name of the Active Directory group. This name does not need to match the group name in Active Directory.</p>
      * @public
      */
-    GroupDisplayName?: string;
+    GroupDisplayName?: string | undefined;
     /**
      * <p>Security identifier (SID) of the group object from Active Directory. The SID starts with
      *          "S-".</p>
      * @public
      */
-    GroupSecurityIdentifier?: string;
+    GroupSecurityIdentifier?: string | undefined;
     /**
      * <p>Allow or deny an Active Directory group from enrolling and autoenrolling certificates issued against
      *          a template.</p>
      * @public
      */
-    AccessRights?: AccessRights;
+    AccessRights?: AccessRights | undefined;
     /**
      * <p>The Amazon Resource Name (ARN) that was returned when you called <a href="https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateTemplate.html">CreateTemplate</a>. </p>
      * @public
      */
-    TemplateArn?: string;
+    TemplateArn?: string | undefined;
     /**
      * <p>The date and time that the Access Control Entry was created.</p>
      * @public
      */
-    CreatedAt?: Date;
+    CreatedAt?: Date | undefined;
     /**
      * <p>The date and time that the Access Control Entry was updated.</p>
      * @public
      */
-    UpdatedAt?: Date;
+    UpdatedAt?: Date | undefined;
 }
 /**
  * <p>You can receive this error if you attempt to create a resource share when you don't have
@@ -254,7 +254,7 @@ export interface ApplicationPolicies {
      * <p>Marks the application policy extension as critical.</p>
      * @public
      */
-    Critical?: boolean;
+    Critical?: boolean | undefined;
     /**
      * <p>Application policies describe what the certificate can be used for.</p>
      * @public
@@ -453,48 +453,48 @@ export interface Connector {
      * <p>The Amazon Resource Name (ARN) that was returned when you called <a href="https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html">CreateConnector</a>. </p>
      * @public
      */
-    Arn?: string;
+    Arn?: string | undefined;
     /**
      * <p>The Amazon Resource Name (ARN) of the certificate authority being used. </p>
      * @public
      */
-    CertificateAuthorityArn?: string;
+    CertificateAuthorityArn?: string | undefined;
     /**
      * <p>Certificate enrollment endpoint for Active Directory domain-joined objects reach out to when
      *          requesting certificates.</p>
      * @public
      */
-    CertificateEnrollmentPolicyServerEndpoint?: string;
+    CertificateEnrollmentPolicyServerEndpoint?: string | undefined;
     /**
      * <p>The identifier of the Active Directory.</p>
      * @public
      */
-    DirectoryId?: string;
+    DirectoryId?: string | undefined;
     /**
      * <p>Information of the VPC and security group(s) used with the connector.</p>
      * @public
      */
-    VpcInformation?: VpcInformation;
+    VpcInformation?: VpcInformation | undefined;
     /**
      * <p>Status of the connector. Status can be creating, active, deleting, or failed.</p>
      * @public
      */
-    Status?: ConnectorStatus;
+    Status?: ConnectorStatus | undefined;
     /**
      * <p>Additional information about the connector status if the status is failed.</p>
      * @public
      */
-    StatusReason?: ConnectorStatusReason;
+    StatusReason?: ConnectorStatusReason | undefined;
     /**
      * <p>The date and time that the connector was created.</p>
      * @public
      */
-    CreatedAt?: Date;
+    CreatedAt?: Date | undefined;
     /**
      * <p>The date and time that the connector was updated.</p>
      * @public
      */
-    UpdatedAt?: Date;
+    UpdatedAt?: Date | undefined;
 }
 /**
  * <p>Summary description of the Amazon Web Services Private CA AD connectors belonging to an Amazon Web Services
@@ -506,48 +506,48 @@ export interface ConnectorSummary {
      * <p> The Amazon Resource Name (ARN) that was returned when you called <a href="https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html">CreateConnector</a>.</p>
      * @public
      */
-    Arn?: string;
+    Arn?: string | undefined;
     /**
      * <p>The Amazon Resource Name (ARN) of the certificate authority being used.</p>
      * @public
      */
-    CertificateAuthorityArn?: string;
+    CertificateAuthorityArn?: string | undefined;
     /**
      * <p>Certificate enrollment endpoint for Active Directory domain-joined objects to request
      *          certificates.</p>
      * @public
      */
-    CertificateEnrollmentPolicyServerEndpoint?: string;
+    CertificateEnrollmentPolicyServerEndpoint?: string | undefined;
     /**
      * <p>The identifier of the Active Directory.</p>
      * @public
      */
-    DirectoryId?: string;
+    DirectoryId?: string | undefined;
     /**
      * <p>Information of the VPC and security group(s) used with the connector.</p>
      * @public
      */
-    VpcInformation?: VpcInformation;
+    VpcInformation?: VpcInformation | undefined;
     /**
      * <p>Status of the connector. Status can be creating, active, deleting, or failed.</p>
      * @public
      */
-    Status?: ConnectorStatus;
+    Status?: ConnectorStatus | undefined;
     /**
      * <p>Additional information about the connector status if the status is failed.</p>
      * @public
      */
-    StatusReason?: ConnectorStatusReason;
+    StatusReason?: ConnectorStatusReason | undefined;
     /**
      * <p>The date and time that the connector was created.</p>
      * @public
      */
-    CreatedAt?: Date;
+    CreatedAt?: Date | undefined;
     /**
      * <p>The date and time that the connector was updated.</p>
      * @public
      */
-    UpdatedAt?: Date;
+    UpdatedAt?: Date | undefined;
 }
 /**
  * @public
@@ -572,12 +572,12 @@ export interface CreateConnectorRequest {
      * <p>Idempotency token.</p>
      * @public
      */
-    ClientToken?: string;
+    ClientToken?: string | undefined;
     /**
      * <p>Metadata assigned to a connector consisting of a key-value pair.</p>
      * @public
      */
-    Tags?: Record<string, string>;
+    Tags?: Record<string, string> | undefined;
 }
 /**
  * @public
@@ -587,7 +587,7 @@ export interface CreateConnectorResponse {
      * <p>If successful, the Amazon Resource Name (ARN) of the connector for Active Directory.</p>
      * @public
      */
-    ConnectorArn?: string;
+    ConnectorArn?: string | undefined;
 }
 /**
  * <p>The request processing has failed because of an unknown error, exception or failure with
@@ -676,12 +676,12 @@ export declare class ThrottlingException extends __BaseException {
      * <p>Identifies the originating service.</p>
      * @public
      */
-    ServiceCode?: string;
+    ServiceCode?: string | undefined;
     /**
      * <p>The code associated with the quota.</p>
      * @public
      */
-    QuotaCode?: string;
+    QuotaCode?: string | undefined;
     /**
      * @internal
      */
@@ -719,7 +719,7 @@ export declare class ValidationException extends __BaseException {
      *          validation exception.</p>
      * @public
      */
-    Reason?: ValidationExceptionReason;
+    Reason?: ValidationExceptionReason | undefined;
     /**
      * @internal
      */
@@ -753,7 +753,7 @@ export interface GetConnectorResponse {
      * <p>A structure that contains information about your connector.</p>
      * @public
      */
-    Connector?: Connector;
+    Connector?: Connector | undefined;
 }
 /**
  * @public
@@ -767,14 +767,14 @@ export interface ListConnectorsRequest {
      *          items.</p>
      * @public
      */
-    MaxResults?: number;
+    MaxResults?: number | undefined;
     /**
      * <p>Use this parameter when paginating results in a subsequent request after you receive a
      *          response with truncated results. Set it to the value of the <code>NextToken</code>
      *          parameter from the response you just received.</p>
      * @public
      */
-    NextToken?: string;
+    NextToken?: string | undefined;
 }
 /**
  * @public
@@ -784,14 +784,14 @@ export interface ListConnectorsResponse {
      * <p>Summary information about each connector you have created.</p>
      * @public
      */
-    Connectors?: ConnectorSummary[];
+    Connectors?: ConnectorSummary[] | undefined;
     /**
      * <p>Use this parameter when paginating results in a subsequent request after you receive a
      *          response with truncated results. Set it to the value of the NextToken parameter from the
      *          response you just received.</p>
      * @public
      */
-    NextToken?: string;
+    NextToken?: string | undefined;
 }
 /**
  * @public
@@ -806,12 +806,12 @@ export interface CreateDirectoryRegistrationRequest {
      * <p>Idempotency token.</p>
      * @public
      */
-    ClientToken?: string;
+    ClientToken?: string | undefined;
     /**
      * <p>Metadata assigned to a directory registration consisting of a key-value pair.</p>
      * @public
      */
-    Tags?: Record<string, string>;
+    Tags?: Record<string, string> | undefined;
 }
 /**
  * @public
@@ -821,7 +821,7 @@ export interface CreateDirectoryRegistrationResponse {
      * <p>The Amazon Resource Name (ARN) that was returned when you called <a href="https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateDirectoryRegistration.html">CreateDirectoryRegistration</a>.</p>
      * @public
      */
-    DirectoryRegistrationArn?: string;
+    DirectoryRegistrationArn?: string | undefined;
 }
 /**
  * @public
@@ -841,7 +841,7 @@ export interface CreateServicePrincipalNameRequest {
      * <p>Idempotency token.</p>
      * @public
      */
-    ClientToken?: string;
+    ClientToken?: string | undefined;
 }
 /**
  * <p>Template configurations for v2 template schema.</p>
@@ -852,18 +852,18 @@ export interface EnrollmentFlagsV2 {
      * <p>Include symmetric algorithms allowed by the subject.</p>
      * @public
      */
-    IncludeSymmetricAlgorithms?: boolean;
+    IncludeSymmetricAlgorithms?: boolean | undefined;
     /**
      * <p>Require user interaction when the subject is enrolled and the private key associated
      *          with the certificate is used.</p>
      * @public
      */
-    UserInteractionRequired?: boolean;
+    UserInteractionRequired?: boolean | undefined;
     /**
      * <p>Delete expired or revoked certificates instead of archiving them.</p>
      * @public
      */
-    RemoveInvalidCertificateFromPersonalStore?: boolean;
+    RemoveInvalidCertificateFromPersonalStore?: boolean | undefined;
     /**
      * <p>This flag instructs the CA to not include the security extension
      *          szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections
@@ -871,12 +871,12 @@ export interface EnrollmentFlagsV2 {
      *          Kerberos elevation-of-privilege vulnerability.</p>
      * @public
      */
-    NoSecurityExtension?: boolean;
+    NoSecurityExtension?: boolean | undefined;
     /**
      * <p>Allow renewal using the same key.</p>
      * @public
      */
-    EnableKeyReuseOnNtTokenKeysetStorageFull?: boolean;
+    EnableKeyReuseOnNtTokenKeysetStorageFull?: boolean | undefined;
 }
 /**
  * <p>The key usage flags represent the purpose (e.g., encipherment, signature) of the key
@@ -889,30 +889,30 @@ export interface KeyUsageFlags {
      *          digital signatures.</p>
      * @public
      */
-    DigitalSignature?: boolean;
+    DigitalSignature?: boolean | undefined;
     /**
      * <p>NonRepudiation is asserted when the subject public key is used to verify digital
      *          signatures.</p>
      * @public
      */
-    NonRepudiation?: boolean;
+    NonRepudiation?: boolean | undefined;
     /**
      * <p>KeyEncipherment is asserted when the subject public key is used for enciphering private
      *          or secret keys, i.e., for key transport.</p>
      * @public
      */
-    KeyEncipherment?: boolean;
+    KeyEncipherment?: boolean | undefined;
     /**
      * <p>DataEncipherment is asserted when the subject public key is used for directly
      *          enciphering raw user data without the use of an intermediate symmetric cipher.</p>
      * @public
      */
-    DataEncipherment?: boolean;
+    DataEncipherment?: boolean | undefined;
     /**
      * <p>KeyAgreement is asserted when the subject public key is used for key agreement.</p>
      * @public
      */
-    KeyAgreement?: boolean;
+    KeyAgreement?: boolean | undefined;
 }
 /**
  * <p>The key usage extension defines the purpose (e.g., encipherment, signature) of the key
@@ -924,7 +924,7 @@ export interface KeyUsage {
      * <p>Sets the key usage extension to critical.</p>
      * @public
      */
-    Critical?: boolean;
+    Critical?: boolean | undefined;
     /**
      * <p>The key usage flags represent the purpose (e.g., encipherment, signature) of the key
      *          contained in the certificate.</p>
@@ -947,7 +947,7 @@ export interface ExtensionsV2 {
      * <p>Application policies specify what the certificate is used for and its purpose. </p>
      * @public
      */
-    ApplicationPolicies?: ApplicationPolicies;
+    ApplicationPolicies?: ApplicationPolicies | undefined;
 }
 /**
  * <p>General flags for v2 template schema that defines if the template is for a machine or a
@@ -960,13 +960,13 @@ export interface GeneralFlagsV2 {
      *          autoenrollment.</p>
      * @public
      */
-    AutoEnrollment?: boolean;
+    AutoEnrollment?: boolean | undefined;
     /**
      * <p>Defines if the template is for machines or users. Set to TRUE if the template is for
      *          machines. Set to FALSE if the template is for users.</p>
      * @public
      */
-    MachineType?: boolean;
+    MachineType?: boolean | undefined;
 }
 /**
  * @public
@@ -1000,7 +1000,7 @@ export interface PrivateKeyAttributesV2 {
      * <p>Defines the cryptographic providers used to generate the private key.</p>
      * @public
      */
-    CryptoProviders?: string[];
+    CryptoProviders?: string[] | undefined;
 }
 /**
  * <p>Private key flags for v2 templates specify the client compatibility, if the private key
@@ -1012,12 +1012,12 @@ export interface PrivateKeyFlagsV2 {
      * <p>Allows the private key to be exported.</p>
      * @public
      */
-    ExportableKey?: boolean;
+    ExportableKey?: boolean | undefined;
     /**
      * <p>Require user input when using the private key for enrollment.</p>
      * @public
      */
-    StrongKeyProtectionRequired?: boolean;
+    StrongKeyProtectionRequired?: boolean | undefined;
     /**
      * <p>Defines the minimum client compatibility.</p>
      * @public
@@ -1039,52 +1039,52 @@ export interface SubjectNameFlagsV2 {
      * <p>Include the domain DNS in the subject alternate name.</p>
      * @public
      */
-    SanRequireDomainDns?: boolean;
+    SanRequireDomainDns?: boolean | undefined;
     /**
      * <p>Include the service principal name (SPN) in the subject alternate name.</p>
      * @public
      */
-    SanRequireSpn?: boolean;
+    SanRequireSpn?: boolean | undefined;
     /**
      * <p>Include the globally unique identifier (GUID) in the subject alternate name.</p>
      * @public
      */
-    SanRequireDirectoryGuid?: boolean;
+    SanRequireDirectoryGuid?: boolean | undefined;
     /**
      * <p>Include the user principal name (UPN) in the subject alternate name.</p>
      * @public
      */
-    SanRequireUpn?: boolean;
+    SanRequireUpn?: boolean | undefined;
     /**
      * <p>Include the subject's email in the subject alternate name.</p>
      * @public
      */
-    SanRequireEmail?: boolean;
+    SanRequireEmail?: boolean | undefined;
     /**
      * <p>Include the DNS in the subject alternate name.</p>
      * @public
      */
-    SanRequireDns?: boolean;
+    SanRequireDns?: boolean | undefined;
     /**
      * <p>Include the DNS as common name in the subject name.</p>
      * @public
      */
-    RequireDnsAsCn?: boolean;
+    RequireDnsAsCn?: boolean | undefined;
     /**
      * <p>Include the subject's email in the subject name.</p>
      * @public
      */
-    RequireEmail?: boolean;
+    RequireEmail?: boolean | undefined;
     /**
      * <p>Include the common name in the subject name.</p>
      * @public
      */
-    RequireCommonName?: boolean;
+    RequireCommonName?: boolean | undefined;
     /**
      * <p>Include the directory path in the subject name.</p>
      * @public
      */
-    RequireDirectoryPath?: boolean;
+    RequireDirectoryPath?: boolean | undefined;
 }
 /**
  * <p>v2 template schema that uses Legacy Cryptographic Providers.</p>
@@ -1100,7 +1100,7 @@ export interface TemplateV2 {
      * <p>List of templates in Active Directory that are superseded by this template.</p>
      * @public
      */
-    SupersededTemplates?: string[];
+    SupersededTemplates?: string[] | undefined;
     /**
      * <p>Private key attributes allow you to specify the minimal key length, key spec, and
      *          cryptographic providers for the private key of a certificate for v2 templates. V2 templates
@@ -1148,18 +1148,18 @@ export interface EnrollmentFlagsV3 {
      * <p>Include symmetric algorithms allowed by the subject.</p>
      * @public
      */
-    IncludeSymmetricAlgorithms?: boolean;
+    IncludeSymmetricAlgorithms?: boolean | undefined;
     /**
      * <p>Require user interaction when the subject is enrolled and the private key associated
      *          with the certificate is used.</p>
      * @public
      */
-    UserInteractionRequired?: boolean;
+    UserInteractionRequired?: boolean | undefined;
     /**
      * <p>Delete expired or revoked certificates instead of archiving them.</p>
      * @public
      */
-    RemoveInvalidCertificateFromPersonalStore?: boolean;
+    RemoveInvalidCertificateFromPersonalStore?: boolean | undefined;
     /**
      * <p>This flag instructs the CA to not include the security extension
      *          szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections
@@ -1167,12 +1167,12 @@ export interface EnrollmentFlagsV3 {
      *          Kerberos elevation-of-privilege vulnerability.</p>
      * @public
      */
-    NoSecurityExtension?: boolean;
+    NoSecurityExtension?: boolean | undefined;
     /**
      * <p>Allow renewal using the same key.</p>
      * @public
      */
-    EnableKeyReuseOnNtTokenKeysetStorageFull?: boolean;
+    EnableKeyReuseOnNtTokenKeysetStorageFull?: boolean | undefined;
 }
 /**
  * <p>Certificate extensions for v3 template schema</p>
@@ -1189,7 +1189,7 @@ export interface ExtensionsV3 {
      * <p>Application policies specify what the certificate is used for and its purpose.</p>
      * @public
      */
-    ApplicationPolicies?: ApplicationPolicies;
+    ApplicationPolicies?: ApplicationPolicies | undefined;
 }
 /**
  * <p>General flags for v3 template schema that defines if the template is for a machine or a
@@ -1202,13 +1202,13 @@ export interface GeneralFlagsV3 {
      *          autoenrollment.</p>
      * @public
      */
-    AutoEnrollment?: boolean;
+    AutoEnrollment?: boolean | undefined;
     /**
      * <p>Defines if the template is for machines or users. Set to TRUE if the template is for
      *          machines. Set to FALSE if the template is for users</p>
      * @public
      */
-    MachineType?: boolean;
+    MachineType?: boolean | undefined;
 }
 /**
  * @public
@@ -1246,17 +1246,17 @@ export interface KeyUsagePropertyFlags {
      * <p>Allows key for encryption and decryption.</p>
      * @public
      */
-    Decrypt?: boolean;
+    Decrypt?: boolean | undefined;
     /**
      * <p>Allows key exchange without encryption.</p>
      * @public
      */
-    KeyAgreement?: boolean;
+    KeyAgreement?: boolean | undefined;
     /**
      * <p>Allow key use for digital signature.</p>
      * @public
      */
-    Sign?: boolean;
+    Sign?: boolean | undefined;
 }
 /**
  * @public
@@ -1335,7 +1335,7 @@ export interface PrivateKeyAttributesV3 {
      * <p>Defines the cryptographic providers used to generate the private key.</p>
      * @public
      */
-    CryptoProviders?: string[];
+    CryptoProviders?: string[] | undefined;
     /**
      * <p>The key usage property defines the purpose of the private key contained in the
      *          certificate. You can specify specific purposes using property flags or all by using
@@ -1360,18 +1360,18 @@ export interface PrivateKeyFlagsV3 {
      * <p>Allows the private key to be exported.</p>
      * @public
      */
-    ExportableKey?: boolean;
+    ExportableKey?: boolean | undefined;
     /**
      * <p>Requirer user input when using the private key for enrollment.</p>
      * @public
      */
-    StrongKeyProtectionRequired?: boolean;
+    StrongKeyProtectionRequired?: boolean | undefined;
     /**
      * <p>Reguires the PKCS #1 v2.1 signature format for certificates. You should verify that your
      *          CA, objects, and applications can accept this signature format.</p>
      * @public
      */
-    RequireAlternateSignatureAlgorithm?: boolean;
+    RequireAlternateSignatureAlgorithm?: boolean | undefined;
     /**
      * <p>Defines the minimum client compatibility.</p>
      * @public
@@ -1393,52 +1393,52 @@ export interface SubjectNameFlagsV3 {
      * <p>Include the domain DNS in the subject alternate name.</p>
      * @public
      */
-    SanRequireDomainDns?: boolean;
+    SanRequireDomainDns?: boolean | undefined;
     /**
      * <p>Include the service principal name (SPN) in the subject alternate name.</p>
      * @public
      */
-    SanRequireSpn?: boolean;
+    SanRequireSpn?: boolean | undefined;
     /**
      * <p>Include the globally unique identifier (GUID) in the subject alternate name.</p>
      * @public
      */
-    SanRequireDirectoryGuid?: boolean;
+    SanRequireDirectoryGuid?: boolean | undefined;
     /**
      * <p>Include the user principal name (UPN) in the subject alternate name.</p>
      * @public
      */
-    SanRequireUpn?: boolean;
+    SanRequireUpn?: boolean | undefined;
     /**
      * <p>Include the subject's email in the subject alternate name.</p>
      * @public
      */
-    SanRequireEmail?: boolean;
+    SanRequireEmail?: boolean | undefined;
     /**
      * <p>Include the DNS in the subject alternate name.</p>
      * @public
      */
-    SanRequireDns?: boolean;
+    SanRequireDns?: boolean | undefined;
     /**
      * <p>Include the DNS as common name in the subject name.</p>
      * @public
      */
-    RequireDnsAsCn?: boolean;
+    RequireDnsAsCn?: boolean | undefined;
     /**
      * <p>Include the subject's email in the subject name.</p>
      * @public
      */
-    RequireEmail?: boolean;
+    RequireEmail?: boolean | undefined;
     /**
      * <p>Include the common name in the subject name. </p>
      * @public
      */
-    RequireCommonName?: boolean;
+    RequireCommonName?: boolean | undefined;
     /**
      * <p>Include the directory path in the subject name.</p>
      * @public
      */
-    RequireDirectoryPath?: boolean;
+    RequireDirectoryPath?: boolean | undefined;
 }
 /**
  * <p>v3 template schema that uses Key Storage Providers.</p>
@@ -1454,7 +1454,7 @@ export interface TemplateV3 {
      * <p>List of templates in Active Directory that are superseded by this template.</p>
      * @public
      */
-    SupersededTemplates?: string[];
+    SupersededTemplates?: string[] | undefined;
     /**
      * <p>Private key attributes allow you to specify the algorithm, minimal key length, key spec,
      *          key usage, and cryptographic providers for the private key of a certificate for v3
@@ -1508,18 +1508,18 @@ export interface EnrollmentFlagsV4 {
      * <p>Include symmetric algorithms allowed by the subject.</p>
      * @public
      */
-    IncludeSymmetricAlgorithms?: boolean;
+    IncludeSymmetricAlgorithms?: boolean | undefined;
     /**
      * <p>Require user interaction when the subject is enrolled and the private key associated
      *          with the certificate is used.</p>
      * @public
      */
-    UserInteractionRequired?: boolean;
+    UserInteractionRequired?: boolean | undefined;
     /**
      * <p>Delete expired or revoked certificates instead of archiving them.</p>
      * @public
      */
-    RemoveInvalidCertificateFromPersonalStore?: boolean;
+    RemoveInvalidCertificateFromPersonalStore?: boolean | undefined;
     /**
      * <p>This flag instructs the CA to not include the security extension
      *          szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections
@@ -1527,12 +1527,12 @@ export interface EnrollmentFlagsV4 {
      *          Kerberos elevation-of-privilege vulnerability.</p>
      * @public
      */
-    NoSecurityExtension?: boolean;
+    NoSecurityExtension?: boolean | undefined;
     /**
      * <p>Allow renewal using the same key.</p>
      * @public
      */
-    EnableKeyReuseOnNtTokenKeysetStorageFull?: boolean;
+    EnableKeyReuseOnNtTokenKeysetStorageFull?: boolean | undefined;
 }
 /**
  * <p>Certificate extensions for v4 template schema</p>
@@ -1549,7 +1549,7 @@ export interface ExtensionsV4 {
      * <p>Application policies specify what the certificate is used for and its purpose.</p>
      * @public
      */
-    ApplicationPolicies?: ApplicationPolicies;
+    ApplicationPolicies?: ApplicationPolicies | undefined;
 }
 /**
  * <p>General flags for v4 template schema that defines if the template is for a machine or a
@@ -1562,13 +1562,13 @@ export interface GeneralFlagsV4 {
      *          autoenrollment.</p>
      * @public
      */
-    AutoEnrollment?: boolean;
+    AutoEnrollment?: boolean | undefined;
     /**
      * <p>Defines if the template is for machines or users. Set to TRUE if the template is for
      *          machines. Set to FALSE if the template is for users</p>
      * @public
      */
-    MachineType?: boolean;
+    MachineType?: boolean | undefined;
 }
 /**
  * <p>Defines the attributes of the private key.</p>
@@ -1590,19 +1590,19 @@ export interface PrivateKeyAttributesV4 {
      * <p>Defines the cryptographic providers used to generate the private key.</p>
      * @public
      */
-    CryptoProviders?: string[];
+    CryptoProviders?: string[] | undefined;
     /**
      * <p>The key usage property defines the purpose of the private key contained in the
      *          certificate. You can specify specific purposes using property flags or all by using
      *          property type ALL.</p>
      * @public
      */
-    KeyUsageProperty?: KeyUsageProperty;
+    KeyUsageProperty?: KeyUsageProperty | undefined;
     /**
      * <p>Defines the algorithm used to generate the private key.</p>
      * @public
      */
-    Algorithm?: PrivateKeyAlgorithm;
+    Algorithm?: PrivateKeyAlgorithm | undefined;
 }
 /**
  * <p>Private key flags for v4 templates specify the client compatibility, if the private key
@@ -1616,30 +1616,30 @@ export interface PrivateKeyFlagsV4 {
      * <p>Allows the private key to be exported.</p>
      * @public
      */
-    ExportableKey?: boolean;
+    ExportableKey?: boolean | undefined;
     /**
      * <p>Require user input when using the private key for enrollment.</p>
      * @public
      */
-    StrongKeyProtectionRequired?: boolean;
+    StrongKeyProtectionRequired?: boolean | undefined;
     /**
      * <p>Requires the PKCS #1 v2.1 signature format for certificates. You should verify that your
      *          CA, objects, and applications can accept this signature format.</p>
      * @public
      */
-    RequireAlternateSignatureAlgorithm?: boolean;
+    RequireAlternateSignatureAlgorithm?: boolean | undefined;
     /**
      * <p>Renew certificate using the same private key.</p>
      * @public
      */
-    RequireSameKeyRenewal?: boolean;
+    RequireSameKeyRenewal?: boolean | undefined;
     /**
      * <p>Specifies the cryptographic service provider category used to generate private keys. Set
      *          to TRUE to use Legacy Cryptographic Service Providers and FALSE to use Key Storage
      *          Providers.</p>
      * @public
      */
-    UseLegacyProvider?: boolean;
+    UseLegacyProvider?: boolean | undefined;
     /**
      * <p>Defines the minimum client compatibility.</p>
      * @public
@@ -1661,52 +1661,52 @@ export interface SubjectNameFlagsV4 {
      * <p>Include the domain DNS in the subject alternate name.</p>
      * @public
      */
-    SanRequireDomainDns?: boolean;
+    SanRequireDomainDns?: boolean | undefined;
     /**
      * <p>Include the service principal name (SPN) in the subject alternate name.</p>
      * @public
      */
-    SanRequireSpn?: boolean;
+    SanRequireSpn?: boolean | undefined;
     /**
      * <p>Include the globally unique identifier (GUID) in the subject alternate name.</p>
      * @public
      */
-    SanRequireDirectoryGuid?: boolean;
+    SanRequireDirectoryGuid?: boolean | undefined;
     /**
      * <p>Include the user principal name (UPN) in the subject alternate name.</p>
      * @public
      */
-    SanRequireUpn?: boolean;
+    SanRequireUpn?: boolean | undefined;
     /**
      * <p>Include the subject's email in the subject alternate name.</p>
      * @public
      */
-    SanRequireEmail?: boolean;
+    SanRequireEmail?: boolean | undefined;
     /**
      * <p>Include the DNS in the subject alternate name.</p>
      * @public
      */
-    SanRequireDns?: boolean;
+    SanRequireDns?: boolean | undefined;
     /**
      * <p>Include the DNS as common name in the subject name.</p>
      * @public
      */
-    RequireDnsAsCn?: boolean;
+    RequireDnsAsCn?: boolean | undefined;
     /**
      * <p>Include the subject's email in the subject name.</p>
      * @public
      */
-    RequireEmail?: boolean;
+    RequireEmail?: boolean | undefined;
     /**
      * <p>Include the common name in the subject name.</p>
      * @public
      */
-    RequireCommonName?: boolean;
+    RequireCommonName?: boolean | undefined;
     /**
      * <p>Include the directory path in the subject name.</p>
      * @public
      */
-    RequireDirectoryPath?: boolean;
+    RequireDirectoryPath?: boolean | undefined;
 }
 /**
  * <p>v4 template schema that can use either Legacy Cryptographic Providers or Key Storage
@@ -1723,7 +1723,7 @@ export interface TemplateV4 {
      * <p>List of templates in Active Directory that are superseded by this template.</p>
      * @public
      */
-    SupersededTemplates?: string[];
+    SupersededTemplates?: string[] | undefined;
     /**
      * <p>Private key attributes allow you to specify the minimal key length, key spec, key usage,
      *          and cryptographic providers for the private key of a certificate for v4 templates. V4
@@ -1763,7 +1763,7 @@ export interface TemplateV4 {
      *          specified when using Key Storage Providers.</p>
      * @public
      */
-    HashAlgorithm?: HashAlgorithm;
+    HashAlgorithm?: HashAlgorithm | undefined;
     /**
      * <p>Extensions describe the key usage extensions and application policies for a
      *          template.</p>
@@ -1860,12 +1860,12 @@ export interface CreateTemplateRequest {
      * <p>Idempotency token.</p>
      * @public
      */
-    ClientToken?: string;
+    ClientToken?: string | undefined;
     /**
      * <p>Metadata assigned to a template consisting of a key-value pair.</p>
      * @public
      */
-    Tags?: Record<string, string>;
+    Tags?: Record<string, string> | undefined;
 }
 /**
  * @public
@@ -1875,7 +1875,7 @@ export interface CreateTemplateResponse {
      * <p>If successful, the Amazon Resource Name (ARN) of the template.</p>
      * @public
      */
-    TemplateArn?: string;
+    TemplateArn?: string | undefined;
 }
 /**
  * @public
@@ -1907,7 +1907,7 @@ export interface CreateTemplateGroupAccessControlEntryRequest {
      * <p>Idempotency token.</p>
      * @public
      */
-    ClientToken?: string;
+    ClientToken?: string | undefined;
 }
 /**
  * @public
@@ -2001,33 +2001,33 @@ export interface DirectoryRegistration {
      *          CreateDirectoryRegistration. </p>
      * @public
      */
-    Arn?: string;
+    Arn?: string | undefined;
     /**
      * <p>The identifier of the Active Directory.</p>
      * @public
      */
-    DirectoryId?: string;
+    DirectoryId?: string | undefined;
     /**
      * <p>Status of the directory registration.</p>
      * @public
      */
-    Status?: DirectoryRegistrationStatus;
+    Status?: DirectoryRegistrationStatus | undefined;
     /**
      * <p>Additional information about the directory registration status if the status is
      *          failed.</p>
      * @public
      */
-    StatusReason?: DirectoryRegistrationStatusReason;
+    StatusReason?: DirectoryRegistrationStatusReason | undefined;
     /**
      * <p>The date and time that the directory registration was created.</p>
      * @public
      */
-    CreatedAt?: Date;
+    CreatedAt?: Date | undefined;
     /**
      * <p>The date and time that the directory registration was updated.</p>
      * @public
      */
-    UpdatedAt?: Date;
+    UpdatedAt?: Date | undefined;
 }
 /**
  * <p>The directory registration represents the authorization of the connector service with
@@ -2039,33 +2039,33 @@ export interface DirectoryRegistrationSummary {
      * <p>The Amazon Resource Name (ARN) that was returned when you called <a href="https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateDirectoryRegistration.html">CreateDirectoryRegistration</a>.</p>
      * @public
      */
-    Arn?: string;
+    Arn?: string | undefined;
     /**
      * <p>The identifier of the Active Directory.</p>
      * @public
      */
-    DirectoryId?: string;
+    DirectoryId?: string | undefined;
     /**
      * <p>Status of the directory registration.</p>
      * @public
      */
-    Status?: DirectoryRegistrationStatus;
+    Status?: DirectoryRegistrationStatus | undefined;
     /**
      * <p>Additional information about the directory registration status if the status is
      *          failed.</p>
      * @public
      */
-    StatusReason?: DirectoryRegistrationStatusReason;
+    StatusReason?: DirectoryRegistrationStatusReason | undefined;
     /**
      * <p>The date and time that the directory registration was created.</p>
      * @public
      */
-    CreatedAt?: Date;
+    CreatedAt?: Date | undefined;
     /**
      * <p>The date and time that the directory registration was updated.</p>
      * @public
      */
-    UpdatedAt?: Date;
+    UpdatedAt?: Date | undefined;
 }
 /**
  * @public
@@ -2086,7 +2086,7 @@ export interface GetDirectoryRegistrationResponse {
      *          directory.</p>
      * @public
      */
-    DirectoryRegistration?: DirectoryRegistration;
+    DirectoryRegistration?: DirectoryRegistration | undefined;
 }
 /**
  * @public
@@ -2100,14 +2100,14 @@ export interface ListDirectoryRegistrationsRequest {
      *          items.</p>
      * @public
      */
-    MaxResults?: number;
+    MaxResults?: number | undefined;
     /**
      * <p>Use this parameter when paginating results in a subsequent request after you receive a
      *          response with truncated results. Set it to the value of the <code>NextToken</code>
      *          parameter from the response you just received.</p>
      * @public
      */
-    NextToken?: string;
+    NextToken?: string | undefined;
 }
 /**
  * @public
@@ -2117,14 +2117,14 @@ export interface ListDirectoryRegistrationsResponse {
      * <p>Summary information about each directory registration you have created.</p>
      * @public
      */
-    DirectoryRegistrations?: DirectoryRegistrationSummary[];
+    DirectoryRegistrations?: DirectoryRegistrationSummary[] | undefined;
     /**
      * <p>Use this parameter when paginating results in a subsequent request after you receive a
      *          response with truncated results. Set it to the value of the <code>NextToken</code>
      *          parameter from the response you just received.</p>
      * @public
      */
-    NextToken?: string;
+    NextToken?: string | undefined;
 }
 /**
  * @public
@@ -2179,33 +2179,33 @@ export interface ServicePrincipalName {
      * <p>The Amazon Resource Name (ARN) that was returned when you called <a href="https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateDirectoryRegistration.html">CreateDirectoryRegistration</a>.</p>
      * @public
      */
-    DirectoryRegistrationArn?: string;
+    DirectoryRegistrationArn?: string | undefined;
     /**
      * <p>The Amazon Resource Name (ARN) that was returned when you called <a href="https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html">CreateConnector.html</a>.</p>
      * @public
      */
-    ConnectorArn?: string;
+    ConnectorArn?: string | undefined;
     /**
      * <p>The status of a service principal name.</p>
      * @public
      */
-    Status?: ServicePrincipalNameStatus;
+    Status?: ServicePrincipalNameStatus | undefined;
     /**
      * <p>Additional information for the status of a service principal name if the status is
      *          failed.</p>
      * @public
      */
-    StatusReason?: ServicePrincipalNameStatusReason;
+    StatusReason?: ServicePrincipalNameStatusReason | undefined;
     /**
      * <p>The date and time that the service principal name was created.</p>
      * @public
      */
-    CreatedAt?: Date;
+    CreatedAt?: Date | undefined;
     /**
      * <p>The date and time that the service principal name was updated.</p>
      * @public
      */
-    UpdatedAt?: Date;
+    UpdatedAt?: Date | undefined;
 }
 /**
  * @public
@@ -2215,7 +2215,7 @@ export interface GetServicePrincipalNameResponse {
      * <p>The service principal name that the connector uses to authenticate with Active Directory.</p>
      * @public
      */
-    ServicePrincipalName?: ServicePrincipalName;
+    ServicePrincipalName?: ServicePrincipalName | undefined;
 }
 /**
  * @public
@@ -2268,56 +2268,56 @@ export interface Template {
      * <p>The Amazon Resource Name (ARN) that was returned when you called <a href="https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateTemplate.html">CreateTemplate</a>.</p>
      * @public
      */
-    Arn?: string;
+    Arn?: string | undefined;
     /**
      * <p> The Amazon Resource Name (ARN) that was returned when you called <a href="https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html">CreateConnector</a>.</p>
      * @public
      */
-    ConnectorArn?: string;
+    ConnectorArn?: string | undefined;
     /**
      * <p>Template configuration to define the information included in certificates. Define
      *          certificate validity and renewal periods, certificate request handling and enrollment
      *          options, key usage extensions, application policies, and cryptography settings.</p>
      * @public
      */
-    Definition?: TemplateDefinition;
+    Definition?: TemplateDefinition | undefined;
     /**
      * <p>Name of the templates. Template names must be unique.</p>
      * @public
      */
-    Name?: string;
+    Name?: string | undefined;
     /**
      * <p>Object identifier of a template.</p>
      * @public
      */
-    ObjectIdentifier?: string;
+    ObjectIdentifier?: string | undefined;
     /**
      * <p>The template schema version. Template schema versions can be v2, v3, or v4. The template
      *          configuration options change based on the template schema version.</p>
      * @public
      */
-    PolicySchema?: number;
+    PolicySchema?: number | undefined;
     /**
      * <p>Status of the template. Status can be creating, active, deleting, or failed.</p>
      * @public
      */
-    Status?: TemplateStatus;
+    Status?: TemplateStatus | undefined;
     /**
      * <p>The version of the template. Template updates will increment the minor revision.
      *          Re-enrolling all certificate holders will increment the major revision.</p>
      * @public
      */
-    Revision?: TemplateRevision;
+    Revision?: TemplateRevision | undefined;
     /**
      * <p>The date and time that the template was created.</p>
      * @public
      */
-    CreatedAt?: Date;
+    CreatedAt?: Date | undefined;
     /**
      * <p>The date and time that the template was updated.</p>
      * @public
      */
-    UpdatedAt?: Date;
+    UpdatedAt?: Date | undefined;
 }
 /**
  * @public
@@ -2328,7 +2328,7 @@ export interface GetTemplateResponse {
      *          CA.</p>
      * @public
      */
-    Template?: Template;
+    Template?: Template | undefined;
 }
 /**
  * @public
@@ -2355,7 +2355,7 @@ export interface GetTemplateGroupAccessControlEntryResponse {
      *          autoenrolling with a template.</p>
      * @public
      */
-    AccessControlEntry?: AccessControlEntry;
+    AccessControlEntry?: AccessControlEntry | undefined;
 }
 /**
  * @public
@@ -2369,14 +2369,14 @@ export interface ListServicePrincipalNamesRequest {
      *          items.</p>
      * @public
      */
-    MaxResults?: number;
+    MaxResults?: number | undefined;
     /**
      * <p>Use this parameter when paginating results in a subsequent request after you receive a
      *          response with truncated results. Set it to the value of the <code>NextToken</code>
      *          parameter from the response you just received.</p>
      * @public
      */
-    NextToken?: string;
+    NextToken?: string | undefined;
     /**
      * <p>The Amazon Resource Name (ARN) that was returned when you called <a href="https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateDirectoryRegistration.html">CreateDirectoryRegistration</a>.</p>
      * @public
@@ -2392,33 +2392,33 @@ export interface ServicePrincipalNameSummary {
      * <p>The Amazon Resource Name (ARN) that was returned when you called <a href="https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateDirectoryRegistration.html">CreateDirectoryRegistration</a>.</p>
      * @public
      */
-    DirectoryRegistrationArn?: string;
+    DirectoryRegistrationArn?: string | undefined;
     /**
      * <p>The Amazon Resource Name (ARN) that was returned when you called <a href="https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html">CreateConnector</a>.</p>
      * @public
      */
-    ConnectorArn?: string;
+    ConnectorArn?: string | undefined;
     /**
      * <p>The status of a service principal name.</p>
      * @public
      */
-    Status?: ServicePrincipalNameStatus;
+    Status?: ServicePrincipalNameStatus | undefined;
     /**
      * <p>Additional information for the status of a service principal name if the status is
      *          failed.</p>
      * @public
      */
-    StatusReason?: ServicePrincipalNameStatusReason;
+    StatusReason?: ServicePrincipalNameStatusReason | undefined;
     /**
      * <p>The date and time that the service principal name was created.</p>
      * @public
      */
-    CreatedAt?: Date;
+    CreatedAt?: Date | undefined;
     /**
      * <p>Time when the service principal name was updated.</p>
      * @public
      */
-    UpdatedAt?: Date;
+    UpdatedAt?: Date | undefined;
 }
 /**
  * @public
@@ -2429,14 +2429,14 @@ export interface ListServicePrincipalNamesResponse {
      *          Active Directory.</p>
      * @public
      */
-    ServicePrincipalNames?: ServicePrincipalNameSummary[];
+    ServicePrincipalNames?: ServicePrincipalNameSummary[] | undefined;
     /**
      * <p>Use this parameter when paginating results in a subsequent request after you receive a
      *          response with truncated results. Set it to the value of the <code>NextToken</code>
      *          parameter from the response you just received.</p>
      * @public
      */
-    NextToken?: string;
+    NextToken?: string | undefined;
 }
 /**
  * @public
@@ -2456,7 +2456,7 @@ export interface ListTagsForResourceResponse {
      * <p>The tags, if any, that are associated with your resource.</p>
      * @public
      */
-    Tags?: Record<string, string>;
+    Tags?: Record<string, string> | undefined;
 }
 /**
  * @public
@@ -2470,14 +2470,14 @@ export interface ListTemplateGroupAccessControlEntriesRequest {
      *          items.</p>
      * @public
      */
-    MaxResults?: number;
+    MaxResults?: number | undefined;
     /**
      * <p>Use this parameter when paginating results in a subsequent request after you receive a
      *          response with truncated results. Set it to the value of the <code>NextToken</code>
      *          parameter from the response you just received.</p>
      * @public
      */
-    NextToken?: string;
+    NextToken?: string | undefined;
     /**
      * <p>The Amazon Resource Name (ARN) that was returned when you called <a href="https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateTemplate.html">CreateTemplate</a>.</p>
      * @public
@@ -2493,14 +2493,14 @@ export interface ListTemplateGroupAccessControlEntriesResponse {
      *          certificates for a template.</p>
      * @public
      */
-    AccessControlEntries?: AccessControlEntrySummary[];
+    AccessControlEntries?: AccessControlEntrySummary[] | undefined;
     /**
      * <p>Use this parameter when paginating results in a subsequent request after you receive a
      *          response with truncated results. Set it to the value of the <code>NextToken</code>
      *          parameter from the response you just received.</p>
      * @public
      */
-    NextToken?: string;
+    NextToken?: string | undefined;
 }
 /**
  * @public
@@ -2514,14 +2514,14 @@ export interface ListTemplatesRequest {
      *          items.</p>
      * @public
      */
-    MaxResults?: number;
+    MaxResults?: number | undefined;
     /**
      * <p>Use this parameter when paginating results in a subsequent request after you receive a
      *          response with truncated results. Set it to the value of the <code>NextToken</code>
      *          parameter from the response you just received.</p>
      * @public
      */
-    NextToken?: string;
+    NextToken?: string | undefined;
     /**
      * <p>The Amazon Resource Name (ARN) that was returned when you called <a href="https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html">CreateConnector</a>.</p>
      * @public
@@ -2538,56 +2538,56 @@ export interface TemplateSummary {
      * <p>The Amazon Resource Name (ARN) that was returned when you called <a href="https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateTemplate.html">CreateTemplate</a>.</p>
      * @public
      */
-    Arn?: string;
+    Arn?: string | undefined;
     /**
      * <p> The Amazon Resource Name (ARN) that was returned when you called <a href="https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html">CreateConnector</a>.</p>
      * @public
      */
-    ConnectorArn?: string;
+    ConnectorArn?: string | undefined;
     /**
      * <p>Template configuration to define the information included in certificates. Define
      *          certificate validity and renewal periods, certificate request handling and enrollment
      *          options, key usage extensions, application policies, and cryptography settings.</p>
      * @public
      */
-    Definition?: TemplateDefinition;
+    Definition?: TemplateDefinition | undefined;
     /**
      * <p>Name of the template. The template name must be unique.</p>
      * @public
      */
-    Name?: string;
+    Name?: string | undefined;
     /**
      * <p>Object identifier of a template.</p>
      * @public
      */
-    ObjectIdentifier?: string;
+    ObjectIdentifier?: string | undefined;
     /**
      * <p>The template schema version. Template schema versions can be v2, v3, or v4. The template
      *          configuration options change based on the template schema version.</p>
      * @public
      */
-    PolicySchema?: number;
+    PolicySchema?: number | undefined;
     /**
      * <p>Status of the template. Status can be creating, active, deleting, or failed.</p>
      * @public
      */
-    Status?: TemplateStatus;
+    Status?: TemplateStatus | undefined;
     /**
      * <p>The revision version of the template. Template updates will increment the minor
      *          revision. Re-enrolling all certificate holders will increment the major revision.</p>
      * @public
      */
-    Revision?: TemplateRevision;
+    Revision?: TemplateRevision | undefined;
     /**
      * <p>The date and time that the template was created.</p>
      * @public
      */
-    CreatedAt?: Date;
+    CreatedAt?: Date | undefined;
     /**
      * <p>The date and time that the template was updated.</p>
      * @public
      */
-    UpdatedAt?: Date;
+    UpdatedAt?: Date | undefined;
 }
 /**
  * @public
@@ -2597,14 +2597,14 @@ export interface ListTemplatesResponse {
      * <p>Custom configuration templates used when issuing a certificate. </p>
      * @public
      */
-    Templates?: TemplateSummary[];
+    Templates?: TemplateSummary[] | undefined;
     /**
      * <p>Use this parameter when paginating results in a subsequent request after you receive a
      *          response with truncated results. Set it to the value of the <code>NextToken</code>
      *          parameter from the response you just received.</p>
      * @public
      */
-    NextToken?: string;
+    NextToken?: string | undefined;
 }
 /**
  * @public
@@ -2640,13 +2640,13 @@ export interface UpdateTemplateGroupAccessControlEntryRequest {
      * <p>Name of the Active Directory group. This name does not need to match the group name in Active Directory.</p>
      * @public
      */
-    GroupDisplayName?: string;
+    GroupDisplayName?: string | undefined;
     /**
      * <p>Allow or deny permissions for an Active Directory group to enroll or autoenroll certificates for a
      *          template.</p>
      * @public
      */
-    AccessRights?: AccessRights;
+    AccessRights?: AccessRights | undefined;
 }
 /**
  * @public
@@ -2663,14 +2663,14 @@ export interface UpdateTemplateRequest {
      *          options, key usage extensions, application policies, and cryptography settings.</p>
      * @public
      */
-    Definition?: TemplateDefinition;
+    Definition?: TemplateDefinition | undefined;
     /**
      * <p>This setting allows the major version of a template to be increased automatically. All
      *          members of Active Directory groups that are allowed to enroll with a template will receive a new
      *          certificate issued using that template.</p>
      * @public
      */
-    ReenrollAllCertificateHolders?: boolean;
+    ReenrollAllCertificateHolders?: boolean | undefined;
 }
 /**
  * @public