npm - @aws-sdk/client-sso-admin - Versions diffs - 3.35.0 → 3.38.0 - Mend

@aws-sdk/client-sso-admin 3.35.0 → 3.38.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (319) hide show

package/src/models/models_0.ts DELETED Viewed

@@ -1,1978 +0,0 @@
-import { SENSITIVE_STRING } from "@aws-sdk/smithy-client";
-import { MetadataBearer as $MetadataBearer, SmithyException as __SmithyException } from "@aws-sdk/types";
-/**
- * <p>The value used for mapping a specified attribute to an identity source.</p>
- */
-export interface AccessControlAttributeValue {
-  /**
-   * <p>The identity source to use when mapping a specified attribute to Amazon Web Services SSO.</p>
-   */
-  Source: string[] | undefined;
-}
-export namespace AccessControlAttributeValue {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: AccessControlAttributeValue): any => ({
-    ...obj,
-  });
-}
-/**
- * <p>These are Amazon Web Services SSO identity store attributes that you can configure for use in
- *       attributes-based access control (ABAC). You can create permissions policies that determine who
- *       can access your Amazon Web Services resources based upon the configured attribute values. When you enable
- *       ABAC and specify <code>AccessControlAttributes</code>, Amazon Web Services SSO passes the attribute values
- *       of the authenticated user into IAM for use in policy evaluation.</p>
- */
-export interface AccessControlAttribute {
-  /**
-   * <p>The name of the attribute associated with your identities in your identity source. This is
-   *       used to map a specified attribute in your identity source with an attribute in Amazon Web Services
-   *       SSO.</p>
-   */
-  Key: string | undefined;
-  /**
-   * <p>The value used for mapping a specified attribute to an identity source.</p>
-   */
-  Value: AccessControlAttributeValue | undefined;
-}
-export namespace AccessControlAttribute {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: AccessControlAttribute): any => ({
-    ...obj,
-  });
-}
-/**
- * <p>You do not have sufficient access to perform this action.</p>
- */
-export interface AccessDeniedException extends __SmithyException, $MetadataBearer {
-  name: "AccessDeniedException";
-  $fault: "client";
-  Message?: string;
-}
-export namespace AccessDeniedException {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: AccessDeniedException): any => ({
-    ...obj,
-  });
-}
-export enum PrincipalType {
-  GROUP = "GROUP",
-  USER = "USER",
-}
-/**
- * <p>The assignment that indicates a principal's limited access to a specified Amazon Web Services account
- *       with a specified permission set.</p>
- *          <note>
- *             <p>The term <i>principal</i> here refers to a user or group that is defined
- *         in Amazon Web Services SSO.</p>
- *          </note>
- */
-export interface AccountAssignment {
-  /**
-   * <p>The identifier of the Amazon Web Services account.</p>
-   */
-  AccountId?: string;
-  /**
-   * <p>The ARN of the permission set. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  PermissionSetArn?: string;
-  /**
-   * <p>The entity type for which the assignment will be created.</p>
-   */
-  PrincipalType?: PrincipalType | string;
-  /**
-   * <p>An identifier for an object in Amazon Web Services SSO, such as a user or group. PrincipalIds are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about PrincipalIds in Amazon Web Services SSO, see the <a href="/singlesignon/latest/IdentityStoreAPIReference/welcome.html">Amazon Web Services SSO Identity Store API Reference</a>.</p>
-   */
-  PrincipalId?: string;
-}
-export namespace AccountAssignment {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: AccountAssignment): any => ({
-    ...obj,
-  });
-}
-export enum StatusValues {
-  FAILED = "FAILED",
-  IN_PROGRESS = "IN_PROGRESS",
-  SUCCEEDED = "SUCCEEDED",
-}
-export enum TargetType {
-  AWS_ACCOUNT = "AWS_ACCOUNT",
-}
-/**
- * <p>The status of the creation or deletion operation of an assignment that a principal needs
- *       to access an account.</p>
- */
-export interface AccountAssignmentOperationStatus {
-  /**
-   * <p>The status of the permission set provisioning process.</p>
-   */
-  Status?: StatusValues | string;
-  /**
-   * <p>The identifier for tracking the request operation that is generated by the universally
-   *       unique identifier (UUID) workflow.</p>
-   */
-  RequestId?: string;
-  /**
-   * <p>The message that contains an error or exception in case of an operation failure.</p>
-   */
-  FailureReason?: string;
-  /**
-   * <p>TargetID is an Amazon Web Services account identifier, typically a 10-12 digit string (For example, 123456789012).</p>
-   */
-  TargetId?: string;
-  /**
-   * <p>The entity type for which the assignment will be created.</p>
-   */
-  TargetType?: TargetType | string;
-  /**
-   * <p>The ARN of the permission set. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  PermissionSetArn?: string;
-  /**
-   * <p>The entity type for which the assignment will be created.</p>
-   */
-  PrincipalType?: PrincipalType | string;
-  /**
-   * <p>An identifier for an object in Amazon Web Services SSO, such as a user or group. PrincipalIds are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about PrincipalIds in Amazon Web Services SSO, see the <a href="/singlesignon/latest/IdentityStoreAPIReference/welcome.html">Amazon Web Services SSO Identity Store API Reference</a>.</p>
-   */
-  PrincipalId?: string;
-  /**
-   * <p>The date that the permission set was created.</p>
-   */
-  CreatedDate?: Date;
-}
-export namespace AccountAssignmentOperationStatus {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: AccountAssignmentOperationStatus): any => ({
-    ...obj,
-  });
-}
-/**
- * <p>Provides information about the <a>AccountAssignment</a> creation
- *       request.</p>
- */
-export interface AccountAssignmentOperationStatusMetadata {
-  /**
-   * <p>The status of the permission set provisioning process.</p>
-   */
-  Status?: StatusValues | string;
-  /**
-   * <p>The identifier for tracking the request operation that is generated by the universally
-   *       unique identifier (UUID) workflow.</p>
-   */
-  RequestId?: string;
-  /**
-   * <p>The date that the permission set was created.</p>
-   */
-  CreatedDate?: Date;
-}
-export namespace AccountAssignmentOperationStatusMetadata {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: AccountAssignmentOperationStatusMetadata): any => ({
-    ...obj,
-  });
-}
-/**
- * <p>A structure that stores the details of the IAM managed policy.</p>
- */
-export interface AttachedManagedPolicy {
-  /**
-   * <p>The name of the IAM managed policy.</p>
-   */
-  Name?: string;
-  /**
-   * <p>The ARN of the IAM managed policy. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  Arn?: string;
-}
-export namespace AttachedManagedPolicy {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: AttachedManagedPolicy): any => ({
-    ...obj,
-  });
-}
-export interface AttachManagedPolicyToPermissionSetRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  InstanceArn: string | undefined;
-  /**
-   * <p>The ARN of the <a>PermissionSet</a> that the managed policy should be attached
-   *       to.</p>
-   */
-  PermissionSetArn: string | undefined;
-  /**
-   * <p>The IAM managed policy ARN to be attached to a permission set.</p>
-   */
-  ManagedPolicyArn: string | undefined;
-}
-export namespace AttachManagedPolicyToPermissionSetRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: AttachManagedPolicyToPermissionSetRequest): any => ({
-    ...obj,
-  });
-}
-export interface AttachManagedPolicyToPermissionSetResponse {}
-export namespace AttachManagedPolicyToPermissionSetResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: AttachManagedPolicyToPermissionSetResponse): any => ({
-    ...obj,
-  });
-}
-/**
- * <p>Occurs when a conflict with a previous successful write is detected. This generally occurs
- *       when the previous write did not have time to propagate to the host serving the current
- *       request. A retry (with appropriate backoff logic) is the recommended response to this
- *       exception.</p>
- */
-export interface ConflictException extends __SmithyException, $MetadataBearer {
-  name: "ConflictException";
-  $fault: "client";
-  Message?: string;
-}
-export namespace ConflictException {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: ConflictException): any => ({
-    ...obj,
-  });
-}
-/**
- * <p>The request processing has failed because of an unknown error, exception, or failure with
- *       an internal server.</p>
- */
-export interface InternalServerException extends __SmithyException, $MetadataBearer {
-  name: "InternalServerException";
-  $fault: "server";
-  Message?: string;
-}
-export namespace InternalServerException {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: InternalServerException): any => ({
-    ...obj,
-  });
-}
-/**
- * <p>Indicates that a requested resource is not found.</p>
- */
-export interface ResourceNotFoundException extends __SmithyException, $MetadataBearer {
-  name: "ResourceNotFoundException";
-  $fault: "client";
-  Message?: string;
-}
-export namespace ResourceNotFoundException {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: ResourceNotFoundException): any => ({
-    ...obj,
-  });
-}
-/**
- * <p>Indicates that the principal has crossed the permitted number of resources that can be
- *       created.</p>
- */
-export interface ServiceQuotaExceededException extends __SmithyException, $MetadataBearer {
-  name: "ServiceQuotaExceededException";
-  $fault: "client";
-  Message?: string;
-}
-export namespace ServiceQuotaExceededException {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: ServiceQuotaExceededException): any => ({
-    ...obj,
-  });
-}
-/**
- * <p>Indicates that the principal has crossed the throttling limits of the API
- *       operations.</p>
- */
-export interface ThrottlingException extends __SmithyException, $MetadataBearer {
-  name: "ThrottlingException";
-  $fault: "client";
-  Message?: string;
-}
-export namespace ThrottlingException {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: ThrottlingException): any => ({
-    ...obj,
-  });
-}
-/**
- * <p>The request failed because it contains a syntax error.</p>
- */
-export interface ValidationException extends __SmithyException, $MetadataBearer {
-  name: "ValidationException";
-  $fault: "client";
-  Message?: string;
-}
-export namespace ValidationException {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: ValidationException): any => ({
-    ...obj,
-  });
-}
-export interface CreateAccountAssignmentRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  InstanceArn: string | undefined;
-  /**
-   * <p>TargetID is an Amazon Web Services account identifier, typically a 10-12 digit string (For example, 123456789012).</p>
-   */
-  TargetId: string | undefined;
-  /**
-   * <p>The entity type for which the assignment will be created.</p>
-   */
-  TargetType: TargetType | string | undefined;
-  /**
-   * <p>The ARN of the permission set that the admin wants to grant the principal access
-   *       to.</p>
-   */
-  PermissionSetArn: string | undefined;
-  /**
-   * <p>The entity type for which the assignment will be created.</p>
-   */
-  PrincipalType: PrincipalType | string | undefined;
-  /**
-   * <p>An identifier for an object in Amazon Web Services SSO, such as a user or group. PrincipalIds are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about PrincipalIds in Amazon Web Services SSO, see the <a href="/singlesignon/latest/IdentityStoreAPIReference/welcome.html">Amazon Web Services SSO Identity Store API Reference</a>.</p>
-   */
-  PrincipalId: string | undefined;
-}
-export namespace CreateAccountAssignmentRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: CreateAccountAssignmentRequest): any => ({
-    ...obj,
-  });
-}
-export interface CreateAccountAssignmentResponse {
-  /**
-   * <p>The status object for the account assignment creation operation.</p>
-   */
-  AccountAssignmentCreationStatus?: AccountAssignmentOperationStatus;
-}
-export namespace CreateAccountAssignmentResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: CreateAccountAssignmentResponse): any => ({
-    ...obj,
-  });
-}
-/**
- * <p>Specifies the attributes to add to your attribute-based access control (ABAC)
- *       configuration.</p>
- */
-export interface InstanceAccessControlAttributeConfiguration {
-  /**
-   * <p>Lists the attributes that are configured for ABAC in the specified Amazon Web Services SSO
-   *       instance.</p>
-   */
-  AccessControlAttributes: AccessControlAttribute[] | undefined;
-}
-export namespace InstanceAccessControlAttributeConfiguration {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: InstanceAccessControlAttributeConfiguration): any => ({
-    ...obj,
-  });
-}
-export interface CreateInstanceAccessControlAttributeConfigurationRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed.</p>
-   */
-  InstanceArn: string | undefined;
-  /**
-   * <p>Specifies the Amazon Web Services SSO identity store attributes to add to your ABAC configuration.
-   *       When using an external identity provider as an identity source, you can pass attributes
-   *       through the SAML assertion. Doing so provides an alternative to configuring attributes from
-   *       the Amazon Web Services SSO identity store. If a SAML assertion passes any of these attributes, Amazon Web Services
-   *       SSO will replace the attribute value with the value from the Amazon Web Services SSO identity
-   *       store.</p>
-   */
-  InstanceAccessControlAttributeConfiguration: InstanceAccessControlAttributeConfiguration | undefined;
-}
-export namespace CreateInstanceAccessControlAttributeConfigurationRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: CreateInstanceAccessControlAttributeConfigurationRequest): any => ({
-    ...obj,
-  });
-}
-export interface CreateInstanceAccessControlAttributeConfigurationResponse {}
-export namespace CreateInstanceAccessControlAttributeConfigurationResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: CreateInstanceAccessControlAttributeConfigurationResponse): any => ({
-    ...obj,
-  });
-}
-/**
- * <p>A set of key-value pairs that are used to manage the resource. Tags can only be applied to
- *       permission sets and cannot be applied to corresponding roles that Amazon Web Services SSO creates in Amazon Web Services
- *       accounts.</p>
- */
-export interface Tag {
-  /**
-   * <p>The key for the tag.</p>
-   */
-  Key?: string;
-  /**
-   * <p>The value of the tag.</p>
-   */
-  Value?: string;
-}
-export namespace Tag {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: Tag): any => ({
-    ...obj,
-  });
-}
-export interface CreatePermissionSetRequest {
-  /**
-   * <p>The name of the <a>PermissionSet</a>.</p>
-   */
-  Name: string | undefined;
-  /**
-   * <p>The description of the <a>PermissionSet</a>.</p>
-   */
-  Description?: string;
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  InstanceArn: string | undefined;
-  /**
-   * <p>The length of time that the application user sessions are valid in the ISO-8601
-   *       standard.</p>
-   */
-  SessionDuration?: string;
-  /**
-   * <p>Used to redirect users within the application during the federation authentication
-   *       process.</p>
-   */
-  RelayState?: string;
-  /**
-   * <p>The tags to attach to the new <a>PermissionSet</a>.</p>
-   */
-  Tags?: Tag[];
-}
-export namespace CreatePermissionSetRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: CreatePermissionSetRequest): any => ({
-    ...obj,
-  });
-}
-/**
- * <p>An entity that contains IAM policies.</p>
- */
-export interface PermissionSet {
-  /**
-   * <p>The name of the permission set.</p>
-   */
-  Name?: string;
-  /**
-   * <p>The ARN of the permission set. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  PermissionSetArn?: string;
-  /**
-   * <p>The description of the <a>PermissionSet</a>.</p>
-   */
-  Description?: string;
-  /**
-   * <p>The date that the permission set was created.</p>
-   */
-  CreatedDate?: Date;
-  /**
-   * <p>The length of time that the application user sessions are valid for in the ISO-8601
-   *       standard.</p>
-   */
-  SessionDuration?: string;
-  /**
-   * <p>Used to redirect users within the application during the federation authentication
-   *       process.</p>
-   */
-  RelayState?: string;
-}
-export namespace PermissionSet {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: PermissionSet): any => ({
-    ...obj,
-  });
-}
-export interface CreatePermissionSetResponse {
-  /**
-   * <p>Defines the level of access on an Amazon Web Services account.</p>
-   */
-  PermissionSet?: PermissionSet;
-}
-export namespace CreatePermissionSetResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: CreatePermissionSetResponse): any => ({
-    ...obj,
-  });
-}
-export interface DeleteAccountAssignmentRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  InstanceArn: string | undefined;
-  /**
-   * <p>TargetID is an Amazon Web Services account identifier, typically a 10-12 digit string (For example, 123456789012).</p>
-   */
-  TargetId: string | undefined;
-  /**
-   * <p>The entity type for which the assignment will be deleted.</p>
-   */
-  TargetType: TargetType | string | undefined;
-  /**
-   * <p>The ARN of the permission set that will be used to remove access.</p>
-   */
-  PermissionSetArn: string | undefined;
-  /**
-   * <p>The entity type for which the assignment will be deleted.</p>
-   */
-  PrincipalType: PrincipalType | string | undefined;
-  /**
-   * <p>An identifier for an object in Amazon Web Services SSO, such as a user or group. PrincipalIds are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about PrincipalIds in Amazon Web Services SSO, see the <a href="/singlesignon/latest/IdentityStoreAPIReference/welcome.html">Amazon Web Services SSO Identity Store API Reference</a>.</p>
-   */
-  PrincipalId: string | undefined;
-}
-export namespace DeleteAccountAssignmentRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: DeleteAccountAssignmentRequest): any => ({
-    ...obj,
-  });
-}
-export interface DeleteAccountAssignmentResponse {
-  /**
-   * <p>The status object for the account assignment deletion operation.</p>
-   */
-  AccountAssignmentDeletionStatus?: AccountAssignmentOperationStatus;
-}
-export namespace DeleteAccountAssignmentResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: DeleteAccountAssignmentResponse): any => ({
-    ...obj,
-  });
-}
-export interface DeleteInlinePolicyFromPermissionSetRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  InstanceArn: string | undefined;
-  /**
-   * <p>The ARN of the permission set that will be used to remove access.</p>
-   */
-  PermissionSetArn: string | undefined;
-}
-export namespace DeleteInlinePolicyFromPermissionSetRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: DeleteInlinePolicyFromPermissionSetRequest): any => ({
-    ...obj,
-  });
-}
-export interface DeleteInlinePolicyFromPermissionSetResponse {}
-export namespace DeleteInlinePolicyFromPermissionSetResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: DeleteInlinePolicyFromPermissionSetResponse): any => ({
-    ...obj,
-  });
-}
-export interface DeleteInstanceAccessControlAttributeConfigurationRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed.</p>
-   */
-  InstanceArn: string | undefined;
-}
-export namespace DeleteInstanceAccessControlAttributeConfigurationRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: DeleteInstanceAccessControlAttributeConfigurationRequest): any => ({
-    ...obj,
-  });
-}
-export interface DeleteInstanceAccessControlAttributeConfigurationResponse {}
-export namespace DeleteInstanceAccessControlAttributeConfigurationResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: DeleteInstanceAccessControlAttributeConfigurationResponse): any => ({
-    ...obj,
-  });
-}
-export interface DeletePermissionSetRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  InstanceArn: string | undefined;
-  /**
-   * <p>The ARN of the permission set that should be deleted.</p>
-   */
-  PermissionSetArn: string | undefined;
-}
-export namespace DeletePermissionSetRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: DeletePermissionSetRequest): any => ({
-    ...obj,
-  });
-}
-export interface DeletePermissionSetResponse {}
-export namespace DeletePermissionSetResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: DeletePermissionSetResponse): any => ({
-    ...obj,
-  });
-}
-export interface DescribeAccountAssignmentCreationStatusRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  InstanceArn: string | undefined;
-  /**
-   * <p>The identifier that is used to track the request operation progress.</p>
-   */
-  AccountAssignmentCreationRequestId: string | undefined;
-}
-export namespace DescribeAccountAssignmentCreationStatusRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: DescribeAccountAssignmentCreationStatusRequest): any => ({
-    ...obj,
-  });
-}
-export interface DescribeAccountAssignmentCreationStatusResponse {
-  /**
-   * <p>The status object for the account assignment creation operation.</p>
-   */
-  AccountAssignmentCreationStatus?: AccountAssignmentOperationStatus;
-}
-export namespace DescribeAccountAssignmentCreationStatusResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: DescribeAccountAssignmentCreationStatusResponse): any => ({
-    ...obj,
-  });
-}
-export interface DescribeAccountAssignmentDeletionStatusRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  InstanceArn: string | undefined;
-  /**
-   * <p>The identifier that is used to track the request operation progress.</p>
-   */
-  AccountAssignmentDeletionRequestId: string | undefined;
-}
-export namespace DescribeAccountAssignmentDeletionStatusRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: DescribeAccountAssignmentDeletionStatusRequest): any => ({
-    ...obj,
-  });
-}
-export interface DescribeAccountAssignmentDeletionStatusResponse {
-  /**
-   * <p>The status object for the account assignment deletion operation.</p>
-   */
-  AccountAssignmentDeletionStatus?: AccountAssignmentOperationStatus;
-}
-export namespace DescribeAccountAssignmentDeletionStatusResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: DescribeAccountAssignmentDeletionStatusResponse): any => ({
-    ...obj,
-  });
-}
-export interface DescribeInstanceAccessControlAttributeConfigurationRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed.</p>
-   */
-  InstanceArn: string | undefined;
-}
-export namespace DescribeInstanceAccessControlAttributeConfigurationRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: DescribeInstanceAccessControlAttributeConfigurationRequest): any => ({
-    ...obj,
-  });
-}
-export enum InstanceAccessControlAttributeConfigurationStatus {
-  CREATION_FAILED = "CREATION_FAILED",
-  CREATION_IN_PROGRESS = "CREATION_IN_PROGRESS",
-  ENABLED = "ENABLED",
-}
-export interface DescribeInstanceAccessControlAttributeConfigurationResponse {
-  /**
-   * <p>The status of the attribute configuration process.</p>
-   */
-  Status?: InstanceAccessControlAttributeConfigurationStatus | string;
-  /**
-   * <p>Provides more details about the current status of the specified attribute.</p>
-   */
-  StatusReason?: string;
-  /**
-   * <p>Gets the list of Amazon Web Services SSO identity store attributes that have been added to your ABAC
-   *       configuration.</p>
-   */
-  InstanceAccessControlAttributeConfiguration?: InstanceAccessControlAttributeConfiguration;
-}
-export namespace DescribeInstanceAccessControlAttributeConfigurationResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: DescribeInstanceAccessControlAttributeConfigurationResponse): any => ({
-    ...obj,
-  });
-}
-export interface DescribePermissionSetRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  InstanceArn: string | undefined;
-  /**
-   * <p>The ARN of the permission set.</p>
-   */
-  PermissionSetArn: string | undefined;
-}
-export namespace DescribePermissionSetRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: DescribePermissionSetRequest): any => ({
-    ...obj,
-  });
-}
-export interface DescribePermissionSetResponse {
-  /**
-   * <p>Describes the level of access on an Amazon Web Services account.</p>
-   */
-  PermissionSet?: PermissionSet;
-}
-export namespace DescribePermissionSetResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: DescribePermissionSetResponse): any => ({
-    ...obj,
-  });
-}
-export interface DescribePermissionSetProvisioningStatusRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  InstanceArn: string | undefined;
-  /**
-   * <p>The identifier that is provided by the <a>ProvisionPermissionSet</a> call to
-   *       retrieve the current status of the provisioning workflow.</p>
-   */
-  ProvisionPermissionSetRequestId: string | undefined;
-}
-export namespace DescribePermissionSetProvisioningStatusRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: DescribePermissionSetProvisioningStatusRequest): any => ({
-    ...obj,
-  });
-}
-/**
- * <p>A structure that is used to provide the status of the provisioning operation for a
- *       specified permission set.</p>
- */
-export interface PermissionSetProvisioningStatus {
-  /**
-   * <p>The status of the permission set provisioning process.</p>
-   */
-  Status?: StatusValues | string;
-  /**
-   * <p>The identifier for tracking the request operation that is generated by the universally
-   *       unique identifier (UUID) workflow.</p>
-   */
-  RequestId?: string;
-  /**
-   * <p>The identifier of the Amazon Web Services account from which to list the assignments.</p>
-   */
-  AccountId?: string;
-  /**
-   * <p>The ARN of the permission set that is being provisioned. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  PermissionSetArn?: string;
-  /**
-   * <p>The message that contains an error or exception in case of an operation failure.</p>
-   */
-  FailureReason?: string;
-  /**
-   * <p>The date that the permission set was created.</p>
-   */
-  CreatedDate?: Date;
-}
-export namespace PermissionSetProvisioningStatus {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: PermissionSetProvisioningStatus): any => ({
-    ...obj,
-  });
-}
-export interface DescribePermissionSetProvisioningStatusResponse {
-  /**
-   * <p>The status object for the permission set provisioning operation.</p>
-   */
-  PermissionSetProvisioningStatus?: PermissionSetProvisioningStatus;
-}
-export namespace DescribePermissionSetProvisioningStatusResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: DescribePermissionSetProvisioningStatusResponse): any => ({
-    ...obj,
-  });
-}
-export interface DetachManagedPolicyFromPermissionSetRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  InstanceArn: string | undefined;
-  /**
-   * <p>The ARN of the <a>PermissionSet</a> from which the policy should be
-   *       detached.</p>
-   */
-  PermissionSetArn: string | undefined;
-  /**
-   * <p>The IAM managed policy ARN to be attached to a permission set.</p>
-   */
-  ManagedPolicyArn: string | undefined;
-}
-export namespace DetachManagedPolicyFromPermissionSetRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: DetachManagedPolicyFromPermissionSetRequest): any => ({
-    ...obj,
-  });
-}
-export interface DetachManagedPolicyFromPermissionSetResponse {}
-export namespace DetachManagedPolicyFromPermissionSetResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: DetachManagedPolicyFromPermissionSetResponse): any => ({
-    ...obj,
-  });
-}
-export interface GetInlinePolicyForPermissionSetRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  InstanceArn: string | undefined;
-  /**
-   * <p>The ARN of the permission set.</p>
-   */
-  PermissionSetArn: string | undefined;
-}
-export namespace GetInlinePolicyForPermissionSetRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: GetInlinePolicyForPermissionSetRequest): any => ({
-    ...obj,
-  });
-}
-export interface GetInlinePolicyForPermissionSetResponse {
-  /**
-   * <p>The IAM inline policy that is attached to the permission set.</p>
-   */
-  InlinePolicy?: string;
-}
-export namespace GetInlinePolicyForPermissionSetResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: GetInlinePolicyForPermissionSetResponse): any => ({
-    ...obj,
-    ...(obj.InlinePolicy && { InlinePolicy: SENSITIVE_STRING }),
-  });
-}
-/**
- * <p>Provides information about the SSO instance.</p>
- */
-export interface InstanceMetadata {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  InstanceArn?: string;
-  /**
-   * <p>The identifier of the identity store that is connected to the SSO instance.</p>
-   */
-  IdentityStoreId?: string;
-}
-export namespace InstanceMetadata {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: InstanceMetadata): any => ({
-    ...obj,
-  });
-}
-/**
- * <p>Filters he operation status list based on the passed attribute value.</p>
- */
-export interface OperationStatusFilter {
-  /**
-   * <p>Filters the list operations result based on the status attribute.</p>
-   */
-  Status?: StatusValues | string;
-}
-export namespace OperationStatusFilter {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: OperationStatusFilter): any => ({
-    ...obj,
-  });
-}
-export interface ListAccountAssignmentCreationStatusRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  InstanceArn: string | undefined;
-  /**
-   * <p>The maximum number of results to display for the assignment.</p>
-   */
-  MaxResults?: number;
-  /**
-   * <p>The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.</p>
-   */
-  NextToken?: string;
-  /**
-   * <p>Filters results based on the passed attribute value.</p>
-   */
-  Filter?: OperationStatusFilter;
-}
-export namespace ListAccountAssignmentCreationStatusRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: ListAccountAssignmentCreationStatusRequest): any => ({
-    ...obj,
-  });
-}
-export interface ListAccountAssignmentCreationStatusResponse {
-  /**
-   * <p>The status object for the account assignment creation operation.</p>
-   */
-  AccountAssignmentsCreationStatus?: AccountAssignmentOperationStatusMetadata[];
-  /**
-   * <p>The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.</p>
-   */
-  NextToken?: string;
-}
-export namespace ListAccountAssignmentCreationStatusResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: ListAccountAssignmentCreationStatusResponse): any => ({
-    ...obj,
-  });
-}
-export interface ListAccountAssignmentDeletionStatusRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  InstanceArn: string | undefined;
-  /**
-   * <p>The maximum number of results to display for the assignment.</p>
-   */
-  MaxResults?: number;
-  /**
-   * <p>The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.</p>
-   */
-  NextToken?: string;
-  /**
-   * <p>Filters results based on the passed attribute value.</p>
-   */
-  Filter?: OperationStatusFilter;
-}
-export namespace ListAccountAssignmentDeletionStatusRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: ListAccountAssignmentDeletionStatusRequest): any => ({
-    ...obj,
-  });
-}
-export interface ListAccountAssignmentDeletionStatusResponse {
-  /**
-   * <p>The status object for the account assignment deletion operation.</p>
-   */
-  AccountAssignmentsDeletionStatus?: AccountAssignmentOperationStatusMetadata[];
-  /**
-   * <p>The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.</p>
-   */
-  NextToken?: string;
-}
-export namespace ListAccountAssignmentDeletionStatusResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: ListAccountAssignmentDeletionStatusResponse): any => ({
-    ...obj,
-  });
-}
-export interface ListAccountAssignmentsRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  InstanceArn: string | undefined;
-  /**
-   * <p>The identifier of the Amazon Web Services account from which to list the assignments.</p>
-   */
-  AccountId: string | undefined;
-  /**
-   * <p>The ARN of the permission set from which to list assignments.</p>
-   */
-  PermissionSetArn: string | undefined;
-  /**
-   * <p>The maximum number of results to display for the assignment.</p>
-   */
-  MaxResults?: number;
-  /**
-   * <p>The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.</p>
-   */
-  NextToken?: string;
-}
-export namespace ListAccountAssignmentsRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: ListAccountAssignmentsRequest): any => ({
-    ...obj,
-  });
-}
-export interface ListAccountAssignmentsResponse {
-  /**
-   * <p>The list of assignments that match the input Amazon Web Services account and permission set.</p>
-   */
-  AccountAssignments?: AccountAssignment[];
-  /**
-   * <p>The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.</p>
-   */
-  NextToken?: string;
-}
-export namespace ListAccountAssignmentsResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: ListAccountAssignmentsResponse): any => ({
-    ...obj,
-  });
-}
-export enum ProvisioningStatus {
-  LATEST_PERMISSION_SET_NOT_PROVISIONED = "LATEST_PERMISSION_SET_NOT_PROVISIONED",
-  LATEST_PERMISSION_SET_PROVISIONED = "LATEST_PERMISSION_SET_PROVISIONED",
-}
-export interface ListAccountsForProvisionedPermissionSetRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  InstanceArn: string | undefined;
-  /**
-   * <p>The ARN of the <a>PermissionSet</a> from which the associated Amazon Web Services accounts
-   *       will be listed.</p>
-   */
-  PermissionSetArn: string | undefined;
-  /**
-   * <p>The permission set provisioning status for an Amazon Web Services account.</p>
-   */
-  ProvisioningStatus?: ProvisioningStatus | string;
-  /**
-   * <p>The maximum number of results to display for the <a>PermissionSet</a>.</p>
-   */
-  MaxResults?: number;
-  /**
-   * <p>The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.</p>
-   */
-  NextToken?: string;
-}
-export namespace ListAccountsForProvisionedPermissionSetRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: ListAccountsForProvisionedPermissionSetRequest): any => ({
-    ...obj,
-  });
-}
-export interface ListAccountsForProvisionedPermissionSetResponse {
-  /**
-   * <p>The list of Amazon Web Services <code>AccountIds</code>.</p>
-   */
-  AccountIds?: string[];
-  /**
-   * <p>The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.</p>
-   */
-  NextToken?: string;
-}
-export namespace ListAccountsForProvisionedPermissionSetResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: ListAccountsForProvisionedPermissionSetResponse): any => ({
-    ...obj,
-  });
-}
-export interface ListInstancesRequest {
-  /**
-   * <p>The maximum number of results to display for the instance.</p>
-   */
-  MaxResults?: number;
-  /**
-   * <p>The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.</p>
-   */
-  NextToken?: string;
-}
-export namespace ListInstancesRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: ListInstancesRequest): any => ({
-    ...obj,
-  });
-}
-export interface ListInstancesResponse {
-  /**
-   * <p>Lists the SSO instances that the caller has access to.</p>
-   */
-  Instances?: InstanceMetadata[];
-  /**
-   * <p>The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.</p>
-   */
-  NextToken?: string;
-}
-export namespace ListInstancesResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: ListInstancesResponse): any => ({
-    ...obj,
-  });
-}
-export interface ListManagedPoliciesInPermissionSetRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  InstanceArn: string | undefined;
-  /**
-   * <p>The ARN of the <a>PermissionSet</a> whose managed policies will be
-   *       listed.</p>
-   */
-  PermissionSetArn: string | undefined;
-  /**
-   * <p>The maximum number of results to display for the <a>PermissionSet</a>.</p>
-   */
-  MaxResults?: number;
-  /**
-   * <p>The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.</p>
-   */
-  NextToken?: string;
-}
-export namespace ListManagedPoliciesInPermissionSetRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: ListManagedPoliciesInPermissionSetRequest): any => ({
-    ...obj,
-  });
-}
-export interface ListManagedPoliciesInPermissionSetResponse {
-  /**
-   * <p>The array of the <a>AttachedManagedPolicy</a> data type object.</p>
-   */
-  AttachedManagedPolicies?: AttachedManagedPolicy[];
-  /**
-   * <p>The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.</p>
-   */
-  NextToken?: string;
-}
-export namespace ListManagedPoliciesInPermissionSetResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: ListManagedPoliciesInPermissionSetResponse): any => ({
-    ...obj,
-  });
-}
-export interface ListPermissionSetProvisioningStatusRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  InstanceArn: string | undefined;
-  /**
-   * <p>The maximum number of results to display for the assignment.</p>
-   */
-  MaxResults?: number;
-  /**
-   * <p>The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.</p>
-   */
-  NextToken?: string;
-  /**
-   * <p>Filters results based on the passed attribute value.</p>
-   */
-  Filter?: OperationStatusFilter;
-}
-export namespace ListPermissionSetProvisioningStatusRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: ListPermissionSetProvisioningStatusRequest): any => ({
-    ...obj,
-  });
-}
-/**
- * <p>Provides information about the permission set provisioning status.</p>
- */
-export interface PermissionSetProvisioningStatusMetadata {
-  /**
-   * <p>The status of the permission set provisioning process.</p>
-   */
-  Status?: StatusValues | string;
-  /**
-   * <p>The identifier for tracking the request operation that is generated by the universally
-   *       unique identifier (UUID) workflow.</p>
-   */
-  RequestId?: string;
-  /**
-   * <p>The date that the permission set was created.</p>
-   */
-  CreatedDate?: Date;
-}
-export namespace PermissionSetProvisioningStatusMetadata {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: PermissionSetProvisioningStatusMetadata): any => ({
-    ...obj,
-  });
-}
-export interface ListPermissionSetProvisioningStatusResponse {
-  /**
-   * <p>The status object for the permission set provisioning operation.</p>
-   */
-  PermissionSetsProvisioningStatus?: PermissionSetProvisioningStatusMetadata[];
-  /**
-   * <p>The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.</p>
-   */
-  NextToken?: string;
-}
-export namespace ListPermissionSetProvisioningStatusResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: ListPermissionSetProvisioningStatusResponse): any => ({
-    ...obj,
-  });
-}
-export interface ListPermissionSetsRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  InstanceArn: string | undefined;
-  /**
-   * <p>The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.</p>
-   */
-  NextToken?: string;
-  /**
-   * <p>The maximum number of results to display for the assignment.</p>
-   */
-  MaxResults?: number;
-}
-export namespace ListPermissionSetsRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: ListPermissionSetsRequest): any => ({
-    ...obj,
-  });
-}
-export interface ListPermissionSetsResponse {
-  /**
-   * <p>Defines the level of access on an Amazon Web Services account.</p>
-   */
-  PermissionSets?: string[];
-  /**
-   * <p>The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.</p>
-   */
-  NextToken?: string;
-}
-export namespace ListPermissionSetsResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: ListPermissionSetsResponse): any => ({
-    ...obj,
-  });
-}
-export interface ListPermissionSetsProvisionedToAccountRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  InstanceArn: string | undefined;
-  /**
-   * <p>The identifier of the Amazon Web Services account from which to list the assignments.</p>
-   */
-  AccountId: string | undefined;
-  /**
-   * <p>The status object for the permission set provisioning operation.</p>
-   */
-  ProvisioningStatus?: ProvisioningStatus | string;
-  /**
-   * <p>The maximum number of results to display for the assignment.</p>
-   */
-  MaxResults?: number;
-  /**
-   * <p>The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.</p>
-   */
-  NextToken?: string;
-}
-export namespace ListPermissionSetsProvisionedToAccountRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: ListPermissionSetsProvisionedToAccountRequest): any => ({
-    ...obj,
-  });
-}
-export interface ListPermissionSetsProvisionedToAccountResponse {
-  /**
-   * <p>The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.</p>
-   */
-  NextToken?: string;
-  /**
-   * <p>Defines the level of access that an Amazon Web Services account has.</p>
-   */
-  PermissionSets?: string[];
-}
-export namespace ListPermissionSetsProvisionedToAccountResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: ListPermissionSetsProvisionedToAccountResponse): any => ({
-    ...obj,
-  });
-}
-export interface ListTagsForResourceRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  InstanceArn: string | undefined;
-  /**
-   * <p>The ARN of the resource with the tags to be listed.</p>
-   */
-  ResourceArn: string | undefined;
-  /**
-   * <p>The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.</p>
-   */
-  NextToken?: string;
-}
-export namespace ListTagsForResourceRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: ListTagsForResourceRequest): any => ({
-    ...obj,
-  });
-}
-export interface ListTagsForResourceResponse {
-  /**
-   * <p>A set of key-value pairs that are used to manage the resource.</p>
-   */
-  Tags?: Tag[];
-  /**
-   * <p>The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.</p>
-   */
-  NextToken?: string;
-}
-export namespace ListTagsForResourceResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: ListTagsForResourceResponse): any => ({
-    ...obj,
-  });
-}
-export enum ProvisionTargetType {
-  ALL_PROVISIONED_ACCOUNTS = "ALL_PROVISIONED_ACCOUNTS",
-  AWS_ACCOUNT = "AWS_ACCOUNT",
-}
-export interface ProvisionPermissionSetRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  InstanceArn: string | undefined;
-  /**
-   * <p>The ARN of the permission set.</p>
-   */
-  PermissionSetArn: string | undefined;
-  /**
-   * <p>TargetID is an Amazon Web Services account identifier, typically a 10-12 digit string (For example, 123456789012).</p>
-   */
-  TargetId?: string;
-  /**
-   * <p>The entity type for which the assignment will be created.</p>
-   */
-  TargetType: ProvisionTargetType | string | undefined;
-}
-export namespace ProvisionPermissionSetRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: ProvisionPermissionSetRequest): any => ({
-    ...obj,
-  });
-}
-export interface ProvisionPermissionSetResponse {
-  /**
-   * <p>The status object for the permission set provisioning operation.</p>
-   */
-  PermissionSetProvisioningStatus?: PermissionSetProvisioningStatus;
-}
-export namespace ProvisionPermissionSetResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: ProvisionPermissionSetResponse): any => ({
-    ...obj,
-  });
-}
-export interface PutInlinePolicyToPermissionSetRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  InstanceArn: string | undefined;
-  /**
-   * <p>The ARN of the permission set.</p>
-   */
-  PermissionSetArn: string | undefined;
-  /**
-   * <p>The IAM inline policy to attach to a <a>PermissionSet</a>.</p>
-   */
-  InlinePolicy: string | undefined;
-}
-export namespace PutInlinePolicyToPermissionSetRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: PutInlinePolicyToPermissionSetRequest): any => ({
-    ...obj,
-    ...(obj.InlinePolicy && { InlinePolicy: SENSITIVE_STRING }),
-  });
-}
-export interface PutInlinePolicyToPermissionSetResponse {}
-export namespace PutInlinePolicyToPermissionSetResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: PutInlinePolicyToPermissionSetResponse): any => ({
-    ...obj,
-  });
-}
-export interface TagResourceRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  InstanceArn: string | undefined;
-  /**
-   * <p>The ARN of the resource with the tags to be listed.</p>
-   */
-  ResourceArn: string | undefined;
-  /**
-   * <p>A set of key-value pairs that are used to manage the resource.</p>
-   */
-  Tags: Tag[] | undefined;
-}
-export namespace TagResourceRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: TagResourceRequest): any => ({
-    ...obj,
-  });
-}
-export interface TagResourceResponse {}
-export namespace TagResourceResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: TagResourceResponse): any => ({
-    ...obj,
-  });
-}
-export interface UntagResourceRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  InstanceArn: string | undefined;
-  /**
-   * <p>The ARN of the resource with the tags to be listed.</p>
-   */
-  ResourceArn: string | undefined;
-  /**
-   * <p>The keys of tags that are attached to the resource.</p>
-   */
-  TagKeys: string[] | undefined;
-}
-export namespace UntagResourceRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: UntagResourceRequest): any => ({
-    ...obj,
-  });
-}
-export interface UntagResourceResponse {}
-export namespace UntagResourceResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: UntagResourceResponse): any => ({
-    ...obj,
-  });
-}
-export interface UpdateInstanceAccessControlAttributeConfigurationRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed.</p>
-   */
-  InstanceArn: string | undefined;
-  /**
-   * <p>Updates the attributes for your ABAC configuration.</p>
-   */
-  InstanceAccessControlAttributeConfiguration: InstanceAccessControlAttributeConfiguration | undefined;
-}
-export namespace UpdateInstanceAccessControlAttributeConfigurationRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: UpdateInstanceAccessControlAttributeConfigurationRequest): any => ({
-    ...obj,
-  });
-}
-export interface UpdateInstanceAccessControlAttributeConfigurationResponse {}
-export namespace UpdateInstanceAccessControlAttributeConfigurationResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: UpdateInstanceAccessControlAttributeConfigurationResponse): any => ({
-    ...obj,
-  });
-}
-export interface UpdatePermissionSetRequest {
-  /**
-   * <p>The ARN of the SSO instance under which the operation will be executed. For more information about ARNs, see <a href="/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource
-   * Names (ARNs) and Amazon Web Services Service Namespaces</a> in the <i>Amazon Web Services General Reference</i>.</p>
-   */
-  InstanceArn: string | undefined;
-  /**
-   * <p>The ARN of the permission set.</p>
-   */
-  PermissionSetArn: string | undefined;
-  /**
-   * <p>The description of the <a>PermissionSet</a>.</p>
-   */
-  Description?: string;
-  /**
-   * <p>The length of time that the application user sessions are valid for in the ISO-8601
-   *       standard.</p>
-   */
-  SessionDuration?: string;
-  /**
-   * <p>Used to redirect users within the application during the federation authentication
-   *       process.</p>
-   */
-  RelayState?: string;
-}
-export namespace UpdatePermissionSetRequest {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: UpdatePermissionSetRequest): any => ({
-    ...obj,
-  });
-}
-export interface UpdatePermissionSetResponse {}
-export namespace UpdatePermissionSetResponse {
-  /**
-   * @internal
-   */
-  export const filterSensitiveLog = (obj: UpdatePermissionSetResponse): any => ({
-    ...obj,
-  });
-}