diff --git a/amazonka-iam.cabal b/amazonka-iam.cabal
--- a/amazonka-iam.cabal
+++ b/amazonka-iam.cabal
@@ -1,5 +1,5 @@
 name:                  amazonka-iam
-version:               0.2.3
+version:               0.3.0
 synopsis:              Amazon Identity and Access Management SDK.
 homepage:              https://github.com/brendanhay/amazonka
 license:               OtherLicense
@@ -125,5 +125,5 @@
     other-modules:
 
     build-depends:
-          amazonka-core == 0.2.3.*
+          amazonka-core == 0.3.0.*
         , base          >= 4.7     && < 5
diff --git a/gen/Network/AWS/IAM/CreateAccountAlias.hs b/gen/Network/AWS/IAM/CreateAccountAlias.hs
--- a/gen/Network/AWS/IAM/CreateAccountAlias.hs
+++ b/gen/Network/AWS/IAM/CreateAccountAlias.hs
@@ -63,7 +63,7 @@
     { _caaAccountAlias = p1
     }
 
--- | The name of the account alias to create.
+-- | The account alias to create.
 caaAccountAlias :: Lens' CreateAccountAlias Text
 caaAccountAlias = lens _caaAccountAlias (\s a -> s { _caaAccountAlias = a })
 
diff --git a/gen/Network/AWS/IAM/CreateOpenIDConnectProvider.hs b/gen/Network/AWS/IAM/CreateOpenIDConnectProvider.hs
--- a/gen/Network/AWS/IAM/CreateOpenIDConnectProvider.hs
+++ b/gen/Network/AWS/IAM/CreateOpenIDConnectProvider.hs
@@ -118,6 +118,8 @@
 -- stores its keys at "https://keys.server.example.com/openid-connect", the
 -- thumbprint string would be the hex-encoded SHA-1 hash value of the
 -- certificate used by https://keys.server.example.com.
+--
+-- For more information about obtaining the OIDC provider's thumbprint, see <http://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-oidc-obtain-thumbprint.html Obtaining the Thumbprint for an OpenID Connect Provider> in the /Using IAM/ guide.
 coidcpThumbprintList :: Lens' CreateOpenIDConnectProvider [Text]
 coidcpThumbprintList =
     lens _coidcpThumbprintList (\s a -> s { _coidcpThumbprintList = a })
diff --git a/gen/Network/AWS/IAM/CreateVirtualMFADevice.hs b/gen/Network/AWS/IAM/CreateVirtualMFADevice.hs
--- a/gen/Network/AWS/IAM/CreateVirtualMFADevice.hs
+++ b/gen/Network/AWS/IAM/CreateVirtualMFADevice.hs
@@ -23,7 +23,7 @@
 -- Derived from AWS service descriptions, licensed under Apache 2.0.
 
 -- | Creates a new virtual MFA device for the AWS account. After creating the
--- virtual MFA, use <http://docs.aws.amazon.com/IAM/latest/APIReference/API_EnableMFADevice.html EnableMFADevice> to attach the MFA device to an IAM user. For
+-- virtual MFA, use 'EnableMFADevice' to attach the MFA device to an IAM user. For
 -- more information about creating and working with virtual MFA devices, go to <http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html Using a Virtual MFA Device> in the /Using IAM/ guide.
 --
 -- For information about limits on the number of MFA devices you can create,
diff --git a/gen/Network/AWS/IAM/DeleteServerCertificate.hs b/gen/Network/AWS/IAM/DeleteServerCertificate.hs
--- a/gen/Network/AWS/IAM/DeleteServerCertificate.hs
+++ b/gen/Network/AWS/IAM/DeleteServerCertificate.hs
@@ -30,7 +30,7 @@
 -- to use the certificates. This could cause Elastic Load Balancing to stop
 -- accepting traffic. We recommend that you remove the reference to the
 -- certificate from Elastic Load Balancing before using this command to delete
--- the certificate. For more information, go to DeleteLoadBalancerListeners in
+-- the certificate. For more information, go to <http://docs.aws.amazon.com/ElasticLoadBalancing/latest/APIReference/API_DeleteLoadBalancerListeners.html DeleteLoadBalancerListeners> in
 -- the /Elastic Load Balancing API Reference/.
 --
 -- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteServerCertificate.html>
diff --git a/gen/Network/AWS/IAM/DeleteVirtualMFADevice.hs b/gen/Network/AWS/IAM/DeleteVirtualMFADevice.hs
--- a/gen/Network/AWS/IAM/DeleteVirtualMFADevice.hs
+++ b/gen/Network/AWS/IAM/DeleteVirtualMFADevice.hs
@@ -25,7 +25,7 @@
 -- | Deletes a virtual MFA device.
 --
 -- You must deactivate a user's virtual MFA device before you can delete it.
--- For information about deactivating MFA devices, see <http://docs.aws.amazon.com/IAM/latest/APIReference/API_DeactivateMFADevice.html DeactivateMFADevice>.
+-- For information about deactivating MFA devices, see 'DeactivateMFADevice'.
 --
 -- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteVirtualMFADevice.html>
 module Network.AWS.IAM.DeleteVirtualMFADevice
diff --git a/gen/Network/AWS/IAM/GenerateCredentialReport.hs b/gen/Network/AWS/IAM/GenerateCredentialReport.hs
--- a/gen/Network/AWS/IAM/GenerateCredentialReport.hs
+++ b/gen/Network/AWS/IAM/GenerateCredentialReport.hs
@@ -78,7 +78,7 @@
 gcrrDescription :: Lens' GenerateCredentialReportResponse (Maybe Text)
 gcrrDescription = lens _gcrrDescription (\s a -> s { _gcrrDescription = a })
 
--- | Information about the state of a credential report.
+-- | Information about the state of the credential report.
 gcrrState :: Lens' GenerateCredentialReportResponse (Maybe ReportStateType)
 gcrrState = lens _gcrrState (\s a -> s { _gcrrState = a })
 
diff --git a/gen/Network/AWS/IAM/GetAccountAuthorizationDetails.hs b/gen/Network/AWS/IAM/GetAccountAuthorizationDetails.hs
--- a/gen/Network/AWS/IAM/GetAccountAuthorizationDetails.hs
+++ b/gen/Network/AWS/IAM/GetAccountAuthorizationDetails.hs
@@ -23,9 +23,9 @@
 -- Derived from AWS service descriptions, licensed under Apache 2.0.
 
 -- | Retrieves information about all IAM users, groups, and roles in your account,
--- including their relationships to one another and their attached policies. Use
--- this API to obtain a snapshot of the configuration of IAM permissions (users,
--- groups, roles, and policies) in your account.
+-- including their relationships to one another and their policies. Use this API
+-- to obtain a snapshot of the configuration of IAM permissions (users, groups,
+-- roles, and their policies) in your account.
 --
 -- You can optionally filter the results using the 'Filter' parameter. You can
 -- paginate the results using the 'MaxItems' and 'Marker' parameters.
diff --git a/gen/Network/AWS/IAM/GetAccountSummary.hs b/gen/Network/AWS/IAM/GetAccountSummary.hs
--- a/gen/Network/AWS/IAM/GetAccountSummary.hs
+++ b/gen/Network/AWS/IAM/GetAccountSummary.hs
@@ -71,54 +71,62 @@
 
 -- | A set of key value pairs containing account-level information.
 --
--- 'SummaryMap' contains the following keys:  'AccessKeysPerUserQuota' - Maximum
--- number of access keys that can be created per user
+-- 'SummaryMap' contains the following keys:   'AccessKeysPerUserQuota' - Maximum
+-- number of active access keys allowed per IAM user
 --
--- 'AccountMFAEnabled' - 1 if the root account has an MFA device assigned to it,
--- 0 otherwise
+-- 'AccountAccessKeysPresent' - 1 if the root account has an access key, 0
+-- otherwise
 --
+-- 'AccountMFAEnabled' - 1 if the root account has an MFA device assigned to
+-- it, 0 otherwise
+--
+-- 'AccountSigningCertificatesPresent' - 1 if the root account has a signing
+-- certificate, 0 otherwise
+--
 -- 'AssumeRolePolicySizeQuota' - Maximum allowed size for assume role policy
--- documents (in kilobytes)
+-- documents (trust policies), in non-whitespace characters
 --
--- 'GroupPolicySizeQuota' - Maximum allowed size for Group policy documents (in
--- kilobytes)
+-- 'GroupPolicySizeQuota' - Maximum allowed size for IAM group policy
+-- documents, in non-whitespace characters
 --
--- 'Groups' - Number of Groups for the AWS account
+-- 'Groups' - Number of IAM groups in the AWS account
 --
--- 'GroupsPerUserQuota' - Maximum number of groups an IAM user can belong to
+-- 'GroupsPerUserQuota' - Maximum number of IAM groups each IAM user can belong
+-- to
 --
--- 'GroupsQuota' - Maximum groups allowed for the AWS account
+-- 'GroupsQuota' - Maximum number of IAM groups allowed in the AWS account
 --
--- 'InstanceProfiles' - Number of instance profiles for the AWS account
+-- 'InstanceProfiles' - Number of instance profiles in the AWS account
 --
--- 'InstanceProfilesQuota' - Maximum instance profiles allowed for the AWS account
+-- 'InstanceProfilesQuota' - Maximum number of instance profiles allowed in the
+-- AWS account
 --
 -- 'MFADevices' - Number of MFA devices, either assigned or unassigned
 --
 -- 'MFADevicesInUse' - Number of MFA devices that have been assigned to an IAM
 -- user or to the root account
 --
--- 'RolePolicySizeQuota' - Maximum allowed size for role policy documents (in
--- kilobytes)
+-- 'RolePolicySizeQuota' - Maximum allowed size for IAM role policy documents
+-- (permissions policies), in non-whitespace characters
 --
--- 'Roles' - Number of roles for the AWS account
+-- 'Roles' - Number of roles IAM in the AWS account
 --
--- 'RolesQuota' - Maximum roles allowed for the AWS account
+-- 'RolesQuota' - Maximum number of IAM roles allowed in the AWS account
 --
--- 'ServerCertificates' - Number of server certificates for the AWS account
+-- 'UserPolicySizeQuota' - Maximum allowed size for IAM user policy documents,
+-- in non-whitespace characters
 --
--- 'ServerCertificatesQuota' - Maximum server certificates allowed for the AWS
--- account
+-- 'Users' - Number of IAM users in the AWS account
 --
--- 'SigningCertificatesPerUserQuota' - Maximum number of X509 certificates
--- allowed for a user
+-- 'UsersQuota' - Maximum number of IAM users allowed in the AWS account
 --
--- 'UserPolicySizeQuota' - Maximum allowed size for user policy documents (in
--- kilobytes)
+-- 'ServerCertificates' - Number of server certificates in the AWS account
 --
--- 'Users' - Number of users for the AWS account
+-- 'ServerCertificatesQuota' - Maximum number of server certificates allowed in
+-- the AWS account
 --
--- 'UsersQuota' - Maximum users allowed for the AWS account
+-- 'SigningCertificatesPerUserQuota' - Maximum number of X509 signing
+-- certificates allowed per IAM user
 --
 --
 gasrSummaryMap :: Lens' GetAccountSummaryResponse (HashMap SummaryKeyType Int)
diff --git a/gen/Network/AWS/IAM/Types.hs b/gen/Network/AWS/IAM/Types.hs
--- a/gen/Network/AWS/IAM/Types.hs
+++ b/gen/Network/AWS/IAM/Types.hs
@@ -695,7 +695,7 @@
 rdArn :: Lens' RoleDetail (Maybe Text)
 rdArn = lens _rdArn (\s a -> s { _rdArn = a })
 
--- | The trust policy that grants an entity permission to assume the role.
+-- | The trust policy that grants permission to assume the role.
 --
 -- The returned policy is URL-encoded according to <http://www.faqs.org/rfcs/rfc3986.html RFC 3986>.
 rdAssumeRolePolicyDocument :: Lens' RoleDetail (Maybe Text)
@@ -726,7 +726,7 @@
 rdRoleName :: Lens' RoleDetail (Maybe Text)
 rdRoleName = lens _rdRoleName (\s a -> s { _rdRoleName = a })
 
--- | A list of the access (permissions) policies attached to the role.
+-- | A list of the role's access (permissions) policies.
 rdRolePolicyList :: Lens' RoleDetail [PolicyDetail]
 rdRolePolicyList = lens _rdRolePolicyList (\s a -> s { _rdRolePolicyList = a }) . _List
 
@@ -1084,7 +1084,7 @@
 gdGroupName :: Lens' GroupDetail (Maybe Text)
 gdGroupName = lens _gdGroupName (\s a -> s { _gdGroupName = a })
 
--- | A list of the policies attached to the group.
+-- | A list of the group's policies.
 gdGroupPolicyList :: Lens' GroupDetail [PolicyDetail]
 gdGroupPolicyList =
     lens _gdGroupPolicyList (\s a -> s { _gdGroupPolicyList = a })
@@ -1493,7 +1493,7 @@
 udCreateDate :: Lens' UserDetail (Maybe UTCTime)
 udCreateDate = lens _udCreateDate (\s a -> s { _udCreateDate = a }) . mapping _Time
 
--- | A list of the IAM groups that the user is in.
+-- | A list of IAM groups that the user is in.
 udGroupList :: Lens' UserDetail [Text]
 udGroupList = lens _udGroupList (\s a -> s { _udGroupList = a }) . _List
 
@@ -1511,7 +1511,7 @@
 udUserName :: Lens' UserDetail (Maybe Text)
 udUserName = lens _udUserName (\s a -> s { _udUserName = a })
 
--- | A list of the policies attached to the user.
+-- | A list of the user's policies.
 udUserPolicyList :: Lens' UserDetail [PolicyDetail]
 udUserPolicyList = lens _udUserPolicyList (\s a -> s { _udUserPolicyList = a }) . _List
 
diff --git a/gen/Network/AWS/IAM/UpdateOpenIDConnectProviderThumbprint.hs b/gen/Network/AWS/IAM/UpdateOpenIDConnectProviderThumbprint.hs
--- a/gen/Network/AWS/IAM/UpdateOpenIDConnectProviderThumbprint.hs
+++ b/gen/Network/AWS/IAM/UpdateOpenIDConnectProviderThumbprint.hs
@@ -30,7 +30,7 @@
 -- Typically, you need to update a thumbprint only when the identity provider's
 -- certificate changes, which occurs rarely. However, if the provider's
 -- certificate /does/ change, any attempt to assume an IAM role that specifies the
--- IAM provider as a principal will fail until the certificate thumbprint is
+-- OIDC provider as a principal will fail until the certificate thumbprint is
 -- updated.
 --
 -- Because trust for the OpenID Connect provider is ultimately derived from the
