diff --git a/README.md b/README.md
--- a/README.md
+++ b/README.md
@@ -7,9 +7,8 @@
 
 
 ## Version
-
-`1.6.1`
-
+ 
+`2.0` - Derived from API version @2015-05-28@ of the AWS service descriptions, licensed under Apache 2.0.
 
 ## Description
 
@@ -26,7 +25,7 @@
 The provided lenses should be compatible with any of the major lens libraries
 [lens](http://hackage.haskell.org/package/lens) or [lens-family-core](http://hackage.haskell.org/package/lens-family-core).
 
-See [Network.AWS.IoT](http://hackage.haskell.org/package/amazonka-iot/docs/Network-AWS-IoT.html)
+See [Amazonka.IoT](http://hackage.haskell.org/package/amazonka-iot/docs/Amazonka-IoT.html)
 or [the AWS documentation](https://aws.amazon.com/documentation/) to get started.
 
 
diff --git a/Setup.hs b/Setup.hs
deleted file mode 100644
--- a/Setup.hs
+++ /dev/null
@@ -1,2 +0,0 @@
-import           Distribution.Simple
-main = defaultMain
diff --git a/amazonka-iot.cabal b/amazonka-iot.cabal
--- a/amazonka-iot.cabal
+++ b/amazonka-iot.cabal
@@ -1,204 +1,587 @@
-name:                  amazonka-iot
-version:               1.6.1
-synopsis:              Amazon IoT SDK.
-homepage:              https://github.com/brendanhay/amazonka
-bug-reports:           https://github.com/brendanhay/amazonka/issues
-license:               MPL-2.0
-license-file:          LICENSE
-author:                Brendan Hay
-maintainer:            Brendan Hay <brendan.g.hay+amazonka@gmail.com>
-copyright:             Copyright (c) 2013-2018 Brendan Hay
-category:              Network, AWS, Cloud, Distributed Computing
-build-type:            Simple
-cabal-version:         >= 1.10
-extra-source-files:    README.md fixture/*.yaml fixture/*.proto src/.gitkeep
+cabal-version:      2.2
+name:               amazonka-iot
+version:            2.0
+synopsis:           Amazon IoT SDK.
+homepage:           https://github.com/brendanhay/amazonka
+bug-reports:        https://github.com/brendanhay/amazonka/issues
+license:            MPL-2.0
+license-file:       LICENSE
+author:             Brendan Hay
+maintainer:
+  Brendan Hay <brendan.g.hay+amazonka@gmail.com>, Jack Kelly <jack@jackkelly.name>
+
+copyright:          Copyright (c) 2013-2023 Brendan Hay
+category:           AWS
+build-type:         Simple
+extra-source-files:
+  fixture/*.proto
+  fixture/*.yaml
+  README.md
+  src/.gitkeep
+
 description:
-    The types from this library are intended to be used with
-    <http://hackage.haskell.org/package/amazonka amazonka>, which provides
-    mechanisms for specifying AuthN/AuthZ information, sending requests,
-    and receiving responses.
-    .
-    Lenses are used for constructing and manipulating types,
-    due to the depth of nesting of AWS types and transparency regarding
-    de/serialisation into more palatable Haskell values.
-    The provided lenses should be compatible with any of the major lens libraries
-    such as <http://hackage.haskell.org/package/lens lens> or
-    <http://hackage.haskell.org/package/lens-family-core lens-family-core>.
-    .
-    See "Network.AWS.IoT" or <https://aws.amazon.com/documentation/ the AWS documentation>
-    to get started.
+  Derived from API version @2015-05-28@ of the AWS service descriptions, licensed under Apache 2.0.
+  .
+  The types from this library are intended to be used with <http://hackage.haskell.org/package/amazonka amazonka>,
+  which provides mechanisms for specifying AuthN/AuthZ information, sending requests, and receiving responses.
+  .
+  It is recommended to use generic lenses or optics from packages such as <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify optional fields and deconstruct responses.
+  .
+  Generated lenses can be found in "Amazonka.IoT.Lens" and are
+  suitable for use with a lens package such as <http://hackage.haskell.org/package/lens lens> or <http://hackage.haskell.org/package/lens-family-core lens-family-core>.
+  .
+  See "Amazonka.IoT" and the <https://aws.amazon.com/documentation/ AWS documentation> to get started.
 
 source-repository head
-    type:              git
-    location:          git://github.com/brendanhay/amazonka.git
-    subdir:            amazonka-iot
+  type:     git
+  location: git://github.com/brendanhay/amazonka.git
+  subdir:   amazonka-iot
 
 library
-    default-language:  Haskell2010
-    hs-source-dirs:    src gen
-
-    ghc-options:
-        -Wall
-        -fwarn-incomplete-uni-patterns
-        -fwarn-incomplete-record-updates
-        -funbox-strict-fields
-
-    exposed-modules:
-          Network.AWS.IoT
-        , Network.AWS.IoT.AcceptCertificateTransfer
-        , Network.AWS.IoT.AddThingToThingGroup
-        , Network.AWS.IoT.AssociateTargetsWithJob
-        , Network.AWS.IoT.AttachPolicy
-        , Network.AWS.IoT.AttachThingPrincipal
-        , Network.AWS.IoT.CancelCertificateTransfer
-        , Network.AWS.IoT.CancelJob
-        , Network.AWS.IoT.ClearDefaultAuthorizer
-        , Network.AWS.IoT.CreateAuthorizer
-        , Network.AWS.IoT.CreateCertificateFromCSR
-        , Network.AWS.IoT.CreateJob
-        , Network.AWS.IoT.CreateKeysAndCertificate
-        , Network.AWS.IoT.CreateOTAUpdate
-        , Network.AWS.IoT.CreatePolicy
-        , Network.AWS.IoT.CreatePolicyVersion
-        , Network.AWS.IoT.CreateRoleAlias
-        , Network.AWS.IoT.CreateStream
-        , Network.AWS.IoT.CreateThing
-        , Network.AWS.IoT.CreateThingGroup
-        , Network.AWS.IoT.CreateThingType
-        , Network.AWS.IoT.CreateTopicRule
-        , Network.AWS.IoT.DeleteAuthorizer
-        , Network.AWS.IoT.DeleteCACertificate
-        , Network.AWS.IoT.DeleteCertificate
-        , Network.AWS.IoT.DeleteOTAUpdate
-        , Network.AWS.IoT.DeletePolicy
-        , Network.AWS.IoT.DeletePolicyVersion
-        , Network.AWS.IoT.DeleteRegistrationCode
-        , Network.AWS.IoT.DeleteRoleAlias
-        , Network.AWS.IoT.DeleteStream
-        , Network.AWS.IoT.DeleteThing
-        , Network.AWS.IoT.DeleteThingGroup
-        , Network.AWS.IoT.DeleteThingType
-        , Network.AWS.IoT.DeleteTopicRule
-        , Network.AWS.IoT.DeleteV2LoggingLevel
-        , Network.AWS.IoT.DeprecateThingType
-        , Network.AWS.IoT.DescribeAuthorizer
-        , Network.AWS.IoT.DescribeCACertificate
-        , Network.AWS.IoT.DescribeCertificate
-        , Network.AWS.IoT.DescribeDefaultAuthorizer
-        , Network.AWS.IoT.DescribeEndpoint
-        , Network.AWS.IoT.DescribeEventConfigurations
-        , Network.AWS.IoT.DescribeIndex
-        , Network.AWS.IoT.DescribeJob
-        , Network.AWS.IoT.DescribeJobExecution
-        , Network.AWS.IoT.DescribeRoleAlias
-        , Network.AWS.IoT.DescribeStream
-        , Network.AWS.IoT.DescribeThing
-        , Network.AWS.IoT.DescribeThingGroup
-        , Network.AWS.IoT.DescribeThingRegistrationTask
-        , Network.AWS.IoT.DescribeThingType
-        , Network.AWS.IoT.DetachPolicy
-        , Network.AWS.IoT.DetachThingPrincipal
-        , Network.AWS.IoT.DisableTopicRule
-        , Network.AWS.IoT.EnableTopicRule
-        , Network.AWS.IoT.GetEffectivePolicies
-        , Network.AWS.IoT.GetIndexingConfiguration
-        , Network.AWS.IoT.GetJobDocument
-        , Network.AWS.IoT.GetLoggingOptions
-        , Network.AWS.IoT.GetOTAUpdate
-        , Network.AWS.IoT.GetPolicy
-        , Network.AWS.IoT.GetPolicyVersion
-        , Network.AWS.IoT.GetRegistrationCode
-        , Network.AWS.IoT.GetTopicRule
-        , Network.AWS.IoT.GetV2LoggingOptions
-        , Network.AWS.IoT.ListAttachedPolicies
-        , Network.AWS.IoT.ListAuthorizers
-        , Network.AWS.IoT.ListCACertificates
-        , Network.AWS.IoT.ListCertificates
-        , Network.AWS.IoT.ListCertificatesByCA
-        , Network.AWS.IoT.ListIndices
-        , Network.AWS.IoT.ListJobExecutionsForJob
-        , Network.AWS.IoT.ListJobExecutionsForThing
-        , Network.AWS.IoT.ListJobs
-        , Network.AWS.IoT.ListOTAUpdates
-        , Network.AWS.IoT.ListOutgoingCertificates
-        , Network.AWS.IoT.ListPolicies
-        , Network.AWS.IoT.ListPolicyVersions
-        , Network.AWS.IoT.ListPrincipalThings
-        , Network.AWS.IoT.ListRoleAliases
-        , Network.AWS.IoT.ListStreams
-        , Network.AWS.IoT.ListTargetsForPolicy
-        , Network.AWS.IoT.ListThingGroups
-        , Network.AWS.IoT.ListThingGroupsForThing
-        , Network.AWS.IoT.ListThingPrincipals
-        , Network.AWS.IoT.ListThingRegistrationTaskReports
-        , Network.AWS.IoT.ListThingRegistrationTasks
-        , Network.AWS.IoT.ListThingTypes
-        , Network.AWS.IoT.ListThings
-        , Network.AWS.IoT.ListThingsInThingGroup
-        , Network.AWS.IoT.ListTopicRules
-        , Network.AWS.IoT.ListV2LoggingLevels
-        , Network.AWS.IoT.RegisterCACertificate
-        , Network.AWS.IoT.RegisterCertificate
-        , Network.AWS.IoT.RegisterThing
-        , Network.AWS.IoT.RejectCertificateTransfer
-        , Network.AWS.IoT.RemoveThingFromThingGroup
-        , Network.AWS.IoT.ReplaceTopicRule
-        , Network.AWS.IoT.SearchIndex
-        , Network.AWS.IoT.SetDefaultAuthorizer
-        , Network.AWS.IoT.SetDefaultPolicyVersion
-        , Network.AWS.IoT.SetLoggingOptions
-        , Network.AWS.IoT.SetV2LoggingLevel
-        , Network.AWS.IoT.SetV2LoggingOptions
-        , Network.AWS.IoT.StartThingRegistrationTask
-        , Network.AWS.IoT.StopThingRegistrationTask
-        , Network.AWS.IoT.TestAuthorization
-        , Network.AWS.IoT.TestInvokeAuthorizer
-        , Network.AWS.IoT.TransferCertificate
-        , Network.AWS.IoT.Types
-        , Network.AWS.IoT.UpdateAuthorizer
-        , Network.AWS.IoT.UpdateCACertificate
-        , Network.AWS.IoT.UpdateCertificate
-        , Network.AWS.IoT.UpdateEventConfigurations
-        , Network.AWS.IoT.UpdateIndexingConfiguration
-        , Network.AWS.IoT.UpdateRoleAlias
-        , Network.AWS.IoT.UpdateStream
-        , Network.AWS.IoT.UpdateThing
-        , Network.AWS.IoT.UpdateThingGroup
-        , Network.AWS.IoT.UpdateThingGroupsForThing
-        , Network.AWS.IoT.Waiters
+  default-language: Haskell2010
+  hs-source-dirs:   src gen
+  ghc-options:
+    -Wall -fwarn-incomplete-uni-patterns
+    -fwarn-incomplete-record-updates -funbox-strict-fields
 
-    other-modules:
-          Network.AWS.IoT.Types.Product
-        , Network.AWS.IoT.Types.Sum
+  exposed-modules:
+    Amazonka.IoT
+    Amazonka.IoT.AcceptCertificateTransfer
+    Amazonka.IoT.AddThingToBillingGroup
+    Amazonka.IoT.AddThingToThingGroup
+    Amazonka.IoT.AssociateTargetsWithJob
+    Amazonka.IoT.AttachPolicy
+    Amazonka.IoT.AttachSecurityProfile
+    Amazonka.IoT.AttachThingPrincipal
+    Amazonka.IoT.CancelAuditMitigationActionsTask
+    Amazonka.IoT.CancelAuditTask
+    Amazonka.IoT.CancelCertificateTransfer
+    Amazonka.IoT.CancelDetectMitigationActionsTask
+    Amazonka.IoT.CancelJob
+    Amazonka.IoT.CancelJobExecution
+    Amazonka.IoT.ClearDefaultAuthorizer
+    Amazonka.IoT.ConfirmTopicRuleDestination
+    Amazonka.IoT.CreateAuditSuppression
+    Amazonka.IoT.CreateAuthorizer
+    Amazonka.IoT.CreateBillingGroup
+    Amazonka.IoT.CreateCertificateFromCsr
+    Amazonka.IoT.CreateCustomMetric
+    Amazonka.IoT.CreateDimension
+    Amazonka.IoT.CreateDomainConfiguration
+    Amazonka.IoT.CreateDynamicThingGroup
+    Amazonka.IoT.CreateFleetMetric
+    Amazonka.IoT.CreateJob
+    Amazonka.IoT.CreateJobTemplate
+    Amazonka.IoT.CreateKeysAndCertificate
+    Amazonka.IoT.CreateMitigationAction
+    Amazonka.IoT.CreateOTAUpdate
+    Amazonka.IoT.CreatePolicy
+    Amazonka.IoT.CreatePolicyVersion
+    Amazonka.IoT.CreateProvisioningClaim
+    Amazonka.IoT.CreateProvisioningTemplate
+    Amazonka.IoT.CreateProvisioningTemplateVersion
+    Amazonka.IoT.CreateRoleAlias
+    Amazonka.IoT.CreateScheduledAudit
+    Amazonka.IoT.CreateSecurityProfile
+    Amazonka.IoT.CreateStream
+    Amazonka.IoT.CreateThing
+    Amazonka.IoT.CreateThingGroup
+    Amazonka.IoT.CreateThingType
+    Amazonka.IoT.CreateTopicRule
+    Amazonka.IoT.CreateTopicRuleDestination
+    Amazonka.IoT.DeleteAccountAuditConfiguration
+    Amazonka.IoT.DeleteAuditSuppression
+    Amazonka.IoT.DeleteAuthorizer
+    Amazonka.IoT.DeleteBillingGroup
+    Amazonka.IoT.DeleteCACertificate
+    Amazonka.IoT.DeleteCertificate
+    Amazonka.IoT.DeleteCustomMetric
+    Amazonka.IoT.DeleteDimension
+    Amazonka.IoT.DeleteDomainConfiguration
+    Amazonka.IoT.DeleteDynamicThingGroup
+    Amazonka.IoT.DeleteFleetMetric
+    Amazonka.IoT.DeleteJob
+    Amazonka.IoT.DeleteJobExecution
+    Amazonka.IoT.DeleteJobTemplate
+    Amazonka.IoT.DeleteMitigationAction
+    Amazonka.IoT.DeleteOTAUpdate
+    Amazonka.IoT.DeletePolicy
+    Amazonka.IoT.DeletePolicyVersion
+    Amazonka.IoT.DeleteProvisioningTemplate
+    Amazonka.IoT.DeleteProvisioningTemplateVersion
+    Amazonka.IoT.DeleteRegistrationCode
+    Amazonka.IoT.DeleteRoleAlias
+    Amazonka.IoT.DeleteScheduledAudit
+    Amazonka.IoT.DeleteSecurityProfile
+    Amazonka.IoT.DeleteStream
+    Amazonka.IoT.DeleteThing
+    Amazonka.IoT.DeleteThingGroup
+    Amazonka.IoT.DeleteThingType
+    Amazonka.IoT.DeleteTopicRule
+    Amazonka.IoT.DeleteTopicRuleDestination
+    Amazonka.IoT.DeleteV2LoggingLevel
+    Amazonka.IoT.DeprecateThingType
+    Amazonka.IoT.DescribeAccountAuditConfiguration
+    Amazonka.IoT.DescribeAuditFinding
+    Amazonka.IoT.DescribeAuditMitigationActionsTask
+    Amazonka.IoT.DescribeAuditSuppression
+    Amazonka.IoT.DescribeAuditTask
+    Amazonka.IoT.DescribeAuthorizer
+    Amazonka.IoT.DescribeBillingGroup
+    Amazonka.IoT.DescribeCACertificate
+    Amazonka.IoT.DescribeCertificate
+    Amazonka.IoT.DescribeCustomMetric
+    Amazonka.IoT.DescribeDefaultAuthorizer
+    Amazonka.IoT.DescribeDetectMitigationActionsTask
+    Amazonka.IoT.DescribeDimension
+    Amazonka.IoT.DescribeDomainConfiguration
+    Amazonka.IoT.DescribeEndpoint
+    Amazonka.IoT.DescribeEventConfigurations
+    Amazonka.IoT.DescribeFleetMetric
+    Amazonka.IoT.DescribeIndex
+    Amazonka.IoT.DescribeJob
+    Amazonka.IoT.DescribeJobExecution
+    Amazonka.IoT.DescribeJobTemplate
+    Amazonka.IoT.DescribeManagedJobTemplate
+    Amazonka.IoT.DescribeMitigationAction
+    Amazonka.IoT.DescribeProvisioningTemplate
+    Amazonka.IoT.DescribeProvisioningTemplateVersion
+    Amazonka.IoT.DescribeRoleAlias
+    Amazonka.IoT.DescribeScheduledAudit
+    Amazonka.IoT.DescribeSecurityProfile
+    Amazonka.IoT.DescribeStream
+    Amazonka.IoT.DescribeThing
+    Amazonka.IoT.DescribeThingGroup
+    Amazonka.IoT.DescribeThingRegistrationTask
+    Amazonka.IoT.DescribeThingType
+    Amazonka.IoT.DetachPolicy
+    Amazonka.IoT.DetachSecurityProfile
+    Amazonka.IoT.DetachThingPrincipal
+    Amazonka.IoT.DisableTopicRule
+    Amazonka.IoT.EnableTopicRule
+    Amazonka.IoT.GetBehaviorModelTrainingSummaries
+    Amazonka.IoT.GetBucketsAggregation
+    Amazonka.IoT.GetCardinality
+    Amazonka.IoT.GetEffectivePolicies
+    Amazonka.IoT.GetIndexingConfiguration
+    Amazonka.IoT.GetJobDocument
+    Amazonka.IoT.GetLoggingOptions
+    Amazonka.IoT.GetOTAUpdate
+    Amazonka.IoT.GetPercentiles
+    Amazonka.IoT.GetPolicy
+    Amazonka.IoT.GetPolicyVersion
+    Amazonka.IoT.GetRegistrationCode
+    Amazonka.IoT.GetStatistics
+    Amazonka.IoT.GetTopicRule
+    Amazonka.IoT.GetTopicRuleDestination
+    Amazonka.IoT.GetV2LoggingOptions
+    Amazonka.IoT.Lens
+    Amazonka.IoT.ListActiveViolations
+    Amazonka.IoT.ListAttachedPolicies
+    Amazonka.IoT.ListAuditFindings
+    Amazonka.IoT.ListAuditMitigationActionsExecutions
+    Amazonka.IoT.ListAuditMitigationActionsTasks
+    Amazonka.IoT.ListAuditSuppressions
+    Amazonka.IoT.ListAuditTasks
+    Amazonka.IoT.ListAuthorizers
+    Amazonka.IoT.ListBillingGroups
+    Amazonka.IoT.ListCACertificates
+    Amazonka.IoT.ListCertificates
+    Amazonka.IoT.ListCertificatesByCA
+    Amazonka.IoT.ListCustomMetrics
+    Amazonka.IoT.ListDetectMitigationActionsExecutions
+    Amazonka.IoT.ListDetectMitigationActionsTasks
+    Amazonka.IoT.ListDimensions
+    Amazonka.IoT.ListDomainConfigurations
+    Amazonka.IoT.ListFleetMetrics
+    Amazonka.IoT.ListIndices
+    Amazonka.IoT.ListJobExecutionsForJob
+    Amazonka.IoT.ListJobExecutionsForThing
+    Amazonka.IoT.ListJobs
+    Amazonka.IoT.ListJobTemplates
+    Amazonka.IoT.ListManagedJobTemplates
+    Amazonka.IoT.ListMetricValues
+    Amazonka.IoT.ListMitigationActions
+    Amazonka.IoT.ListOTAUpdates
+    Amazonka.IoT.ListOutgoingCertificates
+    Amazonka.IoT.ListPolicies
+    Amazonka.IoT.ListPolicyVersions
+    Amazonka.IoT.ListPrincipalThings
+    Amazonka.IoT.ListProvisioningTemplates
+    Amazonka.IoT.ListProvisioningTemplateVersions
+    Amazonka.IoT.ListRelatedResourcesForAuditFinding
+    Amazonka.IoT.ListRoleAliases
+    Amazonka.IoT.ListScheduledAudits
+    Amazonka.IoT.ListSecurityProfiles
+    Amazonka.IoT.ListSecurityProfilesForTarget
+    Amazonka.IoT.ListStreams
+    Amazonka.IoT.ListTagsForResource
+    Amazonka.IoT.ListTargetsForPolicy
+    Amazonka.IoT.ListTargetsForSecurityProfile
+    Amazonka.IoT.ListThingGroups
+    Amazonka.IoT.ListThingGroupsForThing
+    Amazonka.IoT.ListThingPrincipals
+    Amazonka.IoT.ListThingRegistrationTaskReports
+    Amazonka.IoT.ListThingRegistrationTasks
+    Amazonka.IoT.ListThings
+    Amazonka.IoT.ListThingsInBillingGroup
+    Amazonka.IoT.ListThingsInThingGroup
+    Amazonka.IoT.ListThingTypes
+    Amazonka.IoT.ListTopicRuleDestinations
+    Amazonka.IoT.ListTopicRules
+    Amazonka.IoT.ListV2LoggingLevels
+    Amazonka.IoT.ListViolationEvents
+    Amazonka.IoT.PutVerificationStateOnViolation
+    Amazonka.IoT.RegisterCACertificate
+    Amazonka.IoT.RegisterCertificate
+    Amazonka.IoT.RegisterCertificateWithoutCA
+    Amazonka.IoT.RegisterThing
+    Amazonka.IoT.RejectCertificateTransfer
+    Amazonka.IoT.RemoveThingFromBillingGroup
+    Amazonka.IoT.RemoveThingFromThingGroup
+    Amazonka.IoT.ReplaceTopicRule
+    Amazonka.IoT.SearchIndex
+    Amazonka.IoT.SetDefaultAuthorizer
+    Amazonka.IoT.SetDefaultPolicyVersion
+    Amazonka.IoT.SetLoggingOptions
+    Amazonka.IoT.SetV2LoggingLevel
+    Amazonka.IoT.SetV2LoggingOptions
+    Amazonka.IoT.StartAuditMitigationActionsTask
+    Amazonka.IoT.StartDetectMitigationActionsTask
+    Amazonka.IoT.StartOnDemandAuditTask
+    Amazonka.IoT.StartThingRegistrationTask
+    Amazonka.IoT.StopThingRegistrationTask
+    Amazonka.IoT.TagResource
+    Amazonka.IoT.TestAuthorization
+    Amazonka.IoT.TestInvokeAuthorizer
+    Amazonka.IoT.TransferCertificate
+    Amazonka.IoT.Types
+    Amazonka.IoT.Types.AbortAction
+    Amazonka.IoT.Types.AbortConfig
+    Amazonka.IoT.Types.AbortCriteria
+    Amazonka.IoT.Types.Action
+    Amazonka.IoT.Types.ActionType
+    Amazonka.IoT.Types.ActiveViolation
+    Amazonka.IoT.Types.AddThingsToThingGroupParams
+    Amazonka.IoT.Types.AggregationType
+    Amazonka.IoT.Types.AggregationTypeName
+    Amazonka.IoT.Types.AlertTarget
+    Amazonka.IoT.Types.AlertTargetType
+    Amazonka.IoT.Types.Allowed
+    Amazonka.IoT.Types.AssetPropertyTimestamp
+    Amazonka.IoT.Types.AssetPropertyValue
+    Amazonka.IoT.Types.AssetPropertyVariant
+    Amazonka.IoT.Types.AttributePayload
+    Amazonka.IoT.Types.AuditCheckConfiguration
+    Amazonka.IoT.Types.AuditCheckDetails
+    Amazonka.IoT.Types.AuditCheckRunStatus
+    Amazonka.IoT.Types.AuditFinding
+    Amazonka.IoT.Types.AuditFindingSeverity
+    Amazonka.IoT.Types.AuditFrequency
+    Amazonka.IoT.Types.AuditMitigationActionExecutionMetadata
+    Amazonka.IoT.Types.AuditMitigationActionsExecutionStatus
+    Amazonka.IoT.Types.AuditMitigationActionsTaskMetadata
+    Amazonka.IoT.Types.AuditMitigationActionsTaskStatus
+    Amazonka.IoT.Types.AuditMitigationActionsTaskTarget
+    Amazonka.IoT.Types.AuditNotificationTarget
+    Amazonka.IoT.Types.AuditNotificationType
+    Amazonka.IoT.Types.AuditSuppression
+    Amazonka.IoT.Types.AuditTaskMetadata
+    Amazonka.IoT.Types.AuditTaskStatus
+    Amazonka.IoT.Types.AuditTaskType
+    Amazonka.IoT.Types.AuthDecision
+    Amazonka.IoT.Types.AuthInfo
+    Amazonka.IoT.Types.AuthorizerConfig
+    Amazonka.IoT.Types.AuthorizerDescription
+    Amazonka.IoT.Types.AuthorizerStatus
+    Amazonka.IoT.Types.AuthorizerSummary
+    Amazonka.IoT.Types.AuthResult
+    Amazonka.IoT.Types.AutoRegistrationStatus
+    Amazonka.IoT.Types.AwsJobAbortConfig
+    Amazonka.IoT.Types.AwsJobAbortCriteria
+    Amazonka.IoT.Types.AwsJobAbortCriteriaAbortAction
+    Amazonka.IoT.Types.AwsJobAbortCriteriaFailureType
+    Amazonka.IoT.Types.AwsJobExecutionsRolloutConfig
+    Amazonka.IoT.Types.AwsJobExponentialRolloutRate
+    Amazonka.IoT.Types.AwsJobPresignedUrlConfig
+    Amazonka.IoT.Types.AwsJobRateIncreaseCriteria
+    Amazonka.IoT.Types.AwsJobTimeoutConfig
+    Amazonka.IoT.Types.Behavior
+    Amazonka.IoT.Types.BehaviorCriteria
+    Amazonka.IoT.Types.BehaviorCriteriaType
+    Amazonka.IoT.Types.BehaviorModelTrainingSummary
+    Amazonka.IoT.Types.BillingGroupMetadata
+    Amazonka.IoT.Types.BillingGroupProperties
+    Amazonka.IoT.Types.Bucket
+    Amazonka.IoT.Types.BucketsAggregationType
+    Amazonka.IoT.Types.CACertificate
+    Amazonka.IoT.Types.CACertificateDescription
+    Amazonka.IoT.Types.CACertificateStatus
+    Amazonka.IoT.Types.CACertificateUpdateAction
+    Amazonka.IoT.Types.CannedAccessControlList
+    Amazonka.IoT.Types.Certificate
+    Amazonka.IoT.Types.CertificateDescription
+    Amazonka.IoT.Types.CertificateMode
+    Amazonka.IoT.Types.CertificateStatus
+    Amazonka.IoT.Types.CertificateValidity
+    Amazonka.IoT.Types.CloudwatchAlarmAction
+    Amazonka.IoT.Types.CloudwatchLogsAction
+    Amazonka.IoT.Types.CloudwatchMetricAction
+    Amazonka.IoT.Types.CodeSigning
+    Amazonka.IoT.Types.CodeSigningCertificateChain
+    Amazonka.IoT.Types.CodeSigningSignature
+    Amazonka.IoT.Types.ComparisonOperator
+    Amazonka.IoT.Types.ConfidenceLevel
+    Amazonka.IoT.Types.Configuration
+    Amazonka.IoT.Types.CustomCodeSigning
+    Amazonka.IoT.Types.CustomMetricType
+    Amazonka.IoT.Types.DayOfWeek
+    Amazonka.IoT.Types.Denied
+    Amazonka.IoT.Types.Destination
+    Amazonka.IoT.Types.DetectMitigationActionExecution
+    Amazonka.IoT.Types.DetectMitigationActionExecutionStatus
+    Amazonka.IoT.Types.DetectMitigationActionsTaskStatistics
+    Amazonka.IoT.Types.DetectMitigationActionsTaskStatus
+    Amazonka.IoT.Types.DetectMitigationActionsTaskSummary
+    Amazonka.IoT.Types.DetectMitigationActionsTaskTarget
+    Amazonka.IoT.Types.DeviceCertificateUpdateAction
+    Amazonka.IoT.Types.DeviceDefenderIndexingMode
+    Amazonka.IoT.Types.DimensionType
+    Amazonka.IoT.Types.DimensionValueOperator
+    Amazonka.IoT.Types.DocumentParameter
+    Amazonka.IoT.Types.DomainConfigurationStatus
+    Amazonka.IoT.Types.DomainConfigurationSummary
+    Amazonka.IoT.Types.DomainType
+    Amazonka.IoT.Types.DynamicGroupStatus
+    Amazonka.IoT.Types.DynamoDBAction
+    Amazonka.IoT.Types.DynamoDBv2Action
+    Amazonka.IoT.Types.DynamoKeyType
+    Amazonka.IoT.Types.EffectivePolicy
+    Amazonka.IoT.Types.ElasticsearchAction
+    Amazonka.IoT.Types.EnableIoTLoggingParams
+    Amazonka.IoT.Types.ErrorInfo
+    Amazonka.IoT.Types.EventType
+    Amazonka.IoT.Types.ExplicitDeny
+    Amazonka.IoT.Types.ExponentialRolloutRate
+    Amazonka.IoT.Types.Field
+    Amazonka.IoT.Types.FieldType
+    Amazonka.IoT.Types.FileLocation
+    Amazonka.IoT.Types.FirehoseAction
+    Amazonka.IoT.Types.FleetMetricNameAndArn
+    Amazonka.IoT.Types.FleetMetricUnit
+    Amazonka.IoT.Types.GroupNameAndArn
+    Amazonka.IoT.Types.HttpAction
+    Amazonka.IoT.Types.HttpActionHeader
+    Amazonka.IoT.Types.HttpAuthorization
+    Amazonka.IoT.Types.HttpContext
+    Amazonka.IoT.Types.HttpUrlDestinationConfiguration
+    Amazonka.IoT.Types.HttpUrlDestinationProperties
+    Amazonka.IoT.Types.HttpUrlDestinationSummary
+    Amazonka.IoT.Types.ImplicitDeny
+    Amazonka.IoT.Types.IndexingFilter
+    Amazonka.IoT.Types.IndexStatus
+    Amazonka.IoT.Types.IotAnalyticsAction
+    Amazonka.IoT.Types.IotEventsAction
+    Amazonka.IoT.Types.IotSiteWiseAction
+    Amazonka.IoT.Types.IssuerCertificateIdentifier
+    Amazonka.IoT.Types.Job
+    Amazonka.IoT.Types.JobEndBehavior
+    Amazonka.IoT.Types.JobExecution
+    Amazonka.IoT.Types.JobExecutionFailureType
+    Amazonka.IoT.Types.JobExecutionsRetryConfig
+    Amazonka.IoT.Types.JobExecutionsRolloutConfig
+    Amazonka.IoT.Types.JobExecutionStatus
+    Amazonka.IoT.Types.JobExecutionStatusDetails
+    Amazonka.IoT.Types.JobExecutionSummary
+    Amazonka.IoT.Types.JobExecutionSummaryForJob
+    Amazonka.IoT.Types.JobExecutionSummaryForThing
+    Amazonka.IoT.Types.JobProcessDetails
+    Amazonka.IoT.Types.JobStatus
+    Amazonka.IoT.Types.JobSummary
+    Amazonka.IoT.Types.JobTemplateSummary
+    Amazonka.IoT.Types.KafkaAction
+    Amazonka.IoT.Types.KeyPair
+    Amazonka.IoT.Types.KinesisAction
+    Amazonka.IoT.Types.LambdaAction
+    Amazonka.IoT.Types.LocationAction
+    Amazonka.IoT.Types.LocationTimestamp
+    Amazonka.IoT.Types.LoggingOptionsPayload
+    Amazonka.IoT.Types.LogLevel
+    Amazonka.IoT.Types.LogTarget
+    Amazonka.IoT.Types.LogTargetConfiguration
+    Amazonka.IoT.Types.LogTargetType
+    Amazonka.IoT.Types.MachineLearningDetectionConfig
+    Amazonka.IoT.Types.ManagedJobTemplateSummary
+    Amazonka.IoT.Types.MessageFormat
+    Amazonka.IoT.Types.MetricDatum
+    Amazonka.IoT.Types.MetricDimension
+    Amazonka.IoT.Types.MetricToRetain
+    Amazonka.IoT.Types.MetricValue
+    Amazonka.IoT.Types.MitigationAction
+    Amazonka.IoT.Types.MitigationActionIdentifier
+    Amazonka.IoT.Types.MitigationActionParams
+    Amazonka.IoT.Types.MitigationActionType
+    Amazonka.IoT.Types.ModelStatus
+    Amazonka.IoT.Types.MqttContext
+    Amazonka.IoT.Types.MqttHeaders
+    Amazonka.IoT.Types.NamedShadowIndexingMode
+    Amazonka.IoT.Types.NonCompliantResource
+    Amazonka.IoT.Types.OpenSearchAction
+    Amazonka.IoT.Types.OTAUpdateFile
+    Amazonka.IoT.Types.OTAUpdateInfo
+    Amazonka.IoT.Types.OTAUpdateStatus
+    Amazonka.IoT.Types.OTAUpdateSummary
+    Amazonka.IoT.Types.OutgoingCertificate
+    Amazonka.IoT.Types.PercentPair
+    Amazonka.IoT.Types.Policy
+    Amazonka.IoT.Types.PolicyTemplateName
+    Amazonka.IoT.Types.PolicyVersion
+    Amazonka.IoT.Types.PolicyVersionIdentifier
+    Amazonka.IoT.Types.PresignedUrlConfig
+    Amazonka.IoT.Types.Protocol
+    Amazonka.IoT.Types.ProvisioningHook
+    Amazonka.IoT.Types.ProvisioningTemplateSummary
+    Amazonka.IoT.Types.ProvisioningTemplateVersionSummary
+    Amazonka.IoT.Types.PublishFindingToSnsParams
+    Amazonka.IoT.Types.PutAssetPropertyValueEntry
+    Amazonka.IoT.Types.PutItemInput
+    Amazonka.IoT.Types.RateIncreaseCriteria
+    Amazonka.IoT.Types.RegistrationConfig
+    Amazonka.IoT.Types.RelatedResource
+    Amazonka.IoT.Types.ReplaceDefaultPolicyVersionParams
+    Amazonka.IoT.Types.ReportType
+    Amazonka.IoT.Types.RepublishAction
+    Amazonka.IoT.Types.ResourceIdentifier
+    Amazonka.IoT.Types.ResourceType
+    Amazonka.IoT.Types.RetryableFailureType
+    Amazonka.IoT.Types.RetryCriteria
+    Amazonka.IoT.Types.RoleAliasDescription
+    Amazonka.IoT.Types.S3Action
+    Amazonka.IoT.Types.S3Destination
+    Amazonka.IoT.Types.S3Location
+    Amazonka.IoT.Types.SalesforceAction
+    Amazonka.IoT.Types.ScheduledAuditMetadata
+    Amazonka.IoT.Types.SchedulingConfig
+    Amazonka.IoT.Types.SecurityProfileIdentifier
+    Amazonka.IoT.Types.SecurityProfileTarget
+    Amazonka.IoT.Types.SecurityProfileTargetMapping
+    Amazonka.IoT.Types.ServerCertificateStatus
+    Amazonka.IoT.Types.ServerCertificateSummary
+    Amazonka.IoT.Types.ServiceType
+    Amazonka.IoT.Types.SigningProfileParameter
+    Amazonka.IoT.Types.SigV4Authorization
+    Amazonka.IoT.Types.SnsAction
+    Amazonka.IoT.Types.SqsAction
+    Amazonka.IoT.Types.StartSigningJobParameter
+    Amazonka.IoT.Types.StatisticalThreshold
+    Amazonka.IoT.Types.Statistics
+    Amazonka.IoT.Types.StepFunctionsAction
+    Amazonka.IoT.Types.Stream
+    Amazonka.IoT.Types.StreamFile
+    Amazonka.IoT.Types.StreamInfo
+    Amazonka.IoT.Types.StreamSummary
+    Amazonka.IoT.Types.Tag
+    Amazonka.IoT.Types.TargetSelection
+    Amazonka.IoT.Types.TaskStatistics
+    Amazonka.IoT.Types.TaskStatisticsForAuditCheck
+    Amazonka.IoT.Types.TaskStatus
+    Amazonka.IoT.Types.TemplateType
+    Amazonka.IoT.Types.TermsAggregation
+    Amazonka.IoT.Types.ThingAttribute
+    Amazonka.IoT.Types.ThingConnectivity
+    Amazonka.IoT.Types.ThingConnectivityIndexingMode
+    Amazonka.IoT.Types.ThingDocument
+    Amazonka.IoT.Types.ThingGroupDocument
+    Amazonka.IoT.Types.ThingGroupIndexingConfiguration
+    Amazonka.IoT.Types.ThingGroupIndexingMode
+    Amazonka.IoT.Types.ThingGroupMetadata
+    Amazonka.IoT.Types.ThingGroupProperties
+    Amazonka.IoT.Types.ThingIndexingConfiguration
+    Amazonka.IoT.Types.ThingIndexingMode
+    Amazonka.IoT.Types.ThingTypeDefinition
+    Amazonka.IoT.Types.ThingTypeMetadata
+    Amazonka.IoT.Types.ThingTypeProperties
+    Amazonka.IoT.Types.TimeoutConfig
+    Amazonka.IoT.Types.TimestreamAction
+    Amazonka.IoT.Types.TimestreamDimension
+    Amazonka.IoT.Types.TimestreamTimestamp
+    Amazonka.IoT.Types.TlsContext
+    Amazonka.IoT.Types.TopicRule
+    Amazonka.IoT.Types.TopicRuleDestination
+    Amazonka.IoT.Types.TopicRuleDestinationConfiguration
+    Amazonka.IoT.Types.TopicRuleDestinationStatus
+    Amazonka.IoT.Types.TopicRuleDestinationSummary
+    Amazonka.IoT.Types.TopicRuleListItem
+    Amazonka.IoT.Types.TopicRulePayload
+    Amazonka.IoT.Types.TransferData
+    Amazonka.IoT.Types.UpdateCACertificateParams
+    Amazonka.IoT.Types.UpdateDeviceCertificateParams
+    Amazonka.IoT.Types.UserProperty
+    Amazonka.IoT.Types.ValidationError
+    Amazonka.IoT.Types.VerificationState
+    Amazonka.IoT.Types.ViolationEvent
+    Amazonka.IoT.Types.ViolationEventAdditionalInfo
+    Amazonka.IoT.Types.ViolationEventOccurrenceRange
+    Amazonka.IoT.Types.ViolationEventType
+    Amazonka.IoT.Types.VpcDestinationConfiguration
+    Amazonka.IoT.Types.VpcDestinationProperties
+    Amazonka.IoT.Types.VpcDestinationSummary
+    Amazonka.IoT.UntagResource
+    Amazonka.IoT.UpdateAccountAuditConfiguration
+    Amazonka.IoT.UpdateAuditSuppression
+    Amazonka.IoT.UpdateAuthorizer
+    Amazonka.IoT.UpdateBillingGroup
+    Amazonka.IoT.UpdateCACertificate
+    Amazonka.IoT.UpdateCertificate
+    Amazonka.IoT.UpdateCustomMetric
+    Amazonka.IoT.UpdateDimension
+    Amazonka.IoT.UpdateDomainConfiguration
+    Amazonka.IoT.UpdateDynamicThingGroup
+    Amazonka.IoT.UpdateEventConfigurations
+    Amazonka.IoT.UpdateFleetMetric
+    Amazonka.IoT.UpdateIndexingConfiguration
+    Amazonka.IoT.UpdateJob
+    Amazonka.IoT.UpdateMitigationAction
+    Amazonka.IoT.UpdateProvisioningTemplate
+    Amazonka.IoT.UpdateRoleAlias
+    Amazonka.IoT.UpdateScheduledAudit
+    Amazonka.IoT.UpdateSecurityProfile
+    Amazonka.IoT.UpdateStream
+    Amazonka.IoT.UpdateThing
+    Amazonka.IoT.UpdateThingGroup
+    Amazonka.IoT.UpdateThingGroupsForThing
+    Amazonka.IoT.UpdateTopicRuleDestination
+    Amazonka.IoT.ValidateSecurityProfileBehaviors
+    Amazonka.IoT.Waiters
 
-    build-depends:
-          amazonka-core == 1.6.1.*
-        , base          >= 4.7     && < 5
+  build-depends:
+    , amazonka-core  >=2.0  && <2.1
+    , base           >=4.12 && <5
 
 test-suite amazonka-iot-test
-    type:              exitcode-stdio-1.0
-    default-language:  Haskell2010
-    hs-source-dirs:    test
-    main-is:           Main.hs
-
-    ghc-options:       -Wall -threaded
+  type:             exitcode-stdio-1.0
+  default-language: Haskell2010
+  hs-source-dirs:   test
+  main-is:          Main.hs
+  ghc-options:      -Wall -threaded
 
-    -- This section is encoded by the template and any modules added by
-    -- hand outside these namespaces will not correctly be added to the
-    -- distribution package.
-    other-modules:
-          Test.AWS.IoT
-        , Test.AWS.Gen.IoT
-        , Test.AWS.IoT.Internal
+  -- This section is encoded by the template and any modules added by
+  -- hand outside these namespaces will not correctly be added to the
+  -- distribution package.
+  other-modules:
+    Test.Amazonka.Gen.IoT
+    Test.Amazonka.IoT
+    Test.Amazonka.IoT.Internal
 
-    build-depends:
-          amazonka-core == 1.6.1.*
-        , amazonka-test == 1.6.1.*
-        , amazonka-iot
-        , base
-        , bytestring
-        , tasty
-        , tasty-hunit
-        , text
-        , time
-        , unordered-containers
+  build-depends:
+    , amazonka-core         >=2.0 && <2.1
+    , amazonka-iot
+    , amazonka-test         >=2.0 && <2.1
+    , base
+    , bytestring
+    , case-insensitive
+    , tasty
+    , tasty-hunit
+    , text
+    , time
+    , unordered-containers
diff --git a/fixture/AcceptCertificateTransfer.yaml b/fixture/AcceptCertificateTransfer.yaml
--- a/fixture/AcceptCertificateTransfer.yaml
+++ b/fixture/AcceptCertificateTransfer.yaml
@@ -0,0 +1,10 @@
+---
+method: PATCH
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/AddThingToBillingGroup.yaml b/fixture/AddThingToBillingGroup.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/AddThingToBillingGroup.yaml
@@ -0,0 +1,10 @@
+---
+method: PUT
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/AddThingToBillingGroupResponse.proto b/fixture/AddThingToBillingGroupResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/AddThingToBillingGroupResponse.proto
diff --git a/fixture/AttachSecurityProfile.yaml b/fixture/AttachSecurityProfile.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/AttachSecurityProfile.yaml
@@ -0,0 +1,10 @@
+---
+method: PUT
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/AttachSecurityProfileResponse.proto b/fixture/AttachSecurityProfileResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/AttachSecurityProfileResponse.proto
diff --git a/fixture/AttachThingPrincipal.yaml b/fixture/AttachThingPrincipal.yaml
--- a/fixture/AttachThingPrincipal.yaml
+++ b/fixture/AttachThingPrincipal.yaml
@@ -0,0 +1,10 @@
+---
+method: PUT
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CancelAuditMitigationActionsTask.yaml b/fixture/CancelAuditMitigationActionsTask.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CancelAuditMitigationActionsTask.yaml
@@ -0,0 +1,10 @@
+---
+method: PUT
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CancelAuditMitigationActionsTaskResponse.proto b/fixture/CancelAuditMitigationActionsTaskResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CancelAuditMitigationActionsTaskResponse.proto
diff --git a/fixture/CancelAuditTask.yaml b/fixture/CancelAuditTask.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CancelAuditTask.yaml
@@ -0,0 +1,10 @@
+---
+method: PUT
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CancelAuditTaskResponse.proto b/fixture/CancelAuditTaskResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CancelAuditTaskResponse.proto
diff --git a/fixture/CancelCertificateTransfer.yaml b/fixture/CancelCertificateTransfer.yaml
--- a/fixture/CancelCertificateTransfer.yaml
+++ b/fixture/CancelCertificateTransfer.yaml
@@ -0,0 +1,10 @@
+---
+method: PATCH
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CancelDetectMitigationActionsTask.yaml b/fixture/CancelDetectMitigationActionsTask.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CancelDetectMitigationActionsTask.yaml
@@ -0,0 +1,10 @@
+---
+method: PUT
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CancelDetectMitigationActionsTaskResponse.proto b/fixture/CancelDetectMitigationActionsTaskResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CancelDetectMitigationActionsTaskResponse.proto
diff --git a/fixture/CancelJobExecution.yaml b/fixture/CancelJobExecution.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CancelJobExecution.yaml
@@ -0,0 +1,10 @@
+---
+method: PUT
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CancelJobExecutionResponse.proto b/fixture/CancelJobExecutionResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CancelJobExecutionResponse.proto
diff --git a/fixture/ConfirmTopicRuleDestination.yaml b/fixture/ConfirmTopicRuleDestination.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ConfirmTopicRuleDestination.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ConfirmTopicRuleDestinationResponse.proto b/fixture/ConfirmTopicRuleDestinationResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ConfirmTopicRuleDestinationResponse.proto
diff --git a/fixture/CreateAuditSuppression.yaml b/fixture/CreateAuditSuppression.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateAuditSuppression.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateAuditSuppressionResponse.proto b/fixture/CreateAuditSuppressionResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateAuditSuppressionResponse.proto
diff --git a/fixture/CreateBillingGroup.yaml b/fixture/CreateBillingGroup.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateBillingGroup.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateBillingGroupResponse.proto b/fixture/CreateBillingGroupResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateBillingGroupResponse.proto
diff --git a/fixture/CreateCertificateFromCSR.yaml b/fixture/CreateCertificateFromCSR.yaml
deleted file mode 100644
--- a/fixture/CreateCertificateFromCSR.yaml
+++ /dev/null
diff --git a/fixture/CreateCertificateFromCSRResponse.proto b/fixture/CreateCertificateFromCSRResponse.proto
deleted file mode 100644
--- a/fixture/CreateCertificateFromCSRResponse.proto
+++ /dev/null
diff --git a/fixture/CreateCertificateFromCsr.yaml b/fixture/CreateCertificateFromCsr.yaml
--- a/fixture/CreateCertificateFromCsr.yaml
+++ b/fixture/CreateCertificateFromCsr.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateCustomMetric.yaml b/fixture/CreateCustomMetric.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateCustomMetric.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateCustomMetricResponse.proto b/fixture/CreateCustomMetricResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateCustomMetricResponse.proto
diff --git a/fixture/CreateDimension.yaml b/fixture/CreateDimension.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateDimension.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateDimensionResponse.proto b/fixture/CreateDimensionResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateDimensionResponse.proto
diff --git a/fixture/CreateDomainConfiguration.yaml b/fixture/CreateDomainConfiguration.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateDomainConfiguration.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateDomainConfigurationResponse.proto b/fixture/CreateDomainConfigurationResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateDomainConfigurationResponse.proto
diff --git a/fixture/CreateDynamicThingGroup.yaml b/fixture/CreateDynamicThingGroup.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateDynamicThingGroup.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateDynamicThingGroupResponse.proto b/fixture/CreateDynamicThingGroupResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateDynamicThingGroupResponse.proto
diff --git a/fixture/CreateFleetMetric.yaml b/fixture/CreateFleetMetric.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateFleetMetric.yaml
@@ -0,0 +1,10 @@
+---
+method: PUT
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateFleetMetricResponse.proto b/fixture/CreateFleetMetricResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateFleetMetricResponse.proto
diff --git a/fixture/CreateJobTemplate.yaml b/fixture/CreateJobTemplate.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateJobTemplate.yaml
@@ -0,0 +1,10 @@
+---
+method: PUT
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateJobTemplateResponse.proto b/fixture/CreateJobTemplateResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateJobTemplateResponse.proto
diff --git a/fixture/CreateKeysAndCertificate.yaml b/fixture/CreateKeysAndCertificate.yaml
--- a/fixture/CreateKeysAndCertificate.yaml
+++ b/fixture/CreateKeysAndCertificate.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateMitigationAction.yaml b/fixture/CreateMitigationAction.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateMitigationAction.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateMitigationActionResponse.proto b/fixture/CreateMitigationActionResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateMitigationActionResponse.proto
diff --git a/fixture/CreatePolicy.yaml b/fixture/CreatePolicy.yaml
--- a/fixture/CreatePolicy.yaml
+++ b/fixture/CreatePolicy.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreatePolicyVersion.yaml b/fixture/CreatePolicyVersion.yaml
--- a/fixture/CreatePolicyVersion.yaml
+++ b/fixture/CreatePolicyVersion.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateProvisioningClaim.yaml b/fixture/CreateProvisioningClaim.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateProvisioningClaim.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateProvisioningClaimResponse.proto b/fixture/CreateProvisioningClaimResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateProvisioningClaimResponse.proto
diff --git a/fixture/CreateProvisioningTemplate.yaml b/fixture/CreateProvisioningTemplate.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateProvisioningTemplate.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateProvisioningTemplateResponse.proto b/fixture/CreateProvisioningTemplateResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateProvisioningTemplateResponse.proto
diff --git a/fixture/CreateProvisioningTemplateVersion.yaml b/fixture/CreateProvisioningTemplateVersion.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateProvisioningTemplateVersion.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateProvisioningTemplateVersionResponse.proto b/fixture/CreateProvisioningTemplateVersionResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateProvisioningTemplateVersionResponse.proto
diff --git a/fixture/CreateScheduledAudit.yaml b/fixture/CreateScheduledAudit.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateScheduledAudit.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateScheduledAuditResponse.proto b/fixture/CreateScheduledAuditResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateScheduledAuditResponse.proto
diff --git a/fixture/CreateSecurityProfile.yaml b/fixture/CreateSecurityProfile.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateSecurityProfile.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateSecurityProfileResponse.proto b/fixture/CreateSecurityProfileResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateSecurityProfileResponse.proto
diff --git a/fixture/CreateThing.yaml b/fixture/CreateThing.yaml
--- a/fixture/CreateThing.yaml
+++ b/fixture/CreateThing.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateThingType.yaml b/fixture/CreateThingType.yaml
--- a/fixture/CreateThingType.yaml
+++ b/fixture/CreateThingType.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateTopicRule.yaml b/fixture/CreateTopicRule.yaml
--- a/fixture/CreateTopicRule.yaml
+++ b/fixture/CreateTopicRule.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateTopicRuleDestination.yaml b/fixture/CreateTopicRuleDestination.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateTopicRuleDestination.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateTopicRuleDestinationResponse.proto b/fixture/CreateTopicRuleDestinationResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateTopicRuleDestinationResponse.proto
diff --git a/fixture/DeleteAccountAuditConfiguration.yaml b/fixture/DeleteAccountAuditConfiguration.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteAccountAuditConfiguration.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteAccountAuditConfigurationResponse.proto b/fixture/DeleteAccountAuditConfigurationResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteAccountAuditConfigurationResponse.proto
diff --git a/fixture/DeleteAuditSuppression.yaml b/fixture/DeleteAuditSuppression.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteAuditSuppression.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteAuditSuppressionResponse.proto b/fixture/DeleteAuditSuppressionResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteAuditSuppressionResponse.proto
diff --git a/fixture/DeleteBillingGroup.yaml b/fixture/DeleteBillingGroup.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteBillingGroup.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteBillingGroupResponse.proto b/fixture/DeleteBillingGroupResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteBillingGroupResponse.proto
diff --git a/fixture/DeleteCACertificate.yaml b/fixture/DeleteCACertificate.yaml
--- a/fixture/DeleteCACertificate.yaml
+++ b/fixture/DeleteCACertificate.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteCertificate.yaml b/fixture/DeleteCertificate.yaml
--- a/fixture/DeleteCertificate.yaml
+++ b/fixture/DeleteCertificate.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteCustomMetric.yaml b/fixture/DeleteCustomMetric.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteCustomMetric.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteCustomMetricResponse.proto b/fixture/DeleteCustomMetricResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteCustomMetricResponse.proto
diff --git a/fixture/DeleteDimension.yaml b/fixture/DeleteDimension.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteDimension.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteDimensionResponse.proto b/fixture/DeleteDimensionResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteDimensionResponse.proto
diff --git a/fixture/DeleteDomainConfiguration.yaml b/fixture/DeleteDomainConfiguration.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteDomainConfiguration.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteDomainConfigurationResponse.proto b/fixture/DeleteDomainConfigurationResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteDomainConfigurationResponse.proto
diff --git a/fixture/DeleteDynamicThingGroup.yaml b/fixture/DeleteDynamicThingGroup.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteDynamicThingGroup.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteDynamicThingGroupResponse.proto b/fixture/DeleteDynamicThingGroupResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteDynamicThingGroupResponse.proto
diff --git a/fixture/DeleteFleetMetric.yaml b/fixture/DeleteFleetMetric.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteFleetMetric.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteFleetMetricResponse.proto b/fixture/DeleteFleetMetricResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteFleetMetricResponse.proto
diff --git a/fixture/DeleteJob.yaml b/fixture/DeleteJob.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteJob.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteJobExecution.yaml b/fixture/DeleteJobExecution.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteJobExecution.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteJobExecutionResponse.proto b/fixture/DeleteJobExecutionResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteJobExecutionResponse.proto
diff --git a/fixture/DeleteJobResponse.proto b/fixture/DeleteJobResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteJobResponse.proto
diff --git a/fixture/DeleteJobTemplate.yaml b/fixture/DeleteJobTemplate.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteJobTemplate.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteJobTemplateResponse.proto b/fixture/DeleteJobTemplateResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteJobTemplateResponse.proto
diff --git a/fixture/DeleteMitigationAction.yaml b/fixture/DeleteMitigationAction.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteMitigationAction.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteMitigationActionResponse.proto b/fixture/DeleteMitigationActionResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteMitigationActionResponse.proto
diff --git a/fixture/DeletePolicy.yaml b/fixture/DeletePolicy.yaml
--- a/fixture/DeletePolicy.yaml
+++ b/fixture/DeletePolicy.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeletePolicyVersion.yaml b/fixture/DeletePolicyVersion.yaml
--- a/fixture/DeletePolicyVersion.yaml
+++ b/fixture/DeletePolicyVersion.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteProvisioningTemplate.yaml b/fixture/DeleteProvisioningTemplate.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteProvisioningTemplate.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteProvisioningTemplateResponse.proto b/fixture/DeleteProvisioningTemplateResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteProvisioningTemplateResponse.proto
diff --git a/fixture/DeleteProvisioningTemplateVersion.yaml b/fixture/DeleteProvisioningTemplateVersion.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteProvisioningTemplateVersion.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteProvisioningTemplateVersionResponse.proto b/fixture/DeleteProvisioningTemplateVersionResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteProvisioningTemplateVersionResponse.proto
diff --git a/fixture/DeleteRegistrationCode.yaml b/fixture/DeleteRegistrationCode.yaml
--- a/fixture/DeleteRegistrationCode.yaml
+++ b/fixture/DeleteRegistrationCode.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteScheduledAudit.yaml b/fixture/DeleteScheduledAudit.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteScheduledAudit.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteScheduledAuditResponse.proto b/fixture/DeleteScheduledAuditResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteScheduledAuditResponse.proto
diff --git a/fixture/DeleteSecurityProfile.yaml b/fixture/DeleteSecurityProfile.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteSecurityProfile.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteSecurityProfileResponse.proto b/fixture/DeleteSecurityProfileResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteSecurityProfileResponse.proto
diff --git a/fixture/DeleteThing.yaml b/fixture/DeleteThing.yaml
--- a/fixture/DeleteThing.yaml
+++ b/fixture/DeleteThing.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteThingType.yaml b/fixture/DeleteThingType.yaml
--- a/fixture/DeleteThingType.yaml
+++ b/fixture/DeleteThingType.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteTopicRule.yaml b/fixture/DeleteTopicRule.yaml
--- a/fixture/DeleteTopicRule.yaml
+++ b/fixture/DeleteTopicRule.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteTopicRuleDestination.yaml b/fixture/DeleteTopicRuleDestination.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteTopicRuleDestination.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteTopicRuleDestinationResponse.proto b/fixture/DeleteTopicRuleDestinationResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteTopicRuleDestinationResponse.proto
diff --git a/fixture/DeprecateThingType.yaml b/fixture/DeprecateThingType.yaml
--- a/fixture/DeprecateThingType.yaml
+++ b/fixture/DeprecateThingType.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeAccountAuditConfiguration.yaml b/fixture/DescribeAccountAuditConfiguration.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeAccountAuditConfiguration.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeAccountAuditConfigurationResponse.proto b/fixture/DescribeAccountAuditConfigurationResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeAccountAuditConfigurationResponse.proto
diff --git a/fixture/DescribeAuditFinding.yaml b/fixture/DescribeAuditFinding.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeAuditFinding.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeAuditFindingResponse.proto b/fixture/DescribeAuditFindingResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeAuditFindingResponse.proto
diff --git a/fixture/DescribeAuditMitigationActionsTask.yaml b/fixture/DescribeAuditMitigationActionsTask.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeAuditMitigationActionsTask.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeAuditMitigationActionsTaskResponse.proto b/fixture/DescribeAuditMitigationActionsTaskResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeAuditMitigationActionsTaskResponse.proto
diff --git a/fixture/DescribeAuditSuppression.yaml b/fixture/DescribeAuditSuppression.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeAuditSuppression.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeAuditSuppressionResponse.proto b/fixture/DescribeAuditSuppressionResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeAuditSuppressionResponse.proto
diff --git a/fixture/DescribeAuditTask.yaml b/fixture/DescribeAuditTask.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeAuditTask.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeAuditTaskResponse.proto b/fixture/DescribeAuditTaskResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeAuditTaskResponse.proto
diff --git a/fixture/DescribeBillingGroup.yaml b/fixture/DescribeBillingGroup.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeBillingGroup.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeBillingGroupResponse.proto b/fixture/DescribeBillingGroupResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeBillingGroupResponse.proto
diff --git a/fixture/DescribeCACertificate.yaml b/fixture/DescribeCACertificate.yaml
--- a/fixture/DescribeCACertificate.yaml
+++ b/fixture/DescribeCACertificate.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeCertificate.yaml b/fixture/DescribeCertificate.yaml
--- a/fixture/DescribeCertificate.yaml
+++ b/fixture/DescribeCertificate.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeCustomMetric.yaml b/fixture/DescribeCustomMetric.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeCustomMetric.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeCustomMetricResponse.proto b/fixture/DescribeCustomMetricResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeCustomMetricResponse.proto
diff --git a/fixture/DescribeDetectMitigationActionsTask.yaml b/fixture/DescribeDetectMitigationActionsTask.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeDetectMitigationActionsTask.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeDetectMitigationActionsTaskResponse.proto b/fixture/DescribeDetectMitigationActionsTaskResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeDetectMitigationActionsTaskResponse.proto
diff --git a/fixture/DescribeDimension.yaml b/fixture/DescribeDimension.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeDimension.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeDimensionResponse.proto b/fixture/DescribeDimensionResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeDimensionResponse.proto
diff --git a/fixture/DescribeDomainConfiguration.yaml b/fixture/DescribeDomainConfiguration.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeDomainConfiguration.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeDomainConfigurationResponse.proto b/fixture/DescribeDomainConfigurationResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeDomainConfigurationResponse.proto
diff --git a/fixture/DescribeEndpoint.yaml b/fixture/DescribeEndpoint.yaml
--- a/fixture/DescribeEndpoint.yaml
+++ b/fixture/DescribeEndpoint.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeFleetMetric.yaml b/fixture/DescribeFleetMetric.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeFleetMetric.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeFleetMetricResponse.proto b/fixture/DescribeFleetMetricResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeFleetMetricResponse.proto
diff --git a/fixture/DescribeJobTemplate.yaml b/fixture/DescribeJobTemplate.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeJobTemplate.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeJobTemplateResponse.proto b/fixture/DescribeJobTemplateResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeJobTemplateResponse.proto
diff --git a/fixture/DescribeManagedJobTemplate.yaml b/fixture/DescribeManagedJobTemplate.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeManagedJobTemplate.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeManagedJobTemplateResponse.proto b/fixture/DescribeManagedJobTemplateResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeManagedJobTemplateResponse.proto
diff --git a/fixture/DescribeMitigationAction.yaml b/fixture/DescribeMitigationAction.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeMitigationAction.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeMitigationActionResponse.proto b/fixture/DescribeMitigationActionResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeMitigationActionResponse.proto
diff --git a/fixture/DescribeProvisioningTemplate.yaml b/fixture/DescribeProvisioningTemplate.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeProvisioningTemplate.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeProvisioningTemplateResponse.proto b/fixture/DescribeProvisioningTemplateResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeProvisioningTemplateResponse.proto
diff --git a/fixture/DescribeProvisioningTemplateVersion.yaml b/fixture/DescribeProvisioningTemplateVersion.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeProvisioningTemplateVersion.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeProvisioningTemplateVersionResponse.proto b/fixture/DescribeProvisioningTemplateVersionResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeProvisioningTemplateVersionResponse.proto
diff --git a/fixture/DescribeScheduledAudit.yaml b/fixture/DescribeScheduledAudit.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeScheduledAudit.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeScheduledAuditResponse.proto b/fixture/DescribeScheduledAuditResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeScheduledAuditResponse.proto
diff --git a/fixture/DescribeSecurityProfile.yaml b/fixture/DescribeSecurityProfile.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeSecurityProfile.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeSecurityProfileResponse.proto b/fixture/DescribeSecurityProfileResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeSecurityProfileResponse.proto
diff --git a/fixture/DescribeThing.yaml b/fixture/DescribeThing.yaml
--- a/fixture/DescribeThing.yaml
+++ b/fixture/DescribeThing.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeThingType.yaml b/fixture/DescribeThingType.yaml
--- a/fixture/DescribeThingType.yaml
+++ b/fixture/DescribeThingType.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DetachSecurityProfile.yaml b/fixture/DetachSecurityProfile.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DetachSecurityProfile.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DetachSecurityProfileResponse.proto b/fixture/DetachSecurityProfileResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DetachSecurityProfileResponse.proto
diff --git a/fixture/DetachThingPrincipal.yaml b/fixture/DetachThingPrincipal.yaml
--- a/fixture/DetachThingPrincipal.yaml
+++ b/fixture/DetachThingPrincipal.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DisableTopicRule.yaml b/fixture/DisableTopicRule.yaml
--- a/fixture/DisableTopicRule.yaml
+++ b/fixture/DisableTopicRule.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/EnableTopicRule.yaml b/fixture/EnableTopicRule.yaml
--- a/fixture/EnableTopicRule.yaml
+++ b/fixture/EnableTopicRule.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/GetBehaviorModelTrainingSummaries.yaml b/fixture/GetBehaviorModelTrainingSummaries.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/GetBehaviorModelTrainingSummaries.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/GetBehaviorModelTrainingSummariesResponse.proto b/fixture/GetBehaviorModelTrainingSummariesResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/GetBehaviorModelTrainingSummariesResponse.proto
diff --git a/fixture/GetBucketsAggregation.yaml b/fixture/GetBucketsAggregation.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/GetBucketsAggregation.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/GetBucketsAggregationResponse.proto b/fixture/GetBucketsAggregationResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/GetBucketsAggregationResponse.proto
diff --git a/fixture/GetCardinality.yaml b/fixture/GetCardinality.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/GetCardinality.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/GetCardinalityResponse.proto b/fixture/GetCardinalityResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/GetCardinalityResponse.proto
diff --git a/fixture/GetLoggingOptions.yaml b/fixture/GetLoggingOptions.yaml
--- a/fixture/GetLoggingOptions.yaml
+++ b/fixture/GetLoggingOptions.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/GetPercentiles.yaml b/fixture/GetPercentiles.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/GetPercentiles.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/GetPercentilesResponse.proto b/fixture/GetPercentilesResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/GetPercentilesResponse.proto
diff --git a/fixture/GetPolicy.yaml b/fixture/GetPolicy.yaml
--- a/fixture/GetPolicy.yaml
+++ b/fixture/GetPolicy.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/GetPolicyVersion.yaml b/fixture/GetPolicyVersion.yaml
--- a/fixture/GetPolicyVersion.yaml
+++ b/fixture/GetPolicyVersion.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/GetRegistrationCode.yaml b/fixture/GetRegistrationCode.yaml
--- a/fixture/GetRegistrationCode.yaml
+++ b/fixture/GetRegistrationCode.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/GetStatistics.yaml b/fixture/GetStatistics.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/GetStatistics.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/GetStatisticsResponse.proto b/fixture/GetStatisticsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/GetStatisticsResponse.proto
diff --git a/fixture/GetTopicRule.yaml b/fixture/GetTopicRule.yaml
--- a/fixture/GetTopicRule.yaml
+++ b/fixture/GetTopicRule.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/GetTopicRuleDestination.yaml b/fixture/GetTopicRuleDestination.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/GetTopicRuleDestination.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/GetTopicRuleDestinationResponse.proto b/fixture/GetTopicRuleDestinationResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/GetTopicRuleDestinationResponse.proto
diff --git a/fixture/ListActiveViolations.yaml b/fixture/ListActiveViolations.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListActiveViolations.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListActiveViolationsResponse.proto b/fixture/ListActiveViolationsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListActiveViolationsResponse.proto
diff --git a/fixture/ListAuditFindings.yaml b/fixture/ListAuditFindings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListAuditFindings.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListAuditFindingsResponse.proto b/fixture/ListAuditFindingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListAuditFindingsResponse.proto
diff --git a/fixture/ListAuditMitigationActionsExecutions.yaml b/fixture/ListAuditMitigationActionsExecutions.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListAuditMitigationActionsExecutions.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListAuditMitigationActionsExecutionsResponse.proto b/fixture/ListAuditMitigationActionsExecutionsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListAuditMitigationActionsExecutionsResponse.proto
diff --git a/fixture/ListAuditMitigationActionsTasks.yaml b/fixture/ListAuditMitigationActionsTasks.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListAuditMitigationActionsTasks.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListAuditMitigationActionsTasksResponse.proto b/fixture/ListAuditMitigationActionsTasksResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListAuditMitigationActionsTasksResponse.proto
diff --git a/fixture/ListAuditSuppressions.yaml b/fixture/ListAuditSuppressions.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListAuditSuppressions.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListAuditSuppressionsResponse.proto b/fixture/ListAuditSuppressionsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListAuditSuppressionsResponse.proto
diff --git a/fixture/ListAuditTasks.yaml b/fixture/ListAuditTasks.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListAuditTasks.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListAuditTasksResponse.proto b/fixture/ListAuditTasksResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListAuditTasksResponse.proto
diff --git a/fixture/ListBillingGroups.yaml b/fixture/ListBillingGroups.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListBillingGroups.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListBillingGroupsResponse.proto b/fixture/ListBillingGroupsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListBillingGroupsResponse.proto
diff --git a/fixture/ListCACertificates.yaml b/fixture/ListCACertificates.yaml
--- a/fixture/ListCACertificates.yaml
+++ b/fixture/ListCACertificates.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListCertificates.yaml b/fixture/ListCertificates.yaml
--- a/fixture/ListCertificates.yaml
+++ b/fixture/ListCertificates.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListCertificatesByCA.yaml b/fixture/ListCertificatesByCA.yaml
--- a/fixture/ListCertificatesByCA.yaml
+++ b/fixture/ListCertificatesByCA.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListCustomMetrics.yaml b/fixture/ListCustomMetrics.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListCustomMetrics.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListCustomMetricsResponse.proto b/fixture/ListCustomMetricsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListCustomMetricsResponse.proto
diff --git a/fixture/ListDetectMitigationActionsExecutions.yaml b/fixture/ListDetectMitigationActionsExecutions.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListDetectMitigationActionsExecutions.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListDetectMitigationActionsExecutionsResponse.proto b/fixture/ListDetectMitigationActionsExecutionsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListDetectMitigationActionsExecutionsResponse.proto
diff --git a/fixture/ListDetectMitigationActionsTasks.yaml b/fixture/ListDetectMitigationActionsTasks.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListDetectMitigationActionsTasks.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListDetectMitigationActionsTasksResponse.proto b/fixture/ListDetectMitigationActionsTasksResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListDetectMitigationActionsTasksResponse.proto
diff --git a/fixture/ListDimensions.yaml b/fixture/ListDimensions.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListDimensions.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListDimensionsResponse.proto b/fixture/ListDimensionsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListDimensionsResponse.proto
diff --git a/fixture/ListDomainConfigurations.yaml b/fixture/ListDomainConfigurations.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListDomainConfigurations.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListDomainConfigurationsResponse.proto b/fixture/ListDomainConfigurationsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListDomainConfigurationsResponse.proto
diff --git a/fixture/ListFleetMetrics.yaml b/fixture/ListFleetMetrics.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListFleetMetrics.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListFleetMetricsResponse.proto b/fixture/ListFleetMetricsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListFleetMetricsResponse.proto
diff --git a/fixture/ListJobTemplates.yaml b/fixture/ListJobTemplates.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListJobTemplates.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListJobTemplatesResponse.proto b/fixture/ListJobTemplatesResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListJobTemplatesResponse.proto
diff --git a/fixture/ListManagedJobTemplates.yaml b/fixture/ListManagedJobTemplates.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListManagedJobTemplates.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListManagedJobTemplatesResponse.proto b/fixture/ListManagedJobTemplatesResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListManagedJobTemplatesResponse.proto
diff --git a/fixture/ListMetricValues.yaml b/fixture/ListMetricValues.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListMetricValues.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListMetricValuesResponse.proto b/fixture/ListMetricValuesResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListMetricValuesResponse.proto
diff --git a/fixture/ListMitigationActions.yaml b/fixture/ListMitigationActions.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListMitigationActions.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListMitigationActionsResponse.proto b/fixture/ListMitigationActionsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListMitigationActionsResponse.proto
diff --git a/fixture/ListOutgoingCertificates.yaml b/fixture/ListOutgoingCertificates.yaml
--- a/fixture/ListOutgoingCertificates.yaml
+++ b/fixture/ListOutgoingCertificates.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListPolicies.yaml b/fixture/ListPolicies.yaml
--- a/fixture/ListPolicies.yaml
+++ b/fixture/ListPolicies.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListPolicyVersions.yaml b/fixture/ListPolicyVersions.yaml
--- a/fixture/ListPolicyVersions.yaml
+++ b/fixture/ListPolicyVersions.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListPrincipalThings.yaml b/fixture/ListPrincipalThings.yaml
--- a/fixture/ListPrincipalThings.yaml
+++ b/fixture/ListPrincipalThings.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListProvisioningTemplateVersions.yaml b/fixture/ListProvisioningTemplateVersions.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListProvisioningTemplateVersions.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListProvisioningTemplateVersionsResponse.proto b/fixture/ListProvisioningTemplateVersionsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListProvisioningTemplateVersionsResponse.proto
diff --git a/fixture/ListProvisioningTemplates.yaml b/fixture/ListProvisioningTemplates.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListProvisioningTemplates.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListProvisioningTemplatesResponse.proto b/fixture/ListProvisioningTemplatesResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListProvisioningTemplatesResponse.proto
diff --git a/fixture/ListRelatedResourcesForAuditFinding.yaml b/fixture/ListRelatedResourcesForAuditFinding.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListRelatedResourcesForAuditFinding.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListRelatedResourcesForAuditFindingResponse.proto b/fixture/ListRelatedResourcesForAuditFindingResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListRelatedResourcesForAuditFindingResponse.proto
diff --git a/fixture/ListScheduledAudits.yaml b/fixture/ListScheduledAudits.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListScheduledAudits.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListScheduledAuditsResponse.proto b/fixture/ListScheduledAuditsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListScheduledAuditsResponse.proto
diff --git a/fixture/ListSecurityProfiles.yaml b/fixture/ListSecurityProfiles.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListSecurityProfiles.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListSecurityProfilesForTarget.yaml b/fixture/ListSecurityProfilesForTarget.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListSecurityProfilesForTarget.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListSecurityProfilesForTargetResponse.proto b/fixture/ListSecurityProfilesForTargetResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListSecurityProfilesForTargetResponse.proto
diff --git a/fixture/ListSecurityProfilesResponse.proto b/fixture/ListSecurityProfilesResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListSecurityProfilesResponse.proto
diff --git a/fixture/ListTagsForResource.yaml b/fixture/ListTagsForResource.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListTagsForResource.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListTagsForResourceResponse.proto b/fixture/ListTagsForResourceResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListTagsForResourceResponse.proto
diff --git a/fixture/ListTargetsForSecurityProfile.yaml b/fixture/ListTargetsForSecurityProfile.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListTargetsForSecurityProfile.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListTargetsForSecurityProfileResponse.proto b/fixture/ListTargetsForSecurityProfileResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListTargetsForSecurityProfileResponse.proto
diff --git a/fixture/ListThingPrincipals.yaml b/fixture/ListThingPrincipals.yaml
--- a/fixture/ListThingPrincipals.yaml
+++ b/fixture/ListThingPrincipals.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListThingTypes.yaml b/fixture/ListThingTypes.yaml
--- a/fixture/ListThingTypes.yaml
+++ b/fixture/ListThingTypes.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListThings.yaml b/fixture/ListThings.yaml
--- a/fixture/ListThings.yaml
+++ b/fixture/ListThings.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListThingsInBillingGroup.yaml b/fixture/ListThingsInBillingGroup.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListThingsInBillingGroup.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListThingsInBillingGroupResponse.proto b/fixture/ListThingsInBillingGroupResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListThingsInBillingGroupResponse.proto
diff --git a/fixture/ListTopicRuleDestinations.yaml b/fixture/ListTopicRuleDestinations.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListTopicRuleDestinations.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListTopicRuleDestinationsResponse.proto b/fixture/ListTopicRuleDestinationsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListTopicRuleDestinationsResponse.proto
diff --git a/fixture/ListTopicRules.yaml b/fixture/ListTopicRules.yaml
--- a/fixture/ListTopicRules.yaml
+++ b/fixture/ListTopicRules.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListViolationEvents.yaml b/fixture/ListViolationEvents.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListViolationEvents.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListViolationEventsResponse.proto b/fixture/ListViolationEventsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListViolationEventsResponse.proto
diff --git a/fixture/PutVerificationStateOnViolation.yaml b/fixture/PutVerificationStateOnViolation.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/PutVerificationStateOnViolation.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/PutVerificationStateOnViolationResponse.proto b/fixture/PutVerificationStateOnViolationResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/PutVerificationStateOnViolationResponse.proto
diff --git a/fixture/RegisterCACertificate.yaml b/fixture/RegisterCACertificate.yaml
--- a/fixture/RegisterCACertificate.yaml
+++ b/fixture/RegisterCACertificate.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/RegisterCertificate.yaml b/fixture/RegisterCertificate.yaml
--- a/fixture/RegisterCertificate.yaml
+++ b/fixture/RegisterCertificate.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/RegisterCertificateWithoutCA.yaml b/fixture/RegisterCertificateWithoutCA.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/RegisterCertificateWithoutCA.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/RegisterCertificateWithoutCAResponse.proto b/fixture/RegisterCertificateWithoutCAResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/RegisterCertificateWithoutCAResponse.proto
diff --git a/fixture/RejectCertificateTransfer.yaml b/fixture/RejectCertificateTransfer.yaml
--- a/fixture/RejectCertificateTransfer.yaml
+++ b/fixture/RejectCertificateTransfer.yaml
@@ -0,0 +1,10 @@
+---
+method: PATCH
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/RemoveThingFromBillingGroup.yaml b/fixture/RemoveThingFromBillingGroup.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/RemoveThingFromBillingGroup.yaml
@@ -0,0 +1,10 @@
+---
+method: PUT
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/RemoveThingFromBillingGroupResponse.proto b/fixture/RemoveThingFromBillingGroupResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/RemoveThingFromBillingGroupResponse.proto
diff --git a/fixture/ReplaceTopicRule.yaml b/fixture/ReplaceTopicRule.yaml
--- a/fixture/ReplaceTopicRule.yaml
+++ b/fixture/ReplaceTopicRule.yaml
@@ -0,0 +1,10 @@
+---
+method: PATCH
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/SetDefaultPolicyVersion.yaml b/fixture/SetDefaultPolicyVersion.yaml
--- a/fixture/SetDefaultPolicyVersion.yaml
+++ b/fixture/SetDefaultPolicyVersion.yaml
@@ -0,0 +1,10 @@
+---
+method: PATCH
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/SetLoggingOptions.yaml b/fixture/SetLoggingOptions.yaml
--- a/fixture/SetLoggingOptions.yaml
+++ b/fixture/SetLoggingOptions.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/StartAuditMitigationActionsTask.yaml b/fixture/StartAuditMitigationActionsTask.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/StartAuditMitigationActionsTask.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/StartAuditMitigationActionsTaskResponse.proto b/fixture/StartAuditMitigationActionsTaskResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/StartAuditMitigationActionsTaskResponse.proto
diff --git a/fixture/StartDetectMitigationActionsTask.yaml b/fixture/StartDetectMitigationActionsTask.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/StartDetectMitigationActionsTask.yaml
@@ -0,0 +1,10 @@
+---
+method: PUT
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/StartDetectMitigationActionsTaskResponse.proto b/fixture/StartDetectMitigationActionsTaskResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/StartDetectMitigationActionsTaskResponse.proto
diff --git a/fixture/StartOnDemandAuditTask.yaml b/fixture/StartOnDemandAuditTask.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/StartOnDemandAuditTask.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/StartOnDemandAuditTaskResponse.proto b/fixture/StartOnDemandAuditTaskResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/StartOnDemandAuditTaskResponse.proto
diff --git a/fixture/TagResource.yaml b/fixture/TagResource.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/TagResource.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/TagResourceResponse.proto b/fixture/TagResourceResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/TagResourceResponse.proto
diff --git a/fixture/TransferCertificate.yaml b/fixture/TransferCertificate.yaml
--- a/fixture/TransferCertificate.yaml
+++ b/fixture/TransferCertificate.yaml
@@ -0,0 +1,10 @@
+---
+method: PATCH
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UntagResource.yaml b/fixture/UntagResource.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UntagResource.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UntagResourceResponse.proto b/fixture/UntagResourceResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UntagResourceResponse.proto
diff --git a/fixture/UpdateAccountAuditConfiguration.yaml b/fixture/UpdateAccountAuditConfiguration.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateAccountAuditConfiguration.yaml
@@ -0,0 +1,10 @@
+---
+method: PATCH
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateAccountAuditConfigurationResponse.proto b/fixture/UpdateAccountAuditConfigurationResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateAccountAuditConfigurationResponse.proto
diff --git a/fixture/UpdateAuditSuppression.yaml b/fixture/UpdateAuditSuppression.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateAuditSuppression.yaml
@@ -0,0 +1,10 @@
+---
+method: PATCH
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateAuditSuppressionResponse.proto b/fixture/UpdateAuditSuppressionResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateAuditSuppressionResponse.proto
diff --git a/fixture/UpdateBillingGroup.yaml b/fixture/UpdateBillingGroup.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateBillingGroup.yaml
@@ -0,0 +1,10 @@
+---
+method: PATCH
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateBillingGroupResponse.proto b/fixture/UpdateBillingGroupResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateBillingGroupResponse.proto
diff --git a/fixture/UpdateCACertificate.yaml b/fixture/UpdateCACertificate.yaml
--- a/fixture/UpdateCACertificate.yaml
+++ b/fixture/UpdateCACertificate.yaml
@@ -0,0 +1,10 @@
+---
+method: PUT
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateCertificate.yaml b/fixture/UpdateCertificate.yaml
--- a/fixture/UpdateCertificate.yaml
+++ b/fixture/UpdateCertificate.yaml
@@ -0,0 +1,10 @@
+---
+method: PUT
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateCustomMetric.yaml b/fixture/UpdateCustomMetric.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateCustomMetric.yaml
@@ -0,0 +1,10 @@
+---
+method: PATCH
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateCustomMetricResponse.proto b/fixture/UpdateCustomMetricResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateCustomMetricResponse.proto
diff --git a/fixture/UpdateDimension.yaml b/fixture/UpdateDimension.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateDimension.yaml
@@ -0,0 +1,10 @@
+---
+method: PATCH
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateDimensionResponse.proto b/fixture/UpdateDimensionResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateDimensionResponse.proto
diff --git a/fixture/UpdateDomainConfiguration.yaml b/fixture/UpdateDomainConfiguration.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateDomainConfiguration.yaml
@@ -0,0 +1,10 @@
+---
+method: PUT
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateDomainConfigurationResponse.proto b/fixture/UpdateDomainConfigurationResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateDomainConfigurationResponse.proto
diff --git a/fixture/UpdateDynamicThingGroup.yaml b/fixture/UpdateDynamicThingGroup.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateDynamicThingGroup.yaml
@@ -0,0 +1,10 @@
+---
+method: PATCH
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateDynamicThingGroupResponse.proto b/fixture/UpdateDynamicThingGroupResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateDynamicThingGroupResponse.proto
diff --git a/fixture/UpdateFleetMetric.yaml b/fixture/UpdateFleetMetric.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateFleetMetric.yaml
@@ -0,0 +1,10 @@
+---
+method: PATCH
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateFleetMetricResponse.proto b/fixture/UpdateFleetMetricResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateFleetMetricResponse.proto
diff --git a/fixture/UpdateJob.yaml b/fixture/UpdateJob.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateJob.yaml
@@ -0,0 +1,10 @@
+---
+method: PATCH
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateJobResponse.proto b/fixture/UpdateJobResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateJobResponse.proto
diff --git a/fixture/UpdateMitigationAction.yaml b/fixture/UpdateMitigationAction.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateMitigationAction.yaml
@@ -0,0 +1,10 @@
+---
+method: PATCH
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateMitigationActionResponse.proto b/fixture/UpdateMitigationActionResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateMitigationActionResponse.proto
diff --git a/fixture/UpdateProvisioningTemplate.yaml b/fixture/UpdateProvisioningTemplate.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateProvisioningTemplate.yaml
@@ -0,0 +1,10 @@
+---
+method: PATCH
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateProvisioningTemplateResponse.proto b/fixture/UpdateProvisioningTemplateResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateProvisioningTemplateResponse.proto
diff --git a/fixture/UpdateScheduledAudit.yaml b/fixture/UpdateScheduledAudit.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateScheduledAudit.yaml
@@ -0,0 +1,10 @@
+---
+method: PATCH
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateScheduledAuditResponse.proto b/fixture/UpdateScheduledAuditResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateScheduledAuditResponse.proto
diff --git a/fixture/UpdateSecurityProfile.yaml b/fixture/UpdateSecurityProfile.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateSecurityProfile.yaml
@@ -0,0 +1,10 @@
+---
+method: PATCH
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateSecurityProfileResponse.proto b/fixture/UpdateSecurityProfileResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateSecurityProfileResponse.proto
diff --git a/fixture/UpdateThing.yaml b/fixture/UpdateThing.yaml
--- a/fixture/UpdateThing.yaml
+++ b/fixture/UpdateThing.yaml
@@ -0,0 +1,10 @@
+---
+method: PATCH
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateTopicRuleDestination.yaml b/fixture/UpdateTopicRuleDestination.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateTopicRuleDestination.yaml
@@ -0,0 +1,10 @@
+---
+method: PATCH
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateTopicRuleDestinationResponse.proto b/fixture/UpdateTopicRuleDestinationResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateTopicRuleDestinationResponse.proto
diff --git a/fixture/ValidateSecurityProfileBehaviors.yaml b/fixture/ValidateSecurityProfileBehaviors.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ValidateSecurityProfileBehaviors.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/iot/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  iot.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ValidateSecurityProfileBehaviorsResponse.proto b/fixture/ValidateSecurityProfileBehaviorsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ValidateSecurityProfileBehaviorsResponse.proto
diff --git a/gen/Amazonka/IoT.hs b/gen/Amazonka/IoT.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT.hs
@@ -0,0 +1,2827 @@
+{-# OPTIONS_GHC -fno-warn-duplicate-exports #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- |
+-- Module      : Amazonka.IoT
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Derived from API version @2015-05-28@ of the AWS service descriptions, licensed under Apache 2.0.
+--
+-- IoT
+--
+-- IoT provides secure, bi-directional communication between
+-- Internet-connected devices (such as sensors, actuators, embedded
+-- devices, or smart appliances) and the Amazon Web Services cloud. You can
+-- discover your custom IoT-Data endpoint to communicate with, configure
+-- rules for data processing and integration with other services, organize
+-- resources associated with each device (Registry), configure logging, and
+-- create and manage policies and credentials to authenticate devices.
+--
+-- The service endpoints that expose this API are listed in
+-- <https://docs.aws.amazon.com/general/latest/gr/iot-core.html Amazon Web Services IoT Core Endpoints and Quotas>.
+-- You must use the endpoint for the region that has the resources you want
+-- to access.
+--
+-- The service name used by
+-- <https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html Amazon Web Services Signature Version 4>
+-- to sign the request is: /execute-api/.
+--
+-- For more information about how IoT works, see the
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/aws-iot-how-it-works.html Developer Guide>.
+--
+-- For information about how to use the credentials provider for IoT, see
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/authorizing-direct-aws.html Authorizing Direct Calls to Amazon Web Services Services>.
+module Amazonka.IoT
+  ( -- * Service Configuration
+    defaultService,
+
+    -- * Errors
+    -- $errors
+
+    -- ** CertificateConflictException
+    _CertificateConflictException,
+
+    -- ** CertificateStateException
+    _CertificateStateException,
+
+    -- ** CertificateValidationException
+    _CertificateValidationException,
+
+    -- ** ConflictException
+    _ConflictException,
+
+    -- ** ConflictingResourceUpdateException
+    _ConflictingResourceUpdateException,
+
+    -- ** DeleteConflictException
+    _DeleteConflictException,
+
+    -- ** IndexNotReadyException
+    _IndexNotReadyException,
+
+    -- ** InternalException
+    _InternalException,
+
+    -- ** InternalFailureException
+    _InternalFailureException,
+
+    -- ** InternalServerException
+    _InternalServerException,
+
+    -- ** InvalidAggregationException
+    _InvalidAggregationException,
+
+    -- ** InvalidQueryException
+    _InvalidQueryException,
+
+    -- ** InvalidRequestException
+    _InvalidRequestException,
+
+    -- ** InvalidResponseException
+    _InvalidResponseException,
+
+    -- ** InvalidStateTransitionException
+    _InvalidStateTransitionException,
+
+    -- ** LimitExceededException
+    _LimitExceededException,
+
+    -- ** MalformedPolicyException
+    _MalformedPolicyException,
+
+    -- ** NotConfiguredException
+    _NotConfiguredException,
+
+    -- ** RegistrationCodeValidationException
+    _RegistrationCodeValidationException,
+
+    -- ** ResourceAlreadyExistsException
+    _ResourceAlreadyExistsException,
+
+    -- ** ResourceNotFoundException
+    _ResourceNotFoundException,
+
+    -- ** ResourceRegistrationFailureException
+    _ResourceRegistrationFailureException,
+
+    -- ** ServiceUnavailableException
+    _ServiceUnavailableException,
+
+    -- ** SqlParseException
+    _SqlParseException,
+
+    -- ** TaskAlreadyExistsException
+    _TaskAlreadyExistsException,
+
+    -- ** ThrottlingException
+    _ThrottlingException,
+
+    -- ** TransferAlreadyCompletedException
+    _TransferAlreadyCompletedException,
+
+    -- ** TransferConflictException
+    _TransferConflictException,
+
+    -- ** UnauthorizedException
+    _UnauthorizedException,
+
+    -- ** VersionConflictException
+    _VersionConflictException,
+
+    -- ** VersionsLimitExceededException
+    _VersionsLimitExceededException,
+
+    -- * Waiters
+    -- $waiters
+
+    -- * Operations
+    -- $operations
+
+    -- ** AcceptCertificateTransfer
+    AcceptCertificateTransfer (AcceptCertificateTransfer'),
+    newAcceptCertificateTransfer,
+    AcceptCertificateTransferResponse (AcceptCertificateTransferResponse'),
+    newAcceptCertificateTransferResponse,
+
+    -- ** AddThingToBillingGroup
+    AddThingToBillingGroup (AddThingToBillingGroup'),
+    newAddThingToBillingGroup,
+    AddThingToBillingGroupResponse (AddThingToBillingGroupResponse'),
+    newAddThingToBillingGroupResponse,
+
+    -- ** AddThingToThingGroup
+    AddThingToThingGroup (AddThingToThingGroup'),
+    newAddThingToThingGroup,
+    AddThingToThingGroupResponse (AddThingToThingGroupResponse'),
+    newAddThingToThingGroupResponse,
+
+    -- ** AssociateTargetsWithJob
+    AssociateTargetsWithJob (AssociateTargetsWithJob'),
+    newAssociateTargetsWithJob,
+    AssociateTargetsWithJobResponse (AssociateTargetsWithJobResponse'),
+    newAssociateTargetsWithJobResponse,
+
+    -- ** AttachPolicy
+    AttachPolicy (AttachPolicy'),
+    newAttachPolicy,
+    AttachPolicyResponse (AttachPolicyResponse'),
+    newAttachPolicyResponse,
+
+    -- ** AttachSecurityProfile
+    AttachSecurityProfile (AttachSecurityProfile'),
+    newAttachSecurityProfile,
+    AttachSecurityProfileResponse (AttachSecurityProfileResponse'),
+    newAttachSecurityProfileResponse,
+
+    -- ** AttachThingPrincipal
+    AttachThingPrincipal (AttachThingPrincipal'),
+    newAttachThingPrincipal,
+    AttachThingPrincipalResponse (AttachThingPrincipalResponse'),
+    newAttachThingPrincipalResponse,
+
+    -- ** CancelAuditMitigationActionsTask
+    CancelAuditMitigationActionsTask (CancelAuditMitigationActionsTask'),
+    newCancelAuditMitigationActionsTask,
+    CancelAuditMitigationActionsTaskResponse (CancelAuditMitigationActionsTaskResponse'),
+    newCancelAuditMitigationActionsTaskResponse,
+
+    -- ** CancelAuditTask
+    CancelAuditTask (CancelAuditTask'),
+    newCancelAuditTask,
+    CancelAuditTaskResponse (CancelAuditTaskResponse'),
+    newCancelAuditTaskResponse,
+
+    -- ** CancelCertificateTransfer
+    CancelCertificateTransfer (CancelCertificateTransfer'),
+    newCancelCertificateTransfer,
+    CancelCertificateTransferResponse (CancelCertificateTransferResponse'),
+    newCancelCertificateTransferResponse,
+
+    -- ** CancelDetectMitigationActionsTask
+    CancelDetectMitigationActionsTask (CancelDetectMitigationActionsTask'),
+    newCancelDetectMitigationActionsTask,
+    CancelDetectMitigationActionsTaskResponse (CancelDetectMitigationActionsTaskResponse'),
+    newCancelDetectMitigationActionsTaskResponse,
+
+    -- ** CancelJob
+    CancelJob (CancelJob'),
+    newCancelJob,
+    CancelJobResponse (CancelJobResponse'),
+    newCancelJobResponse,
+
+    -- ** CancelJobExecution
+    CancelJobExecution (CancelJobExecution'),
+    newCancelJobExecution,
+    CancelJobExecutionResponse (CancelJobExecutionResponse'),
+    newCancelJobExecutionResponse,
+
+    -- ** ClearDefaultAuthorizer
+    ClearDefaultAuthorizer (ClearDefaultAuthorizer'),
+    newClearDefaultAuthorizer,
+    ClearDefaultAuthorizerResponse (ClearDefaultAuthorizerResponse'),
+    newClearDefaultAuthorizerResponse,
+
+    -- ** ConfirmTopicRuleDestination
+    ConfirmTopicRuleDestination (ConfirmTopicRuleDestination'),
+    newConfirmTopicRuleDestination,
+    ConfirmTopicRuleDestinationResponse (ConfirmTopicRuleDestinationResponse'),
+    newConfirmTopicRuleDestinationResponse,
+
+    -- ** CreateAuditSuppression
+    CreateAuditSuppression (CreateAuditSuppression'),
+    newCreateAuditSuppression,
+    CreateAuditSuppressionResponse (CreateAuditSuppressionResponse'),
+    newCreateAuditSuppressionResponse,
+
+    -- ** CreateAuthorizer
+    CreateAuthorizer (CreateAuthorizer'),
+    newCreateAuthorizer,
+    CreateAuthorizerResponse (CreateAuthorizerResponse'),
+    newCreateAuthorizerResponse,
+
+    -- ** CreateBillingGroup
+    CreateBillingGroup (CreateBillingGroup'),
+    newCreateBillingGroup,
+    CreateBillingGroupResponse (CreateBillingGroupResponse'),
+    newCreateBillingGroupResponse,
+
+    -- ** CreateCertificateFromCsr
+    CreateCertificateFromCsr (CreateCertificateFromCsr'),
+    newCreateCertificateFromCsr,
+    CreateCertificateFromCsrResponse (CreateCertificateFromCsrResponse'),
+    newCreateCertificateFromCsrResponse,
+
+    -- ** CreateCustomMetric
+    CreateCustomMetric (CreateCustomMetric'),
+    newCreateCustomMetric,
+    CreateCustomMetricResponse (CreateCustomMetricResponse'),
+    newCreateCustomMetricResponse,
+
+    -- ** CreateDimension
+    CreateDimension (CreateDimension'),
+    newCreateDimension,
+    CreateDimensionResponse (CreateDimensionResponse'),
+    newCreateDimensionResponse,
+
+    -- ** CreateDomainConfiguration
+    CreateDomainConfiguration (CreateDomainConfiguration'),
+    newCreateDomainConfiguration,
+    CreateDomainConfigurationResponse (CreateDomainConfigurationResponse'),
+    newCreateDomainConfigurationResponse,
+
+    -- ** CreateDynamicThingGroup
+    CreateDynamicThingGroup (CreateDynamicThingGroup'),
+    newCreateDynamicThingGroup,
+    CreateDynamicThingGroupResponse (CreateDynamicThingGroupResponse'),
+    newCreateDynamicThingGroupResponse,
+
+    -- ** CreateFleetMetric
+    CreateFleetMetric (CreateFleetMetric'),
+    newCreateFleetMetric,
+    CreateFleetMetricResponse (CreateFleetMetricResponse'),
+    newCreateFleetMetricResponse,
+
+    -- ** CreateJob
+    CreateJob (CreateJob'),
+    newCreateJob,
+    CreateJobResponse (CreateJobResponse'),
+    newCreateJobResponse,
+
+    -- ** CreateJobTemplate
+    CreateJobTemplate (CreateJobTemplate'),
+    newCreateJobTemplate,
+    CreateJobTemplateResponse (CreateJobTemplateResponse'),
+    newCreateJobTemplateResponse,
+
+    -- ** CreateKeysAndCertificate
+    CreateKeysAndCertificate (CreateKeysAndCertificate'),
+    newCreateKeysAndCertificate,
+    CreateKeysAndCertificateResponse (CreateKeysAndCertificateResponse'),
+    newCreateKeysAndCertificateResponse,
+
+    -- ** CreateMitigationAction
+    CreateMitigationAction (CreateMitigationAction'),
+    newCreateMitigationAction,
+    CreateMitigationActionResponse (CreateMitigationActionResponse'),
+    newCreateMitigationActionResponse,
+
+    -- ** CreateOTAUpdate
+    CreateOTAUpdate (CreateOTAUpdate'),
+    newCreateOTAUpdate,
+    CreateOTAUpdateResponse (CreateOTAUpdateResponse'),
+    newCreateOTAUpdateResponse,
+
+    -- ** CreatePolicy
+    CreatePolicy (CreatePolicy'),
+    newCreatePolicy,
+    CreatePolicyResponse (CreatePolicyResponse'),
+    newCreatePolicyResponse,
+
+    -- ** CreatePolicyVersion
+    CreatePolicyVersion (CreatePolicyVersion'),
+    newCreatePolicyVersion,
+    CreatePolicyVersionResponse (CreatePolicyVersionResponse'),
+    newCreatePolicyVersionResponse,
+
+    -- ** CreateProvisioningClaim
+    CreateProvisioningClaim (CreateProvisioningClaim'),
+    newCreateProvisioningClaim,
+    CreateProvisioningClaimResponse (CreateProvisioningClaimResponse'),
+    newCreateProvisioningClaimResponse,
+
+    -- ** CreateProvisioningTemplate
+    CreateProvisioningTemplate (CreateProvisioningTemplate'),
+    newCreateProvisioningTemplate,
+    CreateProvisioningTemplateResponse (CreateProvisioningTemplateResponse'),
+    newCreateProvisioningTemplateResponse,
+
+    -- ** CreateProvisioningTemplateVersion
+    CreateProvisioningTemplateVersion (CreateProvisioningTemplateVersion'),
+    newCreateProvisioningTemplateVersion,
+    CreateProvisioningTemplateVersionResponse (CreateProvisioningTemplateVersionResponse'),
+    newCreateProvisioningTemplateVersionResponse,
+
+    -- ** CreateRoleAlias
+    CreateRoleAlias (CreateRoleAlias'),
+    newCreateRoleAlias,
+    CreateRoleAliasResponse (CreateRoleAliasResponse'),
+    newCreateRoleAliasResponse,
+
+    -- ** CreateScheduledAudit
+    CreateScheduledAudit (CreateScheduledAudit'),
+    newCreateScheduledAudit,
+    CreateScheduledAuditResponse (CreateScheduledAuditResponse'),
+    newCreateScheduledAuditResponse,
+
+    -- ** CreateSecurityProfile
+    CreateSecurityProfile (CreateSecurityProfile'),
+    newCreateSecurityProfile,
+    CreateSecurityProfileResponse (CreateSecurityProfileResponse'),
+    newCreateSecurityProfileResponse,
+
+    -- ** CreateStream
+    CreateStream (CreateStream'),
+    newCreateStream,
+    CreateStreamResponse (CreateStreamResponse'),
+    newCreateStreamResponse,
+
+    -- ** CreateThing
+    CreateThing (CreateThing'),
+    newCreateThing,
+    CreateThingResponse (CreateThingResponse'),
+    newCreateThingResponse,
+
+    -- ** CreateThingGroup
+    CreateThingGroup (CreateThingGroup'),
+    newCreateThingGroup,
+    CreateThingGroupResponse (CreateThingGroupResponse'),
+    newCreateThingGroupResponse,
+
+    -- ** CreateThingType
+    CreateThingType (CreateThingType'),
+    newCreateThingType,
+    CreateThingTypeResponse (CreateThingTypeResponse'),
+    newCreateThingTypeResponse,
+
+    -- ** CreateTopicRule
+    CreateTopicRule (CreateTopicRule'),
+    newCreateTopicRule,
+    CreateTopicRuleResponse (CreateTopicRuleResponse'),
+    newCreateTopicRuleResponse,
+
+    -- ** CreateTopicRuleDestination
+    CreateTopicRuleDestination (CreateTopicRuleDestination'),
+    newCreateTopicRuleDestination,
+    CreateTopicRuleDestinationResponse (CreateTopicRuleDestinationResponse'),
+    newCreateTopicRuleDestinationResponse,
+
+    -- ** DeleteAccountAuditConfiguration
+    DeleteAccountAuditConfiguration (DeleteAccountAuditConfiguration'),
+    newDeleteAccountAuditConfiguration,
+    DeleteAccountAuditConfigurationResponse (DeleteAccountAuditConfigurationResponse'),
+    newDeleteAccountAuditConfigurationResponse,
+
+    -- ** DeleteAuditSuppression
+    DeleteAuditSuppression (DeleteAuditSuppression'),
+    newDeleteAuditSuppression,
+    DeleteAuditSuppressionResponse (DeleteAuditSuppressionResponse'),
+    newDeleteAuditSuppressionResponse,
+
+    -- ** DeleteAuthorizer
+    DeleteAuthorizer (DeleteAuthorizer'),
+    newDeleteAuthorizer,
+    DeleteAuthorizerResponse (DeleteAuthorizerResponse'),
+    newDeleteAuthorizerResponse,
+
+    -- ** DeleteBillingGroup
+    DeleteBillingGroup (DeleteBillingGroup'),
+    newDeleteBillingGroup,
+    DeleteBillingGroupResponse (DeleteBillingGroupResponse'),
+    newDeleteBillingGroupResponse,
+
+    -- ** DeleteCACertificate
+    DeleteCACertificate (DeleteCACertificate'),
+    newDeleteCACertificate,
+    DeleteCACertificateResponse (DeleteCACertificateResponse'),
+    newDeleteCACertificateResponse,
+
+    -- ** DeleteCertificate
+    DeleteCertificate (DeleteCertificate'),
+    newDeleteCertificate,
+    DeleteCertificateResponse (DeleteCertificateResponse'),
+    newDeleteCertificateResponse,
+
+    -- ** DeleteCustomMetric
+    DeleteCustomMetric (DeleteCustomMetric'),
+    newDeleteCustomMetric,
+    DeleteCustomMetricResponse (DeleteCustomMetricResponse'),
+    newDeleteCustomMetricResponse,
+
+    -- ** DeleteDimension
+    DeleteDimension (DeleteDimension'),
+    newDeleteDimension,
+    DeleteDimensionResponse (DeleteDimensionResponse'),
+    newDeleteDimensionResponse,
+
+    -- ** DeleteDomainConfiguration
+    DeleteDomainConfiguration (DeleteDomainConfiguration'),
+    newDeleteDomainConfiguration,
+    DeleteDomainConfigurationResponse (DeleteDomainConfigurationResponse'),
+    newDeleteDomainConfigurationResponse,
+
+    -- ** DeleteDynamicThingGroup
+    DeleteDynamicThingGroup (DeleteDynamicThingGroup'),
+    newDeleteDynamicThingGroup,
+    DeleteDynamicThingGroupResponse (DeleteDynamicThingGroupResponse'),
+    newDeleteDynamicThingGroupResponse,
+
+    -- ** DeleteFleetMetric
+    DeleteFleetMetric (DeleteFleetMetric'),
+    newDeleteFleetMetric,
+    DeleteFleetMetricResponse (DeleteFleetMetricResponse'),
+    newDeleteFleetMetricResponse,
+
+    -- ** DeleteJob
+    DeleteJob (DeleteJob'),
+    newDeleteJob,
+    DeleteJobResponse (DeleteJobResponse'),
+    newDeleteJobResponse,
+
+    -- ** DeleteJobExecution
+    DeleteJobExecution (DeleteJobExecution'),
+    newDeleteJobExecution,
+    DeleteJobExecutionResponse (DeleteJobExecutionResponse'),
+    newDeleteJobExecutionResponse,
+
+    -- ** DeleteJobTemplate
+    DeleteJobTemplate (DeleteJobTemplate'),
+    newDeleteJobTemplate,
+    DeleteJobTemplateResponse (DeleteJobTemplateResponse'),
+    newDeleteJobTemplateResponse,
+
+    -- ** DeleteMitigationAction
+    DeleteMitigationAction (DeleteMitigationAction'),
+    newDeleteMitigationAction,
+    DeleteMitigationActionResponse (DeleteMitigationActionResponse'),
+    newDeleteMitigationActionResponse,
+
+    -- ** DeleteOTAUpdate
+    DeleteOTAUpdate (DeleteOTAUpdate'),
+    newDeleteOTAUpdate,
+    DeleteOTAUpdateResponse (DeleteOTAUpdateResponse'),
+    newDeleteOTAUpdateResponse,
+
+    -- ** DeletePolicy
+    DeletePolicy (DeletePolicy'),
+    newDeletePolicy,
+    DeletePolicyResponse (DeletePolicyResponse'),
+    newDeletePolicyResponse,
+
+    -- ** DeletePolicyVersion
+    DeletePolicyVersion (DeletePolicyVersion'),
+    newDeletePolicyVersion,
+    DeletePolicyVersionResponse (DeletePolicyVersionResponse'),
+    newDeletePolicyVersionResponse,
+
+    -- ** DeleteProvisioningTemplate
+    DeleteProvisioningTemplate (DeleteProvisioningTemplate'),
+    newDeleteProvisioningTemplate,
+    DeleteProvisioningTemplateResponse (DeleteProvisioningTemplateResponse'),
+    newDeleteProvisioningTemplateResponse,
+
+    -- ** DeleteProvisioningTemplateVersion
+    DeleteProvisioningTemplateVersion (DeleteProvisioningTemplateVersion'),
+    newDeleteProvisioningTemplateVersion,
+    DeleteProvisioningTemplateVersionResponse (DeleteProvisioningTemplateVersionResponse'),
+    newDeleteProvisioningTemplateVersionResponse,
+
+    -- ** DeleteRegistrationCode
+    DeleteRegistrationCode (DeleteRegistrationCode'),
+    newDeleteRegistrationCode,
+    DeleteRegistrationCodeResponse (DeleteRegistrationCodeResponse'),
+    newDeleteRegistrationCodeResponse,
+
+    -- ** DeleteRoleAlias
+    DeleteRoleAlias (DeleteRoleAlias'),
+    newDeleteRoleAlias,
+    DeleteRoleAliasResponse (DeleteRoleAliasResponse'),
+    newDeleteRoleAliasResponse,
+
+    -- ** DeleteScheduledAudit
+    DeleteScheduledAudit (DeleteScheduledAudit'),
+    newDeleteScheduledAudit,
+    DeleteScheduledAuditResponse (DeleteScheduledAuditResponse'),
+    newDeleteScheduledAuditResponse,
+
+    -- ** DeleteSecurityProfile
+    DeleteSecurityProfile (DeleteSecurityProfile'),
+    newDeleteSecurityProfile,
+    DeleteSecurityProfileResponse (DeleteSecurityProfileResponse'),
+    newDeleteSecurityProfileResponse,
+
+    -- ** DeleteStream
+    DeleteStream (DeleteStream'),
+    newDeleteStream,
+    DeleteStreamResponse (DeleteStreamResponse'),
+    newDeleteStreamResponse,
+
+    -- ** DeleteThing
+    DeleteThing (DeleteThing'),
+    newDeleteThing,
+    DeleteThingResponse (DeleteThingResponse'),
+    newDeleteThingResponse,
+
+    -- ** DeleteThingGroup
+    DeleteThingGroup (DeleteThingGroup'),
+    newDeleteThingGroup,
+    DeleteThingGroupResponse (DeleteThingGroupResponse'),
+    newDeleteThingGroupResponse,
+
+    -- ** DeleteThingType
+    DeleteThingType (DeleteThingType'),
+    newDeleteThingType,
+    DeleteThingTypeResponse (DeleteThingTypeResponse'),
+    newDeleteThingTypeResponse,
+
+    -- ** DeleteTopicRule
+    DeleteTopicRule (DeleteTopicRule'),
+    newDeleteTopicRule,
+    DeleteTopicRuleResponse (DeleteTopicRuleResponse'),
+    newDeleteTopicRuleResponse,
+
+    -- ** DeleteTopicRuleDestination
+    DeleteTopicRuleDestination (DeleteTopicRuleDestination'),
+    newDeleteTopicRuleDestination,
+    DeleteTopicRuleDestinationResponse (DeleteTopicRuleDestinationResponse'),
+    newDeleteTopicRuleDestinationResponse,
+
+    -- ** DeleteV2LoggingLevel
+    DeleteV2LoggingLevel (DeleteV2LoggingLevel'),
+    newDeleteV2LoggingLevel,
+    DeleteV2LoggingLevelResponse (DeleteV2LoggingLevelResponse'),
+    newDeleteV2LoggingLevelResponse,
+
+    -- ** DeprecateThingType
+    DeprecateThingType (DeprecateThingType'),
+    newDeprecateThingType,
+    DeprecateThingTypeResponse (DeprecateThingTypeResponse'),
+    newDeprecateThingTypeResponse,
+
+    -- ** DescribeAccountAuditConfiguration
+    DescribeAccountAuditConfiguration (DescribeAccountAuditConfiguration'),
+    newDescribeAccountAuditConfiguration,
+    DescribeAccountAuditConfigurationResponse (DescribeAccountAuditConfigurationResponse'),
+    newDescribeAccountAuditConfigurationResponse,
+
+    -- ** DescribeAuditFinding
+    DescribeAuditFinding (DescribeAuditFinding'),
+    newDescribeAuditFinding,
+    DescribeAuditFindingResponse (DescribeAuditFindingResponse'),
+    newDescribeAuditFindingResponse,
+
+    -- ** DescribeAuditMitigationActionsTask
+    DescribeAuditMitigationActionsTask (DescribeAuditMitigationActionsTask'),
+    newDescribeAuditMitigationActionsTask,
+    DescribeAuditMitigationActionsTaskResponse (DescribeAuditMitigationActionsTaskResponse'),
+    newDescribeAuditMitigationActionsTaskResponse,
+
+    -- ** DescribeAuditSuppression
+    DescribeAuditSuppression (DescribeAuditSuppression'),
+    newDescribeAuditSuppression,
+    DescribeAuditSuppressionResponse (DescribeAuditSuppressionResponse'),
+    newDescribeAuditSuppressionResponse,
+
+    -- ** DescribeAuditTask
+    DescribeAuditTask (DescribeAuditTask'),
+    newDescribeAuditTask,
+    DescribeAuditTaskResponse (DescribeAuditTaskResponse'),
+    newDescribeAuditTaskResponse,
+
+    -- ** DescribeAuthorizer
+    DescribeAuthorizer (DescribeAuthorizer'),
+    newDescribeAuthorizer,
+    DescribeAuthorizerResponse (DescribeAuthorizerResponse'),
+    newDescribeAuthorizerResponse,
+
+    -- ** DescribeBillingGroup
+    DescribeBillingGroup (DescribeBillingGroup'),
+    newDescribeBillingGroup,
+    DescribeBillingGroupResponse (DescribeBillingGroupResponse'),
+    newDescribeBillingGroupResponse,
+
+    -- ** DescribeCACertificate
+    DescribeCACertificate (DescribeCACertificate'),
+    newDescribeCACertificate,
+    DescribeCACertificateResponse (DescribeCACertificateResponse'),
+    newDescribeCACertificateResponse,
+
+    -- ** DescribeCertificate
+    DescribeCertificate (DescribeCertificate'),
+    newDescribeCertificate,
+    DescribeCertificateResponse (DescribeCertificateResponse'),
+    newDescribeCertificateResponse,
+
+    -- ** DescribeCustomMetric
+    DescribeCustomMetric (DescribeCustomMetric'),
+    newDescribeCustomMetric,
+    DescribeCustomMetricResponse (DescribeCustomMetricResponse'),
+    newDescribeCustomMetricResponse,
+
+    -- ** DescribeDefaultAuthorizer
+    DescribeDefaultAuthorizer (DescribeDefaultAuthorizer'),
+    newDescribeDefaultAuthorizer,
+    DescribeDefaultAuthorizerResponse (DescribeDefaultAuthorizerResponse'),
+    newDescribeDefaultAuthorizerResponse,
+
+    -- ** DescribeDetectMitigationActionsTask
+    DescribeDetectMitigationActionsTask (DescribeDetectMitigationActionsTask'),
+    newDescribeDetectMitigationActionsTask,
+    DescribeDetectMitigationActionsTaskResponse (DescribeDetectMitigationActionsTaskResponse'),
+    newDescribeDetectMitigationActionsTaskResponse,
+
+    -- ** DescribeDimension
+    DescribeDimension (DescribeDimension'),
+    newDescribeDimension,
+    DescribeDimensionResponse (DescribeDimensionResponse'),
+    newDescribeDimensionResponse,
+
+    -- ** DescribeDomainConfiguration
+    DescribeDomainConfiguration (DescribeDomainConfiguration'),
+    newDescribeDomainConfiguration,
+    DescribeDomainConfigurationResponse (DescribeDomainConfigurationResponse'),
+    newDescribeDomainConfigurationResponse,
+
+    -- ** DescribeEndpoint
+    DescribeEndpoint (DescribeEndpoint'),
+    newDescribeEndpoint,
+    DescribeEndpointResponse (DescribeEndpointResponse'),
+    newDescribeEndpointResponse,
+
+    -- ** DescribeEventConfigurations
+    DescribeEventConfigurations (DescribeEventConfigurations'),
+    newDescribeEventConfigurations,
+    DescribeEventConfigurationsResponse (DescribeEventConfigurationsResponse'),
+    newDescribeEventConfigurationsResponse,
+
+    -- ** DescribeFleetMetric
+    DescribeFleetMetric (DescribeFleetMetric'),
+    newDescribeFleetMetric,
+    DescribeFleetMetricResponse (DescribeFleetMetricResponse'),
+    newDescribeFleetMetricResponse,
+
+    -- ** DescribeIndex
+    DescribeIndex (DescribeIndex'),
+    newDescribeIndex,
+    DescribeIndexResponse (DescribeIndexResponse'),
+    newDescribeIndexResponse,
+
+    -- ** DescribeJob
+    DescribeJob (DescribeJob'),
+    newDescribeJob,
+    DescribeJobResponse (DescribeJobResponse'),
+    newDescribeJobResponse,
+
+    -- ** DescribeJobExecution
+    DescribeJobExecution (DescribeJobExecution'),
+    newDescribeJobExecution,
+    DescribeJobExecutionResponse (DescribeJobExecutionResponse'),
+    newDescribeJobExecutionResponse,
+
+    -- ** DescribeJobTemplate
+    DescribeJobTemplate (DescribeJobTemplate'),
+    newDescribeJobTemplate,
+    DescribeJobTemplateResponse (DescribeJobTemplateResponse'),
+    newDescribeJobTemplateResponse,
+
+    -- ** DescribeManagedJobTemplate
+    DescribeManagedJobTemplate (DescribeManagedJobTemplate'),
+    newDescribeManagedJobTemplate,
+    DescribeManagedJobTemplateResponse (DescribeManagedJobTemplateResponse'),
+    newDescribeManagedJobTemplateResponse,
+
+    -- ** DescribeMitigationAction
+    DescribeMitigationAction (DescribeMitigationAction'),
+    newDescribeMitigationAction,
+    DescribeMitigationActionResponse (DescribeMitigationActionResponse'),
+    newDescribeMitigationActionResponse,
+
+    -- ** DescribeProvisioningTemplate
+    DescribeProvisioningTemplate (DescribeProvisioningTemplate'),
+    newDescribeProvisioningTemplate,
+    DescribeProvisioningTemplateResponse (DescribeProvisioningTemplateResponse'),
+    newDescribeProvisioningTemplateResponse,
+
+    -- ** DescribeProvisioningTemplateVersion
+    DescribeProvisioningTemplateVersion (DescribeProvisioningTemplateVersion'),
+    newDescribeProvisioningTemplateVersion,
+    DescribeProvisioningTemplateVersionResponse (DescribeProvisioningTemplateVersionResponse'),
+    newDescribeProvisioningTemplateVersionResponse,
+
+    -- ** DescribeRoleAlias
+    DescribeRoleAlias (DescribeRoleAlias'),
+    newDescribeRoleAlias,
+    DescribeRoleAliasResponse (DescribeRoleAliasResponse'),
+    newDescribeRoleAliasResponse,
+
+    -- ** DescribeScheduledAudit
+    DescribeScheduledAudit (DescribeScheduledAudit'),
+    newDescribeScheduledAudit,
+    DescribeScheduledAuditResponse (DescribeScheduledAuditResponse'),
+    newDescribeScheduledAuditResponse,
+
+    -- ** DescribeSecurityProfile
+    DescribeSecurityProfile (DescribeSecurityProfile'),
+    newDescribeSecurityProfile,
+    DescribeSecurityProfileResponse (DescribeSecurityProfileResponse'),
+    newDescribeSecurityProfileResponse,
+
+    -- ** DescribeStream
+    DescribeStream (DescribeStream'),
+    newDescribeStream,
+    DescribeStreamResponse (DescribeStreamResponse'),
+    newDescribeStreamResponse,
+
+    -- ** DescribeThing
+    DescribeThing (DescribeThing'),
+    newDescribeThing,
+    DescribeThingResponse (DescribeThingResponse'),
+    newDescribeThingResponse,
+
+    -- ** DescribeThingGroup
+    DescribeThingGroup (DescribeThingGroup'),
+    newDescribeThingGroup,
+    DescribeThingGroupResponse (DescribeThingGroupResponse'),
+    newDescribeThingGroupResponse,
+
+    -- ** DescribeThingRegistrationTask
+    DescribeThingRegistrationTask (DescribeThingRegistrationTask'),
+    newDescribeThingRegistrationTask,
+    DescribeThingRegistrationTaskResponse (DescribeThingRegistrationTaskResponse'),
+    newDescribeThingRegistrationTaskResponse,
+
+    -- ** DescribeThingType
+    DescribeThingType (DescribeThingType'),
+    newDescribeThingType,
+    DescribeThingTypeResponse (DescribeThingTypeResponse'),
+    newDescribeThingTypeResponse,
+
+    -- ** DetachPolicy
+    DetachPolicy (DetachPolicy'),
+    newDetachPolicy,
+    DetachPolicyResponse (DetachPolicyResponse'),
+    newDetachPolicyResponse,
+
+    -- ** DetachSecurityProfile
+    DetachSecurityProfile (DetachSecurityProfile'),
+    newDetachSecurityProfile,
+    DetachSecurityProfileResponse (DetachSecurityProfileResponse'),
+    newDetachSecurityProfileResponse,
+
+    -- ** DetachThingPrincipal
+    DetachThingPrincipal (DetachThingPrincipal'),
+    newDetachThingPrincipal,
+    DetachThingPrincipalResponse (DetachThingPrincipalResponse'),
+    newDetachThingPrincipalResponse,
+
+    -- ** DisableTopicRule
+    DisableTopicRule (DisableTopicRule'),
+    newDisableTopicRule,
+    DisableTopicRuleResponse (DisableTopicRuleResponse'),
+    newDisableTopicRuleResponse,
+
+    -- ** EnableTopicRule
+    EnableTopicRule (EnableTopicRule'),
+    newEnableTopicRule,
+    EnableTopicRuleResponse (EnableTopicRuleResponse'),
+    newEnableTopicRuleResponse,
+
+    -- ** GetBehaviorModelTrainingSummaries (Paginated)
+    GetBehaviorModelTrainingSummaries (GetBehaviorModelTrainingSummaries'),
+    newGetBehaviorModelTrainingSummaries,
+    GetBehaviorModelTrainingSummariesResponse (GetBehaviorModelTrainingSummariesResponse'),
+    newGetBehaviorModelTrainingSummariesResponse,
+
+    -- ** GetBucketsAggregation
+    GetBucketsAggregation (GetBucketsAggregation'),
+    newGetBucketsAggregation,
+    GetBucketsAggregationResponse (GetBucketsAggregationResponse'),
+    newGetBucketsAggregationResponse,
+
+    -- ** GetCardinality
+    GetCardinality (GetCardinality'),
+    newGetCardinality,
+    GetCardinalityResponse (GetCardinalityResponse'),
+    newGetCardinalityResponse,
+
+    -- ** GetEffectivePolicies
+    GetEffectivePolicies (GetEffectivePolicies'),
+    newGetEffectivePolicies,
+    GetEffectivePoliciesResponse (GetEffectivePoliciesResponse'),
+    newGetEffectivePoliciesResponse,
+
+    -- ** GetIndexingConfiguration
+    GetIndexingConfiguration (GetIndexingConfiguration'),
+    newGetIndexingConfiguration,
+    GetIndexingConfigurationResponse (GetIndexingConfigurationResponse'),
+    newGetIndexingConfigurationResponse,
+
+    -- ** GetJobDocument
+    GetJobDocument (GetJobDocument'),
+    newGetJobDocument,
+    GetJobDocumentResponse (GetJobDocumentResponse'),
+    newGetJobDocumentResponse,
+
+    -- ** GetLoggingOptions
+    GetLoggingOptions (GetLoggingOptions'),
+    newGetLoggingOptions,
+    GetLoggingOptionsResponse (GetLoggingOptionsResponse'),
+    newGetLoggingOptionsResponse,
+
+    -- ** GetOTAUpdate
+    GetOTAUpdate (GetOTAUpdate'),
+    newGetOTAUpdate,
+    GetOTAUpdateResponse (GetOTAUpdateResponse'),
+    newGetOTAUpdateResponse,
+
+    -- ** GetPercentiles
+    GetPercentiles (GetPercentiles'),
+    newGetPercentiles,
+    GetPercentilesResponse (GetPercentilesResponse'),
+    newGetPercentilesResponse,
+
+    -- ** GetPolicy
+    GetPolicy (GetPolicy'),
+    newGetPolicy,
+    GetPolicyResponse (GetPolicyResponse'),
+    newGetPolicyResponse,
+
+    -- ** GetPolicyVersion
+    GetPolicyVersion (GetPolicyVersion'),
+    newGetPolicyVersion,
+    GetPolicyVersionResponse (GetPolicyVersionResponse'),
+    newGetPolicyVersionResponse,
+
+    -- ** GetRegistrationCode
+    GetRegistrationCode (GetRegistrationCode'),
+    newGetRegistrationCode,
+    GetRegistrationCodeResponse (GetRegistrationCodeResponse'),
+    newGetRegistrationCodeResponse,
+
+    -- ** GetStatistics
+    GetStatistics (GetStatistics'),
+    newGetStatistics,
+    GetStatisticsResponse (GetStatisticsResponse'),
+    newGetStatisticsResponse,
+
+    -- ** GetTopicRule
+    GetTopicRule (GetTopicRule'),
+    newGetTopicRule,
+    GetTopicRuleResponse (GetTopicRuleResponse'),
+    newGetTopicRuleResponse,
+
+    -- ** GetTopicRuleDestination
+    GetTopicRuleDestination (GetTopicRuleDestination'),
+    newGetTopicRuleDestination,
+    GetTopicRuleDestinationResponse (GetTopicRuleDestinationResponse'),
+    newGetTopicRuleDestinationResponse,
+
+    -- ** GetV2LoggingOptions
+    GetV2LoggingOptions (GetV2LoggingOptions'),
+    newGetV2LoggingOptions,
+    GetV2LoggingOptionsResponse (GetV2LoggingOptionsResponse'),
+    newGetV2LoggingOptionsResponse,
+
+    -- ** ListActiveViolations (Paginated)
+    ListActiveViolations (ListActiveViolations'),
+    newListActiveViolations,
+    ListActiveViolationsResponse (ListActiveViolationsResponse'),
+    newListActiveViolationsResponse,
+
+    -- ** ListAttachedPolicies (Paginated)
+    ListAttachedPolicies (ListAttachedPolicies'),
+    newListAttachedPolicies,
+    ListAttachedPoliciesResponse (ListAttachedPoliciesResponse'),
+    newListAttachedPoliciesResponse,
+
+    -- ** ListAuditFindings (Paginated)
+    ListAuditFindings (ListAuditFindings'),
+    newListAuditFindings,
+    ListAuditFindingsResponse (ListAuditFindingsResponse'),
+    newListAuditFindingsResponse,
+
+    -- ** ListAuditMitigationActionsExecutions (Paginated)
+    ListAuditMitigationActionsExecutions (ListAuditMitigationActionsExecutions'),
+    newListAuditMitigationActionsExecutions,
+    ListAuditMitigationActionsExecutionsResponse (ListAuditMitigationActionsExecutionsResponse'),
+    newListAuditMitigationActionsExecutionsResponse,
+
+    -- ** ListAuditMitigationActionsTasks (Paginated)
+    ListAuditMitigationActionsTasks (ListAuditMitigationActionsTasks'),
+    newListAuditMitigationActionsTasks,
+    ListAuditMitigationActionsTasksResponse (ListAuditMitigationActionsTasksResponse'),
+    newListAuditMitigationActionsTasksResponse,
+
+    -- ** ListAuditSuppressions (Paginated)
+    ListAuditSuppressions (ListAuditSuppressions'),
+    newListAuditSuppressions,
+    ListAuditSuppressionsResponse (ListAuditSuppressionsResponse'),
+    newListAuditSuppressionsResponse,
+
+    -- ** ListAuditTasks (Paginated)
+    ListAuditTasks (ListAuditTasks'),
+    newListAuditTasks,
+    ListAuditTasksResponse (ListAuditTasksResponse'),
+    newListAuditTasksResponse,
+
+    -- ** ListAuthorizers (Paginated)
+    ListAuthorizers (ListAuthorizers'),
+    newListAuthorizers,
+    ListAuthorizersResponse (ListAuthorizersResponse'),
+    newListAuthorizersResponse,
+
+    -- ** ListBillingGroups (Paginated)
+    ListBillingGroups (ListBillingGroups'),
+    newListBillingGroups,
+    ListBillingGroupsResponse (ListBillingGroupsResponse'),
+    newListBillingGroupsResponse,
+
+    -- ** ListCACertificates (Paginated)
+    ListCACertificates (ListCACertificates'),
+    newListCACertificates,
+    ListCACertificatesResponse (ListCACertificatesResponse'),
+    newListCACertificatesResponse,
+
+    -- ** ListCertificates (Paginated)
+    ListCertificates (ListCertificates'),
+    newListCertificates,
+    ListCertificatesResponse (ListCertificatesResponse'),
+    newListCertificatesResponse,
+
+    -- ** ListCertificatesByCA (Paginated)
+    ListCertificatesByCA (ListCertificatesByCA'),
+    newListCertificatesByCA,
+    ListCertificatesByCAResponse (ListCertificatesByCAResponse'),
+    newListCertificatesByCAResponse,
+
+    -- ** ListCustomMetrics (Paginated)
+    ListCustomMetrics (ListCustomMetrics'),
+    newListCustomMetrics,
+    ListCustomMetricsResponse (ListCustomMetricsResponse'),
+    newListCustomMetricsResponse,
+
+    -- ** ListDetectMitigationActionsExecutions (Paginated)
+    ListDetectMitigationActionsExecutions (ListDetectMitigationActionsExecutions'),
+    newListDetectMitigationActionsExecutions,
+    ListDetectMitigationActionsExecutionsResponse (ListDetectMitigationActionsExecutionsResponse'),
+    newListDetectMitigationActionsExecutionsResponse,
+
+    -- ** ListDetectMitigationActionsTasks (Paginated)
+    ListDetectMitigationActionsTasks (ListDetectMitigationActionsTasks'),
+    newListDetectMitigationActionsTasks,
+    ListDetectMitigationActionsTasksResponse (ListDetectMitigationActionsTasksResponse'),
+    newListDetectMitigationActionsTasksResponse,
+
+    -- ** ListDimensions (Paginated)
+    ListDimensions (ListDimensions'),
+    newListDimensions,
+    ListDimensionsResponse (ListDimensionsResponse'),
+    newListDimensionsResponse,
+
+    -- ** ListDomainConfigurations (Paginated)
+    ListDomainConfigurations (ListDomainConfigurations'),
+    newListDomainConfigurations,
+    ListDomainConfigurationsResponse (ListDomainConfigurationsResponse'),
+    newListDomainConfigurationsResponse,
+
+    -- ** ListFleetMetrics (Paginated)
+    ListFleetMetrics (ListFleetMetrics'),
+    newListFleetMetrics,
+    ListFleetMetricsResponse (ListFleetMetricsResponse'),
+    newListFleetMetricsResponse,
+
+    -- ** ListIndices (Paginated)
+    ListIndices (ListIndices'),
+    newListIndices,
+    ListIndicesResponse (ListIndicesResponse'),
+    newListIndicesResponse,
+
+    -- ** ListJobExecutionsForJob (Paginated)
+    ListJobExecutionsForJob (ListJobExecutionsForJob'),
+    newListJobExecutionsForJob,
+    ListJobExecutionsForJobResponse (ListJobExecutionsForJobResponse'),
+    newListJobExecutionsForJobResponse,
+
+    -- ** ListJobExecutionsForThing (Paginated)
+    ListJobExecutionsForThing (ListJobExecutionsForThing'),
+    newListJobExecutionsForThing,
+    ListJobExecutionsForThingResponse (ListJobExecutionsForThingResponse'),
+    newListJobExecutionsForThingResponse,
+
+    -- ** ListJobTemplates (Paginated)
+    ListJobTemplates (ListJobTemplates'),
+    newListJobTemplates,
+    ListJobTemplatesResponse (ListJobTemplatesResponse'),
+    newListJobTemplatesResponse,
+
+    -- ** ListJobs (Paginated)
+    ListJobs (ListJobs'),
+    newListJobs,
+    ListJobsResponse (ListJobsResponse'),
+    newListJobsResponse,
+
+    -- ** ListManagedJobTemplates
+    ListManagedJobTemplates (ListManagedJobTemplates'),
+    newListManagedJobTemplates,
+    ListManagedJobTemplatesResponse (ListManagedJobTemplatesResponse'),
+    newListManagedJobTemplatesResponse,
+
+    -- ** ListMetricValues (Paginated)
+    ListMetricValues (ListMetricValues'),
+    newListMetricValues,
+    ListMetricValuesResponse (ListMetricValuesResponse'),
+    newListMetricValuesResponse,
+
+    -- ** ListMitigationActions (Paginated)
+    ListMitigationActions (ListMitigationActions'),
+    newListMitigationActions,
+    ListMitigationActionsResponse (ListMitigationActionsResponse'),
+    newListMitigationActionsResponse,
+
+    -- ** ListOTAUpdates (Paginated)
+    ListOTAUpdates (ListOTAUpdates'),
+    newListOTAUpdates,
+    ListOTAUpdatesResponse (ListOTAUpdatesResponse'),
+    newListOTAUpdatesResponse,
+
+    -- ** ListOutgoingCertificates (Paginated)
+    ListOutgoingCertificates (ListOutgoingCertificates'),
+    newListOutgoingCertificates,
+    ListOutgoingCertificatesResponse (ListOutgoingCertificatesResponse'),
+    newListOutgoingCertificatesResponse,
+
+    -- ** ListPolicies (Paginated)
+    ListPolicies (ListPolicies'),
+    newListPolicies,
+    ListPoliciesResponse (ListPoliciesResponse'),
+    newListPoliciesResponse,
+
+    -- ** ListPolicyVersions
+    ListPolicyVersions (ListPolicyVersions'),
+    newListPolicyVersions,
+    ListPolicyVersionsResponse (ListPolicyVersionsResponse'),
+    newListPolicyVersionsResponse,
+
+    -- ** ListPrincipalThings (Paginated)
+    ListPrincipalThings (ListPrincipalThings'),
+    newListPrincipalThings,
+    ListPrincipalThingsResponse (ListPrincipalThingsResponse'),
+    newListPrincipalThingsResponse,
+
+    -- ** ListProvisioningTemplateVersions (Paginated)
+    ListProvisioningTemplateVersions (ListProvisioningTemplateVersions'),
+    newListProvisioningTemplateVersions,
+    ListProvisioningTemplateVersionsResponse (ListProvisioningTemplateVersionsResponse'),
+    newListProvisioningTemplateVersionsResponse,
+
+    -- ** ListProvisioningTemplates (Paginated)
+    ListProvisioningTemplates (ListProvisioningTemplates'),
+    newListProvisioningTemplates,
+    ListProvisioningTemplatesResponse (ListProvisioningTemplatesResponse'),
+    newListProvisioningTemplatesResponse,
+
+    -- ** ListRelatedResourcesForAuditFinding
+    ListRelatedResourcesForAuditFinding (ListRelatedResourcesForAuditFinding'),
+    newListRelatedResourcesForAuditFinding,
+    ListRelatedResourcesForAuditFindingResponse (ListRelatedResourcesForAuditFindingResponse'),
+    newListRelatedResourcesForAuditFindingResponse,
+
+    -- ** ListRoleAliases (Paginated)
+    ListRoleAliases (ListRoleAliases'),
+    newListRoleAliases,
+    ListRoleAliasesResponse (ListRoleAliasesResponse'),
+    newListRoleAliasesResponse,
+
+    -- ** ListScheduledAudits (Paginated)
+    ListScheduledAudits (ListScheduledAudits'),
+    newListScheduledAudits,
+    ListScheduledAuditsResponse (ListScheduledAuditsResponse'),
+    newListScheduledAuditsResponse,
+
+    -- ** ListSecurityProfiles (Paginated)
+    ListSecurityProfiles (ListSecurityProfiles'),
+    newListSecurityProfiles,
+    ListSecurityProfilesResponse (ListSecurityProfilesResponse'),
+    newListSecurityProfilesResponse,
+
+    -- ** ListSecurityProfilesForTarget (Paginated)
+    ListSecurityProfilesForTarget (ListSecurityProfilesForTarget'),
+    newListSecurityProfilesForTarget,
+    ListSecurityProfilesForTargetResponse (ListSecurityProfilesForTargetResponse'),
+    newListSecurityProfilesForTargetResponse,
+
+    -- ** ListStreams (Paginated)
+    ListStreams (ListStreams'),
+    newListStreams,
+    ListStreamsResponse (ListStreamsResponse'),
+    newListStreamsResponse,
+
+    -- ** ListTagsForResource (Paginated)
+    ListTagsForResource (ListTagsForResource'),
+    newListTagsForResource,
+    ListTagsForResourceResponse (ListTagsForResourceResponse'),
+    newListTagsForResourceResponse,
+
+    -- ** ListTargetsForPolicy (Paginated)
+    ListTargetsForPolicy (ListTargetsForPolicy'),
+    newListTargetsForPolicy,
+    ListTargetsForPolicyResponse (ListTargetsForPolicyResponse'),
+    newListTargetsForPolicyResponse,
+
+    -- ** ListTargetsForSecurityProfile (Paginated)
+    ListTargetsForSecurityProfile (ListTargetsForSecurityProfile'),
+    newListTargetsForSecurityProfile,
+    ListTargetsForSecurityProfileResponse (ListTargetsForSecurityProfileResponse'),
+    newListTargetsForSecurityProfileResponse,
+
+    -- ** ListThingGroups (Paginated)
+    ListThingGroups (ListThingGroups'),
+    newListThingGroups,
+    ListThingGroupsResponse (ListThingGroupsResponse'),
+    newListThingGroupsResponse,
+
+    -- ** ListThingGroupsForThing (Paginated)
+    ListThingGroupsForThing (ListThingGroupsForThing'),
+    newListThingGroupsForThing,
+    ListThingGroupsForThingResponse (ListThingGroupsForThingResponse'),
+    newListThingGroupsForThingResponse,
+
+    -- ** ListThingPrincipals (Paginated)
+    ListThingPrincipals (ListThingPrincipals'),
+    newListThingPrincipals,
+    ListThingPrincipalsResponse (ListThingPrincipalsResponse'),
+    newListThingPrincipalsResponse,
+
+    -- ** ListThingRegistrationTaskReports (Paginated)
+    ListThingRegistrationTaskReports (ListThingRegistrationTaskReports'),
+    newListThingRegistrationTaskReports,
+    ListThingRegistrationTaskReportsResponse (ListThingRegistrationTaskReportsResponse'),
+    newListThingRegistrationTaskReportsResponse,
+
+    -- ** ListThingRegistrationTasks (Paginated)
+    ListThingRegistrationTasks (ListThingRegistrationTasks'),
+    newListThingRegistrationTasks,
+    ListThingRegistrationTasksResponse (ListThingRegistrationTasksResponse'),
+    newListThingRegistrationTasksResponse,
+
+    -- ** ListThingTypes (Paginated)
+    ListThingTypes (ListThingTypes'),
+    newListThingTypes,
+    ListThingTypesResponse (ListThingTypesResponse'),
+    newListThingTypesResponse,
+
+    -- ** ListThings (Paginated)
+    ListThings (ListThings'),
+    newListThings,
+    ListThingsResponse (ListThingsResponse'),
+    newListThingsResponse,
+
+    -- ** ListThingsInBillingGroup (Paginated)
+    ListThingsInBillingGroup (ListThingsInBillingGroup'),
+    newListThingsInBillingGroup,
+    ListThingsInBillingGroupResponse (ListThingsInBillingGroupResponse'),
+    newListThingsInBillingGroupResponse,
+
+    -- ** ListThingsInThingGroup (Paginated)
+    ListThingsInThingGroup (ListThingsInThingGroup'),
+    newListThingsInThingGroup,
+    ListThingsInThingGroupResponse (ListThingsInThingGroupResponse'),
+    newListThingsInThingGroupResponse,
+
+    -- ** ListTopicRuleDestinations (Paginated)
+    ListTopicRuleDestinations (ListTopicRuleDestinations'),
+    newListTopicRuleDestinations,
+    ListTopicRuleDestinationsResponse (ListTopicRuleDestinationsResponse'),
+    newListTopicRuleDestinationsResponse,
+
+    -- ** ListTopicRules (Paginated)
+    ListTopicRules (ListTopicRules'),
+    newListTopicRules,
+    ListTopicRulesResponse (ListTopicRulesResponse'),
+    newListTopicRulesResponse,
+
+    -- ** ListV2LoggingLevels (Paginated)
+    ListV2LoggingLevels (ListV2LoggingLevels'),
+    newListV2LoggingLevels,
+    ListV2LoggingLevelsResponse (ListV2LoggingLevelsResponse'),
+    newListV2LoggingLevelsResponse,
+
+    -- ** ListViolationEvents (Paginated)
+    ListViolationEvents (ListViolationEvents'),
+    newListViolationEvents,
+    ListViolationEventsResponse (ListViolationEventsResponse'),
+    newListViolationEventsResponse,
+
+    -- ** PutVerificationStateOnViolation
+    PutVerificationStateOnViolation (PutVerificationStateOnViolation'),
+    newPutVerificationStateOnViolation,
+    PutVerificationStateOnViolationResponse (PutVerificationStateOnViolationResponse'),
+    newPutVerificationStateOnViolationResponse,
+
+    -- ** RegisterCACertificate
+    RegisterCACertificate (RegisterCACertificate'),
+    newRegisterCACertificate,
+    RegisterCACertificateResponse (RegisterCACertificateResponse'),
+    newRegisterCACertificateResponse,
+
+    -- ** RegisterCertificate
+    RegisterCertificate (RegisterCertificate'),
+    newRegisterCertificate,
+    RegisterCertificateResponse (RegisterCertificateResponse'),
+    newRegisterCertificateResponse,
+
+    -- ** RegisterCertificateWithoutCA
+    RegisterCertificateWithoutCA (RegisterCertificateWithoutCA'),
+    newRegisterCertificateWithoutCA,
+    RegisterCertificateWithoutCAResponse (RegisterCertificateWithoutCAResponse'),
+    newRegisterCertificateWithoutCAResponse,
+
+    -- ** RegisterThing
+    RegisterThing (RegisterThing'),
+    newRegisterThing,
+    RegisterThingResponse (RegisterThingResponse'),
+    newRegisterThingResponse,
+
+    -- ** RejectCertificateTransfer
+    RejectCertificateTransfer (RejectCertificateTransfer'),
+    newRejectCertificateTransfer,
+    RejectCertificateTransferResponse (RejectCertificateTransferResponse'),
+    newRejectCertificateTransferResponse,
+
+    -- ** RemoveThingFromBillingGroup
+    RemoveThingFromBillingGroup (RemoveThingFromBillingGroup'),
+    newRemoveThingFromBillingGroup,
+    RemoveThingFromBillingGroupResponse (RemoveThingFromBillingGroupResponse'),
+    newRemoveThingFromBillingGroupResponse,
+
+    -- ** RemoveThingFromThingGroup
+    RemoveThingFromThingGroup (RemoveThingFromThingGroup'),
+    newRemoveThingFromThingGroup,
+    RemoveThingFromThingGroupResponse (RemoveThingFromThingGroupResponse'),
+    newRemoveThingFromThingGroupResponse,
+
+    -- ** ReplaceTopicRule
+    ReplaceTopicRule (ReplaceTopicRule'),
+    newReplaceTopicRule,
+    ReplaceTopicRuleResponse (ReplaceTopicRuleResponse'),
+    newReplaceTopicRuleResponse,
+
+    -- ** SearchIndex
+    SearchIndex (SearchIndex'),
+    newSearchIndex,
+    SearchIndexResponse (SearchIndexResponse'),
+    newSearchIndexResponse,
+
+    -- ** SetDefaultAuthorizer
+    SetDefaultAuthorizer (SetDefaultAuthorizer'),
+    newSetDefaultAuthorizer,
+    SetDefaultAuthorizerResponse (SetDefaultAuthorizerResponse'),
+    newSetDefaultAuthorizerResponse,
+
+    -- ** SetDefaultPolicyVersion
+    SetDefaultPolicyVersion (SetDefaultPolicyVersion'),
+    newSetDefaultPolicyVersion,
+    SetDefaultPolicyVersionResponse (SetDefaultPolicyVersionResponse'),
+    newSetDefaultPolicyVersionResponse,
+
+    -- ** SetLoggingOptions
+    SetLoggingOptions (SetLoggingOptions'),
+    newSetLoggingOptions,
+    SetLoggingOptionsResponse (SetLoggingOptionsResponse'),
+    newSetLoggingOptionsResponse,
+
+    -- ** SetV2LoggingLevel
+    SetV2LoggingLevel (SetV2LoggingLevel'),
+    newSetV2LoggingLevel,
+    SetV2LoggingLevelResponse (SetV2LoggingLevelResponse'),
+    newSetV2LoggingLevelResponse,
+
+    -- ** SetV2LoggingOptions
+    SetV2LoggingOptions (SetV2LoggingOptions'),
+    newSetV2LoggingOptions,
+    SetV2LoggingOptionsResponse (SetV2LoggingOptionsResponse'),
+    newSetV2LoggingOptionsResponse,
+
+    -- ** StartAuditMitigationActionsTask
+    StartAuditMitigationActionsTask (StartAuditMitigationActionsTask'),
+    newStartAuditMitigationActionsTask,
+    StartAuditMitigationActionsTaskResponse (StartAuditMitigationActionsTaskResponse'),
+    newStartAuditMitigationActionsTaskResponse,
+
+    -- ** StartDetectMitigationActionsTask
+    StartDetectMitigationActionsTask (StartDetectMitigationActionsTask'),
+    newStartDetectMitigationActionsTask,
+    StartDetectMitigationActionsTaskResponse (StartDetectMitigationActionsTaskResponse'),
+    newStartDetectMitigationActionsTaskResponse,
+
+    -- ** StartOnDemandAuditTask
+    StartOnDemandAuditTask (StartOnDemandAuditTask'),
+    newStartOnDemandAuditTask,
+    StartOnDemandAuditTaskResponse (StartOnDemandAuditTaskResponse'),
+    newStartOnDemandAuditTaskResponse,
+
+    -- ** StartThingRegistrationTask
+    StartThingRegistrationTask (StartThingRegistrationTask'),
+    newStartThingRegistrationTask,
+    StartThingRegistrationTaskResponse (StartThingRegistrationTaskResponse'),
+    newStartThingRegistrationTaskResponse,
+
+    -- ** StopThingRegistrationTask
+    StopThingRegistrationTask (StopThingRegistrationTask'),
+    newStopThingRegistrationTask,
+    StopThingRegistrationTaskResponse (StopThingRegistrationTaskResponse'),
+    newStopThingRegistrationTaskResponse,
+
+    -- ** TagResource
+    TagResource (TagResource'),
+    newTagResource,
+    TagResourceResponse (TagResourceResponse'),
+    newTagResourceResponse,
+
+    -- ** TestAuthorization
+    TestAuthorization (TestAuthorization'),
+    newTestAuthorization,
+    TestAuthorizationResponse (TestAuthorizationResponse'),
+    newTestAuthorizationResponse,
+
+    -- ** TestInvokeAuthorizer
+    TestInvokeAuthorizer (TestInvokeAuthorizer'),
+    newTestInvokeAuthorizer,
+    TestInvokeAuthorizerResponse (TestInvokeAuthorizerResponse'),
+    newTestInvokeAuthorizerResponse,
+
+    -- ** TransferCertificate
+    TransferCertificate (TransferCertificate'),
+    newTransferCertificate,
+    TransferCertificateResponse (TransferCertificateResponse'),
+    newTransferCertificateResponse,
+
+    -- ** UntagResource
+    UntagResource (UntagResource'),
+    newUntagResource,
+    UntagResourceResponse (UntagResourceResponse'),
+    newUntagResourceResponse,
+
+    -- ** UpdateAccountAuditConfiguration
+    UpdateAccountAuditConfiguration (UpdateAccountAuditConfiguration'),
+    newUpdateAccountAuditConfiguration,
+    UpdateAccountAuditConfigurationResponse (UpdateAccountAuditConfigurationResponse'),
+    newUpdateAccountAuditConfigurationResponse,
+
+    -- ** UpdateAuditSuppression
+    UpdateAuditSuppression (UpdateAuditSuppression'),
+    newUpdateAuditSuppression,
+    UpdateAuditSuppressionResponse (UpdateAuditSuppressionResponse'),
+    newUpdateAuditSuppressionResponse,
+
+    -- ** UpdateAuthorizer
+    UpdateAuthorizer (UpdateAuthorizer'),
+    newUpdateAuthorizer,
+    UpdateAuthorizerResponse (UpdateAuthorizerResponse'),
+    newUpdateAuthorizerResponse,
+
+    -- ** UpdateBillingGroup
+    UpdateBillingGroup (UpdateBillingGroup'),
+    newUpdateBillingGroup,
+    UpdateBillingGroupResponse (UpdateBillingGroupResponse'),
+    newUpdateBillingGroupResponse,
+
+    -- ** UpdateCACertificate
+    UpdateCACertificate (UpdateCACertificate'),
+    newUpdateCACertificate,
+    UpdateCACertificateResponse (UpdateCACertificateResponse'),
+    newUpdateCACertificateResponse,
+
+    -- ** UpdateCertificate
+    UpdateCertificate (UpdateCertificate'),
+    newUpdateCertificate,
+    UpdateCertificateResponse (UpdateCertificateResponse'),
+    newUpdateCertificateResponse,
+
+    -- ** UpdateCustomMetric
+    UpdateCustomMetric (UpdateCustomMetric'),
+    newUpdateCustomMetric,
+    UpdateCustomMetricResponse (UpdateCustomMetricResponse'),
+    newUpdateCustomMetricResponse,
+
+    -- ** UpdateDimension
+    UpdateDimension (UpdateDimension'),
+    newUpdateDimension,
+    UpdateDimensionResponse (UpdateDimensionResponse'),
+    newUpdateDimensionResponse,
+
+    -- ** UpdateDomainConfiguration
+    UpdateDomainConfiguration (UpdateDomainConfiguration'),
+    newUpdateDomainConfiguration,
+    UpdateDomainConfigurationResponse (UpdateDomainConfigurationResponse'),
+    newUpdateDomainConfigurationResponse,
+
+    -- ** UpdateDynamicThingGroup
+    UpdateDynamicThingGroup (UpdateDynamicThingGroup'),
+    newUpdateDynamicThingGroup,
+    UpdateDynamicThingGroupResponse (UpdateDynamicThingGroupResponse'),
+    newUpdateDynamicThingGroupResponse,
+
+    -- ** UpdateEventConfigurations
+    UpdateEventConfigurations (UpdateEventConfigurations'),
+    newUpdateEventConfigurations,
+    UpdateEventConfigurationsResponse (UpdateEventConfigurationsResponse'),
+    newUpdateEventConfigurationsResponse,
+
+    -- ** UpdateFleetMetric
+    UpdateFleetMetric (UpdateFleetMetric'),
+    newUpdateFleetMetric,
+    UpdateFleetMetricResponse (UpdateFleetMetricResponse'),
+    newUpdateFleetMetricResponse,
+
+    -- ** UpdateIndexingConfiguration
+    UpdateIndexingConfiguration (UpdateIndexingConfiguration'),
+    newUpdateIndexingConfiguration,
+    UpdateIndexingConfigurationResponse (UpdateIndexingConfigurationResponse'),
+    newUpdateIndexingConfigurationResponse,
+
+    -- ** UpdateJob
+    UpdateJob (UpdateJob'),
+    newUpdateJob,
+    UpdateJobResponse (UpdateJobResponse'),
+    newUpdateJobResponse,
+
+    -- ** UpdateMitigationAction
+    UpdateMitigationAction (UpdateMitigationAction'),
+    newUpdateMitigationAction,
+    UpdateMitigationActionResponse (UpdateMitigationActionResponse'),
+    newUpdateMitigationActionResponse,
+
+    -- ** UpdateProvisioningTemplate
+    UpdateProvisioningTemplate (UpdateProvisioningTemplate'),
+    newUpdateProvisioningTemplate,
+    UpdateProvisioningTemplateResponse (UpdateProvisioningTemplateResponse'),
+    newUpdateProvisioningTemplateResponse,
+
+    -- ** UpdateRoleAlias
+    UpdateRoleAlias (UpdateRoleAlias'),
+    newUpdateRoleAlias,
+    UpdateRoleAliasResponse (UpdateRoleAliasResponse'),
+    newUpdateRoleAliasResponse,
+
+    -- ** UpdateScheduledAudit
+    UpdateScheduledAudit (UpdateScheduledAudit'),
+    newUpdateScheduledAudit,
+    UpdateScheduledAuditResponse (UpdateScheduledAuditResponse'),
+    newUpdateScheduledAuditResponse,
+
+    -- ** UpdateSecurityProfile
+    UpdateSecurityProfile (UpdateSecurityProfile'),
+    newUpdateSecurityProfile,
+    UpdateSecurityProfileResponse (UpdateSecurityProfileResponse'),
+    newUpdateSecurityProfileResponse,
+
+    -- ** UpdateStream
+    UpdateStream (UpdateStream'),
+    newUpdateStream,
+    UpdateStreamResponse (UpdateStreamResponse'),
+    newUpdateStreamResponse,
+
+    -- ** UpdateThing
+    UpdateThing (UpdateThing'),
+    newUpdateThing,
+    UpdateThingResponse (UpdateThingResponse'),
+    newUpdateThingResponse,
+
+    -- ** UpdateThingGroup
+    UpdateThingGroup (UpdateThingGroup'),
+    newUpdateThingGroup,
+    UpdateThingGroupResponse (UpdateThingGroupResponse'),
+    newUpdateThingGroupResponse,
+
+    -- ** UpdateThingGroupsForThing
+    UpdateThingGroupsForThing (UpdateThingGroupsForThing'),
+    newUpdateThingGroupsForThing,
+    UpdateThingGroupsForThingResponse (UpdateThingGroupsForThingResponse'),
+    newUpdateThingGroupsForThingResponse,
+
+    -- ** UpdateTopicRuleDestination
+    UpdateTopicRuleDestination (UpdateTopicRuleDestination'),
+    newUpdateTopicRuleDestination,
+    UpdateTopicRuleDestinationResponse (UpdateTopicRuleDestinationResponse'),
+    newUpdateTopicRuleDestinationResponse,
+
+    -- ** ValidateSecurityProfileBehaviors
+    ValidateSecurityProfileBehaviors (ValidateSecurityProfileBehaviors'),
+    newValidateSecurityProfileBehaviors,
+    ValidateSecurityProfileBehaviorsResponse (ValidateSecurityProfileBehaviorsResponse'),
+    newValidateSecurityProfileBehaviorsResponse,
+
+    -- * Types
+
+    -- ** AbortAction
+    AbortAction (..),
+
+    -- ** ActionType
+    ActionType (..),
+
+    -- ** AggregationTypeName
+    AggregationTypeName (..),
+
+    -- ** AlertTargetType
+    AlertTargetType (..),
+
+    -- ** AuditCheckRunStatus
+    AuditCheckRunStatus (..),
+
+    -- ** AuditFindingSeverity
+    AuditFindingSeverity (..),
+
+    -- ** AuditFrequency
+    AuditFrequency (..),
+
+    -- ** AuditMitigationActionsExecutionStatus
+    AuditMitigationActionsExecutionStatus (..),
+
+    -- ** AuditMitigationActionsTaskStatus
+    AuditMitigationActionsTaskStatus (..),
+
+    -- ** AuditNotificationType
+    AuditNotificationType (..),
+
+    -- ** AuditTaskStatus
+    AuditTaskStatus (..),
+
+    -- ** AuditTaskType
+    AuditTaskType (..),
+
+    -- ** AuthDecision
+    AuthDecision (..),
+
+    -- ** AuthorizerStatus
+    AuthorizerStatus (..),
+
+    -- ** AutoRegistrationStatus
+    AutoRegistrationStatus (..),
+
+    -- ** AwsJobAbortCriteriaAbortAction
+    AwsJobAbortCriteriaAbortAction (..),
+
+    -- ** AwsJobAbortCriteriaFailureType
+    AwsJobAbortCriteriaFailureType (..),
+
+    -- ** BehaviorCriteriaType
+    BehaviorCriteriaType (..),
+
+    -- ** CACertificateStatus
+    CACertificateStatus (..),
+
+    -- ** CACertificateUpdateAction
+    CACertificateUpdateAction (..),
+
+    -- ** CannedAccessControlList
+    CannedAccessControlList (..),
+
+    -- ** CertificateMode
+    CertificateMode (..),
+
+    -- ** CertificateStatus
+    CertificateStatus (..),
+
+    -- ** ComparisonOperator
+    ComparisonOperator (..),
+
+    -- ** ConfidenceLevel
+    ConfidenceLevel (..),
+
+    -- ** CustomMetricType
+    CustomMetricType (..),
+
+    -- ** DayOfWeek
+    DayOfWeek (..),
+
+    -- ** DetectMitigationActionExecutionStatus
+    DetectMitigationActionExecutionStatus (..),
+
+    -- ** DetectMitigationActionsTaskStatus
+    DetectMitigationActionsTaskStatus (..),
+
+    -- ** DeviceCertificateUpdateAction
+    DeviceCertificateUpdateAction (..),
+
+    -- ** DeviceDefenderIndexingMode
+    DeviceDefenderIndexingMode (..),
+
+    -- ** DimensionType
+    DimensionType (..),
+
+    -- ** DimensionValueOperator
+    DimensionValueOperator (..),
+
+    -- ** DomainConfigurationStatus
+    DomainConfigurationStatus (..),
+
+    -- ** DomainType
+    DomainType (..),
+
+    -- ** DynamicGroupStatus
+    DynamicGroupStatus (..),
+
+    -- ** DynamoKeyType
+    DynamoKeyType (..),
+
+    -- ** EventType
+    EventType (..),
+
+    -- ** FieldType
+    FieldType (..),
+
+    -- ** FleetMetricUnit
+    FleetMetricUnit (..),
+
+    -- ** IndexStatus
+    IndexStatus (..),
+
+    -- ** JobEndBehavior
+    JobEndBehavior (..),
+
+    -- ** JobExecutionFailureType
+    JobExecutionFailureType (..),
+
+    -- ** JobExecutionStatus
+    JobExecutionStatus (..),
+
+    -- ** JobStatus
+    JobStatus (..),
+
+    -- ** LogLevel
+    LogLevel (..),
+
+    -- ** LogTargetType
+    LogTargetType (..),
+
+    -- ** MessageFormat
+    MessageFormat (..),
+
+    -- ** MitigationActionType
+    MitigationActionType (..),
+
+    -- ** ModelStatus
+    ModelStatus (..),
+
+    -- ** NamedShadowIndexingMode
+    NamedShadowIndexingMode (..),
+
+    -- ** OTAUpdateStatus
+    OTAUpdateStatus (..),
+
+    -- ** PolicyTemplateName
+    PolicyTemplateName (..),
+
+    -- ** Protocol
+    Protocol (..),
+
+    -- ** ReportType
+    ReportType (..),
+
+    -- ** ResourceType
+    ResourceType (..),
+
+    -- ** RetryableFailureType
+    RetryableFailureType (..),
+
+    -- ** ServerCertificateStatus
+    ServerCertificateStatus (..),
+
+    -- ** ServiceType
+    ServiceType (..),
+
+    -- ** TargetSelection
+    TargetSelection (..),
+
+    -- ** TaskStatus
+    TaskStatus (..),
+
+    -- ** TemplateType
+    TemplateType (..),
+
+    -- ** ThingConnectivityIndexingMode
+    ThingConnectivityIndexingMode (..),
+
+    -- ** ThingGroupIndexingMode
+    ThingGroupIndexingMode (..),
+
+    -- ** ThingIndexingMode
+    ThingIndexingMode (..),
+
+    -- ** TopicRuleDestinationStatus
+    TopicRuleDestinationStatus (..),
+
+    -- ** VerificationState
+    VerificationState (..),
+
+    -- ** ViolationEventType
+    ViolationEventType (..),
+
+    -- ** AbortConfig
+    AbortConfig (AbortConfig'),
+    newAbortConfig,
+
+    -- ** AbortCriteria
+    AbortCriteria (AbortCriteria'),
+    newAbortCriteria,
+
+    -- ** Action
+    Action (Action'),
+    newAction,
+
+    -- ** ActiveViolation
+    ActiveViolation (ActiveViolation'),
+    newActiveViolation,
+
+    -- ** AddThingsToThingGroupParams
+    AddThingsToThingGroupParams (AddThingsToThingGroupParams'),
+    newAddThingsToThingGroupParams,
+
+    -- ** AggregationType
+    AggregationType (AggregationType'),
+    newAggregationType,
+
+    -- ** AlertTarget
+    AlertTarget (AlertTarget'),
+    newAlertTarget,
+
+    -- ** Allowed
+    Allowed (Allowed'),
+    newAllowed,
+
+    -- ** AssetPropertyTimestamp
+    AssetPropertyTimestamp (AssetPropertyTimestamp'),
+    newAssetPropertyTimestamp,
+
+    -- ** AssetPropertyValue
+    AssetPropertyValue (AssetPropertyValue'),
+    newAssetPropertyValue,
+
+    -- ** AssetPropertyVariant
+    AssetPropertyVariant (AssetPropertyVariant'),
+    newAssetPropertyVariant,
+
+    -- ** AttributePayload
+    AttributePayload (AttributePayload'),
+    newAttributePayload,
+
+    -- ** AuditCheckConfiguration
+    AuditCheckConfiguration (AuditCheckConfiguration'),
+    newAuditCheckConfiguration,
+
+    -- ** AuditCheckDetails
+    AuditCheckDetails (AuditCheckDetails'),
+    newAuditCheckDetails,
+
+    -- ** AuditFinding
+    AuditFinding (AuditFinding'),
+    newAuditFinding,
+
+    -- ** AuditMitigationActionExecutionMetadata
+    AuditMitigationActionExecutionMetadata (AuditMitigationActionExecutionMetadata'),
+    newAuditMitigationActionExecutionMetadata,
+
+    -- ** AuditMitigationActionsTaskMetadata
+    AuditMitigationActionsTaskMetadata (AuditMitigationActionsTaskMetadata'),
+    newAuditMitigationActionsTaskMetadata,
+
+    -- ** AuditMitigationActionsTaskTarget
+    AuditMitigationActionsTaskTarget (AuditMitigationActionsTaskTarget'),
+    newAuditMitigationActionsTaskTarget,
+
+    -- ** AuditNotificationTarget
+    AuditNotificationTarget (AuditNotificationTarget'),
+    newAuditNotificationTarget,
+
+    -- ** AuditSuppression
+    AuditSuppression (AuditSuppression'),
+    newAuditSuppression,
+
+    -- ** AuditTaskMetadata
+    AuditTaskMetadata (AuditTaskMetadata'),
+    newAuditTaskMetadata,
+
+    -- ** AuthInfo
+    AuthInfo (AuthInfo'),
+    newAuthInfo,
+
+    -- ** AuthResult
+    AuthResult (AuthResult'),
+    newAuthResult,
+
+    -- ** AuthorizerConfig
+    AuthorizerConfig (AuthorizerConfig'),
+    newAuthorizerConfig,
+
+    -- ** AuthorizerDescription
+    AuthorizerDescription (AuthorizerDescription'),
+    newAuthorizerDescription,
+
+    -- ** AuthorizerSummary
+    AuthorizerSummary (AuthorizerSummary'),
+    newAuthorizerSummary,
+
+    -- ** AwsJobAbortConfig
+    AwsJobAbortConfig (AwsJobAbortConfig'),
+    newAwsJobAbortConfig,
+
+    -- ** AwsJobAbortCriteria
+    AwsJobAbortCriteria (AwsJobAbortCriteria'),
+    newAwsJobAbortCriteria,
+
+    -- ** AwsJobExecutionsRolloutConfig
+    AwsJobExecutionsRolloutConfig (AwsJobExecutionsRolloutConfig'),
+    newAwsJobExecutionsRolloutConfig,
+
+    -- ** AwsJobExponentialRolloutRate
+    AwsJobExponentialRolloutRate (AwsJobExponentialRolloutRate'),
+    newAwsJobExponentialRolloutRate,
+
+    -- ** AwsJobPresignedUrlConfig
+    AwsJobPresignedUrlConfig (AwsJobPresignedUrlConfig'),
+    newAwsJobPresignedUrlConfig,
+
+    -- ** AwsJobRateIncreaseCriteria
+    AwsJobRateIncreaseCriteria (AwsJobRateIncreaseCriteria'),
+    newAwsJobRateIncreaseCriteria,
+
+    -- ** AwsJobTimeoutConfig
+    AwsJobTimeoutConfig (AwsJobTimeoutConfig'),
+    newAwsJobTimeoutConfig,
+
+    -- ** Behavior
+    Behavior (Behavior'),
+    newBehavior,
+
+    -- ** BehaviorCriteria
+    BehaviorCriteria (BehaviorCriteria'),
+    newBehaviorCriteria,
+
+    -- ** BehaviorModelTrainingSummary
+    BehaviorModelTrainingSummary (BehaviorModelTrainingSummary'),
+    newBehaviorModelTrainingSummary,
+
+    -- ** BillingGroupMetadata
+    BillingGroupMetadata (BillingGroupMetadata'),
+    newBillingGroupMetadata,
+
+    -- ** BillingGroupProperties
+    BillingGroupProperties (BillingGroupProperties'),
+    newBillingGroupProperties,
+
+    -- ** Bucket
+    Bucket (Bucket'),
+    newBucket,
+
+    -- ** BucketsAggregationType
+    BucketsAggregationType (BucketsAggregationType'),
+    newBucketsAggregationType,
+
+    -- ** CACertificate
+    CACertificate (CACertificate'),
+    newCACertificate,
+
+    -- ** CACertificateDescription
+    CACertificateDescription (CACertificateDescription'),
+    newCACertificateDescription,
+
+    -- ** Certificate
+    Certificate (Certificate'),
+    newCertificate,
+
+    -- ** CertificateDescription
+    CertificateDescription (CertificateDescription'),
+    newCertificateDescription,
+
+    -- ** CertificateValidity
+    CertificateValidity (CertificateValidity'),
+    newCertificateValidity,
+
+    -- ** CloudwatchAlarmAction
+    CloudwatchAlarmAction (CloudwatchAlarmAction'),
+    newCloudwatchAlarmAction,
+
+    -- ** CloudwatchLogsAction
+    CloudwatchLogsAction (CloudwatchLogsAction'),
+    newCloudwatchLogsAction,
+
+    -- ** CloudwatchMetricAction
+    CloudwatchMetricAction (CloudwatchMetricAction'),
+    newCloudwatchMetricAction,
+
+    -- ** CodeSigning
+    CodeSigning (CodeSigning'),
+    newCodeSigning,
+
+    -- ** CodeSigningCertificateChain
+    CodeSigningCertificateChain (CodeSigningCertificateChain'),
+    newCodeSigningCertificateChain,
+
+    -- ** CodeSigningSignature
+    CodeSigningSignature (CodeSigningSignature'),
+    newCodeSigningSignature,
+
+    -- ** Configuration
+    Configuration (Configuration'),
+    newConfiguration,
+
+    -- ** CustomCodeSigning
+    CustomCodeSigning (CustomCodeSigning'),
+    newCustomCodeSigning,
+
+    -- ** Denied
+    Denied (Denied'),
+    newDenied,
+
+    -- ** Destination
+    Destination (Destination'),
+    newDestination,
+
+    -- ** DetectMitigationActionExecution
+    DetectMitigationActionExecution (DetectMitigationActionExecution'),
+    newDetectMitigationActionExecution,
+
+    -- ** DetectMitigationActionsTaskStatistics
+    DetectMitigationActionsTaskStatistics (DetectMitigationActionsTaskStatistics'),
+    newDetectMitigationActionsTaskStatistics,
+
+    -- ** DetectMitigationActionsTaskSummary
+    DetectMitigationActionsTaskSummary (DetectMitigationActionsTaskSummary'),
+    newDetectMitigationActionsTaskSummary,
+
+    -- ** DetectMitigationActionsTaskTarget
+    DetectMitigationActionsTaskTarget (DetectMitigationActionsTaskTarget'),
+    newDetectMitigationActionsTaskTarget,
+
+    -- ** DocumentParameter
+    DocumentParameter (DocumentParameter'),
+    newDocumentParameter,
+
+    -- ** DomainConfigurationSummary
+    DomainConfigurationSummary (DomainConfigurationSummary'),
+    newDomainConfigurationSummary,
+
+    -- ** DynamoDBAction
+    DynamoDBAction (DynamoDBAction'),
+    newDynamoDBAction,
+
+    -- ** DynamoDBv2Action
+    DynamoDBv2Action (DynamoDBv2Action'),
+    newDynamoDBv2Action,
+
+    -- ** EffectivePolicy
+    EffectivePolicy (EffectivePolicy'),
+    newEffectivePolicy,
+
+    -- ** ElasticsearchAction
+    ElasticsearchAction (ElasticsearchAction'),
+    newElasticsearchAction,
+
+    -- ** EnableIoTLoggingParams
+    EnableIoTLoggingParams (EnableIoTLoggingParams'),
+    newEnableIoTLoggingParams,
+
+    -- ** ErrorInfo
+    ErrorInfo (ErrorInfo'),
+    newErrorInfo,
+
+    -- ** ExplicitDeny
+    ExplicitDeny (ExplicitDeny'),
+    newExplicitDeny,
+
+    -- ** ExponentialRolloutRate
+    ExponentialRolloutRate (ExponentialRolloutRate'),
+    newExponentialRolloutRate,
+
+    -- ** Field
+    Field (Field'),
+    newField,
+
+    -- ** FileLocation
+    FileLocation (FileLocation'),
+    newFileLocation,
+
+    -- ** FirehoseAction
+    FirehoseAction (FirehoseAction'),
+    newFirehoseAction,
+
+    -- ** FleetMetricNameAndArn
+    FleetMetricNameAndArn (FleetMetricNameAndArn'),
+    newFleetMetricNameAndArn,
+
+    -- ** GroupNameAndArn
+    GroupNameAndArn (GroupNameAndArn'),
+    newGroupNameAndArn,
+
+    -- ** HttpAction
+    HttpAction (HttpAction'),
+    newHttpAction,
+
+    -- ** HttpActionHeader
+    HttpActionHeader (HttpActionHeader'),
+    newHttpActionHeader,
+
+    -- ** HttpAuthorization
+    HttpAuthorization (HttpAuthorization'),
+    newHttpAuthorization,
+
+    -- ** HttpContext
+    HttpContext (HttpContext'),
+    newHttpContext,
+
+    -- ** HttpUrlDestinationConfiguration
+    HttpUrlDestinationConfiguration (HttpUrlDestinationConfiguration'),
+    newHttpUrlDestinationConfiguration,
+
+    -- ** HttpUrlDestinationProperties
+    HttpUrlDestinationProperties (HttpUrlDestinationProperties'),
+    newHttpUrlDestinationProperties,
+
+    -- ** HttpUrlDestinationSummary
+    HttpUrlDestinationSummary (HttpUrlDestinationSummary'),
+    newHttpUrlDestinationSummary,
+
+    -- ** ImplicitDeny
+    ImplicitDeny (ImplicitDeny'),
+    newImplicitDeny,
+
+    -- ** IndexingFilter
+    IndexingFilter (IndexingFilter'),
+    newIndexingFilter,
+
+    -- ** IotAnalyticsAction
+    IotAnalyticsAction (IotAnalyticsAction'),
+    newIotAnalyticsAction,
+
+    -- ** IotEventsAction
+    IotEventsAction (IotEventsAction'),
+    newIotEventsAction,
+
+    -- ** IotSiteWiseAction
+    IotSiteWiseAction (IotSiteWiseAction'),
+    newIotSiteWiseAction,
+
+    -- ** IssuerCertificateIdentifier
+    IssuerCertificateIdentifier (IssuerCertificateIdentifier'),
+    newIssuerCertificateIdentifier,
+
+    -- ** Job
+    Job (Job'),
+    newJob,
+
+    -- ** JobExecution
+    JobExecution (JobExecution'),
+    newJobExecution,
+
+    -- ** JobExecutionStatusDetails
+    JobExecutionStatusDetails (JobExecutionStatusDetails'),
+    newJobExecutionStatusDetails,
+
+    -- ** JobExecutionSummary
+    JobExecutionSummary (JobExecutionSummary'),
+    newJobExecutionSummary,
+
+    -- ** JobExecutionSummaryForJob
+    JobExecutionSummaryForJob (JobExecutionSummaryForJob'),
+    newJobExecutionSummaryForJob,
+
+    -- ** JobExecutionSummaryForThing
+    JobExecutionSummaryForThing (JobExecutionSummaryForThing'),
+    newJobExecutionSummaryForThing,
+
+    -- ** JobExecutionsRetryConfig
+    JobExecutionsRetryConfig (JobExecutionsRetryConfig'),
+    newJobExecutionsRetryConfig,
+
+    -- ** JobExecutionsRolloutConfig
+    JobExecutionsRolloutConfig (JobExecutionsRolloutConfig'),
+    newJobExecutionsRolloutConfig,
+
+    -- ** JobProcessDetails
+    JobProcessDetails (JobProcessDetails'),
+    newJobProcessDetails,
+
+    -- ** JobSummary
+    JobSummary (JobSummary'),
+    newJobSummary,
+
+    -- ** JobTemplateSummary
+    JobTemplateSummary (JobTemplateSummary'),
+    newJobTemplateSummary,
+
+    -- ** KafkaAction
+    KafkaAction (KafkaAction'),
+    newKafkaAction,
+
+    -- ** KeyPair
+    KeyPair (KeyPair'),
+    newKeyPair,
+
+    -- ** KinesisAction
+    KinesisAction (KinesisAction'),
+    newKinesisAction,
+
+    -- ** LambdaAction
+    LambdaAction (LambdaAction'),
+    newLambdaAction,
+
+    -- ** LocationAction
+    LocationAction (LocationAction'),
+    newLocationAction,
+
+    -- ** LocationTimestamp
+    LocationTimestamp (LocationTimestamp'),
+    newLocationTimestamp,
+
+    -- ** LogTarget
+    LogTarget (LogTarget'),
+    newLogTarget,
+
+    -- ** LogTargetConfiguration
+    LogTargetConfiguration (LogTargetConfiguration'),
+    newLogTargetConfiguration,
+
+    -- ** LoggingOptionsPayload
+    LoggingOptionsPayload (LoggingOptionsPayload'),
+    newLoggingOptionsPayload,
+
+    -- ** MachineLearningDetectionConfig
+    MachineLearningDetectionConfig (MachineLearningDetectionConfig'),
+    newMachineLearningDetectionConfig,
+
+    -- ** ManagedJobTemplateSummary
+    ManagedJobTemplateSummary (ManagedJobTemplateSummary'),
+    newManagedJobTemplateSummary,
+
+    -- ** MetricDatum
+    MetricDatum (MetricDatum'),
+    newMetricDatum,
+
+    -- ** MetricDimension
+    MetricDimension (MetricDimension'),
+    newMetricDimension,
+
+    -- ** MetricToRetain
+    MetricToRetain (MetricToRetain'),
+    newMetricToRetain,
+
+    -- ** MetricValue
+    MetricValue (MetricValue'),
+    newMetricValue,
+
+    -- ** MitigationAction
+    MitigationAction (MitigationAction'),
+    newMitigationAction,
+
+    -- ** MitigationActionIdentifier
+    MitigationActionIdentifier (MitigationActionIdentifier'),
+    newMitigationActionIdentifier,
+
+    -- ** MitigationActionParams
+    MitigationActionParams (MitigationActionParams'),
+    newMitigationActionParams,
+
+    -- ** MqttContext
+    MqttContext (MqttContext'),
+    newMqttContext,
+
+    -- ** MqttHeaders
+    MqttHeaders (MqttHeaders'),
+    newMqttHeaders,
+
+    -- ** NonCompliantResource
+    NonCompliantResource (NonCompliantResource'),
+    newNonCompliantResource,
+
+    -- ** OTAUpdateFile
+    OTAUpdateFile (OTAUpdateFile'),
+    newOTAUpdateFile,
+
+    -- ** OTAUpdateInfo
+    OTAUpdateInfo (OTAUpdateInfo'),
+    newOTAUpdateInfo,
+
+    -- ** OTAUpdateSummary
+    OTAUpdateSummary (OTAUpdateSummary'),
+    newOTAUpdateSummary,
+
+    -- ** OpenSearchAction
+    OpenSearchAction (OpenSearchAction'),
+    newOpenSearchAction,
+
+    -- ** OutgoingCertificate
+    OutgoingCertificate (OutgoingCertificate'),
+    newOutgoingCertificate,
+
+    -- ** PercentPair
+    PercentPair (PercentPair'),
+    newPercentPair,
+
+    -- ** Policy
+    Policy (Policy'),
+    newPolicy,
+
+    -- ** PolicyVersion
+    PolicyVersion (PolicyVersion'),
+    newPolicyVersion,
+
+    -- ** PolicyVersionIdentifier
+    PolicyVersionIdentifier (PolicyVersionIdentifier'),
+    newPolicyVersionIdentifier,
+
+    -- ** PresignedUrlConfig
+    PresignedUrlConfig (PresignedUrlConfig'),
+    newPresignedUrlConfig,
+
+    -- ** ProvisioningHook
+    ProvisioningHook (ProvisioningHook'),
+    newProvisioningHook,
+
+    -- ** ProvisioningTemplateSummary
+    ProvisioningTemplateSummary (ProvisioningTemplateSummary'),
+    newProvisioningTemplateSummary,
+
+    -- ** ProvisioningTemplateVersionSummary
+    ProvisioningTemplateVersionSummary (ProvisioningTemplateVersionSummary'),
+    newProvisioningTemplateVersionSummary,
+
+    -- ** PublishFindingToSnsParams
+    PublishFindingToSnsParams (PublishFindingToSnsParams'),
+    newPublishFindingToSnsParams,
+
+    -- ** PutAssetPropertyValueEntry
+    PutAssetPropertyValueEntry (PutAssetPropertyValueEntry'),
+    newPutAssetPropertyValueEntry,
+
+    -- ** PutItemInput
+    PutItemInput (PutItemInput'),
+    newPutItemInput,
+
+    -- ** RateIncreaseCriteria
+    RateIncreaseCriteria (RateIncreaseCriteria'),
+    newRateIncreaseCriteria,
+
+    -- ** RegistrationConfig
+    RegistrationConfig (RegistrationConfig'),
+    newRegistrationConfig,
+
+    -- ** RelatedResource
+    RelatedResource (RelatedResource'),
+    newRelatedResource,
+
+    -- ** ReplaceDefaultPolicyVersionParams
+    ReplaceDefaultPolicyVersionParams (ReplaceDefaultPolicyVersionParams'),
+    newReplaceDefaultPolicyVersionParams,
+
+    -- ** RepublishAction
+    RepublishAction (RepublishAction'),
+    newRepublishAction,
+
+    -- ** ResourceIdentifier
+    ResourceIdentifier (ResourceIdentifier'),
+    newResourceIdentifier,
+
+    -- ** RetryCriteria
+    RetryCriteria (RetryCriteria'),
+    newRetryCriteria,
+
+    -- ** RoleAliasDescription
+    RoleAliasDescription (RoleAliasDescription'),
+    newRoleAliasDescription,
+
+    -- ** S3Action
+    S3Action (S3Action'),
+    newS3Action,
+
+    -- ** S3Destination
+    S3Destination (S3Destination'),
+    newS3Destination,
+
+    -- ** S3Location
+    S3Location (S3Location'),
+    newS3Location,
+
+    -- ** SalesforceAction
+    SalesforceAction (SalesforceAction'),
+    newSalesforceAction,
+
+    -- ** ScheduledAuditMetadata
+    ScheduledAuditMetadata (ScheduledAuditMetadata'),
+    newScheduledAuditMetadata,
+
+    -- ** SchedulingConfig
+    SchedulingConfig (SchedulingConfig'),
+    newSchedulingConfig,
+
+    -- ** SecurityProfileIdentifier
+    SecurityProfileIdentifier (SecurityProfileIdentifier'),
+    newSecurityProfileIdentifier,
+
+    -- ** SecurityProfileTarget
+    SecurityProfileTarget (SecurityProfileTarget'),
+    newSecurityProfileTarget,
+
+    -- ** SecurityProfileTargetMapping
+    SecurityProfileTargetMapping (SecurityProfileTargetMapping'),
+    newSecurityProfileTargetMapping,
+
+    -- ** ServerCertificateSummary
+    ServerCertificateSummary (ServerCertificateSummary'),
+    newServerCertificateSummary,
+
+    -- ** SigV4Authorization
+    SigV4Authorization (SigV4Authorization'),
+    newSigV4Authorization,
+
+    -- ** SigningProfileParameter
+    SigningProfileParameter (SigningProfileParameter'),
+    newSigningProfileParameter,
+
+    -- ** SnsAction
+    SnsAction (SnsAction'),
+    newSnsAction,
+
+    -- ** SqsAction
+    SqsAction (SqsAction'),
+    newSqsAction,
+
+    -- ** StartSigningJobParameter
+    StartSigningJobParameter (StartSigningJobParameter'),
+    newStartSigningJobParameter,
+
+    -- ** StatisticalThreshold
+    StatisticalThreshold (StatisticalThreshold'),
+    newStatisticalThreshold,
+
+    -- ** Statistics
+    Statistics (Statistics'),
+    newStatistics,
+
+    -- ** StepFunctionsAction
+    StepFunctionsAction (StepFunctionsAction'),
+    newStepFunctionsAction,
+
+    -- ** Stream
+    Stream (Stream'),
+    newStream,
+
+    -- ** StreamFile
+    StreamFile (StreamFile'),
+    newStreamFile,
+
+    -- ** StreamInfo
+    StreamInfo (StreamInfo'),
+    newStreamInfo,
+
+    -- ** StreamSummary
+    StreamSummary (StreamSummary'),
+    newStreamSummary,
+
+    -- ** Tag
+    Tag (Tag'),
+    newTag,
+
+    -- ** TaskStatistics
+    TaskStatistics (TaskStatistics'),
+    newTaskStatistics,
+
+    -- ** TaskStatisticsForAuditCheck
+    TaskStatisticsForAuditCheck (TaskStatisticsForAuditCheck'),
+    newTaskStatisticsForAuditCheck,
+
+    -- ** TermsAggregation
+    TermsAggregation (TermsAggregation'),
+    newTermsAggregation,
+
+    -- ** ThingAttribute
+    ThingAttribute (ThingAttribute'),
+    newThingAttribute,
+
+    -- ** ThingConnectivity
+    ThingConnectivity (ThingConnectivity'),
+    newThingConnectivity,
+
+    -- ** ThingDocument
+    ThingDocument (ThingDocument'),
+    newThingDocument,
+
+    -- ** ThingGroupDocument
+    ThingGroupDocument (ThingGroupDocument'),
+    newThingGroupDocument,
+
+    -- ** ThingGroupIndexingConfiguration
+    ThingGroupIndexingConfiguration (ThingGroupIndexingConfiguration'),
+    newThingGroupIndexingConfiguration,
+
+    -- ** ThingGroupMetadata
+    ThingGroupMetadata (ThingGroupMetadata'),
+    newThingGroupMetadata,
+
+    -- ** ThingGroupProperties
+    ThingGroupProperties (ThingGroupProperties'),
+    newThingGroupProperties,
+
+    -- ** ThingIndexingConfiguration
+    ThingIndexingConfiguration (ThingIndexingConfiguration'),
+    newThingIndexingConfiguration,
+
+    -- ** ThingTypeDefinition
+    ThingTypeDefinition (ThingTypeDefinition'),
+    newThingTypeDefinition,
+
+    -- ** ThingTypeMetadata
+    ThingTypeMetadata (ThingTypeMetadata'),
+    newThingTypeMetadata,
+
+    -- ** ThingTypeProperties
+    ThingTypeProperties (ThingTypeProperties'),
+    newThingTypeProperties,
+
+    -- ** TimeoutConfig
+    TimeoutConfig (TimeoutConfig'),
+    newTimeoutConfig,
+
+    -- ** TimestreamAction
+    TimestreamAction (TimestreamAction'),
+    newTimestreamAction,
+
+    -- ** TimestreamDimension
+    TimestreamDimension (TimestreamDimension'),
+    newTimestreamDimension,
+
+    -- ** TimestreamTimestamp
+    TimestreamTimestamp (TimestreamTimestamp'),
+    newTimestreamTimestamp,
+
+    -- ** TlsContext
+    TlsContext (TlsContext'),
+    newTlsContext,
+
+    -- ** TopicRule
+    TopicRule (TopicRule'),
+    newTopicRule,
+
+    -- ** TopicRuleDestination
+    TopicRuleDestination (TopicRuleDestination'),
+    newTopicRuleDestination,
+
+    -- ** TopicRuleDestinationConfiguration
+    TopicRuleDestinationConfiguration (TopicRuleDestinationConfiguration'),
+    newTopicRuleDestinationConfiguration,
+
+    -- ** TopicRuleDestinationSummary
+    TopicRuleDestinationSummary (TopicRuleDestinationSummary'),
+    newTopicRuleDestinationSummary,
+
+    -- ** TopicRuleListItem
+    TopicRuleListItem (TopicRuleListItem'),
+    newTopicRuleListItem,
+
+    -- ** TopicRulePayload
+    TopicRulePayload (TopicRulePayload'),
+    newTopicRulePayload,
+
+    -- ** TransferData
+    TransferData (TransferData'),
+    newTransferData,
+
+    -- ** UpdateCACertificateParams
+    UpdateCACertificateParams (UpdateCACertificateParams'),
+    newUpdateCACertificateParams,
+
+    -- ** UpdateDeviceCertificateParams
+    UpdateDeviceCertificateParams (UpdateDeviceCertificateParams'),
+    newUpdateDeviceCertificateParams,
+
+    -- ** UserProperty
+    UserProperty (UserProperty'),
+    newUserProperty,
+
+    -- ** ValidationError
+    ValidationError (ValidationError'),
+    newValidationError,
+
+    -- ** ViolationEvent
+    ViolationEvent (ViolationEvent'),
+    newViolationEvent,
+
+    -- ** ViolationEventAdditionalInfo
+    ViolationEventAdditionalInfo (ViolationEventAdditionalInfo'),
+    newViolationEventAdditionalInfo,
+
+    -- ** ViolationEventOccurrenceRange
+    ViolationEventOccurrenceRange (ViolationEventOccurrenceRange'),
+    newViolationEventOccurrenceRange,
+
+    -- ** VpcDestinationConfiguration
+    VpcDestinationConfiguration (VpcDestinationConfiguration'),
+    newVpcDestinationConfiguration,
+
+    -- ** VpcDestinationProperties
+    VpcDestinationProperties (VpcDestinationProperties'),
+    newVpcDestinationProperties,
+
+    -- ** VpcDestinationSummary
+    VpcDestinationSummary (VpcDestinationSummary'),
+    newVpcDestinationSummary,
+  )
+where
+
+import Amazonka.IoT.AcceptCertificateTransfer
+import Amazonka.IoT.AddThingToBillingGroup
+import Amazonka.IoT.AddThingToThingGroup
+import Amazonka.IoT.AssociateTargetsWithJob
+import Amazonka.IoT.AttachPolicy
+import Amazonka.IoT.AttachSecurityProfile
+import Amazonka.IoT.AttachThingPrincipal
+import Amazonka.IoT.CancelAuditMitigationActionsTask
+import Amazonka.IoT.CancelAuditTask
+import Amazonka.IoT.CancelCertificateTransfer
+import Amazonka.IoT.CancelDetectMitigationActionsTask
+import Amazonka.IoT.CancelJob
+import Amazonka.IoT.CancelJobExecution
+import Amazonka.IoT.ClearDefaultAuthorizer
+import Amazonka.IoT.ConfirmTopicRuleDestination
+import Amazonka.IoT.CreateAuditSuppression
+import Amazonka.IoT.CreateAuthorizer
+import Amazonka.IoT.CreateBillingGroup
+import Amazonka.IoT.CreateCertificateFromCsr
+import Amazonka.IoT.CreateCustomMetric
+import Amazonka.IoT.CreateDimension
+import Amazonka.IoT.CreateDomainConfiguration
+import Amazonka.IoT.CreateDynamicThingGroup
+import Amazonka.IoT.CreateFleetMetric
+import Amazonka.IoT.CreateJob
+import Amazonka.IoT.CreateJobTemplate
+import Amazonka.IoT.CreateKeysAndCertificate
+import Amazonka.IoT.CreateMitigationAction
+import Amazonka.IoT.CreateOTAUpdate
+import Amazonka.IoT.CreatePolicy
+import Amazonka.IoT.CreatePolicyVersion
+import Amazonka.IoT.CreateProvisioningClaim
+import Amazonka.IoT.CreateProvisioningTemplate
+import Amazonka.IoT.CreateProvisioningTemplateVersion
+import Amazonka.IoT.CreateRoleAlias
+import Amazonka.IoT.CreateScheduledAudit
+import Amazonka.IoT.CreateSecurityProfile
+import Amazonka.IoT.CreateStream
+import Amazonka.IoT.CreateThing
+import Amazonka.IoT.CreateThingGroup
+import Amazonka.IoT.CreateThingType
+import Amazonka.IoT.CreateTopicRule
+import Amazonka.IoT.CreateTopicRuleDestination
+import Amazonka.IoT.DeleteAccountAuditConfiguration
+import Amazonka.IoT.DeleteAuditSuppression
+import Amazonka.IoT.DeleteAuthorizer
+import Amazonka.IoT.DeleteBillingGroup
+import Amazonka.IoT.DeleteCACertificate
+import Amazonka.IoT.DeleteCertificate
+import Amazonka.IoT.DeleteCustomMetric
+import Amazonka.IoT.DeleteDimension
+import Amazonka.IoT.DeleteDomainConfiguration
+import Amazonka.IoT.DeleteDynamicThingGroup
+import Amazonka.IoT.DeleteFleetMetric
+import Amazonka.IoT.DeleteJob
+import Amazonka.IoT.DeleteJobExecution
+import Amazonka.IoT.DeleteJobTemplate
+import Amazonka.IoT.DeleteMitigationAction
+import Amazonka.IoT.DeleteOTAUpdate
+import Amazonka.IoT.DeletePolicy
+import Amazonka.IoT.DeletePolicyVersion
+import Amazonka.IoT.DeleteProvisioningTemplate
+import Amazonka.IoT.DeleteProvisioningTemplateVersion
+import Amazonka.IoT.DeleteRegistrationCode
+import Amazonka.IoT.DeleteRoleAlias
+import Amazonka.IoT.DeleteScheduledAudit
+import Amazonka.IoT.DeleteSecurityProfile
+import Amazonka.IoT.DeleteStream
+import Amazonka.IoT.DeleteThing
+import Amazonka.IoT.DeleteThingGroup
+import Amazonka.IoT.DeleteThingType
+import Amazonka.IoT.DeleteTopicRule
+import Amazonka.IoT.DeleteTopicRuleDestination
+import Amazonka.IoT.DeleteV2LoggingLevel
+import Amazonka.IoT.DeprecateThingType
+import Amazonka.IoT.DescribeAccountAuditConfiguration
+import Amazonka.IoT.DescribeAuditFinding
+import Amazonka.IoT.DescribeAuditMitigationActionsTask
+import Amazonka.IoT.DescribeAuditSuppression
+import Amazonka.IoT.DescribeAuditTask
+import Amazonka.IoT.DescribeAuthorizer
+import Amazonka.IoT.DescribeBillingGroup
+import Amazonka.IoT.DescribeCACertificate
+import Amazonka.IoT.DescribeCertificate
+import Amazonka.IoT.DescribeCustomMetric
+import Amazonka.IoT.DescribeDefaultAuthorizer
+import Amazonka.IoT.DescribeDetectMitigationActionsTask
+import Amazonka.IoT.DescribeDimension
+import Amazonka.IoT.DescribeDomainConfiguration
+import Amazonka.IoT.DescribeEndpoint
+import Amazonka.IoT.DescribeEventConfigurations
+import Amazonka.IoT.DescribeFleetMetric
+import Amazonka.IoT.DescribeIndex
+import Amazonka.IoT.DescribeJob
+import Amazonka.IoT.DescribeJobExecution
+import Amazonka.IoT.DescribeJobTemplate
+import Amazonka.IoT.DescribeManagedJobTemplate
+import Amazonka.IoT.DescribeMitigationAction
+import Amazonka.IoT.DescribeProvisioningTemplate
+import Amazonka.IoT.DescribeProvisioningTemplateVersion
+import Amazonka.IoT.DescribeRoleAlias
+import Amazonka.IoT.DescribeScheduledAudit
+import Amazonka.IoT.DescribeSecurityProfile
+import Amazonka.IoT.DescribeStream
+import Amazonka.IoT.DescribeThing
+import Amazonka.IoT.DescribeThingGroup
+import Amazonka.IoT.DescribeThingRegistrationTask
+import Amazonka.IoT.DescribeThingType
+import Amazonka.IoT.DetachPolicy
+import Amazonka.IoT.DetachSecurityProfile
+import Amazonka.IoT.DetachThingPrincipal
+import Amazonka.IoT.DisableTopicRule
+import Amazonka.IoT.EnableTopicRule
+import Amazonka.IoT.GetBehaviorModelTrainingSummaries
+import Amazonka.IoT.GetBucketsAggregation
+import Amazonka.IoT.GetCardinality
+import Amazonka.IoT.GetEffectivePolicies
+import Amazonka.IoT.GetIndexingConfiguration
+import Amazonka.IoT.GetJobDocument
+import Amazonka.IoT.GetLoggingOptions
+import Amazonka.IoT.GetOTAUpdate
+import Amazonka.IoT.GetPercentiles
+import Amazonka.IoT.GetPolicy
+import Amazonka.IoT.GetPolicyVersion
+import Amazonka.IoT.GetRegistrationCode
+import Amazonka.IoT.GetStatistics
+import Amazonka.IoT.GetTopicRule
+import Amazonka.IoT.GetTopicRuleDestination
+import Amazonka.IoT.GetV2LoggingOptions
+import Amazonka.IoT.Lens
+import Amazonka.IoT.ListActiveViolations
+import Amazonka.IoT.ListAttachedPolicies
+import Amazonka.IoT.ListAuditFindings
+import Amazonka.IoT.ListAuditMitigationActionsExecutions
+import Amazonka.IoT.ListAuditMitigationActionsTasks
+import Amazonka.IoT.ListAuditSuppressions
+import Amazonka.IoT.ListAuditTasks
+import Amazonka.IoT.ListAuthorizers
+import Amazonka.IoT.ListBillingGroups
+import Amazonka.IoT.ListCACertificates
+import Amazonka.IoT.ListCertificates
+import Amazonka.IoT.ListCertificatesByCA
+import Amazonka.IoT.ListCustomMetrics
+import Amazonka.IoT.ListDetectMitigationActionsExecutions
+import Amazonka.IoT.ListDetectMitigationActionsTasks
+import Amazonka.IoT.ListDimensions
+import Amazonka.IoT.ListDomainConfigurations
+import Amazonka.IoT.ListFleetMetrics
+import Amazonka.IoT.ListIndices
+import Amazonka.IoT.ListJobExecutionsForJob
+import Amazonka.IoT.ListJobExecutionsForThing
+import Amazonka.IoT.ListJobTemplates
+import Amazonka.IoT.ListJobs
+import Amazonka.IoT.ListManagedJobTemplates
+import Amazonka.IoT.ListMetricValues
+import Amazonka.IoT.ListMitigationActions
+import Amazonka.IoT.ListOTAUpdates
+import Amazonka.IoT.ListOutgoingCertificates
+import Amazonka.IoT.ListPolicies
+import Amazonka.IoT.ListPolicyVersions
+import Amazonka.IoT.ListPrincipalThings
+import Amazonka.IoT.ListProvisioningTemplateVersions
+import Amazonka.IoT.ListProvisioningTemplates
+import Amazonka.IoT.ListRelatedResourcesForAuditFinding
+import Amazonka.IoT.ListRoleAliases
+import Amazonka.IoT.ListScheduledAudits
+import Amazonka.IoT.ListSecurityProfiles
+import Amazonka.IoT.ListSecurityProfilesForTarget
+import Amazonka.IoT.ListStreams
+import Amazonka.IoT.ListTagsForResource
+import Amazonka.IoT.ListTargetsForPolicy
+import Amazonka.IoT.ListTargetsForSecurityProfile
+import Amazonka.IoT.ListThingGroups
+import Amazonka.IoT.ListThingGroupsForThing
+import Amazonka.IoT.ListThingPrincipals
+import Amazonka.IoT.ListThingRegistrationTaskReports
+import Amazonka.IoT.ListThingRegistrationTasks
+import Amazonka.IoT.ListThingTypes
+import Amazonka.IoT.ListThings
+import Amazonka.IoT.ListThingsInBillingGroup
+import Amazonka.IoT.ListThingsInThingGroup
+import Amazonka.IoT.ListTopicRuleDestinations
+import Amazonka.IoT.ListTopicRules
+import Amazonka.IoT.ListV2LoggingLevels
+import Amazonka.IoT.ListViolationEvents
+import Amazonka.IoT.PutVerificationStateOnViolation
+import Amazonka.IoT.RegisterCACertificate
+import Amazonka.IoT.RegisterCertificate
+import Amazonka.IoT.RegisterCertificateWithoutCA
+import Amazonka.IoT.RegisterThing
+import Amazonka.IoT.RejectCertificateTransfer
+import Amazonka.IoT.RemoveThingFromBillingGroup
+import Amazonka.IoT.RemoveThingFromThingGroup
+import Amazonka.IoT.ReplaceTopicRule
+import Amazonka.IoT.SearchIndex
+import Amazonka.IoT.SetDefaultAuthorizer
+import Amazonka.IoT.SetDefaultPolicyVersion
+import Amazonka.IoT.SetLoggingOptions
+import Amazonka.IoT.SetV2LoggingLevel
+import Amazonka.IoT.SetV2LoggingOptions
+import Amazonka.IoT.StartAuditMitigationActionsTask
+import Amazonka.IoT.StartDetectMitigationActionsTask
+import Amazonka.IoT.StartOnDemandAuditTask
+import Amazonka.IoT.StartThingRegistrationTask
+import Amazonka.IoT.StopThingRegistrationTask
+import Amazonka.IoT.TagResource
+import Amazonka.IoT.TestAuthorization
+import Amazonka.IoT.TestInvokeAuthorizer
+import Amazonka.IoT.TransferCertificate
+import Amazonka.IoT.Types
+import Amazonka.IoT.UntagResource
+import Amazonka.IoT.UpdateAccountAuditConfiguration
+import Amazonka.IoT.UpdateAuditSuppression
+import Amazonka.IoT.UpdateAuthorizer
+import Amazonka.IoT.UpdateBillingGroup
+import Amazonka.IoT.UpdateCACertificate
+import Amazonka.IoT.UpdateCertificate
+import Amazonka.IoT.UpdateCustomMetric
+import Amazonka.IoT.UpdateDimension
+import Amazonka.IoT.UpdateDomainConfiguration
+import Amazonka.IoT.UpdateDynamicThingGroup
+import Amazonka.IoT.UpdateEventConfigurations
+import Amazonka.IoT.UpdateFleetMetric
+import Amazonka.IoT.UpdateIndexingConfiguration
+import Amazonka.IoT.UpdateJob
+import Amazonka.IoT.UpdateMitigationAction
+import Amazonka.IoT.UpdateProvisioningTemplate
+import Amazonka.IoT.UpdateRoleAlias
+import Amazonka.IoT.UpdateScheduledAudit
+import Amazonka.IoT.UpdateSecurityProfile
+import Amazonka.IoT.UpdateStream
+import Amazonka.IoT.UpdateThing
+import Amazonka.IoT.UpdateThingGroup
+import Amazonka.IoT.UpdateThingGroupsForThing
+import Amazonka.IoT.UpdateTopicRuleDestination
+import Amazonka.IoT.ValidateSecurityProfileBehaviors
+import Amazonka.IoT.Waiters
+
+-- $errors
+-- Error matchers are designed for use with the functions provided by
+-- <http://hackage.haskell.org/package/lens/docs/Control-Exception-Lens.html Control.Exception.Lens>.
+-- This allows catching (and rethrowing) service specific errors returned
+-- by 'IoT'.
+
+-- $operations
+-- Some AWS operations return results that are incomplete and require subsequent
+-- requests in order to obtain the entire result set. The process of sending
+-- subsequent requests to continue where a previous request left off is called
+-- pagination. For example, the 'ListObjects' operation of Amazon S3 returns up to
+-- 1000 objects at a time, and you must send subsequent requests with the
+-- appropriate Marker in order to retrieve the next page of results.
+--
+-- Operations that have an 'AWSPager' instance can transparently perform subsequent
+-- requests, correctly setting Markers and other request facets to iterate through
+-- the entire result set of a truncated API operation. Operations which support
+-- this have an additional note in the documentation.
+--
+-- Many operations have the ability to filter results on the server side. See the
+-- individual operation parameters for details.
+
+-- $waiters
+-- Waiters poll by repeatedly sending a request until some remote success condition
+-- configured by the 'Wait' specification is fulfilled. The 'Wait' specification
+-- determines how many attempts should be made, in addition to delay and retry strategies.
diff --git a/gen/Amazonka/IoT/AcceptCertificateTransfer.hs b/gen/Amazonka/IoT/AcceptCertificateTransfer.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/AcceptCertificateTransfer.hs
@@ -0,0 +1,156 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.AcceptCertificateTransfer
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Accepts a pending certificate transfer. The default state of the
+-- certificate is INACTIVE.
+--
+-- To check for pending certificate transfers, call ListCertificates to
+-- enumerate your certificates.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions AcceptCertificateTransfer>
+-- action.
+module Amazonka.IoT.AcceptCertificateTransfer
+  ( -- * Creating a Request
+    AcceptCertificateTransfer (..),
+    newAcceptCertificateTransfer,
+
+    -- * Request Lenses
+    acceptCertificateTransfer_setAsActive,
+    acceptCertificateTransfer_certificateId,
+
+    -- * Destructuring the Response
+    AcceptCertificateTransferResponse (..),
+    newAcceptCertificateTransferResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the AcceptCertificateTransfer operation.
+--
+-- /See:/ 'newAcceptCertificateTransfer' smart constructor.
+data AcceptCertificateTransfer = AcceptCertificateTransfer'
+  { -- | Specifies whether the certificate is active.
+    setAsActive :: Prelude.Maybe Prelude.Bool,
+    -- | The ID of the certificate. (The last part of the certificate ARN
+    -- contains the certificate ID.)
+    certificateId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AcceptCertificateTransfer' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'setAsActive', 'acceptCertificateTransfer_setAsActive' - Specifies whether the certificate is active.
+--
+-- 'certificateId', 'acceptCertificateTransfer_certificateId' - The ID of the certificate. (The last part of the certificate ARN
+-- contains the certificate ID.)
+newAcceptCertificateTransfer ::
+  -- | 'certificateId'
+  Prelude.Text ->
+  AcceptCertificateTransfer
+newAcceptCertificateTransfer pCertificateId_ =
+  AcceptCertificateTransfer'
+    { setAsActive =
+        Prelude.Nothing,
+      certificateId = pCertificateId_
+    }
+
+-- | Specifies whether the certificate is active.
+acceptCertificateTransfer_setAsActive :: Lens.Lens' AcceptCertificateTransfer (Prelude.Maybe Prelude.Bool)
+acceptCertificateTransfer_setAsActive = Lens.lens (\AcceptCertificateTransfer' {setAsActive} -> setAsActive) (\s@AcceptCertificateTransfer' {} a -> s {setAsActive = a} :: AcceptCertificateTransfer)
+
+-- | The ID of the certificate. (The last part of the certificate ARN
+-- contains the certificate ID.)
+acceptCertificateTransfer_certificateId :: Lens.Lens' AcceptCertificateTransfer Prelude.Text
+acceptCertificateTransfer_certificateId = Lens.lens (\AcceptCertificateTransfer' {certificateId} -> certificateId) (\s@AcceptCertificateTransfer' {} a -> s {certificateId = a} :: AcceptCertificateTransfer)
+
+instance Core.AWSRequest AcceptCertificateTransfer where
+  type
+    AWSResponse AcceptCertificateTransfer =
+      AcceptCertificateTransferResponse
+  request overrides =
+    Request.patchJSON (overrides defaultService)
+  response =
+    Response.receiveNull
+      AcceptCertificateTransferResponse'
+
+instance Prelude.Hashable AcceptCertificateTransfer where
+  hashWithSalt _salt AcceptCertificateTransfer' {..} =
+    _salt
+      `Prelude.hashWithSalt` setAsActive
+      `Prelude.hashWithSalt` certificateId
+
+instance Prelude.NFData AcceptCertificateTransfer where
+  rnf AcceptCertificateTransfer' {..} =
+    Prelude.rnf setAsActive
+      `Prelude.seq` Prelude.rnf certificateId
+
+instance Data.ToHeaders AcceptCertificateTransfer where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON AcceptCertificateTransfer where
+  toJSON = Prelude.const (Data.Object Prelude.mempty)
+
+instance Data.ToPath AcceptCertificateTransfer where
+  toPath AcceptCertificateTransfer' {..} =
+    Prelude.mconcat
+      [ "/accept-certificate-transfer/",
+        Data.toBS certificateId
+      ]
+
+instance Data.ToQuery AcceptCertificateTransfer where
+  toQuery AcceptCertificateTransfer' {..} =
+    Prelude.mconcat ["setAsActive" Data.=: setAsActive]
+
+-- | /See:/ 'newAcceptCertificateTransferResponse' smart constructor.
+data AcceptCertificateTransferResponse = AcceptCertificateTransferResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AcceptCertificateTransferResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newAcceptCertificateTransferResponse ::
+  AcceptCertificateTransferResponse
+newAcceptCertificateTransferResponse =
+  AcceptCertificateTransferResponse'
+
+instance
+  Prelude.NFData
+    AcceptCertificateTransferResponse
+  where
+  rnf _ = ()
diff --git a/gen/Amazonka/IoT/AddThingToBillingGroup.hs b/gen/Amazonka/IoT/AddThingToBillingGroup.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/AddThingToBillingGroup.hs
@@ -0,0 +1,207 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.AddThingToBillingGroup
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Adds a thing to a billing group.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions AddThingToBillingGroup>
+-- action.
+module Amazonka.IoT.AddThingToBillingGroup
+  ( -- * Creating a Request
+    AddThingToBillingGroup (..),
+    newAddThingToBillingGroup,
+
+    -- * Request Lenses
+    addThingToBillingGroup_billingGroupArn,
+    addThingToBillingGroup_billingGroupName,
+    addThingToBillingGroup_thingArn,
+    addThingToBillingGroup_thingName,
+
+    -- * Destructuring the Response
+    AddThingToBillingGroupResponse (..),
+    newAddThingToBillingGroupResponse,
+
+    -- * Response Lenses
+    addThingToBillingGroupResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newAddThingToBillingGroup' smart constructor.
+data AddThingToBillingGroup = AddThingToBillingGroup'
+  { -- | The ARN of the billing group.
+    billingGroupArn :: Prelude.Maybe Prelude.Text,
+    -- | The name of the billing group.
+    --
+    -- This call is asynchronous. It might take several seconds for the
+    -- detachment to propagate.
+    billingGroupName :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the thing to be added to the billing group.
+    thingArn :: Prelude.Maybe Prelude.Text,
+    -- | The name of the thing to be added to the billing group.
+    thingName :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AddThingToBillingGroup' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'billingGroupArn', 'addThingToBillingGroup_billingGroupArn' - The ARN of the billing group.
+--
+-- 'billingGroupName', 'addThingToBillingGroup_billingGroupName' - The name of the billing group.
+--
+-- This call is asynchronous. It might take several seconds for the
+-- detachment to propagate.
+--
+-- 'thingArn', 'addThingToBillingGroup_thingArn' - The ARN of the thing to be added to the billing group.
+--
+-- 'thingName', 'addThingToBillingGroup_thingName' - The name of the thing to be added to the billing group.
+newAddThingToBillingGroup ::
+  AddThingToBillingGroup
+newAddThingToBillingGroup =
+  AddThingToBillingGroup'
+    { billingGroupArn =
+        Prelude.Nothing,
+      billingGroupName = Prelude.Nothing,
+      thingArn = Prelude.Nothing,
+      thingName = Prelude.Nothing
+    }
+
+-- | The ARN of the billing group.
+addThingToBillingGroup_billingGroupArn :: Lens.Lens' AddThingToBillingGroup (Prelude.Maybe Prelude.Text)
+addThingToBillingGroup_billingGroupArn = Lens.lens (\AddThingToBillingGroup' {billingGroupArn} -> billingGroupArn) (\s@AddThingToBillingGroup' {} a -> s {billingGroupArn = a} :: AddThingToBillingGroup)
+
+-- | The name of the billing group.
+--
+-- This call is asynchronous. It might take several seconds for the
+-- detachment to propagate.
+addThingToBillingGroup_billingGroupName :: Lens.Lens' AddThingToBillingGroup (Prelude.Maybe Prelude.Text)
+addThingToBillingGroup_billingGroupName = Lens.lens (\AddThingToBillingGroup' {billingGroupName} -> billingGroupName) (\s@AddThingToBillingGroup' {} a -> s {billingGroupName = a} :: AddThingToBillingGroup)
+
+-- | The ARN of the thing to be added to the billing group.
+addThingToBillingGroup_thingArn :: Lens.Lens' AddThingToBillingGroup (Prelude.Maybe Prelude.Text)
+addThingToBillingGroup_thingArn = Lens.lens (\AddThingToBillingGroup' {thingArn} -> thingArn) (\s@AddThingToBillingGroup' {} a -> s {thingArn = a} :: AddThingToBillingGroup)
+
+-- | The name of the thing to be added to the billing group.
+addThingToBillingGroup_thingName :: Lens.Lens' AddThingToBillingGroup (Prelude.Maybe Prelude.Text)
+addThingToBillingGroup_thingName = Lens.lens (\AddThingToBillingGroup' {thingName} -> thingName) (\s@AddThingToBillingGroup' {} a -> s {thingName = a} :: AddThingToBillingGroup)
+
+instance Core.AWSRequest AddThingToBillingGroup where
+  type
+    AWSResponse AddThingToBillingGroup =
+      AddThingToBillingGroupResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          AddThingToBillingGroupResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable AddThingToBillingGroup where
+  hashWithSalt _salt AddThingToBillingGroup' {..} =
+    _salt
+      `Prelude.hashWithSalt` billingGroupArn
+      `Prelude.hashWithSalt` billingGroupName
+      `Prelude.hashWithSalt` thingArn
+      `Prelude.hashWithSalt` thingName
+
+instance Prelude.NFData AddThingToBillingGroup where
+  rnf AddThingToBillingGroup' {..} =
+    Prelude.rnf billingGroupArn
+      `Prelude.seq` Prelude.rnf billingGroupName
+      `Prelude.seq` Prelude.rnf thingArn
+      `Prelude.seq` Prelude.rnf thingName
+
+instance Data.ToHeaders AddThingToBillingGroup where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON AddThingToBillingGroup where
+  toJSON AddThingToBillingGroup' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("billingGroupArn" Data..=)
+              Prelude.<$> billingGroupArn,
+            ("billingGroupName" Data..=)
+              Prelude.<$> billingGroupName,
+            ("thingArn" Data..=) Prelude.<$> thingArn,
+            ("thingName" Data..=) Prelude.<$> thingName
+          ]
+      )
+
+instance Data.ToPath AddThingToBillingGroup where
+  toPath =
+    Prelude.const
+      "/billing-groups/addThingToBillingGroup"
+
+instance Data.ToQuery AddThingToBillingGroup where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newAddThingToBillingGroupResponse' smart constructor.
+data AddThingToBillingGroupResponse = AddThingToBillingGroupResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AddThingToBillingGroupResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'addThingToBillingGroupResponse_httpStatus' - The response's http status code.
+newAddThingToBillingGroupResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  AddThingToBillingGroupResponse
+newAddThingToBillingGroupResponse pHttpStatus_ =
+  AddThingToBillingGroupResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+addThingToBillingGroupResponse_httpStatus :: Lens.Lens' AddThingToBillingGroupResponse Prelude.Int
+addThingToBillingGroupResponse_httpStatus = Lens.lens (\AddThingToBillingGroupResponse' {httpStatus} -> httpStatus) (\s@AddThingToBillingGroupResponse' {} a -> s {httpStatus = a} :: AddThingToBillingGroupResponse)
+
+instance
+  Prelude.NFData
+    AddThingToBillingGroupResponse
+  where
+  rnf AddThingToBillingGroupResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/AddThingToThingGroup.hs b/gen/Amazonka/IoT/AddThingToThingGroup.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/AddThingToThingGroup.hs
@@ -0,0 +1,216 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.AddThingToThingGroup
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Adds a thing to a thing group.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions AddThingToThingGroup>
+-- action.
+module Amazonka.IoT.AddThingToThingGroup
+  ( -- * Creating a Request
+    AddThingToThingGroup (..),
+    newAddThingToThingGroup,
+
+    -- * Request Lenses
+    addThingToThingGroup_overrideDynamicGroups,
+    addThingToThingGroup_thingArn,
+    addThingToThingGroup_thingGroupArn,
+    addThingToThingGroup_thingGroupName,
+    addThingToThingGroup_thingName,
+
+    -- * Destructuring the Response
+    AddThingToThingGroupResponse (..),
+    newAddThingToThingGroupResponse,
+
+    -- * Response Lenses
+    addThingToThingGroupResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newAddThingToThingGroup' smart constructor.
+data AddThingToThingGroup = AddThingToThingGroup'
+  { -- | Override dynamic thing groups with static thing groups when 10-group
+    -- limit is reached. If a thing belongs to 10 thing groups, and one or more
+    -- of those groups are dynamic thing groups, adding a thing to a static
+    -- group removes the thing from the last dynamic group.
+    overrideDynamicGroups :: Prelude.Maybe Prelude.Bool,
+    -- | The ARN of the thing to add to a group.
+    thingArn :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the group to which you are adding a thing.
+    thingGroupArn :: Prelude.Maybe Prelude.Text,
+    -- | The name of the group to which you are adding a thing.
+    thingGroupName :: Prelude.Maybe Prelude.Text,
+    -- | The name of the thing to add to a group.
+    thingName :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AddThingToThingGroup' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'overrideDynamicGroups', 'addThingToThingGroup_overrideDynamicGroups' - Override dynamic thing groups with static thing groups when 10-group
+-- limit is reached. If a thing belongs to 10 thing groups, and one or more
+-- of those groups are dynamic thing groups, adding a thing to a static
+-- group removes the thing from the last dynamic group.
+--
+-- 'thingArn', 'addThingToThingGroup_thingArn' - The ARN of the thing to add to a group.
+--
+-- 'thingGroupArn', 'addThingToThingGroup_thingGroupArn' - The ARN of the group to which you are adding a thing.
+--
+-- 'thingGroupName', 'addThingToThingGroup_thingGroupName' - The name of the group to which you are adding a thing.
+--
+-- 'thingName', 'addThingToThingGroup_thingName' - The name of the thing to add to a group.
+newAddThingToThingGroup ::
+  AddThingToThingGroup
+newAddThingToThingGroup =
+  AddThingToThingGroup'
+    { overrideDynamicGroups =
+        Prelude.Nothing,
+      thingArn = Prelude.Nothing,
+      thingGroupArn = Prelude.Nothing,
+      thingGroupName = Prelude.Nothing,
+      thingName = Prelude.Nothing
+    }
+
+-- | Override dynamic thing groups with static thing groups when 10-group
+-- limit is reached. If a thing belongs to 10 thing groups, and one or more
+-- of those groups are dynamic thing groups, adding a thing to a static
+-- group removes the thing from the last dynamic group.
+addThingToThingGroup_overrideDynamicGroups :: Lens.Lens' AddThingToThingGroup (Prelude.Maybe Prelude.Bool)
+addThingToThingGroup_overrideDynamicGroups = Lens.lens (\AddThingToThingGroup' {overrideDynamicGroups} -> overrideDynamicGroups) (\s@AddThingToThingGroup' {} a -> s {overrideDynamicGroups = a} :: AddThingToThingGroup)
+
+-- | The ARN of the thing to add to a group.
+addThingToThingGroup_thingArn :: Lens.Lens' AddThingToThingGroup (Prelude.Maybe Prelude.Text)
+addThingToThingGroup_thingArn = Lens.lens (\AddThingToThingGroup' {thingArn} -> thingArn) (\s@AddThingToThingGroup' {} a -> s {thingArn = a} :: AddThingToThingGroup)
+
+-- | The ARN of the group to which you are adding a thing.
+addThingToThingGroup_thingGroupArn :: Lens.Lens' AddThingToThingGroup (Prelude.Maybe Prelude.Text)
+addThingToThingGroup_thingGroupArn = Lens.lens (\AddThingToThingGroup' {thingGroupArn} -> thingGroupArn) (\s@AddThingToThingGroup' {} a -> s {thingGroupArn = a} :: AddThingToThingGroup)
+
+-- | The name of the group to which you are adding a thing.
+addThingToThingGroup_thingGroupName :: Lens.Lens' AddThingToThingGroup (Prelude.Maybe Prelude.Text)
+addThingToThingGroup_thingGroupName = Lens.lens (\AddThingToThingGroup' {thingGroupName} -> thingGroupName) (\s@AddThingToThingGroup' {} a -> s {thingGroupName = a} :: AddThingToThingGroup)
+
+-- | The name of the thing to add to a group.
+addThingToThingGroup_thingName :: Lens.Lens' AddThingToThingGroup (Prelude.Maybe Prelude.Text)
+addThingToThingGroup_thingName = Lens.lens (\AddThingToThingGroup' {thingName} -> thingName) (\s@AddThingToThingGroup' {} a -> s {thingName = a} :: AddThingToThingGroup)
+
+instance Core.AWSRequest AddThingToThingGroup where
+  type
+    AWSResponse AddThingToThingGroup =
+      AddThingToThingGroupResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          AddThingToThingGroupResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable AddThingToThingGroup where
+  hashWithSalt _salt AddThingToThingGroup' {..} =
+    _salt
+      `Prelude.hashWithSalt` overrideDynamicGroups
+      `Prelude.hashWithSalt` thingArn
+      `Prelude.hashWithSalt` thingGroupArn
+      `Prelude.hashWithSalt` thingGroupName
+      `Prelude.hashWithSalt` thingName
+
+instance Prelude.NFData AddThingToThingGroup where
+  rnf AddThingToThingGroup' {..} =
+    Prelude.rnf overrideDynamicGroups
+      `Prelude.seq` Prelude.rnf thingArn
+      `Prelude.seq` Prelude.rnf thingGroupArn
+      `Prelude.seq` Prelude.rnf thingGroupName
+      `Prelude.seq` Prelude.rnf thingName
+
+instance Data.ToHeaders AddThingToThingGroup where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON AddThingToThingGroup where
+  toJSON AddThingToThingGroup' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("overrideDynamicGroups" Data..=)
+              Prelude.<$> overrideDynamicGroups,
+            ("thingArn" Data..=) Prelude.<$> thingArn,
+            ("thingGroupArn" Data..=) Prelude.<$> thingGroupArn,
+            ("thingGroupName" Data..=)
+              Prelude.<$> thingGroupName,
+            ("thingName" Data..=) Prelude.<$> thingName
+          ]
+      )
+
+instance Data.ToPath AddThingToThingGroup where
+  toPath =
+    Prelude.const "/thing-groups/addThingToThingGroup"
+
+instance Data.ToQuery AddThingToThingGroup where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newAddThingToThingGroupResponse' smart constructor.
+data AddThingToThingGroupResponse = AddThingToThingGroupResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AddThingToThingGroupResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'addThingToThingGroupResponse_httpStatus' - The response's http status code.
+newAddThingToThingGroupResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  AddThingToThingGroupResponse
+newAddThingToThingGroupResponse pHttpStatus_ =
+  AddThingToThingGroupResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+addThingToThingGroupResponse_httpStatus :: Lens.Lens' AddThingToThingGroupResponse Prelude.Int
+addThingToThingGroupResponse_httpStatus = Lens.lens (\AddThingToThingGroupResponse' {httpStatus} -> httpStatus) (\s@AddThingToThingGroupResponse' {} a -> s {httpStatus = a} :: AddThingToThingGroupResponse)
+
+instance Prelude.NFData AddThingToThingGroupResponse where
+  rnf AddThingToThingGroupResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/AssociateTargetsWithJob.hs b/gen/Amazonka/IoT/AssociateTargetsWithJob.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/AssociateTargetsWithJob.hs
@@ -0,0 +1,270 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.AssociateTargetsWithJob
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Associates a group with a continuous job. The following criteria must be
+-- met:
+--
+-- -   The job must have been created with the @targetSelection@ field set
+--     to \"CONTINUOUS\".
+--
+-- -   The job status must currently be \"IN_PROGRESS\".
+--
+-- -   The total number of targets associated with a job must not exceed
+--     100.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions AssociateTargetsWithJob>
+-- action.
+module Amazonka.IoT.AssociateTargetsWithJob
+  ( -- * Creating a Request
+    AssociateTargetsWithJob (..),
+    newAssociateTargetsWithJob,
+
+    -- * Request Lenses
+    associateTargetsWithJob_comment,
+    associateTargetsWithJob_namespaceId,
+    associateTargetsWithJob_targets,
+    associateTargetsWithJob_jobId,
+
+    -- * Destructuring the Response
+    AssociateTargetsWithJobResponse (..),
+    newAssociateTargetsWithJobResponse,
+
+    -- * Response Lenses
+    associateTargetsWithJobResponse_description,
+    associateTargetsWithJobResponse_jobArn,
+    associateTargetsWithJobResponse_jobId,
+    associateTargetsWithJobResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newAssociateTargetsWithJob' smart constructor.
+data AssociateTargetsWithJob = AssociateTargetsWithJob'
+  { -- | An optional comment string describing why the job was associated with
+    -- the targets.
+    comment :: Prelude.Maybe Prelude.Text,
+    -- | The namespace used to indicate that a job is a customer-managed job.
+    --
+    -- When you specify a value for this parameter, Amazon Web Services IoT
+    -- Core sends jobs notifications to MQTT topics that contain the value in
+    -- the following format.
+    --
+    -- @$aws\/things\/@/@THING_NAME@/@\/jobs\/@/@JOB_ID@/@\/notify-namespace-@/@NAMESPACE_ID@/@\/@
+    --
+    -- The @namespaceId@ feature is in public preview.
+    namespaceId :: Prelude.Maybe Prelude.Text,
+    -- | A list of thing group ARNs that define the targets of the job.
+    targets :: Prelude.NonEmpty Prelude.Text,
+    -- | The unique identifier you assigned to this job when it was created.
+    jobId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AssociateTargetsWithJob' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'comment', 'associateTargetsWithJob_comment' - An optional comment string describing why the job was associated with
+-- the targets.
+--
+-- 'namespaceId', 'associateTargetsWithJob_namespaceId' - The namespace used to indicate that a job is a customer-managed job.
+--
+-- When you specify a value for this parameter, Amazon Web Services IoT
+-- Core sends jobs notifications to MQTT topics that contain the value in
+-- the following format.
+--
+-- @$aws\/things\/@/@THING_NAME@/@\/jobs\/@/@JOB_ID@/@\/notify-namespace-@/@NAMESPACE_ID@/@\/@
+--
+-- The @namespaceId@ feature is in public preview.
+--
+-- 'targets', 'associateTargetsWithJob_targets' - A list of thing group ARNs that define the targets of the job.
+--
+-- 'jobId', 'associateTargetsWithJob_jobId' - The unique identifier you assigned to this job when it was created.
+newAssociateTargetsWithJob ::
+  -- | 'targets'
+  Prelude.NonEmpty Prelude.Text ->
+  -- | 'jobId'
+  Prelude.Text ->
+  AssociateTargetsWithJob
+newAssociateTargetsWithJob pTargets_ pJobId_ =
+  AssociateTargetsWithJob'
+    { comment = Prelude.Nothing,
+      namespaceId = Prelude.Nothing,
+      targets = Lens.coerced Lens.# pTargets_,
+      jobId = pJobId_
+    }
+
+-- | An optional comment string describing why the job was associated with
+-- the targets.
+associateTargetsWithJob_comment :: Lens.Lens' AssociateTargetsWithJob (Prelude.Maybe Prelude.Text)
+associateTargetsWithJob_comment = Lens.lens (\AssociateTargetsWithJob' {comment} -> comment) (\s@AssociateTargetsWithJob' {} a -> s {comment = a} :: AssociateTargetsWithJob)
+
+-- | The namespace used to indicate that a job is a customer-managed job.
+--
+-- When you specify a value for this parameter, Amazon Web Services IoT
+-- Core sends jobs notifications to MQTT topics that contain the value in
+-- the following format.
+--
+-- @$aws\/things\/@/@THING_NAME@/@\/jobs\/@/@JOB_ID@/@\/notify-namespace-@/@NAMESPACE_ID@/@\/@
+--
+-- The @namespaceId@ feature is in public preview.
+associateTargetsWithJob_namespaceId :: Lens.Lens' AssociateTargetsWithJob (Prelude.Maybe Prelude.Text)
+associateTargetsWithJob_namespaceId = Lens.lens (\AssociateTargetsWithJob' {namespaceId} -> namespaceId) (\s@AssociateTargetsWithJob' {} a -> s {namespaceId = a} :: AssociateTargetsWithJob)
+
+-- | A list of thing group ARNs that define the targets of the job.
+associateTargetsWithJob_targets :: Lens.Lens' AssociateTargetsWithJob (Prelude.NonEmpty Prelude.Text)
+associateTargetsWithJob_targets = Lens.lens (\AssociateTargetsWithJob' {targets} -> targets) (\s@AssociateTargetsWithJob' {} a -> s {targets = a} :: AssociateTargetsWithJob) Prelude.. Lens.coerced
+
+-- | The unique identifier you assigned to this job when it was created.
+associateTargetsWithJob_jobId :: Lens.Lens' AssociateTargetsWithJob Prelude.Text
+associateTargetsWithJob_jobId = Lens.lens (\AssociateTargetsWithJob' {jobId} -> jobId) (\s@AssociateTargetsWithJob' {} a -> s {jobId = a} :: AssociateTargetsWithJob)
+
+instance Core.AWSRequest AssociateTargetsWithJob where
+  type
+    AWSResponse AssociateTargetsWithJob =
+      AssociateTargetsWithJobResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          AssociateTargetsWithJobResponse'
+            Prelude.<$> (x Data..?> "description")
+            Prelude.<*> (x Data..?> "jobArn")
+            Prelude.<*> (x Data..?> "jobId")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable AssociateTargetsWithJob where
+  hashWithSalt _salt AssociateTargetsWithJob' {..} =
+    _salt
+      `Prelude.hashWithSalt` comment
+      `Prelude.hashWithSalt` namespaceId
+      `Prelude.hashWithSalt` targets
+      `Prelude.hashWithSalt` jobId
+
+instance Prelude.NFData AssociateTargetsWithJob where
+  rnf AssociateTargetsWithJob' {..} =
+    Prelude.rnf comment
+      `Prelude.seq` Prelude.rnf namespaceId
+      `Prelude.seq` Prelude.rnf targets
+      `Prelude.seq` Prelude.rnf jobId
+
+instance Data.ToHeaders AssociateTargetsWithJob where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON AssociateTargetsWithJob where
+  toJSON AssociateTargetsWithJob' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("comment" Data..=) Prelude.<$> comment,
+            Prelude.Just ("targets" Data..= targets)
+          ]
+      )
+
+instance Data.ToPath AssociateTargetsWithJob where
+  toPath AssociateTargetsWithJob' {..} =
+    Prelude.mconcat
+      ["/jobs/", Data.toBS jobId, "/targets"]
+
+instance Data.ToQuery AssociateTargetsWithJob where
+  toQuery AssociateTargetsWithJob' {..} =
+    Prelude.mconcat ["namespaceId" Data.=: namespaceId]
+
+-- | /See:/ 'newAssociateTargetsWithJobResponse' smart constructor.
+data AssociateTargetsWithJobResponse = AssociateTargetsWithJobResponse'
+  { -- | A short text description of the job.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | An ARN identifying the job.
+    jobArn :: Prelude.Maybe Prelude.Text,
+    -- | The unique identifier you assigned to this job when it was created.
+    jobId :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AssociateTargetsWithJobResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'description', 'associateTargetsWithJobResponse_description' - A short text description of the job.
+--
+-- 'jobArn', 'associateTargetsWithJobResponse_jobArn' - An ARN identifying the job.
+--
+-- 'jobId', 'associateTargetsWithJobResponse_jobId' - The unique identifier you assigned to this job when it was created.
+--
+-- 'httpStatus', 'associateTargetsWithJobResponse_httpStatus' - The response's http status code.
+newAssociateTargetsWithJobResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  AssociateTargetsWithJobResponse
+newAssociateTargetsWithJobResponse pHttpStatus_ =
+  AssociateTargetsWithJobResponse'
+    { description =
+        Prelude.Nothing,
+      jobArn = Prelude.Nothing,
+      jobId = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | A short text description of the job.
+associateTargetsWithJobResponse_description :: Lens.Lens' AssociateTargetsWithJobResponse (Prelude.Maybe Prelude.Text)
+associateTargetsWithJobResponse_description = Lens.lens (\AssociateTargetsWithJobResponse' {description} -> description) (\s@AssociateTargetsWithJobResponse' {} a -> s {description = a} :: AssociateTargetsWithJobResponse)
+
+-- | An ARN identifying the job.
+associateTargetsWithJobResponse_jobArn :: Lens.Lens' AssociateTargetsWithJobResponse (Prelude.Maybe Prelude.Text)
+associateTargetsWithJobResponse_jobArn = Lens.lens (\AssociateTargetsWithJobResponse' {jobArn} -> jobArn) (\s@AssociateTargetsWithJobResponse' {} a -> s {jobArn = a} :: AssociateTargetsWithJobResponse)
+
+-- | The unique identifier you assigned to this job when it was created.
+associateTargetsWithJobResponse_jobId :: Lens.Lens' AssociateTargetsWithJobResponse (Prelude.Maybe Prelude.Text)
+associateTargetsWithJobResponse_jobId = Lens.lens (\AssociateTargetsWithJobResponse' {jobId} -> jobId) (\s@AssociateTargetsWithJobResponse' {} a -> s {jobId = a} :: AssociateTargetsWithJobResponse)
+
+-- | The response's http status code.
+associateTargetsWithJobResponse_httpStatus :: Lens.Lens' AssociateTargetsWithJobResponse Prelude.Int
+associateTargetsWithJobResponse_httpStatus = Lens.lens (\AssociateTargetsWithJobResponse' {httpStatus} -> httpStatus) (\s@AssociateTargetsWithJobResponse' {} a -> s {httpStatus = a} :: AssociateTargetsWithJobResponse)
+
+instance
+  Prelude.NFData
+    AssociateTargetsWithJobResponse
+  where
+  rnf AssociateTargetsWithJobResponse' {..} =
+    Prelude.rnf description
+      `Prelude.seq` Prelude.rnf jobArn
+      `Prelude.seq` Prelude.rnf jobId
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/AttachPolicy.hs b/gen/Amazonka/IoT/AttachPolicy.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/AttachPolicy.hs
@@ -0,0 +1,151 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.AttachPolicy
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Attaches the specified policy to the specified principal (certificate or
+-- other credential).
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions AttachPolicy>
+-- action.
+module Amazonka.IoT.AttachPolicy
+  ( -- * Creating a Request
+    AttachPolicy (..),
+    newAttachPolicy,
+
+    -- * Request Lenses
+    attachPolicy_policyName,
+    attachPolicy_target,
+
+    -- * Destructuring the Response
+    AttachPolicyResponse (..),
+    newAttachPolicyResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newAttachPolicy' smart constructor.
+data AttachPolicy = AttachPolicy'
+  { -- | The name of the policy to attach.
+    policyName :: Prelude.Text,
+    -- | The
+    -- <https://docs.aws.amazon.com/iot/latest/developerguide/security-iam.html identity>
+    -- to which the policy is attached. For example, a thing group or a
+    -- certificate.
+    target :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AttachPolicy' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'policyName', 'attachPolicy_policyName' - The name of the policy to attach.
+--
+-- 'target', 'attachPolicy_target' - The
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/security-iam.html identity>
+-- to which the policy is attached. For example, a thing group or a
+-- certificate.
+newAttachPolicy ::
+  -- | 'policyName'
+  Prelude.Text ->
+  -- | 'target'
+  Prelude.Text ->
+  AttachPolicy
+newAttachPolicy pPolicyName_ pTarget_ =
+  AttachPolicy'
+    { policyName = pPolicyName_,
+      target = pTarget_
+    }
+
+-- | The name of the policy to attach.
+attachPolicy_policyName :: Lens.Lens' AttachPolicy Prelude.Text
+attachPolicy_policyName = Lens.lens (\AttachPolicy' {policyName} -> policyName) (\s@AttachPolicy' {} a -> s {policyName = a} :: AttachPolicy)
+
+-- | The
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/security-iam.html identity>
+-- to which the policy is attached. For example, a thing group or a
+-- certificate.
+attachPolicy_target :: Lens.Lens' AttachPolicy Prelude.Text
+attachPolicy_target = Lens.lens (\AttachPolicy' {target} -> target) (\s@AttachPolicy' {} a -> s {target = a} :: AttachPolicy)
+
+instance Core.AWSRequest AttachPolicy where
+  type AWSResponse AttachPolicy = AttachPolicyResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response = Response.receiveNull AttachPolicyResponse'
+
+instance Prelude.Hashable AttachPolicy where
+  hashWithSalt _salt AttachPolicy' {..} =
+    _salt
+      `Prelude.hashWithSalt` policyName
+      `Prelude.hashWithSalt` target
+
+instance Prelude.NFData AttachPolicy where
+  rnf AttachPolicy' {..} =
+    Prelude.rnf policyName
+      `Prelude.seq` Prelude.rnf target
+
+instance Data.ToHeaders AttachPolicy where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON AttachPolicy where
+  toJSON AttachPolicy' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [Prelude.Just ("target" Data..= target)]
+      )
+
+instance Data.ToPath AttachPolicy where
+  toPath AttachPolicy' {..} =
+    Prelude.mconcat
+      ["/target-policies/", Data.toBS policyName]
+
+instance Data.ToQuery AttachPolicy where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newAttachPolicyResponse' smart constructor.
+data AttachPolicyResponse = AttachPolicyResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AttachPolicyResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newAttachPolicyResponse ::
+  AttachPolicyResponse
+newAttachPolicyResponse = AttachPolicyResponse'
+
+instance Prelude.NFData AttachPolicyResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/IoT/AttachSecurityProfile.hs b/gen/Amazonka/IoT/AttachSecurityProfile.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/AttachSecurityProfile.hs
@@ -0,0 +1,180 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.AttachSecurityProfile
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Associates a Device Defender security profile with a thing group or this
+-- account. Each thing group or account can have up to five security
+-- profiles associated with it.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions AttachSecurityProfile>
+-- action.
+module Amazonka.IoT.AttachSecurityProfile
+  ( -- * Creating a Request
+    AttachSecurityProfile (..),
+    newAttachSecurityProfile,
+
+    -- * Request Lenses
+    attachSecurityProfile_securityProfileName,
+    attachSecurityProfile_securityProfileTargetArn,
+
+    -- * Destructuring the Response
+    AttachSecurityProfileResponse (..),
+    newAttachSecurityProfileResponse,
+
+    -- * Response Lenses
+    attachSecurityProfileResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newAttachSecurityProfile' smart constructor.
+data AttachSecurityProfile = AttachSecurityProfile'
+  { -- | The security profile that is attached.
+    securityProfileName :: Prelude.Text,
+    -- | The ARN of the target (thing group) to which the security profile is
+    -- attached.
+    securityProfileTargetArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AttachSecurityProfile' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'securityProfileName', 'attachSecurityProfile_securityProfileName' - The security profile that is attached.
+--
+-- 'securityProfileTargetArn', 'attachSecurityProfile_securityProfileTargetArn' - The ARN of the target (thing group) to which the security profile is
+-- attached.
+newAttachSecurityProfile ::
+  -- | 'securityProfileName'
+  Prelude.Text ->
+  -- | 'securityProfileTargetArn'
+  Prelude.Text ->
+  AttachSecurityProfile
+newAttachSecurityProfile
+  pSecurityProfileName_
+  pSecurityProfileTargetArn_ =
+    AttachSecurityProfile'
+      { securityProfileName =
+          pSecurityProfileName_,
+        securityProfileTargetArn =
+          pSecurityProfileTargetArn_
+      }
+
+-- | The security profile that is attached.
+attachSecurityProfile_securityProfileName :: Lens.Lens' AttachSecurityProfile Prelude.Text
+attachSecurityProfile_securityProfileName = Lens.lens (\AttachSecurityProfile' {securityProfileName} -> securityProfileName) (\s@AttachSecurityProfile' {} a -> s {securityProfileName = a} :: AttachSecurityProfile)
+
+-- | The ARN of the target (thing group) to which the security profile is
+-- attached.
+attachSecurityProfile_securityProfileTargetArn :: Lens.Lens' AttachSecurityProfile Prelude.Text
+attachSecurityProfile_securityProfileTargetArn = Lens.lens (\AttachSecurityProfile' {securityProfileTargetArn} -> securityProfileTargetArn) (\s@AttachSecurityProfile' {} a -> s {securityProfileTargetArn = a} :: AttachSecurityProfile)
+
+instance Core.AWSRequest AttachSecurityProfile where
+  type
+    AWSResponse AttachSecurityProfile =
+      AttachSecurityProfileResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          AttachSecurityProfileResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable AttachSecurityProfile where
+  hashWithSalt _salt AttachSecurityProfile' {..} =
+    _salt
+      `Prelude.hashWithSalt` securityProfileName
+      `Prelude.hashWithSalt` securityProfileTargetArn
+
+instance Prelude.NFData AttachSecurityProfile where
+  rnf AttachSecurityProfile' {..} =
+    Prelude.rnf securityProfileName
+      `Prelude.seq` Prelude.rnf securityProfileTargetArn
+
+instance Data.ToHeaders AttachSecurityProfile where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON AttachSecurityProfile where
+  toJSON = Prelude.const (Data.Object Prelude.mempty)
+
+instance Data.ToPath AttachSecurityProfile where
+  toPath AttachSecurityProfile' {..} =
+    Prelude.mconcat
+      [ "/security-profiles/",
+        Data.toBS securityProfileName,
+        "/targets"
+      ]
+
+instance Data.ToQuery AttachSecurityProfile where
+  toQuery AttachSecurityProfile' {..} =
+    Prelude.mconcat
+      [ "securityProfileTargetArn"
+          Data.=: securityProfileTargetArn
+      ]
+
+-- | /See:/ 'newAttachSecurityProfileResponse' smart constructor.
+data AttachSecurityProfileResponse = AttachSecurityProfileResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AttachSecurityProfileResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'attachSecurityProfileResponse_httpStatus' - The response's http status code.
+newAttachSecurityProfileResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  AttachSecurityProfileResponse
+newAttachSecurityProfileResponse pHttpStatus_ =
+  AttachSecurityProfileResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+attachSecurityProfileResponse_httpStatus :: Lens.Lens' AttachSecurityProfileResponse Prelude.Int
+attachSecurityProfileResponse_httpStatus = Lens.lens (\AttachSecurityProfileResponse' {httpStatus} -> httpStatus) (\s@AttachSecurityProfileResponse' {} a -> s {httpStatus = a} :: AttachSecurityProfileResponse)
+
+instance Prelude.NFData AttachSecurityProfileResponse where
+  rnf AttachSecurityProfileResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/AttachThingPrincipal.hs b/gen/Amazonka/IoT/AttachThingPrincipal.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/AttachThingPrincipal.hs
@@ -0,0 +1,175 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.AttachThingPrincipal
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Attaches the specified principal to the specified thing. A principal can
+-- be X.509 certificates, Amazon Cognito identities or federated
+-- identities.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions AttachThingPrincipal>
+-- action.
+module Amazonka.IoT.AttachThingPrincipal
+  ( -- * Creating a Request
+    AttachThingPrincipal (..),
+    newAttachThingPrincipal,
+
+    -- * Request Lenses
+    attachThingPrincipal_thingName,
+    attachThingPrincipal_principal,
+
+    -- * Destructuring the Response
+    AttachThingPrincipalResponse (..),
+    newAttachThingPrincipalResponse,
+
+    -- * Response Lenses
+    attachThingPrincipalResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the AttachThingPrincipal operation.
+--
+-- /See:/ 'newAttachThingPrincipal' smart constructor.
+data AttachThingPrincipal = AttachThingPrincipal'
+  { -- | The name of the thing.
+    thingName :: Prelude.Text,
+    -- | The principal, which can be a certificate ARN (as returned from the
+    -- CreateCertificate operation) or an Amazon Cognito ID.
+    principal :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AttachThingPrincipal' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'thingName', 'attachThingPrincipal_thingName' - The name of the thing.
+--
+-- 'principal', 'attachThingPrincipal_principal' - The principal, which can be a certificate ARN (as returned from the
+-- CreateCertificate operation) or an Amazon Cognito ID.
+newAttachThingPrincipal ::
+  -- | 'thingName'
+  Prelude.Text ->
+  -- | 'principal'
+  Prelude.Text ->
+  AttachThingPrincipal
+newAttachThingPrincipal pThingName_ pPrincipal_ =
+  AttachThingPrincipal'
+    { thingName = pThingName_,
+      principal = pPrincipal_
+    }
+
+-- | The name of the thing.
+attachThingPrincipal_thingName :: Lens.Lens' AttachThingPrincipal Prelude.Text
+attachThingPrincipal_thingName = Lens.lens (\AttachThingPrincipal' {thingName} -> thingName) (\s@AttachThingPrincipal' {} a -> s {thingName = a} :: AttachThingPrincipal)
+
+-- | The principal, which can be a certificate ARN (as returned from the
+-- CreateCertificate operation) or an Amazon Cognito ID.
+attachThingPrincipal_principal :: Lens.Lens' AttachThingPrincipal Prelude.Text
+attachThingPrincipal_principal = Lens.lens (\AttachThingPrincipal' {principal} -> principal) (\s@AttachThingPrincipal' {} a -> s {principal = a} :: AttachThingPrincipal)
+
+instance Core.AWSRequest AttachThingPrincipal where
+  type
+    AWSResponse AttachThingPrincipal =
+      AttachThingPrincipalResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          AttachThingPrincipalResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable AttachThingPrincipal where
+  hashWithSalt _salt AttachThingPrincipal' {..} =
+    _salt
+      `Prelude.hashWithSalt` thingName
+      `Prelude.hashWithSalt` principal
+
+instance Prelude.NFData AttachThingPrincipal where
+  rnf AttachThingPrincipal' {..} =
+    Prelude.rnf thingName
+      `Prelude.seq` Prelude.rnf principal
+
+instance Data.ToHeaders AttachThingPrincipal where
+  toHeaders AttachThingPrincipal' {..} =
+    Prelude.mconcat
+      ["x-amzn-principal" Data.=# principal]
+
+instance Data.ToJSON AttachThingPrincipal where
+  toJSON = Prelude.const (Data.Object Prelude.mempty)
+
+instance Data.ToPath AttachThingPrincipal where
+  toPath AttachThingPrincipal' {..} =
+    Prelude.mconcat
+      ["/things/", Data.toBS thingName, "/principals"]
+
+instance Data.ToQuery AttachThingPrincipal where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | The output from the AttachThingPrincipal operation.
+--
+-- /See:/ 'newAttachThingPrincipalResponse' smart constructor.
+data AttachThingPrincipalResponse = AttachThingPrincipalResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AttachThingPrincipalResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'attachThingPrincipalResponse_httpStatus' - The response's http status code.
+newAttachThingPrincipalResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  AttachThingPrincipalResponse
+newAttachThingPrincipalResponse pHttpStatus_ =
+  AttachThingPrincipalResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+attachThingPrincipalResponse_httpStatus :: Lens.Lens' AttachThingPrincipalResponse Prelude.Int
+attachThingPrincipalResponse_httpStatus = Lens.lens (\AttachThingPrincipalResponse' {httpStatus} -> httpStatus) (\s@AttachThingPrincipalResponse' {} a -> s {httpStatus = a} :: AttachThingPrincipalResponse)
+
+instance Prelude.NFData AttachThingPrincipalResponse where
+  rnf AttachThingPrincipalResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CancelAuditMitigationActionsTask.hs b/gen/Amazonka/IoT/CancelAuditMitigationActionsTask.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CancelAuditMitigationActionsTask.hs
@@ -0,0 +1,175 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CancelAuditMitigationActionsTask
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Cancels a mitigation action task that is in progress. If the task is not
+-- in progress, an InvalidRequestException occurs.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CancelAuditMitigationActionsTask>
+-- action.
+module Amazonka.IoT.CancelAuditMitigationActionsTask
+  ( -- * Creating a Request
+    CancelAuditMitigationActionsTask (..),
+    newCancelAuditMitigationActionsTask,
+
+    -- * Request Lenses
+    cancelAuditMitigationActionsTask_taskId,
+
+    -- * Destructuring the Response
+    CancelAuditMitigationActionsTaskResponse (..),
+    newCancelAuditMitigationActionsTaskResponse,
+
+    -- * Response Lenses
+    cancelAuditMitigationActionsTaskResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newCancelAuditMitigationActionsTask' smart constructor.
+data CancelAuditMitigationActionsTask = CancelAuditMitigationActionsTask'
+  { -- | The unique identifier for the task that you want to cancel.
+    taskId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CancelAuditMitigationActionsTask' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'taskId', 'cancelAuditMitigationActionsTask_taskId' - The unique identifier for the task that you want to cancel.
+newCancelAuditMitigationActionsTask ::
+  -- | 'taskId'
+  Prelude.Text ->
+  CancelAuditMitigationActionsTask
+newCancelAuditMitigationActionsTask pTaskId_ =
+  CancelAuditMitigationActionsTask'
+    { taskId =
+        pTaskId_
+    }
+
+-- | The unique identifier for the task that you want to cancel.
+cancelAuditMitigationActionsTask_taskId :: Lens.Lens' CancelAuditMitigationActionsTask Prelude.Text
+cancelAuditMitigationActionsTask_taskId = Lens.lens (\CancelAuditMitigationActionsTask' {taskId} -> taskId) (\s@CancelAuditMitigationActionsTask' {} a -> s {taskId = a} :: CancelAuditMitigationActionsTask)
+
+instance
+  Core.AWSRequest
+    CancelAuditMitigationActionsTask
+  where
+  type
+    AWSResponse CancelAuditMitigationActionsTask =
+      CancelAuditMitigationActionsTaskResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          CancelAuditMitigationActionsTaskResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    CancelAuditMitigationActionsTask
+  where
+  hashWithSalt
+    _salt
+    CancelAuditMitigationActionsTask' {..} =
+      _salt `Prelude.hashWithSalt` taskId
+
+instance
+  Prelude.NFData
+    CancelAuditMitigationActionsTask
+  where
+  rnf CancelAuditMitigationActionsTask' {..} =
+    Prelude.rnf taskId
+
+instance
+  Data.ToHeaders
+    CancelAuditMitigationActionsTask
+  where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CancelAuditMitigationActionsTask where
+  toJSON = Prelude.const (Data.Object Prelude.mempty)
+
+instance Data.ToPath CancelAuditMitigationActionsTask where
+  toPath CancelAuditMitigationActionsTask' {..} =
+    Prelude.mconcat
+      [ "/audit/mitigationactions/tasks/",
+        Data.toBS taskId,
+        "/cancel"
+      ]
+
+instance
+  Data.ToQuery
+    CancelAuditMitigationActionsTask
+  where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCancelAuditMitigationActionsTaskResponse' smart constructor.
+data CancelAuditMitigationActionsTaskResponse = CancelAuditMitigationActionsTaskResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CancelAuditMitigationActionsTaskResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'cancelAuditMitigationActionsTaskResponse_httpStatus' - The response's http status code.
+newCancelAuditMitigationActionsTaskResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CancelAuditMitigationActionsTaskResponse
+newCancelAuditMitigationActionsTaskResponse
+  pHttpStatus_ =
+    CancelAuditMitigationActionsTaskResponse'
+      { httpStatus =
+          pHttpStatus_
+      }
+
+-- | The response's http status code.
+cancelAuditMitigationActionsTaskResponse_httpStatus :: Lens.Lens' CancelAuditMitigationActionsTaskResponse Prelude.Int
+cancelAuditMitigationActionsTaskResponse_httpStatus = Lens.lens (\CancelAuditMitigationActionsTaskResponse' {httpStatus} -> httpStatus) (\s@CancelAuditMitigationActionsTaskResponse' {} a -> s {httpStatus = a} :: CancelAuditMitigationActionsTaskResponse)
+
+instance
+  Prelude.NFData
+    CancelAuditMitigationActionsTaskResponse
+  where
+  rnf CancelAuditMitigationActionsTaskResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CancelAuditTask.hs b/gen/Amazonka/IoT/CancelAuditTask.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CancelAuditTask.hs
@@ -0,0 +1,148 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CancelAuditTask
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Cancels an audit that is in progress. The audit can be either scheduled
+-- or on demand. If the audit isn\'t in progress, an
+-- \"InvalidRequestException\" occurs.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CancelAuditTask>
+-- action.
+module Amazonka.IoT.CancelAuditTask
+  ( -- * Creating a Request
+    CancelAuditTask (..),
+    newCancelAuditTask,
+
+    -- * Request Lenses
+    cancelAuditTask_taskId,
+
+    -- * Destructuring the Response
+    CancelAuditTaskResponse (..),
+    newCancelAuditTaskResponse,
+
+    -- * Response Lenses
+    cancelAuditTaskResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newCancelAuditTask' smart constructor.
+data CancelAuditTask = CancelAuditTask'
+  { -- | The ID of the audit you want to cancel. You can only cancel an audit
+    -- that is \"IN_PROGRESS\".
+    taskId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CancelAuditTask' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'taskId', 'cancelAuditTask_taskId' - The ID of the audit you want to cancel. You can only cancel an audit
+-- that is \"IN_PROGRESS\".
+newCancelAuditTask ::
+  -- | 'taskId'
+  Prelude.Text ->
+  CancelAuditTask
+newCancelAuditTask pTaskId_ =
+  CancelAuditTask' {taskId = pTaskId_}
+
+-- | The ID of the audit you want to cancel. You can only cancel an audit
+-- that is \"IN_PROGRESS\".
+cancelAuditTask_taskId :: Lens.Lens' CancelAuditTask Prelude.Text
+cancelAuditTask_taskId = Lens.lens (\CancelAuditTask' {taskId} -> taskId) (\s@CancelAuditTask' {} a -> s {taskId = a} :: CancelAuditTask)
+
+instance Core.AWSRequest CancelAuditTask where
+  type
+    AWSResponse CancelAuditTask =
+      CancelAuditTaskResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          CancelAuditTaskResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CancelAuditTask where
+  hashWithSalt _salt CancelAuditTask' {..} =
+    _salt `Prelude.hashWithSalt` taskId
+
+instance Prelude.NFData CancelAuditTask where
+  rnf CancelAuditTask' {..} = Prelude.rnf taskId
+
+instance Data.ToHeaders CancelAuditTask where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CancelAuditTask where
+  toJSON = Prelude.const (Data.Object Prelude.mempty)
+
+instance Data.ToPath CancelAuditTask where
+  toPath CancelAuditTask' {..} =
+    Prelude.mconcat
+      ["/audit/tasks/", Data.toBS taskId, "/cancel"]
+
+instance Data.ToQuery CancelAuditTask where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCancelAuditTaskResponse' smart constructor.
+data CancelAuditTaskResponse = CancelAuditTaskResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CancelAuditTaskResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'cancelAuditTaskResponse_httpStatus' - The response's http status code.
+newCancelAuditTaskResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CancelAuditTaskResponse
+newCancelAuditTaskResponse pHttpStatus_ =
+  CancelAuditTaskResponse' {httpStatus = pHttpStatus_}
+
+-- | The response's http status code.
+cancelAuditTaskResponse_httpStatus :: Lens.Lens' CancelAuditTaskResponse Prelude.Int
+cancelAuditTaskResponse_httpStatus = Lens.lens (\CancelAuditTaskResponse' {httpStatus} -> httpStatus) (\s@CancelAuditTaskResponse' {} a -> s {httpStatus = a} :: CancelAuditTaskResponse)
+
+instance Prelude.NFData CancelAuditTaskResponse where
+  rnf CancelAuditTaskResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CancelCertificateTransfer.hs b/gen/Amazonka/IoT/CancelCertificateTransfer.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CancelCertificateTransfer.hs
@@ -0,0 +1,148 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CancelCertificateTransfer
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Cancels a pending transfer for the specified certificate.
+--
+-- __Note__ Only the transfer source account can use this operation to
+-- cancel a transfer. (Transfer destinations can use
+-- RejectCertificateTransfer instead.) After transfer, IoT returns the
+-- certificate to the source account in the INACTIVE state. After the
+-- destination account has accepted the transfer, the transfer cannot be
+-- cancelled.
+--
+-- After a certificate transfer is cancelled, the status of the certificate
+-- changes from PENDING_TRANSFER to INACTIVE.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CancelCertificateTransfer>
+-- action.
+module Amazonka.IoT.CancelCertificateTransfer
+  ( -- * Creating a Request
+    CancelCertificateTransfer (..),
+    newCancelCertificateTransfer,
+
+    -- * Request Lenses
+    cancelCertificateTransfer_certificateId,
+
+    -- * Destructuring the Response
+    CancelCertificateTransferResponse (..),
+    newCancelCertificateTransferResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the CancelCertificateTransfer operation.
+--
+-- /See:/ 'newCancelCertificateTransfer' smart constructor.
+data CancelCertificateTransfer = CancelCertificateTransfer'
+  { -- | The ID of the certificate. (The last part of the certificate ARN
+    -- contains the certificate ID.)
+    certificateId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CancelCertificateTransfer' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificateId', 'cancelCertificateTransfer_certificateId' - The ID of the certificate. (The last part of the certificate ARN
+-- contains the certificate ID.)
+newCancelCertificateTransfer ::
+  -- | 'certificateId'
+  Prelude.Text ->
+  CancelCertificateTransfer
+newCancelCertificateTransfer pCertificateId_ =
+  CancelCertificateTransfer'
+    { certificateId =
+        pCertificateId_
+    }
+
+-- | The ID of the certificate. (The last part of the certificate ARN
+-- contains the certificate ID.)
+cancelCertificateTransfer_certificateId :: Lens.Lens' CancelCertificateTransfer Prelude.Text
+cancelCertificateTransfer_certificateId = Lens.lens (\CancelCertificateTransfer' {certificateId} -> certificateId) (\s@CancelCertificateTransfer' {} a -> s {certificateId = a} :: CancelCertificateTransfer)
+
+instance Core.AWSRequest CancelCertificateTransfer where
+  type
+    AWSResponse CancelCertificateTransfer =
+      CancelCertificateTransferResponse
+  request overrides =
+    Request.patchJSON (overrides defaultService)
+  response =
+    Response.receiveNull
+      CancelCertificateTransferResponse'
+
+instance Prelude.Hashable CancelCertificateTransfer where
+  hashWithSalt _salt CancelCertificateTransfer' {..} =
+    _salt `Prelude.hashWithSalt` certificateId
+
+instance Prelude.NFData CancelCertificateTransfer where
+  rnf CancelCertificateTransfer' {..} =
+    Prelude.rnf certificateId
+
+instance Data.ToHeaders CancelCertificateTransfer where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CancelCertificateTransfer where
+  toJSON = Prelude.const (Data.Object Prelude.mempty)
+
+instance Data.ToPath CancelCertificateTransfer where
+  toPath CancelCertificateTransfer' {..} =
+    Prelude.mconcat
+      [ "/cancel-certificate-transfer/",
+        Data.toBS certificateId
+      ]
+
+instance Data.ToQuery CancelCertificateTransfer where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCancelCertificateTransferResponse' smart constructor.
+data CancelCertificateTransferResponse = CancelCertificateTransferResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CancelCertificateTransferResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newCancelCertificateTransferResponse ::
+  CancelCertificateTransferResponse
+newCancelCertificateTransferResponse =
+  CancelCertificateTransferResponse'
+
+instance
+  Prelude.NFData
+    CancelCertificateTransferResponse
+  where
+  rnf _ = ()
diff --git a/gen/Amazonka/IoT/CancelDetectMitigationActionsTask.hs b/gen/Amazonka/IoT/CancelDetectMitigationActionsTask.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CancelDetectMitigationActionsTask.hs
@@ -0,0 +1,180 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CancelDetectMitigationActionsTask
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Cancels a Device Defender ML Detect mitigation action.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CancelDetectMitigationActionsTask>
+-- action.
+module Amazonka.IoT.CancelDetectMitigationActionsTask
+  ( -- * Creating a Request
+    CancelDetectMitigationActionsTask (..),
+    newCancelDetectMitigationActionsTask,
+
+    -- * Request Lenses
+    cancelDetectMitigationActionsTask_taskId,
+
+    -- * Destructuring the Response
+    CancelDetectMitigationActionsTaskResponse (..),
+    newCancelDetectMitigationActionsTaskResponse,
+
+    -- * Response Lenses
+    cancelDetectMitigationActionsTaskResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newCancelDetectMitigationActionsTask' smart constructor.
+data CancelDetectMitigationActionsTask = CancelDetectMitigationActionsTask'
+  { -- | The unique identifier of the task.
+    taskId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CancelDetectMitigationActionsTask' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'taskId', 'cancelDetectMitigationActionsTask_taskId' - The unique identifier of the task.
+newCancelDetectMitigationActionsTask ::
+  -- | 'taskId'
+  Prelude.Text ->
+  CancelDetectMitigationActionsTask
+newCancelDetectMitigationActionsTask pTaskId_ =
+  CancelDetectMitigationActionsTask'
+    { taskId =
+        pTaskId_
+    }
+
+-- | The unique identifier of the task.
+cancelDetectMitigationActionsTask_taskId :: Lens.Lens' CancelDetectMitigationActionsTask Prelude.Text
+cancelDetectMitigationActionsTask_taskId = Lens.lens (\CancelDetectMitigationActionsTask' {taskId} -> taskId) (\s@CancelDetectMitigationActionsTask' {} a -> s {taskId = a} :: CancelDetectMitigationActionsTask)
+
+instance
+  Core.AWSRequest
+    CancelDetectMitigationActionsTask
+  where
+  type
+    AWSResponse CancelDetectMitigationActionsTask =
+      CancelDetectMitigationActionsTaskResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          CancelDetectMitigationActionsTaskResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    CancelDetectMitigationActionsTask
+  where
+  hashWithSalt
+    _salt
+    CancelDetectMitigationActionsTask' {..} =
+      _salt `Prelude.hashWithSalt` taskId
+
+instance
+  Prelude.NFData
+    CancelDetectMitigationActionsTask
+  where
+  rnf CancelDetectMitigationActionsTask' {..} =
+    Prelude.rnf taskId
+
+instance
+  Data.ToHeaders
+    CancelDetectMitigationActionsTask
+  where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance
+  Data.ToJSON
+    CancelDetectMitigationActionsTask
+  where
+  toJSON = Prelude.const (Data.Object Prelude.mempty)
+
+instance
+  Data.ToPath
+    CancelDetectMitigationActionsTask
+  where
+  toPath CancelDetectMitigationActionsTask' {..} =
+    Prelude.mconcat
+      [ "/detect/mitigationactions/tasks/",
+        Data.toBS taskId,
+        "/cancel"
+      ]
+
+instance
+  Data.ToQuery
+    CancelDetectMitigationActionsTask
+  where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCancelDetectMitigationActionsTaskResponse' smart constructor.
+data CancelDetectMitigationActionsTaskResponse = CancelDetectMitigationActionsTaskResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CancelDetectMitigationActionsTaskResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'cancelDetectMitigationActionsTaskResponse_httpStatus' - The response's http status code.
+newCancelDetectMitigationActionsTaskResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CancelDetectMitigationActionsTaskResponse
+newCancelDetectMitigationActionsTaskResponse
+  pHttpStatus_ =
+    CancelDetectMitigationActionsTaskResponse'
+      { httpStatus =
+          pHttpStatus_
+      }
+
+-- | The response's http status code.
+cancelDetectMitigationActionsTaskResponse_httpStatus :: Lens.Lens' CancelDetectMitigationActionsTaskResponse Prelude.Int
+cancelDetectMitigationActionsTaskResponse_httpStatus = Lens.lens (\CancelDetectMitigationActionsTaskResponse' {httpStatus} -> httpStatus) (\s@CancelDetectMitigationActionsTaskResponse' {} a -> s {httpStatus = a} :: CancelDetectMitigationActionsTaskResponse)
+
+instance
+  Prelude.NFData
+    CancelDetectMitigationActionsTaskResponse
+  where
+  rnf CancelDetectMitigationActionsTaskResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CancelJob.hs b/gen/Amazonka/IoT/CancelJob.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CancelJob.hs
@@ -0,0 +1,247 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CancelJob
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Cancels a job.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CancelJob>
+-- action.
+module Amazonka.IoT.CancelJob
+  ( -- * Creating a Request
+    CancelJob (..),
+    newCancelJob,
+
+    -- * Request Lenses
+    cancelJob_comment,
+    cancelJob_force,
+    cancelJob_reasonCode,
+    cancelJob_jobId,
+
+    -- * Destructuring the Response
+    CancelJobResponse (..),
+    newCancelJobResponse,
+
+    -- * Response Lenses
+    cancelJobResponse_description,
+    cancelJobResponse_jobArn,
+    cancelJobResponse_jobId,
+    cancelJobResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newCancelJob' smart constructor.
+data CancelJob = CancelJob'
+  { -- | An optional comment string describing why the job was canceled.
+    comment :: Prelude.Maybe Prelude.Text,
+    -- | (Optional) If @true@ job executions with status \"IN_PROGRESS\" and
+    -- \"QUEUED\" are canceled, otherwise only job executions with status
+    -- \"QUEUED\" are canceled. The default is @false@.
+    --
+    -- Canceling a job which is \"IN_PROGRESS\", will cause a device which is
+    -- executing the job to be unable to update the job execution status. Use
+    -- caution and ensure that each device executing a job which is canceled is
+    -- able to recover to a valid state.
+    force :: Prelude.Maybe Prelude.Bool,
+    -- | (Optional)A reason code string that explains why the job was canceled.
+    reasonCode :: Prelude.Maybe Prelude.Text,
+    -- | The unique identifier you assigned to this job when it was created.
+    jobId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CancelJob' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'comment', 'cancelJob_comment' - An optional comment string describing why the job was canceled.
+--
+-- 'force', 'cancelJob_force' - (Optional) If @true@ job executions with status \"IN_PROGRESS\" and
+-- \"QUEUED\" are canceled, otherwise only job executions with status
+-- \"QUEUED\" are canceled. The default is @false@.
+--
+-- Canceling a job which is \"IN_PROGRESS\", will cause a device which is
+-- executing the job to be unable to update the job execution status. Use
+-- caution and ensure that each device executing a job which is canceled is
+-- able to recover to a valid state.
+--
+-- 'reasonCode', 'cancelJob_reasonCode' - (Optional)A reason code string that explains why the job was canceled.
+--
+-- 'jobId', 'cancelJob_jobId' - The unique identifier you assigned to this job when it was created.
+newCancelJob ::
+  -- | 'jobId'
+  Prelude.Text ->
+  CancelJob
+newCancelJob pJobId_ =
+  CancelJob'
+    { comment = Prelude.Nothing,
+      force = Prelude.Nothing,
+      reasonCode = Prelude.Nothing,
+      jobId = pJobId_
+    }
+
+-- | An optional comment string describing why the job was canceled.
+cancelJob_comment :: Lens.Lens' CancelJob (Prelude.Maybe Prelude.Text)
+cancelJob_comment = Lens.lens (\CancelJob' {comment} -> comment) (\s@CancelJob' {} a -> s {comment = a} :: CancelJob)
+
+-- | (Optional) If @true@ job executions with status \"IN_PROGRESS\" and
+-- \"QUEUED\" are canceled, otherwise only job executions with status
+-- \"QUEUED\" are canceled. The default is @false@.
+--
+-- Canceling a job which is \"IN_PROGRESS\", will cause a device which is
+-- executing the job to be unable to update the job execution status. Use
+-- caution and ensure that each device executing a job which is canceled is
+-- able to recover to a valid state.
+cancelJob_force :: Lens.Lens' CancelJob (Prelude.Maybe Prelude.Bool)
+cancelJob_force = Lens.lens (\CancelJob' {force} -> force) (\s@CancelJob' {} a -> s {force = a} :: CancelJob)
+
+-- | (Optional)A reason code string that explains why the job was canceled.
+cancelJob_reasonCode :: Lens.Lens' CancelJob (Prelude.Maybe Prelude.Text)
+cancelJob_reasonCode = Lens.lens (\CancelJob' {reasonCode} -> reasonCode) (\s@CancelJob' {} a -> s {reasonCode = a} :: CancelJob)
+
+-- | The unique identifier you assigned to this job when it was created.
+cancelJob_jobId :: Lens.Lens' CancelJob Prelude.Text
+cancelJob_jobId = Lens.lens (\CancelJob' {jobId} -> jobId) (\s@CancelJob' {} a -> s {jobId = a} :: CancelJob)
+
+instance Core.AWSRequest CancelJob where
+  type AWSResponse CancelJob = CancelJobResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CancelJobResponse'
+            Prelude.<$> (x Data..?> "description")
+            Prelude.<*> (x Data..?> "jobArn")
+            Prelude.<*> (x Data..?> "jobId")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CancelJob where
+  hashWithSalt _salt CancelJob' {..} =
+    _salt
+      `Prelude.hashWithSalt` comment
+      `Prelude.hashWithSalt` force
+      `Prelude.hashWithSalt` reasonCode
+      `Prelude.hashWithSalt` jobId
+
+instance Prelude.NFData CancelJob where
+  rnf CancelJob' {..} =
+    Prelude.rnf comment
+      `Prelude.seq` Prelude.rnf force
+      `Prelude.seq` Prelude.rnf reasonCode
+      `Prelude.seq` Prelude.rnf jobId
+
+instance Data.ToHeaders CancelJob where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CancelJob where
+  toJSON CancelJob' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("comment" Data..=) Prelude.<$> comment,
+            ("reasonCode" Data..=) Prelude.<$> reasonCode
+          ]
+      )
+
+instance Data.ToPath CancelJob where
+  toPath CancelJob' {..} =
+    Prelude.mconcat
+      ["/jobs/", Data.toBS jobId, "/cancel"]
+
+instance Data.ToQuery CancelJob where
+  toQuery CancelJob' {..} =
+    Prelude.mconcat ["force" Data.=: force]
+
+-- | /See:/ 'newCancelJobResponse' smart constructor.
+data CancelJobResponse = CancelJobResponse'
+  { -- | A short text description of the job.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | The job ARN.
+    jobArn :: Prelude.Maybe Prelude.Text,
+    -- | The unique identifier you assigned to this job when it was created.
+    jobId :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CancelJobResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'description', 'cancelJobResponse_description' - A short text description of the job.
+--
+-- 'jobArn', 'cancelJobResponse_jobArn' - The job ARN.
+--
+-- 'jobId', 'cancelJobResponse_jobId' - The unique identifier you assigned to this job when it was created.
+--
+-- 'httpStatus', 'cancelJobResponse_httpStatus' - The response's http status code.
+newCancelJobResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CancelJobResponse
+newCancelJobResponse pHttpStatus_ =
+  CancelJobResponse'
+    { description = Prelude.Nothing,
+      jobArn = Prelude.Nothing,
+      jobId = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | A short text description of the job.
+cancelJobResponse_description :: Lens.Lens' CancelJobResponse (Prelude.Maybe Prelude.Text)
+cancelJobResponse_description = Lens.lens (\CancelJobResponse' {description} -> description) (\s@CancelJobResponse' {} a -> s {description = a} :: CancelJobResponse)
+
+-- | The job ARN.
+cancelJobResponse_jobArn :: Lens.Lens' CancelJobResponse (Prelude.Maybe Prelude.Text)
+cancelJobResponse_jobArn = Lens.lens (\CancelJobResponse' {jobArn} -> jobArn) (\s@CancelJobResponse' {} a -> s {jobArn = a} :: CancelJobResponse)
+
+-- | The unique identifier you assigned to this job when it was created.
+cancelJobResponse_jobId :: Lens.Lens' CancelJobResponse (Prelude.Maybe Prelude.Text)
+cancelJobResponse_jobId = Lens.lens (\CancelJobResponse' {jobId} -> jobId) (\s@CancelJobResponse' {} a -> s {jobId = a} :: CancelJobResponse)
+
+-- | The response's http status code.
+cancelJobResponse_httpStatus :: Lens.Lens' CancelJobResponse Prelude.Int
+cancelJobResponse_httpStatus = Lens.lens (\CancelJobResponse' {httpStatus} -> httpStatus) (\s@CancelJobResponse' {} a -> s {httpStatus = a} :: CancelJobResponse)
+
+instance Prelude.NFData CancelJobResponse where
+  rnf CancelJobResponse' {..} =
+    Prelude.rnf description
+      `Prelude.seq` Prelude.rnf jobArn
+      `Prelude.seq` Prelude.rnf jobId
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CancelJobExecution.hs b/gen/Amazonka/IoT/CancelJobExecution.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CancelJobExecution.hs
@@ -0,0 +1,242 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CancelJobExecution
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Cancels the execution of a job for a given thing.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CancelJobExecution>
+-- action.
+module Amazonka.IoT.CancelJobExecution
+  ( -- * Creating a Request
+    CancelJobExecution (..),
+    newCancelJobExecution,
+
+    -- * Request Lenses
+    cancelJobExecution_expectedVersion,
+    cancelJobExecution_force,
+    cancelJobExecution_statusDetails,
+    cancelJobExecution_jobId,
+    cancelJobExecution_thingName,
+
+    -- * Destructuring the Response
+    CancelJobExecutionResponse (..),
+    newCancelJobExecutionResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newCancelJobExecution' smart constructor.
+data CancelJobExecution = CancelJobExecution'
+  { -- | (Optional) The expected current version of the job execution. Each time
+    -- you update the job execution, its version is incremented. If the version
+    -- of the job execution stored in Jobs does not match, the update is
+    -- rejected with a VersionMismatch error, and an ErrorResponse that
+    -- contains the current job execution status data is returned. (This makes
+    -- it unnecessary to perform a separate DescribeJobExecution request in
+    -- order to obtain the job execution status data.)
+    expectedVersion :: Prelude.Maybe Prelude.Integer,
+    -- | (Optional) If @true@ the job execution will be canceled if it has status
+    -- IN_PROGRESS or QUEUED, otherwise the job execution will be canceled only
+    -- if it has status QUEUED. If you attempt to cancel a job execution that
+    -- is IN_PROGRESS, and you do not set @force@ to @true@, then an
+    -- @InvalidStateTransitionException@ will be thrown. The default is
+    -- @false@.
+    --
+    -- Canceling a job execution which is \"IN_PROGRESS\", will cause the
+    -- device to be unable to update the job execution status. Use caution and
+    -- ensure that the device is able to recover to a valid state.
+    force :: Prelude.Maybe Prelude.Bool,
+    -- | A collection of name\/value pairs that describe the status of the job
+    -- execution. If not specified, the statusDetails are unchanged. You can
+    -- specify at most 10 name\/value pairs.
+    statusDetails :: Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text),
+    -- | The ID of the job to be canceled.
+    jobId :: Prelude.Text,
+    -- | The name of the thing whose execution of the job will be canceled.
+    thingName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CancelJobExecution' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'expectedVersion', 'cancelJobExecution_expectedVersion' - (Optional) The expected current version of the job execution. Each time
+-- you update the job execution, its version is incremented. If the version
+-- of the job execution stored in Jobs does not match, the update is
+-- rejected with a VersionMismatch error, and an ErrorResponse that
+-- contains the current job execution status data is returned. (This makes
+-- it unnecessary to perform a separate DescribeJobExecution request in
+-- order to obtain the job execution status data.)
+--
+-- 'force', 'cancelJobExecution_force' - (Optional) If @true@ the job execution will be canceled if it has status
+-- IN_PROGRESS or QUEUED, otherwise the job execution will be canceled only
+-- if it has status QUEUED. If you attempt to cancel a job execution that
+-- is IN_PROGRESS, and you do not set @force@ to @true@, then an
+-- @InvalidStateTransitionException@ will be thrown. The default is
+-- @false@.
+--
+-- Canceling a job execution which is \"IN_PROGRESS\", will cause the
+-- device to be unable to update the job execution status. Use caution and
+-- ensure that the device is able to recover to a valid state.
+--
+-- 'statusDetails', 'cancelJobExecution_statusDetails' - A collection of name\/value pairs that describe the status of the job
+-- execution. If not specified, the statusDetails are unchanged. You can
+-- specify at most 10 name\/value pairs.
+--
+-- 'jobId', 'cancelJobExecution_jobId' - The ID of the job to be canceled.
+--
+-- 'thingName', 'cancelJobExecution_thingName' - The name of the thing whose execution of the job will be canceled.
+newCancelJobExecution ::
+  -- | 'jobId'
+  Prelude.Text ->
+  -- | 'thingName'
+  Prelude.Text ->
+  CancelJobExecution
+newCancelJobExecution pJobId_ pThingName_ =
+  CancelJobExecution'
+    { expectedVersion =
+        Prelude.Nothing,
+      force = Prelude.Nothing,
+      statusDetails = Prelude.Nothing,
+      jobId = pJobId_,
+      thingName = pThingName_
+    }
+
+-- | (Optional) The expected current version of the job execution. Each time
+-- you update the job execution, its version is incremented. If the version
+-- of the job execution stored in Jobs does not match, the update is
+-- rejected with a VersionMismatch error, and an ErrorResponse that
+-- contains the current job execution status data is returned. (This makes
+-- it unnecessary to perform a separate DescribeJobExecution request in
+-- order to obtain the job execution status data.)
+cancelJobExecution_expectedVersion :: Lens.Lens' CancelJobExecution (Prelude.Maybe Prelude.Integer)
+cancelJobExecution_expectedVersion = Lens.lens (\CancelJobExecution' {expectedVersion} -> expectedVersion) (\s@CancelJobExecution' {} a -> s {expectedVersion = a} :: CancelJobExecution)
+
+-- | (Optional) If @true@ the job execution will be canceled if it has status
+-- IN_PROGRESS or QUEUED, otherwise the job execution will be canceled only
+-- if it has status QUEUED. If you attempt to cancel a job execution that
+-- is IN_PROGRESS, and you do not set @force@ to @true@, then an
+-- @InvalidStateTransitionException@ will be thrown. The default is
+-- @false@.
+--
+-- Canceling a job execution which is \"IN_PROGRESS\", will cause the
+-- device to be unable to update the job execution status. Use caution and
+-- ensure that the device is able to recover to a valid state.
+cancelJobExecution_force :: Lens.Lens' CancelJobExecution (Prelude.Maybe Prelude.Bool)
+cancelJobExecution_force = Lens.lens (\CancelJobExecution' {force} -> force) (\s@CancelJobExecution' {} a -> s {force = a} :: CancelJobExecution)
+
+-- | A collection of name\/value pairs that describe the status of the job
+-- execution. If not specified, the statusDetails are unchanged. You can
+-- specify at most 10 name\/value pairs.
+cancelJobExecution_statusDetails :: Lens.Lens' CancelJobExecution (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
+cancelJobExecution_statusDetails = Lens.lens (\CancelJobExecution' {statusDetails} -> statusDetails) (\s@CancelJobExecution' {} a -> s {statusDetails = a} :: CancelJobExecution) Prelude.. Lens.mapping Lens.coerced
+
+-- | The ID of the job to be canceled.
+cancelJobExecution_jobId :: Lens.Lens' CancelJobExecution Prelude.Text
+cancelJobExecution_jobId = Lens.lens (\CancelJobExecution' {jobId} -> jobId) (\s@CancelJobExecution' {} a -> s {jobId = a} :: CancelJobExecution)
+
+-- | The name of the thing whose execution of the job will be canceled.
+cancelJobExecution_thingName :: Lens.Lens' CancelJobExecution Prelude.Text
+cancelJobExecution_thingName = Lens.lens (\CancelJobExecution' {thingName} -> thingName) (\s@CancelJobExecution' {} a -> s {thingName = a} :: CancelJobExecution)
+
+instance Core.AWSRequest CancelJobExecution where
+  type
+    AWSResponse CancelJobExecution =
+      CancelJobExecutionResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveNull CancelJobExecutionResponse'
+
+instance Prelude.Hashable CancelJobExecution where
+  hashWithSalt _salt CancelJobExecution' {..} =
+    _salt
+      `Prelude.hashWithSalt` expectedVersion
+      `Prelude.hashWithSalt` force
+      `Prelude.hashWithSalt` statusDetails
+      `Prelude.hashWithSalt` jobId
+      `Prelude.hashWithSalt` thingName
+
+instance Prelude.NFData CancelJobExecution where
+  rnf CancelJobExecution' {..} =
+    Prelude.rnf expectedVersion
+      `Prelude.seq` Prelude.rnf force
+      `Prelude.seq` Prelude.rnf statusDetails
+      `Prelude.seq` Prelude.rnf jobId
+      `Prelude.seq` Prelude.rnf thingName
+
+instance Data.ToHeaders CancelJobExecution where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CancelJobExecution where
+  toJSON CancelJobExecution' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("expectedVersion" Data..=)
+              Prelude.<$> expectedVersion,
+            ("statusDetails" Data..=) Prelude.<$> statusDetails
+          ]
+      )
+
+instance Data.ToPath CancelJobExecution where
+  toPath CancelJobExecution' {..} =
+    Prelude.mconcat
+      [ "/things/",
+        Data.toBS thingName,
+        "/jobs/",
+        Data.toBS jobId,
+        "/cancel"
+      ]
+
+instance Data.ToQuery CancelJobExecution where
+  toQuery CancelJobExecution' {..} =
+    Prelude.mconcat ["force" Data.=: force]
+
+-- | /See:/ 'newCancelJobExecutionResponse' smart constructor.
+data CancelJobExecutionResponse = CancelJobExecutionResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CancelJobExecutionResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newCancelJobExecutionResponse ::
+  CancelJobExecutionResponse
+newCancelJobExecutionResponse =
+  CancelJobExecutionResponse'
+
+instance Prelude.NFData CancelJobExecutionResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/IoT/ClearDefaultAuthorizer.hs b/gen/Amazonka/IoT/ClearDefaultAuthorizer.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ClearDefaultAuthorizer.hs
@@ -0,0 +1,128 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ClearDefaultAuthorizer
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Clears the default authorizer.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ClearDefaultAuthorizer>
+-- action.
+module Amazonka.IoT.ClearDefaultAuthorizer
+  ( -- * Creating a Request
+    ClearDefaultAuthorizer (..),
+    newClearDefaultAuthorizer,
+
+    -- * Destructuring the Response
+    ClearDefaultAuthorizerResponse (..),
+    newClearDefaultAuthorizerResponse,
+
+    -- * Response Lenses
+    clearDefaultAuthorizerResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newClearDefaultAuthorizer' smart constructor.
+data ClearDefaultAuthorizer = ClearDefaultAuthorizer'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ClearDefaultAuthorizer' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newClearDefaultAuthorizer ::
+  ClearDefaultAuthorizer
+newClearDefaultAuthorizer = ClearDefaultAuthorizer'
+
+instance Core.AWSRequest ClearDefaultAuthorizer where
+  type
+    AWSResponse ClearDefaultAuthorizer =
+      ClearDefaultAuthorizerResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          ClearDefaultAuthorizerResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ClearDefaultAuthorizer where
+  hashWithSalt _salt _ =
+    _salt `Prelude.hashWithSalt` ()
+
+instance Prelude.NFData ClearDefaultAuthorizer where
+  rnf _ = ()
+
+instance Data.ToHeaders ClearDefaultAuthorizer where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ClearDefaultAuthorizer where
+  toPath = Prelude.const "/default-authorizer"
+
+instance Data.ToQuery ClearDefaultAuthorizer where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newClearDefaultAuthorizerResponse' smart constructor.
+data ClearDefaultAuthorizerResponse = ClearDefaultAuthorizerResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ClearDefaultAuthorizerResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'clearDefaultAuthorizerResponse_httpStatus' - The response's http status code.
+newClearDefaultAuthorizerResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ClearDefaultAuthorizerResponse
+newClearDefaultAuthorizerResponse pHttpStatus_ =
+  ClearDefaultAuthorizerResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+clearDefaultAuthorizerResponse_httpStatus :: Lens.Lens' ClearDefaultAuthorizerResponse Prelude.Int
+clearDefaultAuthorizerResponse_httpStatus = Lens.lens (\ClearDefaultAuthorizerResponse' {httpStatus} -> httpStatus) (\s@ClearDefaultAuthorizerResponse' {} a -> s {httpStatus = a} :: ClearDefaultAuthorizerResponse)
+
+instance
+  Prelude.NFData
+    ClearDefaultAuthorizerResponse
+  where
+  rnf ClearDefaultAuthorizerResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ConfirmTopicRuleDestination.hs b/gen/Amazonka/IoT/ConfirmTopicRuleDestination.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ConfirmTopicRuleDestination.hs
@@ -0,0 +1,157 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ConfirmTopicRuleDestination
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Confirms a topic rule destination. When you create a rule requiring a
+-- destination, IoT sends a confirmation message to the endpoint or base
+-- address you specify. The message includes a token which you pass back
+-- when calling @ConfirmTopicRuleDestination@ to confirm that you own or
+-- have access to the endpoint.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ConfirmTopicRuleDestination>
+-- action.
+module Amazonka.IoT.ConfirmTopicRuleDestination
+  ( -- * Creating a Request
+    ConfirmTopicRuleDestination (..),
+    newConfirmTopicRuleDestination,
+
+    -- * Request Lenses
+    confirmTopicRuleDestination_confirmationToken,
+
+    -- * Destructuring the Response
+    ConfirmTopicRuleDestinationResponse (..),
+    newConfirmTopicRuleDestinationResponse,
+
+    -- * Response Lenses
+    confirmTopicRuleDestinationResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newConfirmTopicRuleDestination' smart constructor.
+data ConfirmTopicRuleDestination = ConfirmTopicRuleDestination'
+  { -- | The token used to confirm ownership or access to the topic rule
+    -- confirmation URL.
+    confirmationToken :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ConfirmTopicRuleDestination' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'confirmationToken', 'confirmTopicRuleDestination_confirmationToken' - The token used to confirm ownership or access to the topic rule
+-- confirmation URL.
+newConfirmTopicRuleDestination ::
+  -- | 'confirmationToken'
+  Prelude.Text ->
+  ConfirmTopicRuleDestination
+newConfirmTopicRuleDestination pConfirmationToken_ =
+  ConfirmTopicRuleDestination'
+    { confirmationToken =
+        pConfirmationToken_
+    }
+
+-- | The token used to confirm ownership or access to the topic rule
+-- confirmation URL.
+confirmTopicRuleDestination_confirmationToken :: Lens.Lens' ConfirmTopicRuleDestination Prelude.Text
+confirmTopicRuleDestination_confirmationToken = Lens.lens (\ConfirmTopicRuleDestination' {confirmationToken} -> confirmationToken) (\s@ConfirmTopicRuleDestination' {} a -> s {confirmationToken = a} :: ConfirmTopicRuleDestination)
+
+instance Core.AWSRequest ConfirmTopicRuleDestination where
+  type
+    AWSResponse ConfirmTopicRuleDestination =
+      ConfirmTopicRuleDestinationResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          ConfirmTopicRuleDestinationResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ConfirmTopicRuleDestination where
+  hashWithSalt _salt ConfirmTopicRuleDestination' {..} =
+    _salt `Prelude.hashWithSalt` confirmationToken
+
+instance Prelude.NFData ConfirmTopicRuleDestination where
+  rnf ConfirmTopicRuleDestination' {..} =
+    Prelude.rnf confirmationToken
+
+instance Data.ToHeaders ConfirmTopicRuleDestination where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ConfirmTopicRuleDestination where
+  toPath ConfirmTopicRuleDestination' {..} =
+    Prelude.mconcat
+      ["/confirmdestination/", Data.toBS confirmationToken]
+
+instance Data.ToQuery ConfirmTopicRuleDestination where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newConfirmTopicRuleDestinationResponse' smart constructor.
+data ConfirmTopicRuleDestinationResponse = ConfirmTopicRuleDestinationResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ConfirmTopicRuleDestinationResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'confirmTopicRuleDestinationResponse_httpStatus' - The response's http status code.
+newConfirmTopicRuleDestinationResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ConfirmTopicRuleDestinationResponse
+newConfirmTopicRuleDestinationResponse pHttpStatus_ =
+  ConfirmTopicRuleDestinationResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+confirmTopicRuleDestinationResponse_httpStatus :: Lens.Lens' ConfirmTopicRuleDestinationResponse Prelude.Int
+confirmTopicRuleDestinationResponse_httpStatus = Lens.lens (\ConfirmTopicRuleDestinationResponse' {httpStatus} -> httpStatus) (\s@ConfirmTopicRuleDestinationResponse' {} a -> s {httpStatus = a} :: ConfirmTopicRuleDestinationResponse)
+
+instance
+  Prelude.NFData
+    ConfirmTopicRuleDestinationResponse
+  where
+  rnf ConfirmTopicRuleDestinationResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CreateAuditSuppression.hs b/gen/Amazonka/IoT/CreateAuditSuppression.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CreateAuditSuppression.hs
@@ -0,0 +1,240 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CreateAuditSuppression
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a Device Defender audit suppression.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreateAuditSuppression>
+-- action.
+module Amazonka.IoT.CreateAuditSuppression
+  ( -- * Creating a Request
+    CreateAuditSuppression (..),
+    newCreateAuditSuppression,
+
+    -- * Request Lenses
+    createAuditSuppression_description,
+    createAuditSuppression_expirationDate,
+    createAuditSuppression_suppressIndefinitely,
+    createAuditSuppression_checkName,
+    createAuditSuppression_resourceIdentifier,
+    createAuditSuppression_clientRequestToken,
+
+    -- * Destructuring the Response
+    CreateAuditSuppressionResponse (..),
+    newCreateAuditSuppressionResponse,
+
+    -- * Response Lenses
+    createAuditSuppressionResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newCreateAuditSuppression' smart constructor.
+data CreateAuditSuppression = CreateAuditSuppression'
+  { -- | The description of the audit suppression.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | The epoch timestamp in seconds at which this suppression expires.
+    expirationDate :: Prelude.Maybe Data.POSIX,
+    -- | Indicates whether a suppression should exist indefinitely or not.
+    suppressIndefinitely :: Prelude.Maybe Prelude.Bool,
+    checkName :: Prelude.Text,
+    resourceIdentifier :: ResourceIdentifier,
+    -- | Each audit supression must have a unique client request token. If you
+    -- try to create a new audit suppression with the same token as one that
+    -- already exists, an exception occurs. If you omit this value, Amazon Web
+    -- Services SDKs will automatically generate a unique client request.
+    clientRequestToken :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateAuditSuppression' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'description', 'createAuditSuppression_description' - The description of the audit suppression.
+--
+-- 'expirationDate', 'createAuditSuppression_expirationDate' - The epoch timestamp in seconds at which this suppression expires.
+--
+-- 'suppressIndefinitely', 'createAuditSuppression_suppressIndefinitely' - Indicates whether a suppression should exist indefinitely or not.
+--
+-- 'checkName', 'createAuditSuppression_checkName' - Undocumented member.
+--
+-- 'resourceIdentifier', 'createAuditSuppression_resourceIdentifier' - Undocumented member.
+--
+-- 'clientRequestToken', 'createAuditSuppression_clientRequestToken' - Each audit supression must have a unique client request token. If you
+-- try to create a new audit suppression with the same token as one that
+-- already exists, an exception occurs. If you omit this value, Amazon Web
+-- Services SDKs will automatically generate a unique client request.
+newCreateAuditSuppression ::
+  -- | 'checkName'
+  Prelude.Text ->
+  -- | 'resourceIdentifier'
+  ResourceIdentifier ->
+  -- | 'clientRequestToken'
+  Prelude.Text ->
+  CreateAuditSuppression
+newCreateAuditSuppression
+  pCheckName_
+  pResourceIdentifier_
+  pClientRequestToken_ =
+    CreateAuditSuppression'
+      { description =
+          Prelude.Nothing,
+        expirationDate = Prelude.Nothing,
+        suppressIndefinitely = Prelude.Nothing,
+        checkName = pCheckName_,
+        resourceIdentifier = pResourceIdentifier_,
+        clientRequestToken = pClientRequestToken_
+      }
+
+-- | The description of the audit suppression.
+createAuditSuppression_description :: Lens.Lens' CreateAuditSuppression (Prelude.Maybe Prelude.Text)
+createAuditSuppression_description = Lens.lens (\CreateAuditSuppression' {description} -> description) (\s@CreateAuditSuppression' {} a -> s {description = a} :: CreateAuditSuppression)
+
+-- | The epoch timestamp in seconds at which this suppression expires.
+createAuditSuppression_expirationDate :: Lens.Lens' CreateAuditSuppression (Prelude.Maybe Prelude.UTCTime)
+createAuditSuppression_expirationDate = Lens.lens (\CreateAuditSuppression' {expirationDate} -> expirationDate) (\s@CreateAuditSuppression' {} a -> s {expirationDate = a} :: CreateAuditSuppression) Prelude.. Lens.mapping Data._Time
+
+-- | Indicates whether a suppression should exist indefinitely or not.
+createAuditSuppression_suppressIndefinitely :: Lens.Lens' CreateAuditSuppression (Prelude.Maybe Prelude.Bool)
+createAuditSuppression_suppressIndefinitely = Lens.lens (\CreateAuditSuppression' {suppressIndefinitely} -> suppressIndefinitely) (\s@CreateAuditSuppression' {} a -> s {suppressIndefinitely = a} :: CreateAuditSuppression)
+
+-- | Undocumented member.
+createAuditSuppression_checkName :: Lens.Lens' CreateAuditSuppression Prelude.Text
+createAuditSuppression_checkName = Lens.lens (\CreateAuditSuppression' {checkName} -> checkName) (\s@CreateAuditSuppression' {} a -> s {checkName = a} :: CreateAuditSuppression)
+
+-- | Undocumented member.
+createAuditSuppression_resourceIdentifier :: Lens.Lens' CreateAuditSuppression ResourceIdentifier
+createAuditSuppression_resourceIdentifier = Lens.lens (\CreateAuditSuppression' {resourceIdentifier} -> resourceIdentifier) (\s@CreateAuditSuppression' {} a -> s {resourceIdentifier = a} :: CreateAuditSuppression)
+
+-- | Each audit supression must have a unique client request token. If you
+-- try to create a new audit suppression with the same token as one that
+-- already exists, an exception occurs. If you omit this value, Amazon Web
+-- Services SDKs will automatically generate a unique client request.
+createAuditSuppression_clientRequestToken :: Lens.Lens' CreateAuditSuppression Prelude.Text
+createAuditSuppression_clientRequestToken = Lens.lens (\CreateAuditSuppression' {clientRequestToken} -> clientRequestToken) (\s@CreateAuditSuppression' {} a -> s {clientRequestToken = a} :: CreateAuditSuppression)
+
+instance Core.AWSRequest CreateAuditSuppression where
+  type
+    AWSResponse CreateAuditSuppression =
+      CreateAuditSuppressionResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          CreateAuditSuppressionResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreateAuditSuppression where
+  hashWithSalt _salt CreateAuditSuppression' {..} =
+    _salt
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` expirationDate
+      `Prelude.hashWithSalt` suppressIndefinitely
+      `Prelude.hashWithSalt` checkName
+      `Prelude.hashWithSalt` resourceIdentifier
+      `Prelude.hashWithSalt` clientRequestToken
+
+instance Prelude.NFData CreateAuditSuppression where
+  rnf CreateAuditSuppression' {..} =
+    Prelude.rnf description
+      `Prelude.seq` Prelude.rnf expirationDate
+      `Prelude.seq` Prelude.rnf suppressIndefinitely
+      `Prelude.seq` Prelude.rnf checkName
+      `Prelude.seq` Prelude.rnf resourceIdentifier
+      `Prelude.seq` Prelude.rnf clientRequestToken
+
+instance Data.ToHeaders CreateAuditSuppression where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CreateAuditSuppression where
+  toJSON CreateAuditSuppression' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("description" Data..=) Prelude.<$> description,
+            ("expirationDate" Data..=)
+              Prelude.<$> expirationDate,
+            ("suppressIndefinitely" Data..=)
+              Prelude.<$> suppressIndefinitely,
+            Prelude.Just ("checkName" Data..= checkName),
+            Prelude.Just
+              ("resourceIdentifier" Data..= resourceIdentifier),
+            Prelude.Just
+              ("clientRequestToken" Data..= clientRequestToken)
+          ]
+      )
+
+instance Data.ToPath CreateAuditSuppression where
+  toPath = Prelude.const "/audit/suppressions/create"
+
+instance Data.ToQuery CreateAuditSuppression where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateAuditSuppressionResponse' smart constructor.
+data CreateAuditSuppressionResponse = CreateAuditSuppressionResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateAuditSuppressionResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'createAuditSuppressionResponse_httpStatus' - The response's http status code.
+newCreateAuditSuppressionResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateAuditSuppressionResponse
+newCreateAuditSuppressionResponse pHttpStatus_ =
+  CreateAuditSuppressionResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+createAuditSuppressionResponse_httpStatus :: Lens.Lens' CreateAuditSuppressionResponse Prelude.Int
+createAuditSuppressionResponse_httpStatus = Lens.lens (\CreateAuditSuppressionResponse' {httpStatus} -> httpStatus) (\s@CreateAuditSuppressionResponse' {} a -> s {httpStatus = a} :: CreateAuditSuppressionResponse)
+
+instance
+  Prelude.NFData
+    CreateAuditSuppressionResponse
+  where
+  rnf CreateAuditSuppressionResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CreateAuthorizer.hs b/gen/Amazonka/IoT/CreateAuthorizer.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CreateAuthorizer.hs
@@ -0,0 +1,331 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CreateAuthorizer
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates an authorizer.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreateAuthorizer>
+-- action.
+module Amazonka.IoT.CreateAuthorizer
+  ( -- * Creating a Request
+    CreateAuthorizer (..),
+    newCreateAuthorizer,
+
+    -- * Request Lenses
+    createAuthorizer_enableCachingForHttp,
+    createAuthorizer_signingDisabled,
+    createAuthorizer_status,
+    createAuthorizer_tags,
+    createAuthorizer_tokenKeyName,
+    createAuthorizer_tokenSigningPublicKeys,
+    createAuthorizer_authorizerName,
+    createAuthorizer_authorizerFunctionArn,
+
+    -- * Destructuring the Response
+    CreateAuthorizerResponse (..),
+    newCreateAuthorizerResponse,
+
+    -- * Response Lenses
+    createAuthorizerResponse_authorizerArn,
+    createAuthorizerResponse_authorizerName,
+    createAuthorizerResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newCreateAuthorizer' smart constructor.
+data CreateAuthorizer = CreateAuthorizer'
+  { -- | When @true@, the result from the authorizer’s Lambda function is cached
+    -- for clients that use persistent HTTP connections. The results are cached
+    -- for the time specified by the Lambda function in
+    -- @refreshAfterInSeconds@. This value does not affect authorization of
+    -- clients that use MQTT connections.
+    --
+    -- The default value is @false@.
+    enableCachingForHttp :: Prelude.Maybe Prelude.Bool,
+    -- | Specifies whether IoT validates the token signature in an authorization
+    -- request.
+    signingDisabled :: Prelude.Maybe Prelude.Bool,
+    -- | The status of the create authorizer request.
+    status :: Prelude.Maybe AuthorizerStatus,
+    -- | Metadata which can be used to manage the custom authorizer.
+    --
+    -- For URI Request parameters use format: ...key1=value1&key2=value2...
+    --
+    -- For the CLI command-line parameter use format: &&tags
+    -- \"key1=value1&key2=value2...\"
+    --
+    -- For the cli-input-json file use format: \"tags\":
+    -- \"key1=value1&key2=value2...\"
+    tags :: Prelude.Maybe [Tag],
+    -- | The name of the token key used to extract the token from the HTTP
+    -- headers.
+    tokenKeyName :: Prelude.Maybe Prelude.Text,
+    -- | The public keys used to verify the digital signature returned by your
+    -- custom authentication service.
+    tokenSigningPublicKeys :: Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text),
+    -- | The authorizer name.
+    authorizerName :: Prelude.Text,
+    -- | The ARN of the authorizer\'s Lambda function.
+    authorizerFunctionArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateAuthorizer' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'enableCachingForHttp', 'createAuthorizer_enableCachingForHttp' - When @true@, the result from the authorizer’s Lambda function is cached
+-- for clients that use persistent HTTP connections. The results are cached
+-- for the time specified by the Lambda function in
+-- @refreshAfterInSeconds@. This value does not affect authorization of
+-- clients that use MQTT connections.
+--
+-- The default value is @false@.
+--
+-- 'signingDisabled', 'createAuthorizer_signingDisabled' - Specifies whether IoT validates the token signature in an authorization
+-- request.
+--
+-- 'status', 'createAuthorizer_status' - The status of the create authorizer request.
+--
+-- 'tags', 'createAuthorizer_tags' - Metadata which can be used to manage the custom authorizer.
+--
+-- For URI Request parameters use format: ...key1=value1&key2=value2...
+--
+-- For the CLI command-line parameter use format: &&tags
+-- \"key1=value1&key2=value2...\"
+--
+-- For the cli-input-json file use format: \"tags\":
+-- \"key1=value1&key2=value2...\"
+--
+-- 'tokenKeyName', 'createAuthorizer_tokenKeyName' - The name of the token key used to extract the token from the HTTP
+-- headers.
+--
+-- 'tokenSigningPublicKeys', 'createAuthorizer_tokenSigningPublicKeys' - The public keys used to verify the digital signature returned by your
+-- custom authentication service.
+--
+-- 'authorizerName', 'createAuthorizer_authorizerName' - The authorizer name.
+--
+-- 'authorizerFunctionArn', 'createAuthorizer_authorizerFunctionArn' - The ARN of the authorizer\'s Lambda function.
+newCreateAuthorizer ::
+  -- | 'authorizerName'
+  Prelude.Text ->
+  -- | 'authorizerFunctionArn'
+  Prelude.Text ->
+  CreateAuthorizer
+newCreateAuthorizer
+  pAuthorizerName_
+  pAuthorizerFunctionArn_ =
+    CreateAuthorizer'
+      { enableCachingForHttp =
+          Prelude.Nothing,
+        signingDisabled = Prelude.Nothing,
+        status = Prelude.Nothing,
+        tags = Prelude.Nothing,
+        tokenKeyName = Prelude.Nothing,
+        tokenSigningPublicKeys = Prelude.Nothing,
+        authorizerName = pAuthorizerName_,
+        authorizerFunctionArn = pAuthorizerFunctionArn_
+      }
+
+-- | When @true@, the result from the authorizer’s Lambda function is cached
+-- for clients that use persistent HTTP connections. The results are cached
+-- for the time specified by the Lambda function in
+-- @refreshAfterInSeconds@. This value does not affect authorization of
+-- clients that use MQTT connections.
+--
+-- The default value is @false@.
+createAuthorizer_enableCachingForHttp :: Lens.Lens' CreateAuthorizer (Prelude.Maybe Prelude.Bool)
+createAuthorizer_enableCachingForHttp = Lens.lens (\CreateAuthorizer' {enableCachingForHttp} -> enableCachingForHttp) (\s@CreateAuthorizer' {} a -> s {enableCachingForHttp = a} :: CreateAuthorizer)
+
+-- | Specifies whether IoT validates the token signature in an authorization
+-- request.
+createAuthorizer_signingDisabled :: Lens.Lens' CreateAuthorizer (Prelude.Maybe Prelude.Bool)
+createAuthorizer_signingDisabled = Lens.lens (\CreateAuthorizer' {signingDisabled} -> signingDisabled) (\s@CreateAuthorizer' {} a -> s {signingDisabled = a} :: CreateAuthorizer)
+
+-- | The status of the create authorizer request.
+createAuthorizer_status :: Lens.Lens' CreateAuthorizer (Prelude.Maybe AuthorizerStatus)
+createAuthorizer_status = Lens.lens (\CreateAuthorizer' {status} -> status) (\s@CreateAuthorizer' {} a -> s {status = a} :: CreateAuthorizer)
+
+-- | Metadata which can be used to manage the custom authorizer.
+--
+-- For URI Request parameters use format: ...key1=value1&key2=value2...
+--
+-- For the CLI command-line parameter use format: &&tags
+-- \"key1=value1&key2=value2...\"
+--
+-- For the cli-input-json file use format: \"tags\":
+-- \"key1=value1&key2=value2...\"
+createAuthorizer_tags :: Lens.Lens' CreateAuthorizer (Prelude.Maybe [Tag])
+createAuthorizer_tags = Lens.lens (\CreateAuthorizer' {tags} -> tags) (\s@CreateAuthorizer' {} a -> s {tags = a} :: CreateAuthorizer) Prelude.. Lens.mapping Lens.coerced
+
+-- | The name of the token key used to extract the token from the HTTP
+-- headers.
+createAuthorizer_tokenKeyName :: Lens.Lens' CreateAuthorizer (Prelude.Maybe Prelude.Text)
+createAuthorizer_tokenKeyName = Lens.lens (\CreateAuthorizer' {tokenKeyName} -> tokenKeyName) (\s@CreateAuthorizer' {} a -> s {tokenKeyName = a} :: CreateAuthorizer)
+
+-- | The public keys used to verify the digital signature returned by your
+-- custom authentication service.
+createAuthorizer_tokenSigningPublicKeys :: Lens.Lens' CreateAuthorizer (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
+createAuthorizer_tokenSigningPublicKeys = Lens.lens (\CreateAuthorizer' {tokenSigningPublicKeys} -> tokenSigningPublicKeys) (\s@CreateAuthorizer' {} a -> s {tokenSigningPublicKeys = a} :: CreateAuthorizer) Prelude.. Lens.mapping Lens.coerced
+
+-- | The authorizer name.
+createAuthorizer_authorizerName :: Lens.Lens' CreateAuthorizer Prelude.Text
+createAuthorizer_authorizerName = Lens.lens (\CreateAuthorizer' {authorizerName} -> authorizerName) (\s@CreateAuthorizer' {} a -> s {authorizerName = a} :: CreateAuthorizer)
+
+-- | The ARN of the authorizer\'s Lambda function.
+createAuthorizer_authorizerFunctionArn :: Lens.Lens' CreateAuthorizer Prelude.Text
+createAuthorizer_authorizerFunctionArn = Lens.lens (\CreateAuthorizer' {authorizerFunctionArn} -> authorizerFunctionArn) (\s@CreateAuthorizer' {} a -> s {authorizerFunctionArn = a} :: CreateAuthorizer)
+
+instance Core.AWSRequest CreateAuthorizer where
+  type
+    AWSResponse CreateAuthorizer =
+      CreateAuthorizerResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateAuthorizerResponse'
+            Prelude.<$> (x Data..?> "authorizerArn")
+            Prelude.<*> (x Data..?> "authorizerName")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreateAuthorizer where
+  hashWithSalt _salt CreateAuthorizer' {..} =
+    _salt
+      `Prelude.hashWithSalt` enableCachingForHttp
+      `Prelude.hashWithSalt` signingDisabled
+      `Prelude.hashWithSalt` status
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` tokenKeyName
+      `Prelude.hashWithSalt` tokenSigningPublicKeys
+      `Prelude.hashWithSalt` authorizerName
+      `Prelude.hashWithSalt` authorizerFunctionArn
+
+instance Prelude.NFData CreateAuthorizer where
+  rnf CreateAuthorizer' {..} =
+    Prelude.rnf enableCachingForHttp
+      `Prelude.seq` Prelude.rnf signingDisabled
+      `Prelude.seq` Prelude.rnf status
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf tokenKeyName
+      `Prelude.seq` Prelude.rnf tokenSigningPublicKeys
+      `Prelude.seq` Prelude.rnf authorizerName
+      `Prelude.seq` Prelude.rnf authorizerFunctionArn
+
+instance Data.ToHeaders CreateAuthorizer where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CreateAuthorizer where
+  toJSON CreateAuthorizer' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("enableCachingForHttp" Data..=)
+              Prelude.<$> enableCachingForHttp,
+            ("signingDisabled" Data..=)
+              Prelude.<$> signingDisabled,
+            ("status" Data..=) Prelude.<$> status,
+            ("tags" Data..=) Prelude.<$> tags,
+            ("tokenKeyName" Data..=) Prelude.<$> tokenKeyName,
+            ("tokenSigningPublicKeys" Data..=)
+              Prelude.<$> tokenSigningPublicKeys,
+            Prelude.Just
+              ( "authorizerFunctionArn"
+                  Data..= authorizerFunctionArn
+              )
+          ]
+      )
+
+instance Data.ToPath CreateAuthorizer where
+  toPath CreateAuthorizer' {..} =
+    Prelude.mconcat
+      ["/authorizer/", Data.toBS authorizerName]
+
+instance Data.ToQuery CreateAuthorizer where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateAuthorizerResponse' smart constructor.
+data CreateAuthorizerResponse = CreateAuthorizerResponse'
+  { -- | The authorizer ARN.
+    authorizerArn :: Prelude.Maybe Prelude.Text,
+    -- | The authorizer\'s name.
+    authorizerName :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateAuthorizerResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'authorizerArn', 'createAuthorizerResponse_authorizerArn' - The authorizer ARN.
+--
+-- 'authorizerName', 'createAuthorizerResponse_authorizerName' - The authorizer\'s name.
+--
+-- 'httpStatus', 'createAuthorizerResponse_httpStatus' - The response's http status code.
+newCreateAuthorizerResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateAuthorizerResponse
+newCreateAuthorizerResponse pHttpStatus_ =
+  CreateAuthorizerResponse'
+    { authorizerArn =
+        Prelude.Nothing,
+      authorizerName = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The authorizer ARN.
+createAuthorizerResponse_authorizerArn :: Lens.Lens' CreateAuthorizerResponse (Prelude.Maybe Prelude.Text)
+createAuthorizerResponse_authorizerArn = Lens.lens (\CreateAuthorizerResponse' {authorizerArn} -> authorizerArn) (\s@CreateAuthorizerResponse' {} a -> s {authorizerArn = a} :: CreateAuthorizerResponse)
+
+-- | The authorizer\'s name.
+createAuthorizerResponse_authorizerName :: Lens.Lens' CreateAuthorizerResponse (Prelude.Maybe Prelude.Text)
+createAuthorizerResponse_authorizerName = Lens.lens (\CreateAuthorizerResponse' {authorizerName} -> authorizerName) (\s@CreateAuthorizerResponse' {} a -> s {authorizerName = a} :: CreateAuthorizerResponse)
+
+-- | The response's http status code.
+createAuthorizerResponse_httpStatus :: Lens.Lens' CreateAuthorizerResponse Prelude.Int
+createAuthorizerResponse_httpStatus = Lens.lens (\CreateAuthorizerResponse' {httpStatus} -> httpStatus) (\s@CreateAuthorizerResponse' {} a -> s {httpStatus = a} :: CreateAuthorizerResponse)
+
+instance Prelude.NFData CreateAuthorizerResponse where
+  rnf CreateAuthorizerResponse' {..} =
+    Prelude.rnf authorizerArn
+      `Prelude.seq` Prelude.rnf authorizerName
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CreateBillingGroup.hs b/gen/Amazonka/IoT/CreateBillingGroup.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CreateBillingGroup.hs
@@ -0,0 +1,218 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CreateBillingGroup
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a billing group.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreateBillingGroup>
+-- action.
+module Amazonka.IoT.CreateBillingGroup
+  ( -- * Creating a Request
+    CreateBillingGroup (..),
+    newCreateBillingGroup,
+
+    -- * Request Lenses
+    createBillingGroup_billingGroupProperties,
+    createBillingGroup_tags,
+    createBillingGroup_billingGroupName,
+
+    -- * Destructuring the Response
+    CreateBillingGroupResponse (..),
+    newCreateBillingGroupResponse,
+
+    -- * Response Lenses
+    createBillingGroupResponse_billingGroupArn,
+    createBillingGroupResponse_billingGroupId,
+    createBillingGroupResponse_billingGroupName,
+    createBillingGroupResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newCreateBillingGroup' smart constructor.
+data CreateBillingGroup = CreateBillingGroup'
+  { -- | The properties of the billing group.
+    billingGroupProperties :: Prelude.Maybe BillingGroupProperties,
+    -- | Metadata which can be used to manage the billing group.
+    tags :: Prelude.Maybe [Tag],
+    -- | The name you wish to give to the billing group.
+    billingGroupName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateBillingGroup' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'billingGroupProperties', 'createBillingGroup_billingGroupProperties' - The properties of the billing group.
+--
+-- 'tags', 'createBillingGroup_tags' - Metadata which can be used to manage the billing group.
+--
+-- 'billingGroupName', 'createBillingGroup_billingGroupName' - The name you wish to give to the billing group.
+newCreateBillingGroup ::
+  -- | 'billingGroupName'
+  Prelude.Text ->
+  CreateBillingGroup
+newCreateBillingGroup pBillingGroupName_ =
+  CreateBillingGroup'
+    { billingGroupProperties =
+        Prelude.Nothing,
+      tags = Prelude.Nothing,
+      billingGroupName = pBillingGroupName_
+    }
+
+-- | The properties of the billing group.
+createBillingGroup_billingGroupProperties :: Lens.Lens' CreateBillingGroup (Prelude.Maybe BillingGroupProperties)
+createBillingGroup_billingGroupProperties = Lens.lens (\CreateBillingGroup' {billingGroupProperties} -> billingGroupProperties) (\s@CreateBillingGroup' {} a -> s {billingGroupProperties = a} :: CreateBillingGroup)
+
+-- | Metadata which can be used to manage the billing group.
+createBillingGroup_tags :: Lens.Lens' CreateBillingGroup (Prelude.Maybe [Tag])
+createBillingGroup_tags = Lens.lens (\CreateBillingGroup' {tags} -> tags) (\s@CreateBillingGroup' {} a -> s {tags = a} :: CreateBillingGroup) Prelude.. Lens.mapping Lens.coerced
+
+-- | The name you wish to give to the billing group.
+createBillingGroup_billingGroupName :: Lens.Lens' CreateBillingGroup Prelude.Text
+createBillingGroup_billingGroupName = Lens.lens (\CreateBillingGroup' {billingGroupName} -> billingGroupName) (\s@CreateBillingGroup' {} a -> s {billingGroupName = a} :: CreateBillingGroup)
+
+instance Core.AWSRequest CreateBillingGroup where
+  type
+    AWSResponse CreateBillingGroup =
+      CreateBillingGroupResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateBillingGroupResponse'
+            Prelude.<$> (x Data..?> "billingGroupArn")
+            Prelude.<*> (x Data..?> "billingGroupId")
+            Prelude.<*> (x Data..?> "billingGroupName")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreateBillingGroup where
+  hashWithSalt _salt CreateBillingGroup' {..} =
+    _salt
+      `Prelude.hashWithSalt` billingGroupProperties
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` billingGroupName
+
+instance Prelude.NFData CreateBillingGroup where
+  rnf CreateBillingGroup' {..} =
+    Prelude.rnf billingGroupProperties
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf billingGroupName
+
+instance Data.ToHeaders CreateBillingGroup where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CreateBillingGroup where
+  toJSON CreateBillingGroup' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("billingGroupProperties" Data..=)
+              Prelude.<$> billingGroupProperties,
+            ("tags" Data..=) Prelude.<$> tags
+          ]
+      )
+
+instance Data.ToPath CreateBillingGroup where
+  toPath CreateBillingGroup' {..} =
+    Prelude.mconcat
+      ["/billing-groups/", Data.toBS billingGroupName]
+
+instance Data.ToQuery CreateBillingGroup where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateBillingGroupResponse' smart constructor.
+data CreateBillingGroupResponse = CreateBillingGroupResponse'
+  { -- | The ARN of the billing group.
+    billingGroupArn :: Prelude.Maybe Prelude.Text,
+    -- | The ID of the billing group.
+    billingGroupId :: Prelude.Maybe Prelude.Text,
+    -- | The name you gave to the billing group.
+    billingGroupName :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateBillingGroupResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'billingGroupArn', 'createBillingGroupResponse_billingGroupArn' - The ARN of the billing group.
+--
+-- 'billingGroupId', 'createBillingGroupResponse_billingGroupId' - The ID of the billing group.
+--
+-- 'billingGroupName', 'createBillingGroupResponse_billingGroupName' - The name you gave to the billing group.
+--
+-- 'httpStatus', 'createBillingGroupResponse_httpStatus' - The response's http status code.
+newCreateBillingGroupResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateBillingGroupResponse
+newCreateBillingGroupResponse pHttpStatus_ =
+  CreateBillingGroupResponse'
+    { billingGroupArn =
+        Prelude.Nothing,
+      billingGroupId = Prelude.Nothing,
+      billingGroupName = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The ARN of the billing group.
+createBillingGroupResponse_billingGroupArn :: Lens.Lens' CreateBillingGroupResponse (Prelude.Maybe Prelude.Text)
+createBillingGroupResponse_billingGroupArn = Lens.lens (\CreateBillingGroupResponse' {billingGroupArn} -> billingGroupArn) (\s@CreateBillingGroupResponse' {} a -> s {billingGroupArn = a} :: CreateBillingGroupResponse)
+
+-- | The ID of the billing group.
+createBillingGroupResponse_billingGroupId :: Lens.Lens' CreateBillingGroupResponse (Prelude.Maybe Prelude.Text)
+createBillingGroupResponse_billingGroupId = Lens.lens (\CreateBillingGroupResponse' {billingGroupId} -> billingGroupId) (\s@CreateBillingGroupResponse' {} a -> s {billingGroupId = a} :: CreateBillingGroupResponse)
+
+-- | The name you gave to the billing group.
+createBillingGroupResponse_billingGroupName :: Lens.Lens' CreateBillingGroupResponse (Prelude.Maybe Prelude.Text)
+createBillingGroupResponse_billingGroupName = Lens.lens (\CreateBillingGroupResponse' {billingGroupName} -> billingGroupName) (\s@CreateBillingGroupResponse' {} a -> s {billingGroupName = a} :: CreateBillingGroupResponse)
+
+-- | The response's http status code.
+createBillingGroupResponse_httpStatus :: Lens.Lens' CreateBillingGroupResponse Prelude.Int
+createBillingGroupResponse_httpStatus = Lens.lens (\CreateBillingGroupResponse' {httpStatus} -> httpStatus) (\s@CreateBillingGroupResponse' {} a -> s {httpStatus = a} :: CreateBillingGroupResponse)
+
+instance Prelude.NFData CreateBillingGroupResponse where
+  rnf CreateBillingGroupResponse' {..} =
+    Prelude.rnf billingGroupArn
+      `Prelude.seq` Prelude.rnf billingGroupId
+      `Prelude.seq` Prelude.rnf billingGroupName
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CreateCertificateFromCsr.hs b/gen/Amazonka/IoT/CreateCertificateFromCsr.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CreateCertificateFromCsr.hs
@@ -0,0 +1,268 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CreateCertificateFromCsr
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates an X.509 certificate using the specified certificate signing
+-- request.
+--
+-- __Note:__ The CSR must include a public key that is either an RSA key
+-- with a length of at least 2048 bits or an ECC key from NIST P-256, NIST
+-- P-384, or NIST P-512 curves. For supported certificates, consult
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/x509-client-certs.html#x509-cert-algorithms Certificate signing algorithms supported by IoT>.
+--
+-- __Note:__ Reusing the same certificate signing request (CSR) results in
+-- a distinct certificate.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreateCertificateFromCsr>
+-- action.
+--
+-- You can create multiple certificates in a batch by creating a directory,
+-- copying multiple .csr files into that directory, and then specifying
+-- that directory on the command line. The following commands show how to
+-- create a batch of certificates given a batch of CSRs.
+--
+-- Assuming a set of CSRs are located inside of the directory
+-- my-csr-directory:
+--
+-- On Linux and OS X, the command is:
+--
+-- \$ ls my-csr-directory\/ | xargs -I {} aws iot
+-- create-certificate-from-csr --certificate-signing-request
+-- file:\/\/my-csr-directory\/{}
+--
+-- This command lists all of the CSRs in my-csr-directory and pipes each
+-- CSR file name to the aws iot create-certificate-from-csr Amazon Web
+-- Services CLI command to create a certificate for the corresponding CSR.
+--
+-- The aws iot create-certificate-from-csr part of the command can also be
+-- run in parallel to speed up the certificate creation process:
+--
+-- \$ ls my-csr-directory\/ | xargs -P 10 -I {} aws iot
+-- create-certificate-from-csr --certificate-signing-request
+-- file:\/\/my-csr-directory\/{}
+--
+-- On Windows PowerShell, the command to create certificates for all CSRs
+-- in my-csr-directory is:
+--
+-- > ls -Name my-csr-directory | %{aws iot create-certificate-from-csr
+-- --certificate-signing-request file:\/\/my-csr-directory\/$_}
+--
+-- On a Windows command prompt, the command to create certificates for all
+-- CSRs in my-csr-directory is:
+--
+-- > forfiles \/p my-csr-directory \/c \"cmd \/c aws iot
+-- create-certificate-from-csr --certificate-signing-request
+-- file:\/\/\@path\"
+module Amazonka.IoT.CreateCertificateFromCsr
+  ( -- * Creating a Request
+    CreateCertificateFromCsr (..),
+    newCreateCertificateFromCsr,
+
+    -- * Request Lenses
+    createCertificateFromCsr_setAsActive,
+    createCertificateFromCsr_certificateSigningRequest,
+
+    -- * Destructuring the Response
+    CreateCertificateFromCsrResponse (..),
+    newCreateCertificateFromCsrResponse,
+
+    -- * Response Lenses
+    createCertificateFromCsrResponse_certificateArn,
+    createCertificateFromCsrResponse_certificateId,
+    createCertificateFromCsrResponse_certificatePem,
+    createCertificateFromCsrResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the CreateCertificateFromCsr operation.
+--
+-- /See:/ 'newCreateCertificateFromCsr' smart constructor.
+data CreateCertificateFromCsr = CreateCertificateFromCsr'
+  { -- | Specifies whether the certificate is active.
+    setAsActive :: Prelude.Maybe Prelude.Bool,
+    -- | The certificate signing request (CSR).
+    certificateSigningRequest :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateCertificateFromCsr' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'setAsActive', 'createCertificateFromCsr_setAsActive' - Specifies whether the certificate is active.
+--
+-- 'certificateSigningRequest', 'createCertificateFromCsr_certificateSigningRequest' - The certificate signing request (CSR).
+newCreateCertificateFromCsr ::
+  -- | 'certificateSigningRequest'
+  Prelude.Text ->
+  CreateCertificateFromCsr
+newCreateCertificateFromCsr
+  pCertificateSigningRequest_ =
+    CreateCertificateFromCsr'
+      { setAsActive =
+          Prelude.Nothing,
+        certificateSigningRequest =
+          pCertificateSigningRequest_
+      }
+
+-- | Specifies whether the certificate is active.
+createCertificateFromCsr_setAsActive :: Lens.Lens' CreateCertificateFromCsr (Prelude.Maybe Prelude.Bool)
+createCertificateFromCsr_setAsActive = Lens.lens (\CreateCertificateFromCsr' {setAsActive} -> setAsActive) (\s@CreateCertificateFromCsr' {} a -> s {setAsActive = a} :: CreateCertificateFromCsr)
+
+-- | The certificate signing request (CSR).
+createCertificateFromCsr_certificateSigningRequest :: Lens.Lens' CreateCertificateFromCsr Prelude.Text
+createCertificateFromCsr_certificateSigningRequest = Lens.lens (\CreateCertificateFromCsr' {certificateSigningRequest} -> certificateSigningRequest) (\s@CreateCertificateFromCsr' {} a -> s {certificateSigningRequest = a} :: CreateCertificateFromCsr)
+
+instance Core.AWSRequest CreateCertificateFromCsr where
+  type
+    AWSResponse CreateCertificateFromCsr =
+      CreateCertificateFromCsrResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateCertificateFromCsrResponse'
+            Prelude.<$> (x Data..?> "certificateArn")
+            Prelude.<*> (x Data..?> "certificateId")
+            Prelude.<*> (x Data..?> "certificatePem")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreateCertificateFromCsr where
+  hashWithSalt _salt CreateCertificateFromCsr' {..} =
+    _salt
+      `Prelude.hashWithSalt` setAsActive
+      `Prelude.hashWithSalt` certificateSigningRequest
+
+instance Prelude.NFData CreateCertificateFromCsr where
+  rnf CreateCertificateFromCsr' {..} =
+    Prelude.rnf setAsActive
+      `Prelude.seq` Prelude.rnf certificateSigningRequest
+
+instance Data.ToHeaders CreateCertificateFromCsr where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CreateCertificateFromCsr where
+  toJSON CreateCertificateFromCsr' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just
+              ( "certificateSigningRequest"
+                  Data..= certificateSigningRequest
+              )
+          ]
+      )
+
+instance Data.ToPath CreateCertificateFromCsr where
+  toPath = Prelude.const "/certificates"
+
+instance Data.ToQuery CreateCertificateFromCsr where
+  toQuery CreateCertificateFromCsr' {..} =
+    Prelude.mconcat ["setAsActive" Data.=: setAsActive]
+
+-- | The output from the CreateCertificateFromCsr operation.
+--
+-- /See:/ 'newCreateCertificateFromCsrResponse' smart constructor.
+data CreateCertificateFromCsrResponse = CreateCertificateFromCsrResponse'
+  { -- | The Amazon Resource Name (ARN) of the certificate. You can use the ARN
+    -- as a principal for policy operations.
+    certificateArn :: Prelude.Maybe Prelude.Text,
+    -- | The ID of the certificate. Certificate management operations only take a
+    -- certificateId.
+    certificateId :: Prelude.Maybe Prelude.Text,
+    -- | The certificate data, in PEM format.
+    certificatePem :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateCertificateFromCsrResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificateArn', 'createCertificateFromCsrResponse_certificateArn' - The Amazon Resource Name (ARN) of the certificate. You can use the ARN
+-- as a principal for policy operations.
+--
+-- 'certificateId', 'createCertificateFromCsrResponse_certificateId' - The ID of the certificate. Certificate management operations only take a
+-- certificateId.
+--
+-- 'certificatePem', 'createCertificateFromCsrResponse_certificatePem' - The certificate data, in PEM format.
+--
+-- 'httpStatus', 'createCertificateFromCsrResponse_httpStatus' - The response's http status code.
+newCreateCertificateFromCsrResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateCertificateFromCsrResponse
+newCreateCertificateFromCsrResponse pHttpStatus_ =
+  CreateCertificateFromCsrResponse'
+    { certificateArn =
+        Prelude.Nothing,
+      certificateId = Prelude.Nothing,
+      certificatePem = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The Amazon Resource Name (ARN) of the certificate. You can use the ARN
+-- as a principal for policy operations.
+createCertificateFromCsrResponse_certificateArn :: Lens.Lens' CreateCertificateFromCsrResponse (Prelude.Maybe Prelude.Text)
+createCertificateFromCsrResponse_certificateArn = Lens.lens (\CreateCertificateFromCsrResponse' {certificateArn} -> certificateArn) (\s@CreateCertificateFromCsrResponse' {} a -> s {certificateArn = a} :: CreateCertificateFromCsrResponse)
+
+-- | The ID of the certificate. Certificate management operations only take a
+-- certificateId.
+createCertificateFromCsrResponse_certificateId :: Lens.Lens' CreateCertificateFromCsrResponse (Prelude.Maybe Prelude.Text)
+createCertificateFromCsrResponse_certificateId = Lens.lens (\CreateCertificateFromCsrResponse' {certificateId} -> certificateId) (\s@CreateCertificateFromCsrResponse' {} a -> s {certificateId = a} :: CreateCertificateFromCsrResponse)
+
+-- | The certificate data, in PEM format.
+createCertificateFromCsrResponse_certificatePem :: Lens.Lens' CreateCertificateFromCsrResponse (Prelude.Maybe Prelude.Text)
+createCertificateFromCsrResponse_certificatePem = Lens.lens (\CreateCertificateFromCsrResponse' {certificatePem} -> certificatePem) (\s@CreateCertificateFromCsrResponse' {} a -> s {certificatePem = a} :: CreateCertificateFromCsrResponse)
+
+-- | The response's http status code.
+createCertificateFromCsrResponse_httpStatus :: Lens.Lens' CreateCertificateFromCsrResponse Prelude.Int
+createCertificateFromCsrResponse_httpStatus = Lens.lens (\CreateCertificateFromCsrResponse' {httpStatus} -> httpStatus) (\s@CreateCertificateFromCsrResponse' {} a -> s {httpStatus = a} :: CreateCertificateFromCsrResponse)
+
+instance
+  Prelude.NFData
+    CreateCertificateFromCsrResponse
+  where
+  rnf CreateCertificateFromCsrResponse' {..} =
+    Prelude.rnf certificateArn
+      `Prelude.seq` Prelude.rnf certificateId
+      `Prelude.seq` Prelude.rnf certificatePem
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CreateCustomMetric.hs b/gen/Amazonka/IoT/CreateCustomMetric.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CreateCustomMetric.hs
@@ -0,0 +1,278 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CreateCustomMetric
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Use this API to define a Custom Metric published by your devices to
+-- Device Defender.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreateCustomMetric>
+-- action.
+module Amazonka.IoT.CreateCustomMetric
+  ( -- * Creating a Request
+    CreateCustomMetric (..),
+    newCreateCustomMetric,
+
+    -- * Request Lenses
+    createCustomMetric_displayName,
+    createCustomMetric_tags,
+    createCustomMetric_metricName,
+    createCustomMetric_metricType,
+    createCustomMetric_clientRequestToken,
+
+    -- * Destructuring the Response
+    CreateCustomMetricResponse (..),
+    newCreateCustomMetricResponse,
+
+    -- * Response Lenses
+    createCustomMetricResponse_metricArn,
+    createCustomMetricResponse_metricName,
+    createCustomMetricResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newCreateCustomMetric' smart constructor.
+data CreateCustomMetric = CreateCustomMetric'
+  { -- | The friendly name in the console for the custom metric. This name
+    -- doesn\'t have to be unique. Don\'t use this name as the metric
+    -- identifier in the device metric report. You can update the friendly name
+    -- after you define it.
+    displayName :: Prelude.Maybe Prelude.Text,
+    -- | Metadata that can be used to manage the custom metric.
+    tags :: Prelude.Maybe [Tag],
+    -- | The name of the custom metric. This will be used in the metric report
+    -- submitted from the device\/thing. The name can\'t begin with @aws:@. You
+    -- can\'t change the name after you define it.
+    metricName :: Prelude.Text,
+    -- | The type of the custom metric.
+    --
+    -- The type @number@ only takes a single metric value as an input, but when
+    -- you submit the metrics value in the DeviceMetrics report, you must pass
+    -- it as an array with a single value.
+    metricType :: CustomMetricType,
+    -- | Each custom metric must have a unique client request token. If you try
+    -- to create a new custom metric that already exists with a different
+    -- token, an exception occurs. If you omit this value, Amazon Web Services
+    -- SDKs will automatically generate a unique client request.
+    clientRequestToken :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateCustomMetric' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'displayName', 'createCustomMetric_displayName' - The friendly name in the console for the custom metric. This name
+-- doesn\'t have to be unique. Don\'t use this name as the metric
+-- identifier in the device metric report. You can update the friendly name
+-- after you define it.
+--
+-- 'tags', 'createCustomMetric_tags' - Metadata that can be used to manage the custom metric.
+--
+-- 'metricName', 'createCustomMetric_metricName' - The name of the custom metric. This will be used in the metric report
+-- submitted from the device\/thing. The name can\'t begin with @aws:@. You
+-- can\'t change the name after you define it.
+--
+-- 'metricType', 'createCustomMetric_metricType' - The type of the custom metric.
+--
+-- The type @number@ only takes a single metric value as an input, but when
+-- you submit the metrics value in the DeviceMetrics report, you must pass
+-- it as an array with a single value.
+--
+-- 'clientRequestToken', 'createCustomMetric_clientRequestToken' - Each custom metric must have a unique client request token. If you try
+-- to create a new custom metric that already exists with a different
+-- token, an exception occurs. If you omit this value, Amazon Web Services
+-- SDKs will automatically generate a unique client request.
+newCreateCustomMetric ::
+  -- | 'metricName'
+  Prelude.Text ->
+  -- | 'metricType'
+  CustomMetricType ->
+  -- | 'clientRequestToken'
+  Prelude.Text ->
+  CreateCustomMetric
+newCreateCustomMetric
+  pMetricName_
+  pMetricType_
+  pClientRequestToken_ =
+    CreateCustomMetric'
+      { displayName = Prelude.Nothing,
+        tags = Prelude.Nothing,
+        metricName = pMetricName_,
+        metricType = pMetricType_,
+        clientRequestToken = pClientRequestToken_
+      }
+
+-- | The friendly name in the console for the custom metric. This name
+-- doesn\'t have to be unique. Don\'t use this name as the metric
+-- identifier in the device metric report. You can update the friendly name
+-- after you define it.
+createCustomMetric_displayName :: Lens.Lens' CreateCustomMetric (Prelude.Maybe Prelude.Text)
+createCustomMetric_displayName = Lens.lens (\CreateCustomMetric' {displayName} -> displayName) (\s@CreateCustomMetric' {} a -> s {displayName = a} :: CreateCustomMetric)
+
+-- | Metadata that can be used to manage the custom metric.
+createCustomMetric_tags :: Lens.Lens' CreateCustomMetric (Prelude.Maybe [Tag])
+createCustomMetric_tags = Lens.lens (\CreateCustomMetric' {tags} -> tags) (\s@CreateCustomMetric' {} a -> s {tags = a} :: CreateCustomMetric) Prelude.. Lens.mapping Lens.coerced
+
+-- | The name of the custom metric. This will be used in the metric report
+-- submitted from the device\/thing. The name can\'t begin with @aws:@. You
+-- can\'t change the name after you define it.
+createCustomMetric_metricName :: Lens.Lens' CreateCustomMetric Prelude.Text
+createCustomMetric_metricName = Lens.lens (\CreateCustomMetric' {metricName} -> metricName) (\s@CreateCustomMetric' {} a -> s {metricName = a} :: CreateCustomMetric)
+
+-- | The type of the custom metric.
+--
+-- The type @number@ only takes a single metric value as an input, but when
+-- you submit the metrics value in the DeviceMetrics report, you must pass
+-- it as an array with a single value.
+createCustomMetric_metricType :: Lens.Lens' CreateCustomMetric CustomMetricType
+createCustomMetric_metricType = Lens.lens (\CreateCustomMetric' {metricType} -> metricType) (\s@CreateCustomMetric' {} a -> s {metricType = a} :: CreateCustomMetric)
+
+-- | Each custom metric must have a unique client request token. If you try
+-- to create a new custom metric that already exists with a different
+-- token, an exception occurs. If you omit this value, Amazon Web Services
+-- SDKs will automatically generate a unique client request.
+createCustomMetric_clientRequestToken :: Lens.Lens' CreateCustomMetric Prelude.Text
+createCustomMetric_clientRequestToken = Lens.lens (\CreateCustomMetric' {clientRequestToken} -> clientRequestToken) (\s@CreateCustomMetric' {} a -> s {clientRequestToken = a} :: CreateCustomMetric)
+
+instance Core.AWSRequest CreateCustomMetric where
+  type
+    AWSResponse CreateCustomMetric =
+      CreateCustomMetricResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateCustomMetricResponse'
+            Prelude.<$> (x Data..?> "metricArn")
+            Prelude.<*> (x Data..?> "metricName")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreateCustomMetric where
+  hashWithSalt _salt CreateCustomMetric' {..} =
+    _salt
+      `Prelude.hashWithSalt` displayName
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` metricName
+      `Prelude.hashWithSalt` metricType
+      `Prelude.hashWithSalt` clientRequestToken
+
+instance Prelude.NFData CreateCustomMetric where
+  rnf CreateCustomMetric' {..} =
+    Prelude.rnf displayName
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf metricName
+      `Prelude.seq` Prelude.rnf metricType
+      `Prelude.seq` Prelude.rnf clientRequestToken
+
+instance Data.ToHeaders CreateCustomMetric where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CreateCustomMetric where
+  toJSON CreateCustomMetric' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("displayName" Data..=) Prelude.<$> displayName,
+            ("tags" Data..=) Prelude.<$> tags,
+            Prelude.Just ("metricType" Data..= metricType),
+            Prelude.Just
+              ("clientRequestToken" Data..= clientRequestToken)
+          ]
+      )
+
+instance Data.ToPath CreateCustomMetric where
+  toPath CreateCustomMetric' {..} =
+    Prelude.mconcat
+      ["/custom-metric/", Data.toBS metricName]
+
+instance Data.ToQuery CreateCustomMetric where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateCustomMetricResponse' smart constructor.
+data CreateCustomMetricResponse = CreateCustomMetricResponse'
+  { -- | The Amazon Resource Number (ARN) of the custom metric. For example,
+    -- @arn:@/@aws-partition@/@:iot:@/@region@/@:@/@accountId@/@:custommetric\/@/@metricName@/@ @
+    metricArn :: Prelude.Maybe Prelude.Text,
+    -- | The name of the custom metric to be used in the metric report.
+    metricName :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateCustomMetricResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'metricArn', 'createCustomMetricResponse_metricArn' - The Amazon Resource Number (ARN) of the custom metric. For example,
+-- @arn:@/@aws-partition@/@:iot:@/@region@/@:@/@accountId@/@:custommetric\/@/@metricName@/@ @
+--
+-- 'metricName', 'createCustomMetricResponse_metricName' - The name of the custom metric to be used in the metric report.
+--
+-- 'httpStatus', 'createCustomMetricResponse_httpStatus' - The response's http status code.
+newCreateCustomMetricResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateCustomMetricResponse
+newCreateCustomMetricResponse pHttpStatus_ =
+  CreateCustomMetricResponse'
+    { metricArn =
+        Prelude.Nothing,
+      metricName = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The Amazon Resource Number (ARN) of the custom metric. For example,
+-- @arn:@/@aws-partition@/@:iot:@/@region@/@:@/@accountId@/@:custommetric\/@/@metricName@/@ @
+createCustomMetricResponse_metricArn :: Lens.Lens' CreateCustomMetricResponse (Prelude.Maybe Prelude.Text)
+createCustomMetricResponse_metricArn = Lens.lens (\CreateCustomMetricResponse' {metricArn} -> metricArn) (\s@CreateCustomMetricResponse' {} a -> s {metricArn = a} :: CreateCustomMetricResponse)
+
+-- | The name of the custom metric to be used in the metric report.
+createCustomMetricResponse_metricName :: Lens.Lens' CreateCustomMetricResponse (Prelude.Maybe Prelude.Text)
+createCustomMetricResponse_metricName = Lens.lens (\CreateCustomMetricResponse' {metricName} -> metricName) (\s@CreateCustomMetricResponse' {} a -> s {metricName = a} :: CreateCustomMetricResponse)
+
+-- | The response's http status code.
+createCustomMetricResponse_httpStatus :: Lens.Lens' CreateCustomMetricResponse Prelude.Int
+createCustomMetricResponse_httpStatus = Lens.lens (\CreateCustomMetricResponse' {httpStatus} -> httpStatus) (\s@CreateCustomMetricResponse' {} a -> s {httpStatus = a} :: CreateCustomMetricResponse)
+
+instance Prelude.NFData CreateCustomMetricResponse where
+  rnf CreateCustomMetricResponse' {..} =
+    Prelude.rnf metricArn
+      `Prelude.seq` Prelude.rnf metricName
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CreateDimension.hs b/gen/Amazonka/IoT/CreateDimension.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CreateDimension.hs
@@ -0,0 +1,261 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CreateDimension
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Create a dimension that you can use to limit the scope of a metric used
+-- in a security profile for IoT Device Defender. For example, using a
+-- @TOPIC_FILTER@ dimension, you can narrow down the scope of the metric
+-- only to MQTT topics whose name match the pattern specified in the
+-- dimension.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreateDimension>
+-- action.
+module Amazonka.IoT.CreateDimension
+  ( -- * Creating a Request
+    CreateDimension (..),
+    newCreateDimension,
+
+    -- * Request Lenses
+    createDimension_tags,
+    createDimension_name,
+    createDimension_type,
+    createDimension_stringValues,
+    createDimension_clientRequestToken,
+
+    -- * Destructuring the Response
+    CreateDimensionResponse (..),
+    newCreateDimensionResponse,
+
+    -- * Response Lenses
+    createDimensionResponse_arn,
+    createDimensionResponse_name,
+    createDimensionResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newCreateDimension' smart constructor.
+data CreateDimension = CreateDimension'
+  { -- | Metadata that can be used to manage the dimension.
+    tags :: Prelude.Maybe [Tag],
+    -- | A unique identifier for the dimension. Choose something that describes
+    -- the type and value to make it easy to remember what it does.
+    name :: Prelude.Text,
+    -- | Specifies the type of dimension. Supported types: @TOPIC_FILTER.@
+    type' :: DimensionType,
+    -- | Specifies the value or list of values for the dimension. For
+    -- @TOPIC_FILTER@ dimensions, this is a pattern used to match the MQTT
+    -- topic (for example, \"admin\/#\").
+    stringValues :: Prelude.NonEmpty Prelude.Text,
+    -- | Each dimension must have a unique client request token. If you try to
+    -- create a new dimension with the same token as a dimension that already
+    -- exists, an exception occurs. If you omit this value, Amazon Web Services
+    -- SDKs will automatically generate a unique client request.
+    clientRequestToken :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateDimension' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'tags', 'createDimension_tags' - Metadata that can be used to manage the dimension.
+--
+-- 'name', 'createDimension_name' - A unique identifier for the dimension. Choose something that describes
+-- the type and value to make it easy to remember what it does.
+--
+-- 'type'', 'createDimension_type' - Specifies the type of dimension. Supported types: @TOPIC_FILTER.@
+--
+-- 'stringValues', 'createDimension_stringValues' - Specifies the value or list of values for the dimension. For
+-- @TOPIC_FILTER@ dimensions, this is a pattern used to match the MQTT
+-- topic (for example, \"admin\/#\").
+--
+-- 'clientRequestToken', 'createDimension_clientRequestToken' - Each dimension must have a unique client request token. If you try to
+-- create a new dimension with the same token as a dimension that already
+-- exists, an exception occurs. If you omit this value, Amazon Web Services
+-- SDKs will automatically generate a unique client request.
+newCreateDimension ::
+  -- | 'name'
+  Prelude.Text ->
+  -- | 'type''
+  DimensionType ->
+  -- | 'stringValues'
+  Prelude.NonEmpty Prelude.Text ->
+  -- | 'clientRequestToken'
+  Prelude.Text ->
+  CreateDimension
+newCreateDimension
+  pName_
+  pType_
+  pStringValues_
+  pClientRequestToken_ =
+    CreateDimension'
+      { tags = Prelude.Nothing,
+        name = pName_,
+        type' = pType_,
+        stringValues = Lens.coerced Lens.# pStringValues_,
+        clientRequestToken = pClientRequestToken_
+      }
+
+-- | Metadata that can be used to manage the dimension.
+createDimension_tags :: Lens.Lens' CreateDimension (Prelude.Maybe [Tag])
+createDimension_tags = Lens.lens (\CreateDimension' {tags} -> tags) (\s@CreateDimension' {} a -> s {tags = a} :: CreateDimension) Prelude.. Lens.mapping Lens.coerced
+
+-- | A unique identifier for the dimension. Choose something that describes
+-- the type and value to make it easy to remember what it does.
+createDimension_name :: Lens.Lens' CreateDimension Prelude.Text
+createDimension_name = Lens.lens (\CreateDimension' {name} -> name) (\s@CreateDimension' {} a -> s {name = a} :: CreateDimension)
+
+-- | Specifies the type of dimension. Supported types: @TOPIC_FILTER.@
+createDimension_type :: Lens.Lens' CreateDimension DimensionType
+createDimension_type = Lens.lens (\CreateDimension' {type'} -> type') (\s@CreateDimension' {} a -> s {type' = a} :: CreateDimension)
+
+-- | Specifies the value or list of values for the dimension. For
+-- @TOPIC_FILTER@ dimensions, this is a pattern used to match the MQTT
+-- topic (for example, \"admin\/#\").
+createDimension_stringValues :: Lens.Lens' CreateDimension (Prelude.NonEmpty Prelude.Text)
+createDimension_stringValues = Lens.lens (\CreateDimension' {stringValues} -> stringValues) (\s@CreateDimension' {} a -> s {stringValues = a} :: CreateDimension) Prelude.. Lens.coerced
+
+-- | Each dimension must have a unique client request token. If you try to
+-- create a new dimension with the same token as a dimension that already
+-- exists, an exception occurs. If you omit this value, Amazon Web Services
+-- SDKs will automatically generate a unique client request.
+createDimension_clientRequestToken :: Lens.Lens' CreateDimension Prelude.Text
+createDimension_clientRequestToken = Lens.lens (\CreateDimension' {clientRequestToken} -> clientRequestToken) (\s@CreateDimension' {} a -> s {clientRequestToken = a} :: CreateDimension)
+
+instance Core.AWSRequest CreateDimension where
+  type
+    AWSResponse CreateDimension =
+      CreateDimensionResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateDimensionResponse'
+            Prelude.<$> (x Data..?> "arn")
+            Prelude.<*> (x Data..?> "name")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreateDimension where
+  hashWithSalt _salt CreateDimension' {..} =
+    _salt
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` name
+      `Prelude.hashWithSalt` type'
+      `Prelude.hashWithSalt` stringValues
+      `Prelude.hashWithSalt` clientRequestToken
+
+instance Prelude.NFData CreateDimension where
+  rnf CreateDimension' {..} =
+    Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf name
+      `Prelude.seq` Prelude.rnf type'
+      `Prelude.seq` Prelude.rnf stringValues
+      `Prelude.seq` Prelude.rnf clientRequestToken
+
+instance Data.ToHeaders CreateDimension where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CreateDimension where
+  toJSON CreateDimension' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("tags" Data..=) Prelude.<$> tags,
+            Prelude.Just ("type" Data..= type'),
+            Prelude.Just ("stringValues" Data..= stringValues),
+            Prelude.Just
+              ("clientRequestToken" Data..= clientRequestToken)
+          ]
+      )
+
+instance Data.ToPath CreateDimension where
+  toPath CreateDimension' {..} =
+    Prelude.mconcat ["/dimensions/", Data.toBS name]
+
+instance Data.ToQuery CreateDimension where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateDimensionResponse' smart constructor.
+data CreateDimensionResponse = CreateDimensionResponse'
+  { -- | The Amazon Resource Name (ARN) of the created dimension.
+    arn :: Prelude.Maybe Prelude.Text,
+    -- | A unique identifier for the dimension.
+    name :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateDimensionResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'arn', 'createDimensionResponse_arn' - The Amazon Resource Name (ARN) of the created dimension.
+--
+-- 'name', 'createDimensionResponse_name' - A unique identifier for the dimension.
+--
+-- 'httpStatus', 'createDimensionResponse_httpStatus' - The response's http status code.
+newCreateDimensionResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateDimensionResponse
+newCreateDimensionResponse pHttpStatus_ =
+  CreateDimensionResponse'
+    { arn = Prelude.Nothing,
+      name = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The Amazon Resource Name (ARN) of the created dimension.
+createDimensionResponse_arn :: Lens.Lens' CreateDimensionResponse (Prelude.Maybe Prelude.Text)
+createDimensionResponse_arn = Lens.lens (\CreateDimensionResponse' {arn} -> arn) (\s@CreateDimensionResponse' {} a -> s {arn = a} :: CreateDimensionResponse)
+
+-- | A unique identifier for the dimension.
+createDimensionResponse_name :: Lens.Lens' CreateDimensionResponse (Prelude.Maybe Prelude.Text)
+createDimensionResponse_name = Lens.lens (\CreateDimensionResponse' {name} -> name) (\s@CreateDimensionResponse' {} a -> s {name = a} :: CreateDimensionResponse)
+
+-- | The response's http status code.
+createDimensionResponse_httpStatus :: Lens.Lens' CreateDimensionResponse Prelude.Int
+createDimensionResponse_httpStatus = Lens.lens (\CreateDimensionResponse' {httpStatus} -> httpStatus) (\s@CreateDimensionResponse' {} a -> s {httpStatus = a} :: CreateDimensionResponse)
+
+instance Prelude.NFData CreateDimensionResponse where
+  rnf CreateDimensionResponse' {..} =
+    Prelude.rnf arn
+      `Prelude.seq` Prelude.rnf name
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CreateDomainConfiguration.hs b/gen/Amazonka/IoT/CreateDomainConfiguration.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CreateDomainConfiguration.hs
@@ -0,0 +1,319 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CreateDomainConfiguration
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a domain configuration.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreateDomainConfiguration>
+-- action.
+module Amazonka.IoT.CreateDomainConfiguration
+  ( -- * Creating a Request
+    CreateDomainConfiguration (..),
+    newCreateDomainConfiguration,
+
+    -- * Request Lenses
+    createDomainConfiguration_authorizerConfig,
+    createDomainConfiguration_domainName,
+    createDomainConfiguration_serverCertificateArns,
+    createDomainConfiguration_serviceType,
+    createDomainConfiguration_tags,
+    createDomainConfiguration_validationCertificateArn,
+    createDomainConfiguration_domainConfigurationName,
+
+    -- * Destructuring the Response
+    CreateDomainConfigurationResponse (..),
+    newCreateDomainConfigurationResponse,
+
+    -- * Response Lenses
+    createDomainConfigurationResponse_domainConfigurationArn,
+    createDomainConfigurationResponse_domainConfigurationName,
+    createDomainConfigurationResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newCreateDomainConfiguration' smart constructor.
+data CreateDomainConfiguration = CreateDomainConfiguration'
+  { -- | An object that specifies the authorization service for a domain.
+    authorizerConfig :: Prelude.Maybe AuthorizerConfig,
+    -- | The name of the domain.
+    domainName :: Prelude.Maybe Prelude.Text,
+    -- | The ARNs of the certificates that IoT passes to the device during the
+    -- TLS handshake. Currently you can specify only one certificate ARN. This
+    -- value is not required for Amazon Web Services-managed domains.
+    serverCertificateArns :: Prelude.Maybe [Prelude.Text],
+    -- | The type of service delivered by the endpoint.
+    --
+    -- Amazon Web Services IoT Core currently supports only the @DATA@ service
+    -- type.
+    serviceType :: Prelude.Maybe ServiceType,
+    -- | Metadata which can be used to manage the domain configuration.
+    --
+    -- For URI Request parameters use format: ...key1=value1&key2=value2...
+    --
+    -- For the CLI command-line parameter use format: &&tags
+    -- \"key1=value1&key2=value2...\"
+    --
+    -- For the cli-input-json file use format: \"tags\":
+    -- \"key1=value1&key2=value2...\"
+    tags :: Prelude.Maybe [Tag],
+    -- | The certificate used to validate the server certificate and prove domain
+    -- name ownership. This certificate must be signed by a public certificate
+    -- authority. This value is not required for Amazon Web Services-managed
+    -- domains.
+    validationCertificateArn :: Prelude.Maybe Prelude.Text,
+    -- | The name of the domain configuration. This value must be unique to a
+    -- region.
+    domainConfigurationName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateDomainConfiguration' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'authorizerConfig', 'createDomainConfiguration_authorizerConfig' - An object that specifies the authorization service for a domain.
+--
+-- 'domainName', 'createDomainConfiguration_domainName' - The name of the domain.
+--
+-- 'serverCertificateArns', 'createDomainConfiguration_serverCertificateArns' - The ARNs of the certificates that IoT passes to the device during the
+-- TLS handshake. Currently you can specify only one certificate ARN. This
+-- value is not required for Amazon Web Services-managed domains.
+--
+-- 'serviceType', 'createDomainConfiguration_serviceType' - The type of service delivered by the endpoint.
+--
+-- Amazon Web Services IoT Core currently supports only the @DATA@ service
+-- type.
+--
+-- 'tags', 'createDomainConfiguration_tags' - Metadata which can be used to manage the domain configuration.
+--
+-- For URI Request parameters use format: ...key1=value1&key2=value2...
+--
+-- For the CLI command-line parameter use format: &&tags
+-- \"key1=value1&key2=value2...\"
+--
+-- For the cli-input-json file use format: \"tags\":
+-- \"key1=value1&key2=value2...\"
+--
+-- 'validationCertificateArn', 'createDomainConfiguration_validationCertificateArn' - The certificate used to validate the server certificate and prove domain
+-- name ownership. This certificate must be signed by a public certificate
+-- authority. This value is not required for Amazon Web Services-managed
+-- domains.
+--
+-- 'domainConfigurationName', 'createDomainConfiguration_domainConfigurationName' - The name of the domain configuration. This value must be unique to a
+-- region.
+newCreateDomainConfiguration ::
+  -- | 'domainConfigurationName'
+  Prelude.Text ->
+  CreateDomainConfiguration
+newCreateDomainConfiguration
+  pDomainConfigurationName_ =
+    CreateDomainConfiguration'
+      { authorizerConfig =
+          Prelude.Nothing,
+        domainName = Prelude.Nothing,
+        serverCertificateArns = Prelude.Nothing,
+        serviceType = Prelude.Nothing,
+        tags = Prelude.Nothing,
+        validationCertificateArn = Prelude.Nothing,
+        domainConfigurationName =
+          pDomainConfigurationName_
+      }
+
+-- | An object that specifies the authorization service for a domain.
+createDomainConfiguration_authorizerConfig :: Lens.Lens' CreateDomainConfiguration (Prelude.Maybe AuthorizerConfig)
+createDomainConfiguration_authorizerConfig = Lens.lens (\CreateDomainConfiguration' {authorizerConfig} -> authorizerConfig) (\s@CreateDomainConfiguration' {} a -> s {authorizerConfig = a} :: CreateDomainConfiguration)
+
+-- | The name of the domain.
+createDomainConfiguration_domainName :: Lens.Lens' CreateDomainConfiguration (Prelude.Maybe Prelude.Text)
+createDomainConfiguration_domainName = Lens.lens (\CreateDomainConfiguration' {domainName} -> domainName) (\s@CreateDomainConfiguration' {} a -> s {domainName = a} :: CreateDomainConfiguration)
+
+-- | The ARNs of the certificates that IoT passes to the device during the
+-- TLS handshake. Currently you can specify only one certificate ARN. This
+-- value is not required for Amazon Web Services-managed domains.
+createDomainConfiguration_serverCertificateArns :: Lens.Lens' CreateDomainConfiguration (Prelude.Maybe [Prelude.Text])
+createDomainConfiguration_serverCertificateArns = Lens.lens (\CreateDomainConfiguration' {serverCertificateArns} -> serverCertificateArns) (\s@CreateDomainConfiguration' {} a -> s {serverCertificateArns = a} :: CreateDomainConfiguration) Prelude.. Lens.mapping Lens.coerced
+
+-- | The type of service delivered by the endpoint.
+--
+-- Amazon Web Services IoT Core currently supports only the @DATA@ service
+-- type.
+createDomainConfiguration_serviceType :: Lens.Lens' CreateDomainConfiguration (Prelude.Maybe ServiceType)
+createDomainConfiguration_serviceType = Lens.lens (\CreateDomainConfiguration' {serviceType} -> serviceType) (\s@CreateDomainConfiguration' {} a -> s {serviceType = a} :: CreateDomainConfiguration)
+
+-- | Metadata which can be used to manage the domain configuration.
+--
+-- For URI Request parameters use format: ...key1=value1&key2=value2...
+--
+-- For the CLI command-line parameter use format: &&tags
+-- \"key1=value1&key2=value2...\"
+--
+-- For the cli-input-json file use format: \"tags\":
+-- \"key1=value1&key2=value2...\"
+createDomainConfiguration_tags :: Lens.Lens' CreateDomainConfiguration (Prelude.Maybe [Tag])
+createDomainConfiguration_tags = Lens.lens (\CreateDomainConfiguration' {tags} -> tags) (\s@CreateDomainConfiguration' {} a -> s {tags = a} :: CreateDomainConfiguration) Prelude.. Lens.mapping Lens.coerced
+
+-- | The certificate used to validate the server certificate and prove domain
+-- name ownership. This certificate must be signed by a public certificate
+-- authority. This value is not required for Amazon Web Services-managed
+-- domains.
+createDomainConfiguration_validationCertificateArn :: Lens.Lens' CreateDomainConfiguration (Prelude.Maybe Prelude.Text)
+createDomainConfiguration_validationCertificateArn = Lens.lens (\CreateDomainConfiguration' {validationCertificateArn} -> validationCertificateArn) (\s@CreateDomainConfiguration' {} a -> s {validationCertificateArn = a} :: CreateDomainConfiguration)
+
+-- | The name of the domain configuration. This value must be unique to a
+-- region.
+createDomainConfiguration_domainConfigurationName :: Lens.Lens' CreateDomainConfiguration Prelude.Text
+createDomainConfiguration_domainConfigurationName = Lens.lens (\CreateDomainConfiguration' {domainConfigurationName} -> domainConfigurationName) (\s@CreateDomainConfiguration' {} a -> s {domainConfigurationName = a} :: CreateDomainConfiguration)
+
+instance Core.AWSRequest CreateDomainConfiguration where
+  type
+    AWSResponse CreateDomainConfiguration =
+      CreateDomainConfigurationResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateDomainConfigurationResponse'
+            Prelude.<$> (x Data..?> "domainConfigurationArn")
+            Prelude.<*> (x Data..?> "domainConfigurationName")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreateDomainConfiguration where
+  hashWithSalt _salt CreateDomainConfiguration' {..} =
+    _salt
+      `Prelude.hashWithSalt` authorizerConfig
+      `Prelude.hashWithSalt` domainName
+      `Prelude.hashWithSalt` serverCertificateArns
+      `Prelude.hashWithSalt` serviceType
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` validationCertificateArn
+      `Prelude.hashWithSalt` domainConfigurationName
+
+instance Prelude.NFData CreateDomainConfiguration where
+  rnf CreateDomainConfiguration' {..} =
+    Prelude.rnf authorizerConfig
+      `Prelude.seq` Prelude.rnf domainName
+      `Prelude.seq` Prelude.rnf serverCertificateArns
+      `Prelude.seq` Prelude.rnf serviceType
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf validationCertificateArn
+      `Prelude.seq` Prelude.rnf domainConfigurationName
+
+instance Data.ToHeaders CreateDomainConfiguration where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CreateDomainConfiguration where
+  toJSON CreateDomainConfiguration' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("authorizerConfig" Data..=)
+              Prelude.<$> authorizerConfig,
+            ("domainName" Data..=) Prelude.<$> domainName,
+            ("serverCertificateArns" Data..=)
+              Prelude.<$> serverCertificateArns,
+            ("serviceType" Data..=) Prelude.<$> serviceType,
+            ("tags" Data..=) Prelude.<$> tags,
+            ("validationCertificateArn" Data..=)
+              Prelude.<$> validationCertificateArn
+          ]
+      )
+
+instance Data.ToPath CreateDomainConfiguration where
+  toPath CreateDomainConfiguration' {..} =
+    Prelude.mconcat
+      [ "/domainConfigurations/",
+        Data.toBS domainConfigurationName
+      ]
+
+instance Data.ToQuery CreateDomainConfiguration where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateDomainConfigurationResponse' smart constructor.
+data CreateDomainConfigurationResponse = CreateDomainConfigurationResponse'
+  { -- | The ARN of the domain configuration.
+    domainConfigurationArn :: Prelude.Maybe Prelude.Text,
+    -- | The name of the domain configuration.
+    domainConfigurationName :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateDomainConfigurationResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'domainConfigurationArn', 'createDomainConfigurationResponse_domainConfigurationArn' - The ARN of the domain configuration.
+--
+-- 'domainConfigurationName', 'createDomainConfigurationResponse_domainConfigurationName' - The name of the domain configuration.
+--
+-- 'httpStatus', 'createDomainConfigurationResponse_httpStatus' - The response's http status code.
+newCreateDomainConfigurationResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateDomainConfigurationResponse
+newCreateDomainConfigurationResponse pHttpStatus_ =
+  CreateDomainConfigurationResponse'
+    { domainConfigurationArn =
+        Prelude.Nothing,
+      domainConfigurationName =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The ARN of the domain configuration.
+createDomainConfigurationResponse_domainConfigurationArn :: Lens.Lens' CreateDomainConfigurationResponse (Prelude.Maybe Prelude.Text)
+createDomainConfigurationResponse_domainConfigurationArn = Lens.lens (\CreateDomainConfigurationResponse' {domainConfigurationArn} -> domainConfigurationArn) (\s@CreateDomainConfigurationResponse' {} a -> s {domainConfigurationArn = a} :: CreateDomainConfigurationResponse)
+
+-- | The name of the domain configuration.
+createDomainConfigurationResponse_domainConfigurationName :: Lens.Lens' CreateDomainConfigurationResponse (Prelude.Maybe Prelude.Text)
+createDomainConfigurationResponse_domainConfigurationName = Lens.lens (\CreateDomainConfigurationResponse' {domainConfigurationName} -> domainConfigurationName) (\s@CreateDomainConfigurationResponse' {} a -> s {domainConfigurationName = a} :: CreateDomainConfigurationResponse)
+
+-- | The response's http status code.
+createDomainConfigurationResponse_httpStatus :: Lens.Lens' CreateDomainConfigurationResponse Prelude.Int
+createDomainConfigurationResponse_httpStatus = Lens.lens (\CreateDomainConfigurationResponse' {httpStatus} -> httpStatus) (\s@CreateDomainConfigurationResponse' {} a -> s {httpStatus = a} :: CreateDomainConfigurationResponse)
+
+instance
+  Prelude.NFData
+    CreateDomainConfigurationResponse
+  where
+  rnf CreateDomainConfigurationResponse' {..} =
+    Prelude.rnf domainConfigurationArn
+      `Prelude.seq` Prelude.rnf domainConfigurationName
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CreateDynamicThingGroup.hs b/gen/Amazonka/IoT/CreateDynamicThingGroup.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CreateDynamicThingGroup.hs
@@ -0,0 +1,327 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CreateDynamicThingGroup
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a dynamic thing group.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreateDynamicThingGroup>
+-- action.
+module Amazonka.IoT.CreateDynamicThingGroup
+  ( -- * Creating a Request
+    CreateDynamicThingGroup (..),
+    newCreateDynamicThingGroup,
+
+    -- * Request Lenses
+    createDynamicThingGroup_indexName,
+    createDynamicThingGroup_queryVersion,
+    createDynamicThingGroup_tags,
+    createDynamicThingGroup_thingGroupProperties,
+    createDynamicThingGroup_thingGroupName,
+    createDynamicThingGroup_queryString,
+
+    -- * Destructuring the Response
+    CreateDynamicThingGroupResponse (..),
+    newCreateDynamicThingGroupResponse,
+
+    -- * Response Lenses
+    createDynamicThingGroupResponse_indexName,
+    createDynamicThingGroupResponse_queryString,
+    createDynamicThingGroupResponse_queryVersion,
+    createDynamicThingGroupResponse_thingGroupArn,
+    createDynamicThingGroupResponse_thingGroupId,
+    createDynamicThingGroupResponse_thingGroupName,
+    createDynamicThingGroupResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newCreateDynamicThingGroup' smart constructor.
+data CreateDynamicThingGroup = CreateDynamicThingGroup'
+  { -- | The dynamic thing group index name.
+    --
+    -- Currently one index is supported: @AWS_Things@.
+    indexName :: Prelude.Maybe Prelude.Text,
+    -- | The dynamic thing group query version.
+    --
+    -- Currently one query version is supported: \"2017-09-30\". If not
+    -- specified, the query version defaults to this value.
+    queryVersion :: Prelude.Maybe Prelude.Text,
+    -- | Metadata which can be used to manage the dynamic thing group.
+    tags :: Prelude.Maybe [Tag],
+    -- | The dynamic thing group properties.
+    thingGroupProperties :: Prelude.Maybe ThingGroupProperties,
+    -- | The dynamic thing group name to create.
+    thingGroupName :: Prelude.Text,
+    -- | The dynamic thing group search query string.
+    --
+    -- See
+    -- <https://docs.aws.amazon.com/iot/latest/developerguide/query-syntax.html Query Syntax>
+    -- for information about query string syntax.
+    queryString :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateDynamicThingGroup' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'indexName', 'createDynamicThingGroup_indexName' - The dynamic thing group index name.
+--
+-- Currently one index is supported: @AWS_Things@.
+--
+-- 'queryVersion', 'createDynamicThingGroup_queryVersion' - The dynamic thing group query version.
+--
+-- Currently one query version is supported: \"2017-09-30\". If not
+-- specified, the query version defaults to this value.
+--
+-- 'tags', 'createDynamicThingGroup_tags' - Metadata which can be used to manage the dynamic thing group.
+--
+-- 'thingGroupProperties', 'createDynamicThingGroup_thingGroupProperties' - The dynamic thing group properties.
+--
+-- 'thingGroupName', 'createDynamicThingGroup_thingGroupName' - The dynamic thing group name to create.
+--
+-- 'queryString', 'createDynamicThingGroup_queryString' - The dynamic thing group search query string.
+--
+-- See
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/query-syntax.html Query Syntax>
+-- for information about query string syntax.
+newCreateDynamicThingGroup ::
+  -- | 'thingGroupName'
+  Prelude.Text ->
+  -- | 'queryString'
+  Prelude.Text ->
+  CreateDynamicThingGroup
+newCreateDynamicThingGroup
+  pThingGroupName_
+  pQueryString_ =
+    CreateDynamicThingGroup'
+      { indexName =
+          Prelude.Nothing,
+        queryVersion = Prelude.Nothing,
+        tags = Prelude.Nothing,
+        thingGroupProperties = Prelude.Nothing,
+        thingGroupName = pThingGroupName_,
+        queryString = pQueryString_
+      }
+
+-- | The dynamic thing group index name.
+--
+-- Currently one index is supported: @AWS_Things@.
+createDynamicThingGroup_indexName :: Lens.Lens' CreateDynamicThingGroup (Prelude.Maybe Prelude.Text)
+createDynamicThingGroup_indexName = Lens.lens (\CreateDynamicThingGroup' {indexName} -> indexName) (\s@CreateDynamicThingGroup' {} a -> s {indexName = a} :: CreateDynamicThingGroup)
+
+-- | The dynamic thing group query version.
+--
+-- Currently one query version is supported: \"2017-09-30\". If not
+-- specified, the query version defaults to this value.
+createDynamicThingGroup_queryVersion :: Lens.Lens' CreateDynamicThingGroup (Prelude.Maybe Prelude.Text)
+createDynamicThingGroup_queryVersion = Lens.lens (\CreateDynamicThingGroup' {queryVersion} -> queryVersion) (\s@CreateDynamicThingGroup' {} a -> s {queryVersion = a} :: CreateDynamicThingGroup)
+
+-- | Metadata which can be used to manage the dynamic thing group.
+createDynamicThingGroup_tags :: Lens.Lens' CreateDynamicThingGroup (Prelude.Maybe [Tag])
+createDynamicThingGroup_tags = Lens.lens (\CreateDynamicThingGroup' {tags} -> tags) (\s@CreateDynamicThingGroup' {} a -> s {tags = a} :: CreateDynamicThingGroup) Prelude.. Lens.mapping Lens.coerced
+
+-- | The dynamic thing group properties.
+createDynamicThingGroup_thingGroupProperties :: Lens.Lens' CreateDynamicThingGroup (Prelude.Maybe ThingGroupProperties)
+createDynamicThingGroup_thingGroupProperties = Lens.lens (\CreateDynamicThingGroup' {thingGroupProperties} -> thingGroupProperties) (\s@CreateDynamicThingGroup' {} a -> s {thingGroupProperties = a} :: CreateDynamicThingGroup)
+
+-- | The dynamic thing group name to create.
+createDynamicThingGroup_thingGroupName :: Lens.Lens' CreateDynamicThingGroup Prelude.Text
+createDynamicThingGroup_thingGroupName = Lens.lens (\CreateDynamicThingGroup' {thingGroupName} -> thingGroupName) (\s@CreateDynamicThingGroup' {} a -> s {thingGroupName = a} :: CreateDynamicThingGroup)
+
+-- | The dynamic thing group search query string.
+--
+-- See
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/query-syntax.html Query Syntax>
+-- for information about query string syntax.
+createDynamicThingGroup_queryString :: Lens.Lens' CreateDynamicThingGroup Prelude.Text
+createDynamicThingGroup_queryString = Lens.lens (\CreateDynamicThingGroup' {queryString} -> queryString) (\s@CreateDynamicThingGroup' {} a -> s {queryString = a} :: CreateDynamicThingGroup)
+
+instance Core.AWSRequest CreateDynamicThingGroup where
+  type
+    AWSResponse CreateDynamicThingGroup =
+      CreateDynamicThingGroupResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateDynamicThingGroupResponse'
+            Prelude.<$> (x Data..?> "indexName")
+            Prelude.<*> (x Data..?> "queryString")
+            Prelude.<*> (x Data..?> "queryVersion")
+            Prelude.<*> (x Data..?> "thingGroupArn")
+            Prelude.<*> (x Data..?> "thingGroupId")
+            Prelude.<*> (x Data..?> "thingGroupName")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreateDynamicThingGroup where
+  hashWithSalt _salt CreateDynamicThingGroup' {..} =
+    _salt
+      `Prelude.hashWithSalt` indexName
+      `Prelude.hashWithSalt` queryVersion
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` thingGroupProperties
+      `Prelude.hashWithSalt` thingGroupName
+      `Prelude.hashWithSalt` queryString
+
+instance Prelude.NFData CreateDynamicThingGroup where
+  rnf CreateDynamicThingGroup' {..} =
+    Prelude.rnf indexName
+      `Prelude.seq` Prelude.rnf queryVersion
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf thingGroupProperties
+      `Prelude.seq` Prelude.rnf thingGroupName
+      `Prelude.seq` Prelude.rnf queryString
+
+instance Data.ToHeaders CreateDynamicThingGroup where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CreateDynamicThingGroup where
+  toJSON CreateDynamicThingGroup' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("indexName" Data..=) Prelude.<$> indexName,
+            ("queryVersion" Data..=) Prelude.<$> queryVersion,
+            ("tags" Data..=) Prelude.<$> tags,
+            ("thingGroupProperties" Data..=)
+              Prelude.<$> thingGroupProperties,
+            Prelude.Just ("queryString" Data..= queryString)
+          ]
+      )
+
+instance Data.ToPath CreateDynamicThingGroup where
+  toPath CreateDynamicThingGroup' {..} =
+    Prelude.mconcat
+      ["/dynamic-thing-groups/", Data.toBS thingGroupName]
+
+instance Data.ToQuery CreateDynamicThingGroup where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateDynamicThingGroupResponse' smart constructor.
+data CreateDynamicThingGroupResponse = CreateDynamicThingGroupResponse'
+  { -- | The dynamic thing group index name.
+    indexName :: Prelude.Maybe Prelude.Text,
+    -- | The dynamic thing group search query string.
+    queryString :: Prelude.Maybe Prelude.Text,
+    -- | The dynamic thing group query version.
+    queryVersion :: Prelude.Maybe Prelude.Text,
+    -- | The dynamic thing group ARN.
+    thingGroupArn :: Prelude.Maybe Prelude.Text,
+    -- | The dynamic thing group ID.
+    thingGroupId :: Prelude.Maybe Prelude.Text,
+    -- | The dynamic thing group name.
+    thingGroupName :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateDynamicThingGroupResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'indexName', 'createDynamicThingGroupResponse_indexName' - The dynamic thing group index name.
+--
+-- 'queryString', 'createDynamicThingGroupResponse_queryString' - The dynamic thing group search query string.
+--
+-- 'queryVersion', 'createDynamicThingGroupResponse_queryVersion' - The dynamic thing group query version.
+--
+-- 'thingGroupArn', 'createDynamicThingGroupResponse_thingGroupArn' - The dynamic thing group ARN.
+--
+-- 'thingGroupId', 'createDynamicThingGroupResponse_thingGroupId' - The dynamic thing group ID.
+--
+-- 'thingGroupName', 'createDynamicThingGroupResponse_thingGroupName' - The dynamic thing group name.
+--
+-- 'httpStatus', 'createDynamicThingGroupResponse_httpStatus' - The response's http status code.
+newCreateDynamicThingGroupResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateDynamicThingGroupResponse
+newCreateDynamicThingGroupResponse pHttpStatus_ =
+  CreateDynamicThingGroupResponse'
+    { indexName =
+        Prelude.Nothing,
+      queryString = Prelude.Nothing,
+      queryVersion = Prelude.Nothing,
+      thingGroupArn = Prelude.Nothing,
+      thingGroupId = Prelude.Nothing,
+      thingGroupName = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The dynamic thing group index name.
+createDynamicThingGroupResponse_indexName :: Lens.Lens' CreateDynamicThingGroupResponse (Prelude.Maybe Prelude.Text)
+createDynamicThingGroupResponse_indexName = Lens.lens (\CreateDynamicThingGroupResponse' {indexName} -> indexName) (\s@CreateDynamicThingGroupResponse' {} a -> s {indexName = a} :: CreateDynamicThingGroupResponse)
+
+-- | The dynamic thing group search query string.
+createDynamicThingGroupResponse_queryString :: Lens.Lens' CreateDynamicThingGroupResponse (Prelude.Maybe Prelude.Text)
+createDynamicThingGroupResponse_queryString = Lens.lens (\CreateDynamicThingGroupResponse' {queryString} -> queryString) (\s@CreateDynamicThingGroupResponse' {} a -> s {queryString = a} :: CreateDynamicThingGroupResponse)
+
+-- | The dynamic thing group query version.
+createDynamicThingGroupResponse_queryVersion :: Lens.Lens' CreateDynamicThingGroupResponse (Prelude.Maybe Prelude.Text)
+createDynamicThingGroupResponse_queryVersion = Lens.lens (\CreateDynamicThingGroupResponse' {queryVersion} -> queryVersion) (\s@CreateDynamicThingGroupResponse' {} a -> s {queryVersion = a} :: CreateDynamicThingGroupResponse)
+
+-- | The dynamic thing group ARN.
+createDynamicThingGroupResponse_thingGroupArn :: Lens.Lens' CreateDynamicThingGroupResponse (Prelude.Maybe Prelude.Text)
+createDynamicThingGroupResponse_thingGroupArn = Lens.lens (\CreateDynamicThingGroupResponse' {thingGroupArn} -> thingGroupArn) (\s@CreateDynamicThingGroupResponse' {} a -> s {thingGroupArn = a} :: CreateDynamicThingGroupResponse)
+
+-- | The dynamic thing group ID.
+createDynamicThingGroupResponse_thingGroupId :: Lens.Lens' CreateDynamicThingGroupResponse (Prelude.Maybe Prelude.Text)
+createDynamicThingGroupResponse_thingGroupId = Lens.lens (\CreateDynamicThingGroupResponse' {thingGroupId} -> thingGroupId) (\s@CreateDynamicThingGroupResponse' {} a -> s {thingGroupId = a} :: CreateDynamicThingGroupResponse)
+
+-- | The dynamic thing group name.
+createDynamicThingGroupResponse_thingGroupName :: Lens.Lens' CreateDynamicThingGroupResponse (Prelude.Maybe Prelude.Text)
+createDynamicThingGroupResponse_thingGroupName = Lens.lens (\CreateDynamicThingGroupResponse' {thingGroupName} -> thingGroupName) (\s@CreateDynamicThingGroupResponse' {} a -> s {thingGroupName = a} :: CreateDynamicThingGroupResponse)
+
+-- | The response's http status code.
+createDynamicThingGroupResponse_httpStatus :: Lens.Lens' CreateDynamicThingGroupResponse Prelude.Int
+createDynamicThingGroupResponse_httpStatus = Lens.lens (\CreateDynamicThingGroupResponse' {httpStatus} -> httpStatus) (\s@CreateDynamicThingGroupResponse' {} a -> s {httpStatus = a} :: CreateDynamicThingGroupResponse)
+
+instance
+  Prelude.NFData
+    CreateDynamicThingGroupResponse
+  where
+  rnf CreateDynamicThingGroupResponse' {..} =
+    Prelude.rnf indexName
+      `Prelude.seq` Prelude.rnf queryString
+      `Prelude.seq` Prelude.rnf queryVersion
+      `Prelude.seq` Prelude.rnf thingGroupArn
+      `Prelude.seq` Prelude.rnf thingGroupId
+      `Prelude.seq` Prelude.rnf thingGroupName
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CreateFleetMetric.hs b/gen/Amazonka/IoT/CreateFleetMetric.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CreateFleetMetric.hs
@@ -0,0 +1,322 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CreateFleetMetric
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a fleet metric.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreateFleetMetric>
+-- action.
+module Amazonka.IoT.CreateFleetMetric
+  ( -- * Creating a Request
+    CreateFleetMetric (..),
+    newCreateFleetMetric,
+
+    -- * Request Lenses
+    createFleetMetric_description,
+    createFleetMetric_indexName,
+    createFleetMetric_queryVersion,
+    createFleetMetric_tags,
+    createFleetMetric_unit,
+    createFleetMetric_metricName,
+    createFleetMetric_queryString,
+    createFleetMetric_aggregationType,
+    createFleetMetric_period,
+    createFleetMetric_aggregationField,
+
+    -- * Destructuring the Response
+    CreateFleetMetricResponse (..),
+    newCreateFleetMetricResponse,
+
+    -- * Response Lenses
+    createFleetMetricResponse_metricArn,
+    createFleetMetricResponse_metricName,
+    createFleetMetricResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newCreateFleetMetric' smart constructor.
+data CreateFleetMetric = CreateFleetMetric'
+  { -- | The fleet metric description.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | The name of the index to search.
+    indexName :: Prelude.Maybe Prelude.Text,
+    -- | The query version.
+    queryVersion :: Prelude.Maybe Prelude.Text,
+    -- | Metadata, which can be used to manage the fleet metric.
+    tags :: Prelude.Maybe [Tag],
+    -- | Used to support unit transformation such as milliseconds to seconds. The
+    -- unit must be supported by
+    -- <https://docs.aws.amazon.com/https:/docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html CW metric>.
+    -- Default to null.
+    unit :: Prelude.Maybe FleetMetricUnit,
+    -- | The name of the fleet metric to create.
+    metricName :: Prelude.Text,
+    -- | The search query string.
+    queryString :: Prelude.Text,
+    -- | The type of the aggregation query.
+    aggregationType :: AggregationType,
+    -- | The time in seconds between fleet metric emissions. Range [60(1 min),
+    -- 86400(1 day)] and must be multiple of 60.
+    period :: Prelude.Natural,
+    -- | The field to aggregate.
+    aggregationField :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateFleetMetric' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'description', 'createFleetMetric_description' - The fleet metric description.
+--
+-- 'indexName', 'createFleetMetric_indexName' - The name of the index to search.
+--
+-- 'queryVersion', 'createFleetMetric_queryVersion' - The query version.
+--
+-- 'tags', 'createFleetMetric_tags' - Metadata, which can be used to manage the fleet metric.
+--
+-- 'unit', 'createFleetMetric_unit' - Used to support unit transformation such as milliseconds to seconds. The
+-- unit must be supported by
+-- <https://docs.aws.amazon.com/https:/docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html CW metric>.
+-- Default to null.
+--
+-- 'metricName', 'createFleetMetric_metricName' - The name of the fleet metric to create.
+--
+-- 'queryString', 'createFleetMetric_queryString' - The search query string.
+--
+-- 'aggregationType', 'createFleetMetric_aggregationType' - The type of the aggregation query.
+--
+-- 'period', 'createFleetMetric_period' - The time in seconds between fleet metric emissions. Range [60(1 min),
+-- 86400(1 day)] and must be multiple of 60.
+--
+-- 'aggregationField', 'createFleetMetric_aggregationField' - The field to aggregate.
+newCreateFleetMetric ::
+  -- | 'metricName'
+  Prelude.Text ->
+  -- | 'queryString'
+  Prelude.Text ->
+  -- | 'aggregationType'
+  AggregationType ->
+  -- | 'period'
+  Prelude.Natural ->
+  -- | 'aggregationField'
+  Prelude.Text ->
+  CreateFleetMetric
+newCreateFleetMetric
+  pMetricName_
+  pQueryString_
+  pAggregationType_
+  pPeriod_
+  pAggregationField_ =
+    CreateFleetMetric'
+      { description = Prelude.Nothing,
+        indexName = Prelude.Nothing,
+        queryVersion = Prelude.Nothing,
+        tags = Prelude.Nothing,
+        unit = Prelude.Nothing,
+        metricName = pMetricName_,
+        queryString = pQueryString_,
+        aggregationType = pAggregationType_,
+        period = pPeriod_,
+        aggregationField = pAggregationField_
+      }
+
+-- | The fleet metric description.
+createFleetMetric_description :: Lens.Lens' CreateFleetMetric (Prelude.Maybe Prelude.Text)
+createFleetMetric_description = Lens.lens (\CreateFleetMetric' {description} -> description) (\s@CreateFleetMetric' {} a -> s {description = a} :: CreateFleetMetric)
+
+-- | The name of the index to search.
+createFleetMetric_indexName :: Lens.Lens' CreateFleetMetric (Prelude.Maybe Prelude.Text)
+createFleetMetric_indexName = Lens.lens (\CreateFleetMetric' {indexName} -> indexName) (\s@CreateFleetMetric' {} a -> s {indexName = a} :: CreateFleetMetric)
+
+-- | The query version.
+createFleetMetric_queryVersion :: Lens.Lens' CreateFleetMetric (Prelude.Maybe Prelude.Text)
+createFleetMetric_queryVersion = Lens.lens (\CreateFleetMetric' {queryVersion} -> queryVersion) (\s@CreateFleetMetric' {} a -> s {queryVersion = a} :: CreateFleetMetric)
+
+-- | Metadata, which can be used to manage the fleet metric.
+createFleetMetric_tags :: Lens.Lens' CreateFleetMetric (Prelude.Maybe [Tag])
+createFleetMetric_tags = Lens.lens (\CreateFleetMetric' {tags} -> tags) (\s@CreateFleetMetric' {} a -> s {tags = a} :: CreateFleetMetric) Prelude.. Lens.mapping Lens.coerced
+
+-- | Used to support unit transformation such as milliseconds to seconds. The
+-- unit must be supported by
+-- <https://docs.aws.amazon.com/https:/docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html CW metric>.
+-- Default to null.
+createFleetMetric_unit :: Lens.Lens' CreateFleetMetric (Prelude.Maybe FleetMetricUnit)
+createFleetMetric_unit = Lens.lens (\CreateFleetMetric' {unit} -> unit) (\s@CreateFleetMetric' {} a -> s {unit = a} :: CreateFleetMetric)
+
+-- | The name of the fleet metric to create.
+createFleetMetric_metricName :: Lens.Lens' CreateFleetMetric Prelude.Text
+createFleetMetric_metricName = Lens.lens (\CreateFleetMetric' {metricName} -> metricName) (\s@CreateFleetMetric' {} a -> s {metricName = a} :: CreateFleetMetric)
+
+-- | The search query string.
+createFleetMetric_queryString :: Lens.Lens' CreateFleetMetric Prelude.Text
+createFleetMetric_queryString = Lens.lens (\CreateFleetMetric' {queryString} -> queryString) (\s@CreateFleetMetric' {} a -> s {queryString = a} :: CreateFleetMetric)
+
+-- | The type of the aggregation query.
+createFleetMetric_aggregationType :: Lens.Lens' CreateFleetMetric AggregationType
+createFleetMetric_aggregationType = Lens.lens (\CreateFleetMetric' {aggregationType} -> aggregationType) (\s@CreateFleetMetric' {} a -> s {aggregationType = a} :: CreateFleetMetric)
+
+-- | The time in seconds between fleet metric emissions. Range [60(1 min),
+-- 86400(1 day)] and must be multiple of 60.
+createFleetMetric_period :: Lens.Lens' CreateFleetMetric Prelude.Natural
+createFleetMetric_period = Lens.lens (\CreateFleetMetric' {period} -> period) (\s@CreateFleetMetric' {} a -> s {period = a} :: CreateFleetMetric)
+
+-- | The field to aggregate.
+createFleetMetric_aggregationField :: Lens.Lens' CreateFleetMetric Prelude.Text
+createFleetMetric_aggregationField = Lens.lens (\CreateFleetMetric' {aggregationField} -> aggregationField) (\s@CreateFleetMetric' {} a -> s {aggregationField = a} :: CreateFleetMetric)
+
+instance Core.AWSRequest CreateFleetMetric where
+  type
+    AWSResponse CreateFleetMetric =
+      CreateFleetMetricResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateFleetMetricResponse'
+            Prelude.<$> (x Data..?> "metricArn")
+            Prelude.<*> (x Data..?> "metricName")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreateFleetMetric where
+  hashWithSalt _salt CreateFleetMetric' {..} =
+    _salt
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` indexName
+      `Prelude.hashWithSalt` queryVersion
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` unit
+      `Prelude.hashWithSalt` metricName
+      `Prelude.hashWithSalt` queryString
+      `Prelude.hashWithSalt` aggregationType
+      `Prelude.hashWithSalt` period
+      `Prelude.hashWithSalt` aggregationField
+
+instance Prelude.NFData CreateFleetMetric where
+  rnf CreateFleetMetric' {..} =
+    Prelude.rnf description
+      `Prelude.seq` Prelude.rnf indexName
+      `Prelude.seq` Prelude.rnf queryVersion
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf unit
+      `Prelude.seq` Prelude.rnf metricName
+      `Prelude.seq` Prelude.rnf queryString
+      `Prelude.seq` Prelude.rnf aggregationType
+      `Prelude.seq` Prelude.rnf period
+      `Prelude.seq` Prelude.rnf aggregationField
+
+instance Data.ToHeaders CreateFleetMetric where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CreateFleetMetric where
+  toJSON CreateFleetMetric' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("description" Data..=) Prelude.<$> description,
+            ("indexName" Data..=) Prelude.<$> indexName,
+            ("queryVersion" Data..=) Prelude.<$> queryVersion,
+            ("tags" Data..=) Prelude.<$> tags,
+            ("unit" Data..=) Prelude.<$> unit,
+            Prelude.Just ("queryString" Data..= queryString),
+            Prelude.Just
+              ("aggregationType" Data..= aggregationType),
+            Prelude.Just ("period" Data..= period),
+            Prelude.Just
+              ("aggregationField" Data..= aggregationField)
+          ]
+      )
+
+instance Data.ToPath CreateFleetMetric where
+  toPath CreateFleetMetric' {..} =
+    Prelude.mconcat
+      ["/fleet-metric/", Data.toBS metricName]
+
+instance Data.ToQuery CreateFleetMetric where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateFleetMetricResponse' smart constructor.
+data CreateFleetMetricResponse = CreateFleetMetricResponse'
+  { -- | The Amazon Resource Name (ARN) of the new fleet metric.
+    metricArn :: Prelude.Maybe Prelude.Text,
+    -- | The name of the fleet metric to create.
+    metricName :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateFleetMetricResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'metricArn', 'createFleetMetricResponse_metricArn' - The Amazon Resource Name (ARN) of the new fleet metric.
+--
+-- 'metricName', 'createFleetMetricResponse_metricName' - The name of the fleet metric to create.
+--
+-- 'httpStatus', 'createFleetMetricResponse_httpStatus' - The response's http status code.
+newCreateFleetMetricResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateFleetMetricResponse
+newCreateFleetMetricResponse pHttpStatus_ =
+  CreateFleetMetricResponse'
+    { metricArn =
+        Prelude.Nothing,
+      metricName = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The Amazon Resource Name (ARN) of the new fleet metric.
+createFleetMetricResponse_metricArn :: Lens.Lens' CreateFleetMetricResponse (Prelude.Maybe Prelude.Text)
+createFleetMetricResponse_metricArn = Lens.lens (\CreateFleetMetricResponse' {metricArn} -> metricArn) (\s@CreateFleetMetricResponse' {} a -> s {metricArn = a} :: CreateFleetMetricResponse)
+
+-- | The name of the fleet metric to create.
+createFleetMetricResponse_metricName :: Lens.Lens' CreateFleetMetricResponse (Prelude.Maybe Prelude.Text)
+createFleetMetricResponse_metricName = Lens.lens (\CreateFleetMetricResponse' {metricName} -> metricName) (\s@CreateFleetMetricResponse' {} a -> s {metricName = a} :: CreateFleetMetricResponse)
+
+-- | The response's http status code.
+createFleetMetricResponse_httpStatus :: Lens.Lens' CreateFleetMetricResponse Prelude.Int
+createFleetMetricResponse_httpStatus = Lens.lens (\CreateFleetMetricResponse' {httpStatus} -> httpStatus) (\s@CreateFleetMetricResponse' {} a -> s {httpStatus = a} :: CreateFleetMetricResponse)
+
+instance Prelude.NFData CreateFleetMetricResponse where
+  rnf CreateFleetMetricResponse' {..} =
+    Prelude.rnf metricArn
+      `Prelude.seq` Prelude.rnf metricName
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CreateJob.hs b/gen/Amazonka/IoT/CreateJob.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CreateJob.hs
@@ -0,0 +1,517 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CreateJob
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a job.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreateJob>
+-- action.
+module Amazonka.IoT.CreateJob
+  ( -- * Creating a Request
+    CreateJob (..),
+    newCreateJob,
+
+    -- * Request Lenses
+    createJob_abortConfig,
+    createJob_description,
+    createJob_document,
+    createJob_documentParameters,
+    createJob_documentSource,
+    createJob_jobExecutionsRetryConfig,
+    createJob_jobExecutionsRolloutConfig,
+    createJob_jobTemplateArn,
+    createJob_namespaceId,
+    createJob_presignedUrlConfig,
+    createJob_schedulingConfig,
+    createJob_tags,
+    createJob_targetSelection,
+    createJob_timeoutConfig,
+    createJob_jobId,
+    createJob_targets,
+
+    -- * Destructuring the Response
+    CreateJobResponse (..),
+    newCreateJobResponse,
+
+    -- * Response Lenses
+    createJobResponse_description,
+    createJobResponse_jobArn,
+    createJobResponse_jobId,
+    createJobResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newCreateJob' smart constructor.
+data CreateJob = CreateJob'
+  { -- | Allows you to create the criteria to abort a job.
+    abortConfig :: Prelude.Maybe AbortConfig,
+    -- | A short text description of the job.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | The job document. Required if you don\'t specify a value for
+    -- @documentSource@.
+    document :: Prelude.Maybe Prelude.Text,
+    -- | Parameters of an Amazon Web Services managed template that you can
+    -- specify to create the job document.
+    --
+    -- @documentParameters@ can only be used when creating jobs from Amazon Web
+    -- Services managed templates. This parameter can\'t be used with custom
+    -- job templates or to create jobs from them.
+    documentParameters :: Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text),
+    -- | An S3 link to the job document. Required if you don\'t specify a value
+    -- for @document@.
+    --
+    -- If the job document resides in an S3 bucket, you must use a placeholder
+    -- link when specifying the document.
+    --
+    -- The placeholder link is of the following form:
+    --
+    -- @${aws:iot:s3-presigned-url:https:\/\/s3.amazonaws.com\/@/@bucket@/@\/@/@key@/@}@
+    --
+    -- where /bucket/ is your bucket name and /key/ is the object in the bucket
+    -- to which you are linking.
+    documentSource :: Prelude.Maybe Prelude.Text,
+    -- | Allows you to create the criteria to retry a job.
+    jobExecutionsRetryConfig :: Prelude.Maybe JobExecutionsRetryConfig,
+    -- | Allows you to create a staged rollout of the job.
+    jobExecutionsRolloutConfig :: Prelude.Maybe JobExecutionsRolloutConfig,
+    -- | The ARN of the job template used to create the job.
+    jobTemplateArn :: Prelude.Maybe Prelude.Text,
+    -- | The namespace used to indicate that a job is a customer-managed job.
+    --
+    -- When you specify a value for this parameter, Amazon Web Services IoT
+    -- Core sends jobs notifications to MQTT topics that contain the value in
+    -- the following format.
+    --
+    -- @$aws\/things\/@/@THING_NAME@/@\/jobs\/@/@JOB_ID@/@\/notify-namespace-@/@NAMESPACE_ID@/@\/@
+    --
+    -- The @namespaceId@ feature is in public preview.
+    namespaceId :: Prelude.Maybe Prelude.Text,
+    -- | Configuration information for pre-signed S3 URLs.
+    presignedUrlConfig :: Prelude.Maybe PresignedUrlConfig,
+    -- | The configuration that allows you to schedule a job for a future date
+    -- and time in addition to specifying the end behavior for each job
+    -- execution.
+    schedulingConfig :: Prelude.Maybe SchedulingConfig,
+    -- | Metadata which can be used to manage the job.
+    tags :: Prelude.Maybe [Tag],
+    -- | Specifies whether the job will continue to run (CONTINUOUS), or will be
+    -- complete after all those things specified as targets have completed the
+    -- job (SNAPSHOT). If continuous, the job may also be run on a thing when a
+    -- change is detected in a target. For example, a job will run on a thing
+    -- when the thing is added to a target group, even after the job was
+    -- completed by all things originally in the group.
+    --
+    -- We recommend that you use continuous jobs instead of snapshot jobs for
+    -- dynamic thing group targets. By using continuous jobs, devices that join
+    -- the group receive the job execution even after the job has been created.
+    targetSelection :: Prelude.Maybe TargetSelection,
+    -- | Specifies the amount of time each device has to finish its execution of
+    -- the job. The timer is started when the job execution status is set to
+    -- @IN_PROGRESS@. If the job execution status is not set to another
+    -- terminal state before the time expires, it will be automatically set to
+    -- @TIMED_OUT@.
+    timeoutConfig :: Prelude.Maybe TimeoutConfig,
+    -- | A job identifier which must be unique for your Amazon Web Services
+    -- account. We recommend using a UUID. Alpha-numeric characters, \"-\" and
+    -- \"_\" are valid for use here.
+    jobId :: Prelude.Text,
+    -- | A list of things and thing groups to which the job should be sent.
+    targets :: Prelude.NonEmpty Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateJob' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'abortConfig', 'createJob_abortConfig' - Allows you to create the criteria to abort a job.
+--
+-- 'description', 'createJob_description' - A short text description of the job.
+--
+-- 'document', 'createJob_document' - The job document. Required if you don\'t specify a value for
+-- @documentSource@.
+--
+-- 'documentParameters', 'createJob_documentParameters' - Parameters of an Amazon Web Services managed template that you can
+-- specify to create the job document.
+--
+-- @documentParameters@ can only be used when creating jobs from Amazon Web
+-- Services managed templates. This parameter can\'t be used with custom
+-- job templates or to create jobs from them.
+--
+-- 'documentSource', 'createJob_documentSource' - An S3 link to the job document. Required if you don\'t specify a value
+-- for @document@.
+--
+-- If the job document resides in an S3 bucket, you must use a placeholder
+-- link when specifying the document.
+--
+-- The placeholder link is of the following form:
+--
+-- @${aws:iot:s3-presigned-url:https:\/\/s3.amazonaws.com\/@/@bucket@/@\/@/@key@/@}@
+--
+-- where /bucket/ is your bucket name and /key/ is the object in the bucket
+-- to which you are linking.
+--
+-- 'jobExecutionsRetryConfig', 'createJob_jobExecutionsRetryConfig' - Allows you to create the criteria to retry a job.
+--
+-- 'jobExecutionsRolloutConfig', 'createJob_jobExecutionsRolloutConfig' - Allows you to create a staged rollout of the job.
+--
+-- 'jobTemplateArn', 'createJob_jobTemplateArn' - The ARN of the job template used to create the job.
+--
+-- 'namespaceId', 'createJob_namespaceId' - The namespace used to indicate that a job is a customer-managed job.
+--
+-- When you specify a value for this parameter, Amazon Web Services IoT
+-- Core sends jobs notifications to MQTT topics that contain the value in
+-- the following format.
+--
+-- @$aws\/things\/@/@THING_NAME@/@\/jobs\/@/@JOB_ID@/@\/notify-namespace-@/@NAMESPACE_ID@/@\/@
+--
+-- The @namespaceId@ feature is in public preview.
+--
+-- 'presignedUrlConfig', 'createJob_presignedUrlConfig' - Configuration information for pre-signed S3 URLs.
+--
+-- 'schedulingConfig', 'createJob_schedulingConfig' - The configuration that allows you to schedule a job for a future date
+-- and time in addition to specifying the end behavior for each job
+-- execution.
+--
+-- 'tags', 'createJob_tags' - Metadata which can be used to manage the job.
+--
+-- 'targetSelection', 'createJob_targetSelection' - Specifies whether the job will continue to run (CONTINUOUS), or will be
+-- complete after all those things specified as targets have completed the
+-- job (SNAPSHOT). If continuous, the job may also be run on a thing when a
+-- change is detected in a target. For example, a job will run on a thing
+-- when the thing is added to a target group, even after the job was
+-- completed by all things originally in the group.
+--
+-- We recommend that you use continuous jobs instead of snapshot jobs for
+-- dynamic thing group targets. By using continuous jobs, devices that join
+-- the group receive the job execution even after the job has been created.
+--
+-- 'timeoutConfig', 'createJob_timeoutConfig' - Specifies the amount of time each device has to finish its execution of
+-- the job. The timer is started when the job execution status is set to
+-- @IN_PROGRESS@. If the job execution status is not set to another
+-- terminal state before the time expires, it will be automatically set to
+-- @TIMED_OUT@.
+--
+-- 'jobId', 'createJob_jobId' - A job identifier which must be unique for your Amazon Web Services
+-- account. We recommend using a UUID. Alpha-numeric characters, \"-\" and
+-- \"_\" are valid for use here.
+--
+-- 'targets', 'createJob_targets' - A list of things and thing groups to which the job should be sent.
+newCreateJob ::
+  -- | 'jobId'
+  Prelude.Text ->
+  -- | 'targets'
+  Prelude.NonEmpty Prelude.Text ->
+  CreateJob
+newCreateJob pJobId_ pTargets_ =
+  CreateJob'
+    { abortConfig = Prelude.Nothing,
+      description = Prelude.Nothing,
+      document = Prelude.Nothing,
+      documentParameters = Prelude.Nothing,
+      documentSource = Prelude.Nothing,
+      jobExecutionsRetryConfig = Prelude.Nothing,
+      jobExecutionsRolloutConfig = Prelude.Nothing,
+      jobTemplateArn = Prelude.Nothing,
+      namespaceId = Prelude.Nothing,
+      presignedUrlConfig = Prelude.Nothing,
+      schedulingConfig = Prelude.Nothing,
+      tags = Prelude.Nothing,
+      targetSelection = Prelude.Nothing,
+      timeoutConfig = Prelude.Nothing,
+      jobId = pJobId_,
+      targets = Lens.coerced Lens.# pTargets_
+    }
+
+-- | Allows you to create the criteria to abort a job.
+createJob_abortConfig :: Lens.Lens' CreateJob (Prelude.Maybe AbortConfig)
+createJob_abortConfig = Lens.lens (\CreateJob' {abortConfig} -> abortConfig) (\s@CreateJob' {} a -> s {abortConfig = a} :: CreateJob)
+
+-- | A short text description of the job.
+createJob_description :: Lens.Lens' CreateJob (Prelude.Maybe Prelude.Text)
+createJob_description = Lens.lens (\CreateJob' {description} -> description) (\s@CreateJob' {} a -> s {description = a} :: CreateJob)
+
+-- | The job document. Required if you don\'t specify a value for
+-- @documentSource@.
+createJob_document :: Lens.Lens' CreateJob (Prelude.Maybe Prelude.Text)
+createJob_document = Lens.lens (\CreateJob' {document} -> document) (\s@CreateJob' {} a -> s {document = a} :: CreateJob)
+
+-- | Parameters of an Amazon Web Services managed template that you can
+-- specify to create the job document.
+--
+-- @documentParameters@ can only be used when creating jobs from Amazon Web
+-- Services managed templates. This parameter can\'t be used with custom
+-- job templates or to create jobs from them.
+createJob_documentParameters :: Lens.Lens' CreateJob (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
+createJob_documentParameters = Lens.lens (\CreateJob' {documentParameters} -> documentParameters) (\s@CreateJob' {} a -> s {documentParameters = a} :: CreateJob) Prelude.. Lens.mapping Lens.coerced
+
+-- | An S3 link to the job document. Required if you don\'t specify a value
+-- for @document@.
+--
+-- If the job document resides in an S3 bucket, you must use a placeholder
+-- link when specifying the document.
+--
+-- The placeholder link is of the following form:
+--
+-- @${aws:iot:s3-presigned-url:https:\/\/s3.amazonaws.com\/@/@bucket@/@\/@/@key@/@}@
+--
+-- where /bucket/ is your bucket name and /key/ is the object in the bucket
+-- to which you are linking.
+createJob_documentSource :: Lens.Lens' CreateJob (Prelude.Maybe Prelude.Text)
+createJob_documentSource = Lens.lens (\CreateJob' {documentSource} -> documentSource) (\s@CreateJob' {} a -> s {documentSource = a} :: CreateJob)
+
+-- | Allows you to create the criteria to retry a job.
+createJob_jobExecutionsRetryConfig :: Lens.Lens' CreateJob (Prelude.Maybe JobExecutionsRetryConfig)
+createJob_jobExecutionsRetryConfig = Lens.lens (\CreateJob' {jobExecutionsRetryConfig} -> jobExecutionsRetryConfig) (\s@CreateJob' {} a -> s {jobExecutionsRetryConfig = a} :: CreateJob)
+
+-- | Allows you to create a staged rollout of the job.
+createJob_jobExecutionsRolloutConfig :: Lens.Lens' CreateJob (Prelude.Maybe JobExecutionsRolloutConfig)
+createJob_jobExecutionsRolloutConfig = Lens.lens (\CreateJob' {jobExecutionsRolloutConfig} -> jobExecutionsRolloutConfig) (\s@CreateJob' {} a -> s {jobExecutionsRolloutConfig = a} :: CreateJob)
+
+-- | The ARN of the job template used to create the job.
+createJob_jobTemplateArn :: Lens.Lens' CreateJob (Prelude.Maybe Prelude.Text)
+createJob_jobTemplateArn = Lens.lens (\CreateJob' {jobTemplateArn} -> jobTemplateArn) (\s@CreateJob' {} a -> s {jobTemplateArn = a} :: CreateJob)
+
+-- | The namespace used to indicate that a job is a customer-managed job.
+--
+-- When you specify a value for this parameter, Amazon Web Services IoT
+-- Core sends jobs notifications to MQTT topics that contain the value in
+-- the following format.
+--
+-- @$aws\/things\/@/@THING_NAME@/@\/jobs\/@/@JOB_ID@/@\/notify-namespace-@/@NAMESPACE_ID@/@\/@
+--
+-- The @namespaceId@ feature is in public preview.
+createJob_namespaceId :: Lens.Lens' CreateJob (Prelude.Maybe Prelude.Text)
+createJob_namespaceId = Lens.lens (\CreateJob' {namespaceId} -> namespaceId) (\s@CreateJob' {} a -> s {namespaceId = a} :: CreateJob)
+
+-- | Configuration information for pre-signed S3 URLs.
+createJob_presignedUrlConfig :: Lens.Lens' CreateJob (Prelude.Maybe PresignedUrlConfig)
+createJob_presignedUrlConfig = Lens.lens (\CreateJob' {presignedUrlConfig} -> presignedUrlConfig) (\s@CreateJob' {} a -> s {presignedUrlConfig = a} :: CreateJob)
+
+-- | The configuration that allows you to schedule a job for a future date
+-- and time in addition to specifying the end behavior for each job
+-- execution.
+createJob_schedulingConfig :: Lens.Lens' CreateJob (Prelude.Maybe SchedulingConfig)
+createJob_schedulingConfig = Lens.lens (\CreateJob' {schedulingConfig} -> schedulingConfig) (\s@CreateJob' {} a -> s {schedulingConfig = a} :: CreateJob)
+
+-- | Metadata which can be used to manage the job.
+createJob_tags :: Lens.Lens' CreateJob (Prelude.Maybe [Tag])
+createJob_tags = Lens.lens (\CreateJob' {tags} -> tags) (\s@CreateJob' {} a -> s {tags = a} :: CreateJob) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies whether the job will continue to run (CONTINUOUS), or will be
+-- complete after all those things specified as targets have completed the
+-- job (SNAPSHOT). If continuous, the job may also be run on a thing when a
+-- change is detected in a target. For example, a job will run on a thing
+-- when the thing is added to a target group, even after the job was
+-- completed by all things originally in the group.
+--
+-- We recommend that you use continuous jobs instead of snapshot jobs for
+-- dynamic thing group targets. By using continuous jobs, devices that join
+-- the group receive the job execution even after the job has been created.
+createJob_targetSelection :: Lens.Lens' CreateJob (Prelude.Maybe TargetSelection)
+createJob_targetSelection = Lens.lens (\CreateJob' {targetSelection} -> targetSelection) (\s@CreateJob' {} a -> s {targetSelection = a} :: CreateJob)
+
+-- | Specifies the amount of time each device has to finish its execution of
+-- the job. The timer is started when the job execution status is set to
+-- @IN_PROGRESS@. If the job execution status is not set to another
+-- terminal state before the time expires, it will be automatically set to
+-- @TIMED_OUT@.
+createJob_timeoutConfig :: Lens.Lens' CreateJob (Prelude.Maybe TimeoutConfig)
+createJob_timeoutConfig = Lens.lens (\CreateJob' {timeoutConfig} -> timeoutConfig) (\s@CreateJob' {} a -> s {timeoutConfig = a} :: CreateJob)
+
+-- | A job identifier which must be unique for your Amazon Web Services
+-- account. We recommend using a UUID. Alpha-numeric characters, \"-\" and
+-- \"_\" are valid for use here.
+createJob_jobId :: Lens.Lens' CreateJob Prelude.Text
+createJob_jobId = Lens.lens (\CreateJob' {jobId} -> jobId) (\s@CreateJob' {} a -> s {jobId = a} :: CreateJob)
+
+-- | A list of things and thing groups to which the job should be sent.
+createJob_targets :: Lens.Lens' CreateJob (Prelude.NonEmpty Prelude.Text)
+createJob_targets = Lens.lens (\CreateJob' {targets} -> targets) (\s@CreateJob' {} a -> s {targets = a} :: CreateJob) Prelude.. Lens.coerced
+
+instance Core.AWSRequest CreateJob where
+  type AWSResponse CreateJob = CreateJobResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateJobResponse'
+            Prelude.<$> (x Data..?> "description")
+            Prelude.<*> (x Data..?> "jobArn")
+            Prelude.<*> (x Data..?> "jobId")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreateJob where
+  hashWithSalt _salt CreateJob' {..} =
+    _salt
+      `Prelude.hashWithSalt` abortConfig
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` document
+      `Prelude.hashWithSalt` documentParameters
+      `Prelude.hashWithSalt` documentSource
+      `Prelude.hashWithSalt` jobExecutionsRetryConfig
+      `Prelude.hashWithSalt` jobExecutionsRolloutConfig
+      `Prelude.hashWithSalt` jobTemplateArn
+      `Prelude.hashWithSalt` namespaceId
+      `Prelude.hashWithSalt` presignedUrlConfig
+      `Prelude.hashWithSalt` schedulingConfig
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` targetSelection
+      `Prelude.hashWithSalt` timeoutConfig
+      `Prelude.hashWithSalt` jobId
+      `Prelude.hashWithSalt` targets
+
+instance Prelude.NFData CreateJob where
+  rnf CreateJob' {..} =
+    Prelude.rnf abortConfig
+      `Prelude.seq` Prelude.rnf description
+      `Prelude.seq` Prelude.rnf document
+      `Prelude.seq` Prelude.rnf documentParameters
+      `Prelude.seq` Prelude.rnf documentSource
+      `Prelude.seq` Prelude.rnf jobExecutionsRetryConfig
+      `Prelude.seq` Prelude.rnf jobExecutionsRolloutConfig
+      `Prelude.seq` Prelude.rnf jobTemplateArn
+      `Prelude.seq` Prelude.rnf namespaceId
+      `Prelude.seq` Prelude.rnf presignedUrlConfig
+      `Prelude.seq` Prelude.rnf schedulingConfig
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf targetSelection
+      `Prelude.seq` Prelude.rnf timeoutConfig
+      `Prelude.seq` Prelude.rnf jobId
+      `Prelude.seq` Prelude.rnf targets
+
+instance Data.ToHeaders CreateJob where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CreateJob where
+  toJSON CreateJob' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("abortConfig" Data..=) Prelude.<$> abortConfig,
+            ("description" Data..=) Prelude.<$> description,
+            ("document" Data..=) Prelude.<$> document,
+            ("documentParameters" Data..=)
+              Prelude.<$> documentParameters,
+            ("documentSource" Data..=)
+              Prelude.<$> documentSource,
+            ("jobExecutionsRetryConfig" Data..=)
+              Prelude.<$> jobExecutionsRetryConfig,
+            ("jobExecutionsRolloutConfig" Data..=)
+              Prelude.<$> jobExecutionsRolloutConfig,
+            ("jobTemplateArn" Data..=)
+              Prelude.<$> jobTemplateArn,
+            ("namespaceId" Data..=) Prelude.<$> namespaceId,
+            ("presignedUrlConfig" Data..=)
+              Prelude.<$> presignedUrlConfig,
+            ("schedulingConfig" Data..=)
+              Prelude.<$> schedulingConfig,
+            ("tags" Data..=) Prelude.<$> tags,
+            ("targetSelection" Data..=)
+              Prelude.<$> targetSelection,
+            ("timeoutConfig" Data..=) Prelude.<$> timeoutConfig,
+            Prelude.Just ("targets" Data..= targets)
+          ]
+      )
+
+instance Data.ToPath CreateJob where
+  toPath CreateJob' {..} =
+    Prelude.mconcat ["/jobs/", Data.toBS jobId]
+
+instance Data.ToQuery CreateJob where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateJobResponse' smart constructor.
+data CreateJobResponse = CreateJobResponse'
+  { -- | The job description.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | The job ARN.
+    jobArn :: Prelude.Maybe Prelude.Text,
+    -- | The unique identifier you assigned to this job.
+    jobId :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateJobResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'description', 'createJobResponse_description' - The job description.
+--
+-- 'jobArn', 'createJobResponse_jobArn' - The job ARN.
+--
+-- 'jobId', 'createJobResponse_jobId' - The unique identifier you assigned to this job.
+--
+-- 'httpStatus', 'createJobResponse_httpStatus' - The response's http status code.
+newCreateJobResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateJobResponse
+newCreateJobResponse pHttpStatus_ =
+  CreateJobResponse'
+    { description = Prelude.Nothing,
+      jobArn = Prelude.Nothing,
+      jobId = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The job description.
+createJobResponse_description :: Lens.Lens' CreateJobResponse (Prelude.Maybe Prelude.Text)
+createJobResponse_description = Lens.lens (\CreateJobResponse' {description} -> description) (\s@CreateJobResponse' {} a -> s {description = a} :: CreateJobResponse)
+
+-- | The job ARN.
+createJobResponse_jobArn :: Lens.Lens' CreateJobResponse (Prelude.Maybe Prelude.Text)
+createJobResponse_jobArn = Lens.lens (\CreateJobResponse' {jobArn} -> jobArn) (\s@CreateJobResponse' {} a -> s {jobArn = a} :: CreateJobResponse)
+
+-- | The unique identifier you assigned to this job.
+createJobResponse_jobId :: Lens.Lens' CreateJobResponse (Prelude.Maybe Prelude.Text)
+createJobResponse_jobId = Lens.lens (\CreateJobResponse' {jobId} -> jobId) (\s@CreateJobResponse' {} a -> s {jobId = a} :: CreateJobResponse)
+
+-- | The response's http status code.
+createJobResponse_httpStatus :: Lens.Lens' CreateJobResponse Prelude.Int
+createJobResponse_httpStatus = Lens.lens (\CreateJobResponse' {httpStatus} -> httpStatus) (\s@CreateJobResponse' {} a -> s {httpStatus = a} :: CreateJobResponse)
+
+instance Prelude.NFData CreateJobResponse where
+  rnf CreateJobResponse' {..} =
+    Prelude.rnf description
+      `Prelude.seq` Prelude.rnf jobArn
+      `Prelude.seq` Prelude.rnf jobId
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CreateJobTemplate.hs b/gen/Amazonka/IoT/CreateJobTemplate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CreateJobTemplate.hs
@@ -0,0 +1,349 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CreateJobTemplate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a job template.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreateJobTemplate>
+-- action.
+module Amazonka.IoT.CreateJobTemplate
+  ( -- * Creating a Request
+    CreateJobTemplate (..),
+    newCreateJobTemplate,
+
+    -- * Request Lenses
+    createJobTemplate_abortConfig,
+    createJobTemplate_document,
+    createJobTemplate_documentSource,
+    createJobTemplate_jobArn,
+    createJobTemplate_jobExecutionsRetryConfig,
+    createJobTemplate_jobExecutionsRolloutConfig,
+    createJobTemplate_presignedUrlConfig,
+    createJobTemplate_tags,
+    createJobTemplate_timeoutConfig,
+    createJobTemplate_jobTemplateId,
+    createJobTemplate_description,
+
+    -- * Destructuring the Response
+    CreateJobTemplateResponse (..),
+    newCreateJobTemplateResponse,
+
+    -- * Response Lenses
+    createJobTemplateResponse_jobTemplateArn,
+    createJobTemplateResponse_jobTemplateId,
+    createJobTemplateResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newCreateJobTemplate' smart constructor.
+data CreateJobTemplate = CreateJobTemplate'
+  { abortConfig :: Prelude.Maybe AbortConfig,
+    -- | The job document. Required if you don\'t specify a value for
+    -- @documentSource@.
+    document :: Prelude.Maybe Prelude.Text,
+    -- | An S3 link to the job document to use in the template. Required if you
+    -- don\'t specify a value for @document@.
+    --
+    -- If the job document resides in an S3 bucket, you must use a placeholder
+    -- link when specifying the document.
+    --
+    -- The placeholder link is of the following form:
+    --
+    -- @${aws:iot:s3-presigned-url:https:\/\/s3.amazonaws.com\/@/@bucket@/@\/@/@key@/@}@
+    --
+    -- where /bucket/ is your bucket name and /key/ is the object in the bucket
+    -- to which you are linking.
+    documentSource :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the job to use as the basis for the job template.
+    jobArn :: Prelude.Maybe Prelude.Text,
+    -- | Allows you to create the criteria to retry a job.
+    jobExecutionsRetryConfig :: Prelude.Maybe JobExecutionsRetryConfig,
+    jobExecutionsRolloutConfig :: Prelude.Maybe JobExecutionsRolloutConfig,
+    presignedUrlConfig :: Prelude.Maybe PresignedUrlConfig,
+    -- | Metadata that can be used to manage the job template.
+    tags :: Prelude.Maybe [Tag],
+    timeoutConfig :: Prelude.Maybe TimeoutConfig,
+    -- | A unique identifier for the job template. We recommend using a UUID.
+    -- Alpha-numeric characters, \"-\", and \"_\" are valid for use here.
+    jobTemplateId :: Prelude.Text,
+    -- | A description of the job document.
+    description :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateJobTemplate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'abortConfig', 'createJobTemplate_abortConfig' - Undocumented member.
+--
+-- 'document', 'createJobTemplate_document' - The job document. Required if you don\'t specify a value for
+-- @documentSource@.
+--
+-- 'documentSource', 'createJobTemplate_documentSource' - An S3 link to the job document to use in the template. Required if you
+-- don\'t specify a value for @document@.
+--
+-- If the job document resides in an S3 bucket, you must use a placeholder
+-- link when specifying the document.
+--
+-- The placeholder link is of the following form:
+--
+-- @${aws:iot:s3-presigned-url:https:\/\/s3.amazonaws.com\/@/@bucket@/@\/@/@key@/@}@
+--
+-- where /bucket/ is your bucket name and /key/ is the object in the bucket
+-- to which you are linking.
+--
+-- 'jobArn', 'createJobTemplate_jobArn' - The ARN of the job to use as the basis for the job template.
+--
+-- 'jobExecutionsRetryConfig', 'createJobTemplate_jobExecutionsRetryConfig' - Allows you to create the criteria to retry a job.
+--
+-- 'jobExecutionsRolloutConfig', 'createJobTemplate_jobExecutionsRolloutConfig' - Undocumented member.
+--
+-- 'presignedUrlConfig', 'createJobTemplate_presignedUrlConfig' - Undocumented member.
+--
+-- 'tags', 'createJobTemplate_tags' - Metadata that can be used to manage the job template.
+--
+-- 'timeoutConfig', 'createJobTemplate_timeoutConfig' - Undocumented member.
+--
+-- 'jobTemplateId', 'createJobTemplate_jobTemplateId' - A unique identifier for the job template. We recommend using a UUID.
+-- Alpha-numeric characters, \"-\", and \"_\" are valid for use here.
+--
+-- 'description', 'createJobTemplate_description' - A description of the job document.
+newCreateJobTemplate ::
+  -- | 'jobTemplateId'
+  Prelude.Text ->
+  -- | 'description'
+  Prelude.Text ->
+  CreateJobTemplate
+newCreateJobTemplate pJobTemplateId_ pDescription_ =
+  CreateJobTemplate'
+    { abortConfig = Prelude.Nothing,
+      document = Prelude.Nothing,
+      documentSource = Prelude.Nothing,
+      jobArn = Prelude.Nothing,
+      jobExecutionsRetryConfig = Prelude.Nothing,
+      jobExecutionsRolloutConfig = Prelude.Nothing,
+      presignedUrlConfig = Prelude.Nothing,
+      tags = Prelude.Nothing,
+      timeoutConfig = Prelude.Nothing,
+      jobTemplateId = pJobTemplateId_,
+      description = pDescription_
+    }
+
+-- | Undocumented member.
+createJobTemplate_abortConfig :: Lens.Lens' CreateJobTemplate (Prelude.Maybe AbortConfig)
+createJobTemplate_abortConfig = Lens.lens (\CreateJobTemplate' {abortConfig} -> abortConfig) (\s@CreateJobTemplate' {} a -> s {abortConfig = a} :: CreateJobTemplate)
+
+-- | The job document. Required if you don\'t specify a value for
+-- @documentSource@.
+createJobTemplate_document :: Lens.Lens' CreateJobTemplate (Prelude.Maybe Prelude.Text)
+createJobTemplate_document = Lens.lens (\CreateJobTemplate' {document} -> document) (\s@CreateJobTemplate' {} a -> s {document = a} :: CreateJobTemplate)
+
+-- | An S3 link to the job document to use in the template. Required if you
+-- don\'t specify a value for @document@.
+--
+-- If the job document resides in an S3 bucket, you must use a placeholder
+-- link when specifying the document.
+--
+-- The placeholder link is of the following form:
+--
+-- @${aws:iot:s3-presigned-url:https:\/\/s3.amazonaws.com\/@/@bucket@/@\/@/@key@/@}@
+--
+-- where /bucket/ is your bucket name and /key/ is the object in the bucket
+-- to which you are linking.
+createJobTemplate_documentSource :: Lens.Lens' CreateJobTemplate (Prelude.Maybe Prelude.Text)
+createJobTemplate_documentSource = Lens.lens (\CreateJobTemplate' {documentSource} -> documentSource) (\s@CreateJobTemplate' {} a -> s {documentSource = a} :: CreateJobTemplate)
+
+-- | The ARN of the job to use as the basis for the job template.
+createJobTemplate_jobArn :: Lens.Lens' CreateJobTemplate (Prelude.Maybe Prelude.Text)
+createJobTemplate_jobArn = Lens.lens (\CreateJobTemplate' {jobArn} -> jobArn) (\s@CreateJobTemplate' {} a -> s {jobArn = a} :: CreateJobTemplate)
+
+-- | Allows you to create the criteria to retry a job.
+createJobTemplate_jobExecutionsRetryConfig :: Lens.Lens' CreateJobTemplate (Prelude.Maybe JobExecutionsRetryConfig)
+createJobTemplate_jobExecutionsRetryConfig = Lens.lens (\CreateJobTemplate' {jobExecutionsRetryConfig} -> jobExecutionsRetryConfig) (\s@CreateJobTemplate' {} a -> s {jobExecutionsRetryConfig = a} :: CreateJobTemplate)
+
+-- | Undocumented member.
+createJobTemplate_jobExecutionsRolloutConfig :: Lens.Lens' CreateJobTemplate (Prelude.Maybe JobExecutionsRolloutConfig)
+createJobTemplate_jobExecutionsRolloutConfig = Lens.lens (\CreateJobTemplate' {jobExecutionsRolloutConfig} -> jobExecutionsRolloutConfig) (\s@CreateJobTemplate' {} a -> s {jobExecutionsRolloutConfig = a} :: CreateJobTemplate)
+
+-- | Undocumented member.
+createJobTemplate_presignedUrlConfig :: Lens.Lens' CreateJobTemplate (Prelude.Maybe PresignedUrlConfig)
+createJobTemplate_presignedUrlConfig = Lens.lens (\CreateJobTemplate' {presignedUrlConfig} -> presignedUrlConfig) (\s@CreateJobTemplate' {} a -> s {presignedUrlConfig = a} :: CreateJobTemplate)
+
+-- | Metadata that can be used to manage the job template.
+createJobTemplate_tags :: Lens.Lens' CreateJobTemplate (Prelude.Maybe [Tag])
+createJobTemplate_tags = Lens.lens (\CreateJobTemplate' {tags} -> tags) (\s@CreateJobTemplate' {} a -> s {tags = a} :: CreateJobTemplate) Prelude.. Lens.mapping Lens.coerced
+
+-- | Undocumented member.
+createJobTemplate_timeoutConfig :: Lens.Lens' CreateJobTemplate (Prelude.Maybe TimeoutConfig)
+createJobTemplate_timeoutConfig = Lens.lens (\CreateJobTemplate' {timeoutConfig} -> timeoutConfig) (\s@CreateJobTemplate' {} a -> s {timeoutConfig = a} :: CreateJobTemplate)
+
+-- | A unique identifier for the job template. We recommend using a UUID.
+-- Alpha-numeric characters, \"-\", and \"_\" are valid for use here.
+createJobTemplate_jobTemplateId :: Lens.Lens' CreateJobTemplate Prelude.Text
+createJobTemplate_jobTemplateId = Lens.lens (\CreateJobTemplate' {jobTemplateId} -> jobTemplateId) (\s@CreateJobTemplate' {} a -> s {jobTemplateId = a} :: CreateJobTemplate)
+
+-- | A description of the job document.
+createJobTemplate_description :: Lens.Lens' CreateJobTemplate Prelude.Text
+createJobTemplate_description = Lens.lens (\CreateJobTemplate' {description} -> description) (\s@CreateJobTemplate' {} a -> s {description = a} :: CreateJobTemplate)
+
+instance Core.AWSRequest CreateJobTemplate where
+  type
+    AWSResponse CreateJobTemplate =
+      CreateJobTemplateResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateJobTemplateResponse'
+            Prelude.<$> (x Data..?> "jobTemplateArn")
+            Prelude.<*> (x Data..?> "jobTemplateId")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreateJobTemplate where
+  hashWithSalt _salt CreateJobTemplate' {..} =
+    _salt
+      `Prelude.hashWithSalt` abortConfig
+      `Prelude.hashWithSalt` document
+      `Prelude.hashWithSalt` documentSource
+      `Prelude.hashWithSalt` jobArn
+      `Prelude.hashWithSalt` jobExecutionsRetryConfig
+      `Prelude.hashWithSalt` jobExecutionsRolloutConfig
+      `Prelude.hashWithSalt` presignedUrlConfig
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` timeoutConfig
+      `Prelude.hashWithSalt` jobTemplateId
+      `Prelude.hashWithSalt` description
+
+instance Prelude.NFData CreateJobTemplate where
+  rnf CreateJobTemplate' {..} =
+    Prelude.rnf abortConfig
+      `Prelude.seq` Prelude.rnf document
+      `Prelude.seq` Prelude.rnf documentSource
+      `Prelude.seq` Prelude.rnf jobArn
+      `Prelude.seq` Prelude.rnf jobExecutionsRetryConfig
+      `Prelude.seq` Prelude.rnf jobExecutionsRolloutConfig
+      `Prelude.seq` Prelude.rnf presignedUrlConfig
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf timeoutConfig
+      `Prelude.seq` Prelude.rnf jobTemplateId
+      `Prelude.seq` Prelude.rnf description
+
+instance Data.ToHeaders CreateJobTemplate where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CreateJobTemplate where
+  toJSON CreateJobTemplate' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("abortConfig" Data..=) Prelude.<$> abortConfig,
+            ("document" Data..=) Prelude.<$> document,
+            ("documentSource" Data..=)
+              Prelude.<$> documentSource,
+            ("jobArn" Data..=) Prelude.<$> jobArn,
+            ("jobExecutionsRetryConfig" Data..=)
+              Prelude.<$> jobExecutionsRetryConfig,
+            ("jobExecutionsRolloutConfig" Data..=)
+              Prelude.<$> jobExecutionsRolloutConfig,
+            ("presignedUrlConfig" Data..=)
+              Prelude.<$> presignedUrlConfig,
+            ("tags" Data..=) Prelude.<$> tags,
+            ("timeoutConfig" Data..=) Prelude.<$> timeoutConfig,
+            Prelude.Just ("description" Data..= description)
+          ]
+      )
+
+instance Data.ToPath CreateJobTemplate where
+  toPath CreateJobTemplate' {..} =
+    Prelude.mconcat
+      ["/job-templates/", Data.toBS jobTemplateId]
+
+instance Data.ToQuery CreateJobTemplate where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateJobTemplateResponse' smart constructor.
+data CreateJobTemplateResponse = CreateJobTemplateResponse'
+  { -- | The ARN of the job template.
+    jobTemplateArn :: Prelude.Maybe Prelude.Text,
+    -- | The unique identifier of the job template.
+    jobTemplateId :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateJobTemplateResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'jobTemplateArn', 'createJobTemplateResponse_jobTemplateArn' - The ARN of the job template.
+--
+-- 'jobTemplateId', 'createJobTemplateResponse_jobTemplateId' - The unique identifier of the job template.
+--
+-- 'httpStatus', 'createJobTemplateResponse_httpStatus' - The response's http status code.
+newCreateJobTemplateResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateJobTemplateResponse
+newCreateJobTemplateResponse pHttpStatus_ =
+  CreateJobTemplateResponse'
+    { jobTemplateArn =
+        Prelude.Nothing,
+      jobTemplateId = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The ARN of the job template.
+createJobTemplateResponse_jobTemplateArn :: Lens.Lens' CreateJobTemplateResponse (Prelude.Maybe Prelude.Text)
+createJobTemplateResponse_jobTemplateArn = Lens.lens (\CreateJobTemplateResponse' {jobTemplateArn} -> jobTemplateArn) (\s@CreateJobTemplateResponse' {} a -> s {jobTemplateArn = a} :: CreateJobTemplateResponse)
+
+-- | The unique identifier of the job template.
+createJobTemplateResponse_jobTemplateId :: Lens.Lens' CreateJobTemplateResponse (Prelude.Maybe Prelude.Text)
+createJobTemplateResponse_jobTemplateId = Lens.lens (\CreateJobTemplateResponse' {jobTemplateId} -> jobTemplateId) (\s@CreateJobTemplateResponse' {} a -> s {jobTemplateId = a} :: CreateJobTemplateResponse)
+
+-- | The response's http status code.
+createJobTemplateResponse_httpStatus :: Lens.Lens' CreateJobTemplateResponse Prelude.Int
+createJobTemplateResponse_httpStatus = Lens.lens (\CreateJobTemplateResponse' {httpStatus} -> httpStatus) (\s@CreateJobTemplateResponse' {} a -> s {httpStatus = a} :: CreateJobTemplateResponse)
+
+instance Prelude.NFData CreateJobTemplateResponse where
+  rnf CreateJobTemplateResponse' {..} =
+    Prelude.rnf jobTemplateArn
+      `Prelude.seq` Prelude.rnf jobTemplateId
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CreateKeysAndCertificate.hs b/gen/Amazonka/IoT/CreateKeysAndCertificate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CreateKeysAndCertificate.hs
@@ -0,0 +1,215 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CreateKeysAndCertificate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a 2048-bit RSA key pair and issues an X.509 certificate using
+-- the issued public key. You can also call @CreateKeysAndCertificate@ over
+-- MQTT from a device, for more information, see
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/provision-wo-cert.html#provision-mqtt-api Provisioning MQTT API>.
+--
+-- __Note__ This is the only time IoT issues the private key for this
+-- certificate, so it is important to keep it in a secure location.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreateKeysAndCertificate>
+-- action.
+module Amazonka.IoT.CreateKeysAndCertificate
+  ( -- * Creating a Request
+    CreateKeysAndCertificate (..),
+    newCreateKeysAndCertificate,
+
+    -- * Request Lenses
+    createKeysAndCertificate_setAsActive,
+
+    -- * Destructuring the Response
+    CreateKeysAndCertificateResponse (..),
+    newCreateKeysAndCertificateResponse,
+
+    -- * Response Lenses
+    createKeysAndCertificateResponse_certificateArn,
+    createKeysAndCertificateResponse_certificateId,
+    createKeysAndCertificateResponse_certificatePem,
+    createKeysAndCertificateResponse_keyPair,
+    createKeysAndCertificateResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the CreateKeysAndCertificate operation.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreateKeysAndCertificateRequest>
+-- action.
+--
+-- /See:/ 'newCreateKeysAndCertificate' smart constructor.
+data CreateKeysAndCertificate = CreateKeysAndCertificate'
+  { -- | Specifies whether the certificate is active.
+    setAsActive :: Prelude.Maybe Prelude.Bool
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateKeysAndCertificate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'setAsActive', 'createKeysAndCertificate_setAsActive' - Specifies whether the certificate is active.
+newCreateKeysAndCertificate ::
+  CreateKeysAndCertificate
+newCreateKeysAndCertificate =
+  CreateKeysAndCertificate'
+    { setAsActive =
+        Prelude.Nothing
+    }
+
+-- | Specifies whether the certificate is active.
+createKeysAndCertificate_setAsActive :: Lens.Lens' CreateKeysAndCertificate (Prelude.Maybe Prelude.Bool)
+createKeysAndCertificate_setAsActive = Lens.lens (\CreateKeysAndCertificate' {setAsActive} -> setAsActive) (\s@CreateKeysAndCertificate' {} a -> s {setAsActive = a} :: CreateKeysAndCertificate)
+
+instance Core.AWSRequest CreateKeysAndCertificate where
+  type
+    AWSResponse CreateKeysAndCertificate =
+      CreateKeysAndCertificateResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateKeysAndCertificateResponse'
+            Prelude.<$> (x Data..?> "certificateArn")
+            Prelude.<*> (x Data..?> "certificateId")
+            Prelude.<*> (x Data..?> "certificatePem")
+            Prelude.<*> (x Data..?> "keyPair")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreateKeysAndCertificate where
+  hashWithSalt _salt CreateKeysAndCertificate' {..} =
+    _salt `Prelude.hashWithSalt` setAsActive
+
+instance Prelude.NFData CreateKeysAndCertificate where
+  rnf CreateKeysAndCertificate' {..} =
+    Prelude.rnf setAsActive
+
+instance Data.ToHeaders CreateKeysAndCertificate where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CreateKeysAndCertificate where
+  toJSON = Prelude.const (Data.Object Prelude.mempty)
+
+instance Data.ToPath CreateKeysAndCertificate where
+  toPath = Prelude.const "/keys-and-certificate"
+
+instance Data.ToQuery CreateKeysAndCertificate where
+  toQuery CreateKeysAndCertificate' {..} =
+    Prelude.mconcat ["setAsActive" Data.=: setAsActive]
+
+-- | The output of the CreateKeysAndCertificate operation.
+--
+-- /See:/ 'newCreateKeysAndCertificateResponse' smart constructor.
+data CreateKeysAndCertificateResponse = CreateKeysAndCertificateResponse'
+  { -- | The ARN of the certificate.
+    certificateArn :: Prelude.Maybe Prelude.Text,
+    -- | The ID of the certificate. IoT issues a default subject name for the
+    -- certificate (for example, IoT Certificate).
+    certificateId :: Prelude.Maybe Prelude.Text,
+    -- | The certificate data, in PEM format.
+    certificatePem :: Prelude.Maybe Prelude.Text,
+    -- | The generated key pair.
+    keyPair :: Prelude.Maybe KeyPair,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateKeysAndCertificateResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificateArn', 'createKeysAndCertificateResponse_certificateArn' - The ARN of the certificate.
+--
+-- 'certificateId', 'createKeysAndCertificateResponse_certificateId' - The ID of the certificate. IoT issues a default subject name for the
+-- certificate (for example, IoT Certificate).
+--
+-- 'certificatePem', 'createKeysAndCertificateResponse_certificatePem' - The certificate data, in PEM format.
+--
+-- 'keyPair', 'createKeysAndCertificateResponse_keyPair' - The generated key pair.
+--
+-- 'httpStatus', 'createKeysAndCertificateResponse_httpStatus' - The response's http status code.
+newCreateKeysAndCertificateResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateKeysAndCertificateResponse
+newCreateKeysAndCertificateResponse pHttpStatus_ =
+  CreateKeysAndCertificateResponse'
+    { certificateArn =
+        Prelude.Nothing,
+      certificateId = Prelude.Nothing,
+      certificatePem = Prelude.Nothing,
+      keyPair = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The ARN of the certificate.
+createKeysAndCertificateResponse_certificateArn :: Lens.Lens' CreateKeysAndCertificateResponse (Prelude.Maybe Prelude.Text)
+createKeysAndCertificateResponse_certificateArn = Lens.lens (\CreateKeysAndCertificateResponse' {certificateArn} -> certificateArn) (\s@CreateKeysAndCertificateResponse' {} a -> s {certificateArn = a} :: CreateKeysAndCertificateResponse)
+
+-- | The ID of the certificate. IoT issues a default subject name for the
+-- certificate (for example, IoT Certificate).
+createKeysAndCertificateResponse_certificateId :: Lens.Lens' CreateKeysAndCertificateResponse (Prelude.Maybe Prelude.Text)
+createKeysAndCertificateResponse_certificateId = Lens.lens (\CreateKeysAndCertificateResponse' {certificateId} -> certificateId) (\s@CreateKeysAndCertificateResponse' {} a -> s {certificateId = a} :: CreateKeysAndCertificateResponse)
+
+-- | The certificate data, in PEM format.
+createKeysAndCertificateResponse_certificatePem :: Lens.Lens' CreateKeysAndCertificateResponse (Prelude.Maybe Prelude.Text)
+createKeysAndCertificateResponse_certificatePem = Lens.lens (\CreateKeysAndCertificateResponse' {certificatePem} -> certificatePem) (\s@CreateKeysAndCertificateResponse' {} a -> s {certificatePem = a} :: CreateKeysAndCertificateResponse)
+
+-- | The generated key pair.
+createKeysAndCertificateResponse_keyPair :: Lens.Lens' CreateKeysAndCertificateResponse (Prelude.Maybe KeyPair)
+createKeysAndCertificateResponse_keyPair = Lens.lens (\CreateKeysAndCertificateResponse' {keyPair} -> keyPair) (\s@CreateKeysAndCertificateResponse' {} a -> s {keyPair = a} :: CreateKeysAndCertificateResponse)
+
+-- | The response's http status code.
+createKeysAndCertificateResponse_httpStatus :: Lens.Lens' CreateKeysAndCertificateResponse Prelude.Int
+createKeysAndCertificateResponse_httpStatus = Lens.lens (\CreateKeysAndCertificateResponse' {httpStatus} -> httpStatus) (\s@CreateKeysAndCertificateResponse' {} a -> s {httpStatus = a} :: CreateKeysAndCertificateResponse)
+
+instance
+  Prelude.NFData
+    CreateKeysAndCertificateResponse
+  where
+  rnf CreateKeysAndCertificateResponse' {..} =
+    Prelude.rnf certificateArn
+      `Prelude.seq` Prelude.rnf certificateId
+      `Prelude.seq` Prelude.rnf certificatePem
+      `Prelude.seq` Prelude.rnf keyPair
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CreateMitigationAction.hs b/gen/Amazonka/IoT/CreateMitigationAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CreateMitigationAction.hs
@@ -0,0 +1,235 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CreateMitigationAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Defines an action that can be applied to audit findings by using
+-- StartAuditMitigationActionsTask. Only certain types of mitigation
+-- actions can be applied to specific check names. For more information,
+-- see
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/device-defender-mitigation-actions.html Mitigation actions>.
+-- Each mitigation action can apply only one type of change.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreateMitigationAction>
+-- action.
+module Amazonka.IoT.CreateMitigationAction
+  ( -- * Creating a Request
+    CreateMitigationAction (..),
+    newCreateMitigationAction,
+
+    -- * Request Lenses
+    createMitigationAction_tags,
+    createMitigationAction_actionName,
+    createMitigationAction_roleArn,
+    createMitigationAction_actionParams,
+
+    -- * Destructuring the Response
+    CreateMitigationActionResponse (..),
+    newCreateMitigationActionResponse,
+
+    -- * Response Lenses
+    createMitigationActionResponse_actionArn,
+    createMitigationActionResponse_actionId,
+    createMitigationActionResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newCreateMitigationAction' smart constructor.
+data CreateMitigationAction = CreateMitigationAction'
+  { -- | Metadata that can be used to manage the mitigation action.
+    tags :: Prelude.Maybe [Tag],
+    -- | A friendly name for the action. Choose a friendly name that accurately
+    -- describes the action (for example, @EnableLoggingAction@).
+    actionName :: Prelude.Text,
+    -- | The ARN of the IAM role that is used to apply the mitigation action.
+    roleArn :: Prelude.Text,
+    -- | Defines the type of action and the parameters for that action.
+    actionParams :: MitigationActionParams
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateMitigationAction' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'tags', 'createMitigationAction_tags' - Metadata that can be used to manage the mitigation action.
+--
+-- 'actionName', 'createMitigationAction_actionName' - A friendly name for the action. Choose a friendly name that accurately
+-- describes the action (for example, @EnableLoggingAction@).
+--
+-- 'roleArn', 'createMitigationAction_roleArn' - The ARN of the IAM role that is used to apply the mitigation action.
+--
+-- 'actionParams', 'createMitigationAction_actionParams' - Defines the type of action and the parameters for that action.
+newCreateMitigationAction ::
+  -- | 'actionName'
+  Prelude.Text ->
+  -- | 'roleArn'
+  Prelude.Text ->
+  -- | 'actionParams'
+  MitigationActionParams ->
+  CreateMitigationAction
+newCreateMitigationAction
+  pActionName_
+  pRoleArn_
+  pActionParams_ =
+    CreateMitigationAction'
+      { tags = Prelude.Nothing,
+        actionName = pActionName_,
+        roleArn = pRoleArn_,
+        actionParams = pActionParams_
+      }
+
+-- | Metadata that can be used to manage the mitigation action.
+createMitigationAction_tags :: Lens.Lens' CreateMitigationAction (Prelude.Maybe [Tag])
+createMitigationAction_tags = Lens.lens (\CreateMitigationAction' {tags} -> tags) (\s@CreateMitigationAction' {} a -> s {tags = a} :: CreateMitigationAction) Prelude.. Lens.mapping Lens.coerced
+
+-- | A friendly name for the action. Choose a friendly name that accurately
+-- describes the action (for example, @EnableLoggingAction@).
+createMitigationAction_actionName :: Lens.Lens' CreateMitigationAction Prelude.Text
+createMitigationAction_actionName = Lens.lens (\CreateMitigationAction' {actionName} -> actionName) (\s@CreateMitigationAction' {} a -> s {actionName = a} :: CreateMitigationAction)
+
+-- | The ARN of the IAM role that is used to apply the mitigation action.
+createMitigationAction_roleArn :: Lens.Lens' CreateMitigationAction Prelude.Text
+createMitigationAction_roleArn = Lens.lens (\CreateMitigationAction' {roleArn} -> roleArn) (\s@CreateMitigationAction' {} a -> s {roleArn = a} :: CreateMitigationAction)
+
+-- | Defines the type of action and the parameters for that action.
+createMitigationAction_actionParams :: Lens.Lens' CreateMitigationAction MitigationActionParams
+createMitigationAction_actionParams = Lens.lens (\CreateMitigationAction' {actionParams} -> actionParams) (\s@CreateMitigationAction' {} a -> s {actionParams = a} :: CreateMitigationAction)
+
+instance Core.AWSRequest CreateMitigationAction where
+  type
+    AWSResponse CreateMitigationAction =
+      CreateMitigationActionResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateMitigationActionResponse'
+            Prelude.<$> (x Data..?> "actionArn")
+            Prelude.<*> (x Data..?> "actionId")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreateMitigationAction where
+  hashWithSalt _salt CreateMitigationAction' {..} =
+    _salt
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` actionName
+      `Prelude.hashWithSalt` roleArn
+      `Prelude.hashWithSalt` actionParams
+
+instance Prelude.NFData CreateMitigationAction where
+  rnf CreateMitigationAction' {..} =
+    Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf actionName
+      `Prelude.seq` Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf actionParams
+
+instance Data.ToHeaders CreateMitigationAction where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CreateMitigationAction where
+  toJSON CreateMitigationAction' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("tags" Data..=) Prelude.<$> tags,
+            Prelude.Just ("roleArn" Data..= roleArn),
+            Prelude.Just ("actionParams" Data..= actionParams)
+          ]
+      )
+
+instance Data.ToPath CreateMitigationAction where
+  toPath CreateMitigationAction' {..} =
+    Prelude.mconcat
+      ["/mitigationactions/actions/", Data.toBS actionName]
+
+instance Data.ToQuery CreateMitigationAction where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateMitigationActionResponse' smart constructor.
+data CreateMitigationActionResponse = CreateMitigationActionResponse'
+  { -- | The ARN for the new mitigation action.
+    actionArn :: Prelude.Maybe Prelude.Text,
+    -- | A unique identifier for the new mitigation action.
+    actionId :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateMitigationActionResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'actionArn', 'createMitigationActionResponse_actionArn' - The ARN for the new mitigation action.
+--
+-- 'actionId', 'createMitigationActionResponse_actionId' - A unique identifier for the new mitigation action.
+--
+-- 'httpStatus', 'createMitigationActionResponse_httpStatus' - The response's http status code.
+newCreateMitigationActionResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateMitigationActionResponse
+newCreateMitigationActionResponse pHttpStatus_ =
+  CreateMitigationActionResponse'
+    { actionArn =
+        Prelude.Nothing,
+      actionId = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The ARN for the new mitigation action.
+createMitigationActionResponse_actionArn :: Lens.Lens' CreateMitigationActionResponse (Prelude.Maybe Prelude.Text)
+createMitigationActionResponse_actionArn = Lens.lens (\CreateMitigationActionResponse' {actionArn} -> actionArn) (\s@CreateMitigationActionResponse' {} a -> s {actionArn = a} :: CreateMitigationActionResponse)
+
+-- | A unique identifier for the new mitigation action.
+createMitigationActionResponse_actionId :: Lens.Lens' CreateMitigationActionResponse (Prelude.Maybe Prelude.Text)
+createMitigationActionResponse_actionId = Lens.lens (\CreateMitigationActionResponse' {actionId} -> actionId) (\s@CreateMitigationActionResponse' {} a -> s {actionId = a} :: CreateMitigationActionResponse)
+
+-- | The response's http status code.
+createMitigationActionResponse_httpStatus :: Lens.Lens' CreateMitigationActionResponse Prelude.Int
+createMitigationActionResponse_httpStatus = Lens.lens (\CreateMitigationActionResponse' {httpStatus} -> httpStatus) (\s@CreateMitigationActionResponse' {} a -> s {httpStatus = a} :: CreateMitigationActionResponse)
+
+instance
+  Prelude.NFData
+    CreateMitigationActionResponse
+  where
+  rnf CreateMitigationActionResponse' {..} =
+    Prelude.rnf actionArn
+      `Prelude.seq` Prelude.rnf actionId
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CreateOTAUpdate.hs b/gen/Amazonka/IoT/CreateOTAUpdate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CreateOTAUpdate.hs
@@ -0,0 +1,429 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CreateOTAUpdate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates an IoT OTA update on a target group of things or groups.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreateOTAUpdate>
+-- action.
+module Amazonka.IoT.CreateOTAUpdate
+  ( -- * Creating a Request
+    CreateOTAUpdate (..),
+    newCreateOTAUpdate,
+
+    -- * Request Lenses
+    createOTAUpdate_additionalParameters,
+    createOTAUpdate_awsJobAbortConfig,
+    createOTAUpdate_awsJobExecutionsRolloutConfig,
+    createOTAUpdate_awsJobPresignedUrlConfig,
+    createOTAUpdate_awsJobTimeoutConfig,
+    createOTAUpdate_description,
+    createOTAUpdate_protocols,
+    createOTAUpdate_tags,
+    createOTAUpdate_targetSelection,
+    createOTAUpdate_otaUpdateId,
+    createOTAUpdate_targets,
+    createOTAUpdate_files,
+    createOTAUpdate_roleArn,
+
+    -- * Destructuring the Response
+    CreateOTAUpdateResponse (..),
+    newCreateOTAUpdateResponse,
+
+    -- * Response Lenses
+    createOTAUpdateResponse_awsIotJobArn,
+    createOTAUpdateResponse_awsIotJobId,
+    createOTAUpdateResponse_otaUpdateArn,
+    createOTAUpdateResponse_otaUpdateId,
+    createOTAUpdateResponse_otaUpdateStatus,
+    createOTAUpdateResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newCreateOTAUpdate' smart constructor.
+data CreateOTAUpdate = CreateOTAUpdate'
+  { -- | A list of additional OTA update parameters which are name-value pairs.
+    additionalParameters :: Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text),
+    -- | The criteria that determine when and how a job abort takes place.
+    awsJobAbortConfig :: Prelude.Maybe AwsJobAbortConfig,
+    -- | Configuration for the rollout of OTA updates.
+    awsJobExecutionsRolloutConfig :: Prelude.Maybe AwsJobExecutionsRolloutConfig,
+    -- | Configuration information for pre-signed URLs.
+    awsJobPresignedUrlConfig :: Prelude.Maybe AwsJobPresignedUrlConfig,
+    -- | Specifies the amount of time each device has to finish its execution of
+    -- the job. A timer is started when the job execution status is set to
+    -- @IN_PROGRESS@. If the job execution status is not set to another
+    -- terminal state before the timer expires, it will be automatically set to
+    -- @TIMED_OUT@.
+    awsJobTimeoutConfig :: Prelude.Maybe AwsJobTimeoutConfig,
+    -- | The description of the OTA update.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | The protocol used to transfer the OTA update image. Valid values are
+    -- [HTTP], [MQTT], [HTTP, MQTT]. When both HTTP and MQTT are specified, the
+    -- target device can choose the protocol.
+    protocols :: Prelude.Maybe (Prelude.NonEmpty Protocol),
+    -- | Metadata which can be used to manage updates.
+    tags :: Prelude.Maybe [Tag],
+    -- | Specifies whether the update will continue to run (CONTINUOUS), or will
+    -- be complete after all the things specified as targets have completed the
+    -- update (SNAPSHOT). If continuous, the update may also be run on a thing
+    -- when a change is detected in a target. For example, an update will run
+    -- on a thing when the thing is added to a target group, even after the
+    -- update was completed by all things originally in the group. Valid
+    -- values: CONTINUOUS | SNAPSHOT.
+    targetSelection :: Prelude.Maybe TargetSelection,
+    -- | The ID of the OTA update to be created.
+    otaUpdateId :: Prelude.Text,
+    -- | The devices targeted to receive OTA updates.
+    targets :: Prelude.NonEmpty Prelude.Text,
+    -- | The files to be streamed by the OTA update.
+    files :: Prelude.NonEmpty OTAUpdateFile,
+    -- | The IAM role that grants Amazon Web Services IoT Core access to the
+    -- Amazon S3, IoT jobs and Amazon Web Services Code Signing resources to
+    -- create an OTA update job.
+    roleArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateOTAUpdate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'additionalParameters', 'createOTAUpdate_additionalParameters' - A list of additional OTA update parameters which are name-value pairs.
+--
+-- 'awsJobAbortConfig', 'createOTAUpdate_awsJobAbortConfig' - The criteria that determine when and how a job abort takes place.
+--
+-- 'awsJobExecutionsRolloutConfig', 'createOTAUpdate_awsJobExecutionsRolloutConfig' - Configuration for the rollout of OTA updates.
+--
+-- 'awsJobPresignedUrlConfig', 'createOTAUpdate_awsJobPresignedUrlConfig' - Configuration information for pre-signed URLs.
+--
+-- 'awsJobTimeoutConfig', 'createOTAUpdate_awsJobTimeoutConfig' - Specifies the amount of time each device has to finish its execution of
+-- the job. A timer is started when the job execution status is set to
+-- @IN_PROGRESS@. If the job execution status is not set to another
+-- terminal state before the timer expires, it will be automatically set to
+-- @TIMED_OUT@.
+--
+-- 'description', 'createOTAUpdate_description' - The description of the OTA update.
+--
+-- 'protocols', 'createOTAUpdate_protocols' - The protocol used to transfer the OTA update image. Valid values are
+-- [HTTP], [MQTT], [HTTP, MQTT]. When both HTTP and MQTT are specified, the
+-- target device can choose the protocol.
+--
+-- 'tags', 'createOTAUpdate_tags' - Metadata which can be used to manage updates.
+--
+-- 'targetSelection', 'createOTAUpdate_targetSelection' - Specifies whether the update will continue to run (CONTINUOUS), or will
+-- be complete after all the things specified as targets have completed the
+-- update (SNAPSHOT). If continuous, the update may also be run on a thing
+-- when a change is detected in a target. For example, an update will run
+-- on a thing when the thing is added to a target group, even after the
+-- update was completed by all things originally in the group. Valid
+-- values: CONTINUOUS | SNAPSHOT.
+--
+-- 'otaUpdateId', 'createOTAUpdate_otaUpdateId' - The ID of the OTA update to be created.
+--
+-- 'targets', 'createOTAUpdate_targets' - The devices targeted to receive OTA updates.
+--
+-- 'files', 'createOTAUpdate_files' - The files to be streamed by the OTA update.
+--
+-- 'roleArn', 'createOTAUpdate_roleArn' - The IAM role that grants Amazon Web Services IoT Core access to the
+-- Amazon S3, IoT jobs and Amazon Web Services Code Signing resources to
+-- create an OTA update job.
+newCreateOTAUpdate ::
+  -- | 'otaUpdateId'
+  Prelude.Text ->
+  -- | 'targets'
+  Prelude.NonEmpty Prelude.Text ->
+  -- | 'files'
+  Prelude.NonEmpty OTAUpdateFile ->
+  -- | 'roleArn'
+  Prelude.Text ->
+  CreateOTAUpdate
+newCreateOTAUpdate
+  pOtaUpdateId_
+  pTargets_
+  pFiles_
+  pRoleArn_ =
+    CreateOTAUpdate'
+      { additionalParameters =
+          Prelude.Nothing,
+        awsJobAbortConfig = Prelude.Nothing,
+        awsJobExecutionsRolloutConfig = Prelude.Nothing,
+        awsJobPresignedUrlConfig = Prelude.Nothing,
+        awsJobTimeoutConfig = Prelude.Nothing,
+        description = Prelude.Nothing,
+        protocols = Prelude.Nothing,
+        tags = Prelude.Nothing,
+        targetSelection = Prelude.Nothing,
+        otaUpdateId = pOtaUpdateId_,
+        targets = Lens.coerced Lens.# pTargets_,
+        files = Lens.coerced Lens.# pFiles_,
+        roleArn = pRoleArn_
+      }
+
+-- | A list of additional OTA update parameters which are name-value pairs.
+createOTAUpdate_additionalParameters :: Lens.Lens' CreateOTAUpdate (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
+createOTAUpdate_additionalParameters = Lens.lens (\CreateOTAUpdate' {additionalParameters} -> additionalParameters) (\s@CreateOTAUpdate' {} a -> s {additionalParameters = a} :: CreateOTAUpdate) Prelude.. Lens.mapping Lens.coerced
+
+-- | The criteria that determine when and how a job abort takes place.
+createOTAUpdate_awsJobAbortConfig :: Lens.Lens' CreateOTAUpdate (Prelude.Maybe AwsJobAbortConfig)
+createOTAUpdate_awsJobAbortConfig = Lens.lens (\CreateOTAUpdate' {awsJobAbortConfig} -> awsJobAbortConfig) (\s@CreateOTAUpdate' {} a -> s {awsJobAbortConfig = a} :: CreateOTAUpdate)
+
+-- | Configuration for the rollout of OTA updates.
+createOTAUpdate_awsJobExecutionsRolloutConfig :: Lens.Lens' CreateOTAUpdate (Prelude.Maybe AwsJobExecutionsRolloutConfig)
+createOTAUpdate_awsJobExecutionsRolloutConfig = Lens.lens (\CreateOTAUpdate' {awsJobExecutionsRolloutConfig} -> awsJobExecutionsRolloutConfig) (\s@CreateOTAUpdate' {} a -> s {awsJobExecutionsRolloutConfig = a} :: CreateOTAUpdate)
+
+-- | Configuration information for pre-signed URLs.
+createOTAUpdate_awsJobPresignedUrlConfig :: Lens.Lens' CreateOTAUpdate (Prelude.Maybe AwsJobPresignedUrlConfig)
+createOTAUpdate_awsJobPresignedUrlConfig = Lens.lens (\CreateOTAUpdate' {awsJobPresignedUrlConfig} -> awsJobPresignedUrlConfig) (\s@CreateOTAUpdate' {} a -> s {awsJobPresignedUrlConfig = a} :: CreateOTAUpdate)
+
+-- | Specifies the amount of time each device has to finish its execution of
+-- the job. A timer is started when the job execution status is set to
+-- @IN_PROGRESS@. If the job execution status is not set to another
+-- terminal state before the timer expires, it will be automatically set to
+-- @TIMED_OUT@.
+createOTAUpdate_awsJobTimeoutConfig :: Lens.Lens' CreateOTAUpdate (Prelude.Maybe AwsJobTimeoutConfig)
+createOTAUpdate_awsJobTimeoutConfig = Lens.lens (\CreateOTAUpdate' {awsJobTimeoutConfig} -> awsJobTimeoutConfig) (\s@CreateOTAUpdate' {} a -> s {awsJobTimeoutConfig = a} :: CreateOTAUpdate)
+
+-- | The description of the OTA update.
+createOTAUpdate_description :: Lens.Lens' CreateOTAUpdate (Prelude.Maybe Prelude.Text)
+createOTAUpdate_description = Lens.lens (\CreateOTAUpdate' {description} -> description) (\s@CreateOTAUpdate' {} a -> s {description = a} :: CreateOTAUpdate)
+
+-- | The protocol used to transfer the OTA update image. Valid values are
+-- [HTTP], [MQTT], [HTTP, MQTT]. When both HTTP and MQTT are specified, the
+-- target device can choose the protocol.
+createOTAUpdate_protocols :: Lens.Lens' CreateOTAUpdate (Prelude.Maybe (Prelude.NonEmpty Protocol))
+createOTAUpdate_protocols = Lens.lens (\CreateOTAUpdate' {protocols} -> protocols) (\s@CreateOTAUpdate' {} a -> s {protocols = a} :: CreateOTAUpdate) Prelude.. Lens.mapping Lens.coerced
+
+-- | Metadata which can be used to manage updates.
+createOTAUpdate_tags :: Lens.Lens' CreateOTAUpdate (Prelude.Maybe [Tag])
+createOTAUpdate_tags = Lens.lens (\CreateOTAUpdate' {tags} -> tags) (\s@CreateOTAUpdate' {} a -> s {tags = a} :: CreateOTAUpdate) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies whether the update will continue to run (CONTINUOUS), or will
+-- be complete after all the things specified as targets have completed the
+-- update (SNAPSHOT). If continuous, the update may also be run on a thing
+-- when a change is detected in a target. For example, an update will run
+-- on a thing when the thing is added to a target group, even after the
+-- update was completed by all things originally in the group. Valid
+-- values: CONTINUOUS | SNAPSHOT.
+createOTAUpdate_targetSelection :: Lens.Lens' CreateOTAUpdate (Prelude.Maybe TargetSelection)
+createOTAUpdate_targetSelection = Lens.lens (\CreateOTAUpdate' {targetSelection} -> targetSelection) (\s@CreateOTAUpdate' {} a -> s {targetSelection = a} :: CreateOTAUpdate)
+
+-- | The ID of the OTA update to be created.
+createOTAUpdate_otaUpdateId :: Lens.Lens' CreateOTAUpdate Prelude.Text
+createOTAUpdate_otaUpdateId = Lens.lens (\CreateOTAUpdate' {otaUpdateId} -> otaUpdateId) (\s@CreateOTAUpdate' {} a -> s {otaUpdateId = a} :: CreateOTAUpdate)
+
+-- | The devices targeted to receive OTA updates.
+createOTAUpdate_targets :: Lens.Lens' CreateOTAUpdate (Prelude.NonEmpty Prelude.Text)
+createOTAUpdate_targets = Lens.lens (\CreateOTAUpdate' {targets} -> targets) (\s@CreateOTAUpdate' {} a -> s {targets = a} :: CreateOTAUpdate) Prelude.. Lens.coerced
+
+-- | The files to be streamed by the OTA update.
+createOTAUpdate_files :: Lens.Lens' CreateOTAUpdate (Prelude.NonEmpty OTAUpdateFile)
+createOTAUpdate_files = Lens.lens (\CreateOTAUpdate' {files} -> files) (\s@CreateOTAUpdate' {} a -> s {files = a} :: CreateOTAUpdate) Prelude.. Lens.coerced
+
+-- | The IAM role that grants Amazon Web Services IoT Core access to the
+-- Amazon S3, IoT jobs and Amazon Web Services Code Signing resources to
+-- create an OTA update job.
+createOTAUpdate_roleArn :: Lens.Lens' CreateOTAUpdate Prelude.Text
+createOTAUpdate_roleArn = Lens.lens (\CreateOTAUpdate' {roleArn} -> roleArn) (\s@CreateOTAUpdate' {} a -> s {roleArn = a} :: CreateOTAUpdate)
+
+instance Core.AWSRequest CreateOTAUpdate where
+  type
+    AWSResponse CreateOTAUpdate =
+      CreateOTAUpdateResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateOTAUpdateResponse'
+            Prelude.<$> (x Data..?> "awsIotJobArn")
+            Prelude.<*> (x Data..?> "awsIotJobId")
+            Prelude.<*> (x Data..?> "otaUpdateArn")
+            Prelude.<*> (x Data..?> "otaUpdateId")
+            Prelude.<*> (x Data..?> "otaUpdateStatus")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreateOTAUpdate where
+  hashWithSalt _salt CreateOTAUpdate' {..} =
+    _salt
+      `Prelude.hashWithSalt` additionalParameters
+      `Prelude.hashWithSalt` awsJobAbortConfig
+      `Prelude.hashWithSalt` awsJobExecutionsRolloutConfig
+      `Prelude.hashWithSalt` awsJobPresignedUrlConfig
+      `Prelude.hashWithSalt` awsJobTimeoutConfig
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` protocols
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` targetSelection
+      `Prelude.hashWithSalt` otaUpdateId
+      `Prelude.hashWithSalt` targets
+      `Prelude.hashWithSalt` files
+      `Prelude.hashWithSalt` roleArn
+
+instance Prelude.NFData CreateOTAUpdate where
+  rnf CreateOTAUpdate' {..} =
+    Prelude.rnf additionalParameters
+      `Prelude.seq` Prelude.rnf awsJobAbortConfig
+      `Prelude.seq` Prelude.rnf awsJobExecutionsRolloutConfig
+      `Prelude.seq` Prelude.rnf awsJobPresignedUrlConfig
+      `Prelude.seq` Prelude.rnf awsJobTimeoutConfig
+      `Prelude.seq` Prelude.rnf description
+      `Prelude.seq` Prelude.rnf protocols
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf targetSelection
+      `Prelude.seq` Prelude.rnf otaUpdateId
+      `Prelude.seq` Prelude.rnf targets
+      `Prelude.seq` Prelude.rnf files
+      `Prelude.seq` Prelude.rnf roleArn
+
+instance Data.ToHeaders CreateOTAUpdate where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CreateOTAUpdate where
+  toJSON CreateOTAUpdate' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("additionalParameters" Data..=)
+              Prelude.<$> additionalParameters,
+            ("awsJobAbortConfig" Data..=)
+              Prelude.<$> awsJobAbortConfig,
+            ("awsJobExecutionsRolloutConfig" Data..=)
+              Prelude.<$> awsJobExecutionsRolloutConfig,
+            ("awsJobPresignedUrlConfig" Data..=)
+              Prelude.<$> awsJobPresignedUrlConfig,
+            ("awsJobTimeoutConfig" Data..=)
+              Prelude.<$> awsJobTimeoutConfig,
+            ("description" Data..=) Prelude.<$> description,
+            ("protocols" Data..=) Prelude.<$> protocols,
+            ("tags" Data..=) Prelude.<$> tags,
+            ("targetSelection" Data..=)
+              Prelude.<$> targetSelection,
+            Prelude.Just ("targets" Data..= targets),
+            Prelude.Just ("files" Data..= files),
+            Prelude.Just ("roleArn" Data..= roleArn)
+          ]
+      )
+
+instance Data.ToPath CreateOTAUpdate where
+  toPath CreateOTAUpdate' {..} =
+    Prelude.mconcat
+      ["/otaUpdates/", Data.toBS otaUpdateId]
+
+instance Data.ToQuery CreateOTAUpdate where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateOTAUpdateResponse' smart constructor.
+data CreateOTAUpdateResponse = CreateOTAUpdateResponse'
+  { -- | The IoT job ARN associated with the OTA update.
+    awsIotJobArn :: Prelude.Maybe Prelude.Text,
+    -- | The IoT job ID associated with the OTA update.
+    awsIotJobId :: Prelude.Maybe Prelude.Text,
+    -- | The OTA update ARN.
+    otaUpdateArn :: Prelude.Maybe Prelude.Text,
+    -- | The OTA update ID.
+    otaUpdateId :: Prelude.Maybe Prelude.Text,
+    -- | The OTA update status.
+    otaUpdateStatus :: Prelude.Maybe OTAUpdateStatus,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateOTAUpdateResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'awsIotJobArn', 'createOTAUpdateResponse_awsIotJobArn' - The IoT job ARN associated with the OTA update.
+--
+-- 'awsIotJobId', 'createOTAUpdateResponse_awsIotJobId' - The IoT job ID associated with the OTA update.
+--
+-- 'otaUpdateArn', 'createOTAUpdateResponse_otaUpdateArn' - The OTA update ARN.
+--
+-- 'otaUpdateId', 'createOTAUpdateResponse_otaUpdateId' - The OTA update ID.
+--
+-- 'otaUpdateStatus', 'createOTAUpdateResponse_otaUpdateStatus' - The OTA update status.
+--
+-- 'httpStatus', 'createOTAUpdateResponse_httpStatus' - The response's http status code.
+newCreateOTAUpdateResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateOTAUpdateResponse
+newCreateOTAUpdateResponse pHttpStatus_ =
+  CreateOTAUpdateResponse'
+    { awsIotJobArn =
+        Prelude.Nothing,
+      awsIotJobId = Prelude.Nothing,
+      otaUpdateArn = Prelude.Nothing,
+      otaUpdateId = Prelude.Nothing,
+      otaUpdateStatus = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The IoT job ARN associated with the OTA update.
+createOTAUpdateResponse_awsIotJobArn :: Lens.Lens' CreateOTAUpdateResponse (Prelude.Maybe Prelude.Text)
+createOTAUpdateResponse_awsIotJobArn = Lens.lens (\CreateOTAUpdateResponse' {awsIotJobArn} -> awsIotJobArn) (\s@CreateOTAUpdateResponse' {} a -> s {awsIotJobArn = a} :: CreateOTAUpdateResponse)
+
+-- | The IoT job ID associated with the OTA update.
+createOTAUpdateResponse_awsIotJobId :: Lens.Lens' CreateOTAUpdateResponse (Prelude.Maybe Prelude.Text)
+createOTAUpdateResponse_awsIotJobId = Lens.lens (\CreateOTAUpdateResponse' {awsIotJobId} -> awsIotJobId) (\s@CreateOTAUpdateResponse' {} a -> s {awsIotJobId = a} :: CreateOTAUpdateResponse)
+
+-- | The OTA update ARN.
+createOTAUpdateResponse_otaUpdateArn :: Lens.Lens' CreateOTAUpdateResponse (Prelude.Maybe Prelude.Text)
+createOTAUpdateResponse_otaUpdateArn = Lens.lens (\CreateOTAUpdateResponse' {otaUpdateArn} -> otaUpdateArn) (\s@CreateOTAUpdateResponse' {} a -> s {otaUpdateArn = a} :: CreateOTAUpdateResponse)
+
+-- | The OTA update ID.
+createOTAUpdateResponse_otaUpdateId :: Lens.Lens' CreateOTAUpdateResponse (Prelude.Maybe Prelude.Text)
+createOTAUpdateResponse_otaUpdateId = Lens.lens (\CreateOTAUpdateResponse' {otaUpdateId} -> otaUpdateId) (\s@CreateOTAUpdateResponse' {} a -> s {otaUpdateId = a} :: CreateOTAUpdateResponse)
+
+-- | The OTA update status.
+createOTAUpdateResponse_otaUpdateStatus :: Lens.Lens' CreateOTAUpdateResponse (Prelude.Maybe OTAUpdateStatus)
+createOTAUpdateResponse_otaUpdateStatus = Lens.lens (\CreateOTAUpdateResponse' {otaUpdateStatus} -> otaUpdateStatus) (\s@CreateOTAUpdateResponse' {} a -> s {otaUpdateStatus = a} :: CreateOTAUpdateResponse)
+
+-- | The response's http status code.
+createOTAUpdateResponse_httpStatus :: Lens.Lens' CreateOTAUpdateResponse Prelude.Int
+createOTAUpdateResponse_httpStatus = Lens.lens (\CreateOTAUpdateResponse' {httpStatus} -> httpStatus) (\s@CreateOTAUpdateResponse' {} a -> s {httpStatus = a} :: CreateOTAUpdateResponse)
+
+instance Prelude.NFData CreateOTAUpdateResponse where
+  rnf CreateOTAUpdateResponse' {..} =
+    Prelude.rnf awsIotJobArn
+      `Prelude.seq` Prelude.rnf awsIotJobId
+      `Prelude.seq` Prelude.rnf otaUpdateArn
+      `Prelude.seq` Prelude.rnf otaUpdateId
+      `Prelude.seq` Prelude.rnf otaUpdateStatus
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CreatePolicy.hs b/gen/Amazonka/IoT/CreatePolicy.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CreatePolicy.hs
@@ -0,0 +1,266 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CreatePolicy
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates an IoT policy.
+--
+-- The created policy is the default version for the policy. This operation
+-- creates a policy version with a version identifier of __1__ and sets
+-- __1__ as the policy\'s default version.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreatePolicy>
+-- action.
+module Amazonka.IoT.CreatePolicy
+  ( -- * Creating a Request
+    CreatePolicy (..),
+    newCreatePolicy,
+
+    -- * Request Lenses
+    createPolicy_tags,
+    createPolicy_policyName,
+    createPolicy_policyDocument,
+
+    -- * Destructuring the Response
+    CreatePolicyResponse (..),
+    newCreatePolicyResponse,
+
+    -- * Response Lenses
+    createPolicyResponse_policyArn,
+    createPolicyResponse_policyDocument,
+    createPolicyResponse_policyName,
+    createPolicyResponse_policyVersionId,
+    createPolicyResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the CreatePolicy operation.
+--
+-- /See:/ 'newCreatePolicy' smart constructor.
+data CreatePolicy = CreatePolicy'
+  { -- | Metadata which can be used to manage the policy.
+    --
+    -- For URI Request parameters use format: ...key1=value1&key2=value2...
+    --
+    -- For the CLI command-line parameter use format: &&tags
+    -- \"key1=value1&key2=value2...\"
+    --
+    -- For the cli-input-json file use format: \"tags\":
+    -- \"key1=value1&key2=value2...\"
+    tags :: Prelude.Maybe [Tag],
+    -- | The policy name.
+    policyName :: Prelude.Text,
+    -- | The JSON document that describes the policy. __policyDocument__ must
+    -- have a minimum length of 1, with a maximum length of 2048, excluding
+    -- whitespace.
+    policyDocument :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreatePolicy' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'tags', 'createPolicy_tags' - Metadata which can be used to manage the policy.
+--
+-- For URI Request parameters use format: ...key1=value1&key2=value2...
+--
+-- For the CLI command-line parameter use format: &&tags
+-- \"key1=value1&key2=value2...\"
+--
+-- For the cli-input-json file use format: \"tags\":
+-- \"key1=value1&key2=value2...\"
+--
+-- 'policyName', 'createPolicy_policyName' - The policy name.
+--
+-- 'policyDocument', 'createPolicy_policyDocument' - The JSON document that describes the policy. __policyDocument__ must
+-- have a minimum length of 1, with a maximum length of 2048, excluding
+-- whitespace.
+newCreatePolicy ::
+  -- | 'policyName'
+  Prelude.Text ->
+  -- | 'policyDocument'
+  Prelude.Text ->
+  CreatePolicy
+newCreatePolicy pPolicyName_ pPolicyDocument_ =
+  CreatePolicy'
+    { tags = Prelude.Nothing,
+      policyName = pPolicyName_,
+      policyDocument = pPolicyDocument_
+    }
+
+-- | Metadata which can be used to manage the policy.
+--
+-- For URI Request parameters use format: ...key1=value1&key2=value2...
+--
+-- For the CLI command-line parameter use format: &&tags
+-- \"key1=value1&key2=value2...\"
+--
+-- For the cli-input-json file use format: \"tags\":
+-- \"key1=value1&key2=value2...\"
+createPolicy_tags :: Lens.Lens' CreatePolicy (Prelude.Maybe [Tag])
+createPolicy_tags = Lens.lens (\CreatePolicy' {tags} -> tags) (\s@CreatePolicy' {} a -> s {tags = a} :: CreatePolicy) Prelude.. Lens.mapping Lens.coerced
+
+-- | The policy name.
+createPolicy_policyName :: Lens.Lens' CreatePolicy Prelude.Text
+createPolicy_policyName = Lens.lens (\CreatePolicy' {policyName} -> policyName) (\s@CreatePolicy' {} a -> s {policyName = a} :: CreatePolicy)
+
+-- | The JSON document that describes the policy. __policyDocument__ must
+-- have a minimum length of 1, with a maximum length of 2048, excluding
+-- whitespace.
+createPolicy_policyDocument :: Lens.Lens' CreatePolicy Prelude.Text
+createPolicy_policyDocument = Lens.lens (\CreatePolicy' {policyDocument} -> policyDocument) (\s@CreatePolicy' {} a -> s {policyDocument = a} :: CreatePolicy)
+
+instance Core.AWSRequest CreatePolicy where
+  type AWSResponse CreatePolicy = CreatePolicyResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreatePolicyResponse'
+            Prelude.<$> (x Data..?> "policyArn")
+            Prelude.<*> (x Data..?> "policyDocument")
+            Prelude.<*> (x Data..?> "policyName")
+            Prelude.<*> (x Data..?> "policyVersionId")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreatePolicy where
+  hashWithSalt _salt CreatePolicy' {..} =
+    _salt
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` policyName
+      `Prelude.hashWithSalt` policyDocument
+
+instance Prelude.NFData CreatePolicy where
+  rnf CreatePolicy' {..} =
+    Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf policyName
+      `Prelude.seq` Prelude.rnf policyDocument
+
+instance Data.ToHeaders CreatePolicy where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CreatePolicy where
+  toJSON CreatePolicy' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("tags" Data..=) Prelude.<$> tags,
+            Prelude.Just
+              ("policyDocument" Data..= policyDocument)
+          ]
+      )
+
+instance Data.ToPath CreatePolicy where
+  toPath CreatePolicy' {..} =
+    Prelude.mconcat
+      ["/policies/", Data.toBS policyName]
+
+instance Data.ToQuery CreatePolicy where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | The output from the CreatePolicy operation.
+--
+-- /See:/ 'newCreatePolicyResponse' smart constructor.
+data CreatePolicyResponse = CreatePolicyResponse'
+  { -- | The policy ARN.
+    policyArn :: Prelude.Maybe Prelude.Text,
+    -- | The JSON document that describes the policy.
+    policyDocument :: Prelude.Maybe Prelude.Text,
+    -- | The policy name.
+    policyName :: Prelude.Maybe Prelude.Text,
+    -- | The policy version ID.
+    policyVersionId :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreatePolicyResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'policyArn', 'createPolicyResponse_policyArn' - The policy ARN.
+--
+-- 'policyDocument', 'createPolicyResponse_policyDocument' - The JSON document that describes the policy.
+--
+-- 'policyName', 'createPolicyResponse_policyName' - The policy name.
+--
+-- 'policyVersionId', 'createPolicyResponse_policyVersionId' - The policy version ID.
+--
+-- 'httpStatus', 'createPolicyResponse_httpStatus' - The response's http status code.
+newCreatePolicyResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreatePolicyResponse
+newCreatePolicyResponse pHttpStatus_ =
+  CreatePolicyResponse'
+    { policyArn = Prelude.Nothing,
+      policyDocument = Prelude.Nothing,
+      policyName = Prelude.Nothing,
+      policyVersionId = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The policy ARN.
+createPolicyResponse_policyArn :: Lens.Lens' CreatePolicyResponse (Prelude.Maybe Prelude.Text)
+createPolicyResponse_policyArn = Lens.lens (\CreatePolicyResponse' {policyArn} -> policyArn) (\s@CreatePolicyResponse' {} a -> s {policyArn = a} :: CreatePolicyResponse)
+
+-- | The JSON document that describes the policy.
+createPolicyResponse_policyDocument :: Lens.Lens' CreatePolicyResponse (Prelude.Maybe Prelude.Text)
+createPolicyResponse_policyDocument = Lens.lens (\CreatePolicyResponse' {policyDocument} -> policyDocument) (\s@CreatePolicyResponse' {} a -> s {policyDocument = a} :: CreatePolicyResponse)
+
+-- | The policy name.
+createPolicyResponse_policyName :: Lens.Lens' CreatePolicyResponse (Prelude.Maybe Prelude.Text)
+createPolicyResponse_policyName = Lens.lens (\CreatePolicyResponse' {policyName} -> policyName) (\s@CreatePolicyResponse' {} a -> s {policyName = a} :: CreatePolicyResponse)
+
+-- | The policy version ID.
+createPolicyResponse_policyVersionId :: Lens.Lens' CreatePolicyResponse (Prelude.Maybe Prelude.Text)
+createPolicyResponse_policyVersionId = Lens.lens (\CreatePolicyResponse' {policyVersionId} -> policyVersionId) (\s@CreatePolicyResponse' {} a -> s {policyVersionId = a} :: CreatePolicyResponse)
+
+-- | The response's http status code.
+createPolicyResponse_httpStatus :: Lens.Lens' CreatePolicyResponse Prelude.Int
+createPolicyResponse_httpStatus = Lens.lens (\CreatePolicyResponse' {httpStatus} -> httpStatus) (\s@CreatePolicyResponse' {} a -> s {httpStatus = a} :: CreatePolicyResponse)
+
+instance Prelude.NFData CreatePolicyResponse where
+  rnf CreatePolicyResponse' {..} =
+    Prelude.rnf policyArn
+      `Prelude.seq` Prelude.rnf policyDocument
+      `Prelude.seq` Prelude.rnf policyName
+      `Prelude.seq` Prelude.rnf policyVersionId
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CreatePolicyVersion.hs b/gen/Amazonka/IoT/CreatePolicyVersion.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CreatePolicyVersion.hs
@@ -0,0 +1,258 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CreatePolicyVersion
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a new version of the specified IoT policy. To update a policy,
+-- create a new policy version. A managed policy can have up to five
+-- versions. If the policy has five versions, you must use
+-- DeletePolicyVersion to delete an existing version before you create a
+-- new one.
+--
+-- Optionally, you can set the new version as the policy\'s default
+-- version. The default version is the operative version (that is, the
+-- version that is in effect for the certificates to which the policy is
+-- attached).
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreatePolicyVersion>
+-- action.
+module Amazonka.IoT.CreatePolicyVersion
+  ( -- * Creating a Request
+    CreatePolicyVersion (..),
+    newCreatePolicyVersion,
+
+    -- * Request Lenses
+    createPolicyVersion_setAsDefault,
+    createPolicyVersion_policyName,
+    createPolicyVersion_policyDocument,
+
+    -- * Destructuring the Response
+    CreatePolicyVersionResponse (..),
+    newCreatePolicyVersionResponse,
+
+    -- * Response Lenses
+    createPolicyVersionResponse_isDefaultVersion,
+    createPolicyVersionResponse_policyArn,
+    createPolicyVersionResponse_policyDocument,
+    createPolicyVersionResponse_policyVersionId,
+    createPolicyVersionResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the CreatePolicyVersion operation.
+--
+-- /See:/ 'newCreatePolicyVersion' smart constructor.
+data CreatePolicyVersion = CreatePolicyVersion'
+  { -- | Specifies whether the policy version is set as the default. When this
+    -- parameter is true, the new policy version becomes the operative version
+    -- (that is, the version that is in effect for the certificates to which
+    -- the policy is attached).
+    setAsDefault :: Prelude.Maybe Prelude.Bool,
+    -- | The policy name.
+    policyName :: Prelude.Text,
+    -- | The JSON document that describes the policy. Minimum length of 1.
+    -- Maximum length of 2048, excluding whitespace.
+    policyDocument :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreatePolicyVersion' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'setAsDefault', 'createPolicyVersion_setAsDefault' - Specifies whether the policy version is set as the default. When this
+-- parameter is true, the new policy version becomes the operative version
+-- (that is, the version that is in effect for the certificates to which
+-- the policy is attached).
+--
+-- 'policyName', 'createPolicyVersion_policyName' - The policy name.
+--
+-- 'policyDocument', 'createPolicyVersion_policyDocument' - The JSON document that describes the policy. Minimum length of 1.
+-- Maximum length of 2048, excluding whitespace.
+newCreatePolicyVersion ::
+  -- | 'policyName'
+  Prelude.Text ->
+  -- | 'policyDocument'
+  Prelude.Text ->
+  CreatePolicyVersion
+newCreatePolicyVersion pPolicyName_ pPolicyDocument_ =
+  CreatePolicyVersion'
+    { setAsDefault =
+        Prelude.Nothing,
+      policyName = pPolicyName_,
+      policyDocument = pPolicyDocument_
+    }
+
+-- | Specifies whether the policy version is set as the default. When this
+-- parameter is true, the new policy version becomes the operative version
+-- (that is, the version that is in effect for the certificates to which
+-- the policy is attached).
+createPolicyVersion_setAsDefault :: Lens.Lens' CreatePolicyVersion (Prelude.Maybe Prelude.Bool)
+createPolicyVersion_setAsDefault = Lens.lens (\CreatePolicyVersion' {setAsDefault} -> setAsDefault) (\s@CreatePolicyVersion' {} a -> s {setAsDefault = a} :: CreatePolicyVersion)
+
+-- | The policy name.
+createPolicyVersion_policyName :: Lens.Lens' CreatePolicyVersion Prelude.Text
+createPolicyVersion_policyName = Lens.lens (\CreatePolicyVersion' {policyName} -> policyName) (\s@CreatePolicyVersion' {} a -> s {policyName = a} :: CreatePolicyVersion)
+
+-- | The JSON document that describes the policy. Minimum length of 1.
+-- Maximum length of 2048, excluding whitespace.
+createPolicyVersion_policyDocument :: Lens.Lens' CreatePolicyVersion Prelude.Text
+createPolicyVersion_policyDocument = Lens.lens (\CreatePolicyVersion' {policyDocument} -> policyDocument) (\s@CreatePolicyVersion' {} a -> s {policyDocument = a} :: CreatePolicyVersion)
+
+instance Core.AWSRequest CreatePolicyVersion where
+  type
+    AWSResponse CreatePolicyVersion =
+      CreatePolicyVersionResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreatePolicyVersionResponse'
+            Prelude.<$> (x Data..?> "isDefaultVersion")
+            Prelude.<*> (x Data..?> "policyArn")
+            Prelude.<*> (x Data..?> "policyDocument")
+            Prelude.<*> (x Data..?> "policyVersionId")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreatePolicyVersion where
+  hashWithSalt _salt CreatePolicyVersion' {..} =
+    _salt
+      `Prelude.hashWithSalt` setAsDefault
+      `Prelude.hashWithSalt` policyName
+      `Prelude.hashWithSalt` policyDocument
+
+instance Prelude.NFData CreatePolicyVersion where
+  rnf CreatePolicyVersion' {..} =
+    Prelude.rnf setAsDefault
+      `Prelude.seq` Prelude.rnf policyName
+      `Prelude.seq` Prelude.rnf policyDocument
+
+instance Data.ToHeaders CreatePolicyVersion where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CreatePolicyVersion where
+  toJSON CreatePolicyVersion' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just
+              ("policyDocument" Data..= policyDocument)
+          ]
+      )
+
+instance Data.ToPath CreatePolicyVersion where
+  toPath CreatePolicyVersion' {..} =
+    Prelude.mconcat
+      ["/policies/", Data.toBS policyName, "/version"]
+
+instance Data.ToQuery CreatePolicyVersion where
+  toQuery CreatePolicyVersion' {..} =
+    Prelude.mconcat
+      ["setAsDefault" Data.=: setAsDefault]
+
+-- | The output of the CreatePolicyVersion operation.
+--
+-- /See:/ 'newCreatePolicyVersionResponse' smart constructor.
+data CreatePolicyVersionResponse = CreatePolicyVersionResponse'
+  { -- | Specifies whether the policy version is the default.
+    isDefaultVersion :: Prelude.Maybe Prelude.Bool,
+    -- | The policy ARN.
+    policyArn :: Prelude.Maybe Prelude.Text,
+    -- | The JSON document that describes the policy.
+    policyDocument :: Prelude.Maybe Prelude.Text,
+    -- | The policy version ID.
+    policyVersionId :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreatePolicyVersionResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'isDefaultVersion', 'createPolicyVersionResponse_isDefaultVersion' - Specifies whether the policy version is the default.
+--
+-- 'policyArn', 'createPolicyVersionResponse_policyArn' - The policy ARN.
+--
+-- 'policyDocument', 'createPolicyVersionResponse_policyDocument' - The JSON document that describes the policy.
+--
+-- 'policyVersionId', 'createPolicyVersionResponse_policyVersionId' - The policy version ID.
+--
+-- 'httpStatus', 'createPolicyVersionResponse_httpStatus' - The response's http status code.
+newCreatePolicyVersionResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreatePolicyVersionResponse
+newCreatePolicyVersionResponse pHttpStatus_ =
+  CreatePolicyVersionResponse'
+    { isDefaultVersion =
+        Prelude.Nothing,
+      policyArn = Prelude.Nothing,
+      policyDocument = Prelude.Nothing,
+      policyVersionId = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | Specifies whether the policy version is the default.
+createPolicyVersionResponse_isDefaultVersion :: Lens.Lens' CreatePolicyVersionResponse (Prelude.Maybe Prelude.Bool)
+createPolicyVersionResponse_isDefaultVersion = Lens.lens (\CreatePolicyVersionResponse' {isDefaultVersion} -> isDefaultVersion) (\s@CreatePolicyVersionResponse' {} a -> s {isDefaultVersion = a} :: CreatePolicyVersionResponse)
+
+-- | The policy ARN.
+createPolicyVersionResponse_policyArn :: Lens.Lens' CreatePolicyVersionResponse (Prelude.Maybe Prelude.Text)
+createPolicyVersionResponse_policyArn = Lens.lens (\CreatePolicyVersionResponse' {policyArn} -> policyArn) (\s@CreatePolicyVersionResponse' {} a -> s {policyArn = a} :: CreatePolicyVersionResponse)
+
+-- | The JSON document that describes the policy.
+createPolicyVersionResponse_policyDocument :: Lens.Lens' CreatePolicyVersionResponse (Prelude.Maybe Prelude.Text)
+createPolicyVersionResponse_policyDocument = Lens.lens (\CreatePolicyVersionResponse' {policyDocument} -> policyDocument) (\s@CreatePolicyVersionResponse' {} a -> s {policyDocument = a} :: CreatePolicyVersionResponse)
+
+-- | The policy version ID.
+createPolicyVersionResponse_policyVersionId :: Lens.Lens' CreatePolicyVersionResponse (Prelude.Maybe Prelude.Text)
+createPolicyVersionResponse_policyVersionId = Lens.lens (\CreatePolicyVersionResponse' {policyVersionId} -> policyVersionId) (\s@CreatePolicyVersionResponse' {} a -> s {policyVersionId = a} :: CreatePolicyVersionResponse)
+
+-- | The response's http status code.
+createPolicyVersionResponse_httpStatus :: Lens.Lens' CreatePolicyVersionResponse Prelude.Int
+createPolicyVersionResponse_httpStatus = Lens.lens (\CreatePolicyVersionResponse' {httpStatus} -> httpStatus) (\s@CreatePolicyVersionResponse' {} a -> s {httpStatus = a} :: CreatePolicyVersionResponse)
+
+instance Prelude.NFData CreatePolicyVersionResponse where
+  rnf CreatePolicyVersionResponse' {..} =
+    Prelude.rnf isDefaultVersion
+      `Prelude.seq` Prelude.rnf policyArn
+      `Prelude.seq` Prelude.rnf policyDocument
+      `Prelude.seq` Prelude.rnf policyVersionId
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CreateProvisioningClaim.hs b/gen/Amazonka/IoT/CreateProvisioningClaim.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CreateProvisioningClaim.hs
@@ -0,0 +1,204 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CreateProvisioningClaim
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a provisioning claim.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreateProvisioningClaim>
+-- action.
+module Amazonka.IoT.CreateProvisioningClaim
+  ( -- * Creating a Request
+    CreateProvisioningClaim (..),
+    newCreateProvisioningClaim,
+
+    -- * Request Lenses
+    createProvisioningClaim_templateName,
+
+    -- * Destructuring the Response
+    CreateProvisioningClaimResponse (..),
+    newCreateProvisioningClaimResponse,
+
+    -- * Response Lenses
+    createProvisioningClaimResponse_certificateId,
+    createProvisioningClaimResponse_certificatePem,
+    createProvisioningClaimResponse_expiration,
+    createProvisioningClaimResponse_keyPair,
+    createProvisioningClaimResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newCreateProvisioningClaim' smart constructor.
+data CreateProvisioningClaim = CreateProvisioningClaim'
+  { -- | The name of the provisioning template to use.
+    templateName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateProvisioningClaim' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'templateName', 'createProvisioningClaim_templateName' - The name of the provisioning template to use.
+newCreateProvisioningClaim ::
+  -- | 'templateName'
+  Prelude.Text ->
+  CreateProvisioningClaim
+newCreateProvisioningClaim pTemplateName_ =
+  CreateProvisioningClaim'
+    { templateName =
+        pTemplateName_
+    }
+
+-- | The name of the provisioning template to use.
+createProvisioningClaim_templateName :: Lens.Lens' CreateProvisioningClaim Prelude.Text
+createProvisioningClaim_templateName = Lens.lens (\CreateProvisioningClaim' {templateName} -> templateName) (\s@CreateProvisioningClaim' {} a -> s {templateName = a} :: CreateProvisioningClaim)
+
+instance Core.AWSRequest CreateProvisioningClaim where
+  type
+    AWSResponse CreateProvisioningClaim =
+      CreateProvisioningClaimResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateProvisioningClaimResponse'
+            Prelude.<$> (x Data..?> "certificateId")
+            Prelude.<*> (x Data..?> "certificatePem")
+            Prelude.<*> (x Data..?> "expiration")
+            Prelude.<*> (x Data..?> "keyPair")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreateProvisioningClaim where
+  hashWithSalt _salt CreateProvisioningClaim' {..} =
+    _salt `Prelude.hashWithSalt` templateName
+
+instance Prelude.NFData CreateProvisioningClaim where
+  rnf CreateProvisioningClaim' {..} =
+    Prelude.rnf templateName
+
+instance Data.ToHeaders CreateProvisioningClaim where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CreateProvisioningClaim where
+  toJSON = Prelude.const (Data.Object Prelude.mempty)
+
+instance Data.ToPath CreateProvisioningClaim where
+  toPath CreateProvisioningClaim' {..} =
+    Prelude.mconcat
+      [ "/provisioning-templates/",
+        Data.toBS templateName,
+        "/provisioning-claim"
+      ]
+
+instance Data.ToQuery CreateProvisioningClaim where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateProvisioningClaimResponse' smart constructor.
+data CreateProvisioningClaimResponse = CreateProvisioningClaimResponse'
+  { -- | The ID of the certificate.
+    certificateId :: Prelude.Maybe Prelude.Text,
+    -- | The provisioning claim certificate.
+    certificatePem :: Prelude.Maybe Prelude.Text,
+    -- | The provisioning claim expiration time.
+    expiration :: Prelude.Maybe Data.POSIX,
+    -- | The provisioning claim key pair.
+    keyPair :: Prelude.Maybe KeyPair,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateProvisioningClaimResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificateId', 'createProvisioningClaimResponse_certificateId' - The ID of the certificate.
+--
+-- 'certificatePem', 'createProvisioningClaimResponse_certificatePem' - The provisioning claim certificate.
+--
+-- 'expiration', 'createProvisioningClaimResponse_expiration' - The provisioning claim expiration time.
+--
+-- 'keyPair', 'createProvisioningClaimResponse_keyPair' - The provisioning claim key pair.
+--
+-- 'httpStatus', 'createProvisioningClaimResponse_httpStatus' - The response's http status code.
+newCreateProvisioningClaimResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateProvisioningClaimResponse
+newCreateProvisioningClaimResponse pHttpStatus_ =
+  CreateProvisioningClaimResponse'
+    { certificateId =
+        Prelude.Nothing,
+      certificatePem = Prelude.Nothing,
+      expiration = Prelude.Nothing,
+      keyPair = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The ID of the certificate.
+createProvisioningClaimResponse_certificateId :: Lens.Lens' CreateProvisioningClaimResponse (Prelude.Maybe Prelude.Text)
+createProvisioningClaimResponse_certificateId = Lens.lens (\CreateProvisioningClaimResponse' {certificateId} -> certificateId) (\s@CreateProvisioningClaimResponse' {} a -> s {certificateId = a} :: CreateProvisioningClaimResponse)
+
+-- | The provisioning claim certificate.
+createProvisioningClaimResponse_certificatePem :: Lens.Lens' CreateProvisioningClaimResponse (Prelude.Maybe Prelude.Text)
+createProvisioningClaimResponse_certificatePem = Lens.lens (\CreateProvisioningClaimResponse' {certificatePem} -> certificatePem) (\s@CreateProvisioningClaimResponse' {} a -> s {certificatePem = a} :: CreateProvisioningClaimResponse)
+
+-- | The provisioning claim expiration time.
+createProvisioningClaimResponse_expiration :: Lens.Lens' CreateProvisioningClaimResponse (Prelude.Maybe Prelude.UTCTime)
+createProvisioningClaimResponse_expiration = Lens.lens (\CreateProvisioningClaimResponse' {expiration} -> expiration) (\s@CreateProvisioningClaimResponse' {} a -> s {expiration = a} :: CreateProvisioningClaimResponse) Prelude.. Lens.mapping Data._Time
+
+-- | The provisioning claim key pair.
+createProvisioningClaimResponse_keyPair :: Lens.Lens' CreateProvisioningClaimResponse (Prelude.Maybe KeyPair)
+createProvisioningClaimResponse_keyPair = Lens.lens (\CreateProvisioningClaimResponse' {keyPair} -> keyPair) (\s@CreateProvisioningClaimResponse' {} a -> s {keyPair = a} :: CreateProvisioningClaimResponse)
+
+-- | The response's http status code.
+createProvisioningClaimResponse_httpStatus :: Lens.Lens' CreateProvisioningClaimResponse Prelude.Int
+createProvisioningClaimResponse_httpStatus = Lens.lens (\CreateProvisioningClaimResponse' {httpStatus} -> httpStatus) (\s@CreateProvisioningClaimResponse' {} a -> s {httpStatus = a} :: CreateProvisioningClaimResponse)
+
+instance
+  Prelude.NFData
+    CreateProvisioningClaimResponse
+  where
+  rnf CreateProvisioningClaimResponse' {..} =
+    Prelude.rnf certificateId
+      `Prelude.seq` Prelude.rnf certificatePem
+      `Prelude.seq` Prelude.rnf expiration
+      `Prelude.seq` Prelude.rnf keyPair
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CreateProvisioningTemplate.hs b/gen/Amazonka/IoT/CreateProvisioningTemplate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CreateProvisioningTemplate.hs
@@ -0,0 +1,341 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CreateProvisioningTemplate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a provisioning template.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreateProvisioningTemplate>
+-- action.
+module Amazonka.IoT.CreateProvisioningTemplate
+  ( -- * Creating a Request
+    CreateProvisioningTemplate (..),
+    newCreateProvisioningTemplate,
+
+    -- * Request Lenses
+    createProvisioningTemplate_description,
+    createProvisioningTemplate_enabled,
+    createProvisioningTemplate_preProvisioningHook,
+    createProvisioningTemplate_tags,
+    createProvisioningTemplate_type,
+    createProvisioningTemplate_templateName,
+    createProvisioningTemplate_templateBody,
+    createProvisioningTemplate_provisioningRoleArn,
+
+    -- * Destructuring the Response
+    CreateProvisioningTemplateResponse (..),
+    newCreateProvisioningTemplateResponse,
+
+    -- * Response Lenses
+    createProvisioningTemplateResponse_defaultVersionId,
+    createProvisioningTemplateResponse_templateArn,
+    createProvisioningTemplateResponse_templateName,
+    createProvisioningTemplateResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newCreateProvisioningTemplate' smart constructor.
+data CreateProvisioningTemplate = CreateProvisioningTemplate'
+  { -- | The description of the provisioning template.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | True to enable the provisioning template, otherwise false.
+    enabled :: Prelude.Maybe Prelude.Bool,
+    -- | Creates a pre-provisioning hook template. Only supports template of type
+    -- @FLEET_PROVISIONING@. For more information about provisioning template
+    -- types, see
+    -- <https://docs.aws.amazon.com/iot/latest/apireference/API_CreateProvisioningTemplate.html#iot-CreateProvisioningTemplate-request-type type>.
+    preProvisioningHook :: Prelude.Maybe ProvisioningHook,
+    -- | Metadata which can be used to manage the provisioning template.
+    --
+    -- For URI Request parameters use format: ...key1=value1&key2=value2...
+    --
+    -- For the CLI command-line parameter use format: &&tags
+    -- \"key1=value1&key2=value2...\"
+    --
+    -- For the cli-input-json file use format: \"tags\":
+    -- \"key1=value1&key2=value2...\"
+    tags :: Prelude.Maybe [Tag],
+    -- | The type you define in a provisioning template. You can create a
+    -- template with only one type. You can\'t change the template type after
+    -- its creation. The default value is @FLEET_PROVISIONING@. For more
+    -- information about provisioning template, see:
+    -- <https://docs.aws.amazon.com/iot/latest/developerguide/provision-template.html Provisioning template>.
+    type' :: Prelude.Maybe TemplateType,
+    -- | The name of the provisioning template.
+    templateName :: Prelude.Text,
+    -- | The JSON formatted contents of the provisioning template.
+    templateBody :: Prelude.Text,
+    -- | The role ARN for the role associated with the provisioning template.
+    -- This IoT role grants permission to provision a device.
+    provisioningRoleArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateProvisioningTemplate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'description', 'createProvisioningTemplate_description' - The description of the provisioning template.
+--
+-- 'enabled', 'createProvisioningTemplate_enabled' - True to enable the provisioning template, otherwise false.
+--
+-- 'preProvisioningHook', 'createProvisioningTemplate_preProvisioningHook' - Creates a pre-provisioning hook template. Only supports template of type
+-- @FLEET_PROVISIONING@. For more information about provisioning template
+-- types, see
+-- <https://docs.aws.amazon.com/iot/latest/apireference/API_CreateProvisioningTemplate.html#iot-CreateProvisioningTemplate-request-type type>.
+--
+-- 'tags', 'createProvisioningTemplate_tags' - Metadata which can be used to manage the provisioning template.
+--
+-- For URI Request parameters use format: ...key1=value1&key2=value2...
+--
+-- For the CLI command-line parameter use format: &&tags
+-- \"key1=value1&key2=value2...\"
+--
+-- For the cli-input-json file use format: \"tags\":
+-- \"key1=value1&key2=value2...\"
+--
+-- 'type'', 'createProvisioningTemplate_type' - The type you define in a provisioning template. You can create a
+-- template with only one type. You can\'t change the template type after
+-- its creation. The default value is @FLEET_PROVISIONING@. For more
+-- information about provisioning template, see:
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/provision-template.html Provisioning template>.
+--
+-- 'templateName', 'createProvisioningTemplate_templateName' - The name of the provisioning template.
+--
+-- 'templateBody', 'createProvisioningTemplate_templateBody' - The JSON formatted contents of the provisioning template.
+--
+-- 'provisioningRoleArn', 'createProvisioningTemplate_provisioningRoleArn' - The role ARN for the role associated with the provisioning template.
+-- This IoT role grants permission to provision a device.
+newCreateProvisioningTemplate ::
+  -- | 'templateName'
+  Prelude.Text ->
+  -- | 'templateBody'
+  Prelude.Text ->
+  -- | 'provisioningRoleArn'
+  Prelude.Text ->
+  CreateProvisioningTemplate
+newCreateProvisioningTemplate
+  pTemplateName_
+  pTemplateBody_
+  pProvisioningRoleArn_ =
+    CreateProvisioningTemplate'
+      { description =
+          Prelude.Nothing,
+        enabled = Prelude.Nothing,
+        preProvisioningHook = Prelude.Nothing,
+        tags = Prelude.Nothing,
+        type' = Prelude.Nothing,
+        templateName = pTemplateName_,
+        templateBody = pTemplateBody_,
+        provisioningRoleArn = pProvisioningRoleArn_
+      }
+
+-- | The description of the provisioning template.
+createProvisioningTemplate_description :: Lens.Lens' CreateProvisioningTemplate (Prelude.Maybe Prelude.Text)
+createProvisioningTemplate_description = Lens.lens (\CreateProvisioningTemplate' {description} -> description) (\s@CreateProvisioningTemplate' {} a -> s {description = a} :: CreateProvisioningTemplate)
+
+-- | True to enable the provisioning template, otherwise false.
+createProvisioningTemplate_enabled :: Lens.Lens' CreateProvisioningTemplate (Prelude.Maybe Prelude.Bool)
+createProvisioningTemplate_enabled = Lens.lens (\CreateProvisioningTemplate' {enabled} -> enabled) (\s@CreateProvisioningTemplate' {} a -> s {enabled = a} :: CreateProvisioningTemplate)
+
+-- | Creates a pre-provisioning hook template. Only supports template of type
+-- @FLEET_PROVISIONING@. For more information about provisioning template
+-- types, see
+-- <https://docs.aws.amazon.com/iot/latest/apireference/API_CreateProvisioningTemplate.html#iot-CreateProvisioningTemplate-request-type type>.
+createProvisioningTemplate_preProvisioningHook :: Lens.Lens' CreateProvisioningTemplate (Prelude.Maybe ProvisioningHook)
+createProvisioningTemplate_preProvisioningHook = Lens.lens (\CreateProvisioningTemplate' {preProvisioningHook} -> preProvisioningHook) (\s@CreateProvisioningTemplate' {} a -> s {preProvisioningHook = a} :: CreateProvisioningTemplate)
+
+-- | Metadata which can be used to manage the provisioning template.
+--
+-- For URI Request parameters use format: ...key1=value1&key2=value2...
+--
+-- For the CLI command-line parameter use format: &&tags
+-- \"key1=value1&key2=value2...\"
+--
+-- For the cli-input-json file use format: \"tags\":
+-- \"key1=value1&key2=value2...\"
+createProvisioningTemplate_tags :: Lens.Lens' CreateProvisioningTemplate (Prelude.Maybe [Tag])
+createProvisioningTemplate_tags = Lens.lens (\CreateProvisioningTemplate' {tags} -> tags) (\s@CreateProvisioningTemplate' {} a -> s {tags = a} :: CreateProvisioningTemplate) Prelude.. Lens.mapping Lens.coerced
+
+-- | The type you define in a provisioning template. You can create a
+-- template with only one type. You can\'t change the template type after
+-- its creation. The default value is @FLEET_PROVISIONING@. For more
+-- information about provisioning template, see:
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/provision-template.html Provisioning template>.
+createProvisioningTemplate_type :: Lens.Lens' CreateProvisioningTemplate (Prelude.Maybe TemplateType)
+createProvisioningTemplate_type = Lens.lens (\CreateProvisioningTemplate' {type'} -> type') (\s@CreateProvisioningTemplate' {} a -> s {type' = a} :: CreateProvisioningTemplate)
+
+-- | The name of the provisioning template.
+createProvisioningTemplate_templateName :: Lens.Lens' CreateProvisioningTemplate Prelude.Text
+createProvisioningTemplate_templateName = Lens.lens (\CreateProvisioningTemplate' {templateName} -> templateName) (\s@CreateProvisioningTemplate' {} a -> s {templateName = a} :: CreateProvisioningTemplate)
+
+-- | The JSON formatted contents of the provisioning template.
+createProvisioningTemplate_templateBody :: Lens.Lens' CreateProvisioningTemplate Prelude.Text
+createProvisioningTemplate_templateBody = Lens.lens (\CreateProvisioningTemplate' {templateBody} -> templateBody) (\s@CreateProvisioningTemplate' {} a -> s {templateBody = a} :: CreateProvisioningTemplate)
+
+-- | The role ARN for the role associated with the provisioning template.
+-- This IoT role grants permission to provision a device.
+createProvisioningTemplate_provisioningRoleArn :: Lens.Lens' CreateProvisioningTemplate Prelude.Text
+createProvisioningTemplate_provisioningRoleArn = Lens.lens (\CreateProvisioningTemplate' {provisioningRoleArn} -> provisioningRoleArn) (\s@CreateProvisioningTemplate' {} a -> s {provisioningRoleArn = a} :: CreateProvisioningTemplate)
+
+instance Core.AWSRequest CreateProvisioningTemplate where
+  type
+    AWSResponse CreateProvisioningTemplate =
+      CreateProvisioningTemplateResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateProvisioningTemplateResponse'
+            Prelude.<$> (x Data..?> "defaultVersionId")
+            Prelude.<*> (x Data..?> "templateArn")
+            Prelude.<*> (x Data..?> "templateName")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreateProvisioningTemplate where
+  hashWithSalt _salt CreateProvisioningTemplate' {..} =
+    _salt
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` enabled
+      `Prelude.hashWithSalt` preProvisioningHook
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` type'
+      `Prelude.hashWithSalt` templateName
+      `Prelude.hashWithSalt` templateBody
+      `Prelude.hashWithSalt` provisioningRoleArn
+
+instance Prelude.NFData CreateProvisioningTemplate where
+  rnf CreateProvisioningTemplate' {..} =
+    Prelude.rnf description
+      `Prelude.seq` Prelude.rnf enabled
+      `Prelude.seq` Prelude.rnf preProvisioningHook
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf type'
+      `Prelude.seq` Prelude.rnf templateName
+      `Prelude.seq` Prelude.rnf templateBody
+      `Prelude.seq` Prelude.rnf provisioningRoleArn
+
+instance Data.ToHeaders CreateProvisioningTemplate where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CreateProvisioningTemplate where
+  toJSON CreateProvisioningTemplate' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("description" Data..=) Prelude.<$> description,
+            ("enabled" Data..=) Prelude.<$> enabled,
+            ("preProvisioningHook" Data..=)
+              Prelude.<$> preProvisioningHook,
+            ("tags" Data..=) Prelude.<$> tags,
+            ("type" Data..=) Prelude.<$> type',
+            Prelude.Just ("templateName" Data..= templateName),
+            Prelude.Just ("templateBody" Data..= templateBody),
+            Prelude.Just
+              ("provisioningRoleArn" Data..= provisioningRoleArn)
+          ]
+      )
+
+instance Data.ToPath CreateProvisioningTemplate where
+  toPath = Prelude.const "/provisioning-templates"
+
+instance Data.ToQuery CreateProvisioningTemplate where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateProvisioningTemplateResponse' smart constructor.
+data CreateProvisioningTemplateResponse = CreateProvisioningTemplateResponse'
+  { -- | The default version of the provisioning template.
+    defaultVersionId :: Prelude.Maybe Prelude.Int,
+    -- | The ARN that identifies the provisioning template.
+    templateArn :: Prelude.Maybe Prelude.Text,
+    -- | The name of the provisioning template.
+    templateName :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateProvisioningTemplateResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'defaultVersionId', 'createProvisioningTemplateResponse_defaultVersionId' - The default version of the provisioning template.
+--
+-- 'templateArn', 'createProvisioningTemplateResponse_templateArn' - The ARN that identifies the provisioning template.
+--
+-- 'templateName', 'createProvisioningTemplateResponse_templateName' - The name of the provisioning template.
+--
+-- 'httpStatus', 'createProvisioningTemplateResponse_httpStatus' - The response's http status code.
+newCreateProvisioningTemplateResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateProvisioningTemplateResponse
+newCreateProvisioningTemplateResponse pHttpStatus_ =
+  CreateProvisioningTemplateResponse'
+    { defaultVersionId =
+        Prelude.Nothing,
+      templateArn = Prelude.Nothing,
+      templateName = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The default version of the provisioning template.
+createProvisioningTemplateResponse_defaultVersionId :: Lens.Lens' CreateProvisioningTemplateResponse (Prelude.Maybe Prelude.Int)
+createProvisioningTemplateResponse_defaultVersionId = Lens.lens (\CreateProvisioningTemplateResponse' {defaultVersionId} -> defaultVersionId) (\s@CreateProvisioningTemplateResponse' {} a -> s {defaultVersionId = a} :: CreateProvisioningTemplateResponse)
+
+-- | The ARN that identifies the provisioning template.
+createProvisioningTemplateResponse_templateArn :: Lens.Lens' CreateProvisioningTemplateResponse (Prelude.Maybe Prelude.Text)
+createProvisioningTemplateResponse_templateArn = Lens.lens (\CreateProvisioningTemplateResponse' {templateArn} -> templateArn) (\s@CreateProvisioningTemplateResponse' {} a -> s {templateArn = a} :: CreateProvisioningTemplateResponse)
+
+-- | The name of the provisioning template.
+createProvisioningTemplateResponse_templateName :: Lens.Lens' CreateProvisioningTemplateResponse (Prelude.Maybe Prelude.Text)
+createProvisioningTemplateResponse_templateName = Lens.lens (\CreateProvisioningTemplateResponse' {templateName} -> templateName) (\s@CreateProvisioningTemplateResponse' {} a -> s {templateName = a} :: CreateProvisioningTemplateResponse)
+
+-- | The response's http status code.
+createProvisioningTemplateResponse_httpStatus :: Lens.Lens' CreateProvisioningTemplateResponse Prelude.Int
+createProvisioningTemplateResponse_httpStatus = Lens.lens (\CreateProvisioningTemplateResponse' {httpStatus} -> httpStatus) (\s@CreateProvisioningTemplateResponse' {} a -> s {httpStatus = a} :: CreateProvisioningTemplateResponse)
+
+instance
+  Prelude.NFData
+    CreateProvisioningTemplateResponse
+  where
+  rnf CreateProvisioningTemplateResponse' {..} =
+    Prelude.rnf defaultVersionId
+      `Prelude.seq` Prelude.rnf templateArn
+      `Prelude.seq` Prelude.rnf templateName
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CreateProvisioningTemplateVersion.hs b/gen/Amazonka/IoT/CreateProvisioningTemplateVersion.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CreateProvisioningTemplateVersion.hs
@@ -0,0 +1,266 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CreateProvisioningTemplateVersion
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a new version of a provisioning template.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreateProvisioningTemplateVersion>
+-- action.
+module Amazonka.IoT.CreateProvisioningTemplateVersion
+  ( -- * Creating a Request
+    CreateProvisioningTemplateVersion (..),
+    newCreateProvisioningTemplateVersion,
+
+    -- * Request Lenses
+    createProvisioningTemplateVersion_setAsDefault,
+    createProvisioningTemplateVersion_templateName,
+    createProvisioningTemplateVersion_templateBody,
+
+    -- * Destructuring the Response
+    CreateProvisioningTemplateVersionResponse (..),
+    newCreateProvisioningTemplateVersionResponse,
+
+    -- * Response Lenses
+    createProvisioningTemplateVersionResponse_isDefaultVersion,
+    createProvisioningTemplateVersionResponse_templateArn,
+    createProvisioningTemplateVersionResponse_templateName,
+    createProvisioningTemplateVersionResponse_versionId,
+    createProvisioningTemplateVersionResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newCreateProvisioningTemplateVersion' smart constructor.
+data CreateProvisioningTemplateVersion = CreateProvisioningTemplateVersion'
+  { -- | Sets a fleet provision template version as the default version.
+    setAsDefault :: Prelude.Maybe Prelude.Bool,
+    -- | The name of the provisioning template.
+    templateName :: Prelude.Text,
+    -- | The JSON formatted contents of the provisioning template.
+    templateBody :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateProvisioningTemplateVersion' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'setAsDefault', 'createProvisioningTemplateVersion_setAsDefault' - Sets a fleet provision template version as the default version.
+--
+-- 'templateName', 'createProvisioningTemplateVersion_templateName' - The name of the provisioning template.
+--
+-- 'templateBody', 'createProvisioningTemplateVersion_templateBody' - The JSON formatted contents of the provisioning template.
+newCreateProvisioningTemplateVersion ::
+  -- | 'templateName'
+  Prelude.Text ->
+  -- | 'templateBody'
+  Prelude.Text ->
+  CreateProvisioningTemplateVersion
+newCreateProvisioningTemplateVersion
+  pTemplateName_
+  pTemplateBody_ =
+    CreateProvisioningTemplateVersion'
+      { setAsDefault =
+          Prelude.Nothing,
+        templateName = pTemplateName_,
+        templateBody = pTemplateBody_
+      }
+
+-- | Sets a fleet provision template version as the default version.
+createProvisioningTemplateVersion_setAsDefault :: Lens.Lens' CreateProvisioningTemplateVersion (Prelude.Maybe Prelude.Bool)
+createProvisioningTemplateVersion_setAsDefault = Lens.lens (\CreateProvisioningTemplateVersion' {setAsDefault} -> setAsDefault) (\s@CreateProvisioningTemplateVersion' {} a -> s {setAsDefault = a} :: CreateProvisioningTemplateVersion)
+
+-- | The name of the provisioning template.
+createProvisioningTemplateVersion_templateName :: Lens.Lens' CreateProvisioningTemplateVersion Prelude.Text
+createProvisioningTemplateVersion_templateName = Lens.lens (\CreateProvisioningTemplateVersion' {templateName} -> templateName) (\s@CreateProvisioningTemplateVersion' {} a -> s {templateName = a} :: CreateProvisioningTemplateVersion)
+
+-- | The JSON formatted contents of the provisioning template.
+createProvisioningTemplateVersion_templateBody :: Lens.Lens' CreateProvisioningTemplateVersion Prelude.Text
+createProvisioningTemplateVersion_templateBody = Lens.lens (\CreateProvisioningTemplateVersion' {templateBody} -> templateBody) (\s@CreateProvisioningTemplateVersion' {} a -> s {templateBody = a} :: CreateProvisioningTemplateVersion)
+
+instance
+  Core.AWSRequest
+    CreateProvisioningTemplateVersion
+  where
+  type
+    AWSResponse CreateProvisioningTemplateVersion =
+      CreateProvisioningTemplateVersionResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateProvisioningTemplateVersionResponse'
+            Prelude.<$> (x Data..?> "isDefaultVersion")
+            Prelude.<*> (x Data..?> "templateArn")
+            Prelude.<*> (x Data..?> "templateName")
+            Prelude.<*> (x Data..?> "versionId")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    CreateProvisioningTemplateVersion
+  where
+  hashWithSalt
+    _salt
+    CreateProvisioningTemplateVersion' {..} =
+      _salt
+        `Prelude.hashWithSalt` setAsDefault
+        `Prelude.hashWithSalt` templateName
+        `Prelude.hashWithSalt` templateBody
+
+instance
+  Prelude.NFData
+    CreateProvisioningTemplateVersion
+  where
+  rnf CreateProvisioningTemplateVersion' {..} =
+    Prelude.rnf setAsDefault
+      `Prelude.seq` Prelude.rnf templateName
+      `Prelude.seq` Prelude.rnf templateBody
+
+instance
+  Data.ToHeaders
+    CreateProvisioningTemplateVersion
+  where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance
+  Data.ToJSON
+    CreateProvisioningTemplateVersion
+  where
+  toJSON CreateProvisioningTemplateVersion' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [Prelude.Just ("templateBody" Data..= templateBody)]
+      )
+
+instance
+  Data.ToPath
+    CreateProvisioningTemplateVersion
+  where
+  toPath CreateProvisioningTemplateVersion' {..} =
+    Prelude.mconcat
+      [ "/provisioning-templates/",
+        Data.toBS templateName,
+        "/versions"
+      ]
+
+instance
+  Data.ToQuery
+    CreateProvisioningTemplateVersion
+  where
+  toQuery CreateProvisioningTemplateVersion' {..} =
+    Prelude.mconcat
+      ["setAsDefault" Data.=: setAsDefault]
+
+-- | /See:/ 'newCreateProvisioningTemplateVersionResponse' smart constructor.
+data CreateProvisioningTemplateVersionResponse = CreateProvisioningTemplateVersionResponse'
+  { -- | True if the provisioning template version is the default version,
+    -- otherwise false.
+    isDefaultVersion :: Prelude.Maybe Prelude.Bool,
+    -- | The ARN that identifies the provisioning template.
+    templateArn :: Prelude.Maybe Prelude.Text,
+    -- | The name of the provisioning template.
+    templateName :: Prelude.Maybe Prelude.Text,
+    -- | The version of the provisioning template.
+    versionId :: Prelude.Maybe Prelude.Int,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateProvisioningTemplateVersionResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'isDefaultVersion', 'createProvisioningTemplateVersionResponse_isDefaultVersion' - True if the provisioning template version is the default version,
+-- otherwise false.
+--
+-- 'templateArn', 'createProvisioningTemplateVersionResponse_templateArn' - The ARN that identifies the provisioning template.
+--
+-- 'templateName', 'createProvisioningTemplateVersionResponse_templateName' - The name of the provisioning template.
+--
+-- 'versionId', 'createProvisioningTemplateVersionResponse_versionId' - The version of the provisioning template.
+--
+-- 'httpStatus', 'createProvisioningTemplateVersionResponse_httpStatus' - The response's http status code.
+newCreateProvisioningTemplateVersionResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateProvisioningTemplateVersionResponse
+newCreateProvisioningTemplateVersionResponse
+  pHttpStatus_ =
+    CreateProvisioningTemplateVersionResponse'
+      { isDefaultVersion =
+          Prelude.Nothing,
+        templateArn = Prelude.Nothing,
+        templateName = Prelude.Nothing,
+        versionId = Prelude.Nothing,
+        httpStatus = pHttpStatus_
+      }
+
+-- | True if the provisioning template version is the default version,
+-- otherwise false.
+createProvisioningTemplateVersionResponse_isDefaultVersion :: Lens.Lens' CreateProvisioningTemplateVersionResponse (Prelude.Maybe Prelude.Bool)
+createProvisioningTemplateVersionResponse_isDefaultVersion = Lens.lens (\CreateProvisioningTemplateVersionResponse' {isDefaultVersion} -> isDefaultVersion) (\s@CreateProvisioningTemplateVersionResponse' {} a -> s {isDefaultVersion = a} :: CreateProvisioningTemplateVersionResponse)
+
+-- | The ARN that identifies the provisioning template.
+createProvisioningTemplateVersionResponse_templateArn :: Lens.Lens' CreateProvisioningTemplateVersionResponse (Prelude.Maybe Prelude.Text)
+createProvisioningTemplateVersionResponse_templateArn = Lens.lens (\CreateProvisioningTemplateVersionResponse' {templateArn} -> templateArn) (\s@CreateProvisioningTemplateVersionResponse' {} a -> s {templateArn = a} :: CreateProvisioningTemplateVersionResponse)
+
+-- | The name of the provisioning template.
+createProvisioningTemplateVersionResponse_templateName :: Lens.Lens' CreateProvisioningTemplateVersionResponse (Prelude.Maybe Prelude.Text)
+createProvisioningTemplateVersionResponse_templateName = Lens.lens (\CreateProvisioningTemplateVersionResponse' {templateName} -> templateName) (\s@CreateProvisioningTemplateVersionResponse' {} a -> s {templateName = a} :: CreateProvisioningTemplateVersionResponse)
+
+-- | The version of the provisioning template.
+createProvisioningTemplateVersionResponse_versionId :: Lens.Lens' CreateProvisioningTemplateVersionResponse (Prelude.Maybe Prelude.Int)
+createProvisioningTemplateVersionResponse_versionId = Lens.lens (\CreateProvisioningTemplateVersionResponse' {versionId} -> versionId) (\s@CreateProvisioningTemplateVersionResponse' {} a -> s {versionId = a} :: CreateProvisioningTemplateVersionResponse)
+
+-- | The response's http status code.
+createProvisioningTemplateVersionResponse_httpStatus :: Lens.Lens' CreateProvisioningTemplateVersionResponse Prelude.Int
+createProvisioningTemplateVersionResponse_httpStatus = Lens.lens (\CreateProvisioningTemplateVersionResponse' {httpStatus} -> httpStatus) (\s@CreateProvisioningTemplateVersionResponse' {} a -> s {httpStatus = a} :: CreateProvisioningTemplateVersionResponse)
+
+instance
+  Prelude.NFData
+    CreateProvisioningTemplateVersionResponse
+  where
+  rnf CreateProvisioningTemplateVersionResponse' {..} =
+    Prelude.rnf isDefaultVersion
+      `Prelude.seq` Prelude.rnf templateArn
+      `Prelude.seq` Prelude.rnf templateName
+      `Prelude.seq` Prelude.rnf versionId
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CreateRoleAlias.hs b/gen/Amazonka/IoT/CreateRoleAlias.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CreateRoleAlias.hs
@@ -0,0 +1,260 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CreateRoleAlias
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a role alias.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreateRoleAlias>
+-- action.
+module Amazonka.IoT.CreateRoleAlias
+  ( -- * Creating a Request
+    CreateRoleAlias (..),
+    newCreateRoleAlias,
+
+    -- * Request Lenses
+    createRoleAlias_credentialDurationSeconds,
+    createRoleAlias_tags,
+    createRoleAlias_roleAlias,
+    createRoleAlias_roleArn,
+
+    -- * Destructuring the Response
+    CreateRoleAliasResponse (..),
+    newCreateRoleAliasResponse,
+
+    -- * Response Lenses
+    createRoleAliasResponse_roleAlias,
+    createRoleAliasResponse_roleAliasArn,
+    createRoleAliasResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newCreateRoleAlias' smart constructor.
+data CreateRoleAlias = CreateRoleAlias'
+  { -- | How long (in seconds) the credentials will be valid. The default value
+    -- is 3,600 seconds.
+    --
+    -- This value must be less than or equal to the maximum session duration of
+    -- the IAM role that the role alias references.
+    credentialDurationSeconds :: Prelude.Maybe Prelude.Natural,
+    -- | Metadata which can be used to manage the role alias.
+    --
+    -- For URI Request parameters use format: ...key1=value1&key2=value2...
+    --
+    -- For the CLI command-line parameter use format: &&tags
+    -- \"key1=value1&key2=value2...\"
+    --
+    -- For the cli-input-json file use format: \"tags\":
+    -- \"key1=value1&key2=value2...\"
+    tags :: Prelude.Maybe [Tag],
+    -- | The role alias that points to a role ARN. This allows you to change the
+    -- role without having to update the device.
+    roleAlias :: Prelude.Text,
+    -- | The role ARN.
+    roleArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateRoleAlias' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'credentialDurationSeconds', 'createRoleAlias_credentialDurationSeconds' - How long (in seconds) the credentials will be valid. The default value
+-- is 3,600 seconds.
+--
+-- This value must be less than or equal to the maximum session duration of
+-- the IAM role that the role alias references.
+--
+-- 'tags', 'createRoleAlias_tags' - Metadata which can be used to manage the role alias.
+--
+-- For URI Request parameters use format: ...key1=value1&key2=value2...
+--
+-- For the CLI command-line parameter use format: &&tags
+-- \"key1=value1&key2=value2...\"
+--
+-- For the cli-input-json file use format: \"tags\":
+-- \"key1=value1&key2=value2...\"
+--
+-- 'roleAlias', 'createRoleAlias_roleAlias' - The role alias that points to a role ARN. This allows you to change the
+-- role without having to update the device.
+--
+-- 'roleArn', 'createRoleAlias_roleArn' - The role ARN.
+newCreateRoleAlias ::
+  -- | 'roleAlias'
+  Prelude.Text ->
+  -- | 'roleArn'
+  Prelude.Text ->
+  CreateRoleAlias
+newCreateRoleAlias pRoleAlias_ pRoleArn_ =
+  CreateRoleAlias'
+    { credentialDurationSeconds =
+        Prelude.Nothing,
+      tags = Prelude.Nothing,
+      roleAlias = pRoleAlias_,
+      roleArn = pRoleArn_
+    }
+
+-- | How long (in seconds) the credentials will be valid. The default value
+-- is 3,600 seconds.
+--
+-- This value must be less than or equal to the maximum session duration of
+-- the IAM role that the role alias references.
+createRoleAlias_credentialDurationSeconds :: Lens.Lens' CreateRoleAlias (Prelude.Maybe Prelude.Natural)
+createRoleAlias_credentialDurationSeconds = Lens.lens (\CreateRoleAlias' {credentialDurationSeconds} -> credentialDurationSeconds) (\s@CreateRoleAlias' {} a -> s {credentialDurationSeconds = a} :: CreateRoleAlias)
+
+-- | Metadata which can be used to manage the role alias.
+--
+-- For URI Request parameters use format: ...key1=value1&key2=value2...
+--
+-- For the CLI command-line parameter use format: &&tags
+-- \"key1=value1&key2=value2...\"
+--
+-- For the cli-input-json file use format: \"tags\":
+-- \"key1=value1&key2=value2...\"
+createRoleAlias_tags :: Lens.Lens' CreateRoleAlias (Prelude.Maybe [Tag])
+createRoleAlias_tags = Lens.lens (\CreateRoleAlias' {tags} -> tags) (\s@CreateRoleAlias' {} a -> s {tags = a} :: CreateRoleAlias) Prelude.. Lens.mapping Lens.coerced
+
+-- | The role alias that points to a role ARN. This allows you to change the
+-- role without having to update the device.
+createRoleAlias_roleAlias :: Lens.Lens' CreateRoleAlias Prelude.Text
+createRoleAlias_roleAlias = Lens.lens (\CreateRoleAlias' {roleAlias} -> roleAlias) (\s@CreateRoleAlias' {} a -> s {roleAlias = a} :: CreateRoleAlias)
+
+-- | The role ARN.
+createRoleAlias_roleArn :: Lens.Lens' CreateRoleAlias Prelude.Text
+createRoleAlias_roleArn = Lens.lens (\CreateRoleAlias' {roleArn} -> roleArn) (\s@CreateRoleAlias' {} a -> s {roleArn = a} :: CreateRoleAlias)
+
+instance Core.AWSRequest CreateRoleAlias where
+  type
+    AWSResponse CreateRoleAlias =
+      CreateRoleAliasResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateRoleAliasResponse'
+            Prelude.<$> (x Data..?> "roleAlias")
+            Prelude.<*> (x Data..?> "roleAliasArn")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreateRoleAlias where
+  hashWithSalt _salt CreateRoleAlias' {..} =
+    _salt
+      `Prelude.hashWithSalt` credentialDurationSeconds
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` roleAlias
+      `Prelude.hashWithSalt` roleArn
+
+instance Prelude.NFData CreateRoleAlias where
+  rnf CreateRoleAlias' {..} =
+    Prelude.rnf credentialDurationSeconds
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf roleAlias
+      `Prelude.seq` Prelude.rnf roleArn
+
+instance Data.ToHeaders CreateRoleAlias where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CreateRoleAlias where
+  toJSON CreateRoleAlias' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("credentialDurationSeconds" Data..=)
+              Prelude.<$> credentialDurationSeconds,
+            ("tags" Data..=) Prelude.<$> tags,
+            Prelude.Just ("roleArn" Data..= roleArn)
+          ]
+      )
+
+instance Data.ToPath CreateRoleAlias where
+  toPath CreateRoleAlias' {..} =
+    Prelude.mconcat
+      ["/role-aliases/", Data.toBS roleAlias]
+
+instance Data.ToQuery CreateRoleAlias where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateRoleAliasResponse' smart constructor.
+data CreateRoleAliasResponse = CreateRoleAliasResponse'
+  { -- | The role alias.
+    roleAlias :: Prelude.Maybe Prelude.Text,
+    -- | The role alias ARN.
+    roleAliasArn :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateRoleAliasResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'roleAlias', 'createRoleAliasResponse_roleAlias' - The role alias.
+--
+-- 'roleAliasArn', 'createRoleAliasResponse_roleAliasArn' - The role alias ARN.
+--
+-- 'httpStatus', 'createRoleAliasResponse_httpStatus' - The response's http status code.
+newCreateRoleAliasResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateRoleAliasResponse
+newCreateRoleAliasResponse pHttpStatus_ =
+  CreateRoleAliasResponse'
+    { roleAlias =
+        Prelude.Nothing,
+      roleAliasArn = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The role alias.
+createRoleAliasResponse_roleAlias :: Lens.Lens' CreateRoleAliasResponse (Prelude.Maybe Prelude.Text)
+createRoleAliasResponse_roleAlias = Lens.lens (\CreateRoleAliasResponse' {roleAlias} -> roleAlias) (\s@CreateRoleAliasResponse' {} a -> s {roleAlias = a} :: CreateRoleAliasResponse)
+
+-- | The role alias ARN.
+createRoleAliasResponse_roleAliasArn :: Lens.Lens' CreateRoleAliasResponse (Prelude.Maybe Prelude.Text)
+createRoleAliasResponse_roleAliasArn = Lens.lens (\CreateRoleAliasResponse' {roleAliasArn} -> roleAliasArn) (\s@CreateRoleAliasResponse' {} a -> s {roleAliasArn = a} :: CreateRoleAliasResponse)
+
+-- | The response's http status code.
+createRoleAliasResponse_httpStatus :: Lens.Lens' CreateRoleAliasResponse Prelude.Int
+createRoleAliasResponse_httpStatus = Lens.lens (\CreateRoleAliasResponse' {httpStatus} -> httpStatus) (\s@CreateRoleAliasResponse' {} a -> s {httpStatus = a} :: CreateRoleAliasResponse)
+
+instance Prelude.NFData CreateRoleAliasResponse where
+  rnf CreateRoleAliasResponse' {..} =
+    Prelude.rnf roleAlias
+      `Prelude.seq` Prelude.rnf roleAliasArn
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CreateScheduledAudit.hs b/gen/Amazonka/IoT/CreateScheduledAudit.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CreateScheduledAudit.hs
@@ -0,0 +1,271 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CreateScheduledAudit
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a scheduled audit that is run at a specified time interval.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreateScheduledAudit>
+-- action.
+module Amazonka.IoT.CreateScheduledAudit
+  ( -- * Creating a Request
+    CreateScheduledAudit (..),
+    newCreateScheduledAudit,
+
+    -- * Request Lenses
+    createScheduledAudit_dayOfMonth,
+    createScheduledAudit_dayOfWeek,
+    createScheduledAudit_tags,
+    createScheduledAudit_frequency,
+    createScheduledAudit_targetCheckNames,
+    createScheduledAudit_scheduledAuditName,
+
+    -- * Destructuring the Response
+    CreateScheduledAuditResponse (..),
+    newCreateScheduledAuditResponse,
+
+    -- * Response Lenses
+    createScheduledAuditResponse_scheduledAuditArn,
+    createScheduledAuditResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newCreateScheduledAudit' smart constructor.
+data CreateScheduledAudit = CreateScheduledAudit'
+  { -- | The day of the month on which the scheduled audit takes place. This can
+    -- be \"1\" through \"31\" or \"LAST\". This field is required if the
+    -- \"frequency\" parameter is set to @MONTHLY@. If days 29 to 31 are
+    -- specified, and the month doesn\'t have that many days, the audit takes
+    -- place on the @LAST@ day of the month.
+    dayOfMonth :: Prelude.Maybe Prelude.Text,
+    -- | The day of the week on which the scheduled audit takes place, either
+    -- @SUN@, @MON@, @TUE@, @WED@, @THU@, @FRI@, or @SAT@. This field is
+    -- required if the @frequency@ parameter is set to @WEEKLY@ or @BIWEEKLY@.
+    dayOfWeek :: Prelude.Maybe DayOfWeek,
+    -- | Metadata that can be used to manage the scheduled audit.
+    tags :: Prelude.Maybe [Tag],
+    -- | How often the scheduled audit takes place, either @DAILY@, @WEEKLY@,
+    -- @BIWEEKLY@ or @MONTHLY@. The start time of each audit is determined by
+    -- the system.
+    frequency :: AuditFrequency,
+    -- | Which checks are performed during the scheduled audit. Checks must be
+    -- enabled for your account. (Use @DescribeAccountAuditConfiguration@ to
+    -- see the list of all checks, including those that are enabled or use
+    -- @UpdateAccountAuditConfiguration@ to select which checks are enabled.)
+    targetCheckNames :: [Prelude.Text],
+    -- | The name you want to give to the scheduled audit. (Max. 128 chars)
+    scheduledAuditName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateScheduledAudit' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'dayOfMonth', 'createScheduledAudit_dayOfMonth' - The day of the month on which the scheduled audit takes place. This can
+-- be \"1\" through \"31\" or \"LAST\". This field is required if the
+-- \"frequency\" parameter is set to @MONTHLY@. If days 29 to 31 are
+-- specified, and the month doesn\'t have that many days, the audit takes
+-- place on the @LAST@ day of the month.
+--
+-- 'dayOfWeek', 'createScheduledAudit_dayOfWeek' - The day of the week on which the scheduled audit takes place, either
+-- @SUN@, @MON@, @TUE@, @WED@, @THU@, @FRI@, or @SAT@. This field is
+-- required if the @frequency@ parameter is set to @WEEKLY@ or @BIWEEKLY@.
+--
+-- 'tags', 'createScheduledAudit_tags' - Metadata that can be used to manage the scheduled audit.
+--
+-- 'frequency', 'createScheduledAudit_frequency' - How often the scheduled audit takes place, either @DAILY@, @WEEKLY@,
+-- @BIWEEKLY@ or @MONTHLY@. The start time of each audit is determined by
+-- the system.
+--
+-- 'targetCheckNames', 'createScheduledAudit_targetCheckNames' - Which checks are performed during the scheduled audit. Checks must be
+-- enabled for your account. (Use @DescribeAccountAuditConfiguration@ to
+-- see the list of all checks, including those that are enabled or use
+-- @UpdateAccountAuditConfiguration@ to select which checks are enabled.)
+--
+-- 'scheduledAuditName', 'createScheduledAudit_scheduledAuditName' - The name you want to give to the scheduled audit. (Max. 128 chars)
+newCreateScheduledAudit ::
+  -- | 'frequency'
+  AuditFrequency ->
+  -- | 'scheduledAuditName'
+  Prelude.Text ->
+  CreateScheduledAudit
+newCreateScheduledAudit
+  pFrequency_
+  pScheduledAuditName_ =
+    CreateScheduledAudit'
+      { dayOfMonth = Prelude.Nothing,
+        dayOfWeek = Prelude.Nothing,
+        tags = Prelude.Nothing,
+        frequency = pFrequency_,
+        targetCheckNames = Prelude.mempty,
+        scheduledAuditName = pScheduledAuditName_
+      }
+
+-- | The day of the month on which the scheduled audit takes place. This can
+-- be \"1\" through \"31\" or \"LAST\". This field is required if the
+-- \"frequency\" parameter is set to @MONTHLY@. If days 29 to 31 are
+-- specified, and the month doesn\'t have that many days, the audit takes
+-- place on the @LAST@ day of the month.
+createScheduledAudit_dayOfMonth :: Lens.Lens' CreateScheduledAudit (Prelude.Maybe Prelude.Text)
+createScheduledAudit_dayOfMonth = Lens.lens (\CreateScheduledAudit' {dayOfMonth} -> dayOfMonth) (\s@CreateScheduledAudit' {} a -> s {dayOfMonth = a} :: CreateScheduledAudit)
+
+-- | The day of the week on which the scheduled audit takes place, either
+-- @SUN@, @MON@, @TUE@, @WED@, @THU@, @FRI@, or @SAT@. This field is
+-- required if the @frequency@ parameter is set to @WEEKLY@ or @BIWEEKLY@.
+createScheduledAudit_dayOfWeek :: Lens.Lens' CreateScheduledAudit (Prelude.Maybe DayOfWeek)
+createScheduledAudit_dayOfWeek = Lens.lens (\CreateScheduledAudit' {dayOfWeek} -> dayOfWeek) (\s@CreateScheduledAudit' {} a -> s {dayOfWeek = a} :: CreateScheduledAudit)
+
+-- | Metadata that can be used to manage the scheduled audit.
+createScheduledAudit_tags :: Lens.Lens' CreateScheduledAudit (Prelude.Maybe [Tag])
+createScheduledAudit_tags = Lens.lens (\CreateScheduledAudit' {tags} -> tags) (\s@CreateScheduledAudit' {} a -> s {tags = a} :: CreateScheduledAudit) Prelude.. Lens.mapping Lens.coerced
+
+-- | How often the scheduled audit takes place, either @DAILY@, @WEEKLY@,
+-- @BIWEEKLY@ or @MONTHLY@. The start time of each audit is determined by
+-- the system.
+createScheduledAudit_frequency :: Lens.Lens' CreateScheduledAudit AuditFrequency
+createScheduledAudit_frequency = Lens.lens (\CreateScheduledAudit' {frequency} -> frequency) (\s@CreateScheduledAudit' {} a -> s {frequency = a} :: CreateScheduledAudit)
+
+-- | Which checks are performed during the scheduled audit. Checks must be
+-- enabled for your account. (Use @DescribeAccountAuditConfiguration@ to
+-- see the list of all checks, including those that are enabled or use
+-- @UpdateAccountAuditConfiguration@ to select which checks are enabled.)
+createScheduledAudit_targetCheckNames :: Lens.Lens' CreateScheduledAudit [Prelude.Text]
+createScheduledAudit_targetCheckNames = Lens.lens (\CreateScheduledAudit' {targetCheckNames} -> targetCheckNames) (\s@CreateScheduledAudit' {} a -> s {targetCheckNames = a} :: CreateScheduledAudit) Prelude.. Lens.coerced
+
+-- | The name you want to give to the scheduled audit. (Max. 128 chars)
+createScheduledAudit_scheduledAuditName :: Lens.Lens' CreateScheduledAudit Prelude.Text
+createScheduledAudit_scheduledAuditName = Lens.lens (\CreateScheduledAudit' {scheduledAuditName} -> scheduledAuditName) (\s@CreateScheduledAudit' {} a -> s {scheduledAuditName = a} :: CreateScheduledAudit)
+
+instance Core.AWSRequest CreateScheduledAudit where
+  type
+    AWSResponse CreateScheduledAudit =
+      CreateScheduledAuditResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateScheduledAuditResponse'
+            Prelude.<$> (x Data..?> "scheduledAuditArn")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreateScheduledAudit where
+  hashWithSalt _salt CreateScheduledAudit' {..} =
+    _salt
+      `Prelude.hashWithSalt` dayOfMonth
+      `Prelude.hashWithSalt` dayOfWeek
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` frequency
+      `Prelude.hashWithSalt` targetCheckNames
+      `Prelude.hashWithSalt` scheduledAuditName
+
+instance Prelude.NFData CreateScheduledAudit where
+  rnf CreateScheduledAudit' {..} =
+    Prelude.rnf dayOfMonth
+      `Prelude.seq` Prelude.rnf dayOfWeek
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf frequency
+      `Prelude.seq` Prelude.rnf targetCheckNames
+      `Prelude.seq` Prelude.rnf scheduledAuditName
+
+instance Data.ToHeaders CreateScheduledAudit where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CreateScheduledAudit where
+  toJSON CreateScheduledAudit' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("dayOfMonth" Data..=) Prelude.<$> dayOfMonth,
+            ("dayOfWeek" Data..=) Prelude.<$> dayOfWeek,
+            ("tags" Data..=) Prelude.<$> tags,
+            Prelude.Just ("frequency" Data..= frequency),
+            Prelude.Just
+              ("targetCheckNames" Data..= targetCheckNames)
+          ]
+      )
+
+instance Data.ToPath CreateScheduledAudit where
+  toPath CreateScheduledAudit' {..} =
+    Prelude.mconcat
+      [ "/audit/scheduledaudits/",
+        Data.toBS scheduledAuditName
+      ]
+
+instance Data.ToQuery CreateScheduledAudit where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateScheduledAuditResponse' smart constructor.
+data CreateScheduledAuditResponse = CreateScheduledAuditResponse'
+  { -- | The ARN of the scheduled audit.
+    scheduledAuditArn :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateScheduledAuditResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'scheduledAuditArn', 'createScheduledAuditResponse_scheduledAuditArn' - The ARN of the scheduled audit.
+--
+-- 'httpStatus', 'createScheduledAuditResponse_httpStatus' - The response's http status code.
+newCreateScheduledAuditResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateScheduledAuditResponse
+newCreateScheduledAuditResponse pHttpStatus_ =
+  CreateScheduledAuditResponse'
+    { scheduledAuditArn =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The ARN of the scheduled audit.
+createScheduledAuditResponse_scheduledAuditArn :: Lens.Lens' CreateScheduledAuditResponse (Prelude.Maybe Prelude.Text)
+createScheduledAuditResponse_scheduledAuditArn = Lens.lens (\CreateScheduledAuditResponse' {scheduledAuditArn} -> scheduledAuditArn) (\s@CreateScheduledAuditResponse' {} a -> s {scheduledAuditArn = a} :: CreateScheduledAuditResponse)
+
+-- | The response's http status code.
+createScheduledAuditResponse_httpStatus :: Lens.Lens' CreateScheduledAuditResponse Prelude.Int
+createScheduledAuditResponse_httpStatus = Lens.lens (\CreateScheduledAuditResponse' {httpStatus} -> httpStatus) (\s@CreateScheduledAuditResponse' {} a -> s {httpStatus = a} :: CreateScheduledAuditResponse)
+
+instance Prelude.NFData CreateScheduledAuditResponse where
+  rnf CreateScheduledAuditResponse' {..} =
+    Prelude.rnf scheduledAuditArn
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CreateSecurityProfile.hs b/gen/Amazonka/IoT/CreateSecurityProfile.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CreateSecurityProfile.hs
@@ -0,0 +1,298 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CreateSecurityProfile
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a Device Defender security profile.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreateSecurityProfile>
+-- action.
+module Amazonka.IoT.CreateSecurityProfile
+  ( -- * Creating a Request
+    CreateSecurityProfile (..),
+    newCreateSecurityProfile,
+
+    -- * Request Lenses
+    createSecurityProfile_additionalMetricsToRetain,
+    createSecurityProfile_additionalMetricsToRetainV2,
+    createSecurityProfile_alertTargets,
+    createSecurityProfile_behaviors,
+    createSecurityProfile_securityProfileDescription,
+    createSecurityProfile_tags,
+    createSecurityProfile_securityProfileName,
+
+    -- * Destructuring the Response
+    CreateSecurityProfileResponse (..),
+    newCreateSecurityProfileResponse,
+
+    -- * Response Lenses
+    createSecurityProfileResponse_securityProfileArn,
+    createSecurityProfileResponse_securityProfileName,
+    createSecurityProfileResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newCreateSecurityProfile' smart constructor.
+data CreateSecurityProfile = CreateSecurityProfile'
+  { -- | /Please use CreateSecurityProfileRequest$additionalMetricsToRetainV2
+    -- instead./
+    --
+    -- A list of metrics whose data is retained (stored). By default, data is
+    -- retained for any metric used in the profile\'s @behaviors@, but it is
+    -- also retained for any metric specified here. Can be used with custom
+    -- metrics; cannot be used with dimensions.
+    additionalMetricsToRetain :: Prelude.Maybe [Prelude.Text],
+    -- | A list of metrics whose data is retained (stored). By default, data is
+    -- retained for any metric used in the profile\'s @behaviors@, but it is
+    -- also retained for any metric specified here. Can be used with custom
+    -- metrics; cannot be used with dimensions.
+    additionalMetricsToRetainV2 :: Prelude.Maybe [MetricToRetain],
+    -- | Specifies the destinations to which alerts are sent. (Alerts are always
+    -- sent to the console.) Alerts are generated when a device (thing)
+    -- violates a behavior.
+    alertTargets :: Prelude.Maybe (Prelude.HashMap AlertTargetType AlertTarget),
+    -- | Specifies the behaviors that, when violated by a device (thing), cause
+    -- an alert.
+    behaviors :: Prelude.Maybe [Behavior],
+    -- | A description of the security profile.
+    securityProfileDescription :: Prelude.Maybe Prelude.Text,
+    -- | Metadata that can be used to manage the security profile.
+    tags :: Prelude.Maybe [Tag],
+    -- | The name you are giving to the security profile.
+    securityProfileName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateSecurityProfile' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'additionalMetricsToRetain', 'createSecurityProfile_additionalMetricsToRetain' - /Please use CreateSecurityProfileRequest$additionalMetricsToRetainV2
+-- instead./
+--
+-- A list of metrics whose data is retained (stored). By default, data is
+-- retained for any metric used in the profile\'s @behaviors@, but it is
+-- also retained for any metric specified here. Can be used with custom
+-- metrics; cannot be used with dimensions.
+--
+-- 'additionalMetricsToRetainV2', 'createSecurityProfile_additionalMetricsToRetainV2' - A list of metrics whose data is retained (stored). By default, data is
+-- retained for any metric used in the profile\'s @behaviors@, but it is
+-- also retained for any metric specified here. Can be used with custom
+-- metrics; cannot be used with dimensions.
+--
+-- 'alertTargets', 'createSecurityProfile_alertTargets' - Specifies the destinations to which alerts are sent. (Alerts are always
+-- sent to the console.) Alerts are generated when a device (thing)
+-- violates a behavior.
+--
+-- 'behaviors', 'createSecurityProfile_behaviors' - Specifies the behaviors that, when violated by a device (thing), cause
+-- an alert.
+--
+-- 'securityProfileDescription', 'createSecurityProfile_securityProfileDescription' - A description of the security profile.
+--
+-- 'tags', 'createSecurityProfile_tags' - Metadata that can be used to manage the security profile.
+--
+-- 'securityProfileName', 'createSecurityProfile_securityProfileName' - The name you are giving to the security profile.
+newCreateSecurityProfile ::
+  -- | 'securityProfileName'
+  Prelude.Text ->
+  CreateSecurityProfile
+newCreateSecurityProfile pSecurityProfileName_ =
+  CreateSecurityProfile'
+    { additionalMetricsToRetain =
+        Prelude.Nothing,
+      additionalMetricsToRetainV2 = Prelude.Nothing,
+      alertTargets = Prelude.Nothing,
+      behaviors = Prelude.Nothing,
+      securityProfileDescription = Prelude.Nothing,
+      tags = Prelude.Nothing,
+      securityProfileName = pSecurityProfileName_
+    }
+
+-- | /Please use CreateSecurityProfileRequest$additionalMetricsToRetainV2
+-- instead./
+--
+-- A list of metrics whose data is retained (stored). By default, data is
+-- retained for any metric used in the profile\'s @behaviors@, but it is
+-- also retained for any metric specified here. Can be used with custom
+-- metrics; cannot be used with dimensions.
+createSecurityProfile_additionalMetricsToRetain :: Lens.Lens' CreateSecurityProfile (Prelude.Maybe [Prelude.Text])
+createSecurityProfile_additionalMetricsToRetain = Lens.lens (\CreateSecurityProfile' {additionalMetricsToRetain} -> additionalMetricsToRetain) (\s@CreateSecurityProfile' {} a -> s {additionalMetricsToRetain = a} :: CreateSecurityProfile) Prelude.. Lens.mapping Lens.coerced
+
+-- | A list of metrics whose data is retained (stored). By default, data is
+-- retained for any metric used in the profile\'s @behaviors@, but it is
+-- also retained for any metric specified here. Can be used with custom
+-- metrics; cannot be used with dimensions.
+createSecurityProfile_additionalMetricsToRetainV2 :: Lens.Lens' CreateSecurityProfile (Prelude.Maybe [MetricToRetain])
+createSecurityProfile_additionalMetricsToRetainV2 = Lens.lens (\CreateSecurityProfile' {additionalMetricsToRetainV2} -> additionalMetricsToRetainV2) (\s@CreateSecurityProfile' {} a -> s {additionalMetricsToRetainV2 = a} :: CreateSecurityProfile) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies the destinations to which alerts are sent. (Alerts are always
+-- sent to the console.) Alerts are generated when a device (thing)
+-- violates a behavior.
+createSecurityProfile_alertTargets :: Lens.Lens' CreateSecurityProfile (Prelude.Maybe (Prelude.HashMap AlertTargetType AlertTarget))
+createSecurityProfile_alertTargets = Lens.lens (\CreateSecurityProfile' {alertTargets} -> alertTargets) (\s@CreateSecurityProfile' {} a -> s {alertTargets = a} :: CreateSecurityProfile) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies the behaviors that, when violated by a device (thing), cause
+-- an alert.
+createSecurityProfile_behaviors :: Lens.Lens' CreateSecurityProfile (Prelude.Maybe [Behavior])
+createSecurityProfile_behaviors = Lens.lens (\CreateSecurityProfile' {behaviors} -> behaviors) (\s@CreateSecurityProfile' {} a -> s {behaviors = a} :: CreateSecurityProfile) Prelude.. Lens.mapping Lens.coerced
+
+-- | A description of the security profile.
+createSecurityProfile_securityProfileDescription :: Lens.Lens' CreateSecurityProfile (Prelude.Maybe Prelude.Text)
+createSecurityProfile_securityProfileDescription = Lens.lens (\CreateSecurityProfile' {securityProfileDescription} -> securityProfileDescription) (\s@CreateSecurityProfile' {} a -> s {securityProfileDescription = a} :: CreateSecurityProfile)
+
+-- | Metadata that can be used to manage the security profile.
+createSecurityProfile_tags :: Lens.Lens' CreateSecurityProfile (Prelude.Maybe [Tag])
+createSecurityProfile_tags = Lens.lens (\CreateSecurityProfile' {tags} -> tags) (\s@CreateSecurityProfile' {} a -> s {tags = a} :: CreateSecurityProfile) Prelude.. Lens.mapping Lens.coerced
+
+-- | The name you are giving to the security profile.
+createSecurityProfile_securityProfileName :: Lens.Lens' CreateSecurityProfile Prelude.Text
+createSecurityProfile_securityProfileName = Lens.lens (\CreateSecurityProfile' {securityProfileName} -> securityProfileName) (\s@CreateSecurityProfile' {} a -> s {securityProfileName = a} :: CreateSecurityProfile)
+
+instance Core.AWSRequest CreateSecurityProfile where
+  type
+    AWSResponse CreateSecurityProfile =
+      CreateSecurityProfileResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateSecurityProfileResponse'
+            Prelude.<$> (x Data..?> "securityProfileArn")
+            Prelude.<*> (x Data..?> "securityProfileName")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreateSecurityProfile where
+  hashWithSalt _salt CreateSecurityProfile' {..} =
+    _salt
+      `Prelude.hashWithSalt` additionalMetricsToRetain
+      `Prelude.hashWithSalt` additionalMetricsToRetainV2
+      `Prelude.hashWithSalt` alertTargets
+      `Prelude.hashWithSalt` behaviors
+      `Prelude.hashWithSalt` securityProfileDescription
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` securityProfileName
+
+instance Prelude.NFData CreateSecurityProfile where
+  rnf CreateSecurityProfile' {..} =
+    Prelude.rnf additionalMetricsToRetain
+      `Prelude.seq` Prelude.rnf additionalMetricsToRetainV2
+      `Prelude.seq` Prelude.rnf alertTargets
+      `Prelude.seq` Prelude.rnf behaviors
+      `Prelude.seq` Prelude.rnf securityProfileDescription
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf securityProfileName
+
+instance Data.ToHeaders CreateSecurityProfile where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CreateSecurityProfile where
+  toJSON CreateSecurityProfile' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("additionalMetricsToRetain" Data..=)
+              Prelude.<$> additionalMetricsToRetain,
+            ("additionalMetricsToRetainV2" Data..=)
+              Prelude.<$> additionalMetricsToRetainV2,
+            ("alertTargets" Data..=) Prelude.<$> alertTargets,
+            ("behaviors" Data..=) Prelude.<$> behaviors,
+            ("securityProfileDescription" Data..=)
+              Prelude.<$> securityProfileDescription,
+            ("tags" Data..=) Prelude.<$> tags
+          ]
+      )
+
+instance Data.ToPath CreateSecurityProfile where
+  toPath CreateSecurityProfile' {..} =
+    Prelude.mconcat
+      [ "/security-profiles/",
+        Data.toBS securityProfileName
+      ]
+
+instance Data.ToQuery CreateSecurityProfile where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateSecurityProfileResponse' smart constructor.
+data CreateSecurityProfileResponse = CreateSecurityProfileResponse'
+  { -- | The ARN of the security profile.
+    securityProfileArn :: Prelude.Maybe Prelude.Text,
+    -- | The name you gave to the security profile.
+    securityProfileName :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateSecurityProfileResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'securityProfileArn', 'createSecurityProfileResponse_securityProfileArn' - The ARN of the security profile.
+--
+-- 'securityProfileName', 'createSecurityProfileResponse_securityProfileName' - The name you gave to the security profile.
+--
+-- 'httpStatus', 'createSecurityProfileResponse_httpStatus' - The response's http status code.
+newCreateSecurityProfileResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateSecurityProfileResponse
+newCreateSecurityProfileResponse pHttpStatus_ =
+  CreateSecurityProfileResponse'
+    { securityProfileArn =
+        Prelude.Nothing,
+      securityProfileName = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The ARN of the security profile.
+createSecurityProfileResponse_securityProfileArn :: Lens.Lens' CreateSecurityProfileResponse (Prelude.Maybe Prelude.Text)
+createSecurityProfileResponse_securityProfileArn = Lens.lens (\CreateSecurityProfileResponse' {securityProfileArn} -> securityProfileArn) (\s@CreateSecurityProfileResponse' {} a -> s {securityProfileArn = a} :: CreateSecurityProfileResponse)
+
+-- | The name you gave to the security profile.
+createSecurityProfileResponse_securityProfileName :: Lens.Lens' CreateSecurityProfileResponse (Prelude.Maybe Prelude.Text)
+createSecurityProfileResponse_securityProfileName = Lens.lens (\CreateSecurityProfileResponse' {securityProfileName} -> securityProfileName) (\s@CreateSecurityProfileResponse' {} a -> s {securityProfileName = a} :: CreateSecurityProfileResponse)
+
+-- | The response's http status code.
+createSecurityProfileResponse_httpStatus :: Lens.Lens' CreateSecurityProfileResponse Prelude.Int
+createSecurityProfileResponse_httpStatus = Lens.lens (\CreateSecurityProfileResponse' {httpStatus} -> httpStatus) (\s@CreateSecurityProfileResponse' {} a -> s {httpStatus = a} :: CreateSecurityProfileResponse)
+
+instance Prelude.NFData CreateSecurityProfileResponse where
+  rnf CreateSecurityProfileResponse' {..} =
+    Prelude.rnf securityProfileArn
+      `Prelude.seq` Prelude.rnf securityProfileName
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CreateStream.hs b/gen/Amazonka/IoT/CreateStream.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CreateStream.hs
@@ -0,0 +1,261 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CreateStream
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a stream for delivering one or more large files in chunks over
+-- MQTT. A stream transports data bytes in chunks or blocks packaged as
+-- MQTT messages from a source like S3. You can have one or more files
+-- associated with a stream.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreateStream>
+-- action.
+module Amazonka.IoT.CreateStream
+  ( -- * Creating a Request
+    CreateStream (..),
+    newCreateStream,
+
+    -- * Request Lenses
+    createStream_description,
+    createStream_tags,
+    createStream_streamId,
+    createStream_files,
+    createStream_roleArn,
+
+    -- * Destructuring the Response
+    CreateStreamResponse (..),
+    newCreateStreamResponse,
+
+    -- * Response Lenses
+    createStreamResponse_description,
+    createStreamResponse_streamArn,
+    createStreamResponse_streamId,
+    createStreamResponse_streamVersion,
+    createStreamResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newCreateStream' smart constructor.
+data CreateStream = CreateStream'
+  { -- | A description of the stream.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | Metadata which can be used to manage streams.
+    tags :: Prelude.Maybe [Tag],
+    -- | The stream ID.
+    streamId :: Prelude.Text,
+    -- | The files to stream.
+    files :: Prelude.NonEmpty StreamFile,
+    -- | An IAM role that allows the IoT service principal to access your S3
+    -- files.
+    roleArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateStream' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'description', 'createStream_description' - A description of the stream.
+--
+-- 'tags', 'createStream_tags' - Metadata which can be used to manage streams.
+--
+-- 'streamId', 'createStream_streamId' - The stream ID.
+--
+-- 'files', 'createStream_files' - The files to stream.
+--
+-- 'roleArn', 'createStream_roleArn' - An IAM role that allows the IoT service principal to access your S3
+-- files.
+newCreateStream ::
+  -- | 'streamId'
+  Prelude.Text ->
+  -- | 'files'
+  Prelude.NonEmpty StreamFile ->
+  -- | 'roleArn'
+  Prelude.Text ->
+  CreateStream
+newCreateStream pStreamId_ pFiles_ pRoleArn_ =
+  CreateStream'
+    { description = Prelude.Nothing,
+      tags = Prelude.Nothing,
+      streamId = pStreamId_,
+      files = Lens.coerced Lens.# pFiles_,
+      roleArn = pRoleArn_
+    }
+
+-- | A description of the stream.
+createStream_description :: Lens.Lens' CreateStream (Prelude.Maybe Prelude.Text)
+createStream_description = Lens.lens (\CreateStream' {description} -> description) (\s@CreateStream' {} a -> s {description = a} :: CreateStream)
+
+-- | Metadata which can be used to manage streams.
+createStream_tags :: Lens.Lens' CreateStream (Prelude.Maybe [Tag])
+createStream_tags = Lens.lens (\CreateStream' {tags} -> tags) (\s@CreateStream' {} a -> s {tags = a} :: CreateStream) Prelude.. Lens.mapping Lens.coerced
+
+-- | The stream ID.
+createStream_streamId :: Lens.Lens' CreateStream Prelude.Text
+createStream_streamId = Lens.lens (\CreateStream' {streamId} -> streamId) (\s@CreateStream' {} a -> s {streamId = a} :: CreateStream)
+
+-- | The files to stream.
+createStream_files :: Lens.Lens' CreateStream (Prelude.NonEmpty StreamFile)
+createStream_files = Lens.lens (\CreateStream' {files} -> files) (\s@CreateStream' {} a -> s {files = a} :: CreateStream) Prelude.. Lens.coerced
+
+-- | An IAM role that allows the IoT service principal to access your S3
+-- files.
+createStream_roleArn :: Lens.Lens' CreateStream Prelude.Text
+createStream_roleArn = Lens.lens (\CreateStream' {roleArn} -> roleArn) (\s@CreateStream' {} a -> s {roleArn = a} :: CreateStream)
+
+instance Core.AWSRequest CreateStream where
+  type AWSResponse CreateStream = CreateStreamResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateStreamResponse'
+            Prelude.<$> (x Data..?> "description")
+            Prelude.<*> (x Data..?> "streamArn")
+            Prelude.<*> (x Data..?> "streamId")
+            Prelude.<*> (x Data..?> "streamVersion")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreateStream where
+  hashWithSalt _salt CreateStream' {..} =
+    _salt
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` streamId
+      `Prelude.hashWithSalt` files
+      `Prelude.hashWithSalt` roleArn
+
+instance Prelude.NFData CreateStream where
+  rnf CreateStream' {..} =
+    Prelude.rnf description
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf streamId
+      `Prelude.seq` Prelude.rnf files
+      `Prelude.seq` Prelude.rnf roleArn
+
+instance Data.ToHeaders CreateStream where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CreateStream where
+  toJSON CreateStream' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("description" Data..=) Prelude.<$> description,
+            ("tags" Data..=) Prelude.<$> tags,
+            Prelude.Just ("files" Data..= files),
+            Prelude.Just ("roleArn" Data..= roleArn)
+          ]
+      )
+
+instance Data.ToPath CreateStream where
+  toPath CreateStream' {..} =
+    Prelude.mconcat ["/streams/", Data.toBS streamId]
+
+instance Data.ToQuery CreateStream where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateStreamResponse' smart constructor.
+data CreateStreamResponse = CreateStreamResponse'
+  { -- | A description of the stream.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | The stream ARN.
+    streamArn :: Prelude.Maybe Prelude.Text,
+    -- | The stream ID.
+    streamId :: Prelude.Maybe Prelude.Text,
+    -- | The version of the stream.
+    streamVersion :: Prelude.Maybe Prelude.Natural,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateStreamResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'description', 'createStreamResponse_description' - A description of the stream.
+--
+-- 'streamArn', 'createStreamResponse_streamArn' - The stream ARN.
+--
+-- 'streamId', 'createStreamResponse_streamId' - The stream ID.
+--
+-- 'streamVersion', 'createStreamResponse_streamVersion' - The version of the stream.
+--
+-- 'httpStatus', 'createStreamResponse_httpStatus' - The response's http status code.
+newCreateStreamResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateStreamResponse
+newCreateStreamResponse pHttpStatus_ =
+  CreateStreamResponse'
+    { description =
+        Prelude.Nothing,
+      streamArn = Prelude.Nothing,
+      streamId = Prelude.Nothing,
+      streamVersion = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | A description of the stream.
+createStreamResponse_description :: Lens.Lens' CreateStreamResponse (Prelude.Maybe Prelude.Text)
+createStreamResponse_description = Lens.lens (\CreateStreamResponse' {description} -> description) (\s@CreateStreamResponse' {} a -> s {description = a} :: CreateStreamResponse)
+
+-- | The stream ARN.
+createStreamResponse_streamArn :: Lens.Lens' CreateStreamResponse (Prelude.Maybe Prelude.Text)
+createStreamResponse_streamArn = Lens.lens (\CreateStreamResponse' {streamArn} -> streamArn) (\s@CreateStreamResponse' {} a -> s {streamArn = a} :: CreateStreamResponse)
+
+-- | The stream ID.
+createStreamResponse_streamId :: Lens.Lens' CreateStreamResponse (Prelude.Maybe Prelude.Text)
+createStreamResponse_streamId = Lens.lens (\CreateStreamResponse' {streamId} -> streamId) (\s@CreateStreamResponse' {} a -> s {streamId = a} :: CreateStreamResponse)
+
+-- | The version of the stream.
+createStreamResponse_streamVersion :: Lens.Lens' CreateStreamResponse (Prelude.Maybe Prelude.Natural)
+createStreamResponse_streamVersion = Lens.lens (\CreateStreamResponse' {streamVersion} -> streamVersion) (\s@CreateStreamResponse' {} a -> s {streamVersion = a} :: CreateStreamResponse)
+
+-- | The response's http status code.
+createStreamResponse_httpStatus :: Lens.Lens' CreateStreamResponse Prelude.Int
+createStreamResponse_httpStatus = Lens.lens (\CreateStreamResponse' {httpStatus} -> httpStatus) (\s@CreateStreamResponse' {} a -> s {httpStatus = a} :: CreateStreamResponse)
+
+instance Prelude.NFData CreateStreamResponse where
+  rnf CreateStreamResponse' {..} =
+    Prelude.rnf description
+      `Prelude.seq` Prelude.rnf streamArn
+      `Prelude.seq` Prelude.rnf streamId
+      `Prelude.seq` Prelude.rnf streamVersion
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CreateThing.hs b/gen/Amazonka/IoT/CreateThing.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CreateThing.hs
@@ -0,0 +1,259 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CreateThing
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a thing record in the registry. If this call is made multiple
+-- times using the same thing name and configuration, the call will
+-- succeed. If this call is made with the same thing name but different
+-- configuration a @ResourceAlreadyExistsException@ is thrown.
+--
+-- This is a control plane operation. See
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/iot-authorization.html Authorization>
+-- for information about authorizing control plane actions.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreateThing>
+-- action.
+module Amazonka.IoT.CreateThing
+  ( -- * Creating a Request
+    CreateThing (..),
+    newCreateThing,
+
+    -- * Request Lenses
+    createThing_attributePayload,
+    createThing_billingGroupName,
+    createThing_thingTypeName,
+    createThing_thingName,
+
+    -- * Destructuring the Response
+    CreateThingResponse (..),
+    newCreateThingResponse,
+
+    -- * Response Lenses
+    createThingResponse_thingArn,
+    createThingResponse_thingId,
+    createThingResponse_thingName,
+    createThingResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the CreateThing operation.
+--
+-- /See:/ 'newCreateThing' smart constructor.
+data CreateThing = CreateThing'
+  { -- | The attribute payload, which consists of up to three name\/value pairs
+    -- in a JSON document. For example:
+    --
+    -- @{\\\"attributes\\\":{\\\"string1\\\":\\\"string2\\\"}}@
+    attributePayload :: Prelude.Maybe AttributePayload,
+    -- | The name of the billing group the thing will be added to.
+    billingGroupName :: Prelude.Maybe Prelude.Text,
+    -- | The name of the thing type associated with the new thing.
+    thingTypeName :: Prelude.Maybe Prelude.Text,
+    -- | The name of the thing to create.
+    --
+    -- You can\'t change a thing\'s name after you create it. To change a
+    -- thing\'s name, you must create a new thing, give it the new name, and
+    -- then delete the old thing.
+    thingName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateThing' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'attributePayload', 'createThing_attributePayload' - The attribute payload, which consists of up to three name\/value pairs
+-- in a JSON document. For example:
+--
+-- @{\\\"attributes\\\":{\\\"string1\\\":\\\"string2\\\"}}@
+--
+-- 'billingGroupName', 'createThing_billingGroupName' - The name of the billing group the thing will be added to.
+--
+-- 'thingTypeName', 'createThing_thingTypeName' - The name of the thing type associated with the new thing.
+--
+-- 'thingName', 'createThing_thingName' - The name of the thing to create.
+--
+-- You can\'t change a thing\'s name after you create it. To change a
+-- thing\'s name, you must create a new thing, give it the new name, and
+-- then delete the old thing.
+newCreateThing ::
+  -- | 'thingName'
+  Prelude.Text ->
+  CreateThing
+newCreateThing pThingName_ =
+  CreateThing'
+    { attributePayload = Prelude.Nothing,
+      billingGroupName = Prelude.Nothing,
+      thingTypeName = Prelude.Nothing,
+      thingName = pThingName_
+    }
+
+-- | The attribute payload, which consists of up to three name\/value pairs
+-- in a JSON document. For example:
+--
+-- @{\\\"attributes\\\":{\\\"string1\\\":\\\"string2\\\"}}@
+createThing_attributePayload :: Lens.Lens' CreateThing (Prelude.Maybe AttributePayload)
+createThing_attributePayload = Lens.lens (\CreateThing' {attributePayload} -> attributePayload) (\s@CreateThing' {} a -> s {attributePayload = a} :: CreateThing)
+
+-- | The name of the billing group the thing will be added to.
+createThing_billingGroupName :: Lens.Lens' CreateThing (Prelude.Maybe Prelude.Text)
+createThing_billingGroupName = Lens.lens (\CreateThing' {billingGroupName} -> billingGroupName) (\s@CreateThing' {} a -> s {billingGroupName = a} :: CreateThing)
+
+-- | The name of the thing type associated with the new thing.
+createThing_thingTypeName :: Lens.Lens' CreateThing (Prelude.Maybe Prelude.Text)
+createThing_thingTypeName = Lens.lens (\CreateThing' {thingTypeName} -> thingTypeName) (\s@CreateThing' {} a -> s {thingTypeName = a} :: CreateThing)
+
+-- | The name of the thing to create.
+--
+-- You can\'t change a thing\'s name after you create it. To change a
+-- thing\'s name, you must create a new thing, give it the new name, and
+-- then delete the old thing.
+createThing_thingName :: Lens.Lens' CreateThing Prelude.Text
+createThing_thingName = Lens.lens (\CreateThing' {thingName} -> thingName) (\s@CreateThing' {} a -> s {thingName = a} :: CreateThing)
+
+instance Core.AWSRequest CreateThing where
+  type AWSResponse CreateThing = CreateThingResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateThingResponse'
+            Prelude.<$> (x Data..?> "thingArn")
+            Prelude.<*> (x Data..?> "thingId")
+            Prelude.<*> (x Data..?> "thingName")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreateThing where
+  hashWithSalt _salt CreateThing' {..} =
+    _salt
+      `Prelude.hashWithSalt` attributePayload
+      `Prelude.hashWithSalt` billingGroupName
+      `Prelude.hashWithSalt` thingTypeName
+      `Prelude.hashWithSalt` thingName
+
+instance Prelude.NFData CreateThing where
+  rnf CreateThing' {..} =
+    Prelude.rnf attributePayload
+      `Prelude.seq` Prelude.rnf billingGroupName
+      `Prelude.seq` Prelude.rnf thingTypeName
+      `Prelude.seq` Prelude.rnf thingName
+
+instance Data.ToHeaders CreateThing where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CreateThing where
+  toJSON CreateThing' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("attributePayload" Data..=)
+              Prelude.<$> attributePayload,
+            ("billingGroupName" Data..=)
+              Prelude.<$> billingGroupName,
+            ("thingTypeName" Data..=) Prelude.<$> thingTypeName
+          ]
+      )
+
+instance Data.ToPath CreateThing where
+  toPath CreateThing' {..} =
+    Prelude.mconcat ["/things/", Data.toBS thingName]
+
+instance Data.ToQuery CreateThing where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | The output of the CreateThing operation.
+--
+-- /See:/ 'newCreateThingResponse' smart constructor.
+data CreateThingResponse = CreateThingResponse'
+  { -- | The ARN of the new thing.
+    thingArn :: Prelude.Maybe Prelude.Text,
+    -- | The thing ID.
+    thingId :: Prelude.Maybe Prelude.Text,
+    -- | The name of the new thing.
+    thingName :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateThingResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'thingArn', 'createThingResponse_thingArn' - The ARN of the new thing.
+--
+-- 'thingId', 'createThingResponse_thingId' - The thing ID.
+--
+-- 'thingName', 'createThingResponse_thingName' - The name of the new thing.
+--
+-- 'httpStatus', 'createThingResponse_httpStatus' - The response's http status code.
+newCreateThingResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateThingResponse
+newCreateThingResponse pHttpStatus_ =
+  CreateThingResponse'
+    { thingArn = Prelude.Nothing,
+      thingId = Prelude.Nothing,
+      thingName = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The ARN of the new thing.
+createThingResponse_thingArn :: Lens.Lens' CreateThingResponse (Prelude.Maybe Prelude.Text)
+createThingResponse_thingArn = Lens.lens (\CreateThingResponse' {thingArn} -> thingArn) (\s@CreateThingResponse' {} a -> s {thingArn = a} :: CreateThingResponse)
+
+-- | The thing ID.
+createThingResponse_thingId :: Lens.Lens' CreateThingResponse (Prelude.Maybe Prelude.Text)
+createThingResponse_thingId = Lens.lens (\CreateThingResponse' {thingId} -> thingId) (\s@CreateThingResponse' {} a -> s {thingId = a} :: CreateThingResponse)
+
+-- | The name of the new thing.
+createThingResponse_thingName :: Lens.Lens' CreateThingResponse (Prelude.Maybe Prelude.Text)
+createThingResponse_thingName = Lens.lens (\CreateThingResponse' {thingName} -> thingName) (\s@CreateThingResponse' {} a -> s {thingName = a} :: CreateThingResponse)
+
+-- | The response's http status code.
+createThingResponse_httpStatus :: Lens.Lens' CreateThingResponse Prelude.Int
+createThingResponse_httpStatus = Lens.lens (\CreateThingResponse' {httpStatus} -> httpStatus) (\s@CreateThingResponse' {} a -> s {httpStatus = a} :: CreateThingResponse)
+
+instance Prelude.NFData CreateThingResponse where
+  rnf CreateThingResponse' {..} =
+    Prelude.rnf thingArn
+      `Prelude.seq` Prelude.rnf thingId
+      `Prelude.seq` Prelude.rnf thingName
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CreateThingGroup.hs b/gen/Amazonka/IoT/CreateThingGroup.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CreateThingGroup.hs
@@ -0,0 +1,236 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CreateThingGroup
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Create a thing group.
+--
+-- This is a control plane operation. See
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/iot-authorization.html Authorization>
+-- for information about authorizing control plane actions.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreateThingGroup>
+-- action.
+module Amazonka.IoT.CreateThingGroup
+  ( -- * Creating a Request
+    CreateThingGroup (..),
+    newCreateThingGroup,
+
+    -- * Request Lenses
+    createThingGroup_parentGroupName,
+    createThingGroup_tags,
+    createThingGroup_thingGroupProperties,
+    createThingGroup_thingGroupName,
+
+    -- * Destructuring the Response
+    CreateThingGroupResponse (..),
+    newCreateThingGroupResponse,
+
+    -- * Response Lenses
+    createThingGroupResponse_thingGroupArn,
+    createThingGroupResponse_thingGroupId,
+    createThingGroupResponse_thingGroupName,
+    createThingGroupResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newCreateThingGroup' smart constructor.
+data CreateThingGroup = CreateThingGroup'
+  { -- | The name of the parent thing group.
+    parentGroupName :: Prelude.Maybe Prelude.Text,
+    -- | Metadata which can be used to manage the thing group.
+    tags :: Prelude.Maybe [Tag],
+    -- | The thing group properties.
+    thingGroupProperties :: Prelude.Maybe ThingGroupProperties,
+    -- | The thing group name to create.
+    thingGroupName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateThingGroup' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'parentGroupName', 'createThingGroup_parentGroupName' - The name of the parent thing group.
+--
+-- 'tags', 'createThingGroup_tags' - Metadata which can be used to manage the thing group.
+--
+-- 'thingGroupProperties', 'createThingGroup_thingGroupProperties' - The thing group properties.
+--
+-- 'thingGroupName', 'createThingGroup_thingGroupName' - The thing group name to create.
+newCreateThingGroup ::
+  -- | 'thingGroupName'
+  Prelude.Text ->
+  CreateThingGroup
+newCreateThingGroup pThingGroupName_ =
+  CreateThingGroup'
+    { parentGroupName =
+        Prelude.Nothing,
+      tags = Prelude.Nothing,
+      thingGroupProperties = Prelude.Nothing,
+      thingGroupName = pThingGroupName_
+    }
+
+-- | The name of the parent thing group.
+createThingGroup_parentGroupName :: Lens.Lens' CreateThingGroup (Prelude.Maybe Prelude.Text)
+createThingGroup_parentGroupName = Lens.lens (\CreateThingGroup' {parentGroupName} -> parentGroupName) (\s@CreateThingGroup' {} a -> s {parentGroupName = a} :: CreateThingGroup)
+
+-- | Metadata which can be used to manage the thing group.
+createThingGroup_tags :: Lens.Lens' CreateThingGroup (Prelude.Maybe [Tag])
+createThingGroup_tags = Lens.lens (\CreateThingGroup' {tags} -> tags) (\s@CreateThingGroup' {} a -> s {tags = a} :: CreateThingGroup) Prelude.. Lens.mapping Lens.coerced
+
+-- | The thing group properties.
+createThingGroup_thingGroupProperties :: Lens.Lens' CreateThingGroup (Prelude.Maybe ThingGroupProperties)
+createThingGroup_thingGroupProperties = Lens.lens (\CreateThingGroup' {thingGroupProperties} -> thingGroupProperties) (\s@CreateThingGroup' {} a -> s {thingGroupProperties = a} :: CreateThingGroup)
+
+-- | The thing group name to create.
+createThingGroup_thingGroupName :: Lens.Lens' CreateThingGroup Prelude.Text
+createThingGroup_thingGroupName = Lens.lens (\CreateThingGroup' {thingGroupName} -> thingGroupName) (\s@CreateThingGroup' {} a -> s {thingGroupName = a} :: CreateThingGroup)
+
+instance Core.AWSRequest CreateThingGroup where
+  type
+    AWSResponse CreateThingGroup =
+      CreateThingGroupResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateThingGroupResponse'
+            Prelude.<$> (x Data..?> "thingGroupArn")
+            Prelude.<*> (x Data..?> "thingGroupId")
+            Prelude.<*> (x Data..?> "thingGroupName")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreateThingGroup where
+  hashWithSalt _salt CreateThingGroup' {..} =
+    _salt
+      `Prelude.hashWithSalt` parentGroupName
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` thingGroupProperties
+      `Prelude.hashWithSalt` thingGroupName
+
+instance Prelude.NFData CreateThingGroup where
+  rnf CreateThingGroup' {..} =
+    Prelude.rnf parentGroupName
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf thingGroupProperties
+      `Prelude.seq` Prelude.rnf thingGroupName
+
+instance Data.ToHeaders CreateThingGroup where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CreateThingGroup where
+  toJSON CreateThingGroup' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("parentGroupName" Data..=)
+              Prelude.<$> parentGroupName,
+            ("tags" Data..=) Prelude.<$> tags,
+            ("thingGroupProperties" Data..=)
+              Prelude.<$> thingGroupProperties
+          ]
+      )
+
+instance Data.ToPath CreateThingGroup where
+  toPath CreateThingGroup' {..} =
+    Prelude.mconcat
+      ["/thing-groups/", Data.toBS thingGroupName]
+
+instance Data.ToQuery CreateThingGroup where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateThingGroupResponse' smart constructor.
+data CreateThingGroupResponse = CreateThingGroupResponse'
+  { -- | The thing group ARN.
+    thingGroupArn :: Prelude.Maybe Prelude.Text,
+    -- | The thing group ID.
+    thingGroupId :: Prelude.Maybe Prelude.Text,
+    -- | The thing group name.
+    thingGroupName :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateThingGroupResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'thingGroupArn', 'createThingGroupResponse_thingGroupArn' - The thing group ARN.
+--
+-- 'thingGroupId', 'createThingGroupResponse_thingGroupId' - The thing group ID.
+--
+-- 'thingGroupName', 'createThingGroupResponse_thingGroupName' - The thing group name.
+--
+-- 'httpStatus', 'createThingGroupResponse_httpStatus' - The response's http status code.
+newCreateThingGroupResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateThingGroupResponse
+newCreateThingGroupResponse pHttpStatus_ =
+  CreateThingGroupResponse'
+    { thingGroupArn =
+        Prelude.Nothing,
+      thingGroupId = Prelude.Nothing,
+      thingGroupName = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The thing group ARN.
+createThingGroupResponse_thingGroupArn :: Lens.Lens' CreateThingGroupResponse (Prelude.Maybe Prelude.Text)
+createThingGroupResponse_thingGroupArn = Lens.lens (\CreateThingGroupResponse' {thingGroupArn} -> thingGroupArn) (\s@CreateThingGroupResponse' {} a -> s {thingGroupArn = a} :: CreateThingGroupResponse)
+
+-- | The thing group ID.
+createThingGroupResponse_thingGroupId :: Lens.Lens' CreateThingGroupResponse (Prelude.Maybe Prelude.Text)
+createThingGroupResponse_thingGroupId = Lens.lens (\CreateThingGroupResponse' {thingGroupId} -> thingGroupId) (\s@CreateThingGroupResponse' {} a -> s {thingGroupId = a} :: CreateThingGroupResponse)
+
+-- | The thing group name.
+createThingGroupResponse_thingGroupName :: Lens.Lens' CreateThingGroupResponse (Prelude.Maybe Prelude.Text)
+createThingGroupResponse_thingGroupName = Lens.lens (\CreateThingGroupResponse' {thingGroupName} -> thingGroupName) (\s@CreateThingGroupResponse' {} a -> s {thingGroupName = a} :: CreateThingGroupResponse)
+
+-- | The response's http status code.
+createThingGroupResponse_httpStatus :: Lens.Lens' CreateThingGroupResponse Prelude.Int
+createThingGroupResponse_httpStatus = Lens.lens (\CreateThingGroupResponse' {httpStatus} -> httpStatus) (\s@CreateThingGroupResponse' {} a -> s {httpStatus = a} :: CreateThingGroupResponse)
+
+instance Prelude.NFData CreateThingGroupResponse where
+  rnf CreateThingGroupResponse' {..} =
+    Prelude.rnf thingGroupArn
+      `Prelude.seq` Prelude.rnf thingGroupId
+      `Prelude.seq` Prelude.rnf thingGroupName
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CreateThingType.hs b/gen/Amazonka/IoT/CreateThingType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CreateThingType.hs
@@ -0,0 +1,227 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CreateThingType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a new thing type.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreateThingType>
+-- action.
+module Amazonka.IoT.CreateThingType
+  ( -- * Creating a Request
+    CreateThingType (..),
+    newCreateThingType,
+
+    -- * Request Lenses
+    createThingType_tags,
+    createThingType_thingTypeProperties,
+    createThingType_thingTypeName,
+
+    -- * Destructuring the Response
+    CreateThingTypeResponse (..),
+    newCreateThingTypeResponse,
+
+    -- * Response Lenses
+    createThingTypeResponse_thingTypeArn,
+    createThingTypeResponse_thingTypeId,
+    createThingTypeResponse_thingTypeName,
+    createThingTypeResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the CreateThingType operation.
+--
+-- /See:/ 'newCreateThingType' smart constructor.
+data CreateThingType = CreateThingType'
+  { -- | Metadata which can be used to manage the thing type.
+    tags :: Prelude.Maybe [Tag],
+    -- | The ThingTypeProperties for the thing type to create. It contains
+    -- information about the new thing type including a description, and a list
+    -- of searchable thing attribute names.
+    thingTypeProperties :: Prelude.Maybe ThingTypeProperties,
+    -- | The name of the thing type.
+    thingTypeName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateThingType' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'tags', 'createThingType_tags' - Metadata which can be used to manage the thing type.
+--
+-- 'thingTypeProperties', 'createThingType_thingTypeProperties' - The ThingTypeProperties for the thing type to create. It contains
+-- information about the new thing type including a description, and a list
+-- of searchable thing attribute names.
+--
+-- 'thingTypeName', 'createThingType_thingTypeName' - The name of the thing type.
+newCreateThingType ::
+  -- | 'thingTypeName'
+  Prelude.Text ->
+  CreateThingType
+newCreateThingType pThingTypeName_ =
+  CreateThingType'
+    { tags = Prelude.Nothing,
+      thingTypeProperties = Prelude.Nothing,
+      thingTypeName = pThingTypeName_
+    }
+
+-- | Metadata which can be used to manage the thing type.
+createThingType_tags :: Lens.Lens' CreateThingType (Prelude.Maybe [Tag])
+createThingType_tags = Lens.lens (\CreateThingType' {tags} -> tags) (\s@CreateThingType' {} a -> s {tags = a} :: CreateThingType) Prelude.. Lens.mapping Lens.coerced
+
+-- | The ThingTypeProperties for the thing type to create. It contains
+-- information about the new thing type including a description, and a list
+-- of searchable thing attribute names.
+createThingType_thingTypeProperties :: Lens.Lens' CreateThingType (Prelude.Maybe ThingTypeProperties)
+createThingType_thingTypeProperties = Lens.lens (\CreateThingType' {thingTypeProperties} -> thingTypeProperties) (\s@CreateThingType' {} a -> s {thingTypeProperties = a} :: CreateThingType)
+
+-- | The name of the thing type.
+createThingType_thingTypeName :: Lens.Lens' CreateThingType Prelude.Text
+createThingType_thingTypeName = Lens.lens (\CreateThingType' {thingTypeName} -> thingTypeName) (\s@CreateThingType' {} a -> s {thingTypeName = a} :: CreateThingType)
+
+instance Core.AWSRequest CreateThingType where
+  type
+    AWSResponse CreateThingType =
+      CreateThingTypeResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateThingTypeResponse'
+            Prelude.<$> (x Data..?> "thingTypeArn")
+            Prelude.<*> (x Data..?> "thingTypeId")
+            Prelude.<*> (x Data..?> "thingTypeName")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreateThingType where
+  hashWithSalt _salt CreateThingType' {..} =
+    _salt
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` thingTypeProperties
+      `Prelude.hashWithSalt` thingTypeName
+
+instance Prelude.NFData CreateThingType where
+  rnf CreateThingType' {..} =
+    Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf thingTypeProperties
+      `Prelude.seq` Prelude.rnf thingTypeName
+
+instance Data.ToHeaders CreateThingType where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CreateThingType where
+  toJSON CreateThingType' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("tags" Data..=) Prelude.<$> tags,
+            ("thingTypeProperties" Data..=)
+              Prelude.<$> thingTypeProperties
+          ]
+      )
+
+instance Data.ToPath CreateThingType where
+  toPath CreateThingType' {..} =
+    Prelude.mconcat
+      ["/thing-types/", Data.toBS thingTypeName]
+
+instance Data.ToQuery CreateThingType where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | The output of the CreateThingType operation.
+--
+-- /See:/ 'newCreateThingTypeResponse' smart constructor.
+data CreateThingTypeResponse = CreateThingTypeResponse'
+  { -- | The Amazon Resource Name (ARN) of the thing type.
+    thingTypeArn :: Prelude.Maybe Prelude.Text,
+    -- | The thing type ID.
+    thingTypeId :: Prelude.Maybe Prelude.Text,
+    -- | The name of the thing type.
+    thingTypeName :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateThingTypeResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'thingTypeArn', 'createThingTypeResponse_thingTypeArn' - The Amazon Resource Name (ARN) of the thing type.
+--
+-- 'thingTypeId', 'createThingTypeResponse_thingTypeId' - The thing type ID.
+--
+-- 'thingTypeName', 'createThingTypeResponse_thingTypeName' - The name of the thing type.
+--
+-- 'httpStatus', 'createThingTypeResponse_httpStatus' - The response's http status code.
+newCreateThingTypeResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateThingTypeResponse
+newCreateThingTypeResponse pHttpStatus_ =
+  CreateThingTypeResponse'
+    { thingTypeArn =
+        Prelude.Nothing,
+      thingTypeId = Prelude.Nothing,
+      thingTypeName = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The Amazon Resource Name (ARN) of the thing type.
+createThingTypeResponse_thingTypeArn :: Lens.Lens' CreateThingTypeResponse (Prelude.Maybe Prelude.Text)
+createThingTypeResponse_thingTypeArn = Lens.lens (\CreateThingTypeResponse' {thingTypeArn} -> thingTypeArn) (\s@CreateThingTypeResponse' {} a -> s {thingTypeArn = a} :: CreateThingTypeResponse)
+
+-- | The thing type ID.
+createThingTypeResponse_thingTypeId :: Lens.Lens' CreateThingTypeResponse (Prelude.Maybe Prelude.Text)
+createThingTypeResponse_thingTypeId = Lens.lens (\CreateThingTypeResponse' {thingTypeId} -> thingTypeId) (\s@CreateThingTypeResponse' {} a -> s {thingTypeId = a} :: CreateThingTypeResponse)
+
+-- | The name of the thing type.
+createThingTypeResponse_thingTypeName :: Lens.Lens' CreateThingTypeResponse (Prelude.Maybe Prelude.Text)
+createThingTypeResponse_thingTypeName = Lens.lens (\CreateThingTypeResponse' {thingTypeName} -> thingTypeName) (\s@CreateThingTypeResponse' {} a -> s {thingTypeName = a} :: CreateThingTypeResponse)
+
+-- | The response's http status code.
+createThingTypeResponse_httpStatus :: Lens.Lens' CreateThingTypeResponse Prelude.Int
+createThingTypeResponse_httpStatus = Lens.lens (\CreateThingTypeResponse' {httpStatus} -> httpStatus) (\s@CreateThingTypeResponse' {} a -> s {httpStatus = a} :: CreateThingTypeResponse)
+
+instance Prelude.NFData CreateThingTypeResponse where
+  rnf CreateThingTypeResponse' {..} =
+    Prelude.rnf thingTypeArn
+      `Prelude.seq` Prelude.rnf thingTypeId
+      `Prelude.seq` Prelude.rnf thingTypeName
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/CreateTopicRule.hs b/gen/Amazonka/IoT/CreateTopicRule.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CreateTopicRule.hs
@@ -0,0 +1,181 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CreateTopicRule
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a rule. Creating rules is an administrator-level action. Any
+-- user who has permission to create rules will be able to access data
+-- processed by the rule.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreateTopicRule>
+-- action.
+module Amazonka.IoT.CreateTopicRule
+  ( -- * Creating a Request
+    CreateTopicRule (..),
+    newCreateTopicRule,
+
+    -- * Request Lenses
+    createTopicRule_tags,
+    createTopicRule_ruleName,
+    createTopicRule_topicRulePayload,
+
+    -- * Destructuring the Response
+    CreateTopicRuleResponse (..),
+    newCreateTopicRuleResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the CreateTopicRule operation.
+--
+-- /See:/ 'newCreateTopicRule' smart constructor.
+data CreateTopicRule = CreateTopicRule'
+  { -- | Metadata which can be used to manage the topic rule.
+    --
+    -- For URI Request parameters use format: ...key1=value1&key2=value2...
+    --
+    -- For the CLI command-line parameter use format: --tags
+    -- \"key1=value1&key2=value2...\"
+    --
+    -- For the cli-input-json file use format: \"tags\":
+    -- \"key1=value1&key2=value2...\"
+    tags :: Prelude.Maybe Prelude.Text,
+    -- | The name of the rule.
+    ruleName :: Prelude.Text,
+    -- | The rule payload.
+    topicRulePayload :: TopicRulePayload
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateTopicRule' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'tags', 'createTopicRule_tags' - Metadata which can be used to manage the topic rule.
+--
+-- For URI Request parameters use format: ...key1=value1&key2=value2...
+--
+-- For the CLI command-line parameter use format: --tags
+-- \"key1=value1&key2=value2...\"
+--
+-- For the cli-input-json file use format: \"tags\":
+-- \"key1=value1&key2=value2...\"
+--
+-- 'ruleName', 'createTopicRule_ruleName' - The name of the rule.
+--
+-- 'topicRulePayload', 'createTopicRule_topicRulePayload' - The rule payload.
+newCreateTopicRule ::
+  -- | 'ruleName'
+  Prelude.Text ->
+  -- | 'topicRulePayload'
+  TopicRulePayload ->
+  CreateTopicRule
+newCreateTopicRule pRuleName_ pTopicRulePayload_ =
+  CreateTopicRule'
+    { tags = Prelude.Nothing,
+      ruleName = pRuleName_,
+      topicRulePayload = pTopicRulePayload_
+    }
+
+-- | Metadata which can be used to manage the topic rule.
+--
+-- For URI Request parameters use format: ...key1=value1&key2=value2...
+--
+-- For the CLI command-line parameter use format: --tags
+-- \"key1=value1&key2=value2...\"
+--
+-- For the cli-input-json file use format: \"tags\":
+-- \"key1=value1&key2=value2...\"
+createTopicRule_tags :: Lens.Lens' CreateTopicRule (Prelude.Maybe Prelude.Text)
+createTopicRule_tags = Lens.lens (\CreateTopicRule' {tags} -> tags) (\s@CreateTopicRule' {} a -> s {tags = a} :: CreateTopicRule)
+
+-- | The name of the rule.
+createTopicRule_ruleName :: Lens.Lens' CreateTopicRule Prelude.Text
+createTopicRule_ruleName = Lens.lens (\CreateTopicRule' {ruleName} -> ruleName) (\s@CreateTopicRule' {} a -> s {ruleName = a} :: CreateTopicRule)
+
+-- | The rule payload.
+createTopicRule_topicRulePayload :: Lens.Lens' CreateTopicRule TopicRulePayload
+createTopicRule_topicRulePayload = Lens.lens (\CreateTopicRule' {topicRulePayload} -> topicRulePayload) (\s@CreateTopicRule' {} a -> s {topicRulePayload = a} :: CreateTopicRule)
+
+instance Core.AWSRequest CreateTopicRule where
+  type
+    AWSResponse CreateTopicRule =
+      CreateTopicRuleResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveNull CreateTopicRuleResponse'
+
+instance Prelude.Hashable CreateTopicRule where
+  hashWithSalt _salt CreateTopicRule' {..} =
+    _salt
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` ruleName
+      `Prelude.hashWithSalt` topicRulePayload
+
+instance Prelude.NFData CreateTopicRule where
+  rnf CreateTopicRule' {..} =
+    Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf ruleName
+      `Prelude.seq` Prelude.rnf topicRulePayload
+
+instance Data.ToHeaders CreateTopicRule where
+  toHeaders CreateTopicRule' {..} =
+    Prelude.mconcat ["x-amz-tagging" Data.=# tags]
+
+instance Data.ToJSON CreateTopicRule where
+  toJSON CreateTopicRule' {..} =
+    Data.toJSON topicRulePayload
+
+instance Data.ToPath CreateTopicRule where
+  toPath CreateTopicRule' {..} =
+    Prelude.mconcat ["/rules/", Data.toBS ruleName]
+
+instance Data.ToQuery CreateTopicRule where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateTopicRuleResponse' smart constructor.
+data CreateTopicRuleResponse = CreateTopicRuleResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateTopicRuleResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newCreateTopicRuleResponse ::
+  CreateTopicRuleResponse
+newCreateTopicRuleResponse = CreateTopicRuleResponse'
+
+instance Prelude.NFData CreateTopicRuleResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/IoT/CreateTopicRuleDestination.hs b/gen/Amazonka/IoT/CreateTopicRuleDestination.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/CreateTopicRuleDestination.hs
@@ -0,0 +1,174 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.CreateTopicRuleDestination
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a topic rule destination. The destination must be confirmed
+-- prior to use.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions CreateTopicRuleDestination>
+-- action.
+module Amazonka.IoT.CreateTopicRuleDestination
+  ( -- * Creating a Request
+    CreateTopicRuleDestination (..),
+    newCreateTopicRuleDestination,
+
+    -- * Request Lenses
+    createTopicRuleDestination_destinationConfiguration,
+
+    -- * Destructuring the Response
+    CreateTopicRuleDestinationResponse (..),
+    newCreateTopicRuleDestinationResponse,
+
+    -- * Response Lenses
+    createTopicRuleDestinationResponse_topicRuleDestination,
+    createTopicRuleDestinationResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newCreateTopicRuleDestination' smart constructor.
+data CreateTopicRuleDestination = CreateTopicRuleDestination'
+  { -- | The topic rule destination configuration.
+    destinationConfiguration :: TopicRuleDestinationConfiguration
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateTopicRuleDestination' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'destinationConfiguration', 'createTopicRuleDestination_destinationConfiguration' - The topic rule destination configuration.
+newCreateTopicRuleDestination ::
+  -- | 'destinationConfiguration'
+  TopicRuleDestinationConfiguration ->
+  CreateTopicRuleDestination
+newCreateTopicRuleDestination
+  pDestinationConfiguration_ =
+    CreateTopicRuleDestination'
+      { destinationConfiguration =
+          pDestinationConfiguration_
+      }
+
+-- | The topic rule destination configuration.
+createTopicRuleDestination_destinationConfiguration :: Lens.Lens' CreateTopicRuleDestination TopicRuleDestinationConfiguration
+createTopicRuleDestination_destinationConfiguration = Lens.lens (\CreateTopicRuleDestination' {destinationConfiguration} -> destinationConfiguration) (\s@CreateTopicRuleDestination' {} a -> s {destinationConfiguration = a} :: CreateTopicRuleDestination)
+
+instance Core.AWSRequest CreateTopicRuleDestination where
+  type
+    AWSResponse CreateTopicRuleDestination =
+      CreateTopicRuleDestinationResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateTopicRuleDestinationResponse'
+            Prelude.<$> (x Data..?> "topicRuleDestination")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreateTopicRuleDestination where
+  hashWithSalt _salt CreateTopicRuleDestination' {..} =
+    _salt
+      `Prelude.hashWithSalt` destinationConfiguration
+
+instance Prelude.NFData CreateTopicRuleDestination where
+  rnf CreateTopicRuleDestination' {..} =
+    Prelude.rnf destinationConfiguration
+
+instance Data.ToHeaders CreateTopicRuleDestination where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON CreateTopicRuleDestination where
+  toJSON CreateTopicRuleDestination' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just
+              ( "destinationConfiguration"
+                  Data..= destinationConfiguration
+              )
+          ]
+      )
+
+instance Data.ToPath CreateTopicRuleDestination where
+  toPath = Prelude.const "/destinations"
+
+instance Data.ToQuery CreateTopicRuleDestination where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateTopicRuleDestinationResponse' smart constructor.
+data CreateTopicRuleDestinationResponse = CreateTopicRuleDestinationResponse'
+  { -- | The topic rule destination.
+    topicRuleDestination :: Prelude.Maybe TopicRuleDestination,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateTopicRuleDestinationResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'topicRuleDestination', 'createTopicRuleDestinationResponse_topicRuleDestination' - The topic rule destination.
+--
+-- 'httpStatus', 'createTopicRuleDestinationResponse_httpStatus' - The response's http status code.
+newCreateTopicRuleDestinationResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateTopicRuleDestinationResponse
+newCreateTopicRuleDestinationResponse pHttpStatus_ =
+  CreateTopicRuleDestinationResponse'
+    { topicRuleDestination =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The topic rule destination.
+createTopicRuleDestinationResponse_topicRuleDestination :: Lens.Lens' CreateTopicRuleDestinationResponse (Prelude.Maybe TopicRuleDestination)
+createTopicRuleDestinationResponse_topicRuleDestination = Lens.lens (\CreateTopicRuleDestinationResponse' {topicRuleDestination} -> topicRuleDestination) (\s@CreateTopicRuleDestinationResponse' {} a -> s {topicRuleDestination = a} :: CreateTopicRuleDestinationResponse)
+
+-- | The response's http status code.
+createTopicRuleDestinationResponse_httpStatus :: Lens.Lens' CreateTopicRuleDestinationResponse Prelude.Int
+createTopicRuleDestinationResponse_httpStatus = Lens.lens (\CreateTopicRuleDestinationResponse' {httpStatus} -> httpStatus) (\s@CreateTopicRuleDestinationResponse' {} a -> s {httpStatus = a} :: CreateTopicRuleDestinationResponse)
+
+instance
+  Prelude.NFData
+    CreateTopicRuleDestinationResponse
+  where
+  rnf CreateTopicRuleDestinationResponse' {..} =
+    Prelude.rnf topicRuleDestination
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DeleteAccountAuditConfiguration.hs b/gen/Amazonka/IoT/DeleteAccountAuditConfiguration.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteAccountAuditConfiguration.hs
@@ -0,0 +1,167 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteAccountAuditConfiguration
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Restores the default settings for Device Defender audits for this
+-- account. Any configuration data you entered is deleted and all audit
+-- checks are reset to disabled.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeleteAccountAuditConfiguration>
+-- action.
+module Amazonka.IoT.DeleteAccountAuditConfiguration
+  ( -- * Creating a Request
+    DeleteAccountAuditConfiguration (..),
+    newDeleteAccountAuditConfiguration,
+
+    -- * Request Lenses
+    deleteAccountAuditConfiguration_deleteScheduledAudits,
+
+    -- * Destructuring the Response
+    DeleteAccountAuditConfigurationResponse (..),
+    newDeleteAccountAuditConfigurationResponse,
+
+    -- * Response Lenses
+    deleteAccountAuditConfigurationResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDeleteAccountAuditConfiguration' smart constructor.
+data DeleteAccountAuditConfiguration = DeleteAccountAuditConfiguration'
+  { -- | If true, all scheduled audits are deleted.
+    deleteScheduledAudits :: Prelude.Maybe Prelude.Bool
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteAccountAuditConfiguration' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'deleteScheduledAudits', 'deleteAccountAuditConfiguration_deleteScheduledAudits' - If true, all scheduled audits are deleted.
+newDeleteAccountAuditConfiguration ::
+  DeleteAccountAuditConfiguration
+newDeleteAccountAuditConfiguration =
+  DeleteAccountAuditConfiguration'
+    { deleteScheduledAudits =
+        Prelude.Nothing
+    }
+
+-- | If true, all scheduled audits are deleted.
+deleteAccountAuditConfiguration_deleteScheduledAudits :: Lens.Lens' DeleteAccountAuditConfiguration (Prelude.Maybe Prelude.Bool)
+deleteAccountAuditConfiguration_deleteScheduledAudits = Lens.lens (\DeleteAccountAuditConfiguration' {deleteScheduledAudits} -> deleteScheduledAudits) (\s@DeleteAccountAuditConfiguration' {} a -> s {deleteScheduledAudits = a} :: DeleteAccountAuditConfiguration)
+
+instance
+  Core.AWSRequest
+    DeleteAccountAuditConfiguration
+  where
+  type
+    AWSResponse DeleteAccountAuditConfiguration =
+      DeleteAccountAuditConfigurationResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteAccountAuditConfigurationResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    DeleteAccountAuditConfiguration
+  where
+  hashWithSalt
+    _salt
+    DeleteAccountAuditConfiguration' {..} =
+      _salt `Prelude.hashWithSalt` deleteScheduledAudits
+
+instance
+  Prelude.NFData
+    DeleteAccountAuditConfiguration
+  where
+  rnf DeleteAccountAuditConfiguration' {..} =
+    Prelude.rnf deleteScheduledAudits
+
+instance
+  Data.ToHeaders
+    DeleteAccountAuditConfiguration
+  where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeleteAccountAuditConfiguration where
+  toPath = Prelude.const "/audit/configuration"
+
+instance Data.ToQuery DeleteAccountAuditConfiguration where
+  toQuery DeleteAccountAuditConfiguration' {..} =
+    Prelude.mconcat
+      [ "deleteScheduledAudits"
+          Data.=: deleteScheduledAudits
+      ]
+
+-- | /See:/ 'newDeleteAccountAuditConfigurationResponse' smart constructor.
+data DeleteAccountAuditConfigurationResponse = DeleteAccountAuditConfigurationResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteAccountAuditConfigurationResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteAccountAuditConfigurationResponse_httpStatus' - The response's http status code.
+newDeleteAccountAuditConfigurationResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteAccountAuditConfigurationResponse
+newDeleteAccountAuditConfigurationResponse
+  pHttpStatus_ =
+    DeleteAccountAuditConfigurationResponse'
+      { httpStatus =
+          pHttpStatus_
+      }
+
+-- | The response's http status code.
+deleteAccountAuditConfigurationResponse_httpStatus :: Lens.Lens' DeleteAccountAuditConfigurationResponse Prelude.Int
+deleteAccountAuditConfigurationResponse_httpStatus = Lens.lens (\DeleteAccountAuditConfigurationResponse' {httpStatus} -> httpStatus) (\s@DeleteAccountAuditConfigurationResponse' {} a -> s {httpStatus = a} :: DeleteAccountAuditConfigurationResponse)
+
+instance
+  Prelude.NFData
+    DeleteAccountAuditConfigurationResponse
+  where
+  rnf DeleteAccountAuditConfigurationResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DeleteAuditSuppression.hs b/gen/Amazonka/IoT/DeleteAuditSuppression.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteAuditSuppression.hs
@@ -0,0 +1,172 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteAuditSuppression
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes a Device Defender audit suppression.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeleteAuditSuppression>
+-- action.
+module Amazonka.IoT.DeleteAuditSuppression
+  ( -- * Creating a Request
+    DeleteAuditSuppression (..),
+    newDeleteAuditSuppression,
+
+    -- * Request Lenses
+    deleteAuditSuppression_checkName,
+    deleteAuditSuppression_resourceIdentifier,
+
+    -- * Destructuring the Response
+    DeleteAuditSuppressionResponse (..),
+    newDeleteAuditSuppressionResponse,
+
+    -- * Response Lenses
+    deleteAuditSuppressionResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDeleteAuditSuppression' smart constructor.
+data DeleteAuditSuppression = DeleteAuditSuppression'
+  { checkName :: Prelude.Text,
+    resourceIdentifier :: ResourceIdentifier
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteAuditSuppression' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'checkName', 'deleteAuditSuppression_checkName' - Undocumented member.
+--
+-- 'resourceIdentifier', 'deleteAuditSuppression_resourceIdentifier' - Undocumented member.
+newDeleteAuditSuppression ::
+  -- | 'checkName'
+  Prelude.Text ->
+  -- | 'resourceIdentifier'
+  ResourceIdentifier ->
+  DeleteAuditSuppression
+newDeleteAuditSuppression
+  pCheckName_
+  pResourceIdentifier_ =
+    DeleteAuditSuppression'
+      { checkName = pCheckName_,
+        resourceIdentifier = pResourceIdentifier_
+      }
+
+-- | Undocumented member.
+deleteAuditSuppression_checkName :: Lens.Lens' DeleteAuditSuppression Prelude.Text
+deleteAuditSuppression_checkName = Lens.lens (\DeleteAuditSuppression' {checkName} -> checkName) (\s@DeleteAuditSuppression' {} a -> s {checkName = a} :: DeleteAuditSuppression)
+
+-- | Undocumented member.
+deleteAuditSuppression_resourceIdentifier :: Lens.Lens' DeleteAuditSuppression ResourceIdentifier
+deleteAuditSuppression_resourceIdentifier = Lens.lens (\DeleteAuditSuppression' {resourceIdentifier} -> resourceIdentifier) (\s@DeleteAuditSuppression' {} a -> s {resourceIdentifier = a} :: DeleteAuditSuppression)
+
+instance Core.AWSRequest DeleteAuditSuppression where
+  type
+    AWSResponse DeleteAuditSuppression =
+      DeleteAuditSuppressionResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteAuditSuppressionResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteAuditSuppression where
+  hashWithSalt _salt DeleteAuditSuppression' {..} =
+    _salt
+      `Prelude.hashWithSalt` checkName
+      `Prelude.hashWithSalt` resourceIdentifier
+
+instance Prelude.NFData DeleteAuditSuppression where
+  rnf DeleteAuditSuppression' {..} =
+    Prelude.rnf checkName
+      `Prelude.seq` Prelude.rnf resourceIdentifier
+
+instance Data.ToHeaders DeleteAuditSuppression where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON DeleteAuditSuppression where
+  toJSON DeleteAuditSuppression' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("checkName" Data..= checkName),
+            Prelude.Just
+              ("resourceIdentifier" Data..= resourceIdentifier)
+          ]
+      )
+
+instance Data.ToPath DeleteAuditSuppression where
+  toPath = Prelude.const "/audit/suppressions/delete"
+
+instance Data.ToQuery DeleteAuditSuppression where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteAuditSuppressionResponse' smart constructor.
+data DeleteAuditSuppressionResponse = DeleteAuditSuppressionResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteAuditSuppressionResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteAuditSuppressionResponse_httpStatus' - The response's http status code.
+newDeleteAuditSuppressionResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteAuditSuppressionResponse
+newDeleteAuditSuppressionResponse pHttpStatus_ =
+  DeleteAuditSuppressionResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+deleteAuditSuppressionResponse_httpStatus :: Lens.Lens' DeleteAuditSuppressionResponse Prelude.Int
+deleteAuditSuppressionResponse_httpStatus = Lens.lens (\DeleteAuditSuppressionResponse' {httpStatus} -> httpStatus) (\s@DeleteAuditSuppressionResponse' {} a -> s {httpStatus = a} :: DeleteAuditSuppressionResponse)
+
+instance
+  Prelude.NFData
+    DeleteAuditSuppressionResponse
+  where
+  rnf DeleteAuditSuppressionResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DeleteAuthorizer.hs b/gen/Amazonka/IoT/DeleteAuthorizer.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteAuthorizer.hs
@@ -0,0 +1,147 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteAuthorizer
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes an authorizer.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeleteAuthorizer>
+-- action.
+module Amazonka.IoT.DeleteAuthorizer
+  ( -- * Creating a Request
+    DeleteAuthorizer (..),
+    newDeleteAuthorizer,
+
+    -- * Request Lenses
+    deleteAuthorizer_authorizerName,
+
+    -- * Destructuring the Response
+    DeleteAuthorizerResponse (..),
+    newDeleteAuthorizerResponse,
+
+    -- * Response Lenses
+    deleteAuthorizerResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDeleteAuthorizer' smart constructor.
+data DeleteAuthorizer = DeleteAuthorizer'
+  { -- | The name of the authorizer to delete.
+    authorizerName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteAuthorizer' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'authorizerName', 'deleteAuthorizer_authorizerName' - The name of the authorizer to delete.
+newDeleteAuthorizer ::
+  -- | 'authorizerName'
+  Prelude.Text ->
+  DeleteAuthorizer
+newDeleteAuthorizer pAuthorizerName_ =
+  DeleteAuthorizer'
+    { authorizerName =
+        pAuthorizerName_
+    }
+
+-- | The name of the authorizer to delete.
+deleteAuthorizer_authorizerName :: Lens.Lens' DeleteAuthorizer Prelude.Text
+deleteAuthorizer_authorizerName = Lens.lens (\DeleteAuthorizer' {authorizerName} -> authorizerName) (\s@DeleteAuthorizer' {} a -> s {authorizerName = a} :: DeleteAuthorizer)
+
+instance Core.AWSRequest DeleteAuthorizer where
+  type
+    AWSResponse DeleteAuthorizer =
+      DeleteAuthorizerResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteAuthorizerResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteAuthorizer where
+  hashWithSalt _salt DeleteAuthorizer' {..} =
+    _salt `Prelude.hashWithSalt` authorizerName
+
+instance Prelude.NFData DeleteAuthorizer where
+  rnf DeleteAuthorizer' {..} =
+    Prelude.rnf authorizerName
+
+instance Data.ToHeaders DeleteAuthorizer where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeleteAuthorizer where
+  toPath DeleteAuthorizer' {..} =
+    Prelude.mconcat
+      ["/authorizer/", Data.toBS authorizerName]
+
+instance Data.ToQuery DeleteAuthorizer where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteAuthorizerResponse' smart constructor.
+data DeleteAuthorizerResponse = DeleteAuthorizerResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteAuthorizerResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteAuthorizerResponse_httpStatus' - The response's http status code.
+newDeleteAuthorizerResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteAuthorizerResponse
+newDeleteAuthorizerResponse pHttpStatus_ =
+  DeleteAuthorizerResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+deleteAuthorizerResponse_httpStatus :: Lens.Lens' DeleteAuthorizerResponse Prelude.Int
+deleteAuthorizerResponse_httpStatus = Lens.lens (\DeleteAuthorizerResponse' {httpStatus} -> httpStatus) (\s@DeleteAuthorizerResponse' {} a -> s {httpStatus = a} :: DeleteAuthorizerResponse)
+
+instance Prelude.NFData DeleteAuthorizerResponse where
+  rnf DeleteAuthorizerResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DeleteBillingGroup.hs b/gen/Amazonka/IoT/DeleteBillingGroup.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteBillingGroup.hs
@@ -0,0 +1,171 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteBillingGroup
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes the billing group.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeleteBillingGroup>
+-- action.
+module Amazonka.IoT.DeleteBillingGroup
+  ( -- * Creating a Request
+    DeleteBillingGroup (..),
+    newDeleteBillingGroup,
+
+    -- * Request Lenses
+    deleteBillingGroup_expectedVersion,
+    deleteBillingGroup_billingGroupName,
+
+    -- * Destructuring the Response
+    DeleteBillingGroupResponse (..),
+    newDeleteBillingGroupResponse,
+
+    -- * Response Lenses
+    deleteBillingGroupResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDeleteBillingGroup' smart constructor.
+data DeleteBillingGroup = DeleteBillingGroup'
+  { -- | The expected version of the billing group. If the version of the billing
+    -- group does not match the expected version specified in the request, the
+    -- @DeleteBillingGroup@ request is rejected with a
+    -- @VersionConflictException@.
+    expectedVersion :: Prelude.Maybe Prelude.Integer,
+    -- | The name of the billing group.
+    billingGroupName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteBillingGroup' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'expectedVersion', 'deleteBillingGroup_expectedVersion' - The expected version of the billing group. If the version of the billing
+-- group does not match the expected version specified in the request, the
+-- @DeleteBillingGroup@ request is rejected with a
+-- @VersionConflictException@.
+--
+-- 'billingGroupName', 'deleteBillingGroup_billingGroupName' - The name of the billing group.
+newDeleteBillingGroup ::
+  -- | 'billingGroupName'
+  Prelude.Text ->
+  DeleteBillingGroup
+newDeleteBillingGroup pBillingGroupName_ =
+  DeleteBillingGroup'
+    { expectedVersion =
+        Prelude.Nothing,
+      billingGroupName = pBillingGroupName_
+    }
+
+-- | The expected version of the billing group. If the version of the billing
+-- group does not match the expected version specified in the request, the
+-- @DeleteBillingGroup@ request is rejected with a
+-- @VersionConflictException@.
+deleteBillingGroup_expectedVersion :: Lens.Lens' DeleteBillingGroup (Prelude.Maybe Prelude.Integer)
+deleteBillingGroup_expectedVersion = Lens.lens (\DeleteBillingGroup' {expectedVersion} -> expectedVersion) (\s@DeleteBillingGroup' {} a -> s {expectedVersion = a} :: DeleteBillingGroup)
+
+-- | The name of the billing group.
+deleteBillingGroup_billingGroupName :: Lens.Lens' DeleteBillingGroup Prelude.Text
+deleteBillingGroup_billingGroupName = Lens.lens (\DeleteBillingGroup' {billingGroupName} -> billingGroupName) (\s@DeleteBillingGroup' {} a -> s {billingGroupName = a} :: DeleteBillingGroup)
+
+instance Core.AWSRequest DeleteBillingGroup where
+  type
+    AWSResponse DeleteBillingGroup =
+      DeleteBillingGroupResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteBillingGroupResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteBillingGroup where
+  hashWithSalt _salt DeleteBillingGroup' {..} =
+    _salt
+      `Prelude.hashWithSalt` expectedVersion
+      `Prelude.hashWithSalt` billingGroupName
+
+instance Prelude.NFData DeleteBillingGroup where
+  rnf DeleteBillingGroup' {..} =
+    Prelude.rnf expectedVersion
+      `Prelude.seq` Prelude.rnf billingGroupName
+
+instance Data.ToHeaders DeleteBillingGroup where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeleteBillingGroup where
+  toPath DeleteBillingGroup' {..} =
+    Prelude.mconcat
+      ["/billing-groups/", Data.toBS billingGroupName]
+
+instance Data.ToQuery DeleteBillingGroup where
+  toQuery DeleteBillingGroup' {..} =
+    Prelude.mconcat
+      ["expectedVersion" Data.=: expectedVersion]
+
+-- | /See:/ 'newDeleteBillingGroupResponse' smart constructor.
+data DeleteBillingGroupResponse = DeleteBillingGroupResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteBillingGroupResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteBillingGroupResponse_httpStatus' - The response's http status code.
+newDeleteBillingGroupResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteBillingGroupResponse
+newDeleteBillingGroupResponse pHttpStatus_ =
+  DeleteBillingGroupResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+deleteBillingGroupResponse_httpStatus :: Lens.Lens' DeleteBillingGroupResponse Prelude.Int
+deleteBillingGroupResponse_httpStatus = Lens.lens (\DeleteBillingGroupResponse' {httpStatus} -> httpStatus) (\s@DeleteBillingGroupResponse' {} a -> s {httpStatus = a} :: DeleteBillingGroupResponse)
+
+instance Prelude.NFData DeleteBillingGroupResponse where
+  rnf DeleteBillingGroupResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DeleteCACertificate.hs b/gen/Amazonka/IoT/DeleteCACertificate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteCACertificate.hs
@@ -0,0 +1,154 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteCACertificate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes a registered CA certificate.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeleteCACertificate>
+-- action.
+module Amazonka.IoT.DeleteCACertificate
+  ( -- * Creating a Request
+    DeleteCACertificate (..),
+    newDeleteCACertificate,
+
+    -- * Request Lenses
+    deleteCACertificate_certificateId,
+
+    -- * Destructuring the Response
+    DeleteCACertificateResponse (..),
+    newDeleteCACertificateResponse,
+
+    -- * Response Lenses
+    deleteCACertificateResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | Input for the DeleteCACertificate operation.
+--
+-- /See:/ 'newDeleteCACertificate' smart constructor.
+data DeleteCACertificate = DeleteCACertificate'
+  { -- | The ID of the certificate to delete. (The last part of the certificate
+    -- ARN contains the certificate ID.)
+    certificateId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteCACertificate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificateId', 'deleteCACertificate_certificateId' - The ID of the certificate to delete. (The last part of the certificate
+-- ARN contains the certificate ID.)
+newDeleteCACertificate ::
+  -- | 'certificateId'
+  Prelude.Text ->
+  DeleteCACertificate
+newDeleteCACertificate pCertificateId_ =
+  DeleteCACertificate'
+    { certificateId =
+        pCertificateId_
+    }
+
+-- | The ID of the certificate to delete. (The last part of the certificate
+-- ARN contains the certificate ID.)
+deleteCACertificate_certificateId :: Lens.Lens' DeleteCACertificate Prelude.Text
+deleteCACertificate_certificateId = Lens.lens (\DeleteCACertificate' {certificateId} -> certificateId) (\s@DeleteCACertificate' {} a -> s {certificateId = a} :: DeleteCACertificate)
+
+instance Core.AWSRequest DeleteCACertificate where
+  type
+    AWSResponse DeleteCACertificate =
+      DeleteCACertificateResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteCACertificateResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteCACertificate where
+  hashWithSalt _salt DeleteCACertificate' {..} =
+    _salt `Prelude.hashWithSalt` certificateId
+
+instance Prelude.NFData DeleteCACertificate where
+  rnf DeleteCACertificate' {..} =
+    Prelude.rnf certificateId
+
+instance Data.ToHeaders DeleteCACertificate where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeleteCACertificate where
+  toPath DeleteCACertificate' {..} =
+    Prelude.mconcat
+      ["/cacertificate/", Data.toBS certificateId]
+
+instance Data.ToQuery DeleteCACertificate where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | The output for the DeleteCACertificate operation.
+--
+-- /See:/ 'newDeleteCACertificateResponse' smart constructor.
+data DeleteCACertificateResponse = DeleteCACertificateResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteCACertificateResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteCACertificateResponse_httpStatus' - The response's http status code.
+newDeleteCACertificateResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteCACertificateResponse
+newDeleteCACertificateResponse pHttpStatus_ =
+  DeleteCACertificateResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+deleteCACertificateResponse_httpStatus :: Lens.Lens' DeleteCACertificateResponse Prelude.Int
+deleteCACertificateResponse_httpStatus = Lens.lens (\DeleteCACertificateResponse' {httpStatus} -> httpStatus) (\s@DeleteCACertificateResponse' {} a -> s {httpStatus = a} :: DeleteCACertificateResponse)
+
+instance Prelude.NFData DeleteCACertificateResponse where
+  rnf DeleteCACertificateResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DeleteCertificate.hs b/gen/Amazonka/IoT/DeleteCertificate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteCertificate.hs
@@ -0,0 +1,150 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteCertificate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes the specified certificate.
+--
+-- A certificate cannot be deleted if it has a policy or IoT thing attached
+-- to it or if its status is set to ACTIVE. To delete a certificate, first
+-- use the DetachPolicy action to detach all policies. Next, use the
+-- UpdateCertificate action to set the certificate to the INACTIVE status.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeleteCertificate>
+-- action.
+module Amazonka.IoT.DeleteCertificate
+  ( -- * Creating a Request
+    DeleteCertificate (..),
+    newDeleteCertificate,
+
+    -- * Request Lenses
+    deleteCertificate_forceDelete,
+    deleteCertificate_certificateId,
+
+    -- * Destructuring the Response
+    DeleteCertificateResponse (..),
+    newDeleteCertificateResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the DeleteCertificate operation.
+--
+-- /See:/ 'newDeleteCertificate' smart constructor.
+data DeleteCertificate = DeleteCertificate'
+  { -- | Forces the deletion of a certificate if it is inactive and is not
+    -- attached to an IoT thing.
+    forceDelete :: Prelude.Maybe Prelude.Bool,
+    -- | The ID of the certificate. (The last part of the certificate ARN
+    -- contains the certificate ID.)
+    certificateId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteCertificate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'forceDelete', 'deleteCertificate_forceDelete' - Forces the deletion of a certificate if it is inactive and is not
+-- attached to an IoT thing.
+--
+-- 'certificateId', 'deleteCertificate_certificateId' - The ID of the certificate. (The last part of the certificate ARN
+-- contains the certificate ID.)
+newDeleteCertificate ::
+  -- | 'certificateId'
+  Prelude.Text ->
+  DeleteCertificate
+newDeleteCertificate pCertificateId_ =
+  DeleteCertificate'
+    { forceDelete = Prelude.Nothing,
+      certificateId = pCertificateId_
+    }
+
+-- | Forces the deletion of a certificate if it is inactive and is not
+-- attached to an IoT thing.
+deleteCertificate_forceDelete :: Lens.Lens' DeleteCertificate (Prelude.Maybe Prelude.Bool)
+deleteCertificate_forceDelete = Lens.lens (\DeleteCertificate' {forceDelete} -> forceDelete) (\s@DeleteCertificate' {} a -> s {forceDelete = a} :: DeleteCertificate)
+
+-- | The ID of the certificate. (The last part of the certificate ARN
+-- contains the certificate ID.)
+deleteCertificate_certificateId :: Lens.Lens' DeleteCertificate Prelude.Text
+deleteCertificate_certificateId = Lens.lens (\DeleteCertificate' {certificateId} -> certificateId) (\s@DeleteCertificate' {} a -> s {certificateId = a} :: DeleteCertificate)
+
+instance Core.AWSRequest DeleteCertificate where
+  type
+    AWSResponse DeleteCertificate =
+      DeleteCertificateResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveNull DeleteCertificateResponse'
+
+instance Prelude.Hashable DeleteCertificate where
+  hashWithSalt _salt DeleteCertificate' {..} =
+    _salt
+      `Prelude.hashWithSalt` forceDelete
+      `Prelude.hashWithSalt` certificateId
+
+instance Prelude.NFData DeleteCertificate where
+  rnf DeleteCertificate' {..} =
+    Prelude.rnf forceDelete
+      `Prelude.seq` Prelude.rnf certificateId
+
+instance Data.ToHeaders DeleteCertificate where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeleteCertificate where
+  toPath DeleteCertificate' {..} =
+    Prelude.mconcat
+      ["/certificates/", Data.toBS certificateId]
+
+instance Data.ToQuery DeleteCertificate where
+  toQuery DeleteCertificate' {..} =
+    Prelude.mconcat ["forceDelete" Data.=: forceDelete]
+
+-- | /See:/ 'newDeleteCertificateResponse' smart constructor.
+data DeleteCertificateResponse = DeleteCertificateResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteCertificateResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newDeleteCertificateResponse ::
+  DeleteCertificateResponse
+newDeleteCertificateResponse =
+  DeleteCertificateResponse'
+
+instance Prelude.NFData DeleteCertificateResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/IoT/DeleteCustomMetric.hs b/gen/Amazonka/IoT/DeleteCustomMetric.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteCustomMetric.hs
@@ -0,0 +1,149 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteCustomMetric
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes a Device Defender detect custom metric.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeleteCustomMetric>
+-- action.
+--
+-- Before you can delete a custom metric, you must first remove the custom
+-- metric from all security profiles it\'s a part of. The security profile
+-- associated with the custom metric can be found using the
+-- <https://docs.aws.amazon.com/iot/latest/apireference/API_ListSecurityProfiles.html ListSecurityProfiles>
+-- API with @metricName@ set to your custom metric name.
+module Amazonka.IoT.DeleteCustomMetric
+  ( -- * Creating a Request
+    DeleteCustomMetric (..),
+    newDeleteCustomMetric,
+
+    -- * Request Lenses
+    deleteCustomMetric_metricName,
+
+    -- * Destructuring the Response
+    DeleteCustomMetricResponse (..),
+    newDeleteCustomMetricResponse,
+
+    -- * Response Lenses
+    deleteCustomMetricResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDeleteCustomMetric' smart constructor.
+data DeleteCustomMetric = DeleteCustomMetric'
+  { -- | The name of the custom metric.
+    metricName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteCustomMetric' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'metricName', 'deleteCustomMetric_metricName' - The name of the custom metric.
+newDeleteCustomMetric ::
+  -- | 'metricName'
+  Prelude.Text ->
+  DeleteCustomMetric
+newDeleteCustomMetric pMetricName_ =
+  DeleteCustomMetric' {metricName = pMetricName_}
+
+-- | The name of the custom metric.
+deleteCustomMetric_metricName :: Lens.Lens' DeleteCustomMetric Prelude.Text
+deleteCustomMetric_metricName = Lens.lens (\DeleteCustomMetric' {metricName} -> metricName) (\s@DeleteCustomMetric' {} a -> s {metricName = a} :: DeleteCustomMetric)
+
+instance Core.AWSRequest DeleteCustomMetric where
+  type
+    AWSResponse DeleteCustomMetric =
+      DeleteCustomMetricResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteCustomMetricResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteCustomMetric where
+  hashWithSalt _salt DeleteCustomMetric' {..} =
+    _salt `Prelude.hashWithSalt` metricName
+
+instance Prelude.NFData DeleteCustomMetric where
+  rnf DeleteCustomMetric' {..} = Prelude.rnf metricName
+
+instance Data.ToHeaders DeleteCustomMetric where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeleteCustomMetric where
+  toPath DeleteCustomMetric' {..} =
+    Prelude.mconcat
+      ["/custom-metric/", Data.toBS metricName]
+
+instance Data.ToQuery DeleteCustomMetric where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteCustomMetricResponse' smart constructor.
+data DeleteCustomMetricResponse = DeleteCustomMetricResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteCustomMetricResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteCustomMetricResponse_httpStatus' - The response's http status code.
+newDeleteCustomMetricResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteCustomMetricResponse
+newDeleteCustomMetricResponse pHttpStatus_ =
+  DeleteCustomMetricResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+deleteCustomMetricResponse_httpStatus :: Lens.Lens' DeleteCustomMetricResponse Prelude.Int
+deleteCustomMetricResponse_httpStatus = Lens.lens (\DeleteCustomMetricResponse' {httpStatus} -> httpStatus) (\s@DeleteCustomMetricResponse' {} a -> s {httpStatus = a} :: DeleteCustomMetricResponse)
+
+instance Prelude.NFData DeleteCustomMetricResponse where
+  rnf DeleteCustomMetricResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DeleteDimension.hs b/gen/Amazonka/IoT/DeleteDimension.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteDimension.hs
@@ -0,0 +1,139 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteDimension
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Removes the specified dimension from your Amazon Web Services accounts.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeleteDimension>
+-- action.
+module Amazonka.IoT.DeleteDimension
+  ( -- * Creating a Request
+    DeleteDimension (..),
+    newDeleteDimension,
+
+    -- * Request Lenses
+    deleteDimension_name,
+
+    -- * Destructuring the Response
+    DeleteDimensionResponse (..),
+    newDeleteDimensionResponse,
+
+    -- * Response Lenses
+    deleteDimensionResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDeleteDimension' smart constructor.
+data DeleteDimension = DeleteDimension'
+  { -- | The unique identifier for the dimension that you want to delete.
+    name :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteDimension' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'name', 'deleteDimension_name' - The unique identifier for the dimension that you want to delete.
+newDeleteDimension ::
+  -- | 'name'
+  Prelude.Text ->
+  DeleteDimension
+newDeleteDimension pName_ =
+  DeleteDimension' {name = pName_}
+
+-- | The unique identifier for the dimension that you want to delete.
+deleteDimension_name :: Lens.Lens' DeleteDimension Prelude.Text
+deleteDimension_name = Lens.lens (\DeleteDimension' {name} -> name) (\s@DeleteDimension' {} a -> s {name = a} :: DeleteDimension)
+
+instance Core.AWSRequest DeleteDimension where
+  type
+    AWSResponse DeleteDimension =
+      DeleteDimensionResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteDimensionResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteDimension where
+  hashWithSalt _salt DeleteDimension' {..} =
+    _salt `Prelude.hashWithSalt` name
+
+instance Prelude.NFData DeleteDimension where
+  rnf DeleteDimension' {..} = Prelude.rnf name
+
+instance Data.ToHeaders DeleteDimension where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeleteDimension where
+  toPath DeleteDimension' {..} =
+    Prelude.mconcat ["/dimensions/", Data.toBS name]
+
+instance Data.ToQuery DeleteDimension where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteDimensionResponse' smart constructor.
+data DeleteDimensionResponse = DeleteDimensionResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteDimensionResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteDimensionResponse_httpStatus' - The response's http status code.
+newDeleteDimensionResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteDimensionResponse
+newDeleteDimensionResponse pHttpStatus_ =
+  DeleteDimensionResponse' {httpStatus = pHttpStatus_}
+
+-- | The response's http status code.
+deleteDimensionResponse_httpStatus :: Lens.Lens' DeleteDimensionResponse Prelude.Int
+deleteDimensionResponse_httpStatus = Lens.lens (\DeleteDimensionResponse' {httpStatus} -> httpStatus) (\s@DeleteDimensionResponse' {} a -> s {httpStatus = a} :: DeleteDimensionResponse)
+
+instance Prelude.NFData DeleteDimensionResponse where
+  rnf DeleteDimensionResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DeleteDomainConfiguration.hs b/gen/Amazonka/IoT/DeleteDomainConfiguration.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteDomainConfiguration.hs
@@ -0,0 +1,154 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteDomainConfiguration
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes the specified domain configuration.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeleteDomainConfiguration>
+-- action.
+module Amazonka.IoT.DeleteDomainConfiguration
+  ( -- * Creating a Request
+    DeleteDomainConfiguration (..),
+    newDeleteDomainConfiguration,
+
+    -- * Request Lenses
+    deleteDomainConfiguration_domainConfigurationName,
+
+    -- * Destructuring the Response
+    DeleteDomainConfigurationResponse (..),
+    newDeleteDomainConfigurationResponse,
+
+    -- * Response Lenses
+    deleteDomainConfigurationResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDeleteDomainConfiguration' smart constructor.
+data DeleteDomainConfiguration = DeleteDomainConfiguration'
+  { -- | The name of the domain configuration to be deleted.
+    domainConfigurationName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteDomainConfiguration' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'domainConfigurationName', 'deleteDomainConfiguration_domainConfigurationName' - The name of the domain configuration to be deleted.
+newDeleteDomainConfiguration ::
+  -- | 'domainConfigurationName'
+  Prelude.Text ->
+  DeleteDomainConfiguration
+newDeleteDomainConfiguration
+  pDomainConfigurationName_ =
+    DeleteDomainConfiguration'
+      { domainConfigurationName =
+          pDomainConfigurationName_
+      }
+
+-- | The name of the domain configuration to be deleted.
+deleteDomainConfiguration_domainConfigurationName :: Lens.Lens' DeleteDomainConfiguration Prelude.Text
+deleteDomainConfiguration_domainConfigurationName = Lens.lens (\DeleteDomainConfiguration' {domainConfigurationName} -> domainConfigurationName) (\s@DeleteDomainConfiguration' {} a -> s {domainConfigurationName = a} :: DeleteDomainConfiguration)
+
+instance Core.AWSRequest DeleteDomainConfiguration where
+  type
+    AWSResponse DeleteDomainConfiguration =
+      DeleteDomainConfigurationResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteDomainConfigurationResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteDomainConfiguration where
+  hashWithSalt _salt DeleteDomainConfiguration' {..} =
+    _salt
+      `Prelude.hashWithSalt` domainConfigurationName
+
+instance Prelude.NFData DeleteDomainConfiguration where
+  rnf DeleteDomainConfiguration' {..} =
+    Prelude.rnf domainConfigurationName
+
+instance Data.ToHeaders DeleteDomainConfiguration where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeleteDomainConfiguration where
+  toPath DeleteDomainConfiguration' {..} =
+    Prelude.mconcat
+      [ "/domainConfigurations/",
+        Data.toBS domainConfigurationName
+      ]
+
+instance Data.ToQuery DeleteDomainConfiguration where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteDomainConfigurationResponse' smart constructor.
+data DeleteDomainConfigurationResponse = DeleteDomainConfigurationResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteDomainConfigurationResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteDomainConfigurationResponse_httpStatus' - The response's http status code.
+newDeleteDomainConfigurationResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteDomainConfigurationResponse
+newDeleteDomainConfigurationResponse pHttpStatus_ =
+  DeleteDomainConfigurationResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+deleteDomainConfigurationResponse_httpStatus :: Lens.Lens' DeleteDomainConfigurationResponse Prelude.Int
+deleteDomainConfigurationResponse_httpStatus = Lens.lens (\DeleteDomainConfigurationResponse' {httpStatus} -> httpStatus) (\s@DeleteDomainConfigurationResponse' {} a -> s {httpStatus = a} :: DeleteDomainConfigurationResponse)
+
+instance
+  Prelude.NFData
+    DeleteDomainConfigurationResponse
+  where
+  rnf DeleteDomainConfigurationResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DeleteDynamicThingGroup.hs b/gen/Amazonka/IoT/DeleteDynamicThingGroup.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteDynamicThingGroup.hs
@@ -0,0 +1,165 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteDynamicThingGroup
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes a dynamic thing group.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeleteDynamicThingGroup>
+-- action.
+module Amazonka.IoT.DeleteDynamicThingGroup
+  ( -- * Creating a Request
+    DeleteDynamicThingGroup (..),
+    newDeleteDynamicThingGroup,
+
+    -- * Request Lenses
+    deleteDynamicThingGroup_expectedVersion,
+    deleteDynamicThingGroup_thingGroupName,
+
+    -- * Destructuring the Response
+    DeleteDynamicThingGroupResponse (..),
+    newDeleteDynamicThingGroupResponse,
+
+    -- * Response Lenses
+    deleteDynamicThingGroupResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDeleteDynamicThingGroup' smart constructor.
+data DeleteDynamicThingGroup = DeleteDynamicThingGroup'
+  { -- | The expected version of the dynamic thing group to delete.
+    expectedVersion :: Prelude.Maybe Prelude.Integer,
+    -- | The name of the dynamic thing group to delete.
+    thingGroupName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteDynamicThingGroup' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'expectedVersion', 'deleteDynamicThingGroup_expectedVersion' - The expected version of the dynamic thing group to delete.
+--
+-- 'thingGroupName', 'deleteDynamicThingGroup_thingGroupName' - The name of the dynamic thing group to delete.
+newDeleteDynamicThingGroup ::
+  -- | 'thingGroupName'
+  Prelude.Text ->
+  DeleteDynamicThingGroup
+newDeleteDynamicThingGroup pThingGroupName_ =
+  DeleteDynamicThingGroup'
+    { expectedVersion =
+        Prelude.Nothing,
+      thingGroupName = pThingGroupName_
+    }
+
+-- | The expected version of the dynamic thing group to delete.
+deleteDynamicThingGroup_expectedVersion :: Lens.Lens' DeleteDynamicThingGroup (Prelude.Maybe Prelude.Integer)
+deleteDynamicThingGroup_expectedVersion = Lens.lens (\DeleteDynamicThingGroup' {expectedVersion} -> expectedVersion) (\s@DeleteDynamicThingGroup' {} a -> s {expectedVersion = a} :: DeleteDynamicThingGroup)
+
+-- | The name of the dynamic thing group to delete.
+deleteDynamicThingGroup_thingGroupName :: Lens.Lens' DeleteDynamicThingGroup Prelude.Text
+deleteDynamicThingGroup_thingGroupName = Lens.lens (\DeleteDynamicThingGroup' {thingGroupName} -> thingGroupName) (\s@DeleteDynamicThingGroup' {} a -> s {thingGroupName = a} :: DeleteDynamicThingGroup)
+
+instance Core.AWSRequest DeleteDynamicThingGroup where
+  type
+    AWSResponse DeleteDynamicThingGroup =
+      DeleteDynamicThingGroupResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteDynamicThingGroupResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteDynamicThingGroup where
+  hashWithSalt _salt DeleteDynamicThingGroup' {..} =
+    _salt
+      `Prelude.hashWithSalt` expectedVersion
+      `Prelude.hashWithSalt` thingGroupName
+
+instance Prelude.NFData DeleteDynamicThingGroup where
+  rnf DeleteDynamicThingGroup' {..} =
+    Prelude.rnf expectedVersion
+      `Prelude.seq` Prelude.rnf thingGroupName
+
+instance Data.ToHeaders DeleteDynamicThingGroup where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeleteDynamicThingGroup where
+  toPath DeleteDynamicThingGroup' {..} =
+    Prelude.mconcat
+      ["/dynamic-thing-groups/", Data.toBS thingGroupName]
+
+instance Data.ToQuery DeleteDynamicThingGroup where
+  toQuery DeleteDynamicThingGroup' {..} =
+    Prelude.mconcat
+      ["expectedVersion" Data.=: expectedVersion]
+
+-- | /See:/ 'newDeleteDynamicThingGroupResponse' smart constructor.
+data DeleteDynamicThingGroupResponse = DeleteDynamicThingGroupResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteDynamicThingGroupResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteDynamicThingGroupResponse_httpStatus' - The response's http status code.
+newDeleteDynamicThingGroupResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteDynamicThingGroupResponse
+newDeleteDynamicThingGroupResponse pHttpStatus_ =
+  DeleteDynamicThingGroupResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+deleteDynamicThingGroupResponse_httpStatus :: Lens.Lens' DeleteDynamicThingGroupResponse Prelude.Int
+deleteDynamicThingGroupResponse_httpStatus = Lens.lens (\DeleteDynamicThingGroupResponse' {httpStatus} -> httpStatus) (\s@DeleteDynamicThingGroupResponse' {} a -> s {httpStatus = a} :: DeleteDynamicThingGroupResponse)
+
+instance
+  Prelude.NFData
+    DeleteDynamicThingGroupResponse
+  where
+  rnf DeleteDynamicThingGroupResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DeleteFleetMetric.hs b/gen/Amazonka/IoT/DeleteFleetMetric.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteFleetMetric.hs
@@ -0,0 +1,141 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteFleetMetric
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes the specified fleet metric. Returns successfully with no error
+-- if the deletion is successful or you specify a fleet metric that
+-- doesn\'t exist.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeleteFleetMetric>
+-- action.
+module Amazonka.IoT.DeleteFleetMetric
+  ( -- * Creating a Request
+    DeleteFleetMetric (..),
+    newDeleteFleetMetric,
+
+    -- * Request Lenses
+    deleteFleetMetric_expectedVersion,
+    deleteFleetMetric_metricName,
+
+    -- * Destructuring the Response
+    DeleteFleetMetricResponse (..),
+    newDeleteFleetMetricResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDeleteFleetMetric' smart constructor.
+data DeleteFleetMetric = DeleteFleetMetric'
+  { -- | The expected version of the fleet metric to delete.
+    expectedVersion :: Prelude.Maybe Prelude.Integer,
+    -- | The name of the fleet metric to delete.
+    metricName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteFleetMetric' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'expectedVersion', 'deleteFleetMetric_expectedVersion' - The expected version of the fleet metric to delete.
+--
+-- 'metricName', 'deleteFleetMetric_metricName' - The name of the fleet metric to delete.
+newDeleteFleetMetric ::
+  -- | 'metricName'
+  Prelude.Text ->
+  DeleteFleetMetric
+newDeleteFleetMetric pMetricName_ =
+  DeleteFleetMetric'
+    { expectedVersion =
+        Prelude.Nothing,
+      metricName = pMetricName_
+    }
+
+-- | The expected version of the fleet metric to delete.
+deleteFleetMetric_expectedVersion :: Lens.Lens' DeleteFleetMetric (Prelude.Maybe Prelude.Integer)
+deleteFleetMetric_expectedVersion = Lens.lens (\DeleteFleetMetric' {expectedVersion} -> expectedVersion) (\s@DeleteFleetMetric' {} a -> s {expectedVersion = a} :: DeleteFleetMetric)
+
+-- | The name of the fleet metric to delete.
+deleteFleetMetric_metricName :: Lens.Lens' DeleteFleetMetric Prelude.Text
+deleteFleetMetric_metricName = Lens.lens (\DeleteFleetMetric' {metricName} -> metricName) (\s@DeleteFleetMetric' {} a -> s {metricName = a} :: DeleteFleetMetric)
+
+instance Core.AWSRequest DeleteFleetMetric where
+  type
+    AWSResponse DeleteFleetMetric =
+      DeleteFleetMetricResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveNull DeleteFleetMetricResponse'
+
+instance Prelude.Hashable DeleteFleetMetric where
+  hashWithSalt _salt DeleteFleetMetric' {..} =
+    _salt
+      `Prelude.hashWithSalt` expectedVersion
+      `Prelude.hashWithSalt` metricName
+
+instance Prelude.NFData DeleteFleetMetric where
+  rnf DeleteFleetMetric' {..} =
+    Prelude.rnf expectedVersion
+      `Prelude.seq` Prelude.rnf metricName
+
+instance Data.ToHeaders DeleteFleetMetric where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeleteFleetMetric where
+  toPath DeleteFleetMetric' {..} =
+    Prelude.mconcat
+      ["/fleet-metric/", Data.toBS metricName]
+
+instance Data.ToQuery DeleteFleetMetric where
+  toQuery DeleteFleetMetric' {..} =
+    Prelude.mconcat
+      ["expectedVersion" Data.=: expectedVersion]
+
+-- | /See:/ 'newDeleteFleetMetricResponse' smart constructor.
+data DeleteFleetMetricResponse = DeleteFleetMetricResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteFleetMetricResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newDeleteFleetMetricResponse ::
+  DeleteFleetMetricResponse
+newDeleteFleetMetricResponse =
+  DeleteFleetMetricResponse'
+
+instance Prelude.NFData DeleteFleetMetricResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/IoT/DeleteJob.hs b/gen/Amazonka/IoT/DeleteJob.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteJob.hs
@@ -0,0 +1,216 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteJob
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes a job and its related job executions.
+--
+-- Deleting a job may take time, depending on the number of job executions
+-- created for the job and various other factors. While the job is being
+-- deleted, the status of the job will be shown as
+-- \"DELETION_IN_PROGRESS\". Attempting to delete or cancel a job whose
+-- status is already \"DELETION_IN_PROGRESS\" will result in an error.
+--
+-- Only 10 jobs may have status \"DELETION_IN_PROGRESS\" at the same time,
+-- or a LimitExceededException will occur.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeleteJob>
+-- action.
+module Amazonka.IoT.DeleteJob
+  ( -- * Creating a Request
+    DeleteJob (..),
+    newDeleteJob,
+
+    -- * Request Lenses
+    deleteJob_force,
+    deleteJob_namespaceId,
+    deleteJob_jobId,
+
+    -- * Destructuring the Response
+    DeleteJobResponse (..),
+    newDeleteJobResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDeleteJob' smart constructor.
+data DeleteJob = DeleteJob'
+  { -- | (Optional) When true, you can delete a job which is \"IN_PROGRESS\".
+    -- Otherwise, you can only delete a job which is in a terminal state
+    -- (\"COMPLETED\" or \"CANCELED\") or an exception will occur. The default
+    -- is false.
+    --
+    -- Deleting a job which is \"IN_PROGRESS\", will cause a device which is
+    -- executing the job to be unable to access job information or update the
+    -- job execution status. Use caution and ensure that each device executing
+    -- a job which is deleted is able to recover to a valid state.
+    force :: Prelude.Maybe Prelude.Bool,
+    -- | The namespace used to indicate that a job is a customer-managed job.
+    --
+    -- When you specify a value for this parameter, Amazon Web Services IoT
+    -- Core sends jobs notifications to MQTT topics that contain the value in
+    -- the following format.
+    --
+    -- @$aws\/things\/@/@THING_NAME@/@\/jobs\/@/@JOB_ID@/@\/notify-namespace-@/@NAMESPACE_ID@/@\/@
+    --
+    -- The @namespaceId@ feature is in public preview.
+    namespaceId :: Prelude.Maybe Prelude.Text,
+    -- | The ID of the job to be deleted.
+    --
+    -- After a job deletion is completed, you may reuse this jobId when you
+    -- create a new job. However, this is not recommended, and you must ensure
+    -- that your devices are not using the jobId to refer to the deleted job.
+    jobId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteJob' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'force', 'deleteJob_force' - (Optional) When true, you can delete a job which is \"IN_PROGRESS\".
+-- Otherwise, you can only delete a job which is in a terminal state
+-- (\"COMPLETED\" or \"CANCELED\") or an exception will occur. The default
+-- is false.
+--
+-- Deleting a job which is \"IN_PROGRESS\", will cause a device which is
+-- executing the job to be unable to access job information or update the
+-- job execution status. Use caution and ensure that each device executing
+-- a job which is deleted is able to recover to a valid state.
+--
+-- 'namespaceId', 'deleteJob_namespaceId' - The namespace used to indicate that a job is a customer-managed job.
+--
+-- When you specify a value for this parameter, Amazon Web Services IoT
+-- Core sends jobs notifications to MQTT topics that contain the value in
+-- the following format.
+--
+-- @$aws\/things\/@/@THING_NAME@/@\/jobs\/@/@JOB_ID@/@\/notify-namespace-@/@NAMESPACE_ID@/@\/@
+--
+-- The @namespaceId@ feature is in public preview.
+--
+-- 'jobId', 'deleteJob_jobId' - The ID of the job to be deleted.
+--
+-- After a job deletion is completed, you may reuse this jobId when you
+-- create a new job. However, this is not recommended, and you must ensure
+-- that your devices are not using the jobId to refer to the deleted job.
+newDeleteJob ::
+  -- | 'jobId'
+  Prelude.Text ->
+  DeleteJob
+newDeleteJob pJobId_ =
+  DeleteJob'
+    { force = Prelude.Nothing,
+      namespaceId = Prelude.Nothing,
+      jobId = pJobId_
+    }
+
+-- | (Optional) When true, you can delete a job which is \"IN_PROGRESS\".
+-- Otherwise, you can only delete a job which is in a terminal state
+-- (\"COMPLETED\" or \"CANCELED\") or an exception will occur. The default
+-- is false.
+--
+-- Deleting a job which is \"IN_PROGRESS\", will cause a device which is
+-- executing the job to be unable to access job information or update the
+-- job execution status. Use caution and ensure that each device executing
+-- a job which is deleted is able to recover to a valid state.
+deleteJob_force :: Lens.Lens' DeleteJob (Prelude.Maybe Prelude.Bool)
+deleteJob_force = Lens.lens (\DeleteJob' {force} -> force) (\s@DeleteJob' {} a -> s {force = a} :: DeleteJob)
+
+-- | The namespace used to indicate that a job is a customer-managed job.
+--
+-- When you specify a value for this parameter, Amazon Web Services IoT
+-- Core sends jobs notifications to MQTT topics that contain the value in
+-- the following format.
+--
+-- @$aws\/things\/@/@THING_NAME@/@\/jobs\/@/@JOB_ID@/@\/notify-namespace-@/@NAMESPACE_ID@/@\/@
+--
+-- The @namespaceId@ feature is in public preview.
+deleteJob_namespaceId :: Lens.Lens' DeleteJob (Prelude.Maybe Prelude.Text)
+deleteJob_namespaceId = Lens.lens (\DeleteJob' {namespaceId} -> namespaceId) (\s@DeleteJob' {} a -> s {namespaceId = a} :: DeleteJob)
+
+-- | The ID of the job to be deleted.
+--
+-- After a job deletion is completed, you may reuse this jobId when you
+-- create a new job. However, this is not recommended, and you must ensure
+-- that your devices are not using the jobId to refer to the deleted job.
+deleteJob_jobId :: Lens.Lens' DeleteJob Prelude.Text
+deleteJob_jobId = Lens.lens (\DeleteJob' {jobId} -> jobId) (\s@DeleteJob' {} a -> s {jobId = a} :: DeleteJob)
+
+instance Core.AWSRequest DeleteJob where
+  type AWSResponse DeleteJob = DeleteJobResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response = Response.receiveNull DeleteJobResponse'
+
+instance Prelude.Hashable DeleteJob where
+  hashWithSalt _salt DeleteJob' {..} =
+    _salt
+      `Prelude.hashWithSalt` force
+      `Prelude.hashWithSalt` namespaceId
+      `Prelude.hashWithSalt` jobId
+
+instance Prelude.NFData DeleteJob where
+  rnf DeleteJob' {..} =
+    Prelude.rnf force
+      `Prelude.seq` Prelude.rnf namespaceId
+      `Prelude.seq` Prelude.rnf jobId
+
+instance Data.ToHeaders DeleteJob where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeleteJob where
+  toPath DeleteJob' {..} =
+    Prelude.mconcat ["/jobs/", Data.toBS jobId]
+
+instance Data.ToQuery DeleteJob where
+  toQuery DeleteJob' {..} =
+    Prelude.mconcat
+      [ "force" Data.=: force,
+        "namespaceId" Data.=: namespaceId
+      ]
+
+-- | /See:/ 'newDeleteJobResponse' smart constructor.
+data DeleteJobResponse = DeleteJobResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteJobResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newDeleteJobResponse ::
+  DeleteJobResponse
+newDeleteJobResponse = DeleteJobResponse'
+
+instance Prelude.NFData DeleteJobResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/IoT/DeleteJobExecution.hs b/gen/Amazonka/IoT/DeleteJobExecution.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteJobExecution.hs
@@ -0,0 +1,255 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteJobExecution
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes a job execution.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeleteJobExecution>
+-- action.
+module Amazonka.IoT.DeleteJobExecution
+  ( -- * Creating a Request
+    DeleteJobExecution (..),
+    newDeleteJobExecution,
+
+    -- * Request Lenses
+    deleteJobExecution_force,
+    deleteJobExecution_namespaceId,
+    deleteJobExecution_jobId,
+    deleteJobExecution_thingName,
+    deleteJobExecution_executionNumber,
+
+    -- * Destructuring the Response
+    DeleteJobExecutionResponse (..),
+    newDeleteJobExecutionResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDeleteJobExecution' smart constructor.
+data DeleteJobExecution = DeleteJobExecution'
+  { -- | (Optional) When true, you can delete a job execution which is
+    -- \"IN_PROGRESS\". Otherwise, you can only delete a job execution which is
+    -- in a terminal state (\"SUCCEEDED\", \"FAILED\", \"REJECTED\",
+    -- \"REMOVED\" or \"CANCELED\") or an exception will occur. The default is
+    -- false.
+    --
+    -- Deleting a job execution which is \"IN_PROGRESS\", will cause the device
+    -- to be unable to access job information or update the job execution
+    -- status. Use caution and ensure that the device is able to recover to a
+    -- valid state.
+    force :: Prelude.Maybe Prelude.Bool,
+    -- | The namespace used to indicate that a job is a customer-managed job.
+    --
+    -- When you specify a value for this parameter, Amazon Web Services IoT
+    -- Core sends jobs notifications to MQTT topics that contain the value in
+    -- the following format.
+    --
+    -- @$aws\/things\/@/@THING_NAME@/@\/jobs\/@/@JOB_ID@/@\/notify-namespace-@/@NAMESPACE_ID@/@\/@
+    --
+    -- The @namespaceId@ feature is in public preview.
+    namespaceId :: Prelude.Maybe Prelude.Text,
+    -- | The ID of the job whose execution on a particular device will be
+    -- deleted.
+    jobId :: Prelude.Text,
+    -- | The name of the thing whose job execution will be deleted.
+    thingName :: Prelude.Text,
+    -- | The ID of the job execution to be deleted. The @executionNumber@ refers
+    -- to the execution of a particular job on a particular device.
+    --
+    -- Note that once a job execution is deleted, the @executionNumber@ may be
+    -- reused by IoT, so be sure you get and use the correct value here.
+    executionNumber :: Prelude.Integer
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteJobExecution' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'force', 'deleteJobExecution_force' - (Optional) When true, you can delete a job execution which is
+-- \"IN_PROGRESS\". Otherwise, you can only delete a job execution which is
+-- in a terminal state (\"SUCCEEDED\", \"FAILED\", \"REJECTED\",
+-- \"REMOVED\" or \"CANCELED\") or an exception will occur. The default is
+-- false.
+--
+-- Deleting a job execution which is \"IN_PROGRESS\", will cause the device
+-- to be unable to access job information or update the job execution
+-- status. Use caution and ensure that the device is able to recover to a
+-- valid state.
+--
+-- 'namespaceId', 'deleteJobExecution_namespaceId' - The namespace used to indicate that a job is a customer-managed job.
+--
+-- When you specify a value for this parameter, Amazon Web Services IoT
+-- Core sends jobs notifications to MQTT topics that contain the value in
+-- the following format.
+--
+-- @$aws\/things\/@/@THING_NAME@/@\/jobs\/@/@JOB_ID@/@\/notify-namespace-@/@NAMESPACE_ID@/@\/@
+--
+-- The @namespaceId@ feature is in public preview.
+--
+-- 'jobId', 'deleteJobExecution_jobId' - The ID of the job whose execution on a particular device will be
+-- deleted.
+--
+-- 'thingName', 'deleteJobExecution_thingName' - The name of the thing whose job execution will be deleted.
+--
+-- 'executionNumber', 'deleteJobExecution_executionNumber' - The ID of the job execution to be deleted. The @executionNumber@ refers
+-- to the execution of a particular job on a particular device.
+--
+-- Note that once a job execution is deleted, the @executionNumber@ may be
+-- reused by IoT, so be sure you get and use the correct value here.
+newDeleteJobExecution ::
+  -- | 'jobId'
+  Prelude.Text ->
+  -- | 'thingName'
+  Prelude.Text ->
+  -- | 'executionNumber'
+  Prelude.Integer ->
+  DeleteJobExecution
+newDeleteJobExecution
+  pJobId_
+  pThingName_
+  pExecutionNumber_ =
+    DeleteJobExecution'
+      { force = Prelude.Nothing,
+        namespaceId = Prelude.Nothing,
+        jobId = pJobId_,
+        thingName = pThingName_,
+        executionNumber = pExecutionNumber_
+      }
+
+-- | (Optional) When true, you can delete a job execution which is
+-- \"IN_PROGRESS\". Otherwise, you can only delete a job execution which is
+-- in a terminal state (\"SUCCEEDED\", \"FAILED\", \"REJECTED\",
+-- \"REMOVED\" or \"CANCELED\") or an exception will occur. The default is
+-- false.
+--
+-- Deleting a job execution which is \"IN_PROGRESS\", will cause the device
+-- to be unable to access job information or update the job execution
+-- status. Use caution and ensure that the device is able to recover to a
+-- valid state.
+deleteJobExecution_force :: Lens.Lens' DeleteJobExecution (Prelude.Maybe Prelude.Bool)
+deleteJobExecution_force = Lens.lens (\DeleteJobExecution' {force} -> force) (\s@DeleteJobExecution' {} a -> s {force = a} :: DeleteJobExecution)
+
+-- | The namespace used to indicate that a job is a customer-managed job.
+--
+-- When you specify a value for this parameter, Amazon Web Services IoT
+-- Core sends jobs notifications to MQTT topics that contain the value in
+-- the following format.
+--
+-- @$aws\/things\/@/@THING_NAME@/@\/jobs\/@/@JOB_ID@/@\/notify-namespace-@/@NAMESPACE_ID@/@\/@
+--
+-- The @namespaceId@ feature is in public preview.
+deleteJobExecution_namespaceId :: Lens.Lens' DeleteJobExecution (Prelude.Maybe Prelude.Text)
+deleteJobExecution_namespaceId = Lens.lens (\DeleteJobExecution' {namespaceId} -> namespaceId) (\s@DeleteJobExecution' {} a -> s {namespaceId = a} :: DeleteJobExecution)
+
+-- | The ID of the job whose execution on a particular device will be
+-- deleted.
+deleteJobExecution_jobId :: Lens.Lens' DeleteJobExecution Prelude.Text
+deleteJobExecution_jobId = Lens.lens (\DeleteJobExecution' {jobId} -> jobId) (\s@DeleteJobExecution' {} a -> s {jobId = a} :: DeleteJobExecution)
+
+-- | The name of the thing whose job execution will be deleted.
+deleteJobExecution_thingName :: Lens.Lens' DeleteJobExecution Prelude.Text
+deleteJobExecution_thingName = Lens.lens (\DeleteJobExecution' {thingName} -> thingName) (\s@DeleteJobExecution' {} a -> s {thingName = a} :: DeleteJobExecution)
+
+-- | The ID of the job execution to be deleted. The @executionNumber@ refers
+-- to the execution of a particular job on a particular device.
+--
+-- Note that once a job execution is deleted, the @executionNumber@ may be
+-- reused by IoT, so be sure you get and use the correct value here.
+deleteJobExecution_executionNumber :: Lens.Lens' DeleteJobExecution Prelude.Integer
+deleteJobExecution_executionNumber = Lens.lens (\DeleteJobExecution' {executionNumber} -> executionNumber) (\s@DeleteJobExecution' {} a -> s {executionNumber = a} :: DeleteJobExecution)
+
+instance Core.AWSRequest DeleteJobExecution where
+  type
+    AWSResponse DeleteJobExecution =
+      DeleteJobExecutionResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveNull DeleteJobExecutionResponse'
+
+instance Prelude.Hashable DeleteJobExecution where
+  hashWithSalt _salt DeleteJobExecution' {..} =
+    _salt
+      `Prelude.hashWithSalt` force
+      `Prelude.hashWithSalt` namespaceId
+      `Prelude.hashWithSalt` jobId
+      `Prelude.hashWithSalt` thingName
+      `Prelude.hashWithSalt` executionNumber
+
+instance Prelude.NFData DeleteJobExecution where
+  rnf DeleteJobExecution' {..} =
+    Prelude.rnf force
+      `Prelude.seq` Prelude.rnf namespaceId
+      `Prelude.seq` Prelude.rnf jobId
+      `Prelude.seq` Prelude.rnf thingName
+      `Prelude.seq` Prelude.rnf executionNumber
+
+instance Data.ToHeaders DeleteJobExecution where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeleteJobExecution where
+  toPath DeleteJobExecution' {..} =
+    Prelude.mconcat
+      [ "/things/",
+        Data.toBS thingName,
+        "/jobs/",
+        Data.toBS jobId,
+        "/executionNumber/",
+        Data.toBS executionNumber
+      ]
+
+instance Data.ToQuery DeleteJobExecution where
+  toQuery DeleteJobExecution' {..} =
+    Prelude.mconcat
+      [ "force" Data.=: force,
+        "namespaceId" Data.=: namespaceId
+      ]
+
+-- | /See:/ 'newDeleteJobExecutionResponse' smart constructor.
+data DeleteJobExecutionResponse = DeleteJobExecutionResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteJobExecutionResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newDeleteJobExecutionResponse ::
+  DeleteJobExecutionResponse
+newDeleteJobExecutionResponse =
+  DeleteJobExecutionResponse'
+
+instance Prelude.NFData DeleteJobExecutionResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/IoT/DeleteJobTemplate.hs b/gen/Amazonka/IoT/DeleteJobTemplate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteJobTemplate.hs
@@ -0,0 +1,117 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteJobTemplate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes the specified job template.
+module Amazonka.IoT.DeleteJobTemplate
+  ( -- * Creating a Request
+    DeleteJobTemplate (..),
+    newDeleteJobTemplate,
+
+    -- * Request Lenses
+    deleteJobTemplate_jobTemplateId,
+
+    -- * Destructuring the Response
+    DeleteJobTemplateResponse (..),
+    newDeleteJobTemplateResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDeleteJobTemplate' smart constructor.
+data DeleteJobTemplate = DeleteJobTemplate'
+  { -- | The unique identifier of the job template to delete.
+    jobTemplateId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteJobTemplate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'jobTemplateId', 'deleteJobTemplate_jobTemplateId' - The unique identifier of the job template to delete.
+newDeleteJobTemplate ::
+  -- | 'jobTemplateId'
+  Prelude.Text ->
+  DeleteJobTemplate
+newDeleteJobTemplate pJobTemplateId_ =
+  DeleteJobTemplate' {jobTemplateId = pJobTemplateId_}
+
+-- | The unique identifier of the job template to delete.
+deleteJobTemplate_jobTemplateId :: Lens.Lens' DeleteJobTemplate Prelude.Text
+deleteJobTemplate_jobTemplateId = Lens.lens (\DeleteJobTemplate' {jobTemplateId} -> jobTemplateId) (\s@DeleteJobTemplate' {} a -> s {jobTemplateId = a} :: DeleteJobTemplate)
+
+instance Core.AWSRequest DeleteJobTemplate where
+  type
+    AWSResponse DeleteJobTemplate =
+      DeleteJobTemplateResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveNull DeleteJobTemplateResponse'
+
+instance Prelude.Hashable DeleteJobTemplate where
+  hashWithSalt _salt DeleteJobTemplate' {..} =
+    _salt `Prelude.hashWithSalt` jobTemplateId
+
+instance Prelude.NFData DeleteJobTemplate where
+  rnf DeleteJobTemplate' {..} =
+    Prelude.rnf jobTemplateId
+
+instance Data.ToHeaders DeleteJobTemplate where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeleteJobTemplate where
+  toPath DeleteJobTemplate' {..} =
+    Prelude.mconcat
+      ["/job-templates/", Data.toBS jobTemplateId]
+
+instance Data.ToQuery DeleteJobTemplate where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteJobTemplateResponse' smart constructor.
+data DeleteJobTemplateResponse = DeleteJobTemplateResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteJobTemplateResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newDeleteJobTemplateResponse ::
+  DeleteJobTemplateResponse
+newDeleteJobTemplateResponse =
+  DeleteJobTemplateResponse'
+
+instance Prelude.NFData DeleteJobTemplateResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/IoT/DeleteMitigationAction.hs b/gen/Amazonka/IoT/DeleteMitigationAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteMitigationAction.hs
@@ -0,0 +1,148 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteMitigationAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes a defined mitigation action from your Amazon Web Services
+-- accounts.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeleteMitigationAction>
+-- action.
+module Amazonka.IoT.DeleteMitigationAction
+  ( -- * Creating a Request
+    DeleteMitigationAction (..),
+    newDeleteMitigationAction,
+
+    -- * Request Lenses
+    deleteMitigationAction_actionName,
+
+    -- * Destructuring the Response
+    DeleteMitigationActionResponse (..),
+    newDeleteMitigationActionResponse,
+
+    -- * Response Lenses
+    deleteMitigationActionResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDeleteMitigationAction' smart constructor.
+data DeleteMitigationAction = DeleteMitigationAction'
+  { -- | The name of the mitigation action that you want to delete.
+    actionName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteMitigationAction' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'actionName', 'deleteMitigationAction_actionName' - The name of the mitigation action that you want to delete.
+newDeleteMitigationAction ::
+  -- | 'actionName'
+  Prelude.Text ->
+  DeleteMitigationAction
+newDeleteMitigationAction pActionName_ =
+  DeleteMitigationAction' {actionName = pActionName_}
+
+-- | The name of the mitigation action that you want to delete.
+deleteMitigationAction_actionName :: Lens.Lens' DeleteMitigationAction Prelude.Text
+deleteMitigationAction_actionName = Lens.lens (\DeleteMitigationAction' {actionName} -> actionName) (\s@DeleteMitigationAction' {} a -> s {actionName = a} :: DeleteMitigationAction)
+
+instance Core.AWSRequest DeleteMitigationAction where
+  type
+    AWSResponse DeleteMitigationAction =
+      DeleteMitigationActionResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteMitigationActionResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteMitigationAction where
+  hashWithSalt _salt DeleteMitigationAction' {..} =
+    _salt `Prelude.hashWithSalt` actionName
+
+instance Prelude.NFData DeleteMitigationAction where
+  rnf DeleteMitigationAction' {..} =
+    Prelude.rnf actionName
+
+instance Data.ToHeaders DeleteMitigationAction where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeleteMitigationAction where
+  toPath DeleteMitigationAction' {..} =
+    Prelude.mconcat
+      ["/mitigationactions/actions/", Data.toBS actionName]
+
+instance Data.ToQuery DeleteMitigationAction where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteMitigationActionResponse' smart constructor.
+data DeleteMitigationActionResponse = DeleteMitigationActionResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteMitigationActionResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteMitigationActionResponse_httpStatus' - The response's http status code.
+newDeleteMitigationActionResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteMitigationActionResponse
+newDeleteMitigationActionResponse pHttpStatus_ =
+  DeleteMitigationActionResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+deleteMitigationActionResponse_httpStatus :: Lens.Lens' DeleteMitigationActionResponse Prelude.Int
+deleteMitigationActionResponse_httpStatus = Lens.lens (\DeleteMitigationActionResponse' {httpStatus} -> httpStatus) (\s@DeleteMitigationActionResponse' {} a -> s {httpStatus = a} :: DeleteMitigationActionResponse)
+
+instance
+  Prelude.NFData
+    DeleteMitigationActionResponse
+  where
+  rnf DeleteMitigationActionResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DeleteOTAUpdate.hs b/gen/Amazonka/IoT/DeleteOTAUpdate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteOTAUpdate.hs
@@ -0,0 +1,187 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteOTAUpdate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Delete an OTA update.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeleteOTAUpdate>
+-- action.
+module Amazonka.IoT.DeleteOTAUpdate
+  ( -- * Creating a Request
+    DeleteOTAUpdate (..),
+    newDeleteOTAUpdate,
+
+    -- * Request Lenses
+    deleteOTAUpdate_deleteStream,
+    deleteOTAUpdate_forceDeleteAWSJob,
+    deleteOTAUpdate_otaUpdateId,
+
+    -- * Destructuring the Response
+    DeleteOTAUpdateResponse (..),
+    newDeleteOTAUpdateResponse,
+
+    -- * Response Lenses
+    deleteOTAUpdateResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDeleteOTAUpdate' smart constructor.
+data DeleteOTAUpdate = DeleteOTAUpdate'
+  { -- | When true, the stream created by the OTAUpdate process is deleted when
+    -- the OTA update is deleted. Ignored if the stream specified in the
+    -- OTAUpdate is supplied by the user.
+    deleteStream :: Prelude.Maybe Prelude.Bool,
+    -- | When true, deletes the IoT job created by the OTAUpdate process even if
+    -- it is \"IN_PROGRESS\". Otherwise, if the job is not in a terminal state
+    -- (\"COMPLETED\" or \"CANCELED\") an exception will occur. The default is
+    -- false.
+    forceDeleteAWSJob :: Prelude.Maybe Prelude.Bool,
+    -- | The ID of the OTA update to delete.
+    otaUpdateId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteOTAUpdate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'deleteStream', 'deleteOTAUpdate_deleteStream' - When true, the stream created by the OTAUpdate process is deleted when
+-- the OTA update is deleted. Ignored if the stream specified in the
+-- OTAUpdate is supplied by the user.
+--
+-- 'forceDeleteAWSJob', 'deleteOTAUpdate_forceDeleteAWSJob' - When true, deletes the IoT job created by the OTAUpdate process even if
+-- it is \"IN_PROGRESS\". Otherwise, if the job is not in a terminal state
+-- (\"COMPLETED\" or \"CANCELED\") an exception will occur. The default is
+-- false.
+--
+-- 'otaUpdateId', 'deleteOTAUpdate_otaUpdateId' - The ID of the OTA update to delete.
+newDeleteOTAUpdate ::
+  -- | 'otaUpdateId'
+  Prelude.Text ->
+  DeleteOTAUpdate
+newDeleteOTAUpdate pOtaUpdateId_ =
+  DeleteOTAUpdate'
+    { deleteStream = Prelude.Nothing,
+      forceDeleteAWSJob = Prelude.Nothing,
+      otaUpdateId = pOtaUpdateId_
+    }
+
+-- | When true, the stream created by the OTAUpdate process is deleted when
+-- the OTA update is deleted. Ignored if the stream specified in the
+-- OTAUpdate is supplied by the user.
+deleteOTAUpdate_deleteStream :: Lens.Lens' DeleteOTAUpdate (Prelude.Maybe Prelude.Bool)
+deleteOTAUpdate_deleteStream = Lens.lens (\DeleteOTAUpdate' {deleteStream} -> deleteStream) (\s@DeleteOTAUpdate' {} a -> s {deleteStream = a} :: DeleteOTAUpdate)
+
+-- | When true, deletes the IoT job created by the OTAUpdate process even if
+-- it is \"IN_PROGRESS\". Otherwise, if the job is not in a terminal state
+-- (\"COMPLETED\" or \"CANCELED\") an exception will occur. The default is
+-- false.
+deleteOTAUpdate_forceDeleteAWSJob :: Lens.Lens' DeleteOTAUpdate (Prelude.Maybe Prelude.Bool)
+deleteOTAUpdate_forceDeleteAWSJob = Lens.lens (\DeleteOTAUpdate' {forceDeleteAWSJob} -> forceDeleteAWSJob) (\s@DeleteOTAUpdate' {} a -> s {forceDeleteAWSJob = a} :: DeleteOTAUpdate)
+
+-- | The ID of the OTA update to delete.
+deleteOTAUpdate_otaUpdateId :: Lens.Lens' DeleteOTAUpdate Prelude.Text
+deleteOTAUpdate_otaUpdateId = Lens.lens (\DeleteOTAUpdate' {otaUpdateId} -> otaUpdateId) (\s@DeleteOTAUpdate' {} a -> s {otaUpdateId = a} :: DeleteOTAUpdate)
+
+instance Core.AWSRequest DeleteOTAUpdate where
+  type
+    AWSResponse DeleteOTAUpdate =
+      DeleteOTAUpdateResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteOTAUpdateResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteOTAUpdate where
+  hashWithSalt _salt DeleteOTAUpdate' {..} =
+    _salt
+      `Prelude.hashWithSalt` deleteStream
+      `Prelude.hashWithSalt` forceDeleteAWSJob
+      `Prelude.hashWithSalt` otaUpdateId
+
+instance Prelude.NFData DeleteOTAUpdate where
+  rnf DeleteOTAUpdate' {..} =
+    Prelude.rnf deleteStream
+      `Prelude.seq` Prelude.rnf forceDeleteAWSJob
+      `Prelude.seq` Prelude.rnf otaUpdateId
+
+instance Data.ToHeaders DeleteOTAUpdate where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeleteOTAUpdate where
+  toPath DeleteOTAUpdate' {..} =
+    Prelude.mconcat
+      ["/otaUpdates/", Data.toBS otaUpdateId]
+
+instance Data.ToQuery DeleteOTAUpdate where
+  toQuery DeleteOTAUpdate' {..} =
+    Prelude.mconcat
+      [ "deleteStream" Data.=: deleteStream,
+        "forceDeleteAWSJob" Data.=: forceDeleteAWSJob
+      ]
+
+-- | /See:/ 'newDeleteOTAUpdateResponse' smart constructor.
+data DeleteOTAUpdateResponse = DeleteOTAUpdateResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteOTAUpdateResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteOTAUpdateResponse_httpStatus' - The response's http status code.
+newDeleteOTAUpdateResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteOTAUpdateResponse
+newDeleteOTAUpdateResponse pHttpStatus_ =
+  DeleteOTAUpdateResponse' {httpStatus = pHttpStatus_}
+
+-- | The response's http status code.
+deleteOTAUpdateResponse_httpStatus :: Lens.Lens' DeleteOTAUpdateResponse Prelude.Int
+deleteOTAUpdateResponse_httpStatus = Lens.lens (\DeleteOTAUpdateResponse' {httpStatus} -> httpStatus) (\s@DeleteOTAUpdateResponse' {} a -> s {httpStatus = a} :: DeleteOTAUpdateResponse)
+
+instance Prelude.NFData DeleteOTAUpdateResponse where
+  rnf DeleteOTAUpdateResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DeletePolicy.hs b/gen/Amazonka/IoT/DeletePolicy.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeletePolicy.hs
@@ -0,0 +1,133 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeletePolicy
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes the specified policy.
+--
+-- A policy cannot be deleted if it has non-default versions or it is
+-- attached to any certificate.
+--
+-- To delete a policy, use the DeletePolicyVersion action to delete all
+-- non-default versions of the policy; use the DetachPolicy action to
+-- detach the policy from any certificate; and then use the DeletePolicy
+-- action to delete the policy.
+--
+-- When a policy is deleted using DeletePolicy, its default version is
+-- deleted with it.
+--
+-- Because of the distributed nature of Amazon Web Services, it can take up
+-- to five minutes after a policy is detached before it\'s ready to be
+-- deleted.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeletePolicy>
+-- action.
+module Amazonka.IoT.DeletePolicy
+  ( -- * Creating a Request
+    DeletePolicy (..),
+    newDeletePolicy,
+
+    -- * Request Lenses
+    deletePolicy_policyName,
+
+    -- * Destructuring the Response
+    DeletePolicyResponse (..),
+    newDeletePolicyResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the DeletePolicy operation.
+--
+-- /See:/ 'newDeletePolicy' smart constructor.
+data DeletePolicy = DeletePolicy'
+  { -- | The name of the policy to delete.
+    policyName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeletePolicy' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'policyName', 'deletePolicy_policyName' - The name of the policy to delete.
+newDeletePolicy ::
+  -- | 'policyName'
+  Prelude.Text ->
+  DeletePolicy
+newDeletePolicy pPolicyName_ =
+  DeletePolicy' {policyName = pPolicyName_}
+
+-- | The name of the policy to delete.
+deletePolicy_policyName :: Lens.Lens' DeletePolicy Prelude.Text
+deletePolicy_policyName = Lens.lens (\DeletePolicy' {policyName} -> policyName) (\s@DeletePolicy' {} a -> s {policyName = a} :: DeletePolicy)
+
+instance Core.AWSRequest DeletePolicy where
+  type AWSResponse DeletePolicy = DeletePolicyResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response = Response.receiveNull DeletePolicyResponse'
+
+instance Prelude.Hashable DeletePolicy where
+  hashWithSalt _salt DeletePolicy' {..} =
+    _salt `Prelude.hashWithSalt` policyName
+
+instance Prelude.NFData DeletePolicy where
+  rnf DeletePolicy' {..} = Prelude.rnf policyName
+
+instance Data.ToHeaders DeletePolicy where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeletePolicy where
+  toPath DeletePolicy' {..} =
+    Prelude.mconcat
+      ["/policies/", Data.toBS policyName]
+
+instance Data.ToQuery DeletePolicy where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeletePolicyResponse' smart constructor.
+data DeletePolicyResponse = DeletePolicyResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeletePolicyResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newDeletePolicyResponse ::
+  DeletePolicyResponse
+newDeletePolicyResponse = DeletePolicyResponse'
+
+instance Prelude.NFData DeletePolicyResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/IoT/DeletePolicyVersion.hs b/gen/Amazonka/IoT/DeletePolicyVersion.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeletePolicyVersion.hs
@@ -0,0 +1,147 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeletePolicyVersion
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes the specified version of the specified policy. You cannot delete
+-- the default version of a policy using this action. To delete the default
+-- version of a policy, use DeletePolicy. To find out which version of a
+-- policy is marked as the default version, use ListPolicyVersions.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeletePolicyVersion>
+-- action.
+module Amazonka.IoT.DeletePolicyVersion
+  ( -- * Creating a Request
+    DeletePolicyVersion (..),
+    newDeletePolicyVersion,
+
+    -- * Request Lenses
+    deletePolicyVersion_policyName,
+    deletePolicyVersion_policyVersionId,
+
+    -- * Destructuring the Response
+    DeletePolicyVersionResponse (..),
+    newDeletePolicyVersionResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the DeletePolicyVersion operation.
+--
+-- /See:/ 'newDeletePolicyVersion' smart constructor.
+data DeletePolicyVersion = DeletePolicyVersion'
+  { -- | The name of the policy.
+    policyName :: Prelude.Text,
+    -- | The policy version ID.
+    policyVersionId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeletePolicyVersion' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'policyName', 'deletePolicyVersion_policyName' - The name of the policy.
+--
+-- 'policyVersionId', 'deletePolicyVersion_policyVersionId' - The policy version ID.
+newDeletePolicyVersion ::
+  -- | 'policyName'
+  Prelude.Text ->
+  -- | 'policyVersionId'
+  Prelude.Text ->
+  DeletePolicyVersion
+newDeletePolicyVersion pPolicyName_ pPolicyVersionId_ =
+  DeletePolicyVersion'
+    { policyName = pPolicyName_,
+      policyVersionId = pPolicyVersionId_
+    }
+
+-- | The name of the policy.
+deletePolicyVersion_policyName :: Lens.Lens' DeletePolicyVersion Prelude.Text
+deletePolicyVersion_policyName = Lens.lens (\DeletePolicyVersion' {policyName} -> policyName) (\s@DeletePolicyVersion' {} a -> s {policyName = a} :: DeletePolicyVersion)
+
+-- | The policy version ID.
+deletePolicyVersion_policyVersionId :: Lens.Lens' DeletePolicyVersion Prelude.Text
+deletePolicyVersion_policyVersionId = Lens.lens (\DeletePolicyVersion' {policyVersionId} -> policyVersionId) (\s@DeletePolicyVersion' {} a -> s {policyVersionId = a} :: DeletePolicyVersion)
+
+instance Core.AWSRequest DeletePolicyVersion where
+  type
+    AWSResponse DeletePolicyVersion =
+      DeletePolicyVersionResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveNull DeletePolicyVersionResponse'
+
+instance Prelude.Hashable DeletePolicyVersion where
+  hashWithSalt _salt DeletePolicyVersion' {..} =
+    _salt
+      `Prelude.hashWithSalt` policyName
+      `Prelude.hashWithSalt` policyVersionId
+
+instance Prelude.NFData DeletePolicyVersion where
+  rnf DeletePolicyVersion' {..} =
+    Prelude.rnf policyName
+      `Prelude.seq` Prelude.rnf policyVersionId
+
+instance Data.ToHeaders DeletePolicyVersion where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeletePolicyVersion where
+  toPath DeletePolicyVersion' {..} =
+    Prelude.mconcat
+      [ "/policies/",
+        Data.toBS policyName,
+        "/version/",
+        Data.toBS policyVersionId
+      ]
+
+instance Data.ToQuery DeletePolicyVersion where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeletePolicyVersionResponse' smart constructor.
+data DeletePolicyVersionResponse = DeletePolicyVersionResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeletePolicyVersionResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newDeletePolicyVersionResponse ::
+  DeletePolicyVersionResponse
+newDeletePolicyVersionResponse =
+  DeletePolicyVersionResponse'
+
+instance Prelude.NFData DeletePolicyVersionResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/IoT/DeleteProvisioningTemplate.hs b/gen/Amazonka/IoT/DeleteProvisioningTemplate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteProvisioningTemplate.hs
@@ -0,0 +1,150 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteProvisioningTemplate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes a provisioning template.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeleteProvisioningTemplate>
+-- action.
+module Amazonka.IoT.DeleteProvisioningTemplate
+  ( -- * Creating a Request
+    DeleteProvisioningTemplate (..),
+    newDeleteProvisioningTemplate,
+
+    -- * Request Lenses
+    deleteProvisioningTemplate_templateName,
+
+    -- * Destructuring the Response
+    DeleteProvisioningTemplateResponse (..),
+    newDeleteProvisioningTemplateResponse,
+
+    -- * Response Lenses
+    deleteProvisioningTemplateResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDeleteProvisioningTemplate' smart constructor.
+data DeleteProvisioningTemplate = DeleteProvisioningTemplate'
+  { -- | The name of the fleet provision template to delete.
+    templateName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteProvisioningTemplate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'templateName', 'deleteProvisioningTemplate_templateName' - The name of the fleet provision template to delete.
+newDeleteProvisioningTemplate ::
+  -- | 'templateName'
+  Prelude.Text ->
+  DeleteProvisioningTemplate
+newDeleteProvisioningTemplate pTemplateName_ =
+  DeleteProvisioningTemplate'
+    { templateName =
+        pTemplateName_
+    }
+
+-- | The name of the fleet provision template to delete.
+deleteProvisioningTemplate_templateName :: Lens.Lens' DeleteProvisioningTemplate Prelude.Text
+deleteProvisioningTemplate_templateName = Lens.lens (\DeleteProvisioningTemplate' {templateName} -> templateName) (\s@DeleteProvisioningTemplate' {} a -> s {templateName = a} :: DeleteProvisioningTemplate)
+
+instance Core.AWSRequest DeleteProvisioningTemplate where
+  type
+    AWSResponse DeleteProvisioningTemplate =
+      DeleteProvisioningTemplateResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteProvisioningTemplateResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteProvisioningTemplate where
+  hashWithSalt _salt DeleteProvisioningTemplate' {..} =
+    _salt `Prelude.hashWithSalt` templateName
+
+instance Prelude.NFData DeleteProvisioningTemplate where
+  rnf DeleteProvisioningTemplate' {..} =
+    Prelude.rnf templateName
+
+instance Data.ToHeaders DeleteProvisioningTemplate where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeleteProvisioningTemplate where
+  toPath DeleteProvisioningTemplate' {..} =
+    Prelude.mconcat
+      ["/provisioning-templates/", Data.toBS templateName]
+
+instance Data.ToQuery DeleteProvisioningTemplate where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteProvisioningTemplateResponse' smart constructor.
+data DeleteProvisioningTemplateResponse = DeleteProvisioningTemplateResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteProvisioningTemplateResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteProvisioningTemplateResponse_httpStatus' - The response's http status code.
+newDeleteProvisioningTemplateResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteProvisioningTemplateResponse
+newDeleteProvisioningTemplateResponse pHttpStatus_ =
+  DeleteProvisioningTemplateResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+deleteProvisioningTemplateResponse_httpStatus :: Lens.Lens' DeleteProvisioningTemplateResponse Prelude.Int
+deleteProvisioningTemplateResponse_httpStatus = Lens.lens (\DeleteProvisioningTemplateResponse' {httpStatus} -> httpStatus) (\s@DeleteProvisioningTemplateResponse' {} a -> s {httpStatus = a} :: DeleteProvisioningTemplateResponse)
+
+instance
+  Prelude.NFData
+    DeleteProvisioningTemplateResponse
+  where
+  rnf DeleteProvisioningTemplateResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DeleteProvisioningTemplateVersion.hs b/gen/Amazonka/IoT/DeleteProvisioningTemplateVersion.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteProvisioningTemplateVersion.hs
@@ -0,0 +1,192 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteProvisioningTemplateVersion
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes a provisioning template version.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeleteProvisioningTemplateVersion>
+-- action.
+module Amazonka.IoT.DeleteProvisioningTemplateVersion
+  ( -- * Creating a Request
+    DeleteProvisioningTemplateVersion (..),
+    newDeleteProvisioningTemplateVersion,
+
+    -- * Request Lenses
+    deleteProvisioningTemplateVersion_templateName,
+    deleteProvisioningTemplateVersion_versionId,
+
+    -- * Destructuring the Response
+    DeleteProvisioningTemplateVersionResponse (..),
+    newDeleteProvisioningTemplateVersionResponse,
+
+    -- * Response Lenses
+    deleteProvisioningTemplateVersionResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDeleteProvisioningTemplateVersion' smart constructor.
+data DeleteProvisioningTemplateVersion = DeleteProvisioningTemplateVersion'
+  { -- | The name of the provisioning template version to delete.
+    templateName :: Prelude.Text,
+    -- | The provisioning template version ID to delete.
+    versionId :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteProvisioningTemplateVersion' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'templateName', 'deleteProvisioningTemplateVersion_templateName' - The name of the provisioning template version to delete.
+--
+-- 'versionId', 'deleteProvisioningTemplateVersion_versionId' - The provisioning template version ID to delete.
+newDeleteProvisioningTemplateVersion ::
+  -- | 'templateName'
+  Prelude.Text ->
+  -- | 'versionId'
+  Prelude.Int ->
+  DeleteProvisioningTemplateVersion
+newDeleteProvisioningTemplateVersion
+  pTemplateName_
+  pVersionId_ =
+    DeleteProvisioningTemplateVersion'
+      { templateName =
+          pTemplateName_,
+        versionId = pVersionId_
+      }
+
+-- | The name of the provisioning template version to delete.
+deleteProvisioningTemplateVersion_templateName :: Lens.Lens' DeleteProvisioningTemplateVersion Prelude.Text
+deleteProvisioningTemplateVersion_templateName = Lens.lens (\DeleteProvisioningTemplateVersion' {templateName} -> templateName) (\s@DeleteProvisioningTemplateVersion' {} a -> s {templateName = a} :: DeleteProvisioningTemplateVersion)
+
+-- | The provisioning template version ID to delete.
+deleteProvisioningTemplateVersion_versionId :: Lens.Lens' DeleteProvisioningTemplateVersion Prelude.Int
+deleteProvisioningTemplateVersion_versionId = Lens.lens (\DeleteProvisioningTemplateVersion' {versionId} -> versionId) (\s@DeleteProvisioningTemplateVersion' {} a -> s {versionId = a} :: DeleteProvisioningTemplateVersion)
+
+instance
+  Core.AWSRequest
+    DeleteProvisioningTemplateVersion
+  where
+  type
+    AWSResponse DeleteProvisioningTemplateVersion =
+      DeleteProvisioningTemplateVersionResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteProvisioningTemplateVersionResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    DeleteProvisioningTemplateVersion
+  where
+  hashWithSalt
+    _salt
+    DeleteProvisioningTemplateVersion' {..} =
+      _salt
+        `Prelude.hashWithSalt` templateName
+        `Prelude.hashWithSalt` versionId
+
+instance
+  Prelude.NFData
+    DeleteProvisioningTemplateVersion
+  where
+  rnf DeleteProvisioningTemplateVersion' {..} =
+    Prelude.rnf templateName
+      `Prelude.seq` Prelude.rnf versionId
+
+instance
+  Data.ToHeaders
+    DeleteProvisioningTemplateVersion
+  where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance
+  Data.ToPath
+    DeleteProvisioningTemplateVersion
+  where
+  toPath DeleteProvisioningTemplateVersion' {..} =
+    Prelude.mconcat
+      [ "/provisioning-templates/",
+        Data.toBS templateName,
+        "/versions/",
+        Data.toBS versionId
+      ]
+
+instance
+  Data.ToQuery
+    DeleteProvisioningTemplateVersion
+  where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteProvisioningTemplateVersionResponse' smart constructor.
+data DeleteProvisioningTemplateVersionResponse = DeleteProvisioningTemplateVersionResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteProvisioningTemplateVersionResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteProvisioningTemplateVersionResponse_httpStatus' - The response's http status code.
+newDeleteProvisioningTemplateVersionResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteProvisioningTemplateVersionResponse
+newDeleteProvisioningTemplateVersionResponse
+  pHttpStatus_ =
+    DeleteProvisioningTemplateVersionResponse'
+      { httpStatus =
+          pHttpStatus_
+      }
+
+-- | The response's http status code.
+deleteProvisioningTemplateVersionResponse_httpStatus :: Lens.Lens' DeleteProvisioningTemplateVersionResponse Prelude.Int
+deleteProvisioningTemplateVersionResponse_httpStatus = Lens.lens (\DeleteProvisioningTemplateVersionResponse' {httpStatus} -> httpStatus) (\s@DeleteProvisioningTemplateVersionResponse' {} a -> s {httpStatus = a} :: DeleteProvisioningTemplateVersionResponse)
+
+instance
+  Prelude.NFData
+    DeleteProvisioningTemplateVersionResponse
+  where
+  rnf DeleteProvisioningTemplateVersionResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DeleteRegistrationCode.hs b/gen/Amazonka/IoT/DeleteRegistrationCode.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteRegistrationCode.hs
@@ -0,0 +1,132 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteRegistrationCode
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes a CA certificate registration code.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeleteRegistrationCode>
+-- action.
+module Amazonka.IoT.DeleteRegistrationCode
+  ( -- * Creating a Request
+    DeleteRegistrationCode (..),
+    newDeleteRegistrationCode,
+
+    -- * Destructuring the Response
+    DeleteRegistrationCodeResponse (..),
+    newDeleteRegistrationCodeResponse,
+
+    -- * Response Lenses
+    deleteRegistrationCodeResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the DeleteRegistrationCode operation.
+--
+-- /See:/ 'newDeleteRegistrationCode' smart constructor.
+data DeleteRegistrationCode = DeleteRegistrationCode'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteRegistrationCode' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newDeleteRegistrationCode ::
+  DeleteRegistrationCode
+newDeleteRegistrationCode = DeleteRegistrationCode'
+
+instance Core.AWSRequest DeleteRegistrationCode where
+  type
+    AWSResponse DeleteRegistrationCode =
+      DeleteRegistrationCodeResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteRegistrationCodeResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteRegistrationCode where
+  hashWithSalt _salt _ =
+    _salt `Prelude.hashWithSalt` ()
+
+instance Prelude.NFData DeleteRegistrationCode where
+  rnf _ = ()
+
+instance Data.ToHeaders DeleteRegistrationCode where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeleteRegistrationCode where
+  toPath = Prelude.const "/registrationcode"
+
+instance Data.ToQuery DeleteRegistrationCode where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | The output for the DeleteRegistrationCode operation.
+--
+-- /See:/ 'newDeleteRegistrationCodeResponse' smart constructor.
+data DeleteRegistrationCodeResponse = DeleteRegistrationCodeResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteRegistrationCodeResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteRegistrationCodeResponse_httpStatus' - The response's http status code.
+newDeleteRegistrationCodeResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteRegistrationCodeResponse
+newDeleteRegistrationCodeResponse pHttpStatus_ =
+  DeleteRegistrationCodeResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+deleteRegistrationCodeResponse_httpStatus :: Lens.Lens' DeleteRegistrationCodeResponse Prelude.Int
+deleteRegistrationCodeResponse_httpStatus = Lens.lens (\DeleteRegistrationCodeResponse' {httpStatus} -> httpStatus) (\s@DeleteRegistrationCodeResponse' {} a -> s {httpStatus = a} :: DeleteRegistrationCodeResponse)
+
+instance
+  Prelude.NFData
+    DeleteRegistrationCodeResponse
+  where
+  rnf DeleteRegistrationCodeResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DeleteRoleAlias.hs b/gen/Amazonka/IoT/DeleteRoleAlias.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteRoleAlias.hs
@@ -0,0 +1,140 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteRoleAlias
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes a role alias
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeleteRoleAlias>
+-- action.
+module Amazonka.IoT.DeleteRoleAlias
+  ( -- * Creating a Request
+    DeleteRoleAlias (..),
+    newDeleteRoleAlias,
+
+    -- * Request Lenses
+    deleteRoleAlias_roleAlias,
+
+    -- * Destructuring the Response
+    DeleteRoleAliasResponse (..),
+    newDeleteRoleAliasResponse,
+
+    -- * Response Lenses
+    deleteRoleAliasResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDeleteRoleAlias' smart constructor.
+data DeleteRoleAlias = DeleteRoleAlias'
+  { -- | The role alias to delete.
+    roleAlias :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteRoleAlias' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'roleAlias', 'deleteRoleAlias_roleAlias' - The role alias to delete.
+newDeleteRoleAlias ::
+  -- | 'roleAlias'
+  Prelude.Text ->
+  DeleteRoleAlias
+newDeleteRoleAlias pRoleAlias_ =
+  DeleteRoleAlias' {roleAlias = pRoleAlias_}
+
+-- | The role alias to delete.
+deleteRoleAlias_roleAlias :: Lens.Lens' DeleteRoleAlias Prelude.Text
+deleteRoleAlias_roleAlias = Lens.lens (\DeleteRoleAlias' {roleAlias} -> roleAlias) (\s@DeleteRoleAlias' {} a -> s {roleAlias = a} :: DeleteRoleAlias)
+
+instance Core.AWSRequest DeleteRoleAlias where
+  type
+    AWSResponse DeleteRoleAlias =
+      DeleteRoleAliasResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteRoleAliasResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteRoleAlias where
+  hashWithSalt _salt DeleteRoleAlias' {..} =
+    _salt `Prelude.hashWithSalt` roleAlias
+
+instance Prelude.NFData DeleteRoleAlias where
+  rnf DeleteRoleAlias' {..} = Prelude.rnf roleAlias
+
+instance Data.ToHeaders DeleteRoleAlias where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeleteRoleAlias where
+  toPath DeleteRoleAlias' {..} =
+    Prelude.mconcat
+      ["/role-aliases/", Data.toBS roleAlias]
+
+instance Data.ToQuery DeleteRoleAlias where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteRoleAliasResponse' smart constructor.
+data DeleteRoleAliasResponse = DeleteRoleAliasResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteRoleAliasResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteRoleAliasResponse_httpStatus' - The response's http status code.
+newDeleteRoleAliasResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteRoleAliasResponse
+newDeleteRoleAliasResponse pHttpStatus_ =
+  DeleteRoleAliasResponse' {httpStatus = pHttpStatus_}
+
+-- | The response's http status code.
+deleteRoleAliasResponse_httpStatus :: Lens.Lens' DeleteRoleAliasResponse Prelude.Int
+deleteRoleAliasResponse_httpStatus = Lens.lens (\DeleteRoleAliasResponse' {httpStatus} -> httpStatus) (\s@DeleteRoleAliasResponse' {} a -> s {httpStatus = a} :: DeleteRoleAliasResponse)
+
+instance Prelude.NFData DeleteRoleAliasResponse where
+  rnf DeleteRoleAliasResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DeleteScheduledAudit.hs b/gen/Amazonka/IoT/DeleteScheduledAudit.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteScheduledAudit.hs
@@ -0,0 +1,149 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteScheduledAudit
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes a scheduled audit.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeleteScheduledAudit>
+-- action.
+module Amazonka.IoT.DeleteScheduledAudit
+  ( -- * Creating a Request
+    DeleteScheduledAudit (..),
+    newDeleteScheduledAudit,
+
+    -- * Request Lenses
+    deleteScheduledAudit_scheduledAuditName,
+
+    -- * Destructuring the Response
+    DeleteScheduledAuditResponse (..),
+    newDeleteScheduledAuditResponse,
+
+    -- * Response Lenses
+    deleteScheduledAuditResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDeleteScheduledAudit' smart constructor.
+data DeleteScheduledAudit = DeleteScheduledAudit'
+  { -- | The name of the scheduled audit you want to delete.
+    scheduledAuditName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteScheduledAudit' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'scheduledAuditName', 'deleteScheduledAudit_scheduledAuditName' - The name of the scheduled audit you want to delete.
+newDeleteScheduledAudit ::
+  -- | 'scheduledAuditName'
+  Prelude.Text ->
+  DeleteScheduledAudit
+newDeleteScheduledAudit pScheduledAuditName_ =
+  DeleteScheduledAudit'
+    { scheduledAuditName =
+        pScheduledAuditName_
+    }
+
+-- | The name of the scheduled audit you want to delete.
+deleteScheduledAudit_scheduledAuditName :: Lens.Lens' DeleteScheduledAudit Prelude.Text
+deleteScheduledAudit_scheduledAuditName = Lens.lens (\DeleteScheduledAudit' {scheduledAuditName} -> scheduledAuditName) (\s@DeleteScheduledAudit' {} a -> s {scheduledAuditName = a} :: DeleteScheduledAudit)
+
+instance Core.AWSRequest DeleteScheduledAudit where
+  type
+    AWSResponse DeleteScheduledAudit =
+      DeleteScheduledAuditResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteScheduledAuditResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteScheduledAudit where
+  hashWithSalt _salt DeleteScheduledAudit' {..} =
+    _salt `Prelude.hashWithSalt` scheduledAuditName
+
+instance Prelude.NFData DeleteScheduledAudit where
+  rnf DeleteScheduledAudit' {..} =
+    Prelude.rnf scheduledAuditName
+
+instance Data.ToHeaders DeleteScheduledAudit where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeleteScheduledAudit where
+  toPath DeleteScheduledAudit' {..} =
+    Prelude.mconcat
+      [ "/audit/scheduledaudits/",
+        Data.toBS scheduledAuditName
+      ]
+
+instance Data.ToQuery DeleteScheduledAudit where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteScheduledAuditResponse' smart constructor.
+data DeleteScheduledAuditResponse = DeleteScheduledAuditResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteScheduledAuditResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteScheduledAuditResponse_httpStatus' - The response's http status code.
+newDeleteScheduledAuditResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteScheduledAuditResponse
+newDeleteScheduledAuditResponse pHttpStatus_ =
+  DeleteScheduledAuditResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+deleteScheduledAuditResponse_httpStatus :: Lens.Lens' DeleteScheduledAuditResponse Prelude.Int
+deleteScheduledAuditResponse_httpStatus = Lens.lens (\DeleteScheduledAuditResponse' {httpStatus} -> httpStatus) (\s@DeleteScheduledAuditResponse' {} a -> s {httpStatus = a} :: DeleteScheduledAuditResponse)
+
+instance Prelude.NFData DeleteScheduledAuditResponse where
+  rnf DeleteScheduledAuditResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DeleteSecurityProfile.hs b/gen/Amazonka/IoT/DeleteSecurityProfile.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteSecurityProfile.hs
@@ -0,0 +1,173 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteSecurityProfile
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes a Device Defender security profile.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeleteSecurityProfile>
+-- action.
+module Amazonka.IoT.DeleteSecurityProfile
+  ( -- * Creating a Request
+    DeleteSecurityProfile (..),
+    newDeleteSecurityProfile,
+
+    -- * Request Lenses
+    deleteSecurityProfile_expectedVersion,
+    deleteSecurityProfile_securityProfileName,
+
+    -- * Destructuring the Response
+    DeleteSecurityProfileResponse (..),
+    newDeleteSecurityProfileResponse,
+
+    -- * Response Lenses
+    deleteSecurityProfileResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDeleteSecurityProfile' smart constructor.
+data DeleteSecurityProfile = DeleteSecurityProfile'
+  { -- | The expected version of the security profile. A new version is generated
+    -- whenever the security profile is updated. If you specify a value that is
+    -- different from the actual version, a @VersionConflictException@ is
+    -- thrown.
+    expectedVersion :: Prelude.Maybe Prelude.Integer,
+    -- | The name of the security profile to be deleted.
+    securityProfileName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteSecurityProfile' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'expectedVersion', 'deleteSecurityProfile_expectedVersion' - The expected version of the security profile. A new version is generated
+-- whenever the security profile is updated. If you specify a value that is
+-- different from the actual version, a @VersionConflictException@ is
+-- thrown.
+--
+-- 'securityProfileName', 'deleteSecurityProfile_securityProfileName' - The name of the security profile to be deleted.
+newDeleteSecurityProfile ::
+  -- | 'securityProfileName'
+  Prelude.Text ->
+  DeleteSecurityProfile
+newDeleteSecurityProfile pSecurityProfileName_ =
+  DeleteSecurityProfile'
+    { expectedVersion =
+        Prelude.Nothing,
+      securityProfileName = pSecurityProfileName_
+    }
+
+-- | The expected version of the security profile. A new version is generated
+-- whenever the security profile is updated. If you specify a value that is
+-- different from the actual version, a @VersionConflictException@ is
+-- thrown.
+deleteSecurityProfile_expectedVersion :: Lens.Lens' DeleteSecurityProfile (Prelude.Maybe Prelude.Integer)
+deleteSecurityProfile_expectedVersion = Lens.lens (\DeleteSecurityProfile' {expectedVersion} -> expectedVersion) (\s@DeleteSecurityProfile' {} a -> s {expectedVersion = a} :: DeleteSecurityProfile)
+
+-- | The name of the security profile to be deleted.
+deleteSecurityProfile_securityProfileName :: Lens.Lens' DeleteSecurityProfile Prelude.Text
+deleteSecurityProfile_securityProfileName = Lens.lens (\DeleteSecurityProfile' {securityProfileName} -> securityProfileName) (\s@DeleteSecurityProfile' {} a -> s {securityProfileName = a} :: DeleteSecurityProfile)
+
+instance Core.AWSRequest DeleteSecurityProfile where
+  type
+    AWSResponse DeleteSecurityProfile =
+      DeleteSecurityProfileResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteSecurityProfileResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteSecurityProfile where
+  hashWithSalt _salt DeleteSecurityProfile' {..} =
+    _salt
+      `Prelude.hashWithSalt` expectedVersion
+      `Prelude.hashWithSalt` securityProfileName
+
+instance Prelude.NFData DeleteSecurityProfile where
+  rnf DeleteSecurityProfile' {..} =
+    Prelude.rnf expectedVersion
+      `Prelude.seq` Prelude.rnf securityProfileName
+
+instance Data.ToHeaders DeleteSecurityProfile where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeleteSecurityProfile where
+  toPath DeleteSecurityProfile' {..} =
+    Prelude.mconcat
+      [ "/security-profiles/",
+        Data.toBS securityProfileName
+      ]
+
+instance Data.ToQuery DeleteSecurityProfile where
+  toQuery DeleteSecurityProfile' {..} =
+    Prelude.mconcat
+      ["expectedVersion" Data.=: expectedVersion]
+
+-- | /See:/ 'newDeleteSecurityProfileResponse' smart constructor.
+data DeleteSecurityProfileResponse = DeleteSecurityProfileResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteSecurityProfileResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteSecurityProfileResponse_httpStatus' - The response's http status code.
+newDeleteSecurityProfileResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteSecurityProfileResponse
+newDeleteSecurityProfileResponse pHttpStatus_ =
+  DeleteSecurityProfileResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+deleteSecurityProfileResponse_httpStatus :: Lens.Lens' DeleteSecurityProfileResponse Prelude.Int
+deleteSecurityProfileResponse_httpStatus = Lens.lens (\DeleteSecurityProfileResponse' {httpStatus} -> httpStatus) (\s@DeleteSecurityProfileResponse' {} a -> s {httpStatus = a} :: DeleteSecurityProfileResponse)
+
+instance Prelude.NFData DeleteSecurityProfileResponse where
+  rnf DeleteSecurityProfileResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DeleteStream.hs b/gen/Amazonka/IoT/DeleteStream.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteStream.hs
@@ -0,0 +1,137 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteStream
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes a stream.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeleteStream>
+-- action.
+module Amazonka.IoT.DeleteStream
+  ( -- * Creating a Request
+    DeleteStream (..),
+    newDeleteStream,
+
+    -- * Request Lenses
+    deleteStream_streamId,
+
+    -- * Destructuring the Response
+    DeleteStreamResponse (..),
+    newDeleteStreamResponse,
+
+    -- * Response Lenses
+    deleteStreamResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDeleteStream' smart constructor.
+data DeleteStream = DeleteStream'
+  { -- | The stream ID.
+    streamId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteStream' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'streamId', 'deleteStream_streamId' - The stream ID.
+newDeleteStream ::
+  -- | 'streamId'
+  Prelude.Text ->
+  DeleteStream
+newDeleteStream pStreamId_ =
+  DeleteStream' {streamId = pStreamId_}
+
+-- | The stream ID.
+deleteStream_streamId :: Lens.Lens' DeleteStream Prelude.Text
+deleteStream_streamId = Lens.lens (\DeleteStream' {streamId} -> streamId) (\s@DeleteStream' {} a -> s {streamId = a} :: DeleteStream)
+
+instance Core.AWSRequest DeleteStream where
+  type AWSResponse DeleteStream = DeleteStreamResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteStreamResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteStream where
+  hashWithSalt _salt DeleteStream' {..} =
+    _salt `Prelude.hashWithSalt` streamId
+
+instance Prelude.NFData DeleteStream where
+  rnf DeleteStream' {..} = Prelude.rnf streamId
+
+instance Data.ToHeaders DeleteStream where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeleteStream where
+  toPath DeleteStream' {..} =
+    Prelude.mconcat ["/streams/", Data.toBS streamId]
+
+instance Data.ToQuery DeleteStream where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteStreamResponse' smart constructor.
+data DeleteStreamResponse = DeleteStreamResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteStreamResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteStreamResponse_httpStatus' - The response's http status code.
+newDeleteStreamResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteStreamResponse
+newDeleteStreamResponse pHttpStatus_ =
+  DeleteStreamResponse' {httpStatus = pHttpStatus_}
+
+-- | The response's http status code.
+deleteStreamResponse_httpStatus :: Lens.Lens' DeleteStreamResponse Prelude.Int
+deleteStreamResponse_httpStatus = Lens.lens (\DeleteStreamResponse' {httpStatus} -> httpStatus) (\s@DeleteStreamResponse' {} a -> s {httpStatus = a} :: DeleteStreamResponse)
+
+instance Prelude.NFData DeleteStreamResponse where
+  rnf DeleteStreamResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DeleteThing.hs b/gen/Amazonka/IoT/DeleteThing.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteThing.hs
@@ -0,0 +1,168 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteThing
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes the specified thing. Returns successfully with no error if the
+-- deletion is successful or you specify a thing that doesn\'t exist.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeleteThing>
+-- action.
+module Amazonka.IoT.DeleteThing
+  ( -- * Creating a Request
+    DeleteThing (..),
+    newDeleteThing,
+
+    -- * Request Lenses
+    deleteThing_expectedVersion,
+    deleteThing_thingName,
+
+    -- * Destructuring the Response
+    DeleteThingResponse (..),
+    newDeleteThingResponse,
+
+    -- * Response Lenses
+    deleteThingResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the DeleteThing operation.
+--
+-- /See:/ 'newDeleteThing' smart constructor.
+data DeleteThing = DeleteThing'
+  { -- | The expected version of the thing record in the registry. If the version
+    -- of the record in the registry does not match the expected version
+    -- specified in the request, the @DeleteThing@ request is rejected with a
+    -- @VersionConflictException@.
+    expectedVersion :: Prelude.Maybe Prelude.Integer,
+    -- | The name of the thing to delete.
+    thingName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteThing' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'expectedVersion', 'deleteThing_expectedVersion' - The expected version of the thing record in the registry. If the version
+-- of the record in the registry does not match the expected version
+-- specified in the request, the @DeleteThing@ request is rejected with a
+-- @VersionConflictException@.
+--
+-- 'thingName', 'deleteThing_thingName' - The name of the thing to delete.
+newDeleteThing ::
+  -- | 'thingName'
+  Prelude.Text ->
+  DeleteThing
+newDeleteThing pThingName_ =
+  DeleteThing'
+    { expectedVersion = Prelude.Nothing,
+      thingName = pThingName_
+    }
+
+-- | The expected version of the thing record in the registry. If the version
+-- of the record in the registry does not match the expected version
+-- specified in the request, the @DeleteThing@ request is rejected with a
+-- @VersionConflictException@.
+deleteThing_expectedVersion :: Lens.Lens' DeleteThing (Prelude.Maybe Prelude.Integer)
+deleteThing_expectedVersion = Lens.lens (\DeleteThing' {expectedVersion} -> expectedVersion) (\s@DeleteThing' {} a -> s {expectedVersion = a} :: DeleteThing)
+
+-- | The name of the thing to delete.
+deleteThing_thingName :: Lens.Lens' DeleteThing Prelude.Text
+deleteThing_thingName = Lens.lens (\DeleteThing' {thingName} -> thingName) (\s@DeleteThing' {} a -> s {thingName = a} :: DeleteThing)
+
+instance Core.AWSRequest DeleteThing where
+  type AWSResponse DeleteThing = DeleteThingResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteThingResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteThing where
+  hashWithSalt _salt DeleteThing' {..} =
+    _salt
+      `Prelude.hashWithSalt` expectedVersion
+      `Prelude.hashWithSalt` thingName
+
+instance Prelude.NFData DeleteThing where
+  rnf DeleteThing' {..} =
+    Prelude.rnf expectedVersion
+      `Prelude.seq` Prelude.rnf thingName
+
+instance Data.ToHeaders DeleteThing where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeleteThing where
+  toPath DeleteThing' {..} =
+    Prelude.mconcat ["/things/", Data.toBS thingName]
+
+instance Data.ToQuery DeleteThing where
+  toQuery DeleteThing' {..} =
+    Prelude.mconcat
+      ["expectedVersion" Data.=: expectedVersion]
+
+-- | The output of the DeleteThing operation.
+--
+-- /See:/ 'newDeleteThingResponse' smart constructor.
+data DeleteThingResponse = DeleteThingResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteThingResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteThingResponse_httpStatus' - The response's http status code.
+newDeleteThingResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteThingResponse
+newDeleteThingResponse pHttpStatus_ =
+  DeleteThingResponse' {httpStatus = pHttpStatus_}
+
+-- | The response's http status code.
+deleteThingResponse_httpStatus :: Lens.Lens' DeleteThingResponse Prelude.Int
+deleteThingResponse_httpStatus = Lens.lens (\DeleteThingResponse' {httpStatus} -> httpStatus) (\s@DeleteThingResponse' {} a -> s {httpStatus = a} :: DeleteThingResponse)
+
+instance Prelude.NFData DeleteThingResponse where
+  rnf DeleteThingResponse' {..} = Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DeleteThingGroup.hs b/gen/Amazonka/IoT/DeleteThingGroup.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteThingGroup.hs
@@ -0,0 +1,162 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteThingGroup
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes a thing group.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeleteThingGroup>
+-- action.
+module Amazonka.IoT.DeleteThingGroup
+  ( -- * Creating a Request
+    DeleteThingGroup (..),
+    newDeleteThingGroup,
+
+    -- * Request Lenses
+    deleteThingGroup_expectedVersion,
+    deleteThingGroup_thingGroupName,
+
+    -- * Destructuring the Response
+    DeleteThingGroupResponse (..),
+    newDeleteThingGroupResponse,
+
+    -- * Response Lenses
+    deleteThingGroupResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDeleteThingGroup' smart constructor.
+data DeleteThingGroup = DeleteThingGroup'
+  { -- | The expected version of the thing group to delete.
+    expectedVersion :: Prelude.Maybe Prelude.Integer,
+    -- | The name of the thing group to delete.
+    thingGroupName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteThingGroup' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'expectedVersion', 'deleteThingGroup_expectedVersion' - The expected version of the thing group to delete.
+--
+-- 'thingGroupName', 'deleteThingGroup_thingGroupName' - The name of the thing group to delete.
+newDeleteThingGroup ::
+  -- | 'thingGroupName'
+  Prelude.Text ->
+  DeleteThingGroup
+newDeleteThingGroup pThingGroupName_ =
+  DeleteThingGroup'
+    { expectedVersion =
+        Prelude.Nothing,
+      thingGroupName = pThingGroupName_
+    }
+
+-- | The expected version of the thing group to delete.
+deleteThingGroup_expectedVersion :: Lens.Lens' DeleteThingGroup (Prelude.Maybe Prelude.Integer)
+deleteThingGroup_expectedVersion = Lens.lens (\DeleteThingGroup' {expectedVersion} -> expectedVersion) (\s@DeleteThingGroup' {} a -> s {expectedVersion = a} :: DeleteThingGroup)
+
+-- | The name of the thing group to delete.
+deleteThingGroup_thingGroupName :: Lens.Lens' DeleteThingGroup Prelude.Text
+deleteThingGroup_thingGroupName = Lens.lens (\DeleteThingGroup' {thingGroupName} -> thingGroupName) (\s@DeleteThingGroup' {} a -> s {thingGroupName = a} :: DeleteThingGroup)
+
+instance Core.AWSRequest DeleteThingGroup where
+  type
+    AWSResponse DeleteThingGroup =
+      DeleteThingGroupResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteThingGroupResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteThingGroup where
+  hashWithSalt _salt DeleteThingGroup' {..} =
+    _salt
+      `Prelude.hashWithSalt` expectedVersion
+      `Prelude.hashWithSalt` thingGroupName
+
+instance Prelude.NFData DeleteThingGroup where
+  rnf DeleteThingGroup' {..} =
+    Prelude.rnf expectedVersion
+      `Prelude.seq` Prelude.rnf thingGroupName
+
+instance Data.ToHeaders DeleteThingGroup where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeleteThingGroup where
+  toPath DeleteThingGroup' {..} =
+    Prelude.mconcat
+      ["/thing-groups/", Data.toBS thingGroupName]
+
+instance Data.ToQuery DeleteThingGroup where
+  toQuery DeleteThingGroup' {..} =
+    Prelude.mconcat
+      ["expectedVersion" Data.=: expectedVersion]
+
+-- | /See:/ 'newDeleteThingGroupResponse' smart constructor.
+data DeleteThingGroupResponse = DeleteThingGroupResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteThingGroupResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteThingGroupResponse_httpStatus' - The response's http status code.
+newDeleteThingGroupResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteThingGroupResponse
+newDeleteThingGroupResponse pHttpStatus_ =
+  DeleteThingGroupResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+deleteThingGroupResponse_httpStatus :: Lens.Lens' DeleteThingGroupResponse Prelude.Int
+deleteThingGroupResponse_httpStatus = Lens.lens (\DeleteThingGroupResponse' {httpStatus} -> httpStatus) (\s@DeleteThingGroupResponse' {} a -> s {httpStatus = a} :: DeleteThingGroupResponse)
+
+instance Prelude.NFData DeleteThingGroupResponse where
+  rnf DeleteThingGroupResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DeleteThingType.hs b/gen/Amazonka/IoT/DeleteThingType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteThingType.hs
@@ -0,0 +1,148 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteThingType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes the specified thing type. You cannot delete a thing type if it
+-- has things associated with it. To delete a thing type, first mark it as
+-- deprecated by calling DeprecateThingType, then remove any associated
+-- things by calling UpdateThing to change the thing type on any associated
+-- thing, and finally use DeleteThingType to delete the thing type.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeleteThingType>
+-- action.
+module Amazonka.IoT.DeleteThingType
+  ( -- * Creating a Request
+    DeleteThingType (..),
+    newDeleteThingType,
+
+    -- * Request Lenses
+    deleteThingType_thingTypeName,
+
+    -- * Destructuring the Response
+    DeleteThingTypeResponse (..),
+    newDeleteThingTypeResponse,
+
+    -- * Response Lenses
+    deleteThingTypeResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the DeleteThingType operation.
+--
+-- /See:/ 'newDeleteThingType' smart constructor.
+data DeleteThingType = DeleteThingType'
+  { -- | The name of the thing type.
+    thingTypeName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteThingType' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'thingTypeName', 'deleteThingType_thingTypeName' - The name of the thing type.
+newDeleteThingType ::
+  -- | 'thingTypeName'
+  Prelude.Text ->
+  DeleteThingType
+newDeleteThingType pThingTypeName_ =
+  DeleteThingType' {thingTypeName = pThingTypeName_}
+
+-- | The name of the thing type.
+deleteThingType_thingTypeName :: Lens.Lens' DeleteThingType Prelude.Text
+deleteThingType_thingTypeName = Lens.lens (\DeleteThingType' {thingTypeName} -> thingTypeName) (\s@DeleteThingType' {} a -> s {thingTypeName = a} :: DeleteThingType)
+
+instance Core.AWSRequest DeleteThingType where
+  type
+    AWSResponse DeleteThingType =
+      DeleteThingTypeResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteThingTypeResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteThingType where
+  hashWithSalt _salt DeleteThingType' {..} =
+    _salt `Prelude.hashWithSalt` thingTypeName
+
+instance Prelude.NFData DeleteThingType where
+  rnf DeleteThingType' {..} = Prelude.rnf thingTypeName
+
+instance Data.ToHeaders DeleteThingType where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeleteThingType where
+  toPath DeleteThingType' {..} =
+    Prelude.mconcat
+      ["/thing-types/", Data.toBS thingTypeName]
+
+instance Data.ToQuery DeleteThingType where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | The output for the DeleteThingType operation.
+--
+-- /See:/ 'newDeleteThingTypeResponse' smart constructor.
+data DeleteThingTypeResponse = DeleteThingTypeResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteThingTypeResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteThingTypeResponse_httpStatus' - The response's http status code.
+newDeleteThingTypeResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteThingTypeResponse
+newDeleteThingTypeResponse pHttpStatus_ =
+  DeleteThingTypeResponse' {httpStatus = pHttpStatus_}
+
+-- | The response's http status code.
+deleteThingTypeResponse_httpStatus :: Lens.Lens' DeleteThingTypeResponse Prelude.Int
+deleteThingTypeResponse_httpStatus = Lens.lens (\DeleteThingTypeResponse' {httpStatus} -> httpStatus) (\s@DeleteThingTypeResponse' {} a -> s {httpStatus = a} :: DeleteThingTypeResponse)
+
+instance Prelude.NFData DeleteThingTypeResponse where
+  rnf DeleteThingTypeResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DeleteTopicRule.hs b/gen/Amazonka/IoT/DeleteTopicRule.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteTopicRule.hs
@@ -0,0 +1,120 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteTopicRule
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes the rule.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeleteTopicRule>
+-- action.
+module Amazonka.IoT.DeleteTopicRule
+  ( -- * Creating a Request
+    DeleteTopicRule (..),
+    newDeleteTopicRule,
+
+    -- * Request Lenses
+    deleteTopicRule_ruleName,
+
+    -- * Destructuring the Response
+    DeleteTopicRuleResponse (..),
+    newDeleteTopicRuleResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the DeleteTopicRule operation.
+--
+-- /See:/ 'newDeleteTopicRule' smart constructor.
+data DeleteTopicRule = DeleteTopicRule'
+  { -- | The name of the rule.
+    ruleName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteTopicRule' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'ruleName', 'deleteTopicRule_ruleName' - The name of the rule.
+newDeleteTopicRule ::
+  -- | 'ruleName'
+  Prelude.Text ->
+  DeleteTopicRule
+newDeleteTopicRule pRuleName_ =
+  DeleteTopicRule' {ruleName = pRuleName_}
+
+-- | The name of the rule.
+deleteTopicRule_ruleName :: Lens.Lens' DeleteTopicRule Prelude.Text
+deleteTopicRule_ruleName = Lens.lens (\DeleteTopicRule' {ruleName} -> ruleName) (\s@DeleteTopicRule' {} a -> s {ruleName = a} :: DeleteTopicRule)
+
+instance Core.AWSRequest DeleteTopicRule where
+  type
+    AWSResponse DeleteTopicRule =
+      DeleteTopicRuleResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveNull DeleteTopicRuleResponse'
+
+instance Prelude.Hashable DeleteTopicRule where
+  hashWithSalt _salt DeleteTopicRule' {..} =
+    _salt `Prelude.hashWithSalt` ruleName
+
+instance Prelude.NFData DeleteTopicRule where
+  rnf DeleteTopicRule' {..} = Prelude.rnf ruleName
+
+instance Data.ToHeaders DeleteTopicRule where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeleteTopicRule where
+  toPath DeleteTopicRule' {..} =
+    Prelude.mconcat ["/rules/", Data.toBS ruleName]
+
+instance Data.ToQuery DeleteTopicRule where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteTopicRuleResponse' smart constructor.
+data DeleteTopicRuleResponse = DeleteTopicRuleResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteTopicRuleResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newDeleteTopicRuleResponse ::
+  DeleteTopicRuleResponse
+newDeleteTopicRuleResponse = DeleteTopicRuleResponse'
+
+instance Prelude.NFData DeleteTopicRuleResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/IoT/DeleteTopicRuleDestination.hs b/gen/Amazonka/IoT/DeleteTopicRuleDestination.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteTopicRuleDestination.hs
@@ -0,0 +1,145 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteTopicRuleDestination
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes a topic rule destination.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeleteTopicRuleDestination>
+-- action.
+module Amazonka.IoT.DeleteTopicRuleDestination
+  ( -- * Creating a Request
+    DeleteTopicRuleDestination (..),
+    newDeleteTopicRuleDestination,
+
+    -- * Request Lenses
+    deleteTopicRuleDestination_arn,
+
+    -- * Destructuring the Response
+    DeleteTopicRuleDestinationResponse (..),
+    newDeleteTopicRuleDestinationResponse,
+
+    -- * Response Lenses
+    deleteTopicRuleDestinationResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDeleteTopicRuleDestination' smart constructor.
+data DeleteTopicRuleDestination = DeleteTopicRuleDestination'
+  { -- | The ARN of the topic rule destination to delete.
+    arn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteTopicRuleDestination' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'arn', 'deleteTopicRuleDestination_arn' - The ARN of the topic rule destination to delete.
+newDeleteTopicRuleDestination ::
+  -- | 'arn'
+  Prelude.Text ->
+  DeleteTopicRuleDestination
+newDeleteTopicRuleDestination pArn_ =
+  DeleteTopicRuleDestination' {arn = pArn_}
+
+-- | The ARN of the topic rule destination to delete.
+deleteTopicRuleDestination_arn :: Lens.Lens' DeleteTopicRuleDestination Prelude.Text
+deleteTopicRuleDestination_arn = Lens.lens (\DeleteTopicRuleDestination' {arn} -> arn) (\s@DeleteTopicRuleDestination' {} a -> s {arn = a} :: DeleteTopicRuleDestination)
+
+instance Core.AWSRequest DeleteTopicRuleDestination where
+  type
+    AWSResponse DeleteTopicRuleDestination =
+      DeleteTopicRuleDestinationResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteTopicRuleDestinationResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteTopicRuleDestination where
+  hashWithSalt _salt DeleteTopicRuleDestination' {..} =
+    _salt `Prelude.hashWithSalt` arn
+
+instance Prelude.NFData DeleteTopicRuleDestination where
+  rnf DeleteTopicRuleDestination' {..} = Prelude.rnf arn
+
+instance Data.ToHeaders DeleteTopicRuleDestination where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeleteTopicRuleDestination where
+  toPath DeleteTopicRuleDestination' {..} =
+    Prelude.mconcat ["/destinations/", Data.toBS arn]
+
+instance Data.ToQuery DeleteTopicRuleDestination where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteTopicRuleDestinationResponse' smart constructor.
+data DeleteTopicRuleDestinationResponse = DeleteTopicRuleDestinationResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteTopicRuleDestinationResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteTopicRuleDestinationResponse_httpStatus' - The response's http status code.
+newDeleteTopicRuleDestinationResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteTopicRuleDestinationResponse
+newDeleteTopicRuleDestinationResponse pHttpStatus_ =
+  DeleteTopicRuleDestinationResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+deleteTopicRuleDestinationResponse_httpStatus :: Lens.Lens' DeleteTopicRuleDestinationResponse Prelude.Int
+deleteTopicRuleDestinationResponse_httpStatus = Lens.lens (\DeleteTopicRuleDestinationResponse' {httpStatus} -> httpStatus) (\s@DeleteTopicRuleDestinationResponse' {} a -> s {httpStatus = a} :: DeleteTopicRuleDestinationResponse)
+
+instance
+  Prelude.NFData
+    DeleteTopicRuleDestinationResponse
+  where
+  rnf DeleteTopicRuleDestinationResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DeleteV2LoggingLevel.hs b/gen/Amazonka/IoT/DeleteV2LoggingLevel.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeleteV2LoggingLevel.hs
@@ -0,0 +1,143 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeleteV2LoggingLevel
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes a logging level.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeleteV2LoggingLevel>
+-- action.
+module Amazonka.IoT.DeleteV2LoggingLevel
+  ( -- * Creating a Request
+    DeleteV2LoggingLevel (..),
+    newDeleteV2LoggingLevel,
+
+    -- * Request Lenses
+    deleteV2LoggingLevel_targetType,
+    deleteV2LoggingLevel_targetName,
+
+    -- * Destructuring the Response
+    DeleteV2LoggingLevelResponse (..),
+    newDeleteV2LoggingLevelResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDeleteV2LoggingLevel' smart constructor.
+data DeleteV2LoggingLevel = DeleteV2LoggingLevel'
+  { -- | The type of resource for which you are configuring logging. Must be
+    -- @THING_Group@.
+    targetType :: LogTargetType,
+    -- | The name of the resource for which you are configuring logging.
+    targetName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteV2LoggingLevel' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'targetType', 'deleteV2LoggingLevel_targetType' - The type of resource for which you are configuring logging. Must be
+-- @THING_Group@.
+--
+-- 'targetName', 'deleteV2LoggingLevel_targetName' - The name of the resource for which you are configuring logging.
+newDeleteV2LoggingLevel ::
+  -- | 'targetType'
+  LogTargetType ->
+  -- | 'targetName'
+  Prelude.Text ->
+  DeleteV2LoggingLevel
+newDeleteV2LoggingLevel pTargetType_ pTargetName_ =
+  DeleteV2LoggingLevel'
+    { targetType = pTargetType_,
+      targetName = pTargetName_
+    }
+
+-- | The type of resource for which you are configuring logging. Must be
+-- @THING_Group@.
+deleteV2LoggingLevel_targetType :: Lens.Lens' DeleteV2LoggingLevel LogTargetType
+deleteV2LoggingLevel_targetType = Lens.lens (\DeleteV2LoggingLevel' {targetType} -> targetType) (\s@DeleteV2LoggingLevel' {} a -> s {targetType = a} :: DeleteV2LoggingLevel)
+
+-- | The name of the resource for which you are configuring logging.
+deleteV2LoggingLevel_targetName :: Lens.Lens' DeleteV2LoggingLevel Prelude.Text
+deleteV2LoggingLevel_targetName = Lens.lens (\DeleteV2LoggingLevel' {targetName} -> targetName) (\s@DeleteV2LoggingLevel' {} a -> s {targetName = a} :: DeleteV2LoggingLevel)
+
+instance Core.AWSRequest DeleteV2LoggingLevel where
+  type
+    AWSResponse DeleteV2LoggingLevel =
+      DeleteV2LoggingLevelResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveNull DeleteV2LoggingLevelResponse'
+
+instance Prelude.Hashable DeleteV2LoggingLevel where
+  hashWithSalt _salt DeleteV2LoggingLevel' {..} =
+    _salt
+      `Prelude.hashWithSalt` targetType
+      `Prelude.hashWithSalt` targetName
+
+instance Prelude.NFData DeleteV2LoggingLevel where
+  rnf DeleteV2LoggingLevel' {..} =
+    Prelude.rnf targetType
+      `Prelude.seq` Prelude.rnf targetName
+
+instance Data.ToHeaders DeleteV2LoggingLevel where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DeleteV2LoggingLevel where
+  toPath = Prelude.const "/v2LoggingLevel"
+
+instance Data.ToQuery DeleteV2LoggingLevel where
+  toQuery DeleteV2LoggingLevel' {..} =
+    Prelude.mconcat
+      [ "targetType" Data.=: targetType,
+        "targetName" Data.=: targetName
+      ]
+
+-- | /See:/ 'newDeleteV2LoggingLevelResponse' smart constructor.
+data DeleteV2LoggingLevelResponse = DeleteV2LoggingLevelResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteV2LoggingLevelResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newDeleteV2LoggingLevelResponse ::
+  DeleteV2LoggingLevelResponse
+newDeleteV2LoggingLevelResponse =
+  DeleteV2LoggingLevelResponse'
+
+instance Prelude.NFData DeleteV2LoggingLevelResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/IoT/DeprecateThingType.hs b/gen/Amazonka/IoT/DeprecateThingType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DeprecateThingType.hs
@@ -0,0 +1,183 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DeprecateThingType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deprecates a thing type. You can not associate new things with
+-- deprecated thing type.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DeprecateThingType>
+-- action.
+module Amazonka.IoT.DeprecateThingType
+  ( -- * Creating a Request
+    DeprecateThingType (..),
+    newDeprecateThingType,
+
+    -- * Request Lenses
+    deprecateThingType_undoDeprecate,
+    deprecateThingType_thingTypeName,
+
+    -- * Destructuring the Response
+    DeprecateThingTypeResponse (..),
+    newDeprecateThingTypeResponse,
+
+    -- * Response Lenses
+    deprecateThingTypeResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the DeprecateThingType operation.
+--
+-- /See:/ 'newDeprecateThingType' smart constructor.
+data DeprecateThingType = DeprecateThingType'
+  { -- | Whether to undeprecate a deprecated thing type. If __true__, the thing
+    -- type will not be deprecated anymore and you can associate it with
+    -- things.
+    undoDeprecate :: Prelude.Maybe Prelude.Bool,
+    -- | The name of the thing type to deprecate.
+    thingTypeName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeprecateThingType' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'undoDeprecate', 'deprecateThingType_undoDeprecate' - Whether to undeprecate a deprecated thing type. If __true__, the thing
+-- type will not be deprecated anymore and you can associate it with
+-- things.
+--
+-- 'thingTypeName', 'deprecateThingType_thingTypeName' - The name of the thing type to deprecate.
+newDeprecateThingType ::
+  -- | 'thingTypeName'
+  Prelude.Text ->
+  DeprecateThingType
+newDeprecateThingType pThingTypeName_ =
+  DeprecateThingType'
+    { undoDeprecate =
+        Prelude.Nothing,
+      thingTypeName = pThingTypeName_
+    }
+
+-- | Whether to undeprecate a deprecated thing type. If __true__, the thing
+-- type will not be deprecated anymore and you can associate it with
+-- things.
+deprecateThingType_undoDeprecate :: Lens.Lens' DeprecateThingType (Prelude.Maybe Prelude.Bool)
+deprecateThingType_undoDeprecate = Lens.lens (\DeprecateThingType' {undoDeprecate} -> undoDeprecate) (\s@DeprecateThingType' {} a -> s {undoDeprecate = a} :: DeprecateThingType)
+
+-- | The name of the thing type to deprecate.
+deprecateThingType_thingTypeName :: Lens.Lens' DeprecateThingType Prelude.Text
+deprecateThingType_thingTypeName = Lens.lens (\DeprecateThingType' {thingTypeName} -> thingTypeName) (\s@DeprecateThingType' {} a -> s {thingTypeName = a} :: DeprecateThingType)
+
+instance Core.AWSRequest DeprecateThingType where
+  type
+    AWSResponse DeprecateThingType =
+      DeprecateThingTypeResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeprecateThingTypeResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeprecateThingType where
+  hashWithSalt _salt DeprecateThingType' {..} =
+    _salt
+      `Prelude.hashWithSalt` undoDeprecate
+      `Prelude.hashWithSalt` thingTypeName
+
+instance Prelude.NFData DeprecateThingType where
+  rnf DeprecateThingType' {..} =
+    Prelude.rnf undoDeprecate
+      `Prelude.seq` Prelude.rnf thingTypeName
+
+instance Data.ToHeaders DeprecateThingType where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON DeprecateThingType where
+  toJSON DeprecateThingType' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("undoDeprecate" Data..=)
+              Prelude.<$> undoDeprecate
+          ]
+      )
+
+instance Data.ToPath DeprecateThingType where
+  toPath DeprecateThingType' {..} =
+    Prelude.mconcat
+      [ "/thing-types/",
+        Data.toBS thingTypeName,
+        "/deprecate"
+      ]
+
+instance Data.ToQuery DeprecateThingType where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | The output for the DeprecateThingType operation.
+--
+-- /See:/ 'newDeprecateThingTypeResponse' smart constructor.
+data DeprecateThingTypeResponse = DeprecateThingTypeResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeprecateThingTypeResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deprecateThingTypeResponse_httpStatus' - The response's http status code.
+newDeprecateThingTypeResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeprecateThingTypeResponse
+newDeprecateThingTypeResponse pHttpStatus_ =
+  DeprecateThingTypeResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+deprecateThingTypeResponse_httpStatus :: Lens.Lens' DeprecateThingTypeResponse Prelude.Int
+deprecateThingTypeResponse_httpStatus = Lens.lens (\DeprecateThingTypeResponse' {httpStatus} -> httpStatus) (\s@DeprecateThingTypeResponse' {} a -> s {httpStatus = a} :: DeprecateThingTypeResponse)
+
+instance Prelude.NFData DeprecateThingTypeResponse where
+  rnf DeprecateThingTypeResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeAccountAuditConfiguration.hs b/gen/Amazonka/IoT/DescribeAccountAuditConfiguration.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeAccountAuditConfiguration.hs
@@ -0,0 +1,211 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeAccountAuditConfiguration
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets information about the Device Defender audit settings for this
+-- account. Settings include how audit notifications are sent and which
+-- audit checks are enabled or disabled.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeAccountAuditConfiguration>
+-- action.
+module Amazonka.IoT.DescribeAccountAuditConfiguration
+  ( -- * Creating a Request
+    DescribeAccountAuditConfiguration (..),
+    newDescribeAccountAuditConfiguration,
+
+    -- * Destructuring the Response
+    DescribeAccountAuditConfigurationResponse (..),
+    newDescribeAccountAuditConfigurationResponse,
+
+    -- * Response Lenses
+    describeAccountAuditConfigurationResponse_auditCheckConfigurations,
+    describeAccountAuditConfigurationResponse_auditNotificationTargetConfigurations,
+    describeAccountAuditConfigurationResponse_roleArn,
+    describeAccountAuditConfigurationResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDescribeAccountAuditConfiguration' smart constructor.
+data DescribeAccountAuditConfiguration = DescribeAccountAuditConfiguration'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeAccountAuditConfiguration' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newDescribeAccountAuditConfiguration ::
+  DescribeAccountAuditConfiguration
+newDescribeAccountAuditConfiguration =
+  DescribeAccountAuditConfiguration'
+
+instance
+  Core.AWSRequest
+    DescribeAccountAuditConfiguration
+  where
+  type
+    AWSResponse DescribeAccountAuditConfiguration =
+      DescribeAccountAuditConfigurationResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeAccountAuditConfigurationResponse'
+            Prelude.<$> ( x
+                            Data..?> "auditCheckConfigurations"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> ( x
+                            Data..?> "auditNotificationTargetConfigurations"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (x Data..?> "roleArn")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    DescribeAccountAuditConfiguration
+  where
+  hashWithSalt _salt _ =
+    _salt `Prelude.hashWithSalt` ()
+
+instance
+  Prelude.NFData
+    DescribeAccountAuditConfiguration
+  where
+  rnf _ = ()
+
+instance
+  Data.ToHeaders
+    DescribeAccountAuditConfiguration
+  where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance
+  Data.ToPath
+    DescribeAccountAuditConfiguration
+  where
+  toPath = Prelude.const "/audit/configuration"
+
+instance
+  Data.ToQuery
+    DescribeAccountAuditConfiguration
+  where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeAccountAuditConfigurationResponse' smart constructor.
+data DescribeAccountAuditConfigurationResponse = DescribeAccountAuditConfigurationResponse'
+  { -- | Which audit checks are enabled and disabled for this account.
+    auditCheckConfigurations :: Prelude.Maybe (Prelude.HashMap Prelude.Text AuditCheckConfiguration),
+    -- | Information about the targets to which audit notifications are sent for
+    -- this account.
+    auditNotificationTargetConfigurations :: Prelude.Maybe (Prelude.HashMap AuditNotificationType AuditNotificationTarget),
+    -- | The ARN of the role that grants permission to IoT to access information
+    -- about your devices, policies, certificates, and other items as required
+    -- when performing an audit.
+    --
+    -- On the first call to @UpdateAccountAuditConfiguration@, this parameter
+    -- is required.
+    roleArn :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeAccountAuditConfigurationResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'auditCheckConfigurations', 'describeAccountAuditConfigurationResponse_auditCheckConfigurations' - Which audit checks are enabled and disabled for this account.
+--
+-- 'auditNotificationTargetConfigurations', 'describeAccountAuditConfigurationResponse_auditNotificationTargetConfigurations' - Information about the targets to which audit notifications are sent for
+-- this account.
+--
+-- 'roleArn', 'describeAccountAuditConfigurationResponse_roleArn' - The ARN of the role that grants permission to IoT to access information
+-- about your devices, policies, certificates, and other items as required
+-- when performing an audit.
+--
+-- On the first call to @UpdateAccountAuditConfiguration@, this parameter
+-- is required.
+--
+-- 'httpStatus', 'describeAccountAuditConfigurationResponse_httpStatus' - The response's http status code.
+newDescribeAccountAuditConfigurationResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeAccountAuditConfigurationResponse
+newDescribeAccountAuditConfigurationResponse
+  pHttpStatus_ =
+    DescribeAccountAuditConfigurationResponse'
+      { auditCheckConfigurations =
+          Prelude.Nothing,
+        auditNotificationTargetConfigurations =
+          Prelude.Nothing,
+        roleArn = Prelude.Nothing,
+        httpStatus = pHttpStatus_
+      }
+
+-- | Which audit checks are enabled and disabled for this account.
+describeAccountAuditConfigurationResponse_auditCheckConfigurations :: Lens.Lens' DescribeAccountAuditConfigurationResponse (Prelude.Maybe (Prelude.HashMap Prelude.Text AuditCheckConfiguration))
+describeAccountAuditConfigurationResponse_auditCheckConfigurations = Lens.lens (\DescribeAccountAuditConfigurationResponse' {auditCheckConfigurations} -> auditCheckConfigurations) (\s@DescribeAccountAuditConfigurationResponse' {} a -> s {auditCheckConfigurations = a} :: DescribeAccountAuditConfigurationResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | Information about the targets to which audit notifications are sent for
+-- this account.
+describeAccountAuditConfigurationResponse_auditNotificationTargetConfigurations :: Lens.Lens' DescribeAccountAuditConfigurationResponse (Prelude.Maybe (Prelude.HashMap AuditNotificationType AuditNotificationTarget))
+describeAccountAuditConfigurationResponse_auditNotificationTargetConfigurations = Lens.lens (\DescribeAccountAuditConfigurationResponse' {auditNotificationTargetConfigurations} -> auditNotificationTargetConfigurations) (\s@DescribeAccountAuditConfigurationResponse' {} a -> s {auditNotificationTargetConfigurations = a} :: DescribeAccountAuditConfigurationResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The ARN of the role that grants permission to IoT to access information
+-- about your devices, policies, certificates, and other items as required
+-- when performing an audit.
+--
+-- On the first call to @UpdateAccountAuditConfiguration@, this parameter
+-- is required.
+describeAccountAuditConfigurationResponse_roleArn :: Lens.Lens' DescribeAccountAuditConfigurationResponse (Prelude.Maybe Prelude.Text)
+describeAccountAuditConfigurationResponse_roleArn = Lens.lens (\DescribeAccountAuditConfigurationResponse' {roleArn} -> roleArn) (\s@DescribeAccountAuditConfigurationResponse' {} a -> s {roleArn = a} :: DescribeAccountAuditConfigurationResponse)
+
+-- | The response's http status code.
+describeAccountAuditConfigurationResponse_httpStatus :: Lens.Lens' DescribeAccountAuditConfigurationResponse Prelude.Int
+describeAccountAuditConfigurationResponse_httpStatus = Lens.lens (\DescribeAccountAuditConfigurationResponse' {httpStatus} -> httpStatus) (\s@DescribeAccountAuditConfigurationResponse' {} a -> s {httpStatus = a} :: DescribeAccountAuditConfigurationResponse)
+
+instance
+  Prelude.NFData
+    DescribeAccountAuditConfigurationResponse
+  where
+  rnf DescribeAccountAuditConfigurationResponse' {..} =
+    Prelude.rnf auditCheckConfigurations
+      `Prelude.seq` Prelude.rnf auditNotificationTargetConfigurations
+      `Prelude.seq` Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeAuditFinding.hs b/gen/Amazonka/IoT/DescribeAuditFinding.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeAuditFinding.hs
@@ -0,0 +1,159 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeAuditFinding
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets information about a single audit finding. Properties include the
+-- reason for noncompliance, the severity of the issue, and the start time
+-- when the audit that returned the finding.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeAuditFinding>
+-- action.
+module Amazonka.IoT.DescribeAuditFinding
+  ( -- * Creating a Request
+    DescribeAuditFinding (..),
+    newDescribeAuditFinding,
+
+    -- * Request Lenses
+    describeAuditFinding_findingId,
+
+    -- * Destructuring the Response
+    DescribeAuditFindingResponse (..),
+    newDescribeAuditFindingResponse,
+
+    -- * Response Lenses
+    describeAuditFindingResponse_finding,
+    describeAuditFindingResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDescribeAuditFinding' smart constructor.
+data DescribeAuditFinding = DescribeAuditFinding'
+  { -- | A unique identifier for a single audit finding. You can use this
+    -- identifier to apply mitigation actions to the finding.
+    findingId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeAuditFinding' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'findingId', 'describeAuditFinding_findingId' - A unique identifier for a single audit finding. You can use this
+-- identifier to apply mitigation actions to the finding.
+newDescribeAuditFinding ::
+  -- | 'findingId'
+  Prelude.Text ->
+  DescribeAuditFinding
+newDescribeAuditFinding pFindingId_ =
+  DescribeAuditFinding' {findingId = pFindingId_}
+
+-- | A unique identifier for a single audit finding. You can use this
+-- identifier to apply mitigation actions to the finding.
+describeAuditFinding_findingId :: Lens.Lens' DescribeAuditFinding Prelude.Text
+describeAuditFinding_findingId = Lens.lens (\DescribeAuditFinding' {findingId} -> findingId) (\s@DescribeAuditFinding' {} a -> s {findingId = a} :: DescribeAuditFinding)
+
+instance Core.AWSRequest DescribeAuditFinding where
+  type
+    AWSResponse DescribeAuditFinding =
+      DescribeAuditFindingResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeAuditFindingResponse'
+            Prelude.<$> (x Data..?> "finding")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DescribeAuditFinding where
+  hashWithSalt _salt DescribeAuditFinding' {..} =
+    _salt `Prelude.hashWithSalt` findingId
+
+instance Prelude.NFData DescribeAuditFinding where
+  rnf DescribeAuditFinding' {..} = Prelude.rnf findingId
+
+instance Data.ToHeaders DescribeAuditFinding where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DescribeAuditFinding where
+  toPath DescribeAuditFinding' {..} =
+    Prelude.mconcat
+      ["/audit/findings/", Data.toBS findingId]
+
+instance Data.ToQuery DescribeAuditFinding where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeAuditFindingResponse' smart constructor.
+data DescribeAuditFindingResponse = DescribeAuditFindingResponse'
+  { finding :: Prelude.Maybe AuditFinding,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeAuditFindingResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'finding', 'describeAuditFindingResponse_finding' - Undocumented member.
+--
+-- 'httpStatus', 'describeAuditFindingResponse_httpStatus' - The response's http status code.
+newDescribeAuditFindingResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeAuditFindingResponse
+newDescribeAuditFindingResponse pHttpStatus_ =
+  DescribeAuditFindingResponse'
+    { finding =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | Undocumented member.
+describeAuditFindingResponse_finding :: Lens.Lens' DescribeAuditFindingResponse (Prelude.Maybe AuditFinding)
+describeAuditFindingResponse_finding = Lens.lens (\DescribeAuditFindingResponse' {finding} -> finding) (\s@DescribeAuditFindingResponse' {} a -> s {finding = a} :: DescribeAuditFindingResponse)
+
+-- | The response's http status code.
+describeAuditFindingResponse_httpStatus :: Lens.Lens' DescribeAuditFindingResponse Prelude.Int
+describeAuditFindingResponse_httpStatus = Lens.lens (\DescribeAuditFindingResponse' {httpStatus} -> httpStatus) (\s@DescribeAuditFindingResponse' {} a -> s {httpStatus = a} :: DescribeAuditFindingResponse)
+
+instance Prelude.NFData DescribeAuditFindingResponse where
+  rnf DescribeAuditFindingResponse' {..} =
+    Prelude.rnf finding
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeAuditMitigationActionsTask.hs b/gen/Amazonka/IoT/DescribeAuditMitigationActionsTask.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeAuditMitigationActionsTask.hs
@@ -0,0 +1,274 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeAuditMitigationActionsTask
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets information about an audit mitigation task that is used to apply
+-- mitigation actions to a set of audit findings. Properties include the
+-- actions being applied, the audit checks to which they\'re being applied,
+-- the task status, and aggregated task statistics.
+module Amazonka.IoT.DescribeAuditMitigationActionsTask
+  ( -- * Creating a Request
+    DescribeAuditMitigationActionsTask (..),
+    newDescribeAuditMitigationActionsTask,
+
+    -- * Request Lenses
+    describeAuditMitigationActionsTask_taskId,
+
+    -- * Destructuring the Response
+    DescribeAuditMitigationActionsTaskResponse (..),
+    newDescribeAuditMitigationActionsTaskResponse,
+
+    -- * Response Lenses
+    describeAuditMitigationActionsTaskResponse_actionsDefinition,
+    describeAuditMitigationActionsTaskResponse_auditCheckToActionsMapping,
+    describeAuditMitigationActionsTaskResponse_endTime,
+    describeAuditMitigationActionsTaskResponse_startTime,
+    describeAuditMitigationActionsTaskResponse_target,
+    describeAuditMitigationActionsTaskResponse_taskStatistics,
+    describeAuditMitigationActionsTaskResponse_taskStatus,
+    describeAuditMitigationActionsTaskResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDescribeAuditMitigationActionsTask' smart constructor.
+data DescribeAuditMitigationActionsTask = DescribeAuditMitigationActionsTask'
+  { -- | The unique identifier for the audit mitigation task.
+    taskId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeAuditMitigationActionsTask' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'taskId', 'describeAuditMitigationActionsTask_taskId' - The unique identifier for the audit mitigation task.
+newDescribeAuditMitigationActionsTask ::
+  -- | 'taskId'
+  Prelude.Text ->
+  DescribeAuditMitigationActionsTask
+newDescribeAuditMitigationActionsTask pTaskId_ =
+  DescribeAuditMitigationActionsTask'
+    { taskId =
+        pTaskId_
+    }
+
+-- | The unique identifier for the audit mitigation task.
+describeAuditMitigationActionsTask_taskId :: Lens.Lens' DescribeAuditMitigationActionsTask Prelude.Text
+describeAuditMitigationActionsTask_taskId = Lens.lens (\DescribeAuditMitigationActionsTask' {taskId} -> taskId) (\s@DescribeAuditMitigationActionsTask' {} a -> s {taskId = a} :: DescribeAuditMitigationActionsTask)
+
+instance
+  Core.AWSRequest
+    DescribeAuditMitigationActionsTask
+  where
+  type
+    AWSResponse DescribeAuditMitigationActionsTask =
+      DescribeAuditMitigationActionsTaskResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeAuditMitigationActionsTaskResponse'
+            Prelude.<$> ( x
+                            Data..?> "actionsDefinition"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> ( x
+                            Data..?> "auditCheckToActionsMapping"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (x Data..?> "endTime")
+            Prelude.<*> (x Data..?> "startTime")
+            Prelude.<*> (x Data..?> "target")
+            Prelude.<*> (x Data..?> "taskStatistics" Core..!@ Prelude.mempty)
+            Prelude.<*> (x Data..?> "taskStatus")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    DescribeAuditMitigationActionsTask
+  where
+  hashWithSalt
+    _salt
+    DescribeAuditMitigationActionsTask' {..} =
+      _salt `Prelude.hashWithSalt` taskId
+
+instance
+  Prelude.NFData
+    DescribeAuditMitigationActionsTask
+  where
+  rnf DescribeAuditMitigationActionsTask' {..} =
+    Prelude.rnf taskId
+
+instance
+  Data.ToHeaders
+    DescribeAuditMitigationActionsTask
+  where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance
+  Data.ToPath
+    DescribeAuditMitigationActionsTask
+  where
+  toPath DescribeAuditMitigationActionsTask' {..} =
+    Prelude.mconcat
+      ["/audit/mitigationactions/tasks/", Data.toBS taskId]
+
+instance
+  Data.ToQuery
+    DescribeAuditMitigationActionsTask
+  where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeAuditMitigationActionsTaskResponse' smart constructor.
+data DescribeAuditMitigationActionsTaskResponse = DescribeAuditMitigationActionsTaskResponse'
+  { -- | Specifies the mitigation actions and their parameters that are applied
+    -- as part of this task.
+    actionsDefinition :: Prelude.Maybe [MitigationAction],
+    -- | Specifies the mitigation actions that should be applied to specific
+    -- audit checks.
+    auditCheckToActionsMapping :: Prelude.Maybe (Prelude.HashMap Prelude.Text (Prelude.NonEmpty Prelude.Text)),
+    -- | The date and time when the task was completed or canceled.
+    endTime :: Prelude.Maybe Data.POSIX,
+    -- | The date and time when the task was started.
+    startTime :: Prelude.Maybe Data.POSIX,
+    -- | Identifies the findings to which the mitigation actions are applied.
+    -- This can be by audit checks, by audit task, or a set of findings.
+    target :: Prelude.Maybe AuditMitigationActionsTaskTarget,
+    -- | Aggregate counts of the results when the mitigation tasks were applied
+    -- to the findings for this audit mitigation actions task.
+    taskStatistics :: Prelude.Maybe (Prelude.HashMap Prelude.Text TaskStatisticsForAuditCheck),
+    -- | The current status of the task.
+    taskStatus :: Prelude.Maybe AuditMitigationActionsTaskStatus,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeAuditMitigationActionsTaskResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'actionsDefinition', 'describeAuditMitigationActionsTaskResponse_actionsDefinition' - Specifies the mitigation actions and their parameters that are applied
+-- as part of this task.
+--
+-- 'auditCheckToActionsMapping', 'describeAuditMitigationActionsTaskResponse_auditCheckToActionsMapping' - Specifies the mitigation actions that should be applied to specific
+-- audit checks.
+--
+-- 'endTime', 'describeAuditMitigationActionsTaskResponse_endTime' - The date and time when the task was completed or canceled.
+--
+-- 'startTime', 'describeAuditMitigationActionsTaskResponse_startTime' - The date and time when the task was started.
+--
+-- 'target', 'describeAuditMitigationActionsTaskResponse_target' - Identifies the findings to which the mitigation actions are applied.
+-- This can be by audit checks, by audit task, or a set of findings.
+--
+-- 'taskStatistics', 'describeAuditMitigationActionsTaskResponse_taskStatistics' - Aggregate counts of the results when the mitigation tasks were applied
+-- to the findings for this audit mitigation actions task.
+--
+-- 'taskStatus', 'describeAuditMitigationActionsTaskResponse_taskStatus' - The current status of the task.
+--
+-- 'httpStatus', 'describeAuditMitigationActionsTaskResponse_httpStatus' - The response's http status code.
+newDescribeAuditMitigationActionsTaskResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeAuditMitigationActionsTaskResponse
+newDescribeAuditMitigationActionsTaskResponse
+  pHttpStatus_ =
+    DescribeAuditMitigationActionsTaskResponse'
+      { actionsDefinition =
+          Prelude.Nothing,
+        auditCheckToActionsMapping =
+          Prelude.Nothing,
+        endTime = Prelude.Nothing,
+        startTime = Prelude.Nothing,
+        target = Prelude.Nothing,
+        taskStatistics =
+          Prelude.Nothing,
+        taskStatus = Prelude.Nothing,
+        httpStatus = pHttpStatus_
+      }
+
+-- | Specifies the mitigation actions and their parameters that are applied
+-- as part of this task.
+describeAuditMitigationActionsTaskResponse_actionsDefinition :: Lens.Lens' DescribeAuditMitigationActionsTaskResponse (Prelude.Maybe [MitigationAction])
+describeAuditMitigationActionsTaskResponse_actionsDefinition = Lens.lens (\DescribeAuditMitigationActionsTaskResponse' {actionsDefinition} -> actionsDefinition) (\s@DescribeAuditMitigationActionsTaskResponse' {} a -> s {actionsDefinition = a} :: DescribeAuditMitigationActionsTaskResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies the mitigation actions that should be applied to specific
+-- audit checks.
+describeAuditMitigationActionsTaskResponse_auditCheckToActionsMapping :: Lens.Lens' DescribeAuditMitigationActionsTaskResponse (Prelude.Maybe (Prelude.HashMap Prelude.Text (Prelude.NonEmpty Prelude.Text)))
+describeAuditMitigationActionsTaskResponse_auditCheckToActionsMapping = Lens.lens (\DescribeAuditMitigationActionsTaskResponse' {auditCheckToActionsMapping} -> auditCheckToActionsMapping) (\s@DescribeAuditMitigationActionsTaskResponse' {} a -> s {auditCheckToActionsMapping = a} :: DescribeAuditMitigationActionsTaskResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The date and time when the task was completed or canceled.
+describeAuditMitigationActionsTaskResponse_endTime :: Lens.Lens' DescribeAuditMitigationActionsTaskResponse (Prelude.Maybe Prelude.UTCTime)
+describeAuditMitigationActionsTaskResponse_endTime = Lens.lens (\DescribeAuditMitigationActionsTaskResponse' {endTime} -> endTime) (\s@DescribeAuditMitigationActionsTaskResponse' {} a -> s {endTime = a} :: DescribeAuditMitigationActionsTaskResponse) Prelude.. Lens.mapping Data._Time
+
+-- | The date and time when the task was started.
+describeAuditMitigationActionsTaskResponse_startTime :: Lens.Lens' DescribeAuditMitigationActionsTaskResponse (Prelude.Maybe Prelude.UTCTime)
+describeAuditMitigationActionsTaskResponse_startTime = Lens.lens (\DescribeAuditMitigationActionsTaskResponse' {startTime} -> startTime) (\s@DescribeAuditMitigationActionsTaskResponse' {} a -> s {startTime = a} :: DescribeAuditMitigationActionsTaskResponse) Prelude.. Lens.mapping Data._Time
+
+-- | Identifies the findings to which the mitigation actions are applied.
+-- This can be by audit checks, by audit task, or a set of findings.
+describeAuditMitigationActionsTaskResponse_target :: Lens.Lens' DescribeAuditMitigationActionsTaskResponse (Prelude.Maybe AuditMitigationActionsTaskTarget)
+describeAuditMitigationActionsTaskResponse_target = Lens.lens (\DescribeAuditMitigationActionsTaskResponse' {target} -> target) (\s@DescribeAuditMitigationActionsTaskResponse' {} a -> s {target = a} :: DescribeAuditMitigationActionsTaskResponse)
+
+-- | Aggregate counts of the results when the mitigation tasks were applied
+-- to the findings for this audit mitigation actions task.
+describeAuditMitigationActionsTaskResponse_taskStatistics :: Lens.Lens' DescribeAuditMitigationActionsTaskResponse (Prelude.Maybe (Prelude.HashMap Prelude.Text TaskStatisticsForAuditCheck))
+describeAuditMitigationActionsTaskResponse_taskStatistics = Lens.lens (\DescribeAuditMitigationActionsTaskResponse' {taskStatistics} -> taskStatistics) (\s@DescribeAuditMitigationActionsTaskResponse' {} a -> s {taskStatistics = a} :: DescribeAuditMitigationActionsTaskResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The current status of the task.
+describeAuditMitigationActionsTaskResponse_taskStatus :: Lens.Lens' DescribeAuditMitigationActionsTaskResponse (Prelude.Maybe AuditMitigationActionsTaskStatus)
+describeAuditMitigationActionsTaskResponse_taskStatus = Lens.lens (\DescribeAuditMitigationActionsTaskResponse' {taskStatus} -> taskStatus) (\s@DescribeAuditMitigationActionsTaskResponse' {} a -> s {taskStatus = a} :: DescribeAuditMitigationActionsTaskResponse)
+
+-- | The response's http status code.
+describeAuditMitigationActionsTaskResponse_httpStatus :: Lens.Lens' DescribeAuditMitigationActionsTaskResponse Prelude.Int
+describeAuditMitigationActionsTaskResponse_httpStatus = Lens.lens (\DescribeAuditMitigationActionsTaskResponse' {httpStatus} -> httpStatus) (\s@DescribeAuditMitigationActionsTaskResponse' {} a -> s {httpStatus = a} :: DescribeAuditMitigationActionsTaskResponse)
+
+instance
+  Prelude.NFData
+    DescribeAuditMitigationActionsTaskResponse
+  where
+  rnf DescribeAuditMitigationActionsTaskResponse' {..} =
+    Prelude.rnf actionsDefinition
+      `Prelude.seq` Prelude.rnf auditCheckToActionsMapping
+      `Prelude.seq` Prelude.rnf endTime
+      `Prelude.seq` Prelude.rnf startTime
+      `Prelude.seq` Prelude.rnf target
+      `Prelude.seq` Prelude.rnf taskStatistics
+      `Prelude.seq` Prelude.rnf taskStatus
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeAuditSuppression.hs b/gen/Amazonka/IoT/DescribeAuditSuppression.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeAuditSuppression.hs
@@ -0,0 +1,226 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeAuditSuppression
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets information about a Device Defender audit suppression.
+module Amazonka.IoT.DescribeAuditSuppression
+  ( -- * Creating a Request
+    DescribeAuditSuppression (..),
+    newDescribeAuditSuppression,
+
+    -- * Request Lenses
+    describeAuditSuppression_checkName,
+    describeAuditSuppression_resourceIdentifier,
+
+    -- * Destructuring the Response
+    DescribeAuditSuppressionResponse (..),
+    newDescribeAuditSuppressionResponse,
+
+    -- * Response Lenses
+    describeAuditSuppressionResponse_checkName,
+    describeAuditSuppressionResponse_description,
+    describeAuditSuppressionResponse_expirationDate,
+    describeAuditSuppressionResponse_resourceIdentifier,
+    describeAuditSuppressionResponse_suppressIndefinitely,
+    describeAuditSuppressionResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDescribeAuditSuppression' smart constructor.
+data DescribeAuditSuppression = DescribeAuditSuppression'
+  { checkName :: Prelude.Text,
+    resourceIdentifier :: ResourceIdentifier
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeAuditSuppression' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'checkName', 'describeAuditSuppression_checkName' - Undocumented member.
+--
+-- 'resourceIdentifier', 'describeAuditSuppression_resourceIdentifier' - Undocumented member.
+newDescribeAuditSuppression ::
+  -- | 'checkName'
+  Prelude.Text ->
+  -- | 'resourceIdentifier'
+  ResourceIdentifier ->
+  DescribeAuditSuppression
+newDescribeAuditSuppression
+  pCheckName_
+  pResourceIdentifier_ =
+    DescribeAuditSuppression'
+      { checkName = pCheckName_,
+        resourceIdentifier = pResourceIdentifier_
+      }
+
+-- | Undocumented member.
+describeAuditSuppression_checkName :: Lens.Lens' DescribeAuditSuppression Prelude.Text
+describeAuditSuppression_checkName = Lens.lens (\DescribeAuditSuppression' {checkName} -> checkName) (\s@DescribeAuditSuppression' {} a -> s {checkName = a} :: DescribeAuditSuppression)
+
+-- | Undocumented member.
+describeAuditSuppression_resourceIdentifier :: Lens.Lens' DescribeAuditSuppression ResourceIdentifier
+describeAuditSuppression_resourceIdentifier = Lens.lens (\DescribeAuditSuppression' {resourceIdentifier} -> resourceIdentifier) (\s@DescribeAuditSuppression' {} a -> s {resourceIdentifier = a} :: DescribeAuditSuppression)
+
+instance Core.AWSRequest DescribeAuditSuppression where
+  type
+    AWSResponse DescribeAuditSuppression =
+      DescribeAuditSuppressionResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeAuditSuppressionResponse'
+            Prelude.<$> (x Data..?> "checkName")
+            Prelude.<*> (x Data..?> "description")
+            Prelude.<*> (x Data..?> "expirationDate")
+            Prelude.<*> (x Data..?> "resourceIdentifier")
+            Prelude.<*> (x Data..?> "suppressIndefinitely")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DescribeAuditSuppression where
+  hashWithSalt _salt DescribeAuditSuppression' {..} =
+    _salt
+      `Prelude.hashWithSalt` checkName
+      `Prelude.hashWithSalt` resourceIdentifier
+
+instance Prelude.NFData DescribeAuditSuppression where
+  rnf DescribeAuditSuppression' {..} =
+    Prelude.rnf checkName
+      `Prelude.seq` Prelude.rnf resourceIdentifier
+
+instance Data.ToHeaders DescribeAuditSuppression where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON DescribeAuditSuppression where
+  toJSON DescribeAuditSuppression' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("checkName" Data..= checkName),
+            Prelude.Just
+              ("resourceIdentifier" Data..= resourceIdentifier)
+          ]
+      )
+
+instance Data.ToPath DescribeAuditSuppression where
+  toPath = Prelude.const "/audit/suppressions/describe"
+
+instance Data.ToQuery DescribeAuditSuppression where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeAuditSuppressionResponse' smart constructor.
+data DescribeAuditSuppressionResponse = DescribeAuditSuppressionResponse'
+  { checkName :: Prelude.Maybe Prelude.Text,
+    -- | The description of the audit suppression.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | The epoch timestamp in seconds at which this suppression expires.
+    expirationDate :: Prelude.Maybe Data.POSIX,
+    resourceIdentifier :: Prelude.Maybe ResourceIdentifier,
+    -- | Indicates whether a suppression should exist indefinitely or not.
+    suppressIndefinitely :: Prelude.Maybe Prelude.Bool,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeAuditSuppressionResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'checkName', 'describeAuditSuppressionResponse_checkName' - Undocumented member.
+--
+-- 'description', 'describeAuditSuppressionResponse_description' - The description of the audit suppression.
+--
+-- 'expirationDate', 'describeAuditSuppressionResponse_expirationDate' - The epoch timestamp in seconds at which this suppression expires.
+--
+-- 'resourceIdentifier', 'describeAuditSuppressionResponse_resourceIdentifier' - Undocumented member.
+--
+-- 'suppressIndefinitely', 'describeAuditSuppressionResponse_suppressIndefinitely' - Indicates whether a suppression should exist indefinitely or not.
+--
+-- 'httpStatus', 'describeAuditSuppressionResponse_httpStatus' - The response's http status code.
+newDescribeAuditSuppressionResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeAuditSuppressionResponse
+newDescribeAuditSuppressionResponse pHttpStatus_ =
+  DescribeAuditSuppressionResponse'
+    { checkName =
+        Prelude.Nothing,
+      description = Prelude.Nothing,
+      expirationDate = Prelude.Nothing,
+      resourceIdentifier = Prelude.Nothing,
+      suppressIndefinitely = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | Undocumented member.
+describeAuditSuppressionResponse_checkName :: Lens.Lens' DescribeAuditSuppressionResponse (Prelude.Maybe Prelude.Text)
+describeAuditSuppressionResponse_checkName = Lens.lens (\DescribeAuditSuppressionResponse' {checkName} -> checkName) (\s@DescribeAuditSuppressionResponse' {} a -> s {checkName = a} :: DescribeAuditSuppressionResponse)
+
+-- | The description of the audit suppression.
+describeAuditSuppressionResponse_description :: Lens.Lens' DescribeAuditSuppressionResponse (Prelude.Maybe Prelude.Text)
+describeAuditSuppressionResponse_description = Lens.lens (\DescribeAuditSuppressionResponse' {description} -> description) (\s@DescribeAuditSuppressionResponse' {} a -> s {description = a} :: DescribeAuditSuppressionResponse)
+
+-- | The epoch timestamp in seconds at which this suppression expires.
+describeAuditSuppressionResponse_expirationDate :: Lens.Lens' DescribeAuditSuppressionResponse (Prelude.Maybe Prelude.UTCTime)
+describeAuditSuppressionResponse_expirationDate = Lens.lens (\DescribeAuditSuppressionResponse' {expirationDate} -> expirationDate) (\s@DescribeAuditSuppressionResponse' {} a -> s {expirationDate = a} :: DescribeAuditSuppressionResponse) Prelude.. Lens.mapping Data._Time
+
+-- | Undocumented member.
+describeAuditSuppressionResponse_resourceIdentifier :: Lens.Lens' DescribeAuditSuppressionResponse (Prelude.Maybe ResourceIdentifier)
+describeAuditSuppressionResponse_resourceIdentifier = Lens.lens (\DescribeAuditSuppressionResponse' {resourceIdentifier} -> resourceIdentifier) (\s@DescribeAuditSuppressionResponse' {} a -> s {resourceIdentifier = a} :: DescribeAuditSuppressionResponse)
+
+-- | Indicates whether a suppression should exist indefinitely or not.
+describeAuditSuppressionResponse_suppressIndefinitely :: Lens.Lens' DescribeAuditSuppressionResponse (Prelude.Maybe Prelude.Bool)
+describeAuditSuppressionResponse_suppressIndefinitely = Lens.lens (\DescribeAuditSuppressionResponse' {suppressIndefinitely} -> suppressIndefinitely) (\s@DescribeAuditSuppressionResponse' {} a -> s {suppressIndefinitely = a} :: DescribeAuditSuppressionResponse)
+
+-- | The response's http status code.
+describeAuditSuppressionResponse_httpStatus :: Lens.Lens' DescribeAuditSuppressionResponse Prelude.Int
+describeAuditSuppressionResponse_httpStatus = Lens.lens (\DescribeAuditSuppressionResponse' {httpStatus} -> httpStatus) (\s@DescribeAuditSuppressionResponse' {} a -> s {httpStatus = a} :: DescribeAuditSuppressionResponse)
+
+instance
+  Prelude.NFData
+    DescribeAuditSuppressionResponse
+  where
+  rnf DescribeAuditSuppressionResponse' {..} =
+    Prelude.rnf checkName
+      `Prelude.seq` Prelude.rnf description
+      `Prelude.seq` Prelude.rnf expirationDate
+      `Prelude.seq` Prelude.rnf resourceIdentifier
+      `Prelude.seq` Prelude.rnf suppressIndefinitely
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeAuditTask.hs b/gen/Amazonka/IoT/DescribeAuditTask.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeAuditTask.hs
@@ -0,0 +1,220 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeAuditTask
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets information about a Device Defender audit.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeAuditTask>
+-- action.
+module Amazonka.IoT.DescribeAuditTask
+  ( -- * Creating a Request
+    DescribeAuditTask (..),
+    newDescribeAuditTask,
+
+    -- * Request Lenses
+    describeAuditTask_taskId,
+
+    -- * Destructuring the Response
+    DescribeAuditTaskResponse (..),
+    newDescribeAuditTaskResponse,
+
+    -- * Response Lenses
+    describeAuditTaskResponse_auditDetails,
+    describeAuditTaskResponse_scheduledAuditName,
+    describeAuditTaskResponse_taskStartTime,
+    describeAuditTaskResponse_taskStatistics,
+    describeAuditTaskResponse_taskStatus,
+    describeAuditTaskResponse_taskType,
+    describeAuditTaskResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDescribeAuditTask' smart constructor.
+data DescribeAuditTask = DescribeAuditTask'
+  { -- | The ID of the audit whose information you want to get.
+    taskId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeAuditTask' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'taskId', 'describeAuditTask_taskId' - The ID of the audit whose information you want to get.
+newDescribeAuditTask ::
+  -- | 'taskId'
+  Prelude.Text ->
+  DescribeAuditTask
+newDescribeAuditTask pTaskId_ =
+  DescribeAuditTask' {taskId = pTaskId_}
+
+-- | The ID of the audit whose information you want to get.
+describeAuditTask_taskId :: Lens.Lens' DescribeAuditTask Prelude.Text
+describeAuditTask_taskId = Lens.lens (\DescribeAuditTask' {taskId} -> taskId) (\s@DescribeAuditTask' {} a -> s {taskId = a} :: DescribeAuditTask)
+
+instance Core.AWSRequest DescribeAuditTask where
+  type
+    AWSResponse DescribeAuditTask =
+      DescribeAuditTaskResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeAuditTaskResponse'
+            Prelude.<$> (x Data..?> "auditDetails" Core..!@ Prelude.mempty)
+            Prelude.<*> (x Data..?> "scheduledAuditName")
+            Prelude.<*> (x Data..?> "taskStartTime")
+            Prelude.<*> (x Data..?> "taskStatistics")
+            Prelude.<*> (x Data..?> "taskStatus")
+            Prelude.<*> (x Data..?> "taskType")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DescribeAuditTask where
+  hashWithSalt _salt DescribeAuditTask' {..} =
+    _salt `Prelude.hashWithSalt` taskId
+
+instance Prelude.NFData DescribeAuditTask where
+  rnf DescribeAuditTask' {..} = Prelude.rnf taskId
+
+instance Data.ToHeaders DescribeAuditTask where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DescribeAuditTask where
+  toPath DescribeAuditTask' {..} =
+    Prelude.mconcat ["/audit/tasks/", Data.toBS taskId]
+
+instance Data.ToQuery DescribeAuditTask where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeAuditTaskResponse' smart constructor.
+data DescribeAuditTaskResponse = DescribeAuditTaskResponse'
+  { -- | Detailed information about each check performed during this audit.
+    auditDetails :: Prelude.Maybe (Prelude.HashMap Prelude.Text AuditCheckDetails),
+    -- | The name of the scheduled audit (only if the audit was a scheduled
+    -- audit).
+    scheduledAuditName :: Prelude.Maybe Prelude.Text,
+    -- | The time the audit started.
+    taskStartTime :: Prelude.Maybe Data.POSIX,
+    -- | Statistical information about the audit.
+    taskStatistics :: Prelude.Maybe TaskStatistics,
+    -- | The status of the audit: one of \"IN_PROGRESS\", \"COMPLETED\",
+    -- \"FAILED\", or \"CANCELED\".
+    taskStatus :: Prelude.Maybe AuditTaskStatus,
+    -- | The type of audit: \"ON_DEMAND_AUDIT_TASK\" or \"SCHEDULED_AUDIT_TASK\".
+    taskType :: Prelude.Maybe AuditTaskType,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeAuditTaskResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'auditDetails', 'describeAuditTaskResponse_auditDetails' - Detailed information about each check performed during this audit.
+--
+-- 'scheduledAuditName', 'describeAuditTaskResponse_scheduledAuditName' - The name of the scheduled audit (only if the audit was a scheduled
+-- audit).
+--
+-- 'taskStartTime', 'describeAuditTaskResponse_taskStartTime' - The time the audit started.
+--
+-- 'taskStatistics', 'describeAuditTaskResponse_taskStatistics' - Statistical information about the audit.
+--
+-- 'taskStatus', 'describeAuditTaskResponse_taskStatus' - The status of the audit: one of \"IN_PROGRESS\", \"COMPLETED\",
+-- \"FAILED\", or \"CANCELED\".
+--
+-- 'taskType', 'describeAuditTaskResponse_taskType' - The type of audit: \"ON_DEMAND_AUDIT_TASK\" or \"SCHEDULED_AUDIT_TASK\".
+--
+-- 'httpStatus', 'describeAuditTaskResponse_httpStatus' - The response's http status code.
+newDescribeAuditTaskResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeAuditTaskResponse
+newDescribeAuditTaskResponse pHttpStatus_ =
+  DescribeAuditTaskResponse'
+    { auditDetails =
+        Prelude.Nothing,
+      scheduledAuditName = Prelude.Nothing,
+      taskStartTime = Prelude.Nothing,
+      taskStatistics = Prelude.Nothing,
+      taskStatus = Prelude.Nothing,
+      taskType = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | Detailed information about each check performed during this audit.
+describeAuditTaskResponse_auditDetails :: Lens.Lens' DescribeAuditTaskResponse (Prelude.Maybe (Prelude.HashMap Prelude.Text AuditCheckDetails))
+describeAuditTaskResponse_auditDetails = Lens.lens (\DescribeAuditTaskResponse' {auditDetails} -> auditDetails) (\s@DescribeAuditTaskResponse' {} a -> s {auditDetails = a} :: DescribeAuditTaskResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The name of the scheduled audit (only if the audit was a scheduled
+-- audit).
+describeAuditTaskResponse_scheduledAuditName :: Lens.Lens' DescribeAuditTaskResponse (Prelude.Maybe Prelude.Text)
+describeAuditTaskResponse_scheduledAuditName = Lens.lens (\DescribeAuditTaskResponse' {scheduledAuditName} -> scheduledAuditName) (\s@DescribeAuditTaskResponse' {} a -> s {scheduledAuditName = a} :: DescribeAuditTaskResponse)
+
+-- | The time the audit started.
+describeAuditTaskResponse_taskStartTime :: Lens.Lens' DescribeAuditTaskResponse (Prelude.Maybe Prelude.UTCTime)
+describeAuditTaskResponse_taskStartTime = Lens.lens (\DescribeAuditTaskResponse' {taskStartTime} -> taskStartTime) (\s@DescribeAuditTaskResponse' {} a -> s {taskStartTime = a} :: DescribeAuditTaskResponse) Prelude.. Lens.mapping Data._Time
+
+-- | Statistical information about the audit.
+describeAuditTaskResponse_taskStatistics :: Lens.Lens' DescribeAuditTaskResponse (Prelude.Maybe TaskStatistics)
+describeAuditTaskResponse_taskStatistics = Lens.lens (\DescribeAuditTaskResponse' {taskStatistics} -> taskStatistics) (\s@DescribeAuditTaskResponse' {} a -> s {taskStatistics = a} :: DescribeAuditTaskResponse)
+
+-- | The status of the audit: one of \"IN_PROGRESS\", \"COMPLETED\",
+-- \"FAILED\", or \"CANCELED\".
+describeAuditTaskResponse_taskStatus :: Lens.Lens' DescribeAuditTaskResponse (Prelude.Maybe AuditTaskStatus)
+describeAuditTaskResponse_taskStatus = Lens.lens (\DescribeAuditTaskResponse' {taskStatus} -> taskStatus) (\s@DescribeAuditTaskResponse' {} a -> s {taskStatus = a} :: DescribeAuditTaskResponse)
+
+-- | The type of audit: \"ON_DEMAND_AUDIT_TASK\" or \"SCHEDULED_AUDIT_TASK\".
+describeAuditTaskResponse_taskType :: Lens.Lens' DescribeAuditTaskResponse (Prelude.Maybe AuditTaskType)
+describeAuditTaskResponse_taskType = Lens.lens (\DescribeAuditTaskResponse' {taskType} -> taskType) (\s@DescribeAuditTaskResponse' {} a -> s {taskType = a} :: DescribeAuditTaskResponse)
+
+-- | The response's http status code.
+describeAuditTaskResponse_httpStatus :: Lens.Lens' DescribeAuditTaskResponse Prelude.Int
+describeAuditTaskResponse_httpStatus = Lens.lens (\DescribeAuditTaskResponse' {httpStatus} -> httpStatus) (\s@DescribeAuditTaskResponse' {} a -> s {httpStatus = a} :: DescribeAuditTaskResponse)
+
+instance Prelude.NFData DescribeAuditTaskResponse where
+  rnf DescribeAuditTaskResponse' {..} =
+    Prelude.rnf auditDetails
+      `Prelude.seq` Prelude.rnf scheduledAuditName
+      `Prelude.seq` Prelude.rnf taskStartTime
+      `Prelude.seq` Prelude.rnf taskStatistics
+      `Prelude.seq` Prelude.rnf taskStatus
+      `Prelude.seq` Prelude.rnf taskType
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeAuthorizer.hs b/gen/Amazonka/IoT/DescribeAuthorizer.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeAuthorizer.hs
@@ -0,0 +1,159 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeAuthorizer
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Describes an authorizer.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeAuthorizer>
+-- action.
+module Amazonka.IoT.DescribeAuthorizer
+  ( -- * Creating a Request
+    DescribeAuthorizer (..),
+    newDescribeAuthorizer,
+
+    -- * Request Lenses
+    describeAuthorizer_authorizerName,
+
+    -- * Destructuring the Response
+    DescribeAuthorizerResponse (..),
+    newDescribeAuthorizerResponse,
+
+    -- * Response Lenses
+    describeAuthorizerResponse_authorizerDescription,
+    describeAuthorizerResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDescribeAuthorizer' smart constructor.
+data DescribeAuthorizer = DescribeAuthorizer'
+  { -- | The name of the authorizer to describe.
+    authorizerName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeAuthorizer' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'authorizerName', 'describeAuthorizer_authorizerName' - The name of the authorizer to describe.
+newDescribeAuthorizer ::
+  -- | 'authorizerName'
+  Prelude.Text ->
+  DescribeAuthorizer
+newDescribeAuthorizer pAuthorizerName_ =
+  DescribeAuthorizer'
+    { authorizerName =
+        pAuthorizerName_
+    }
+
+-- | The name of the authorizer to describe.
+describeAuthorizer_authorizerName :: Lens.Lens' DescribeAuthorizer Prelude.Text
+describeAuthorizer_authorizerName = Lens.lens (\DescribeAuthorizer' {authorizerName} -> authorizerName) (\s@DescribeAuthorizer' {} a -> s {authorizerName = a} :: DescribeAuthorizer)
+
+instance Core.AWSRequest DescribeAuthorizer where
+  type
+    AWSResponse DescribeAuthorizer =
+      DescribeAuthorizerResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeAuthorizerResponse'
+            Prelude.<$> (x Data..?> "authorizerDescription")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DescribeAuthorizer where
+  hashWithSalt _salt DescribeAuthorizer' {..} =
+    _salt `Prelude.hashWithSalt` authorizerName
+
+instance Prelude.NFData DescribeAuthorizer where
+  rnf DescribeAuthorizer' {..} =
+    Prelude.rnf authorizerName
+
+instance Data.ToHeaders DescribeAuthorizer where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DescribeAuthorizer where
+  toPath DescribeAuthorizer' {..} =
+    Prelude.mconcat
+      ["/authorizer/", Data.toBS authorizerName]
+
+instance Data.ToQuery DescribeAuthorizer where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeAuthorizerResponse' smart constructor.
+data DescribeAuthorizerResponse = DescribeAuthorizerResponse'
+  { -- | The authorizer description.
+    authorizerDescription :: Prelude.Maybe AuthorizerDescription,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeAuthorizerResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'authorizerDescription', 'describeAuthorizerResponse_authorizerDescription' - The authorizer description.
+--
+-- 'httpStatus', 'describeAuthorizerResponse_httpStatus' - The response's http status code.
+newDescribeAuthorizerResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeAuthorizerResponse
+newDescribeAuthorizerResponse pHttpStatus_ =
+  DescribeAuthorizerResponse'
+    { authorizerDescription =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The authorizer description.
+describeAuthorizerResponse_authorizerDescription :: Lens.Lens' DescribeAuthorizerResponse (Prelude.Maybe AuthorizerDescription)
+describeAuthorizerResponse_authorizerDescription = Lens.lens (\DescribeAuthorizerResponse' {authorizerDescription} -> authorizerDescription) (\s@DescribeAuthorizerResponse' {} a -> s {authorizerDescription = a} :: DescribeAuthorizerResponse)
+
+-- | The response's http status code.
+describeAuthorizerResponse_httpStatus :: Lens.Lens' DescribeAuthorizerResponse Prelude.Int
+describeAuthorizerResponse_httpStatus = Lens.lens (\DescribeAuthorizerResponse' {httpStatus} -> httpStatus) (\s@DescribeAuthorizerResponse' {} a -> s {httpStatus = a} :: DescribeAuthorizerResponse)
+
+instance Prelude.NFData DescribeAuthorizerResponse where
+  rnf DescribeAuthorizerResponse' {..} =
+    Prelude.rnf authorizerDescription
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeBillingGroup.hs b/gen/Amazonka/IoT/DescribeBillingGroup.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeBillingGroup.hs
@@ -0,0 +1,219 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeBillingGroup
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Returns information about a billing group.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeBillingGroup>
+-- action.
+module Amazonka.IoT.DescribeBillingGroup
+  ( -- * Creating a Request
+    DescribeBillingGroup (..),
+    newDescribeBillingGroup,
+
+    -- * Request Lenses
+    describeBillingGroup_billingGroupName,
+
+    -- * Destructuring the Response
+    DescribeBillingGroupResponse (..),
+    newDescribeBillingGroupResponse,
+
+    -- * Response Lenses
+    describeBillingGroupResponse_billingGroupArn,
+    describeBillingGroupResponse_billingGroupId,
+    describeBillingGroupResponse_billingGroupMetadata,
+    describeBillingGroupResponse_billingGroupName,
+    describeBillingGroupResponse_billingGroupProperties,
+    describeBillingGroupResponse_version,
+    describeBillingGroupResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDescribeBillingGroup' smart constructor.
+data DescribeBillingGroup = DescribeBillingGroup'
+  { -- | The name of the billing group.
+    billingGroupName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeBillingGroup' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'billingGroupName', 'describeBillingGroup_billingGroupName' - The name of the billing group.
+newDescribeBillingGroup ::
+  -- | 'billingGroupName'
+  Prelude.Text ->
+  DescribeBillingGroup
+newDescribeBillingGroup pBillingGroupName_ =
+  DescribeBillingGroup'
+    { billingGroupName =
+        pBillingGroupName_
+    }
+
+-- | The name of the billing group.
+describeBillingGroup_billingGroupName :: Lens.Lens' DescribeBillingGroup Prelude.Text
+describeBillingGroup_billingGroupName = Lens.lens (\DescribeBillingGroup' {billingGroupName} -> billingGroupName) (\s@DescribeBillingGroup' {} a -> s {billingGroupName = a} :: DescribeBillingGroup)
+
+instance Core.AWSRequest DescribeBillingGroup where
+  type
+    AWSResponse DescribeBillingGroup =
+      DescribeBillingGroupResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeBillingGroupResponse'
+            Prelude.<$> (x Data..?> "billingGroupArn")
+            Prelude.<*> (x Data..?> "billingGroupId")
+            Prelude.<*> (x Data..?> "billingGroupMetadata")
+            Prelude.<*> (x Data..?> "billingGroupName")
+            Prelude.<*> (x Data..?> "billingGroupProperties")
+            Prelude.<*> (x Data..?> "version")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DescribeBillingGroup where
+  hashWithSalt _salt DescribeBillingGroup' {..} =
+    _salt `Prelude.hashWithSalt` billingGroupName
+
+instance Prelude.NFData DescribeBillingGroup where
+  rnf DescribeBillingGroup' {..} =
+    Prelude.rnf billingGroupName
+
+instance Data.ToHeaders DescribeBillingGroup where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DescribeBillingGroup where
+  toPath DescribeBillingGroup' {..} =
+    Prelude.mconcat
+      ["/billing-groups/", Data.toBS billingGroupName]
+
+instance Data.ToQuery DescribeBillingGroup where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeBillingGroupResponse' smart constructor.
+data DescribeBillingGroupResponse = DescribeBillingGroupResponse'
+  { -- | The ARN of the billing group.
+    billingGroupArn :: Prelude.Maybe Prelude.Text,
+    -- | The ID of the billing group.
+    billingGroupId :: Prelude.Maybe Prelude.Text,
+    -- | Additional information about the billing group.
+    billingGroupMetadata :: Prelude.Maybe BillingGroupMetadata,
+    -- | The name of the billing group.
+    billingGroupName :: Prelude.Maybe Prelude.Text,
+    -- | The properties of the billing group.
+    billingGroupProperties :: Prelude.Maybe BillingGroupProperties,
+    -- | The version of the billing group.
+    version :: Prelude.Maybe Prelude.Integer,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeBillingGroupResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'billingGroupArn', 'describeBillingGroupResponse_billingGroupArn' - The ARN of the billing group.
+--
+-- 'billingGroupId', 'describeBillingGroupResponse_billingGroupId' - The ID of the billing group.
+--
+-- 'billingGroupMetadata', 'describeBillingGroupResponse_billingGroupMetadata' - Additional information about the billing group.
+--
+-- 'billingGroupName', 'describeBillingGroupResponse_billingGroupName' - The name of the billing group.
+--
+-- 'billingGroupProperties', 'describeBillingGroupResponse_billingGroupProperties' - The properties of the billing group.
+--
+-- 'version', 'describeBillingGroupResponse_version' - The version of the billing group.
+--
+-- 'httpStatus', 'describeBillingGroupResponse_httpStatus' - The response's http status code.
+newDescribeBillingGroupResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeBillingGroupResponse
+newDescribeBillingGroupResponse pHttpStatus_ =
+  DescribeBillingGroupResponse'
+    { billingGroupArn =
+        Prelude.Nothing,
+      billingGroupId = Prelude.Nothing,
+      billingGroupMetadata = Prelude.Nothing,
+      billingGroupName = Prelude.Nothing,
+      billingGroupProperties = Prelude.Nothing,
+      version = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The ARN of the billing group.
+describeBillingGroupResponse_billingGroupArn :: Lens.Lens' DescribeBillingGroupResponse (Prelude.Maybe Prelude.Text)
+describeBillingGroupResponse_billingGroupArn = Lens.lens (\DescribeBillingGroupResponse' {billingGroupArn} -> billingGroupArn) (\s@DescribeBillingGroupResponse' {} a -> s {billingGroupArn = a} :: DescribeBillingGroupResponse)
+
+-- | The ID of the billing group.
+describeBillingGroupResponse_billingGroupId :: Lens.Lens' DescribeBillingGroupResponse (Prelude.Maybe Prelude.Text)
+describeBillingGroupResponse_billingGroupId = Lens.lens (\DescribeBillingGroupResponse' {billingGroupId} -> billingGroupId) (\s@DescribeBillingGroupResponse' {} a -> s {billingGroupId = a} :: DescribeBillingGroupResponse)
+
+-- | Additional information about the billing group.
+describeBillingGroupResponse_billingGroupMetadata :: Lens.Lens' DescribeBillingGroupResponse (Prelude.Maybe BillingGroupMetadata)
+describeBillingGroupResponse_billingGroupMetadata = Lens.lens (\DescribeBillingGroupResponse' {billingGroupMetadata} -> billingGroupMetadata) (\s@DescribeBillingGroupResponse' {} a -> s {billingGroupMetadata = a} :: DescribeBillingGroupResponse)
+
+-- | The name of the billing group.
+describeBillingGroupResponse_billingGroupName :: Lens.Lens' DescribeBillingGroupResponse (Prelude.Maybe Prelude.Text)
+describeBillingGroupResponse_billingGroupName = Lens.lens (\DescribeBillingGroupResponse' {billingGroupName} -> billingGroupName) (\s@DescribeBillingGroupResponse' {} a -> s {billingGroupName = a} :: DescribeBillingGroupResponse)
+
+-- | The properties of the billing group.
+describeBillingGroupResponse_billingGroupProperties :: Lens.Lens' DescribeBillingGroupResponse (Prelude.Maybe BillingGroupProperties)
+describeBillingGroupResponse_billingGroupProperties = Lens.lens (\DescribeBillingGroupResponse' {billingGroupProperties} -> billingGroupProperties) (\s@DescribeBillingGroupResponse' {} a -> s {billingGroupProperties = a} :: DescribeBillingGroupResponse)
+
+-- | The version of the billing group.
+describeBillingGroupResponse_version :: Lens.Lens' DescribeBillingGroupResponse (Prelude.Maybe Prelude.Integer)
+describeBillingGroupResponse_version = Lens.lens (\DescribeBillingGroupResponse' {version} -> version) (\s@DescribeBillingGroupResponse' {} a -> s {version = a} :: DescribeBillingGroupResponse)
+
+-- | The response's http status code.
+describeBillingGroupResponse_httpStatus :: Lens.Lens' DescribeBillingGroupResponse Prelude.Int
+describeBillingGroupResponse_httpStatus = Lens.lens (\DescribeBillingGroupResponse' {httpStatus} -> httpStatus) (\s@DescribeBillingGroupResponse' {} a -> s {httpStatus = a} :: DescribeBillingGroupResponse)
+
+instance Prelude.NFData DescribeBillingGroupResponse where
+  rnf DescribeBillingGroupResponse' {..} =
+    Prelude.rnf billingGroupArn
+      `Prelude.seq` Prelude.rnf billingGroupId
+      `Prelude.seq` Prelude.rnf billingGroupMetadata
+      `Prelude.seq` Prelude.rnf billingGroupName
+      `Prelude.seq` Prelude.rnf billingGroupProperties
+      `Prelude.seq` Prelude.rnf version
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeCACertificate.hs b/gen/Amazonka/IoT/DescribeCACertificate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeCACertificate.hs
@@ -0,0 +1,175 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeCACertificate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Describes a registered CA certificate.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeCACertificate>
+-- action.
+module Amazonka.IoT.DescribeCACertificate
+  ( -- * Creating a Request
+    DescribeCACertificate (..),
+    newDescribeCACertificate,
+
+    -- * Request Lenses
+    describeCACertificate_certificateId,
+
+    -- * Destructuring the Response
+    DescribeCACertificateResponse (..),
+    newDescribeCACertificateResponse,
+
+    -- * Response Lenses
+    describeCACertificateResponse_certificateDescription,
+    describeCACertificateResponse_registrationConfig,
+    describeCACertificateResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the DescribeCACertificate operation.
+--
+-- /See:/ 'newDescribeCACertificate' smart constructor.
+data DescribeCACertificate = DescribeCACertificate'
+  { -- | The CA certificate identifier.
+    certificateId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeCACertificate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificateId', 'describeCACertificate_certificateId' - The CA certificate identifier.
+newDescribeCACertificate ::
+  -- | 'certificateId'
+  Prelude.Text ->
+  DescribeCACertificate
+newDescribeCACertificate pCertificateId_ =
+  DescribeCACertificate'
+    { certificateId =
+        pCertificateId_
+    }
+
+-- | The CA certificate identifier.
+describeCACertificate_certificateId :: Lens.Lens' DescribeCACertificate Prelude.Text
+describeCACertificate_certificateId = Lens.lens (\DescribeCACertificate' {certificateId} -> certificateId) (\s@DescribeCACertificate' {} a -> s {certificateId = a} :: DescribeCACertificate)
+
+instance Core.AWSRequest DescribeCACertificate where
+  type
+    AWSResponse DescribeCACertificate =
+      DescribeCACertificateResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeCACertificateResponse'
+            Prelude.<$> (x Data..?> "certificateDescription")
+            Prelude.<*> (x Data..?> "registrationConfig")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DescribeCACertificate where
+  hashWithSalt _salt DescribeCACertificate' {..} =
+    _salt `Prelude.hashWithSalt` certificateId
+
+instance Prelude.NFData DescribeCACertificate where
+  rnf DescribeCACertificate' {..} =
+    Prelude.rnf certificateId
+
+instance Data.ToHeaders DescribeCACertificate where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DescribeCACertificate where
+  toPath DescribeCACertificate' {..} =
+    Prelude.mconcat
+      ["/cacertificate/", Data.toBS certificateId]
+
+instance Data.ToQuery DescribeCACertificate where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | The output from the DescribeCACertificate operation.
+--
+-- /See:/ 'newDescribeCACertificateResponse' smart constructor.
+data DescribeCACertificateResponse = DescribeCACertificateResponse'
+  { -- | The CA certificate description.
+    certificateDescription :: Prelude.Maybe CACertificateDescription,
+    -- | Information about the registration configuration.
+    registrationConfig :: Prelude.Maybe RegistrationConfig,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeCACertificateResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificateDescription', 'describeCACertificateResponse_certificateDescription' - The CA certificate description.
+--
+-- 'registrationConfig', 'describeCACertificateResponse_registrationConfig' - Information about the registration configuration.
+--
+-- 'httpStatus', 'describeCACertificateResponse_httpStatus' - The response's http status code.
+newDescribeCACertificateResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeCACertificateResponse
+newDescribeCACertificateResponse pHttpStatus_ =
+  DescribeCACertificateResponse'
+    { certificateDescription =
+        Prelude.Nothing,
+      registrationConfig = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The CA certificate description.
+describeCACertificateResponse_certificateDescription :: Lens.Lens' DescribeCACertificateResponse (Prelude.Maybe CACertificateDescription)
+describeCACertificateResponse_certificateDescription = Lens.lens (\DescribeCACertificateResponse' {certificateDescription} -> certificateDescription) (\s@DescribeCACertificateResponse' {} a -> s {certificateDescription = a} :: DescribeCACertificateResponse)
+
+-- | Information about the registration configuration.
+describeCACertificateResponse_registrationConfig :: Lens.Lens' DescribeCACertificateResponse (Prelude.Maybe RegistrationConfig)
+describeCACertificateResponse_registrationConfig = Lens.lens (\DescribeCACertificateResponse' {registrationConfig} -> registrationConfig) (\s@DescribeCACertificateResponse' {} a -> s {registrationConfig = a} :: DescribeCACertificateResponse)
+
+-- | The response's http status code.
+describeCACertificateResponse_httpStatus :: Lens.Lens' DescribeCACertificateResponse Prelude.Int
+describeCACertificateResponse_httpStatus = Lens.lens (\DescribeCACertificateResponse' {httpStatus} -> httpStatus) (\s@DescribeCACertificateResponse' {} a -> s {httpStatus = a} :: DescribeCACertificateResponse)
+
+instance Prelude.NFData DescribeCACertificateResponse where
+  rnf DescribeCACertificateResponse' {..} =
+    Prelude.rnf certificateDescription
+      `Prelude.seq` Prelude.rnf registrationConfig
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeCertificate.hs b/gen/Amazonka/IoT/DescribeCertificate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeCertificate.hs
@@ -0,0 +1,166 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeCertificate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets information about the specified certificate.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeCertificate>
+-- action.
+module Amazonka.IoT.DescribeCertificate
+  ( -- * Creating a Request
+    DescribeCertificate (..),
+    newDescribeCertificate,
+
+    -- * Request Lenses
+    describeCertificate_certificateId,
+
+    -- * Destructuring the Response
+    DescribeCertificateResponse (..),
+    newDescribeCertificateResponse,
+
+    -- * Response Lenses
+    describeCertificateResponse_certificateDescription,
+    describeCertificateResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the DescribeCertificate operation.
+--
+-- /See:/ 'newDescribeCertificate' smart constructor.
+data DescribeCertificate = DescribeCertificate'
+  { -- | The ID of the certificate. (The last part of the certificate ARN
+    -- contains the certificate ID.)
+    certificateId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeCertificate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificateId', 'describeCertificate_certificateId' - The ID of the certificate. (The last part of the certificate ARN
+-- contains the certificate ID.)
+newDescribeCertificate ::
+  -- | 'certificateId'
+  Prelude.Text ->
+  DescribeCertificate
+newDescribeCertificate pCertificateId_ =
+  DescribeCertificate'
+    { certificateId =
+        pCertificateId_
+    }
+
+-- | The ID of the certificate. (The last part of the certificate ARN
+-- contains the certificate ID.)
+describeCertificate_certificateId :: Lens.Lens' DescribeCertificate Prelude.Text
+describeCertificate_certificateId = Lens.lens (\DescribeCertificate' {certificateId} -> certificateId) (\s@DescribeCertificate' {} a -> s {certificateId = a} :: DescribeCertificate)
+
+instance Core.AWSRequest DescribeCertificate where
+  type
+    AWSResponse DescribeCertificate =
+      DescribeCertificateResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeCertificateResponse'
+            Prelude.<$> (x Data..?> "certificateDescription")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DescribeCertificate where
+  hashWithSalt _salt DescribeCertificate' {..} =
+    _salt `Prelude.hashWithSalt` certificateId
+
+instance Prelude.NFData DescribeCertificate where
+  rnf DescribeCertificate' {..} =
+    Prelude.rnf certificateId
+
+instance Data.ToHeaders DescribeCertificate where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DescribeCertificate where
+  toPath DescribeCertificate' {..} =
+    Prelude.mconcat
+      ["/certificates/", Data.toBS certificateId]
+
+instance Data.ToQuery DescribeCertificate where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | The output of the DescribeCertificate operation.
+--
+-- /See:/ 'newDescribeCertificateResponse' smart constructor.
+data DescribeCertificateResponse = DescribeCertificateResponse'
+  { -- | The description of the certificate.
+    certificateDescription :: Prelude.Maybe CertificateDescription,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeCertificateResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificateDescription', 'describeCertificateResponse_certificateDescription' - The description of the certificate.
+--
+-- 'httpStatus', 'describeCertificateResponse_httpStatus' - The response's http status code.
+newDescribeCertificateResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeCertificateResponse
+newDescribeCertificateResponse pHttpStatus_ =
+  DescribeCertificateResponse'
+    { certificateDescription =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The description of the certificate.
+describeCertificateResponse_certificateDescription :: Lens.Lens' DescribeCertificateResponse (Prelude.Maybe CertificateDescription)
+describeCertificateResponse_certificateDescription = Lens.lens (\DescribeCertificateResponse' {certificateDescription} -> certificateDescription) (\s@DescribeCertificateResponse' {} a -> s {certificateDescription = a} :: DescribeCertificateResponse)
+
+-- | The response's http status code.
+describeCertificateResponse_httpStatus :: Lens.Lens' DescribeCertificateResponse Prelude.Int
+describeCertificateResponse_httpStatus = Lens.lens (\DescribeCertificateResponse' {httpStatus} -> httpStatus) (\s@DescribeCertificateResponse' {} a -> s {httpStatus = a} :: DescribeCertificateResponse)
+
+instance Prelude.NFData DescribeCertificateResponse where
+  rnf DescribeCertificateResponse' {..} =
+    Prelude.rnf certificateDescription
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeCustomMetric.hs b/gen/Amazonka/IoT/DescribeCustomMetric.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeCustomMetric.hs
@@ -0,0 +1,237 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeCustomMetric
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets information about a Device Defender detect custom metric.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeCustomMetric>
+-- action.
+module Amazonka.IoT.DescribeCustomMetric
+  ( -- * Creating a Request
+    DescribeCustomMetric (..),
+    newDescribeCustomMetric,
+
+    -- * Request Lenses
+    describeCustomMetric_metricName,
+
+    -- * Destructuring the Response
+    DescribeCustomMetricResponse (..),
+    newDescribeCustomMetricResponse,
+
+    -- * Response Lenses
+    describeCustomMetricResponse_creationDate,
+    describeCustomMetricResponse_displayName,
+    describeCustomMetricResponse_lastModifiedDate,
+    describeCustomMetricResponse_metricArn,
+    describeCustomMetricResponse_metricName,
+    describeCustomMetricResponse_metricType,
+    describeCustomMetricResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDescribeCustomMetric' smart constructor.
+data DescribeCustomMetric = DescribeCustomMetric'
+  { -- | The name of the custom metric.
+    metricName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeCustomMetric' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'metricName', 'describeCustomMetric_metricName' - The name of the custom metric.
+newDescribeCustomMetric ::
+  -- | 'metricName'
+  Prelude.Text ->
+  DescribeCustomMetric
+newDescribeCustomMetric pMetricName_ =
+  DescribeCustomMetric' {metricName = pMetricName_}
+
+-- | The name of the custom metric.
+describeCustomMetric_metricName :: Lens.Lens' DescribeCustomMetric Prelude.Text
+describeCustomMetric_metricName = Lens.lens (\DescribeCustomMetric' {metricName} -> metricName) (\s@DescribeCustomMetric' {} a -> s {metricName = a} :: DescribeCustomMetric)
+
+instance Core.AWSRequest DescribeCustomMetric where
+  type
+    AWSResponse DescribeCustomMetric =
+      DescribeCustomMetricResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeCustomMetricResponse'
+            Prelude.<$> (x Data..?> "creationDate")
+            Prelude.<*> (x Data..?> "displayName")
+            Prelude.<*> (x Data..?> "lastModifiedDate")
+            Prelude.<*> (x Data..?> "metricArn")
+            Prelude.<*> (x Data..?> "metricName")
+            Prelude.<*> (x Data..?> "metricType")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DescribeCustomMetric where
+  hashWithSalt _salt DescribeCustomMetric' {..} =
+    _salt `Prelude.hashWithSalt` metricName
+
+instance Prelude.NFData DescribeCustomMetric where
+  rnf DescribeCustomMetric' {..} =
+    Prelude.rnf metricName
+
+instance Data.ToHeaders DescribeCustomMetric where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DescribeCustomMetric where
+  toPath DescribeCustomMetric' {..} =
+    Prelude.mconcat
+      ["/custom-metric/", Data.toBS metricName]
+
+instance Data.ToQuery DescribeCustomMetric where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeCustomMetricResponse' smart constructor.
+data DescribeCustomMetricResponse = DescribeCustomMetricResponse'
+  { -- | The creation date of the custom metric in milliseconds since epoch.
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | Field represents a friendly name in the console for the custom metric;
+    -- doesn\'t have to be unique. Don\'t use this name as the metric
+    -- identifier in the device metric report. Can be updated.
+    displayName :: Prelude.Maybe Prelude.Text,
+    -- | The time the custom metric was last modified in milliseconds since
+    -- epoch.
+    lastModifiedDate :: Prelude.Maybe Data.POSIX,
+    -- | The Amazon Resource Number (ARN) of the custom metric.
+    metricArn :: Prelude.Maybe Prelude.Text,
+    -- | The name of the custom metric.
+    metricName :: Prelude.Maybe Prelude.Text,
+    -- | The type of the custom metric.
+    --
+    -- The type @number@ only takes a single metric value as an input, but
+    -- while submitting the metrics value in the DeviceMetrics report, it must
+    -- be passed as an array with a single value.
+    metricType :: Prelude.Maybe CustomMetricType,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeCustomMetricResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'creationDate', 'describeCustomMetricResponse_creationDate' - The creation date of the custom metric in milliseconds since epoch.
+--
+-- 'displayName', 'describeCustomMetricResponse_displayName' - Field represents a friendly name in the console for the custom metric;
+-- doesn\'t have to be unique. Don\'t use this name as the metric
+-- identifier in the device metric report. Can be updated.
+--
+-- 'lastModifiedDate', 'describeCustomMetricResponse_lastModifiedDate' - The time the custom metric was last modified in milliseconds since
+-- epoch.
+--
+-- 'metricArn', 'describeCustomMetricResponse_metricArn' - The Amazon Resource Number (ARN) of the custom metric.
+--
+-- 'metricName', 'describeCustomMetricResponse_metricName' - The name of the custom metric.
+--
+-- 'metricType', 'describeCustomMetricResponse_metricType' - The type of the custom metric.
+--
+-- The type @number@ only takes a single metric value as an input, but
+-- while submitting the metrics value in the DeviceMetrics report, it must
+-- be passed as an array with a single value.
+--
+-- 'httpStatus', 'describeCustomMetricResponse_httpStatus' - The response's http status code.
+newDescribeCustomMetricResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeCustomMetricResponse
+newDescribeCustomMetricResponse pHttpStatus_ =
+  DescribeCustomMetricResponse'
+    { creationDate =
+        Prelude.Nothing,
+      displayName = Prelude.Nothing,
+      lastModifiedDate = Prelude.Nothing,
+      metricArn = Prelude.Nothing,
+      metricName = Prelude.Nothing,
+      metricType = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The creation date of the custom metric in milliseconds since epoch.
+describeCustomMetricResponse_creationDate :: Lens.Lens' DescribeCustomMetricResponse (Prelude.Maybe Prelude.UTCTime)
+describeCustomMetricResponse_creationDate = Lens.lens (\DescribeCustomMetricResponse' {creationDate} -> creationDate) (\s@DescribeCustomMetricResponse' {} a -> s {creationDate = a} :: DescribeCustomMetricResponse) Prelude.. Lens.mapping Data._Time
+
+-- | Field represents a friendly name in the console for the custom metric;
+-- doesn\'t have to be unique. Don\'t use this name as the metric
+-- identifier in the device metric report. Can be updated.
+describeCustomMetricResponse_displayName :: Lens.Lens' DescribeCustomMetricResponse (Prelude.Maybe Prelude.Text)
+describeCustomMetricResponse_displayName = Lens.lens (\DescribeCustomMetricResponse' {displayName} -> displayName) (\s@DescribeCustomMetricResponse' {} a -> s {displayName = a} :: DescribeCustomMetricResponse)
+
+-- | The time the custom metric was last modified in milliseconds since
+-- epoch.
+describeCustomMetricResponse_lastModifiedDate :: Lens.Lens' DescribeCustomMetricResponse (Prelude.Maybe Prelude.UTCTime)
+describeCustomMetricResponse_lastModifiedDate = Lens.lens (\DescribeCustomMetricResponse' {lastModifiedDate} -> lastModifiedDate) (\s@DescribeCustomMetricResponse' {} a -> s {lastModifiedDate = a} :: DescribeCustomMetricResponse) Prelude.. Lens.mapping Data._Time
+
+-- | The Amazon Resource Number (ARN) of the custom metric.
+describeCustomMetricResponse_metricArn :: Lens.Lens' DescribeCustomMetricResponse (Prelude.Maybe Prelude.Text)
+describeCustomMetricResponse_metricArn = Lens.lens (\DescribeCustomMetricResponse' {metricArn} -> metricArn) (\s@DescribeCustomMetricResponse' {} a -> s {metricArn = a} :: DescribeCustomMetricResponse)
+
+-- | The name of the custom metric.
+describeCustomMetricResponse_metricName :: Lens.Lens' DescribeCustomMetricResponse (Prelude.Maybe Prelude.Text)
+describeCustomMetricResponse_metricName = Lens.lens (\DescribeCustomMetricResponse' {metricName} -> metricName) (\s@DescribeCustomMetricResponse' {} a -> s {metricName = a} :: DescribeCustomMetricResponse)
+
+-- | The type of the custom metric.
+--
+-- The type @number@ only takes a single metric value as an input, but
+-- while submitting the metrics value in the DeviceMetrics report, it must
+-- be passed as an array with a single value.
+describeCustomMetricResponse_metricType :: Lens.Lens' DescribeCustomMetricResponse (Prelude.Maybe CustomMetricType)
+describeCustomMetricResponse_metricType = Lens.lens (\DescribeCustomMetricResponse' {metricType} -> metricType) (\s@DescribeCustomMetricResponse' {} a -> s {metricType = a} :: DescribeCustomMetricResponse)
+
+-- | The response's http status code.
+describeCustomMetricResponse_httpStatus :: Lens.Lens' DescribeCustomMetricResponse Prelude.Int
+describeCustomMetricResponse_httpStatus = Lens.lens (\DescribeCustomMetricResponse' {httpStatus} -> httpStatus) (\s@DescribeCustomMetricResponse' {} a -> s {httpStatus = a} :: DescribeCustomMetricResponse)
+
+instance Prelude.NFData DescribeCustomMetricResponse where
+  rnf DescribeCustomMetricResponse' {..} =
+    Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf displayName
+      `Prelude.seq` Prelude.rnf lastModifiedDate
+      `Prelude.seq` Prelude.rnf metricArn
+      `Prelude.seq` Prelude.rnf metricName
+      `Prelude.seq` Prelude.rnf metricType
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeDefaultAuthorizer.hs b/gen/Amazonka/IoT/DescribeDefaultAuthorizer.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeDefaultAuthorizer.hs
@@ -0,0 +1,141 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeDefaultAuthorizer
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Describes the default authorizer.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeDefaultAuthorizer>
+-- action.
+module Amazonka.IoT.DescribeDefaultAuthorizer
+  ( -- * Creating a Request
+    DescribeDefaultAuthorizer (..),
+    newDescribeDefaultAuthorizer,
+
+    -- * Destructuring the Response
+    DescribeDefaultAuthorizerResponse (..),
+    newDescribeDefaultAuthorizerResponse,
+
+    -- * Response Lenses
+    describeDefaultAuthorizerResponse_authorizerDescription,
+    describeDefaultAuthorizerResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDescribeDefaultAuthorizer' smart constructor.
+data DescribeDefaultAuthorizer = DescribeDefaultAuthorizer'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeDefaultAuthorizer' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newDescribeDefaultAuthorizer ::
+  DescribeDefaultAuthorizer
+newDescribeDefaultAuthorizer =
+  DescribeDefaultAuthorizer'
+
+instance Core.AWSRequest DescribeDefaultAuthorizer where
+  type
+    AWSResponse DescribeDefaultAuthorizer =
+      DescribeDefaultAuthorizerResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeDefaultAuthorizerResponse'
+            Prelude.<$> (x Data..?> "authorizerDescription")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DescribeDefaultAuthorizer where
+  hashWithSalt _salt _ =
+    _salt `Prelude.hashWithSalt` ()
+
+instance Prelude.NFData DescribeDefaultAuthorizer where
+  rnf _ = ()
+
+instance Data.ToHeaders DescribeDefaultAuthorizer where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DescribeDefaultAuthorizer where
+  toPath = Prelude.const "/default-authorizer"
+
+instance Data.ToQuery DescribeDefaultAuthorizer where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeDefaultAuthorizerResponse' smart constructor.
+data DescribeDefaultAuthorizerResponse = DescribeDefaultAuthorizerResponse'
+  { -- | The default authorizer\'s description.
+    authorizerDescription :: Prelude.Maybe AuthorizerDescription,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeDefaultAuthorizerResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'authorizerDescription', 'describeDefaultAuthorizerResponse_authorizerDescription' - The default authorizer\'s description.
+--
+-- 'httpStatus', 'describeDefaultAuthorizerResponse_httpStatus' - The response's http status code.
+newDescribeDefaultAuthorizerResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeDefaultAuthorizerResponse
+newDescribeDefaultAuthorizerResponse pHttpStatus_ =
+  DescribeDefaultAuthorizerResponse'
+    { authorizerDescription =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The default authorizer\'s description.
+describeDefaultAuthorizerResponse_authorizerDescription :: Lens.Lens' DescribeDefaultAuthorizerResponse (Prelude.Maybe AuthorizerDescription)
+describeDefaultAuthorizerResponse_authorizerDescription = Lens.lens (\DescribeDefaultAuthorizerResponse' {authorizerDescription} -> authorizerDescription) (\s@DescribeDefaultAuthorizerResponse' {} a -> s {authorizerDescription = a} :: DescribeDefaultAuthorizerResponse)
+
+-- | The response's http status code.
+describeDefaultAuthorizerResponse_httpStatus :: Lens.Lens' DescribeDefaultAuthorizerResponse Prelude.Int
+describeDefaultAuthorizerResponse_httpStatus = Lens.lens (\DescribeDefaultAuthorizerResponse' {httpStatus} -> httpStatus) (\s@DescribeDefaultAuthorizerResponse' {} a -> s {httpStatus = a} :: DescribeDefaultAuthorizerResponse)
+
+instance
+  Prelude.NFData
+    DescribeDefaultAuthorizerResponse
+  where
+  rnf DescribeDefaultAuthorizerResponse' {..} =
+    Prelude.rnf authorizerDescription
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeDetectMitigationActionsTask.hs b/gen/Amazonka/IoT/DescribeDetectMitigationActionsTask.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeDetectMitigationActionsTask.hs
@@ -0,0 +1,185 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeDetectMitigationActionsTask
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets information about a Device Defender ML Detect mitigation action.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeDetectMitigationActionsTask>
+-- action.
+module Amazonka.IoT.DescribeDetectMitigationActionsTask
+  ( -- * Creating a Request
+    DescribeDetectMitigationActionsTask (..),
+    newDescribeDetectMitigationActionsTask,
+
+    -- * Request Lenses
+    describeDetectMitigationActionsTask_taskId,
+
+    -- * Destructuring the Response
+    DescribeDetectMitigationActionsTaskResponse (..),
+    newDescribeDetectMitigationActionsTaskResponse,
+
+    -- * Response Lenses
+    describeDetectMitigationActionsTaskResponse_taskSummary,
+    describeDetectMitigationActionsTaskResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDescribeDetectMitigationActionsTask' smart constructor.
+data DescribeDetectMitigationActionsTask = DescribeDetectMitigationActionsTask'
+  { -- | The unique identifier of the task.
+    taskId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeDetectMitigationActionsTask' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'taskId', 'describeDetectMitigationActionsTask_taskId' - The unique identifier of the task.
+newDescribeDetectMitigationActionsTask ::
+  -- | 'taskId'
+  Prelude.Text ->
+  DescribeDetectMitigationActionsTask
+newDescribeDetectMitigationActionsTask pTaskId_ =
+  DescribeDetectMitigationActionsTask'
+    { taskId =
+        pTaskId_
+    }
+
+-- | The unique identifier of the task.
+describeDetectMitigationActionsTask_taskId :: Lens.Lens' DescribeDetectMitigationActionsTask Prelude.Text
+describeDetectMitigationActionsTask_taskId = Lens.lens (\DescribeDetectMitigationActionsTask' {taskId} -> taskId) (\s@DescribeDetectMitigationActionsTask' {} a -> s {taskId = a} :: DescribeDetectMitigationActionsTask)
+
+instance
+  Core.AWSRequest
+    DescribeDetectMitigationActionsTask
+  where
+  type
+    AWSResponse DescribeDetectMitigationActionsTask =
+      DescribeDetectMitigationActionsTaskResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeDetectMitigationActionsTaskResponse'
+            Prelude.<$> (x Data..?> "taskSummary")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    DescribeDetectMitigationActionsTask
+  where
+  hashWithSalt
+    _salt
+    DescribeDetectMitigationActionsTask' {..} =
+      _salt `Prelude.hashWithSalt` taskId
+
+instance
+  Prelude.NFData
+    DescribeDetectMitigationActionsTask
+  where
+  rnf DescribeDetectMitigationActionsTask' {..} =
+    Prelude.rnf taskId
+
+instance
+  Data.ToHeaders
+    DescribeDetectMitigationActionsTask
+  where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance
+  Data.ToPath
+    DescribeDetectMitigationActionsTask
+  where
+  toPath DescribeDetectMitigationActionsTask' {..} =
+    Prelude.mconcat
+      [ "/detect/mitigationactions/tasks/",
+        Data.toBS taskId
+      ]
+
+instance
+  Data.ToQuery
+    DescribeDetectMitigationActionsTask
+  where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeDetectMitigationActionsTaskResponse' smart constructor.
+data DescribeDetectMitigationActionsTaskResponse = DescribeDetectMitigationActionsTaskResponse'
+  { -- | The description of a task.
+    taskSummary :: Prelude.Maybe DetectMitigationActionsTaskSummary,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeDetectMitigationActionsTaskResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'taskSummary', 'describeDetectMitigationActionsTaskResponse_taskSummary' - The description of a task.
+--
+-- 'httpStatus', 'describeDetectMitigationActionsTaskResponse_httpStatus' - The response's http status code.
+newDescribeDetectMitigationActionsTaskResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeDetectMitigationActionsTaskResponse
+newDescribeDetectMitigationActionsTaskResponse
+  pHttpStatus_ =
+    DescribeDetectMitigationActionsTaskResponse'
+      { taskSummary =
+          Prelude.Nothing,
+        httpStatus = pHttpStatus_
+      }
+
+-- | The description of a task.
+describeDetectMitigationActionsTaskResponse_taskSummary :: Lens.Lens' DescribeDetectMitigationActionsTaskResponse (Prelude.Maybe DetectMitigationActionsTaskSummary)
+describeDetectMitigationActionsTaskResponse_taskSummary = Lens.lens (\DescribeDetectMitigationActionsTaskResponse' {taskSummary} -> taskSummary) (\s@DescribeDetectMitigationActionsTaskResponse' {} a -> s {taskSummary = a} :: DescribeDetectMitigationActionsTaskResponse)
+
+-- | The response's http status code.
+describeDetectMitigationActionsTaskResponse_httpStatus :: Lens.Lens' DescribeDetectMitigationActionsTaskResponse Prelude.Int
+describeDetectMitigationActionsTaskResponse_httpStatus = Lens.lens (\DescribeDetectMitigationActionsTaskResponse' {httpStatus} -> httpStatus) (\s@DescribeDetectMitigationActionsTaskResponse' {} a -> s {httpStatus = a} :: DescribeDetectMitigationActionsTaskResponse)
+
+instance
+  Prelude.NFData
+    DescribeDetectMitigationActionsTaskResponse
+  where
+  rnf DescribeDetectMitigationActionsTaskResponse' {..} =
+    Prelude.rnf taskSummary
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeDimension.hs b/gen/Amazonka/IoT/DescribeDimension.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeDimension.hs
@@ -0,0 +1,220 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeDimension
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Provides details about a dimension that is defined in your Amazon Web
+-- Services accounts.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeDimension>
+-- action.
+module Amazonka.IoT.DescribeDimension
+  ( -- * Creating a Request
+    DescribeDimension (..),
+    newDescribeDimension,
+
+    -- * Request Lenses
+    describeDimension_name,
+
+    -- * Destructuring the Response
+    DescribeDimensionResponse (..),
+    newDescribeDimensionResponse,
+
+    -- * Response Lenses
+    describeDimensionResponse_arn,
+    describeDimensionResponse_creationDate,
+    describeDimensionResponse_lastModifiedDate,
+    describeDimensionResponse_name,
+    describeDimensionResponse_stringValues,
+    describeDimensionResponse_type,
+    describeDimensionResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDescribeDimension' smart constructor.
+data DescribeDimension = DescribeDimension'
+  { -- | The unique identifier for the dimension.
+    name :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeDimension' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'name', 'describeDimension_name' - The unique identifier for the dimension.
+newDescribeDimension ::
+  -- | 'name'
+  Prelude.Text ->
+  DescribeDimension
+newDescribeDimension pName_ =
+  DescribeDimension' {name = pName_}
+
+-- | The unique identifier for the dimension.
+describeDimension_name :: Lens.Lens' DescribeDimension Prelude.Text
+describeDimension_name = Lens.lens (\DescribeDimension' {name} -> name) (\s@DescribeDimension' {} a -> s {name = a} :: DescribeDimension)
+
+instance Core.AWSRequest DescribeDimension where
+  type
+    AWSResponse DescribeDimension =
+      DescribeDimensionResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeDimensionResponse'
+            Prelude.<$> (x Data..?> "arn")
+            Prelude.<*> (x Data..?> "creationDate")
+            Prelude.<*> (x Data..?> "lastModifiedDate")
+            Prelude.<*> (x Data..?> "name")
+            Prelude.<*> (x Data..?> "stringValues")
+            Prelude.<*> (x Data..?> "type")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DescribeDimension where
+  hashWithSalt _salt DescribeDimension' {..} =
+    _salt `Prelude.hashWithSalt` name
+
+instance Prelude.NFData DescribeDimension where
+  rnf DescribeDimension' {..} = Prelude.rnf name
+
+instance Data.ToHeaders DescribeDimension where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DescribeDimension where
+  toPath DescribeDimension' {..} =
+    Prelude.mconcat ["/dimensions/", Data.toBS name]
+
+instance Data.ToQuery DescribeDimension where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeDimensionResponse' smart constructor.
+data DescribeDimensionResponse = DescribeDimensionResponse'
+  { -- | The Amazon Resource Name (ARN) for the dimension.
+    arn :: Prelude.Maybe Prelude.Text,
+    -- | The date the dimension was created.
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | The date the dimension was last modified.
+    lastModifiedDate :: Prelude.Maybe Data.POSIX,
+    -- | The unique identifier for the dimension.
+    name :: Prelude.Maybe Prelude.Text,
+    -- | The value or list of values used to scope the dimension. For example,
+    -- for topic filters, this is the pattern used to match the MQTT topic
+    -- name.
+    stringValues :: Prelude.Maybe (Prelude.NonEmpty Prelude.Text),
+    -- | The type of the dimension.
+    type' :: Prelude.Maybe DimensionType,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeDimensionResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'arn', 'describeDimensionResponse_arn' - The Amazon Resource Name (ARN) for the dimension.
+--
+-- 'creationDate', 'describeDimensionResponse_creationDate' - The date the dimension was created.
+--
+-- 'lastModifiedDate', 'describeDimensionResponse_lastModifiedDate' - The date the dimension was last modified.
+--
+-- 'name', 'describeDimensionResponse_name' - The unique identifier for the dimension.
+--
+-- 'stringValues', 'describeDimensionResponse_stringValues' - The value or list of values used to scope the dimension. For example,
+-- for topic filters, this is the pattern used to match the MQTT topic
+-- name.
+--
+-- 'type'', 'describeDimensionResponse_type' - The type of the dimension.
+--
+-- 'httpStatus', 'describeDimensionResponse_httpStatus' - The response's http status code.
+newDescribeDimensionResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeDimensionResponse
+newDescribeDimensionResponse pHttpStatus_ =
+  DescribeDimensionResponse'
+    { arn = Prelude.Nothing,
+      creationDate = Prelude.Nothing,
+      lastModifiedDate = Prelude.Nothing,
+      name = Prelude.Nothing,
+      stringValues = Prelude.Nothing,
+      type' = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The Amazon Resource Name (ARN) for the dimension.
+describeDimensionResponse_arn :: Lens.Lens' DescribeDimensionResponse (Prelude.Maybe Prelude.Text)
+describeDimensionResponse_arn = Lens.lens (\DescribeDimensionResponse' {arn} -> arn) (\s@DescribeDimensionResponse' {} a -> s {arn = a} :: DescribeDimensionResponse)
+
+-- | The date the dimension was created.
+describeDimensionResponse_creationDate :: Lens.Lens' DescribeDimensionResponse (Prelude.Maybe Prelude.UTCTime)
+describeDimensionResponse_creationDate = Lens.lens (\DescribeDimensionResponse' {creationDate} -> creationDate) (\s@DescribeDimensionResponse' {} a -> s {creationDate = a} :: DescribeDimensionResponse) Prelude.. Lens.mapping Data._Time
+
+-- | The date the dimension was last modified.
+describeDimensionResponse_lastModifiedDate :: Lens.Lens' DescribeDimensionResponse (Prelude.Maybe Prelude.UTCTime)
+describeDimensionResponse_lastModifiedDate = Lens.lens (\DescribeDimensionResponse' {lastModifiedDate} -> lastModifiedDate) (\s@DescribeDimensionResponse' {} a -> s {lastModifiedDate = a} :: DescribeDimensionResponse) Prelude.. Lens.mapping Data._Time
+
+-- | The unique identifier for the dimension.
+describeDimensionResponse_name :: Lens.Lens' DescribeDimensionResponse (Prelude.Maybe Prelude.Text)
+describeDimensionResponse_name = Lens.lens (\DescribeDimensionResponse' {name} -> name) (\s@DescribeDimensionResponse' {} a -> s {name = a} :: DescribeDimensionResponse)
+
+-- | The value or list of values used to scope the dimension. For example,
+-- for topic filters, this is the pattern used to match the MQTT topic
+-- name.
+describeDimensionResponse_stringValues :: Lens.Lens' DescribeDimensionResponse (Prelude.Maybe (Prelude.NonEmpty Prelude.Text))
+describeDimensionResponse_stringValues = Lens.lens (\DescribeDimensionResponse' {stringValues} -> stringValues) (\s@DescribeDimensionResponse' {} a -> s {stringValues = a} :: DescribeDimensionResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The type of the dimension.
+describeDimensionResponse_type :: Lens.Lens' DescribeDimensionResponse (Prelude.Maybe DimensionType)
+describeDimensionResponse_type = Lens.lens (\DescribeDimensionResponse' {type'} -> type') (\s@DescribeDimensionResponse' {} a -> s {type' = a} :: DescribeDimensionResponse)
+
+-- | The response's http status code.
+describeDimensionResponse_httpStatus :: Lens.Lens' DescribeDimensionResponse Prelude.Int
+describeDimensionResponse_httpStatus = Lens.lens (\DescribeDimensionResponse' {httpStatus} -> httpStatus) (\s@DescribeDimensionResponse' {} a -> s {httpStatus = a} :: DescribeDimensionResponse)
+
+instance Prelude.NFData DescribeDimensionResponse where
+  rnf DescribeDimensionResponse' {..} =
+    Prelude.rnf arn
+      `Prelude.seq` Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf lastModifiedDate
+      `Prelude.seq` Prelude.rnf name
+      `Prelude.seq` Prelude.rnf stringValues
+      `Prelude.seq` Prelude.rnf type'
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeDomainConfiguration.hs b/gen/Amazonka/IoT/DescribeDomainConfiguration.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeDomainConfiguration.hs
@@ -0,0 +1,274 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeDomainConfiguration
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets summary information about a domain configuration.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeDomainConfiguration>
+-- action.
+module Amazonka.IoT.DescribeDomainConfiguration
+  ( -- * Creating a Request
+    DescribeDomainConfiguration (..),
+    newDescribeDomainConfiguration,
+
+    -- * Request Lenses
+    describeDomainConfiguration_domainConfigurationName,
+
+    -- * Destructuring the Response
+    DescribeDomainConfigurationResponse (..),
+    newDescribeDomainConfigurationResponse,
+
+    -- * Response Lenses
+    describeDomainConfigurationResponse_authorizerConfig,
+    describeDomainConfigurationResponse_domainConfigurationArn,
+    describeDomainConfigurationResponse_domainConfigurationName,
+    describeDomainConfigurationResponse_domainConfigurationStatus,
+    describeDomainConfigurationResponse_domainName,
+    describeDomainConfigurationResponse_domainType,
+    describeDomainConfigurationResponse_lastStatusChangeDate,
+    describeDomainConfigurationResponse_serverCertificates,
+    describeDomainConfigurationResponse_serviceType,
+    describeDomainConfigurationResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDescribeDomainConfiguration' smart constructor.
+data DescribeDomainConfiguration = DescribeDomainConfiguration'
+  { -- | The name of the domain configuration.
+    domainConfigurationName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeDomainConfiguration' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'domainConfigurationName', 'describeDomainConfiguration_domainConfigurationName' - The name of the domain configuration.
+newDescribeDomainConfiguration ::
+  -- | 'domainConfigurationName'
+  Prelude.Text ->
+  DescribeDomainConfiguration
+newDescribeDomainConfiguration
+  pDomainConfigurationName_ =
+    DescribeDomainConfiguration'
+      { domainConfigurationName =
+          pDomainConfigurationName_
+      }
+
+-- | The name of the domain configuration.
+describeDomainConfiguration_domainConfigurationName :: Lens.Lens' DescribeDomainConfiguration Prelude.Text
+describeDomainConfiguration_domainConfigurationName = Lens.lens (\DescribeDomainConfiguration' {domainConfigurationName} -> domainConfigurationName) (\s@DescribeDomainConfiguration' {} a -> s {domainConfigurationName = a} :: DescribeDomainConfiguration)
+
+instance Core.AWSRequest DescribeDomainConfiguration where
+  type
+    AWSResponse DescribeDomainConfiguration =
+      DescribeDomainConfigurationResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeDomainConfigurationResponse'
+            Prelude.<$> (x Data..?> "authorizerConfig")
+            Prelude.<*> (x Data..?> "domainConfigurationArn")
+            Prelude.<*> (x Data..?> "domainConfigurationName")
+            Prelude.<*> (x Data..?> "domainConfigurationStatus")
+            Prelude.<*> (x Data..?> "domainName")
+            Prelude.<*> (x Data..?> "domainType")
+            Prelude.<*> (x Data..?> "lastStatusChangeDate")
+            Prelude.<*> ( x
+                            Data..?> "serverCertificates"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (x Data..?> "serviceType")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DescribeDomainConfiguration where
+  hashWithSalt _salt DescribeDomainConfiguration' {..} =
+    _salt
+      `Prelude.hashWithSalt` domainConfigurationName
+
+instance Prelude.NFData DescribeDomainConfiguration where
+  rnf DescribeDomainConfiguration' {..} =
+    Prelude.rnf domainConfigurationName
+
+instance Data.ToHeaders DescribeDomainConfiguration where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DescribeDomainConfiguration where
+  toPath DescribeDomainConfiguration' {..} =
+    Prelude.mconcat
+      [ "/domainConfigurations/",
+        Data.toBS domainConfigurationName
+      ]
+
+instance Data.ToQuery DescribeDomainConfiguration where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeDomainConfigurationResponse' smart constructor.
+data DescribeDomainConfigurationResponse = DescribeDomainConfigurationResponse'
+  { -- | An object that specifies the authorization service for a domain.
+    authorizerConfig :: Prelude.Maybe AuthorizerConfig,
+    -- | The ARN of the domain configuration.
+    domainConfigurationArn :: Prelude.Maybe Prelude.Text,
+    -- | The name of the domain configuration.
+    domainConfigurationName :: Prelude.Maybe Prelude.Text,
+    -- | A Boolean value that specifies the current state of the domain
+    -- configuration.
+    domainConfigurationStatus :: Prelude.Maybe DomainConfigurationStatus,
+    -- | The name of the domain.
+    domainName :: Prelude.Maybe Prelude.Text,
+    -- | The type of the domain.
+    domainType :: Prelude.Maybe DomainType,
+    -- | The date and time the domain configuration\'s status was last changed.
+    lastStatusChangeDate :: Prelude.Maybe Data.POSIX,
+    -- | A list containing summary information about the server certificate
+    -- included in the domain configuration.
+    serverCertificates :: Prelude.Maybe [ServerCertificateSummary],
+    -- | The type of service delivered by the endpoint.
+    serviceType :: Prelude.Maybe ServiceType,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeDomainConfigurationResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'authorizerConfig', 'describeDomainConfigurationResponse_authorizerConfig' - An object that specifies the authorization service for a domain.
+--
+-- 'domainConfigurationArn', 'describeDomainConfigurationResponse_domainConfigurationArn' - The ARN of the domain configuration.
+--
+-- 'domainConfigurationName', 'describeDomainConfigurationResponse_domainConfigurationName' - The name of the domain configuration.
+--
+-- 'domainConfigurationStatus', 'describeDomainConfigurationResponse_domainConfigurationStatus' - A Boolean value that specifies the current state of the domain
+-- configuration.
+--
+-- 'domainName', 'describeDomainConfigurationResponse_domainName' - The name of the domain.
+--
+-- 'domainType', 'describeDomainConfigurationResponse_domainType' - The type of the domain.
+--
+-- 'lastStatusChangeDate', 'describeDomainConfigurationResponse_lastStatusChangeDate' - The date and time the domain configuration\'s status was last changed.
+--
+-- 'serverCertificates', 'describeDomainConfigurationResponse_serverCertificates' - A list containing summary information about the server certificate
+-- included in the domain configuration.
+--
+-- 'serviceType', 'describeDomainConfigurationResponse_serviceType' - The type of service delivered by the endpoint.
+--
+-- 'httpStatus', 'describeDomainConfigurationResponse_httpStatus' - The response's http status code.
+newDescribeDomainConfigurationResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeDomainConfigurationResponse
+newDescribeDomainConfigurationResponse pHttpStatus_ =
+  DescribeDomainConfigurationResponse'
+    { authorizerConfig =
+        Prelude.Nothing,
+      domainConfigurationArn =
+        Prelude.Nothing,
+      domainConfigurationName =
+        Prelude.Nothing,
+      domainConfigurationStatus =
+        Prelude.Nothing,
+      domainName = Prelude.Nothing,
+      domainType = Prelude.Nothing,
+      lastStatusChangeDate = Prelude.Nothing,
+      serverCertificates = Prelude.Nothing,
+      serviceType = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | An object that specifies the authorization service for a domain.
+describeDomainConfigurationResponse_authorizerConfig :: Lens.Lens' DescribeDomainConfigurationResponse (Prelude.Maybe AuthorizerConfig)
+describeDomainConfigurationResponse_authorizerConfig = Lens.lens (\DescribeDomainConfigurationResponse' {authorizerConfig} -> authorizerConfig) (\s@DescribeDomainConfigurationResponse' {} a -> s {authorizerConfig = a} :: DescribeDomainConfigurationResponse)
+
+-- | The ARN of the domain configuration.
+describeDomainConfigurationResponse_domainConfigurationArn :: Lens.Lens' DescribeDomainConfigurationResponse (Prelude.Maybe Prelude.Text)
+describeDomainConfigurationResponse_domainConfigurationArn = Lens.lens (\DescribeDomainConfigurationResponse' {domainConfigurationArn} -> domainConfigurationArn) (\s@DescribeDomainConfigurationResponse' {} a -> s {domainConfigurationArn = a} :: DescribeDomainConfigurationResponse)
+
+-- | The name of the domain configuration.
+describeDomainConfigurationResponse_domainConfigurationName :: Lens.Lens' DescribeDomainConfigurationResponse (Prelude.Maybe Prelude.Text)
+describeDomainConfigurationResponse_domainConfigurationName = Lens.lens (\DescribeDomainConfigurationResponse' {domainConfigurationName} -> domainConfigurationName) (\s@DescribeDomainConfigurationResponse' {} a -> s {domainConfigurationName = a} :: DescribeDomainConfigurationResponse)
+
+-- | A Boolean value that specifies the current state of the domain
+-- configuration.
+describeDomainConfigurationResponse_domainConfigurationStatus :: Lens.Lens' DescribeDomainConfigurationResponse (Prelude.Maybe DomainConfigurationStatus)
+describeDomainConfigurationResponse_domainConfigurationStatus = Lens.lens (\DescribeDomainConfigurationResponse' {domainConfigurationStatus} -> domainConfigurationStatus) (\s@DescribeDomainConfigurationResponse' {} a -> s {domainConfigurationStatus = a} :: DescribeDomainConfigurationResponse)
+
+-- | The name of the domain.
+describeDomainConfigurationResponse_domainName :: Lens.Lens' DescribeDomainConfigurationResponse (Prelude.Maybe Prelude.Text)
+describeDomainConfigurationResponse_domainName = Lens.lens (\DescribeDomainConfigurationResponse' {domainName} -> domainName) (\s@DescribeDomainConfigurationResponse' {} a -> s {domainName = a} :: DescribeDomainConfigurationResponse)
+
+-- | The type of the domain.
+describeDomainConfigurationResponse_domainType :: Lens.Lens' DescribeDomainConfigurationResponse (Prelude.Maybe DomainType)
+describeDomainConfigurationResponse_domainType = Lens.lens (\DescribeDomainConfigurationResponse' {domainType} -> domainType) (\s@DescribeDomainConfigurationResponse' {} a -> s {domainType = a} :: DescribeDomainConfigurationResponse)
+
+-- | The date and time the domain configuration\'s status was last changed.
+describeDomainConfigurationResponse_lastStatusChangeDate :: Lens.Lens' DescribeDomainConfigurationResponse (Prelude.Maybe Prelude.UTCTime)
+describeDomainConfigurationResponse_lastStatusChangeDate = Lens.lens (\DescribeDomainConfigurationResponse' {lastStatusChangeDate} -> lastStatusChangeDate) (\s@DescribeDomainConfigurationResponse' {} a -> s {lastStatusChangeDate = a} :: DescribeDomainConfigurationResponse) Prelude.. Lens.mapping Data._Time
+
+-- | A list containing summary information about the server certificate
+-- included in the domain configuration.
+describeDomainConfigurationResponse_serverCertificates :: Lens.Lens' DescribeDomainConfigurationResponse (Prelude.Maybe [ServerCertificateSummary])
+describeDomainConfigurationResponse_serverCertificates = Lens.lens (\DescribeDomainConfigurationResponse' {serverCertificates} -> serverCertificates) (\s@DescribeDomainConfigurationResponse' {} a -> s {serverCertificates = a} :: DescribeDomainConfigurationResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The type of service delivered by the endpoint.
+describeDomainConfigurationResponse_serviceType :: Lens.Lens' DescribeDomainConfigurationResponse (Prelude.Maybe ServiceType)
+describeDomainConfigurationResponse_serviceType = Lens.lens (\DescribeDomainConfigurationResponse' {serviceType} -> serviceType) (\s@DescribeDomainConfigurationResponse' {} a -> s {serviceType = a} :: DescribeDomainConfigurationResponse)
+
+-- | The response's http status code.
+describeDomainConfigurationResponse_httpStatus :: Lens.Lens' DescribeDomainConfigurationResponse Prelude.Int
+describeDomainConfigurationResponse_httpStatus = Lens.lens (\DescribeDomainConfigurationResponse' {httpStatus} -> httpStatus) (\s@DescribeDomainConfigurationResponse' {} a -> s {httpStatus = a} :: DescribeDomainConfigurationResponse)
+
+instance
+  Prelude.NFData
+    DescribeDomainConfigurationResponse
+  where
+  rnf DescribeDomainConfigurationResponse' {..} =
+    Prelude.rnf authorizerConfig
+      `Prelude.seq` Prelude.rnf domainConfigurationArn
+      `Prelude.seq` Prelude.rnf domainConfigurationName
+      `Prelude.seq` Prelude.rnf domainConfigurationStatus
+      `Prelude.seq` Prelude.rnf domainName
+      `Prelude.seq` Prelude.rnf domainType
+      `Prelude.seq` Prelude.rnf lastStatusChangeDate
+      `Prelude.seq` Prelude.rnf serverCertificates
+      `Prelude.seq` Prelude.rnf serviceType
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeEndpoint.hs b/gen/Amazonka/IoT/DescribeEndpoint.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeEndpoint.hs
@@ -0,0 +1,200 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeEndpoint
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Returns a unique endpoint specific to the Amazon Web Services account
+-- making the call.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeEndpoint>
+-- action.
+module Amazonka.IoT.DescribeEndpoint
+  ( -- * Creating a Request
+    DescribeEndpoint (..),
+    newDescribeEndpoint,
+
+    -- * Request Lenses
+    describeEndpoint_endpointType,
+
+    -- * Destructuring the Response
+    DescribeEndpointResponse (..),
+    newDescribeEndpointResponse,
+
+    -- * Response Lenses
+    describeEndpointResponse_endpointAddress,
+    describeEndpointResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the DescribeEndpoint operation.
+--
+-- /See:/ 'newDescribeEndpoint' smart constructor.
+data DescribeEndpoint = DescribeEndpoint'
+  { -- | The endpoint type. Valid endpoint types include:
+    --
+    -- -   @iot:Data@ - Returns a VeriSign signed data endpoint.
+    --
+    -- -   @iot:Data-ATS@ - Returns an ATS signed data endpoint.
+    --
+    -- -   @iot:CredentialProvider@ - Returns an IoT credentials provider API
+    --     endpoint.
+    --
+    -- -   @iot:Jobs@ - Returns an IoT device management Jobs API endpoint.
+    --
+    -- We strongly recommend that customers use the newer @iot:Data-ATS@
+    -- endpoint type to avoid issues related to the widespread distrust of
+    -- Symantec certificate authorities.
+    endpointType :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeEndpoint' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'endpointType', 'describeEndpoint_endpointType' - The endpoint type. Valid endpoint types include:
+--
+-- -   @iot:Data@ - Returns a VeriSign signed data endpoint.
+--
+-- -   @iot:Data-ATS@ - Returns an ATS signed data endpoint.
+--
+-- -   @iot:CredentialProvider@ - Returns an IoT credentials provider API
+--     endpoint.
+--
+-- -   @iot:Jobs@ - Returns an IoT device management Jobs API endpoint.
+--
+-- We strongly recommend that customers use the newer @iot:Data-ATS@
+-- endpoint type to avoid issues related to the widespread distrust of
+-- Symantec certificate authorities.
+newDescribeEndpoint ::
+  DescribeEndpoint
+newDescribeEndpoint =
+  DescribeEndpoint' {endpointType = Prelude.Nothing}
+
+-- | The endpoint type. Valid endpoint types include:
+--
+-- -   @iot:Data@ - Returns a VeriSign signed data endpoint.
+--
+-- -   @iot:Data-ATS@ - Returns an ATS signed data endpoint.
+--
+-- -   @iot:CredentialProvider@ - Returns an IoT credentials provider API
+--     endpoint.
+--
+-- -   @iot:Jobs@ - Returns an IoT device management Jobs API endpoint.
+--
+-- We strongly recommend that customers use the newer @iot:Data-ATS@
+-- endpoint type to avoid issues related to the widespread distrust of
+-- Symantec certificate authorities.
+describeEndpoint_endpointType :: Lens.Lens' DescribeEndpoint (Prelude.Maybe Prelude.Text)
+describeEndpoint_endpointType = Lens.lens (\DescribeEndpoint' {endpointType} -> endpointType) (\s@DescribeEndpoint' {} a -> s {endpointType = a} :: DescribeEndpoint)
+
+instance Core.AWSRequest DescribeEndpoint where
+  type
+    AWSResponse DescribeEndpoint =
+      DescribeEndpointResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeEndpointResponse'
+            Prelude.<$> (x Data..?> "endpointAddress")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DescribeEndpoint where
+  hashWithSalt _salt DescribeEndpoint' {..} =
+    _salt `Prelude.hashWithSalt` endpointType
+
+instance Prelude.NFData DescribeEndpoint where
+  rnf DescribeEndpoint' {..} = Prelude.rnf endpointType
+
+instance Data.ToHeaders DescribeEndpoint where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DescribeEndpoint where
+  toPath = Prelude.const "/endpoint"
+
+instance Data.ToQuery DescribeEndpoint where
+  toQuery DescribeEndpoint' {..} =
+    Prelude.mconcat
+      ["endpointType" Data.=: endpointType]
+
+-- | The output from the DescribeEndpoint operation.
+--
+-- /See:/ 'newDescribeEndpointResponse' smart constructor.
+data DescribeEndpointResponse = DescribeEndpointResponse'
+  { -- | The endpoint. The format of the endpoint is as follows:
+    -- /identifier/.iot./region/.amazonaws.com.
+    endpointAddress :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeEndpointResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'endpointAddress', 'describeEndpointResponse_endpointAddress' - The endpoint. The format of the endpoint is as follows:
+-- /identifier/.iot./region/.amazonaws.com.
+--
+-- 'httpStatus', 'describeEndpointResponse_httpStatus' - The response's http status code.
+newDescribeEndpointResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeEndpointResponse
+newDescribeEndpointResponse pHttpStatus_ =
+  DescribeEndpointResponse'
+    { endpointAddress =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The endpoint. The format of the endpoint is as follows:
+-- /identifier/.iot./region/.amazonaws.com.
+describeEndpointResponse_endpointAddress :: Lens.Lens' DescribeEndpointResponse (Prelude.Maybe Prelude.Text)
+describeEndpointResponse_endpointAddress = Lens.lens (\DescribeEndpointResponse' {endpointAddress} -> endpointAddress) (\s@DescribeEndpointResponse' {} a -> s {endpointAddress = a} :: DescribeEndpointResponse)
+
+-- | The response's http status code.
+describeEndpointResponse_httpStatus :: Lens.Lens' DescribeEndpointResponse Prelude.Int
+describeEndpointResponse_httpStatus = Lens.lens (\DescribeEndpointResponse' {httpStatus} -> httpStatus) (\s@DescribeEndpointResponse' {} a -> s {httpStatus = a} :: DescribeEndpointResponse)
+
+instance Prelude.NFData DescribeEndpointResponse where
+  rnf DescribeEndpointResponse' {..} =
+    Prelude.rnf endpointAddress
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeEventConfigurations.hs b/gen/Amazonka/IoT/DescribeEventConfigurations.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeEventConfigurations.hs
@@ -0,0 +1,168 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeEventConfigurations
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Describes event configurations.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeEventConfigurations>
+-- action.
+module Amazonka.IoT.DescribeEventConfigurations
+  ( -- * Creating a Request
+    DescribeEventConfigurations (..),
+    newDescribeEventConfigurations,
+
+    -- * Destructuring the Response
+    DescribeEventConfigurationsResponse (..),
+    newDescribeEventConfigurationsResponse,
+
+    -- * Response Lenses
+    describeEventConfigurationsResponse_creationDate,
+    describeEventConfigurationsResponse_eventConfigurations,
+    describeEventConfigurationsResponse_lastModifiedDate,
+    describeEventConfigurationsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDescribeEventConfigurations' smart constructor.
+data DescribeEventConfigurations = DescribeEventConfigurations'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeEventConfigurations' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newDescribeEventConfigurations ::
+  DescribeEventConfigurations
+newDescribeEventConfigurations =
+  DescribeEventConfigurations'
+
+instance Core.AWSRequest DescribeEventConfigurations where
+  type
+    AWSResponse DescribeEventConfigurations =
+      DescribeEventConfigurationsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeEventConfigurationsResponse'
+            Prelude.<$> (x Data..?> "creationDate")
+            Prelude.<*> ( x
+                            Data..?> "eventConfigurations"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (x Data..?> "lastModifiedDate")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DescribeEventConfigurations where
+  hashWithSalt _salt _ =
+    _salt `Prelude.hashWithSalt` ()
+
+instance Prelude.NFData DescribeEventConfigurations where
+  rnf _ = ()
+
+instance Data.ToHeaders DescribeEventConfigurations where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DescribeEventConfigurations where
+  toPath = Prelude.const "/event-configurations"
+
+instance Data.ToQuery DescribeEventConfigurations where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeEventConfigurationsResponse' smart constructor.
+data DescribeEventConfigurationsResponse = DescribeEventConfigurationsResponse'
+  { -- | The creation date of the event configuration.
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | The event configurations.
+    eventConfigurations :: Prelude.Maybe (Prelude.HashMap EventType Configuration),
+    -- | The date the event configurations were last modified.
+    lastModifiedDate :: Prelude.Maybe Data.POSIX,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeEventConfigurationsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'creationDate', 'describeEventConfigurationsResponse_creationDate' - The creation date of the event configuration.
+--
+-- 'eventConfigurations', 'describeEventConfigurationsResponse_eventConfigurations' - The event configurations.
+--
+-- 'lastModifiedDate', 'describeEventConfigurationsResponse_lastModifiedDate' - The date the event configurations were last modified.
+--
+-- 'httpStatus', 'describeEventConfigurationsResponse_httpStatus' - The response's http status code.
+newDescribeEventConfigurationsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeEventConfigurationsResponse
+newDescribeEventConfigurationsResponse pHttpStatus_ =
+  DescribeEventConfigurationsResponse'
+    { creationDate =
+        Prelude.Nothing,
+      eventConfigurations = Prelude.Nothing,
+      lastModifiedDate = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The creation date of the event configuration.
+describeEventConfigurationsResponse_creationDate :: Lens.Lens' DescribeEventConfigurationsResponse (Prelude.Maybe Prelude.UTCTime)
+describeEventConfigurationsResponse_creationDate = Lens.lens (\DescribeEventConfigurationsResponse' {creationDate} -> creationDate) (\s@DescribeEventConfigurationsResponse' {} a -> s {creationDate = a} :: DescribeEventConfigurationsResponse) Prelude.. Lens.mapping Data._Time
+
+-- | The event configurations.
+describeEventConfigurationsResponse_eventConfigurations :: Lens.Lens' DescribeEventConfigurationsResponse (Prelude.Maybe (Prelude.HashMap EventType Configuration))
+describeEventConfigurationsResponse_eventConfigurations = Lens.lens (\DescribeEventConfigurationsResponse' {eventConfigurations} -> eventConfigurations) (\s@DescribeEventConfigurationsResponse' {} a -> s {eventConfigurations = a} :: DescribeEventConfigurationsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The date the event configurations were last modified.
+describeEventConfigurationsResponse_lastModifiedDate :: Lens.Lens' DescribeEventConfigurationsResponse (Prelude.Maybe Prelude.UTCTime)
+describeEventConfigurationsResponse_lastModifiedDate = Lens.lens (\DescribeEventConfigurationsResponse' {lastModifiedDate} -> lastModifiedDate) (\s@DescribeEventConfigurationsResponse' {} a -> s {lastModifiedDate = a} :: DescribeEventConfigurationsResponse) Prelude.. Lens.mapping Data._Time
+
+-- | The response's http status code.
+describeEventConfigurationsResponse_httpStatus :: Lens.Lens' DescribeEventConfigurationsResponse Prelude.Int
+describeEventConfigurationsResponse_httpStatus = Lens.lens (\DescribeEventConfigurationsResponse' {httpStatus} -> httpStatus) (\s@DescribeEventConfigurationsResponse' {} a -> s {httpStatus = a} :: DescribeEventConfigurationsResponse)
+
+instance
+  Prelude.NFData
+    DescribeEventConfigurationsResponse
+  where
+  rnf DescribeEventConfigurationsResponse' {..} =
+    Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf eventConfigurations
+      `Prelude.seq` Prelude.rnf lastModifiedDate
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeFleetMetric.hs b/gen/Amazonka/IoT/DescribeFleetMetric.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeFleetMetric.hs
@@ -0,0 +1,308 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeFleetMetric
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets information about the specified fleet metric.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeFleetMetric>
+-- action.
+module Amazonka.IoT.DescribeFleetMetric
+  ( -- * Creating a Request
+    DescribeFleetMetric (..),
+    newDescribeFleetMetric,
+
+    -- * Request Lenses
+    describeFleetMetric_metricName,
+
+    -- * Destructuring the Response
+    DescribeFleetMetricResponse (..),
+    newDescribeFleetMetricResponse,
+
+    -- * Response Lenses
+    describeFleetMetricResponse_aggregationField,
+    describeFleetMetricResponse_aggregationType,
+    describeFleetMetricResponse_creationDate,
+    describeFleetMetricResponse_description,
+    describeFleetMetricResponse_indexName,
+    describeFleetMetricResponse_lastModifiedDate,
+    describeFleetMetricResponse_metricArn,
+    describeFleetMetricResponse_metricName,
+    describeFleetMetricResponse_period,
+    describeFleetMetricResponse_queryString,
+    describeFleetMetricResponse_queryVersion,
+    describeFleetMetricResponse_unit,
+    describeFleetMetricResponse_version,
+    describeFleetMetricResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDescribeFleetMetric' smart constructor.
+data DescribeFleetMetric = DescribeFleetMetric'
+  { -- | The name of the fleet metric to describe.
+    metricName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeFleetMetric' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'metricName', 'describeFleetMetric_metricName' - The name of the fleet metric to describe.
+newDescribeFleetMetric ::
+  -- | 'metricName'
+  Prelude.Text ->
+  DescribeFleetMetric
+newDescribeFleetMetric pMetricName_ =
+  DescribeFleetMetric' {metricName = pMetricName_}
+
+-- | The name of the fleet metric to describe.
+describeFleetMetric_metricName :: Lens.Lens' DescribeFleetMetric Prelude.Text
+describeFleetMetric_metricName = Lens.lens (\DescribeFleetMetric' {metricName} -> metricName) (\s@DescribeFleetMetric' {} a -> s {metricName = a} :: DescribeFleetMetric)
+
+instance Core.AWSRequest DescribeFleetMetric where
+  type
+    AWSResponse DescribeFleetMetric =
+      DescribeFleetMetricResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeFleetMetricResponse'
+            Prelude.<$> (x Data..?> "aggregationField")
+            Prelude.<*> (x Data..?> "aggregationType")
+            Prelude.<*> (x Data..?> "creationDate")
+            Prelude.<*> (x Data..?> "description")
+            Prelude.<*> (x Data..?> "indexName")
+            Prelude.<*> (x Data..?> "lastModifiedDate")
+            Prelude.<*> (x Data..?> "metricArn")
+            Prelude.<*> (x Data..?> "metricName")
+            Prelude.<*> (x Data..?> "period")
+            Prelude.<*> (x Data..?> "queryString")
+            Prelude.<*> (x Data..?> "queryVersion")
+            Prelude.<*> (x Data..?> "unit")
+            Prelude.<*> (x Data..?> "version")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DescribeFleetMetric where
+  hashWithSalt _salt DescribeFleetMetric' {..} =
+    _salt `Prelude.hashWithSalt` metricName
+
+instance Prelude.NFData DescribeFleetMetric where
+  rnf DescribeFleetMetric' {..} = Prelude.rnf metricName
+
+instance Data.ToHeaders DescribeFleetMetric where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DescribeFleetMetric where
+  toPath DescribeFleetMetric' {..} =
+    Prelude.mconcat
+      ["/fleet-metric/", Data.toBS metricName]
+
+instance Data.ToQuery DescribeFleetMetric where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeFleetMetricResponse' smart constructor.
+data DescribeFleetMetricResponse = DescribeFleetMetricResponse'
+  { -- | The field to aggregate.
+    aggregationField :: Prelude.Maybe Prelude.Text,
+    -- | The type of the aggregation query.
+    aggregationType :: Prelude.Maybe AggregationType,
+    -- | The date when the fleet metric is created.
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | The fleet metric description.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | The name of the index to search.
+    indexName :: Prelude.Maybe Prelude.Text,
+    -- | The date when the fleet metric is last modified.
+    lastModifiedDate :: Prelude.Maybe Data.POSIX,
+    -- | The ARN of the fleet metric to describe.
+    metricArn :: Prelude.Maybe Prelude.Text,
+    -- | The name of the fleet metric to describe.
+    metricName :: Prelude.Maybe Prelude.Text,
+    -- | The time in seconds between fleet metric emissions. Range [60(1 min),
+    -- 86400(1 day)] and must be multiple of 60.
+    period :: Prelude.Maybe Prelude.Natural,
+    -- | The search query string.
+    queryString :: Prelude.Maybe Prelude.Text,
+    -- | The query version.
+    queryVersion :: Prelude.Maybe Prelude.Text,
+    -- | Used to support unit transformation such as milliseconds to seconds. The
+    -- unit must be supported by
+    -- <https://docs.aws.amazon.com/https:/docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html CW metric>.
+    unit :: Prelude.Maybe FleetMetricUnit,
+    -- | The version of the fleet metric.
+    version :: Prelude.Maybe Prelude.Integer,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeFleetMetricResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'aggregationField', 'describeFleetMetricResponse_aggregationField' - The field to aggregate.
+--
+-- 'aggregationType', 'describeFleetMetricResponse_aggregationType' - The type of the aggregation query.
+--
+-- 'creationDate', 'describeFleetMetricResponse_creationDate' - The date when the fleet metric is created.
+--
+-- 'description', 'describeFleetMetricResponse_description' - The fleet metric description.
+--
+-- 'indexName', 'describeFleetMetricResponse_indexName' - The name of the index to search.
+--
+-- 'lastModifiedDate', 'describeFleetMetricResponse_lastModifiedDate' - The date when the fleet metric is last modified.
+--
+-- 'metricArn', 'describeFleetMetricResponse_metricArn' - The ARN of the fleet metric to describe.
+--
+-- 'metricName', 'describeFleetMetricResponse_metricName' - The name of the fleet metric to describe.
+--
+-- 'period', 'describeFleetMetricResponse_period' - The time in seconds between fleet metric emissions. Range [60(1 min),
+-- 86400(1 day)] and must be multiple of 60.
+--
+-- 'queryString', 'describeFleetMetricResponse_queryString' - The search query string.
+--
+-- 'queryVersion', 'describeFleetMetricResponse_queryVersion' - The query version.
+--
+-- 'unit', 'describeFleetMetricResponse_unit' - Used to support unit transformation such as milliseconds to seconds. The
+-- unit must be supported by
+-- <https://docs.aws.amazon.com/https:/docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html CW metric>.
+--
+-- 'version', 'describeFleetMetricResponse_version' - The version of the fleet metric.
+--
+-- 'httpStatus', 'describeFleetMetricResponse_httpStatus' - The response's http status code.
+newDescribeFleetMetricResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeFleetMetricResponse
+newDescribeFleetMetricResponse pHttpStatus_ =
+  DescribeFleetMetricResponse'
+    { aggregationField =
+        Prelude.Nothing,
+      aggregationType = Prelude.Nothing,
+      creationDate = Prelude.Nothing,
+      description = Prelude.Nothing,
+      indexName = Prelude.Nothing,
+      lastModifiedDate = Prelude.Nothing,
+      metricArn = Prelude.Nothing,
+      metricName = Prelude.Nothing,
+      period = Prelude.Nothing,
+      queryString = Prelude.Nothing,
+      queryVersion = Prelude.Nothing,
+      unit = Prelude.Nothing,
+      version = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The field to aggregate.
+describeFleetMetricResponse_aggregationField :: Lens.Lens' DescribeFleetMetricResponse (Prelude.Maybe Prelude.Text)
+describeFleetMetricResponse_aggregationField = Lens.lens (\DescribeFleetMetricResponse' {aggregationField} -> aggregationField) (\s@DescribeFleetMetricResponse' {} a -> s {aggregationField = a} :: DescribeFleetMetricResponse)
+
+-- | The type of the aggregation query.
+describeFleetMetricResponse_aggregationType :: Lens.Lens' DescribeFleetMetricResponse (Prelude.Maybe AggregationType)
+describeFleetMetricResponse_aggregationType = Lens.lens (\DescribeFleetMetricResponse' {aggregationType} -> aggregationType) (\s@DescribeFleetMetricResponse' {} a -> s {aggregationType = a} :: DescribeFleetMetricResponse)
+
+-- | The date when the fleet metric is created.
+describeFleetMetricResponse_creationDate :: Lens.Lens' DescribeFleetMetricResponse (Prelude.Maybe Prelude.UTCTime)
+describeFleetMetricResponse_creationDate = Lens.lens (\DescribeFleetMetricResponse' {creationDate} -> creationDate) (\s@DescribeFleetMetricResponse' {} a -> s {creationDate = a} :: DescribeFleetMetricResponse) Prelude.. Lens.mapping Data._Time
+
+-- | The fleet metric description.
+describeFleetMetricResponse_description :: Lens.Lens' DescribeFleetMetricResponse (Prelude.Maybe Prelude.Text)
+describeFleetMetricResponse_description = Lens.lens (\DescribeFleetMetricResponse' {description} -> description) (\s@DescribeFleetMetricResponse' {} a -> s {description = a} :: DescribeFleetMetricResponse)
+
+-- | The name of the index to search.
+describeFleetMetricResponse_indexName :: Lens.Lens' DescribeFleetMetricResponse (Prelude.Maybe Prelude.Text)
+describeFleetMetricResponse_indexName = Lens.lens (\DescribeFleetMetricResponse' {indexName} -> indexName) (\s@DescribeFleetMetricResponse' {} a -> s {indexName = a} :: DescribeFleetMetricResponse)
+
+-- | The date when the fleet metric is last modified.
+describeFleetMetricResponse_lastModifiedDate :: Lens.Lens' DescribeFleetMetricResponse (Prelude.Maybe Prelude.UTCTime)
+describeFleetMetricResponse_lastModifiedDate = Lens.lens (\DescribeFleetMetricResponse' {lastModifiedDate} -> lastModifiedDate) (\s@DescribeFleetMetricResponse' {} a -> s {lastModifiedDate = a} :: DescribeFleetMetricResponse) Prelude.. Lens.mapping Data._Time
+
+-- | The ARN of the fleet metric to describe.
+describeFleetMetricResponse_metricArn :: Lens.Lens' DescribeFleetMetricResponse (Prelude.Maybe Prelude.Text)
+describeFleetMetricResponse_metricArn = Lens.lens (\DescribeFleetMetricResponse' {metricArn} -> metricArn) (\s@DescribeFleetMetricResponse' {} a -> s {metricArn = a} :: DescribeFleetMetricResponse)
+
+-- | The name of the fleet metric to describe.
+describeFleetMetricResponse_metricName :: Lens.Lens' DescribeFleetMetricResponse (Prelude.Maybe Prelude.Text)
+describeFleetMetricResponse_metricName = Lens.lens (\DescribeFleetMetricResponse' {metricName} -> metricName) (\s@DescribeFleetMetricResponse' {} a -> s {metricName = a} :: DescribeFleetMetricResponse)
+
+-- | The time in seconds between fleet metric emissions. Range [60(1 min),
+-- 86400(1 day)] and must be multiple of 60.
+describeFleetMetricResponse_period :: Lens.Lens' DescribeFleetMetricResponse (Prelude.Maybe Prelude.Natural)
+describeFleetMetricResponse_period = Lens.lens (\DescribeFleetMetricResponse' {period} -> period) (\s@DescribeFleetMetricResponse' {} a -> s {period = a} :: DescribeFleetMetricResponse)
+
+-- | The search query string.
+describeFleetMetricResponse_queryString :: Lens.Lens' DescribeFleetMetricResponse (Prelude.Maybe Prelude.Text)
+describeFleetMetricResponse_queryString = Lens.lens (\DescribeFleetMetricResponse' {queryString} -> queryString) (\s@DescribeFleetMetricResponse' {} a -> s {queryString = a} :: DescribeFleetMetricResponse)
+
+-- | The query version.
+describeFleetMetricResponse_queryVersion :: Lens.Lens' DescribeFleetMetricResponse (Prelude.Maybe Prelude.Text)
+describeFleetMetricResponse_queryVersion = Lens.lens (\DescribeFleetMetricResponse' {queryVersion} -> queryVersion) (\s@DescribeFleetMetricResponse' {} a -> s {queryVersion = a} :: DescribeFleetMetricResponse)
+
+-- | Used to support unit transformation such as milliseconds to seconds. The
+-- unit must be supported by
+-- <https://docs.aws.amazon.com/https:/docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html CW metric>.
+describeFleetMetricResponse_unit :: Lens.Lens' DescribeFleetMetricResponse (Prelude.Maybe FleetMetricUnit)
+describeFleetMetricResponse_unit = Lens.lens (\DescribeFleetMetricResponse' {unit} -> unit) (\s@DescribeFleetMetricResponse' {} a -> s {unit = a} :: DescribeFleetMetricResponse)
+
+-- | The version of the fleet metric.
+describeFleetMetricResponse_version :: Lens.Lens' DescribeFleetMetricResponse (Prelude.Maybe Prelude.Integer)
+describeFleetMetricResponse_version = Lens.lens (\DescribeFleetMetricResponse' {version} -> version) (\s@DescribeFleetMetricResponse' {} a -> s {version = a} :: DescribeFleetMetricResponse)
+
+-- | The response's http status code.
+describeFleetMetricResponse_httpStatus :: Lens.Lens' DescribeFleetMetricResponse Prelude.Int
+describeFleetMetricResponse_httpStatus = Lens.lens (\DescribeFleetMetricResponse' {httpStatus} -> httpStatus) (\s@DescribeFleetMetricResponse' {} a -> s {httpStatus = a} :: DescribeFleetMetricResponse)
+
+instance Prelude.NFData DescribeFleetMetricResponse where
+  rnf DescribeFleetMetricResponse' {..} =
+    Prelude.rnf aggregationField
+      `Prelude.seq` Prelude.rnf aggregationType
+      `Prelude.seq` Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf description
+      `Prelude.seq` Prelude.rnf indexName
+      `Prelude.seq` Prelude.rnf lastModifiedDate
+      `Prelude.seq` Prelude.rnf metricArn
+      `Prelude.seq` Prelude.rnf metricName
+      `Prelude.seq` Prelude.rnf period
+      `Prelude.seq` Prelude.rnf queryString
+      `Prelude.seq` Prelude.rnf queryVersion
+      `Prelude.seq` Prelude.rnf unit
+      `Prelude.seq` Prelude.rnf version
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeIndex.hs b/gen/Amazonka/IoT/DescribeIndex.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeIndex.hs
@@ -0,0 +1,228 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeIndex
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Describes a search index.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeIndex>
+-- action.
+module Amazonka.IoT.DescribeIndex
+  ( -- * Creating a Request
+    DescribeIndex (..),
+    newDescribeIndex,
+
+    -- * Request Lenses
+    describeIndex_indexName,
+
+    -- * Destructuring the Response
+    DescribeIndexResponse (..),
+    newDescribeIndexResponse,
+
+    -- * Response Lenses
+    describeIndexResponse_indexName,
+    describeIndexResponse_indexStatus,
+    describeIndexResponse_schema,
+    describeIndexResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDescribeIndex' smart constructor.
+data DescribeIndex = DescribeIndex'
+  { -- | The index name.
+    indexName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeIndex' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'indexName', 'describeIndex_indexName' - The index name.
+newDescribeIndex ::
+  -- | 'indexName'
+  Prelude.Text ->
+  DescribeIndex
+newDescribeIndex pIndexName_ =
+  DescribeIndex' {indexName = pIndexName_}
+
+-- | The index name.
+describeIndex_indexName :: Lens.Lens' DescribeIndex Prelude.Text
+describeIndex_indexName = Lens.lens (\DescribeIndex' {indexName} -> indexName) (\s@DescribeIndex' {} a -> s {indexName = a} :: DescribeIndex)
+
+instance Core.AWSRequest DescribeIndex where
+  type
+    AWSResponse DescribeIndex =
+      DescribeIndexResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeIndexResponse'
+            Prelude.<$> (x Data..?> "indexName")
+            Prelude.<*> (x Data..?> "indexStatus")
+            Prelude.<*> (x Data..?> "schema")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DescribeIndex where
+  hashWithSalt _salt DescribeIndex' {..} =
+    _salt `Prelude.hashWithSalt` indexName
+
+instance Prelude.NFData DescribeIndex where
+  rnf DescribeIndex' {..} = Prelude.rnf indexName
+
+instance Data.ToHeaders DescribeIndex where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DescribeIndex where
+  toPath DescribeIndex' {..} =
+    Prelude.mconcat ["/indices/", Data.toBS indexName]
+
+instance Data.ToQuery DescribeIndex where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeIndexResponse' smart constructor.
+data DescribeIndexResponse = DescribeIndexResponse'
+  { -- | The index name.
+    indexName :: Prelude.Maybe Prelude.Text,
+    -- | The index status.
+    indexStatus :: Prelude.Maybe IndexStatus,
+    -- | Contains a value that specifies the type of indexing performed. Valid
+    -- values are:
+    --
+    -- -   REGISTRY – Your thing index contains only registry data.
+    --
+    -- -   REGISTRY_AND_SHADOW - Your thing index contains registry data and
+    --     shadow data.
+    --
+    -- -   REGISTRY_AND_CONNECTIVITY_STATUS - Your thing index contains
+    --     registry data and thing connectivity status data.
+    --
+    -- -   REGISTRY_AND_SHADOW_AND_CONNECTIVITY_STATUS - Your thing index
+    --     contains registry data, shadow data, and thing connectivity status
+    --     data.
+    --
+    -- -   MULTI_INDEXING_MODE - Your thing index contains multiple data
+    --     sources. For more information, see
+    --     <https://docs.aws.amazon.com/iot/latest/apireference/API_GetIndexingConfiguration.html GetIndexingConfiguration>.
+    schema :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeIndexResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'indexName', 'describeIndexResponse_indexName' - The index name.
+--
+-- 'indexStatus', 'describeIndexResponse_indexStatus' - The index status.
+--
+-- 'schema', 'describeIndexResponse_schema' - Contains a value that specifies the type of indexing performed. Valid
+-- values are:
+--
+-- -   REGISTRY – Your thing index contains only registry data.
+--
+-- -   REGISTRY_AND_SHADOW - Your thing index contains registry data and
+--     shadow data.
+--
+-- -   REGISTRY_AND_CONNECTIVITY_STATUS - Your thing index contains
+--     registry data and thing connectivity status data.
+--
+-- -   REGISTRY_AND_SHADOW_AND_CONNECTIVITY_STATUS - Your thing index
+--     contains registry data, shadow data, and thing connectivity status
+--     data.
+--
+-- -   MULTI_INDEXING_MODE - Your thing index contains multiple data
+--     sources. For more information, see
+--     <https://docs.aws.amazon.com/iot/latest/apireference/API_GetIndexingConfiguration.html GetIndexingConfiguration>.
+--
+-- 'httpStatus', 'describeIndexResponse_httpStatus' - The response's http status code.
+newDescribeIndexResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeIndexResponse
+newDescribeIndexResponse pHttpStatus_ =
+  DescribeIndexResponse'
+    { indexName = Prelude.Nothing,
+      indexStatus = Prelude.Nothing,
+      schema = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The index name.
+describeIndexResponse_indexName :: Lens.Lens' DescribeIndexResponse (Prelude.Maybe Prelude.Text)
+describeIndexResponse_indexName = Lens.lens (\DescribeIndexResponse' {indexName} -> indexName) (\s@DescribeIndexResponse' {} a -> s {indexName = a} :: DescribeIndexResponse)
+
+-- | The index status.
+describeIndexResponse_indexStatus :: Lens.Lens' DescribeIndexResponse (Prelude.Maybe IndexStatus)
+describeIndexResponse_indexStatus = Lens.lens (\DescribeIndexResponse' {indexStatus} -> indexStatus) (\s@DescribeIndexResponse' {} a -> s {indexStatus = a} :: DescribeIndexResponse)
+
+-- | Contains a value that specifies the type of indexing performed. Valid
+-- values are:
+--
+-- -   REGISTRY – Your thing index contains only registry data.
+--
+-- -   REGISTRY_AND_SHADOW - Your thing index contains registry data and
+--     shadow data.
+--
+-- -   REGISTRY_AND_CONNECTIVITY_STATUS - Your thing index contains
+--     registry data and thing connectivity status data.
+--
+-- -   REGISTRY_AND_SHADOW_AND_CONNECTIVITY_STATUS - Your thing index
+--     contains registry data, shadow data, and thing connectivity status
+--     data.
+--
+-- -   MULTI_INDEXING_MODE - Your thing index contains multiple data
+--     sources. For more information, see
+--     <https://docs.aws.amazon.com/iot/latest/apireference/API_GetIndexingConfiguration.html GetIndexingConfiguration>.
+describeIndexResponse_schema :: Lens.Lens' DescribeIndexResponse (Prelude.Maybe Prelude.Text)
+describeIndexResponse_schema = Lens.lens (\DescribeIndexResponse' {schema} -> schema) (\s@DescribeIndexResponse' {} a -> s {schema = a} :: DescribeIndexResponse)
+
+-- | The response's http status code.
+describeIndexResponse_httpStatus :: Lens.Lens' DescribeIndexResponse Prelude.Int
+describeIndexResponse_httpStatus = Lens.lens (\DescribeIndexResponse' {httpStatus} -> httpStatus) (\s@DescribeIndexResponse' {} a -> s {httpStatus = a} :: DescribeIndexResponse)
+
+instance Prelude.NFData DescribeIndexResponse where
+  rnf DescribeIndexResponse' {..} =
+    Prelude.rnf indexName
+      `Prelude.seq` Prelude.rnf indexStatus
+      `Prelude.seq` Prelude.rnf schema
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeJob.hs b/gen/Amazonka/IoT/DescribeJob.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeJob.hs
@@ -0,0 +1,164 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeJob
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Describes a job.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeJob>
+-- action.
+module Amazonka.IoT.DescribeJob
+  ( -- * Creating a Request
+    DescribeJob (..),
+    newDescribeJob,
+
+    -- * Request Lenses
+    describeJob_jobId,
+
+    -- * Destructuring the Response
+    DescribeJobResponse (..),
+    newDescribeJobResponse,
+
+    -- * Response Lenses
+    describeJobResponse_documentSource,
+    describeJobResponse_job,
+    describeJobResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDescribeJob' smart constructor.
+data DescribeJob = DescribeJob'
+  { -- | The unique identifier you assigned to this job when it was created.
+    jobId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeJob' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'jobId', 'describeJob_jobId' - The unique identifier you assigned to this job when it was created.
+newDescribeJob ::
+  -- | 'jobId'
+  Prelude.Text ->
+  DescribeJob
+newDescribeJob pJobId_ =
+  DescribeJob' {jobId = pJobId_}
+
+-- | The unique identifier you assigned to this job when it was created.
+describeJob_jobId :: Lens.Lens' DescribeJob Prelude.Text
+describeJob_jobId = Lens.lens (\DescribeJob' {jobId} -> jobId) (\s@DescribeJob' {} a -> s {jobId = a} :: DescribeJob)
+
+instance Core.AWSRequest DescribeJob where
+  type AWSResponse DescribeJob = DescribeJobResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeJobResponse'
+            Prelude.<$> (x Data..?> "documentSource")
+            Prelude.<*> (x Data..?> "job")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DescribeJob where
+  hashWithSalt _salt DescribeJob' {..} =
+    _salt `Prelude.hashWithSalt` jobId
+
+instance Prelude.NFData DescribeJob where
+  rnf DescribeJob' {..} = Prelude.rnf jobId
+
+instance Data.ToHeaders DescribeJob where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DescribeJob where
+  toPath DescribeJob' {..} =
+    Prelude.mconcat ["/jobs/", Data.toBS jobId]
+
+instance Data.ToQuery DescribeJob where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeJobResponse' smart constructor.
+data DescribeJobResponse = DescribeJobResponse'
+  { -- | An S3 link to the job document.
+    documentSource :: Prelude.Maybe Prelude.Text,
+    -- | Information about the job.
+    job :: Prelude.Maybe Job,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeJobResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'documentSource', 'describeJobResponse_documentSource' - An S3 link to the job document.
+--
+-- 'job', 'describeJobResponse_job' - Information about the job.
+--
+-- 'httpStatus', 'describeJobResponse_httpStatus' - The response's http status code.
+newDescribeJobResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeJobResponse
+newDescribeJobResponse pHttpStatus_ =
+  DescribeJobResponse'
+    { documentSource =
+        Prelude.Nothing,
+      job = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | An S3 link to the job document.
+describeJobResponse_documentSource :: Lens.Lens' DescribeJobResponse (Prelude.Maybe Prelude.Text)
+describeJobResponse_documentSource = Lens.lens (\DescribeJobResponse' {documentSource} -> documentSource) (\s@DescribeJobResponse' {} a -> s {documentSource = a} :: DescribeJobResponse)
+
+-- | Information about the job.
+describeJobResponse_job :: Lens.Lens' DescribeJobResponse (Prelude.Maybe Job)
+describeJobResponse_job = Lens.lens (\DescribeJobResponse' {job} -> job) (\s@DescribeJobResponse' {} a -> s {job = a} :: DescribeJobResponse)
+
+-- | The response's http status code.
+describeJobResponse_httpStatus :: Lens.Lens' DescribeJobResponse Prelude.Int
+describeJobResponse_httpStatus = Lens.lens (\DescribeJobResponse' {httpStatus} -> httpStatus) (\s@DescribeJobResponse' {} a -> s {httpStatus = a} :: DescribeJobResponse)
+
+instance Prelude.NFData DescribeJobResponse where
+  rnf DescribeJobResponse' {..} =
+    Prelude.rnf documentSource
+      `Prelude.seq` Prelude.rnf job
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeJobExecution.hs b/gen/Amazonka/IoT/DescribeJobExecution.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeJobExecution.hs
@@ -0,0 +1,195 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeJobExecution
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Describes a job execution.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeJobExecution>
+-- action.
+module Amazonka.IoT.DescribeJobExecution
+  ( -- * Creating a Request
+    DescribeJobExecution (..),
+    newDescribeJobExecution,
+
+    -- * Request Lenses
+    describeJobExecution_executionNumber,
+    describeJobExecution_jobId,
+    describeJobExecution_thingName,
+
+    -- * Destructuring the Response
+    DescribeJobExecutionResponse (..),
+    newDescribeJobExecutionResponse,
+
+    -- * Response Lenses
+    describeJobExecutionResponse_execution,
+    describeJobExecutionResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDescribeJobExecution' smart constructor.
+data DescribeJobExecution = DescribeJobExecution'
+  { -- | A string (consisting of the digits \"0\" through \"9\" which is used to
+    -- specify a particular job execution on a particular device.
+    executionNumber :: Prelude.Maybe Prelude.Integer,
+    -- | The unique identifier you assigned to this job when it was created.
+    jobId :: Prelude.Text,
+    -- | The name of the thing on which the job execution is running.
+    thingName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeJobExecution' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'executionNumber', 'describeJobExecution_executionNumber' - A string (consisting of the digits \"0\" through \"9\" which is used to
+-- specify a particular job execution on a particular device.
+--
+-- 'jobId', 'describeJobExecution_jobId' - The unique identifier you assigned to this job when it was created.
+--
+-- 'thingName', 'describeJobExecution_thingName' - The name of the thing on which the job execution is running.
+newDescribeJobExecution ::
+  -- | 'jobId'
+  Prelude.Text ->
+  -- | 'thingName'
+  Prelude.Text ->
+  DescribeJobExecution
+newDescribeJobExecution pJobId_ pThingName_ =
+  DescribeJobExecution'
+    { executionNumber =
+        Prelude.Nothing,
+      jobId = pJobId_,
+      thingName = pThingName_
+    }
+
+-- | A string (consisting of the digits \"0\" through \"9\" which is used to
+-- specify a particular job execution on a particular device.
+describeJobExecution_executionNumber :: Lens.Lens' DescribeJobExecution (Prelude.Maybe Prelude.Integer)
+describeJobExecution_executionNumber = Lens.lens (\DescribeJobExecution' {executionNumber} -> executionNumber) (\s@DescribeJobExecution' {} a -> s {executionNumber = a} :: DescribeJobExecution)
+
+-- | The unique identifier you assigned to this job when it was created.
+describeJobExecution_jobId :: Lens.Lens' DescribeJobExecution Prelude.Text
+describeJobExecution_jobId = Lens.lens (\DescribeJobExecution' {jobId} -> jobId) (\s@DescribeJobExecution' {} a -> s {jobId = a} :: DescribeJobExecution)
+
+-- | The name of the thing on which the job execution is running.
+describeJobExecution_thingName :: Lens.Lens' DescribeJobExecution Prelude.Text
+describeJobExecution_thingName = Lens.lens (\DescribeJobExecution' {thingName} -> thingName) (\s@DescribeJobExecution' {} a -> s {thingName = a} :: DescribeJobExecution)
+
+instance Core.AWSRequest DescribeJobExecution where
+  type
+    AWSResponse DescribeJobExecution =
+      DescribeJobExecutionResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeJobExecutionResponse'
+            Prelude.<$> (x Data..?> "execution")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DescribeJobExecution where
+  hashWithSalt _salt DescribeJobExecution' {..} =
+    _salt
+      `Prelude.hashWithSalt` executionNumber
+      `Prelude.hashWithSalt` jobId
+      `Prelude.hashWithSalt` thingName
+
+instance Prelude.NFData DescribeJobExecution where
+  rnf DescribeJobExecution' {..} =
+    Prelude.rnf executionNumber
+      `Prelude.seq` Prelude.rnf jobId
+      `Prelude.seq` Prelude.rnf thingName
+
+instance Data.ToHeaders DescribeJobExecution where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DescribeJobExecution where
+  toPath DescribeJobExecution' {..} =
+    Prelude.mconcat
+      [ "/things/",
+        Data.toBS thingName,
+        "/jobs/",
+        Data.toBS jobId
+      ]
+
+instance Data.ToQuery DescribeJobExecution where
+  toQuery DescribeJobExecution' {..} =
+    Prelude.mconcat
+      ["executionNumber" Data.=: executionNumber]
+
+-- | /See:/ 'newDescribeJobExecutionResponse' smart constructor.
+data DescribeJobExecutionResponse = DescribeJobExecutionResponse'
+  { -- | Information about the job execution.
+    execution :: Prelude.Maybe JobExecution,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeJobExecutionResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'execution', 'describeJobExecutionResponse_execution' - Information about the job execution.
+--
+-- 'httpStatus', 'describeJobExecutionResponse_httpStatus' - The response's http status code.
+newDescribeJobExecutionResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeJobExecutionResponse
+newDescribeJobExecutionResponse pHttpStatus_ =
+  DescribeJobExecutionResponse'
+    { execution =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | Information about the job execution.
+describeJobExecutionResponse_execution :: Lens.Lens' DescribeJobExecutionResponse (Prelude.Maybe JobExecution)
+describeJobExecutionResponse_execution = Lens.lens (\DescribeJobExecutionResponse' {execution} -> execution) (\s@DescribeJobExecutionResponse' {} a -> s {execution = a} :: DescribeJobExecutionResponse)
+
+-- | The response's http status code.
+describeJobExecutionResponse_httpStatus :: Lens.Lens' DescribeJobExecutionResponse Prelude.Int
+describeJobExecutionResponse_httpStatus = Lens.lens (\DescribeJobExecutionResponse' {httpStatus} -> httpStatus) (\s@DescribeJobExecutionResponse' {} a -> s {httpStatus = a} :: DescribeJobExecutionResponse)
+
+instance Prelude.NFData DescribeJobExecutionResponse where
+  rnf DescribeJobExecutionResponse' {..} =
+    Prelude.rnf execution
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeJobTemplate.hs b/gen/Amazonka/IoT/DescribeJobTemplate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeJobTemplate.hs
@@ -0,0 +1,274 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeJobTemplate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Returns information about a job template.
+module Amazonka.IoT.DescribeJobTemplate
+  ( -- * Creating a Request
+    DescribeJobTemplate (..),
+    newDescribeJobTemplate,
+
+    -- * Request Lenses
+    describeJobTemplate_jobTemplateId,
+
+    -- * Destructuring the Response
+    DescribeJobTemplateResponse (..),
+    newDescribeJobTemplateResponse,
+
+    -- * Response Lenses
+    describeJobTemplateResponse_abortConfig,
+    describeJobTemplateResponse_createdAt,
+    describeJobTemplateResponse_description,
+    describeJobTemplateResponse_document,
+    describeJobTemplateResponse_documentSource,
+    describeJobTemplateResponse_jobExecutionsRetryConfig,
+    describeJobTemplateResponse_jobExecutionsRolloutConfig,
+    describeJobTemplateResponse_jobTemplateArn,
+    describeJobTemplateResponse_jobTemplateId,
+    describeJobTemplateResponse_presignedUrlConfig,
+    describeJobTemplateResponse_timeoutConfig,
+    describeJobTemplateResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDescribeJobTemplate' smart constructor.
+data DescribeJobTemplate = DescribeJobTemplate'
+  { -- | The unique identifier of the job template.
+    jobTemplateId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeJobTemplate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'jobTemplateId', 'describeJobTemplate_jobTemplateId' - The unique identifier of the job template.
+newDescribeJobTemplate ::
+  -- | 'jobTemplateId'
+  Prelude.Text ->
+  DescribeJobTemplate
+newDescribeJobTemplate pJobTemplateId_ =
+  DescribeJobTemplate'
+    { jobTemplateId =
+        pJobTemplateId_
+    }
+
+-- | The unique identifier of the job template.
+describeJobTemplate_jobTemplateId :: Lens.Lens' DescribeJobTemplate Prelude.Text
+describeJobTemplate_jobTemplateId = Lens.lens (\DescribeJobTemplate' {jobTemplateId} -> jobTemplateId) (\s@DescribeJobTemplate' {} a -> s {jobTemplateId = a} :: DescribeJobTemplate)
+
+instance Core.AWSRequest DescribeJobTemplate where
+  type
+    AWSResponse DescribeJobTemplate =
+      DescribeJobTemplateResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeJobTemplateResponse'
+            Prelude.<$> (x Data..?> "abortConfig")
+            Prelude.<*> (x Data..?> "createdAt")
+            Prelude.<*> (x Data..?> "description")
+            Prelude.<*> (x Data..?> "document")
+            Prelude.<*> (x Data..?> "documentSource")
+            Prelude.<*> (x Data..?> "jobExecutionsRetryConfig")
+            Prelude.<*> (x Data..?> "jobExecutionsRolloutConfig")
+            Prelude.<*> (x Data..?> "jobTemplateArn")
+            Prelude.<*> (x Data..?> "jobTemplateId")
+            Prelude.<*> (x Data..?> "presignedUrlConfig")
+            Prelude.<*> (x Data..?> "timeoutConfig")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DescribeJobTemplate where
+  hashWithSalt _salt DescribeJobTemplate' {..} =
+    _salt `Prelude.hashWithSalt` jobTemplateId
+
+instance Prelude.NFData DescribeJobTemplate where
+  rnf DescribeJobTemplate' {..} =
+    Prelude.rnf jobTemplateId
+
+instance Data.ToHeaders DescribeJobTemplate where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DescribeJobTemplate where
+  toPath DescribeJobTemplate' {..} =
+    Prelude.mconcat
+      ["/job-templates/", Data.toBS jobTemplateId]
+
+instance Data.ToQuery DescribeJobTemplate where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeJobTemplateResponse' smart constructor.
+data DescribeJobTemplateResponse = DescribeJobTemplateResponse'
+  { abortConfig :: Prelude.Maybe AbortConfig,
+    -- | The time, in seconds since the epoch, when the job template was created.
+    createdAt :: Prelude.Maybe Data.POSIX,
+    -- | A description of the job template.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | The job document.
+    document :: Prelude.Maybe Prelude.Text,
+    -- | An S3 link to the job document.
+    documentSource :: Prelude.Maybe Prelude.Text,
+    -- | The configuration that determines how many retries are allowed for each
+    -- failure type for a job.
+    jobExecutionsRetryConfig :: Prelude.Maybe JobExecutionsRetryConfig,
+    jobExecutionsRolloutConfig :: Prelude.Maybe JobExecutionsRolloutConfig,
+    -- | The ARN of the job template.
+    jobTemplateArn :: Prelude.Maybe Prelude.Text,
+    -- | The unique identifier of the job template.
+    jobTemplateId :: Prelude.Maybe Prelude.Text,
+    presignedUrlConfig :: Prelude.Maybe PresignedUrlConfig,
+    timeoutConfig :: Prelude.Maybe TimeoutConfig,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeJobTemplateResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'abortConfig', 'describeJobTemplateResponse_abortConfig' - Undocumented member.
+--
+-- 'createdAt', 'describeJobTemplateResponse_createdAt' - The time, in seconds since the epoch, when the job template was created.
+--
+-- 'description', 'describeJobTemplateResponse_description' - A description of the job template.
+--
+-- 'document', 'describeJobTemplateResponse_document' - The job document.
+--
+-- 'documentSource', 'describeJobTemplateResponse_documentSource' - An S3 link to the job document.
+--
+-- 'jobExecutionsRetryConfig', 'describeJobTemplateResponse_jobExecutionsRetryConfig' - The configuration that determines how many retries are allowed for each
+-- failure type for a job.
+--
+-- 'jobExecutionsRolloutConfig', 'describeJobTemplateResponse_jobExecutionsRolloutConfig' - Undocumented member.
+--
+-- 'jobTemplateArn', 'describeJobTemplateResponse_jobTemplateArn' - The ARN of the job template.
+--
+-- 'jobTemplateId', 'describeJobTemplateResponse_jobTemplateId' - The unique identifier of the job template.
+--
+-- 'presignedUrlConfig', 'describeJobTemplateResponse_presignedUrlConfig' - Undocumented member.
+--
+-- 'timeoutConfig', 'describeJobTemplateResponse_timeoutConfig' - Undocumented member.
+--
+-- 'httpStatus', 'describeJobTemplateResponse_httpStatus' - The response's http status code.
+newDescribeJobTemplateResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeJobTemplateResponse
+newDescribeJobTemplateResponse pHttpStatus_ =
+  DescribeJobTemplateResponse'
+    { abortConfig =
+        Prelude.Nothing,
+      createdAt = Prelude.Nothing,
+      description = Prelude.Nothing,
+      document = Prelude.Nothing,
+      documentSource = Prelude.Nothing,
+      jobExecutionsRetryConfig = Prelude.Nothing,
+      jobExecutionsRolloutConfig = Prelude.Nothing,
+      jobTemplateArn = Prelude.Nothing,
+      jobTemplateId = Prelude.Nothing,
+      presignedUrlConfig = Prelude.Nothing,
+      timeoutConfig = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | Undocumented member.
+describeJobTemplateResponse_abortConfig :: Lens.Lens' DescribeJobTemplateResponse (Prelude.Maybe AbortConfig)
+describeJobTemplateResponse_abortConfig = Lens.lens (\DescribeJobTemplateResponse' {abortConfig} -> abortConfig) (\s@DescribeJobTemplateResponse' {} a -> s {abortConfig = a} :: DescribeJobTemplateResponse)
+
+-- | The time, in seconds since the epoch, when the job template was created.
+describeJobTemplateResponse_createdAt :: Lens.Lens' DescribeJobTemplateResponse (Prelude.Maybe Prelude.UTCTime)
+describeJobTemplateResponse_createdAt = Lens.lens (\DescribeJobTemplateResponse' {createdAt} -> createdAt) (\s@DescribeJobTemplateResponse' {} a -> s {createdAt = a} :: DescribeJobTemplateResponse) Prelude.. Lens.mapping Data._Time
+
+-- | A description of the job template.
+describeJobTemplateResponse_description :: Lens.Lens' DescribeJobTemplateResponse (Prelude.Maybe Prelude.Text)
+describeJobTemplateResponse_description = Lens.lens (\DescribeJobTemplateResponse' {description} -> description) (\s@DescribeJobTemplateResponse' {} a -> s {description = a} :: DescribeJobTemplateResponse)
+
+-- | The job document.
+describeJobTemplateResponse_document :: Lens.Lens' DescribeJobTemplateResponse (Prelude.Maybe Prelude.Text)
+describeJobTemplateResponse_document = Lens.lens (\DescribeJobTemplateResponse' {document} -> document) (\s@DescribeJobTemplateResponse' {} a -> s {document = a} :: DescribeJobTemplateResponse)
+
+-- | An S3 link to the job document.
+describeJobTemplateResponse_documentSource :: Lens.Lens' DescribeJobTemplateResponse (Prelude.Maybe Prelude.Text)
+describeJobTemplateResponse_documentSource = Lens.lens (\DescribeJobTemplateResponse' {documentSource} -> documentSource) (\s@DescribeJobTemplateResponse' {} a -> s {documentSource = a} :: DescribeJobTemplateResponse)
+
+-- | The configuration that determines how many retries are allowed for each
+-- failure type for a job.
+describeJobTemplateResponse_jobExecutionsRetryConfig :: Lens.Lens' DescribeJobTemplateResponse (Prelude.Maybe JobExecutionsRetryConfig)
+describeJobTemplateResponse_jobExecutionsRetryConfig = Lens.lens (\DescribeJobTemplateResponse' {jobExecutionsRetryConfig} -> jobExecutionsRetryConfig) (\s@DescribeJobTemplateResponse' {} a -> s {jobExecutionsRetryConfig = a} :: DescribeJobTemplateResponse)
+
+-- | Undocumented member.
+describeJobTemplateResponse_jobExecutionsRolloutConfig :: Lens.Lens' DescribeJobTemplateResponse (Prelude.Maybe JobExecutionsRolloutConfig)
+describeJobTemplateResponse_jobExecutionsRolloutConfig = Lens.lens (\DescribeJobTemplateResponse' {jobExecutionsRolloutConfig} -> jobExecutionsRolloutConfig) (\s@DescribeJobTemplateResponse' {} a -> s {jobExecutionsRolloutConfig = a} :: DescribeJobTemplateResponse)
+
+-- | The ARN of the job template.
+describeJobTemplateResponse_jobTemplateArn :: Lens.Lens' DescribeJobTemplateResponse (Prelude.Maybe Prelude.Text)
+describeJobTemplateResponse_jobTemplateArn = Lens.lens (\DescribeJobTemplateResponse' {jobTemplateArn} -> jobTemplateArn) (\s@DescribeJobTemplateResponse' {} a -> s {jobTemplateArn = a} :: DescribeJobTemplateResponse)
+
+-- | The unique identifier of the job template.
+describeJobTemplateResponse_jobTemplateId :: Lens.Lens' DescribeJobTemplateResponse (Prelude.Maybe Prelude.Text)
+describeJobTemplateResponse_jobTemplateId = Lens.lens (\DescribeJobTemplateResponse' {jobTemplateId} -> jobTemplateId) (\s@DescribeJobTemplateResponse' {} a -> s {jobTemplateId = a} :: DescribeJobTemplateResponse)
+
+-- | Undocumented member.
+describeJobTemplateResponse_presignedUrlConfig :: Lens.Lens' DescribeJobTemplateResponse (Prelude.Maybe PresignedUrlConfig)
+describeJobTemplateResponse_presignedUrlConfig = Lens.lens (\DescribeJobTemplateResponse' {presignedUrlConfig} -> presignedUrlConfig) (\s@DescribeJobTemplateResponse' {} a -> s {presignedUrlConfig = a} :: DescribeJobTemplateResponse)
+
+-- | Undocumented member.
+describeJobTemplateResponse_timeoutConfig :: Lens.Lens' DescribeJobTemplateResponse (Prelude.Maybe TimeoutConfig)
+describeJobTemplateResponse_timeoutConfig = Lens.lens (\DescribeJobTemplateResponse' {timeoutConfig} -> timeoutConfig) (\s@DescribeJobTemplateResponse' {} a -> s {timeoutConfig = a} :: DescribeJobTemplateResponse)
+
+-- | The response's http status code.
+describeJobTemplateResponse_httpStatus :: Lens.Lens' DescribeJobTemplateResponse Prelude.Int
+describeJobTemplateResponse_httpStatus = Lens.lens (\DescribeJobTemplateResponse' {httpStatus} -> httpStatus) (\s@DescribeJobTemplateResponse' {} a -> s {httpStatus = a} :: DescribeJobTemplateResponse)
+
+instance Prelude.NFData DescribeJobTemplateResponse where
+  rnf DescribeJobTemplateResponse' {..} =
+    Prelude.rnf abortConfig
+      `Prelude.seq` Prelude.rnf createdAt
+      `Prelude.seq` Prelude.rnf description
+      `Prelude.seq` Prelude.rnf document
+      `Prelude.seq` Prelude.rnf documentSource
+      `Prelude.seq` Prelude.rnf jobExecutionsRetryConfig
+      `Prelude.seq` Prelude.rnf jobExecutionsRolloutConfig
+      `Prelude.seq` Prelude.rnf jobTemplateArn
+      `Prelude.seq` Prelude.rnf jobTemplateId
+      `Prelude.seq` Prelude.rnf presignedUrlConfig
+      `Prelude.seq` Prelude.rnf timeoutConfig
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeManagedJobTemplate.hs b/gen/Amazonka/IoT/DescribeManagedJobTemplate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeManagedJobTemplate.hs
@@ -0,0 +1,266 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeManagedJobTemplate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- View details of a managed job template.
+module Amazonka.IoT.DescribeManagedJobTemplate
+  ( -- * Creating a Request
+    DescribeManagedJobTemplate (..),
+    newDescribeManagedJobTemplate,
+
+    -- * Request Lenses
+    describeManagedJobTemplate_templateVersion,
+    describeManagedJobTemplate_templateName,
+
+    -- * Destructuring the Response
+    DescribeManagedJobTemplateResponse (..),
+    newDescribeManagedJobTemplateResponse,
+
+    -- * Response Lenses
+    describeManagedJobTemplateResponse_description,
+    describeManagedJobTemplateResponse_document,
+    describeManagedJobTemplateResponse_documentParameters,
+    describeManagedJobTemplateResponse_environments,
+    describeManagedJobTemplateResponse_templateArn,
+    describeManagedJobTemplateResponse_templateName,
+    describeManagedJobTemplateResponse_templateVersion,
+    describeManagedJobTemplateResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDescribeManagedJobTemplate' smart constructor.
+data DescribeManagedJobTemplate = DescribeManagedJobTemplate'
+  { -- | An optional parameter to specify version of a managed template. If not
+    -- specified, the pre-defined default version is returned.
+    templateVersion :: Prelude.Maybe Prelude.Text,
+    -- | The unique name of a managed job template, which is required.
+    templateName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeManagedJobTemplate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'templateVersion', 'describeManagedJobTemplate_templateVersion' - An optional parameter to specify version of a managed template. If not
+-- specified, the pre-defined default version is returned.
+--
+-- 'templateName', 'describeManagedJobTemplate_templateName' - The unique name of a managed job template, which is required.
+newDescribeManagedJobTemplate ::
+  -- | 'templateName'
+  Prelude.Text ->
+  DescribeManagedJobTemplate
+newDescribeManagedJobTemplate pTemplateName_ =
+  DescribeManagedJobTemplate'
+    { templateVersion =
+        Prelude.Nothing,
+      templateName = pTemplateName_
+    }
+
+-- | An optional parameter to specify version of a managed template. If not
+-- specified, the pre-defined default version is returned.
+describeManagedJobTemplate_templateVersion :: Lens.Lens' DescribeManagedJobTemplate (Prelude.Maybe Prelude.Text)
+describeManagedJobTemplate_templateVersion = Lens.lens (\DescribeManagedJobTemplate' {templateVersion} -> templateVersion) (\s@DescribeManagedJobTemplate' {} a -> s {templateVersion = a} :: DescribeManagedJobTemplate)
+
+-- | The unique name of a managed job template, which is required.
+describeManagedJobTemplate_templateName :: Lens.Lens' DescribeManagedJobTemplate Prelude.Text
+describeManagedJobTemplate_templateName = Lens.lens (\DescribeManagedJobTemplate' {templateName} -> templateName) (\s@DescribeManagedJobTemplate' {} a -> s {templateName = a} :: DescribeManagedJobTemplate)
+
+instance Core.AWSRequest DescribeManagedJobTemplate where
+  type
+    AWSResponse DescribeManagedJobTemplate =
+      DescribeManagedJobTemplateResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeManagedJobTemplateResponse'
+            Prelude.<$> (x Data..?> "description")
+            Prelude.<*> (x Data..?> "document")
+            Prelude.<*> ( x
+                            Data..?> "documentParameters"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (x Data..?> "environments" Core..!@ Prelude.mempty)
+            Prelude.<*> (x Data..?> "templateArn")
+            Prelude.<*> (x Data..?> "templateName")
+            Prelude.<*> (x Data..?> "templateVersion")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DescribeManagedJobTemplate where
+  hashWithSalt _salt DescribeManagedJobTemplate' {..} =
+    _salt
+      `Prelude.hashWithSalt` templateVersion
+      `Prelude.hashWithSalt` templateName
+
+instance Prelude.NFData DescribeManagedJobTemplate where
+  rnf DescribeManagedJobTemplate' {..} =
+    Prelude.rnf templateVersion
+      `Prelude.seq` Prelude.rnf templateName
+
+instance Data.ToHeaders DescribeManagedJobTemplate where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DescribeManagedJobTemplate where
+  toPath DescribeManagedJobTemplate' {..} =
+    Prelude.mconcat
+      ["/managed-job-templates/", Data.toBS templateName]
+
+instance Data.ToQuery DescribeManagedJobTemplate where
+  toQuery DescribeManagedJobTemplate' {..} =
+    Prelude.mconcat
+      ["templateVersion" Data.=: templateVersion]
+
+-- | /See:/ 'newDescribeManagedJobTemplateResponse' smart constructor.
+data DescribeManagedJobTemplateResponse = DescribeManagedJobTemplateResponse'
+  { -- | The unique description of a managed template.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | The document schema for a managed job template.
+    document :: Prelude.Maybe Prelude.Text,
+    -- | A map of key-value pairs that you can use as guidance to specify the
+    -- inputs for creating a job from a managed template.
+    --
+    -- @documentParameters@ can only be used when creating jobs from Amazon Web
+    -- Services managed templates. This parameter can\'t be used with custom
+    -- job templates or to create jobs from them.
+    documentParameters :: Prelude.Maybe [DocumentParameter],
+    -- | A list of environments that are supported with the managed job template.
+    environments :: Prelude.Maybe [Prelude.Text],
+    -- | The unique Amazon Resource Name (ARN) of the managed template.
+    templateArn :: Prelude.Maybe Prelude.Text,
+    -- | The unique name of a managed template, such as @AWS-Reboot@.
+    templateName :: Prelude.Maybe Prelude.Text,
+    -- | The version for a managed template.
+    templateVersion :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeManagedJobTemplateResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'description', 'describeManagedJobTemplateResponse_description' - The unique description of a managed template.
+--
+-- 'document', 'describeManagedJobTemplateResponse_document' - The document schema for a managed job template.
+--
+-- 'documentParameters', 'describeManagedJobTemplateResponse_documentParameters' - A map of key-value pairs that you can use as guidance to specify the
+-- inputs for creating a job from a managed template.
+--
+-- @documentParameters@ can only be used when creating jobs from Amazon Web
+-- Services managed templates. This parameter can\'t be used with custom
+-- job templates or to create jobs from them.
+--
+-- 'environments', 'describeManagedJobTemplateResponse_environments' - A list of environments that are supported with the managed job template.
+--
+-- 'templateArn', 'describeManagedJobTemplateResponse_templateArn' - The unique Amazon Resource Name (ARN) of the managed template.
+--
+-- 'templateName', 'describeManagedJobTemplateResponse_templateName' - The unique name of a managed template, such as @AWS-Reboot@.
+--
+-- 'templateVersion', 'describeManagedJobTemplateResponse_templateVersion' - The version for a managed template.
+--
+-- 'httpStatus', 'describeManagedJobTemplateResponse_httpStatus' - The response's http status code.
+newDescribeManagedJobTemplateResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeManagedJobTemplateResponse
+newDescribeManagedJobTemplateResponse pHttpStatus_ =
+  DescribeManagedJobTemplateResponse'
+    { description =
+        Prelude.Nothing,
+      document = Prelude.Nothing,
+      documentParameters = Prelude.Nothing,
+      environments = Prelude.Nothing,
+      templateArn = Prelude.Nothing,
+      templateName = Prelude.Nothing,
+      templateVersion = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The unique description of a managed template.
+describeManagedJobTemplateResponse_description :: Lens.Lens' DescribeManagedJobTemplateResponse (Prelude.Maybe Prelude.Text)
+describeManagedJobTemplateResponse_description = Lens.lens (\DescribeManagedJobTemplateResponse' {description} -> description) (\s@DescribeManagedJobTemplateResponse' {} a -> s {description = a} :: DescribeManagedJobTemplateResponse)
+
+-- | The document schema for a managed job template.
+describeManagedJobTemplateResponse_document :: Lens.Lens' DescribeManagedJobTemplateResponse (Prelude.Maybe Prelude.Text)
+describeManagedJobTemplateResponse_document = Lens.lens (\DescribeManagedJobTemplateResponse' {document} -> document) (\s@DescribeManagedJobTemplateResponse' {} a -> s {document = a} :: DescribeManagedJobTemplateResponse)
+
+-- | A map of key-value pairs that you can use as guidance to specify the
+-- inputs for creating a job from a managed template.
+--
+-- @documentParameters@ can only be used when creating jobs from Amazon Web
+-- Services managed templates. This parameter can\'t be used with custom
+-- job templates or to create jobs from them.
+describeManagedJobTemplateResponse_documentParameters :: Lens.Lens' DescribeManagedJobTemplateResponse (Prelude.Maybe [DocumentParameter])
+describeManagedJobTemplateResponse_documentParameters = Lens.lens (\DescribeManagedJobTemplateResponse' {documentParameters} -> documentParameters) (\s@DescribeManagedJobTemplateResponse' {} a -> s {documentParameters = a} :: DescribeManagedJobTemplateResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | A list of environments that are supported with the managed job template.
+describeManagedJobTemplateResponse_environments :: Lens.Lens' DescribeManagedJobTemplateResponse (Prelude.Maybe [Prelude.Text])
+describeManagedJobTemplateResponse_environments = Lens.lens (\DescribeManagedJobTemplateResponse' {environments} -> environments) (\s@DescribeManagedJobTemplateResponse' {} a -> s {environments = a} :: DescribeManagedJobTemplateResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The unique Amazon Resource Name (ARN) of the managed template.
+describeManagedJobTemplateResponse_templateArn :: Lens.Lens' DescribeManagedJobTemplateResponse (Prelude.Maybe Prelude.Text)
+describeManagedJobTemplateResponse_templateArn = Lens.lens (\DescribeManagedJobTemplateResponse' {templateArn} -> templateArn) (\s@DescribeManagedJobTemplateResponse' {} a -> s {templateArn = a} :: DescribeManagedJobTemplateResponse)
+
+-- | The unique name of a managed template, such as @AWS-Reboot@.
+describeManagedJobTemplateResponse_templateName :: Lens.Lens' DescribeManagedJobTemplateResponse (Prelude.Maybe Prelude.Text)
+describeManagedJobTemplateResponse_templateName = Lens.lens (\DescribeManagedJobTemplateResponse' {templateName} -> templateName) (\s@DescribeManagedJobTemplateResponse' {} a -> s {templateName = a} :: DescribeManagedJobTemplateResponse)
+
+-- | The version for a managed template.
+describeManagedJobTemplateResponse_templateVersion :: Lens.Lens' DescribeManagedJobTemplateResponse (Prelude.Maybe Prelude.Text)
+describeManagedJobTemplateResponse_templateVersion = Lens.lens (\DescribeManagedJobTemplateResponse' {templateVersion} -> templateVersion) (\s@DescribeManagedJobTemplateResponse' {} a -> s {templateVersion = a} :: DescribeManagedJobTemplateResponse)
+
+-- | The response's http status code.
+describeManagedJobTemplateResponse_httpStatus :: Lens.Lens' DescribeManagedJobTemplateResponse Prelude.Int
+describeManagedJobTemplateResponse_httpStatus = Lens.lens (\DescribeManagedJobTemplateResponse' {httpStatus} -> httpStatus) (\s@DescribeManagedJobTemplateResponse' {} a -> s {httpStatus = a} :: DescribeManagedJobTemplateResponse)
+
+instance
+  Prelude.NFData
+    DescribeManagedJobTemplateResponse
+  where
+  rnf DescribeManagedJobTemplateResponse' {..} =
+    Prelude.rnf description
+      `Prelude.seq` Prelude.rnf document
+      `Prelude.seq` Prelude.rnf documentParameters
+      `Prelude.seq` Prelude.rnf environments
+      `Prelude.seq` Prelude.rnf templateArn
+      `Prelude.seq` Prelude.rnf templateName
+      `Prelude.seq` Prelude.rnf templateVersion
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeMitigationAction.hs b/gen/Amazonka/IoT/DescribeMitigationAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeMitigationAction.hs
@@ -0,0 +1,252 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeMitigationAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets information about a mitigation action.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeMitigationAction>
+-- action.
+module Amazonka.IoT.DescribeMitigationAction
+  ( -- * Creating a Request
+    DescribeMitigationAction (..),
+    newDescribeMitigationAction,
+
+    -- * Request Lenses
+    describeMitigationAction_actionName,
+
+    -- * Destructuring the Response
+    DescribeMitigationActionResponse (..),
+    newDescribeMitigationActionResponse,
+
+    -- * Response Lenses
+    describeMitigationActionResponse_actionArn,
+    describeMitigationActionResponse_actionId,
+    describeMitigationActionResponse_actionName,
+    describeMitigationActionResponse_actionParams,
+    describeMitigationActionResponse_actionType,
+    describeMitigationActionResponse_creationDate,
+    describeMitigationActionResponse_lastModifiedDate,
+    describeMitigationActionResponse_roleArn,
+    describeMitigationActionResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDescribeMitigationAction' smart constructor.
+data DescribeMitigationAction = DescribeMitigationAction'
+  { -- | The friendly name that uniquely identifies the mitigation action.
+    actionName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeMitigationAction' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'actionName', 'describeMitigationAction_actionName' - The friendly name that uniquely identifies the mitigation action.
+newDescribeMitigationAction ::
+  -- | 'actionName'
+  Prelude.Text ->
+  DescribeMitigationAction
+newDescribeMitigationAction pActionName_ =
+  DescribeMitigationAction'
+    { actionName =
+        pActionName_
+    }
+
+-- | The friendly name that uniquely identifies the mitigation action.
+describeMitigationAction_actionName :: Lens.Lens' DescribeMitigationAction Prelude.Text
+describeMitigationAction_actionName = Lens.lens (\DescribeMitigationAction' {actionName} -> actionName) (\s@DescribeMitigationAction' {} a -> s {actionName = a} :: DescribeMitigationAction)
+
+instance Core.AWSRequest DescribeMitigationAction where
+  type
+    AWSResponse DescribeMitigationAction =
+      DescribeMitigationActionResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeMitigationActionResponse'
+            Prelude.<$> (x Data..?> "actionArn")
+            Prelude.<*> (x Data..?> "actionId")
+            Prelude.<*> (x Data..?> "actionName")
+            Prelude.<*> (x Data..?> "actionParams")
+            Prelude.<*> (x Data..?> "actionType")
+            Prelude.<*> (x Data..?> "creationDate")
+            Prelude.<*> (x Data..?> "lastModifiedDate")
+            Prelude.<*> (x Data..?> "roleArn")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DescribeMitigationAction where
+  hashWithSalt _salt DescribeMitigationAction' {..} =
+    _salt `Prelude.hashWithSalt` actionName
+
+instance Prelude.NFData DescribeMitigationAction where
+  rnf DescribeMitigationAction' {..} =
+    Prelude.rnf actionName
+
+instance Data.ToHeaders DescribeMitigationAction where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DescribeMitigationAction where
+  toPath DescribeMitigationAction' {..} =
+    Prelude.mconcat
+      ["/mitigationactions/actions/", Data.toBS actionName]
+
+instance Data.ToQuery DescribeMitigationAction where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeMitigationActionResponse' smart constructor.
+data DescribeMitigationActionResponse = DescribeMitigationActionResponse'
+  { -- | The ARN that identifies this migration action.
+    actionArn :: Prelude.Maybe Prelude.Text,
+    -- | A unique identifier for this action.
+    actionId :: Prelude.Maybe Prelude.Text,
+    -- | The friendly name that uniquely identifies the mitigation action.
+    actionName :: Prelude.Maybe Prelude.Text,
+    -- | Parameters that control how the mitigation action is applied, specific
+    -- to the type of mitigation action.
+    actionParams :: Prelude.Maybe MitigationActionParams,
+    -- | The type of mitigation action.
+    actionType :: Prelude.Maybe MitigationActionType,
+    -- | The date and time when the mitigation action was added to your Amazon
+    -- Web Services accounts.
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | The date and time when the mitigation action was last changed.
+    lastModifiedDate :: Prelude.Maybe Data.POSIX,
+    -- | The ARN of the IAM role used to apply this action.
+    roleArn :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeMitigationActionResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'actionArn', 'describeMitigationActionResponse_actionArn' - The ARN that identifies this migration action.
+--
+-- 'actionId', 'describeMitigationActionResponse_actionId' - A unique identifier for this action.
+--
+-- 'actionName', 'describeMitigationActionResponse_actionName' - The friendly name that uniquely identifies the mitigation action.
+--
+-- 'actionParams', 'describeMitigationActionResponse_actionParams' - Parameters that control how the mitigation action is applied, specific
+-- to the type of mitigation action.
+--
+-- 'actionType', 'describeMitigationActionResponse_actionType' - The type of mitigation action.
+--
+-- 'creationDate', 'describeMitigationActionResponse_creationDate' - The date and time when the mitigation action was added to your Amazon
+-- Web Services accounts.
+--
+-- 'lastModifiedDate', 'describeMitigationActionResponse_lastModifiedDate' - The date and time when the mitigation action was last changed.
+--
+-- 'roleArn', 'describeMitigationActionResponse_roleArn' - The ARN of the IAM role used to apply this action.
+--
+-- 'httpStatus', 'describeMitigationActionResponse_httpStatus' - The response's http status code.
+newDescribeMitigationActionResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeMitigationActionResponse
+newDescribeMitigationActionResponse pHttpStatus_ =
+  DescribeMitigationActionResponse'
+    { actionArn =
+        Prelude.Nothing,
+      actionId = Prelude.Nothing,
+      actionName = Prelude.Nothing,
+      actionParams = Prelude.Nothing,
+      actionType = Prelude.Nothing,
+      creationDate = Prelude.Nothing,
+      lastModifiedDate = Prelude.Nothing,
+      roleArn = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The ARN that identifies this migration action.
+describeMitigationActionResponse_actionArn :: Lens.Lens' DescribeMitigationActionResponse (Prelude.Maybe Prelude.Text)
+describeMitigationActionResponse_actionArn = Lens.lens (\DescribeMitigationActionResponse' {actionArn} -> actionArn) (\s@DescribeMitigationActionResponse' {} a -> s {actionArn = a} :: DescribeMitigationActionResponse)
+
+-- | A unique identifier for this action.
+describeMitigationActionResponse_actionId :: Lens.Lens' DescribeMitigationActionResponse (Prelude.Maybe Prelude.Text)
+describeMitigationActionResponse_actionId = Lens.lens (\DescribeMitigationActionResponse' {actionId} -> actionId) (\s@DescribeMitigationActionResponse' {} a -> s {actionId = a} :: DescribeMitigationActionResponse)
+
+-- | The friendly name that uniquely identifies the mitigation action.
+describeMitigationActionResponse_actionName :: Lens.Lens' DescribeMitigationActionResponse (Prelude.Maybe Prelude.Text)
+describeMitigationActionResponse_actionName = Lens.lens (\DescribeMitigationActionResponse' {actionName} -> actionName) (\s@DescribeMitigationActionResponse' {} a -> s {actionName = a} :: DescribeMitigationActionResponse)
+
+-- | Parameters that control how the mitigation action is applied, specific
+-- to the type of mitigation action.
+describeMitigationActionResponse_actionParams :: Lens.Lens' DescribeMitigationActionResponse (Prelude.Maybe MitigationActionParams)
+describeMitigationActionResponse_actionParams = Lens.lens (\DescribeMitigationActionResponse' {actionParams} -> actionParams) (\s@DescribeMitigationActionResponse' {} a -> s {actionParams = a} :: DescribeMitigationActionResponse)
+
+-- | The type of mitigation action.
+describeMitigationActionResponse_actionType :: Lens.Lens' DescribeMitigationActionResponse (Prelude.Maybe MitigationActionType)
+describeMitigationActionResponse_actionType = Lens.lens (\DescribeMitigationActionResponse' {actionType} -> actionType) (\s@DescribeMitigationActionResponse' {} a -> s {actionType = a} :: DescribeMitigationActionResponse)
+
+-- | The date and time when the mitigation action was added to your Amazon
+-- Web Services accounts.
+describeMitigationActionResponse_creationDate :: Lens.Lens' DescribeMitigationActionResponse (Prelude.Maybe Prelude.UTCTime)
+describeMitigationActionResponse_creationDate = Lens.lens (\DescribeMitigationActionResponse' {creationDate} -> creationDate) (\s@DescribeMitigationActionResponse' {} a -> s {creationDate = a} :: DescribeMitigationActionResponse) Prelude.. Lens.mapping Data._Time
+
+-- | The date and time when the mitigation action was last changed.
+describeMitigationActionResponse_lastModifiedDate :: Lens.Lens' DescribeMitigationActionResponse (Prelude.Maybe Prelude.UTCTime)
+describeMitigationActionResponse_lastModifiedDate = Lens.lens (\DescribeMitigationActionResponse' {lastModifiedDate} -> lastModifiedDate) (\s@DescribeMitigationActionResponse' {} a -> s {lastModifiedDate = a} :: DescribeMitigationActionResponse) Prelude.. Lens.mapping Data._Time
+
+-- | The ARN of the IAM role used to apply this action.
+describeMitigationActionResponse_roleArn :: Lens.Lens' DescribeMitigationActionResponse (Prelude.Maybe Prelude.Text)
+describeMitigationActionResponse_roleArn = Lens.lens (\DescribeMitigationActionResponse' {roleArn} -> roleArn) (\s@DescribeMitigationActionResponse' {} a -> s {roleArn = a} :: DescribeMitigationActionResponse)
+
+-- | The response's http status code.
+describeMitigationActionResponse_httpStatus :: Lens.Lens' DescribeMitigationActionResponse Prelude.Int
+describeMitigationActionResponse_httpStatus = Lens.lens (\DescribeMitigationActionResponse' {httpStatus} -> httpStatus) (\s@DescribeMitigationActionResponse' {} a -> s {httpStatus = a} :: DescribeMitigationActionResponse)
+
+instance
+  Prelude.NFData
+    DescribeMitigationActionResponse
+  where
+  rnf DescribeMitigationActionResponse' {..} =
+    Prelude.rnf actionArn
+      `Prelude.seq` Prelude.rnf actionId
+      `Prelude.seq` Prelude.rnf actionName
+      `Prelude.seq` Prelude.rnf actionParams
+      `Prelude.seq` Prelude.rnf actionType
+      `Prelude.seq` Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf lastModifiedDate
+      `Prelude.seq` Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeProvisioningTemplate.hs b/gen/Amazonka/IoT/DescribeProvisioningTemplate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeProvisioningTemplate.hs
@@ -0,0 +1,300 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeProvisioningTemplate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Returns information about a provisioning template.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeProvisioningTemplate>
+-- action.
+module Amazonka.IoT.DescribeProvisioningTemplate
+  ( -- * Creating a Request
+    DescribeProvisioningTemplate (..),
+    newDescribeProvisioningTemplate,
+
+    -- * Request Lenses
+    describeProvisioningTemplate_templateName,
+
+    -- * Destructuring the Response
+    DescribeProvisioningTemplateResponse (..),
+    newDescribeProvisioningTemplateResponse,
+
+    -- * Response Lenses
+    describeProvisioningTemplateResponse_creationDate,
+    describeProvisioningTemplateResponse_defaultVersionId,
+    describeProvisioningTemplateResponse_description,
+    describeProvisioningTemplateResponse_enabled,
+    describeProvisioningTemplateResponse_lastModifiedDate,
+    describeProvisioningTemplateResponse_preProvisioningHook,
+    describeProvisioningTemplateResponse_provisioningRoleArn,
+    describeProvisioningTemplateResponse_templateArn,
+    describeProvisioningTemplateResponse_templateBody,
+    describeProvisioningTemplateResponse_templateName,
+    describeProvisioningTemplateResponse_type,
+    describeProvisioningTemplateResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDescribeProvisioningTemplate' smart constructor.
+data DescribeProvisioningTemplate = DescribeProvisioningTemplate'
+  { -- | The name of the provisioning template.
+    templateName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeProvisioningTemplate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'templateName', 'describeProvisioningTemplate_templateName' - The name of the provisioning template.
+newDescribeProvisioningTemplate ::
+  -- | 'templateName'
+  Prelude.Text ->
+  DescribeProvisioningTemplate
+newDescribeProvisioningTemplate pTemplateName_ =
+  DescribeProvisioningTemplate'
+    { templateName =
+        pTemplateName_
+    }
+
+-- | The name of the provisioning template.
+describeProvisioningTemplate_templateName :: Lens.Lens' DescribeProvisioningTemplate Prelude.Text
+describeProvisioningTemplate_templateName = Lens.lens (\DescribeProvisioningTemplate' {templateName} -> templateName) (\s@DescribeProvisioningTemplate' {} a -> s {templateName = a} :: DescribeProvisioningTemplate)
+
+instance Core.AWSRequest DescribeProvisioningTemplate where
+  type
+    AWSResponse DescribeProvisioningTemplate =
+      DescribeProvisioningTemplateResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeProvisioningTemplateResponse'
+            Prelude.<$> (x Data..?> "creationDate")
+            Prelude.<*> (x Data..?> "defaultVersionId")
+            Prelude.<*> (x Data..?> "description")
+            Prelude.<*> (x Data..?> "enabled")
+            Prelude.<*> (x Data..?> "lastModifiedDate")
+            Prelude.<*> (x Data..?> "preProvisioningHook")
+            Prelude.<*> (x Data..?> "provisioningRoleArn")
+            Prelude.<*> (x Data..?> "templateArn")
+            Prelude.<*> (x Data..?> "templateBody")
+            Prelude.<*> (x Data..?> "templateName")
+            Prelude.<*> (x Data..?> "type")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    DescribeProvisioningTemplate
+  where
+  hashWithSalt _salt DescribeProvisioningTemplate' {..} =
+    _salt `Prelude.hashWithSalt` templateName
+
+instance Prelude.NFData DescribeProvisioningTemplate where
+  rnf DescribeProvisioningTemplate' {..} =
+    Prelude.rnf templateName
+
+instance Data.ToHeaders DescribeProvisioningTemplate where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DescribeProvisioningTemplate where
+  toPath DescribeProvisioningTemplate' {..} =
+    Prelude.mconcat
+      ["/provisioning-templates/", Data.toBS templateName]
+
+instance Data.ToQuery DescribeProvisioningTemplate where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeProvisioningTemplateResponse' smart constructor.
+data DescribeProvisioningTemplateResponse = DescribeProvisioningTemplateResponse'
+  { -- | The date when the provisioning template was created.
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | The default fleet template version ID.
+    defaultVersionId :: Prelude.Maybe Prelude.Int,
+    -- | The description of the provisioning template.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | True if the provisioning template is enabled, otherwise false.
+    enabled :: Prelude.Maybe Prelude.Bool,
+    -- | The date when the provisioning template was last modified.
+    lastModifiedDate :: Prelude.Maybe Data.POSIX,
+    -- | Gets information about a pre-provisioned hook.
+    preProvisioningHook :: Prelude.Maybe ProvisioningHook,
+    -- | The ARN of the role associated with the provisioning template. This IoT
+    -- role grants permission to provision a device.
+    provisioningRoleArn :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the provisioning template.
+    templateArn :: Prelude.Maybe Prelude.Text,
+    -- | The JSON formatted contents of the provisioning template.
+    templateBody :: Prelude.Maybe Prelude.Text,
+    -- | The name of the provisioning template.
+    templateName :: Prelude.Maybe Prelude.Text,
+    -- | The type you define in a provisioning template. You can create a
+    -- template with only one type. You can\'t change the template type after
+    -- its creation. The default value is @FLEET_PROVISIONING@. For more
+    -- information about provisioning template, see:
+    -- <https://docs.aws.amazon.com/iot/latest/developerguide/provision-template.html Provisioning template>.
+    type' :: Prelude.Maybe TemplateType,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeProvisioningTemplateResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'creationDate', 'describeProvisioningTemplateResponse_creationDate' - The date when the provisioning template was created.
+--
+-- 'defaultVersionId', 'describeProvisioningTemplateResponse_defaultVersionId' - The default fleet template version ID.
+--
+-- 'description', 'describeProvisioningTemplateResponse_description' - The description of the provisioning template.
+--
+-- 'enabled', 'describeProvisioningTemplateResponse_enabled' - True if the provisioning template is enabled, otherwise false.
+--
+-- 'lastModifiedDate', 'describeProvisioningTemplateResponse_lastModifiedDate' - The date when the provisioning template was last modified.
+--
+-- 'preProvisioningHook', 'describeProvisioningTemplateResponse_preProvisioningHook' - Gets information about a pre-provisioned hook.
+--
+-- 'provisioningRoleArn', 'describeProvisioningTemplateResponse_provisioningRoleArn' - The ARN of the role associated with the provisioning template. This IoT
+-- role grants permission to provision a device.
+--
+-- 'templateArn', 'describeProvisioningTemplateResponse_templateArn' - The ARN of the provisioning template.
+--
+-- 'templateBody', 'describeProvisioningTemplateResponse_templateBody' - The JSON formatted contents of the provisioning template.
+--
+-- 'templateName', 'describeProvisioningTemplateResponse_templateName' - The name of the provisioning template.
+--
+-- 'type'', 'describeProvisioningTemplateResponse_type' - The type you define in a provisioning template. You can create a
+-- template with only one type. You can\'t change the template type after
+-- its creation. The default value is @FLEET_PROVISIONING@. For more
+-- information about provisioning template, see:
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/provision-template.html Provisioning template>.
+--
+-- 'httpStatus', 'describeProvisioningTemplateResponse_httpStatus' - The response's http status code.
+newDescribeProvisioningTemplateResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeProvisioningTemplateResponse
+newDescribeProvisioningTemplateResponse pHttpStatus_ =
+  DescribeProvisioningTemplateResponse'
+    { creationDate =
+        Prelude.Nothing,
+      defaultVersionId = Prelude.Nothing,
+      description = Prelude.Nothing,
+      enabled = Prelude.Nothing,
+      lastModifiedDate = Prelude.Nothing,
+      preProvisioningHook = Prelude.Nothing,
+      provisioningRoleArn = Prelude.Nothing,
+      templateArn = Prelude.Nothing,
+      templateBody = Prelude.Nothing,
+      templateName = Prelude.Nothing,
+      type' = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The date when the provisioning template was created.
+describeProvisioningTemplateResponse_creationDate :: Lens.Lens' DescribeProvisioningTemplateResponse (Prelude.Maybe Prelude.UTCTime)
+describeProvisioningTemplateResponse_creationDate = Lens.lens (\DescribeProvisioningTemplateResponse' {creationDate} -> creationDate) (\s@DescribeProvisioningTemplateResponse' {} a -> s {creationDate = a} :: DescribeProvisioningTemplateResponse) Prelude.. Lens.mapping Data._Time
+
+-- | The default fleet template version ID.
+describeProvisioningTemplateResponse_defaultVersionId :: Lens.Lens' DescribeProvisioningTemplateResponse (Prelude.Maybe Prelude.Int)
+describeProvisioningTemplateResponse_defaultVersionId = Lens.lens (\DescribeProvisioningTemplateResponse' {defaultVersionId} -> defaultVersionId) (\s@DescribeProvisioningTemplateResponse' {} a -> s {defaultVersionId = a} :: DescribeProvisioningTemplateResponse)
+
+-- | The description of the provisioning template.
+describeProvisioningTemplateResponse_description :: Lens.Lens' DescribeProvisioningTemplateResponse (Prelude.Maybe Prelude.Text)
+describeProvisioningTemplateResponse_description = Lens.lens (\DescribeProvisioningTemplateResponse' {description} -> description) (\s@DescribeProvisioningTemplateResponse' {} a -> s {description = a} :: DescribeProvisioningTemplateResponse)
+
+-- | True if the provisioning template is enabled, otherwise false.
+describeProvisioningTemplateResponse_enabled :: Lens.Lens' DescribeProvisioningTemplateResponse (Prelude.Maybe Prelude.Bool)
+describeProvisioningTemplateResponse_enabled = Lens.lens (\DescribeProvisioningTemplateResponse' {enabled} -> enabled) (\s@DescribeProvisioningTemplateResponse' {} a -> s {enabled = a} :: DescribeProvisioningTemplateResponse)
+
+-- | The date when the provisioning template was last modified.
+describeProvisioningTemplateResponse_lastModifiedDate :: Lens.Lens' DescribeProvisioningTemplateResponse (Prelude.Maybe Prelude.UTCTime)
+describeProvisioningTemplateResponse_lastModifiedDate = Lens.lens (\DescribeProvisioningTemplateResponse' {lastModifiedDate} -> lastModifiedDate) (\s@DescribeProvisioningTemplateResponse' {} a -> s {lastModifiedDate = a} :: DescribeProvisioningTemplateResponse) Prelude.. Lens.mapping Data._Time
+
+-- | Gets information about a pre-provisioned hook.
+describeProvisioningTemplateResponse_preProvisioningHook :: Lens.Lens' DescribeProvisioningTemplateResponse (Prelude.Maybe ProvisioningHook)
+describeProvisioningTemplateResponse_preProvisioningHook = Lens.lens (\DescribeProvisioningTemplateResponse' {preProvisioningHook} -> preProvisioningHook) (\s@DescribeProvisioningTemplateResponse' {} a -> s {preProvisioningHook = a} :: DescribeProvisioningTemplateResponse)
+
+-- | The ARN of the role associated with the provisioning template. This IoT
+-- role grants permission to provision a device.
+describeProvisioningTemplateResponse_provisioningRoleArn :: Lens.Lens' DescribeProvisioningTemplateResponse (Prelude.Maybe Prelude.Text)
+describeProvisioningTemplateResponse_provisioningRoleArn = Lens.lens (\DescribeProvisioningTemplateResponse' {provisioningRoleArn} -> provisioningRoleArn) (\s@DescribeProvisioningTemplateResponse' {} a -> s {provisioningRoleArn = a} :: DescribeProvisioningTemplateResponse)
+
+-- | The ARN of the provisioning template.
+describeProvisioningTemplateResponse_templateArn :: Lens.Lens' DescribeProvisioningTemplateResponse (Prelude.Maybe Prelude.Text)
+describeProvisioningTemplateResponse_templateArn = Lens.lens (\DescribeProvisioningTemplateResponse' {templateArn} -> templateArn) (\s@DescribeProvisioningTemplateResponse' {} a -> s {templateArn = a} :: DescribeProvisioningTemplateResponse)
+
+-- | The JSON formatted contents of the provisioning template.
+describeProvisioningTemplateResponse_templateBody :: Lens.Lens' DescribeProvisioningTemplateResponse (Prelude.Maybe Prelude.Text)
+describeProvisioningTemplateResponse_templateBody = Lens.lens (\DescribeProvisioningTemplateResponse' {templateBody} -> templateBody) (\s@DescribeProvisioningTemplateResponse' {} a -> s {templateBody = a} :: DescribeProvisioningTemplateResponse)
+
+-- | The name of the provisioning template.
+describeProvisioningTemplateResponse_templateName :: Lens.Lens' DescribeProvisioningTemplateResponse (Prelude.Maybe Prelude.Text)
+describeProvisioningTemplateResponse_templateName = Lens.lens (\DescribeProvisioningTemplateResponse' {templateName} -> templateName) (\s@DescribeProvisioningTemplateResponse' {} a -> s {templateName = a} :: DescribeProvisioningTemplateResponse)
+
+-- | The type you define in a provisioning template. You can create a
+-- template with only one type. You can\'t change the template type after
+-- its creation. The default value is @FLEET_PROVISIONING@. For more
+-- information about provisioning template, see:
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/provision-template.html Provisioning template>.
+describeProvisioningTemplateResponse_type :: Lens.Lens' DescribeProvisioningTemplateResponse (Prelude.Maybe TemplateType)
+describeProvisioningTemplateResponse_type = Lens.lens (\DescribeProvisioningTemplateResponse' {type'} -> type') (\s@DescribeProvisioningTemplateResponse' {} a -> s {type' = a} :: DescribeProvisioningTemplateResponse)
+
+-- | The response's http status code.
+describeProvisioningTemplateResponse_httpStatus :: Lens.Lens' DescribeProvisioningTemplateResponse Prelude.Int
+describeProvisioningTemplateResponse_httpStatus = Lens.lens (\DescribeProvisioningTemplateResponse' {httpStatus} -> httpStatus) (\s@DescribeProvisioningTemplateResponse' {} a -> s {httpStatus = a} :: DescribeProvisioningTemplateResponse)
+
+instance
+  Prelude.NFData
+    DescribeProvisioningTemplateResponse
+  where
+  rnf DescribeProvisioningTemplateResponse' {..} =
+    Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf defaultVersionId
+      `Prelude.seq` Prelude.rnf description
+      `Prelude.seq` Prelude.rnf enabled
+      `Prelude.seq` Prelude.rnf lastModifiedDate
+      `Prelude.seq` Prelude.rnf preProvisioningHook
+      `Prelude.seq` Prelude.rnf provisioningRoleArn
+      `Prelude.seq` Prelude.rnf templateArn
+      `Prelude.seq` Prelude.rnf templateBody
+      `Prelude.seq` Prelude.rnf templateName
+      `Prelude.seq` Prelude.rnf type'
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeProvisioningTemplateVersion.hs b/gen/Amazonka/IoT/DescribeProvisioningTemplateVersion.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeProvisioningTemplateVersion.hs
@@ -0,0 +1,241 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeProvisioningTemplateVersion
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Returns information about a provisioning template version.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeProvisioningTemplateVersion>
+-- action.
+module Amazonka.IoT.DescribeProvisioningTemplateVersion
+  ( -- * Creating a Request
+    DescribeProvisioningTemplateVersion (..),
+    newDescribeProvisioningTemplateVersion,
+
+    -- * Request Lenses
+    describeProvisioningTemplateVersion_templateName,
+    describeProvisioningTemplateVersion_versionId,
+
+    -- * Destructuring the Response
+    DescribeProvisioningTemplateVersionResponse (..),
+    newDescribeProvisioningTemplateVersionResponse,
+
+    -- * Response Lenses
+    describeProvisioningTemplateVersionResponse_creationDate,
+    describeProvisioningTemplateVersionResponse_isDefaultVersion,
+    describeProvisioningTemplateVersionResponse_templateBody,
+    describeProvisioningTemplateVersionResponse_versionId,
+    describeProvisioningTemplateVersionResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDescribeProvisioningTemplateVersion' smart constructor.
+data DescribeProvisioningTemplateVersion = DescribeProvisioningTemplateVersion'
+  { -- | The template name.
+    templateName :: Prelude.Text,
+    -- | The provisioning template version ID.
+    versionId :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeProvisioningTemplateVersion' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'templateName', 'describeProvisioningTemplateVersion_templateName' - The template name.
+--
+-- 'versionId', 'describeProvisioningTemplateVersion_versionId' - The provisioning template version ID.
+newDescribeProvisioningTemplateVersion ::
+  -- | 'templateName'
+  Prelude.Text ->
+  -- | 'versionId'
+  Prelude.Int ->
+  DescribeProvisioningTemplateVersion
+newDescribeProvisioningTemplateVersion
+  pTemplateName_
+  pVersionId_ =
+    DescribeProvisioningTemplateVersion'
+      { templateName =
+          pTemplateName_,
+        versionId = pVersionId_
+      }
+
+-- | The template name.
+describeProvisioningTemplateVersion_templateName :: Lens.Lens' DescribeProvisioningTemplateVersion Prelude.Text
+describeProvisioningTemplateVersion_templateName = Lens.lens (\DescribeProvisioningTemplateVersion' {templateName} -> templateName) (\s@DescribeProvisioningTemplateVersion' {} a -> s {templateName = a} :: DescribeProvisioningTemplateVersion)
+
+-- | The provisioning template version ID.
+describeProvisioningTemplateVersion_versionId :: Lens.Lens' DescribeProvisioningTemplateVersion Prelude.Int
+describeProvisioningTemplateVersion_versionId = Lens.lens (\DescribeProvisioningTemplateVersion' {versionId} -> versionId) (\s@DescribeProvisioningTemplateVersion' {} a -> s {versionId = a} :: DescribeProvisioningTemplateVersion)
+
+instance
+  Core.AWSRequest
+    DescribeProvisioningTemplateVersion
+  where
+  type
+    AWSResponse DescribeProvisioningTemplateVersion =
+      DescribeProvisioningTemplateVersionResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeProvisioningTemplateVersionResponse'
+            Prelude.<$> (x Data..?> "creationDate")
+            Prelude.<*> (x Data..?> "isDefaultVersion")
+            Prelude.<*> (x Data..?> "templateBody")
+            Prelude.<*> (x Data..?> "versionId")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    DescribeProvisioningTemplateVersion
+  where
+  hashWithSalt
+    _salt
+    DescribeProvisioningTemplateVersion' {..} =
+      _salt
+        `Prelude.hashWithSalt` templateName
+        `Prelude.hashWithSalt` versionId
+
+instance
+  Prelude.NFData
+    DescribeProvisioningTemplateVersion
+  where
+  rnf DescribeProvisioningTemplateVersion' {..} =
+    Prelude.rnf templateName
+      `Prelude.seq` Prelude.rnf versionId
+
+instance
+  Data.ToHeaders
+    DescribeProvisioningTemplateVersion
+  where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance
+  Data.ToPath
+    DescribeProvisioningTemplateVersion
+  where
+  toPath DescribeProvisioningTemplateVersion' {..} =
+    Prelude.mconcat
+      [ "/provisioning-templates/",
+        Data.toBS templateName,
+        "/versions/",
+        Data.toBS versionId
+      ]
+
+instance
+  Data.ToQuery
+    DescribeProvisioningTemplateVersion
+  where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeProvisioningTemplateVersionResponse' smart constructor.
+data DescribeProvisioningTemplateVersionResponse = DescribeProvisioningTemplateVersionResponse'
+  { -- | The date when the provisioning template version was created.
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | True if the provisioning template version is the default version.
+    isDefaultVersion :: Prelude.Maybe Prelude.Bool,
+    -- | The JSON formatted contents of the provisioning template version.
+    templateBody :: Prelude.Maybe Prelude.Text,
+    -- | The provisioning template version ID.
+    versionId :: Prelude.Maybe Prelude.Int,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeProvisioningTemplateVersionResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'creationDate', 'describeProvisioningTemplateVersionResponse_creationDate' - The date when the provisioning template version was created.
+--
+-- 'isDefaultVersion', 'describeProvisioningTemplateVersionResponse_isDefaultVersion' - True if the provisioning template version is the default version.
+--
+-- 'templateBody', 'describeProvisioningTemplateVersionResponse_templateBody' - The JSON formatted contents of the provisioning template version.
+--
+-- 'versionId', 'describeProvisioningTemplateVersionResponse_versionId' - The provisioning template version ID.
+--
+-- 'httpStatus', 'describeProvisioningTemplateVersionResponse_httpStatus' - The response's http status code.
+newDescribeProvisioningTemplateVersionResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeProvisioningTemplateVersionResponse
+newDescribeProvisioningTemplateVersionResponse
+  pHttpStatus_ =
+    DescribeProvisioningTemplateVersionResponse'
+      { creationDate =
+          Prelude.Nothing,
+        isDefaultVersion =
+          Prelude.Nothing,
+        templateBody = Prelude.Nothing,
+        versionId = Prelude.Nothing,
+        httpStatus = pHttpStatus_
+      }
+
+-- | The date when the provisioning template version was created.
+describeProvisioningTemplateVersionResponse_creationDate :: Lens.Lens' DescribeProvisioningTemplateVersionResponse (Prelude.Maybe Prelude.UTCTime)
+describeProvisioningTemplateVersionResponse_creationDate = Lens.lens (\DescribeProvisioningTemplateVersionResponse' {creationDate} -> creationDate) (\s@DescribeProvisioningTemplateVersionResponse' {} a -> s {creationDate = a} :: DescribeProvisioningTemplateVersionResponse) Prelude.. Lens.mapping Data._Time
+
+-- | True if the provisioning template version is the default version.
+describeProvisioningTemplateVersionResponse_isDefaultVersion :: Lens.Lens' DescribeProvisioningTemplateVersionResponse (Prelude.Maybe Prelude.Bool)
+describeProvisioningTemplateVersionResponse_isDefaultVersion = Lens.lens (\DescribeProvisioningTemplateVersionResponse' {isDefaultVersion} -> isDefaultVersion) (\s@DescribeProvisioningTemplateVersionResponse' {} a -> s {isDefaultVersion = a} :: DescribeProvisioningTemplateVersionResponse)
+
+-- | The JSON formatted contents of the provisioning template version.
+describeProvisioningTemplateVersionResponse_templateBody :: Lens.Lens' DescribeProvisioningTemplateVersionResponse (Prelude.Maybe Prelude.Text)
+describeProvisioningTemplateVersionResponse_templateBody = Lens.lens (\DescribeProvisioningTemplateVersionResponse' {templateBody} -> templateBody) (\s@DescribeProvisioningTemplateVersionResponse' {} a -> s {templateBody = a} :: DescribeProvisioningTemplateVersionResponse)
+
+-- | The provisioning template version ID.
+describeProvisioningTemplateVersionResponse_versionId :: Lens.Lens' DescribeProvisioningTemplateVersionResponse (Prelude.Maybe Prelude.Int)
+describeProvisioningTemplateVersionResponse_versionId = Lens.lens (\DescribeProvisioningTemplateVersionResponse' {versionId} -> versionId) (\s@DescribeProvisioningTemplateVersionResponse' {} a -> s {versionId = a} :: DescribeProvisioningTemplateVersionResponse)
+
+-- | The response's http status code.
+describeProvisioningTemplateVersionResponse_httpStatus :: Lens.Lens' DescribeProvisioningTemplateVersionResponse Prelude.Int
+describeProvisioningTemplateVersionResponse_httpStatus = Lens.lens (\DescribeProvisioningTemplateVersionResponse' {httpStatus} -> httpStatus) (\s@DescribeProvisioningTemplateVersionResponse' {} a -> s {httpStatus = a} :: DescribeProvisioningTemplateVersionResponse)
+
+instance
+  Prelude.NFData
+    DescribeProvisioningTemplateVersionResponse
+  where
+  rnf DescribeProvisioningTemplateVersionResponse' {..} =
+    Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf isDefaultVersion
+      `Prelude.seq` Prelude.rnf templateBody
+      `Prelude.seq` Prelude.rnf versionId
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeRoleAlias.hs b/gen/Amazonka/IoT/DescribeRoleAlias.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeRoleAlias.hs
@@ -0,0 +1,155 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeRoleAlias
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Describes a role alias.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeRoleAlias>
+-- action.
+module Amazonka.IoT.DescribeRoleAlias
+  ( -- * Creating a Request
+    DescribeRoleAlias (..),
+    newDescribeRoleAlias,
+
+    -- * Request Lenses
+    describeRoleAlias_roleAlias,
+
+    -- * Destructuring the Response
+    DescribeRoleAliasResponse (..),
+    newDescribeRoleAliasResponse,
+
+    -- * Response Lenses
+    describeRoleAliasResponse_roleAliasDescription,
+    describeRoleAliasResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDescribeRoleAlias' smart constructor.
+data DescribeRoleAlias = DescribeRoleAlias'
+  { -- | The role alias to describe.
+    roleAlias :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeRoleAlias' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'roleAlias', 'describeRoleAlias_roleAlias' - The role alias to describe.
+newDescribeRoleAlias ::
+  -- | 'roleAlias'
+  Prelude.Text ->
+  DescribeRoleAlias
+newDescribeRoleAlias pRoleAlias_ =
+  DescribeRoleAlias' {roleAlias = pRoleAlias_}
+
+-- | The role alias to describe.
+describeRoleAlias_roleAlias :: Lens.Lens' DescribeRoleAlias Prelude.Text
+describeRoleAlias_roleAlias = Lens.lens (\DescribeRoleAlias' {roleAlias} -> roleAlias) (\s@DescribeRoleAlias' {} a -> s {roleAlias = a} :: DescribeRoleAlias)
+
+instance Core.AWSRequest DescribeRoleAlias where
+  type
+    AWSResponse DescribeRoleAlias =
+      DescribeRoleAliasResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeRoleAliasResponse'
+            Prelude.<$> (x Data..?> "roleAliasDescription")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DescribeRoleAlias where
+  hashWithSalt _salt DescribeRoleAlias' {..} =
+    _salt `Prelude.hashWithSalt` roleAlias
+
+instance Prelude.NFData DescribeRoleAlias where
+  rnf DescribeRoleAlias' {..} = Prelude.rnf roleAlias
+
+instance Data.ToHeaders DescribeRoleAlias where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DescribeRoleAlias where
+  toPath DescribeRoleAlias' {..} =
+    Prelude.mconcat
+      ["/role-aliases/", Data.toBS roleAlias]
+
+instance Data.ToQuery DescribeRoleAlias where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeRoleAliasResponse' smart constructor.
+data DescribeRoleAliasResponse = DescribeRoleAliasResponse'
+  { -- | The role alias description.
+    roleAliasDescription :: Prelude.Maybe RoleAliasDescription,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeRoleAliasResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'roleAliasDescription', 'describeRoleAliasResponse_roleAliasDescription' - The role alias description.
+--
+-- 'httpStatus', 'describeRoleAliasResponse_httpStatus' - The response's http status code.
+newDescribeRoleAliasResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeRoleAliasResponse
+newDescribeRoleAliasResponse pHttpStatus_ =
+  DescribeRoleAliasResponse'
+    { roleAliasDescription =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The role alias description.
+describeRoleAliasResponse_roleAliasDescription :: Lens.Lens' DescribeRoleAliasResponse (Prelude.Maybe RoleAliasDescription)
+describeRoleAliasResponse_roleAliasDescription = Lens.lens (\DescribeRoleAliasResponse' {roleAliasDescription} -> roleAliasDescription) (\s@DescribeRoleAliasResponse' {} a -> s {roleAliasDescription = a} :: DescribeRoleAliasResponse)
+
+-- | The response's http status code.
+describeRoleAliasResponse_httpStatus :: Lens.Lens' DescribeRoleAliasResponse Prelude.Int
+describeRoleAliasResponse_httpStatus = Lens.lens (\DescribeRoleAliasResponse' {httpStatus} -> httpStatus) (\s@DescribeRoleAliasResponse' {} a -> s {httpStatus = a} :: DescribeRoleAliasResponse)
+
+instance Prelude.NFData DescribeRoleAliasResponse where
+  rnf DescribeRoleAliasResponse' {..} =
+    Prelude.rnf roleAliasDescription
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeScheduledAudit.hs b/gen/Amazonka/IoT/DescribeScheduledAudit.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeScheduledAudit.hs
@@ -0,0 +1,254 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeScheduledAudit
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets information about a scheduled audit.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeScheduledAudit>
+-- action.
+module Amazonka.IoT.DescribeScheduledAudit
+  ( -- * Creating a Request
+    DescribeScheduledAudit (..),
+    newDescribeScheduledAudit,
+
+    -- * Request Lenses
+    describeScheduledAudit_scheduledAuditName,
+
+    -- * Destructuring the Response
+    DescribeScheduledAuditResponse (..),
+    newDescribeScheduledAuditResponse,
+
+    -- * Response Lenses
+    describeScheduledAuditResponse_dayOfMonth,
+    describeScheduledAuditResponse_dayOfWeek,
+    describeScheduledAuditResponse_frequency,
+    describeScheduledAuditResponse_scheduledAuditArn,
+    describeScheduledAuditResponse_scheduledAuditName,
+    describeScheduledAuditResponse_targetCheckNames,
+    describeScheduledAuditResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDescribeScheduledAudit' smart constructor.
+data DescribeScheduledAudit = DescribeScheduledAudit'
+  { -- | The name of the scheduled audit whose information you want to get.
+    scheduledAuditName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeScheduledAudit' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'scheduledAuditName', 'describeScheduledAudit_scheduledAuditName' - The name of the scheduled audit whose information you want to get.
+newDescribeScheduledAudit ::
+  -- | 'scheduledAuditName'
+  Prelude.Text ->
+  DescribeScheduledAudit
+newDescribeScheduledAudit pScheduledAuditName_ =
+  DescribeScheduledAudit'
+    { scheduledAuditName =
+        pScheduledAuditName_
+    }
+
+-- | The name of the scheduled audit whose information you want to get.
+describeScheduledAudit_scheduledAuditName :: Lens.Lens' DescribeScheduledAudit Prelude.Text
+describeScheduledAudit_scheduledAuditName = Lens.lens (\DescribeScheduledAudit' {scheduledAuditName} -> scheduledAuditName) (\s@DescribeScheduledAudit' {} a -> s {scheduledAuditName = a} :: DescribeScheduledAudit)
+
+instance Core.AWSRequest DescribeScheduledAudit where
+  type
+    AWSResponse DescribeScheduledAudit =
+      DescribeScheduledAuditResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeScheduledAuditResponse'
+            Prelude.<$> (x Data..?> "dayOfMonth")
+            Prelude.<*> (x Data..?> "dayOfWeek")
+            Prelude.<*> (x Data..?> "frequency")
+            Prelude.<*> (x Data..?> "scheduledAuditArn")
+            Prelude.<*> (x Data..?> "scheduledAuditName")
+            Prelude.<*> ( x
+                            Data..?> "targetCheckNames"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DescribeScheduledAudit where
+  hashWithSalt _salt DescribeScheduledAudit' {..} =
+    _salt `Prelude.hashWithSalt` scheduledAuditName
+
+instance Prelude.NFData DescribeScheduledAudit where
+  rnf DescribeScheduledAudit' {..} =
+    Prelude.rnf scheduledAuditName
+
+instance Data.ToHeaders DescribeScheduledAudit where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DescribeScheduledAudit where
+  toPath DescribeScheduledAudit' {..} =
+    Prelude.mconcat
+      [ "/audit/scheduledaudits/",
+        Data.toBS scheduledAuditName
+      ]
+
+instance Data.ToQuery DescribeScheduledAudit where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeScheduledAuditResponse' smart constructor.
+data DescribeScheduledAuditResponse = DescribeScheduledAuditResponse'
+  { -- | The day of the month on which the scheduled audit takes place. This is
+    -- will be @1@ through @31@ or @LAST@. If days @29@-@31@ are specified, and
+    -- the month does not have that many days, the audit takes place on the
+    -- @LAST@ day of the month.
+    dayOfMonth :: Prelude.Maybe Prelude.Text,
+    -- | The day of the week on which the scheduled audit takes place, either one
+    -- of @SUN@, @MON@, @TUE@, @WED@, @THU@, @FRI@, or @SAT@.
+    dayOfWeek :: Prelude.Maybe DayOfWeek,
+    -- | How often the scheduled audit takes place, either one of @DAILY@,
+    -- @WEEKLY@, @BIWEEKLY@, or @MONTHLY@. The start time of each audit is
+    -- determined by the system.
+    frequency :: Prelude.Maybe AuditFrequency,
+    -- | The ARN of the scheduled audit.
+    scheduledAuditArn :: Prelude.Maybe Prelude.Text,
+    -- | The name of the scheduled audit.
+    scheduledAuditName :: Prelude.Maybe Prelude.Text,
+    -- | Which checks are performed during the scheduled audit. Checks must be
+    -- enabled for your account. (Use @DescribeAccountAuditConfiguration@ to
+    -- see the list of all checks, including those that are enabled or use
+    -- @UpdateAccountAuditConfiguration@ to select which checks are enabled.)
+    targetCheckNames :: Prelude.Maybe [Prelude.Text],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeScheduledAuditResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'dayOfMonth', 'describeScheduledAuditResponse_dayOfMonth' - The day of the month on which the scheduled audit takes place. This is
+-- will be @1@ through @31@ or @LAST@. If days @29@-@31@ are specified, and
+-- the month does not have that many days, the audit takes place on the
+-- @LAST@ day of the month.
+--
+-- 'dayOfWeek', 'describeScheduledAuditResponse_dayOfWeek' - The day of the week on which the scheduled audit takes place, either one
+-- of @SUN@, @MON@, @TUE@, @WED@, @THU@, @FRI@, or @SAT@.
+--
+-- 'frequency', 'describeScheduledAuditResponse_frequency' - How often the scheduled audit takes place, either one of @DAILY@,
+-- @WEEKLY@, @BIWEEKLY@, or @MONTHLY@. The start time of each audit is
+-- determined by the system.
+--
+-- 'scheduledAuditArn', 'describeScheduledAuditResponse_scheduledAuditArn' - The ARN of the scheduled audit.
+--
+-- 'scheduledAuditName', 'describeScheduledAuditResponse_scheduledAuditName' - The name of the scheduled audit.
+--
+-- 'targetCheckNames', 'describeScheduledAuditResponse_targetCheckNames' - Which checks are performed during the scheduled audit. Checks must be
+-- enabled for your account. (Use @DescribeAccountAuditConfiguration@ to
+-- see the list of all checks, including those that are enabled or use
+-- @UpdateAccountAuditConfiguration@ to select which checks are enabled.)
+--
+-- 'httpStatus', 'describeScheduledAuditResponse_httpStatus' - The response's http status code.
+newDescribeScheduledAuditResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeScheduledAuditResponse
+newDescribeScheduledAuditResponse pHttpStatus_ =
+  DescribeScheduledAuditResponse'
+    { dayOfMonth =
+        Prelude.Nothing,
+      dayOfWeek = Prelude.Nothing,
+      frequency = Prelude.Nothing,
+      scheduledAuditArn = Prelude.Nothing,
+      scheduledAuditName = Prelude.Nothing,
+      targetCheckNames = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The day of the month on which the scheduled audit takes place. This is
+-- will be @1@ through @31@ or @LAST@. If days @29@-@31@ are specified, and
+-- the month does not have that many days, the audit takes place on the
+-- @LAST@ day of the month.
+describeScheduledAuditResponse_dayOfMonth :: Lens.Lens' DescribeScheduledAuditResponse (Prelude.Maybe Prelude.Text)
+describeScheduledAuditResponse_dayOfMonth = Lens.lens (\DescribeScheduledAuditResponse' {dayOfMonth} -> dayOfMonth) (\s@DescribeScheduledAuditResponse' {} a -> s {dayOfMonth = a} :: DescribeScheduledAuditResponse)
+
+-- | The day of the week on which the scheduled audit takes place, either one
+-- of @SUN@, @MON@, @TUE@, @WED@, @THU@, @FRI@, or @SAT@.
+describeScheduledAuditResponse_dayOfWeek :: Lens.Lens' DescribeScheduledAuditResponse (Prelude.Maybe DayOfWeek)
+describeScheduledAuditResponse_dayOfWeek = Lens.lens (\DescribeScheduledAuditResponse' {dayOfWeek} -> dayOfWeek) (\s@DescribeScheduledAuditResponse' {} a -> s {dayOfWeek = a} :: DescribeScheduledAuditResponse)
+
+-- | How often the scheduled audit takes place, either one of @DAILY@,
+-- @WEEKLY@, @BIWEEKLY@, or @MONTHLY@. The start time of each audit is
+-- determined by the system.
+describeScheduledAuditResponse_frequency :: Lens.Lens' DescribeScheduledAuditResponse (Prelude.Maybe AuditFrequency)
+describeScheduledAuditResponse_frequency = Lens.lens (\DescribeScheduledAuditResponse' {frequency} -> frequency) (\s@DescribeScheduledAuditResponse' {} a -> s {frequency = a} :: DescribeScheduledAuditResponse)
+
+-- | The ARN of the scheduled audit.
+describeScheduledAuditResponse_scheduledAuditArn :: Lens.Lens' DescribeScheduledAuditResponse (Prelude.Maybe Prelude.Text)
+describeScheduledAuditResponse_scheduledAuditArn = Lens.lens (\DescribeScheduledAuditResponse' {scheduledAuditArn} -> scheduledAuditArn) (\s@DescribeScheduledAuditResponse' {} a -> s {scheduledAuditArn = a} :: DescribeScheduledAuditResponse)
+
+-- | The name of the scheduled audit.
+describeScheduledAuditResponse_scheduledAuditName :: Lens.Lens' DescribeScheduledAuditResponse (Prelude.Maybe Prelude.Text)
+describeScheduledAuditResponse_scheduledAuditName = Lens.lens (\DescribeScheduledAuditResponse' {scheduledAuditName} -> scheduledAuditName) (\s@DescribeScheduledAuditResponse' {} a -> s {scheduledAuditName = a} :: DescribeScheduledAuditResponse)
+
+-- | Which checks are performed during the scheduled audit. Checks must be
+-- enabled for your account. (Use @DescribeAccountAuditConfiguration@ to
+-- see the list of all checks, including those that are enabled or use
+-- @UpdateAccountAuditConfiguration@ to select which checks are enabled.)
+describeScheduledAuditResponse_targetCheckNames :: Lens.Lens' DescribeScheduledAuditResponse (Prelude.Maybe [Prelude.Text])
+describeScheduledAuditResponse_targetCheckNames = Lens.lens (\DescribeScheduledAuditResponse' {targetCheckNames} -> targetCheckNames) (\s@DescribeScheduledAuditResponse' {} a -> s {targetCheckNames = a} :: DescribeScheduledAuditResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+describeScheduledAuditResponse_httpStatus :: Lens.Lens' DescribeScheduledAuditResponse Prelude.Int
+describeScheduledAuditResponse_httpStatus = Lens.lens (\DescribeScheduledAuditResponse' {httpStatus} -> httpStatus) (\s@DescribeScheduledAuditResponse' {} a -> s {httpStatus = a} :: DescribeScheduledAuditResponse)
+
+instance
+  Prelude.NFData
+    DescribeScheduledAuditResponse
+  where
+  rnf DescribeScheduledAuditResponse' {..} =
+    Prelude.rnf dayOfMonth
+      `Prelude.seq` Prelude.rnf dayOfWeek
+      `Prelude.seq` Prelude.rnf frequency
+      `Prelude.seq` Prelude.rnf scheduledAuditArn
+      `Prelude.seq` Prelude.rnf scheduledAuditName
+      `Prelude.seq` Prelude.rnf targetCheckNames
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeSecurityProfile.hs b/gen/Amazonka/IoT/DescribeSecurityProfile.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeSecurityProfile.hs
@@ -0,0 +1,310 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeSecurityProfile
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets information about a Device Defender security profile.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeSecurityProfile>
+-- action.
+module Amazonka.IoT.DescribeSecurityProfile
+  ( -- * Creating a Request
+    DescribeSecurityProfile (..),
+    newDescribeSecurityProfile,
+
+    -- * Request Lenses
+    describeSecurityProfile_securityProfileName,
+
+    -- * Destructuring the Response
+    DescribeSecurityProfileResponse (..),
+    newDescribeSecurityProfileResponse,
+
+    -- * Response Lenses
+    describeSecurityProfileResponse_additionalMetricsToRetain,
+    describeSecurityProfileResponse_additionalMetricsToRetainV2,
+    describeSecurityProfileResponse_alertTargets,
+    describeSecurityProfileResponse_behaviors,
+    describeSecurityProfileResponse_creationDate,
+    describeSecurityProfileResponse_lastModifiedDate,
+    describeSecurityProfileResponse_securityProfileArn,
+    describeSecurityProfileResponse_securityProfileDescription,
+    describeSecurityProfileResponse_securityProfileName,
+    describeSecurityProfileResponse_version,
+    describeSecurityProfileResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDescribeSecurityProfile' smart constructor.
+data DescribeSecurityProfile = DescribeSecurityProfile'
+  { -- | The name of the security profile whose information you want to get.
+    securityProfileName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeSecurityProfile' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'securityProfileName', 'describeSecurityProfile_securityProfileName' - The name of the security profile whose information you want to get.
+newDescribeSecurityProfile ::
+  -- | 'securityProfileName'
+  Prelude.Text ->
+  DescribeSecurityProfile
+newDescribeSecurityProfile pSecurityProfileName_ =
+  DescribeSecurityProfile'
+    { securityProfileName =
+        pSecurityProfileName_
+    }
+
+-- | The name of the security profile whose information you want to get.
+describeSecurityProfile_securityProfileName :: Lens.Lens' DescribeSecurityProfile Prelude.Text
+describeSecurityProfile_securityProfileName = Lens.lens (\DescribeSecurityProfile' {securityProfileName} -> securityProfileName) (\s@DescribeSecurityProfile' {} a -> s {securityProfileName = a} :: DescribeSecurityProfile)
+
+instance Core.AWSRequest DescribeSecurityProfile where
+  type
+    AWSResponse DescribeSecurityProfile =
+      DescribeSecurityProfileResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeSecurityProfileResponse'
+            Prelude.<$> ( x
+                            Data..?> "additionalMetricsToRetain"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> ( x
+                            Data..?> "additionalMetricsToRetainV2"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (x Data..?> "alertTargets" Core..!@ Prelude.mempty)
+            Prelude.<*> (x Data..?> "behaviors" Core..!@ Prelude.mempty)
+            Prelude.<*> (x Data..?> "creationDate")
+            Prelude.<*> (x Data..?> "lastModifiedDate")
+            Prelude.<*> (x Data..?> "securityProfileArn")
+            Prelude.<*> (x Data..?> "securityProfileDescription")
+            Prelude.<*> (x Data..?> "securityProfileName")
+            Prelude.<*> (x Data..?> "version")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DescribeSecurityProfile where
+  hashWithSalt _salt DescribeSecurityProfile' {..} =
+    _salt `Prelude.hashWithSalt` securityProfileName
+
+instance Prelude.NFData DescribeSecurityProfile where
+  rnf DescribeSecurityProfile' {..} =
+    Prelude.rnf securityProfileName
+
+instance Data.ToHeaders DescribeSecurityProfile where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DescribeSecurityProfile where
+  toPath DescribeSecurityProfile' {..} =
+    Prelude.mconcat
+      [ "/security-profiles/",
+        Data.toBS securityProfileName
+      ]
+
+instance Data.ToQuery DescribeSecurityProfile where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeSecurityProfileResponse' smart constructor.
+data DescribeSecurityProfileResponse = DescribeSecurityProfileResponse'
+  { -- | /Please use DescribeSecurityProfileResponse$additionalMetricsToRetainV2
+    -- instead./
+    --
+    -- A list of metrics whose data is retained (stored). By default, data is
+    -- retained for any metric used in the profile\'s @behaviors@, but it is
+    -- also retained for any metric specified here.
+    additionalMetricsToRetain :: Prelude.Maybe [Prelude.Text],
+    -- | A list of metrics whose data is retained (stored). By default, data is
+    -- retained for any metric used in the profile\'s behaviors, but it is also
+    -- retained for any metric specified here.
+    additionalMetricsToRetainV2 :: Prelude.Maybe [MetricToRetain],
+    -- | Where the alerts are sent. (Alerts are always sent to the console.)
+    alertTargets :: Prelude.Maybe (Prelude.HashMap AlertTargetType AlertTarget),
+    -- | Specifies the behaviors that, when violated by a device (thing), cause
+    -- an alert.
+    behaviors :: Prelude.Maybe [Behavior],
+    -- | The time the security profile was created.
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | The time the security profile was last modified.
+    lastModifiedDate :: Prelude.Maybe Data.POSIX,
+    -- | The ARN of the security profile.
+    securityProfileArn :: Prelude.Maybe Prelude.Text,
+    -- | A description of the security profile (associated with the security
+    -- profile when it was created or updated).
+    securityProfileDescription :: Prelude.Maybe Prelude.Text,
+    -- | The name of the security profile.
+    securityProfileName :: Prelude.Maybe Prelude.Text,
+    -- | The version of the security profile. A new version is generated whenever
+    -- the security profile is updated.
+    version :: Prelude.Maybe Prelude.Integer,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeSecurityProfileResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'additionalMetricsToRetain', 'describeSecurityProfileResponse_additionalMetricsToRetain' - /Please use DescribeSecurityProfileResponse$additionalMetricsToRetainV2
+-- instead./
+--
+-- A list of metrics whose data is retained (stored). By default, data is
+-- retained for any metric used in the profile\'s @behaviors@, but it is
+-- also retained for any metric specified here.
+--
+-- 'additionalMetricsToRetainV2', 'describeSecurityProfileResponse_additionalMetricsToRetainV2' - A list of metrics whose data is retained (stored). By default, data is
+-- retained for any metric used in the profile\'s behaviors, but it is also
+-- retained for any metric specified here.
+--
+-- 'alertTargets', 'describeSecurityProfileResponse_alertTargets' - Where the alerts are sent. (Alerts are always sent to the console.)
+--
+-- 'behaviors', 'describeSecurityProfileResponse_behaviors' - Specifies the behaviors that, when violated by a device (thing), cause
+-- an alert.
+--
+-- 'creationDate', 'describeSecurityProfileResponse_creationDate' - The time the security profile was created.
+--
+-- 'lastModifiedDate', 'describeSecurityProfileResponse_lastModifiedDate' - The time the security profile was last modified.
+--
+-- 'securityProfileArn', 'describeSecurityProfileResponse_securityProfileArn' - The ARN of the security profile.
+--
+-- 'securityProfileDescription', 'describeSecurityProfileResponse_securityProfileDescription' - A description of the security profile (associated with the security
+-- profile when it was created or updated).
+--
+-- 'securityProfileName', 'describeSecurityProfileResponse_securityProfileName' - The name of the security profile.
+--
+-- 'version', 'describeSecurityProfileResponse_version' - The version of the security profile. A new version is generated whenever
+-- the security profile is updated.
+--
+-- 'httpStatus', 'describeSecurityProfileResponse_httpStatus' - The response's http status code.
+newDescribeSecurityProfileResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeSecurityProfileResponse
+newDescribeSecurityProfileResponse pHttpStatus_ =
+  DescribeSecurityProfileResponse'
+    { additionalMetricsToRetain =
+        Prelude.Nothing,
+      additionalMetricsToRetainV2 =
+        Prelude.Nothing,
+      alertTargets = Prelude.Nothing,
+      behaviors = Prelude.Nothing,
+      creationDate = Prelude.Nothing,
+      lastModifiedDate = Prelude.Nothing,
+      securityProfileArn = Prelude.Nothing,
+      securityProfileDescription =
+        Prelude.Nothing,
+      securityProfileName = Prelude.Nothing,
+      version = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | /Please use DescribeSecurityProfileResponse$additionalMetricsToRetainV2
+-- instead./
+--
+-- A list of metrics whose data is retained (stored). By default, data is
+-- retained for any metric used in the profile\'s @behaviors@, but it is
+-- also retained for any metric specified here.
+describeSecurityProfileResponse_additionalMetricsToRetain :: Lens.Lens' DescribeSecurityProfileResponse (Prelude.Maybe [Prelude.Text])
+describeSecurityProfileResponse_additionalMetricsToRetain = Lens.lens (\DescribeSecurityProfileResponse' {additionalMetricsToRetain} -> additionalMetricsToRetain) (\s@DescribeSecurityProfileResponse' {} a -> s {additionalMetricsToRetain = a} :: DescribeSecurityProfileResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | A list of metrics whose data is retained (stored). By default, data is
+-- retained for any metric used in the profile\'s behaviors, but it is also
+-- retained for any metric specified here.
+describeSecurityProfileResponse_additionalMetricsToRetainV2 :: Lens.Lens' DescribeSecurityProfileResponse (Prelude.Maybe [MetricToRetain])
+describeSecurityProfileResponse_additionalMetricsToRetainV2 = Lens.lens (\DescribeSecurityProfileResponse' {additionalMetricsToRetainV2} -> additionalMetricsToRetainV2) (\s@DescribeSecurityProfileResponse' {} a -> s {additionalMetricsToRetainV2 = a} :: DescribeSecurityProfileResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | Where the alerts are sent. (Alerts are always sent to the console.)
+describeSecurityProfileResponse_alertTargets :: Lens.Lens' DescribeSecurityProfileResponse (Prelude.Maybe (Prelude.HashMap AlertTargetType AlertTarget))
+describeSecurityProfileResponse_alertTargets = Lens.lens (\DescribeSecurityProfileResponse' {alertTargets} -> alertTargets) (\s@DescribeSecurityProfileResponse' {} a -> s {alertTargets = a} :: DescribeSecurityProfileResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies the behaviors that, when violated by a device (thing), cause
+-- an alert.
+describeSecurityProfileResponse_behaviors :: Lens.Lens' DescribeSecurityProfileResponse (Prelude.Maybe [Behavior])
+describeSecurityProfileResponse_behaviors = Lens.lens (\DescribeSecurityProfileResponse' {behaviors} -> behaviors) (\s@DescribeSecurityProfileResponse' {} a -> s {behaviors = a} :: DescribeSecurityProfileResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The time the security profile was created.
+describeSecurityProfileResponse_creationDate :: Lens.Lens' DescribeSecurityProfileResponse (Prelude.Maybe Prelude.UTCTime)
+describeSecurityProfileResponse_creationDate = Lens.lens (\DescribeSecurityProfileResponse' {creationDate} -> creationDate) (\s@DescribeSecurityProfileResponse' {} a -> s {creationDate = a} :: DescribeSecurityProfileResponse) Prelude.. Lens.mapping Data._Time
+
+-- | The time the security profile was last modified.
+describeSecurityProfileResponse_lastModifiedDate :: Lens.Lens' DescribeSecurityProfileResponse (Prelude.Maybe Prelude.UTCTime)
+describeSecurityProfileResponse_lastModifiedDate = Lens.lens (\DescribeSecurityProfileResponse' {lastModifiedDate} -> lastModifiedDate) (\s@DescribeSecurityProfileResponse' {} a -> s {lastModifiedDate = a} :: DescribeSecurityProfileResponse) Prelude.. Lens.mapping Data._Time
+
+-- | The ARN of the security profile.
+describeSecurityProfileResponse_securityProfileArn :: Lens.Lens' DescribeSecurityProfileResponse (Prelude.Maybe Prelude.Text)
+describeSecurityProfileResponse_securityProfileArn = Lens.lens (\DescribeSecurityProfileResponse' {securityProfileArn} -> securityProfileArn) (\s@DescribeSecurityProfileResponse' {} a -> s {securityProfileArn = a} :: DescribeSecurityProfileResponse)
+
+-- | A description of the security profile (associated with the security
+-- profile when it was created or updated).
+describeSecurityProfileResponse_securityProfileDescription :: Lens.Lens' DescribeSecurityProfileResponse (Prelude.Maybe Prelude.Text)
+describeSecurityProfileResponse_securityProfileDescription = Lens.lens (\DescribeSecurityProfileResponse' {securityProfileDescription} -> securityProfileDescription) (\s@DescribeSecurityProfileResponse' {} a -> s {securityProfileDescription = a} :: DescribeSecurityProfileResponse)
+
+-- | The name of the security profile.
+describeSecurityProfileResponse_securityProfileName :: Lens.Lens' DescribeSecurityProfileResponse (Prelude.Maybe Prelude.Text)
+describeSecurityProfileResponse_securityProfileName = Lens.lens (\DescribeSecurityProfileResponse' {securityProfileName} -> securityProfileName) (\s@DescribeSecurityProfileResponse' {} a -> s {securityProfileName = a} :: DescribeSecurityProfileResponse)
+
+-- | The version of the security profile. A new version is generated whenever
+-- the security profile is updated.
+describeSecurityProfileResponse_version :: Lens.Lens' DescribeSecurityProfileResponse (Prelude.Maybe Prelude.Integer)
+describeSecurityProfileResponse_version = Lens.lens (\DescribeSecurityProfileResponse' {version} -> version) (\s@DescribeSecurityProfileResponse' {} a -> s {version = a} :: DescribeSecurityProfileResponse)
+
+-- | The response's http status code.
+describeSecurityProfileResponse_httpStatus :: Lens.Lens' DescribeSecurityProfileResponse Prelude.Int
+describeSecurityProfileResponse_httpStatus = Lens.lens (\DescribeSecurityProfileResponse' {httpStatus} -> httpStatus) (\s@DescribeSecurityProfileResponse' {} a -> s {httpStatus = a} :: DescribeSecurityProfileResponse)
+
+instance
+  Prelude.NFData
+    DescribeSecurityProfileResponse
+  where
+  rnf DescribeSecurityProfileResponse' {..} =
+    Prelude.rnf additionalMetricsToRetain
+      `Prelude.seq` Prelude.rnf additionalMetricsToRetainV2
+      `Prelude.seq` Prelude.rnf alertTargets
+      `Prelude.seq` Prelude.rnf behaviors
+      `Prelude.seq` Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf lastModifiedDate
+      `Prelude.seq` Prelude.rnf securityProfileArn
+      `Prelude.seq` Prelude.rnf securityProfileDescription
+      `Prelude.seq` Prelude.rnf securityProfileName
+      `Prelude.seq` Prelude.rnf version
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeStream.hs b/gen/Amazonka/IoT/DescribeStream.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeStream.hs
@@ -0,0 +1,154 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeStream
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets information about a stream.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeStream>
+-- action.
+module Amazonka.IoT.DescribeStream
+  ( -- * Creating a Request
+    DescribeStream (..),
+    newDescribeStream,
+
+    -- * Request Lenses
+    describeStream_streamId,
+
+    -- * Destructuring the Response
+    DescribeStreamResponse (..),
+    newDescribeStreamResponse,
+
+    -- * Response Lenses
+    describeStreamResponse_streamInfo,
+    describeStreamResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDescribeStream' smart constructor.
+data DescribeStream = DescribeStream'
+  { -- | The stream ID.
+    streamId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeStream' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'streamId', 'describeStream_streamId' - The stream ID.
+newDescribeStream ::
+  -- | 'streamId'
+  Prelude.Text ->
+  DescribeStream
+newDescribeStream pStreamId_ =
+  DescribeStream' {streamId = pStreamId_}
+
+-- | The stream ID.
+describeStream_streamId :: Lens.Lens' DescribeStream Prelude.Text
+describeStream_streamId = Lens.lens (\DescribeStream' {streamId} -> streamId) (\s@DescribeStream' {} a -> s {streamId = a} :: DescribeStream)
+
+instance Core.AWSRequest DescribeStream where
+  type
+    AWSResponse DescribeStream =
+      DescribeStreamResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeStreamResponse'
+            Prelude.<$> (x Data..?> "streamInfo")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DescribeStream where
+  hashWithSalt _salt DescribeStream' {..} =
+    _salt `Prelude.hashWithSalt` streamId
+
+instance Prelude.NFData DescribeStream where
+  rnf DescribeStream' {..} = Prelude.rnf streamId
+
+instance Data.ToHeaders DescribeStream where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DescribeStream where
+  toPath DescribeStream' {..} =
+    Prelude.mconcat ["/streams/", Data.toBS streamId]
+
+instance Data.ToQuery DescribeStream where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeStreamResponse' smart constructor.
+data DescribeStreamResponse = DescribeStreamResponse'
+  { -- | Information about the stream.
+    streamInfo :: Prelude.Maybe StreamInfo,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeStreamResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'streamInfo', 'describeStreamResponse_streamInfo' - Information about the stream.
+--
+-- 'httpStatus', 'describeStreamResponse_httpStatus' - The response's http status code.
+newDescribeStreamResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeStreamResponse
+newDescribeStreamResponse pHttpStatus_ =
+  DescribeStreamResponse'
+    { streamInfo =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | Information about the stream.
+describeStreamResponse_streamInfo :: Lens.Lens' DescribeStreamResponse (Prelude.Maybe StreamInfo)
+describeStreamResponse_streamInfo = Lens.lens (\DescribeStreamResponse' {streamInfo} -> streamInfo) (\s@DescribeStreamResponse' {} a -> s {streamInfo = a} :: DescribeStreamResponse)
+
+-- | The response's http status code.
+describeStreamResponse_httpStatus :: Lens.Lens' DescribeStreamResponse Prelude.Int
+describeStreamResponse_httpStatus = Lens.lens (\DescribeStreamResponse' {httpStatus} -> httpStatus) (\s@DescribeStreamResponse' {} a -> s {httpStatus = a} :: DescribeStreamResponse)
+
+instance Prelude.NFData DescribeStreamResponse where
+  rnf DescribeStreamResponse' {..} =
+    Prelude.rnf streamInfo
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeThing.hs b/gen/Amazonka/IoT/DescribeThing.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeThing.hs
@@ -0,0 +1,278 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeThing
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets information about the specified thing.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeThing>
+-- action.
+module Amazonka.IoT.DescribeThing
+  ( -- * Creating a Request
+    DescribeThing (..),
+    newDescribeThing,
+
+    -- * Request Lenses
+    describeThing_thingName,
+
+    -- * Destructuring the Response
+    DescribeThingResponse (..),
+    newDescribeThingResponse,
+
+    -- * Response Lenses
+    describeThingResponse_attributes,
+    describeThingResponse_billingGroupName,
+    describeThingResponse_defaultClientId,
+    describeThingResponse_thingArn,
+    describeThingResponse_thingId,
+    describeThingResponse_thingName,
+    describeThingResponse_thingTypeName,
+    describeThingResponse_version,
+    describeThingResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the DescribeThing operation.
+--
+-- /See:/ 'newDescribeThing' smart constructor.
+data DescribeThing = DescribeThing'
+  { -- | The name of the thing.
+    thingName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeThing' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'thingName', 'describeThing_thingName' - The name of the thing.
+newDescribeThing ::
+  -- | 'thingName'
+  Prelude.Text ->
+  DescribeThing
+newDescribeThing pThingName_ =
+  DescribeThing' {thingName = pThingName_}
+
+-- | The name of the thing.
+describeThing_thingName :: Lens.Lens' DescribeThing Prelude.Text
+describeThing_thingName = Lens.lens (\DescribeThing' {thingName} -> thingName) (\s@DescribeThing' {} a -> s {thingName = a} :: DescribeThing)
+
+instance Core.AWSRequest DescribeThing where
+  type
+    AWSResponse DescribeThing =
+      DescribeThingResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeThingResponse'
+            Prelude.<$> (x Data..?> "attributes" Core..!@ Prelude.mempty)
+            Prelude.<*> (x Data..?> "billingGroupName")
+            Prelude.<*> (x Data..?> "defaultClientId")
+            Prelude.<*> (x Data..?> "thingArn")
+            Prelude.<*> (x Data..?> "thingId")
+            Prelude.<*> (x Data..?> "thingName")
+            Prelude.<*> (x Data..?> "thingTypeName")
+            Prelude.<*> (x Data..?> "version")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DescribeThing where
+  hashWithSalt _salt DescribeThing' {..} =
+    _salt `Prelude.hashWithSalt` thingName
+
+instance Prelude.NFData DescribeThing where
+  rnf DescribeThing' {..} = Prelude.rnf thingName
+
+instance Data.ToHeaders DescribeThing where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DescribeThing where
+  toPath DescribeThing' {..} =
+    Prelude.mconcat ["/things/", Data.toBS thingName]
+
+instance Data.ToQuery DescribeThing where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | The output from the DescribeThing operation.
+--
+-- /See:/ 'newDescribeThingResponse' smart constructor.
+data DescribeThingResponse = DescribeThingResponse'
+  { -- | The thing attributes.
+    attributes :: Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text),
+    -- | The name of the billing group the thing belongs to.
+    billingGroupName :: Prelude.Maybe Prelude.Text,
+    -- | The default MQTT client ID. For a typical device, the thing name is also
+    -- used as the default MQTT client ID. Although we don’t require a mapping
+    -- between a thing\'s registry name and its use of MQTT client IDs,
+    -- certificates, or shadow state, we recommend that you choose a thing name
+    -- and use it as the MQTT client ID for the registry and the Device Shadow
+    -- service.
+    --
+    -- This lets you better organize your IoT fleet without removing the
+    -- flexibility of the underlying device certificate model or shadows.
+    defaultClientId :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the thing to describe.
+    thingArn :: Prelude.Maybe Prelude.Text,
+    -- | The ID of the thing to describe.
+    thingId :: Prelude.Maybe Prelude.Text,
+    -- | The name of the thing.
+    thingName :: Prelude.Maybe Prelude.Text,
+    -- | The thing type name.
+    thingTypeName :: Prelude.Maybe Prelude.Text,
+    -- | The current version of the thing record in the registry.
+    --
+    -- To avoid unintentional changes to the information in the registry, you
+    -- can pass the version information in the @expectedVersion@ parameter of
+    -- the @UpdateThing@ and @DeleteThing@ calls.
+    version :: Prelude.Maybe Prelude.Integer,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeThingResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'attributes', 'describeThingResponse_attributes' - The thing attributes.
+--
+-- 'billingGroupName', 'describeThingResponse_billingGroupName' - The name of the billing group the thing belongs to.
+--
+-- 'defaultClientId', 'describeThingResponse_defaultClientId' - The default MQTT client ID. For a typical device, the thing name is also
+-- used as the default MQTT client ID. Although we don’t require a mapping
+-- between a thing\'s registry name and its use of MQTT client IDs,
+-- certificates, or shadow state, we recommend that you choose a thing name
+-- and use it as the MQTT client ID for the registry and the Device Shadow
+-- service.
+--
+-- This lets you better organize your IoT fleet without removing the
+-- flexibility of the underlying device certificate model or shadows.
+--
+-- 'thingArn', 'describeThingResponse_thingArn' - The ARN of the thing to describe.
+--
+-- 'thingId', 'describeThingResponse_thingId' - The ID of the thing to describe.
+--
+-- 'thingName', 'describeThingResponse_thingName' - The name of the thing.
+--
+-- 'thingTypeName', 'describeThingResponse_thingTypeName' - The thing type name.
+--
+-- 'version', 'describeThingResponse_version' - The current version of the thing record in the registry.
+--
+-- To avoid unintentional changes to the information in the registry, you
+-- can pass the version information in the @expectedVersion@ parameter of
+-- the @UpdateThing@ and @DeleteThing@ calls.
+--
+-- 'httpStatus', 'describeThingResponse_httpStatus' - The response's http status code.
+newDescribeThingResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeThingResponse
+newDescribeThingResponse pHttpStatus_ =
+  DescribeThingResponse'
+    { attributes =
+        Prelude.Nothing,
+      billingGroupName = Prelude.Nothing,
+      defaultClientId = Prelude.Nothing,
+      thingArn = Prelude.Nothing,
+      thingId = Prelude.Nothing,
+      thingName = Prelude.Nothing,
+      thingTypeName = Prelude.Nothing,
+      version = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The thing attributes.
+describeThingResponse_attributes :: Lens.Lens' DescribeThingResponse (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
+describeThingResponse_attributes = Lens.lens (\DescribeThingResponse' {attributes} -> attributes) (\s@DescribeThingResponse' {} a -> s {attributes = a} :: DescribeThingResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The name of the billing group the thing belongs to.
+describeThingResponse_billingGroupName :: Lens.Lens' DescribeThingResponse (Prelude.Maybe Prelude.Text)
+describeThingResponse_billingGroupName = Lens.lens (\DescribeThingResponse' {billingGroupName} -> billingGroupName) (\s@DescribeThingResponse' {} a -> s {billingGroupName = a} :: DescribeThingResponse)
+
+-- | The default MQTT client ID. For a typical device, the thing name is also
+-- used as the default MQTT client ID. Although we don’t require a mapping
+-- between a thing\'s registry name and its use of MQTT client IDs,
+-- certificates, or shadow state, we recommend that you choose a thing name
+-- and use it as the MQTT client ID for the registry and the Device Shadow
+-- service.
+--
+-- This lets you better organize your IoT fleet without removing the
+-- flexibility of the underlying device certificate model or shadows.
+describeThingResponse_defaultClientId :: Lens.Lens' DescribeThingResponse (Prelude.Maybe Prelude.Text)
+describeThingResponse_defaultClientId = Lens.lens (\DescribeThingResponse' {defaultClientId} -> defaultClientId) (\s@DescribeThingResponse' {} a -> s {defaultClientId = a} :: DescribeThingResponse)
+
+-- | The ARN of the thing to describe.
+describeThingResponse_thingArn :: Lens.Lens' DescribeThingResponse (Prelude.Maybe Prelude.Text)
+describeThingResponse_thingArn = Lens.lens (\DescribeThingResponse' {thingArn} -> thingArn) (\s@DescribeThingResponse' {} a -> s {thingArn = a} :: DescribeThingResponse)
+
+-- | The ID of the thing to describe.
+describeThingResponse_thingId :: Lens.Lens' DescribeThingResponse (Prelude.Maybe Prelude.Text)
+describeThingResponse_thingId = Lens.lens (\DescribeThingResponse' {thingId} -> thingId) (\s@DescribeThingResponse' {} a -> s {thingId = a} :: DescribeThingResponse)
+
+-- | The name of the thing.
+describeThingResponse_thingName :: Lens.Lens' DescribeThingResponse (Prelude.Maybe Prelude.Text)
+describeThingResponse_thingName = Lens.lens (\DescribeThingResponse' {thingName} -> thingName) (\s@DescribeThingResponse' {} a -> s {thingName = a} :: DescribeThingResponse)
+
+-- | The thing type name.
+describeThingResponse_thingTypeName :: Lens.Lens' DescribeThingResponse (Prelude.Maybe Prelude.Text)
+describeThingResponse_thingTypeName = Lens.lens (\DescribeThingResponse' {thingTypeName} -> thingTypeName) (\s@DescribeThingResponse' {} a -> s {thingTypeName = a} :: DescribeThingResponse)
+
+-- | The current version of the thing record in the registry.
+--
+-- To avoid unintentional changes to the information in the registry, you
+-- can pass the version information in the @expectedVersion@ parameter of
+-- the @UpdateThing@ and @DeleteThing@ calls.
+describeThingResponse_version :: Lens.Lens' DescribeThingResponse (Prelude.Maybe Prelude.Integer)
+describeThingResponse_version = Lens.lens (\DescribeThingResponse' {version} -> version) (\s@DescribeThingResponse' {} a -> s {version = a} :: DescribeThingResponse)
+
+-- | The response's http status code.
+describeThingResponse_httpStatus :: Lens.Lens' DescribeThingResponse Prelude.Int
+describeThingResponse_httpStatus = Lens.lens (\DescribeThingResponse' {httpStatus} -> httpStatus) (\s@DescribeThingResponse' {} a -> s {httpStatus = a} :: DescribeThingResponse)
+
+instance Prelude.NFData DescribeThingResponse where
+  rnf DescribeThingResponse' {..} =
+    Prelude.rnf attributes
+      `Prelude.seq` Prelude.rnf billingGroupName
+      `Prelude.seq` Prelude.rnf defaultClientId
+      `Prelude.seq` Prelude.rnf thingArn
+      `Prelude.seq` Prelude.rnf thingId
+      `Prelude.seq` Prelude.rnf thingName
+      `Prelude.seq` Prelude.rnf thingTypeName
+      `Prelude.seq` Prelude.rnf version
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeThingGroup.hs b/gen/Amazonka/IoT/DescribeThingGroup.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeThingGroup.hs
@@ -0,0 +1,267 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeThingGroup
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Describe a thing group.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeThingGroup>
+-- action.
+module Amazonka.IoT.DescribeThingGroup
+  ( -- * Creating a Request
+    DescribeThingGroup (..),
+    newDescribeThingGroup,
+
+    -- * Request Lenses
+    describeThingGroup_thingGroupName,
+
+    -- * Destructuring the Response
+    DescribeThingGroupResponse (..),
+    newDescribeThingGroupResponse,
+
+    -- * Response Lenses
+    describeThingGroupResponse_indexName,
+    describeThingGroupResponse_queryString,
+    describeThingGroupResponse_queryVersion,
+    describeThingGroupResponse_status,
+    describeThingGroupResponse_thingGroupArn,
+    describeThingGroupResponse_thingGroupId,
+    describeThingGroupResponse_thingGroupMetadata,
+    describeThingGroupResponse_thingGroupName,
+    describeThingGroupResponse_thingGroupProperties,
+    describeThingGroupResponse_version,
+    describeThingGroupResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDescribeThingGroup' smart constructor.
+data DescribeThingGroup = DescribeThingGroup'
+  { -- | The name of the thing group.
+    thingGroupName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeThingGroup' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'thingGroupName', 'describeThingGroup_thingGroupName' - The name of the thing group.
+newDescribeThingGroup ::
+  -- | 'thingGroupName'
+  Prelude.Text ->
+  DescribeThingGroup
+newDescribeThingGroup pThingGroupName_ =
+  DescribeThingGroup'
+    { thingGroupName =
+        pThingGroupName_
+    }
+
+-- | The name of the thing group.
+describeThingGroup_thingGroupName :: Lens.Lens' DescribeThingGroup Prelude.Text
+describeThingGroup_thingGroupName = Lens.lens (\DescribeThingGroup' {thingGroupName} -> thingGroupName) (\s@DescribeThingGroup' {} a -> s {thingGroupName = a} :: DescribeThingGroup)
+
+instance Core.AWSRequest DescribeThingGroup where
+  type
+    AWSResponse DescribeThingGroup =
+      DescribeThingGroupResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeThingGroupResponse'
+            Prelude.<$> (x Data..?> "indexName")
+            Prelude.<*> (x Data..?> "queryString")
+            Prelude.<*> (x Data..?> "queryVersion")
+            Prelude.<*> (x Data..?> "status")
+            Prelude.<*> (x Data..?> "thingGroupArn")
+            Prelude.<*> (x Data..?> "thingGroupId")
+            Prelude.<*> (x Data..?> "thingGroupMetadata")
+            Prelude.<*> (x Data..?> "thingGroupName")
+            Prelude.<*> (x Data..?> "thingGroupProperties")
+            Prelude.<*> (x Data..?> "version")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DescribeThingGroup where
+  hashWithSalt _salt DescribeThingGroup' {..} =
+    _salt `Prelude.hashWithSalt` thingGroupName
+
+instance Prelude.NFData DescribeThingGroup where
+  rnf DescribeThingGroup' {..} =
+    Prelude.rnf thingGroupName
+
+instance Data.ToHeaders DescribeThingGroup where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DescribeThingGroup where
+  toPath DescribeThingGroup' {..} =
+    Prelude.mconcat
+      ["/thing-groups/", Data.toBS thingGroupName]
+
+instance Data.ToQuery DescribeThingGroup where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeThingGroupResponse' smart constructor.
+data DescribeThingGroupResponse = DescribeThingGroupResponse'
+  { -- | The dynamic thing group index name.
+    indexName :: Prelude.Maybe Prelude.Text,
+    -- | The dynamic thing group search query string.
+    queryString :: Prelude.Maybe Prelude.Text,
+    -- | The dynamic thing group query version.
+    queryVersion :: Prelude.Maybe Prelude.Text,
+    -- | The dynamic thing group status.
+    status :: Prelude.Maybe DynamicGroupStatus,
+    -- | The thing group ARN.
+    thingGroupArn :: Prelude.Maybe Prelude.Text,
+    -- | The thing group ID.
+    thingGroupId :: Prelude.Maybe Prelude.Text,
+    -- | Thing group metadata.
+    thingGroupMetadata :: Prelude.Maybe ThingGroupMetadata,
+    -- | The name of the thing group.
+    thingGroupName :: Prelude.Maybe Prelude.Text,
+    -- | The thing group properties.
+    thingGroupProperties :: Prelude.Maybe ThingGroupProperties,
+    -- | The version of the thing group.
+    version :: Prelude.Maybe Prelude.Integer,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeThingGroupResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'indexName', 'describeThingGroupResponse_indexName' - The dynamic thing group index name.
+--
+-- 'queryString', 'describeThingGroupResponse_queryString' - The dynamic thing group search query string.
+--
+-- 'queryVersion', 'describeThingGroupResponse_queryVersion' - The dynamic thing group query version.
+--
+-- 'status', 'describeThingGroupResponse_status' - The dynamic thing group status.
+--
+-- 'thingGroupArn', 'describeThingGroupResponse_thingGroupArn' - The thing group ARN.
+--
+-- 'thingGroupId', 'describeThingGroupResponse_thingGroupId' - The thing group ID.
+--
+-- 'thingGroupMetadata', 'describeThingGroupResponse_thingGroupMetadata' - Thing group metadata.
+--
+-- 'thingGroupName', 'describeThingGroupResponse_thingGroupName' - The name of the thing group.
+--
+-- 'thingGroupProperties', 'describeThingGroupResponse_thingGroupProperties' - The thing group properties.
+--
+-- 'version', 'describeThingGroupResponse_version' - The version of the thing group.
+--
+-- 'httpStatus', 'describeThingGroupResponse_httpStatus' - The response's http status code.
+newDescribeThingGroupResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeThingGroupResponse
+newDescribeThingGroupResponse pHttpStatus_ =
+  DescribeThingGroupResponse'
+    { indexName =
+        Prelude.Nothing,
+      queryString = Prelude.Nothing,
+      queryVersion = Prelude.Nothing,
+      status = Prelude.Nothing,
+      thingGroupArn = Prelude.Nothing,
+      thingGroupId = Prelude.Nothing,
+      thingGroupMetadata = Prelude.Nothing,
+      thingGroupName = Prelude.Nothing,
+      thingGroupProperties = Prelude.Nothing,
+      version = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The dynamic thing group index name.
+describeThingGroupResponse_indexName :: Lens.Lens' DescribeThingGroupResponse (Prelude.Maybe Prelude.Text)
+describeThingGroupResponse_indexName = Lens.lens (\DescribeThingGroupResponse' {indexName} -> indexName) (\s@DescribeThingGroupResponse' {} a -> s {indexName = a} :: DescribeThingGroupResponse)
+
+-- | The dynamic thing group search query string.
+describeThingGroupResponse_queryString :: Lens.Lens' DescribeThingGroupResponse (Prelude.Maybe Prelude.Text)
+describeThingGroupResponse_queryString = Lens.lens (\DescribeThingGroupResponse' {queryString} -> queryString) (\s@DescribeThingGroupResponse' {} a -> s {queryString = a} :: DescribeThingGroupResponse)
+
+-- | The dynamic thing group query version.
+describeThingGroupResponse_queryVersion :: Lens.Lens' DescribeThingGroupResponse (Prelude.Maybe Prelude.Text)
+describeThingGroupResponse_queryVersion = Lens.lens (\DescribeThingGroupResponse' {queryVersion} -> queryVersion) (\s@DescribeThingGroupResponse' {} a -> s {queryVersion = a} :: DescribeThingGroupResponse)
+
+-- | The dynamic thing group status.
+describeThingGroupResponse_status :: Lens.Lens' DescribeThingGroupResponse (Prelude.Maybe DynamicGroupStatus)
+describeThingGroupResponse_status = Lens.lens (\DescribeThingGroupResponse' {status} -> status) (\s@DescribeThingGroupResponse' {} a -> s {status = a} :: DescribeThingGroupResponse)
+
+-- | The thing group ARN.
+describeThingGroupResponse_thingGroupArn :: Lens.Lens' DescribeThingGroupResponse (Prelude.Maybe Prelude.Text)
+describeThingGroupResponse_thingGroupArn = Lens.lens (\DescribeThingGroupResponse' {thingGroupArn} -> thingGroupArn) (\s@DescribeThingGroupResponse' {} a -> s {thingGroupArn = a} :: DescribeThingGroupResponse)
+
+-- | The thing group ID.
+describeThingGroupResponse_thingGroupId :: Lens.Lens' DescribeThingGroupResponse (Prelude.Maybe Prelude.Text)
+describeThingGroupResponse_thingGroupId = Lens.lens (\DescribeThingGroupResponse' {thingGroupId} -> thingGroupId) (\s@DescribeThingGroupResponse' {} a -> s {thingGroupId = a} :: DescribeThingGroupResponse)
+
+-- | Thing group metadata.
+describeThingGroupResponse_thingGroupMetadata :: Lens.Lens' DescribeThingGroupResponse (Prelude.Maybe ThingGroupMetadata)
+describeThingGroupResponse_thingGroupMetadata = Lens.lens (\DescribeThingGroupResponse' {thingGroupMetadata} -> thingGroupMetadata) (\s@DescribeThingGroupResponse' {} a -> s {thingGroupMetadata = a} :: DescribeThingGroupResponse)
+
+-- | The name of the thing group.
+describeThingGroupResponse_thingGroupName :: Lens.Lens' DescribeThingGroupResponse (Prelude.Maybe Prelude.Text)
+describeThingGroupResponse_thingGroupName = Lens.lens (\DescribeThingGroupResponse' {thingGroupName} -> thingGroupName) (\s@DescribeThingGroupResponse' {} a -> s {thingGroupName = a} :: DescribeThingGroupResponse)
+
+-- | The thing group properties.
+describeThingGroupResponse_thingGroupProperties :: Lens.Lens' DescribeThingGroupResponse (Prelude.Maybe ThingGroupProperties)
+describeThingGroupResponse_thingGroupProperties = Lens.lens (\DescribeThingGroupResponse' {thingGroupProperties} -> thingGroupProperties) (\s@DescribeThingGroupResponse' {} a -> s {thingGroupProperties = a} :: DescribeThingGroupResponse)
+
+-- | The version of the thing group.
+describeThingGroupResponse_version :: Lens.Lens' DescribeThingGroupResponse (Prelude.Maybe Prelude.Integer)
+describeThingGroupResponse_version = Lens.lens (\DescribeThingGroupResponse' {version} -> version) (\s@DescribeThingGroupResponse' {} a -> s {version = a} :: DescribeThingGroupResponse)
+
+-- | The response's http status code.
+describeThingGroupResponse_httpStatus :: Lens.Lens' DescribeThingGroupResponse Prelude.Int
+describeThingGroupResponse_httpStatus = Lens.lens (\DescribeThingGroupResponse' {httpStatus} -> httpStatus) (\s@DescribeThingGroupResponse' {} a -> s {httpStatus = a} :: DescribeThingGroupResponse)
+
+instance Prelude.NFData DescribeThingGroupResponse where
+  rnf DescribeThingGroupResponse' {..} =
+    Prelude.rnf indexName
+      `Prelude.seq` Prelude.rnf queryString
+      `Prelude.seq` Prelude.rnf queryVersion
+      `Prelude.seq` Prelude.rnf status
+      `Prelude.seq` Prelude.rnf thingGroupArn
+      `Prelude.seq` Prelude.rnf thingGroupId
+      `Prelude.seq` Prelude.rnf thingGroupMetadata
+      `Prelude.seq` Prelude.rnf thingGroupName
+      `Prelude.seq` Prelude.rnf thingGroupProperties
+      `Prelude.seq` Prelude.rnf version
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeThingRegistrationTask.hs b/gen/Amazonka/IoT/DescribeThingRegistrationTask.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeThingRegistrationTask.hs
@@ -0,0 +1,297 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeThingRegistrationTask
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Describes a bulk thing provisioning task.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeThingRegistrationTask>
+-- action.
+module Amazonka.IoT.DescribeThingRegistrationTask
+  ( -- * Creating a Request
+    DescribeThingRegistrationTask (..),
+    newDescribeThingRegistrationTask,
+
+    -- * Request Lenses
+    describeThingRegistrationTask_taskId,
+
+    -- * Destructuring the Response
+    DescribeThingRegistrationTaskResponse (..),
+    newDescribeThingRegistrationTaskResponse,
+
+    -- * Response Lenses
+    describeThingRegistrationTaskResponse_creationDate,
+    describeThingRegistrationTaskResponse_failureCount,
+    describeThingRegistrationTaskResponse_inputFileBucket,
+    describeThingRegistrationTaskResponse_inputFileKey,
+    describeThingRegistrationTaskResponse_lastModifiedDate,
+    describeThingRegistrationTaskResponse_message,
+    describeThingRegistrationTaskResponse_percentageProgress,
+    describeThingRegistrationTaskResponse_roleArn,
+    describeThingRegistrationTaskResponse_status,
+    describeThingRegistrationTaskResponse_successCount,
+    describeThingRegistrationTaskResponse_taskId,
+    describeThingRegistrationTaskResponse_templateBody,
+    describeThingRegistrationTaskResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDescribeThingRegistrationTask' smart constructor.
+data DescribeThingRegistrationTask = DescribeThingRegistrationTask'
+  { -- | The task ID.
+    taskId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeThingRegistrationTask' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'taskId', 'describeThingRegistrationTask_taskId' - The task ID.
+newDescribeThingRegistrationTask ::
+  -- | 'taskId'
+  Prelude.Text ->
+  DescribeThingRegistrationTask
+newDescribeThingRegistrationTask pTaskId_ =
+  DescribeThingRegistrationTask' {taskId = pTaskId_}
+
+-- | The task ID.
+describeThingRegistrationTask_taskId :: Lens.Lens' DescribeThingRegistrationTask Prelude.Text
+describeThingRegistrationTask_taskId = Lens.lens (\DescribeThingRegistrationTask' {taskId} -> taskId) (\s@DescribeThingRegistrationTask' {} a -> s {taskId = a} :: DescribeThingRegistrationTask)
+
+instance
+  Core.AWSRequest
+    DescribeThingRegistrationTask
+  where
+  type
+    AWSResponse DescribeThingRegistrationTask =
+      DescribeThingRegistrationTaskResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeThingRegistrationTaskResponse'
+            Prelude.<$> (x Data..?> "creationDate")
+            Prelude.<*> (x Data..?> "failureCount")
+            Prelude.<*> (x Data..?> "inputFileBucket")
+            Prelude.<*> (x Data..?> "inputFileKey")
+            Prelude.<*> (x Data..?> "lastModifiedDate")
+            Prelude.<*> (x Data..?> "message")
+            Prelude.<*> (x Data..?> "percentageProgress")
+            Prelude.<*> (x Data..?> "roleArn")
+            Prelude.<*> (x Data..?> "status")
+            Prelude.<*> (x Data..?> "successCount")
+            Prelude.<*> (x Data..?> "taskId")
+            Prelude.<*> (x Data..?> "templateBody")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    DescribeThingRegistrationTask
+  where
+  hashWithSalt _salt DescribeThingRegistrationTask' {..} =
+    _salt `Prelude.hashWithSalt` taskId
+
+instance Prelude.NFData DescribeThingRegistrationTask where
+  rnf DescribeThingRegistrationTask' {..} =
+    Prelude.rnf taskId
+
+instance Data.ToHeaders DescribeThingRegistrationTask where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DescribeThingRegistrationTask where
+  toPath DescribeThingRegistrationTask' {..} =
+    Prelude.mconcat
+      ["/thing-registration-tasks/", Data.toBS taskId]
+
+instance Data.ToQuery DescribeThingRegistrationTask where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeThingRegistrationTaskResponse' smart constructor.
+data DescribeThingRegistrationTaskResponse = DescribeThingRegistrationTaskResponse'
+  { -- | The task creation date.
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | The number of things that failed to be provisioned.
+    failureCount :: Prelude.Maybe Prelude.Int,
+    -- | The S3 bucket that contains the input file.
+    inputFileBucket :: Prelude.Maybe Prelude.Text,
+    -- | The input file key.
+    inputFileKey :: Prelude.Maybe Prelude.Text,
+    -- | The date when the task was last modified.
+    lastModifiedDate :: Prelude.Maybe Data.POSIX,
+    -- | The message.
+    message :: Prelude.Maybe Prelude.Text,
+    -- | The progress of the bulk provisioning task expressed as a percentage.
+    percentageProgress :: Prelude.Maybe Prelude.Natural,
+    -- | The role ARN that grants access to the input file bucket.
+    roleArn :: Prelude.Maybe Prelude.Text,
+    -- | The status of the bulk thing provisioning task.
+    status :: Prelude.Maybe TaskStatus,
+    -- | The number of things successfully provisioned.
+    successCount :: Prelude.Maybe Prelude.Int,
+    -- | The task ID.
+    taskId :: Prelude.Maybe Prelude.Text,
+    -- | The task\'s template.
+    templateBody :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeThingRegistrationTaskResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'creationDate', 'describeThingRegistrationTaskResponse_creationDate' - The task creation date.
+--
+-- 'failureCount', 'describeThingRegistrationTaskResponse_failureCount' - The number of things that failed to be provisioned.
+--
+-- 'inputFileBucket', 'describeThingRegistrationTaskResponse_inputFileBucket' - The S3 bucket that contains the input file.
+--
+-- 'inputFileKey', 'describeThingRegistrationTaskResponse_inputFileKey' - The input file key.
+--
+-- 'lastModifiedDate', 'describeThingRegistrationTaskResponse_lastModifiedDate' - The date when the task was last modified.
+--
+-- 'message', 'describeThingRegistrationTaskResponse_message' - The message.
+--
+-- 'percentageProgress', 'describeThingRegistrationTaskResponse_percentageProgress' - The progress of the bulk provisioning task expressed as a percentage.
+--
+-- 'roleArn', 'describeThingRegistrationTaskResponse_roleArn' - The role ARN that grants access to the input file bucket.
+--
+-- 'status', 'describeThingRegistrationTaskResponse_status' - The status of the bulk thing provisioning task.
+--
+-- 'successCount', 'describeThingRegistrationTaskResponse_successCount' - The number of things successfully provisioned.
+--
+-- 'taskId', 'describeThingRegistrationTaskResponse_taskId' - The task ID.
+--
+-- 'templateBody', 'describeThingRegistrationTaskResponse_templateBody' - The task\'s template.
+--
+-- 'httpStatus', 'describeThingRegistrationTaskResponse_httpStatus' - The response's http status code.
+newDescribeThingRegistrationTaskResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeThingRegistrationTaskResponse
+newDescribeThingRegistrationTaskResponse pHttpStatus_ =
+  DescribeThingRegistrationTaskResponse'
+    { creationDate =
+        Prelude.Nothing,
+      failureCount = Prelude.Nothing,
+      inputFileBucket = Prelude.Nothing,
+      inputFileKey = Prelude.Nothing,
+      lastModifiedDate = Prelude.Nothing,
+      message = Prelude.Nothing,
+      percentageProgress = Prelude.Nothing,
+      roleArn = Prelude.Nothing,
+      status = Prelude.Nothing,
+      successCount = Prelude.Nothing,
+      taskId = Prelude.Nothing,
+      templateBody = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The task creation date.
+describeThingRegistrationTaskResponse_creationDate :: Lens.Lens' DescribeThingRegistrationTaskResponse (Prelude.Maybe Prelude.UTCTime)
+describeThingRegistrationTaskResponse_creationDate = Lens.lens (\DescribeThingRegistrationTaskResponse' {creationDate} -> creationDate) (\s@DescribeThingRegistrationTaskResponse' {} a -> s {creationDate = a} :: DescribeThingRegistrationTaskResponse) Prelude.. Lens.mapping Data._Time
+
+-- | The number of things that failed to be provisioned.
+describeThingRegistrationTaskResponse_failureCount :: Lens.Lens' DescribeThingRegistrationTaskResponse (Prelude.Maybe Prelude.Int)
+describeThingRegistrationTaskResponse_failureCount = Lens.lens (\DescribeThingRegistrationTaskResponse' {failureCount} -> failureCount) (\s@DescribeThingRegistrationTaskResponse' {} a -> s {failureCount = a} :: DescribeThingRegistrationTaskResponse)
+
+-- | The S3 bucket that contains the input file.
+describeThingRegistrationTaskResponse_inputFileBucket :: Lens.Lens' DescribeThingRegistrationTaskResponse (Prelude.Maybe Prelude.Text)
+describeThingRegistrationTaskResponse_inputFileBucket = Lens.lens (\DescribeThingRegistrationTaskResponse' {inputFileBucket} -> inputFileBucket) (\s@DescribeThingRegistrationTaskResponse' {} a -> s {inputFileBucket = a} :: DescribeThingRegistrationTaskResponse)
+
+-- | The input file key.
+describeThingRegistrationTaskResponse_inputFileKey :: Lens.Lens' DescribeThingRegistrationTaskResponse (Prelude.Maybe Prelude.Text)
+describeThingRegistrationTaskResponse_inputFileKey = Lens.lens (\DescribeThingRegistrationTaskResponse' {inputFileKey} -> inputFileKey) (\s@DescribeThingRegistrationTaskResponse' {} a -> s {inputFileKey = a} :: DescribeThingRegistrationTaskResponse)
+
+-- | The date when the task was last modified.
+describeThingRegistrationTaskResponse_lastModifiedDate :: Lens.Lens' DescribeThingRegistrationTaskResponse (Prelude.Maybe Prelude.UTCTime)
+describeThingRegistrationTaskResponse_lastModifiedDate = Lens.lens (\DescribeThingRegistrationTaskResponse' {lastModifiedDate} -> lastModifiedDate) (\s@DescribeThingRegistrationTaskResponse' {} a -> s {lastModifiedDate = a} :: DescribeThingRegistrationTaskResponse) Prelude.. Lens.mapping Data._Time
+
+-- | The message.
+describeThingRegistrationTaskResponse_message :: Lens.Lens' DescribeThingRegistrationTaskResponse (Prelude.Maybe Prelude.Text)
+describeThingRegistrationTaskResponse_message = Lens.lens (\DescribeThingRegistrationTaskResponse' {message} -> message) (\s@DescribeThingRegistrationTaskResponse' {} a -> s {message = a} :: DescribeThingRegistrationTaskResponse)
+
+-- | The progress of the bulk provisioning task expressed as a percentage.
+describeThingRegistrationTaskResponse_percentageProgress :: Lens.Lens' DescribeThingRegistrationTaskResponse (Prelude.Maybe Prelude.Natural)
+describeThingRegistrationTaskResponse_percentageProgress = Lens.lens (\DescribeThingRegistrationTaskResponse' {percentageProgress} -> percentageProgress) (\s@DescribeThingRegistrationTaskResponse' {} a -> s {percentageProgress = a} :: DescribeThingRegistrationTaskResponse)
+
+-- | The role ARN that grants access to the input file bucket.
+describeThingRegistrationTaskResponse_roleArn :: Lens.Lens' DescribeThingRegistrationTaskResponse (Prelude.Maybe Prelude.Text)
+describeThingRegistrationTaskResponse_roleArn = Lens.lens (\DescribeThingRegistrationTaskResponse' {roleArn} -> roleArn) (\s@DescribeThingRegistrationTaskResponse' {} a -> s {roleArn = a} :: DescribeThingRegistrationTaskResponse)
+
+-- | The status of the bulk thing provisioning task.
+describeThingRegistrationTaskResponse_status :: Lens.Lens' DescribeThingRegistrationTaskResponse (Prelude.Maybe TaskStatus)
+describeThingRegistrationTaskResponse_status = Lens.lens (\DescribeThingRegistrationTaskResponse' {status} -> status) (\s@DescribeThingRegistrationTaskResponse' {} a -> s {status = a} :: DescribeThingRegistrationTaskResponse)
+
+-- | The number of things successfully provisioned.
+describeThingRegistrationTaskResponse_successCount :: Lens.Lens' DescribeThingRegistrationTaskResponse (Prelude.Maybe Prelude.Int)
+describeThingRegistrationTaskResponse_successCount = Lens.lens (\DescribeThingRegistrationTaskResponse' {successCount} -> successCount) (\s@DescribeThingRegistrationTaskResponse' {} a -> s {successCount = a} :: DescribeThingRegistrationTaskResponse)
+
+-- | The task ID.
+describeThingRegistrationTaskResponse_taskId :: Lens.Lens' DescribeThingRegistrationTaskResponse (Prelude.Maybe Prelude.Text)
+describeThingRegistrationTaskResponse_taskId = Lens.lens (\DescribeThingRegistrationTaskResponse' {taskId} -> taskId) (\s@DescribeThingRegistrationTaskResponse' {} a -> s {taskId = a} :: DescribeThingRegistrationTaskResponse)
+
+-- | The task\'s template.
+describeThingRegistrationTaskResponse_templateBody :: Lens.Lens' DescribeThingRegistrationTaskResponse (Prelude.Maybe Prelude.Text)
+describeThingRegistrationTaskResponse_templateBody = Lens.lens (\DescribeThingRegistrationTaskResponse' {templateBody} -> templateBody) (\s@DescribeThingRegistrationTaskResponse' {} a -> s {templateBody = a} :: DescribeThingRegistrationTaskResponse)
+
+-- | The response's http status code.
+describeThingRegistrationTaskResponse_httpStatus :: Lens.Lens' DescribeThingRegistrationTaskResponse Prelude.Int
+describeThingRegistrationTaskResponse_httpStatus = Lens.lens (\DescribeThingRegistrationTaskResponse' {httpStatus} -> httpStatus) (\s@DescribeThingRegistrationTaskResponse' {} a -> s {httpStatus = a} :: DescribeThingRegistrationTaskResponse)
+
+instance
+  Prelude.NFData
+    DescribeThingRegistrationTaskResponse
+  where
+  rnf DescribeThingRegistrationTaskResponse' {..} =
+    Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf failureCount
+      `Prelude.seq` Prelude.rnf inputFileBucket
+      `Prelude.seq` Prelude.rnf inputFileKey
+      `Prelude.seq` Prelude.rnf lastModifiedDate
+      `Prelude.seq` Prelude.rnf message
+      `Prelude.seq` Prelude.rnf percentageProgress
+      `Prelude.seq` Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf status
+      `Prelude.seq` Prelude.rnf successCount
+      `Prelude.seq` Prelude.rnf taskId
+      `Prelude.seq` Prelude.rnf templateBody
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DescribeThingType.hs b/gen/Amazonka/IoT/DescribeThingType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DescribeThingType.hs
@@ -0,0 +1,217 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DescribeThingType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets information about the specified thing type.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DescribeThingType>
+-- action.
+module Amazonka.IoT.DescribeThingType
+  ( -- * Creating a Request
+    DescribeThingType (..),
+    newDescribeThingType,
+
+    -- * Request Lenses
+    describeThingType_thingTypeName,
+
+    -- * Destructuring the Response
+    DescribeThingTypeResponse (..),
+    newDescribeThingTypeResponse,
+
+    -- * Response Lenses
+    describeThingTypeResponse_thingTypeArn,
+    describeThingTypeResponse_thingTypeId,
+    describeThingTypeResponse_thingTypeMetadata,
+    describeThingTypeResponse_thingTypeName,
+    describeThingTypeResponse_thingTypeProperties,
+    describeThingTypeResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the DescribeThingType operation.
+--
+-- /See:/ 'newDescribeThingType' smart constructor.
+data DescribeThingType = DescribeThingType'
+  { -- | The name of the thing type.
+    thingTypeName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeThingType' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'thingTypeName', 'describeThingType_thingTypeName' - The name of the thing type.
+newDescribeThingType ::
+  -- | 'thingTypeName'
+  Prelude.Text ->
+  DescribeThingType
+newDescribeThingType pThingTypeName_ =
+  DescribeThingType' {thingTypeName = pThingTypeName_}
+
+-- | The name of the thing type.
+describeThingType_thingTypeName :: Lens.Lens' DescribeThingType Prelude.Text
+describeThingType_thingTypeName = Lens.lens (\DescribeThingType' {thingTypeName} -> thingTypeName) (\s@DescribeThingType' {} a -> s {thingTypeName = a} :: DescribeThingType)
+
+instance Core.AWSRequest DescribeThingType where
+  type
+    AWSResponse DescribeThingType =
+      DescribeThingTypeResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeThingTypeResponse'
+            Prelude.<$> (x Data..?> "thingTypeArn")
+            Prelude.<*> (x Data..?> "thingTypeId")
+            Prelude.<*> (x Data..?> "thingTypeMetadata")
+            Prelude.<*> (x Data..?> "thingTypeName")
+            Prelude.<*> (x Data..?> "thingTypeProperties")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DescribeThingType where
+  hashWithSalt _salt DescribeThingType' {..} =
+    _salt `Prelude.hashWithSalt` thingTypeName
+
+instance Prelude.NFData DescribeThingType where
+  rnf DescribeThingType' {..} =
+    Prelude.rnf thingTypeName
+
+instance Data.ToHeaders DescribeThingType where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DescribeThingType where
+  toPath DescribeThingType' {..} =
+    Prelude.mconcat
+      ["/thing-types/", Data.toBS thingTypeName]
+
+instance Data.ToQuery DescribeThingType where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | The output for the DescribeThingType operation.
+--
+-- /See:/ 'newDescribeThingTypeResponse' smart constructor.
+data DescribeThingTypeResponse = DescribeThingTypeResponse'
+  { -- | The thing type ARN.
+    thingTypeArn :: Prelude.Maybe Prelude.Text,
+    -- | The thing type ID.
+    thingTypeId :: Prelude.Maybe Prelude.Text,
+    -- | The ThingTypeMetadata contains additional information about the thing
+    -- type including: creation date and time, a value indicating whether the
+    -- thing type is deprecated, and a date and time when it was deprecated.
+    thingTypeMetadata :: Prelude.Maybe ThingTypeMetadata,
+    -- | The name of the thing type.
+    thingTypeName :: Prelude.Maybe Prelude.Text,
+    -- | The ThingTypeProperties contains information about the thing type
+    -- including description, and a list of searchable thing attribute names.
+    thingTypeProperties :: Prelude.Maybe ThingTypeProperties,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeThingTypeResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'thingTypeArn', 'describeThingTypeResponse_thingTypeArn' - The thing type ARN.
+--
+-- 'thingTypeId', 'describeThingTypeResponse_thingTypeId' - The thing type ID.
+--
+-- 'thingTypeMetadata', 'describeThingTypeResponse_thingTypeMetadata' - The ThingTypeMetadata contains additional information about the thing
+-- type including: creation date and time, a value indicating whether the
+-- thing type is deprecated, and a date and time when it was deprecated.
+--
+-- 'thingTypeName', 'describeThingTypeResponse_thingTypeName' - The name of the thing type.
+--
+-- 'thingTypeProperties', 'describeThingTypeResponse_thingTypeProperties' - The ThingTypeProperties contains information about the thing type
+-- including description, and a list of searchable thing attribute names.
+--
+-- 'httpStatus', 'describeThingTypeResponse_httpStatus' - The response's http status code.
+newDescribeThingTypeResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DescribeThingTypeResponse
+newDescribeThingTypeResponse pHttpStatus_ =
+  DescribeThingTypeResponse'
+    { thingTypeArn =
+        Prelude.Nothing,
+      thingTypeId = Prelude.Nothing,
+      thingTypeMetadata = Prelude.Nothing,
+      thingTypeName = Prelude.Nothing,
+      thingTypeProperties = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The thing type ARN.
+describeThingTypeResponse_thingTypeArn :: Lens.Lens' DescribeThingTypeResponse (Prelude.Maybe Prelude.Text)
+describeThingTypeResponse_thingTypeArn = Lens.lens (\DescribeThingTypeResponse' {thingTypeArn} -> thingTypeArn) (\s@DescribeThingTypeResponse' {} a -> s {thingTypeArn = a} :: DescribeThingTypeResponse)
+
+-- | The thing type ID.
+describeThingTypeResponse_thingTypeId :: Lens.Lens' DescribeThingTypeResponse (Prelude.Maybe Prelude.Text)
+describeThingTypeResponse_thingTypeId = Lens.lens (\DescribeThingTypeResponse' {thingTypeId} -> thingTypeId) (\s@DescribeThingTypeResponse' {} a -> s {thingTypeId = a} :: DescribeThingTypeResponse)
+
+-- | The ThingTypeMetadata contains additional information about the thing
+-- type including: creation date and time, a value indicating whether the
+-- thing type is deprecated, and a date and time when it was deprecated.
+describeThingTypeResponse_thingTypeMetadata :: Lens.Lens' DescribeThingTypeResponse (Prelude.Maybe ThingTypeMetadata)
+describeThingTypeResponse_thingTypeMetadata = Lens.lens (\DescribeThingTypeResponse' {thingTypeMetadata} -> thingTypeMetadata) (\s@DescribeThingTypeResponse' {} a -> s {thingTypeMetadata = a} :: DescribeThingTypeResponse)
+
+-- | The name of the thing type.
+describeThingTypeResponse_thingTypeName :: Lens.Lens' DescribeThingTypeResponse (Prelude.Maybe Prelude.Text)
+describeThingTypeResponse_thingTypeName = Lens.lens (\DescribeThingTypeResponse' {thingTypeName} -> thingTypeName) (\s@DescribeThingTypeResponse' {} a -> s {thingTypeName = a} :: DescribeThingTypeResponse)
+
+-- | The ThingTypeProperties contains information about the thing type
+-- including description, and a list of searchable thing attribute names.
+describeThingTypeResponse_thingTypeProperties :: Lens.Lens' DescribeThingTypeResponse (Prelude.Maybe ThingTypeProperties)
+describeThingTypeResponse_thingTypeProperties = Lens.lens (\DescribeThingTypeResponse' {thingTypeProperties} -> thingTypeProperties) (\s@DescribeThingTypeResponse' {} a -> s {thingTypeProperties = a} :: DescribeThingTypeResponse)
+
+-- | The response's http status code.
+describeThingTypeResponse_httpStatus :: Lens.Lens' DescribeThingTypeResponse Prelude.Int
+describeThingTypeResponse_httpStatus = Lens.lens (\DescribeThingTypeResponse' {httpStatus} -> httpStatus) (\s@DescribeThingTypeResponse' {} a -> s {httpStatus = a} :: DescribeThingTypeResponse)
+
+instance Prelude.NFData DescribeThingTypeResponse where
+  rnf DescribeThingTypeResponse' {..} =
+    Prelude.rnf thingTypeArn
+      `Prelude.seq` Prelude.rnf thingTypeId
+      `Prelude.seq` Prelude.rnf thingTypeMetadata
+      `Prelude.seq` Prelude.rnf thingTypeName
+      `Prelude.seq` Prelude.rnf thingTypeProperties
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DetachPolicy.hs b/gen/Amazonka/IoT/DetachPolicy.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DetachPolicy.hs
@@ -0,0 +1,145 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DetachPolicy
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Detaches a policy from the specified target.
+--
+-- Because of the distributed nature of Amazon Web Services, it can take up
+-- to five minutes after a policy is detached before it\'s ready to be
+-- deleted.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DetachPolicy>
+-- action.
+module Amazonka.IoT.DetachPolicy
+  ( -- * Creating a Request
+    DetachPolicy (..),
+    newDetachPolicy,
+
+    -- * Request Lenses
+    detachPolicy_policyName,
+    detachPolicy_target,
+
+    -- * Destructuring the Response
+    DetachPolicyResponse (..),
+    newDetachPolicyResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDetachPolicy' smart constructor.
+data DetachPolicy = DetachPolicy'
+  { -- | The policy to detach.
+    policyName :: Prelude.Text,
+    -- | The target from which the policy will be detached.
+    target :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DetachPolicy' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'policyName', 'detachPolicy_policyName' - The policy to detach.
+--
+-- 'target', 'detachPolicy_target' - The target from which the policy will be detached.
+newDetachPolicy ::
+  -- | 'policyName'
+  Prelude.Text ->
+  -- | 'target'
+  Prelude.Text ->
+  DetachPolicy
+newDetachPolicy pPolicyName_ pTarget_ =
+  DetachPolicy'
+    { policyName = pPolicyName_,
+      target = pTarget_
+    }
+
+-- | The policy to detach.
+detachPolicy_policyName :: Lens.Lens' DetachPolicy Prelude.Text
+detachPolicy_policyName = Lens.lens (\DetachPolicy' {policyName} -> policyName) (\s@DetachPolicy' {} a -> s {policyName = a} :: DetachPolicy)
+
+-- | The target from which the policy will be detached.
+detachPolicy_target :: Lens.Lens' DetachPolicy Prelude.Text
+detachPolicy_target = Lens.lens (\DetachPolicy' {target} -> target) (\s@DetachPolicy' {} a -> s {target = a} :: DetachPolicy)
+
+instance Core.AWSRequest DetachPolicy where
+  type AWSResponse DetachPolicy = DetachPolicyResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response = Response.receiveNull DetachPolicyResponse'
+
+instance Prelude.Hashable DetachPolicy where
+  hashWithSalt _salt DetachPolicy' {..} =
+    _salt
+      `Prelude.hashWithSalt` policyName
+      `Prelude.hashWithSalt` target
+
+instance Prelude.NFData DetachPolicy where
+  rnf DetachPolicy' {..} =
+    Prelude.rnf policyName
+      `Prelude.seq` Prelude.rnf target
+
+instance Data.ToHeaders DetachPolicy where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON DetachPolicy where
+  toJSON DetachPolicy' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [Prelude.Just ("target" Data..= target)]
+      )
+
+instance Data.ToPath DetachPolicy where
+  toPath DetachPolicy' {..} =
+    Prelude.mconcat
+      ["/target-policies/", Data.toBS policyName]
+
+instance Data.ToQuery DetachPolicy where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDetachPolicyResponse' smart constructor.
+data DetachPolicyResponse = DetachPolicyResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DetachPolicyResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newDetachPolicyResponse ::
+  DetachPolicyResponse
+newDetachPolicyResponse = DetachPolicyResponse'
+
+instance Prelude.NFData DetachPolicyResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/IoT/DetachSecurityProfile.hs b/gen/Amazonka/IoT/DetachSecurityProfile.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DetachSecurityProfile.hs
@@ -0,0 +1,173 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DetachSecurityProfile
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Disassociates a Device Defender security profile from a thing group or
+-- from this account.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DetachSecurityProfile>
+-- action.
+module Amazonka.IoT.DetachSecurityProfile
+  ( -- * Creating a Request
+    DetachSecurityProfile (..),
+    newDetachSecurityProfile,
+
+    -- * Request Lenses
+    detachSecurityProfile_securityProfileName,
+    detachSecurityProfile_securityProfileTargetArn,
+
+    -- * Destructuring the Response
+    DetachSecurityProfileResponse (..),
+    newDetachSecurityProfileResponse,
+
+    -- * Response Lenses
+    detachSecurityProfileResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newDetachSecurityProfile' smart constructor.
+data DetachSecurityProfile = DetachSecurityProfile'
+  { -- | The security profile that is detached.
+    securityProfileName :: Prelude.Text,
+    -- | The ARN of the thing group from which the security profile is detached.
+    securityProfileTargetArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DetachSecurityProfile' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'securityProfileName', 'detachSecurityProfile_securityProfileName' - The security profile that is detached.
+--
+-- 'securityProfileTargetArn', 'detachSecurityProfile_securityProfileTargetArn' - The ARN of the thing group from which the security profile is detached.
+newDetachSecurityProfile ::
+  -- | 'securityProfileName'
+  Prelude.Text ->
+  -- | 'securityProfileTargetArn'
+  Prelude.Text ->
+  DetachSecurityProfile
+newDetachSecurityProfile
+  pSecurityProfileName_
+  pSecurityProfileTargetArn_ =
+    DetachSecurityProfile'
+      { securityProfileName =
+          pSecurityProfileName_,
+        securityProfileTargetArn =
+          pSecurityProfileTargetArn_
+      }
+
+-- | The security profile that is detached.
+detachSecurityProfile_securityProfileName :: Lens.Lens' DetachSecurityProfile Prelude.Text
+detachSecurityProfile_securityProfileName = Lens.lens (\DetachSecurityProfile' {securityProfileName} -> securityProfileName) (\s@DetachSecurityProfile' {} a -> s {securityProfileName = a} :: DetachSecurityProfile)
+
+-- | The ARN of the thing group from which the security profile is detached.
+detachSecurityProfile_securityProfileTargetArn :: Lens.Lens' DetachSecurityProfile Prelude.Text
+detachSecurityProfile_securityProfileTargetArn = Lens.lens (\DetachSecurityProfile' {securityProfileTargetArn} -> securityProfileTargetArn) (\s@DetachSecurityProfile' {} a -> s {securityProfileTargetArn = a} :: DetachSecurityProfile)
+
+instance Core.AWSRequest DetachSecurityProfile where
+  type
+    AWSResponse DetachSecurityProfile =
+      DetachSecurityProfileResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DetachSecurityProfileResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DetachSecurityProfile where
+  hashWithSalt _salt DetachSecurityProfile' {..} =
+    _salt
+      `Prelude.hashWithSalt` securityProfileName
+      `Prelude.hashWithSalt` securityProfileTargetArn
+
+instance Prelude.NFData DetachSecurityProfile where
+  rnf DetachSecurityProfile' {..} =
+    Prelude.rnf securityProfileName
+      `Prelude.seq` Prelude.rnf securityProfileTargetArn
+
+instance Data.ToHeaders DetachSecurityProfile where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath DetachSecurityProfile where
+  toPath DetachSecurityProfile' {..} =
+    Prelude.mconcat
+      [ "/security-profiles/",
+        Data.toBS securityProfileName,
+        "/targets"
+      ]
+
+instance Data.ToQuery DetachSecurityProfile where
+  toQuery DetachSecurityProfile' {..} =
+    Prelude.mconcat
+      [ "securityProfileTargetArn"
+          Data.=: securityProfileTargetArn
+      ]
+
+-- | /See:/ 'newDetachSecurityProfileResponse' smart constructor.
+data DetachSecurityProfileResponse = DetachSecurityProfileResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DetachSecurityProfileResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'detachSecurityProfileResponse_httpStatus' - The response's http status code.
+newDetachSecurityProfileResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DetachSecurityProfileResponse
+newDetachSecurityProfileResponse pHttpStatus_ =
+  DetachSecurityProfileResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+detachSecurityProfileResponse_httpStatus :: Lens.Lens' DetachSecurityProfileResponse Prelude.Int
+detachSecurityProfileResponse_httpStatus = Lens.lens (\DetachSecurityProfileResponse' {httpStatus} -> httpStatus) (\s@DetachSecurityProfileResponse' {} a -> s {httpStatus = a} :: DetachSecurityProfileResponse)
+
+instance Prelude.NFData DetachSecurityProfileResponse where
+  rnf DetachSecurityProfileResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DetachThingPrincipal.hs b/gen/Amazonka/IoT/DetachThingPrincipal.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DetachThingPrincipal.hs
@@ -0,0 +1,178 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DetachThingPrincipal
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Detaches the specified principal from the specified thing. A principal
+-- can be X.509 certificates, IAM users, groups, and roles, Amazon Cognito
+-- identities or federated identities.
+--
+-- This call is asynchronous. It might take several seconds for the
+-- detachment to propagate.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DetachThingPrincipal>
+-- action.
+module Amazonka.IoT.DetachThingPrincipal
+  ( -- * Creating a Request
+    DetachThingPrincipal (..),
+    newDetachThingPrincipal,
+
+    -- * Request Lenses
+    detachThingPrincipal_thingName,
+    detachThingPrincipal_principal,
+
+    -- * Destructuring the Response
+    DetachThingPrincipalResponse (..),
+    newDetachThingPrincipalResponse,
+
+    -- * Response Lenses
+    detachThingPrincipalResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the DetachThingPrincipal operation.
+--
+-- /See:/ 'newDetachThingPrincipal' smart constructor.
+data DetachThingPrincipal = DetachThingPrincipal'
+  { -- | The name of the thing.
+    thingName :: Prelude.Text,
+    -- | If the principal is a certificate, this value must be ARN of the
+    -- certificate. If the principal is an Amazon Cognito identity, this value
+    -- must be the ID of the Amazon Cognito identity.
+    principal :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DetachThingPrincipal' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'thingName', 'detachThingPrincipal_thingName' - The name of the thing.
+--
+-- 'principal', 'detachThingPrincipal_principal' - If the principal is a certificate, this value must be ARN of the
+-- certificate. If the principal is an Amazon Cognito identity, this value
+-- must be the ID of the Amazon Cognito identity.
+newDetachThingPrincipal ::
+  -- | 'thingName'
+  Prelude.Text ->
+  -- | 'principal'
+  Prelude.Text ->
+  DetachThingPrincipal
+newDetachThingPrincipal pThingName_ pPrincipal_ =
+  DetachThingPrincipal'
+    { thingName = pThingName_,
+      principal = pPrincipal_
+    }
+
+-- | The name of the thing.
+detachThingPrincipal_thingName :: Lens.Lens' DetachThingPrincipal Prelude.Text
+detachThingPrincipal_thingName = Lens.lens (\DetachThingPrincipal' {thingName} -> thingName) (\s@DetachThingPrincipal' {} a -> s {thingName = a} :: DetachThingPrincipal)
+
+-- | If the principal is a certificate, this value must be ARN of the
+-- certificate. If the principal is an Amazon Cognito identity, this value
+-- must be the ID of the Amazon Cognito identity.
+detachThingPrincipal_principal :: Lens.Lens' DetachThingPrincipal Prelude.Text
+detachThingPrincipal_principal = Lens.lens (\DetachThingPrincipal' {principal} -> principal) (\s@DetachThingPrincipal' {} a -> s {principal = a} :: DetachThingPrincipal)
+
+instance Core.AWSRequest DetachThingPrincipal where
+  type
+    AWSResponse DetachThingPrincipal =
+      DetachThingPrincipalResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DetachThingPrincipalResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DetachThingPrincipal where
+  hashWithSalt _salt DetachThingPrincipal' {..} =
+    _salt
+      `Prelude.hashWithSalt` thingName
+      `Prelude.hashWithSalt` principal
+
+instance Prelude.NFData DetachThingPrincipal where
+  rnf DetachThingPrincipal' {..} =
+    Prelude.rnf thingName
+      `Prelude.seq` Prelude.rnf principal
+
+instance Data.ToHeaders DetachThingPrincipal where
+  toHeaders DetachThingPrincipal' {..} =
+    Prelude.mconcat
+      ["x-amzn-principal" Data.=# principal]
+
+instance Data.ToPath DetachThingPrincipal where
+  toPath DetachThingPrincipal' {..} =
+    Prelude.mconcat
+      ["/things/", Data.toBS thingName, "/principals"]
+
+instance Data.ToQuery DetachThingPrincipal where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | The output from the DetachThingPrincipal operation.
+--
+-- /See:/ 'newDetachThingPrincipalResponse' smart constructor.
+data DetachThingPrincipalResponse = DetachThingPrincipalResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DetachThingPrincipalResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'detachThingPrincipalResponse_httpStatus' - The response's http status code.
+newDetachThingPrincipalResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DetachThingPrincipalResponse
+newDetachThingPrincipalResponse pHttpStatus_ =
+  DetachThingPrincipalResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+detachThingPrincipalResponse_httpStatus :: Lens.Lens' DetachThingPrincipalResponse Prelude.Int
+detachThingPrincipalResponse_httpStatus = Lens.lens (\DetachThingPrincipalResponse' {httpStatus} -> httpStatus) (\s@DetachThingPrincipalResponse' {} a -> s {httpStatus = a} :: DetachThingPrincipalResponse)
+
+instance Prelude.NFData DetachThingPrincipalResponse where
+  rnf DetachThingPrincipalResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/DisableTopicRule.hs b/gen/Amazonka/IoT/DisableTopicRule.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/DisableTopicRule.hs
@@ -0,0 +1,125 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.DisableTopicRule
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Disables the rule.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions DisableTopicRule>
+-- action.
+module Amazonka.IoT.DisableTopicRule
+  ( -- * Creating a Request
+    DisableTopicRule (..),
+    newDisableTopicRule,
+
+    -- * Request Lenses
+    disableTopicRule_ruleName,
+
+    -- * Destructuring the Response
+    DisableTopicRuleResponse (..),
+    newDisableTopicRuleResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the DisableTopicRuleRequest operation.
+--
+-- /See:/ 'newDisableTopicRule' smart constructor.
+data DisableTopicRule = DisableTopicRule'
+  { -- | The name of the rule to disable.
+    ruleName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DisableTopicRule' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'ruleName', 'disableTopicRule_ruleName' - The name of the rule to disable.
+newDisableTopicRule ::
+  -- | 'ruleName'
+  Prelude.Text ->
+  DisableTopicRule
+newDisableTopicRule pRuleName_ =
+  DisableTopicRule' {ruleName = pRuleName_}
+
+-- | The name of the rule to disable.
+disableTopicRule_ruleName :: Lens.Lens' DisableTopicRule Prelude.Text
+disableTopicRule_ruleName = Lens.lens (\DisableTopicRule' {ruleName} -> ruleName) (\s@DisableTopicRule' {} a -> s {ruleName = a} :: DisableTopicRule)
+
+instance Core.AWSRequest DisableTopicRule where
+  type
+    AWSResponse DisableTopicRule =
+      DisableTopicRuleResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveNull DisableTopicRuleResponse'
+
+instance Prelude.Hashable DisableTopicRule where
+  hashWithSalt _salt DisableTopicRule' {..} =
+    _salt `Prelude.hashWithSalt` ruleName
+
+instance Prelude.NFData DisableTopicRule where
+  rnf DisableTopicRule' {..} = Prelude.rnf ruleName
+
+instance Data.ToHeaders DisableTopicRule where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON DisableTopicRule where
+  toJSON = Prelude.const (Data.Object Prelude.mempty)
+
+instance Data.ToPath DisableTopicRule where
+  toPath DisableTopicRule' {..} =
+    Prelude.mconcat
+      ["/rules/", Data.toBS ruleName, "/disable"]
+
+instance Data.ToQuery DisableTopicRule where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDisableTopicRuleResponse' smart constructor.
+data DisableTopicRuleResponse = DisableTopicRuleResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DisableTopicRuleResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newDisableTopicRuleResponse ::
+  DisableTopicRuleResponse
+newDisableTopicRuleResponse =
+  DisableTopicRuleResponse'
+
+instance Prelude.NFData DisableTopicRuleResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/IoT/EnableTopicRule.hs b/gen/Amazonka/IoT/EnableTopicRule.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/EnableTopicRule.hs
@@ -0,0 +1,124 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.EnableTopicRule
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Enables the rule.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions EnableTopicRule>
+-- action.
+module Amazonka.IoT.EnableTopicRule
+  ( -- * Creating a Request
+    EnableTopicRule (..),
+    newEnableTopicRule,
+
+    -- * Request Lenses
+    enableTopicRule_ruleName,
+
+    -- * Destructuring the Response
+    EnableTopicRuleResponse (..),
+    newEnableTopicRuleResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the EnableTopicRuleRequest operation.
+--
+-- /See:/ 'newEnableTopicRule' smart constructor.
+data EnableTopicRule = EnableTopicRule'
+  { -- | The name of the topic rule to enable.
+    ruleName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'EnableTopicRule' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'ruleName', 'enableTopicRule_ruleName' - The name of the topic rule to enable.
+newEnableTopicRule ::
+  -- | 'ruleName'
+  Prelude.Text ->
+  EnableTopicRule
+newEnableTopicRule pRuleName_ =
+  EnableTopicRule' {ruleName = pRuleName_}
+
+-- | The name of the topic rule to enable.
+enableTopicRule_ruleName :: Lens.Lens' EnableTopicRule Prelude.Text
+enableTopicRule_ruleName = Lens.lens (\EnableTopicRule' {ruleName} -> ruleName) (\s@EnableTopicRule' {} a -> s {ruleName = a} :: EnableTopicRule)
+
+instance Core.AWSRequest EnableTopicRule where
+  type
+    AWSResponse EnableTopicRule =
+      EnableTopicRuleResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveNull EnableTopicRuleResponse'
+
+instance Prelude.Hashable EnableTopicRule where
+  hashWithSalt _salt EnableTopicRule' {..} =
+    _salt `Prelude.hashWithSalt` ruleName
+
+instance Prelude.NFData EnableTopicRule where
+  rnf EnableTopicRule' {..} = Prelude.rnf ruleName
+
+instance Data.ToHeaders EnableTopicRule where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON EnableTopicRule where
+  toJSON = Prelude.const (Data.Object Prelude.mempty)
+
+instance Data.ToPath EnableTopicRule where
+  toPath EnableTopicRule' {..} =
+    Prelude.mconcat
+      ["/rules/", Data.toBS ruleName, "/enable"]
+
+instance Data.ToQuery EnableTopicRule where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newEnableTopicRuleResponse' smart constructor.
+data EnableTopicRuleResponse = EnableTopicRuleResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'EnableTopicRuleResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newEnableTopicRuleResponse ::
+  EnableTopicRuleResponse
+newEnableTopicRuleResponse = EnableTopicRuleResponse'
+
+instance Prelude.NFData EnableTopicRuleResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/IoT/GetBehaviorModelTrainingSummaries.hs b/gen/Amazonka/IoT/GetBehaviorModelTrainingSummaries.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/GetBehaviorModelTrainingSummaries.hs
@@ -0,0 +1,256 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.GetBehaviorModelTrainingSummaries
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Returns a Device Defender\'s ML Detect Security Profile training
+-- model\'s status.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions GetBehaviorModelTrainingSummaries>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.GetBehaviorModelTrainingSummaries
+  ( -- * Creating a Request
+    GetBehaviorModelTrainingSummaries (..),
+    newGetBehaviorModelTrainingSummaries,
+
+    -- * Request Lenses
+    getBehaviorModelTrainingSummaries_maxResults,
+    getBehaviorModelTrainingSummaries_nextToken,
+    getBehaviorModelTrainingSummaries_securityProfileName,
+
+    -- * Destructuring the Response
+    GetBehaviorModelTrainingSummariesResponse (..),
+    newGetBehaviorModelTrainingSummariesResponse,
+
+    -- * Response Lenses
+    getBehaviorModelTrainingSummariesResponse_nextToken,
+    getBehaviorModelTrainingSummariesResponse_summaries,
+    getBehaviorModelTrainingSummariesResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newGetBehaviorModelTrainingSummaries' smart constructor.
+data GetBehaviorModelTrainingSummaries = GetBehaviorModelTrainingSummaries'
+  { -- | The maximum number of results to return at one time. The default is 10.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The token for the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The name of the security profile.
+    securityProfileName :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetBehaviorModelTrainingSummaries' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'getBehaviorModelTrainingSummaries_maxResults' - The maximum number of results to return at one time. The default is 10.
+--
+-- 'nextToken', 'getBehaviorModelTrainingSummaries_nextToken' - The token for the next set of results.
+--
+-- 'securityProfileName', 'getBehaviorModelTrainingSummaries_securityProfileName' - The name of the security profile.
+newGetBehaviorModelTrainingSummaries ::
+  GetBehaviorModelTrainingSummaries
+newGetBehaviorModelTrainingSummaries =
+  GetBehaviorModelTrainingSummaries'
+    { maxResults =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      securityProfileName = Prelude.Nothing
+    }
+
+-- | The maximum number of results to return at one time. The default is 10.
+getBehaviorModelTrainingSummaries_maxResults :: Lens.Lens' GetBehaviorModelTrainingSummaries (Prelude.Maybe Prelude.Natural)
+getBehaviorModelTrainingSummaries_maxResults = Lens.lens (\GetBehaviorModelTrainingSummaries' {maxResults} -> maxResults) (\s@GetBehaviorModelTrainingSummaries' {} a -> s {maxResults = a} :: GetBehaviorModelTrainingSummaries)
+
+-- | The token for the next set of results.
+getBehaviorModelTrainingSummaries_nextToken :: Lens.Lens' GetBehaviorModelTrainingSummaries (Prelude.Maybe Prelude.Text)
+getBehaviorModelTrainingSummaries_nextToken = Lens.lens (\GetBehaviorModelTrainingSummaries' {nextToken} -> nextToken) (\s@GetBehaviorModelTrainingSummaries' {} a -> s {nextToken = a} :: GetBehaviorModelTrainingSummaries)
+
+-- | The name of the security profile.
+getBehaviorModelTrainingSummaries_securityProfileName :: Lens.Lens' GetBehaviorModelTrainingSummaries (Prelude.Maybe Prelude.Text)
+getBehaviorModelTrainingSummaries_securityProfileName = Lens.lens (\GetBehaviorModelTrainingSummaries' {securityProfileName} -> securityProfileName) (\s@GetBehaviorModelTrainingSummaries' {} a -> s {securityProfileName = a} :: GetBehaviorModelTrainingSummaries)
+
+instance
+  Core.AWSPager
+    GetBehaviorModelTrainingSummaries
+  where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? getBehaviorModelTrainingSummariesResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? getBehaviorModelTrainingSummariesResponse_summaries
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& getBehaviorModelTrainingSummaries_nextToken
+          Lens..~ rs
+          Lens.^? getBehaviorModelTrainingSummariesResponse_nextToken
+          Prelude.. Lens._Just
+
+instance
+  Core.AWSRequest
+    GetBehaviorModelTrainingSummaries
+  where
+  type
+    AWSResponse GetBehaviorModelTrainingSummaries =
+      GetBehaviorModelTrainingSummariesResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetBehaviorModelTrainingSummariesResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (x Data..?> "summaries" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    GetBehaviorModelTrainingSummaries
+  where
+  hashWithSalt
+    _salt
+    GetBehaviorModelTrainingSummaries' {..} =
+      _salt
+        `Prelude.hashWithSalt` maxResults
+        `Prelude.hashWithSalt` nextToken
+        `Prelude.hashWithSalt` securityProfileName
+
+instance
+  Prelude.NFData
+    GetBehaviorModelTrainingSummaries
+  where
+  rnf GetBehaviorModelTrainingSummaries' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf securityProfileName
+
+instance
+  Data.ToHeaders
+    GetBehaviorModelTrainingSummaries
+  where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance
+  Data.ToPath
+    GetBehaviorModelTrainingSummaries
+  where
+  toPath =
+    Prelude.const "/behavior-model-training/summaries"
+
+instance
+  Data.ToQuery
+    GetBehaviorModelTrainingSummaries
+  where
+  toQuery GetBehaviorModelTrainingSummaries' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken,
+        "securityProfileName" Data.=: securityProfileName
+      ]
+
+-- | /See:/ 'newGetBehaviorModelTrainingSummariesResponse' smart constructor.
+data GetBehaviorModelTrainingSummariesResponse = GetBehaviorModelTrainingSummariesResponse'
+  { -- | A token that can be used to retrieve the next set of results, or @null@
+    -- if there are no additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | A list of all ML Detect behaviors and their model status for a given
+    -- Security Profile.
+    summaries :: Prelude.Maybe [BehaviorModelTrainingSummary],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetBehaviorModelTrainingSummariesResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'getBehaviorModelTrainingSummariesResponse_nextToken' - A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+--
+-- 'summaries', 'getBehaviorModelTrainingSummariesResponse_summaries' - A list of all ML Detect behaviors and their model status for a given
+-- Security Profile.
+--
+-- 'httpStatus', 'getBehaviorModelTrainingSummariesResponse_httpStatus' - The response's http status code.
+newGetBehaviorModelTrainingSummariesResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  GetBehaviorModelTrainingSummariesResponse
+newGetBehaviorModelTrainingSummariesResponse
+  pHttpStatus_ =
+    GetBehaviorModelTrainingSummariesResponse'
+      { nextToken =
+          Prelude.Nothing,
+        summaries = Prelude.Nothing,
+        httpStatus = pHttpStatus_
+      }
+
+-- | A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+getBehaviorModelTrainingSummariesResponse_nextToken :: Lens.Lens' GetBehaviorModelTrainingSummariesResponse (Prelude.Maybe Prelude.Text)
+getBehaviorModelTrainingSummariesResponse_nextToken = Lens.lens (\GetBehaviorModelTrainingSummariesResponse' {nextToken} -> nextToken) (\s@GetBehaviorModelTrainingSummariesResponse' {} a -> s {nextToken = a} :: GetBehaviorModelTrainingSummariesResponse)
+
+-- | A list of all ML Detect behaviors and their model status for a given
+-- Security Profile.
+getBehaviorModelTrainingSummariesResponse_summaries :: Lens.Lens' GetBehaviorModelTrainingSummariesResponse (Prelude.Maybe [BehaviorModelTrainingSummary])
+getBehaviorModelTrainingSummariesResponse_summaries = Lens.lens (\GetBehaviorModelTrainingSummariesResponse' {summaries} -> summaries) (\s@GetBehaviorModelTrainingSummariesResponse' {} a -> s {summaries = a} :: GetBehaviorModelTrainingSummariesResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+getBehaviorModelTrainingSummariesResponse_httpStatus :: Lens.Lens' GetBehaviorModelTrainingSummariesResponse Prelude.Int
+getBehaviorModelTrainingSummariesResponse_httpStatus = Lens.lens (\GetBehaviorModelTrainingSummariesResponse' {httpStatus} -> httpStatus) (\s@GetBehaviorModelTrainingSummariesResponse' {} a -> s {httpStatus = a} :: GetBehaviorModelTrainingSummariesResponse)
+
+instance
+  Prelude.NFData
+    GetBehaviorModelTrainingSummariesResponse
+  where
+  rnf GetBehaviorModelTrainingSummariesResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf summaries
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/GetBucketsAggregation.hs b/gen/Amazonka/IoT/GetBucketsAggregation.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/GetBucketsAggregation.hs
@@ -0,0 +1,262 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.GetBucketsAggregation
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Aggregates on indexed data with search queries pertaining to particular
+-- fields.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions GetBucketsAggregation>
+-- action.
+module Amazonka.IoT.GetBucketsAggregation
+  ( -- * Creating a Request
+    GetBucketsAggregation (..),
+    newGetBucketsAggregation,
+
+    -- * Request Lenses
+    getBucketsAggregation_indexName,
+    getBucketsAggregation_queryVersion,
+    getBucketsAggregation_queryString,
+    getBucketsAggregation_aggregationField,
+    getBucketsAggregation_bucketsAggregationType,
+
+    -- * Destructuring the Response
+    GetBucketsAggregationResponse (..),
+    newGetBucketsAggregationResponse,
+
+    -- * Response Lenses
+    getBucketsAggregationResponse_buckets,
+    getBucketsAggregationResponse_totalCount,
+    getBucketsAggregationResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newGetBucketsAggregation' smart constructor.
+data GetBucketsAggregation = GetBucketsAggregation'
+  { -- | The name of the index to search.
+    indexName :: Prelude.Maybe Prelude.Text,
+    -- | The version of the query.
+    queryVersion :: Prelude.Maybe Prelude.Text,
+    -- | The search query string.
+    queryString :: Prelude.Text,
+    -- | The aggregation field.
+    aggregationField :: Prelude.Text,
+    -- | The basic control of the response shape and the bucket aggregation type
+    -- to perform.
+    bucketsAggregationType :: BucketsAggregationType
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetBucketsAggregation' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'indexName', 'getBucketsAggregation_indexName' - The name of the index to search.
+--
+-- 'queryVersion', 'getBucketsAggregation_queryVersion' - The version of the query.
+--
+-- 'queryString', 'getBucketsAggregation_queryString' - The search query string.
+--
+-- 'aggregationField', 'getBucketsAggregation_aggregationField' - The aggregation field.
+--
+-- 'bucketsAggregationType', 'getBucketsAggregation_bucketsAggregationType' - The basic control of the response shape and the bucket aggregation type
+-- to perform.
+newGetBucketsAggregation ::
+  -- | 'queryString'
+  Prelude.Text ->
+  -- | 'aggregationField'
+  Prelude.Text ->
+  -- | 'bucketsAggregationType'
+  BucketsAggregationType ->
+  GetBucketsAggregation
+newGetBucketsAggregation
+  pQueryString_
+  pAggregationField_
+  pBucketsAggregationType_ =
+    GetBucketsAggregation'
+      { indexName = Prelude.Nothing,
+        queryVersion = Prelude.Nothing,
+        queryString = pQueryString_,
+        aggregationField = pAggregationField_,
+        bucketsAggregationType = pBucketsAggregationType_
+      }
+
+-- | The name of the index to search.
+getBucketsAggregation_indexName :: Lens.Lens' GetBucketsAggregation (Prelude.Maybe Prelude.Text)
+getBucketsAggregation_indexName = Lens.lens (\GetBucketsAggregation' {indexName} -> indexName) (\s@GetBucketsAggregation' {} a -> s {indexName = a} :: GetBucketsAggregation)
+
+-- | The version of the query.
+getBucketsAggregation_queryVersion :: Lens.Lens' GetBucketsAggregation (Prelude.Maybe Prelude.Text)
+getBucketsAggregation_queryVersion = Lens.lens (\GetBucketsAggregation' {queryVersion} -> queryVersion) (\s@GetBucketsAggregation' {} a -> s {queryVersion = a} :: GetBucketsAggregation)
+
+-- | The search query string.
+getBucketsAggregation_queryString :: Lens.Lens' GetBucketsAggregation Prelude.Text
+getBucketsAggregation_queryString = Lens.lens (\GetBucketsAggregation' {queryString} -> queryString) (\s@GetBucketsAggregation' {} a -> s {queryString = a} :: GetBucketsAggregation)
+
+-- | The aggregation field.
+getBucketsAggregation_aggregationField :: Lens.Lens' GetBucketsAggregation Prelude.Text
+getBucketsAggregation_aggregationField = Lens.lens (\GetBucketsAggregation' {aggregationField} -> aggregationField) (\s@GetBucketsAggregation' {} a -> s {aggregationField = a} :: GetBucketsAggregation)
+
+-- | The basic control of the response shape and the bucket aggregation type
+-- to perform.
+getBucketsAggregation_bucketsAggregationType :: Lens.Lens' GetBucketsAggregation BucketsAggregationType
+getBucketsAggregation_bucketsAggregationType = Lens.lens (\GetBucketsAggregation' {bucketsAggregationType} -> bucketsAggregationType) (\s@GetBucketsAggregation' {} a -> s {bucketsAggregationType = a} :: GetBucketsAggregation)
+
+instance Core.AWSRequest GetBucketsAggregation where
+  type
+    AWSResponse GetBucketsAggregation =
+      GetBucketsAggregationResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetBucketsAggregationResponse'
+            Prelude.<$> (x Data..?> "buckets" Core..!@ Prelude.mempty)
+            Prelude.<*> (x Data..?> "totalCount")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable GetBucketsAggregation where
+  hashWithSalt _salt GetBucketsAggregation' {..} =
+    _salt
+      `Prelude.hashWithSalt` indexName
+      `Prelude.hashWithSalt` queryVersion
+      `Prelude.hashWithSalt` queryString
+      `Prelude.hashWithSalt` aggregationField
+      `Prelude.hashWithSalt` bucketsAggregationType
+
+instance Prelude.NFData GetBucketsAggregation where
+  rnf GetBucketsAggregation' {..} =
+    Prelude.rnf indexName
+      `Prelude.seq` Prelude.rnf queryVersion
+      `Prelude.seq` Prelude.rnf queryString
+      `Prelude.seq` Prelude.rnf aggregationField
+      `Prelude.seq` Prelude.rnf bucketsAggregationType
+
+instance Data.ToHeaders GetBucketsAggregation where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON GetBucketsAggregation where
+  toJSON GetBucketsAggregation' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("indexName" Data..=) Prelude.<$> indexName,
+            ("queryVersion" Data..=) Prelude.<$> queryVersion,
+            Prelude.Just ("queryString" Data..= queryString),
+            Prelude.Just
+              ("aggregationField" Data..= aggregationField),
+            Prelude.Just
+              ( "bucketsAggregationType"
+                  Data..= bucketsAggregationType
+              )
+          ]
+      )
+
+instance Data.ToPath GetBucketsAggregation where
+  toPath = Prelude.const "/indices/buckets"
+
+instance Data.ToQuery GetBucketsAggregation where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newGetBucketsAggregationResponse' smart constructor.
+data GetBucketsAggregationResponse = GetBucketsAggregationResponse'
+  { -- | The main part of the response with a list of buckets. Each bucket
+    -- contains a @keyValue@ and a @count@.
+    --
+    -- @keyValue@: The aggregation field value counted for the particular
+    -- bucket.
+    --
+    -- @count@: The number of documents that have that value.
+    buckets :: Prelude.Maybe [Bucket],
+    -- | The total number of things that fit the query string criteria.
+    totalCount :: Prelude.Maybe Prelude.Int,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetBucketsAggregationResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'buckets', 'getBucketsAggregationResponse_buckets' - The main part of the response with a list of buckets. Each bucket
+-- contains a @keyValue@ and a @count@.
+--
+-- @keyValue@: The aggregation field value counted for the particular
+-- bucket.
+--
+-- @count@: The number of documents that have that value.
+--
+-- 'totalCount', 'getBucketsAggregationResponse_totalCount' - The total number of things that fit the query string criteria.
+--
+-- 'httpStatus', 'getBucketsAggregationResponse_httpStatus' - The response's http status code.
+newGetBucketsAggregationResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  GetBucketsAggregationResponse
+newGetBucketsAggregationResponse pHttpStatus_ =
+  GetBucketsAggregationResponse'
+    { buckets =
+        Prelude.Nothing,
+      totalCount = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The main part of the response with a list of buckets. Each bucket
+-- contains a @keyValue@ and a @count@.
+--
+-- @keyValue@: The aggregation field value counted for the particular
+-- bucket.
+--
+-- @count@: The number of documents that have that value.
+getBucketsAggregationResponse_buckets :: Lens.Lens' GetBucketsAggregationResponse (Prelude.Maybe [Bucket])
+getBucketsAggregationResponse_buckets = Lens.lens (\GetBucketsAggregationResponse' {buckets} -> buckets) (\s@GetBucketsAggregationResponse' {} a -> s {buckets = a} :: GetBucketsAggregationResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The total number of things that fit the query string criteria.
+getBucketsAggregationResponse_totalCount :: Lens.Lens' GetBucketsAggregationResponse (Prelude.Maybe Prelude.Int)
+getBucketsAggregationResponse_totalCount = Lens.lens (\GetBucketsAggregationResponse' {totalCount} -> totalCount) (\s@GetBucketsAggregationResponse' {} a -> s {totalCount = a} :: GetBucketsAggregationResponse)
+
+-- | The response's http status code.
+getBucketsAggregationResponse_httpStatus :: Lens.Lens' GetBucketsAggregationResponse Prelude.Int
+getBucketsAggregationResponse_httpStatus = Lens.lens (\GetBucketsAggregationResponse' {httpStatus} -> httpStatus) (\s@GetBucketsAggregationResponse' {} a -> s {httpStatus = a} :: GetBucketsAggregationResponse)
+
+instance Prelude.NFData GetBucketsAggregationResponse where
+  rnf GetBucketsAggregationResponse' {..} =
+    Prelude.rnf buckets
+      `Prelude.seq` Prelude.rnf totalCount
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/GetCardinality.hs b/gen/Amazonka/IoT/GetCardinality.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/GetCardinality.hs
@@ -0,0 +1,205 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.GetCardinality
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Returns the approximate count of unique values that match the query.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions GetCardinality>
+-- action.
+module Amazonka.IoT.GetCardinality
+  ( -- * Creating a Request
+    GetCardinality (..),
+    newGetCardinality,
+
+    -- * Request Lenses
+    getCardinality_aggregationField,
+    getCardinality_indexName,
+    getCardinality_queryVersion,
+    getCardinality_queryString,
+
+    -- * Destructuring the Response
+    GetCardinalityResponse (..),
+    newGetCardinalityResponse,
+
+    -- * Response Lenses
+    getCardinalityResponse_cardinality,
+    getCardinalityResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newGetCardinality' smart constructor.
+data GetCardinality = GetCardinality'
+  { -- | The field to aggregate.
+    aggregationField :: Prelude.Maybe Prelude.Text,
+    -- | The name of the index to search.
+    indexName :: Prelude.Maybe Prelude.Text,
+    -- | The query version.
+    queryVersion :: Prelude.Maybe Prelude.Text,
+    -- | The search query string.
+    queryString :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetCardinality' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'aggregationField', 'getCardinality_aggregationField' - The field to aggregate.
+--
+-- 'indexName', 'getCardinality_indexName' - The name of the index to search.
+--
+-- 'queryVersion', 'getCardinality_queryVersion' - The query version.
+--
+-- 'queryString', 'getCardinality_queryString' - The search query string.
+newGetCardinality ::
+  -- | 'queryString'
+  Prelude.Text ->
+  GetCardinality
+newGetCardinality pQueryString_ =
+  GetCardinality'
+    { aggregationField = Prelude.Nothing,
+      indexName = Prelude.Nothing,
+      queryVersion = Prelude.Nothing,
+      queryString = pQueryString_
+    }
+
+-- | The field to aggregate.
+getCardinality_aggregationField :: Lens.Lens' GetCardinality (Prelude.Maybe Prelude.Text)
+getCardinality_aggregationField = Lens.lens (\GetCardinality' {aggregationField} -> aggregationField) (\s@GetCardinality' {} a -> s {aggregationField = a} :: GetCardinality)
+
+-- | The name of the index to search.
+getCardinality_indexName :: Lens.Lens' GetCardinality (Prelude.Maybe Prelude.Text)
+getCardinality_indexName = Lens.lens (\GetCardinality' {indexName} -> indexName) (\s@GetCardinality' {} a -> s {indexName = a} :: GetCardinality)
+
+-- | The query version.
+getCardinality_queryVersion :: Lens.Lens' GetCardinality (Prelude.Maybe Prelude.Text)
+getCardinality_queryVersion = Lens.lens (\GetCardinality' {queryVersion} -> queryVersion) (\s@GetCardinality' {} a -> s {queryVersion = a} :: GetCardinality)
+
+-- | The search query string.
+getCardinality_queryString :: Lens.Lens' GetCardinality Prelude.Text
+getCardinality_queryString = Lens.lens (\GetCardinality' {queryString} -> queryString) (\s@GetCardinality' {} a -> s {queryString = a} :: GetCardinality)
+
+instance Core.AWSRequest GetCardinality where
+  type
+    AWSResponse GetCardinality =
+      GetCardinalityResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetCardinalityResponse'
+            Prelude.<$> (x Data..?> "cardinality")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable GetCardinality where
+  hashWithSalt _salt GetCardinality' {..} =
+    _salt
+      `Prelude.hashWithSalt` aggregationField
+      `Prelude.hashWithSalt` indexName
+      `Prelude.hashWithSalt` queryVersion
+      `Prelude.hashWithSalt` queryString
+
+instance Prelude.NFData GetCardinality where
+  rnf GetCardinality' {..} =
+    Prelude.rnf aggregationField
+      `Prelude.seq` Prelude.rnf indexName
+      `Prelude.seq` Prelude.rnf queryVersion
+      `Prelude.seq` Prelude.rnf queryString
+
+instance Data.ToHeaders GetCardinality where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON GetCardinality where
+  toJSON GetCardinality' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("aggregationField" Data..=)
+              Prelude.<$> aggregationField,
+            ("indexName" Data..=) Prelude.<$> indexName,
+            ("queryVersion" Data..=) Prelude.<$> queryVersion,
+            Prelude.Just ("queryString" Data..= queryString)
+          ]
+      )
+
+instance Data.ToPath GetCardinality where
+  toPath = Prelude.const "/indices/cardinality"
+
+instance Data.ToQuery GetCardinality where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newGetCardinalityResponse' smart constructor.
+data GetCardinalityResponse = GetCardinalityResponse'
+  { -- | The approximate count of unique values that match the query.
+    cardinality :: Prelude.Maybe Prelude.Int,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetCardinalityResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'cardinality', 'getCardinalityResponse_cardinality' - The approximate count of unique values that match the query.
+--
+-- 'httpStatus', 'getCardinalityResponse_httpStatus' - The response's http status code.
+newGetCardinalityResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  GetCardinalityResponse
+newGetCardinalityResponse pHttpStatus_ =
+  GetCardinalityResponse'
+    { cardinality =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The approximate count of unique values that match the query.
+getCardinalityResponse_cardinality :: Lens.Lens' GetCardinalityResponse (Prelude.Maybe Prelude.Int)
+getCardinalityResponse_cardinality = Lens.lens (\GetCardinalityResponse' {cardinality} -> cardinality) (\s@GetCardinalityResponse' {} a -> s {cardinality = a} :: GetCardinalityResponse)
+
+-- | The response's http status code.
+getCardinalityResponse_httpStatus :: Lens.Lens' GetCardinalityResponse Prelude.Int
+getCardinalityResponse_httpStatus = Lens.lens (\GetCardinalityResponse' {httpStatus} -> httpStatus) (\s@GetCardinalityResponse' {} a -> s {httpStatus = a} :: GetCardinalityResponse)
+
+instance Prelude.NFData GetCardinalityResponse where
+  rnf GetCardinalityResponse' {..} =
+    Prelude.rnf cardinality
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/GetEffectivePolicies.hs b/gen/Amazonka/IoT/GetEffectivePolicies.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/GetEffectivePolicies.hs
@@ -0,0 +1,205 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.GetEffectivePolicies
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets a list of the policies that have an effect on the authorization
+-- behavior of the specified device when it connects to the IoT device
+-- gateway.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions GetEffectivePolicies>
+-- action.
+module Amazonka.IoT.GetEffectivePolicies
+  ( -- * Creating a Request
+    GetEffectivePolicies (..),
+    newGetEffectivePolicies,
+
+    -- * Request Lenses
+    getEffectivePolicies_cognitoIdentityPoolId,
+    getEffectivePolicies_principal,
+    getEffectivePolicies_thingName,
+
+    -- * Destructuring the Response
+    GetEffectivePoliciesResponse (..),
+    newGetEffectivePoliciesResponse,
+
+    -- * Response Lenses
+    getEffectivePoliciesResponse_effectivePolicies,
+    getEffectivePoliciesResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newGetEffectivePolicies' smart constructor.
+data GetEffectivePolicies = GetEffectivePolicies'
+  { -- | The Cognito identity pool ID.
+    cognitoIdentityPoolId :: Prelude.Maybe Prelude.Text,
+    -- | The principal. Valid principals are CertificateArn
+    -- (arn:aws:iot:/region/:/accountId/:cert\//certificateId/), thingGroupArn
+    -- (arn:aws:iot:/region/:/accountId/:thinggroup\//groupName/) and CognitoId
+    -- (/region/:/id/).
+    principal :: Prelude.Maybe Prelude.Text,
+    -- | The thing name.
+    thingName :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetEffectivePolicies' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'cognitoIdentityPoolId', 'getEffectivePolicies_cognitoIdentityPoolId' - The Cognito identity pool ID.
+--
+-- 'principal', 'getEffectivePolicies_principal' - The principal. Valid principals are CertificateArn
+-- (arn:aws:iot:/region/:/accountId/:cert\//certificateId/), thingGroupArn
+-- (arn:aws:iot:/region/:/accountId/:thinggroup\//groupName/) and CognitoId
+-- (/region/:/id/).
+--
+-- 'thingName', 'getEffectivePolicies_thingName' - The thing name.
+newGetEffectivePolicies ::
+  GetEffectivePolicies
+newGetEffectivePolicies =
+  GetEffectivePolicies'
+    { cognitoIdentityPoolId =
+        Prelude.Nothing,
+      principal = Prelude.Nothing,
+      thingName = Prelude.Nothing
+    }
+
+-- | The Cognito identity pool ID.
+getEffectivePolicies_cognitoIdentityPoolId :: Lens.Lens' GetEffectivePolicies (Prelude.Maybe Prelude.Text)
+getEffectivePolicies_cognitoIdentityPoolId = Lens.lens (\GetEffectivePolicies' {cognitoIdentityPoolId} -> cognitoIdentityPoolId) (\s@GetEffectivePolicies' {} a -> s {cognitoIdentityPoolId = a} :: GetEffectivePolicies)
+
+-- | The principal. Valid principals are CertificateArn
+-- (arn:aws:iot:/region/:/accountId/:cert\//certificateId/), thingGroupArn
+-- (arn:aws:iot:/region/:/accountId/:thinggroup\//groupName/) and CognitoId
+-- (/region/:/id/).
+getEffectivePolicies_principal :: Lens.Lens' GetEffectivePolicies (Prelude.Maybe Prelude.Text)
+getEffectivePolicies_principal = Lens.lens (\GetEffectivePolicies' {principal} -> principal) (\s@GetEffectivePolicies' {} a -> s {principal = a} :: GetEffectivePolicies)
+
+-- | The thing name.
+getEffectivePolicies_thingName :: Lens.Lens' GetEffectivePolicies (Prelude.Maybe Prelude.Text)
+getEffectivePolicies_thingName = Lens.lens (\GetEffectivePolicies' {thingName} -> thingName) (\s@GetEffectivePolicies' {} a -> s {thingName = a} :: GetEffectivePolicies)
+
+instance Core.AWSRequest GetEffectivePolicies where
+  type
+    AWSResponse GetEffectivePolicies =
+      GetEffectivePoliciesResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetEffectivePoliciesResponse'
+            Prelude.<$> ( x
+                            Data..?> "effectivePolicies"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable GetEffectivePolicies where
+  hashWithSalt _salt GetEffectivePolicies' {..} =
+    _salt
+      `Prelude.hashWithSalt` cognitoIdentityPoolId
+      `Prelude.hashWithSalt` principal
+      `Prelude.hashWithSalt` thingName
+
+instance Prelude.NFData GetEffectivePolicies where
+  rnf GetEffectivePolicies' {..} =
+    Prelude.rnf cognitoIdentityPoolId
+      `Prelude.seq` Prelude.rnf principal
+      `Prelude.seq` Prelude.rnf thingName
+
+instance Data.ToHeaders GetEffectivePolicies where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON GetEffectivePolicies where
+  toJSON GetEffectivePolicies' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("cognitoIdentityPoolId" Data..=)
+              Prelude.<$> cognitoIdentityPoolId,
+            ("principal" Data..=) Prelude.<$> principal
+          ]
+      )
+
+instance Data.ToPath GetEffectivePolicies where
+  toPath = Prelude.const "/effective-policies"
+
+instance Data.ToQuery GetEffectivePolicies where
+  toQuery GetEffectivePolicies' {..} =
+    Prelude.mconcat ["thingName" Data.=: thingName]
+
+-- | /See:/ 'newGetEffectivePoliciesResponse' smart constructor.
+data GetEffectivePoliciesResponse = GetEffectivePoliciesResponse'
+  { -- | The effective policies.
+    effectivePolicies :: Prelude.Maybe [EffectivePolicy],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetEffectivePoliciesResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'effectivePolicies', 'getEffectivePoliciesResponse_effectivePolicies' - The effective policies.
+--
+-- 'httpStatus', 'getEffectivePoliciesResponse_httpStatus' - The response's http status code.
+newGetEffectivePoliciesResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  GetEffectivePoliciesResponse
+newGetEffectivePoliciesResponse pHttpStatus_ =
+  GetEffectivePoliciesResponse'
+    { effectivePolicies =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The effective policies.
+getEffectivePoliciesResponse_effectivePolicies :: Lens.Lens' GetEffectivePoliciesResponse (Prelude.Maybe [EffectivePolicy])
+getEffectivePoliciesResponse_effectivePolicies = Lens.lens (\GetEffectivePoliciesResponse' {effectivePolicies} -> effectivePolicies) (\s@GetEffectivePoliciesResponse' {} a -> s {effectivePolicies = a} :: GetEffectivePoliciesResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+getEffectivePoliciesResponse_httpStatus :: Lens.Lens' GetEffectivePoliciesResponse Prelude.Int
+getEffectivePoliciesResponse_httpStatus = Lens.lens (\GetEffectivePoliciesResponse' {httpStatus} -> httpStatus) (\s@GetEffectivePoliciesResponse' {} a -> s {httpStatus = a} :: GetEffectivePoliciesResponse)
+
+instance Prelude.NFData GetEffectivePoliciesResponse where
+  rnf GetEffectivePoliciesResponse' {..} =
+    Prelude.rnf effectivePolicies
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/GetIndexingConfiguration.hs b/gen/Amazonka/IoT/GetIndexingConfiguration.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/GetIndexingConfiguration.hs
@@ -0,0 +1,154 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.GetIndexingConfiguration
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets the indexing configuration.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions GetIndexingConfiguration>
+-- action.
+module Amazonka.IoT.GetIndexingConfiguration
+  ( -- * Creating a Request
+    GetIndexingConfiguration (..),
+    newGetIndexingConfiguration,
+
+    -- * Destructuring the Response
+    GetIndexingConfigurationResponse (..),
+    newGetIndexingConfigurationResponse,
+
+    -- * Response Lenses
+    getIndexingConfigurationResponse_thingGroupIndexingConfiguration,
+    getIndexingConfigurationResponse_thingIndexingConfiguration,
+    getIndexingConfigurationResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newGetIndexingConfiguration' smart constructor.
+data GetIndexingConfiguration = GetIndexingConfiguration'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetIndexingConfiguration' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newGetIndexingConfiguration ::
+  GetIndexingConfiguration
+newGetIndexingConfiguration =
+  GetIndexingConfiguration'
+
+instance Core.AWSRequest GetIndexingConfiguration where
+  type
+    AWSResponse GetIndexingConfiguration =
+      GetIndexingConfigurationResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetIndexingConfigurationResponse'
+            Prelude.<$> (x Data..?> "thingGroupIndexingConfiguration")
+            Prelude.<*> (x Data..?> "thingIndexingConfiguration")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable GetIndexingConfiguration where
+  hashWithSalt _salt _ =
+    _salt `Prelude.hashWithSalt` ()
+
+instance Prelude.NFData GetIndexingConfiguration where
+  rnf _ = ()
+
+instance Data.ToHeaders GetIndexingConfiguration where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath GetIndexingConfiguration where
+  toPath = Prelude.const "/indexing/config"
+
+instance Data.ToQuery GetIndexingConfiguration where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newGetIndexingConfigurationResponse' smart constructor.
+data GetIndexingConfigurationResponse = GetIndexingConfigurationResponse'
+  { -- | The index configuration.
+    thingGroupIndexingConfiguration :: Prelude.Maybe ThingGroupIndexingConfiguration,
+    -- | Thing indexing configuration.
+    thingIndexingConfiguration :: Prelude.Maybe ThingIndexingConfiguration,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetIndexingConfigurationResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'thingGroupIndexingConfiguration', 'getIndexingConfigurationResponse_thingGroupIndexingConfiguration' - The index configuration.
+--
+-- 'thingIndexingConfiguration', 'getIndexingConfigurationResponse_thingIndexingConfiguration' - Thing indexing configuration.
+--
+-- 'httpStatus', 'getIndexingConfigurationResponse_httpStatus' - The response's http status code.
+newGetIndexingConfigurationResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  GetIndexingConfigurationResponse
+newGetIndexingConfigurationResponse pHttpStatus_ =
+  GetIndexingConfigurationResponse'
+    { thingGroupIndexingConfiguration =
+        Prelude.Nothing,
+      thingIndexingConfiguration =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The index configuration.
+getIndexingConfigurationResponse_thingGroupIndexingConfiguration :: Lens.Lens' GetIndexingConfigurationResponse (Prelude.Maybe ThingGroupIndexingConfiguration)
+getIndexingConfigurationResponse_thingGroupIndexingConfiguration = Lens.lens (\GetIndexingConfigurationResponse' {thingGroupIndexingConfiguration} -> thingGroupIndexingConfiguration) (\s@GetIndexingConfigurationResponse' {} a -> s {thingGroupIndexingConfiguration = a} :: GetIndexingConfigurationResponse)
+
+-- | Thing indexing configuration.
+getIndexingConfigurationResponse_thingIndexingConfiguration :: Lens.Lens' GetIndexingConfigurationResponse (Prelude.Maybe ThingIndexingConfiguration)
+getIndexingConfigurationResponse_thingIndexingConfiguration = Lens.lens (\GetIndexingConfigurationResponse' {thingIndexingConfiguration} -> thingIndexingConfiguration) (\s@GetIndexingConfigurationResponse' {} a -> s {thingIndexingConfiguration = a} :: GetIndexingConfigurationResponse)
+
+-- | The response's http status code.
+getIndexingConfigurationResponse_httpStatus :: Lens.Lens' GetIndexingConfigurationResponse Prelude.Int
+getIndexingConfigurationResponse_httpStatus = Lens.lens (\GetIndexingConfigurationResponse' {httpStatus} -> httpStatus) (\s@GetIndexingConfigurationResponse' {} a -> s {httpStatus = a} :: GetIndexingConfigurationResponse)
+
+instance
+  Prelude.NFData
+    GetIndexingConfigurationResponse
+  where
+  rnf GetIndexingConfigurationResponse' {..} =
+    Prelude.rnf thingGroupIndexingConfiguration
+      `Prelude.seq` Prelude.rnf thingIndexingConfiguration
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/GetJobDocument.hs b/gen/Amazonka/IoT/GetJobDocument.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/GetJobDocument.hs
@@ -0,0 +1,154 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.GetJobDocument
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets a job document.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions GetJobDocument>
+-- action.
+module Amazonka.IoT.GetJobDocument
+  ( -- * Creating a Request
+    GetJobDocument (..),
+    newGetJobDocument,
+
+    -- * Request Lenses
+    getJobDocument_jobId,
+
+    -- * Destructuring the Response
+    GetJobDocumentResponse (..),
+    newGetJobDocumentResponse,
+
+    -- * Response Lenses
+    getJobDocumentResponse_document,
+    getJobDocumentResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newGetJobDocument' smart constructor.
+data GetJobDocument = GetJobDocument'
+  { -- | The unique identifier you assigned to this job when it was created.
+    jobId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetJobDocument' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'jobId', 'getJobDocument_jobId' - The unique identifier you assigned to this job when it was created.
+newGetJobDocument ::
+  -- | 'jobId'
+  Prelude.Text ->
+  GetJobDocument
+newGetJobDocument pJobId_ =
+  GetJobDocument' {jobId = pJobId_}
+
+-- | The unique identifier you assigned to this job when it was created.
+getJobDocument_jobId :: Lens.Lens' GetJobDocument Prelude.Text
+getJobDocument_jobId = Lens.lens (\GetJobDocument' {jobId} -> jobId) (\s@GetJobDocument' {} a -> s {jobId = a} :: GetJobDocument)
+
+instance Core.AWSRequest GetJobDocument where
+  type
+    AWSResponse GetJobDocument =
+      GetJobDocumentResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetJobDocumentResponse'
+            Prelude.<$> (x Data..?> "document")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable GetJobDocument where
+  hashWithSalt _salt GetJobDocument' {..} =
+    _salt `Prelude.hashWithSalt` jobId
+
+instance Prelude.NFData GetJobDocument where
+  rnf GetJobDocument' {..} = Prelude.rnf jobId
+
+instance Data.ToHeaders GetJobDocument where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath GetJobDocument where
+  toPath GetJobDocument' {..} =
+    Prelude.mconcat
+      ["/jobs/", Data.toBS jobId, "/job-document"]
+
+instance Data.ToQuery GetJobDocument where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newGetJobDocumentResponse' smart constructor.
+data GetJobDocumentResponse = GetJobDocumentResponse'
+  { -- | The job document content.
+    document :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetJobDocumentResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'document', 'getJobDocumentResponse_document' - The job document content.
+--
+-- 'httpStatus', 'getJobDocumentResponse_httpStatus' - The response's http status code.
+newGetJobDocumentResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  GetJobDocumentResponse
+newGetJobDocumentResponse pHttpStatus_ =
+  GetJobDocumentResponse'
+    { document = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The job document content.
+getJobDocumentResponse_document :: Lens.Lens' GetJobDocumentResponse (Prelude.Maybe Prelude.Text)
+getJobDocumentResponse_document = Lens.lens (\GetJobDocumentResponse' {document} -> document) (\s@GetJobDocumentResponse' {} a -> s {document = a} :: GetJobDocumentResponse)
+
+-- | The response's http status code.
+getJobDocumentResponse_httpStatus :: Lens.Lens' GetJobDocumentResponse Prelude.Int
+getJobDocumentResponse_httpStatus = Lens.lens (\GetJobDocumentResponse' {httpStatus} -> httpStatus) (\s@GetJobDocumentResponse' {} a -> s {httpStatus = a} :: GetJobDocumentResponse)
+
+instance Prelude.NFData GetJobDocumentResponse where
+  rnf GetJobDocumentResponse' {..} =
+    Prelude.rnf document
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/GetLoggingOptions.hs b/gen/Amazonka/IoT/GetLoggingOptions.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/GetLoggingOptions.hs
@@ -0,0 +1,156 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.GetLoggingOptions
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets the logging options.
+--
+-- NOTE: use of this command is not recommended. Use @GetV2LoggingOptions@
+-- instead.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions GetLoggingOptions>
+-- action.
+module Amazonka.IoT.GetLoggingOptions
+  ( -- * Creating a Request
+    GetLoggingOptions (..),
+    newGetLoggingOptions,
+
+    -- * Destructuring the Response
+    GetLoggingOptionsResponse (..),
+    newGetLoggingOptionsResponse,
+
+    -- * Response Lenses
+    getLoggingOptionsResponse_logLevel,
+    getLoggingOptionsResponse_roleArn,
+    getLoggingOptionsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the GetLoggingOptions operation.
+--
+-- /See:/ 'newGetLoggingOptions' smart constructor.
+data GetLoggingOptions = GetLoggingOptions'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetLoggingOptions' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newGetLoggingOptions ::
+  GetLoggingOptions
+newGetLoggingOptions = GetLoggingOptions'
+
+instance Core.AWSRequest GetLoggingOptions where
+  type
+    AWSResponse GetLoggingOptions =
+      GetLoggingOptionsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetLoggingOptionsResponse'
+            Prelude.<$> (x Data..?> "logLevel")
+            Prelude.<*> (x Data..?> "roleArn")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable GetLoggingOptions where
+  hashWithSalt _salt _ =
+    _salt `Prelude.hashWithSalt` ()
+
+instance Prelude.NFData GetLoggingOptions where
+  rnf _ = ()
+
+instance Data.ToHeaders GetLoggingOptions where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath GetLoggingOptions where
+  toPath = Prelude.const "/loggingOptions"
+
+instance Data.ToQuery GetLoggingOptions where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | The output from the GetLoggingOptions operation.
+--
+-- /See:/ 'newGetLoggingOptionsResponse' smart constructor.
+data GetLoggingOptionsResponse = GetLoggingOptionsResponse'
+  { -- | The logging level.
+    logLevel :: Prelude.Maybe LogLevel,
+    -- | The ARN of the IAM role that grants access.
+    roleArn :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetLoggingOptionsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'logLevel', 'getLoggingOptionsResponse_logLevel' - The logging level.
+--
+-- 'roleArn', 'getLoggingOptionsResponse_roleArn' - The ARN of the IAM role that grants access.
+--
+-- 'httpStatus', 'getLoggingOptionsResponse_httpStatus' - The response's http status code.
+newGetLoggingOptionsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  GetLoggingOptionsResponse
+newGetLoggingOptionsResponse pHttpStatus_ =
+  GetLoggingOptionsResponse'
+    { logLevel =
+        Prelude.Nothing,
+      roleArn = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The logging level.
+getLoggingOptionsResponse_logLevel :: Lens.Lens' GetLoggingOptionsResponse (Prelude.Maybe LogLevel)
+getLoggingOptionsResponse_logLevel = Lens.lens (\GetLoggingOptionsResponse' {logLevel} -> logLevel) (\s@GetLoggingOptionsResponse' {} a -> s {logLevel = a} :: GetLoggingOptionsResponse)
+
+-- | The ARN of the IAM role that grants access.
+getLoggingOptionsResponse_roleArn :: Lens.Lens' GetLoggingOptionsResponse (Prelude.Maybe Prelude.Text)
+getLoggingOptionsResponse_roleArn = Lens.lens (\GetLoggingOptionsResponse' {roleArn} -> roleArn) (\s@GetLoggingOptionsResponse' {} a -> s {roleArn = a} :: GetLoggingOptionsResponse)
+
+-- | The response's http status code.
+getLoggingOptionsResponse_httpStatus :: Lens.Lens' GetLoggingOptionsResponse Prelude.Int
+getLoggingOptionsResponse_httpStatus = Lens.lens (\GetLoggingOptionsResponse' {httpStatus} -> httpStatus) (\s@GetLoggingOptionsResponse' {} a -> s {httpStatus = a} :: GetLoggingOptionsResponse)
+
+instance Prelude.NFData GetLoggingOptionsResponse where
+  rnf GetLoggingOptionsResponse' {..} =
+    Prelude.rnf logLevel
+      `Prelude.seq` Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/GetOTAUpdate.hs b/gen/Amazonka/IoT/GetOTAUpdate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/GetOTAUpdate.hs
@@ -0,0 +1,153 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.GetOTAUpdate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets an OTA update.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions GetOTAUpdate>
+-- action.
+module Amazonka.IoT.GetOTAUpdate
+  ( -- * Creating a Request
+    GetOTAUpdate (..),
+    newGetOTAUpdate,
+
+    -- * Request Lenses
+    getOTAUpdate_otaUpdateId,
+
+    -- * Destructuring the Response
+    GetOTAUpdateResponse (..),
+    newGetOTAUpdateResponse,
+
+    -- * Response Lenses
+    getOTAUpdateResponse_otaUpdateInfo,
+    getOTAUpdateResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newGetOTAUpdate' smart constructor.
+data GetOTAUpdate = GetOTAUpdate'
+  { -- | The OTA update ID.
+    otaUpdateId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetOTAUpdate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'otaUpdateId', 'getOTAUpdate_otaUpdateId' - The OTA update ID.
+newGetOTAUpdate ::
+  -- | 'otaUpdateId'
+  Prelude.Text ->
+  GetOTAUpdate
+newGetOTAUpdate pOtaUpdateId_ =
+  GetOTAUpdate' {otaUpdateId = pOtaUpdateId_}
+
+-- | The OTA update ID.
+getOTAUpdate_otaUpdateId :: Lens.Lens' GetOTAUpdate Prelude.Text
+getOTAUpdate_otaUpdateId = Lens.lens (\GetOTAUpdate' {otaUpdateId} -> otaUpdateId) (\s@GetOTAUpdate' {} a -> s {otaUpdateId = a} :: GetOTAUpdate)
+
+instance Core.AWSRequest GetOTAUpdate where
+  type AWSResponse GetOTAUpdate = GetOTAUpdateResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetOTAUpdateResponse'
+            Prelude.<$> (x Data..?> "otaUpdateInfo")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable GetOTAUpdate where
+  hashWithSalt _salt GetOTAUpdate' {..} =
+    _salt `Prelude.hashWithSalt` otaUpdateId
+
+instance Prelude.NFData GetOTAUpdate where
+  rnf GetOTAUpdate' {..} = Prelude.rnf otaUpdateId
+
+instance Data.ToHeaders GetOTAUpdate where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath GetOTAUpdate where
+  toPath GetOTAUpdate' {..} =
+    Prelude.mconcat
+      ["/otaUpdates/", Data.toBS otaUpdateId]
+
+instance Data.ToQuery GetOTAUpdate where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newGetOTAUpdateResponse' smart constructor.
+data GetOTAUpdateResponse = GetOTAUpdateResponse'
+  { -- | The OTA update info.
+    otaUpdateInfo :: Prelude.Maybe OTAUpdateInfo,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetOTAUpdateResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'otaUpdateInfo', 'getOTAUpdateResponse_otaUpdateInfo' - The OTA update info.
+--
+-- 'httpStatus', 'getOTAUpdateResponse_httpStatus' - The response's http status code.
+newGetOTAUpdateResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  GetOTAUpdateResponse
+newGetOTAUpdateResponse pHttpStatus_ =
+  GetOTAUpdateResponse'
+    { otaUpdateInfo =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The OTA update info.
+getOTAUpdateResponse_otaUpdateInfo :: Lens.Lens' GetOTAUpdateResponse (Prelude.Maybe OTAUpdateInfo)
+getOTAUpdateResponse_otaUpdateInfo = Lens.lens (\GetOTAUpdateResponse' {otaUpdateInfo} -> otaUpdateInfo) (\s@GetOTAUpdateResponse' {} a -> s {otaUpdateInfo = a} :: GetOTAUpdateResponse)
+
+-- | The response's http status code.
+getOTAUpdateResponse_httpStatus :: Lens.Lens' GetOTAUpdateResponse Prelude.Int
+getOTAUpdateResponse_httpStatus = Lens.lens (\GetOTAUpdateResponse' {httpStatus} -> httpStatus) (\s@GetOTAUpdateResponse' {} a -> s {httpStatus = a} :: GetOTAUpdateResponse)
+
+instance Prelude.NFData GetOTAUpdateResponse where
+  rnf GetOTAUpdateResponse' {..} =
+    Prelude.rnf otaUpdateInfo
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/GetPercentiles.hs b/gen/Amazonka/IoT/GetPercentiles.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/GetPercentiles.hs
@@ -0,0 +1,228 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.GetPercentiles
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Groups the aggregated values that match the query into percentile
+-- groupings. The default percentile groupings are: 1,5,25,50,75,95,99,
+-- although you can specify your own when you call @GetPercentiles@. This
+-- function returns a value for each percentile group specified (or the
+-- default percentile groupings). The percentile group \"1\" contains the
+-- aggregated field value that occurs in approximately one percent of the
+-- values that match the query. The percentile group \"5\" contains the
+-- aggregated field value that occurs in approximately five percent of the
+-- values that match the query, and so on. The result is an approximation,
+-- the more values that match the query, the more accurate the percentile
+-- values.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions GetPercentiles>
+-- action.
+module Amazonka.IoT.GetPercentiles
+  ( -- * Creating a Request
+    GetPercentiles (..),
+    newGetPercentiles,
+
+    -- * Request Lenses
+    getPercentiles_aggregationField,
+    getPercentiles_indexName,
+    getPercentiles_percents,
+    getPercentiles_queryVersion,
+    getPercentiles_queryString,
+
+    -- * Destructuring the Response
+    GetPercentilesResponse (..),
+    newGetPercentilesResponse,
+
+    -- * Response Lenses
+    getPercentilesResponse_percentiles,
+    getPercentilesResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newGetPercentiles' smart constructor.
+data GetPercentiles = GetPercentiles'
+  { -- | The field to aggregate.
+    aggregationField :: Prelude.Maybe Prelude.Text,
+    -- | The name of the index to search.
+    indexName :: Prelude.Maybe Prelude.Text,
+    -- | The percentile groups returned.
+    percents :: Prelude.Maybe [Prelude.Double],
+    -- | The query version.
+    queryVersion :: Prelude.Maybe Prelude.Text,
+    -- | The search query string.
+    queryString :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetPercentiles' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'aggregationField', 'getPercentiles_aggregationField' - The field to aggregate.
+--
+-- 'indexName', 'getPercentiles_indexName' - The name of the index to search.
+--
+-- 'percents', 'getPercentiles_percents' - The percentile groups returned.
+--
+-- 'queryVersion', 'getPercentiles_queryVersion' - The query version.
+--
+-- 'queryString', 'getPercentiles_queryString' - The search query string.
+newGetPercentiles ::
+  -- | 'queryString'
+  Prelude.Text ->
+  GetPercentiles
+newGetPercentiles pQueryString_ =
+  GetPercentiles'
+    { aggregationField = Prelude.Nothing,
+      indexName = Prelude.Nothing,
+      percents = Prelude.Nothing,
+      queryVersion = Prelude.Nothing,
+      queryString = pQueryString_
+    }
+
+-- | The field to aggregate.
+getPercentiles_aggregationField :: Lens.Lens' GetPercentiles (Prelude.Maybe Prelude.Text)
+getPercentiles_aggregationField = Lens.lens (\GetPercentiles' {aggregationField} -> aggregationField) (\s@GetPercentiles' {} a -> s {aggregationField = a} :: GetPercentiles)
+
+-- | The name of the index to search.
+getPercentiles_indexName :: Lens.Lens' GetPercentiles (Prelude.Maybe Prelude.Text)
+getPercentiles_indexName = Lens.lens (\GetPercentiles' {indexName} -> indexName) (\s@GetPercentiles' {} a -> s {indexName = a} :: GetPercentiles)
+
+-- | The percentile groups returned.
+getPercentiles_percents :: Lens.Lens' GetPercentiles (Prelude.Maybe [Prelude.Double])
+getPercentiles_percents = Lens.lens (\GetPercentiles' {percents} -> percents) (\s@GetPercentiles' {} a -> s {percents = a} :: GetPercentiles) Prelude.. Lens.mapping Lens.coerced
+
+-- | The query version.
+getPercentiles_queryVersion :: Lens.Lens' GetPercentiles (Prelude.Maybe Prelude.Text)
+getPercentiles_queryVersion = Lens.lens (\GetPercentiles' {queryVersion} -> queryVersion) (\s@GetPercentiles' {} a -> s {queryVersion = a} :: GetPercentiles)
+
+-- | The search query string.
+getPercentiles_queryString :: Lens.Lens' GetPercentiles Prelude.Text
+getPercentiles_queryString = Lens.lens (\GetPercentiles' {queryString} -> queryString) (\s@GetPercentiles' {} a -> s {queryString = a} :: GetPercentiles)
+
+instance Core.AWSRequest GetPercentiles where
+  type
+    AWSResponse GetPercentiles =
+      GetPercentilesResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetPercentilesResponse'
+            Prelude.<$> (x Data..?> "percentiles" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable GetPercentiles where
+  hashWithSalt _salt GetPercentiles' {..} =
+    _salt
+      `Prelude.hashWithSalt` aggregationField
+      `Prelude.hashWithSalt` indexName
+      `Prelude.hashWithSalt` percents
+      `Prelude.hashWithSalt` queryVersion
+      `Prelude.hashWithSalt` queryString
+
+instance Prelude.NFData GetPercentiles where
+  rnf GetPercentiles' {..} =
+    Prelude.rnf aggregationField
+      `Prelude.seq` Prelude.rnf indexName
+      `Prelude.seq` Prelude.rnf percents
+      `Prelude.seq` Prelude.rnf queryVersion
+      `Prelude.seq` Prelude.rnf queryString
+
+instance Data.ToHeaders GetPercentiles where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON GetPercentiles where
+  toJSON GetPercentiles' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("aggregationField" Data..=)
+              Prelude.<$> aggregationField,
+            ("indexName" Data..=) Prelude.<$> indexName,
+            ("percents" Data..=) Prelude.<$> percents,
+            ("queryVersion" Data..=) Prelude.<$> queryVersion,
+            Prelude.Just ("queryString" Data..= queryString)
+          ]
+      )
+
+instance Data.ToPath GetPercentiles where
+  toPath = Prelude.const "/indices/percentiles"
+
+instance Data.ToQuery GetPercentiles where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newGetPercentilesResponse' smart constructor.
+data GetPercentilesResponse = GetPercentilesResponse'
+  { -- | The percentile values of the aggregated fields.
+    percentiles :: Prelude.Maybe [PercentPair],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetPercentilesResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'percentiles', 'getPercentilesResponse_percentiles' - The percentile values of the aggregated fields.
+--
+-- 'httpStatus', 'getPercentilesResponse_httpStatus' - The response's http status code.
+newGetPercentilesResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  GetPercentilesResponse
+newGetPercentilesResponse pHttpStatus_ =
+  GetPercentilesResponse'
+    { percentiles =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The percentile values of the aggregated fields.
+getPercentilesResponse_percentiles :: Lens.Lens' GetPercentilesResponse (Prelude.Maybe [PercentPair])
+getPercentilesResponse_percentiles = Lens.lens (\GetPercentilesResponse' {percentiles} -> percentiles) (\s@GetPercentilesResponse' {} a -> s {percentiles = a} :: GetPercentilesResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+getPercentilesResponse_httpStatus :: Lens.Lens' GetPercentilesResponse Prelude.Int
+getPercentilesResponse_httpStatus = Lens.lens (\GetPercentilesResponse' {httpStatus} -> httpStatus) (\s@GetPercentilesResponse' {} a -> s {httpStatus = a} :: GetPercentilesResponse)
+
+instance Prelude.NFData GetPercentilesResponse where
+  rnf GetPercentilesResponse' {..} =
+    Prelude.rnf percentiles
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/GetPolicy.hs b/gen/Amazonka/IoT/GetPolicy.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/GetPolicy.hs
@@ -0,0 +1,229 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.GetPolicy
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets information about the specified policy with the policy document of
+-- the default version.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions GetPolicy>
+-- action.
+module Amazonka.IoT.GetPolicy
+  ( -- * Creating a Request
+    GetPolicy (..),
+    newGetPolicy,
+
+    -- * Request Lenses
+    getPolicy_policyName,
+
+    -- * Destructuring the Response
+    GetPolicyResponse (..),
+    newGetPolicyResponse,
+
+    -- * Response Lenses
+    getPolicyResponse_creationDate,
+    getPolicyResponse_defaultVersionId,
+    getPolicyResponse_generationId,
+    getPolicyResponse_lastModifiedDate,
+    getPolicyResponse_policyArn,
+    getPolicyResponse_policyDocument,
+    getPolicyResponse_policyName,
+    getPolicyResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the GetPolicy operation.
+--
+-- /See:/ 'newGetPolicy' smart constructor.
+data GetPolicy = GetPolicy'
+  { -- | The name of the policy.
+    policyName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetPolicy' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'policyName', 'getPolicy_policyName' - The name of the policy.
+newGetPolicy ::
+  -- | 'policyName'
+  Prelude.Text ->
+  GetPolicy
+newGetPolicy pPolicyName_ =
+  GetPolicy' {policyName = pPolicyName_}
+
+-- | The name of the policy.
+getPolicy_policyName :: Lens.Lens' GetPolicy Prelude.Text
+getPolicy_policyName = Lens.lens (\GetPolicy' {policyName} -> policyName) (\s@GetPolicy' {} a -> s {policyName = a} :: GetPolicy)
+
+instance Core.AWSRequest GetPolicy where
+  type AWSResponse GetPolicy = GetPolicyResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetPolicyResponse'
+            Prelude.<$> (x Data..?> "creationDate")
+            Prelude.<*> (x Data..?> "defaultVersionId")
+            Prelude.<*> (x Data..?> "generationId")
+            Prelude.<*> (x Data..?> "lastModifiedDate")
+            Prelude.<*> (x Data..?> "policyArn")
+            Prelude.<*> (x Data..?> "policyDocument")
+            Prelude.<*> (x Data..?> "policyName")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable GetPolicy where
+  hashWithSalt _salt GetPolicy' {..} =
+    _salt `Prelude.hashWithSalt` policyName
+
+instance Prelude.NFData GetPolicy where
+  rnf GetPolicy' {..} = Prelude.rnf policyName
+
+instance Data.ToHeaders GetPolicy where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath GetPolicy where
+  toPath GetPolicy' {..} =
+    Prelude.mconcat
+      ["/policies/", Data.toBS policyName]
+
+instance Data.ToQuery GetPolicy where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | The output from the GetPolicy operation.
+--
+-- /See:/ 'newGetPolicyResponse' smart constructor.
+data GetPolicyResponse = GetPolicyResponse'
+  { -- | The date the policy was created.
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | The default policy version ID.
+    defaultVersionId :: Prelude.Maybe Prelude.Text,
+    -- | The generation ID of the policy.
+    generationId :: Prelude.Maybe Prelude.Text,
+    -- | The date the policy was last modified.
+    lastModifiedDate :: Prelude.Maybe Data.POSIX,
+    -- | The policy ARN.
+    policyArn :: Prelude.Maybe Prelude.Text,
+    -- | The JSON document that describes the policy.
+    policyDocument :: Prelude.Maybe Prelude.Text,
+    -- | The policy name.
+    policyName :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetPolicyResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'creationDate', 'getPolicyResponse_creationDate' - The date the policy was created.
+--
+-- 'defaultVersionId', 'getPolicyResponse_defaultVersionId' - The default policy version ID.
+--
+-- 'generationId', 'getPolicyResponse_generationId' - The generation ID of the policy.
+--
+-- 'lastModifiedDate', 'getPolicyResponse_lastModifiedDate' - The date the policy was last modified.
+--
+-- 'policyArn', 'getPolicyResponse_policyArn' - The policy ARN.
+--
+-- 'policyDocument', 'getPolicyResponse_policyDocument' - The JSON document that describes the policy.
+--
+-- 'policyName', 'getPolicyResponse_policyName' - The policy name.
+--
+-- 'httpStatus', 'getPolicyResponse_httpStatus' - The response's http status code.
+newGetPolicyResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  GetPolicyResponse
+newGetPolicyResponse pHttpStatus_ =
+  GetPolicyResponse'
+    { creationDate = Prelude.Nothing,
+      defaultVersionId = Prelude.Nothing,
+      generationId = Prelude.Nothing,
+      lastModifiedDate = Prelude.Nothing,
+      policyArn = Prelude.Nothing,
+      policyDocument = Prelude.Nothing,
+      policyName = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The date the policy was created.
+getPolicyResponse_creationDate :: Lens.Lens' GetPolicyResponse (Prelude.Maybe Prelude.UTCTime)
+getPolicyResponse_creationDate = Lens.lens (\GetPolicyResponse' {creationDate} -> creationDate) (\s@GetPolicyResponse' {} a -> s {creationDate = a} :: GetPolicyResponse) Prelude.. Lens.mapping Data._Time
+
+-- | The default policy version ID.
+getPolicyResponse_defaultVersionId :: Lens.Lens' GetPolicyResponse (Prelude.Maybe Prelude.Text)
+getPolicyResponse_defaultVersionId = Lens.lens (\GetPolicyResponse' {defaultVersionId} -> defaultVersionId) (\s@GetPolicyResponse' {} a -> s {defaultVersionId = a} :: GetPolicyResponse)
+
+-- | The generation ID of the policy.
+getPolicyResponse_generationId :: Lens.Lens' GetPolicyResponse (Prelude.Maybe Prelude.Text)
+getPolicyResponse_generationId = Lens.lens (\GetPolicyResponse' {generationId} -> generationId) (\s@GetPolicyResponse' {} a -> s {generationId = a} :: GetPolicyResponse)
+
+-- | The date the policy was last modified.
+getPolicyResponse_lastModifiedDate :: Lens.Lens' GetPolicyResponse (Prelude.Maybe Prelude.UTCTime)
+getPolicyResponse_lastModifiedDate = Lens.lens (\GetPolicyResponse' {lastModifiedDate} -> lastModifiedDate) (\s@GetPolicyResponse' {} a -> s {lastModifiedDate = a} :: GetPolicyResponse) Prelude.. Lens.mapping Data._Time
+
+-- | The policy ARN.
+getPolicyResponse_policyArn :: Lens.Lens' GetPolicyResponse (Prelude.Maybe Prelude.Text)
+getPolicyResponse_policyArn = Lens.lens (\GetPolicyResponse' {policyArn} -> policyArn) (\s@GetPolicyResponse' {} a -> s {policyArn = a} :: GetPolicyResponse)
+
+-- | The JSON document that describes the policy.
+getPolicyResponse_policyDocument :: Lens.Lens' GetPolicyResponse (Prelude.Maybe Prelude.Text)
+getPolicyResponse_policyDocument = Lens.lens (\GetPolicyResponse' {policyDocument} -> policyDocument) (\s@GetPolicyResponse' {} a -> s {policyDocument = a} :: GetPolicyResponse)
+
+-- | The policy name.
+getPolicyResponse_policyName :: Lens.Lens' GetPolicyResponse (Prelude.Maybe Prelude.Text)
+getPolicyResponse_policyName = Lens.lens (\GetPolicyResponse' {policyName} -> policyName) (\s@GetPolicyResponse' {} a -> s {policyName = a} :: GetPolicyResponse)
+
+-- | The response's http status code.
+getPolicyResponse_httpStatus :: Lens.Lens' GetPolicyResponse Prelude.Int
+getPolicyResponse_httpStatus = Lens.lens (\GetPolicyResponse' {httpStatus} -> httpStatus) (\s@GetPolicyResponse' {} a -> s {httpStatus = a} :: GetPolicyResponse)
+
+instance Prelude.NFData GetPolicyResponse where
+  rnf GetPolicyResponse' {..} =
+    Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf defaultVersionId
+      `Prelude.seq` Prelude.rnf generationId
+      `Prelude.seq` Prelude.rnf lastModifiedDate
+      `Prelude.seq` Prelude.rnf policyArn
+      `Prelude.seq` Prelude.rnf policyDocument
+      `Prelude.seq` Prelude.rnf policyName
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/GetPolicyVersion.hs b/gen/Amazonka/IoT/GetPolicyVersion.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/GetPolicyVersion.hs
@@ -0,0 +1,265 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.GetPolicyVersion
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets information about the specified policy version.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions GetPolicyVersion>
+-- action.
+module Amazonka.IoT.GetPolicyVersion
+  ( -- * Creating a Request
+    GetPolicyVersion (..),
+    newGetPolicyVersion,
+
+    -- * Request Lenses
+    getPolicyVersion_policyName,
+    getPolicyVersion_policyVersionId,
+
+    -- * Destructuring the Response
+    GetPolicyVersionResponse (..),
+    newGetPolicyVersionResponse,
+
+    -- * Response Lenses
+    getPolicyVersionResponse_creationDate,
+    getPolicyVersionResponse_generationId,
+    getPolicyVersionResponse_isDefaultVersion,
+    getPolicyVersionResponse_lastModifiedDate,
+    getPolicyVersionResponse_policyArn,
+    getPolicyVersionResponse_policyDocument,
+    getPolicyVersionResponse_policyName,
+    getPolicyVersionResponse_policyVersionId,
+    getPolicyVersionResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the GetPolicyVersion operation.
+--
+-- /See:/ 'newGetPolicyVersion' smart constructor.
+data GetPolicyVersion = GetPolicyVersion'
+  { -- | The name of the policy.
+    policyName :: Prelude.Text,
+    -- | The policy version ID.
+    policyVersionId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetPolicyVersion' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'policyName', 'getPolicyVersion_policyName' - The name of the policy.
+--
+-- 'policyVersionId', 'getPolicyVersion_policyVersionId' - The policy version ID.
+newGetPolicyVersion ::
+  -- | 'policyName'
+  Prelude.Text ->
+  -- | 'policyVersionId'
+  Prelude.Text ->
+  GetPolicyVersion
+newGetPolicyVersion pPolicyName_ pPolicyVersionId_ =
+  GetPolicyVersion'
+    { policyName = pPolicyName_,
+      policyVersionId = pPolicyVersionId_
+    }
+
+-- | The name of the policy.
+getPolicyVersion_policyName :: Lens.Lens' GetPolicyVersion Prelude.Text
+getPolicyVersion_policyName = Lens.lens (\GetPolicyVersion' {policyName} -> policyName) (\s@GetPolicyVersion' {} a -> s {policyName = a} :: GetPolicyVersion)
+
+-- | The policy version ID.
+getPolicyVersion_policyVersionId :: Lens.Lens' GetPolicyVersion Prelude.Text
+getPolicyVersion_policyVersionId = Lens.lens (\GetPolicyVersion' {policyVersionId} -> policyVersionId) (\s@GetPolicyVersion' {} a -> s {policyVersionId = a} :: GetPolicyVersion)
+
+instance Core.AWSRequest GetPolicyVersion where
+  type
+    AWSResponse GetPolicyVersion =
+      GetPolicyVersionResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetPolicyVersionResponse'
+            Prelude.<$> (x Data..?> "creationDate")
+            Prelude.<*> (x Data..?> "generationId")
+            Prelude.<*> (x Data..?> "isDefaultVersion")
+            Prelude.<*> (x Data..?> "lastModifiedDate")
+            Prelude.<*> (x Data..?> "policyArn")
+            Prelude.<*> (x Data..?> "policyDocument")
+            Prelude.<*> (x Data..?> "policyName")
+            Prelude.<*> (x Data..?> "policyVersionId")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable GetPolicyVersion where
+  hashWithSalt _salt GetPolicyVersion' {..} =
+    _salt
+      `Prelude.hashWithSalt` policyName
+      `Prelude.hashWithSalt` policyVersionId
+
+instance Prelude.NFData GetPolicyVersion where
+  rnf GetPolicyVersion' {..} =
+    Prelude.rnf policyName
+      `Prelude.seq` Prelude.rnf policyVersionId
+
+instance Data.ToHeaders GetPolicyVersion where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath GetPolicyVersion where
+  toPath GetPolicyVersion' {..} =
+    Prelude.mconcat
+      [ "/policies/",
+        Data.toBS policyName,
+        "/version/",
+        Data.toBS policyVersionId
+      ]
+
+instance Data.ToQuery GetPolicyVersion where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | The output from the GetPolicyVersion operation.
+--
+-- /See:/ 'newGetPolicyVersionResponse' smart constructor.
+data GetPolicyVersionResponse = GetPolicyVersionResponse'
+  { -- | The date the policy was created.
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | The generation ID of the policy version.
+    generationId :: Prelude.Maybe Prelude.Text,
+    -- | Specifies whether the policy version is the default.
+    isDefaultVersion :: Prelude.Maybe Prelude.Bool,
+    -- | The date the policy was last modified.
+    lastModifiedDate :: Prelude.Maybe Data.POSIX,
+    -- | The policy ARN.
+    policyArn :: Prelude.Maybe Prelude.Text,
+    -- | The JSON document that describes the policy.
+    policyDocument :: Prelude.Maybe Prelude.Text,
+    -- | The policy name.
+    policyName :: Prelude.Maybe Prelude.Text,
+    -- | The policy version ID.
+    policyVersionId :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetPolicyVersionResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'creationDate', 'getPolicyVersionResponse_creationDate' - The date the policy was created.
+--
+-- 'generationId', 'getPolicyVersionResponse_generationId' - The generation ID of the policy version.
+--
+-- 'isDefaultVersion', 'getPolicyVersionResponse_isDefaultVersion' - Specifies whether the policy version is the default.
+--
+-- 'lastModifiedDate', 'getPolicyVersionResponse_lastModifiedDate' - The date the policy was last modified.
+--
+-- 'policyArn', 'getPolicyVersionResponse_policyArn' - The policy ARN.
+--
+-- 'policyDocument', 'getPolicyVersionResponse_policyDocument' - The JSON document that describes the policy.
+--
+-- 'policyName', 'getPolicyVersionResponse_policyName' - The policy name.
+--
+-- 'policyVersionId', 'getPolicyVersionResponse_policyVersionId' - The policy version ID.
+--
+-- 'httpStatus', 'getPolicyVersionResponse_httpStatus' - The response's http status code.
+newGetPolicyVersionResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  GetPolicyVersionResponse
+newGetPolicyVersionResponse pHttpStatus_ =
+  GetPolicyVersionResponse'
+    { creationDate =
+        Prelude.Nothing,
+      generationId = Prelude.Nothing,
+      isDefaultVersion = Prelude.Nothing,
+      lastModifiedDate = Prelude.Nothing,
+      policyArn = Prelude.Nothing,
+      policyDocument = Prelude.Nothing,
+      policyName = Prelude.Nothing,
+      policyVersionId = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The date the policy was created.
+getPolicyVersionResponse_creationDate :: Lens.Lens' GetPolicyVersionResponse (Prelude.Maybe Prelude.UTCTime)
+getPolicyVersionResponse_creationDate = Lens.lens (\GetPolicyVersionResponse' {creationDate} -> creationDate) (\s@GetPolicyVersionResponse' {} a -> s {creationDate = a} :: GetPolicyVersionResponse) Prelude.. Lens.mapping Data._Time
+
+-- | The generation ID of the policy version.
+getPolicyVersionResponse_generationId :: Lens.Lens' GetPolicyVersionResponse (Prelude.Maybe Prelude.Text)
+getPolicyVersionResponse_generationId = Lens.lens (\GetPolicyVersionResponse' {generationId} -> generationId) (\s@GetPolicyVersionResponse' {} a -> s {generationId = a} :: GetPolicyVersionResponse)
+
+-- | Specifies whether the policy version is the default.
+getPolicyVersionResponse_isDefaultVersion :: Lens.Lens' GetPolicyVersionResponse (Prelude.Maybe Prelude.Bool)
+getPolicyVersionResponse_isDefaultVersion = Lens.lens (\GetPolicyVersionResponse' {isDefaultVersion} -> isDefaultVersion) (\s@GetPolicyVersionResponse' {} a -> s {isDefaultVersion = a} :: GetPolicyVersionResponse)
+
+-- | The date the policy was last modified.
+getPolicyVersionResponse_lastModifiedDate :: Lens.Lens' GetPolicyVersionResponse (Prelude.Maybe Prelude.UTCTime)
+getPolicyVersionResponse_lastModifiedDate = Lens.lens (\GetPolicyVersionResponse' {lastModifiedDate} -> lastModifiedDate) (\s@GetPolicyVersionResponse' {} a -> s {lastModifiedDate = a} :: GetPolicyVersionResponse) Prelude.. Lens.mapping Data._Time
+
+-- | The policy ARN.
+getPolicyVersionResponse_policyArn :: Lens.Lens' GetPolicyVersionResponse (Prelude.Maybe Prelude.Text)
+getPolicyVersionResponse_policyArn = Lens.lens (\GetPolicyVersionResponse' {policyArn} -> policyArn) (\s@GetPolicyVersionResponse' {} a -> s {policyArn = a} :: GetPolicyVersionResponse)
+
+-- | The JSON document that describes the policy.
+getPolicyVersionResponse_policyDocument :: Lens.Lens' GetPolicyVersionResponse (Prelude.Maybe Prelude.Text)
+getPolicyVersionResponse_policyDocument = Lens.lens (\GetPolicyVersionResponse' {policyDocument} -> policyDocument) (\s@GetPolicyVersionResponse' {} a -> s {policyDocument = a} :: GetPolicyVersionResponse)
+
+-- | The policy name.
+getPolicyVersionResponse_policyName :: Lens.Lens' GetPolicyVersionResponse (Prelude.Maybe Prelude.Text)
+getPolicyVersionResponse_policyName = Lens.lens (\GetPolicyVersionResponse' {policyName} -> policyName) (\s@GetPolicyVersionResponse' {} a -> s {policyName = a} :: GetPolicyVersionResponse)
+
+-- | The policy version ID.
+getPolicyVersionResponse_policyVersionId :: Lens.Lens' GetPolicyVersionResponse (Prelude.Maybe Prelude.Text)
+getPolicyVersionResponse_policyVersionId = Lens.lens (\GetPolicyVersionResponse' {policyVersionId} -> policyVersionId) (\s@GetPolicyVersionResponse' {} a -> s {policyVersionId = a} :: GetPolicyVersionResponse)
+
+-- | The response's http status code.
+getPolicyVersionResponse_httpStatus :: Lens.Lens' GetPolicyVersionResponse Prelude.Int
+getPolicyVersionResponse_httpStatus = Lens.lens (\GetPolicyVersionResponse' {httpStatus} -> httpStatus) (\s@GetPolicyVersionResponse' {} a -> s {httpStatus = a} :: GetPolicyVersionResponse)
+
+instance Prelude.NFData GetPolicyVersionResponse where
+  rnf GetPolicyVersionResponse' {..} =
+    Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf generationId
+      `Prelude.seq` Prelude.rnf isDefaultVersion
+      `Prelude.seq` Prelude.rnf lastModifiedDate
+      `Prelude.seq` Prelude.rnf policyArn
+      `Prelude.seq` Prelude.rnf policyDocument
+      `Prelude.seq` Prelude.rnf policyName
+      `Prelude.seq` Prelude.rnf policyVersionId
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/GetRegistrationCode.hs b/gen/Amazonka/IoT/GetRegistrationCode.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/GetRegistrationCode.hs
@@ -0,0 +1,141 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.GetRegistrationCode
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets a registration code used to register a CA certificate with IoT.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions GetRegistrationCode>
+-- action.
+module Amazonka.IoT.GetRegistrationCode
+  ( -- * Creating a Request
+    GetRegistrationCode (..),
+    newGetRegistrationCode,
+
+    -- * Destructuring the Response
+    GetRegistrationCodeResponse (..),
+    newGetRegistrationCodeResponse,
+
+    -- * Response Lenses
+    getRegistrationCodeResponse_registrationCode,
+    getRegistrationCodeResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input to the GetRegistrationCode operation.
+--
+-- /See:/ 'newGetRegistrationCode' smart constructor.
+data GetRegistrationCode = GetRegistrationCode'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetRegistrationCode' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newGetRegistrationCode ::
+  GetRegistrationCode
+newGetRegistrationCode = GetRegistrationCode'
+
+instance Core.AWSRequest GetRegistrationCode where
+  type
+    AWSResponse GetRegistrationCode =
+      GetRegistrationCodeResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetRegistrationCodeResponse'
+            Prelude.<$> (x Data..?> "registrationCode")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable GetRegistrationCode where
+  hashWithSalt _salt _ =
+    _salt `Prelude.hashWithSalt` ()
+
+instance Prelude.NFData GetRegistrationCode where
+  rnf _ = ()
+
+instance Data.ToHeaders GetRegistrationCode where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath GetRegistrationCode where
+  toPath = Prelude.const "/registrationcode"
+
+instance Data.ToQuery GetRegistrationCode where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | The output from the GetRegistrationCode operation.
+--
+-- /See:/ 'newGetRegistrationCodeResponse' smart constructor.
+data GetRegistrationCodeResponse = GetRegistrationCodeResponse'
+  { -- | The CA certificate registration code.
+    registrationCode :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetRegistrationCodeResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'registrationCode', 'getRegistrationCodeResponse_registrationCode' - The CA certificate registration code.
+--
+-- 'httpStatus', 'getRegistrationCodeResponse_httpStatus' - The response's http status code.
+newGetRegistrationCodeResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  GetRegistrationCodeResponse
+newGetRegistrationCodeResponse pHttpStatus_ =
+  GetRegistrationCodeResponse'
+    { registrationCode =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The CA certificate registration code.
+getRegistrationCodeResponse_registrationCode :: Lens.Lens' GetRegistrationCodeResponse (Prelude.Maybe Prelude.Text)
+getRegistrationCodeResponse_registrationCode = Lens.lens (\GetRegistrationCodeResponse' {registrationCode} -> registrationCode) (\s@GetRegistrationCodeResponse' {} a -> s {registrationCode = a} :: GetRegistrationCodeResponse)
+
+-- | The response's http status code.
+getRegistrationCodeResponse_httpStatus :: Lens.Lens' GetRegistrationCodeResponse Prelude.Int
+getRegistrationCodeResponse_httpStatus = Lens.lens (\GetRegistrationCodeResponse' {httpStatus} -> httpStatus) (\s@GetRegistrationCodeResponse' {} a -> s {httpStatus = a} :: GetRegistrationCodeResponse)
+
+instance Prelude.NFData GetRegistrationCodeResponse where
+  rnf GetRegistrationCodeResponse' {..} =
+    Prelude.rnf registrationCode
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/GetStatistics.hs b/gen/Amazonka/IoT/GetStatistics.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/GetStatistics.hs
@@ -0,0 +1,214 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.GetStatistics
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Returns the count, average, sum, minimum, maximum, sum of squares,
+-- variance, and standard deviation for the specified aggregated field. If
+-- the aggregation field is of type @String@, only the count statistic is
+-- returned.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions GetStatistics>
+-- action.
+module Amazonka.IoT.GetStatistics
+  ( -- * Creating a Request
+    GetStatistics (..),
+    newGetStatistics,
+
+    -- * Request Lenses
+    getStatistics_aggregationField,
+    getStatistics_indexName,
+    getStatistics_queryVersion,
+    getStatistics_queryString,
+
+    -- * Destructuring the Response
+    GetStatisticsResponse (..),
+    newGetStatisticsResponse,
+
+    -- * Response Lenses
+    getStatisticsResponse_statistics,
+    getStatisticsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newGetStatistics' smart constructor.
+data GetStatistics = GetStatistics'
+  { -- | The aggregation field name.
+    aggregationField :: Prelude.Maybe Prelude.Text,
+    -- | The name of the index to search. The default value is @AWS_Things@.
+    indexName :: Prelude.Maybe Prelude.Text,
+    -- | The version of the query used to search.
+    queryVersion :: Prelude.Maybe Prelude.Text,
+    -- | The query used to search. You can specify \"*\" for the query string to
+    -- get the count of all indexed things in your Amazon Web Services account.
+    queryString :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetStatistics' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'aggregationField', 'getStatistics_aggregationField' - The aggregation field name.
+--
+-- 'indexName', 'getStatistics_indexName' - The name of the index to search. The default value is @AWS_Things@.
+--
+-- 'queryVersion', 'getStatistics_queryVersion' - The version of the query used to search.
+--
+-- 'queryString', 'getStatistics_queryString' - The query used to search. You can specify \"*\" for the query string to
+-- get the count of all indexed things in your Amazon Web Services account.
+newGetStatistics ::
+  -- | 'queryString'
+  Prelude.Text ->
+  GetStatistics
+newGetStatistics pQueryString_ =
+  GetStatistics'
+    { aggregationField = Prelude.Nothing,
+      indexName = Prelude.Nothing,
+      queryVersion = Prelude.Nothing,
+      queryString = pQueryString_
+    }
+
+-- | The aggregation field name.
+getStatistics_aggregationField :: Lens.Lens' GetStatistics (Prelude.Maybe Prelude.Text)
+getStatistics_aggregationField = Lens.lens (\GetStatistics' {aggregationField} -> aggregationField) (\s@GetStatistics' {} a -> s {aggregationField = a} :: GetStatistics)
+
+-- | The name of the index to search. The default value is @AWS_Things@.
+getStatistics_indexName :: Lens.Lens' GetStatistics (Prelude.Maybe Prelude.Text)
+getStatistics_indexName = Lens.lens (\GetStatistics' {indexName} -> indexName) (\s@GetStatistics' {} a -> s {indexName = a} :: GetStatistics)
+
+-- | The version of the query used to search.
+getStatistics_queryVersion :: Lens.Lens' GetStatistics (Prelude.Maybe Prelude.Text)
+getStatistics_queryVersion = Lens.lens (\GetStatistics' {queryVersion} -> queryVersion) (\s@GetStatistics' {} a -> s {queryVersion = a} :: GetStatistics)
+
+-- | The query used to search. You can specify \"*\" for the query string to
+-- get the count of all indexed things in your Amazon Web Services account.
+getStatistics_queryString :: Lens.Lens' GetStatistics Prelude.Text
+getStatistics_queryString = Lens.lens (\GetStatistics' {queryString} -> queryString) (\s@GetStatistics' {} a -> s {queryString = a} :: GetStatistics)
+
+instance Core.AWSRequest GetStatistics where
+  type
+    AWSResponse GetStatistics =
+      GetStatisticsResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetStatisticsResponse'
+            Prelude.<$> (x Data..?> "statistics")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable GetStatistics where
+  hashWithSalt _salt GetStatistics' {..} =
+    _salt
+      `Prelude.hashWithSalt` aggregationField
+      `Prelude.hashWithSalt` indexName
+      `Prelude.hashWithSalt` queryVersion
+      `Prelude.hashWithSalt` queryString
+
+instance Prelude.NFData GetStatistics where
+  rnf GetStatistics' {..} =
+    Prelude.rnf aggregationField
+      `Prelude.seq` Prelude.rnf indexName
+      `Prelude.seq` Prelude.rnf queryVersion
+      `Prelude.seq` Prelude.rnf queryString
+
+instance Data.ToHeaders GetStatistics where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON GetStatistics where
+  toJSON GetStatistics' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("aggregationField" Data..=)
+              Prelude.<$> aggregationField,
+            ("indexName" Data..=) Prelude.<$> indexName,
+            ("queryVersion" Data..=) Prelude.<$> queryVersion,
+            Prelude.Just ("queryString" Data..= queryString)
+          ]
+      )
+
+instance Data.ToPath GetStatistics where
+  toPath = Prelude.const "/indices/statistics"
+
+instance Data.ToQuery GetStatistics where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newGetStatisticsResponse' smart constructor.
+data GetStatisticsResponse = GetStatisticsResponse'
+  { -- | The statistics returned by the Fleet Indexing service based on the query
+    -- and aggregation field.
+    statistics :: Prelude.Maybe Statistics,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetStatisticsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'statistics', 'getStatisticsResponse_statistics' - The statistics returned by the Fleet Indexing service based on the query
+-- and aggregation field.
+--
+-- 'httpStatus', 'getStatisticsResponse_httpStatus' - The response's http status code.
+newGetStatisticsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  GetStatisticsResponse
+newGetStatisticsResponse pHttpStatus_ =
+  GetStatisticsResponse'
+    { statistics =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The statistics returned by the Fleet Indexing service based on the query
+-- and aggregation field.
+getStatisticsResponse_statistics :: Lens.Lens' GetStatisticsResponse (Prelude.Maybe Statistics)
+getStatisticsResponse_statistics = Lens.lens (\GetStatisticsResponse' {statistics} -> statistics) (\s@GetStatisticsResponse' {} a -> s {statistics = a} :: GetStatisticsResponse)
+
+-- | The response's http status code.
+getStatisticsResponse_httpStatus :: Lens.Lens' GetStatisticsResponse Prelude.Int
+getStatisticsResponse_httpStatus = Lens.lens (\GetStatisticsResponse' {httpStatus} -> httpStatus) (\s@GetStatisticsResponse' {} a -> s {httpStatus = a} :: GetStatisticsResponse)
+
+instance Prelude.NFData GetStatisticsResponse where
+  rnf GetStatisticsResponse' {..} =
+    Prelude.rnf statistics
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/GetTopicRule.hs b/gen/Amazonka/IoT/GetTopicRule.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/GetTopicRule.hs
@@ -0,0 +1,167 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.GetTopicRule
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets information about the rule.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions GetTopicRule>
+-- action.
+module Amazonka.IoT.GetTopicRule
+  ( -- * Creating a Request
+    GetTopicRule (..),
+    newGetTopicRule,
+
+    -- * Request Lenses
+    getTopicRule_ruleName,
+
+    -- * Destructuring the Response
+    GetTopicRuleResponse (..),
+    newGetTopicRuleResponse,
+
+    -- * Response Lenses
+    getTopicRuleResponse_rule,
+    getTopicRuleResponse_ruleArn,
+    getTopicRuleResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the GetTopicRule operation.
+--
+-- /See:/ 'newGetTopicRule' smart constructor.
+data GetTopicRule = GetTopicRule'
+  { -- | The name of the rule.
+    ruleName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetTopicRule' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'ruleName', 'getTopicRule_ruleName' - The name of the rule.
+newGetTopicRule ::
+  -- | 'ruleName'
+  Prelude.Text ->
+  GetTopicRule
+newGetTopicRule pRuleName_ =
+  GetTopicRule' {ruleName = pRuleName_}
+
+-- | The name of the rule.
+getTopicRule_ruleName :: Lens.Lens' GetTopicRule Prelude.Text
+getTopicRule_ruleName = Lens.lens (\GetTopicRule' {ruleName} -> ruleName) (\s@GetTopicRule' {} a -> s {ruleName = a} :: GetTopicRule)
+
+instance Core.AWSRequest GetTopicRule where
+  type AWSResponse GetTopicRule = GetTopicRuleResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetTopicRuleResponse'
+            Prelude.<$> (x Data..?> "rule")
+            Prelude.<*> (x Data..?> "ruleArn")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable GetTopicRule where
+  hashWithSalt _salt GetTopicRule' {..} =
+    _salt `Prelude.hashWithSalt` ruleName
+
+instance Prelude.NFData GetTopicRule where
+  rnf GetTopicRule' {..} = Prelude.rnf ruleName
+
+instance Data.ToHeaders GetTopicRule where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath GetTopicRule where
+  toPath GetTopicRule' {..} =
+    Prelude.mconcat ["/rules/", Data.toBS ruleName]
+
+instance Data.ToQuery GetTopicRule where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | The output from the GetTopicRule operation.
+--
+-- /See:/ 'newGetTopicRuleResponse' smart constructor.
+data GetTopicRuleResponse = GetTopicRuleResponse'
+  { -- | The rule.
+    rule :: Prelude.Maybe TopicRule,
+    -- | The rule ARN.
+    ruleArn :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetTopicRuleResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'rule', 'getTopicRuleResponse_rule' - The rule.
+--
+-- 'ruleArn', 'getTopicRuleResponse_ruleArn' - The rule ARN.
+--
+-- 'httpStatus', 'getTopicRuleResponse_httpStatus' - The response's http status code.
+newGetTopicRuleResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  GetTopicRuleResponse
+newGetTopicRuleResponse pHttpStatus_ =
+  GetTopicRuleResponse'
+    { rule = Prelude.Nothing,
+      ruleArn = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The rule.
+getTopicRuleResponse_rule :: Lens.Lens' GetTopicRuleResponse (Prelude.Maybe TopicRule)
+getTopicRuleResponse_rule = Lens.lens (\GetTopicRuleResponse' {rule} -> rule) (\s@GetTopicRuleResponse' {} a -> s {rule = a} :: GetTopicRuleResponse)
+
+-- | The rule ARN.
+getTopicRuleResponse_ruleArn :: Lens.Lens' GetTopicRuleResponse (Prelude.Maybe Prelude.Text)
+getTopicRuleResponse_ruleArn = Lens.lens (\GetTopicRuleResponse' {ruleArn} -> ruleArn) (\s@GetTopicRuleResponse' {} a -> s {ruleArn = a} :: GetTopicRuleResponse)
+
+-- | The response's http status code.
+getTopicRuleResponse_httpStatus :: Lens.Lens' GetTopicRuleResponse Prelude.Int
+getTopicRuleResponse_httpStatus = Lens.lens (\GetTopicRuleResponse' {httpStatus} -> httpStatus) (\s@GetTopicRuleResponse' {} a -> s {httpStatus = a} :: GetTopicRuleResponse)
+
+instance Prelude.NFData GetTopicRuleResponse where
+  rnf GetTopicRuleResponse' {..} =
+    Prelude.rnf rule
+      `Prelude.seq` Prelude.rnf ruleArn
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/GetTopicRuleDestination.hs b/gen/Amazonka/IoT/GetTopicRuleDestination.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/GetTopicRuleDestination.hs
@@ -0,0 +1,157 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.GetTopicRuleDestination
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets information about a topic rule destination.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions GetTopicRuleDestination>
+-- action.
+module Amazonka.IoT.GetTopicRuleDestination
+  ( -- * Creating a Request
+    GetTopicRuleDestination (..),
+    newGetTopicRuleDestination,
+
+    -- * Request Lenses
+    getTopicRuleDestination_arn,
+
+    -- * Destructuring the Response
+    GetTopicRuleDestinationResponse (..),
+    newGetTopicRuleDestinationResponse,
+
+    -- * Response Lenses
+    getTopicRuleDestinationResponse_topicRuleDestination,
+    getTopicRuleDestinationResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newGetTopicRuleDestination' smart constructor.
+data GetTopicRuleDestination = GetTopicRuleDestination'
+  { -- | The ARN of the topic rule destination.
+    arn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetTopicRuleDestination' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'arn', 'getTopicRuleDestination_arn' - The ARN of the topic rule destination.
+newGetTopicRuleDestination ::
+  -- | 'arn'
+  Prelude.Text ->
+  GetTopicRuleDestination
+newGetTopicRuleDestination pArn_ =
+  GetTopicRuleDestination' {arn = pArn_}
+
+-- | The ARN of the topic rule destination.
+getTopicRuleDestination_arn :: Lens.Lens' GetTopicRuleDestination Prelude.Text
+getTopicRuleDestination_arn = Lens.lens (\GetTopicRuleDestination' {arn} -> arn) (\s@GetTopicRuleDestination' {} a -> s {arn = a} :: GetTopicRuleDestination)
+
+instance Core.AWSRequest GetTopicRuleDestination where
+  type
+    AWSResponse GetTopicRuleDestination =
+      GetTopicRuleDestinationResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetTopicRuleDestinationResponse'
+            Prelude.<$> (x Data..?> "topicRuleDestination")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable GetTopicRuleDestination where
+  hashWithSalt _salt GetTopicRuleDestination' {..} =
+    _salt `Prelude.hashWithSalt` arn
+
+instance Prelude.NFData GetTopicRuleDestination where
+  rnf GetTopicRuleDestination' {..} = Prelude.rnf arn
+
+instance Data.ToHeaders GetTopicRuleDestination where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath GetTopicRuleDestination where
+  toPath GetTopicRuleDestination' {..} =
+    Prelude.mconcat ["/destinations/", Data.toBS arn]
+
+instance Data.ToQuery GetTopicRuleDestination where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newGetTopicRuleDestinationResponse' smart constructor.
+data GetTopicRuleDestinationResponse = GetTopicRuleDestinationResponse'
+  { -- | The topic rule destination.
+    topicRuleDestination :: Prelude.Maybe TopicRuleDestination,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetTopicRuleDestinationResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'topicRuleDestination', 'getTopicRuleDestinationResponse_topicRuleDestination' - The topic rule destination.
+--
+-- 'httpStatus', 'getTopicRuleDestinationResponse_httpStatus' - The response's http status code.
+newGetTopicRuleDestinationResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  GetTopicRuleDestinationResponse
+newGetTopicRuleDestinationResponse pHttpStatus_ =
+  GetTopicRuleDestinationResponse'
+    { topicRuleDestination =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The topic rule destination.
+getTopicRuleDestinationResponse_topicRuleDestination :: Lens.Lens' GetTopicRuleDestinationResponse (Prelude.Maybe TopicRuleDestination)
+getTopicRuleDestinationResponse_topicRuleDestination = Lens.lens (\GetTopicRuleDestinationResponse' {topicRuleDestination} -> topicRuleDestination) (\s@GetTopicRuleDestinationResponse' {} a -> s {topicRuleDestination = a} :: GetTopicRuleDestinationResponse)
+
+-- | The response's http status code.
+getTopicRuleDestinationResponse_httpStatus :: Lens.Lens' GetTopicRuleDestinationResponse Prelude.Int
+getTopicRuleDestinationResponse_httpStatus = Lens.lens (\GetTopicRuleDestinationResponse' {httpStatus} -> httpStatus) (\s@GetTopicRuleDestinationResponse' {} a -> s {httpStatus = a} :: GetTopicRuleDestinationResponse)
+
+instance
+  Prelude.NFData
+    GetTopicRuleDestinationResponse
+  where
+  rnf GetTopicRuleDestinationResponse' {..} =
+    Prelude.rnf topicRuleDestination
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/GetV2LoggingOptions.hs b/gen/Amazonka/IoT/GetV2LoggingOptions.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/GetV2LoggingOptions.hs
@@ -0,0 +1,161 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.GetV2LoggingOptions
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets the fine grained logging options.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions GetV2LoggingOptions>
+-- action.
+module Amazonka.IoT.GetV2LoggingOptions
+  ( -- * Creating a Request
+    GetV2LoggingOptions (..),
+    newGetV2LoggingOptions,
+
+    -- * Destructuring the Response
+    GetV2LoggingOptionsResponse (..),
+    newGetV2LoggingOptionsResponse,
+
+    -- * Response Lenses
+    getV2LoggingOptionsResponse_defaultLogLevel,
+    getV2LoggingOptionsResponse_disableAllLogs,
+    getV2LoggingOptionsResponse_roleArn,
+    getV2LoggingOptionsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newGetV2LoggingOptions' smart constructor.
+data GetV2LoggingOptions = GetV2LoggingOptions'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetV2LoggingOptions' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newGetV2LoggingOptions ::
+  GetV2LoggingOptions
+newGetV2LoggingOptions = GetV2LoggingOptions'
+
+instance Core.AWSRequest GetV2LoggingOptions where
+  type
+    AWSResponse GetV2LoggingOptions =
+      GetV2LoggingOptionsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetV2LoggingOptionsResponse'
+            Prelude.<$> (x Data..?> "defaultLogLevel")
+            Prelude.<*> (x Data..?> "disableAllLogs")
+            Prelude.<*> (x Data..?> "roleArn")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable GetV2LoggingOptions where
+  hashWithSalt _salt _ =
+    _salt `Prelude.hashWithSalt` ()
+
+instance Prelude.NFData GetV2LoggingOptions where
+  rnf _ = ()
+
+instance Data.ToHeaders GetV2LoggingOptions where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath GetV2LoggingOptions where
+  toPath = Prelude.const "/v2LoggingOptions"
+
+instance Data.ToQuery GetV2LoggingOptions where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newGetV2LoggingOptionsResponse' smart constructor.
+data GetV2LoggingOptionsResponse = GetV2LoggingOptionsResponse'
+  { -- | The default log level.
+    defaultLogLevel :: Prelude.Maybe LogLevel,
+    -- | Disables all logs.
+    disableAllLogs :: Prelude.Maybe Prelude.Bool,
+    -- | The IAM role ARN IoT uses to write to your CloudWatch logs.
+    roleArn :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetV2LoggingOptionsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'defaultLogLevel', 'getV2LoggingOptionsResponse_defaultLogLevel' - The default log level.
+--
+-- 'disableAllLogs', 'getV2LoggingOptionsResponse_disableAllLogs' - Disables all logs.
+--
+-- 'roleArn', 'getV2LoggingOptionsResponse_roleArn' - The IAM role ARN IoT uses to write to your CloudWatch logs.
+--
+-- 'httpStatus', 'getV2LoggingOptionsResponse_httpStatus' - The response's http status code.
+newGetV2LoggingOptionsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  GetV2LoggingOptionsResponse
+newGetV2LoggingOptionsResponse pHttpStatus_ =
+  GetV2LoggingOptionsResponse'
+    { defaultLogLevel =
+        Prelude.Nothing,
+      disableAllLogs = Prelude.Nothing,
+      roleArn = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The default log level.
+getV2LoggingOptionsResponse_defaultLogLevel :: Lens.Lens' GetV2LoggingOptionsResponse (Prelude.Maybe LogLevel)
+getV2LoggingOptionsResponse_defaultLogLevel = Lens.lens (\GetV2LoggingOptionsResponse' {defaultLogLevel} -> defaultLogLevel) (\s@GetV2LoggingOptionsResponse' {} a -> s {defaultLogLevel = a} :: GetV2LoggingOptionsResponse)
+
+-- | Disables all logs.
+getV2LoggingOptionsResponse_disableAllLogs :: Lens.Lens' GetV2LoggingOptionsResponse (Prelude.Maybe Prelude.Bool)
+getV2LoggingOptionsResponse_disableAllLogs = Lens.lens (\GetV2LoggingOptionsResponse' {disableAllLogs} -> disableAllLogs) (\s@GetV2LoggingOptionsResponse' {} a -> s {disableAllLogs = a} :: GetV2LoggingOptionsResponse)
+
+-- | The IAM role ARN IoT uses to write to your CloudWatch logs.
+getV2LoggingOptionsResponse_roleArn :: Lens.Lens' GetV2LoggingOptionsResponse (Prelude.Maybe Prelude.Text)
+getV2LoggingOptionsResponse_roleArn = Lens.lens (\GetV2LoggingOptionsResponse' {roleArn} -> roleArn) (\s@GetV2LoggingOptionsResponse' {} a -> s {roleArn = a} :: GetV2LoggingOptionsResponse)
+
+-- | The response's http status code.
+getV2LoggingOptionsResponse_httpStatus :: Lens.Lens' GetV2LoggingOptionsResponse Prelude.Int
+getV2LoggingOptionsResponse_httpStatus = Lens.lens (\GetV2LoggingOptionsResponse' {httpStatus} -> httpStatus) (\s@GetV2LoggingOptionsResponse' {} a -> s {httpStatus = a} :: GetV2LoggingOptionsResponse)
+
+instance Prelude.NFData GetV2LoggingOptionsResponse where
+  rnf GetV2LoggingOptionsResponse' {..} =
+    Prelude.rnf defaultLogLevel
+      `Prelude.seq` Prelude.rnf disableAllLogs
+      `Prelude.seq` Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/Lens.hs b/gen/Amazonka/IoT/Lens.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Lens.hs
@@ -0,0 +1,3478 @@
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-duplicate-exports #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Lens
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Lens
+  ( -- * Operations
+
+    -- ** AcceptCertificateTransfer
+    acceptCertificateTransfer_setAsActive,
+    acceptCertificateTransfer_certificateId,
+
+    -- ** AddThingToBillingGroup
+    addThingToBillingGroup_billingGroupArn,
+    addThingToBillingGroup_billingGroupName,
+    addThingToBillingGroup_thingArn,
+    addThingToBillingGroup_thingName,
+    addThingToBillingGroupResponse_httpStatus,
+
+    -- ** AddThingToThingGroup
+    addThingToThingGroup_overrideDynamicGroups,
+    addThingToThingGroup_thingArn,
+    addThingToThingGroup_thingGroupArn,
+    addThingToThingGroup_thingGroupName,
+    addThingToThingGroup_thingName,
+    addThingToThingGroupResponse_httpStatus,
+
+    -- ** AssociateTargetsWithJob
+    associateTargetsWithJob_comment,
+    associateTargetsWithJob_namespaceId,
+    associateTargetsWithJob_targets,
+    associateTargetsWithJob_jobId,
+    associateTargetsWithJobResponse_description,
+    associateTargetsWithJobResponse_jobArn,
+    associateTargetsWithJobResponse_jobId,
+    associateTargetsWithJobResponse_httpStatus,
+
+    -- ** AttachPolicy
+    attachPolicy_policyName,
+    attachPolicy_target,
+
+    -- ** AttachSecurityProfile
+    attachSecurityProfile_securityProfileName,
+    attachSecurityProfile_securityProfileTargetArn,
+    attachSecurityProfileResponse_httpStatus,
+
+    -- ** AttachThingPrincipal
+    attachThingPrincipal_thingName,
+    attachThingPrincipal_principal,
+    attachThingPrincipalResponse_httpStatus,
+
+    -- ** CancelAuditMitigationActionsTask
+    cancelAuditMitigationActionsTask_taskId,
+    cancelAuditMitigationActionsTaskResponse_httpStatus,
+
+    -- ** CancelAuditTask
+    cancelAuditTask_taskId,
+    cancelAuditTaskResponse_httpStatus,
+
+    -- ** CancelCertificateTransfer
+    cancelCertificateTransfer_certificateId,
+
+    -- ** CancelDetectMitigationActionsTask
+    cancelDetectMitigationActionsTask_taskId,
+    cancelDetectMitigationActionsTaskResponse_httpStatus,
+
+    -- ** CancelJob
+    cancelJob_comment,
+    cancelJob_force,
+    cancelJob_reasonCode,
+    cancelJob_jobId,
+    cancelJobResponse_description,
+    cancelJobResponse_jobArn,
+    cancelJobResponse_jobId,
+    cancelJobResponse_httpStatus,
+
+    -- ** CancelJobExecution
+    cancelJobExecution_expectedVersion,
+    cancelJobExecution_force,
+    cancelJobExecution_statusDetails,
+    cancelJobExecution_jobId,
+    cancelJobExecution_thingName,
+
+    -- ** ClearDefaultAuthorizer
+    clearDefaultAuthorizerResponse_httpStatus,
+
+    -- ** ConfirmTopicRuleDestination
+    confirmTopicRuleDestination_confirmationToken,
+    confirmTopicRuleDestinationResponse_httpStatus,
+
+    -- ** CreateAuditSuppression
+    createAuditSuppression_description,
+    createAuditSuppression_expirationDate,
+    createAuditSuppression_suppressIndefinitely,
+    createAuditSuppression_checkName,
+    createAuditSuppression_resourceIdentifier,
+    createAuditSuppression_clientRequestToken,
+    createAuditSuppressionResponse_httpStatus,
+
+    -- ** CreateAuthorizer
+    createAuthorizer_enableCachingForHttp,
+    createAuthorizer_signingDisabled,
+    createAuthorizer_status,
+    createAuthorizer_tags,
+    createAuthorizer_tokenKeyName,
+    createAuthorizer_tokenSigningPublicKeys,
+    createAuthorizer_authorizerName,
+    createAuthorizer_authorizerFunctionArn,
+    createAuthorizerResponse_authorizerArn,
+    createAuthorizerResponse_authorizerName,
+    createAuthorizerResponse_httpStatus,
+
+    -- ** CreateBillingGroup
+    createBillingGroup_billingGroupProperties,
+    createBillingGroup_tags,
+    createBillingGroup_billingGroupName,
+    createBillingGroupResponse_billingGroupArn,
+    createBillingGroupResponse_billingGroupId,
+    createBillingGroupResponse_billingGroupName,
+    createBillingGroupResponse_httpStatus,
+
+    -- ** CreateCertificateFromCsr
+    createCertificateFromCsr_setAsActive,
+    createCertificateFromCsr_certificateSigningRequest,
+    createCertificateFromCsrResponse_certificateArn,
+    createCertificateFromCsrResponse_certificateId,
+    createCertificateFromCsrResponse_certificatePem,
+    createCertificateFromCsrResponse_httpStatus,
+
+    -- ** CreateCustomMetric
+    createCustomMetric_displayName,
+    createCustomMetric_tags,
+    createCustomMetric_metricName,
+    createCustomMetric_metricType,
+    createCustomMetric_clientRequestToken,
+    createCustomMetricResponse_metricArn,
+    createCustomMetricResponse_metricName,
+    createCustomMetricResponse_httpStatus,
+
+    -- ** CreateDimension
+    createDimension_tags,
+    createDimension_name,
+    createDimension_type,
+    createDimension_stringValues,
+    createDimension_clientRequestToken,
+    createDimensionResponse_arn,
+    createDimensionResponse_name,
+    createDimensionResponse_httpStatus,
+
+    -- ** CreateDomainConfiguration
+    createDomainConfiguration_authorizerConfig,
+    createDomainConfiguration_domainName,
+    createDomainConfiguration_serverCertificateArns,
+    createDomainConfiguration_serviceType,
+    createDomainConfiguration_tags,
+    createDomainConfiguration_validationCertificateArn,
+    createDomainConfiguration_domainConfigurationName,
+    createDomainConfigurationResponse_domainConfigurationArn,
+    createDomainConfigurationResponse_domainConfigurationName,
+    createDomainConfigurationResponse_httpStatus,
+
+    -- ** CreateDynamicThingGroup
+    createDynamicThingGroup_indexName,
+    createDynamicThingGroup_queryVersion,
+    createDynamicThingGroup_tags,
+    createDynamicThingGroup_thingGroupProperties,
+    createDynamicThingGroup_thingGroupName,
+    createDynamicThingGroup_queryString,
+    createDynamicThingGroupResponse_indexName,
+    createDynamicThingGroupResponse_queryString,
+    createDynamicThingGroupResponse_queryVersion,
+    createDynamicThingGroupResponse_thingGroupArn,
+    createDynamicThingGroupResponse_thingGroupId,
+    createDynamicThingGroupResponse_thingGroupName,
+    createDynamicThingGroupResponse_httpStatus,
+
+    -- ** CreateFleetMetric
+    createFleetMetric_description,
+    createFleetMetric_indexName,
+    createFleetMetric_queryVersion,
+    createFleetMetric_tags,
+    createFleetMetric_unit,
+    createFleetMetric_metricName,
+    createFleetMetric_queryString,
+    createFleetMetric_aggregationType,
+    createFleetMetric_period,
+    createFleetMetric_aggregationField,
+    createFleetMetricResponse_metricArn,
+    createFleetMetricResponse_metricName,
+    createFleetMetricResponse_httpStatus,
+
+    -- ** CreateJob
+    createJob_abortConfig,
+    createJob_description,
+    createJob_document,
+    createJob_documentParameters,
+    createJob_documentSource,
+    createJob_jobExecutionsRetryConfig,
+    createJob_jobExecutionsRolloutConfig,
+    createJob_jobTemplateArn,
+    createJob_namespaceId,
+    createJob_presignedUrlConfig,
+    createJob_schedulingConfig,
+    createJob_tags,
+    createJob_targetSelection,
+    createJob_timeoutConfig,
+    createJob_jobId,
+    createJob_targets,
+    createJobResponse_description,
+    createJobResponse_jobArn,
+    createJobResponse_jobId,
+    createJobResponse_httpStatus,
+
+    -- ** CreateJobTemplate
+    createJobTemplate_abortConfig,
+    createJobTemplate_document,
+    createJobTemplate_documentSource,
+    createJobTemplate_jobArn,
+    createJobTemplate_jobExecutionsRetryConfig,
+    createJobTemplate_jobExecutionsRolloutConfig,
+    createJobTemplate_presignedUrlConfig,
+    createJobTemplate_tags,
+    createJobTemplate_timeoutConfig,
+    createJobTemplate_jobTemplateId,
+    createJobTemplate_description,
+    createJobTemplateResponse_jobTemplateArn,
+    createJobTemplateResponse_jobTemplateId,
+    createJobTemplateResponse_httpStatus,
+
+    -- ** CreateKeysAndCertificate
+    createKeysAndCertificate_setAsActive,
+    createKeysAndCertificateResponse_certificateArn,
+    createKeysAndCertificateResponse_certificateId,
+    createKeysAndCertificateResponse_certificatePem,
+    createKeysAndCertificateResponse_keyPair,
+    createKeysAndCertificateResponse_httpStatus,
+
+    -- ** CreateMitigationAction
+    createMitigationAction_tags,
+    createMitigationAction_actionName,
+    createMitigationAction_roleArn,
+    createMitigationAction_actionParams,
+    createMitigationActionResponse_actionArn,
+    createMitigationActionResponse_actionId,
+    createMitigationActionResponse_httpStatus,
+
+    -- ** CreateOTAUpdate
+    createOTAUpdate_additionalParameters,
+    createOTAUpdate_awsJobAbortConfig,
+    createOTAUpdate_awsJobExecutionsRolloutConfig,
+    createOTAUpdate_awsJobPresignedUrlConfig,
+    createOTAUpdate_awsJobTimeoutConfig,
+    createOTAUpdate_description,
+    createOTAUpdate_protocols,
+    createOTAUpdate_tags,
+    createOTAUpdate_targetSelection,
+    createOTAUpdate_otaUpdateId,
+    createOTAUpdate_targets,
+    createOTAUpdate_files,
+    createOTAUpdate_roleArn,
+    createOTAUpdateResponse_awsIotJobArn,
+    createOTAUpdateResponse_awsIotJobId,
+    createOTAUpdateResponse_otaUpdateArn,
+    createOTAUpdateResponse_otaUpdateId,
+    createOTAUpdateResponse_otaUpdateStatus,
+    createOTAUpdateResponse_httpStatus,
+
+    -- ** CreatePolicy
+    createPolicy_tags,
+    createPolicy_policyName,
+    createPolicy_policyDocument,
+    createPolicyResponse_policyArn,
+    createPolicyResponse_policyDocument,
+    createPolicyResponse_policyName,
+    createPolicyResponse_policyVersionId,
+    createPolicyResponse_httpStatus,
+
+    -- ** CreatePolicyVersion
+    createPolicyVersion_setAsDefault,
+    createPolicyVersion_policyName,
+    createPolicyVersion_policyDocument,
+    createPolicyVersionResponse_isDefaultVersion,
+    createPolicyVersionResponse_policyArn,
+    createPolicyVersionResponse_policyDocument,
+    createPolicyVersionResponse_policyVersionId,
+    createPolicyVersionResponse_httpStatus,
+
+    -- ** CreateProvisioningClaim
+    createProvisioningClaim_templateName,
+    createProvisioningClaimResponse_certificateId,
+    createProvisioningClaimResponse_certificatePem,
+    createProvisioningClaimResponse_expiration,
+    createProvisioningClaimResponse_keyPair,
+    createProvisioningClaimResponse_httpStatus,
+
+    -- ** CreateProvisioningTemplate
+    createProvisioningTemplate_description,
+    createProvisioningTemplate_enabled,
+    createProvisioningTemplate_preProvisioningHook,
+    createProvisioningTemplate_tags,
+    createProvisioningTemplate_type,
+    createProvisioningTemplate_templateName,
+    createProvisioningTemplate_templateBody,
+    createProvisioningTemplate_provisioningRoleArn,
+    createProvisioningTemplateResponse_defaultVersionId,
+    createProvisioningTemplateResponse_templateArn,
+    createProvisioningTemplateResponse_templateName,
+    createProvisioningTemplateResponse_httpStatus,
+
+    -- ** CreateProvisioningTemplateVersion
+    createProvisioningTemplateVersion_setAsDefault,
+    createProvisioningTemplateVersion_templateName,
+    createProvisioningTemplateVersion_templateBody,
+    createProvisioningTemplateVersionResponse_isDefaultVersion,
+    createProvisioningTemplateVersionResponse_templateArn,
+    createProvisioningTemplateVersionResponse_templateName,
+    createProvisioningTemplateVersionResponse_versionId,
+    createProvisioningTemplateVersionResponse_httpStatus,
+
+    -- ** CreateRoleAlias
+    createRoleAlias_credentialDurationSeconds,
+    createRoleAlias_tags,
+    createRoleAlias_roleAlias,
+    createRoleAlias_roleArn,
+    createRoleAliasResponse_roleAlias,
+    createRoleAliasResponse_roleAliasArn,
+    createRoleAliasResponse_httpStatus,
+
+    -- ** CreateScheduledAudit
+    createScheduledAudit_dayOfMonth,
+    createScheduledAudit_dayOfWeek,
+    createScheduledAudit_tags,
+    createScheduledAudit_frequency,
+    createScheduledAudit_targetCheckNames,
+    createScheduledAudit_scheduledAuditName,
+    createScheduledAuditResponse_scheduledAuditArn,
+    createScheduledAuditResponse_httpStatus,
+
+    -- ** CreateSecurityProfile
+    createSecurityProfile_additionalMetricsToRetain,
+    createSecurityProfile_additionalMetricsToRetainV2,
+    createSecurityProfile_alertTargets,
+    createSecurityProfile_behaviors,
+    createSecurityProfile_securityProfileDescription,
+    createSecurityProfile_tags,
+    createSecurityProfile_securityProfileName,
+    createSecurityProfileResponse_securityProfileArn,
+    createSecurityProfileResponse_securityProfileName,
+    createSecurityProfileResponse_httpStatus,
+
+    -- ** CreateStream
+    createStream_description,
+    createStream_tags,
+    createStream_streamId,
+    createStream_files,
+    createStream_roleArn,
+    createStreamResponse_description,
+    createStreamResponse_streamArn,
+    createStreamResponse_streamId,
+    createStreamResponse_streamVersion,
+    createStreamResponse_httpStatus,
+
+    -- ** CreateThing
+    createThing_attributePayload,
+    createThing_billingGroupName,
+    createThing_thingTypeName,
+    createThing_thingName,
+    createThingResponse_thingArn,
+    createThingResponse_thingId,
+    createThingResponse_thingName,
+    createThingResponse_httpStatus,
+
+    -- ** CreateThingGroup
+    createThingGroup_parentGroupName,
+    createThingGroup_tags,
+    createThingGroup_thingGroupProperties,
+    createThingGroup_thingGroupName,
+    createThingGroupResponse_thingGroupArn,
+    createThingGroupResponse_thingGroupId,
+    createThingGroupResponse_thingGroupName,
+    createThingGroupResponse_httpStatus,
+
+    -- ** CreateThingType
+    createThingType_tags,
+    createThingType_thingTypeProperties,
+    createThingType_thingTypeName,
+    createThingTypeResponse_thingTypeArn,
+    createThingTypeResponse_thingTypeId,
+    createThingTypeResponse_thingTypeName,
+    createThingTypeResponse_httpStatus,
+
+    -- ** CreateTopicRule
+    createTopicRule_tags,
+    createTopicRule_ruleName,
+    createTopicRule_topicRulePayload,
+
+    -- ** CreateTopicRuleDestination
+    createTopicRuleDestination_destinationConfiguration,
+    createTopicRuleDestinationResponse_topicRuleDestination,
+    createTopicRuleDestinationResponse_httpStatus,
+
+    -- ** DeleteAccountAuditConfiguration
+    deleteAccountAuditConfiguration_deleteScheduledAudits,
+    deleteAccountAuditConfigurationResponse_httpStatus,
+
+    -- ** DeleteAuditSuppression
+    deleteAuditSuppression_checkName,
+    deleteAuditSuppression_resourceIdentifier,
+    deleteAuditSuppressionResponse_httpStatus,
+
+    -- ** DeleteAuthorizer
+    deleteAuthorizer_authorizerName,
+    deleteAuthorizerResponse_httpStatus,
+
+    -- ** DeleteBillingGroup
+    deleteBillingGroup_expectedVersion,
+    deleteBillingGroup_billingGroupName,
+    deleteBillingGroupResponse_httpStatus,
+
+    -- ** DeleteCACertificate
+    deleteCACertificate_certificateId,
+    deleteCACertificateResponse_httpStatus,
+
+    -- ** DeleteCertificate
+    deleteCertificate_forceDelete,
+    deleteCertificate_certificateId,
+
+    -- ** DeleteCustomMetric
+    deleteCustomMetric_metricName,
+    deleteCustomMetricResponse_httpStatus,
+
+    -- ** DeleteDimension
+    deleteDimension_name,
+    deleteDimensionResponse_httpStatus,
+
+    -- ** DeleteDomainConfiguration
+    deleteDomainConfiguration_domainConfigurationName,
+    deleteDomainConfigurationResponse_httpStatus,
+
+    -- ** DeleteDynamicThingGroup
+    deleteDynamicThingGroup_expectedVersion,
+    deleteDynamicThingGroup_thingGroupName,
+    deleteDynamicThingGroupResponse_httpStatus,
+
+    -- ** DeleteFleetMetric
+    deleteFleetMetric_expectedVersion,
+    deleteFleetMetric_metricName,
+
+    -- ** DeleteJob
+    deleteJob_force,
+    deleteJob_namespaceId,
+    deleteJob_jobId,
+
+    -- ** DeleteJobExecution
+    deleteJobExecution_force,
+    deleteJobExecution_namespaceId,
+    deleteJobExecution_jobId,
+    deleteJobExecution_thingName,
+    deleteJobExecution_executionNumber,
+
+    -- ** DeleteJobTemplate
+    deleteJobTemplate_jobTemplateId,
+
+    -- ** DeleteMitigationAction
+    deleteMitigationAction_actionName,
+    deleteMitigationActionResponse_httpStatus,
+
+    -- ** DeleteOTAUpdate
+    deleteOTAUpdate_deleteStream,
+    deleteOTAUpdate_forceDeleteAWSJob,
+    deleteOTAUpdate_otaUpdateId,
+    deleteOTAUpdateResponse_httpStatus,
+
+    -- ** DeletePolicy
+    deletePolicy_policyName,
+
+    -- ** DeletePolicyVersion
+    deletePolicyVersion_policyName,
+    deletePolicyVersion_policyVersionId,
+
+    -- ** DeleteProvisioningTemplate
+    deleteProvisioningTemplate_templateName,
+    deleteProvisioningTemplateResponse_httpStatus,
+
+    -- ** DeleteProvisioningTemplateVersion
+    deleteProvisioningTemplateVersion_templateName,
+    deleteProvisioningTemplateVersion_versionId,
+    deleteProvisioningTemplateVersionResponse_httpStatus,
+
+    -- ** DeleteRegistrationCode
+    deleteRegistrationCodeResponse_httpStatus,
+
+    -- ** DeleteRoleAlias
+    deleteRoleAlias_roleAlias,
+    deleteRoleAliasResponse_httpStatus,
+
+    -- ** DeleteScheduledAudit
+    deleteScheduledAudit_scheduledAuditName,
+    deleteScheduledAuditResponse_httpStatus,
+
+    -- ** DeleteSecurityProfile
+    deleteSecurityProfile_expectedVersion,
+    deleteSecurityProfile_securityProfileName,
+    deleteSecurityProfileResponse_httpStatus,
+
+    -- ** DeleteStream
+    deleteStream_streamId,
+    deleteStreamResponse_httpStatus,
+
+    -- ** DeleteThing
+    deleteThing_expectedVersion,
+    deleteThing_thingName,
+    deleteThingResponse_httpStatus,
+
+    -- ** DeleteThingGroup
+    deleteThingGroup_expectedVersion,
+    deleteThingGroup_thingGroupName,
+    deleteThingGroupResponse_httpStatus,
+
+    -- ** DeleteThingType
+    deleteThingType_thingTypeName,
+    deleteThingTypeResponse_httpStatus,
+
+    -- ** DeleteTopicRule
+    deleteTopicRule_ruleName,
+
+    -- ** DeleteTopicRuleDestination
+    deleteTopicRuleDestination_arn,
+    deleteTopicRuleDestinationResponse_httpStatus,
+
+    -- ** DeleteV2LoggingLevel
+    deleteV2LoggingLevel_targetType,
+    deleteV2LoggingLevel_targetName,
+
+    -- ** DeprecateThingType
+    deprecateThingType_undoDeprecate,
+    deprecateThingType_thingTypeName,
+    deprecateThingTypeResponse_httpStatus,
+
+    -- ** DescribeAccountAuditConfiguration
+    describeAccountAuditConfigurationResponse_auditCheckConfigurations,
+    describeAccountAuditConfigurationResponse_auditNotificationTargetConfigurations,
+    describeAccountAuditConfigurationResponse_roleArn,
+    describeAccountAuditConfigurationResponse_httpStatus,
+
+    -- ** DescribeAuditFinding
+    describeAuditFinding_findingId,
+    describeAuditFindingResponse_finding,
+    describeAuditFindingResponse_httpStatus,
+
+    -- ** DescribeAuditMitigationActionsTask
+    describeAuditMitigationActionsTask_taskId,
+    describeAuditMitigationActionsTaskResponse_actionsDefinition,
+    describeAuditMitigationActionsTaskResponse_auditCheckToActionsMapping,
+    describeAuditMitigationActionsTaskResponse_endTime,
+    describeAuditMitigationActionsTaskResponse_startTime,
+    describeAuditMitigationActionsTaskResponse_target,
+    describeAuditMitigationActionsTaskResponse_taskStatistics,
+    describeAuditMitigationActionsTaskResponse_taskStatus,
+    describeAuditMitigationActionsTaskResponse_httpStatus,
+
+    -- ** DescribeAuditSuppression
+    describeAuditSuppression_checkName,
+    describeAuditSuppression_resourceIdentifier,
+    describeAuditSuppressionResponse_checkName,
+    describeAuditSuppressionResponse_description,
+    describeAuditSuppressionResponse_expirationDate,
+    describeAuditSuppressionResponse_resourceIdentifier,
+    describeAuditSuppressionResponse_suppressIndefinitely,
+    describeAuditSuppressionResponse_httpStatus,
+
+    -- ** DescribeAuditTask
+    describeAuditTask_taskId,
+    describeAuditTaskResponse_auditDetails,
+    describeAuditTaskResponse_scheduledAuditName,
+    describeAuditTaskResponse_taskStartTime,
+    describeAuditTaskResponse_taskStatistics,
+    describeAuditTaskResponse_taskStatus,
+    describeAuditTaskResponse_taskType,
+    describeAuditTaskResponse_httpStatus,
+
+    -- ** DescribeAuthorizer
+    describeAuthorizer_authorizerName,
+    describeAuthorizerResponse_authorizerDescription,
+    describeAuthorizerResponse_httpStatus,
+
+    -- ** DescribeBillingGroup
+    describeBillingGroup_billingGroupName,
+    describeBillingGroupResponse_billingGroupArn,
+    describeBillingGroupResponse_billingGroupId,
+    describeBillingGroupResponse_billingGroupMetadata,
+    describeBillingGroupResponse_billingGroupName,
+    describeBillingGroupResponse_billingGroupProperties,
+    describeBillingGroupResponse_version,
+    describeBillingGroupResponse_httpStatus,
+
+    -- ** DescribeCACertificate
+    describeCACertificate_certificateId,
+    describeCACertificateResponse_certificateDescription,
+    describeCACertificateResponse_registrationConfig,
+    describeCACertificateResponse_httpStatus,
+
+    -- ** DescribeCertificate
+    describeCertificate_certificateId,
+    describeCertificateResponse_certificateDescription,
+    describeCertificateResponse_httpStatus,
+
+    -- ** DescribeCustomMetric
+    describeCustomMetric_metricName,
+    describeCustomMetricResponse_creationDate,
+    describeCustomMetricResponse_displayName,
+    describeCustomMetricResponse_lastModifiedDate,
+    describeCustomMetricResponse_metricArn,
+    describeCustomMetricResponse_metricName,
+    describeCustomMetricResponse_metricType,
+    describeCustomMetricResponse_httpStatus,
+
+    -- ** DescribeDefaultAuthorizer
+    describeDefaultAuthorizerResponse_authorizerDescription,
+    describeDefaultAuthorizerResponse_httpStatus,
+
+    -- ** DescribeDetectMitigationActionsTask
+    describeDetectMitigationActionsTask_taskId,
+    describeDetectMitigationActionsTaskResponse_taskSummary,
+    describeDetectMitigationActionsTaskResponse_httpStatus,
+
+    -- ** DescribeDimension
+    describeDimension_name,
+    describeDimensionResponse_arn,
+    describeDimensionResponse_creationDate,
+    describeDimensionResponse_lastModifiedDate,
+    describeDimensionResponse_name,
+    describeDimensionResponse_stringValues,
+    describeDimensionResponse_type,
+    describeDimensionResponse_httpStatus,
+
+    -- ** DescribeDomainConfiguration
+    describeDomainConfiguration_domainConfigurationName,
+    describeDomainConfigurationResponse_authorizerConfig,
+    describeDomainConfigurationResponse_domainConfigurationArn,
+    describeDomainConfigurationResponse_domainConfigurationName,
+    describeDomainConfigurationResponse_domainConfigurationStatus,
+    describeDomainConfigurationResponse_domainName,
+    describeDomainConfigurationResponse_domainType,
+    describeDomainConfigurationResponse_lastStatusChangeDate,
+    describeDomainConfigurationResponse_serverCertificates,
+    describeDomainConfigurationResponse_serviceType,
+    describeDomainConfigurationResponse_httpStatus,
+
+    -- ** DescribeEndpoint
+    describeEndpoint_endpointType,
+    describeEndpointResponse_endpointAddress,
+    describeEndpointResponse_httpStatus,
+
+    -- ** DescribeEventConfigurations
+    describeEventConfigurationsResponse_creationDate,
+    describeEventConfigurationsResponse_eventConfigurations,
+    describeEventConfigurationsResponse_lastModifiedDate,
+    describeEventConfigurationsResponse_httpStatus,
+
+    -- ** DescribeFleetMetric
+    describeFleetMetric_metricName,
+    describeFleetMetricResponse_aggregationField,
+    describeFleetMetricResponse_aggregationType,
+    describeFleetMetricResponse_creationDate,
+    describeFleetMetricResponse_description,
+    describeFleetMetricResponse_indexName,
+    describeFleetMetricResponse_lastModifiedDate,
+    describeFleetMetricResponse_metricArn,
+    describeFleetMetricResponse_metricName,
+    describeFleetMetricResponse_period,
+    describeFleetMetricResponse_queryString,
+    describeFleetMetricResponse_queryVersion,
+    describeFleetMetricResponse_unit,
+    describeFleetMetricResponse_version,
+    describeFleetMetricResponse_httpStatus,
+
+    -- ** DescribeIndex
+    describeIndex_indexName,
+    describeIndexResponse_indexName,
+    describeIndexResponse_indexStatus,
+    describeIndexResponse_schema,
+    describeIndexResponse_httpStatus,
+
+    -- ** DescribeJob
+    describeJob_jobId,
+    describeJobResponse_documentSource,
+    describeJobResponse_job,
+    describeJobResponse_httpStatus,
+
+    -- ** DescribeJobExecution
+    describeJobExecution_executionNumber,
+    describeJobExecution_jobId,
+    describeJobExecution_thingName,
+    describeJobExecutionResponse_execution,
+    describeJobExecutionResponse_httpStatus,
+
+    -- ** DescribeJobTemplate
+    describeJobTemplate_jobTemplateId,
+    describeJobTemplateResponse_abortConfig,
+    describeJobTemplateResponse_createdAt,
+    describeJobTemplateResponse_description,
+    describeJobTemplateResponse_document,
+    describeJobTemplateResponse_documentSource,
+    describeJobTemplateResponse_jobExecutionsRetryConfig,
+    describeJobTemplateResponse_jobExecutionsRolloutConfig,
+    describeJobTemplateResponse_jobTemplateArn,
+    describeJobTemplateResponse_jobTemplateId,
+    describeJobTemplateResponse_presignedUrlConfig,
+    describeJobTemplateResponse_timeoutConfig,
+    describeJobTemplateResponse_httpStatus,
+
+    -- ** DescribeManagedJobTemplate
+    describeManagedJobTemplate_templateVersion,
+    describeManagedJobTemplate_templateName,
+    describeManagedJobTemplateResponse_description,
+    describeManagedJobTemplateResponse_document,
+    describeManagedJobTemplateResponse_documentParameters,
+    describeManagedJobTemplateResponse_environments,
+    describeManagedJobTemplateResponse_templateArn,
+    describeManagedJobTemplateResponse_templateName,
+    describeManagedJobTemplateResponse_templateVersion,
+    describeManagedJobTemplateResponse_httpStatus,
+
+    -- ** DescribeMitigationAction
+    describeMitigationAction_actionName,
+    describeMitigationActionResponse_actionArn,
+    describeMitigationActionResponse_actionId,
+    describeMitigationActionResponse_actionName,
+    describeMitigationActionResponse_actionParams,
+    describeMitigationActionResponse_actionType,
+    describeMitigationActionResponse_creationDate,
+    describeMitigationActionResponse_lastModifiedDate,
+    describeMitigationActionResponse_roleArn,
+    describeMitigationActionResponse_httpStatus,
+
+    -- ** DescribeProvisioningTemplate
+    describeProvisioningTemplate_templateName,
+    describeProvisioningTemplateResponse_creationDate,
+    describeProvisioningTemplateResponse_defaultVersionId,
+    describeProvisioningTemplateResponse_description,
+    describeProvisioningTemplateResponse_enabled,
+    describeProvisioningTemplateResponse_lastModifiedDate,
+    describeProvisioningTemplateResponse_preProvisioningHook,
+    describeProvisioningTemplateResponse_provisioningRoleArn,
+    describeProvisioningTemplateResponse_templateArn,
+    describeProvisioningTemplateResponse_templateBody,
+    describeProvisioningTemplateResponse_templateName,
+    describeProvisioningTemplateResponse_type,
+    describeProvisioningTemplateResponse_httpStatus,
+
+    -- ** DescribeProvisioningTemplateVersion
+    describeProvisioningTemplateVersion_templateName,
+    describeProvisioningTemplateVersion_versionId,
+    describeProvisioningTemplateVersionResponse_creationDate,
+    describeProvisioningTemplateVersionResponse_isDefaultVersion,
+    describeProvisioningTemplateVersionResponse_templateBody,
+    describeProvisioningTemplateVersionResponse_versionId,
+    describeProvisioningTemplateVersionResponse_httpStatus,
+
+    -- ** DescribeRoleAlias
+    describeRoleAlias_roleAlias,
+    describeRoleAliasResponse_roleAliasDescription,
+    describeRoleAliasResponse_httpStatus,
+
+    -- ** DescribeScheduledAudit
+    describeScheduledAudit_scheduledAuditName,
+    describeScheduledAuditResponse_dayOfMonth,
+    describeScheduledAuditResponse_dayOfWeek,
+    describeScheduledAuditResponse_frequency,
+    describeScheduledAuditResponse_scheduledAuditArn,
+    describeScheduledAuditResponse_scheduledAuditName,
+    describeScheduledAuditResponse_targetCheckNames,
+    describeScheduledAuditResponse_httpStatus,
+
+    -- ** DescribeSecurityProfile
+    describeSecurityProfile_securityProfileName,
+    describeSecurityProfileResponse_additionalMetricsToRetain,
+    describeSecurityProfileResponse_additionalMetricsToRetainV2,
+    describeSecurityProfileResponse_alertTargets,
+    describeSecurityProfileResponse_behaviors,
+    describeSecurityProfileResponse_creationDate,
+    describeSecurityProfileResponse_lastModifiedDate,
+    describeSecurityProfileResponse_securityProfileArn,
+    describeSecurityProfileResponse_securityProfileDescription,
+    describeSecurityProfileResponse_securityProfileName,
+    describeSecurityProfileResponse_version,
+    describeSecurityProfileResponse_httpStatus,
+
+    -- ** DescribeStream
+    describeStream_streamId,
+    describeStreamResponse_streamInfo,
+    describeStreamResponse_httpStatus,
+
+    -- ** DescribeThing
+    describeThing_thingName,
+    describeThingResponse_attributes,
+    describeThingResponse_billingGroupName,
+    describeThingResponse_defaultClientId,
+    describeThingResponse_thingArn,
+    describeThingResponse_thingId,
+    describeThingResponse_thingName,
+    describeThingResponse_thingTypeName,
+    describeThingResponse_version,
+    describeThingResponse_httpStatus,
+
+    -- ** DescribeThingGroup
+    describeThingGroup_thingGroupName,
+    describeThingGroupResponse_indexName,
+    describeThingGroupResponse_queryString,
+    describeThingGroupResponse_queryVersion,
+    describeThingGroupResponse_status,
+    describeThingGroupResponse_thingGroupArn,
+    describeThingGroupResponse_thingGroupId,
+    describeThingGroupResponse_thingGroupMetadata,
+    describeThingGroupResponse_thingGroupName,
+    describeThingGroupResponse_thingGroupProperties,
+    describeThingGroupResponse_version,
+    describeThingGroupResponse_httpStatus,
+
+    -- ** DescribeThingRegistrationTask
+    describeThingRegistrationTask_taskId,
+    describeThingRegistrationTaskResponse_creationDate,
+    describeThingRegistrationTaskResponse_failureCount,
+    describeThingRegistrationTaskResponse_inputFileBucket,
+    describeThingRegistrationTaskResponse_inputFileKey,
+    describeThingRegistrationTaskResponse_lastModifiedDate,
+    describeThingRegistrationTaskResponse_message,
+    describeThingRegistrationTaskResponse_percentageProgress,
+    describeThingRegistrationTaskResponse_roleArn,
+    describeThingRegistrationTaskResponse_status,
+    describeThingRegistrationTaskResponse_successCount,
+    describeThingRegistrationTaskResponse_taskId,
+    describeThingRegistrationTaskResponse_templateBody,
+    describeThingRegistrationTaskResponse_httpStatus,
+
+    -- ** DescribeThingType
+    describeThingType_thingTypeName,
+    describeThingTypeResponse_thingTypeArn,
+    describeThingTypeResponse_thingTypeId,
+    describeThingTypeResponse_thingTypeMetadata,
+    describeThingTypeResponse_thingTypeName,
+    describeThingTypeResponse_thingTypeProperties,
+    describeThingTypeResponse_httpStatus,
+
+    -- ** DetachPolicy
+    detachPolicy_policyName,
+    detachPolicy_target,
+
+    -- ** DetachSecurityProfile
+    detachSecurityProfile_securityProfileName,
+    detachSecurityProfile_securityProfileTargetArn,
+    detachSecurityProfileResponse_httpStatus,
+
+    -- ** DetachThingPrincipal
+    detachThingPrincipal_thingName,
+    detachThingPrincipal_principal,
+    detachThingPrincipalResponse_httpStatus,
+
+    -- ** DisableTopicRule
+    disableTopicRule_ruleName,
+
+    -- ** EnableTopicRule
+    enableTopicRule_ruleName,
+
+    -- ** GetBehaviorModelTrainingSummaries
+    getBehaviorModelTrainingSummaries_maxResults,
+    getBehaviorModelTrainingSummaries_nextToken,
+    getBehaviorModelTrainingSummaries_securityProfileName,
+    getBehaviorModelTrainingSummariesResponse_nextToken,
+    getBehaviorModelTrainingSummariesResponse_summaries,
+    getBehaviorModelTrainingSummariesResponse_httpStatus,
+
+    -- ** GetBucketsAggregation
+    getBucketsAggregation_indexName,
+    getBucketsAggregation_queryVersion,
+    getBucketsAggregation_queryString,
+    getBucketsAggregation_aggregationField,
+    getBucketsAggregation_bucketsAggregationType,
+    getBucketsAggregationResponse_buckets,
+    getBucketsAggregationResponse_totalCount,
+    getBucketsAggregationResponse_httpStatus,
+
+    -- ** GetCardinality
+    getCardinality_aggregationField,
+    getCardinality_indexName,
+    getCardinality_queryVersion,
+    getCardinality_queryString,
+    getCardinalityResponse_cardinality,
+    getCardinalityResponse_httpStatus,
+
+    -- ** GetEffectivePolicies
+    getEffectivePolicies_cognitoIdentityPoolId,
+    getEffectivePolicies_principal,
+    getEffectivePolicies_thingName,
+    getEffectivePoliciesResponse_effectivePolicies,
+    getEffectivePoliciesResponse_httpStatus,
+
+    -- ** GetIndexingConfiguration
+    getIndexingConfigurationResponse_thingGroupIndexingConfiguration,
+    getIndexingConfigurationResponse_thingIndexingConfiguration,
+    getIndexingConfigurationResponse_httpStatus,
+
+    -- ** GetJobDocument
+    getJobDocument_jobId,
+    getJobDocumentResponse_document,
+    getJobDocumentResponse_httpStatus,
+
+    -- ** GetLoggingOptions
+    getLoggingOptionsResponse_logLevel,
+    getLoggingOptionsResponse_roleArn,
+    getLoggingOptionsResponse_httpStatus,
+
+    -- ** GetOTAUpdate
+    getOTAUpdate_otaUpdateId,
+    getOTAUpdateResponse_otaUpdateInfo,
+    getOTAUpdateResponse_httpStatus,
+
+    -- ** GetPercentiles
+    getPercentiles_aggregationField,
+    getPercentiles_indexName,
+    getPercentiles_percents,
+    getPercentiles_queryVersion,
+    getPercentiles_queryString,
+    getPercentilesResponse_percentiles,
+    getPercentilesResponse_httpStatus,
+
+    -- ** GetPolicy
+    getPolicy_policyName,
+    getPolicyResponse_creationDate,
+    getPolicyResponse_defaultVersionId,
+    getPolicyResponse_generationId,
+    getPolicyResponse_lastModifiedDate,
+    getPolicyResponse_policyArn,
+    getPolicyResponse_policyDocument,
+    getPolicyResponse_policyName,
+    getPolicyResponse_httpStatus,
+
+    -- ** GetPolicyVersion
+    getPolicyVersion_policyName,
+    getPolicyVersion_policyVersionId,
+    getPolicyVersionResponse_creationDate,
+    getPolicyVersionResponse_generationId,
+    getPolicyVersionResponse_isDefaultVersion,
+    getPolicyVersionResponse_lastModifiedDate,
+    getPolicyVersionResponse_policyArn,
+    getPolicyVersionResponse_policyDocument,
+    getPolicyVersionResponse_policyName,
+    getPolicyVersionResponse_policyVersionId,
+    getPolicyVersionResponse_httpStatus,
+
+    -- ** GetRegistrationCode
+    getRegistrationCodeResponse_registrationCode,
+    getRegistrationCodeResponse_httpStatus,
+
+    -- ** GetStatistics
+    getStatistics_aggregationField,
+    getStatistics_indexName,
+    getStatistics_queryVersion,
+    getStatistics_queryString,
+    getStatisticsResponse_statistics,
+    getStatisticsResponse_httpStatus,
+
+    -- ** GetTopicRule
+    getTopicRule_ruleName,
+    getTopicRuleResponse_rule,
+    getTopicRuleResponse_ruleArn,
+    getTopicRuleResponse_httpStatus,
+
+    -- ** GetTopicRuleDestination
+    getTopicRuleDestination_arn,
+    getTopicRuleDestinationResponse_topicRuleDestination,
+    getTopicRuleDestinationResponse_httpStatus,
+
+    -- ** GetV2LoggingOptions
+    getV2LoggingOptionsResponse_defaultLogLevel,
+    getV2LoggingOptionsResponse_disableAllLogs,
+    getV2LoggingOptionsResponse_roleArn,
+    getV2LoggingOptionsResponse_httpStatus,
+
+    -- ** ListActiveViolations
+    listActiveViolations_behaviorCriteriaType,
+    listActiveViolations_listSuppressedAlerts,
+    listActiveViolations_maxResults,
+    listActiveViolations_nextToken,
+    listActiveViolations_securityProfileName,
+    listActiveViolations_thingName,
+    listActiveViolations_verificationState,
+    listActiveViolationsResponse_activeViolations,
+    listActiveViolationsResponse_nextToken,
+    listActiveViolationsResponse_httpStatus,
+
+    -- ** ListAttachedPolicies
+    listAttachedPolicies_marker,
+    listAttachedPolicies_pageSize,
+    listAttachedPolicies_recursive,
+    listAttachedPolicies_target,
+    listAttachedPoliciesResponse_nextMarker,
+    listAttachedPoliciesResponse_policies,
+    listAttachedPoliciesResponse_httpStatus,
+
+    -- ** ListAuditFindings
+    listAuditFindings_checkName,
+    listAuditFindings_endTime,
+    listAuditFindings_listSuppressedFindings,
+    listAuditFindings_maxResults,
+    listAuditFindings_nextToken,
+    listAuditFindings_resourceIdentifier,
+    listAuditFindings_startTime,
+    listAuditFindings_taskId,
+    listAuditFindingsResponse_findings,
+    listAuditFindingsResponse_nextToken,
+    listAuditFindingsResponse_httpStatus,
+
+    -- ** ListAuditMitigationActionsExecutions
+    listAuditMitigationActionsExecutions_actionStatus,
+    listAuditMitigationActionsExecutions_maxResults,
+    listAuditMitigationActionsExecutions_nextToken,
+    listAuditMitigationActionsExecutions_taskId,
+    listAuditMitigationActionsExecutions_findingId,
+    listAuditMitigationActionsExecutionsResponse_actionsExecutions,
+    listAuditMitigationActionsExecutionsResponse_nextToken,
+    listAuditMitigationActionsExecutionsResponse_httpStatus,
+
+    -- ** ListAuditMitigationActionsTasks
+    listAuditMitigationActionsTasks_auditTaskId,
+    listAuditMitigationActionsTasks_findingId,
+    listAuditMitigationActionsTasks_maxResults,
+    listAuditMitigationActionsTasks_nextToken,
+    listAuditMitigationActionsTasks_taskStatus,
+    listAuditMitigationActionsTasks_startTime,
+    listAuditMitigationActionsTasks_endTime,
+    listAuditMitigationActionsTasksResponse_nextToken,
+    listAuditMitigationActionsTasksResponse_tasks,
+    listAuditMitigationActionsTasksResponse_httpStatus,
+
+    -- ** ListAuditSuppressions
+    listAuditSuppressions_ascendingOrder,
+    listAuditSuppressions_checkName,
+    listAuditSuppressions_maxResults,
+    listAuditSuppressions_nextToken,
+    listAuditSuppressions_resourceIdentifier,
+    listAuditSuppressionsResponse_nextToken,
+    listAuditSuppressionsResponse_suppressions,
+    listAuditSuppressionsResponse_httpStatus,
+
+    -- ** ListAuditTasks
+    listAuditTasks_maxResults,
+    listAuditTasks_nextToken,
+    listAuditTasks_taskStatus,
+    listAuditTasks_taskType,
+    listAuditTasks_startTime,
+    listAuditTasks_endTime,
+    listAuditTasksResponse_nextToken,
+    listAuditTasksResponse_tasks,
+    listAuditTasksResponse_httpStatus,
+
+    -- ** ListAuthorizers
+    listAuthorizers_ascendingOrder,
+    listAuthorizers_marker,
+    listAuthorizers_pageSize,
+    listAuthorizers_status,
+    listAuthorizersResponse_authorizers,
+    listAuthorizersResponse_nextMarker,
+    listAuthorizersResponse_httpStatus,
+
+    -- ** ListBillingGroups
+    listBillingGroups_maxResults,
+    listBillingGroups_namePrefixFilter,
+    listBillingGroups_nextToken,
+    listBillingGroupsResponse_billingGroups,
+    listBillingGroupsResponse_nextToken,
+    listBillingGroupsResponse_httpStatus,
+
+    -- ** ListCACertificates
+    listCACertificates_ascendingOrder,
+    listCACertificates_marker,
+    listCACertificates_pageSize,
+    listCACertificates_templateName,
+    listCACertificatesResponse_certificates,
+    listCACertificatesResponse_nextMarker,
+    listCACertificatesResponse_httpStatus,
+
+    -- ** ListCertificates
+    listCertificates_ascendingOrder,
+    listCertificates_marker,
+    listCertificates_pageSize,
+    listCertificatesResponse_certificates,
+    listCertificatesResponse_nextMarker,
+    listCertificatesResponse_httpStatus,
+
+    -- ** ListCertificatesByCA
+    listCertificatesByCA_ascendingOrder,
+    listCertificatesByCA_marker,
+    listCertificatesByCA_pageSize,
+    listCertificatesByCA_caCertificateId,
+    listCertificatesByCAResponse_certificates,
+    listCertificatesByCAResponse_nextMarker,
+    listCertificatesByCAResponse_httpStatus,
+
+    -- ** ListCustomMetrics
+    listCustomMetrics_maxResults,
+    listCustomMetrics_nextToken,
+    listCustomMetricsResponse_metricNames,
+    listCustomMetricsResponse_nextToken,
+    listCustomMetricsResponse_httpStatus,
+
+    -- ** ListDetectMitigationActionsExecutions
+    listDetectMitigationActionsExecutions_endTime,
+    listDetectMitigationActionsExecutions_maxResults,
+    listDetectMitigationActionsExecutions_nextToken,
+    listDetectMitigationActionsExecutions_startTime,
+    listDetectMitigationActionsExecutions_taskId,
+    listDetectMitigationActionsExecutions_thingName,
+    listDetectMitigationActionsExecutions_violationId,
+    listDetectMitigationActionsExecutionsResponse_actionsExecutions,
+    listDetectMitigationActionsExecutionsResponse_nextToken,
+    listDetectMitigationActionsExecutionsResponse_httpStatus,
+
+    -- ** ListDetectMitigationActionsTasks
+    listDetectMitigationActionsTasks_maxResults,
+    listDetectMitigationActionsTasks_nextToken,
+    listDetectMitigationActionsTasks_startTime,
+    listDetectMitigationActionsTasks_endTime,
+    listDetectMitigationActionsTasksResponse_nextToken,
+    listDetectMitigationActionsTasksResponse_tasks,
+    listDetectMitigationActionsTasksResponse_httpStatus,
+
+    -- ** ListDimensions
+    listDimensions_maxResults,
+    listDimensions_nextToken,
+    listDimensionsResponse_dimensionNames,
+    listDimensionsResponse_nextToken,
+    listDimensionsResponse_httpStatus,
+
+    -- ** ListDomainConfigurations
+    listDomainConfigurations_marker,
+    listDomainConfigurations_pageSize,
+    listDomainConfigurations_serviceType,
+    listDomainConfigurationsResponse_domainConfigurations,
+    listDomainConfigurationsResponse_nextMarker,
+    listDomainConfigurationsResponse_httpStatus,
+
+    -- ** ListFleetMetrics
+    listFleetMetrics_maxResults,
+    listFleetMetrics_nextToken,
+    listFleetMetricsResponse_fleetMetrics,
+    listFleetMetricsResponse_nextToken,
+    listFleetMetricsResponse_httpStatus,
+
+    -- ** ListIndices
+    listIndices_maxResults,
+    listIndices_nextToken,
+    listIndicesResponse_indexNames,
+    listIndicesResponse_nextToken,
+    listIndicesResponse_httpStatus,
+
+    -- ** ListJobExecutionsForJob
+    listJobExecutionsForJob_maxResults,
+    listJobExecutionsForJob_nextToken,
+    listJobExecutionsForJob_status,
+    listJobExecutionsForJob_jobId,
+    listJobExecutionsForJobResponse_executionSummaries,
+    listJobExecutionsForJobResponse_nextToken,
+    listJobExecutionsForJobResponse_httpStatus,
+
+    -- ** ListJobExecutionsForThing
+    listJobExecutionsForThing_jobId,
+    listJobExecutionsForThing_maxResults,
+    listJobExecutionsForThing_namespaceId,
+    listJobExecutionsForThing_nextToken,
+    listJobExecutionsForThing_status,
+    listJobExecutionsForThing_thingName,
+    listJobExecutionsForThingResponse_executionSummaries,
+    listJobExecutionsForThingResponse_nextToken,
+    listJobExecutionsForThingResponse_httpStatus,
+
+    -- ** ListJobTemplates
+    listJobTemplates_maxResults,
+    listJobTemplates_nextToken,
+    listJobTemplatesResponse_jobTemplates,
+    listJobTemplatesResponse_nextToken,
+    listJobTemplatesResponse_httpStatus,
+
+    -- ** ListJobs
+    listJobs_maxResults,
+    listJobs_namespaceId,
+    listJobs_nextToken,
+    listJobs_status,
+    listJobs_targetSelection,
+    listJobs_thingGroupId,
+    listJobs_thingGroupName,
+    listJobsResponse_jobs,
+    listJobsResponse_nextToken,
+    listJobsResponse_httpStatus,
+
+    -- ** ListManagedJobTemplates
+    listManagedJobTemplates_maxResults,
+    listManagedJobTemplates_nextToken,
+    listManagedJobTemplates_templateName,
+    listManagedJobTemplatesResponse_managedJobTemplates,
+    listManagedJobTemplatesResponse_nextToken,
+    listManagedJobTemplatesResponse_httpStatus,
+
+    -- ** ListMetricValues
+    listMetricValues_dimensionName,
+    listMetricValues_dimensionValueOperator,
+    listMetricValues_maxResults,
+    listMetricValues_nextToken,
+    listMetricValues_thingName,
+    listMetricValues_metricName,
+    listMetricValues_startTime,
+    listMetricValues_endTime,
+    listMetricValuesResponse_metricDatumList,
+    listMetricValuesResponse_nextToken,
+    listMetricValuesResponse_httpStatus,
+
+    -- ** ListMitigationActions
+    listMitigationActions_actionType,
+    listMitigationActions_maxResults,
+    listMitigationActions_nextToken,
+    listMitigationActionsResponse_actionIdentifiers,
+    listMitigationActionsResponse_nextToken,
+    listMitigationActionsResponse_httpStatus,
+
+    -- ** ListOTAUpdates
+    listOTAUpdates_maxResults,
+    listOTAUpdates_nextToken,
+    listOTAUpdates_otaUpdateStatus,
+    listOTAUpdatesResponse_nextToken,
+    listOTAUpdatesResponse_otaUpdates,
+    listOTAUpdatesResponse_httpStatus,
+
+    -- ** ListOutgoingCertificates
+    listOutgoingCertificates_ascendingOrder,
+    listOutgoingCertificates_marker,
+    listOutgoingCertificates_pageSize,
+    listOutgoingCertificatesResponse_nextMarker,
+    listOutgoingCertificatesResponse_outgoingCertificates,
+    listOutgoingCertificatesResponse_httpStatus,
+
+    -- ** ListPolicies
+    listPolicies_ascendingOrder,
+    listPolicies_marker,
+    listPolicies_pageSize,
+    listPoliciesResponse_nextMarker,
+    listPoliciesResponse_policies,
+    listPoliciesResponse_httpStatus,
+
+    -- ** ListPolicyVersions
+    listPolicyVersions_policyName,
+    listPolicyVersionsResponse_policyVersions,
+    listPolicyVersionsResponse_httpStatus,
+
+    -- ** ListPrincipalThings
+    listPrincipalThings_maxResults,
+    listPrincipalThings_nextToken,
+    listPrincipalThings_principal,
+    listPrincipalThingsResponse_nextToken,
+    listPrincipalThingsResponse_things,
+    listPrincipalThingsResponse_httpStatus,
+
+    -- ** ListProvisioningTemplateVersions
+    listProvisioningTemplateVersions_maxResults,
+    listProvisioningTemplateVersions_nextToken,
+    listProvisioningTemplateVersions_templateName,
+    listProvisioningTemplateVersionsResponse_nextToken,
+    listProvisioningTemplateVersionsResponse_versions,
+    listProvisioningTemplateVersionsResponse_httpStatus,
+
+    -- ** ListProvisioningTemplates
+    listProvisioningTemplates_maxResults,
+    listProvisioningTemplates_nextToken,
+    listProvisioningTemplatesResponse_nextToken,
+    listProvisioningTemplatesResponse_templates,
+    listProvisioningTemplatesResponse_httpStatus,
+
+    -- ** ListRelatedResourcesForAuditFinding
+    listRelatedResourcesForAuditFinding_maxResults,
+    listRelatedResourcesForAuditFinding_nextToken,
+    listRelatedResourcesForAuditFinding_findingId,
+    listRelatedResourcesForAuditFindingResponse_nextToken,
+    listRelatedResourcesForAuditFindingResponse_relatedResources,
+    listRelatedResourcesForAuditFindingResponse_httpStatus,
+
+    -- ** ListRoleAliases
+    listRoleAliases_ascendingOrder,
+    listRoleAliases_marker,
+    listRoleAliases_pageSize,
+    listRoleAliasesResponse_nextMarker,
+    listRoleAliasesResponse_roleAliases,
+    listRoleAliasesResponse_httpStatus,
+
+    -- ** ListScheduledAudits
+    listScheduledAudits_maxResults,
+    listScheduledAudits_nextToken,
+    listScheduledAuditsResponse_nextToken,
+    listScheduledAuditsResponse_scheduledAudits,
+    listScheduledAuditsResponse_httpStatus,
+
+    -- ** ListSecurityProfiles
+    listSecurityProfiles_dimensionName,
+    listSecurityProfiles_maxResults,
+    listSecurityProfiles_metricName,
+    listSecurityProfiles_nextToken,
+    listSecurityProfilesResponse_nextToken,
+    listSecurityProfilesResponse_securityProfileIdentifiers,
+    listSecurityProfilesResponse_httpStatus,
+
+    -- ** ListSecurityProfilesForTarget
+    listSecurityProfilesForTarget_maxResults,
+    listSecurityProfilesForTarget_nextToken,
+    listSecurityProfilesForTarget_recursive,
+    listSecurityProfilesForTarget_securityProfileTargetArn,
+    listSecurityProfilesForTargetResponse_nextToken,
+    listSecurityProfilesForTargetResponse_securityProfileTargetMappings,
+    listSecurityProfilesForTargetResponse_httpStatus,
+
+    -- ** ListStreams
+    listStreams_ascendingOrder,
+    listStreams_maxResults,
+    listStreams_nextToken,
+    listStreamsResponse_nextToken,
+    listStreamsResponse_streams,
+    listStreamsResponse_httpStatus,
+
+    -- ** ListTagsForResource
+    listTagsForResource_nextToken,
+    listTagsForResource_resourceArn,
+    listTagsForResourceResponse_nextToken,
+    listTagsForResourceResponse_tags,
+    listTagsForResourceResponse_httpStatus,
+
+    -- ** ListTargetsForPolicy
+    listTargetsForPolicy_marker,
+    listTargetsForPolicy_pageSize,
+    listTargetsForPolicy_policyName,
+    listTargetsForPolicyResponse_nextMarker,
+    listTargetsForPolicyResponse_targets,
+    listTargetsForPolicyResponse_httpStatus,
+
+    -- ** ListTargetsForSecurityProfile
+    listTargetsForSecurityProfile_maxResults,
+    listTargetsForSecurityProfile_nextToken,
+    listTargetsForSecurityProfile_securityProfileName,
+    listTargetsForSecurityProfileResponse_nextToken,
+    listTargetsForSecurityProfileResponse_securityProfileTargets,
+    listTargetsForSecurityProfileResponse_httpStatus,
+
+    -- ** ListThingGroups
+    listThingGroups_maxResults,
+    listThingGroups_namePrefixFilter,
+    listThingGroups_nextToken,
+    listThingGroups_parentGroup,
+    listThingGroups_recursive,
+    listThingGroupsResponse_nextToken,
+    listThingGroupsResponse_thingGroups,
+    listThingGroupsResponse_httpStatus,
+
+    -- ** ListThingGroupsForThing
+    listThingGroupsForThing_maxResults,
+    listThingGroupsForThing_nextToken,
+    listThingGroupsForThing_thingName,
+    listThingGroupsForThingResponse_nextToken,
+    listThingGroupsForThingResponse_thingGroups,
+    listThingGroupsForThingResponse_httpStatus,
+
+    -- ** ListThingPrincipals
+    listThingPrincipals_maxResults,
+    listThingPrincipals_nextToken,
+    listThingPrincipals_thingName,
+    listThingPrincipalsResponse_nextToken,
+    listThingPrincipalsResponse_principals,
+    listThingPrincipalsResponse_httpStatus,
+
+    -- ** ListThingRegistrationTaskReports
+    listThingRegistrationTaskReports_maxResults,
+    listThingRegistrationTaskReports_nextToken,
+    listThingRegistrationTaskReports_taskId,
+    listThingRegistrationTaskReports_reportType,
+    listThingRegistrationTaskReportsResponse_nextToken,
+    listThingRegistrationTaskReportsResponse_reportType,
+    listThingRegistrationTaskReportsResponse_resourceLinks,
+    listThingRegistrationTaskReportsResponse_httpStatus,
+
+    -- ** ListThingRegistrationTasks
+    listThingRegistrationTasks_maxResults,
+    listThingRegistrationTasks_nextToken,
+    listThingRegistrationTasks_status,
+    listThingRegistrationTasksResponse_nextToken,
+    listThingRegistrationTasksResponse_taskIds,
+    listThingRegistrationTasksResponse_httpStatus,
+
+    -- ** ListThingTypes
+    listThingTypes_maxResults,
+    listThingTypes_nextToken,
+    listThingTypes_thingTypeName,
+    listThingTypesResponse_nextToken,
+    listThingTypesResponse_thingTypes,
+    listThingTypesResponse_httpStatus,
+
+    -- ** ListThings
+    listThings_attributeName,
+    listThings_attributeValue,
+    listThings_maxResults,
+    listThings_nextToken,
+    listThings_thingTypeName,
+    listThings_usePrefixAttributeValue,
+    listThingsResponse_nextToken,
+    listThingsResponse_things,
+    listThingsResponse_httpStatus,
+
+    -- ** ListThingsInBillingGroup
+    listThingsInBillingGroup_maxResults,
+    listThingsInBillingGroup_nextToken,
+    listThingsInBillingGroup_billingGroupName,
+    listThingsInBillingGroupResponse_nextToken,
+    listThingsInBillingGroupResponse_things,
+    listThingsInBillingGroupResponse_httpStatus,
+
+    -- ** ListThingsInThingGroup
+    listThingsInThingGroup_maxResults,
+    listThingsInThingGroup_nextToken,
+    listThingsInThingGroup_recursive,
+    listThingsInThingGroup_thingGroupName,
+    listThingsInThingGroupResponse_nextToken,
+    listThingsInThingGroupResponse_things,
+    listThingsInThingGroupResponse_httpStatus,
+
+    -- ** ListTopicRuleDestinations
+    listTopicRuleDestinations_maxResults,
+    listTopicRuleDestinations_nextToken,
+    listTopicRuleDestinationsResponse_destinationSummaries,
+    listTopicRuleDestinationsResponse_nextToken,
+    listTopicRuleDestinationsResponse_httpStatus,
+
+    -- ** ListTopicRules
+    listTopicRules_maxResults,
+    listTopicRules_nextToken,
+    listTopicRules_ruleDisabled,
+    listTopicRules_topic,
+    listTopicRulesResponse_nextToken,
+    listTopicRulesResponse_rules,
+    listTopicRulesResponse_httpStatus,
+
+    -- ** ListV2LoggingLevels
+    listV2LoggingLevels_maxResults,
+    listV2LoggingLevels_nextToken,
+    listV2LoggingLevels_targetType,
+    listV2LoggingLevelsResponse_logTargetConfigurations,
+    listV2LoggingLevelsResponse_nextToken,
+    listV2LoggingLevelsResponse_httpStatus,
+
+    -- ** ListViolationEvents
+    listViolationEvents_behaviorCriteriaType,
+    listViolationEvents_listSuppressedAlerts,
+    listViolationEvents_maxResults,
+    listViolationEvents_nextToken,
+    listViolationEvents_securityProfileName,
+    listViolationEvents_thingName,
+    listViolationEvents_verificationState,
+    listViolationEvents_startTime,
+    listViolationEvents_endTime,
+    listViolationEventsResponse_nextToken,
+    listViolationEventsResponse_violationEvents,
+    listViolationEventsResponse_httpStatus,
+
+    -- ** PutVerificationStateOnViolation
+    putVerificationStateOnViolation_verificationStateDescription,
+    putVerificationStateOnViolation_violationId,
+    putVerificationStateOnViolation_verificationState,
+    putVerificationStateOnViolationResponse_httpStatus,
+
+    -- ** RegisterCACertificate
+    registerCACertificate_allowAutoRegistration,
+    registerCACertificate_certificateMode,
+    registerCACertificate_registrationConfig,
+    registerCACertificate_setAsActive,
+    registerCACertificate_tags,
+    registerCACertificate_verificationCertificate,
+    registerCACertificate_caCertificate,
+    registerCACertificateResponse_certificateArn,
+    registerCACertificateResponse_certificateId,
+    registerCACertificateResponse_httpStatus,
+
+    -- ** RegisterCertificate
+    registerCertificate_caCertificatePem,
+    registerCertificate_setAsActive,
+    registerCertificate_status,
+    registerCertificate_certificatePem,
+    registerCertificateResponse_certificateArn,
+    registerCertificateResponse_certificateId,
+    registerCertificateResponse_httpStatus,
+
+    -- ** RegisterCertificateWithoutCA
+    registerCertificateWithoutCA_status,
+    registerCertificateWithoutCA_certificatePem,
+    registerCertificateWithoutCAResponse_certificateArn,
+    registerCertificateWithoutCAResponse_certificateId,
+    registerCertificateWithoutCAResponse_httpStatus,
+
+    -- ** RegisterThing
+    registerThing_parameters,
+    registerThing_templateBody,
+    registerThingResponse_certificatePem,
+    registerThingResponse_resourceArns,
+    registerThingResponse_httpStatus,
+
+    -- ** RejectCertificateTransfer
+    rejectCertificateTransfer_rejectReason,
+    rejectCertificateTransfer_certificateId,
+
+    -- ** RemoveThingFromBillingGroup
+    removeThingFromBillingGroup_billingGroupArn,
+    removeThingFromBillingGroup_billingGroupName,
+    removeThingFromBillingGroup_thingArn,
+    removeThingFromBillingGroup_thingName,
+    removeThingFromBillingGroupResponse_httpStatus,
+
+    -- ** RemoveThingFromThingGroup
+    removeThingFromThingGroup_thingArn,
+    removeThingFromThingGroup_thingGroupArn,
+    removeThingFromThingGroup_thingGroupName,
+    removeThingFromThingGroup_thingName,
+    removeThingFromThingGroupResponse_httpStatus,
+
+    -- ** ReplaceTopicRule
+    replaceTopicRule_ruleName,
+    replaceTopicRule_topicRulePayload,
+
+    -- ** SearchIndex
+    searchIndex_indexName,
+    searchIndex_maxResults,
+    searchIndex_nextToken,
+    searchIndex_queryVersion,
+    searchIndex_queryString,
+    searchIndexResponse_nextToken,
+    searchIndexResponse_thingGroups,
+    searchIndexResponse_things,
+    searchIndexResponse_httpStatus,
+
+    -- ** SetDefaultAuthorizer
+    setDefaultAuthorizer_authorizerName,
+    setDefaultAuthorizerResponse_authorizerArn,
+    setDefaultAuthorizerResponse_authorizerName,
+    setDefaultAuthorizerResponse_httpStatus,
+
+    -- ** SetDefaultPolicyVersion
+    setDefaultPolicyVersion_policyName,
+    setDefaultPolicyVersion_policyVersionId,
+
+    -- ** SetLoggingOptions
+    setLoggingOptions_loggingOptionsPayload,
+
+    -- ** SetV2LoggingLevel
+    setV2LoggingLevel_logTarget,
+    setV2LoggingLevel_logLevel,
+
+    -- ** SetV2LoggingOptions
+    setV2LoggingOptions_defaultLogLevel,
+    setV2LoggingOptions_disableAllLogs,
+    setV2LoggingOptions_roleArn,
+
+    -- ** StartAuditMitigationActionsTask
+    startAuditMitigationActionsTask_taskId,
+    startAuditMitigationActionsTask_target,
+    startAuditMitigationActionsTask_auditCheckToActionsMapping,
+    startAuditMitigationActionsTask_clientRequestToken,
+    startAuditMitigationActionsTaskResponse_taskId,
+    startAuditMitigationActionsTaskResponse_httpStatus,
+
+    -- ** StartDetectMitigationActionsTask
+    startDetectMitigationActionsTask_includeOnlyActiveViolations,
+    startDetectMitigationActionsTask_includeSuppressedAlerts,
+    startDetectMitigationActionsTask_violationEventOccurrenceRange,
+    startDetectMitigationActionsTask_taskId,
+    startDetectMitigationActionsTask_target,
+    startDetectMitigationActionsTask_actions,
+    startDetectMitigationActionsTask_clientRequestToken,
+    startDetectMitigationActionsTaskResponse_taskId,
+    startDetectMitigationActionsTaskResponse_httpStatus,
+
+    -- ** StartOnDemandAuditTask
+    startOnDemandAuditTask_targetCheckNames,
+    startOnDemandAuditTaskResponse_taskId,
+    startOnDemandAuditTaskResponse_httpStatus,
+
+    -- ** StartThingRegistrationTask
+    startThingRegistrationTask_templateBody,
+    startThingRegistrationTask_inputFileBucket,
+    startThingRegistrationTask_inputFileKey,
+    startThingRegistrationTask_roleArn,
+    startThingRegistrationTaskResponse_taskId,
+    startThingRegistrationTaskResponse_httpStatus,
+
+    -- ** StopThingRegistrationTask
+    stopThingRegistrationTask_taskId,
+    stopThingRegistrationTaskResponse_httpStatus,
+
+    -- ** TagResource
+    tagResource_resourceArn,
+    tagResource_tags,
+    tagResourceResponse_httpStatus,
+
+    -- ** TestAuthorization
+    testAuthorization_clientId,
+    testAuthorization_cognitoIdentityPoolId,
+    testAuthorization_policyNamesToAdd,
+    testAuthorization_policyNamesToSkip,
+    testAuthorization_principal,
+    testAuthorization_authInfos,
+    testAuthorizationResponse_authResults,
+    testAuthorizationResponse_httpStatus,
+
+    -- ** TestInvokeAuthorizer
+    testInvokeAuthorizer_httpContext,
+    testInvokeAuthorizer_mqttContext,
+    testInvokeAuthorizer_tlsContext,
+    testInvokeAuthorizer_token,
+    testInvokeAuthorizer_tokenSignature,
+    testInvokeAuthorizer_authorizerName,
+    testInvokeAuthorizerResponse_disconnectAfterInSeconds,
+    testInvokeAuthorizerResponse_isAuthenticated,
+    testInvokeAuthorizerResponse_policyDocuments,
+    testInvokeAuthorizerResponse_principalId,
+    testInvokeAuthorizerResponse_refreshAfterInSeconds,
+    testInvokeAuthorizerResponse_httpStatus,
+
+    -- ** TransferCertificate
+    transferCertificate_transferMessage,
+    transferCertificate_certificateId,
+    transferCertificate_targetAwsAccount,
+    transferCertificateResponse_transferredCertificateArn,
+    transferCertificateResponse_httpStatus,
+
+    -- ** UntagResource
+    untagResource_resourceArn,
+    untagResource_tagKeys,
+    untagResourceResponse_httpStatus,
+
+    -- ** UpdateAccountAuditConfiguration
+    updateAccountAuditConfiguration_auditCheckConfigurations,
+    updateAccountAuditConfiguration_auditNotificationTargetConfigurations,
+    updateAccountAuditConfiguration_roleArn,
+    updateAccountAuditConfigurationResponse_httpStatus,
+
+    -- ** UpdateAuditSuppression
+    updateAuditSuppression_description,
+    updateAuditSuppression_expirationDate,
+    updateAuditSuppression_suppressIndefinitely,
+    updateAuditSuppression_checkName,
+    updateAuditSuppression_resourceIdentifier,
+    updateAuditSuppressionResponse_httpStatus,
+
+    -- ** UpdateAuthorizer
+    updateAuthorizer_authorizerFunctionArn,
+    updateAuthorizer_enableCachingForHttp,
+    updateAuthorizer_status,
+    updateAuthorizer_tokenKeyName,
+    updateAuthorizer_tokenSigningPublicKeys,
+    updateAuthorizer_authorizerName,
+    updateAuthorizerResponse_authorizerArn,
+    updateAuthorizerResponse_authorizerName,
+    updateAuthorizerResponse_httpStatus,
+
+    -- ** UpdateBillingGroup
+    updateBillingGroup_expectedVersion,
+    updateBillingGroup_billingGroupName,
+    updateBillingGroup_billingGroupProperties,
+    updateBillingGroupResponse_version,
+    updateBillingGroupResponse_httpStatus,
+
+    -- ** UpdateCACertificate
+    updateCACertificate_newAutoRegistrationStatus,
+    updateCACertificate_newStatus,
+    updateCACertificate_registrationConfig,
+    updateCACertificate_removeAutoRegistration,
+    updateCACertificate_certificateId,
+
+    -- ** UpdateCertificate
+    updateCertificate_certificateId,
+    updateCertificate_newStatus,
+
+    -- ** UpdateCustomMetric
+    updateCustomMetric_metricName,
+    updateCustomMetric_displayName,
+    updateCustomMetricResponse_creationDate,
+    updateCustomMetricResponse_displayName,
+    updateCustomMetricResponse_lastModifiedDate,
+    updateCustomMetricResponse_metricArn,
+    updateCustomMetricResponse_metricName,
+    updateCustomMetricResponse_metricType,
+    updateCustomMetricResponse_httpStatus,
+
+    -- ** UpdateDimension
+    updateDimension_name,
+    updateDimension_stringValues,
+    updateDimensionResponse_arn,
+    updateDimensionResponse_creationDate,
+    updateDimensionResponse_lastModifiedDate,
+    updateDimensionResponse_name,
+    updateDimensionResponse_stringValues,
+    updateDimensionResponse_type,
+    updateDimensionResponse_httpStatus,
+
+    -- ** UpdateDomainConfiguration
+    updateDomainConfiguration_authorizerConfig,
+    updateDomainConfiguration_domainConfigurationStatus,
+    updateDomainConfiguration_removeAuthorizerConfig,
+    updateDomainConfiguration_domainConfigurationName,
+    updateDomainConfigurationResponse_domainConfigurationArn,
+    updateDomainConfigurationResponse_domainConfigurationName,
+    updateDomainConfigurationResponse_httpStatus,
+
+    -- ** UpdateDynamicThingGroup
+    updateDynamicThingGroup_expectedVersion,
+    updateDynamicThingGroup_indexName,
+    updateDynamicThingGroup_queryString,
+    updateDynamicThingGroup_queryVersion,
+    updateDynamicThingGroup_thingGroupName,
+    updateDynamicThingGroup_thingGroupProperties,
+    updateDynamicThingGroupResponse_version,
+    updateDynamicThingGroupResponse_httpStatus,
+
+    -- ** UpdateEventConfigurations
+    updateEventConfigurations_eventConfigurations,
+    updateEventConfigurationsResponse_httpStatus,
+
+    -- ** UpdateFleetMetric
+    updateFleetMetric_aggregationField,
+    updateFleetMetric_aggregationType,
+    updateFleetMetric_description,
+    updateFleetMetric_expectedVersion,
+    updateFleetMetric_period,
+    updateFleetMetric_queryString,
+    updateFleetMetric_queryVersion,
+    updateFleetMetric_unit,
+    updateFleetMetric_metricName,
+    updateFleetMetric_indexName,
+
+    -- ** UpdateIndexingConfiguration
+    updateIndexingConfiguration_thingGroupIndexingConfiguration,
+    updateIndexingConfiguration_thingIndexingConfiguration,
+    updateIndexingConfigurationResponse_httpStatus,
+
+    -- ** UpdateJob
+    updateJob_abortConfig,
+    updateJob_description,
+    updateJob_jobExecutionsRetryConfig,
+    updateJob_jobExecutionsRolloutConfig,
+    updateJob_namespaceId,
+    updateJob_presignedUrlConfig,
+    updateJob_timeoutConfig,
+    updateJob_jobId,
+
+    -- ** UpdateMitigationAction
+    updateMitigationAction_actionParams,
+    updateMitigationAction_roleArn,
+    updateMitigationAction_actionName,
+    updateMitigationActionResponse_actionArn,
+    updateMitigationActionResponse_actionId,
+    updateMitigationActionResponse_httpStatus,
+
+    -- ** UpdateProvisioningTemplate
+    updateProvisioningTemplate_defaultVersionId,
+    updateProvisioningTemplate_description,
+    updateProvisioningTemplate_enabled,
+    updateProvisioningTemplate_preProvisioningHook,
+    updateProvisioningTemplate_provisioningRoleArn,
+    updateProvisioningTemplate_removePreProvisioningHook,
+    updateProvisioningTemplate_templateName,
+    updateProvisioningTemplateResponse_httpStatus,
+
+    -- ** UpdateRoleAlias
+    updateRoleAlias_credentialDurationSeconds,
+    updateRoleAlias_roleArn,
+    updateRoleAlias_roleAlias,
+    updateRoleAliasResponse_roleAlias,
+    updateRoleAliasResponse_roleAliasArn,
+    updateRoleAliasResponse_httpStatus,
+
+    -- ** UpdateScheduledAudit
+    updateScheduledAudit_dayOfMonth,
+    updateScheduledAudit_dayOfWeek,
+    updateScheduledAudit_frequency,
+    updateScheduledAudit_targetCheckNames,
+    updateScheduledAudit_scheduledAuditName,
+    updateScheduledAuditResponse_scheduledAuditArn,
+    updateScheduledAuditResponse_httpStatus,
+
+    -- ** UpdateSecurityProfile
+    updateSecurityProfile_additionalMetricsToRetain,
+    updateSecurityProfile_additionalMetricsToRetainV2,
+    updateSecurityProfile_alertTargets,
+    updateSecurityProfile_behaviors,
+    updateSecurityProfile_deleteAdditionalMetricsToRetain,
+    updateSecurityProfile_deleteAlertTargets,
+    updateSecurityProfile_deleteBehaviors,
+    updateSecurityProfile_expectedVersion,
+    updateSecurityProfile_securityProfileDescription,
+    updateSecurityProfile_securityProfileName,
+    updateSecurityProfileResponse_additionalMetricsToRetain,
+    updateSecurityProfileResponse_additionalMetricsToRetainV2,
+    updateSecurityProfileResponse_alertTargets,
+    updateSecurityProfileResponse_behaviors,
+    updateSecurityProfileResponse_creationDate,
+    updateSecurityProfileResponse_lastModifiedDate,
+    updateSecurityProfileResponse_securityProfileArn,
+    updateSecurityProfileResponse_securityProfileDescription,
+    updateSecurityProfileResponse_securityProfileName,
+    updateSecurityProfileResponse_version,
+    updateSecurityProfileResponse_httpStatus,
+
+    -- ** UpdateStream
+    updateStream_description,
+    updateStream_files,
+    updateStream_roleArn,
+    updateStream_streamId,
+    updateStreamResponse_description,
+    updateStreamResponse_streamArn,
+    updateStreamResponse_streamId,
+    updateStreamResponse_streamVersion,
+    updateStreamResponse_httpStatus,
+
+    -- ** UpdateThing
+    updateThing_attributePayload,
+    updateThing_expectedVersion,
+    updateThing_removeThingType,
+    updateThing_thingTypeName,
+    updateThing_thingName,
+    updateThingResponse_httpStatus,
+
+    -- ** UpdateThingGroup
+    updateThingGroup_expectedVersion,
+    updateThingGroup_thingGroupName,
+    updateThingGroup_thingGroupProperties,
+    updateThingGroupResponse_version,
+    updateThingGroupResponse_httpStatus,
+
+    -- ** UpdateThingGroupsForThing
+    updateThingGroupsForThing_overrideDynamicGroups,
+    updateThingGroupsForThing_thingGroupsToAdd,
+    updateThingGroupsForThing_thingGroupsToRemove,
+    updateThingGroupsForThing_thingName,
+    updateThingGroupsForThingResponse_httpStatus,
+
+    -- ** UpdateTopicRuleDestination
+    updateTopicRuleDestination_arn,
+    updateTopicRuleDestination_status,
+    updateTopicRuleDestinationResponse_httpStatus,
+
+    -- ** ValidateSecurityProfileBehaviors
+    validateSecurityProfileBehaviors_behaviors,
+    validateSecurityProfileBehaviorsResponse_valid,
+    validateSecurityProfileBehaviorsResponse_validationErrors,
+    validateSecurityProfileBehaviorsResponse_httpStatus,
+
+    -- * Types
+
+    -- ** AbortConfig
+    abortConfig_criteriaList,
+
+    -- ** AbortCriteria
+    abortCriteria_failureType,
+    abortCriteria_action,
+    abortCriteria_thresholdPercentage,
+    abortCriteria_minNumberOfExecutedThings,
+
+    -- ** Action
+    action_cloudwatchAlarm,
+    action_cloudwatchLogs,
+    action_cloudwatchMetric,
+    action_dynamoDB,
+    action_dynamoDBv2,
+    action_elasticsearch,
+    action_firehose,
+    action_http,
+    action_iotAnalytics,
+    action_iotEvents,
+    action_iotSiteWise,
+    action_kafka,
+    action_kinesis,
+    action_lambda,
+    action_location,
+    action_openSearch,
+    action_republish,
+    action_s3,
+    action_salesforce,
+    action_sns,
+    action_sqs,
+    action_stepFunctions,
+    action_timestream,
+
+    -- ** ActiveViolation
+    activeViolation_behavior,
+    activeViolation_lastViolationTime,
+    activeViolation_lastViolationValue,
+    activeViolation_securityProfileName,
+    activeViolation_thingName,
+    activeViolation_verificationState,
+    activeViolation_verificationStateDescription,
+    activeViolation_violationEventAdditionalInfo,
+    activeViolation_violationId,
+    activeViolation_violationStartTime,
+
+    -- ** AddThingsToThingGroupParams
+    addThingsToThingGroupParams_overrideDynamicGroups,
+    addThingsToThingGroupParams_thingGroupNames,
+
+    -- ** AggregationType
+    aggregationType_values,
+    aggregationType_name,
+
+    -- ** AlertTarget
+    alertTarget_alertTargetArn,
+    alertTarget_roleArn,
+
+    -- ** Allowed
+    allowed_policies,
+
+    -- ** AssetPropertyTimestamp
+    assetPropertyTimestamp_offsetInNanos,
+    assetPropertyTimestamp_timeInSeconds,
+
+    -- ** AssetPropertyValue
+    assetPropertyValue_quality,
+    assetPropertyValue_value,
+    assetPropertyValue_timestamp,
+
+    -- ** AssetPropertyVariant
+    assetPropertyVariant_booleanValue,
+    assetPropertyVariant_doubleValue,
+    assetPropertyVariant_integerValue,
+    assetPropertyVariant_stringValue,
+
+    -- ** AttributePayload
+    attributePayload_attributes,
+    attributePayload_merge,
+
+    -- ** AuditCheckConfiguration
+    auditCheckConfiguration_enabled,
+
+    -- ** AuditCheckDetails
+    auditCheckDetails_checkCompliant,
+    auditCheckDetails_checkRunStatus,
+    auditCheckDetails_errorCode,
+    auditCheckDetails_message,
+    auditCheckDetails_nonCompliantResourcesCount,
+    auditCheckDetails_suppressedNonCompliantResourcesCount,
+    auditCheckDetails_totalResourcesCount,
+
+    -- ** AuditFinding
+    auditFinding_checkName,
+    auditFinding_findingId,
+    auditFinding_findingTime,
+    auditFinding_isSuppressed,
+    auditFinding_nonCompliantResource,
+    auditFinding_reasonForNonCompliance,
+    auditFinding_reasonForNonComplianceCode,
+    auditFinding_relatedResources,
+    auditFinding_severity,
+    auditFinding_taskId,
+    auditFinding_taskStartTime,
+
+    -- ** AuditMitigationActionExecutionMetadata
+    auditMitigationActionExecutionMetadata_actionId,
+    auditMitigationActionExecutionMetadata_actionName,
+    auditMitigationActionExecutionMetadata_endTime,
+    auditMitigationActionExecutionMetadata_errorCode,
+    auditMitigationActionExecutionMetadata_findingId,
+    auditMitigationActionExecutionMetadata_message,
+    auditMitigationActionExecutionMetadata_startTime,
+    auditMitigationActionExecutionMetadata_status,
+    auditMitigationActionExecutionMetadata_taskId,
+
+    -- ** AuditMitigationActionsTaskMetadata
+    auditMitigationActionsTaskMetadata_startTime,
+    auditMitigationActionsTaskMetadata_taskId,
+    auditMitigationActionsTaskMetadata_taskStatus,
+
+    -- ** AuditMitigationActionsTaskTarget
+    auditMitigationActionsTaskTarget_auditCheckToReasonCodeFilter,
+    auditMitigationActionsTaskTarget_auditTaskId,
+    auditMitigationActionsTaskTarget_findingIds,
+
+    -- ** AuditNotificationTarget
+    auditNotificationTarget_enabled,
+    auditNotificationTarget_roleArn,
+    auditNotificationTarget_targetArn,
+
+    -- ** AuditSuppression
+    auditSuppression_description,
+    auditSuppression_expirationDate,
+    auditSuppression_suppressIndefinitely,
+    auditSuppression_checkName,
+    auditSuppression_resourceIdentifier,
+
+    -- ** AuditTaskMetadata
+    auditTaskMetadata_taskId,
+    auditTaskMetadata_taskStatus,
+    auditTaskMetadata_taskType,
+
+    -- ** AuthInfo
+    authInfo_actionType,
+    authInfo_resources,
+
+    -- ** AuthResult
+    authResult_allowed,
+    authResult_authDecision,
+    authResult_authInfo,
+    authResult_denied,
+    authResult_missingContextValues,
+
+    -- ** AuthorizerConfig
+    authorizerConfig_allowAuthorizerOverride,
+    authorizerConfig_defaultAuthorizerName,
+
+    -- ** AuthorizerDescription
+    authorizerDescription_authorizerArn,
+    authorizerDescription_authorizerFunctionArn,
+    authorizerDescription_authorizerName,
+    authorizerDescription_creationDate,
+    authorizerDescription_enableCachingForHttp,
+    authorizerDescription_lastModifiedDate,
+    authorizerDescription_signingDisabled,
+    authorizerDescription_status,
+    authorizerDescription_tokenKeyName,
+    authorizerDescription_tokenSigningPublicKeys,
+
+    -- ** AuthorizerSummary
+    authorizerSummary_authorizerArn,
+    authorizerSummary_authorizerName,
+
+    -- ** AwsJobAbortConfig
+    awsJobAbortConfig_abortCriteriaList,
+
+    -- ** AwsJobAbortCriteria
+    awsJobAbortCriteria_failureType,
+    awsJobAbortCriteria_action,
+    awsJobAbortCriteria_thresholdPercentage,
+    awsJobAbortCriteria_minNumberOfExecutedThings,
+
+    -- ** AwsJobExecutionsRolloutConfig
+    awsJobExecutionsRolloutConfig_exponentialRate,
+    awsJobExecutionsRolloutConfig_maximumPerMinute,
+
+    -- ** AwsJobExponentialRolloutRate
+    awsJobExponentialRolloutRate_baseRatePerMinute,
+    awsJobExponentialRolloutRate_incrementFactor,
+    awsJobExponentialRolloutRate_rateIncreaseCriteria,
+
+    -- ** AwsJobPresignedUrlConfig
+    awsJobPresignedUrlConfig_expiresInSec,
+
+    -- ** AwsJobRateIncreaseCriteria
+    awsJobRateIncreaseCriteria_numberOfNotifiedThings,
+    awsJobRateIncreaseCriteria_numberOfSucceededThings,
+
+    -- ** AwsJobTimeoutConfig
+    awsJobTimeoutConfig_inProgressTimeoutInMinutes,
+
+    -- ** Behavior
+    behavior_criteria,
+    behavior_metric,
+    behavior_metricDimension,
+    behavior_suppressAlerts,
+    behavior_name,
+
+    -- ** BehaviorCriteria
+    behaviorCriteria_comparisonOperator,
+    behaviorCriteria_consecutiveDatapointsToAlarm,
+    behaviorCriteria_consecutiveDatapointsToClear,
+    behaviorCriteria_durationSeconds,
+    behaviorCriteria_mlDetectionConfig,
+    behaviorCriteria_statisticalThreshold,
+    behaviorCriteria_value,
+
+    -- ** BehaviorModelTrainingSummary
+    behaviorModelTrainingSummary_behaviorName,
+    behaviorModelTrainingSummary_datapointsCollectionPercentage,
+    behaviorModelTrainingSummary_lastModelRefreshDate,
+    behaviorModelTrainingSummary_modelStatus,
+    behaviorModelTrainingSummary_securityProfileName,
+    behaviorModelTrainingSummary_trainingDataCollectionStartDate,
+
+    -- ** BillingGroupMetadata
+    billingGroupMetadata_creationDate,
+
+    -- ** BillingGroupProperties
+    billingGroupProperties_billingGroupDescription,
+
+    -- ** Bucket
+    bucket_count,
+    bucket_keyValue,
+
+    -- ** BucketsAggregationType
+    bucketsAggregationType_termsAggregation,
+
+    -- ** CACertificate
+    cACertificate_certificateArn,
+    cACertificate_certificateId,
+    cACertificate_creationDate,
+    cACertificate_status,
+
+    -- ** CACertificateDescription
+    cACertificateDescription_autoRegistrationStatus,
+    cACertificateDescription_certificateArn,
+    cACertificateDescription_certificateId,
+    cACertificateDescription_certificateMode,
+    cACertificateDescription_certificatePem,
+    cACertificateDescription_creationDate,
+    cACertificateDescription_customerVersion,
+    cACertificateDescription_generationId,
+    cACertificateDescription_lastModifiedDate,
+    cACertificateDescription_ownedBy,
+    cACertificateDescription_status,
+    cACertificateDescription_validity,
+
+    -- ** Certificate
+    certificate_certificateArn,
+    certificate_certificateId,
+    certificate_certificateMode,
+    certificate_creationDate,
+    certificate_status,
+
+    -- ** CertificateDescription
+    certificateDescription_caCertificateId,
+    certificateDescription_certificateArn,
+    certificateDescription_certificateId,
+    certificateDescription_certificateMode,
+    certificateDescription_certificatePem,
+    certificateDescription_creationDate,
+    certificateDescription_customerVersion,
+    certificateDescription_generationId,
+    certificateDescription_lastModifiedDate,
+    certificateDescription_ownedBy,
+    certificateDescription_previousOwnedBy,
+    certificateDescription_status,
+    certificateDescription_transferData,
+    certificateDescription_validity,
+
+    -- ** CertificateValidity
+    certificateValidity_notAfter,
+    certificateValidity_notBefore,
+
+    -- ** CloudwatchAlarmAction
+    cloudwatchAlarmAction_roleArn,
+    cloudwatchAlarmAction_alarmName,
+    cloudwatchAlarmAction_stateReason,
+    cloudwatchAlarmAction_stateValue,
+
+    -- ** CloudwatchLogsAction
+    cloudwatchLogsAction_roleArn,
+    cloudwatchLogsAction_logGroupName,
+
+    -- ** CloudwatchMetricAction
+    cloudwatchMetricAction_metricTimestamp,
+    cloudwatchMetricAction_roleArn,
+    cloudwatchMetricAction_metricNamespace,
+    cloudwatchMetricAction_metricName,
+    cloudwatchMetricAction_metricValue,
+    cloudwatchMetricAction_metricUnit,
+
+    -- ** CodeSigning
+    codeSigning_awsSignerJobId,
+    codeSigning_customCodeSigning,
+    codeSigning_startSigningJobParameter,
+
+    -- ** CodeSigningCertificateChain
+    codeSigningCertificateChain_certificateName,
+    codeSigningCertificateChain_inlineDocument,
+
+    -- ** CodeSigningSignature
+    codeSigningSignature_inlineDocument,
+
+    -- ** Configuration
+    configuration_enabled,
+
+    -- ** CustomCodeSigning
+    customCodeSigning_certificateChain,
+    customCodeSigning_hashAlgorithm,
+    customCodeSigning_signature,
+    customCodeSigning_signatureAlgorithm,
+
+    -- ** Denied
+    denied_explicitDeny,
+    denied_implicitDeny,
+
+    -- ** Destination
+    destination_s3Destination,
+
+    -- ** DetectMitigationActionExecution
+    detectMitigationActionExecution_actionName,
+    detectMitigationActionExecution_errorCode,
+    detectMitigationActionExecution_executionEndDate,
+    detectMitigationActionExecution_executionStartDate,
+    detectMitigationActionExecution_message,
+    detectMitigationActionExecution_status,
+    detectMitigationActionExecution_taskId,
+    detectMitigationActionExecution_thingName,
+    detectMitigationActionExecution_violationId,
+
+    -- ** DetectMitigationActionsTaskStatistics
+    detectMitigationActionsTaskStatistics_actionsExecuted,
+    detectMitigationActionsTaskStatistics_actionsFailed,
+    detectMitigationActionsTaskStatistics_actionsSkipped,
+
+    -- ** DetectMitigationActionsTaskSummary
+    detectMitigationActionsTaskSummary_actionsDefinition,
+    detectMitigationActionsTaskSummary_onlyActiveViolationsIncluded,
+    detectMitigationActionsTaskSummary_suppressedAlertsIncluded,
+    detectMitigationActionsTaskSummary_target,
+    detectMitigationActionsTaskSummary_taskEndTime,
+    detectMitigationActionsTaskSummary_taskId,
+    detectMitigationActionsTaskSummary_taskStartTime,
+    detectMitigationActionsTaskSummary_taskStatistics,
+    detectMitigationActionsTaskSummary_taskStatus,
+    detectMitigationActionsTaskSummary_violationEventOccurrenceRange,
+
+    -- ** DetectMitigationActionsTaskTarget
+    detectMitigationActionsTaskTarget_behaviorName,
+    detectMitigationActionsTaskTarget_securityProfileName,
+    detectMitigationActionsTaskTarget_violationIds,
+
+    -- ** DocumentParameter
+    documentParameter_description,
+    documentParameter_example,
+    documentParameter_key,
+    documentParameter_optional,
+    documentParameter_regex,
+
+    -- ** DomainConfigurationSummary
+    domainConfigurationSummary_domainConfigurationArn,
+    domainConfigurationSummary_domainConfigurationName,
+    domainConfigurationSummary_serviceType,
+
+    -- ** DynamoDBAction
+    dynamoDBAction_hashKeyType,
+    dynamoDBAction_operation,
+    dynamoDBAction_payloadField,
+    dynamoDBAction_rangeKeyField,
+    dynamoDBAction_rangeKeyType,
+    dynamoDBAction_rangeKeyValue,
+    dynamoDBAction_tableName,
+    dynamoDBAction_roleArn,
+    dynamoDBAction_hashKeyField,
+    dynamoDBAction_hashKeyValue,
+
+    -- ** DynamoDBv2Action
+    dynamoDBv2Action_roleArn,
+    dynamoDBv2Action_putItem,
+
+    -- ** EffectivePolicy
+    effectivePolicy_policyArn,
+    effectivePolicy_policyDocument,
+    effectivePolicy_policyName,
+
+    -- ** ElasticsearchAction
+    elasticsearchAction_roleArn,
+    elasticsearchAction_endpoint,
+    elasticsearchAction_index,
+    elasticsearchAction_type,
+    elasticsearchAction_id,
+
+    -- ** EnableIoTLoggingParams
+    enableIoTLoggingParams_roleArnForLogging,
+    enableIoTLoggingParams_logLevel,
+
+    -- ** ErrorInfo
+    errorInfo_code,
+    errorInfo_message,
+
+    -- ** ExplicitDeny
+    explicitDeny_policies,
+
+    -- ** ExponentialRolloutRate
+    exponentialRolloutRate_baseRatePerMinute,
+    exponentialRolloutRate_incrementFactor,
+    exponentialRolloutRate_rateIncreaseCriteria,
+
+    -- ** Field
+    field_name,
+    field_type,
+
+    -- ** FileLocation
+    fileLocation_s3Location,
+    fileLocation_stream,
+
+    -- ** FirehoseAction
+    firehoseAction_batchMode,
+    firehoseAction_separator,
+    firehoseAction_roleArn,
+    firehoseAction_deliveryStreamName,
+
+    -- ** FleetMetricNameAndArn
+    fleetMetricNameAndArn_metricArn,
+    fleetMetricNameAndArn_metricName,
+
+    -- ** GroupNameAndArn
+    groupNameAndArn_groupArn,
+    groupNameAndArn_groupName,
+
+    -- ** HttpAction
+    httpAction_auth,
+    httpAction_confirmationUrl,
+    httpAction_headers,
+    httpAction_url,
+
+    -- ** HttpActionHeader
+    httpActionHeader_key,
+    httpActionHeader_value,
+
+    -- ** HttpAuthorization
+    httpAuthorization_sigv4,
+
+    -- ** HttpContext
+    httpContext_headers,
+    httpContext_queryString,
+
+    -- ** HttpUrlDestinationConfiguration
+    httpUrlDestinationConfiguration_confirmationUrl,
+
+    -- ** HttpUrlDestinationProperties
+    httpUrlDestinationProperties_confirmationUrl,
+
+    -- ** HttpUrlDestinationSummary
+    httpUrlDestinationSummary_confirmationUrl,
+
+    -- ** ImplicitDeny
+    implicitDeny_policies,
+
+    -- ** IndexingFilter
+    indexingFilter_namedShadowNames,
+
+    -- ** IotAnalyticsAction
+    iotAnalyticsAction_batchMode,
+    iotAnalyticsAction_channelArn,
+    iotAnalyticsAction_channelName,
+    iotAnalyticsAction_roleArn,
+
+    -- ** IotEventsAction
+    iotEventsAction_batchMode,
+    iotEventsAction_messageId,
+    iotEventsAction_inputName,
+    iotEventsAction_roleArn,
+
+    -- ** IotSiteWiseAction
+    iotSiteWiseAction_putAssetPropertyValueEntries,
+    iotSiteWiseAction_roleArn,
+
+    -- ** IssuerCertificateIdentifier
+    issuerCertificateIdentifier_issuerCertificateSerialNumber,
+    issuerCertificateIdentifier_issuerCertificateSubject,
+    issuerCertificateIdentifier_issuerId,
+
+    -- ** Job
+    job_abortConfig,
+    job_comment,
+    job_completedAt,
+    job_createdAt,
+    job_description,
+    job_documentParameters,
+    job_forceCanceled,
+    job_isConcurrent,
+    job_jobArn,
+    job_jobExecutionsRetryConfig,
+    job_jobExecutionsRolloutConfig,
+    job_jobId,
+    job_jobProcessDetails,
+    job_jobTemplateArn,
+    job_lastUpdatedAt,
+    job_namespaceId,
+    job_presignedUrlConfig,
+    job_reasonCode,
+    job_schedulingConfig,
+    job_status,
+    job_targetSelection,
+    job_targets,
+    job_timeoutConfig,
+
+    -- ** JobExecution
+    jobExecution_approximateSecondsBeforeTimedOut,
+    jobExecution_executionNumber,
+    jobExecution_forceCanceled,
+    jobExecution_jobId,
+    jobExecution_lastUpdatedAt,
+    jobExecution_queuedAt,
+    jobExecution_startedAt,
+    jobExecution_status,
+    jobExecution_statusDetails,
+    jobExecution_thingArn,
+    jobExecution_versionNumber,
+
+    -- ** JobExecutionStatusDetails
+    jobExecutionStatusDetails_detailsMap,
+
+    -- ** JobExecutionSummary
+    jobExecutionSummary_executionNumber,
+    jobExecutionSummary_lastUpdatedAt,
+    jobExecutionSummary_queuedAt,
+    jobExecutionSummary_retryAttempt,
+    jobExecutionSummary_startedAt,
+    jobExecutionSummary_status,
+
+    -- ** JobExecutionSummaryForJob
+    jobExecutionSummaryForJob_jobExecutionSummary,
+    jobExecutionSummaryForJob_thingArn,
+
+    -- ** JobExecutionSummaryForThing
+    jobExecutionSummaryForThing_jobExecutionSummary,
+    jobExecutionSummaryForThing_jobId,
+
+    -- ** JobExecutionsRetryConfig
+    jobExecutionsRetryConfig_criteriaList,
+
+    -- ** JobExecutionsRolloutConfig
+    jobExecutionsRolloutConfig_exponentialRate,
+    jobExecutionsRolloutConfig_maximumPerMinute,
+
+    -- ** JobProcessDetails
+    jobProcessDetails_numberOfCanceledThings,
+    jobProcessDetails_numberOfFailedThings,
+    jobProcessDetails_numberOfInProgressThings,
+    jobProcessDetails_numberOfQueuedThings,
+    jobProcessDetails_numberOfRejectedThings,
+    jobProcessDetails_numberOfRemovedThings,
+    jobProcessDetails_numberOfSucceededThings,
+    jobProcessDetails_numberOfTimedOutThings,
+    jobProcessDetails_processingTargets,
+
+    -- ** JobSummary
+    jobSummary_completedAt,
+    jobSummary_createdAt,
+    jobSummary_isConcurrent,
+    jobSummary_jobArn,
+    jobSummary_jobId,
+    jobSummary_lastUpdatedAt,
+    jobSummary_status,
+    jobSummary_targetSelection,
+    jobSummary_thingGroupId,
+
+    -- ** JobTemplateSummary
+    jobTemplateSummary_createdAt,
+    jobTemplateSummary_description,
+    jobTemplateSummary_jobTemplateArn,
+    jobTemplateSummary_jobTemplateId,
+
+    -- ** KafkaAction
+    kafkaAction_key,
+    kafkaAction_partition,
+    kafkaAction_destinationArn,
+    kafkaAction_topic,
+    kafkaAction_clientProperties,
+
+    -- ** KeyPair
+    keyPair_privateKey,
+    keyPair_publicKey,
+
+    -- ** KinesisAction
+    kinesisAction_partitionKey,
+    kinesisAction_roleArn,
+    kinesisAction_streamName,
+
+    -- ** LambdaAction
+    lambdaAction_functionArn,
+
+    -- ** LocationAction
+    locationAction_timestamp,
+    locationAction_roleArn,
+    locationAction_trackerName,
+    locationAction_deviceId,
+    locationAction_latitude,
+    locationAction_longitude,
+
+    -- ** LocationTimestamp
+    locationTimestamp_unit,
+    locationTimestamp_value,
+
+    -- ** LogTarget
+    logTarget_targetName,
+    logTarget_targetType,
+
+    -- ** LogTargetConfiguration
+    logTargetConfiguration_logLevel,
+    logTargetConfiguration_logTarget,
+
+    -- ** LoggingOptionsPayload
+    loggingOptionsPayload_logLevel,
+    loggingOptionsPayload_roleArn,
+
+    -- ** MachineLearningDetectionConfig
+    machineLearningDetectionConfig_confidenceLevel,
+
+    -- ** ManagedJobTemplateSummary
+    managedJobTemplateSummary_description,
+    managedJobTemplateSummary_environments,
+    managedJobTemplateSummary_templateArn,
+    managedJobTemplateSummary_templateName,
+    managedJobTemplateSummary_templateVersion,
+
+    -- ** MetricDatum
+    metricDatum_timestamp,
+    metricDatum_value,
+
+    -- ** MetricDimension
+    metricDimension_operator,
+    metricDimension_dimensionName,
+
+    -- ** MetricToRetain
+    metricToRetain_metricDimension,
+    metricToRetain_metric,
+
+    -- ** MetricValue
+    metricValue_cidrs,
+    metricValue_count,
+    metricValue_number,
+    metricValue_numbers,
+    metricValue_ports,
+    metricValue_strings,
+
+    -- ** MitigationAction
+    mitigationAction_actionParams,
+    mitigationAction_id,
+    mitigationAction_name,
+    mitigationAction_roleArn,
+
+    -- ** MitigationActionIdentifier
+    mitigationActionIdentifier_actionArn,
+    mitigationActionIdentifier_actionName,
+    mitigationActionIdentifier_creationDate,
+
+    -- ** MitigationActionParams
+    mitigationActionParams_addThingsToThingGroupParams,
+    mitigationActionParams_enableIoTLoggingParams,
+    mitigationActionParams_publishFindingToSnsParams,
+    mitigationActionParams_replaceDefaultPolicyVersionParams,
+    mitigationActionParams_updateCACertificateParams,
+    mitigationActionParams_updateDeviceCertificateParams,
+
+    -- ** MqttContext
+    mqttContext_clientId,
+    mqttContext_password,
+    mqttContext_username,
+
+    -- ** MqttHeaders
+    mqttHeaders_contentType,
+    mqttHeaders_correlationData,
+    mqttHeaders_messageExpiry,
+    mqttHeaders_payloadFormatIndicator,
+    mqttHeaders_responseTopic,
+    mqttHeaders_userProperties,
+
+    -- ** NonCompliantResource
+    nonCompliantResource_additionalInfo,
+    nonCompliantResource_resourceIdentifier,
+    nonCompliantResource_resourceType,
+
+    -- ** OTAUpdateFile
+    oTAUpdateFile_attributes,
+    oTAUpdateFile_codeSigning,
+    oTAUpdateFile_fileLocation,
+    oTAUpdateFile_fileName,
+    oTAUpdateFile_fileType,
+    oTAUpdateFile_fileVersion,
+
+    -- ** OTAUpdateInfo
+    oTAUpdateInfo_additionalParameters,
+    oTAUpdateInfo_awsIotJobArn,
+    oTAUpdateInfo_awsIotJobId,
+    oTAUpdateInfo_awsJobExecutionsRolloutConfig,
+    oTAUpdateInfo_awsJobPresignedUrlConfig,
+    oTAUpdateInfo_creationDate,
+    oTAUpdateInfo_description,
+    oTAUpdateInfo_errorInfo,
+    oTAUpdateInfo_lastModifiedDate,
+    oTAUpdateInfo_otaUpdateArn,
+    oTAUpdateInfo_otaUpdateFiles,
+    oTAUpdateInfo_otaUpdateId,
+    oTAUpdateInfo_otaUpdateStatus,
+    oTAUpdateInfo_protocols,
+    oTAUpdateInfo_targetSelection,
+    oTAUpdateInfo_targets,
+
+    -- ** OTAUpdateSummary
+    oTAUpdateSummary_creationDate,
+    oTAUpdateSummary_otaUpdateArn,
+    oTAUpdateSummary_otaUpdateId,
+
+    -- ** OpenSearchAction
+    openSearchAction_roleArn,
+    openSearchAction_endpoint,
+    openSearchAction_index,
+    openSearchAction_type,
+    openSearchAction_id,
+
+    -- ** OutgoingCertificate
+    outgoingCertificate_certificateArn,
+    outgoingCertificate_certificateId,
+    outgoingCertificate_creationDate,
+    outgoingCertificate_transferDate,
+    outgoingCertificate_transferMessage,
+    outgoingCertificate_transferredTo,
+
+    -- ** PercentPair
+    percentPair_percent,
+    percentPair_value,
+
+    -- ** Policy
+    policy_policyArn,
+    policy_policyName,
+
+    -- ** PolicyVersion
+    policyVersion_createDate,
+    policyVersion_isDefaultVersion,
+    policyVersion_versionId,
+
+    -- ** PolicyVersionIdentifier
+    policyVersionIdentifier_policyName,
+    policyVersionIdentifier_policyVersionId,
+
+    -- ** PresignedUrlConfig
+    presignedUrlConfig_expiresInSec,
+    presignedUrlConfig_roleArn,
+
+    -- ** ProvisioningHook
+    provisioningHook_payloadVersion,
+    provisioningHook_targetArn,
+
+    -- ** ProvisioningTemplateSummary
+    provisioningTemplateSummary_creationDate,
+    provisioningTemplateSummary_description,
+    provisioningTemplateSummary_enabled,
+    provisioningTemplateSummary_lastModifiedDate,
+    provisioningTemplateSummary_templateArn,
+    provisioningTemplateSummary_templateName,
+    provisioningTemplateSummary_type,
+
+    -- ** ProvisioningTemplateVersionSummary
+    provisioningTemplateVersionSummary_creationDate,
+    provisioningTemplateVersionSummary_isDefaultVersion,
+    provisioningTemplateVersionSummary_versionId,
+
+    -- ** PublishFindingToSnsParams
+    publishFindingToSnsParams_topicArn,
+
+    -- ** PutAssetPropertyValueEntry
+    putAssetPropertyValueEntry_assetId,
+    putAssetPropertyValueEntry_entryId,
+    putAssetPropertyValueEntry_propertyAlias,
+    putAssetPropertyValueEntry_propertyId,
+    putAssetPropertyValueEntry_propertyValues,
+
+    -- ** PutItemInput
+    putItemInput_tableName,
+
+    -- ** RateIncreaseCriteria
+    rateIncreaseCriteria_numberOfNotifiedThings,
+    rateIncreaseCriteria_numberOfSucceededThings,
+
+    -- ** RegistrationConfig
+    registrationConfig_roleArn,
+    registrationConfig_templateBody,
+    registrationConfig_templateName,
+
+    -- ** RelatedResource
+    relatedResource_additionalInfo,
+    relatedResource_resourceIdentifier,
+    relatedResource_resourceType,
+
+    -- ** ReplaceDefaultPolicyVersionParams
+    replaceDefaultPolicyVersionParams_templateName,
+
+    -- ** RepublishAction
+    republishAction_headers,
+    republishAction_qos,
+    republishAction_roleArn,
+    republishAction_topic,
+
+    -- ** ResourceIdentifier
+    resourceIdentifier_account,
+    resourceIdentifier_caCertificateId,
+    resourceIdentifier_clientId,
+    resourceIdentifier_cognitoIdentityPoolId,
+    resourceIdentifier_deviceCertificateArn,
+    resourceIdentifier_deviceCertificateId,
+    resourceIdentifier_iamRoleArn,
+    resourceIdentifier_issuerCertificateIdentifier,
+    resourceIdentifier_policyVersionIdentifier,
+    resourceIdentifier_roleAliasArn,
+
+    -- ** RetryCriteria
+    retryCriteria_failureType,
+    retryCriteria_numberOfRetries,
+
+    -- ** RoleAliasDescription
+    roleAliasDescription_creationDate,
+    roleAliasDescription_credentialDurationSeconds,
+    roleAliasDescription_lastModifiedDate,
+    roleAliasDescription_owner,
+    roleAliasDescription_roleAlias,
+    roleAliasDescription_roleAliasArn,
+    roleAliasDescription_roleArn,
+
+    -- ** S3Action
+    s3Action_cannedAcl,
+    s3Action_roleArn,
+    s3Action_bucketName,
+    s3Action_key,
+
+    -- ** S3Destination
+    s3Destination_bucket,
+    s3Destination_prefix,
+
+    -- ** S3Location
+    s3Location_bucket,
+    s3Location_key,
+    s3Location_version,
+
+    -- ** SalesforceAction
+    salesforceAction_token,
+    salesforceAction_url,
+
+    -- ** ScheduledAuditMetadata
+    scheduledAuditMetadata_dayOfMonth,
+    scheduledAuditMetadata_dayOfWeek,
+    scheduledAuditMetadata_frequency,
+    scheduledAuditMetadata_scheduledAuditArn,
+    scheduledAuditMetadata_scheduledAuditName,
+
+    -- ** SchedulingConfig
+    schedulingConfig_endBehavior,
+    schedulingConfig_endTime,
+    schedulingConfig_startTime,
+
+    -- ** SecurityProfileIdentifier
+    securityProfileIdentifier_name,
+    securityProfileIdentifier_arn,
+
+    -- ** SecurityProfileTarget
+    securityProfileTarget_arn,
+
+    -- ** SecurityProfileTargetMapping
+    securityProfileTargetMapping_securityProfileIdentifier,
+    securityProfileTargetMapping_target,
+
+    -- ** ServerCertificateSummary
+    serverCertificateSummary_serverCertificateArn,
+    serverCertificateSummary_serverCertificateStatus,
+    serverCertificateSummary_serverCertificateStatusDetail,
+
+    -- ** SigV4Authorization
+    sigV4Authorization_signingRegion,
+    sigV4Authorization_serviceName,
+    sigV4Authorization_roleArn,
+
+    -- ** SigningProfileParameter
+    signingProfileParameter_certificateArn,
+    signingProfileParameter_certificatePathOnDevice,
+    signingProfileParameter_platform,
+
+    -- ** SnsAction
+    snsAction_messageFormat,
+    snsAction_targetArn,
+    snsAction_roleArn,
+
+    -- ** SqsAction
+    sqsAction_useBase64,
+    sqsAction_roleArn,
+    sqsAction_queueUrl,
+
+    -- ** StartSigningJobParameter
+    startSigningJobParameter_destination,
+    startSigningJobParameter_signingProfileName,
+    startSigningJobParameter_signingProfileParameter,
+
+    -- ** StatisticalThreshold
+    statisticalThreshold_statistic,
+
+    -- ** Statistics
+    statistics_average,
+    statistics_count,
+    statistics_maximum,
+    statistics_minimum,
+    statistics_stdDeviation,
+    statistics_sum,
+    statistics_sumOfSquares,
+    statistics_variance,
+
+    -- ** StepFunctionsAction
+    stepFunctionsAction_executionNamePrefix,
+    stepFunctionsAction_stateMachineName,
+    stepFunctionsAction_roleArn,
+
+    -- ** Stream
+    stream_fileId,
+    stream_streamId,
+
+    -- ** StreamFile
+    streamFile_fileId,
+    streamFile_s3Location,
+
+    -- ** StreamInfo
+    streamInfo_createdAt,
+    streamInfo_description,
+    streamInfo_files,
+    streamInfo_lastUpdatedAt,
+    streamInfo_roleArn,
+    streamInfo_streamArn,
+    streamInfo_streamId,
+    streamInfo_streamVersion,
+
+    -- ** StreamSummary
+    streamSummary_description,
+    streamSummary_streamArn,
+    streamSummary_streamId,
+    streamSummary_streamVersion,
+
+    -- ** Tag
+    tag_value,
+    tag_key,
+
+    -- ** TaskStatistics
+    taskStatistics_canceledChecks,
+    taskStatistics_compliantChecks,
+    taskStatistics_failedChecks,
+    taskStatistics_inProgressChecks,
+    taskStatistics_nonCompliantChecks,
+    taskStatistics_totalChecks,
+    taskStatistics_waitingForDataCollectionChecks,
+
+    -- ** TaskStatisticsForAuditCheck
+    taskStatisticsForAuditCheck_canceledFindingsCount,
+    taskStatisticsForAuditCheck_failedFindingsCount,
+    taskStatisticsForAuditCheck_skippedFindingsCount,
+    taskStatisticsForAuditCheck_succeededFindingsCount,
+    taskStatisticsForAuditCheck_totalFindingsCount,
+
+    -- ** TermsAggregation
+    termsAggregation_maxBuckets,
+
+    -- ** ThingAttribute
+    thingAttribute_attributes,
+    thingAttribute_thingArn,
+    thingAttribute_thingName,
+    thingAttribute_thingTypeName,
+    thingAttribute_version,
+
+    -- ** ThingConnectivity
+    thingConnectivity_connected,
+    thingConnectivity_disconnectReason,
+    thingConnectivity_timestamp,
+
+    -- ** ThingDocument
+    thingDocument_attributes,
+    thingDocument_connectivity,
+    thingDocument_deviceDefender,
+    thingDocument_shadow,
+    thingDocument_thingGroupNames,
+    thingDocument_thingId,
+    thingDocument_thingName,
+    thingDocument_thingTypeName,
+
+    -- ** ThingGroupDocument
+    thingGroupDocument_attributes,
+    thingGroupDocument_parentGroupNames,
+    thingGroupDocument_thingGroupDescription,
+    thingGroupDocument_thingGroupId,
+    thingGroupDocument_thingGroupName,
+
+    -- ** ThingGroupIndexingConfiguration
+    thingGroupIndexingConfiguration_customFields,
+    thingGroupIndexingConfiguration_managedFields,
+    thingGroupIndexingConfiguration_thingGroupIndexingMode,
+
+    -- ** ThingGroupMetadata
+    thingGroupMetadata_creationDate,
+    thingGroupMetadata_parentGroupName,
+    thingGroupMetadata_rootToParentThingGroups,
+
+    -- ** ThingGroupProperties
+    thingGroupProperties_attributePayload,
+    thingGroupProperties_thingGroupDescription,
+
+    -- ** ThingIndexingConfiguration
+    thingIndexingConfiguration_customFields,
+    thingIndexingConfiguration_deviceDefenderIndexingMode,
+    thingIndexingConfiguration_filter,
+    thingIndexingConfiguration_managedFields,
+    thingIndexingConfiguration_namedShadowIndexingMode,
+    thingIndexingConfiguration_thingConnectivityIndexingMode,
+    thingIndexingConfiguration_thingIndexingMode,
+
+    -- ** ThingTypeDefinition
+    thingTypeDefinition_thingTypeArn,
+    thingTypeDefinition_thingTypeMetadata,
+    thingTypeDefinition_thingTypeName,
+    thingTypeDefinition_thingTypeProperties,
+
+    -- ** ThingTypeMetadata
+    thingTypeMetadata_creationDate,
+    thingTypeMetadata_deprecated,
+    thingTypeMetadata_deprecationDate,
+
+    -- ** ThingTypeProperties
+    thingTypeProperties_searchableAttributes,
+    thingTypeProperties_thingTypeDescription,
+
+    -- ** TimeoutConfig
+    timeoutConfig_inProgressTimeoutInMinutes,
+
+    -- ** TimestreamAction
+    timestreamAction_timestamp,
+    timestreamAction_roleArn,
+    timestreamAction_databaseName,
+    timestreamAction_tableName,
+    timestreamAction_dimensions,
+
+    -- ** TimestreamDimension
+    timestreamDimension_name,
+    timestreamDimension_value,
+
+    -- ** TimestreamTimestamp
+    timestreamTimestamp_value,
+    timestreamTimestamp_unit,
+
+    -- ** TlsContext
+    tlsContext_serverName,
+
+    -- ** TopicRule
+    topicRule_actions,
+    topicRule_awsIotSqlVersion,
+    topicRule_createdAt,
+    topicRule_description,
+    topicRule_errorAction,
+    topicRule_ruleDisabled,
+    topicRule_ruleName,
+    topicRule_sql,
+
+    -- ** TopicRuleDestination
+    topicRuleDestination_arn,
+    topicRuleDestination_createdAt,
+    topicRuleDestination_httpUrlProperties,
+    topicRuleDestination_lastUpdatedAt,
+    topicRuleDestination_status,
+    topicRuleDestination_statusReason,
+    topicRuleDestination_vpcProperties,
+
+    -- ** TopicRuleDestinationConfiguration
+    topicRuleDestinationConfiguration_httpUrlConfiguration,
+    topicRuleDestinationConfiguration_vpcConfiguration,
+
+    -- ** TopicRuleDestinationSummary
+    topicRuleDestinationSummary_arn,
+    topicRuleDestinationSummary_createdAt,
+    topicRuleDestinationSummary_httpUrlSummary,
+    topicRuleDestinationSummary_lastUpdatedAt,
+    topicRuleDestinationSummary_status,
+    topicRuleDestinationSummary_statusReason,
+    topicRuleDestinationSummary_vpcDestinationSummary,
+
+    -- ** TopicRuleListItem
+    topicRuleListItem_createdAt,
+    topicRuleListItem_ruleArn,
+    topicRuleListItem_ruleDisabled,
+    topicRuleListItem_ruleName,
+    topicRuleListItem_topicPattern,
+
+    -- ** TopicRulePayload
+    topicRulePayload_awsIotSqlVersion,
+    topicRulePayload_description,
+    topicRulePayload_errorAction,
+    topicRulePayload_ruleDisabled,
+    topicRulePayload_sql,
+    topicRulePayload_actions,
+
+    -- ** TransferData
+    transferData_acceptDate,
+    transferData_rejectDate,
+    transferData_rejectReason,
+    transferData_transferDate,
+    transferData_transferMessage,
+
+    -- ** UpdateCACertificateParams
+    updateCACertificateParams_action,
+
+    -- ** UpdateDeviceCertificateParams
+    updateDeviceCertificateParams_action,
+
+    -- ** UserProperty
+    userProperty_key,
+    userProperty_value,
+
+    -- ** ValidationError
+    validationError_errorMessage,
+
+    -- ** ViolationEvent
+    violationEvent_behavior,
+    violationEvent_metricValue,
+    violationEvent_securityProfileName,
+    violationEvent_thingName,
+    violationEvent_verificationState,
+    violationEvent_verificationStateDescription,
+    violationEvent_violationEventAdditionalInfo,
+    violationEvent_violationEventTime,
+    violationEvent_violationEventType,
+    violationEvent_violationId,
+
+    -- ** ViolationEventAdditionalInfo
+    violationEventAdditionalInfo_confidenceLevel,
+
+    -- ** ViolationEventOccurrenceRange
+    violationEventOccurrenceRange_startTime,
+    violationEventOccurrenceRange_endTime,
+
+    -- ** VpcDestinationConfiguration
+    vpcDestinationConfiguration_securityGroups,
+    vpcDestinationConfiguration_subnetIds,
+    vpcDestinationConfiguration_vpcId,
+    vpcDestinationConfiguration_roleArn,
+
+    -- ** VpcDestinationProperties
+    vpcDestinationProperties_roleArn,
+    vpcDestinationProperties_securityGroups,
+    vpcDestinationProperties_subnetIds,
+    vpcDestinationProperties_vpcId,
+
+    -- ** VpcDestinationSummary
+    vpcDestinationSummary_roleArn,
+    vpcDestinationSummary_securityGroups,
+    vpcDestinationSummary_subnetIds,
+    vpcDestinationSummary_vpcId,
+  )
+where
+
+import Amazonka.IoT.AcceptCertificateTransfer
+import Amazonka.IoT.AddThingToBillingGroup
+import Amazonka.IoT.AddThingToThingGroup
+import Amazonka.IoT.AssociateTargetsWithJob
+import Amazonka.IoT.AttachPolicy
+import Amazonka.IoT.AttachSecurityProfile
+import Amazonka.IoT.AttachThingPrincipal
+import Amazonka.IoT.CancelAuditMitigationActionsTask
+import Amazonka.IoT.CancelAuditTask
+import Amazonka.IoT.CancelCertificateTransfer
+import Amazonka.IoT.CancelDetectMitigationActionsTask
+import Amazonka.IoT.CancelJob
+import Amazonka.IoT.CancelJobExecution
+import Amazonka.IoT.ClearDefaultAuthorizer
+import Amazonka.IoT.ConfirmTopicRuleDestination
+import Amazonka.IoT.CreateAuditSuppression
+import Amazonka.IoT.CreateAuthorizer
+import Amazonka.IoT.CreateBillingGroup
+import Amazonka.IoT.CreateCertificateFromCsr
+import Amazonka.IoT.CreateCustomMetric
+import Amazonka.IoT.CreateDimension
+import Amazonka.IoT.CreateDomainConfiguration
+import Amazonka.IoT.CreateDynamicThingGroup
+import Amazonka.IoT.CreateFleetMetric
+import Amazonka.IoT.CreateJob
+import Amazonka.IoT.CreateJobTemplate
+import Amazonka.IoT.CreateKeysAndCertificate
+import Amazonka.IoT.CreateMitigationAction
+import Amazonka.IoT.CreateOTAUpdate
+import Amazonka.IoT.CreatePolicy
+import Amazonka.IoT.CreatePolicyVersion
+import Amazonka.IoT.CreateProvisioningClaim
+import Amazonka.IoT.CreateProvisioningTemplate
+import Amazonka.IoT.CreateProvisioningTemplateVersion
+import Amazonka.IoT.CreateRoleAlias
+import Amazonka.IoT.CreateScheduledAudit
+import Amazonka.IoT.CreateSecurityProfile
+import Amazonka.IoT.CreateStream
+import Amazonka.IoT.CreateThing
+import Amazonka.IoT.CreateThingGroup
+import Amazonka.IoT.CreateThingType
+import Amazonka.IoT.CreateTopicRule
+import Amazonka.IoT.CreateTopicRuleDestination
+import Amazonka.IoT.DeleteAccountAuditConfiguration
+import Amazonka.IoT.DeleteAuditSuppression
+import Amazonka.IoT.DeleteAuthorizer
+import Amazonka.IoT.DeleteBillingGroup
+import Amazonka.IoT.DeleteCACertificate
+import Amazonka.IoT.DeleteCertificate
+import Amazonka.IoT.DeleteCustomMetric
+import Amazonka.IoT.DeleteDimension
+import Amazonka.IoT.DeleteDomainConfiguration
+import Amazonka.IoT.DeleteDynamicThingGroup
+import Amazonka.IoT.DeleteFleetMetric
+import Amazonka.IoT.DeleteJob
+import Amazonka.IoT.DeleteJobExecution
+import Amazonka.IoT.DeleteJobTemplate
+import Amazonka.IoT.DeleteMitigationAction
+import Amazonka.IoT.DeleteOTAUpdate
+import Amazonka.IoT.DeletePolicy
+import Amazonka.IoT.DeletePolicyVersion
+import Amazonka.IoT.DeleteProvisioningTemplate
+import Amazonka.IoT.DeleteProvisioningTemplateVersion
+import Amazonka.IoT.DeleteRegistrationCode
+import Amazonka.IoT.DeleteRoleAlias
+import Amazonka.IoT.DeleteScheduledAudit
+import Amazonka.IoT.DeleteSecurityProfile
+import Amazonka.IoT.DeleteStream
+import Amazonka.IoT.DeleteThing
+import Amazonka.IoT.DeleteThingGroup
+import Amazonka.IoT.DeleteThingType
+import Amazonka.IoT.DeleteTopicRule
+import Amazonka.IoT.DeleteTopicRuleDestination
+import Amazonka.IoT.DeleteV2LoggingLevel
+import Amazonka.IoT.DeprecateThingType
+import Amazonka.IoT.DescribeAccountAuditConfiguration
+import Amazonka.IoT.DescribeAuditFinding
+import Amazonka.IoT.DescribeAuditMitigationActionsTask
+import Amazonka.IoT.DescribeAuditSuppression
+import Amazonka.IoT.DescribeAuditTask
+import Amazonka.IoT.DescribeAuthorizer
+import Amazonka.IoT.DescribeBillingGroup
+import Amazonka.IoT.DescribeCACertificate
+import Amazonka.IoT.DescribeCertificate
+import Amazonka.IoT.DescribeCustomMetric
+import Amazonka.IoT.DescribeDefaultAuthorizer
+import Amazonka.IoT.DescribeDetectMitigationActionsTask
+import Amazonka.IoT.DescribeDimension
+import Amazonka.IoT.DescribeDomainConfiguration
+import Amazonka.IoT.DescribeEndpoint
+import Amazonka.IoT.DescribeEventConfigurations
+import Amazonka.IoT.DescribeFleetMetric
+import Amazonka.IoT.DescribeIndex
+import Amazonka.IoT.DescribeJob
+import Amazonka.IoT.DescribeJobExecution
+import Amazonka.IoT.DescribeJobTemplate
+import Amazonka.IoT.DescribeManagedJobTemplate
+import Amazonka.IoT.DescribeMitigationAction
+import Amazonka.IoT.DescribeProvisioningTemplate
+import Amazonka.IoT.DescribeProvisioningTemplateVersion
+import Amazonka.IoT.DescribeRoleAlias
+import Amazonka.IoT.DescribeScheduledAudit
+import Amazonka.IoT.DescribeSecurityProfile
+import Amazonka.IoT.DescribeStream
+import Amazonka.IoT.DescribeThing
+import Amazonka.IoT.DescribeThingGroup
+import Amazonka.IoT.DescribeThingRegistrationTask
+import Amazonka.IoT.DescribeThingType
+import Amazonka.IoT.DetachPolicy
+import Amazonka.IoT.DetachSecurityProfile
+import Amazonka.IoT.DetachThingPrincipal
+import Amazonka.IoT.DisableTopicRule
+import Amazonka.IoT.EnableTopicRule
+import Amazonka.IoT.GetBehaviorModelTrainingSummaries
+import Amazonka.IoT.GetBucketsAggregation
+import Amazonka.IoT.GetCardinality
+import Amazonka.IoT.GetEffectivePolicies
+import Amazonka.IoT.GetIndexingConfiguration
+import Amazonka.IoT.GetJobDocument
+import Amazonka.IoT.GetLoggingOptions
+import Amazonka.IoT.GetOTAUpdate
+import Amazonka.IoT.GetPercentiles
+import Amazonka.IoT.GetPolicy
+import Amazonka.IoT.GetPolicyVersion
+import Amazonka.IoT.GetRegistrationCode
+import Amazonka.IoT.GetStatistics
+import Amazonka.IoT.GetTopicRule
+import Amazonka.IoT.GetTopicRuleDestination
+import Amazonka.IoT.GetV2LoggingOptions
+import Amazonka.IoT.ListActiveViolations
+import Amazonka.IoT.ListAttachedPolicies
+import Amazonka.IoT.ListAuditFindings
+import Amazonka.IoT.ListAuditMitigationActionsExecutions
+import Amazonka.IoT.ListAuditMitigationActionsTasks
+import Amazonka.IoT.ListAuditSuppressions
+import Amazonka.IoT.ListAuditTasks
+import Amazonka.IoT.ListAuthorizers
+import Amazonka.IoT.ListBillingGroups
+import Amazonka.IoT.ListCACertificates
+import Amazonka.IoT.ListCertificates
+import Amazonka.IoT.ListCertificatesByCA
+import Amazonka.IoT.ListCustomMetrics
+import Amazonka.IoT.ListDetectMitigationActionsExecutions
+import Amazonka.IoT.ListDetectMitigationActionsTasks
+import Amazonka.IoT.ListDimensions
+import Amazonka.IoT.ListDomainConfigurations
+import Amazonka.IoT.ListFleetMetrics
+import Amazonka.IoT.ListIndices
+import Amazonka.IoT.ListJobExecutionsForJob
+import Amazonka.IoT.ListJobExecutionsForThing
+import Amazonka.IoT.ListJobTemplates
+import Amazonka.IoT.ListJobs
+import Amazonka.IoT.ListManagedJobTemplates
+import Amazonka.IoT.ListMetricValues
+import Amazonka.IoT.ListMitigationActions
+import Amazonka.IoT.ListOTAUpdates
+import Amazonka.IoT.ListOutgoingCertificates
+import Amazonka.IoT.ListPolicies
+import Amazonka.IoT.ListPolicyVersions
+import Amazonka.IoT.ListPrincipalThings
+import Amazonka.IoT.ListProvisioningTemplateVersions
+import Amazonka.IoT.ListProvisioningTemplates
+import Amazonka.IoT.ListRelatedResourcesForAuditFinding
+import Amazonka.IoT.ListRoleAliases
+import Amazonka.IoT.ListScheduledAudits
+import Amazonka.IoT.ListSecurityProfiles
+import Amazonka.IoT.ListSecurityProfilesForTarget
+import Amazonka.IoT.ListStreams
+import Amazonka.IoT.ListTagsForResource
+import Amazonka.IoT.ListTargetsForPolicy
+import Amazonka.IoT.ListTargetsForSecurityProfile
+import Amazonka.IoT.ListThingGroups
+import Amazonka.IoT.ListThingGroupsForThing
+import Amazonka.IoT.ListThingPrincipals
+import Amazonka.IoT.ListThingRegistrationTaskReports
+import Amazonka.IoT.ListThingRegistrationTasks
+import Amazonka.IoT.ListThingTypes
+import Amazonka.IoT.ListThings
+import Amazonka.IoT.ListThingsInBillingGroup
+import Amazonka.IoT.ListThingsInThingGroup
+import Amazonka.IoT.ListTopicRuleDestinations
+import Amazonka.IoT.ListTopicRules
+import Amazonka.IoT.ListV2LoggingLevels
+import Amazonka.IoT.ListViolationEvents
+import Amazonka.IoT.PutVerificationStateOnViolation
+import Amazonka.IoT.RegisterCACertificate
+import Amazonka.IoT.RegisterCertificate
+import Amazonka.IoT.RegisterCertificateWithoutCA
+import Amazonka.IoT.RegisterThing
+import Amazonka.IoT.RejectCertificateTransfer
+import Amazonka.IoT.RemoveThingFromBillingGroup
+import Amazonka.IoT.RemoveThingFromThingGroup
+import Amazonka.IoT.ReplaceTopicRule
+import Amazonka.IoT.SearchIndex
+import Amazonka.IoT.SetDefaultAuthorizer
+import Amazonka.IoT.SetDefaultPolicyVersion
+import Amazonka.IoT.SetLoggingOptions
+import Amazonka.IoT.SetV2LoggingLevel
+import Amazonka.IoT.SetV2LoggingOptions
+import Amazonka.IoT.StartAuditMitigationActionsTask
+import Amazonka.IoT.StartDetectMitigationActionsTask
+import Amazonka.IoT.StartOnDemandAuditTask
+import Amazonka.IoT.StartThingRegistrationTask
+import Amazonka.IoT.StopThingRegistrationTask
+import Amazonka.IoT.TagResource
+import Amazonka.IoT.TestAuthorization
+import Amazonka.IoT.TestInvokeAuthorizer
+import Amazonka.IoT.TransferCertificate
+import Amazonka.IoT.Types.AbortConfig
+import Amazonka.IoT.Types.AbortCriteria
+import Amazonka.IoT.Types.Action
+import Amazonka.IoT.Types.ActiveViolation
+import Amazonka.IoT.Types.AddThingsToThingGroupParams
+import Amazonka.IoT.Types.AggregationType
+import Amazonka.IoT.Types.AlertTarget
+import Amazonka.IoT.Types.Allowed
+import Amazonka.IoT.Types.AssetPropertyTimestamp
+import Amazonka.IoT.Types.AssetPropertyValue
+import Amazonka.IoT.Types.AssetPropertyVariant
+import Amazonka.IoT.Types.AttributePayload
+import Amazonka.IoT.Types.AuditCheckConfiguration
+import Amazonka.IoT.Types.AuditCheckDetails
+import Amazonka.IoT.Types.AuditFinding
+import Amazonka.IoT.Types.AuditMitigationActionExecutionMetadata
+import Amazonka.IoT.Types.AuditMitigationActionsTaskMetadata
+import Amazonka.IoT.Types.AuditMitigationActionsTaskTarget
+import Amazonka.IoT.Types.AuditNotificationTarget
+import Amazonka.IoT.Types.AuditSuppression
+import Amazonka.IoT.Types.AuditTaskMetadata
+import Amazonka.IoT.Types.AuthInfo
+import Amazonka.IoT.Types.AuthResult
+import Amazonka.IoT.Types.AuthorizerConfig
+import Amazonka.IoT.Types.AuthorizerDescription
+import Amazonka.IoT.Types.AuthorizerSummary
+import Amazonka.IoT.Types.AwsJobAbortConfig
+import Amazonka.IoT.Types.AwsJobAbortCriteria
+import Amazonka.IoT.Types.AwsJobExecutionsRolloutConfig
+import Amazonka.IoT.Types.AwsJobExponentialRolloutRate
+import Amazonka.IoT.Types.AwsJobPresignedUrlConfig
+import Amazonka.IoT.Types.AwsJobRateIncreaseCriteria
+import Amazonka.IoT.Types.AwsJobTimeoutConfig
+import Amazonka.IoT.Types.Behavior
+import Amazonka.IoT.Types.BehaviorCriteria
+import Amazonka.IoT.Types.BehaviorModelTrainingSummary
+import Amazonka.IoT.Types.BillingGroupMetadata
+import Amazonka.IoT.Types.BillingGroupProperties
+import Amazonka.IoT.Types.Bucket
+import Amazonka.IoT.Types.BucketsAggregationType
+import Amazonka.IoT.Types.CACertificate
+import Amazonka.IoT.Types.CACertificateDescription
+import Amazonka.IoT.Types.Certificate
+import Amazonka.IoT.Types.CertificateDescription
+import Amazonka.IoT.Types.CertificateValidity
+import Amazonka.IoT.Types.CloudwatchAlarmAction
+import Amazonka.IoT.Types.CloudwatchLogsAction
+import Amazonka.IoT.Types.CloudwatchMetricAction
+import Amazonka.IoT.Types.CodeSigning
+import Amazonka.IoT.Types.CodeSigningCertificateChain
+import Amazonka.IoT.Types.CodeSigningSignature
+import Amazonka.IoT.Types.Configuration
+import Amazonka.IoT.Types.CustomCodeSigning
+import Amazonka.IoT.Types.Denied
+import Amazonka.IoT.Types.Destination
+import Amazonka.IoT.Types.DetectMitigationActionExecution
+import Amazonka.IoT.Types.DetectMitigationActionsTaskStatistics
+import Amazonka.IoT.Types.DetectMitigationActionsTaskSummary
+import Amazonka.IoT.Types.DetectMitigationActionsTaskTarget
+import Amazonka.IoT.Types.DocumentParameter
+import Amazonka.IoT.Types.DomainConfigurationSummary
+import Amazonka.IoT.Types.DynamoDBAction
+import Amazonka.IoT.Types.DynamoDBv2Action
+import Amazonka.IoT.Types.EffectivePolicy
+import Amazonka.IoT.Types.ElasticsearchAction
+import Amazonka.IoT.Types.EnableIoTLoggingParams
+import Amazonka.IoT.Types.ErrorInfo
+import Amazonka.IoT.Types.ExplicitDeny
+import Amazonka.IoT.Types.ExponentialRolloutRate
+import Amazonka.IoT.Types.Field
+import Amazonka.IoT.Types.FileLocation
+import Amazonka.IoT.Types.FirehoseAction
+import Amazonka.IoT.Types.FleetMetricNameAndArn
+import Amazonka.IoT.Types.GroupNameAndArn
+import Amazonka.IoT.Types.HttpAction
+import Amazonka.IoT.Types.HttpActionHeader
+import Amazonka.IoT.Types.HttpAuthorization
+import Amazonka.IoT.Types.HttpContext
+import Amazonka.IoT.Types.HttpUrlDestinationConfiguration
+import Amazonka.IoT.Types.HttpUrlDestinationProperties
+import Amazonka.IoT.Types.HttpUrlDestinationSummary
+import Amazonka.IoT.Types.ImplicitDeny
+import Amazonka.IoT.Types.IndexingFilter
+import Amazonka.IoT.Types.IotAnalyticsAction
+import Amazonka.IoT.Types.IotEventsAction
+import Amazonka.IoT.Types.IotSiteWiseAction
+import Amazonka.IoT.Types.IssuerCertificateIdentifier
+import Amazonka.IoT.Types.Job
+import Amazonka.IoT.Types.JobExecution
+import Amazonka.IoT.Types.JobExecutionStatusDetails
+import Amazonka.IoT.Types.JobExecutionSummary
+import Amazonka.IoT.Types.JobExecutionSummaryForJob
+import Amazonka.IoT.Types.JobExecutionSummaryForThing
+import Amazonka.IoT.Types.JobExecutionsRetryConfig
+import Amazonka.IoT.Types.JobExecutionsRolloutConfig
+import Amazonka.IoT.Types.JobProcessDetails
+import Amazonka.IoT.Types.JobSummary
+import Amazonka.IoT.Types.JobTemplateSummary
+import Amazonka.IoT.Types.KafkaAction
+import Amazonka.IoT.Types.KeyPair
+import Amazonka.IoT.Types.KinesisAction
+import Amazonka.IoT.Types.LambdaAction
+import Amazonka.IoT.Types.LocationAction
+import Amazonka.IoT.Types.LocationTimestamp
+import Amazonka.IoT.Types.LogTarget
+import Amazonka.IoT.Types.LogTargetConfiguration
+import Amazonka.IoT.Types.LoggingOptionsPayload
+import Amazonka.IoT.Types.MachineLearningDetectionConfig
+import Amazonka.IoT.Types.ManagedJobTemplateSummary
+import Amazonka.IoT.Types.MetricDatum
+import Amazonka.IoT.Types.MetricDimension
+import Amazonka.IoT.Types.MetricToRetain
+import Amazonka.IoT.Types.MetricValue
+import Amazonka.IoT.Types.MitigationAction
+import Amazonka.IoT.Types.MitigationActionIdentifier
+import Amazonka.IoT.Types.MitigationActionParams
+import Amazonka.IoT.Types.MqttContext
+import Amazonka.IoT.Types.MqttHeaders
+import Amazonka.IoT.Types.NonCompliantResource
+import Amazonka.IoT.Types.OTAUpdateFile
+import Amazonka.IoT.Types.OTAUpdateInfo
+import Amazonka.IoT.Types.OTAUpdateSummary
+import Amazonka.IoT.Types.OpenSearchAction
+import Amazonka.IoT.Types.OutgoingCertificate
+import Amazonka.IoT.Types.PercentPair
+import Amazonka.IoT.Types.Policy
+import Amazonka.IoT.Types.PolicyVersion
+import Amazonka.IoT.Types.PolicyVersionIdentifier
+import Amazonka.IoT.Types.PresignedUrlConfig
+import Amazonka.IoT.Types.ProvisioningHook
+import Amazonka.IoT.Types.ProvisioningTemplateSummary
+import Amazonka.IoT.Types.ProvisioningTemplateVersionSummary
+import Amazonka.IoT.Types.PublishFindingToSnsParams
+import Amazonka.IoT.Types.PutAssetPropertyValueEntry
+import Amazonka.IoT.Types.PutItemInput
+import Amazonka.IoT.Types.RateIncreaseCriteria
+import Amazonka.IoT.Types.RegistrationConfig
+import Amazonka.IoT.Types.RelatedResource
+import Amazonka.IoT.Types.ReplaceDefaultPolicyVersionParams
+import Amazonka.IoT.Types.RepublishAction
+import Amazonka.IoT.Types.ResourceIdentifier
+import Amazonka.IoT.Types.RetryCriteria
+import Amazonka.IoT.Types.RoleAliasDescription
+import Amazonka.IoT.Types.S3Action
+import Amazonka.IoT.Types.S3Destination
+import Amazonka.IoT.Types.S3Location
+import Amazonka.IoT.Types.SalesforceAction
+import Amazonka.IoT.Types.ScheduledAuditMetadata
+import Amazonka.IoT.Types.SchedulingConfig
+import Amazonka.IoT.Types.SecurityProfileIdentifier
+import Amazonka.IoT.Types.SecurityProfileTarget
+import Amazonka.IoT.Types.SecurityProfileTargetMapping
+import Amazonka.IoT.Types.ServerCertificateSummary
+import Amazonka.IoT.Types.SigV4Authorization
+import Amazonka.IoT.Types.SigningProfileParameter
+import Amazonka.IoT.Types.SnsAction
+import Amazonka.IoT.Types.SqsAction
+import Amazonka.IoT.Types.StartSigningJobParameter
+import Amazonka.IoT.Types.StatisticalThreshold
+import Amazonka.IoT.Types.Statistics
+import Amazonka.IoT.Types.StepFunctionsAction
+import Amazonka.IoT.Types.Stream
+import Amazonka.IoT.Types.StreamFile
+import Amazonka.IoT.Types.StreamInfo
+import Amazonka.IoT.Types.StreamSummary
+import Amazonka.IoT.Types.Tag
+import Amazonka.IoT.Types.TaskStatistics
+import Amazonka.IoT.Types.TaskStatisticsForAuditCheck
+import Amazonka.IoT.Types.TermsAggregation
+import Amazonka.IoT.Types.ThingAttribute
+import Amazonka.IoT.Types.ThingConnectivity
+import Amazonka.IoT.Types.ThingDocument
+import Amazonka.IoT.Types.ThingGroupDocument
+import Amazonka.IoT.Types.ThingGroupIndexingConfiguration
+import Amazonka.IoT.Types.ThingGroupMetadata
+import Amazonka.IoT.Types.ThingGroupProperties
+import Amazonka.IoT.Types.ThingIndexingConfiguration
+import Amazonka.IoT.Types.ThingTypeDefinition
+import Amazonka.IoT.Types.ThingTypeMetadata
+import Amazonka.IoT.Types.ThingTypeProperties
+import Amazonka.IoT.Types.TimeoutConfig
+import Amazonka.IoT.Types.TimestreamAction
+import Amazonka.IoT.Types.TimestreamDimension
+import Amazonka.IoT.Types.TimestreamTimestamp
+import Amazonka.IoT.Types.TlsContext
+import Amazonka.IoT.Types.TopicRule
+import Amazonka.IoT.Types.TopicRuleDestination
+import Amazonka.IoT.Types.TopicRuleDestinationConfiguration
+import Amazonka.IoT.Types.TopicRuleDestinationSummary
+import Amazonka.IoT.Types.TopicRuleListItem
+import Amazonka.IoT.Types.TopicRulePayload
+import Amazonka.IoT.Types.TransferData
+import Amazonka.IoT.Types.UpdateCACertificateParams
+import Amazonka.IoT.Types.UpdateDeviceCertificateParams
+import Amazonka.IoT.Types.UserProperty
+import Amazonka.IoT.Types.ValidationError
+import Amazonka.IoT.Types.ViolationEvent
+import Amazonka.IoT.Types.ViolationEventAdditionalInfo
+import Amazonka.IoT.Types.ViolationEventOccurrenceRange
+import Amazonka.IoT.Types.VpcDestinationConfiguration
+import Amazonka.IoT.Types.VpcDestinationProperties
+import Amazonka.IoT.Types.VpcDestinationSummary
+import Amazonka.IoT.UntagResource
+import Amazonka.IoT.UpdateAccountAuditConfiguration
+import Amazonka.IoT.UpdateAuditSuppression
+import Amazonka.IoT.UpdateAuthorizer
+import Amazonka.IoT.UpdateBillingGroup
+import Amazonka.IoT.UpdateCACertificate
+import Amazonka.IoT.UpdateCertificate
+import Amazonka.IoT.UpdateCustomMetric
+import Amazonka.IoT.UpdateDimension
+import Amazonka.IoT.UpdateDomainConfiguration
+import Amazonka.IoT.UpdateDynamicThingGroup
+import Amazonka.IoT.UpdateEventConfigurations
+import Amazonka.IoT.UpdateFleetMetric
+import Amazonka.IoT.UpdateIndexingConfiguration
+import Amazonka.IoT.UpdateJob
+import Amazonka.IoT.UpdateMitigationAction
+import Amazonka.IoT.UpdateProvisioningTemplate
+import Amazonka.IoT.UpdateRoleAlias
+import Amazonka.IoT.UpdateScheduledAudit
+import Amazonka.IoT.UpdateSecurityProfile
+import Amazonka.IoT.UpdateStream
+import Amazonka.IoT.UpdateThing
+import Amazonka.IoT.UpdateThingGroup
+import Amazonka.IoT.UpdateThingGroupsForThing
+import Amazonka.IoT.UpdateTopicRuleDestination
+import Amazonka.IoT.ValidateSecurityProfileBehaviors
diff --git a/gen/Amazonka/IoT/ListActiveViolations.hs b/gen/Amazonka/IoT/ListActiveViolations.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListActiveViolations.hs
@@ -0,0 +1,283 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListActiveViolations
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the active violations for a given Device Defender security
+-- profile.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListActiveViolations>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListActiveViolations
+  ( -- * Creating a Request
+    ListActiveViolations (..),
+    newListActiveViolations,
+
+    -- * Request Lenses
+    listActiveViolations_behaviorCriteriaType,
+    listActiveViolations_listSuppressedAlerts,
+    listActiveViolations_maxResults,
+    listActiveViolations_nextToken,
+    listActiveViolations_securityProfileName,
+    listActiveViolations_thingName,
+    listActiveViolations_verificationState,
+
+    -- * Destructuring the Response
+    ListActiveViolationsResponse (..),
+    newListActiveViolationsResponse,
+
+    -- * Response Lenses
+    listActiveViolationsResponse_activeViolations,
+    listActiveViolationsResponse_nextToken,
+    listActiveViolationsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListActiveViolations' smart constructor.
+data ListActiveViolations = ListActiveViolations'
+  { -- | The criteria for a behavior.
+    behaviorCriteriaType :: Prelude.Maybe BehaviorCriteriaType,
+    -- | A list of all suppressed alerts.
+    listSuppressedAlerts :: Prelude.Maybe Prelude.Bool,
+    -- | The maximum number of results to return at one time.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The token for the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The name of the Device Defender security profile for which violations
+    -- are listed.
+    securityProfileName :: Prelude.Maybe Prelude.Text,
+    -- | The name of the thing whose active violations are listed.
+    thingName :: Prelude.Maybe Prelude.Text,
+    -- | The verification state of the violation (detect alarm).
+    verificationState :: Prelude.Maybe VerificationState
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListActiveViolations' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'behaviorCriteriaType', 'listActiveViolations_behaviorCriteriaType' - The criteria for a behavior.
+--
+-- 'listSuppressedAlerts', 'listActiveViolations_listSuppressedAlerts' - A list of all suppressed alerts.
+--
+-- 'maxResults', 'listActiveViolations_maxResults' - The maximum number of results to return at one time.
+--
+-- 'nextToken', 'listActiveViolations_nextToken' - The token for the next set of results.
+--
+-- 'securityProfileName', 'listActiveViolations_securityProfileName' - The name of the Device Defender security profile for which violations
+-- are listed.
+--
+-- 'thingName', 'listActiveViolations_thingName' - The name of the thing whose active violations are listed.
+--
+-- 'verificationState', 'listActiveViolations_verificationState' - The verification state of the violation (detect alarm).
+newListActiveViolations ::
+  ListActiveViolations
+newListActiveViolations =
+  ListActiveViolations'
+    { behaviorCriteriaType =
+        Prelude.Nothing,
+      listSuppressedAlerts = Prelude.Nothing,
+      maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      securityProfileName = Prelude.Nothing,
+      thingName = Prelude.Nothing,
+      verificationState = Prelude.Nothing
+    }
+
+-- | The criteria for a behavior.
+listActiveViolations_behaviorCriteriaType :: Lens.Lens' ListActiveViolations (Prelude.Maybe BehaviorCriteriaType)
+listActiveViolations_behaviorCriteriaType = Lens.lens (\ListActiveViolations' {behaviorCriteriaType} -> behaviorCriteriaType) (\s@ListActiveViolations' {} a -> s {behaviorCriteriaType = a} :: ListActiveViolations)
+
+-- | A list of all suppressed alerts.
+listActiveViolations_listSuppressedAlerts :: Lens.Lens' ListActiveViolations (Prelude.Maybe Prelude.Bool)
+listActiveViolations_listSuppressedAlerts = Lens.lens (\ListActiveViolations' {listSuppressedAlerts} -> listSuppressedAlerts) (\s@ListActiveViolations' {} a -> s {listSuppressedAlerts = a} :: ListActiveViolations)
+
+-- | The maximum number of results to return at one time.
+listActiveViolations_maxResults :: Lens.Lens' ListActiveViolations (Prelude.Maybe Prelude.Natural)
+listActiveViolations_maxResults = Lens.lens (\ListActiveViolations' {maxResults} -> maxResults) (\s@ListActiveViolations' {} a -> s {maxResults = a} :: ListActiveViolations)
+
+-- | The token for the next set of results.
+listActiveViolations_nextToken :: Lens.Lens' ListActiveViolations (Prelude.Maybe Prelude.Text)
+listActiveViolations_nextToken = Lens.lens (\ListActiveViolations' {nextToken} -> nextToken) (\s@ListActiveViolations' {} a -> s {nextToken = a} :: ListActiveViolations)
+
+-- | The name of the Device Defender security profile for which violations
+-- are listed.
+listActiveViolations_securityProfileName :: Lens.Lens' ListActiveViolations (Prelude.Maybe Prelude.Text)
+listActiveViolations_securityProfileName = Lens.lens (\ListActiveViolations' {securityProfileName} -> securityProfileName) (\s@ListActiveViolations' {} a -> s {securityProfileName = a} :: ListActiveViolations)
+
+-- | The name of the thing whose active violations are listed.
+listActiveViolations_thingName :: Lens.Lens' ListActiveViolations (Prelude.Maybe Prelude.Text)
+listActiveViolations_thingName = Lens.lens (\ListActiveViolations' {thingName} -> thingName) (\s@ListActiveViolations' {} a -> s {thingName = a} :: ListActiveViolations)
+
+-- | The verification state of the violation (detect alarm).
+listActiveViolations_verificationState :: Lens.Lens' ListActiveViolations (Prelude.Maybe VerificationState)
+listActiveViolations_verificationState = Lens.lens (\ListActiveViolations' {verificationState} -> verificationState) (\s@ListActiveViolations' {} a -> s {verificationState = a} :: ListActiveViolations)
+
+instance Core.AWSPager ListActiveViolations where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listActiveViolationsResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listActiveViolationsResponse_activeViolations
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listActiveViolations_nextToken
+          Lens..~ rs
+          Lens.^? listActiveViolationsResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListActiveViolations where
+  type
+    AWSResponse ListActiveViolations =
+      ListActiveViolationsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListActiveViolationsResponse'
+            Prelude.<$> ( x
+                            Data..?> "activeViolations"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (x Data..?> "nextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListActiveViolations where
+  hashWithSalt _salt ListActiveViolations' {..} =
+    _salt
+      `Prelude.hashWithSalt` behaviorCriteriaType
+      `Prelude.hashWithSalt` listSuppressedAlerts
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` securityProfileName
+      `Prelude.hashWithSalt` thingName
+      `Prelude.hashWithSalt` verificationState
+
+instance Prelude.NFData ListActiveViolations where
+  rnf ListActiveViolations' {..} =
+    Prelude.rnf behaviorCriteriaType
+      `Prelude.seq` Prelude.rnf listSuppressedAlerts
+      `Prelude.seq` Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf securityProfileName
+      `Prelude.seq` Prelude.rnf thingName
+      `Prelude.seq` Prelude.rnf verificationState
+
+instance Data.ToHeaders ListActiveViolations where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListActiveViolations where
+  toPath = Prelude.const "/active-violations"
+
+instance Data.ToQuery ListActiveViolations where
+  toQuery ListActiveViolations' {..} =
+    Prelude.mconcat
+      [ "behaviorCriteriaType" Data.=: behaviorCriteriaType,
+        "listSuppressedAlerts" Data.=: listSuppressedAlerts,
+        "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken,
+        "securityProfileName" Data.=: securityProfileName,
+        "thingName" Data.=: thingName,
+        "verificationState" Data.=: verificationState
+      ]
+
+-- | /See:/ 'newListActiveViolationsResponse' smart constructor.
+data ListActiveViolationsResponse = ListActiveViolationsResponse'
+  { -- | The list of active violations.
+    activeViolations :: Prelude.Maybe [ActiveViolation],
+    -- | A token that can be used to retrieve the next set of results, or @null@
+    -- if there are no additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListActiveViolationsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'activeViolations', 'listActiveViolationsResponse_activeViolations' - The list of active violations.
+--
+-- 'nextToken', 'listActiveViolationsResponse_nextToken' - A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+--
+-- 'httpStatus', 'listActiveViolationsResponse_httpStatus' - The response's http status code.
+newListActiveViolationsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListActiveViolationsResponse
+newListActiveViolationsResponse pHttpStatus_ =
+  ListActiveViolationsResponse'
+    { activeViolations =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The list of active violations.
+listActiveViolationsResponse_activeViolations :: Lens.Lens' ListActiveViolationsResponse (Prelude.Maybe [ActiveViolation])
+listActiveViolationsResponse_activeViolations = Lens.lens (\ListActiveViolationsResponse' {activeViolations} -> activeViolations) (\s@ListActiveViolationsResponse' {} a -> s {activeViolations = a} :: ListActiveViolationsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+listActiveViolationsResponse_nextToken :: Lens.Lens' ListActiveViolationsResponse (Prelude.Maybe Prelude.Text)
+listActiveViolationsResponse_nextToken = Lens.lens (\ListActiveViolationsResponse' {nextToken} -> nextToken) (\s@ListActiveViolationsResponse' {} a -> s {nextToken = a} :: ListActiveViolationsResponse)
+
+-- | The response's http status code.
+listActiveViolationsResponse_httpStatus :: Lens.Lens' ListActiveViolationsResponse Prelude.Int
+listActiveViolationsResponse_httpStatus = Lens.lens (\ListActiveViolationsResponse' {httpStatus} -> httpStatus) (\s@ListActiveViolationsResponse' {} a -> s {httpStatus = a} :: ListActiveViolationsResponse)
+
+instance Prelude.NFData ListActiveViolationsResponse where
+  rnf ListActiveViolationsResponse' {..} =
+    Prelude.rnf activeViolations
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListAttachedPolicies.hs b/gen/Amazonka/IoT/ListAttachedPolicies.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListAttachedPolicies.hs
@@ -0,0 +1,254 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListAttachedPolicies
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the policies attached to the specified thing group.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListAttachedPolicies>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListAttachedPolicies
+  ( -- * Creating a Request
+    ListAttachedPolicies (..),
+    newListAttachedPolicies,
+
+    -- * Request Lenses
+    listAttachedPolicies_marker,
+    listAttachedPolicies_pageSize,
+    listAttachedPolicies_recursive,
+    listAttachedPolicies_target,
+
+    -- * Destructuring the Response
+    ListAttachedPoliciesResponse (..),
+    newListAttachedPoliciesResponse,
+
+    -- * Response Lenses
+    listAttachedPoliciesResponse_nextMarker,
+    listAttachedPoliciesResponse_policies,
+    listAttachedPoliciesResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListAttachedPolicies' smart constructor.
+data ListAttachedPolicies = ListAttachedPolicies'
+  { -- | The token to retrieve the next set of results.
+    marker :: Prelude.Maybe Prelude.Text,
+    -- | The maximum number of results to be returned per request.
+    pageSize :: Prelude.Maybe Prelude.Natural,
+    -- | When true, recursively list attached policies.
+    recursive :: Prelude.Maybe Prelude.Bool,
+    -- | The group or principal for which the policies will be listed. Valid
+    -- principals are CertificateArn
+    -- (arn:aws:iot:/region/:/accountId/:cert\//certificateId/), thingGroupArn
+    -- (arn:aws:iot:/region/:/accountId/:thinggroup\//groupName/) and CognitoId
+    -- (/region/:/id/).
+    target :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListAttachedPolicies' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'marker', 'listAttachedPolicies_marker' - The token to retrieve the next set of results.
+--
+-- 'pageSize', 'listAttachedPolicies_pageSize' - The maximum number of results to be returned per request.
+--
+-- 'recursive', 'listAttachedPolicies_recursive' - When true, recursively list attached policies.
+--
+-- 'target', 'listAttachedPolicies_target' - The group or principal for which the policies will be listed. Valid
+-- principals are CertificateArn
+-- (arn:aws:iot:/region/:/accountId/:cert\//certificateId/), thingGroupArn
+-- (arn:aws:iot:/region/:/accountId/:thinggroup\//groupName/) and CognitoId
+-- (/region/:/id/).
+newListAttachedPolicies ::
+  -- | 'target'
+  Prelude.Text ->
+  ListAttachedPolicies
+newListAttachedPolicies pTarget_ =
+  ListAttachedPolicies'
+    { marker = Prelude.Nothing,
+      pageSize = Prelude.Nothing,
+      recursive = Prelude.Nothing,
+      target = pTarget_
+    }
+
+-- | The token to retrieve the next set of results.
+listAttachedPolicies_marker :: Lens.Lens' ListAttachedPolicies (Prelude.Maybe Prelude.Text)
+listAttachedPolicies_marker = Lens.lens (\ListAttachedPolicies' {marker} -> marker) (\s@ListAttachedPolicies' {} a -> s {marker = a} :: ListAttachedPolicies)
+
+-- | The maximum number of results to be returned per request.
+listAttachedPolicies_pageSize :: Lens.Lens' ListAttachedPolicies (Prelude.Maybe Prelude.Natural)
+listAttachedPolicies_pageSize = Lens.lens (\ListAttachedPolicies' {pageSize} -> pageSize) (\s@ListAttachedPolicies' {} a -> s {pageSize = a} :: ListAttachedPolicies)
+
+-- | When true, recursively list attached policies.
+listAttachedPolicies_recursive :: Lens.Lens' ListAttachedPolicies (Prelude.Maybe Prelude.Bool)
+listAttachedPolicies_recursive = Lens.lens (\ListAttachedPolicies' {recursive} -> recursive) (\s@ListAttachedPolicies' {} a -> s {recursive = a} :: ListAttachedPolicies)
+
+-- | The group or principal for which the policies will be listed. Valid
+-- principals are CertificateArn
+-- (arn:aws:iot:/region/:/accountId/:cert\//certificateId/), thingGroupArn
+-- (arn:aws:iot:/region/:/accountId/:thinggroup\//groupName/) and CognitoId
+-- (/region/:/id/).
+listAttachedPolicies_target :: Lens.Lens' ListAttachedPolicies Prelude.Text
+listAttachedPolicies_target = Lens.lens (\ListAttachedPolicies' {target} -> target) (\s@ListAttachedPolicies' {} a -> s {target = a} :: ListAttachedPolicies)
+
+instance Core.AWSPager ListAttachedPolicies where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listAttachedPoliciesResponse_nextMarker
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listAttachedPoliciesResponse_policies
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listAttachedPolicies_marker
+          Lens..~ rs
+          Lens.^? listAttachedPoliciesResponse_nextMarker
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListAttachedPolicies where
+  type
+    AWSResponse ListAttachedPolicies =
+      ListAttachedPoliciesResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListAttachedPoliciesResponse'
+            Prelude.<$> (x Data..?> "nextMarker")
+            Prelude.<*> (x Data..?> "policies" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListAttachedPolicies where
+  hashWithSalt _salt ListAttachedPolicies' {..} =
+    _salt
+      `Prelude.hashWithSalt` marker
+      `Prelude.hashWithSalt` pageSize
+      `Prelude.hashWithSalt` recursive
+      `Prelude.hashWithSalt` target
+
+instance Prelude.NFData ListAttachedPolicies where
+  rnf ListAttachedPolicies' {..} =
+    Prelude.rnf marker
+      `Prelude.seq` Prelude.rnf pageSize
+      `Prelude.seq` Prelude.rnf recursive
+      `Prelude.seq` Prelude.rnf target
+
+instance Data.ToHeaders ListAttachedPolicies where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON ListAttachedPolicies where
+  toJSON = Prelude.const (Data.Object Prelude.mempty)
+
+instance Data.ToPath ListAttachedPolicies where
+  toPath ListAttachedPolicies' {..} =
+    Prelude.mconcat
+      ["/attached-policies/", Data.toBS target]
+
+instance Data.ToQuery ListAttachedPolicies where
+  toQuery ListAttachedPolicies' {..} =
+    Prelude.mconcat
+      [ "marker" Data.=: marker,
+        "pageSize" Data.=: pageSize,
+        "recursive" Data.=: recursive
+      ]
+
+-- | /See:/ 'newListAttachedPoliciesResponse' smart constructor.
+data ListAttachedPoliciesResponse = ListAttachedPoliciesResponse'
+  { -- | The token to retrieve the next set of results, or \`\`null\`\` if there
+    -- are no more results.
+    nextMarker :: Prelude.Maybe Prelude.Text,
+    -- | The policies.
+    policies :: Prelude.Maybe [Policy],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListAttachedPoliciesResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextMarker', 'listAttachedPoliciesResponse_nextMarker' - The token to retrieve the next set of results, or \`\`null\`\` if there
+-- are no more results.
+--
+-- 'policies', 'listAttachedPoliciesResponse_policies' - The policies.
+--
+-- 'httpStatus', 'listAttachedPoliciesResponse_httpStatus' - The response's http status code.
+newListAttachedPoliciesResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListAttachedPoliciesResponse
+newListAttachedPoliciesResponse pHttpStatus_ =
+  ListAttachedPoliciesResponse'
+    { nextMarker =
+        Prelude.Nothing,
+      policies = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The token to retrieve the next set of results, or \`\`null\`\` if there
+-- are no more results.
+listAttachedPoliciesResponse_nextMarker :: Lens.Lens' ListAttachedPoliciesResponse (Prelude.Maybe Prelude.Text)
+listAttachedPoliciesResponse_nextMarker = Lens.lens (\ListAttachedPoliciesResponse' {nextMarker} -> nextMarker) (\s@ListAttachedPoliciesResponse' {} a -> s {nextMarker = a} :: ListAttachedPoliciesResponse)
+
+-- | The policies.
+listAttachedPoliciesResponse_policies :: Lens.Lens' ListAttachedPoliciesResponse (Prelude.Maybe [Policy])
+listAttachedPoliciesResponse_policies = Lens.lens (\ListAttachedPoliciesResponse' {policies} -> policies) (\s@ListAttachedPoliciesResponse' {} a -> s {policies = a} :: ListAttachedPoliciesResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listAttachedPoliciesResponse_httpStatus :: Lens.Lens' ListAttachedPoliciesResponse Prelude.Int
+listAttachedPoliciesResponse_httpStatus = Lens.lens (\ListAttachedPoliciesResponse' {httpStatus} -> httpStatus) (\s@ListAttachedPoliciesResponse' {} a -> s {httpStatus = a} :: ListAttachedPoliciesResponse)
+
+instance Prelude.NFData ListAttachedPoliciesResponse where
+  rnf ListAttachedPoliciesResponse' {..} =
+    Prelude.rnf nextMarker
+      `Prelude.seq` Prelude.rnf policies
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListAuditFindings.hs b/gen/Amazonka/IoT/ListAuditFindings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListAuditFindings.hs
@@ -0,0 +1,321 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListAuditFindings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the findings (results) of a Device Defender audit or of the audits
+-- performed during a specified time period. (Findings are retained for 90
+-- days.)
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListAuditFindings>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListAuditFindings
+  ( -- * Creating a Request
+    ListAuditFindings (..),
+    newListAuditFindings,
+
+    -- * Request Lenses
+    listAuditFindings_checkName,
+    listAuditFindings_endTime,
+    listAuditFindings_listSuppressedFindings,
+    listAuditFindings_maxResults,
+    listAuditFindings_nextToken,
+    listAuditFindings_resourceIdentifier,
+    listAuditFindings_startTime,
+    listAuditFindings_taskId,
+
+    -- * Destructuring the Response
+    ListAuditFindingsResponse (..),
+    newListAuditFindingsResponse,
+
+    -- * Response Lenses
+    listAuditFindingsResponse_findings,
+    listAuditFindingsResponse_nextToken,
+    listAuditFindingsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListAuditFindings' smart constructor.
+data ListAuditFindings = ListAuditFindings'
+  { -- | A filter to limit results to the findings for the specified audit check.
+    checkName :: Prelude.Maybe Prelude.Text,
+    -- | A filter to limit results to those found before the specified time. You
+    -- must specify either the startTime and endTime or the taskId, but not
+    -- both.
+    endTime :: Prelude.Maybe Data.POSIX,
+    -- | Boolean flag indicating whether only the suppressed findings or the
+    -- unsuppressed findings should be listed. If this parameter isn\'t
+    -- provided, the response will list both suppressed and unsuppressed
+    -- findings.
+    listSuppressedFindings :: Prelude.Maybe Prelude.Bool,
+    -- | The maximum number of results to return at one time. The default is 25.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The token for the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | Information identifying the noncompliant resource.
+    resourceIdentifier :: Prelude.Maybe ResourceIdentifier,
+    -- | A filter to limit results to those found after the specified time. You
+    -- must specify either the startTime and endTime or the taskId, but not
+    -- both.
+    startTime :: Prelude.Maybe Data.POSIX,
+    -- | A filter to limit results to the audit with the specified ID. You must
+    -- specify either the taskId or the startTime and endTime, but not both.
+    taskId :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListAuditFindings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'checkName', 'listAuditFindings_checkName' - A filter to limit results to the findings for the specified audit check.
+--
+-- 'endTime', 'listAuditFindings_endTime' - A filter to limit results to those found before the specified time. You
+-- must specify either the startTime and endTime or the taskId, but not
+-- both.
+--
+-- 'listSuppressedFindings', 'listAuditFindings_listSuppressedFindings' - Boolean flag indicating whether only the suppressed findings or the
+-- unsuppressed findings should be listed. If this parameter isn\'t
+-- provided, the response will list both suppressed and unsuppressed
+-- findings.
+--
+-- 'maxResults', 'listAuditFindings_maxResults' - The maximum number of results to return at one time. The default is 25.
+--
+-- 'nextToken', 'listAuditFindings_nextToken' - The token for the next set of results.
+--
+-- 'resourceIdentifier', 'listAuditFindings_resourceIdentifier' - Information identifying the noncompliant resource.
+--
+-- 'startTime', 'listAuditFindings_startTime' - A filter to limit results to those found after the specified time. You
+-- must specify either the startTime and endTime or the taskId, but not
+-- both.
+--
+-- 'taskId', 'listAuditFindings_taskId' - A filter to limit results to the audit with the specified ID. You must
+-- specify either the taskId or the startTime and endTime, but not both.
+newListAuditFindings ::
+  ListAuditFindings
+newListAuditFindings =
+  ListAuditFindings'
+    { checkName = Prelude.Nothing,
+      endTime = Prelude.Nothing,
+      listSuppressedFindings = Prelude.Nothing,
+      maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      resourceIdentifier = Prelude.Nothing,
+      startTime = Prelude.Nothing,
+      taskId = Prelude.Nothing
+    }
+
+-- | A filter to limit results to the findings for the specified audit check.
+listAuditFindings_checkName :: Lens.Lens' ListAuditFindings (Prelude.Maybe Prelude.Text)
+listAuditFindings_checkName = Lens.lens (\ListAuditFindings' {checkName} -> checkName) (\s@ListAuditFindings' {} a -> s {checkName = a} :: ListAuditFindings)
+
+-- | A filter to limit results to those found before the specified time. You
+-- must specify either the startTime and endTime or the taskId, but not
+-- both.
+listAuditFindings_endTime :: Lens.Lens' ListAuditFindings (Prelude.Maybe Prelude.UTCTime)
+listAuditFindings_endTime = Lens.lens (\ListAuditFindings' {endTime} -> endTime) (\s@ListAuditFindings' {} a -> s {endTime = a} :: ListAuditFindings) Prelude.. Lens.mapping Data._Time
+
+-- | Boolean flag indicating whether only the suppressed findings or the
+-- unsuppressed findings should be listed. If this parameter isn\'t
+-- provided, the response will list both suppressed and unsuppressed
+-- findings.
+listAuditFindings_listSuppressedFindings :: Lens.Lens' ListAuditFindings (Prelude.Maybe Prelude.Bool)
+listAuditFindings_listSuppressedFindings = Lens.lens (\ListAuditFindings' {listSuppressedFindings} -> listSuppressedFindings) (\s@ListAuditFindings' {} a -> s {listSuppressedFindings = a} :: ListAuditFindings)
+
+-- | The maximum number of results to return at one time. The default is 25.
+listAuditFindings_maxResults :: Lens.Lens' ListAuditFindings (Prelude.Maybe Prelude.Natural)
+listAuditFindings_maxResults = Lens.lens (\ListAuditFindings' {maxResults} -> maxResults) (\s@ListAuditFindings' {} a -> s {maxResults = a} :: ListAuditFindings)
+
+-- | The token for the next set of results.
+listAuditFindings_nextToken :: Lens.Lens' ListAuditFindings (Prelude.Maybe Prelude.Text)
+listAuditFindings_nextToken = Lens.lens (\ListAuditFindings' {nextToken} -> nextToken) (\s@ListAuditFindings' {} a -> s {nextToken = a} :: ListAuditFindings)
+
+-- | Information identifying the noncompliant resource.
+listAuditFindings_resourceIdentifier :: Lens.Lens' ListAuditFindings (Prelude.Maybe ResourceIdentifier)
+listAuditFindings_resourceIdentifier = Lens.lens (\ListAuditFindings' {resourceIdentifier} -> resourceIdentifier) (\s@ListAuditFindings' {} a -> s {resourceIdentifier = a} :: ListAuditFindings)
+
+-- | A filter to limit results to those found after the specified time. You
+-- must specify either the startTime and endTime or the taskId, but not
+-- both.
+listAuditFindings_startTime :: Lens.Lens' ListAuditFindings (Prelude.Maybe Prelude.UTCTime)
+listAuditFindings_startTime = Lens.lens (\ListAuditFindings' {startTime} -> startTime) (\s@ListAuditFindings' {} a -> s {startTime = a} :: ListAuditFindings) Prelude.. Lens.mapping Data._Time
+
+-- | A filter to limit results to the audit with the specified ID. You must
+-- specify either the taskId or the startTime and endTime, but not both.
+listAuditFindings_taskId :: Lens.Lens' ListAuditFindings (Prelude.Maybe Prelude.Text)
+listAuditFindings_taskId = Lens.lens (\ListAuditFindings' {taskId} -> taskId) (\s@ListAuditFindings' {} a -> s {taskId = a} :: ListAuditFindings)
+
+instance Core.AWSPager ListAuditFindings where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listAuditFindingsResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listAuditFindingsResponse_findings
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listAuditFindings_nextToken
+          Lens..~ rs
+          Lens.^? listAuditFindingsResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListAuditFindings where
+  type
+    AWSResponse ListAuditFindings =
+      ListAuditFindingsResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListAuditFindingsResponse'
+            Prelude.<$> (x Data..?> "findings" Core..!@ Prelude.mempty)
+            Prelude.<*> (x Data..?> "nextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListAuditFindings where
+  hashWithSalt _salt ListAuditFindings' {..} =
+    _salt
+      `Prelude.hashWithSalt` checkName
+      `Prelude.hashWithSalt` endTime
+      `Prelude.hashWithSalt` listSuppressedFindings
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` resourceIdentifier
+      `Prelude.hashWithSalt` startTime
+      `Prelude.hashWithSalt` taskId
+
+instance Prelude.NFData ListAuditFindings where
+  rnf ListAuditFindings' {..} =
+    Prelude.rnf checkName
+      `Prelude.seq` Prelude.rnf endTime
+      `Prelude.seq` Prelude.rnf listSuppressedFindings
+      `Prelude.seq` Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf resourceIdentifier
+      `Prelude.seq` Prelude.rnf startTime
+      `Prelude.seq` Prelude.rnf taskId
+
+instance Data.ToHeaders ListAuditFindings where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON ListAuditFindings where
+  toJSON ListAuditFindings' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("checkName" Data..=) Prelude.<$> checkName,
+            ("endTime" Data..=) Prelude.<$> endTime,
+            ("listSuppressedFindings" Data..=)
+              Prelude.<$> listSuppressedFindings,
+            ("maxResults" Data..=) Prelude.<$> maxResults,
+            ("nextToken" Data..=) Prelude.<$> nextToken,
+            ("resourceIdentifier" Data..=)
+              Prelude.<$> resourceIdentifier,
+            ("startTime" Data..=) Prelude.<$> startTime,
+            ("taskId" Data..=) Prelude.<$> taskId
+          ]
+      )
+
+instance Data.ToPath ListAuditFindings where
+  toPath = Prelude.const "/audit/findings"
+
+instance Data.ToQuery ListAuditFindings where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newListAuditFindingsResponse' smart constructor.
+data ListAuditFindingsResponse = ListAuditFindingsResponse'
+  { -- | The findings (results) of the audit.
+    findings :: Prelude.Maybe [AuditFinding],
+    -- | A token that can be used to retrieve the next set of results, or @null@
+    -- if there are no additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListAuditFindingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'findings', 'listAuditFindingsResponse_findings' - The findings (results) of the audit.
+--
+-- 'nextToken', 'listAuditFindingsResponse_nextToken' - A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+--
+-- 'httpStatus', 'listAuditFindingsResponse_httpStatus' - The response's http status code.
+newListAuditFindingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListAuditFindingsResponse
+newListAuditFindingsResponse pHttpStatus_ =
+  ListAuditFindingsResponse'
+    { findings =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The findings (results) of the audit.
+listAuditFindingsResponse_findings :: Lens.Lens' ListAuditFindingsResponse (Prelude.Maybe [AuditFinding])
+listAuditFindingsResponse_findings = Lens.lens (\ListAuditFindingsResponse' {findings} -> findings) (\s@ListAuditFindingsResponse' {} a -> s {findings = a} :: ListAuditFindingsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+listAuditFindingsResponse_nextToken :: Lens.Lens' ListAuditFindingsResponse (Prelude.Maybe Prelude.Text)
+listAuditFindingsResponse_nextToken = Lens.lens (\ListAuditFindingsResponse' {nextToken} -> nextToken) (\s@ListAuditFindingsResponse' {} a -> s {nextToken = a} :: ListAuditFindingsResponse)
+
+-- | The response's http status code.
+listAuditFindingsResponse_httpStatus :: Lens.Lens' ListAuditFindingsResponse Prelude.Int
+listAuditFindingsResponse_httpStatus = Lens.lens (\ListAuditFindingsResponse' {httpStatus} -> httpStatus) (\s@ListAuditFindingsResponse' {} a -> s {httpStatus = a} :: ListAuditFindingsResponse)
+
+instance Prelude.NFData ListAuditFindingsResponse where
+  rnf ListAuditFindingsResponse' {..} =
+    Prelude.rnf findings
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListAuditMitigationActionsExecutions.hs b/gen/Amazonka/IoT/ListAuditMitigationActionsExecutions.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListAuditMitigationActionsExecutions.hs
@@ -0,0 +1,293 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListAuditMitigationActionsExecutions
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets the status of audit mitigation action tasks that were executed.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListAuditMitigationActionsExecutions>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListAuditMitigationActionsExecutions
+  ( -- * Creating a Request
+    ListAuditMitigationActionsExecutions (..),
+    newListAuditMitigationActionsExecutions,
+
+    -- * Request Lenses
+    listAuditMitigationActionsExecutions_actionStatus,
+    listAuditMitigationActionsExecutions_maxResults,
+    listAuditMitigationActionsExecutions_nextToken,
+    listAuditMitigationActionsExecutions_taskId,
+    listAuditMitigationActionsExecutions_findingId,
+
+    -- * Destructuring the Response
+    ListAuditMitigationActionsExecutionsResponse (..),
+    newListAuditMitigationActionsExecutionsResponse,
+
+    -- * Response Lenses
+    listAuditMitigationActionsExecutionsResponse_actionsExecutions,
+    listAuditMitigationActionsExecutionsResponse_nextToken,
+    listAuditMitigationActionsExecutionsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListAuditMitigationActionsExecutions' smart constructor.
+data ListAuditMitigationActionsExecutions = ListAuditMitigationActionsExecutions'
+  { -- | Specify this filter to limit results to those with a specific status.
+    actionStatus :: Prelude.Maybe AuditMitigationActionsExecutionStatus,
+    -- | The maximum number of results to return at one time. The default is 25.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The token for the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | Specify this filter to limit results to actions for a specific audit
+    -- mitigation actions task.
+    taskId :: Prelude.Text,
+    -- | Specify this filter to limit results to those that were applied to a
+    -- specific audit finding.
+    findingId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListAuditMitigationActionsExecutions' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'actionStatus', 'listAuditMitigationActionsExecutions_actionStatus' - Specify this filter to limit results to those with a specific status.
+--
+-- 'maxResults', 'listAuditMitigationActionsExecutions_maxResults' - The maximum number of results to return at one time. The default is 25.
+--
+-- 'nextToken', 'listAuditMitigationActionsExecutions_nextToken' - The token for the next set of results.
+--
+-- 'taskId', 'listAuditMitigationActionsExecutions_taskId' - Specify this filter to limit results to actions for a specific audit
+-- mitigation actions task.
+--
+-- 'findingId', 'listAuditMitigationActionsExecutions_findingId' - Specify this filter to limit results to those that were applied to a
+-- specific audit finding.
+newListAuditMitigationActionsExecutions ::
+  -- | 'taskId'
+  Prelude.Text ->
+  -- | 'findingId'
+  Prelude.Text ->
+  ListAuditMitigationActionsExecutions
+newListAuditMitigationActionsExecutions
+  pTaskId_
+  pFindingId_ =
+    ListAuditMitigationActionsExecutions'
+      { actionStatus =
+          Prelude.Nothing,
+        maxResults = Prelude.Nothing,
+        nextToken = Prelude.Nothing,
+        taskId = pTaskId_,
+        findingId = pFindingId_
+      }
+
+-- | Specify this filter to limit results to those with a specific status.
+listAuditMitigationActionsExecutions_actionStatus :: Lens.Lens' ListAuditMitigationActionsExecutions (Prelude.Maybe AuditMitigationActionsExecutionStatus)
+listAuditMitigationActionsExecutions_actionStatus = Lens.lens (\ListAuditMitigationActionsExecutions' {actionStatus} -> actionStatus) (\s@ListAuditMitigationActionsExecutions' {} a -> s {actionStatus = a} :: ListAuditMitigationActionsExecutions)
+
+-- | The maximum number of results to return at one time. The default is 25.
+listAuditMitigationActionsExecutions_maxResults :: Lens.Lens' ListAuditMitigationActionsExecutions (Prelude.Maybe Prelude.Natural)
+listAuditMitigationActionsExecutions_maxResults = Lens.lens (\ListAuditMitigationActionsExecutions' {maxResults} -> maxResults) (\s@ListAuditMitigationActionsExecutions' {} a -> s {maxResults = a} :: ListAuditMitigationActionsExecutions)
+
+-- | The token for the next set of results.
+listAuditMitigationActionsExecutions_nextToken :: Lens.Lens' ListAuditMitigationActionsExecutions (Prelude.Maybe Prelude.Text)
+listAuditMitigationActionsExecutions_nextToken = Lens.lens (\ListAuditMitigationActionsExecutions' {nextToken} -> nextToken) (\s@ListAuditMitigationActionsExecutions' {} a -> s {nextToken = a} :: ListAuditMitigationActionsExecutions)
+
+-- | Specify this filter to limit results to actions for a specific audit
+-- mitigation actions task.
+listAuditMitigationActionsExecutions_taskId :: Lens.Lens' ListAuditMitigationActionsExecutions Prelude.Text
+listAuditMitigationActionsExecutions_taskId = Lens.lens (\ListAuditMitigationActionsExecutions' {taskId} -> taskId) (\s@ListAuditMitigationActionsExecutions' {} a -> s {taskId = a} :: ListAuditMitigationActionsExecutions)
+
+-- | Specify this filter to limit results to those that were applied to a
+-- specific audit finding.
+listAuditMitigationActionsExecutions_findingId :: Lens.Lens' ListAuditMitigationActionsExecutions Prelude.Text
+listAuditMitigationActionsExecutions_findingId = Lens.lens (\ListAuditMitigationActionsExecutions' {findingId} -> findingId) (\s@ListAuditMitigationActionsExecutions' {} a -> s {findingId = a} :: ListAuditMitigationActionsExecutions)
+
+instance
+  Core.AWSPager
+    ListAuditMitigationActionsExecutions
+  where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listAuditMitigationActionsExecutionsResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listAuditMitigationActionsExecutionsResponse_actionsExecutions
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listAuditMitigationActionsExecutions_nextToken
+          Lens..~ rs
+          Lens.^? listAuditMitigationActionsExecutionsResponse_nextToken
+          Prelude.. Lens._Just
+
+instance
+  Core.AWSRequest
+    ListAuditMitigationActionsExecutions
+  where
+  type
+    AWSResponse ListAuditMitigationActionsExecutions =
+      ListAuditMitigationActionsExecutionsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListAuditMitigationActionsExecutionsResponse'
+            Prelude.<$> ( x
+                            Data..?> "actionsExecutions"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (x Data..?> "nextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    ListAuditMitigationActionsExecutions
+  where
+  hashWithSalt
+    _salt
+    ListAuditMitigationActionsExecutions' {..} =
+      _salt
+        `Prelude.hashWithSalt` actionStatus
+        `Prelude.hashWithSalt` maxResults
+        `Prelude.hashWithSalt` nextToken
+        `Prelude.hashWithSalt` taskId
+        `Prelude.hashWithSalt` findingId
+
+instance
+  Prelude.NFData
+    ListAuditMitigationActionsExecutions
+  where
+  rnf ListAuditMitigationActionsExecutions' {..} =
+    Prelude.rnf actionStatus
+      `Prelude.seq` Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf taskId
+      `Prelude.seq` Prelude.rnf findingId
+
+instance
+  Data.ToHeaders
+    ListAuditMitigationActionsExecutions
+  where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance
+  Data.ToPath
+    ListAuditMitigationActionsExecutions
+  where
+  toPath =
+    Prelude.const "/audit/mitigationactions/executions"
+
+instance
+  Data.ToQuery
+    ListAuditMitigationActionsExecutions
+  where
+  toQuery ListAuditMitigationActionsExecutions' {..} =
+    Prelude.mconcat
+      [ "actionStatus" Data.=: actionStatus,
+        "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken,
+        "taskId" Data.=: taskId,
+        "findingId" Data.=: findingId
+      ]
+
+-- | /See:/ 'newListAuditMitigationActionsExecutionsResponse' smart constructor.
+data ListAuditMitigationActionsExecutionsResponse = ListAuditMitigationActionsExecutionsResponse'
+  { -- | A set of task execution results based on the input parameters. Details
+    -- include the mitigation action applied, start time, and task status.
+    actionsExecutions :: Prelude.Maybe [AuditMitigationActionExecutionMetadata],
+    -- | The token for the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListAuditMitigationActionsExecutionsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'actionsExecutions', 'listAuditMitigationActionsExecutionsResponse_actionsExecutions' - A set of task execution results based on the input parameters. Details
+-- include the mitigation action applied, start time, and task status.
+--
+-- 'nextToken', 'listAuditMitigationActionsExecutionsResponse_nextToken' - The token for the next set of results.
+--
+-- 'httpStatus', 'listAuditMitigationActionsExecutionsResponse_httpStatus' - The response's http status code.
+newListAuditMitigationActionsExecutionsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListAuditMitigationActionsExecutionsResponse
+newListAuditMitigationActionsExecutionsResponse
+  pHttpStatus_ =
+    ListAuditMitigationActionsExecutionsResponse'
+      { actionsExecutions =
+          Prelude.Nothing,
+        nextToken = Prelude.Nothing,
+        httpStatus = pHttpStatus_
+      }
+
+-- | A set of task execution results based on the input parameters. Details
+-- include the mitigation action applied, start time, and task status.
+listAuditMitigationActionsExecutionsResponse_actionsExecutions :: Lens.Lens' ListAuditMitigationActionsExecutionsResponse (Prelude.Maybe [AuditMitigationActionExecutionMetadata])
+listAuditMitigationActionsExecutionsResponse_actionsExecutions = Lens.lens (\ListAuditMitigationActionsExecutionsResponse' {actionsExecutions} -> actionsExecutions) (\s@ListAuditMitigationActionsExecutionsResponse' {} a -> s {actionsExecutions = a} :: ListAuditMitigationActionsExecutionsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The token for the next set of results.
+listAuditMitigationActionsExecutionsResponse_nextToken :: Lens.Lens' ListAuditMitigationActionsExecutionsResponse (Prelude.Maybe Prelude.Text)
+listAuditMitigationActionsExecutionsResponse_nextToken = Lens.lens (\ListAuditMitigationActionsExecutionsResponse' {nextToken} -> nextToken) (\s@ListAuditMitigationActionsExecutionsResponse' {} a -> s {nextToken = a} :: ListAuditMitigationActionsExecutionsResponse)
+
+-- | The response's http status code.
+listAuditMitigationActionsExecutionsResponse_httpStatus :: Lens.Lens' ListAuditMitigationActionsExecutionsResponse Prelude.Int
+listAuditMitigationActionsExecutionsResponse_httpStatus = Lens.lens (\ListAuditMitigationActionsExecutionsResponse' {httpStatus} -> httpStatus) (\s@ListAuditMitigationActionsExecutionsResponse' {} a -> s {httpStatus = a} :: ListAuditMitigationActionsExecutionsResponse)
+
+instance
+  Prelude.NFData
+    ListAuditMitigationActionsExecutionsResponse
+  where
+  rnf ListAuditMitigationActionsExecutionsResponse' {..} =
+    Prelude.rnf actionsExecutions
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListAuditMitigationActionsTasks.hs b/gen/Amazonka/IoT/ListAuditMitigationActionsTasks.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListAuditMitigationActionsTasks.hs
@@ -0,0 +1,320 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListAuditMitigationActionsTasks
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets a list of audit mitigation action tasks that match the specified
+-- filters.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListAuditMitigationActionsTasks>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListAuditMitigationActionsTasks
+  ( -- * Creating a Request
+    ListAuditMitigationActionsTasks (..),
+    newListAuditMitigationActionsTasks,
+
+    -- * Request Lenses
+    listAuditMitigationActionsTasks_auditTaskId,
+    listAuditMitigationActionsTasks_findingId,
+    listAuditMitigationActionsTasks_maxResults,
+    listAuditMitigationActionsTasks_nextToken,
+    listAuditMitigationActionsTasks_taskStatus,
+    listAuditMitigationActionsTasks_startTime,
+    listAuditMitigationActionsTasks_endTime,
+
+    -- * Destructuring the Response
+    ListAuditMitigationActionsTasksResponse (..),
+    newListAuditMitigationActionsTasksResponse,
+
+    -- * Response Lenses
+    listAuditMitigationActionsTasksResponse_nextToken,
+    listAuditMitigationActionsTasksResponse_tasks,
+    listAuditMitigationActionsTasksResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListAuditMitigationActionsTasks' smart constructor.
+data ListAuditMitigationActionsTasks = ListAuditMitigationActionsTasks'
+  { -- | Specify this filter to limit results to tasks that were applied to
+    -- results for a specific audit.
+    auditTaskId :: Prelude.Maybe Prelude.Text,
+    -- | Specify this filter to limit results to tasks that were applied to a
+    -- specific audit finding.
+    findingId :: Prelude.Maybe Prelude.Text,
+    -- | The maximum number of results to return at one time. The default is 25.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The token for the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | Specify this filter to limit results to tasks that are in a specific
+    -- state.
+    taskStatus :: Prelude.Maybe AuditMitigationActionsTaskStatus,
+    -- | Specify this filter to limit results to tasks that began on or after a
+    -- specific date and time.
+    startTime :: Data.POSIX,
+    -- | Specify this filter to limit results to tasks that were completed or
+    -- canceled on or before a specific date and time.
+    endTime :: Data.POSIX
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListAuditMitigationActionsTasks' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'auditTaskId', 'listAuditMitigationActionsTasks_auditTaskId' - Specify this filter to limit results to tasks that were applied to
+-- results for a specific audit.
+--
+-- 'findingId', 'listAuditMitigationActionsTasks_findingId' - Specify this filter to limit results to tasks that were applied to a
+-- specific audit finding.
+--
+-- 'maxResults', 'listAuditMitigationActionsTasks_maxResults' - The maximum number of results to return at one time. The default is 25.
+--
+-- 'nextToken', 'listAuditMitigationActionsTasks_nextToken' - The token for the next set of results.
+--
+-- 'taskStatus', 'listAuditMitigationActionsTasks_taskStatus' - Specify this filter to limit results to tasks that are in a specific
+-- state.
+--
+-- 'startTime', 'listAuditMitigationActionsTasks_startTime' - Specify this filter to limit results to tasks that began on or after a
+-- specific date and time.
+--
+-- 'endTime', 'listAuditMitigationActionsTasks_endTime' - Specify this filter to limit results to tasks that were completed or
+-- canceled on or before a specific date and time.
+newListAuditMitigationActionsTasks ::
+  -- | 'startTime'
+  Prelude.UTCTime ->
+  -- | 'endTime'
+  Prelude.UTCTime ->
+  ListAuditMitigationActionsTasks
+newListAuditMitigationActionsTasks
+  pStartTime_
+  pEndTime_ =
+    ListAuditMitigationActionsTasks'
+      { auditTaskId =
+          Prelude.Nothing,
+        findingId = Prelude.Nothing,
+        maxResults = Prelude.Nothing,
+        nextToken = Prelude.Nothing,
+        taskStatus = Prelude.Nothing,
+        startTime = Data._Time Lens.# pStartTime_,
+        endTime = Data._Time Lens.# pEndTime_
+      }
+
+-- | Specify this filter to limit results to tasks that were applied to
+-- results for a specific audit.
+listAuditMitigationActionsTasks_auditTaskId :: Lens.Lens' ListAuditMitigationActionsTasks (Prelude.Maybe Prelude.Text)
+listAuditMitigationActionsTasks_auditTaskId = Lens.lens (\ListAuditMitigationActionsTasks' {auditTaskId} -> auditTaskId) (\s@ListAuditMitigationActionsTasks' {} a -> s {auditTaskId = a} :: ListAuditMitigationActionsTasks)
+
+-- | Specify this filter to limit results to tasks that were applied to a
+-- specific audit finding.
+listAuditMitigationActionsTasks_findingId :: Lens.Lens' ListAuditMitigationActionsTasks (Prelude.Maybe Prelude.Text)
+listAuditMitigationActionsTasks_findingId = Lens.lens (\ListAuditMitigationActionsTasks' {findingId} -> findingId) (\s@ListAuditMitigationActionsTasks' {} a -> s {findingId = a} :: ListAuditMitigationActionsTasks)
+
+-- | The maximum number of results to return at one time. The default is 25.
+listAuditMitigationActionsTasks_maxResults :: Lens.Lens' ListAuditMitigationActionsTasks (Prelude.Maybe Prelude.Natural)
+listAuditMitigationActionsTasks_maxResults = Lens.lens (\ListAuditMitigationActionsTasks' {maxResults} -> maxResults) (\s@ListAuditMitigationActionsTasks' {} a -> s {maxResults = a} :: ListAuditMitigationActionsTasks)
+
+-- | The token for the next set of results.
+listAuditMitigationActionsTasks_nextToken :: Lens.Lens' ListAuditMitigationActionsTasks (Prelude.Maybe Prelude.Text)
+listAuditMitigationActionsTasks_nextToken = Lens.lens (\ListAuditMitigationActionsTasks' {nextToken} -> nextToken) (\s@ListAuditMitigationActionsTasks' {} a -> s {nextToken = a} :: ListAuditMitigationActionsTasks)
+
+-- | Specify this filter to limit results to tasks that are in a specific
+-- state.
+listAuditMitigationActionsTasks_taskStatus :: Lens.Lens' ListAuditMitigationActionsTasks (Prelude.Maybe AuditMitigationActionsTaskStatus)
+listAuditMitigationActionsTasks_taskStatus = Lens.lens (\ListAuditMitigationActionsTasks' {taskStatus} -> taskStatus) (\s@ListAuditMitigationActionsTasks' {} a -> s {taskStatus = a} :: ListAuditMitigationActionsTasks)
+
+-- | Specify this filter to limit results to tasks that began on or after a
+-- specific date and time.
+listAuditMitigationActionsTasks_startTime :: Lens.Lens' ListAuditMitigationActionsTasks Prelude.UTCTime
+listAuditMitigationActionsTasks_startTime = Lens.lens (\ListAuditMitigationActionsTasks' {startTime} -> startTime) (\s@ListAuditMitigationActionsTasks' {} a -> s {startTime = a} :: ListAuditMitigationActionsTasks) Prelude.. Data._Time
+
+-- | Specify this filter to limit results to tasks that were completed or
+-- canceled on or before a specific date and time.
+listAuditMitigationActionsTasks_endTime :: Lens.Lens' ListAuditMitigationActionsTasks Prelude.UTCTime
+listAuditMitigationActionsTasks_endTime = Lens.lens (\ListAuditMitigationActionsTasks' {endTime} -> endTime) (\s@ListAuditMitigationActionsTasks' {} a -> s {endTime = a} :: ListAuditMitigationActionsTasks) Prelude.. Data._Time
+
+instance
+  Core.AWSPager
+    ListAuditMitigationActionsTasks
+  where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listAuditMitigationActionsTasksResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listAuditMitigationActionsTasksResponse_tasks
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listAuditMitigationActionsTasks_nextToken
+          Lens..~ rs
+          Lens.^? listAuditMitigationActionsTasksResponse_nextToken
+          Prelude.. Lens._Just
+
+instance
+  Core.AWSRequest
+    ListAuditMitigationActionsTasks
+  where
+  type
+    AWSResponse ListAuditMitigationActionsTasks =
+      ListAuditMitigationActionsTasksResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListAuditMitigationActionsTasksResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (x Data..?> "tasks" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    ListAuditMitigationActionsTasks
+  where
+  hashWithSalt
+    _salt
+    ListAuditMitigationActionsTasks' {..} =
+      _salt
+        `Prelude.hashWithSalt` auditTaskId
+        `Prelude.hashWithSalt` findingId
+        `Prelude.hashWithSalt` maxResults
+        `Prelude.hashWithSalt` nextToken
+        `Prelude.hashWithSalt` taskStatus
+        `Prelude.hashWithSalt` startTime
+        `Prelude.hashWithSalt` endTime
+
+instance
+  Prelude.NFData
+    ListAuditMitigationActionsTasks
+  where
+  rnf ListAuditMitigationActionsTasks' {..} =
+    Prelude.rnf auditTaskId
+      `Prelude.seq` Prelude.rnf findingId
+      `Prelude.seq` Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf taskStatus
+      `Prelude.seq` Prelude.rnf startTime
+      `Prelude.seq` Prelude.rnf endTime
+
+instance
+  Data.ToHeaders
+    ListAuditMitigationActionsTasks
+  where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListAuditMitigationActionsTasks where
+  toPath =
+    Prelude.const "/audit/mitigationactions/tasks"
+
+instance Data.ToQuery ListAuditMitigationActionsTasks where
+  toQuery ListAuditMitigationActionsTasks' {..} =
+    Prelude.mconcat
+      [ "auditTaskId" Data.=: auditTaskId,
+        "findingId" Data.=: findingId,
+        "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken,
+        "taskStatus" Data.=: taskStatus,
+        "startTime" Data.=: startTime,
+        "endTime" Data.=: endTime
+      ]
+
+-- | /See:/ 'newListAuditMitigationActionsTasksResponse' smart constructor.
+data ListAuditMitigationActionsTasksResponse = ListAuditMitigationActionsTasksResponse'
+  { -- | The token for the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The collection of audit mitigation tasks that matched the filter
+    -- criteria.
+    tasks :: Prelude.Maybe [AuditMitigationActionsTaskMetadata],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListAuditMitigationActionsTasksResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listAuditMitigationActionsTasksResponse_nextToken' - The token for the next set of results.
+--
+-- 'tasks', 'listAuditMitigationActionsTasksResponse_tasks' - The collection of audit mitigation tasks that matched the filter
+-- criteria.
+--
+-- 'httpStatus', 'listAuditMitigationActionsTasksResponse_httpStatus' - The response's http status code.
+newListAuditMitigationActionsTasksResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListAuditMitigationActionsTasksResponse
+newListAuditMitigationActionsTasksResponse
+  pHttpStatus_ =
+    ListAuditMitigationActionsTasksResponse'
+      { nextToken =
+          Prelude.Nothing,
+        tasks = Prelude.Nothing,
+        httpStatus = pHttpStatus_
+      }
+
+-- | The token for the next set of results.
+listAuditMitigationActionsTasksResponse_nextToken :: Lens.Lens' ListAuditMitigationActionsTasksResponse (Prelude.Maybe Prelude.Text)
+listAuditMitigationActionsTasksResponse_nextToken = Lens.lens (\ListAuditMitigationActionsTasksResponse' {nextToken} -> nextToken) (\s@ListAuditMitigationActionsTasksResponse' {} a -> s {nextToken = a} :: ListAuditMitigationActionsTasksResponse)
+
+-- | The collection of audit mitigation tasks that matched the filter
+-- criteria.
+listAuditMitigationActionsTasksResponse_tasks :: Lens.Lens' ListAuditMitigationActionsTasksResponse (Prelude.Maybe [AuditMitigationActionsTaskMetadata])
+listAuditMitigationActionsTasksResponse_tasks = Lens.lens (\ListAuditMitigationActionsTasksResponse' {tasks} -> tasks) (\s@ListAuditMitigationActionsTasksResponse' {} a -> s {tasks = a} :: ListAuditMitigationActionsTasksResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listAuditMitigationActionsTasksResponse_httpStatus :: Lens.Lens' ListAuditMitigationActionsTasksResponse Prelude.Int
+listAuditMitigationActionsTasksResponse_httpStatus = Lens.lens (\ListAuditMitigationActionsTasksResponse' {httpStatus} -> httpStatus) (\s@ListAuditMitigationActionsTasksResponse' {} a -> s {httpStatus = a} :: ListAuditMitigationActionsTasksResponse)
+
+instance
+  Prelude.NFData
+    ListAuditMitigationActionsTasksResponse
+  where
+  rnf ListAuditMitigationActionsTasksResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf tasks
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListAuditSuppressions.hs b/gen/Amazonka/IoT/ListAuditSuppressions.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListAuditSuppressions.hs
@@ -0,0 +1,261 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListAuditSuppressions
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists your Device Defender audit listings.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListAuditSuppressions>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListAuditSuppressions
+  ( -- * Creating a Request
+    ListAuditSuppressions (..),
+    newListAuditSuppressions,
+
+    -- * Request Lenses
+    listAuditSuppressions_ascendingOrder,
+    listAuditSuppressions_checkName,
+    listAuditSuppressions_maxResults,
+    listAuditSuppressions_nextToken,
+    listAuditSuppressions_resourceIdentifier,
+
+    -- * Destructuring the Response
+    ListAuditSuppressionsResponse (..),
+    newListAuditSuppressionsResponse,
+
+    -- * Response Lenses
+    listAuditSuppressionsResponse_nextToken,
+    listAuditSuppressionsResponse_suppressions,
+    listAuditSuppressionsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListAuditSuppressions' smart constructor.
+data ListAuditSuppressions = ListAuditSuppressions'
+  { -- | Determines whether suppressions are listed in ascending order by
+    -- expiration date or not. If parameter isn\'t provided,
+    -- @ascendingOrder=true@.
+    ascendingOrder :: Prelude.Maybe Prelude.Bool,
+    checkName :: Prelude.Maybe Prelude.Text,
+    -- | The maximum number of results to return at one time. The default is 25.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The token for the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    resourceIdentifier :: Prelude.Maybe ResourceIdentifier
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListAuditSuppressions' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'ascendingOrder', 'listAuditSuppressions_ascendingOrder' - Determines whether suppressions are listed in ascending order by
+-- expiration date or not. If parameter isn\'t provided,
+-- @ascendingOrder=true@.
+--
+-- 'checkName', 'listAuditSuppressions_checkName' - Undocumented member.
+--
+-- 'maxResults', 'listAuditSuppressions_maxResults' - The maximum number of results to return at one time. The default is 25.
+--
+-- 'nextToken', 'listAuditSuppressions_nextToken' - The token for the next set of results.
+--
+-- 'resourceIdentifier', 'listAuditSuppressions_resourceIdentifier' - Undocumented member.
+newListAuditSuppressions ::
+  ListAuditSuppressions
+newListAuditSuppressions =
+  ListAuditSuppressions'
+    { ascendingOrder =
+        Prelude.Nothing,
+      checkName = Prelude.Nothing,
+      maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      resourceIdentifier = Prelude.Nothing
+    }
+
+-- | Determines whether suppressions are listed in ascending order by
+-- expiration date or not. If parameter isn\'t provided,
+-- @ascendingOrder=true@.
+listAuditSuppressions_ascendingOrder :: Lens.Lens' ListAuditSuppressions (Prelude.Maybe Prelude.Bool)
+listAuditSuppressions_ascendingOrder = Lens.lens (\ListAuditSuppressions' {ascendingOrder} -> ascendingOrder) (\s@ListAuditSuppressions' {} a -> s {ascendingOrder = a} :: ListAuditSuppressions)
+
+-- | Undocumented member.
+listAuditSuppressions_checkName :: Lens.Lens' ListAuditSuppressions (Prelude.Maybe Prelude.Text)
+listAuditSuppressions_checkName = Lens.lens (\ListAuditSuppressions' {checkName} -> checkName) (\s@ListAuditSuppressions' {} a -> s {checkName = a} :: ListAuditSuppressions)
+
+-- | The maximum number of results to return at one time. The default is 25.
+listAuditSuppressions_maxResults :: Lens.Lens' ListAuditSuppressions (Prelude.Maybe Prelude.Natural)
+listAuditSuppressions_maxResults = Lens.lens (\ListAuditSuppressions' {maxResults} -> maxResults) (\s@ListAuditSuppressions' {} a -> s {maxResults = a} :: ListAuditSuppressions)
+
+-- | The token for the next set of results.
+listAuditSuppressions_nextToken :: Lens.Lens' ListAuditSuppressions (Prelude.Maybe Prelude.Text)
+listAuditSuppressions_nextToken = Lens.lens (\ListAuditSuppressions' {nextToken} -> nextToken) (\s@ListAuditSuppressions' {} a -> s {nextToken = a} :: ListAuditSuppressions)
+
+-- | Undocumented member.
+listAuditSuppressions_resourceIdentifier :: Lens.Lens' ListAuditSuppressions (Prelude.Maybe ResourceIdentifier)
+listAuditSuppressions_resourceIdentifier = Lens.lens (\ListAuditSuppressions' {resourceIdentifier} -> resourceIdentifier) (\s@ListAuditSuppressions' {} a -> s {resourceIdentifier = a} :: ListAuditSuppressions)
+
+instance Core.AWSPager ListAuditSuppressions where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listAuditSuppressionsResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listAuditSuppressionsResponse_suppressions
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listAuditSuppressions_nextToken
+          Lens..~ rs
+          Lens.^? listAuditSuppressionsResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListAuditSuppressions where
+  type
+    AWSResponse ListAuditSuppressions =
+      ListAuditSuppressionsResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListAuditSuppressionsResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (x Data..?> "suppressions" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListAuditSuppressions where
+  hashWithSalt _salt ListAuditSuppressions' {..} =
+    _salt
+      `Prelude.hashWithSalt` ascendingOrder
+      `Prelude.hashWithSalt` checkName
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` resourceIdentifier
+
+instance Prelude.NFData ListAuditSuppressions where
+  rnf ListAuditSuppressions' {..} =
+    Prelude.rnf ascendingOrder
+      `Prelude.seq` Prelude.rnf checkName
+      `Prelude.seq` Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf resourceIdentifier
+
+instance Data.ToHeaders ListAuditSuppressions where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON ListAuditSuppressions where
+  toJSON ListAuditSuppressions' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("ascendingOrder" Data..=)
+              Prelude.<$> ascendingOrder,
+            ("checkName" Data..=) Prelude.<$> checkName,
+            ("maxResults" Data..=) Prelude.<$> maxResults,
+            ("nextToken" Data..=) Prelude.<$> nextToken,
+            ("resourceIdentifier" Data..=)
+              Prelude.<$> resourceIdentifier
+          ]
+      )
+
+instance Data.ToPath ListAuditSuppressions where
+  toPath = Prelude.const "/audit/suppressions/list"
+
+instance Data.ToQuery ListAuditSuppressions where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newListAuditSuppressionsResponse' smart constructor.
+data ListAuditSuppressionsResponse = ListAuditSuppressionsResponse'
+  { -- | A token that can be used to retrieve the next set of results, or @null@
+    -- if there are no additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | List of audit suppressions.
+    suppressions :: Prelude.Maybe [AuditSuppression],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListAuditSuppressionsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listAuditSuppressionsResponse_nextToken' - A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+--
+-- 'suppressions', 'listAuditSuppressionsResponse_suppressions' - List of audit suppressions.
+--
+-- 'httpStatus', 'listAuditSuppressionsResponse_httpStatus' - The response's http status code.
+newListAuditSuppressionsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListAuditSuppressionsResponse
+newListAuditSuppressionsResponse pHttpStatus_ =
+  ListAuditSuppressionsResponse'
+    { nextToken =
+        Prelude.Nothing,
+      suppressions = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+listAuditSuppressionsResponse_nextToken :: Lens.Lens' ListAuditSuppressionsResponse (Prelude.Maybe Prelude.Text)
+listAuditSuppressionsResponse_nextToken = Lens.lens (\ListAuditSuppressionsResponse' {nextToken} -> nextToken) (\s@ListAuditSuppressionsResponse' {} a -> s {nextToken = a} :: ListAuditSuppressionsResponse)
+
+-- | List of audit suppressions.
+listAuditSuppressionsResponse_suppressions :: Lens.Lens' ListAuditSuppressionsResponse (Prelude.Maybe [AuditSuppression])
+listAuditSuppressionsResponse_suppressions = Lens.lens (\ListAuditSuppressionsResponse' {suppressions} -> suppressions) (\s@ListAuditSuppressionsResponse' {} a -> s {suppressions = a} :: ListAuditSuppressionsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listAuditSuppressionsResponse_httpStatus :: Lens.Lens' ListAuditSuppressionsResponse Prelude.Int
+listAuditSuppressionsResponse_httpStatus = Lens.lens (\ListAuditSuppressionsResponse' {httpStatus} -> httpStatus) (\s@ListAuditSuppressionsResponse' {} a -> s {httpStatus = a} :: ListAuditSuppressionsResponse)
+
+instance Prelude.NFData ListAuditSuppressionsResponse where
+  rnf ListAuditSuppressionsResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf suppressions
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListAuditTasks.hs b/gen/Amazonka/IoT/ListAuditTasks.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListAuditTasks.hs
@@ -0,0 +1,282 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListAuditTasks
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the Device Defender audits that have been performed during a given
+-- time period.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListAuditTasks>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListAuditTasks
+  ( -- * Creating a Request
+    ListAuditTasks (..),
+    newListAuditTasks,
+
+    -- * Request Lenses
+    listAuditTasks_maxResults,
+    listAuditTasks_nextToken,
+    listAuditTasks_taskStatus,
+    listAuditTasks_taskType,
+    listAuditTasks_startTime,
+    listAuditTasks_endTime,
+
+    -- * Destructuring the Response
+    ListAuditTasksResponse (..),
+    newListAuditTasksResponse,
+
+    -- * Response Lenses
+    listAuditTasksResponse_nextToken,
+    listAuditTasksResponse_tasks,
+    listAuditTasksResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListAuditTasks' smart constructor.
+data ListAuditTasks = ListAuditTasks'
+  { -- | The maximum number of results to return at one time. The default is 25.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The token for the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | A filter to limit the output to audits with the specified completion
+    -- status: can be one of \"IN_PROGRESS\", \"COMPLETED\", \"FAILED\", or
+    -- \"CANCELED\".
+    taskStatus :: Prelude.Maybe AuditTaskStatus,
+    -- | A filter to limit the output to the specified type of audit: can be one
+    -- of \"ON_DEMAND_AUDIT_TASK\" or \"SCHEDULED__AUDIT_TASK\".
+    taskType :: Prelude.Maybe AuditTaskType,
+    -- | The beginning of the time period. Audit information is retained for a
+    -- limited time (90 days). Requesting a start time prior to what is
+    -- retained results in an \"InvalidRequestException\".
+    startTime :: Data.POSIX,
+    -- | The end of the time period.
+    endTime :: Data.POSIX
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListAuditTasks' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listAuditTasks_maxResults' - The maximum number of results to return at one time. The default is 25.
+--
+-- 'nextToken', 'listAuditTasks_nextToken' - The token for the next set of results.
+--
+-- 'taskStatus', 'listAuditTasks_taskStatus' - A filter to limit the output to audits with the specified completion
+-- status: can be one of \"IN_PROGRESS\", \"COMPLETED\", \"FAILED\", or
+-- \"CANCELED\".
+--
+-- 'taskType', 'listAuditTasks_taskType' - A filter to limit the output to the specified type of audit: can be one
+-- of \"ON_DEMAND_AUDIT_TASK\" or \"SCHEDULED__AUDIT_TASK\".
+--
+-- 'startTime', 'listAuditTasks_startTime' - The beginning of the time period. Audit information is retained for a
+-- limited time (90 days). Requesting a start time prior to what is
+-- retained results in an \"InvalidRequestException\".
+--
+-- 'endTime', 'listAuditTasks_endTime' - The end of the time period.
+newListAuditTasks ::
+  -- | 'startTime'
+  Prelude.UTCTime ->
+  -- | 'endTime'
+  Prelude.UTCTime ->
+  ListAuditTasks
+newListAuditTasks pStartTime_ pEndTime_ =
+  ListAuditTasks'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      taskStatus = Prelude.Nothing,
+      taskType = Prelude.Nothing,
+      startTime = Data._Time Lens.# pStartTime_,
+      endTime = Data._Time Lens.# pEndTime_
+    }
+
+-- | The maximum number of results to return at one time. The default is 25.
+listAuditTasks_maxResults :: Lens.Lens' ListAuditTasks (Prelude.Maybe Prelude.Natural)
+listAuditTasks_maxResults = Lens.lens (\ListAuditTasks' {maxResults} -> maxResults) (\s@ListAuditTasks' {} a -> s {maxResults = a} :: ListAuditTasks)
+
+-- | The token for the next set of results.
+listAuditTasks_nextToken :: Lens.Lens' ListAuditTasks (Prelude.Maybe Prelude.Text)
+listAuditTasks_nextToken = Lens.lens (\ListAuditTasks' {nextToken} -> nextToken) (\s@ListAuditTasks' {} a -> s {nextToken = a} :: ListAuditTasks)
+
+-- | A filter to limit the output to audits with the specified completion
+-- status: can be one of \"IN_PROGRESS\", \"COMPLETED\", \"FAILED\", or
+-- \"CANCELED\".
+listAuditTasks_taskStatus :: Lens.Lens' ListAuditTasks (Prelude.Maybe AuditTaskStatus)
+listAuditTasks_taskStatus = Lens.lens (\ListAuditTasks' {taskStatus} -> taskStatus) (\s@ListAuditTasks' {} a -> s {taskStatus = a} :: ListAuditTasks)
+
+-- | A filter to limit the output to the specified type of audit: can be one
+-- of \"ON_DEMAND_AUDIT_TASK\" or \"SCHEDULED__AUDIT_TASK\".
+listAuditTasks_taskType :: Lens.Lens' ListAuditTasks (Prelude.Maybe AuditTaskType)
+listAuditTasks_taskType = Lens.lens (\ListAuditTasks' {taskType} -> taskType) (\s@ListAuditTasks' {} a -> s {taskType = a} :: ListAuditTasks)
+
+-- | The beginning of the time period. Audit information is retained for a
+-- limited time (90 days). Requesting a start time prior to what is
+-- retained results in an \"InvalidRequestException\".
+listAuditTasks_startTime :: Lens.Lens' ListAuditTasks Prelude.UTCTime
+listAuditTasks_startTime = Lens.lens (\ListAuditTasks' {startTime} -> startTime) (\s@ListAuditTasks' {} a -> s {startTime = a} :: ListAuditTasks) Prelude.. Data._Time
+
+-- | The end of the time period.
+listAuditTasks_endTime :: Lens.Lens' ListAuditTasks Prelude.UTCTime
+listAuditTasks_endTime = Lens.lens (\ListAuditTasks' {endTime} -> endTime) (\s@ListAuditTasks' {} a -> s {endTime = a} :: ListAuditTasks) Prelude.. Data._Time
+
+instance Core.AWSPager ListAuditTasks where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listAuditTasksResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listAuditTasksResponse_tasks
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listAuditTasks_nextToken
+          Lens..~ rs
+          Lens.^? listAuditTasksResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListAuditTasks where
+  type
+    AWSResponse ListAuditTasks =
+      ListAuditTasksResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListAuditTasksResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (x Data..?> "tasks" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListAuditTasks where
+  hashWithSalt _salt ListAuditTasks' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` taskStatus
+      `Prelude.hashWithSalt` taskType
+      `Prelude.hashWithSalt` startTime
+      `Prelude.hashWithSalt` endTime
+
+instance Prelude.NFData ListAuditTasks where
+  rnf ListAuditTasks' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf taskStatus
+      `Prelude.seq` Prelude.rnf taskType
+      `Prelude.seq` Prelude.rnf startTime
+      `Prelude.seq` Prelude.rnf endTime
+
+instance Data.ToHeaders ListAuditTasks where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListAuditTasks where
+  toPath = Prelude.const "/audit/tasks"
+
+instance Data.ToQuery ListAuditTasks where
+  toQuery ListAuditTasks' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken,
+        "taskStatus" Data.=: taskStatus,
+        "taskType" Data.=: taskType,
+        "startTime" Data.=: startTime,
+        "endTime" Data.=: endTime
+      ]
+
+-- | /See:/ 'newListAuditTasksResponse' smart constructor.
+data ListAuditTasksResponse = ListAuditTasksResponse'
+  { -- | A token that can be used to retrieve the next set of results, or @null@
+    -- if there are no additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The audits that were performed during the specified time period.
+    tasks :: Prelude.Maybe [AuditTaskMetadata],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListAuditTasksResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listAuditTasksResponse_nextToken' - A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+--
+-- 'tasks', 'listAuditTasksResponse_tasks' - The audits that were performed during the specified time period.
+--
+-- 'httpStatus', 'listAuditTasksResponse_httpStatus' - The response's http status code.
+newListAuditTasksResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListAuditTasksResponse
+newListAuditTasksResponse pHttpStatus_ =
+  ListAuditTasksResponse'
+    { nextToken =
+        Prelude.Nothing,
+      tasks = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+listAuditTasksResponse_nextToken :: Lens.Lens' ListAuditTasksResponse (Prelude.Maybe Prelude.Text)
+listAuditTasksResponse_nextToken = Lens.lens (\ListAuditTasksResponse' {nextToken} -> nextToken) (\s@ListAuditTasksResponse' {} a -> s {nextToken = a} :: ListAuditTasksResponse)
+
+-- | The audits that were performed during the specified time period.
+listAuditTasksResponse_tasks :: Lens.Lens' ListAuditTasksResponse (Prelude.Maybe [AuditTaskMetadata])
+listAuditTasksResponse_tasks = Lens.lens (\ListAuditTasksResponse' {tasks} -> tasks) (\s@ListAuditTasksResponse' {} a -> s {tasks = a} :: ListAuditTasksResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listAuditTasksResponse_httpStatus :: Lens.Lens' ListAuditTasksResponse Prelude.Int
+listAuditTasksResponse_httpStatus = Lens.lens (\ListAuditTasksResponse' {httpStatus} -> httpStatus) (\s@ListAuditTasksResponse' {} a -> s {httpStatus = a} :: ListAuditTasksResponse)
+
+instance Prelude.NFData ListAuditTasksResponse where
+  rnf ListAuditTasksResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf tasks
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListAuthorizers.hs b/gen/Amazonka/IoT/ListAuthorizers.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListAuthorizers.hs
@@ -0,0 +1,233 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListAuthorizers
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the authorizers registered in your account.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListAuthorizers>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListAuthorizers
+  ( -- * Creating a Request
+    ListAuthorizers (..),
+    newListAuthorizers,
+
+    -- * Request Lenses
+    listAuthorizers_ascendingOrder,
+    listAuthorizers_marker,
+    listAuthorizers_pageSize,
+    listAuthorizers_status,
+
+    -- * Destructuring the Response
+    ListAuthorizersResponse (..),
+    newListAuthorizersResponse,
+
+    -- * Response Lenses
+    listAuthorizersResponse_authorizers,
+    listAuthorizersResponse_nextMarker,
+    listAuthorizersResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListAuthorizers' smart constructor.
+data ListAuthorizers = ListAuthorizers'
+  { -- | Return the list of authorizers in ascending alphabetical order.
+    ascendingOrder :: Prelude.Maybe Prelude.Bool,
+    -- | A marker used to get the next set of results.
+    marker :: Prelude.Maybe Prelude.Text,
+    -- | The maximum number of results to return at one time.
+    pageSize :: Prelude.Maybe Prelude.Natural,
+    -- | The status of the list authorizers request.
+    status :: Prelude.Maybe AuthorizerStatus
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListAuthorizers' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'ascendingOrder', 'listAuthorizers_ascendingOrder' - Return the list of authorizers in ascending alphabetical order.
+--
+-- 'marker', 'listAuthorizers_marker' - A marker used to get the next set of results.
+--
+-- 'pageSize', 'listAuthorizers_pageSize' - The maximum number of results to return at one time.
+--
+-- 'status', 'listAuthorizers_status' - The status of the list authorizers request.
+newListAuthorizers ::
+  ListAuthorizers
+newListAuthorizers =
+  ListAuthorizers'
+    { ascendingOrder = Prelude.Nothing,
+      marker = Prelude.Nothing,
+      pageSize = Prelude.Nothing,
+      status = Prelude.Nothing
+    }
+
+-- | Return the list of authorizers in ascending alphabetical order.
+listAuthorizers_ascendingOrder :: Lens.Lens' ListAuthorizers (Prelude.Maybe Prelude.Bool)
+listAuthorizers_ascendingOrder = Lens.lens (\ListAuthorizers' {ascendingOrder} -> ascendingOrder) (\s@ListAuthorizers' {} a -> s {ascendingOrder = a} :: ListAuthorizers)
+
+-- | A marker used to get the next set of results.
+listAuthorizers_marker :: Lens.Lens' ListAuthorizers (Prelude.Maybe Prelude.Text)
+listAuthorizers_marker = Lens.lens (\ListAuthorizers' {marker} -> marker) (\s@ListAuthorizers' {} a -> s {marker = a} :: ListAuthorizers)
+
+-- | The maximum number of results to return at one time.
+listAuthorizers_pageSize :: Lens.Lens' ListAuthorizers (Prelude.Maybe Prelude.Natural)
+listAuthorizers_pageSize = Lens.lens (\ListAuthorizers' {pageSize} -> pageSize) (\s@ListAuthorizers' {} a -> s {pageSize = a} :: ListAuthorizers)
+
+-- | The status of the list authorizers request.
+listAuthorizers_status :: Lens.Lens' ListAuthorizers (Prelude.Maybe AuthorizerStatus)
+listAuthorizers_status = Lens.lens (\ListAuthorizers' {status} -> status) (\s@ListAuthorizers' {} a -> s {status = a} :: ListAuthorizers)
+
+instance Core.AWSPager ListAuthorizers where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listAuthorizersResponse_nextMarker
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listAuthorizersResponse_authorizers
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listAuthorizers_marker
+          Lens..~ rs
+          Lens.^? listAuthorizersResponse_nextMarker
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListAuthorizers where
+  type
+    AWSResponse ListAuthorizers =
+      ListAuthorizersResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListAuthorizersResponse'
+            Prelude.<$> (x Data..?> "authorizers" Core..!@ Prelude.mempty)
+            Prelude.<*> (x Data..?> "nextMarker")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListAuthorizers where
+  hashWithSalt _salt ListAuthorizers' {..} =
+    _salt
+      `Prelude.hashWithSalt` ascendingOrder
+      `Prelude.hashWithSalt` marker
+      `Prelude.hashWithSalt` pageSize
+      `Prelude.hashWithSalt` status
+
+instance Prelude.NFData ListAuthorizers where
+  rnf ListAuthorizers' {..} =
+    Prelude.rnf ascendingOrder
+      `Prelude.seq` Prelude.rnf marker
+      `Prelude.seq` Prelude.rnf pageSize
+      `Prelude.seq` Prelude.rnf status
+
+instance Data.ToHeaders ListAuthorizers where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListAuthorizers where
+  toPath = Prelude.const "/authorizers/"
+
+instance Data.ToQuery ListAuthorizers where
+  toQuery ListAuthorizers' {..} =
+    Prelude.mconcat
+      [ "isAscendingOrder" Data.=: ascendingOrder,
+        "marker" Data.=: marker,
+        "pageSize" Data.=: pageSize,
+        "status" Data.=: status
+      ]
+
+-- | /See:/ 'newListAuthorizersResponse' smart constructor.
+data ListAuthorizersResponse = ListAuthorizersResponse'
+  { -- | The authorizers.
+    authorizers :: Prelude.Maybe [AuthorizerSummary],
+    -- | A marker used to get the next set of results.
+    nextMarker :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListAuthorizersResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'authorizers', 'listAuthorizersResponse_authorizers' - The authorizers.
+--
+-- 'nextMarker', 'listAuthorizersResponse_nextMarker' - A marker used to get the next set of results.
+--
+-- 'httpStatus', 'listAuthorizersResponse_httpStatus' - The response's http status code.
+newListAuthorizersResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListAuthorizersResponse
+newListAuthorizersResponse pHttpStatus_ =
+  ListAuthorizersResponse'
+    { authorizers =
+        Prelude.Nothing,
+      nextMarker = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The authorizers.
+listAuthorizersResponse_authorizers :: Lens.Lens' ListAuthorizersResponse (Prelude.Maybe [AuthorizerSummary])
+listAuthorizersResponse_authorizers = Lens.lens (\ListAuthorizersResponse' {authorizers} -> authorizers) (\s@ListAuthorizersResponse' {} a -> s {authorizers = a} :: ListAuthorizersResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | A marker used to get the next set of results.
+listAuthorizersResponse_nextMarker :: Lens.Lens' ListAuthorizersResponse (Prelude.Maybe Prelude.Text)
+listAuthorizersResponse_nextMarker = Lens.lens (\ListAuthorizersResponse' {nextMarker} -> nextMarker) (\s@ListAuthorizersResponse' {} a -> s {nextMarker = a} :: ListAuthorizersResponse)
+
+-- | The response's http status code.
+listAuthorizersResponse_httpStatus :: Lens.Lens' ListAuthorizersResponse Prelude.Int
+listAuthorizersResponse_httpStatus = Lens.lens (\ListAuthorizersResponse' {httpStatus} -> httpStatus) (\s@ListAuthorizersResponse' {} a -> s {httpStatus = a} :: ListAuthorizersResponse)
+
+instance Prelude.NFData ListAuthorizersResponse where
+  rnf ListAuthorizersResponse' {..} =
+    Prelude.rnf authorizers
+      `Prelude.seq` Prelude.rnf nextMarker
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListBillingGroups.hs b/gen/Amazonka/IoT/ListBillingGroups.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListBillingGroups.hs
@@ -0,0 +1,229 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListBillingGroups
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the billing groups you have created.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListBillingGroups>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListBillingGroups
+  ( -- * Creating a Request
+    ListBillingGroups (..),
+    newListBillingGroups,
+
+    -- * Request Lenses
+    listBillingGroups_maxResults,
+    listBillingGroups_namePrefixFilter,
+    listBillingGroups_nextToken,
+
+    -- * Destructuring the Response
+    ListBillingGroupsResponse (..),
+    newListBillingGroupsResponse,
+
+    -- * Response Lenses
+    listBillingGroupsResponse_billingGroups,
+    listBillingGroupsResponse_nextToken,
+    listBillingGroupsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListBillingGroups' smart constructor.
+data ListBillingGroups = ListBillingGroups'
+  { -- | The maximum number of results to return per request.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | Limit the results to billing groups whose names have the given prefix.
+    namePrefixFilter :: Prelude.Maybe Prelude.Text,
+    -- | To retrieve the next set of results, the @nextToken@ value from a
+    -- previous response; otherwise __null__ to receive the first set of
+    -- results.
+    nextToken :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListBillingGroups' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listBillingGroups_maxResults' - The maximum number of results to return per request.
+--
+-- 'namePrefixFilter', 'listBillingGroups_namePrefixFilter' - Limit the results to billing groups whose names have the given prefix.
+--
+-- 'nextToken', 'listBillingGroups_nextToken' - To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+newListBillingGroups ::
+  ListBillingGroups
+newListBillingGroups =
+  ListBillingGroups'
+    { maxResults = Prelude.Nothing,
+      namePrefixFilter = Prelude.Nothing,
+      nextToken = Prelude.Nothing
+    }
+
+-- | The maximum number of results to return per request.
+listBillingGroups_maxResults :: Lens.Lens' ListBillingGroups (Prelude.Maybe Prelude.Natural)
+listBillingGroups_maxResults = Lens.lens (\ListBillingGroups' {maxResults} -> maxResults) (\s@ListBillingGroups' {} a -> s {maxResults = a} :: ListBillingGroups)
+
+-- | Limit the results to billing groups whose names have the given prefix.
+listBillingGroups_namePrefixFilter :: Lens.Lens' ListBillingGroups (Prelude.Maybe Prelude.Text)
+listBillingGroups_namePrefixFilter = Lens.lens (\ListBillingGroups' {namePrefixFilter} -> namePrefixFilter) (\s@ListBillingGroups' {} a -> s {namePrefixFilter = a} :: ListBillingGroups)
+
+-- | To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+listBillingGroups_nextToken :: Lens.Lens' ListBillingGroups (Prelude.Maybe Prelude.Text)
+listBillingGroups_nextToken = Lens.lens (\ListBillingGroups' {nextToken} -> nextToken) (\s@ListBillingGroups' {} a -> s {nextToken = a} :: ListBillingGroups)
+
+instance Core.AWSPager ListBillingGroups where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listBillingGroupsResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listBillingGroupsResponse_billingGroups
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listBillingGroups_nextToken
+          Lens..~ rs
+          Lens.^? listBillingGroupsResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListBillingGroups where
+  type
+    AWSResponse ListBillingGroups =
+      ListBillingGroupsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListBillingGroupsResponse'
+            Prelude.<$> (x Data..?> "billingGroups" Core..!@ Prelude.mempty)
+            Prelude.<*> (x Data..?> "nextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListBillingGroups where
+  hashWithSalt _salt ListBillingGroups' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` namePrefixFilter
+      `Prelude.hashWithSalt` nextToken
+
+instance Prelude.NFData ListBillingGroups where
+  rnf ListBillingGroups' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf namePrefixFilter
+      `Prelude.seq` Prelude.rnf nextToken
+
+instance Data.ToHeaders ListBillingGroups where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListBillingGroups where
+  toPath = Prelude.const "/billing-groups"
+
+instance Data.ToQuery ListBillingGroups where
+  toQuery ListBillingGroups' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "namePrefixFilter" Data.=: namePrefixFilter,
+        "nextToken" Data.=: nextToken
+      ]
+
+-- | /See:/ 'newListBillingGroupsResponse' smart constructor.
+data ListBillingGroupsResponse = ListBillingGroupsResponse'
+  { -- | The list of billing groups.
+    billingGroups :: Prelude.Maybe [GroupNameAndArn],
+    -- | The token to use to get the next set of results, or __null__ if there
+    -- are no additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListBillingGroupsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'billingGroups', 'listBillingGroupsResponse_billingGroups' - The list of billing groups.
+--
+-- 'nextToken', 'listBillingGroupsResponse_nextToken' - The token to use to get the next set of results, or __null__ if there
+-- are no additional results.
+--
+-- 'httpStatus', 'listBillingGroupsResponse_httpStatus' - The response's http status code.
+newListBillingGroupsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListBillingGroupsResponse
+newListBillingGroupsResponse pHttpStatus_ =
+  ListBillingGroupsResponse'
+    { billingGroups =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The list of billing groups.
+listBillingGroupsResponse_billingGroups :: Lens.Lens' ListBillingGroupsResponse (Prelude.Maybe [GroupNameAndArn])
+listBillingGroupsResponse_billingGroups = Lens.lens (\ListBillingGroupsResponse' {billingGroups} -> billingGroups) (\s@ListBillingGroupsResponse' {} a -> s {billingGroups = a} :: ListBillingGroupsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The token to use to get the next set of results, or __null__ if there
+-- are no additional results.
+listBillingGroupsResponse_nextToken :: Lens.Lens' ListBillingGroupsResponse (Prelude.Maybe Prelude.Text)
+listBillingGroupsResponse_nextToken = Lens.lens (\ListBillingGroupsResponse' {nextToken} -> nextToken) (\s@ListBillingGroupsResponse' {} a -> s {nextToken = a} :: ListBillingGroupsResponse)
+
+-- | The response's http status code.
+listBillingGroupsResponse_httpStatus :: Lens.Lens' ListBillingGroupsResponse Prelude.Int
+listBillingGroupsResponse_httpStatus = Lens.lens (\ListBillingGroupsResponse' {httpStatus} -> httpStatus) (\s@ListBillingGroupsResponse' {} a -> s {httpStatus = a} :: ListBillingGroupsResponse)
+
+instance Prelude.NFData ListBillingGroupsResponse where
+  rnf ListBillingGroupsResponse' {..} =
+    Prelude.rnf billingGroups
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListCACertificates.hs b/gen/Amazonka/IoT/ListCACertificates.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListCACertificates.hs
@@ -0,0 +1,242 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListCACertificates
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the CA certificates registered for your Amazon Web Services
+-- account.
+--
+-- The results are paginated with a default page size of 25. You can use
+-- the returned marker to retrieve additional results.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListCACertificates>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListCACertificates
+  ( -- * Creating a Request
+    ListCACertificates (..),
+    newListCACertificates,
+
+    -- * Request Lenses
+    listCACertificates_ascendingOrder,
+    listCACertificates_marker,
+    listCACertificates_pageSize,
+    listCACertificates_templateName,
+
+    -- * Destructuring the Response
+    ListCACertificatesResponse (..),
+    newListCACertificatesResponse,
+
+    -- * Response Lenses
+    listCACertificatesResponse_certificates,
+    listCACertificatesResponse_nextMarker,
+    listCACertificatesResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | Input for the ListCACertificates operation.
+--
+-- /See:/ 'newListCACertificates' smart constructor.
+data ListCACertificates = ListCACertificates'
+  { -- | Determines the order of the results.
+    ascendingOrder :: Prelude.Maybe Prelude.Bool,
+    -- | The marker for the next set of results.
+    marker :: Prelude.Maybe Prelude.Text,
+    -- | The result page size.
+    pageSize :: Prelude.Maybe Prelude.Natural,
+    -- | The name of the provisioning template.
+    templateName :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListCACertificates' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'ascendingOrder', 'listCACertificates_ascendingOrder' - Determines the order of the results.
+--
+-- 'marker', 'listCACertificates_marker' - The marker for the next set of results.
+--
+-- 'pageSize', 'listCACertificates_pageSize' - The result page size.
+--
+-- 'templateName', 'listCACertificates_templateName' - The name of the provisioning template.
+newListCACertificates ::
+  ListCACertificates
+newListCACertificates =
+  ListCACertificates'
+    { ascendingOrder =
+        Prelude.Nothing,
+      marker = Prelude.Nothing,
+      pageSize = Prelude.Nothing,
+      templateName = Prelude.Nothing
+    }
+
+-- | Determines the order of the results.
+listCACertificates_ascendingOrder :: Lens.Lens' ListCACertificates (Prelude.Maybe Prelude.Bool)
+listCACertificates_ascendingOrder = Lens.lens (\ListCACertificates' {ascendingOrder} -> ascendingOrder) (\s@ListCACertificates' {} a -> s {ascendingOrder = a} :: ListCACertificates)
+
+-- | The marker for the next set of results.
+listCACertificates_marker :: Lens.Lens' ListCACertificates (Prelude.Maybe Prelude.Text)
+listCACertificates_marker = Lens.lens (\ListCACertificates' {marker} -> marker) (\s@ListCACertificates' {} a -> s {marker = a} :: ListCACertificates)
+
+-- | The result page size.
+listCACertificates_pageSize :: Lens.Lens' ListCACertificates (Prelude.Maybe Prelude.Natural)
+listCACertificates_pageSize = Lens.lens (\ListCACertificates' {pageSize} -> pageSize) (\s@ListCACertificates' {} a -> s {pageSize = a} :: ListCACertificates)
+
+-- | The name of the provisioning template.
+listCACertificates_templateName :: Lens.Lens' ListCACertificates (Prelude.Maybe Prelude.Text)
+listCACertificates_templateName = Lens.lens (\ListCACertificates' {templateName} -> templateName) (\s@ListCACertificates' {} a -> s {templateName = a} :: ListCACertificates)
+
+instance Core.AWSPager ListCACertificates where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listCACertificatesResponse_nextMarker
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listCACertificatesResponse_certificates
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listCACertificates_marker
+          Lens..~ rs
+          Lens.^? listCACertificatesResponse_nextMarker
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListCACertificates where
+  type
+    AWSResponse ListCACertificates =
+      ListCACertificatesResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListCACertificatesResponse'
+            Prelude.<$> (x Data..?> "certificates" Core..!@ Prelude.mempty)
+            Prelude.<*> (x Data..?> "nextMarker")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListCACertificates where
+  hashWithSalt _salt ListCACertificates' {..} =
+    _salt
+      `Prelude.hashWithSalt` ascendingOrder
+      `Prelude.hashWithSalt` marker
+      `Prelude.hashWithSalt` pageSize
+      `Prelude.hashWithSalt` templateName
+
+instance Prelude.NFData ListCACertificates where
+  rnf ListCACertificates' {..} =
+    Prelude.rnf ascendingOrder
+      `Prelude.seq` Prelude.rnf marker
+      `Prelude.seq` Prelude.rnf pageSize
+      `Prelude.seq` Prelude.rnf templateName
+
+instance Data.ToHeaders ListCACertificates where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListCACertificates where
+  toPath = Prelude.const "/cacertificates"
+
+instance Data.ToQuery ListCACertificates where
+  toQuery ListCACertificates' {..} =
+    Prelude.mconcat
+      [ "isAscendingOrder" Data.=: ascendingOrder,
+        "marker" Data.=: marker,
+        "pageSize" Data.=: pageSize,
+        "templateName" Data.=: templateName
+      ]
+
+-- | The output from the ListCACertificates operation.
+--
+-- /See:/ 'newListCACertificatesResponse' smart constructor.
+data ListCACertificatesResponse = ListCACertificatesResponse'
+  { -- | The CA certificates registered in your Amazon Web Services account.
+    certificates :: Prelude.Maybe [CACertificate],
+    -- | The current position within the list of CA certificates.
+    nextMarker :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListCACertificatesResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificates', 'listCACertificatesResponse_certificates' - The CA certificates registered in your Amazon Web Services account.
+--
+-- 'nextMarker', 'listCACertificatesResponse_nextMarker' - The current position within the list of CA certificates.
+--
+-- 'httpStatus', 'listCACertificatesResponse_httpStatus' - The response's http status code.
+newListCACertificatesResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListCACertificatesResponse
+newListCACertificatesResponse pHttpStatus_ =
+  ListCACertificatesResponse'
+    { certificates =
+        Prelude.Nothing,
+      nextMarker = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The CA certificates registered in your Amazon Web Services account.
+listCACertificatesResponse_certificates :: Lens.Lens' ListCACertificatesResponse (Prelude.Maybe [CACertificate])
+listCACertificatesResponse_certificates = Lens.lens (\ListCACertificatesResponse' {certificates} -> certificates) (\s@ListCACertificatesResponse' {} a -> s {certificates = a} :: ListCACertificatesResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The current position within the list of CA certificates.
+listCACertificatesResponse_nextMarker :: Lens.Lens' ListCACertificatesResponse (Prelude.Maybe Prelude.Text)
+listCACertificatesResponse_nextMarker = Lens.lens (\ListCACertificatesResponse' {nextMarker} -> nextMarker) (\s@ListCACertificatesResponse' {} a -> s {nextMarker = a} :: ListCACertificatesResponse)
+
+-- | The response's http status code.
+listCACertificatesResponse_httpStatus :: Lens.Lens' ListCACertificatesResponse Prelude.Int
+listCACertificatesResponse_httpStatus = Lens.lens (\ListCACertificatesResponse' {httpStatus} -> httpStatus) (\s@ListCACertificatesResponse' {} a -> s {httpStatus = a} :: ListCACertificatesResponse)
+
+instance Prelude.NFData ListCACertificatesResponse where
+  rnf ListCACertificatesResponse' {..} =
+    Prelude.rnf certificates
+      `Prelude.seq` Prelude.rnf nextMarker
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListCertificates.hs b/gen/Amazonka/IoT/ListCertificates.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListCertificates.hs
@@ -0,0 +1,233 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListCertificates
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the certificates registered in your Amazon Web Services account.
+--
+-- The results are paginated with a default page size of 25. You can use
+-- the returned marker to retrieve additional results.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListCertificates>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListCertificates
+  ( -- * Creating a Request
+    ListCertificates (..),
+    newListCertificates,
+
+    -- * Request Lenses
+    listCertificates_ascendingOrder,
+    listCertificates_marker,
+    listCertificates_pageSize,
+
+    -- * Destructuring the Response
+    ListCertificatesResponse (..),
+    newListCertificatesResponse,
+
+    -- * Response Lenses
+    listCertificatesResponse_certificates,
+    listCertificatesResponse_nextMarker,
+    listCertificatesResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the ListCertificates operation.
+--
+-- /See:/ 'newListCertificates' smart constructor.
+data ListCertificates = ListCertificates'
+  { -- | Specifies the order for results. If True, the results are returned in
+    -- ascending order, based on the creation date.
+    ascendingOrder :: Prelude.Maybe Prelude.Bool,
+    -- | The marker for the next set of results.
+    marker :: Prelude.Maybe Prelude.Text,
+    -- | The result page size.
+    pageSize :: Prelude.Maybe Prelude.Natural
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListCertificates' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'ascendingOrder', 'listCertificates_ascendingOrder' - Specifies the order for results. If True, the results are returned in
+-- ascending order, based on the creation date.
+--
+-- 'marker', 'listCertificates_marker' - The marker for the next set of results.
+--
+-- 'pageSize', 'listCertificates_pageSize' - The result page size.
+newListCertificates ::
+  ListCertificates
+newListCertificates =
+  ListCertificates'
+    { ascendingOrder = Prelude.Nothing,
+      marker = Prelude.Nothing,
+      pageSize = Prelude.Nothing
+    }
+
+-- | Specifies the order for results. If True, the results are returned in
+-- ascending order, based on the creation date.
+listCertificates_ascendingOrder :: Lens.Lens' ListCertificates (Prelude.Maybe Prelude.Bool)
+listCertificates_ascendingOrder = Lens.lens (\ListCertificates' {ascendingOrder} -> ascendingOrder) (\s@ListCertificates' {} a -> s {ascendingOrder = a} :: ListCertificates)
+
+-- | The marker for the next set of results.
+listCertificates_marker :: Lens.Lens' ListCertificates (Prelude.Maybe Prelude.Text)
+listCertificates_marker = Lens.lens (\ListCertificates' {marker} -> marker) (\s@ListCertificates' {} a -> s {marker = a} :: ListCertificates)
+
+-- | The result page size.
+listCertificates_pageSize :: Lens.Lens' ListCertificates (Prelude.Maybe Prelude.Natural)
+listCertificates_pageSize = Lens.lens (\ListCertificates' {pageSize} -> pageSize) (\s@ListCertificates' {} a -> s {pageSize = a} :: ListCertificates)
+
+instance Core.AWSPager ListCertificates where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listCertificatesResponse_nextMarker
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listCertificatesResponse_certificates
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listCertificates_marker
+          Lens..~ rs
+          Lens.^? listCertificatesResponse_nextMarker
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListCertificates where
+  type
+    AWSResponse ListCertificates =
+      ListCertificatesResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListCertificatesResponse'
+            Prelude.<$> (x Data..?> "certificates" Core..!@ Prelude.mempty)
+            Prelude.<*> (x Data..?> "nextMarker")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListCertificates where
+  hashWithSalt _salt ListCertificates' {..} =
+    _salt
+      `Prelude.hashWithSalt` ascendingOrder
+      `Prelude.hashWithSalt` marker
+      `Prelude.hashWithSalt` pageSize
+
+instance Prelude.NFData ListCertificates where
+  rnf ListCertificates' {..} =
+    Prelude.rnf ascendingOrder
+      `Prelude.seq` Prelude.rnf marker
+      `Prelude.seq` Prelude.rnf pageSize
+
+instance Data.ToHeaders ListCertificates where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListCertificates where
+  toPath = Prelude.const "/certificates"
+
+instance Data.ToQuery ListCertificates where
+  toQuery ListCertificates' {..} =
+    Prelude.mconcat
+      [ "isAscendingOrder" Data.=: ascendingOrder,
+        "marker" Data.=: marker,
+        "pageSize" Data.=: pageSize
+      ]
+
+-- | The output of the ListCertificates operation.
+--
+-- /See:/ 'newListCertificatesResponse' smart constructor.
+data ListCertificatesResponse = ListCertificatesResponse'
+  { -- | The descriptions of the certificates.
+    certificates :: Prelude.Maybe [Certificate],
+    -- | The marker for the next set of results, or null if there are no
+    -- additional results.
+    nextMarker :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListCertificatesResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificates', 'listCertificatesResponse_certificates' - The descriptions of the certificates.
+--
+-- 'nextMarker', 'listCertificatesResponse_nextMarker' - The marker for the next set of results, or null if there are no
+-- additional results.
+--
+-- 'httpStatus', 'listCertificatesResponse_httpStatus' - The response's http status code.
+newListCertificatesResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListCertificatesResponse
+newListCertificatesResponse pHttpStatus_ =
+  ListCertificatesResponse'
+    { certificates =
+        Prelude.Nothing,
+      nextMarker = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The descriptions of the certificates.
+listCertificatesResponse_certificates :: Lens.Lens' ListCertificatesResponse (Prelude.Maybe [Certificate])
+listCertificatesResponse_certificates = Lens.lens (\ListCertificatesResponse' {certificates} -> certificates) (\s@ListCertificatesResponse' {} a -> s {certificates = a} :: ListCertificatesResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The marker for the next set of results, or null if there are no
+-- additional results.
+listCertificatesResponse_nextMarker :: Lens.Lens' ListCertificatesResponse (Prelude.Maybe Prelude.Text)
+listCertificatesResponse_nextMarker = Lens.lens (\ListCertificatesResponse' {nextMarker} -> nextMarker) (\s@ListCertificatesResponse' {} a -> s {nextMarker = a} :: ListCertificatesResponse)
+
+-- | The response's http status code.
+listCertificatesResponse_httpStatus :: Lens.Lens' ListCertificatesResponse Prelude.Int
+listCertificatesResponse_httpStatus = Lens.lens (\ListCertificatesResponse' {httpStatus} -> httpStatus) (\s@ListCertificatesResponse' {} a -> s {httpStatus = a} :: ListCertificatesResponse)
+
+instance Prelude.NFData ListCertificatesResponse where
+  rnf ListCertificatesResponse' {..} =
+    Prelude.rnf certificates
+      `Prelude.seq` Prelude.rnf nextMarker
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListCertificatesByCA.hs b/gen/Amazonka/IoT/ListCertificatesByCA.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListCertificatesByCA.hs
@@ -0,0 +1,250 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListCertificatesByCA
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- List the device certificates signed by the specified CA certificate.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListCertificatesByCA>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListCertificatesByCA
+  ( -- * Creating a Request
+    ListCertificatesByCA (..),
+    newListCertificatesByCA,
+
+    -- * Request Lenses
+    listCertificatesByCA_ascendingOrder,
+    listCertificatesByCA_marker,
+    listCertificatesByCA_pageSize,
+    listCertificatesByCA_caCertificateId,
+
+    -- * Destructuring the Response
+    ListCertificatesByCAResponse (..),
+    newListCertificatesByCAResponse,
+
+    -- * Response Lenses
+    listCertificatesByCAResponse_certificates,
+    listCertificatesByCAResponse_nextMarker,
+    listCertificatesByCAResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input to the ListCertificatesByCA operation.
+--
+-- /See:/ 'newListCertificatesByCA' smart constructor.
+data ListCertificatesByCA = ListCertificatesByCA'
+  { -- | Specifies the order for results. If True, the results are returned in
+    -- ascending order, based on the creation date.
+    ascendingOrder :: Prelude.Maybe Prelude.Bool,
+    -- | The marker for the next set of results.
+    marker :: Prelude.Maybe Prelude.Text,
+    -- | The result page size.
+    pageSize :: Prelude.Maybe Prelude.Natural,
+    -- | The ID of the CA certificate. This operation will list all registered
+    -- device certificate that were signed by this CA certificate.
+    caCertificateId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListCertificatesByCA' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'ascendingOrder', 'listCertificatesByCA_ascendingOrder' - Specifies the order for results. If True, the results are returned in
+-- ascending order, based on the creation date.
+--
+-- 'marker', 'listCertificatesByCA_marker' - The marker for the next set of results.
+--
+-- 'pageSize', 'listCertificatesByCA_pageSize' - The result page size.
+--
+-- 'caCertificateId', 'listCertificatesByCA_caCertificateId' - The ID of the CA certificate. This operation will list all registered
+-- device certificate that were signed by this CA certificate.
+newListCertificatesByCA ::
+  -- | 'caCertificateId'
+  Prelude.Text ->
+  ListCertificatesByCA
+newListCertificatesByCA pCaCertificateId_ =
+  ListCertificatesByCA'
+    { ascendingOrder =
+        Prelude.Nothing,
+      marker = Prelude.Nothing,
+      pageSize = Prelude.Nothing,
+      caCertificateId = pCaCertificateId_
+    }
+
+-- | Specifies the order for results. If True, the results are returned in
+-- ascending order, based on the creation date.
+listCertificatesByCA_ascendingOrder :: Lens.Lens' ListCertificatesByCA (Prelude.Maybe Prelude.Bool)
+listCertificatesByCA_ascendingOrder = Lens.lens (\ListCertificatesByCA' {ascendingOrder} -> ascendingOrder) (\s@ListCertificatesByCA' {} a -> s {ascendingOrder = a} :: ListCertificatesByCA)
+
+-- | The marker for the next set of results.
+listCertificatesByCA_marker :: Lens.Lens' ListCertificatesByCA (Prelude.Maybe Prelude.Text)
+listCertificatesByCA_marker = Lens.lens (\ListCertificatesByCA' {marker} -> marker) (\s@ListCertificatesByCA' {} a -> s {marker = a} :: ListCertificatesByCA)
+
+-- | The result page size.
+listCertificatesByCA_pageSize :: Lens.Lens' ListCertificatesByCA (Prelude.Maybe Prelude.Natural)
+listCertificatesByCA_pageSize = Lens.lens (\ListCertificatesByCA' {pageSize} -> pageSize) (\s@ListCertificatesByCA' {} a -> s {pageSize = a} :: ListCertificatesByCA)
+
+-- | The ID of the CA certificate. This operation will list all registered
+-- device certificate that were signed by this CA certificate.
+listCertificatesByCA_caCertificateId :: Lens.Lens' ListCertificatesByCA Prelude.Text
+listCertificatesByCA_caCertificateId = Lens.lens (\ListCertificatesByCA' {caCertificateId} -> caCertificateId) (\s@ListCertificatesByCA' {} a -> s {caCertificateId = a} :: ListCertificatesByCA)
+
+instance Core.AWSPager ListCertificatesByCA where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listCertificatesByCAResponse_nextMarker
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listCertificatesByCAResponse_certificates
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listCertificatesByCA_marker
+          Lens..~ rs
+          Lens.^? listCertificatesByCAResponse_nextMarker
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListCertificatesByCA where
+  type
+    AWSResponse ListCertificatesByCA =
+      ListCertificatesByCAResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListCertificatesByCAResponse'
+            Prelude.<$> (x Data..?> "certificates" Core..!@ Prelude.mempty)
+            Prelude.<*> (x Data..?> "nextMarker")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListCertificatesByCA where
+  hashWithSalt _salt ListCertificatesByCA' {..} =
+    _salt
+      `Prelude.hashWithSalt` ascendingOrder
+      `Prelude.hashWithSalt` marker
+      `Prelude.hashWithSalt` pageSize
+      `Prelude.hashWithSalt` caCertificateId
+
+instance Prelude.NFData ListCertificatesByCA where
+  rnf ListCertificatesByCA' {..} =
+    Prelude.rnf ascendingOrder
+      `Prelude.seq` Prelude.rnf marker
+      `Prelude.seq` Prelude.rnf pageSize
+      `Prelude.seq` Prelude.rnf caCertificateId
+
+instance Data.ToHeaders ListCertificatesByCA where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListCertificatesByCA where
+  toPath ListCertificatesByCA' {..} =
+    Prelude.mconcat
+      ["/certificates-by-ca/", Data.toBS caCertificateId]
+
+instance Data.ToQuery ListCertificatesByCA where
+  toQuery ListCertificatesByCA' {..} =
+    Prelude.mconcat
+      [ "isAscendingOrder" Data.=: ascendingOrder,
+        "marker" Data.=: marker,
+        "pageSize" Data.=: pageSize
+      ]
+
+-- | The output of the ListCertificatesByCA operation.
+--
+-- /See:/ 'newListCertificatesByCAResponse' smart constructor.
+data ListCertificatesByCAResponse = ListCertificatesByCAResponse'
+  { -- | The device certificates signed by the specified CA certificate.
+    certificates :: Prelude.Maybe [Certificate],
+    -- | The marker for the next set of results, or null if there are no
+    -- additional results.
+    nextMarker :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListCertificatesByCAResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificates', 'listCertificatesByCAResponse_certificates' - The device certificates signed by the specified CA certificate.
+--
+-- 'nextMarker', 'listCertificatesByCAResponse_nextMarker' - The marker for the next set of results, or null if there are no
+-- additional results.
+--
+-- 'httpStatus', 'listCertificatesByCAResponse_httpStatus' - The response's http status code.
+newListCertificatesByCAResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListCertificatesByCAResponse
+newListCertificatesByCAResponse pHttpStatus_ =
+  ListCertificatesByCAResponse'
+    { certificates =
+        Prelude.Nothing,
+      nextMarker = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The device certificates signed by the specified CA certificate.
+listCertificatesByCAResponse_certificates :: Lens.Lens' ListCertificatesByCAResponse (Prelude.Maybe [Certificate])
+listCertificatesByCAResponse_certificates = Lens.lens (\ListCertificatesByCAResponse' {certificates} -> certificates) (\s@ListCertificatesByCAResponse' {} a -> s {certificates = a} :: ListCertificatesByCAResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The marker for the next set of results, or null if there are no
+-- additional results.
+listCertificatesByCAResponse_nextMarker :: Lens.Lens' ListCertificatesByCAResponse (Prelude.Maybe Prelude.Text)
+listCertificatesByCAResponse_nextMarker = Lens.lens (\ListCertificatesByCAResponse' {nextMarker} -> nextMarker) (\s@ListCertificatesByCAResponse' {} a -> s {nextMarker = a} :: ListCertificatesByCAResponse)
+
+-- | The response's http status code.
+listCertificatesByCAResponse_httpStatus :: Lens.Lens' ListCertificatesByCAResponse Prelude.Int
+listCertificatesByCAResponse_httpStatus = Lens.lens (\ListCertificatesByCAResponse' {httpStatus} -> httpStatus) (\s@ListCertificatesByCAResponse' {} a -> s {httpStatus = a} :: ListCertificatesByCAResponse)
+
+instance Prelude.NFData ListCertificatesByCAResponse where
+  rnf ListCertificatesByCAResponse' {..} =
+    Prelude.rnf certificates
+      `Prelude.seq` Prelude.rnf nextMarker
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListCustomMetrics.hs b/gen/Amazonka/IoT/ListCustomMetrics.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListCustomMetrics.hs
@@ -0,0 +1,210 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListCustomMetrics
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists your Device Defender detect custom metrics.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListCustomMetrics>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListCustomMetrics
+  ( -- * Creating a Request
+    ListCustomMetrics (..),
+    newListCustomMetrics,
+
+    -- * Request Lenses
+    listCustomMetrics_maxResults,
+    listCustomMetrics_nextToken,
+
+    -- * Destructuring the Response
+    ListCustomMetricsResponse (..),
+    newListCustomMetricsResponse,
+
+    -- * Response Lenses
+    listCustomMetricsResponse_metricNames,
+    listCustomMetricsResponse_nextToken,
+    listCustomMetricsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListCustomMetrics' smart constructor.
+data ListCustomMetrics = ListCustomMetrics'
+  { -- | The maximum number of results to return at one time. The default is 25.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The token for the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListCustomMetrics' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listCustomMetrics_maxResults' - The maximum number of results to return at one time. The default is 25.
+--
+-- 'nextToken', 'listCustomMetrics_nextToken' - The token for the next set of results.
+newListCustomMetrics ::
+  ListCustomMetrics
+newListCustomMetrics =
+  ListCustomMetrics'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing
+    }
+
+-- | The maximum number of results to return at one time. The default is 25.
+listCustomMetrics_maxResults :: Lens.Lens' ListCustomMetrics (Prelude.Maybe Prelude.Natural)
+listCustomMetrics_maxResults = Lens.lens (\ListCustomMetrics' {maxResults} -> maxResults) (\s@ListCustomMetrics' {} a -> s {maxResults = a} :: ListCustomMetrics)
+
+-- | The token for the next set of results.
+listCustomMetrics_nextToken :: Lens.Lens' ListCustomMetrics (Prelude.Maybe Prelude.Text)
+listCustomMetrics_nextToken = Lens.lens (\ListCustomMetrics' {nextToken} -> nextToken) (\s@ListCustomMetrics' {} a -> s {nextToken = a} :: ListCustomMetrics)
+
+instance Core.AWSPager ListCustomMetrics where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listCustomMetricsResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listCustomMetricsResponse_metricNames
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listCustomMetrics_nextToken
+          Lens..~ rs
+          Lens.^? listCustomMetricsResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListCustomMetrics where
+  type
+    AWSResponse ListCustomMetrics =
+      ListCustomMetricsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListCustomMetricsResponse'
+            Prelude.<$> (x Data..?> "metricNames" Core..!@ Prelude.mempty)
+            Prelude.<*> (x Data..?> "nextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListCustomMetrics where
+  hashWithSalt _salt ListCustomMetrics' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+
+instance Prelude.NFData ListCustomMetrics where
+  rnf ListCustomMetrics' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+
+instance Data.ToHeaders ListCustomMetrics where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListCustomMetrics where
+  toPath = Prelude.const "/custom-metrics"
+
+instance Data.ToQuery ListCustomMetrics where
+  toQuery ListCustomMetrics' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken
+      ]
+
+-- | /See:/ 'newListCustomMetricsResponse' smart constructor.
+data ListCustomMetricsResponse = ListCustomMetricsResponse'
+  { -- | The name of the custom metric.
+    metricNames :: Prelude.Maybe [Prelude.Text],
+    -- | A token that can be used to retrieve the next set of results, or @null@
+    -- if there are no additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListCustomMetricsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'metricNames', 'listCustomMetricsResponse_metricNames' - The name of the custom metric.
+--
+-- 'nextToken', 'listCustomMetricsResponse_nextToken' - A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+--
+-- 'httpStatus', 'listCustomMetricsResponse_httpStatus' - The response's http status code.
+newListCustomMetricsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListCustomMetricsResponse
+newListCustomMetricsResponse pHttpStatus_ =
+  ListCustomMetricsResponse'
+    { metricNames =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The name of the custom metric.
+listCustomMetricsResponse_metricNames :: Lens.Lens' ListCustomMetricsResponse (Prelude.Maybe [Prelude.Text])
+listCustomMetricsResponse_metricNames = Lens.lens (\ListCustomMetricsResponse' {metricNames} -> metricNames) (\s@ListCustomMetricsResponse' {} a -> s {metricNames = a} :: ListCustomMetricsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+listCustomMetricsResponse_nextToken :: Lens.Lens' ListCustomMetricsResponse (Prelude.Maybe Prelude.Text)
+listCustomMetricsResponse_nextToken = Lens.lens (\ListCustomMetricsResponse' {nextToken} -> nextToken) (\s@ListCustomMetricsResponse' {} a -> s {nextToken = a} :: ListCustomMetricsResponse)
+
+-- | The response's http status code.
+listCustomMetricsResponse_httpStatus :: Lens.Lens' ListCustomMetricsResponse Prelude.Int
+listCustomMetricsResponse_httpStatus = Lens.lens (\ListCustomMetricsResponse' {httpStatus} -> httpStatus) (\s@ListCustomMetricsResponse' {} a -> s {httpStatus = a} :: ListCustomMetricsResponse)
+
+instance Prelude.NFData ListCustomMetricsResponse where
+  rnf ListCustomMetricsResponse' {..} =
+    Prelude.rnf metricNames
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListDetectMitigationActionsExecutions.hs b/gen/Amazonka/IoT/ListDetectMitigationActionsExecutions.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListDetectMitigationActionsExecutions.hs
@@ -0,0 +1,320 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListDetectMitigationActionsExecutions
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists mitigation actions executions for a Device Defender ML Detect
+-- Security Profile.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListDetectMitigationActionsExecutions>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListDetectMitigationActionsExecutions
+  ( -- * Creating a Request
+    ListDetectMitigationActionsExecutions (..),
+    newListDetectMitigationActionsExecutions,
+
+    -- * Request Lenses
+    listDetectMitigationActionsExecutions_endTime,
+    listDetectMitigationActionsExecutions_maxResults,
+    listDetectMitigationActionsExecutions_nextToken,
+    listDetectMitigationActionsExecutions_startTime,
+    listDetectMitigationActionsExecutions_taskId,
+    listDetectMitigationActionsExecutions_thingName,
+    listDetectMitigationActionsExecutions_violationId,
+
+    -- * Destructuring the Response
+    ListDetectMitigationActionsExecutionsResponse (..),
+    newListDetectMitigationActionsExecutionsResponse,
+
+    -- * Response Lenses
+    listDetectMitigationActionsExecutionsResponse_actionsExecutions,
+    listDetectMitigationActionsExecutionsResponse_nextToken,
+    listDetectMitigationActionsExecutionsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListDetectMitigationActionsExecutions' smart constructor.
+data ListDetectMitigationActionsExecutions = ListDetectMitigationActionsExecutions'
+  { -- | The end of the time period for which ML Detect mitigation actions
+    -- executions are returned.
+    endTime :: Prelude.Maybe Data.POSIX,
+    -- | The maximum number of results to return at one time. The default is 25.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The token for the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | A filter to limit results to those found after the specified time. You
+    -- must specify either the startTime and endTime or the taskId, but not
+    -- both.
+    startTime :: Prelude.Maybe Data.POSIX,
+    -- | The unique identifier of the task.
+    taskId :: Prelude.Maybe Prelude.Text,
+    -- | The name of the thing whose mitigation actions are listed.
+    thingName :: Prelude.Maybe Prelude.Text,
+    -- | The unique identifier of the violation.
+    violationId :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListDetectMitigationActionsExecutions' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'endTime', 'listDetectMitigationActionsExecutions_endTime' - The end of the time period for which ML Detect mitigation actions
+-- executions are returned.
+--
+-- 'maxResults', 'listDetectMitigationActionsExecutions_maxResults' - The maximum number of results to return at one time. The default is 25.
+--
+-- 'nextToken', 'listDetectMitigationActionsExecutions_nextToken' - The token for the next set of results.
+--
+-- 'startTime', 'listDetectMitigationActionsExecutions_startTime' - A filter to limit results to those found after the specified time. You
+-- must specify either the startTime and endTime or the taskId, but not
+-- both.
+--
+-- 'taskId', 'listDetectMitigationActionsExecutions_taskId' - The unique identifier of the task.
+--
+-- 'thingName', 'listDetectMitigationActionsExecutions_thingName' - The name of the thing whose mitigation actions are listed.
+--
+-- 'violationId', 'listDetectMitigationActionsExecutions_violationId' - The unique identifier of the violation.
+newListDetectMitigationActionsExecutions ::
+  ListDetectMitigationActionsExecutions
+newListDetectMitigationActionsExecutions =
+  ListDetectMitigationActionsExecutions'
+    { endTime =
+        Prelude.Nothing,
+      maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      startTime = Prelude.Nothing,
+      taskId = Prelude.Nothing,
+      thingName = Prelude.Nothing,
+      violationId = Prelude.Nothing
+    }
+
+-- | The end of the time period for which ML Detect mitigation actions
+-- executions are returned.
+listDetectMitigationActionsExecutions_endTime :: Lens.Lens' ListDetectMitigationActionsExecutions (Prelude.Maybe Prelude.UTCTime)
+listDetectMitigationActionsExecutions_endTime = Lens.lens (\ListDetectMitigationActionsExecutions' {endTime} -> endTime) (\s@ListDetectMitigationActionsExecutions' {} a -> s {endTime = a} :: ListDetectMitigationActionsExecutions) Prelude.. Lens.mapping Data._Time
+
+-- | The maximum number of results to return at one time. The default is 25.
+listDetectMitigationActionsExecutions_maxResults :: Lens.Lens' ListDetectMitigationActionsExecutions (Prelude.Maybe Prelude.Natural)
+listDetectMitigationActionsExecutions_maxResults = Lens.lens (\ListDetectMitigationActionsExecutions' {maxResults} -> maxResults) (\s@ListDetectMitigationActionsExecutions' {} a -> s {maxResults = a} :: ListDetectMitigationActionsExecutions)
+
+-- | The token for the next set of results.
+listDetectMitigationActionsExecutions_nextToken :: Lens.Lens' ListDetectMitigationActionsExecutions (Prelude.Maybe Prelude.Text)
+listDetectMitigationActionsExecutions_nextToken = Lens.lens (\ListDetectMitigationActionsExecutions' {nextToken} -> nextToken) (\s@ListDetectMitigationActionsExecutions' {} a -> s {nextToken = a} :: ListDetectMitigationActionsExecutions)
+
+-- | A filter to limit results to those found after the specified time. You
+-- must specify either the startTime and endTime or the taskId, but not
+-- both.
+listDetectMitigationActionsExecutions_startTime :: Lens.Lens' ListDetectMitigationActionsExecutions (Prelude.Maybe Prelude.UTCTime)
+listDetectMitigationActionsExecutions_startTime = Lens.lens (\ListDetectMitigationActionsExecutions' {startTime} -> startTime) (\s@ListDetectMitigationActionsExecutions' {} a -> s {startTime = a} :: ListDetectMitigationActionsExecutions) Prelude.. Lens.mapping Data._Time
+
+-- | The unique identifier of the task.
+listDetectMitigationActionsExecutions_taskId :: Lens.Lens' ListDetectMitigationActionsExecutions (Prelude.Maybe Prelude.Text)
+listDetectMitigationActionsExecutions_taskId = Lens.lens (\ListDetectMitigationActionsExecutions' {taskId} -> taskId) (\s@ListDetectMitigationActionsExecutions' {} a -> s {taskId = a} :: ListDetectMitigationActionsExecutions)
+
+-- | The name of the thing whose mitigation actions are listed.
+listDetectMitigationActionsExecutions_thingName :: Lens.Lens' ListDetectMitigationActionsExecutions (Prelude.Maybe Prelude.Text)
+listDetectMitigationActionsExecutions_thingName = Lens.lens (\ListDetectMitigationActionsExecutions' {thingName} -> thingName) (\s@ListDetectMitigationActionsExecutions' {} a -> s {thingName = a} :: ListDetectMitigationActionsExecutions)
+
+-- | The unique identifier of the violation.
+listDetectMitigationActionsExecutions_violationId :: Lens.Lens' ListDetectMitigationActionsExecutions (Prelude.Maybe Prelude.Text)
+listDetectMitigationActionsExecutions_violationId = Lens.lens (\ListDetectMitigationActionsExecutions' {violationId} -> violationId) (\s@ListDetectMitigationActionsExecutions' {} a -> s {violationId = a} :: ListDetectMitigationActionsExecutions)
+
+instance
+  Core.AWSPager
+    ListDetectMitigationActionsExecutions
+  where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listDetectMitigationActionsExecutionsResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listDetectMitigationActionsExecutionsResponse_actionsExecutions
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listDetectMitigationActionsExecutions_nextToken
+          Lens..~ rs
+          Lens.^? listDetectMitigationActionsExecutionsResponse_nextToken
+          Prelude.. Lens._Just
+
+instance
+  Core.AWSRequest
+    ListDetectMitigationActionsExecutions
+  where
+  type
+    AWSResponse
+      ListDetectMitigationActionsExecutions =
+      ListDetectMitigationActionsExecutionsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListDetectMitigationActionsExecutionsResponse'
+            Prelude.<$> ( x
+                            Data..?> "actionsExecutions"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (x Data..?> "nextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    ListDetectMitigationActionsExecutions
+  where
+  hashWithSalt
+    _salt
+    ListDetectMitigationActionsExecutions' {..} =
+      _salt
+        `Prelude.hashWithSalt` endTime
+        `Prelude.hashWithSalt` maxResults
+        `Prelude.hashWithSalt` nextToken
+        `Prelude.hashWithSalt` startTime
+        `Prelude.hashWithSalt` taskId
+        `Prelude.hashWithSalt` thingName
+        `Prelude.hashWithSalt` violationId
+
+instance
+  Prelude.NFData
+    ListDetectMitigationActionsExecutions
+  where
+  rnf ListDetectMitigationActionsExecutions' {..} =
+    Prelude.rnf endTime
+      `Prelude.seq` Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf startTime
+      `Prelude.seq` Prelude.rnf taskId
+      `Prelude.seq` Prelude.rnf thingName
+      `Prelude.seq` Prelude.rnf violationId
+
+instance
+  Data.ToHeaders
+    ListDetectMitigationActionsExecutions
+  where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance
+  Data.ToPath
+    ListDetectMitigationActionsExecutions
+  where
+  toPath =
+    Prelude.const
+      "/detect/mitigationactions/executions"
+
+instance
+  Data.ToQuery
+    ListDetectMitigationActionsExecutions
+  where
+  toQuery ListDetectMitigationActionsExecutions' {..} =
+    Prelude.mconcat
+      [ "endTime" Data.=: endTime,
+        "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken,
+        "startTime" Data.=: startTime,
+        "taskId" Data.=: taskId,
+        "thingName" Data.=: thingName,
+        "violationId" Data.=: violationId
+      ]
+
+-- | /See:/ 'newListDetectMitigationActionsExecutionsResponse' smart constructor.
+data ListDetectMitigationActionsExecutionsResponse = ListDetectMitigationActionsExecutionsResponse'
+  { -- | List of actions executions.
+    actionsExecutions :: Prelude.Maybe [DetectMitigationActionExecution],
+    -- | A token that can be used to retrieve the next set of results, or @null@
+    -- if there are no additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListDetectMitigationActionsExecutionsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'actionsExecutions', 'listDetectMitigationActionsExecutionsResponse_actionsExecutions' - List of actions executions.
+--
+-- 'nextToken', 'listDetectMitigationActionsExecutionsResponse_nextToken' - A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+--
+-- 'httpStatus', 'listDetectMitigationActionsExecutionsResponse_httpStatus' - The response's http status code.
+newListDetectMitigationActionsExecutionsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListDetectMitigationActionsExecutionsResponse
+newListDetectMitigationActionsExecutionsResponse
+  pHttpStatus_ =
+    ListDetectMitigationActionsExecutionsResponse'
+      { actionsExecutions =
+          Prelude.Nothing,
+        nextToken = Prelude.Nothing,
+        httpStatus = pHttpStatus_
+      }
+
+-- | List of actions executions.
+listDetectMitigationActionsExecutionsResponse_actionsExecutions :: Lens.Lens' ListDetectMitigationActionsExecutionsResponse (Prelude.Maybe [DetectMitigationActionExecution])
+listDetectMitigationActionsExecutionsResponse_actionsExecutions = Lens.lens (\ListDetectMitigationActionsExecutionsResponse' {actionsExecutions} -> actionsExecutions) (\s@ListDetectMitigationActionsExecutionsResponse' {} a -> s {actionsExecutions = a} :: ListDetectMitigationActionsExecutionsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+listDetectMitigationActionsExecutionsResponse_nextToken :: Lens.Lens' ListDetectMitigationActionsExecutionsResponse (Prelude.Maybe Prelude.Text)
+listDetectMitigationActionsExecutionsResponse_nextToken = Lens.lens (\ListDetectMitigationActionsExecutionsResponse' {nextToken} -> nextToken) (\s@ListDetectMitigationActionsExecutionsResponse' {} a -> s {nextToken = a} :: ListDetectMitigationActionsExecutionsResponse)
+
+-- | The response's http status code.
+listDetectMitigationActionsExecutionsResponse_httpStatus :: Lens.Lens' ListDetectMitigationActionsExecutionsResponse Prelude.Int
+listDetectMitigationActionsExecutionsResponse_httpStatus = Lens.lens (\ListDetectMitigationActionsExecutionsResponse' {httpStatus} -> httpStatus) (\s@ListDetectMitigationActionsExecutionsResponse' {} a -> s {httpStatus = a} :: ListDetectMitigationActionsExecutionsResponse)
+
+instance
+  Prelude.NFData
+    ListDetectMitigationActionsExecutionsResponse
+  where
+  rnf
+    ListDetectMitigationActionsExecutionsResponse' {..} =
+      Prelude.rnf actionsExecutions
+        `Prelude.seq` Prelude.rnf nextToken
+        `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListDetectMitigationActionsTasks.hs b/gen/Amazonka/IoT/ListDetectMitigationActionsTasks.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListDetectMitigationActionsTasks.hs
@@ -0,0 +1,280 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListDetectMitigationActionsTasks
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- List of Device Defender ML Detect mitigation actions tasks.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListDetectMitigationActionsTasks>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListDetectMitigationActionsTasks
+  ( -- * Creating a Request
+    ListDetectMitigationActionsTasks (..),
+    newListDetectMitigationActionsTasks,
+
+    -- * Request Lenses
+    listDetectMitigationActionsTasks_maxResults,
+    listDetectMitigationActionsTasks_nextToken,
+    listDetectMitigationActionsTasks_startTime,
+    listDetectMitigationActionsTasks_endTime,
+
+    -- * Destructuring the Response
+    ListDetectMitigationActionsTasksResponse (..),
+    newListDetectMitigationActionsTasksResponse,
+
+    -- * Response Lenses
+    listDetectMitigationActionsTasksResponse_nextToken,
+    listDetectMitigationActionsTasksResponse_tasks,
+    listDetectMitigationActionsTasksResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListDetectMitigationActionsTasks' smart constructor.
+data ListDetectMitigationActionsTasks = ListDetectMitigationActionsTasks'
+  { -- | The maximum number of results to return at one time. The default is 25.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The token for the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | A filter to limit results to those found after the specified time. You
+    -- must specify either the startTime and endTime or the taskId, but not
+    -- both.
+    startTime :: Data.POSIX,
+    -- | The end of the time period for which ML Detect mitigation actions tasks
+    -- are returned.
+    endTime :: Data.POSIX
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListDetectMitigationActionsTasks' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listDetectMitigationActionsTasks_maxResults' - The maximum number of results to return at one time. The default is 25.
+--
+-- 'nextToken', 'listDetectMitigationActionsTasks_nextToken' - The token for the next set of results.
+--
+-- 'startTime', 'listDetectMitigationActionsTasks_startTime' - A filter to limit results to those found after the specified time. You
+-- must specify either the startTime and endTime or the taskId, but not
+-- both.
+--
+-- 'endTime', 'listDetectMitigationActionsTasks_endTime' - The end of the time period for which ML Detect mitigation actions tasks
+-- are returned.
+newListDetectMitigationActionsTasks ::
+  -- | 'startTime'
+  Prelude.UTCTime ->
+  -- | 'endTime'
+  Prelude.UTCTime ->
+  ListDetectMitigationActionsTasks
+newListDetectMitigationActionsTasks
+  pStartTime_
+  pEndTime_ =
+    ListDetectMitigationActionsTasks'
+      { maxResults =
+          Prelude.Nothing,
+        nextToken = Prelude.Nothing,
+        startTime = Data._Time Lens.# pStartTime_,
+        endTime = Data._Time Lens.# pEndTime_
+      }
+
+-- | The maximum number of results to return at one time. The default is 25.
+listDetectMitigationActionsTasks_maxResults :: Lens.Lens' ListDetectMitigationActionsTasks (Prelude.Maybe Prelude.Natural)
+listDetectMitigationActionsTasks_maxResults = Lens.lens (\ListDetectMitigationActionsTasks' {maxResults} -> maxResults) (\s@ListDetectMitigationActionsTasks' {} a -> s {maxResults = a} :: ListDetectMitigationActionsTasks)
+
+-- | The token for the next set of results.
+listDetectMitigationActionsTasks_nextToken :: Lens.Lens' ListDetectMitigationActionsTasks (Prelude.Maybe Prelude.Text)
+listDetectMitigationActionsTasks_nextToken = Lens.lens (\ListDetectMitigationActionsTasks' {nextToken} -> nextToken) (\s@ListDetectMitigationActionsTasks' {} a -> s {nextToken = a} :: ListDetectMitigationActionsTasks)
+
+-- | A filter to limit results to those found after the specified time. You
+-- must specify either the startTime and endTime or the taskId, but not
+-- both.
+listDetectMitigationActionsTasks_startTime :: Lens.Lens' ListDetectMitigationActionsTasks Prelude.UTCTime
+listDetectMitigationActionsTasks_startTime = Lens.lens (\ListDetectMitigationActionsTasks' {startTime} -> startTime) (\s@ListDetectMitigationActionsTasks' {} a -> s {startTime = a} :: ListDetectMitigationActionsTasks) Prelude.. Data._Time
+
+-- | The end of the time period for which ML Detect mitigation actions tasks
+-- are returned.
+listDetectMitigationActionsTasks_endTime :: Lens.Lens' ListDetectMitigationActionsTasks Prelude.UTCTime
+listDetectMitigationActionsTasks_endTime = Lens.lens (\ListDetectMitigationActionsTasks' {endTime} -> endTime) (\s@ListDetectMitigationActionsTasks' {} a -> s {endTime = a} :: ListDetectMitigationActionsTasks) Prelude.. Data._Time
+
+instance
+  Core.AWSPager
+    ListDetectMitigationActionsTasks
+  where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listDetectMitigationActionsTasksResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listDetectMitigationActionsTasksResponse_tasks
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listDetectMitigationActionsTasks_nextToken
+          Lens..~ rs
+          Lens.^? listDetectMitigationActionsTasksResponse_nextToken
+          Prelude.. Lens._Just
+
+instance
+  Core.AWSRequest
+    ListDetectMitigationActionsTasks
+  where
+  type
+    AWSResponse ListDetectMitigationActionsTasks =
+      ListDetectMitigationActionsTasksResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListDetectMitigationActionsTasksResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (x Data..?> "tasks" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    ListDetectMitigationActionsTasks
+  where
+  hashWithSalt
+    _salt
+    ListDetectMitigationActionsTasks' {..} =
+      _salt
+        `Prelude.hashWithSalt` maxResults
+        `Prelude.hashWithSalt` nextToken
+        `Prelude.hashWithSalt` startTime
+        `Prelude.hashWithSalt` endTime
+
+instance
+  Prelude.NFData
+    ListDetectMitigationActionsTasks
+  where
+  rnf ListDetectMitigationActionsTasks' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf startTime
+      `Prelude.seq` Prelude.rnf endTime
+
+instance
+  Data.ToHeaders
+    ListDetectMitigationActionsTasks
+  where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListDetectMitigationActionsTasks where
+  toPath =
+    Prelude.const "/detect/mitigationactions/tasks"
+
+instance
+  Data.ToQuery
+    ListDetectMitigationActionsTasks
+  where
+  toQuery ListDetectMitigationActionsTasks' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken,
+        "startTime" Data.=: startTime,
+        "endTime" Data.=: endTime
+      ]
+
+-- | /See:/ 'newListDetectMitigationActionsTasksResponse' smart constructor.
+data ListDetectMitigationActionsTasksResponse = ListDetectMitigationActionsTasksResponse'
+  { -- | A token that can be used to retrieve the next set of results, or @null@
+    -- if there are no additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The collection of ML Detect mitigation tasks that matched the filter
+    -- criteria.
+    tasks :: Prelude.Maybe [DetectMitigationActionsTaskSummary],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListDetectMitigationActionsTasksResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listDetectMitigationActionsTasksResponse_nextToken' - A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+--
+-- 'tasks', 'listDetectMitigationActionsTasksResponse_tasks' - The collection of ML Detect mitigation tasks that matched the filter
+-- criteria.
+--
+-- 'httpStatus', 'listDetectMitigationActionsTasksResponse_httpStatus' - The response's http status code.
+newListDetectMitigationActionsTasksResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListDetectMitigationActionsTasksResponse
+newListDetectMitigationActionsTasksResponse
+  pHttpStatus_ =
+    ListDetectMitigationActionsTasksResponse'
+      { nextToken =
+          Prelude.Nothing,
+        tasks = Prelude.Nothing,
+        httpStatus = pHttpStatus_
+      }
+
+-- | A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+listDetectMitigationActionsTasksResponse_nextToken :: Lens.Lens' ListDetectMitigationActionsTasksResponse (Prelude.Maybe Prelude.Text)
+listDetectMitigationActionsTasksResponse_nextToken = Lens.lens (\ListDetectMitigationActionsTasksResponse' {nextToken} -> nextToken) (\s@ListDetectMitigationActionsTasksResponse' {} a -> s {nextToken = a} :: ListDetectMitigationActionsTasksResponse)
+
+-- | The collection of ML Detect mitigation tasks that matched the filter
+-- criteria.
+listDetectMitigationActionsTasksResponse_tasks :: Lens.Lens' ListDetectMitigationActionsTasksResponse (Prelude.Maybe [DetectMitigationActionsTaskSummary])
+listDetectMitigationActionsTasksResponse_tasks = Lens.lens (\ListDetectMitigationActionsTasksResponse' {tasks} -> tasks) (\s@ListDetectMitigationActionsTasksResponse' {} a -> s {tasks = a} :: ListDetectMitigationActionsTasksResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listDetectMitigationActionsTasksResponse_httpStatus :: Lens.Lens' ListDetectMitigationActionsTasksResponse Prelude.Int
+listDetectMitigationActionsTasksResponse_httpStatus = Lens.lens (\ListDetectMitigationActionsTasksResponse' {httpStatus} -> httpStatus) (\s@ListDetectMitigationActionsTasksResponse' {} a -> s {httpStatus = a} :: ListDetectMitigationActionsTasksResponse)
+
+instance
+  Prelude.NFData
+    ListDetectMitigationActionsTasksResponse
+  where
+  rnf ListDetectMitigationActionsTasksResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf tasks
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListDimensions.hs b/gen/Amazonka/IoT/ListDimensions.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListDimensions.hs
@@ -0,0 +1,214 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListDimensions
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- List the set of dimensions that are defined for your Amazon Web Services
+-- accounts.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListDimensions>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListDimensions
+  ( -- * Creating a Request
+    ListDimensions (..),
+    newListDimensions,
+
+    -- * Request Lenses
+    listDimensions_maxResults,
+    listDimensions_nextToken,
+
+    -- * Destructuring the Response
+    ListDimensionsResponse (..),
+    newListDimensionsResponse,
+
+    -- * Response Lenses
+    listDimensionsResponse_dimensionNames,
+    listDimensionsResponse_nextToken,
+    listDimensionsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListDimensions' smart constructor.
+data ListDimensions = ListDimensions'
+  { -- | The maximum number of results to retrieve at one time.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The token for the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListDimensions' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listDimensions_maxResults' - The maximum number of results to retrieve at one time.
+--
+-- 'nextToken', 'listDimensions_nextToken' - The token for the next set of results.
+newListDimensions ::
+  ListDimensions
+newListDimensions =
+  ListDimensions'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing
+    }
+
+-- | The maximum number of results to retrieve at one time.
+listDimensions_maxResults :: Lens.Lens' ListDimensions (Prelude.Maybe Prelude.Natural)
+listDimensions_maxResults = Lens.lens (\ListDimensions' {maxResults} -> maxResults) (\s@ListDimensions' {} a -> s {maxResults = a} :: ListDimensions)
+
+-- | The token for the next set of results.
+listDimensions_nextToken :: Lens.Lens' ListDimensions (Prelude.Maybe Prelude.Text)
+listDimensions_nextToken = Lens.lens (\ListDimensions' {nextToken} -> nextToken) (\s@ListDimensions' {} a -> s {nextToken = a} :: ListDimensions)
+
+instance Core.AWSPager ListDimensions where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listDimensionsResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listDimensionsResponse_dimensionNames
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listDimensions_nextToken
+          Lens..~ rs
+          Lens.^? listDimensionsResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListDimensions where
+  type
+    AWSResponse ListDimensions =
+      ListDimensionsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListDimensionsResponse'
+            Prelude.<$> (x Data..?> "dimensionNames" Core..!@ Prelude.mempty)
+            Prelude.<*> (x Data..?> "nextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListDimensions where
+  hashWithSalt _salt ListDimensions' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+
+instance Prelude.NFData ListDimensions where
+  rnf ListDimensions' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+
+instance Data.ToHeaders ListDimensions where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListDimensions where
+  toPath = Prelude.const "/dimensions"
+
+instance Data.ToQuery ListDimensions where
+  toQuery ListDimensions' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken
+      ]
+
+-- | /See:/ 'newListDimensionsResponse' smart constructor.
+data ListDimensionsResponse = ListDimensionsResponse'
+  { -- | A list of the names of the defined dimensions. Use @DescribeDimension@
+    -- to get details for a dimension.
+    dimensionNames :: Prelude.Maybe [Prelude.Text],
+    -- | A token that can be used to retrieve the next set of results, or @null@
+    -- if there are no additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListDimensionsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'dimensionNames', 'listDimensionsResponse_dimensionNames' - A list of the names of the defined dimensions. Use @DescribeDimension@
+-- to get details for a dimension.
+--
+-- 'nextToken', 'listDimensionsResponse_nextToken' - A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+--
+-- 'httpStatus', 'listDimensionsResponse_httpStatus' - The response's http status code.
+newListDimensionsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListDimensionsResponse
+newListDimensionsResponse pHttpStatus_ =
+  ListDimensionsResponse'
+    { dimensionNames =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | A list of the names of the defined dimensions. Use @DescribeDimension@
+-- to get details for a dimension.
+listDimensionsResponse_dimensionNames :: Lens.Lens' ListDimensionsResponse (Prelude.Maybe [Prelude.Text])
+listDimensionsResponse_dimensionNames = Lens.lens (\ListDimensionsResponse' {dimensionNames} -> dimensionNames) (\s@ListDimensionsResponse' {} a -> s {dimensionNames = a} :: ListDimensionsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+listDimensionsResponse_nextToken :: Lens.Lens' ListDimensionsResponse (Prelude.Maybe Prelude.Text)
+listDimensionsResponse_nextToken = Lens.lens (\ListDimensionsResponse' {nextToken} -> nextToken) (\s@ListDimensionsResponse' {} a -> s {nextToken = a} :: ListDimensionsResponse)
+
+-- | The response's http status code.
+listDimensionsResponse_httpStatus :: Lens.Lens' ListDimensionsResponse Prelude.Int
+listDimensionsResponse_httpStatus = Lens.lens (\ListDimensionsResponse' {httpStatus} -> httpStatus) (\s@ListDimensionsResponse' {} a -> s {httpStatus = a} :: ListDimensionsResponse)
+
+instance Prelude.NFData ListDimensionsResponse where
+  rnf ListDimensionsResponse' {..} =
+    Prelude.rnf dimensionNames
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListDomainConfigurations.hs b/gen/Amazonka/IoT/ListDomainConfigurations.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListDomainConfigurations.hs
@@ -0,0 +1,230 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListDomainConfigurations
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets a list of domain configurations for the user. This list is sorted
+-- alphabetically by domain configuration name.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListDomainConfigurations>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListDomainConfigurations
+  ( -- * Creating a Request
+    ListDomainConfigurations (..),
+    newListDomainConfigurations,
+
+    -- * Request Lenses
+    listDomainConfigurations_marker,
+    listDomainConfigurations_pageSize,
+    listDomainConfigurations_serviceType,
+
+    -- * Destructuring the Response
+    ListDomainConfigurationsResponse (..),
+    newListDomainConfigurationsResponse,
+
+    -- * Response Lenses
+    listDomainConfigurationsResponse_domainConfigurations,
+    listDomainConfigurationsResponse_nextMarker,
+    listDomainConfigurationsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListDomainConfigurations' smart constructor.
+data ListDomainConfigurations = ListDomainConfigurations'
+  { -- | The marker for the next set of results.
+    marker :: Prelude.Maybe Prelude.Text,
+    -- | The result page size.
+    pageSize :: Prelude.Maybe Prelude.Natural,
+    -- | The type of service delivered by the endpoint.
+    serviceType :: Prelude.Maybe ServiceType
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListDomainConfigurations' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'marker', 'listDomainConfigurations_marker' - The marker for the next set of results.
+--
+-- 'pageSize', 'listDomainConfigurations_pageSize' - The result page size.
+--
+-- 'serviceType', 'listDomainConfigurations_serviceType' - The type of service delivered by the endpoint.
+newListDomainConfigurations ::
+  ListDomainConfigurations
+newListDomainConfigurations =
+  ListDomainConfigurations'
+    { marker = Prelude.Nothing,
+      pageSize = Prelude.Nothing,
+      serviceType = Prelude.Nothing
+    }
+
+-- | The marker for the next set of results.
+listDomainConfigurations_marker :: Lens.Lens' ListDomainConfigurations (Prelude.Maybe Prelude.Text)
+listDomainConfigurations_marker = Lens.lens (\ListDomainConfigurations' {marker} -> marker) (\s@ListDomainConfigurations' {} a -> s {marker = a} :: ListDomainConfigurations)
+
+-- | The result page size.
+listDomainConfigurations_pageSize :: Lens.Lens' ListDomainConfigurations (Prelude.Maybe Prelude.Natural)
+listDomainConfigurations_pageSize = Lens.lens (\ListDomainConfigurations' {pageSize} -> pageSize) (\s@ListDomainConfigurations' {} a -> s {pageSize = a} :: ListDomainConfigurations)
+
+-- | The type of service delivered by the endpoint.
+listDomainConfigurations_serviceType :: Lens.Lens' ListDomainConfigurations (Prelude.Maybe ServiceType)
+listDomainConfigurations_serviceType = Lens.lens (\ListDomainConfigurations' {serviceType} -> serviceType) (\s@ListDomainConfigurations' {} a -> s {serviceType = a} :: ListDomainConfigurations)
+
+instance Core.AWSPager ListDomainConfigurations where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listDomainConfigurationsResponse_nextMarker
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listDomainConfigurationsResponse_domainConfigurations
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listDomainConfigurations_marker
+          Lens..~ rs
+          Lens.^? listDomainConfigurationsResponse_nextMarker
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListDomainConfigurations where
+  type
+    AWSResponse ListDomainConfigurations =
+      ListDomainConfigurationsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListDomainConfigurationsResponse'
+            Prelude.<$> ( x
+                            Data..?> "domainConfigurations"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (x Data..?> "nextMarker")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListDomainConfigurations where
+  hashWithSalt _salt ListDomainConfigurations' {..} =
+    _salt
+      `Prelude.hashWithSalt` marker
+      `Prelude.hashWithSalt` pageSize
+      `Prelude.hashWithSalt` serviceType
+
+instance Prelude.NFData ListDomainConfigurations where
+  rnf ListDomainConfigurations' {..} =
+    Prelude.rnf marker
+      `Prelude.seq` Prelude.rnf pageSize
+      `Prelude.seq` Prelude.rnf serviceType
+
+instance Data.ToHeaders ListDomainConfigurations where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListDomainConfigurations where
+  toPath = Prelude.const "/domainConfigurations"
+
+instance Data.ToQuery ListDomainConfigurations where
+  toQuery ListDomainConfigurations' {..} =
+    Prelude.mconcat
+      [ "marker" Data.=: marker,
+        "pageSize" Data.=: pageSize,
+        "serviceType" Data.=: serviceType
+      ]
+
+-- | /See:/ 'newListDomainConfigurationsResponse' smart constructor.
+data ListDomainConfigurationsResponse = ListDomainConfigurationsResponse'
+  { -- | A list of objects that contain summary information about the user\'s
+    -- domain configurations.
+    domainConfigurations :: Prelude.Maybe [DomainConfigurationSummary],
+    -- | The marker for the next set of results.
+    nextMarker :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListDomainConfigurationsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'domainConfigurations', 'listDomainConfigurationsResponse_domainConfigurations' - A list of objects that contain summary information about the user\'s
+-- domain configurations.
+--
+-- 'nextMarker', 'listDomainConfigurationsResponse_nextMarker' - The marker for the next set of results.
+--
+-- 'httpStatus', 'listDomainConfigurationsResponse_httpStatus' - The response's http status code.
+newListDomainConfigurationsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListDomainConfigurationsResponse
+newListDomainConfigurationsResponse pHttpStatus_ =
+  ListDomainConfigurationsResponse'
+    { domainConfigurations =
+        Prelude.Nothing,
+      nextMarker = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | A list of objects that contain summary information about the user\'s
+-- domain configurations.
+listDomainConfigurationsResponse_domainConfigurations :: Lens.Lens' ListDomainConfigurationsResponse (Prelude.Maybe [DomainConfigurationSummary])
+listDomainConfigurationsResponse_domainConfigurations = Lens.lens (\ListDomainConfigurationsResponse' {domainConfigurations} -> domainConfigurations) (\s@ListDomainConfigurationsResponse' {} a -> s {domainConfigurations = a} :: ListDomainConfigurationsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The marker for the next set of results.
+listDomainConfigurationsResponse_nextMarker :: Lens.Lens' ListDomainConfigurationsResponse (Prelude.Maybe Prelude.Text)
+listDomainConfigurationsResponse_nextMarker = Lens.lens (\ListDomainConfigurationsResponse' {nextMarker} -> nextMarker) (\s@ListDomainConfigurationsResponse' {} a -> s {nextMarker = a} :: ListDomainConfigurationsResponse)
+
+-- | The response's http status code.
+listDomainConfigurationsResponse_httpStatus :: Lens.Lens' ListDomainConfigurationsResponse Prelude.Int
+listDomainConfigurationsResponse_httpStatus = Lens.lens (\ListDomainConfigurationsResponse' {httpStatus} -> httpStatus) (\s@ListDomainConfigurationsResponse' {} a -> s {httpStatus = a} :: ListDomainConfigurationsResponse)
+
+instance
+  Prelude.NFData
+    ListDomainConfigurationsResponse
+  where
+  rnf ListDomainConfigurationsResponse' {..} =
+    Prelude.rnf domainConfigurations
+      `Prelude.seq` Prelude.rnf nextMarker
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListFleetMetrics.hs b/gen/Amazonka/IoT/ListFleetMetrics.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListFleetMetrics.hs
@@ -0,0 +1,213 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListFleetMetrics
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists all your fleet metrics.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListFleetMetrics>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListFleetMetrics
+  ( -- * Creating a Request
+    ListFleetMetrics (..),
+    newListFleetMetrics,
+
+    -- * Request Lenses
+    listFleetMetrics_maxResults,
+    listFleetMetrics_nextToken,
+
+    -- * Destructuring the Response
+    ListFleetMetricsResponse (..),
+    newListFleetMetricsResponse,
+
+    -- * Response Lenses
+    listFleetMetricsResponse_fleetMetrics,
+    listFleetMetricsResponse_nextToken,
+    listFleetMetricsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListFleetMetrics' smart constructor.
+data ListFleetMetrics = ListFleetMetrics'
+  { -- | The maximum number of results to return in this operation.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | To retrieve the next set of results, the @nextToken@ value from a
+    -- previous response; otherwise @null@ to receive the first set of results.
+    nextToken :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListFleetMetrics' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listFleetMetrics_maxResults' - The maximum number of results to return in this operation.
+--
+-- 'nextToken', 'listFleetMetrics_nextToken' - To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise @null@ to receive the first set of results.
+newListFleetMetrics ::
+  ListFleetMetrics
+newListFleetMetrics =
+  ListFleetMetrics'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing
+    }
+
+-- | The maximum number of results to return in this operation.
+listFleetMetrics_maxResults :: Lens.Lens' ListFleetMetrics (Prelude.Maybe Prelude.Natural)
+listFleetMetrics_maxResults = Lens.lens (\ListFleetMetrics' {maxResults} -> maxResults) (\s@ListFleetMetrics' {} a -> s {maxResults = a} :: ListFleetMetrics)
+
+-- | To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise @null@ to receive the first set of results.
+listFleetMetrics_nextToken :: Lens.Lens' ListFleetMetrics (Prelude.Maybe Prelude.Text)
+listFleetMetrics_nextToken = Lens.lens (\ListFleetMetrics' {nextToken} -> nextToken) (\s@ListFleetMetrics' {} a -> s {nextToken = a} :: ListFleetMetrics)
+
+instance Core.AWSPager ListFleetMetrics where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listFleetMetricsResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listFleetMetricsResponse_fleetMetrics
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listFleetMetrics_nextToken
+          Lens..~ rs
+          Lens.^? listFleetMetricsResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListFleetMetrics where
+  type
+    AWSResponse ListFleetMetrics =
+      ListFleetMetricsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListFleetMetricsResponse'
+            Prelude.<$> (x Data..?> "fleetMetrics" Core..!@ Prelude.mempty)
+            Prelude.<*> (x Data..?> "nextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListFleetMetrics where
+  hashWithSalt _salt ListFleetMetrics' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+
+instance Prelude.NFData ListFleetMetrics where
+  rnf ListFleetMetrics' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+
+instance Data.ToHeaders ListFleetMetrics where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListFleetMetrics where
+  toPath = Prelude.const "/fleet-metrics"
+
+instance Data.ToQuery ListFleetMetrics where
+  toQuery ListFleetMetrics' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken
+      ]
+
+-- | /See:/ 'newListFleetMetricsResponse' smart constructor.
+data ListFleetMetricsResponse = ListFleetMetricsResponse'
+  { -- | The list of fleet metrics objects.
+    fleetMetrics :: Prelude.Maybe [FleetMetricNameAndArn],
+    -- | The token for the next set of results. Will not be returned if the
+    -- operation has returned all results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListFleetMetricsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'fleetMetrics', 'listFleetMetricsResponse_fleetMetrics' - The list of fleet metrics objects.
+--
+-- 'nextToken', 'listFleetMetricsResponse_nextToken' - The token for the next set of results. Will not be returned if the
+-- operation has returned all results.
+--
+-- 'httpStatus', 'listFleetMetricsResponse_httpStatus' - The response's http status code.
+newListFleetMetricsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListFleetMetricsResponse
+newListFleetMetricsResponse pHttpStatus_ =
+  ListFleetMetricsResponse'
+    { fleetMetrics =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The list of fleet metrics objects.
+listFleetMetricsResponse_fleetMetrics :: Lens.Lens' ListFleetMetricsResponse (Prelude.Maybe [FleetMetricNameAndArn])
+listFleetMetricsResponse_fleetMetrics = Lens.lens (\ListFleetMetricsResponse' {fleetMetrics} -> fleetMetrics) (\s@ListFleetMetricsResponse' {} a -> s {fleetMetrics = a} :: ListFleetMetricsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The token for the next set of results. Will not be returned if the
+-- operation has returned all results.
+listFleetMetricsResponse_nextToken :: Lens.Lens' ListFleetMetricsResponse (Prelude.Maybe Prelude.Text)
+listFleetMetricsResponse_nextToken = Lens.lens (\ListFleetMetricsResponse' {nextToken} -> nextToken) (\s@ListFleetMetricsResponse' {} a -> s {nextToken = a} :: ListFleetMetricsResponse)
+
+-- | The response's http status code.
+listFleetMetricsResponse_httpStatus :: Lens.Lens' ListFleetMetricsResponse Prelude.Int
+listFleetMetricsResponse_httpStatus = Lens.lens (\ListFleetMetricsResponse' {httpStatus} -> httpStatus) (\s@ListFleetMetricsResponse' {} a -> s {httpStatus = a} :: ListFleetMetricsResponse)
+
+instance Prelude.NFData ListFleetMetricsResponse where
+  rnf ListFleetMetricsResponse' {..} =
+    Prelude.rnf fleetMetrics
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListIndices.hs b/gen/Amazonka/IoT/ListIndices.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListIndices.hs
@@ -0,0 +1,210 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListIndices
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the search indices.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListIndices>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListIndices
+  ( -- * Creating a Request
+    ListIndices (..),
+    newListIndices,
+
+    -- * Request Lenses
+    listIndices_maxResults,
+    listIndices_nextToken,
+
+    -- * Destructuring the Response
+    ListIndicesResponse (..),
+    newListIndicesResponse,
+
+    -- * Response Lenses
+    listIndicesResponse_indexNames,
+    listIndicesResponse_nextToken,
+    listIndicesResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListIndices' smart constructor.
+data ListIndices = ListIndices'
+  { -- | The maximum number of results to return at one time.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The token used to get the next set of results, or @null@ if there are no
+    -- additional results.
+    nextToken :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListIndices' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listIndices_maxResults' - The maximum number of results to return at one time.
+--
+-- 'nextToken', 'listIndices_nextToken' - The token used to get the next set of results, or @null@ if there are no
+-- additional results.
+newListIndices ::
+  ListIndices
+newListIndices =
+  ListIndices'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing
+    }
+
+-- | The maximum number of results to return at one time.
+listIndices_maxResults :: Lens.Lens' ListIndices (Prelude.Maybe Prelude.Natural)
+listIndices_maxResults = Lens.lens (\ListIndices' {maxResults} -> maxResults) (\s@ListIndices' {} a -> s {maxResults = a} :: ListIndices)
+
+-- | The token used to get the next set of results, or @null@ if there are no
+-- additional results.
+listIndices_nextToken :: Lens.Lens' ListIndices (Prelude.Maybe Prelude.Text)
+listIndices_nextToken = Lens.lens (\ListIndices' {nextToken} -> nextToken) (\s@ListIndices' {} a -> s {nextToken = a} :: ListIndices)
+
+instance Core.AWSPager ListIndices where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listIndicesResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listIndicesResponse_indexNames
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listIndices_nextToken
+          Lens..~ rs
+          Lens.^? listIndicesResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListIndices where
+  type AWSResponse ListIndices = ListIndicesResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListIndicesResponse'
+            Prelude.<$> (x Data..?> "indexNames" Core..!@ Prelude.mempty)
+            Prelude.<*> (x Data..?> "nextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListIndices where
+  hashWithSalt _salt ListIndices' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+
+instance Prelude.NFData ListIndices where
+  rnf ListIndices' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+
+instance Data.ToHeaders ListIndices where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListIndices where
+  toPath = Prelude.const "/indices"
+
+instance Data.ToQuery ListIndices where
+  toQuery ListIndices' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken
+      ]
+
+-- | /See:/ 'newListIndicesResponse' smart constructor.
+data ListIndicesResponse = ListIndicesResponse'
+  { -- | The index names.
+    indexNames :: Prelude.Maybe [Prelude.Text],
+    -- | The token used to get the next set of results, or @null@ if there are no
+    -- additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListIndicesResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'indexNames', 'listIndicesResponse_indexNames' - The index names.
+--
+-- 'nextToken', 'listIndicesResponse_nextToken' - The token used to get the next set of results, or @null@ if there are no
+-- additional results.
+--
+-- 'httpStatus', 'listIndicesResponse_httpStatus' - The response's http status code.
+newListIndicesResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListIndicesResponse
+newListIndicesResponse pHttpStatus_ =
+  ListIndicesResponse'
+    { indexNames = Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The index names.
+listIndicesResponse_indexNames :: Lens.Lens' ListIndicesResponse (Prelude.Maybe [Prelude.Text])
+listIndicesResponse_indexNames = Lens.lens (\ListIndicesResponse' {indexNames} -> indexNames) (\s@ListIndicesResponse' {} a -> s {indexNames = a} :: ListIndicesResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The token used to get the next set of results, or @null@ if there are no
+-- additional results.
+listIndicesResponse_nextToken :: Lens.Lens' ListIndicesResponse (Prelude.Maybe Prelude.Text)
+listIndicesResponse_nextToken = Lens.lens (\ListIndicesResponse' {nextToken} -> nextToken) (\s@ListIndicesResponse' {} a -> s {nextToken = a} :: ListIndicesResponse)
+
+-- | The response's http status code.
+listIndicesResponse_httpStatus :: Lens.Lens' ListIndicesResponse Prelude.Int
+listIndicesResponse_httpStatus = Lens.lens (\ListIndicesResponse' {httpStatus} -> httpStatus) (\s@ListIndicesResponse' {} a -> s {httpStatus = a} :: ListIndicesResponse)
+
+instance Prelude.NFData ListIndicesResponse where
+  rnf ListIndicesResponse' {..} =
+    Prelude.rnf indexNames
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListJobExecutionsForJob.hs b/gen/Amazonka/IoT/ListJobExecutionsForJob.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListJobExecutionsForJob.hs
@@ -0,0 +1,246 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListJobExecutionsForJob
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the job executions for a job.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListJobExecutionsForJob>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListJobExecutionsForJob
+  ( -- * Creating a Request
+    ListJobExecutionsForJob (..),
+    newListJobExecutionsForJob,
+
+    -- * Request Lenses
+    listJobExecutionsForJob_maxResults,
+    listJobExecutionsForJob_nextToken,
+    listJobExecutionsForJob_status,
+    listJobExecutionsForJob_jobId,
+
+    -- * Destructuring the Response
+    ListJobExecutionsForJobResponse (..),
+    newListJobExecutionsForJobResponse,
+
+    -- * Response Lenses
+    listJobExecutionsForJobResponse_executionSummaries,
+    listJobExecutionsForJobResponse_nextToken,
+    listJobExecutionsForJobResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListJobExecutionsForJob' smart constructor.
+data ListJobExecutionsForJob = ListJobExecutionsForJob'
+  { -- | The maximum number of results to be returned per request.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The token to retrieve the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The status of the job.
+    status :: Prelude.Maybe JobExecutionStatus,
+    -- | The unique identifier you assigned to this job when it was created.
+    jobId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListJobExecutionsForJob' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listJobExecutionsForJob_maxResults' - The maximum number of results to be returned per request.
+--
+-- 'nextToken', 'listJobExecutionsForJob_nextToken' - The token to retrieve the next set of results.
+--
+-- 'status', 'listJobExecutionsForJob_status' - The status of the job.
+--
+-- 'jobId', 'listJobExecutionsForJob_jobId' - The unique identifier you assigned to this job when it was created.
+newListJobExecutionsForJob ::
+  -- | 'jobId'
+  Prelude.Text ->
+  ListJobExecutionsForJob
+newListJobExecutionsForJob pJobId_ =
+  ListJobExecutionsForJob'
+    { maxResults =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      status = Prelude.Nothing,
+      jobId = pJobId_
+    }
+
+-- | The maximum number of results to be returned per request.
+listJobExecutionsForJob_maxResults :: Lens.Lens' ListJobExecutionsForJob (Prelude.Maybe Prelude.Natural)
+listJobExecutionsForJob_maxResults = Lens.lens (\ListJobExecutionsForJob' {maxResults} -> maxResults) (\s@ListJobExecutionsForJob' {} a -> s {maxResults = a} :: ListJobExecutionsForJob)
+
+-- | The token to retrieve the next set of results.
+listJobExecutionsForJob_nextToken :: Lens.Lens' ListJobExecutionsForJob (Prelude.Maybe Prelude.Text)
+listJobExecutionsForJob_nextToken = Lens.lens (\ListJobExecutionsForJob' {nextToken} -> nextToken) (\s@ListJobExecutionsForJob' {} a -> s {nextToken = a} :: ListJobExecutionsForJob)
+
+-- | The status of the job.
+listJobExecutionsForJob_status :: Lens.Lens' ListJobExecutionsForJob (Prelude.Maybe JobExecutionStatus)
+listJobExecutionsForJob_status = Lens.lens (\ListJobExecutionsForJob' {status} -> status) (\s@ListJobExecutionsForJob' {} a -> s {status = a} :: ListJobExecutionsForJob)
+
+-- | The unique identifier you assigned to this job when it was created.
+listJobExecutionsForJob_jobId :: Lens.Lens' ListJobExecutionsForJob Prelude.Text
+listJobExecutionsForJob_jobId = Lens.lens (\ListJobExecutionsForJob' {jobId} -> jobId) (\s@ListJobExecutionsForJob' {} a -> s {jobId = a} :: ListJobExecutionsForJob)
+
+instance Core.AWSPager ListJobExecutionsForJob where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listJobExecutionsForJobResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listJobExecutionsForJobResponse_executionSummaries
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listJobExecutionsForJob_nextToken
+          Lens..~ rs
+          Lens.^? listJobExecutionsForJobResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListJobExecutionsForJob where
+  type
+    AWSResponse ListJobExecutionsForJob =
+      ListJobExecutionsForJobResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListJobExecutionsForJobResponse'
+            Prelude.<$> ( x
+                            Data..?> "executionSummaries"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (x Data..?> "nextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListJobExecutionsForJob where
+  hashWithSalt _salt ListJobExecutionsForJob' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` status
+      `Prelude.hashWithSalt` jobId
+
+instance Prelude.NFData ListJobExecutionsForJob where
+  rnf ListJobExecutionsForJob' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf status
+      `Prelude.seq` Prelude.rnf jobId
+
+instance Data.ToHeaders ListJobExecutionsForJob where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListJobExecutionsForJob where
+  toPath ListJobExecutionsForJob' {..} =
+    Prelude.mconcat
+      ["/jobs/", Data.toBS jobId, "/things"]
+
+instance Data.ToQuery ListJobExecutionsForJob where
+  toQuery ListJobExecutionsForJob' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken,
+        "status" Data.=: status
+      ]
+
+-- | /See:/ 'newListJobExecutionsForJobResponse' smart constructor.
+data ListJobExecutionsForJobResponse = ListJobExecutionsForJobResponse'
+  { -- | A list of job execution summaries.
+    executionSummaries :: Prelude.Maybe [JobExecutionSummaryForJob],
+    -- | The token for the next set of results, or __null__ if there are no
+    -- additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListJobExecutionsForJobResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'executionSummaries', 'listJobExecutionsForJobResponse_executionSummaries' - A list of job execution summaries.
+--
+-- 'nextToken', 'listJobExecutionsForJobResponse_nextToken' - The token for the next set of results, or __null__ if there are no
+-- additional results.
+--
+-- 'httpStatus', 'listJobExecutionsForJobResponse_httpStatus' - The response's http status code.
+newListJobExecutionsForJobResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListJobExecutionsForJobResponse
+newListJobExecutionsForJobResponse pHttpStatus_ =
+  ListJobExecutionsForJobResponse'
+    { executionSummaries =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | A list of job execution summaries.
+listJobExecutionsForJobResponse_executionSummaries :: Lens.Lens' ListJobExecutionsForJobResponse (Prelude.Maybe [JobExecutionSummaryForJob])
+listJobExecutionsForJobResponse_executionSummaries = Lens.lens (\ListJobExecutionsForJobResponse' {executionSummaries} -> executionSummaries) (\s@ListJobExecutionsForJobResponse' {} a -> s {executionSummaries = a} :: ListJobExecutionsForJobResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The token for the next set of results, or __null__ if there are no
+-- additional results.
+listJobExecutionsForJobResponse_nextToken :: Lens.Lens' ListJobExecutionsForJobResponse (Prelude.Maybe Prelude.Text)
+listJobExecutionsForJobResponse_nextToken = Lens.lens (\ListJobExecutionsForJobResponse' {nextToken} -> nextToken) (\s@ListJobExecutionsForJobResponse' {} a -> s {nextToken = a} :: ListJobExecutionsForJobResponse)
+
+-- | The response's http status code.
+listJobExecutionsForJobResponse_httpStatus :: Lens.Lens' ListJobExecutionsForJobResponse Prelude.Int
+listJobExecutionsForJobResponse_httpStatus = Lens.lens (\ListJobExecutionsForJobResponse' {httpStatus} -> httpStatus) (\s@ListJobExecutionsForJobResponse' {} a -> s {httpStatus = a} :: ListJobExecutionsForJobResponse)
+
+instance
+  Prelude.NFData
+    ListJobExecutionsForJobResponse
+  where
+  rnf ListJobExecutionsForJobResponse' {..} =
+    Prelude.rnf executionSummaries
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListJobExecutionsForThing.hs b/gen/Amazonka/IoT/ListJobExecutionsForThing.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListJobExecutionsForThing.hs
@@ -0,0 +1,298 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListJobExecutionsForThing
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the job executions for the specified thing.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListJobExecutionsForThing>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListJobExecutionsForThing
+  ( -- * Creating a Request
+    ListJobExecutionsForThing (..),
+    newListJobExecutionsForThing,
+
+    -- * Request Lenses
+    listJobExecutionsForThing_jobId,
+    listJobExecutionsForThing_maxResults,
+    listJobExecutionsForThing_namespaceId,
+    listJobExecutionsForThing_nextToken,
+    listJobExecutionsForThing_status,
+    listJobExecutionsForThing_thingName,
+
+    -- * Destructuring the Response
+    ListJobExecutionsForThingResponse (..),
+    newListJobExecutionsForThingResponse,
+
+    -- * Response Lenses
+    listJobExecutionsForThingResponse_executionSummaries,
+    listJobExecutionsForThingResponse_nextToken,
+    listJobExecutionsForThingResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListJobExecutionsForThing' smart constructor.
+data ListJobExecutionsForThing = ListJobExecutionsForThing'
+  { -- | The unique identifier you assigned to this job when it was created.
+    jobId :: Prelude.Maybe Prelude.Text,
+    -- | The maximum number of results to be returned per request.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The namespace used to indicate that a job is a customer-managed job.
+    --
+    -- When you specify a value for this parameter, Amazon Web Services IoT
+    -- Core sends jobs notifications to MQTT topics that contain the value in
+    -- the following format.
+    --
+    -- @$aws\/things\/@/@THING_NAME@/@\/jobs\/@/@JOB_ID@/@\/notify-namespace-@/@NAMESPACE_ID@/@\/@
+    --
+    -- The @namespaceId@ feature is in public preview.
+    namespaceId :: Prelude.Maybe Prelude.Text,
+    -- | The token to retrieve the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | An optional filter that lets you search for jobs that have the specified
+    -- status.
+    status :: Prelude.Maybe JobExecutionStatus,
+    -- | The thing name.
+    thingName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListJobExecutionsForThing' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'jobId', 'listJobExecutionsForThing_jobId' - The unique identifier you assigned to this job when it was created.
+--
+-- 'maxResults', 'listJobExecutionsForThing_maxResults' - The maximum number of results to be returned per request.
+--
+-- 'namespaceId', 'listJobExecutionsForThing_namespaceId' - The namespace used to indicate that a job is a customer-managed job.
+--
+-- When you specify a value for this parameter, Amazon Web Services IoT
+-- Core sends jobs notifications to MQTT topics that contain the value in
+-- the following format.
+--
+-- @$aws\/things\/@/@THING_NAME@/@\/jobs\/@/@JOB_ID@/@\/notify-namespace-@/@NAMESPACE_ID@/@\/@
+--
+-- The @namespaceId@ feature is in public preview.
+--
+-- 'nextToken', 'listJobExecutionsForThing_nextToken' - The token to retrieve the next set of results.
+--
+-- 'status', 'listJobExecutionsForThing_status' - An optional filter that lets you search for jobs that have the specified
+-- status.
+--
+-- 'thingName', 'listJobExecutionsForThing_thingName' - The thing name.
+newListJobExecutionsForThing ::
+  -- | 'thingName'
+  Prelude.Text ->
+  ListJobExecutionsForThing
+newListJobExecutionsForThing pThingName_ =
+  ListJobExecutionsForThing'
+    { jobId = Prelude.Nothing,
+      maxResults = Prelude.Nothing,
+      namespaceId = Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      status = Prelude.Nothing,
+      thingName = pThingName_
+    }
+
+-- | The unique identifier you assigned to this job when it was created.
+listJobExecutionsForThing_jobId :: Lens.Lens' ListJobExecutionsForThing (Prelude.Maybe Prelude.Text)
+listJobExecutionsForThing_jobId = Lens.lens (\ListJobExecutionsForThing' {jobId} -> jobId) (\s@ListJobExecutionsForThing' {} a -> s {jobId = a} :: ListJobExecutionsForThing)
+
+-- | The maximum number of results to be returned per request.
+listJobExecutionsForThing_maxResults :: Lens.Lens' ListJobExecutionsForThing (Prelude.Maybe Prelude.Natural)
+listJobExecutionsForThing_maxResults = Lens.lens (\ListJobExecutionsForThing' {maxResults} -> maxResults) (\s@ListJobExecutionsForThing' {} a -> s {maxResults = a} :: ListJobExecutionsForThing)
+
+-- | The namespace used to indicate that a job is a customer-managed job.
+--
+-- When you specify a value for this parameter, Amazon Web Services IoT
+-- Core sends jobs notifications to MQTT topics that contain the value in
+-- the following format.
+--
+-- @$aws\/things\/@/@THING_NAME@/@\/jobs\/@/@JOB_ID@/@\/notify-namespace-@/@NAMESPACE_ID@/@\/@
+--
+-- The @namespaceId@ feature is in public preview.
+listJobExecutionsForThing_namespaceId :: Lens.Lens' ListJobExecutionsForThing (Prelude.Maybe Prelude.Text)
+listJobExecutionsForThing_namespaceId = Lens.lens (\ListJobExecutionsForThing' {namespaceId} -> namespaceId) (\s@ListJobExecutionsForThing' {} a -> s {namespaceId = a} :: ListJobExecutionsForThing)
+
+-- | The token to retrieve the next set of results.
+listJobExecutionsForThing_nextToken :: Lens.Lens' ListJobExecutionsForThing (Prelude.Maybe Prelude.Text)
+listJobExecutionsForThing_nextToken = Lens.lens (\ListJobExecutionsForThing' {nextToken} -> nextToken) (\s@ListJobExecutionsForThing' {} a -> s {nextToken = a} :: ListJobExecutionsForThing)
+
+-- | An optional filter that lets you search for jobs that have the specified
+-- status.
+listJobExecutionsForThing_status :: Lens.Lens' ListJobExecutionsForThing (Prelude.Maybe JobExecutionStatus)
+listJobExecutionsForThing_status = Lens.lens (\ListJobExecutionsForThing' {status} -> status) (\s@ListJobExecutionsForThing' {} a -> s {status = a} :: ListJobExecutionsForThing)
+
+-- | The thing name.
+listJobExecutionsForThing_thingName :: Lens.Lens' ListJobExecutionsForThing Prelude.Text
+listJobExecutionsForThing_thingName = Lens.lens (\ListJobExecutionsForThing' {thingName} -> thingName) (\s@ListJobExecutionsForThing' {} a -> s {thingName = a} :: ListJobExecutionsForThing)
+
+instance Core.AWSPager ListJobExecutionsForThing where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listJobExecutionsForThingResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listJobExecutionsForThingResponse_executionSummaries
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listJobExecutionsForThing_nextToken
+          Lens..~ rs
+          Lens.^? listJobExecutionsForThingResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListJobExecutionsForThing where
+  type
+    AWSResponse ListJobExecutionsForThing =
+      ListJobExecutionsForThingResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListJobExecutionsForThingResponse'
+            Prelude.<$> ( x
+                            Data..?> "executionSummaries"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (x Data..?> "nextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListJobExecutionsForThing where
+  hashWithSalt _salt ListJobExecutionsForThing' {..} =
+    _salt
+      `Prelude.hashWithSalt` jobId
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` namespaceId
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` status
+      `Prelude.hashWithSalt` thingName
+
+instance Prelude.NFData ListJobExecutionsForThing where
+  rnf ListJobExecutionsForThing' {..} =
+    Prelude.rnf jobId
+      `Prelude.seq` Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf namespaceId
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf status
+      `Prelude.seq` Prelude.rnf thingName
+
+instance Data.ToHeaders ListJobExecutionsForThing where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListJobExecutionsForThing where
+  toPath ListJobExecutionsForThing' {..} =
+    Prelude.mconcat
+      ["/things/", Data.toBS thingName, "/jobs"]
+
+instance Data.ToQuery ListJobExecutionsForThing where
+  toQuery ListJobExecutionsForThing' {..} =
+    Prelude.mconcat
+      [ "jobId" Data.=: jobId,
+        "maxResults" Data.=: maxResults,
+        "namespaceId" Data.=: namespaceId,
+        "nextToken" Data.=: nextToken,
+        "status" Data.=: status
+      ]
+
+-- | /See:/ 'newListJobExecutionsForThingResponse' smart constructor.
+data ListJobExecutionsForThingResponse = ListJobExecutionsForThingResponse'
+  { -- | A list of job execution summaries.
+    executionSummaries :: Prelude.Maybe [JobExecutionSummaryForThing],
+    -- | The token for the next set of results, or __null__ if there are no
+    -- additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListJobExecutionsForThingResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'executionSummaries', 'listJobExecutionsForThingResponse_executionSummaries' - A list of job execution summaries.
+--
+-- 'nextToken', 'listJobExecutionsForThingResponse_nextToken' - The token for the next set of results, or __null__ if there are no
+-- additional results.
+--
+-- 'httpStatus', 'listJobExecutionsForThingResponse_httpStatus' - The response's http status code.
+newListJobExecutionsForThingResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListJobExecutionsForThingResponse
+newListJobExecutionsForThingResponse pHttpStatus_ =
+  ListJobExecutionsForThingResponse'
+    { executionSummaries =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | A list of job execution summaries.
+listJobExecutionsForThingResponse_executionSummaries :: Lens.Lens' ListJobExecutionsForThingResponse (Prelude.Maybe [JobExecutionSummaryForThing])
+listJobExecutionsForThingResponse_executionSummaries = Lens.lens (\ListJobExecutionsForThingResponse' {executionSummaries} -> executionSummaries) (\s@ListJobExecutionsForThingResponse' {} a -> s {executionSummaries = a} :: ListJobExecutionsForThingResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The token for the next set of results, or __null__ if there are no
+-- additional results.
+listJobExecutionsForThingResponse_nextToken :: Lens.Lens' ListJobExecutionsForThingResponse (Prelude.Maybe Prelude.Text)
+listJobExecutionsForThingResponse_nextToken = Lens.lens (\ListJobExecutionsForThingResponse' {nextToken} -> nextToken) (\s@ListJobExecutionsForThingResponse' {} a -> s {nextToken = a} :: ListJobExecutionsForThingResponse)
+
+-- | The response's http status code.
+listJobExecutionsForThingResponse_httpStatus :: Lens.Lens' ListJobExecutionsForThingResponse Prelude.Int
+listJobExecutionsForThingResponse_httpStatus = Lens.lens (\ListJobExecutionsForThingResponse' {httpStatus} -> httpStatus) (\s@ListJobExecutionsForThingResponse' {} a -> s {httpStatus = a} :: ListJobExecutionsForThingResponse)
+
+instance
+  Prelude.NFData
+    ListJobExecutionsForThingResponse
+  where
+  rnf ListJobExecutionsForThingResponse' {..} =
+    Prelude.rnf executionSummaries
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListJobTemplates.hs b/gen/Amazonka/IoT/ListJobTemplates.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListJobTemplates.hs
@@ -0,0 +1,210 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListJobTemplates
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Returns a list of job templates.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListJobTemplates>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListJobTemplates
+  ( -- * Creating a Request
+    ListJobTemplates (..),
+    newListJobTemplates,
+
+    -- * Request Lenses
+    listJobTemplates_maxResults,
+    listJobTemplates_nextToken,
+
+    -- * Destructuring the Response
+    ListJobTemplatesResponse (..),
+    newListJobTemplatesResponse,
+
+    -- * Response Lenses
+    listJobTemplatesResponse_jobTemplates,
+    listJobTemplatesResponse_nextToken,
+    listJobTemplatesResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListJobTemplates' smart constructor.
+data ListJobTemplates = ListJobTemplates'
+  { -- | The maximum number of results to return in the list.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The token to use to return the next set of results in the list.
+    nextToken :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListJobTemplates' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listJobTemplates_maxResults' - The maximum number of results to return in the list.
+--
+-- 'nextToken', 'listJobTemplates_nextToken' - The token to use to return the next set of results in the list.
+newListJobTemplates ::
+  ListJobTemplates
+newListJobTemplates =
+  ListJobTemplates'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing
+    }
+
+-- | The maximum number of results to return in the list.
+listJobTemplates_maxResults :: Lens.Lens' ListJobTemplates (Prelude.Maybe Prelude.Natural)
+listJobTemplates_maxResults = Lens.lens (\ListJobTemplates' {maxResults} -> maxResults) (\s@ListJobTemplates' {} a -> s {maxResults = a} :: ListJobTemplates)
+
+-- | The token to use to return the next set of results in the list.
+listJobTemplates_nextToken :: Lens.Lens' ListJobTemplates (Prelude.Maybe Prelude.Text)
+listJobTemplates_nextToken = Lens.lens (\ListJobTemplates' {nextToken} -> nextToken) (\s@ListJobTemplates' {} a -> s {nextToken = a} :: ListJobTemplates)
+
+instance Core.AWSPager ListJobTemplates where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listJobTemplatesResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listJobTemplatesResponse_jobTemplates
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listJobTemplates_nextToken
+          Lens..~ rs
+          Lens.^? listJobTemplatesResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListJobTemplates where
+  type
+    AWSResponse ListJobTemplates =
+      ListJobTemplatesResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListJobTemplatesResponse'
+            Prelude.<$> (x Data..?> "jobTemplates" Core..!@ Prelude.mempty)
+            Prelude.<*> (x Data..?> "nextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListJobTemplates where
+  hashWithSalt _salt ListJobTemplates' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+
+instance Prelude.NFData ListJobTemplates where
+  rnf ListJobTemplates' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+
+instance Data.ToHeaders ListJobTemplates where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListJobTemplates where
+  toPath = Prelude.const "/job-templates"
+
+instance Data.ToQuery ListJobTemplates where
+  toQuery ListJobTemplates' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken
+      ]
+
+-- | /See:/ 'newListJobTemplatesResponse' smart constructor.
+data ListJobTemplatesResponse = ListJobTemplatesResponse'
+  { -- | A list of objects that contain information about the job templates.
+    jobTemplates :: Prelude.Maybe [JobTemplateSummary],
+    -- | The token for the next set of results, or __null__ if there are no
+    -- additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListJobTemplatesResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'jobTemplates', 'listJobTemplatesResponse_jobTemplates' - A list of objects that contain information about the job templates.
+--
+-- 'nextToken', 'listJobTemplatesResponse_nextToken' - The token for the next set of results, or __null__ if there are no
+-- additional results.
+--
+-- 'httpStatus', 'listJobTemplatesResponse_httpStatus' - The response's http status code.
+newListJobTemplatesResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListJobTemplatesResponse
+newListJobTemplatesResponse pHttpStatus_ =
+  ListJobTemplatesResponse'
+    { jobTemplates =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | A list of objects that contain information about the job templates.
+listJobTemplatesResponse_jobTemplates :: Lens.Lens' ListJobTemplatesResponse (Prelude.Maybe [JobTemplateSummary])
+listJobTemplatesResponse_jobTemplates = Lens.lens (\ListJobTemplatesResponse' {jobTemplates} -> jobTemplates) (\s@ListJobTemplatesResponse' {} a -> s {jobTemplates = a} :: ListJobTemplatesResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The token for the next set of results, or __null__ if there are no
+-- additional results.
+listJobTemplatesResponse_nextToken :: Lens.Lens' ListJobTemplatesResponse (Prelude.Maybe Prelude.Text)
+listJobTemplatesResponse_nextToken = Lens.lens (\ListJobTemplatesResponse' {nextToken} -> nextToken) (\s@ListJobTemplatesResponse' {} a -> s {nextToken = a} :: ListJobTemplatesResponse)
+
+-- | The response's http status code.
+listJobTemplatesResponse_httpStatus :: Lens.Lens' ListJobTemplatesResponse Prelude.Int
+listJobTemplatesResponse_httpStatus = Lens.lens (\ListJobTemplatesResponse' {httpStatus} -> httpStatus) (\s@ListJobTemplatesResponse' {} a -> s {httpStatus = a} :: ListJobTemplatesResponse)
+
+instance Prelude.NFData ListJobTemplatesResponse where
+  rnf ListJobTemplatesResponse' {..} =
+    Prelude.rnf jobTemplates
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListJobs.hs b/gen/Amazonka/IoT/ListJobs.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListJobs.hs
@@ -0,0 +1,326 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListJobs
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists jobs.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListJobs>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListJobs
+  ( -- * Creating a Request
+    ListJobs (..),
+    newListJobs,
+
+    -- * Request Lenses
+    listJobs_maxResults,
+    listJobs_namespaceId,
+    listJobs_nextToken,
+    listJobs_status,
+    listJobs_targetSelection,
+    listJobs_thingGroupId,
+    listJobs_thingGroupName,
+
+    -- * Destructuring the Response
+    ListJobsResponse (..),
+    newListJobsResponse,
+
+    -- * Response Lenses
+    listJobsResponse_jobs,
+    listJobsResponse_nextToken,
+    listJobsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListJobs' smart constructor.
+data ListJobs = ListJobs'
+  { -- | The maximum number of results to return per request.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The namespace used to indicate that a job is a customer-managed job.
+    --
+    -- When you specify a value for this parameter, Amazon Web Services IoT
+    -- Core sends jobs notifications to MQTT topics that contain the value in
+    -- the following format.
+    --
+    -- @$aws\/things\/@/@THING_NAME@/@\/jobs\/@/@JOB_ID@/@\/notify-namespace-@/@NAMESPACE_ID@/@\/@
+    --
+    -- The @namespaceId@ feature is in public preview.
+    namespaceId :: Prelude.Maybe Prelude.Text,
+    -- | The token to retrieve the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | An optional filter that lets you search for jobs that have the specified
+    -- status.
+    status :: Prelude.Maybe JobStatus,
+    -- | Specifies whether the job will continue to run (CONTINUOUS), or will be
+    -- complete after all those things specified as targets have completed the
+    -- job (SNAPSHOT). If continuous, the job may also be run on a thing when a
+    -- change is detected in a target. For example, a job will run on a thing
+    -- when the thing is added to a target group, even after the job was
+    -- completed by all things originally in the group.
+    --
+    -- We recommend that you use continuous jobs instead of snapshot jobs for
+    -- dynamic thing group targets. By using continuous jobs, devices that join
+    -- the group receive the job execution even after the job has been created.
+    targetSelection :: Prelude.Maybe TargetSelection,
+    -- | A filter that limits the returned jobs to those for the specified group.
+    thingGroupId :: Prelude.Maybe Prelude.Text,
+    -- | A filter that limits the returned jobs to those for the specified group.
+    thingGroupName :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListJobs' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listJobs_maxResults' - The maximum number of results to return per request.
+--
+-- 'namespaceId', 'listJobs_namespaceId' - The namespace used to indicate that a job is a customer-managed job.
+--
+-- When you specify a value for this parameter, Amazon Web Services IoT
+-- Core sends jobs notifications to MQTT topics that contain the value in
+-- the following format.
+--
+-- @$aws\/things\/@/@THING_NAME@/@\/jobs\/@/@JOB_ID@/@\/notify-namespace-@/@NAMESPACE_ID@/@\/@
+--
+-- The @namespaceId@ feature is in public preview.
+--
+-- 'nextToken', 'listJobs_nextToken' - The token to retrieve the next set of results.
+--
+-- 'status', 'listJobs_status' - An optional filter that lets you search for jobs that have the specified
+-- status.
+--
+-- 'targetSelection', 'listJobs_targetSelection' - Specifies whether the job will continue to run (CONTINUOUS), or will be
+-- complete after all those things specified as targets have completed the
+-- job (SNAPSHOT). If continuous, the job may also be run on a thing when a
+-- change is detected in a target. For example, a job will run on a thing
+-- when the thing is added to a target group, even after the job was
+-- completed by all things originally in the group.
+--
+-- We recommend that you use continuous jobs instead of snapshot jobs for
+-- dynamic thing group targets. By using continuous jobs, devices that join
+-- the group receive the job execution even after the job has been created.
+--
+-- 'thingGroupId', 'listJobs_thingGroupId' - A filter that limits the returned jobs to those for the specified group.
+--
+-- 'thingGroupName', 'listJobs_thingGroupName' - A filter that limits the returned jobs to those for the specified group.
+newListJobs ::
+  ListJobs
+newListJobs =
+  ListJobs'
+    { maxResults = Prelude.Nothing,
+      namespaceId = Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      status = Prelude.Nothing,
+      targetSelection = Prelude.Nothing,
+      thingGroupId = Prelude.Nothing,
+      thingGroupName = Prelude.Nothing
+    }
+
+-- | The maximum number of results to return per request.
+listJobs_maxResults :: Lens.Lens' ListJobs (Prelude.Maybe Prelude.Natural)
+listJobs_maxResults = Lens.lens (\ListJobs' {maxResults} -> maxResults) (\s@ListJobs' {} a -> s {maxResults = a} :: ListJobs)
+
+-- | The namespace used to indicate that a job is a customer-managed job.
+--
+-- When you specify a value for this parameter, Amazon Web Services IoT
+-- Core sends jobs notifications to MQTT topics that contain the value in
+-- the following format.
+--
+-- @$aws\/things\/@/@THING_NAME@/@\/jobs\/@/@JOB_ID@/@\/notify-namespace-@/@NAMESPACE_ID@/@\/@
+--
+-- The @namespaceId@ feature is in public preview.
+listJobs_namespaceId :: Lens.Lens' ListJobs (Prelude.Maybe Prelude.Text)
+listJobs_namespaceId = Lens.lens (\ListJobs' {namespaceId} -> namespaceId) (\s@ListJobs' {} a -> s {namespaceId = a} :: ListJobs)
+
+-- | The token to retrieve the next set of results.
+listJobs_nextToken :: Lens.Lens' ListJobs (Prelude.Maybe Prelude.Text)
+listJobs_nextToken = Lens.lens (\ListJobs' {nextToken} -> nextToken) (\s@ListJobs' {} a -> s {nextToken = a} :: ListJobs)
+
+-- | An optional filter that lets you search for jobs that have the specified
+-- status.
+listJobs_status :: Lens.Lens' ListJobs (Prelude.Maybe JobStatus)
+listJobs_status = Lens.lens (\ListJobs' {status} -> status) (\s@ListJobs' {} a -> s {status = a} :: ListJobs)
+
+-- | Specifies whether the job will continue to run (CONTINUOUS), or will be
+-- complete after all those things specified as targets have completed the
+-- job (SNAPSHOT). If continuous, the job may also be run on a thing when a
+-- change is detected in a target. For example, a job will run on a thing
+-- when the thing is added to a target group, even after the job was
+-- completed by all things originally in the group.
+--
+-- We recommend that you use continuous jobs instead of snapshot jobs for
+-- dynamic thing group targets. By using continuous jobs, devices that join
+-- the group receive the job execution even after the job has been created.
+listJobs_targetSelection :: Lens.Lens' ListJobs (Prelude.Maybe TargetSelection)
+listJobs_targetSelection = Lens.lens (\ListJobs' {targetSelection} -> targetSelection) (\s@ListJobs' {} a -> s {targetSelection = a} :: ListJobs)
+
+-- | A filter that limits the returned jobs to those for the specified group.
+listJobs_thingGroupId :: Lens.Lens' ListJobs (Prelude.Maybe Prelude.Text)
+listJobs_thingGroupId = Lens.lens (\ListJobs' {thingGroupId} -> thingGroupId) (\s@ListJobs' {} a -> s {thingGroupId = a} :: ListJobs)
+
+-- | A filter that limits the returned jobs to those for the specified group.
+listJobs_thingGroupName :: Lens.Lens' ListJobs (Prelude.Maybe Prelude.Text)
+listJobs_thingGroupName = Lens.lens (\ListJobs' {thingGroupName} -> thingGroupName) (\s@ListJobs' {} a -> s {thingGroupName = a} :: ListJobs)
+
+instance Core.AWSPager ListJobs where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listJobsResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listJobsResponse_jobs
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listJobs_nextToken
+          Lens..~ rs
+          Lens.^? listJobsResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListJobs where
+  type AWSResponse ListJobs = ListJobsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListJobsResponse'
+            Prelude.<$> (x Data..?> "jobs" Core..!@ Prelude.mempty)
+            Prelude.<*> (x Data..?> "nextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListJobs where
+  hashWithSalt _salt ListJobs' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` namespaceId
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` status
+      `Prelude.hashWithSalt` targetSelection
+      `Prelude.hashWithSalt` thingGroupId
+      `Prelude.hashWithSalt` thingGroupName
+
+instance Prelude.NFData ListJobs where
+  rnf ListJobs' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf namespaceId
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf status
+      `Prelude.seq` Prelude.rnf targetSelection
+      `Prelude.seq` Prelude.rnf thingGroupId
+      `Prelude.seq` Prelude.rnf thingGroupName
+
+instance Data.ToHeaders ListJobs where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListJobs where
+  toPath = Prelude.const "/jobs"
+
+instance Data.ToQuery ListJobs where
+  toQuery ListJobs' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "namespaceId" Data.=: namespaceId,
+        "nextToken" Data.=: nextToken,
+        "status" Data.=: status,
+        "targetSelection" Data.=: targetSelection,
+        "thingGroupId" Data.=: thingGroupId,
+        "thingGroupName" Data.=: thingGroupName
+      ]
+
+-- | /See:/ 'newListJobsResponse' smart constructor.
+data ListJobsResponse = ListJobsResponse'
+  { -- | A list of jobs.
+    jobs :: Prelude.Maybe [JobSummary],
+    -- | The token for the next set of results, or __null__ if there are no
+    -- additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListJobsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'jobs', 'listJobsResponse_jobs' - A list of jobs.
+--
+-- 'nextToken', 'listJobsResponse_nextToken' - The token for the next set of results, or __null__ if there are no
+-- additional results.
+--
+-- 'httpStatus', 'listJobsResponse_httpStatus' - The response's http status code.
+newListJobsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListJobsResponse
+newListJobsResponse pHttpStatus_ =
+  ListJobsResponse'
+    { jobs = Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | A list of jobs.
+listJobsResponse_jobs :: Lens.Lens' ListJobsResponse (Prelude.Maybe [JobSummary])
+listJobsResponse_jobs = Lens.lens (\ListJobsResponse' {jobs} -> jobs) (\s@ListJobsResponse' {} a -> s {jobs = a} :: ListJobsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The token for the next set of results, or __null__ if there are no
+-- additional results.
+listJobsResponse_nextToken :: Lens.Lens' ListJobsResponse (Prelude.Maybe Prelude.Text)
+listJobsResponse_nextToken = Lens.lens (\ListJobsResponse' {nextToken} -> nextToken) (\s@ListJobsResponse' {} a -> s {nextToken = a} :: ListJobsResponse)
+
+-- | The response's http status code.
+listJobsResponse_httpStatus :: Lens.Lens' ListJobsResponse Prelude.Int
+listJobsResponse_httpStatus = Lens.lens (\ListJobsResponse' {httpStatus} -> httpStatus) (\s@ListJobsResponse' {} a -> s {httpStatus = a} :: ListJobsResponse)
+
+instance Prelude.NFData ListJobsResponse where
+  rnf ListJobsResponse' {..} =
+    Prelude.rnf jobs
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListManagedJobTemplates.hs b/gen/Amazonka/IoT/ListManagedJobTemplates.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListManagedJobTemplates.hs
@@ -0,0 +1,205 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListManagedJobTemplates
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Returns a list of managed job templates.
+module Amazonka.IoT.ListManagedJobTemplates
+  ( -- * Creating a Request
+    ListManagedJobTemplates (..),
+    newListManagedJobTemplates,
+
+    -- * Request Lenses
+    listManagedJobTemplates_maxResults,
+    listManagedJobTemplates_nextToken,
+    listManagedJobTemplates_templateName,
+
+    -- * Destructuring the Response
+    ListManagedJobTemplatesResponse (..),
+    newListManagedJobTemplatesResponse,
+
+    -- * Response Lenses
+    listManagedJobTemplatesResponse_managedJobTemplates,
+    listManagedJobTemplatesResponse_nextToken,
+    listManagedJobTemplatesResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListManagedJobTemplates' smart constructor.
+data ListManagedJobTemplates = ListManagedJobTemplates'
+  { -- | Maximum number of entries that can be returned.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The token to retrieve the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | An optional parameter for template name. If specified, only the versions
+    -- of the managed job templates that have the specified template name will
+    -- be returned.
+    templateName :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListManagedJobTemplates' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listManagedJobTemplates_maxResults' - Maximum number of entries that can be returned.
+--
+-- 'nextToken', 'listManagedJobTemplates_nextToken' - The token to retrieve the next set of results.
+--
+-- 'templateName', 'listManagedJobTemplates_templateName' - An optional parameter for template name. If specified, only the versions
+-- of the managed job templates that have the specified template name will
+-- be returned.
+newListManagedJobTemplates ::
+  ListManagedJobTemplates
+newListManagedJobTemplates =
+  ListManagedJobTemplates'
+    { maxResults =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      templateName = Prelude.Nothing
+    }
+
+-- | Maximum number of entries that can be returned.
+listManagedJobTemplates_maxResults :: Lens.Lens' ListManagedJobTemplates (Prelude.Maybe Prelude.Natural)
+listManagedJobTemplates_maxResults = Lens.lens (\ListManagedJobTemplates' {maxResults} -> maxResults) (\s@ListManagedJobTemplates' {} a -> s {maxResults = a} :: ListManagedJobTemplates)
+
+-- | The token to retrieve the next set of results.
+listManagedJobTemplates_nextToken :: Lens.Lens' ListManagedJobTemplates (Prelude.Maybe Prelude.Text)
+listManagedJobTemplates_nextToken = Lens.lens (\ListManagedJobTemplates' {nextToken} -> nextToken) (\s@ListManagedJobTemplates' {} a -> s {nextToken = a} :: ListManagedJobTemplates)
+
+-- | An optional parameter for template name. If specified, only the versions
+-- of the managed job templates that have the specified template name will
+-- be returned.
+listManagedJobTemplates_templateName :: Lens.Lens' ListManagedJobTemplates (Prelude.Maybe Prelude.Text)
+listManagedJobTemplates_templateName = Lens.lens (\ListManagedJobTemplates' {templateName} -> templateName) (\s@ListManagedJobTemplates' {} a -> s {templateName = a} :: ListManagedJobTemplates)
+
+instance Core.AWSRequest ListManagedJobTemplates where
+  type
+    AWSResponse ListManagedJobTemplates =
+      ListManagedJobTemplatesResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListManagedJobTemplatesResponse'
+            Prelude.<$> ( x
+                            Data..?> "managedJobTemplates"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (x Data..?> "nextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListManagedJobTemplates where
+  hashWithSalt _salt ListManagedJobTemplates' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` templateName
+
+instance Prelude.NFData ListManagedJobTemplates where
+  rnf ListManagedJobTemplates' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf templateName
+
+instance Data.ToHeaders ListManagedJobTemplates where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListManagedJobTemplates where
+  toPath = Prelude.const "/managed-job-templates"
+
+instance Data.ToQuery ListManagedJobTemplates where
+  toQuery ListManagedJobTemplates' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken,
+        "templateName" Data.=: templateName
+      ]
+
+-- | /See:/ 'newListManagedJobTemplatesResponse' smart constructor.
+data ListManagedJobTemplatesResponse = ListManagedJobTemplatesResponse'
+  { -- | A list of managed job templates that are returned.
+    managedJobTemplates :: Prelude.Maybe [ManagedJobTemplateSummary],
+    -- | The token to retrieve the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListManagedJobTemplatesResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'managedJobTemplates', 'listManagedJobTemplatesResponse_managedJobTemplates' - A list of managed job templates that are returned.
+--
+-- 'nextToken', 'listManagedJobTemplatesResponse_nextToken' - The token to retrieve the next set of results.
+--
+-- 'httpStatus', 'listManagedJobTemplatesResponse_httpStatus' - The response's http status code.
+newListManagedJobTemplatesResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListManagedJobTemplatesResponse
+newListManagedJobTemplatesResponse pHttpStatus_ =
+  ListManagedJobTemplatesResponse'
+    { managedJobTemplates =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | A list of managed job templates that are returned.
+listManagedJobTemplatesResponse_managedJobTemplates :: Lens.Lens' ListManagedJobTemplatesResponse (Prelude.Maybe [ManagedJobTemplateSummary])
+listManagedJobTemplatesResponse_managedJobTemplates = Lens.lens (\ListManagedJobTemplatesResponse' {managedJobTemplates} -> managedJobTemplates) (\s@ListManagedJobTemplatesResponse' {} a -> s {managedJobTemplates = a} :: ListManagedJobTemplatesResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The token to retrieve the next set of results.
+listManagedJobTemplatesResponse_nextToken :: Lens.Lens' ListManagedJobTemplatesResponse (Prelude.Maybe Prelude.Text)
+listManagedJobTemplatesResponse_nextToken = Lens.lens (\ListManagedJobTemplatesResponse' {nextToken} -> nextToken) (\s@ListManagedJobTemplatesResponse' {} a -> s {nextToken = a} :: ListManagedJobTemplatesResponse)
+
+-- | The response's http status code.
+listManagedJobTemplatesResponse_httpStatus :: Lens.Lens' ListManagedJobTemplatesResponse Prelude.Int
+listManagedJobTemplatesResponse_httpStatus = Lens.lens (\ListManagedJobTemplatesResponse' {httpStatus} -> httpStatus) (\s@ListManagedJobTemplatesResponse' {} a -> s {httpStatus = a} :: ListManagedJobTemplatesResponse)
+
+instance
+  Prelude.NFData
+    ListManagedJobTemplatesResponse
+  where
+  rnf ListManagedJobTemplatesResponse' {..} =
+    Prelude.rnf managedJobTemplates
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListMetricValues.hs b/gen/Amazonka/IoT/ListMetricValues.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListMetricValues.hs
@@ -0,0 +1,308 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListMetricValues
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the values reported for an IoT Device Defender metric (device-side
+-- metric, cloud-side metric, or custom metric) by the given thing during
+-- the specified time period.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListMetricValues
+  ( -- * Creating a Request
+    ListMetricValues (..),
+    newListMetricValues,
+
+    -- * Request Lenses
+    listMetricValues_dimensionName,
+    listMetricValues_dimensionValueOperator,
+    listMetricValues_maxResults,
+    listMetricValues_nextToken,
+    listMetricValues_thingName,
+    listMetricValues_metricName,
+    listMetricValues_startTime,
+    listMetricValues_endTime,
+
+    -- * Destructuring the Response
+    ListMetricValuesResponse (..),
+    newListMetricValuesResponse,
+
+    -- * Response Lenses
+    listMetricValuesResponse_metricDatumList,
+    listMetricValuesResponse_nextToken,
+    listMetricValuesResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListMetricValues' smart constructor.
+data ListMetricValues = ListMetricValues'
+  { -- | The dimension name.
+    dimensionName :: Prelude.Maybe Prelude.Text,
+    -- | The dimension value operator.
+    dimensionValueOperator :: Prelude.Maybe DimensionValueOperator,
+    -- | The maximum number of results to return at one time.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The token for the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The name of the thing for which security profile metric values are
+    -- returned.
+    thingName :: Prelude.Text,
+    -- | The name of the security profile metric for which values are returned.
+    metricName :: Prelude.Text,
+    -- | The start of the time period for which metric values are returned.
+    startTime :: Data.POSIX,
+    -- | The end of the time period for which metric values are returned.
+    endTime :: Data.POSIX
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListMetricValues' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'dimensionName', 'listMetricValues_dimensionName' - The dimension name.
+--
+-- 'dimensionValueOperator', 'listMetricValues_dimensionValueOperator' - The dimension value operator.
+--
+-- 'maxResults', 'listMetricValues_maxResults' - The maximum number of results to return at one time.
+--
+-- 'nextToken', 'listMetricValues_nextToken' - The token for the next set of results.
+--
+-- 'thingName', 'listMetricValues_thingName' - The name of the thing for which security profile metric values are
+-- returned.
+--
+-- 'metricName', 'listMetricValues_metricName' - The name of the security profile metric for which values are returned.
+--
+-- 'startTime', 'listMetricValues_startTime' - The start of the time period for which metric values are returned.
+--
+-- 'endTime', 'listMetricValues_endTime' - The end of the time period for which metric values are returned.
+newListMetricValues ::
+  -- | 'thingName'
+  Prelude.Text ->
+  -- | 'metricName'
+  Prelude.Text ->
+  -- | 'startTime'
+  Prelude.UTCTime ->
+  -- | 'endTime'
+  Prelude.UTCTime ->
+  ListMetricValues
+newListMetricValues
+  pThingName_
+  pMetricName_
+  pStartTime_
+  pEndTime_ =
+    ListMetricValues'
+      { dimensionName = Prelude.Nothing,
+        dimensionValueOperator = Prelude.Nothing,
+        maxResults = Prelude.Nothing,
+        nextToken = Prelude.Nothing,
+        thingName = pThingName_,
+        metricName = pMetricName_,
+        startTime = Data._Time Lens.# pStartTime_,
+        endTime = Data._Time Lens.# pEndTime_
+      }
+
+-- | The dimension name.
+listMetricValues_dimensionName :: Lens.Lens' ListMetricValues (Prelude.Maybe Prelude.Text)
+listMetricValues_dimensionName = Lens.lens (\ListMetricValues' {dimensionName} -> dimensionName) (\s@ListMetricValues' {} a -> s {dimensionName = a} :: ListMetricValues)
+
+-- | The dimension value operator.
+listMetricValues_dimensionValueOperator :: Lens.Lens' ListMetricValues (Prelude.Maybe DimensionValueOperator)
+listMetricValues_dimensionValueOperator = Lens.lens (\ListMetricValues' {dimensionValueOperator} -> dimensionValueOperator) (\s@ListMetricValues' {} a -> s {dimensionValueOperator = a} :: ListMetricValues)
+
+-- | The maximum number of results to return at one time.
+listMetricValues_maxResults :: Lens.Lens' ListMetricValues (Prelude.Maybe Prelude.Natural)
+listMetricValues_maxResults = Lens.lens (\ListMetricValues' {maxResults} -> maxResults) (\s@ListMetricValues' {} a -> s {maxResults = a} :: ListMetricValues)
+
+-- | The token for the next set of results.
+listMetricValues_nextToken :: Lens.Lens' ListMetricValues (Prelude.Maybe Prelude.Text)
+listMetricValues_nextToken = Lens.lens (\ListMetricValues' {nextToken} -> nextToken) (\s@ListMetricValues' {} a -> s {nextToken = a} :: ListMetricValues)
+
+-- | The name of the thing for which security profile metric values are
+-- returned.
+listMetricValues_thingName :: Lens.Lens' ListMetricValues Prelude.Text
+listMetricValues_thingName = Lens.lens (\ListMetricValues' {thingName} -> thingName) (\s@ListMetricValues' {} a -> s {thingName = a} :: ListMetricValues)
+
+-- | The name of the security profile metric for which values are returned.
+listMetricValues_metricName :: Lens.Lens' ListMetricValues Prelude.Text
+listMetricValues_metricName = Lens.lens (\ListMetricValues' {metricName} -> metricName) (\s@ListMetricValues' {} a -> s {metricName = a} :: ListMetricValues)
+
+-- | The start of the time period for which metric values are returned.
+listMetricValues_startTime :: Lens.Lens' ListMetricValues Prelude.UTCTime
+listMetricValues_startTime = Lens.lens (\ListMetricValues' {startTime} -> startTime) (\s@ListMetricValues' {} a -> s {startTime = a} :: ListMetricValues) Prelude.. Data._Time
+
+-- | The end of the time period for which metric values are returned.
+listMetricValues_endTime :: Lens.Lens' ListMetricValues Prelude.UTCTime
+listMetricValues_endTime = Lens.lens (\ListMetricValues' {endTime} -> endTime) (\s@ListMetricValues' {} a -> s {endTime = a} :: ListMetricValues) Prelude.. Data._Time
+
+instance Core.AWSPager ListMetricValues where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listMetricValuesResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listMetricValuesResponse_metricDatumList
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listMetricValues_nextToken
+          Lens..~ rs
+          Lens.^? listMetricValuesResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListMetricValues where
+  type
+    AWSResponse ListMetricValues =
+      ListMetricValuesResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListMetricValuesResponse'
+            Prelude.<$> ( x
+                            Data..?> "metricDatumList"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (x Data..?> "nextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListMetricValues where
+  hashWithSalt _salt ListMetricValues' {..} =
+    _salt
+      `Prelude.hashWithSalt` dimensionName
+      `Prelude.hashWithSalt` dimensionValueOperator
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` thingName
+      `Prelude.hashWithSalt` metricName
+      `Prelude.hashWithSalt` startTime
+      `Prelude.hashWithSalt` endTime
+
+instance Prelude.NFData ListMetricValues where
+  rnf ListMetricValues' {..} =
+    Prelude.rnf dimensionName
+      `Prelude.seq` Prelude.rnf dimensionValueOperator
+      `Prelude.seq` Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf thingName
+      `Prelude.seq` Prelude.rnf metricName
+      `Prelude.seq` Prelude.rnf startTime
+      `Prelude.seq` Prelude.rnf endTime
+
+instance Data.ToHeaders ListMetricValues where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListMetricValues where
+  toPath = Prelude.const "/metric-values"
+
+instance Data.ToQuery ListMetricValues where
+  toQuery ListMetricValues' {..} =
+    Prelude.mconcat
+      [ "dimensionName" Data.=: dimensionName,
+        "dimensionValueOperator"
+          Data.=: dimensionValueOperator,
+        "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken,
+        "thingName" Data.=: thingName,
+        "metricName" Data.=: metricName,
+        "startTime" Data.=: startTime,
+        "endTime" Data.=: endTime
+      ]
+
+-- | /See:/ 'newListMetricValuesResponse' smart constructor.
+data ListMetricValuesResponse = ListMetricValuesResponse'
+  { -- | The data the thing reports for the metric during the specified time
+    -- period.
+    metricDatumList :: Prelude.Maybe [MetricDatum],
+    -- | A token that can be used to retrieve the next set of results, or @null@
+    -- if there are no additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListMetricValuesResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'metricDatumList', 'listMetricValuesResponse_metricDatumList' - The data the thing reports for the metric during the specified time
+-- period.
+--
+-- 'nextToken', 'listMetricValuesResponse_nextToken' - A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+--
+-- 'httpStatus', 'listMetricValuesResponse_httpStatus' - The response's http status code.
+newListMetricValuesResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListMetricValuesResponse
+newListMetricValuesResponse pHttpStatus_ =
+  ListMetricValuesResponse'
+    { metricDatumList =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The data the thing reports for the metric during the specified time
+-- period.
+listMetricValuesResponse_metricDatumList :: Lens.Lens' ListMetricValuesResponse (Prelude.Maybe [MetricDatum])
+listMetricValuesResponse_metricDatumList = Lens.lens (\ListMetricValuesResponse' {metricDatumList} -> metricDatumList) (\s@ListMetricValuesResponse' {} a -> s {metricDatumList = a} :: ListMetricValuesResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+listMetricValuesResponse_nextToken :: Lens.Lens' ListMetricValuesResponse (Prelude.Maybe Prelude.Text)
+listMetricValuesResponse_nextToken = Lens.lens (\ListMetricValuesResponse' {nextToken} -> nextToken) (\s@ListMetricValuesResponse' {} a -> s {nextToken = a} :: ListMetricValuesResponse)
+
+-- | The response's http status code.
+listMetricValuesResponse_httpStatus :: Lens.Lens' ListMetricValuesResponse Prelude.Int
+listMetricValuesResponse_httpStatus = Lens.lens (\ListMetricValuesResponse' {httpStatus} -> httpStatus) (\s@ListMetricValuesResponse' {} a -> s {httpStatus = a} :: ListMetricValuesResponse)
+
+instance Prelude.NFData ListMetricValuesResponse where
+  rnf ListMetricValuesResponse' {..} =
+    Prelude.rnf metricDatumList
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListMitigationActions.hs b/gen/Amazonka/IoT/ListMitigationActions.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListMitigationActions.hs
@@ -0,0 +1,228 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListMitigationActions
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets a list of all mitigation actions that match the specified filter
+-- criteria.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListMitigationActions>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListMitigationActions
+  ( -- * Creating a Request
+    ListMitigationActions (..),
+    newListMitigationActions,
+
+    -- * Request Lenses
+    listMitigationActions_actionType,
+    listMitigationActions_maxResults,
+    listMitigationActions_nextToken,
+
+    -- * Destructuring the Response
+    ListMitigationActionsResponse (..),
+    newListMitigationActionsResponse,
+
+    -- * Response Lenses
+    listMitigationActionsResponse_actionIdentifiers,
+    listMitigationActionsResponse_nextToken,
+    listMitigationActionsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListMitigationActions' smart constructor.
+data ListMitigationActions = ListMitigationActions'
+  { -- | Specify a value to limit the result to mitigation actions with a
+    -- specific action type.
+    actionType :: Prelude.Maybe MitigationActionType,
+    -- | The maximum number of results to return at one time. The default is 25.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The token for the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListMitigationActions' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'actionType', 'listMitigationActions_actionType' - Specify a value to limit the result to mitigation actions with a
+-- specific action type.
+--
+-- 'maxResults', 'listMitigationActions_maxResults' - The maximum number of results to return at one time. The default is 25.
+--
+-- 'nextToken', 'listMitigationActions_nextToken' - The token for the next set of results.
+newListMitigationActions ::
+  ListMitigationActions
+newListMitigationActions =
+  ListMitigationActions'
+    { actionType =
+        Prelude.Nothing,
+      maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing
+    }
+
+-- | Specify a value to limit the result to mitigation actions with a
+-- specific action type.
+listMitigationActions_actionType :: Lens.Lens' ListMitigationActions (Prelude.Maybe MitigationActionType)
+listMitigationActions_actionType = Lens.lens (\ListMitigationActions' {actionType} -> actionType) (\s@ListMitigationActions' {} a -> s {actionType = a} :: ListMitigationActions)
+
+-- | The maximum number of results to return at one time. The default is 25.
+listMitigationActions_maxResults :: Lens.Lens' ListMitigationActions (Prelude.Maybe Prelude.Natural)
+listMitigationActions_maxResults = Lens.lens (\ListMitigationActions' {maxResults} -> maxResults) (\s@ListMitigationActions' {} a -> s {maxResults = a} :: ListMitigationActions)
+
+-- | The token for the next set of results.
+listMitigationActions_nextToken :: Lens.Lens' ListMitigationActions (Prelude.Maybe Prelude.Text)
+listMitigationActions_nextToken = Lens.lens (\ListMitigationActions' {nextToken} -> nextToken) (\s@ListMitigationActions' {} a -> s {nextToken = a} :: ListMitigationActions)
+
+instance Core.AWSPager ListMitigationActions where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listMitigationActionsResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listMitigationActionsResponse_actionIdentifiers
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listMitigationActions_nextToken
+          Lens..~ rs
+          Lens.^? listMitigationActionsResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListMitigationActions where
+  type
+    AWSResponse ListMitigationActions =
+      ListMitigationActionsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListMitigationActionsResponse'
+            Prelude.<$> ( x
+                            Data..?> "actionIdentifiers"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (x Data..?> "nextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListMitigationActions where
+  hashWithSalt _salt ListMitigationActions' {..} =
+    _salt
+      `Prelude.hashWithSalt` actionType
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+
+instance Prelude.NFData ListMitigationActions where
+  rnf ListMitigationActions' {..} =
+    Prelude.rnf actionType
+      `Prelude.seq` Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+
+instance Data.ToHeaders ListMitigationActions where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListMitigationActions where
+  toPath = Prelude.const "/mitigationactions/actions"
+
+instance Data.ToQuery ListMitigationActions where
+  toQuery ListMitigationActions' {..} =
+    Prelude.mconcat
+      [ "actionType" Data.=: actionType,
+        "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken
+      ]
+
+-- | /See:/ 'newListMitigationActionsResponse' smart constructor.
+data ListMitigationActionsResponse = ListMitigationActionsResponse'
+  { -- | A set of actions that matched the specified filter criteria.
+    actionIdentifiers :: Prelude.Maybe [MitigationActionIdentifier],
+    -- | The token for the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListMitigationActionsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'actionIdentifiers', 'listMitigationActionsResponse_actionIdentifiers' - A set of actions that matched the specified filter criteria.
+--
+-- 'nextToken', 'listMitigationActionsResponse_nextToken' - The token for the next set of results.
+--
+-- 'httpStatus', 'listMitigationActionsResponse_httpStatus' - The response's http status code.
+newListMitigationActionsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListMitigationActionsResponse
+newListMitigationActionsResponse pHttpStatus_ =
+  ListMitigationActionsResponse'
+    { actionIdentifiers =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | A set of actions that matched the specified filter criteria.
+listMitigationActionsResponse_actionIdentifiers :: Lens.Lens' ListMitigationActionsResponse (Prelude.Maybe [MitigationActionIdentifier])
+listMitigationActionsResponse_actionIdentifiers = Lens.lens (\ListMitigationActionsResponse' {actionIdentifiers} -> actionIdentifiers) (\s@ListMitigationActionsResponse' {} a -> s {actionIdentifiers = a} :: ListMitigationActionsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The token for the next set of results.
+listMitigationActionsResponse_nextToken :: Lens.Lens' ListMitigationActionsResponse (Prelude.Maybe Prelude.Text)
+listMitigationActionsResponse_nextToken = Lens.lens (\ListMitigationActionsResponse' {nextToken} -> nextToken) (\s@ListMitigationActionsResponse' {} a -> s {nextToken = a} :: ListMitigationActionsResponse)
+
+-- | The response's http status code.
+listMitigationActionsResponse_httpStatus :: Lens.Lens' ListMitigationActionsResponse Prelude.Int
+listMitigationActionsResponse_httpStatus = Lens.lens (\ListMitigationActionsResponse' {httpStatus} -> httpStatus) (\s@ListMitigationActionsResponse' {} a -> s {httpStatus = a} :: ListMitigationActionsResponse)
+
+instance Prelude.NFData ListMitigationActionsResponse where
+  rnf ListMitigationActionsResponse' {..} =
+    Prelude.rnf actionIdentifiers
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListOTAUpdates.hs b/gen/Amazonka/IoT/ListOTAUpdates.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListOTAUpdates.hs
@@ -0,0 +1,220 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListOTAUpdates
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists OTA updates.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListOTAUpdates>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListOTAUpdates
+  ( -- * Creating a Request
+    ListOTAUpdates (..),
+    newListOTAUpdates,
+
+    -- * Request Lenses
+    listOTAUpdates_maxResults,
+    listOTAUpdates_nextToken,
+    listOTAUpdates_otaUpdateStatus,
+
+    -- * Destructuring the Response
+    ListOTAUpdatesResponse (..),
+    newListOTAUpdatesResponse,
+
+    -- * Response Lenses
+    listOTAUpdatesResponse_nextToken,
+    listOTAUpdatesResponse_otaUpdates,
+    listOTAUpdatesResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListOTAUpdates' smart constructor.
+data ListOTAUpdates = ListOTAUpdates'
+  { -- | The maximum number of results to return at one time.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | A token used to retrieve the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The OTA update job status.
+    otaUpdateStatus :: Prelude.Maybe OTAUpdateStatus
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListOTAUpdates' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listOTAUpdates_maxResults' - The maximum number of results to return at one time.
+--
+-- 'nextToken', 'listOTAUpdates_nextToken' - A token used to retrieve the next set of results.
+--
+-- 'otaUpdateStatus', 'listOTAUpdates_otaUpdateStatus' - The OTA update job status.
+newListOTAUpdates ::
+  ListOTAUpdates
+newListOTAUpdates =
+  ListOTAUpdates'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      otaUpdateStatus = Prelude.Nothing
+    }
+
+-- | The maximum number of results to return at one time.
+listOTAUpdates_maxResults :: Lens.Lens' ListOTAUpdates (Prelude.Maybe Prelude.Natural)
+listOTAUpdates_maxResults = Lens.lens (\ListOTAUpdates' {maxResults} -> maxResults) (\s@ListOTAUpdates' {} a -> s {maxResults = a} :: ListOTAUpdates)
+
+-- | A token used to retrieve the next set of results.
+listOTAUpdates_nextToken :: Lens.Lens' ListOTAUpdates (Prelude.Maybe Prelude.Text)
+listOTAUpdates_nextToken = Lens.lens (\ListOTAUpdates' {nextToken} -> nextToken) (\s@ListOTAUpdates' {} a -> s {nextToken = a} :: ListOTAUpdates)
+
+-- | The OTA update job status.
+listOTAUpdates_otaUpdateStatus :: Lens.Lens' ListOTAUpdates (Prelude.Maybe OTAUpdateStatus)
+listOTAUpdates_otaUpdateStatus = Lens.lens (\ListOTAUpdates' {otaUpdateStatus} -> otaUpdateStatus) (\s@ListOTAUpdates' {} a -> s {otaUpdateStatus = a} :: ListOTAUpdates)
+
+instance Core.AWSPager ListOTAUpdates where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listOTAUpdatesResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listOTAUpdatesResponse_otaUpdates
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listOTAUpdates_nextToken
+          Lens..~ rs
+          Lens.^? listOTAUpdatesResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListOTAUpdates where
+  type
+    AWSResponse ListOTAUpdates =
+      ListOTAUpdatesResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListOTAUpdatesResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (x Data..?> "otaUpdates" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListOTAUpdates where
+  hashWithSalt _salt ListOTAUpdates' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` otaUpdateStatus
+
+instance Prelude.NFData ListOTAUpdates where
+  rnf ListOTAUpdates' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf otaUpdateStatus
+
+instance Data.ToHeaders ListOTAUpdates where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListOTAUpdates where
+  toPath = Prelude.const "/otaUpdates"
+
+instance Data.ToQuery ListOTAUpdates where
+  toQuery ListOTAUpdates' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken,
+        "otaUpdateStatus" Data.=: otaUpdateStatus
+      ]
+
+-- | /See:/ 'newListOTAUpdatesResponse' smart constructor.
+data ListOTAUpdatesResponse = ListOTAUpdatesResponse'
+  { -- | A token to use to get the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | A list of OTA update jobs.
+    otaUpdates :: Prelude.Maybe [OTAUpdateSummary],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListOTAUpdatesResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listOTAUpdatesResponse_nextToken' - A token to use to get the next set of results.
+--
+-- 'otaUpdates', 'listOTAUpdatesResponse_otaUpdates' - A list of OTA update jobs.
+--
+-- 'httpStatus', 'listOTAUpdatesResponse_httpStatus' - The response's http status code.
+newListOTAUpdatesResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListOTAUpdatesResponse
+newListOTAUpdatesResponse pHttpStatus_ =
+  ListOTAUpdatesResponse'
+    { nextToken =
+        Prelude.Nothing,
+      otaUpdates = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | A token to use to get the next set of results.
+listOTAUpdatesResponse_nextToken :: Lens.Lens' ListOTAUpdatesResponse (Prelude.Maybe Prelude.Text)
+listOTAUpdatesResponse_nextToken = Lens.lens (\ListOTAUpdatesResponse' {nextToken} -> nextToken) (\s@ListOTAUpdatesResponse' {} a -> s {nextToken = a} :: ListOTAUpdatesResponse)
+
+-- | A list of OTA update jobs.
+listOTAUpdatesResponse_otaUpdates :: Lens.Lens' ListOTAUpdatesResponse (Prelude.Maybe [OTAUpdateSummary])
+listOTAUpdatesResponse_otaUpdates = Lens.lens (\ListOTAUpdatesResponse' {otaUpdates} -> otaUpdates) (\s@ListOTAUpdatesResponse' {} a -> s {otaUpdates = a} :: ListOTAUpdatesResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listOTAUpdatesResponse_httpStatus :: Lens.Lens' ListOTAUpdatesResponse Prelude.Int
+listOTAUpdatesResponse_httpStatus = Lens.lens (\ListOTAUpdatesResponse' {httpStatus} -> httpStatus) (\s@ListOTAUpdatesResponse' {} a -> s {httpStatus = a} :: ListOTAUpdatesResponse)
+
+instance Prelude.NFData ListOTAUpdatesResponse where
+  rnf ListOTAUpdatesResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf otaUpdates
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListOutgoingCertificates.hs b/gen/Amazonka/IoT/ListOutgoingCertificates.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListOutgoingCertificates.hs
@@ -0,0 +1,234 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListOutgoingCertificates
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists certificates that are being transferred but not yet accepted.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListOutgoingCertificates>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListOutgoingCertificates
+  ( -- * Creating a Request
+    ListOutgoingCertificates (..),
+    newListOutgoingCertificates,
+
+    -- * Request Lenses
+    listOutgoingCertificates_ascendingOrder,
+    listOutgoingCertificates_marker,
+    listOutgoingCertificates_pageSize,
+
+    -- * Destructuring the Response
+    ListOutgoingCertificatesResponse (..),
+    newListOutgoingCertificatesResponse,
+
+    -- * Response Lenses
+    listOutgoingCertificatesResponse_nextMarker,
+    listOutgoingCertificatesResponse_outgoingCertificates,
+    listOutgoingCertificatesResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input to the ListOutgoingCertificates operation.
+--
+-- /See:/ 'newListOutgoingCertificates' smart constructor.
+data ListOutgoingCertificates = ListOutgoingCertificates'
+  { -- | Specifies the order for results. If True, the results are returned in
+    -- ascending order, based on the creation date.
+    ascendingOrder :: Prelude.Maybe Prelude.Bool,
+    -- | The marker for the next set of results.
+    marker :: Prelude.Maybe Prelude.Text,
+    -- | The result page size.
+    pageSize :: Prelude.Maybe Prelude.Natural
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListOutgoingCertificates' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'ascendingOrder', 'listOutgoingCertificates_ascendingOrder' - Specifies the order for results. If True, the results are returned in
+-- ascending order, based on the creation date.
+--
+-- 'marker', 'listOutgoingCertificates_marker' - The marker for the next set of results.
+--
+-- 'pageSize', 'listOutgoingCertificates_pageSize' - The result page size.
+newListOutgoingCertificates ::
+  ListOutgoingCertificates
+newListOutgoingCertificates =
+  ListOutgoingCertificates'
+    { ascendingOrder =
+        Prelude.Nothing,
+      marker = Prelude.Nothing,
+      pageSize = Prelude.Nothing
+    }
+
+-- | Specifies the order for results. If True, the results are returned in
+-- ascending order, based on the creation date.
+listOutgoingCertificates_ascendingOrder :: Lens.Lens' ListOutgoingCertificates (Prelude.Maybe Prelude.Bool)
+listOutgoingCertificates_ascendingOrder = Lens.lens (\ListOutgoingCertificates' {ascendingOrder} -> ascendingOrder) (\s@ListOutgoingCertificates' {} a -> s {ascendingOrder = a} :: ListOutgoingCertificates)
+
+-- | The marker for the next set of results.
+listOutgoingCertificates_marker :: Lens.Lens' ListOutgoingCertificates (Prelude.Maybe Prelude.Text)
+listOutgoingCertificates_marker = Lens.lens (\ListOutgoingCertificates' {marker} -> marker) (\s@ListOutgoingCertificates' {} a -> s {marker = a} :: ListOutgoingCertificates)
+
+-- | The result page size.
+listOutgoingCertificates_pageSize :: Lens.Lens' ListOutgoingCertificates (Prelude.Maybe Prelude.Natural)
+listOutgoingCertificates_pageSize = Lens.lens (\ListOutgoingCertificates' {pageSize} -> pageSize) (\s@ListOutgoingCertificates' {} a -> s {pageSize = a} :: ListOutgoingCertificates)
+
+instance Core.AWSPager ListOutgoingCertificates where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listOutgoingCertificatesResponse_nextMarker
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listOutgoingCertificatesResponse_outgoingCertificates
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listOutgoingCertificates_marker
+          Lens..~ rs
+          Lens.^? listOutgoingCertificatesResponse_nextMarker
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListOutgoingCertificates where
+  type
+    AWSResponse ListOutgoingCertificates =
+      ListOutgoingCertificatesResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListOutgoingCertificatesResponse'
+            Prelude.<$> (x Data..?> "nextMarker")
+            Prelude.<*> ( x
+                            Data..?> "outgoingCertificates"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListOutgoingCertificates where
+  hashWithSalt _salt ListOutgoingCertificates' {..} =
+    _salt
+      `Prelude.hashWithSalt` ascendingOrder
+      `Prelude.hashWithSalt` marker
+      `Prelude.hashWithSalt` pageSize
+
+instance Prelude.NFData ListOutgoingCertificates where
+  rnf ListOutgoingCertificates' {..} =
+    Prelude.rnf ascendingOrder
+      `Prelude.seq` Prelude.rnf marker
+      `Prelude.seq` Prelude.rnf pageSize
+
+instance Data.ToHeaders ListOutgoingCertificates where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListOutgoingCertificates where
+  toPath = Prelude.const "/certificates-out-going"
+
+instance Data.ToQuery ListOutgoingCertificates where
+  toQuery ListOutgoingCertificates' {..} =
+    Prelude.mconcat
+      [ "isAscendingOrder" Data.=: ascendingOrder,
+        "marker" Data.=: marker,
+        "pageSize" Data.=: pageSize
+      ]
+
+-- | The output from the ListOutgoingCertificates operation.
+--
+-- /See:/ 'newListOutgoingCertificatesResponse' smart constructor.
+data ListOutgoingCertificatesResponse = ListOutgoingCertificatesResponse'
+  { -- | The marker for the next set of results.
+    nextMarker :: Prelude.Maybe Prelude.Text,
+    -- | The certificates that are being transferred but not yet accepted.
+    outgoingCertificates :: Prelude.Maybe [OutgoingCertificate],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListOutgoingCertificatesResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextMarker', 'listOutgoingCertificatesResponse_nextMarker' - The marker for the next set of results.
+--
+-- 'outgoingCertificates', 'listOutgoingCertificatesResponse_outgoingCertificates' - The certificates that are being transferred but not yet accepted.
+--
+-- 'httpStatus', 'listOutgoingCertificatesResponse_httpStatus' - The response's http status code.
+newListOutgoingCertificatesResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListOutgoingCertificatesResponse
+newListOutgoingCertificatesResponse pHttpStatus_ =
+  ListOutgoingCertificatesResponse'
+    { nextMarker =
+        Prelude.Nothing,
+      outgoingCertificates = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The marker for the next set of results.
+listOutgoingCertificatesResponse_nextMarker :: Lens.Lens' ListOutgoingCertificatesResponse (Prelude.Maybe Prelude.Text)
+listOutgoingCertificatesResponse_nextMarker = Lens.lens (\ListOutgoingCertificatesResponse' {nextMarker} -> nextMarker) (\s@ListOutgoingCertificatesResponse' {} a -> s {nextMarker = a} :: ListOutgoingCertificatesResponse)
+
+-- | The certificates that are being transferred but not yet accepted.
+listOutgoingCertificatesResponse_outgoingCertificates :: Lens.Lens' ListOutgoingCertificatesResponse (Prelude.Maybe [OutgoingCertificate])
+listOutgoingCertificatesResponse_outgoingCertificates = Lens.lens (\ListOutgoingCertificatesResponse' {outgoingCertificates} -> outgoingCertificates) (\s@ListOutgoingCertificatesResponse' {} a -> s {outgoingCertificates = a} :: ListOutgoingCertificatesResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listOutgoingCertificatesResponse_httpStatus :: Lens.Lens' ListOutgoingCertificatesResponse Prelude.Int
+listOutgoingCertificatesResponse_httpStatus = Lens.lens (\ListOutgoingCertificatesResponse' {httpStatus} -> httpStatus) (\s@ListOutgoingCertificatesResponse' {} a -> s {httpStatus = a} :: ListOutgoingCertificatesResponse)
+
+instance
+  Prelude.NFData
+    ListOutgoingCertificatesResponse
+  where
+  rnf ListOutgoingCertificatesResponse' {..} =
+    Prelude.rnf nextMarker
+      `Prelude.seq` Prelude.rnf outgoingCertificates
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListPolicies.hs b/gen/Amazonka/IoT/ListPolicies.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListPolicies.hs
@@ -0,0 +1,227 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListPolicies
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists your policies.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListPolicies>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListPolicies
+  ( -- * Creating a Request
+    ListPolicies (..),
+    newListPolicies,
+
+    -- * Request Lenses
+    listPolicies_ascendingOrder,
+    listPolicies_marker,
+    listPolicies_pageSize,
+
+    -- * Destructuring the Response
+    ListPoliciesResponse (..),
+    newListPoliciesResponse,
+
+    -- * Response Lenses
+    listPoliciesResponse_nextMarker,
+    listPoliciesResponse_policies,
+    listPoliciesResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the ListPolicies operation.
+--
+-- /See:/ 'newListPolicies' smart constructor.
+data ListPolicies = ListPolicies'
+  { -- | Specifies the order for results. If true, the results are returned in
+    -- ascending creation order.
+    ascendingOrder :: Prelude.Maybe Prelude.Bool,
+    -- | The marker for the next set of results.
+    marker :: Prelude.Maybe Prelude.Text,
+    -- | The result page size.
+    pageSize :: Prelude.Maybe Prelude.Natural
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListPolicies' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'ascendingOrder', 'listPolicies_ascendingOrder' - Specifies the order for results. If true, the results are returned in
+-- ascending creation order.
+--
+-- 'marker', 'listPolicies_marker' - The marker for the next set of results.
+--
+-- 'pageSize', 'listPolicies_pageSize' - The result page size.
+newListPolicies ::
+  ListPolicies
+newListPolicies =
+  ListPolicies'
+    { ascendingOrder = Prelude.Nothing,
+      marker = Prelude.Nothing,
+      pageSize = Prelude.Nothing
+    }
+
+-- | Specifies the order for results. If true, the results are returned in
+-- ascending creation order.
+listPolicies_ascendingOrder :: Lens.Lens' ListPolicies (Prelude.Maybe Prelude.Bool)
+listPolicies_ascendingOrder = Lens.lens (\ListPolicies' {ascendingOrder} -> ascendingOrder) (\s@ListPolicies' {} a -> s {ascendingOrder = a} :: ListPolicies)
+
+-- | The marker for the next set of results.
+listPolicies_marker :: Lens.Lens' ListPolicies (Prelude.Maybe Prelude.Text)
+listPolicies_marker = Lens.lens (\ListPolicies' {marker} -> marker) (\s@ListPolicies' {} a -> s {marker = a} :: ListPolicies)
+
+-- | The result page size.
+listPolicies_pageSize :: Lens.Lens' ListPolicies (Prelude.Maybe Prelude.Natural)
+listPolicies_pageSize = Lens.lens (\ListPolicies' {pageSize} -> pageSize) (\s@ListPolicies' {} a -> s {pageSize = a} :: ListPolicies)
+
+instance Core.AWSPager ListPolicies where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listPoliciesResponse_nextMarker
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listPoliciesResponse_policies
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listPolicies_marker
+          Lens..~ rs
+          Lens.^? listPoliciesResponse_nextMarker
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListPolicies where
+  type AWSResponse ListPolicies = ListPoliciesResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListPoliciesResponse'
+            Prelude.<$> (x Data..?> "nextMarker")
+            Prelude.<*> (x Data..?> "policies" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListPolicies where
+  hashWithSalt _salt ListPolicies' {..} =
+    _salt
+      `Prelude.hashWithSalt` ascendingOrder
+      `Prelude.hashWithSalt` marker
+      `Prelude.hashWithSalt` pageSize
+
+instance Prelude.NFData ListPolicies where
+  rnf ListPolicies' {..} =
+    Prelude.rnf ascendingOrder
+      `Prelude.seq` Prelude.rnf marker
+      `Prelude.seq` Prelude.rnf pageSize
+
+instance Data.ToHeaders ListPolicies where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListPolicies where
+  toPath = Prelude.const "/policies"
+
+instance Data.ToQuery ListPolicies where
+  toQuery ListPolicies' {..} =
+    Prelude.mconcat
+      [ "isAscendingOrder" Data.=: ascendingOrder,
+        "marker" Data.=: marker,
+        "pageSize" Data.=: pageSize
+      ]
+
+-- | The output from the ListPolicies operation.
+--
+-- /See:/ 'newListPoliciesResponse' smart constructor.
+data ListPoliciesResponse = ListPoliciesResponse'
+  { -- | The marker for the next set of results, or null if there are no
+    -- additional results.
+    nextMarker :: Prelude.Maybe Prelude.Text,
+    -- | The descriptions of the policies.
+    policies :: Prelude.Maybe [Policy],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListPoliciesResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextMarker', 'listPoliciesResponse_nextMarker' - The marker for the next set of results, or null if there are no
+-- additional results.
+--
+-- 'policies', 'listPoliciesResponse_policies' - The descriptions of the policies.
+--
+-- 'httpStatus', 'listPoliciesResponse_httpStatus' - The response's http status code.
+newListPoliciesResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListPoliciesResponse
+newListPoliciesResponse pHttpStatus_ =
+  ListPoliciesResponse'
+    { nextMarker = Prelude.Nothing,
+      policies = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The marker for the next set of results, or null if there are no
+-- additional results.
+listPoliciesResponse_nextMarker :: Lens.Lens' ListPoliciesResponse (Prelude.Maybe Prelude.Text)
+listPoliciesResponse_nextMarker = Lens.lens (\ListPoliciesResponse' {nextMarker} -> nextMarker) (\s@ListPoliciesResponse' {} a -> s {nextMarker = a} :: ListPoliciesResponse)
+
+-- | The descriptions of the policies.
+listPoliciesResponse_policies :: Lens.Lens' ListPoliciesResponse (Prelude.Maybe [Policy])
+listPoliciesResponse_policies = Lens.lens (\ListPoliciesResponse' {policies} -> policies) (\s@ListPoliciesResponse' {} a -> s {policies = a} :: ListPoliciesResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listPoliciesResponse_httpStatus :: Lens.Lens' ListPoliciesResponse Prelude.Int
+listPoliciesResponse_httpStatus = Lens.lens (\ListPoliciesResponse' {httpStatus} -> httpStatus) (\s@ListPoliciesResponse' {} a -> s {httpStatus = a} :: ListPoliciesResponse)
+
+instance Prelude.NFData ListPoliciesResponse where
+  rnf ListPoliciesResponse' {..} =
+    Prelude.rnf nextMarker
+      `Prelude.seq` Prelude.rnf policies
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListPolicyVersions.hs b/gen/Amazonka/IoT/ListPolicyVersions.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListPolicyVersions.hs
@@ -0,0 +1,160 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListPolicyVersions
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the versions of the specified policy and identifies the default
+-- version.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListPolicyVersions>
+-- action.
+module Amazonka.IoT.ListPolicyVersions
+  ( -- * Creating a Request
+    ListPolicyVersions (..),
+    newListPolicyVersions,
+
+    -- * Request Lenses
+    listPolicyVersions_policyName,
+
+    -- * Destructuring the Response
+    ListPolicyVersionsResponse (..),
+    newListPolicyVersionsResponse,
+
+    -- * Response Lenses
+    listPolicyVersionsResponse_policyVersions,
+    listPolicyVersionsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the ListPolicyVersions operation.
+--
+-- /See:/ 'newListPolicyVersions' smart constructor.
+data ListPolicyVersions = ListPolicyVersions'
+  { -- | The policy name.
+    policyName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListPolicyVersions' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'policyName', 'listPolicyVersions_policyName' - The policy name.
+newListPolicyVersions ::
+  -- | 'policyName'
+  Prelude.Text ->
+  ListPolicyVersions
+newListPolicyVersions pPolicyName_ =
+  ListPolicyVersions' {policyName = pPolicyName_}
+
+-- | The policy name.
+listPolicyVersions_policyName :: Lens.Lens' ListPolicyVersions Prelude.Text
+listPolicyVersions_policyName = Lens.lens (\ListPolicyVersions' {policyName} -> policyName) (\s@ListPolicyVersions' {} a -> s {policyName = a} :: ListPolicyVersions)
+
+instance Core.AWSRequest ListPolicyVersions where
+  type
+    AWSResponse ListPolicyVersions =
+      ListPolicyVersionsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListPolicyVersionsResponse'
+            Prelude.<$> (x Data..?> "policyVersions" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListPolicyVersions where
+  hashWithSalt _salt ListPolicyVersions' {..} =
+    _salt `Prelude.hashWithSalt` policyName
+
+instance Prelude.NFData ListPolicyVersions where
+  rnf ListPolicyVersions' {..} = Prelude.rnf policyName
+
+instance Data.ToHeaders ListPolicyVersions where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListPolicyVersions where
+  toPath ListPolicyVersions' {..} =
+    Prelude.mconcat
+      ["/policies/", Data.toBS policyName, "/version"]
+
+instance Data.ToQuery ListPolicyVersions where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | The output from the ListPolicyVersions operation.
+--
+-- /See:/ 'newListPolicyVersionsResponse' smart constructor.
+data ListPolicyVersionsResponse = ListPolicyVersionsResponse'
+  { -- | The policy versions.
+    policyVersions :: Prelude.Maybe [PolicyVersion],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListPolicyVersionsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'policyVersions', 'listPolicyVersionsResponse_policyVersions' - The policy versions.
+--
+-- 'httpStatus', 'listPolicyVersionsResponse_httpStatus' - The response's http status code.
+newListPolicyVersionsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListPolicyVersionsResponse
+newListPolicyVersionsResponse pHttpStatus_ =
+  ListPolicyVersionsResponse'
+    { policyVersions =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The policy versions.
+listPolicyVersionsResponse_policyVersions :: Lens.Lens' ListPolicyVersionsResponse (Prelude.Maybe [PolicyVersion])
+listPolicyVersionsResponse_policyVersions = Lens.lens (\ListPolicyVersionsResponse' {policyVersions} -> policyVersions) (\s@ListPolicyVersionsResponse' {} a -> s {policyVersions = a} :: ListPolicyVersionsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listPolicyVersionsResponse_httpStatus :: Lens.Lens' ListPolicyVersionsResponse Prelude.Int
+listPolicyVersionsResponse_httpStatus = Lens.lens (\ListPolicyVersionsResponse' {httpStatus} -> httpStatus) (\s@ListPolicyVersionsResponse' {} a -> s {httpStatus = a} :: ListPolicyVersionsResponse)
+
+instance Prelude.NFData ListPolicyVersionsResponse where
+  rnf ListPolicyVersionsResponse' {..} =
+    Prelude.rnf policyVersions
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListPrincipalThings.hs b/gen/Amazonka/IoT/ListPrincipalThings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListPrincipalThings.hs
@@ -0,0 +1,238 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListPrincipalThings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the things associated with the specified principal. A principal
+-- can be X.509 certificates, IAM users, groups, and roles, Amazon Cognito
+-- identities or federated identities.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListPrincipalThings>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListPrincipalThings
+  ( -- * Creating a Request
+    ListPrincipalThings (..),
+    newListPrincipalThings,
+
+    -- * Request Lenses
+    listPrincipalThings_maxResults,
+    listPrincipalThings_nextToken,
+    listPrincipalThings_principal,
+
+    -- * Destructuring the Response
+    ListPrincipalThingsResponse (..),
+    newListPrincipalThingsResponse,
+
+    -- * Response Lenses
+    listPrincipalThingsResponse_nextToken,
+    listPrincipalThingsResponse_things,
+    listPrincipalThingsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the ListPrincipalThings operation.
+--
+-- /See:/ 'newListPrincipalThings' smart constructor.
+data ListPrincipalThings = ListPrincipalThings'
+  { -- | The maximum number of results to return in this operation.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | To retrieve the next set of results, the @nextToken@ value from a
+    -- previous response; otherwise __null__ to receive the first set of
+    -- results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The principal.
+    principal :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListPrincipalThings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listPrincipalThings_maxResults' - The maximum number of results to return in this operation.
+--
+-- 'nextToken', 'listPrincipalThings_nextToken' - To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+--
+-- 'principal', 'listPrincipalThings_principal' - The principal.
+newListPrincipalThings ::
+  -- | 'principal'
+  Prelude.Text ->
+  ListPrincipalThings
+newListPrincipalThings pPrincipal_ =
+  ListPrincipalThings'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      principal = pPrincipal_
+    }
+
+-- | The maximum number of results to return in this operation.
+listPrincipalThings_maxResults :: Lens.Lens' ListPrincipalThings (Prelude.Maybe Prelude.Natural)
+listPrincipalThings_maxResults = Lens.lens (\ListPrincipalThings' {maxResults} -> maxResults) (\s@ListPrincipalThings' {} a -> s {maxResults = a} :: ListPrincipalThings)
+
+-- | To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+listPrincipalThings_nextToken :: Lens.Lens' ListPrincipalThings (Prelude.Maybe Prelude.Text)
+listPrincipalThings_nextToken = Lens.lens (\ListPrincipalThings' {nextToken} -> nextToken) (\s@ListPrincipalThings' {} a -> s {nextToken = a} :: ListPrincipalThings)
+
+-- | The principal.
+listPrincipalThings_principal :: Lens.Lens' ListPrincipalThings Prelude.Text
+listPrincipalThings_principal = Lens.lens (\ListPrincipalThings' {principal} -> principal) (\s@ListPrincipalThings' {} a -> s {principal = a} :: ListPrincipalThings)
+
+instance Core.AWSPager ListPrincipalThings where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listPrincipalThingsResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listPrincipalThingsResponse_things
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listPrincipalThings_nextToken
+          Lens..~ rs
+          Lens.^? listPrincipalThingsResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListPrincipalThings where
+  type
+    AWSResponse ListPrincipalThings =
+      ListPrincipalThingsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListPrincipalThingsResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (x Data..?> "things" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListPrincipalThings where
+  hashWithSalt _salt ListPrincipalThings' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` principal
+
+instance Prelude.NFData ListPrincipalThings where
+  rnf ListPrincipalThings' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf principal
+
+instance Data.ToHeaders ListPrincipalThings where
+  toHeaders ListPrincipalThings' {..} =
+    Prelude.mconcat
+      ["x-amzn-principal" Data.=# principal]
+
+instance Data.ToPath ListPrincipalThings where
+  toPath = Prelude.const "/principals/things"
+
+instance Data.ToQuery ListPrincipalThings where
+  toQuery ListPrincipalThings' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken
+      ]
+
+-- | The output from the ListPrincipalThings operation.
+--
+-- /See:/ 'newListPrincipalThingsResponse' smart constructor.
+data ListPrincipalThingsResponse = ListPrincipalThingsResponse'
+  { -- | The token to use to get the next set of results, or __null__ if there
+    -- are no additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The things.
+    things :: Prelude.Maybe [Prelude.Text],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListPrincipalThingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listPrincipalThingsResponse_nextToken' - The token to use to get the next set of results, or __null__ if there
+-- are no additional results.
+--
+-- 'things', 'listPrincipalThingsResponse_things' - The things.
+--
+-- 'httpStatus', 'listPrincipalThingsResponse_httpStatus' - The response's http status code.
+newListPrincipalThingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListPrincipalThingsResponse
+newListPrincipalThingsResponse pHttpStatus_ =
+  ListPrincipalThingsResponse'
+    { nextToken =
+        Prelude.Nothing,
+      things = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The token to use to get the next set of results, or __null__ if there
+-- are no additional results.
+listPrincipalThingsResponse_nextToken :: Lens.Lens' ListPrincipalThingsResponse (Prelude.Maybe Prelude.Text)
+listPrincipalThingsResponse_nextToken = Lens.lens (\ListPrincipalThingsResponse' {nextToken} -> nextToken) (\s@ListPrincipalThingsResponse' {} a -> s {nextToken = a} :: ListPrincipalThingsResponse)
+
+-- | The things.
+listPrincipalThingsResponse_things :: Lens.Lens' ListPrincipalThingsResponse (Prelude.Maybe [Prelude.Text])
+listPrincipalThingsResponse_things = Lens.lens (\ListPrincipalThingsResponse' {things} -> things) (\s@ListPrincipalThingsResponse' {} a -> s {things = a} :: ListPrincipalThingsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listPrincipalThingsResponse_httpStatus :: Lens.Lens' ListPrincipalThingsResponse Prelude.Int
+listPrincipalThingsResponse_httpStatus = Lens.lens (\ListPrincipalThingsResponse' {httpStatus} -> httpStatus) (\s@ListPrincipalThingsResponse' {} a -> s {httpStatus = a} :: ListPrincipalThingsResponse)
+
+instance Prelude.NFData ListPrincipalThingsResponse where
+  rnf ListPrincipalThingsResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf things
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListProvisioningTemplateVersions.hs b/gen/Amazonka/IoT/ListProvisioningTemplateVersions.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListProvisioningTemplateVersions.hs
@@ -0,0 +1,251 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListProvisioningTemplateVersions
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- A list of provisioning template versions.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListProvisioningTemplateVersions>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListProvisioningTemplateVersions
+  ( -- * Creating a Request
+    ListProvisioningTemplateVersions (..),
+    newListProvisioningTemplateVersions,
+
+    -- * Request Lenses
+    listProvisioningTemplateVersions_maxResults,
+    listProvisioningTemplateVersions_nextToken,
+    listProvisioningTemplateVersions_templateName,
+
+    -- * Destructuring the Response
+    ListProvisioningTemplateVersionsResponse (..),
+    newListProvisioningTemplateVersionsResponse,
+
+    -- * Response Lenses
+    listProvisioningTemplateVersionsResponse_nextToken,
+    listProvisioningTemplateVersionsResponse_versions,
+    listProvisioningTemplateVersionsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListProvisioningTemplateVersions' smart constructor.
+data ListProvisioningTemplateVersions = ListProvisioningTemplateVersions'
+  { -- | The maximum number of results to return at one time.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | A token to retrieve the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The name of the provisioning template.
+    templateName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListProvisioningTemplateVersions' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listProvisioningTemplateVersions_maxResults' - The maximum number of results to return at one time.
+--
+-- 'nextToken', 'listProvisioningTemplateVersions_nextToken' - A token to retrieve the next set of results.
+--
+-- 'templateName', 'listProvisioningTemplateVersions_templateName' - The name of the provisioning template.
+newListProvisioningTemplateVersions ::
+  -- | 'templateName'
+  Prelude.Text ->
+  ListProvisioningTemplateVersions
+newListProvisioningTemplateVersions pTemplateName_ =
+  ListProvisioningTemplateVersions'
+    { maxResults =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      templateName = pTemplateName_
+    }
+
+-- | The maximum number of results to return at one time.
+listProvisioningTemplateVersions_maxResults :: Lens.Lens' ListProvisioningTemplateVersions (Prelude.Maybe Prelude.Natural)
+listProvisioningTemplateVersions_maxResults = Lens.lens (\ListProvisioningTemplateVersions' {maxResults} -> maxResults) (\s@ListProvisioningTemplateVersions' {} a -> s {maxResults = a} :: ListProvisioningTemplateVersions)
+
+-- | A token to retrieve the next set of results.
+listProvisioningTemplateVersions_nextToken :: Lens.Lens' ListProvisioningTemplateVersions (Prelude.Maybe Prelude.Text)
+listProvisioningTemplateVersions_nextToken = Lens.lens (\ListProvisioningTemplateVersions' {nextToken} -> nextToken) (\s@ListProvisioningTemplateVersions' {} a -> s {nextToken = a} :: ListProvisioningTemplateVersions)
+
+-- | The name of the provisioning template.
+listProvisioningTemplateVersions_templateName :: Lens.Lens' ListProvisioningTemplateVersions Prelude.Text
+listProvisioningTemplateVersions_templateName = Lens.lens (\ListProvisioningTemplateVersions' {templateName} -> templateName) (\s@ListProvisioningTemplateVersions' {} a -> s {templateName = a} :: ListProvisioningTemplateVersions)
+
+instance
+  Core.AWSPager
+    ListProvisioningTemplateVersions
+  where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listProvisioningTemplateVersionsResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listProvisioningTemplateVersionsResponse_versions
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listProvisioningTemplateVersions_nextToken
+          Lens..~ rs
+          Lens.^? listProvisioningTemplateVersionsResponse_nextToken
+          Prelude.. Lens._Just
+
+instance
+  Core.AWSRequest
+    ListProvisioningTemplateVersions
+  where
+  type
+    AWSResponse ListProvisioningTemplateVersions =
+      ListProvisioningTemplateVersionsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListProvisioningTemplateVersionsResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (x Data..?> "versions" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    ListProvisioningTemplateVersions
+  where
+  hashWithSalt
+    _salt
+    ListProvisioningTemplateVersions' {..} =
+      _salt
+        `Prelude.hashWithSalt` maxResults
+        `Prelude.hashWithSalt` nextToken
+        `Prelude.hashWithSalt` templateName
+
+instance
+  Prelude.NFData
+    ListProvisioningTemplateVersions
+  where
+  rnf ListProvisioningTemplateVersions' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf templateName
+
+instance
+  Data.ToHeaders
+    ListProvisioningTemplateVersions
+  where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListProvisioningTemplateVersions where
+  toPath ListProvisioningTemplateVersions' {..} =
+    Prelude.mconcat
+      [ "/provisioning-templates/",
+        Data.toBS templateName,
+        "/versions"
+      ]
+
+instance
+  Data.ToQuery
+    ListProvisioningTemplateVersions
+  where
+  toQuery ListProvisioningTemplateVersions' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken
+      ]
+
+-- | /See:/ 'newListProvisioningTemplateVersionsResponse' smart constructor.
+data ListProvisioningTemplateVersionsResponse = ListProvisioningTemplateVersionsResponse'
+  { -- | A token to retrieve the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The list of provisioning template versions.
+    versions :: Prelude.Maybe [ProvisioningTemplateVersionSummary],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListProvisioningTemplateVersionsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listProvisioningTemplateVersionsResponse_nextToken' - A token to retrieve the next set of results.
+--
+-- 'versions', 'listProvisioningTemplateVersionsResponse_versions' - The list of provisioning template versions.
+--
+-- 'httpStatus', 'listProvisioningTemplateVersionsResponse_httpStatus' - The response's http status code.
+newListProvisioningTemplateVersionsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListProvisioningTemplateVersionsResponse
+newListProvisioningTemplateVersionsResponse
+  pHttpStatus_ =
+    ListProvisioningTemplateVersionsResponse'
+      { nextToken =
+          Prelude.Nothing,
+        versions = Prelude.Nothing,
+        httpStatus = pHttpStatus_
+      }
+
+-- | A token to retrieve the next set of results.
+listProvisioningTemplateVersionsResponse_nextToken :: Lens.Lens' ListProvisioningTemplateVersionsResponse (Prelude.Maybe Prelude.Text)
+listProvisioningTemplateVersionsResponse_nextToken = Lens.lens (\ListProvisioningTemplateVersionsResponse' {nextToken} -> nextToken) (\s@ListProvisioningTemplateVersionsResponse' {} a -> s {nextToken = a} :: ListProvisioningTemplateVersionsResponse)
+
+-- | The list of provisioning template versions.
+listProvisioningTemplateVersionsResponse_versions :: Lens.Lens' ListProvisioningTemplateVersionsResponse (Prelude.Maybe [ProvisioningTemplateVersionSummary])
+listProvisioningTemplateVersionsResponse_versions = Lens.lens (\ListProvisioningTemplateVersionsResponse' {versions} -> versions) (\s@ListProvisioningTemplateVersionsResponse' {} a -> s {versions = a} :: ListProvisioningTemplateVersionsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listProvisioningTemplateVersionsResponse_httpStatus :: Lens.Lens' ListProvisioningTemplateVersionsResponse Prelude.Int
+listProvisioningTemplateVersionsResponse_httpStatus = Lens.lens (\ListProvisioningTemplateVersionsResponse' {httpStatus} -> httpStatus) (\s@ListProvisioningTemplateVersionsResponse' {} a -> s {httpStatus = a} :: ListProvisioningTemplateVersionsResponse)
+
+instance
+  Prelude.NFData
+    ListProvisioningTemplateVersionsResponse
+  where
+  rnf ListProvisioningTemplateVersionsResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf versions
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListProvisioningTemplates.hs b/gen/Amazonka/IoT/ListProvisioningTemplates.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListProvisioningTemplates.hs
@@ -0,0 +1,211 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListProvisioningTemplates
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the provisioning templates in your Amazon Web Services account.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListProvisioningTemplates>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListProvisioningTemplates
+  ( -- * Creating a Request
+    ListProvisioningTemplates (..),
+    newListProvisioningTemplates,
+
+    -- * Request Lenses
+    listProvisioningTemplates_maxResults,
+    listProvisioningTemplates_nextToken,
+
+    -- * Destructuring the Response
+    ListProvisioningTemplatesResponse (..),
+    newListProvisioningTemplatesResponse,
+
+    -- * Response Lenses
+    listProvisioningTemplatesResponse_nextToken,
+    listProvisioningTemplatesResponse_templates,
+    listProvisioningTemplatesResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListProvisioningTemplates' smart constructor.
+data ListProvisioningTemplates = ListProvisioningTemplates'
+  { -- | The maximum number of results to return at one time.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | A token to retrieve the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListProvisioningTemplates' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listProvisioningTemplates_maxResults' - The maximum number of results to return at one time.
+--
+-- 'nextToken', 'listProvisioningTemplates_nextToken' - A token to retrieve the next set of results.
+newListProvisioningTemplates ::
+  ListProvisioningTemplates
+newListProvisioningTemplates =
+  ListProvisioningTemplates'
+    { maxResults =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing
+    }
+
+-- | The maximum number of results to return at one time.
+listProvisioningTemplates_maxResults :: Lens.Lens' ListProvisioningTemplates (Prelude.Maybe Prelude.Natural)
+listProvisioningTemplates_maxResults = Lens.lens (\ListProvisioningTemplates' {maxResults} -> maxResults) (\s@ListProvisioningTemplates' {} a -> s {maxResults = a} :: ListProvisioningTemplates)
+
+-- | A token to retrieve the next set of results.
+listProvisioningTemplates_nextToken :: Lens.Lens' ListProvisioningTemplates (Prelude.Maybe Prelude.Text)
+listProvisioningTemplates_nextToken = Lens.lens (\ListProvisioningTemplates' {nextToken} -> nextToken) (\s@ListProvisioningTemplates' {} a -> s {nextToken = a} :: ListProvisioningTemplates)
+
+instance Core.AWSPager ListProvisioningTemplates where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listProvisioningTemplatesResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listProvisioningTemplatesResponse_templates
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listProvisioningTemplates_nextToken
+          Lens..~ rs
+          Lens.^? listProvisioningTemplatesResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListProvisioningTemplates where
+  type
+    AWSResponse ListProvisioningTemplates =
+      ListProvisioningTemplatesResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListProvisioningTemplatesResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (x Data..?> "templates" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListProvisioningTemplates where
+  hashWithSalt _salt ListProvisioningTemplates' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+
+instance Prelude.NFData ListProvisioningTemplates where
+  rnf ListProvisioningTemplates' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+
+instance Data.ToHeaders ListProvisioningTemplates where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListProvisioningTemplates where
+  toPath = Prelude.const "/provisioning-templates"
+
+instance Data.ToQuery ListProvisioningTemplates where
+  toQuery ListProvisioningTemplates' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken
+      ]
+
+-- | /See:/ 'newListProvisioningTemplatesResponse' smart constructor.
+data ListProvisioningTemplatesResponse = ListProvisioningTemplatesResponse'
+  { -- | A token to retrieve the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | A list of provisioning templates
+    templates :: Prelude.Maybe [ProvisioningTemplateSummary],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListProvisioningTemplatesResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listProvisioningTemplatesResponse_nextToken' - A token to retrieve the next set of results.
+--
+-- 'templates', 'listProvisioningTemplatesResponse_templates' - A list of provisioning templates
+--
+-- 'httpStatus', 'listProvisioningTemplatesResponse_httpStatus' - The response's http status code.
+newListProvisioningTemplatesResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListProvisioningTemplatesResponse
+newListProvisioningTemplatesResponse pHttpStatus_ =
+  ListProvisioningTemplatesResponse'
+    { nextToken =
+        Prelude.Nothing,
+      templates = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | A token to retrieve the next set of results.
+listProvisioningTemplatesResponse_nextToken :: Lens.Lens' ListProvisioningTemplatesResponse (Prelude.Maybe Prelude.Text)
+listProvisioningTemplatesResponse_nextToken = Lens.lens (\ListProvisioningTemplatesResponse' {nextToken} -> nextToken) (\s@ListProvisioningTemplatesResponse' {} a -> s {nextToken = a} :: ListProvisioningTemplatesResponse)
+
+-- | A list of provisioning templates
+listProvisioningTemplatesResponse_templates :: Lens.Lens' ListProvisioningTemplatesResponse (Prelude.Maybe [ProvisioningTemplateSummary])
+listProvisioningTemplatesResponse_templates = Lens.lens (\ListProvisioningTemplatesResponse' {templates} -> templates) (\s@ListProvisioningTemplatesResponse' {} a -> s {templates = a} :: ListProvisioningTemplatesResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listProvisioningTemplatesResponse_httpStatus :: Lens.Lens' ListProvisioningTemplatesResponse Prelude.Int
+listProvisioningTemplatesResponse_httpStatus = Lens.lens (\ListProvisioningTemplatesResponse' {httpStatus} -> httpStatus) (\s@ListProvisioningTemplatesResponse' {} a -> s {httpStatus = a} :: ListProvisioningTemplatesResponse)
+
+instance
+  Prelude.NFData
+    ListProvisioningTemplatesResponse
+  where
+  rnf ListProvisioningTemplatesResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf templates
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListRelatedResourcesForAuditFinding.hs b/gen/Amazonka/IoT/ListRelatedResourcesForAuditFinding.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListRelatedResourcesForAuditFinding.hs
@@ -0,0 +1,256 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListRelatedResourcesForAuditFinding
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- The related resources of an Audit finding. The following resources can
+-- be returned from calling this API:
+--
+-- -   DEVICE_CERTIFICATE
+--
+-- -   CA_CERTIFICATE
+--
+-- -   IOT_POLICY
+--
+-- -   COGNITO_IDENTITY_POOL
+--
+-- -   CLIENT_ID
+--
+-- -   ACCOUNT_SETTINGS
+--
+-- -   ROLE_ALIAS
+--
+-- -   IAM_ROLE
+--
+-- -   ISSUER_CERTIFICATE
+--
+-- This API is similar to DescribeAuditFinding\'s
+-- <https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeAuditFinding.html RelatedResources>
+-- but provides pagination and is not limited to 10 resources. When calling
+-- <https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeAuditFinding.html DescribeAuditFinding>
+-- for the intermediate CA revoked for active device certificates check,
+-- RelatedResources will not be populated. You must use this API,
+-- ListRelatedResourcesForAuditFinding, to list the certificates.
+module Amazonka.IoT.ListRelatedResourcesForAuditFinding
+  ( -- * Creating a Request
+    ListRelatedResourcesForAuditFinding (..),
+    newListRelatedResourcesForAuditFinding,
+
+    -- * Request Lenses
+    listRelatedResourcesForAuditFinding_maxResults,
+    listRelatedResourcesForAuditFinding_nextToken,
+    listRelatedResourcesForAuditFinding_findingId,
+
+    -- * Destructuring the Response
+    ListRelatedResourcesForAuditFindingResponse (..),
+    newListRelatedResourcesForAuditFindingResponse,
+
+    -- * Response Lenses
+    listRelatedResourcesForAuditFindingResponse_nextToken,
+    listRelatedResourcesForAuditFindingResponse_relatedResources,
+    listRelatedResourcesForAuditFindingResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListRelatedResourcesForAuditFinding' smart constructor.
+data ListRelatedResourcesForAuditFinding = ListRelatedResourcesForAuditFinding'
+  { -- | The maximum number of results to return at one time.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | A token that can be used to retrieve the next set of results, or @null@
+    -- if there are no additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The finding Id.
+    findingId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListRelatedResourcesForAuditFinding' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listRelatedResourcesForAuditFinding_maxResults' - The maximum number of results to return at one time.
+--
+-- 'nextToken', 'listRelatedResourcesForAuditFinding_nextToken' - A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+--
+-- 'findingId', 'listRelatedResourcesForAuditFinding_findingId' - The finding Id.
+newListRelatedResourcesForAuditFinding ::
+  -- | 'findingId'
+  Prelude.Text ->
+  ListRelatedResourcesForAuditFinding
+newListRelatedResourcesForAuditFinding pFindingId_ =
+  ListRelatedResourcesForAuditFinding'
+    { maxResults =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      findingId = pFindingId_
+    }
+
+-- | The maximum number of results to return at one time.
+listRelatedResourcesForAuditFinding_maxResults :: Lens.Lens' ListRelatedResourcesForAuditFinding (Prelude.Maybe Prelude.Natural)
+listRelatedResourcesForAuditFinding_maxResults = Lens.lens (\ListRelatedResourcesForAuditFinding' {maxResults} -> maxResults) (\s@ListRelatedResourcesForAuditFinding' {} a -> s {maxResults = a} :: ListRelatedResourcesForAuditFinding)
+
+-- | A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+listRelatedResourcesForAuditFinding_nextToken :: Lens.Lens' ListRelatedResourcesForAuditFinding (Prelude.Maybe Prelude.Text)
+listRelatedResourcesForAuditFinding_nextToken = Lens.lens (\ListRelatedResourcesForAuditFinding' {nextToken} -> nextToken) (\s@ListRelatedResourcesForAuditFinding' {} a -> s {nextToken = a} :: ListRelatedResourcesForAuditFinding)
+
+-- | The finding Id.
+listRelatedResourcesForAuditFinding_findingId :: Lens.Lens' ListRelatedResourcesForAuditFinding Prelude.Text
+listRelatedResourcesForAuditFinding_findingId = Lens.lens (\ListRelatedResourcesForAuditFinding' {findingId} -> findingId) (\s@ListRelatedResourcesForAuditFinding' {} a -> s {findingId = a} :: ListRelatedResourcesForAuditFinding)
+
+instance
+  Core.AWSRequest
+    ListRelatedResourcesForAuditFinding
+  where
+  type
+    AWSResponse ListRelatedResourcesForAuditFinding =
+      ListRelatedResourcesForAuditFindingResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListRelatedResourcesForAuditFindingResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> ( x
+                            Data..?> "relatedResources"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    ListRelatedResourcesForAuditFinding
+  where
+  hashWithSalt
+    _salt
+    ListRelatedResourcesForAuditFinding' {..} =
+      _salt
+        `Prelude.hashWithSalt` maxResults
+        `Prelude.hashWithSalt` nextToken
+        `Prelude.hashWithSalt` findingId
+
+instance
+  Prelude.NFData
+    ListRelatedResourcesForAuditFinding
+  where
+  rnf ListRelatedResourcesForAuditFinding' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf findingId
+
+instance
+  Data.ToHeaders
+    ListRelatedResourcesForAuditFinding
+  where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance
+  Data.ToPath
+    ListRelatedResourcesForAuditFinding
+  where
+  toPath = Prelude.const "/audit/relatedResources"
+
+instance
+  Data.ToQuery
+    ListRelatedResourcesForAuditFinding
+  where
+  toQuery ListRelatedResourcesForAuditFinding' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken,
+        "findingId" Data.=: findingId
+      ]
+
+-- | /See:/ 'newListRelatedResourcesForAuditFindingResponse' smart constructor.
+data ListRelatedResourcesForAuditFindingResponse = ListRelatedResourcesForAuditFindingResponse'
+  { -- | A token that can be used to retrieve the next set of results, or @null@
+    -- for the first API call.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The related resources.
+    relatedResources :: Prelude.Maybe [RelatedResource],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListRelatedResourcesForAuditFindingResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listRelatedResourcesForAuditFindingResponse_nextToken' - A token that can be used to retrieve the next set of results, or @null@
+-- for the first API call.
+--
+-- 'relatedResources', 'listRelatedResourcesForAuditFindingResponse_relatedResources' - The related resources.
+--
+-- 'httpStatus', 'listRelatedResourcesForAuditFindingResponse_httpStatus' - The response's http status code.
+newListRelatedResourcesForAuditFindingResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListRelatedResourcesForAuditFindingResponse
+newListRelatedResourcesForAuditFindingResponse
+  pHttpStatus_ =
+    ListRelatedResourcesForAuditFindingResponse'
+      { nextToken =
+          Prelude.Nothing,
+        relatedResources =
+          Prelude.Nothing,
+        httpStatus = pHttpStatus_
+      }
+
+-- | A token that can be used to retrieve the next set of results, or @null@
+-- for the first API call.
+listRelatedResourcesForAuditFindingResponse_nextToken :: Lens.Lens' ListRelatedResourcesForAuditFindingResponse (Prelude.Maybe Prelude.Text)
+listRelatedResourcesForAuditFindingResponse_nextToken = Lens.lens (\ListRelatedResourcesForAuditFindingResponse' {nextToken} -> nextToken) (\s@ListRelatedResourcesForAuditFindingResponse' {} a -> s {nextToken = a} :: ListRelatedResourcesForAuditFindingResponse)
+
+-- | The related resources.
+listRelatedResourcesForAuditFindingResponse_relatedResources :: Lens.Lens' ListRelatedResourcesForAuditFindingResponse (Prelude.Maybe [RelatedResource])
+listRelatedResourcesForAuditFindingResponse_relatedResources = Lens.lens (\ListRelatedResourcesForAuditFindingResponse' {relatedResources} -> relatedResources) (\s@ListRelatedResourcesForAuditFindingResponse' {} a -> s {relatedResources = a} :: ListRelatedResourcesForAuditFindingResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listRelatedResourcesForAuditFindingResponse_httpStatus :: Lens.Lens' ListRelatedResourcesForAuditFindingResponse Prelude.Int
+listRelatedResourcesForAuditFindingResponse_httpStatus = Lens.lens (\ListRelatedResourcesForAuditFindingResponse' {httpStatus} -> httpStatus) (\s@ListRelatedResourcesForAuditFindingResponse' {} a -> s {httpStatus = a} :: ListRelatedResourcesForAuditFindingResponse)
+
+instance
+  Prelude.NFData
+    ListRelatedResourcesForAuditFindingResponse
+  where
+  rnf ListRelatedResourcesForAuditFindingResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf relatedResources
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListRoleAliases.hs b/gen/Amazonka/IoT/ListRoleAliases.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListRoleAliases.hs
@@ -0,0 +1,220 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListRoleAliases
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the role aliases registered in your account.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListRoleAliases>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListRoleAliases
+  ( -- * Creating a Request
+    ListRoleAliases (..),
+    newListRoleAliases,
+
+    -- * Request Lenses
+    listRoleAliases_ascendingOrder,
+    listRoleAliases_marker,
+    listRoleAliases_pageSize,
+
+    -- * Destructuring the Response
+    ListRoleAliasesResponse (..),
+    newListRoleAliasesResponse,
+
+    -- * Response Lenses
+    listRoleAliasesResponse_nextMarker,
+    listRoleAliasesResponse_roleAliases,
+    listRoleAliasesResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListRoleAliases' smart constructor.
+data ListRoleAliases = ListRoleAliases'
+  { -- | Return the list of role aliases in ascending alphabetical order.
+    ascendingOrder :: Prelude.Maybe Prelude.Bool,
+    -- | A marker used to get the next set of results.
+    marker :: Prelude.Maybe Prelude.Text,
+    -- | The maximum number of results to return at one time.
+    pageSize :: Prelude.Maybe Prelude.Natural
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListRoleAliases' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'ascendingOrder', 'listRoleAliases_ascendingOrder' - Return the list of role aliases in ascending alphabetical order.
+--
+-- 'marker', 'listRoleAliases_marker' - A marker used to get the next set of results.
+--
+-- 'pageSize', 'listRoleAliases_pageSize' - The maximum number of results to return at one time.
+newListRoleAliases ::
+  ListRoleAliases
+newListRoleAliases =
+  ListRoleAliases'
+    { ascendingOrder = Prelude.Nothing,
+      marker = Prelude.Nothing,
+      pageSize = Prelude.Nothing
+    }
+
+-- | Return the list of role aliases in ascending alphabetical order.
+listRoleAliases_ascendingOrder :: Lens.Lens' ListRoleAliases (Prelude.Maybe Prelude.Bool)
+listRoleAliases_ascendingOrder = Lens.lens (\ListRoleAliases' {ascendingOrder} -> ascendingOrder) (\s@ListRoleAliases' {} a -> s {ascendingOrder = a} :: ListRoleAliases)
+
+-- | A marker used to get the next set of results.
+listRoleAliases_marker :: Lens.Lens' ListRoleAliases (Prelude.Maybe Prelude.Text)
+listRoleAliases_marker = Lens.lens (\ListRoleAliases' {marker} -> marker) (\s@ListRoleAliases' {} a -> s {marker = a} :: ListRoleAliases)
+
+-- | The maximum number of results to return at one time.
+listRoleAliases_pageSize :: Lens.Lens' ListRoleAliases (Prelude.Maybe Prelude.Natural)
+listRoleAliases_pageSize = Lens.lens (\ListRoleAliases' {pageSize} -> pageSize) (\s@ListRoleAliases' {} a -> s {pageSize = a} :: ListRoleAliases)
+
+instance Core.AWSPager ListRoleAliases where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listRoleAliasesResponse_nextMarker
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listRoleAliasesResponse_roleAliases
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listRoleAliases_marker
+          Lens..~ rs
+          Lens.^? listRoleAliasesResponse_nextMarker
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListRoleAliases where
+  type
+    AWSResponse ListRoleAliases =
+      ListRoleAliasesResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListRoleAliasesResponse'
+            Prelude.<$> (x Data..?> "nextMarker")
+            Prelude.<*> (x Data..?> "roleAliases" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListRoleAliases where
+  hashWithSalt _salt ListRoleAliases' {..} =
+    _salt
+      `Prelude.hashWithSalt` ascendingOrder
+      `Prelude.hashWithSalt` marker
+      `Prelude.hashWithSalt` pageSize
+
+instance Prelude.NFData ListRoleAliases where
+  rnf ListRoleAliases' {..} =
+    Prelude.rnf ascendingOrder
+      `Prelude.seq` Prelude.rnf marker
+      `Prelude.seq` Prelude.rnf pageSize
+
+instance Data.ToHeaders ListRoleAliases where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListRoleAliases where
+  toPath = Prelude.const "/role-aliases"
+
+instance Data.ToQuery ListRoleAliases where
+  toQuery ListRoleAliases' {..} =
+    Prelude.mconcat
+      [ "isAscendingOrder" Data.=: ascendingOrder,
+        "marker" Data.=: marker,
+        "pageSize" Data.=: pageSize
+      ]
+
+-- | /See:/ 'newListRoleAliasesResponse' smart constructor.
+data ListRoleAliasesResponse = ListRoleAliasesResponse'
+  { -- | A marker used to get the next set of results.
+    nextMarker :: Prelude.Maybe Prelude.Text,
+    -- | The role aliases.
+    roleAliases :: Prelude.Maybe [Prelude.Text],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListRoleAliasesResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextMarker', 'listRoleAliasesResponse_nextMarker' - A marker used to get the next set of results.
+--
+-- 'roleAliases', 'listRoleAliasesResponse_roleAliases' - The role aliases.
+--
+-- 'httpStatus', 'listRoleAliasesResponse_httpStatus' - The response's http status code.
+newListRoleAliasesResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListRoleAliasesResponse
+newListRoleAliasesResponse pHttpStatus_ =
+  ListRoleAliasesResponse'
+    { nextMarker =
+        Prelude.Nothing,
+      roleAliases = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | A marker used to get the next set of results.
+listRoleAliasesResponse_nextMarker :: Lens.Lens' ListRoleAliasesResponse (Prelude.Maybe Prelude.Text)
+listRoleAliasesResponse_nextMarker = Lens.lens (\ListRoleAliasesResponse' {nextMarker} -> nextMarker) (\s@ListRoleAliasesResponse' {} a -> s {nextMarker = a} :: ListRoleAliasesResponse)
+
+-- | The role aliases.
+listRoleAliasesResponse_roleAliases :: Lens.Lens' ListRoleAliasesResponse (Prelude.Maybe [Prelude.Text])
+listRoleAliasesResponse_roleAliases = Lens.lens (\ListRoleAliasesResponse' {roleAliases} -> roleAliases) (\s@ListRoleAliasesResponse' {} a -> s {roleAliases = a} :: ListRoleAliasesResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listRoleAliasesResponse_httpStatus :: Lens.Lens' ListRoleAliasesResponse Prelude.Int
+listRoleAliasesResponse_httpStatus = Lens.lens (\ListRoleAliasesResponse' {httpStatus} -> httpStatus) (\s@ListRoleAliasesResponse' {} a -> s {httpStatus = a} :: ListRoleAliasesResponse)
+
+instance Prelude.NFData ListRoleAliasesResponse where
+  rnf ListRoleAliasesResponse' {..} =
+    Prelude.rnf nextMarker
+      `Prelude.seq` Prelude.rnf roleAliases
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListScheduledAudits.hs b/gen/Amazonka/IoT/ListScheduledAudits.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListScheduledAudits.hs
@@ -0,0 +1,213 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListScheduledAudits
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists all of your scheduled audits.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListScheduledAudits>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListScheduledAudits
+  ( -- * Creating a Request
+    ListScheduledAudits (..),
+    newListScheduledAudits,
+
+    -- * Request Lenses
+    listScheduledAudits_maxResults,
+    listScheduledAudits_nextToken,
+
+    -- * Destructuring the Response
+    ListScheduledAuditsResponse (..),
+    newListScheduledAuditsResponse,
+
+    -- * Response Lenses
+    listScheduledAuditsResponse_nextToken,
+    listScheduledAuditsResponse_scheduledAudits,
+    listScheduledAuditsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListScheduledAudits' smart constructor.
+data ListScheduledAudits = ListScheduledAudits'
+  { -- | The maximum number of results to return at one time. The default is 25.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The token for the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListScheduledAudits' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listScheduledAudits_maxResults' - The maximum number of results to return at one time. The default is 25.
+--
+-- 'nextToken', 'listScheduledAudits_nextToken' - The token for the next set of results.
+newListScheduledAudits ::
+  ListScheduledAudits
+newListScheduledAudits =
+  ListScheduledAudits'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing
+    }
+
+-- | The maximum number of results to return at one time. The default is 25.
+listScheduledAudits_maxResults :: Lens.Lens' ListScheduledAudits (Prelude.Maybe Prelude.Natural)
+listScheduledAudits_maxResults = Lens.lens (\ListScheduledAudits' {maxResults} -> maxResults) (\s@ListScheduledAudits' {} a -> s {maxResults = a} :: ListScheduledAudits)
+
+-- | The token for the next set of results.
+listScheduledAudits_nextToken :: Lens.Lens' ListScheduledAudits (Prelude.Maybe Prelude.Text)
+listScheduledAudits_nextToken = Lens.lens (\ListScheduledAudits' {nextToken} -> nextToken) (\s@ListScheduledAudits' {} a -> s {nextToken = a} :: ListScheduledAudits)
+
+instance Core.AWSPager ListScheduledAudits where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listScheduledAuditsResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listScheduledAuditsResponse_scheduledAudits
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listScheduledAudits_nextToken
+          Lens..~ rs
+          Lens.^? listScheduledAuditsResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListScheduledAudits where
+  type
+    AWSResponse ListScheduledAudits =
+      ListScheduledAuditsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListScheduledAuditsResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> ( x
+                            Data..?> "scheduledAudits"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListScheduledAudits where
+  hashWithSalt _salt ListScheduledAudits' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+
+instance Prelude.NFData ListScheduledAudits where
+  rnf ListScheduledAudits' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+
+instance Data.ToHeaders ListScheduledAudits where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListScheduledAudits where
+  toPath = Prelude.const "/audit/scheduledaudits"
+
+instance Data.ToQuery ListScheduledAudits where
+  toQuery ListScheduledAudits' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken
+      ]
+
+-- | /See:/ 'newListScheduledAuditsResponse' smart constructor.
+data ListScheduledAuditsResponse = ListScheduledAuditsResponse'
+  { -- | A token that can be used to retrieve the next set of results, or @null@
+    -- if there are no additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The list of scheduled audits.
+    scheduledAudits :: Prelude.Maybe [ScheduledAuditMetadata],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListScheduledAuditsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listScheduledAuditsResponse_nextToken' - A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+--
+-- 'scheduledAudits', 'listScheduledAuditsResponse_scheduledAudits' - The list of scheduled audits.
+--
+-- 'httpStatus', 'listScheduledAuditsResponse_httpStatus' - The response's http status code.
+newListScheduledAuditsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListScheduledAuditsResponse
+newListScheduledAuditsResponse pHttpStatus_ =
+  ListScheduledAuditsResponse'
+    { nextToken =
+        Prelude.Nothing,
+      scheduledAudits = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+listScheduledAuditsResponse_nextToken :: Lens.Lens' ListScheduledAuditsResponse (Prelude.Maybe Prelude.Text)
+listScheduledAuditsResponse_nextToken = Lens.lens (\ListScheduledAuditsResponse' {nextToken} -> nextToken) (\s@ListScheduledAuditsResponse' {} a -> s {nextToken = a} :: ListScheduledAuditsResponse)
+
+-- | The list of scheduled audits.
+listScheduledAuditsResponse_scheduledAudits :: Lens.Lens' ListScheduledAuditsResponse (Prelude.Maybe [ScheduledAuditMetadata])
+listScheduledAuditsResponse_scheduledAudits = Lens.lens (\ListScheduledAuditsResponse' {scheduledAudits} -> scheduledAudits) (\s@ListScheduledAuditsResponse' {} a -> s {scheduledAudits = a} :: ListScheduledAuditsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listScheduledAuditsResponse_httpStatus :: Lens.Lens' ListScheduledAuditsResponse Prelude.Int
+listScheduledAuditsResponse_httpStatus = Lens.lens (\ListScheduledAuditsResponse' {httpStatus} -> httpStatus) (\s@ListScheduledAuditsResponse' {} a -> s {httpStatus = a} :: ListScheduledAuditsResponse)
+
+instance Prelude.NFData ListScheduledAuditsResponse where
+  rnf ListScheduledAuditsResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf scheduledAudits
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListSecurityProfiles.hs b/gen/Amazonka/IoT/ListSecurityProfiles.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListSecurityProfiles.hs
@@ -0,0 +1,246 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListSecurityProfiles
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the Device Defender security profiles you\'ve created. You can
+-- filter security profiles by dimension or custom metric.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListSecurityProfiles>
+-- action.
+--
+-- @dimensionName@ and @metricName@ cannot be used in the same request.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListSecurityProfiles
+  ( -- * Creating a Request
+    ListSecurityProfiles (..),
+    newListSecurityProfiles,
+
+    -- * Request Lenses
+    listSecurityProfiles_dimensionName,
+    listSecurityProfiles_maxResults,
+    listSecurityProfiles_metricName,
+    listSecurityProfiles_nextToken,
+
+    -- * Destructuring the Response
+    ListSecurityProfilesResponse (..),
+    newListSecurityProfilesResponse,
+
+    -- * Response Lenses
+    listSecurityProfilesResponse_nextToken,
+    listSecurityProfilesResponse_securityProfileIdentifiers,
+    listSecurityProfilesResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListSecurityProfiles' smart constructor.
+data ListSecurityProfiles = ListSecurityProfiles'
+  { -- | A filter to limit results to the security profiles that use the defined
+    -- dimension. Cannot be used with @metricName@
+    dimensionName :: Prelude.Maybe Prelude.Text,
+    -- | The maximum number of results to return at one time.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The name of the custom metric. Cannot be used with @dimensionName@.
+    metricName :: Prelude.Maybe Prelude.Text,
+    -- | The token for the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListSecurityProfiles' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'dimensionName', 'listSecurityProfiles_dimensionName' - A filter to limit results to the security profiles that use the defined
+-- dimension. Cannot be used with @metricName@
+--
+-- 'maxResults', 'listSecurityProfiles_maxResults' - The maximum number of results to return at one time.
+--
+-- 'metricName', 'listSecurityProfiles_metricName' - The name of the custom metric. Cannot be used with @dimensionName@.
+--
+-- 'nextToken', 'listSecurityProfiles_nextToken' - The token for the next set of results.
+newListSecurityProfiles ::
+  ListSecurityProfiles
+newListSecurityProfiles =
+  ListSecurityProfiles'
+    { dimensionName =
+        Prelude.Nothing,
+      maxResults = Prelude.Nothing,
+      metricName = Prelude.Nothing,
+      nextToken = Prelude.Nothing
+    }
+
+-- | A filter to limit results to the security profiles that use the defined
+-- dimension. Cannot be used with @metricName@
+listSecurityProfiles_dimensionName :: Lens.Lens' ListSecurityProfiles (Prelude.Maybe Prelude.Text)
+listSecurityProfiles_dimensionName = Lens.lens (\ListSecurityProfiles' {dimensionName} -> dimensionName) (\s@ListSecurityProfiles' {} a -> s {dimensionName = a} :: ListSecurityProfiles)
+
+-- | The maximum number of results to return at one time.
+listSecurityProfiles_maxResults :: Lens.Lens' ListSecurityProfiles (Prelude.Maybe Prelude.Natural)
+listSecurityProfiles_maxResults = Lens.lens (\ListSecurityProfiles' {maxResults} -> maxResults) (\s@ListSecurityProfiles' {} a -> s {maxResults = a} :: ListSecurityProfiles)
+
+-- | The name of the custom metric. Cannot be used with @dimensionName@.
+listSecurityProfiles_metricName :: Lens.Lens' ListSecurityProfiles (Prelude.Maybe Prelude.Text)
+listSecurityProfiles_metricName = Lens.lens (\ListSecurityProfiles' {metricName} -> metricName) (\s@ListSecurityProfiles' {} a -> s {metricName = a} :: ListSecurityProfiles)
+
+-- | The token for the next set of results.
+listSecurityProfiles_nextToken :: Lens.Lens' ListSecurityProfiles (Prelude.Maybe Prelude.Text)
+listSecurityProfiles_nextToken = Lens.lens (\ListSecurityProfiles' {nextToken} -> nextToken) (\s@ListSecurityProfiles' {} a -> s {nextToken = a} :: ListSecurityProfiles)
+
+instance Core.AWSPager ListSecurityProfiles where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listSecurityProfilesResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listSecurityProfilesResponse_securityProfileIdentifiers
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listSecurityProfiles_nextToken
+          Lens..~ rs
+          Lens.^? listSecurityProfilesResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListSecurityProfiles where
+  type
+    AWSResponse ListSecurityProfiles =
+      ListSecurityProfilesResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListSecurityProfilesResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> ( x
+                            Data..?> "securityProfileIdentifiers"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListSecurityProfiles where
+  hashWithSalt _salt ListSecurityProfiles' {..} =
+    _salt
+      `Prelude.hashWithSalt` dimensionName
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` metricName
+      `Prelude.hashWithSalt` nextToken
+
+instance Prelude.NFData ListSecurityProfiles where
+  rnf ListSecurityProfiles' {..} =
+    Prelude.rnf dimensionName
+      `Prelude.seq` Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf metricName
+      `Prelude.seq` Prelude.rnf nextToken
+
+instance Data.ToHeaders ListSecurityProfiles where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListSecurityProfiles where
+  toPath = Prelude.const "/security-profiles"
+
+instance Data.ToQuery ListSecurityProfiles where
+  toQuery ListSecurityProfiles' {..} =
+    Prelude.mconcat
+      [ "dimensionName" Data.=: dimensionName,
+        "maxResults" Data.=: maxResults,
+        "metricName" Data.=: metricName,
+        "nextToken" Data.=: nextToken
+      ]
+
+-- | /See:/ 'newListSecurityProfilesResponse' smart constructor.
+data ListSecurityProfilesResponse = ListSecurityProfilesResponse'
+  { -- | A token that can be used to retrieve the next set of results, or @null@
+    -- if there are no additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | A list of security profile identifiers (names and ARNs).
+    securityProfileIdentifiers :: Prelude.Maybe [SecurityProfileIdentifier],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListSecurityProfilesResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listSecurityProfilesResponse_nextToken' - A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+--
+-- 'securityProfileIdentifiers', 'listSecurityProfilesResponse_securityProfileIdentifiers' - A list of security profile identifiers (names and ARNs).
+--
+-- 'httpStatus', 'listSecurityProfilesResponse_httpStatus' - The response's http status code.
+newListSecurityProfilesResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListSecurityProfilesResponse
+newListSecurityProfilesResponse pHttpStatus_ =
+  ListSecurityProfilesResponse'
+    { nextToken =
+        Prelude.Nothing,
+      securityProfileIdentifiers = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+listSecurityProfilesResponse_nextToken :: Lens.Lens' ListSecurityProfilesResponse (Prelude.Maybe Prelude.Text)
+listSecurityProfilesResponse_nextToken = Lens.lens (\ListSecurityProfilesResponse' {nextToken} -> nextToken) (\s@ListSecurityProfilesResponse' {} a -> s {nextToken = a} :: ListSecurityProfilesResponse)
+
+-- | A list of security profile identifiers (names and ARNs).
+listSecurityProfilesResponse_securityProfileIdentifiers :: Lens.Lens' ListSecurityProfilesResponse (Prelude.Maybe [SecurityProfileIdentifier])
+listSecurityProfilesResponse_securityProfileIdentifiers = Lens.lens (\ListSecurityProfilesResponse' {securityProfileIdentifiers} -> securityProfileIdentifiers) (\s@ListSecurityProfilesResponse' {} a -> s {securityProfileIdentifiers = a} :: ListSecurityProfilesResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listSecurityProfilesResponse_httpStatus :: Lens.Lens' ListSecurityProfilesResponse Prelude.Int
+listSecurityProfilesResponse_httpStatus = Lens.lens (\ListSecurityProfilesResponse' {httpStatus} -> httpStatus) (\s@ListSecurityProfilesResponse' {} a -> s {httpStatus = a} :: ListSecurityProfilesResponse)
+
+instance Prelude.NFData ListSecurityProfilesResponse where
+  rnf ListSecurityProfilesResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf securityProfileIdentifiers
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListSecurityProfilesForTarget.hs b/gen/Amazonka/IoT/ListSecurityProfilesForTarget.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListSecurityProfilesForTarget.hs
@@ -0,0 +1,260 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListSecurityProfilesForTarget
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the Device Defender security profiles attached to a target (thing
+-- group).
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListSecurityProfilesForTarget>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListSecurityProfilesForTarget
+  ( -- * Creating a Request
+    ListSecurityProfilesForTarget (..),
+    newListSecurityProfilesForTarget,
+
+    -- * Request Lenses
+    listSecurityProfilesForTarget_maxResults,
+    listSecurityProfilesForTarget_nextToken,
+    listSecurityProfilesForTarget_recursive,
+    listSecurityProfilesForTarget_securityProfileTargetArn,
+
+    -- * Destructuring the Response
+    ListSecurityProfilesForTargetResponse (..),
+    newListSecurityProfilesForTargetResponse,
+
+    -- * Response Lenses
+    listSecurityProfilesForTargetResponse_nextToken,
+    listSecurityProfilesForTargetResponse_securityProfileTargetMappings,
+    listSecurityProfilesForTargetResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListSecurityProfilesForTarget' smart constructor.
+data ListSecurityProfilesForTarget = ListSecurityProfilesForTarget'
+  { -- | The maximum number of results to return at one time.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The token for the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | If true, return child groups too.
+    recursive :: Prelude.Maybe Prelude.Bool,
+    -- | The ARN of the target (thing group) whose attached security profiles you
+    -- want to get.
+    securityProfileTargetArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListSecurityProfilesForTarget' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listSecurityProfilesForTarget_maxResults' - The maximum number of results to return at one time.
+--
+-- 'nextToken', 'listSecurityProfilesForTarget_nextToken' - The token for the next set of results.
+--
+-- 'recursive', 'listSecurityProfilesForTarget_recursive' - If true, return child groups too.
+--
+-- 'securityProfileTargetArn', 'listSecurityProfilesForTarget_securityProfileTargetArn' - The ARN of the target (thing group) whose attached security profiles you
+-- want to get.
+newListSecurityProfilesForTarget ::
+  -- | 'securityProfileTargetArn'
+  Prelude.Text ->
+  ListSecurityProfilesForTarget
+newListSecurityProfilesForTarget
+  pSecurityProfileTargetArn_ =
+    ListSecurityProfilesForTarget'
+      { maxResults =
+          Prelude.Nothing,
+        nextToken = Prelude.Nothing,
+        recursive = Prelude.Nothing,
+        securityProfileTargetArn =
+          pSecurityProfileTargetArn_
+      }
+
+-- | The maximum number of results to return at one time.
+listSecurityProfilesForTarget_maxResults :: Lens.Lens' ListSecurityProfilesForTarget (Prelude.Maybe Prelude.Natural)
+listSecurityProfilesForTarget_maxResults = Lens.lens (\ListSecurityProfilesForTarget' {maxResults} -> maxResults) (\s@ListSecurityProfilesForTarget' {} a -> s {maxResults = a} :: ListSecurityProfilesForTarget)
+
+-- | The token for the next set of results.
+listSecurityProfilesForTarget_nextToken :: Lens.Lens' ListSecurityProfilesForTarget (Prelude.Maybe Prelude.Text)
+listSecurityProfilesForTarget_nextToken = Lens.lens (\ListSecurityProfilesForTarget' {nextToken} -> nextToken) (\s@ListSecurityProfilesForTarget' {} a -> s {nextToken = a} :: ListSecurityProfilesForTarget)
+
+-- | If true, return child groups too.
+listSecurityProfilesForTarget_recursive :: Lens.Lens' ListSecurityProfilesForTarget (Prelude.Maybe Prelude.Bool)
+listSecurityProfilesForTarget_recursive = Lens.lens (\ListSecurityProfilesForTarget' {recursive} -> recursive) (\s@ListSecurityProfilesForTarget' {} a -> s {recursive = a} :: ListSecurityProfilesForTarget)
+
+-- | The ARN of the target (thing group) whose attached security profiles you
+-- want to get.
+listSecurityProfilesForTarget_securityProfileTargetArn :: Lens.Lens' ListSecurityProfilesForTarget Prelude.Text
+listSecurityProfilesForTarget_securityProfileTargetArn = Lens.lens (\ListSecurityProfilesForTarget' {securityProfileTargetArn} -> securityProfileTargetArn) (\s@ListSecurityProfilesForTarget' {} a -> s {securityProfileTargetArn = a} :: ListSecurityProfilesForTarget)
+
+instance Core.AWSPager ListSecurityProfilesForTarget where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listSecurityProfilesForTargetResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listSecurityProfilesForTargetResponse_securityProfileTargetMappings
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listSecurityProfilesForTarget_nextToken
+          Lens..~ rs
+          Lens.^? listSecurityProfilesForTargetResponse_nextToken
+          Prelude.. Lens._Just
+
+instance
+  Core.AWSRequest
+    ListSecurityProfilesForTarget
+  where
+  type
+    AWSResponse ListSecurityProfilesForTarget =
+      ListSecurityProfilesForTargetResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListSecurityProfilesForTargetResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> ( x
+                            Data..?> "securityProfileTargetMappings"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    ListSecurityProfilesForTarget
+  where
+  hashWithSalt _salt ListSecurityProfilesForTarget' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` recursive
+      `Prelude.hashWithSalt` securityProfileTargetArn
+
+instance Prelude.NFData ListSecurityProfilesForTarget where
+  rnf ListSecurityProfilesForTarget' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf recursive
+      `Prelude.seq` Prelude.rnf securityProfileTargetArn
+
+instance Data.ToHeaders ListSecurityProfilesForTarget where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListSecurityProfilesForTarget where
+  toPath =
+    Prelude.const "/security-profiles-for-target"
+
+instance Data.ToQuery ListSecurityProfilesForTarget where
+  toQuery ListSecurityProfilesForTarget' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken,
+        "recursive" Data.=: recursive,
+        "securityProfileTargetArn"
+          Data.=: securityProfileTargetArn
+      ]
+
+-- | /See:/ 'newListSecurityProfilesForTargetResponse' smart constructor.
+data ListSecurityProfilesForTargetResponse = ListSecurityProfilesForTargetResponse'
+  { -- | A token that can be used to retrieve the next set of results, or @null@
+    -- if there are no additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | A list of security profiles and their associated targets.
+    securityProfileTargetMappings :: Prelude.Maybe [SecurityProfileTargetMapping],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListSecurityProfilesForTargetResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listSecurityProfilesForTargetResponse_nextToken' - A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+--
+-- 'securityProfileTargetMappings', 'listSecurityProfilesForTargetResponse_securityProfileTargetMappings' - A list of security profiles and their associated targets.
+--
+-- 'httpStatus', 'listSecurityProfilesForTargetResponse_httpStatus' - The response's http status code.
+newListSecurityProfilesForTargetResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListSecurityProfilesForTargetResponse
+newListSecurityProfilesForTargetResponse pHttpStatus_ =
+  ListSecurityProfilesForTargetResponse'
+    { nextToken =
+        Prelude.Nothing,
+      securityProfileTargetMappings =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+listSecurityProfilesForTargetResponse_nextToken :: Lens.Lens' ListSecurityProfilesForTargetResponse (Prelude.Maybe Prelude.Text)
+listSecurityProfilesForTargetResponse_nextToken = Lens.lens (\ListSecurityProfilesForTargetResponse' {nextToken} -> nextToken) (\s@ListSecurityProfilesForTargetResponse' {} a -> s {nextToken = a} :: ListSecurityProfilesForTargetResponse)
+
+-- | A list of security profiles and their associated targets.
+listSecurityProfilesForTargetResponse_securityProfileTargetMappings :: Lens.Lens' ListSecurityProfilesForTargetResponse (Prelude.Maybe [SecurityProfileTargetMapping])
+listSecurityProfilesForTargetResponse_securityProfileTargetMappings = Lens.lens (\ListSecurityProfilesForTargetResponse' {securityProfileTargetMappings} -> securityProfileTargetMappings) (\s@ListSecurityProfilesForTargetResponse' {} a -> s {securityProfileTargetMappings = a} :: ListSecurityProfilesForTargetResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listSecurityProfilesForTargetResponse_httpStatus :: Lens.Lens' ListSecurityProfilesForTargetResponse Prelude.Int
+listSecurityProfilesForTargetResponse_httpStatus = Lens.lens (\ListSecurityProfilesForTargetResponse' {httpStatus} -> httpStatus) (\s@ListSecurityProfilesForTargetResponse' {} a -> s {httpStatus = a} :: ListSecurityProfilesForTargetResponse)
+
+instance
+  Prelude.NFData
+    ListSecurityProfilesForTargetResponse
+  where
+  rnf ListSecurityProfilesForTargetResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf securityProfileTargetMappings
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListStreams.hs b/gen/Amazonka/IoT/ListStreams.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListStreams.hs
@@ -0,0 +1,217 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListStreams
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists all of the streams in your Amazon Web Services account.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListStreams>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListStreams
+  ( -- * Creating a Request
+    ListStreams (..),
+    newListStreams,
+
+    -- * Request Lenses
+    listStreams_ascendingOrder,
+    listStreams_maxResults,
+    listStreams_nextToken,
+
+    -- * Destructuring the Response
+    ListStreamsResponse (..),
+    newListStreamsResponse,
+
+    -- * Response Lenses
+    listStreamsResponse_nextToken,
+    listStreamsResponse_streams,
+    listStreamsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListStreams' smart constructor.
+data ListStreams = ListStreams'
+  { -- | Set to true to return the list of streams in ascending order.
+    ascendingOrder :: Prelude.Maybe Prelude.Bool,
+    -- | The maximum number of results to return at a time.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | A token used to get the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListStreams' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'ascendingOrder', 'listStreams_ascendingOrder' - Set to true to return the list of streams in ascending order.
+--
+-- 'maxResults', 'listStreams_maxResults' - The maximum number of results to return at a time.
+--
+-- 'nextToken', 'listStreams_nextToken' - A token used to get the next set of results.
+newListStreams ::
+  ListStreams
+newListStreams =
+  ListStreams'
+    { ascendingOrder = Prelude.Nothing,
+      maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing
+    }
+
+-- | Set to true to return the list of streams in ascending order.
+listStreams_ascendingOrder :: Lens.Lens' ListStreams (Prelude.Maybe Prelude.Bool)
+listStreams_ascendingOrder = Lens.lens (\ListStreams' {ascendingOrder} -> ascendingOrder) (\s@ListStreams' {} a -> s {ascendingOrder = a} :: ListStreams)
+
+-- | The maximum number of results to return at a time.
+listStreams_maxResults :: Lens.Lens' ListStreams (Prelude.Maybe Prelude.Natural)
+listStreams_maxResults = Lens.lens (\ListStreams' {maxResults} -> maxResults) (\s@ListStreams' {} a -> s {maxResults = a} :: ListStreams)
+
+-- | A token used to get the next set of results.
+listStreams_nextToken :: Lens.Lens' ListStreams (Prelude.Maybe Prelude.Text)
+listStreams_nextToken = Lens.lens (\ListStreams' {nextToken} -> nextToken) (\s@ListStreams' {} a -> s {nextToken = a} :: ListStreams)
+
+instance Core.AWSPager ListStreams where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listStreamsResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listStreamsResponse_streams
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listStreams_nextToken
+          Lens..~ rs
+          Lens.^? listStreamsResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListStreams where
+  type AWSResponse ListStreams = ListStreamsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListStreamsResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (x Data..?> "streams" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListStreams where
+  hashWithSalt _salt ListStreams' {..} =
+    _salt
+      `Prelude.hashWithSalt` ascendingOrder
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+
+instance Prelude.NFData ListStreams where
+  rnf ListStreams' {..} =
+    Prelude.rnf ascendingOrder
+      `Prelude.seq` Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+
+instance Data.ToHeaders ListStreams where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListStreams where
+  toPath = Prelude.const "/streams"
+
+instance Data.ToQuery ListStreams where
+  toQuery ListStreams' {..} =
+    Prelude.mconcat
+      [ "isAscendingOrder" Data.=: ascendingOrder,
+        "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken
+      ]
+
+-- | /See:/ 'newListStreamsResponse' smart constructor.
+data ListStreamsResponse = ListStreamsResponse'
+  { -- | A token used to get the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | A list of streams.
+    streams :: Prelude.Maybe [StreamSummary],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListStreamsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listStreamsResponse_nextToken' - A token used to get the next set of results.
+--
+-- 'streams', 'listStreamsResponse_streams' - A list of streams.
+--
+-- 'httpStatus', 'listStreamsResponse_httpStatus' - The response's http status code.
+newListStreamsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListStreamsResponse
+newListStreamsResponse pHttpStatus_ =
+  ListStreamsResponse'
+    { nextToken = Prelude.Nothing,
+      streams = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | A token used to get the next set of results.
+listStreamsResponse_nextToken :: Lens.Lens' ListStreamsResponse (Prelude.Maybe Prelude.Text)
+listStreamsResponse_nextToken = Lens.lens (\ListStreamsResponse' {nextToken} -> nextToken) (\s@ListStreamsResponse' {} a -> s {nextToken = a} :: ListStreamsResponse)
+
+-- | A list of streams.
+listStreamsResponse_streams :: Lens.Lens' ListStreamsResponse (Prelude.Maybe [StreamSummary])
+listStreamsResponse_streams = Lens.lens (\ListStreamsResponse' {streams} -> streams) (\s@ListStreamsResponse' {} a -> s {streams = a} :: ListStreamsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listStreamsResponse_httpStatus :: Lens.Lens' ListStreamsResponse Prelude.Int
+listStreamsResponse_httpStatus = Lens.lens (\ListStreamsResponse' {httpStatus} -> httpStatus) (\s@ListStreamsResponse' {} a -> s {httpStatus = a} :: ListStreamsResponse)
+
+instance Prelude.NFData ListStreamsResponse where
+  rnf ListStreamsResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf streams
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListTagsForResource.hs b/gen/Amazonka/IoT/ListTagsForResource.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListTagsForResource.hs
@@ -0,0 +1,218 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListTagsForResource
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the tags (metadata) you have assigned to the resource.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListTagsForResource>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListTagsForResource
+  ( -- * Creating a Request
+    ListTagsForResource (..),
+    newListTagsForResource,
+
+    -- * Request Lenses
+    listTagsForResource_nextToken,
+    listTagsForResource_resourceArn,
+
+    -- * Destructuring the Response
+    ListTagsForResourceResponse (..),
+    newListTagsForResourceResponse,
+
+    -- * Response Lenses
+    listTagsForResourceResponse_nextToken,
+    listTagsForResourceResponse_tags,
+    listTagsForResourceResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListTagsForResource' smart constructor.
+data ListTagsForResource = ListTagsForResource'
+  { -- | To retrieve the next set of results, the @nextToken@ value from a
+    -- previous response; otherwise __null__ to receive the first set of
+    -- results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the resource.
+    resourceArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListTagsForResource' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listTagsForResource_nextToken' - To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+--
+-- 'resourceArn', 'listTagsForResource_resourceArn' - The ARN of the resource.
+newListTagsForResource ::
+  -- | 'resourceArn'
+  Prelude.Text ->
+  ListTagsForResource
+newListTagsForResource pResourceArn_ =
+  ListTagsForResource'
+    { nextToken = Prelude.Nothing,
+      resourceArn = pResourceArn_
+    }
+
+-- | To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+listTagsForResource_nextToken :: Lens.Lens' ListTagsForResource (Prelude.Maybe Prelude.Text)
+listTagsForResource_nextToken = Lens.lens (\ListTagsForResource' {nextToken} -> nextToken) (\s@ListTagsForResource' {} a -> s {nextToken = a} :: ListTagsForResource)
+
+-- | The ARN of the resource.
+listTagsForResource_resourceArn :: Lens.Lens' ListTagsForResource Prelude.Text
+listTagsForResource_resourceArn = Lens.lens (\ListTagsForResource' {resourceArn} -> resourceArn) (\s@ListTagsForResource' {} a -> s {resourceArn = a} :: ListTagsForResource)
+
+instance Core.AWSPager ListTagsForResource where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listTagsForResourceResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listTagsForResourceResponse_tags
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listTagsForResource_nextToken
+          Lens..~ rs
+          Lens.^? listTagsForResourceResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListTagsForResource where
+  type
+    AWSResponse ListTagsForResource =
+      ListTagsForResourceResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListTagsForResourceResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (x Data..?> "tags" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListTagsForResource where
+  hashWithSalt _salt ListTagsForResource' {..} =
+    _salt
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` resourceArn
+
+instance Prelude.NFData ListTagsForResource where
+  rnf ListTagsForResource' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf resourceArn
+
+instance Data.ToHeaders ListTagsForResource where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListTagsForResource where
+  toPath = Prelude.const "/tags"
+
+instance Data.ToQuery ListTagsForResource where
+  toQuery ListTagsForResource' {..} =
+    Prelude.mconcat
+      [ "nextToken" Data.=: nextToken,
+        "resourceArn" Data.=: resourceArn
+      ]
+
+-- | /See:/ 'newListTagsForResourceResponse' smart constructor.
+data ListTagsForResourceResponse = ListTagsForResourceResponse'
+  { -- | The token to use to get the next set of results, or __null__ if there
+    -- are no additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The list of tags assigned to the resource.
+    tags :: Prelude.Maybe [Tag],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListTagsForResourceResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listTagsForResourceResponse_nextToken' - The token to use to get the next set of results, or __null__ if there
+-- are no additional results.
+--
+-- 'tags', 'listTagsForResourceResponse_tags' - The list of tags assigned to the resource.
+--
+-- 'httpStatus', 'listTagsForResourceResponse_httpStatus' - The response's http status code.
+newListTagsForResourceResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListTagsForResourceResponse
+newListTagsForResourceResponse pHttpStatus_ =
+  ListTagsForResourceResponse'
+    { nextToken =
+        Prelude.Nothing,
+      tags = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The token to use to get the next set of results, or __null__ if there
+-- are no additional results.
+listTagsForResourceResponse_nextToken :: Lens.Lens' ListTagsForResourceResponse (Prelude.Maybe Prelude.Text)
+listTagsForResourceResponse_nextToken = Lens.lens (\ListTagsForResourceResponse' {nextToken} -> nextToken) (\s@ListTagsForResourceResponse' {} a -> s {nextToken = a} :: ListTagsForResourceResponse)
+
+-- | The list of tags assigned to the resource.
+listTagsForResourceResponse_tags :: Lens.Lens' ListTagsForResourceResponse (Prelude.Maybe [Tag])
+listTagsForResourceResponse_tags = Lens.lens (\ListTagsForResourceResponse' {tags} -> tags) (\s@ListTagsForResourceResponse' {} a -> s {tags = a} :: ListTagsForResourceResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listTagsForResourceResponse_httpStatus :: Lens.Lens' ListTagsForResourceResponse Prelude.Int
+listTagsForResourceResponse_httpStatus = Lens.lens (\ListTagsForResourceResponse' {httpStatus} -> httpStatus) (\s@ListTagsForResourceResponse' {} a -> s {httpStatus = a} :: ListTagsForResourceResponse)
+
+instance Prelude.NFData ListTagsForResourceResponse where
+  rnf ListTagsForResourceResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListTargetsForPolicy.hs b/gen/Amazonka/IoT/ListTargetsForPolicy.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListTargetsForPolicy.hs
@@ -0,0 +1,226 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListTargetsForPolicy
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- List targets for the specified policy.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListTargetsForPolicy>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListTargetsForPolicy
+  ( -- * Creating a Request
+    ListTargetsForPolicy (..),
+    newListTargetsForPolicy,
+
+    -- * Request Lenses
+    listTargetsForPolicy_marker,
+    listTargetsForPolicy_pageSize,
+    listTargetsForPolicy_policyName,
+
+    -- * Destructuring the Response
+    ListTargetsForPolicyResponse (..),
+    newListTargetsForPolicyResponse,
+
+    -- * Response Lenses
+    listTargetsForPolicyResponse_nextMarker,
+    listTargetsForPolicyResponse_targets,
+    listTargetsForPolicyResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListTargetsForPolicy' smart constructor.
+data ListTargetsForPolicy = ListTargetsForPolicy'
+  { -- | A marker used to get the next set of results.
+    marker :: Prelude.Maybe Prelude.Text,
+    -- | The maximum number of results to return at one time.
+    pageSize :: Prelude.Maybe Prelude.Natural,
+    -- | The policy name.
+    policyName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListTargetsForPolicy' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'marker', 'listTargetsForPolicy_marker' - A marker used to get the next set of results.
+--
+-- 'pageSize', 'listTargetsForPolicy_pageSize' - The maximum number of results to return at one time.
+--
+-- 'policyName', 'listTargetsForPolicy_policyName' - The policy name.
+newListTargetsForPolicy ::
+  -- | 'policyName'
+  Prelude.Text ->
+  ListTargetsForPolicy
+newListTargetsForPolicy pPolicyName_ =
+  ListTargetsForPolicy'
+    { marker = Prelude.Nothing,
+      pageSize = Prelude.Nothing,
+      policyName = pPolicyName_
+    }
+
+-- | A marker used to get the next set of results.
+listTargetsForPolicy_marker :: Lens.Lens' ListTargetsForPolicy (Prelude.Maybe Prelude.Text)
+listTargetsForPolicy_marker = Lens.lens (\ListTargetsForPolicy' {marker} -> marker) (\s@ListTargetsForPolicy' {} a -> s {marker = a} :: ListTargetsForPolicy)
+
+-- | The maximum number of results to return at one time.
+listTargetsForPolicy_pageSize :: Lens.Lens' ListTargetsForPolicy (Prelude.Maybe Prelude.Natural)
+listTargetsForPolicy_pageSize = Lens.lens (\ListTargetsForPolicy' {pageSize} -> pageSize) (\s@ListTargetsForPolicy' {} a -> s {pageSize = a} :: ListTargetsForPolicy)
+
+-- | The policy name.
+listTargetsForPolicy_policyName :: Lens.Lens' ListTargetsForPolicy Prelude.Text
+listTargetsForPolicy_policyName = Lens.lens (\ListTargetsForPolicy' {policyName} -> policyName) (\s@ListTargetsForPolicy' {} a -> s {policyName = a} :: ListTargetsForPolicy)
+
+instance Core.AWSPager ListTargetsForPolicy where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listTargetsForPolicyResponse_nextMarker
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listTargetsForPolicyResponse_targets
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listTargetsForPolicy_marker
+          Lens..~ rs
+          Lens.^? listTargetsForPolicyResponse_nextMarker
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListTargetsForPolicy where
+  type
+    AWSResponse ListTargetsForPolicy =
+      ListTargetsForPolicyResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListTargetsForPolicyResponse'
+            Prelude.<$> (x Data..?> "nextMarker")
+            Prelude.<*> (x Data..?> "targets" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListTargetsForPolicy where
+  hashWithSalt _salt ListTargetsForPolicy' {..} =
+    _salt
+      `Prelude.hashWithSalt` marker
+      `Prelude.hashWithSalt` pageSize
+      `Prelude.hashWithSalt` policyName
+
+instance Prelude.NFData ListTargetsForPolicy where
+  rnf ListTargetsForPolicy' {..} =
+    Prelude.rnf marker
+      `Prelude.seq` Prelude.rnf pageSize
+      `Prelude.seq` Prelude.rnf policyName
+
+instance Data.ToHeaders ListTargetsForPolicy where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON ListTargetsForPolicy where
+  toJSON = Prelude.const (Data.Object Prelude.mempty)
+
+instance Data.ToPath ListTargetsForPolicy where
+  toPath ListTargetsForPolicy' {..} =
+    Prelude.mconcat
+      ["/policy-targets/", Data.toBS policyName]
+
+instance Data.ToQuery ListTargetsForPolicy where
+  toQuery ListTargetsForPolicy' {..} =
+    Prelude.mconcat
+      [ "marker" Data.=: marker,
+        "pageSize" Data.=: pageSize
+      ]
+
+-- | /See:/ 'newListTargetsForPolicyResponse' smart constructor.
+data ListTargetsForPolicyResponse = ListTargetsForPolicyResponse'
+  { -- | A marker used to get the next set of results.
+    nextMarker :: Prelude.Maybe Prelude.Text,
+    -- | The policy targets.
+    targets :: Prelude.Maybe [Prelude.Text],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListTargetsForPolicyResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextMarker', 'listTargetsForPolicyResponse_nextMarker' - A marker used to get the next set of results.
+--
+-- 'targets', 'listTargetsForPolicyResponse_targets' - The policy targets.
+--
+-- 'httpStatus', 'listTargetsForPolicyResponse_httpStatus' - The response's http status code.
+newListTargetsForPolicyResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListTargetsForPolicyResponse
+newListTargetsForPolicyResponse pHttpStatus_ =
+  ListTargetsForPolicyResponse'
+    { nextMarker =
+        Prelude.Nothing,
+      targets = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | A marker used to get the next set of results.
+listTargetsForPolicyResponse_nextMarker :: Lens.Lens' ListTargetsForPolicyResponse (Prelude.Maybe Prelude.Text)
+listTargetsForPolicyResponse_nextMarker = Lens.lens (\ListTargetsForPolicyResponse' {nextMarker} -> nextMarker) (\s@ListTargetsForPolicyResponse' {} a -> s {nextMarker = a} :: ListTargetsForPolicyResponse)
+
+-- | The policy targets.
+listTargetsForPolicyResponse_targets :: Lens.Lens' ListTargetsForPolicyResponse (Prelude.Maybe [Prelude.Text])
+listTargetsForPolicyResponse_targets = Lens.lens (\ListTargetsForPolicyResponse' {targets} -> targets) (\s@ListTargetsForPolicyResponse' {} a -> s {targets = a} :: ListTargetsForPolicyResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listTargetsForPolicyResponse_httpStatus :: Lens.Lens' ListTargetsForPolicyResponse Prelude.Int
+listTargetsForPolicyResponse_httpStatus = Lens.lens (\ListTargetsForPolicyResponse' {httpStatus} -> httpStatus) (\s@ListTargetsForPolicyResponse' {} a -> s {httpStatus = a} :: ListTargetsForPolicyResponse)
+
+instance Prelude.NFData ListTargetsForPolicyResponse where
+  rnf ListTargetsForPolicyResponse' {..} =
+    Prelude.rnf nextMarker
+      `Prelude.seq` Prelude.rnf targets
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListTargetsForSecurityProfile.hs b/gen/Amazonka/IoT/ListTargetsForSecurityProfile.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListTargetsForSecurityProfile.hs
@@ -0,0 +1,245 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListTargetsForSecurityProfile
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the targets (thing groups) associated with a given Device Defender
+-- security profile.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListTargetsForSecurityProfile>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListTargetsForSecurityProfile
+  ( -- * Creating a Request
+    ListTargetsForSecurityProfile (..),
+    newListTargetsForSecurityProfile,
+
+    -- * Request Lenses
+    listTargetsForSecurityProfile_maxResults,
+    listTargetsForSecurityProfile_nextToken,
+    listTargetsForSecurityProfile_securityProfileName,
+
+    -- * Destructuring the Response
+    ListTargetsForSecurityProfileResponse (..),
+    newListTargetsForSecurityProfileResponse,
+
+    -- * Response Lenses
+    listTargetsForSecurityProfileResponse_nextToken,
+    listTargetsForSecurityProfileResponse_securityProfileTargets,
+    listTargetsForSecurityProfileResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListTargetsForSecurityProfile' smart constructor.
+data ListTargetsForSecurityProfile = ListTargetsForSecurityProfile'
+  { -- | The maximum number of results to return at one time.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The token for the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The security profile.
+    securityProfileName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListTargetsForSecurityProfile' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listTargetsForSecurityProfile_maxResults' - The maximum number of results to return at one time.
+--
+-- 'nextToken', 'listTargetsForSecurityProfile_nextToken' - The token for the next set of results.
+--
+-- 'securityProfileName', 'listTargetsForSecurityProfile_securityProfileName' - The security profile.
+newListTargetsForSecurityProfile ::
+  -- | 'securityProfileName'
+  Prelude.Text ->
+  ListTargetsForSecurityProfile
+newListTargetsForSecurityProfile
+  pSecurityProfileName_ =
+    ListTargetsForSecurityProfile'
+      { maxResults =
+          Prelude.Nothing,
+        nextToken = Prelude.Nothing,
+        securityProfileName = pSecurityProfileName_
+      }
+
+-- | The maximum number of results to return at one time.
+listTargetsForSecurityProfile_maxResults :: Lens.Lens' ListTargetsForSecurityProfile (Prelude.Maybe Prelude.Natural)
+listTargetsForSecurityProfile_maxResults = Lens.lens (\ListTargetsForSecurityProfile' {maxResults} -> maxResults) (\s@ListTargetsForSecurityProfile' {} a -> s {maxResults = a} :: ListTargetsForSecurityProfile)
+
+-- | The token for the next set of results.
+listTargetsForSecurityProfile_nextToken :: Lens.Lens' ListTargetsForSecurityProfile (Prelude.Maybe Prelude.Text)
+listTargetsForSecurityProfile_nextToken = Lens.lens (\ListTargetsForSecurityProfile' {nextToken} -> nextToken) (\s@ListTargetsForSecurityProfile' {} a -> s {nextToken = a} :: ListTargetsForSecurityProfile)
+
+-- | The security profile.
+listTargetsForSecurityProfile_securityProfileName :: Lens.Lens' ListTargetsForSecurityProfile Prelude.Text
+listTargetsForSecurityProfile_securityProfileName = Lens.lens (\ListTargetsForSecurityProfile' {securityProfileName} -> securityProfileName) (\s@ListTargetsForSecurityProfile' {} a -> s {securityProfileName = a} :: ListTargetsForSecurityProfile)
+
+instance Core.AWSPager ListTargetsForSecurityProfile where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listTargetsForSecurityProfileResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listTargetsForSecurityProfileResponse_securityProfileTargets
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listTargetsForSecurityProfile_nextToken
+          Lens..~ rs
+          Lens.^? listTargetsForSecurityProfileResponse_nextToken
+          Prelude.. Lens._Just
+
+instance
+  Core.AWSRequest
+    ListTargetsForSecurityProfile
+  where
+  type
+    AWSResponse ListTargetsForSecurityProfile =
+      ListTargetsForSecurityProfileResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListTargetsForSecurityProfileResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> ( x
+                            Data..?> "securityProfileTargets"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    ListTargetsForSecurityProfile
+  where
+  hashWithSalt _salt ListTargetsForSecurityProfile' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` securityProfileName
+
+instance Prelude.NFData ListTargetsForSecurityProfile where
+  rnf ListTargetsForSecurityProfile' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf securityProfileName
+
+instance Data.ToHeaders ListTargetsForSecurityProfile where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListTargetsForSecurityProfile where
+  toPath ListTargetsForSecurityProfile' {..} =
+    Prelude.mconcat
+      [ "/security-profiles/",
+        Data.toBS securityProfileName,
+        "/targets"
+      ]
+
+instance Data.ToQuery ListTargetsForSecurityProfile where
+  toQuery ListTargetsForSecurityProfile' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken
+      ]
+
+-- | /See:/ 'newListTargetsForSecurityProfileResponse' smart constructor.
+data ListTargetsForSecurityProfileResponse = ListTargetsForSecurityProfileResponse'
+  { -- | A token that can be used to retrieve the next set of results, or @null@
+    -- if there are no additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The thing groups to which the security profile is attached.
+    securityProfileTargets :: Prelude.Maybe [SecurityProfileTarget],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListTargetsForSecurityProfileResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listTargetsForSecurityProfileResponse_nextToken' - A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+--
+-- 'securityProfileTargets', 'listTargetsForSecurityProfileResponse_securityProfileTargets' - The thing groups to which the security profile is attached.
+--
+-- 'httpStatus', 'listTargetsForSecurityProfileResponse_httpStatus' - The response's http status code.
+newListTargetsForSecurityProfileResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListTargetsForSecurityProfileResponse
+newListTargetsForSecurityProfileResponse pHttpStatus_ =
+  ListTargetsForSecurityProfileResponse'
+    { nextToken =
+        Prelude.Nothing,
+      securityProfileTargets =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+listTargetsForSecurityProfileResponse_nextToken :: Lens.Lens' ListTargetsForSecurityProfileResponse (Prelude.Maybe Prelude.Text)
+listTargetsForSecurityProfileResponse_nextToken = Lens.lens (\ListTargetsForSecurityProfileResponse' {nextToken} -> nextToken) (\s@ListTargetsForSecurityProfileResponse' {} a -> s {nextToken = a} :: ListTargetsForSecurityProfileResponse)
+
+-- | The thing groups to which the security profile is attached.
+listTargetsForSecurityProfileResponse_securityProfileTargets :: Lens.Lens' ListTargetsForSecurityProfileResponse (Prelude.Maybe [SecurityProfileTarget])
+listTargetsForSecurityProfileResponse_securityProfileTargets = Lens.lens (\ListTargetsForSecurityProfileResponse' {securityProfileTargets} -> securityProfileTargets) (\s@ListTargetsForSecurityProfileResponse' {} a -> s {securityProfileTargets = a} :: ListTargetsForSecurityProfileResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listTargetsForSecurityProfileResponse_httpStatus :: Lens.Lens' ListTargetsForSecurityProfileResponse Prelude.Int
+listTargetsForSecurityProfileResponse_httpStatus = Lens.lens (\ListTargetsForSecurityProfileResponse' {httpStatus} -> httpStatus) (\s@ListTargetsForSecurityProfileResponse' {} a -> s {httpStatus = a} :: ListTargetsForSecurityProfileResponse)
+
+instance
+  Prelude.NFData
+    ListTargetsForSecurityProfileResponse
+  where
+  rnf ListTargetsForSecurityProfileResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf securityProfileTargets
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListThingGroups.hs b/gen/Amazonka/IoT/ListThingGroups.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListThingGroups.hs
@@ -0,0 +1,261 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListThingGroups
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- List the thing groups in your account.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListThingGroups>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListThingGroups
+  ( -- * Creating a Request
+    ListThingGroups (..),
+    newListThingGroups,
+
+    -- * Request Lenses
+    listThingGroups_maxResults,
+    listThingGroups_namePrefixFilter,
+    listThingGroups_nextToken,
+    listThingGroups_parentGroup,
+    listThingGroups_recursive,
+
+    -- * Destructuring the Response
+    ListThingGroupsResponse (..),
+    newListThingGroupsResponse,
+
+    -- * Response Lenses
+    listThingGroupsResponse_nextToken,
+    listThingGroupsResponse_thingGroups,
+    listThingGroupsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListThingGroups' smart constructor.
+data ListThingGroups = ListThingGroups'
+  { -- | The maximum number of results to return at one time.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | A filter that limits the results to those with the specified name
+    -- prefix.
+    namePrefixFilter :: Prelude.Maybe Prelude.Text,
+    -- | To retrieve the next set of results, the @nextToken@ value from a
+    -- previous response; otherwise __null__ to receive the first set of
+    -- results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | A filter that limits the results to those with the specified parent
+    -- group.
+    parentGroup :: Prelude.Maybe Prelude.Text,
+    -- | If true, return child groups as well.
+    recursive :: Prelude.Maybe Prelude.Bool
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListThingGroups' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listThingGroups_maxResults' - The maximum number of results to return at one time.
+--
+-- 'namePrefixFilter', 'listThingGroups_namePrefixFilter' - A filter that limits the results to those with the specified name
+-- prefix.
+--
+-- 'nextToken', 'listThingGroups_nextToken' - To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+--
+-- 'parentGroup', 'listThingGroups_parentGroup' - A filter that limits the results to those with the specified parent
+-- group.
+--
+-- 'recursive', 'listThingGroups_recursive' - If true, return child groups as well.
+newListThingGroups ::
+  ListThingGroups
+newListThingGroups =
+  ListThingGroups'
+    { maxResults = Prelude.Nothing,
+      namePrefixFilter = Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      parentGroup = Prelude.Nothing,
+      recursive = Prelude.Nothing
+    }
+
+-- | The maximum number of results to return at one time.
+listThingGroups_maxResults :: Lens.Lens' ListThingGroups (Prelude.Maybe Prelude.Natural)
+listThingGroups_maxResults = Lens.lens (\ListThingGroups' {maxResults} -> maxResults) (\s@ListThingGroups' {} a -> s {maxResults = a} :: ListThingGroups)
+
+-- | A filter that limits the results to those with the specified name
+-- prefix.
+listThingGroups_namePrefixFilter :: Lens.Lens' ListThingGroups (Prelude.Maybe Prelude.Text)
+listThingGroups_namePrefixFilter = Lens.lens (\ListThingGroups' {namePrefixFilter} -> namePrefixFilter) (\s@ListThingGroups' {} a -> s {namePrefixFilter = a} :: ListThingGroups)
+
+-- | To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+listThingGroups_nextToken :: Lens.Lens' ListThingGroups (Prelude.Maybe Prelude.Text)
+listThingGroups_nextToken = Lens.lens (\ListThingGroups' {nextToken} -> nextToken) (\s@ListThingGroups' {} a -> s {nextToken = a} :: ListThingGroups)
+
+-- | A filter that limits the results to those with the specified parent
+-- group.
+listThingGroups_parentGroup :: Lens.Lens' ListThingGroups (Prelude.Maybe Prelude.Text)
+listThingGroups_parentGroup = Lens.lens (\ListThingGroups' {parentGroup} -> parentGroup) (\s@ListThingGroups' {} a -> s {parentGroup = a} :: ListThingGroups)
+
+-- | If true, return child groups as well.
+listThingGroups_recursive :: Lens.Lens' ListThingGroups (Prelude.Maybe Prelude.Bool)
+listThingGroups_recursive = Lens.lens (\ListThingGroups' {recursive} -> recursive) (\s@ListThingGroups' {} a -> s {recursive = a} :: ListThingGroups)
+
+instance Core.AWSPager ListThingGroups where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listThingGroupsResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listThingGroupsResponse_thingGroups
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listThingGroups_nextToken
+          Lens..~ rs
+          Lens.^? listThingGroupsResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListThingGroups where
+  type
+    AWSResponse ListThingGroups =
+      ListThingGroupsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListThingGroupsResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (x Data..?> "thingGroups" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListThingGroups where
+  hashWithSalt _salt ListThingGroups' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` namePrefixFilter
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` parentGroup
+      `Prelude.hashWithSalt` recursive
+
+instance Prelude.NFData ListThingGroups where
+  rnf ListThingGroups' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf namePrefixFilter
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf parentGroup
+      `Prelude.seq` Prelude.rnf recursive
+
+instance Data.ToHeaders ListThingGroups where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListThingGroups where
+  toPath = Prelude.const "/thing-groups"
+
+instance Data.ToQuery ListThingGroups where
+  toQuery ListThingGroups' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "namePrefixFilter" Data.=: namePrefixFilter,
+        "nextToken" Data.=: nextToken,
+        "parentGroup" Data.=: parentGroup,
+        "recursive" Data.=: recursive
+      ]
+
+-- | /See:/ 'newListThingGroupsResponse' smart constructor.
+data ListThingGroupsResponse = ListThingGroupsResponse'
+  { -- | The token to use to get the next set of results. Will not be returned if
+    -- operation has returned all results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The thing groups.
+    thingGroups :: Prelude.Maybe [GroupNameAndArn],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListThingGroupsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listThingGroupsResponse_nextToken' - The token to use to get the next set of results. Will not be returned if
+-- operation has returned all results.
+--
+-- 'thingGroups', 'listThingGroupsResponse_thingGroups' - The thing groups.
+--
+-- 'httpStatus', 'listThingGroupsResponse_httpStatus' - The response's http status code.
+newListThingGroupsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListThingGroupsResponse
+newListThingGroupsResponse pHttpStatus_ =
+  ListThingGroupsResponse'
+    { nextToken =
+        Prelude.Nothing,
+      thingGroups = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The token to use to get the next set of results. Will not be returned if
+-- operation has returned all results.
+listThingGroupsResponse_nextToken :: Lens.Lens' ListThingGroupsResponse (Prelude.Maybe Prelude.Text)
+listThingGroupsResponse_nextToken = Lens.lens (\ListThingGroupsResponse' {nextToken} -> nextToken) (\s@ListThingGroupsResponse' {} a -> s {nextToken = a} :: ListThingGroupsResponse)
+
+-- | The thing groups.
+listThingGroupsResponse_thingGroups :: Lens.Lens' ListThingGroupsResponse (Prelude.Maybe [GroupNameAndArn])
+listThingGroupsResponse_thingGroups = Lens.lens (\ListThingGroupsResponse' {thingGroups} -> thingGroups) (\s@ListThingGroupsResponse' {} a -> s {thingGroups = a} :: ListThingGroupsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listThingGroupsResponse_httpStatus :: Lens.Lens' ListThingGroupsResponse Prelude.Int
+listThingGroupsResponse_httpStatus = Lens.lens (\ListThingGroupsResponse' {httpStatus} -> httpStatus) (\s@ListThingGroupsResponse' {} a -> s {httpStatus = a} :: ListThingGroupsResponse)
+
+instance Prelude.NFData ListThingGroupsResponse where
+  rnf ListThingGroupsResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf thingGroups
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListThingGroupsForThing.hs b/gen/Amazonka/IoT/ListThingGroupsForThing.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListThingGroupsForThing.hs
@@ -0,0 +1,236 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListThingGroupsForThing
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- List the thing groups to which the specified thing belongs.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListThingGroupsForThing>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListThingGroupsForThing
+  ( -- * Creating a Request
+    ListThingGroupsForThing (..),
+    newListThingGroupsForThing,
+
+    -- * Request Lenses
+    listThingGroupsForThing_maxResults,
+    listThingGroupsForThing_nextToken,
+    listThingGroupsForThing_thingName,
+
+    -- * Destructuring the Response
+    ListThingGroupsForThingResponse (..),
+    newListThingGroupsForThingResponse,
+
+    -- * Response Lenses
+    listThingGroupsForThingResponse_nextToken,
+    listThingGroupsForThingResponse_thingGroups,
+    listThingGroupsForThingResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListThingGroupsForThing' smart constructor.
+data ListThingGroupsForThing = ListThingGroupsForThing'
+  { -- | The maximum number of results to return at one time.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | To retrieve the next set of results, the @nextToken@ value from a
+    -- previous response; otherwise __null__ to receive the first set of
+    -- results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The thing name.
+    thingName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListThingGroupsForThing' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listThingGroupsForThing_maxResults' - The maximum number of results to return at one time.
+--
+-- 'nextToken', 'listThingGroupsForThing_nextToken' - To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+--
+-- 'thingName', 'listThingGroupsForThing_thingName' - The thing name.
+newListThingGroupsForThing ::
+  -- | 'thingName'
+  Prelude.Text ->
+  ListThingGroupsForThing
+newListThingGroupsForThing pThingName_ =
+  ListThingGroupsForThing'
+    { maxResults =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      thingName = pThingName_
+    }
+
+-- | The maximum number of results to return at one time.
+listThingGroupsForThing_maxResults :: Lens.Lens' ListThingGroupsForThing (Prelude.Maybe Prelude.Natural)
+listThingGroupsForThing_maxResults = Lens.lens (\ListThingGroupsForThing' {maxResults} -> maxResults) (\s@ListThingGroupsForThing' {} a -> s {maxResults = a} :: ListThingGroupsForThing)
+
+-- | To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+listThingGroupsForThing_nextToken :: Lens.Lens' ListThingGroupsForThing (Prelude.Maybe Prelude.Text)
+listThingGroupsForThing_nextToken = Lens.lens (\ListThingGroupsForThing' {nextToken} -> nextToken) (\s@ListThingGroupsForThing' {} a -> s {nextToken = a} :: ListThingGroupsForThing)
+
+-- | The thing name.
+listThingGroupsForThing_thingName :: Lens.Lens' ListThingGroupsForThing Prelude.Text
+listThingGroupsForThing_thingName = Lens.lens (\ListThingGroupsForThing' {thingName} -> thingName) (\s@ListThingGroupsForThing' {} a -> s {thingName = a} :: ListThingGroupsForThing)
+
+instance Core.AWSPager ListThingGroupsForThing where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listThingGroupsForThingResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listThingGroupsForThingResponse_thingGroups
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listThingGroupsForThing_nextToken
+          Lens..~ rs
+          Lens.^? listThingGroupsForThingResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListThingGroupsForThing where
+  type
+    AWSResponse ListThingGroupsForThing =
+      ListThingGroupsForThingResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListThingGroupsForThingResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (x Data..?> "thingGroups" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListThingGroupsForThing where
+  hashWithSalt _salt ListThingGroupsForThing' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` thingName
+
+instance Prelude.NFData ListThingGroupsForThing where
+  rnf ListThingGroupsForThing' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf thingName
+
+instance Data.ToHeaders ListThingGroupsForThing where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListThingGroupsForThing where
+  toPath ListThingGroupsForThing' {..} =
+    Prelude.mconcat
+      ["/things/", Data.toBS thingName, "/thing-groups"]
+
+instance Data.ToQuery ListThingGroupsForThing where
+  toQuery ListThingGroupsForThing' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken
+      ]
+
+-- | /See:/ 'newListThingGroupsForThingResponse' smart constructor.
+data ListThingGroupsForThingResponse = ListThingGroupsForThingResponse'
+  { -- | The token to use to get the next set of results, or __null__ if there
+    -- are no additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The thing groups.
+    thingGroups :: Prelude.Maybe [GroupNameAndArn],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListThingGroupsForThingResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listThingGroupsForThingResponse_nextToken' - The token to use to get the next set of results, or __null__ if there
+-- are no additional results.
+--
+-- 'thingGroups', 'listThingGroupsForThingResponse_thingGroups' - The thing groups.
+--
+-- 'httpStatus', 'listThingGroupsForThingResponse_httpStatus' - The response's http status code.
+newListThingGroupsForThingResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListThingGroupsForThingResponse
+newListThingGroupsForThingResponse pHttpStatus_ =
+  ListThingGroupsForThingResponse'
+    { nextToken =
+        Prelude.Nothing,
+      thingGroups = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The token to use to get the next set of results, or __null__ if there
+-- are no additional results.
+listThingGroupsForThingResponse_nextToken :: Lens.Lens' ListThingGroupsForThingResponse (Prelude.Maybe Prelude.Text)
+listThingGroupsForThingResponse_nextToken = Lens.lens (\ListThingGroupsForThingResponse' {nextToken} -> nextToken) (\s@ListThingGroupsForThingResponse' {} a -> s {nextToken = a} :: ListThingGroupsForThingResponse)
+
+-- | The thing groups.
+listThingGroupsForThingResponse_thingGroups :: Lens.Lens' ListThingGroupsForThingResponse (Prelude.Maybe [GroupNameAndArn])
+listThingGroupsForThingResponse_thingGroups = Lens.lens (\ListThingGroupsForThingResponse' {thingGroups} -> thingGroups) (\s@ListThingGroupsForThingResponse' {} a -> s {thingGroups = a} :: ListThingGroupsForThingResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listThingGroupsForThingResponse_httpStatus :: Lens.Lens' ListThingGroupsForThingResponse Prelude.Int
+listThingGroupsForThingResponse_httpStatus = Lens.lens (\ListThingGroupsForThingResponse' {httpStatus} -> httpStatus) (\s@ListThingGroupsForThingResponse' {} a -> s {httpStatus = a} :: ListThingGroupsForThingResponse)
+
+instance
+  Prelude.NFData
+    ListThingGroupsForThingResponse
+  where
+  rnf ListThingGroupsForThingResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf thingGroups
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListThingPrincipals.hs b/gen/Amazonka/IoT/ListThingPrincipals.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListThingPrincipals.hs
@@ -0,0 +1,238 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListThingPrincipals
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the principals associated with the specified thing. A principal
+-- can be X.509 certificates, IAM users, groups, and roles, Amazon Cognito
+-- identities or federated identities.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListThingPrincipals>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListThingPrincipals
+  ( -- * Creating a Request
+    ListThingPrincipals (..),
+    newListThingPrincipals,
+
+    -- * Request Lenses
+    listThingPrincipals_maxResults,
+    listThingPrincipals_nextToken,
+    listThingPrincipals_thingName,
+
+    -- * Destructuring the Response
+    ListThingPrincipalsResponse (..),
+    newListThingPrincipalsResponse,
+
+    -- * Response Lenses
+    listThingPrincipalsResponse_nextToken,
+    listThingPrincipalsResponse_principals,
+    listThingPrincipalsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the ListThingPrincipal operation.
+--
+-- /See:/ 'newListThingPrincipals' smart constructor.
+data ListThingPrincipals = ListThingPrincipals'
+  { -- | The maximum number of results to return in this operation.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | To retrieve the next set of results, the @nextToken@ value from a
+    -- previous response; otherwise __null__ to receive the first set of
+    -- results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The name of the thing.
+    thingName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListThingPrincipals' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listThingPrincipals_maxResults' - The maximum number of results to return in this operation.
+--
+-- 'nextToken', 'listThingPrincipals_nextToken' - To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+--
+-- 'thingName', 'listThingPrincipals_thingName' - The name of the thing.
+newListThingPrincipals ::
+  -- | 'thingName'
+  Prelude.Text ->
+  ListThingPrincipals
+newListThingPrincipals pThingName_ =
+  ListThingPrincipals'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      thingName = pThingName_
+    }
+
+-- | The maximum number of results to return in this operation.
+listThingPrincipals_maxResults :: Lens.Lens' ListThingPrincipals (Prelude.Maybe Prelude.Natural)
+listThingPrincipals_maxResults = Lens.lens (\ListThingPrincipals' {maxResults} -> maxResults) (\s@ListThingPrincipals' {} a -> s {maxResults = a} :: ListThingPrincipals)
+
+-- | To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+listThingPrincipals_nextToken :: Lens.Lens' ListThingPrincipals (Prelude.Maybe Prelude.Text)
+listThingPrincipals_nextToken = Lens.lens (\ListThingPrincipals' {nextToken} -> nextToken) (\s@ListThingPrincipals' {} a -> s {nextToken = a} :: ListThingPrincipals)
+
+-- | The name of the thing.
+listThingPrincipals_thingName :: Lens.Lens' ListThingPrincipals Prelude.Text
+listThingPrincipals_thingName = Lens.lens (\ListThingPrincipals' {thingName} -> thingName) (\s@ListThingPrincipals' {} a -> s {thingName = a} :: ListThingPrincipals)
+
+instance Core.AWSPager ListThingPrincipals where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listThingPrincipalsResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listThingPrincipalsResponse_principals
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listThingPrincipals_nextToken
+          Lens..~ rs
+          Lens.^? listThingPrincipalsResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListThingPrincipals where
+  type
+    AWSResponse ListThingPrincipals =
+      ListThingPrincipalsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListThingPrincipalsResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (x Data..?> "principals" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListThingPrincipals where
+  hashWithSalt _salt ListThingPrincipals' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` thingName
+
+instance Prelude.NFData ListThingPrincipals where
+  rnf ListThingPrincipals' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf thingName
+
+instance Data.ToHeaders ListThingPrincipals where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListThingPrincipals where
+  toPath ListThingPrincipals' {..} =
+    Prelude.mconcat
+      ["/things/", Data.toBS thingName, "/principals"]
+
+instance Data.ToQuery ListThingPrincipals where
+  toQuery ListThingPrincipals' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken
+      ]
+
+-- | The output from the ListThingPrincipals operation.
+--
+-- /See:/ 'newListThingPrincipalsResponse' smart constructor.
+data ListThingPrincipalsResponse = ListThingPrincipalsResponse'
+  { -- | The token to use to get the next set of results, or __null__ if there
+    -- are no additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The principals associated with the thing.
+    principals :: Prelude.Maybe [Prelude.Text],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListThingPrincipalsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listThingPrincipalsResponse_nextToken' - The token to use to get the next set of results, or __null__ if there
+-- are no additional results.
+--
+-- 'principals', 'listThingPrincipalsResponse_principals' - The principals associated with the thing.
+--
+-- 'httpStatus', 'listThingPrincipalsResponse_httpStatus' - The response's http status code.
+newListThingPrincipalsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListThingPrincipalsResponse
+newListThingPrincipalsResponse pHttpStatus_ =
+  ListThingPrincipalsResponse'
+    { nextToken =
+        Prelude.Nothing,
+      principals = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The token to use to get the next set of results, or __null__ if there
+-- are no additional results.
+listThingPrincipalsResponse_nextToken :: Lens.Lens' ListThingPrincipalsResponse (Prelude.Maybe Prelude.Text)
+listThingPrincipalsResponse_nextToken = Lens.lens (\ListThingPrincipalsResponse' {nextToken} -> nextToken) (\s@ListThingPrincipalsResponse' {} a -> s {nextToken = a} :: ListThingPrincipalsResponse)
+
+-- | The principals associated with the thing.
+listThingPrincipalsResponse_principals :: Lens.Lens' ListThingPrincipalsResponse (Prelude.Maybe [Prelude.Text])
+listThingPrincipalsResponse_principals = Lens.lens (\ListThingPrincipalsResponse' {principals} -> principals) (\s@ListThingPrincipalsResponse' {} a -> s {principals = a} :: ListThingPrincipalsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listThingPrincipalsResponse_httpStatus :: Lens.Lens' ListThingPrincipalsResponse Prelude.Int
+listThingPrincipalsResponse_httpStatus = Lens.lens (\ListThingPrincipalsResponse' {httpStatus} -> httpStatus) (\s@ListThingPrincipalsResponse' {} a -> s {httpStatus = a} :: ListThingPrincipalsResponse)
+
+instance Prelude.NFData ListThingPrincipalsResponse where
+  rnf ListThingPrincipalsResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf principals
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListThingRegistrationTaskReports.hs b/gen/Amazonka/IoT/ListThingRegistrationTaskReports.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListThingRegistrationTaskReports.hs
@@ -0,0 +1,285 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListThingRegistrationTaskReports
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Information about the thing registration tasks.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListThingRegistrationTaskReports
+  ( -- * Creating a Request
+    ListThingRegistrationTaskReports (..),
+    newListThingRegistrationTaskReports,
+
+    -- * Request Lenses
+    listThingRegistrationTaskReports_maxResults,
+    listThingRegistrationTaskReports_nextToken,
+    listThingRegistrationTaskReports_taskId,
+    listThingRegistrationTaskReports_reportType,
+
+    -- * Destructuring the Response
+    ListThingRegistrationTaskReportsResponse (..),
+    newListThingRegistrationTaskReportsResponse,
+
+    -- * Response Lenses
+    listThingRegistrationTaskReportsResponse_nextToken,
+    listThingRegistrationTaskReportsResponse_reportType,
+    listThingRegistrationTaskReportsResponse_resourceLinks,
+    listThingRegistrationTaskReportsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListThingRegistrationTaskReports' smart constructor.
+data ListThingRegistrationTaskReports = ListThingRegistrationTaskReports'
+  { -- | The maximum number of results to return per request.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | To retrieve the next set of results, the @nextToken@ value from a
+    -- previous response; otherwise __null__ to receive the first set of
+    -- results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The id of the task.
+    taskId :: Prelude.Text,
+    -- | The type of task report.
+    reportType :: ReportType
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListThingRegistrationTaskReports' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listThingRegistrationTaskReports_maxResults' - The maximum number of results to return per request.
+--
+-- 'nextToken', 'listThingRegistrationTaskReports_nextToken' - To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+--
+-- 'taskId', 'listThingRegistrationTaskReports_taskId' - The id of the task.
+--
+-- 'reportType', 'listThingRegistrationTaskReports_reportType' - The type of task report.
+newListThingRegistrationTaskReports ::
+  -- | 'taskId'
+  Prelude.Text ->
+  -- | 'reportType'
+  ReportType ->
+  ListThingRegistrationTaskReports
+newListThingRegistrationTaskReports
+  pTaskId_
+  pReportType_ =
+    ListThingRegistrationTaskReports'
+      { maxResults =
+          Prelude.Nothing,
+        nextToken = Prelude.Nothing,
+        taskId = pTaskId_,
+        reportType = pReportType_
+      }
+
+-- | The maximum number of results to return per request.
+listThingRegistrationTaskReports_maxResults :: Lens.Lens' ListThingRegistrationTaskReports (Prelude.Maybe Prelude.Natural)
+listThingRegistrationTaskReports_maxResults = Lens.lens (\ListThingRegistrationTaskReports' {maxResults} -> maxResults) (\s@ListThingRegistrationTaskReports' {} a -> s {maxResults = a} :: ListThingRegistrationTaskReports)
+
+-- | To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+listThingRegistrationTaskReports_nextToken :: Lens.Lens' ListThingRegistrationTaskReports (Prelude.Maybe Prelude.Text)
+listThingRegistrationTaskReports_nextToken = Lens.lens (\ListThingRegistrationTaskReports' {nextToken} -> nextToken) (\s@ListThingRegistrationTaskReports' {} a -> s {nextToken = a} :: ListThingRegistrationTaskReports)
+
+-- | The id of the task.
+listThingRegistrationTaskReports_taskId :: Lens.Lens' ListThingRegistrationTaskReports Prelude.Text
+listThingRegistrationTaskReports_taskId = Lens.lens (\ListThingRegistrationTaskReports' {taskId} -> taskId) (\s@ListThingRegistrationTaskReports' {} a -> s {taskId = a} :: ListThingRegistrationTaskReports)
+
+-- | The type of task report.
+listThingRegistrationTaskReports_reportType :: Lens.Lens' ListThingRegistrationTaskReports ReportType
+listThingRegistrationTaskReports_reportType = Lens.lens (\ListThingRegistrationTaskReports' {reportType} -> reportType) (\s@ListThingRegistrationTaskReports' {} a -> s {reportType = a} :: ListThingRegistrationTaskReports)
+
+instance
+  Core.AWSPager
+    ListThingRegistrationTaskReports
+  where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listThingRegistrationTaskReportsResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listThingRegistrationTaskReportsResponse_resourceLinks
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listThingRegistrationTaskReports_nextToken
+          Lens..~ rs
+          Lens.^? listThingRegistrationTaskReportsResponse_nextToken
+          Prelude.. Lens._Just
+
+instance
+  Core.AWSRequest
+    ListThingRegistrationTaskReports
+  where
+  type
+    AWSResponse ListThingRegistrationTaskReports =
+      ListThingRegistrationTaskReportsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListThingRegistrationTaskReportsResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (x Data..?> "reportType")
+            Prelude.<*> (x Data..?> "resourceLinks" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    ListThingRegistrationTaskReports
+  where
+  hashWithSalt
+    _salt
+    ListThingRegistrationTaskReports' {..} =
+      _salt
+        `Prelude.hashWithSalt` maxResults
+        `Prelude.hashWithSalt` nextToken
+        `Prelude.hashWithSalt` taskId
+        `Prelude.hashWithSalt` reportType
+
+instance
+  Prelude.NFData
+    ListThingRegistrationTaskReports
+  where
+  rnf ListThingRegistrationTaskReports' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf taskId
+      `Prelude.seq` Prelude.rnf reportType
+
+instance
+  Data.ToHeaders
+    ListThingRegistrationTaskReports
+  where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListThingRegistrationTaskReports where
+  toPath ListThingRegistrationTaskReports' {..} =
+    Prelude.mconcat
+      [ "/thing-registration-tasks/",
+        Data.toBS taskId,
+        "/reports"
+      ]
+
+instance
+  Data.ToQuery
+    ListThingRegistrationTaskReports
+  where
+  toQuery ListThingRegistrationTaskReports' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken,
+        "reportType" Data.=: reportType
+      ]
+
+-- | /See:/ 'newListThingRegistrationTaskReportsResponse' smart constructor.
+data ListThingRegistrationTaskReportsResponse = ListThingRegistrationTaskReportsResponse'
+  { -- | The token to use to get the next set of results, or __null__ if there
+    -- are no additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The type of task report.
+    reportType :: Prelude.Maybe ReportType,
+    -- | Links to the task resources.
+    resourceLinks :: Prelude.Maybe [Prelude.Text],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListThingRegistrationTaskReportsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listThingRegistrationTaskReportsResponse_nextToken' - The token to use to get the next set of results, or __null__ if there
+-- are no additional results.
+--
+-- 'reportType', 'listThingRegistrationTaskReportsResponse_reportType' - The type of task report.
+--
+-- 'resourceLinks', 'listThingRegistrationTaskReportsResponse_resourceLinks' - Links to the task resources.
+--
+-- 'httpStatus', 'listThingRegistrationTaskReportsResponse_httpStatus' - The response's http status code.
+newListThingRegistrationTaskReportsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListThingRegistrationTaskReportsResponse
+newListThingRegistrationTaskReportsResponse
+  pHttpStatus_ =
+    ListThingRegistrationTaskReportsResponse'
+      { nextToken =
+          Prelude.Nothing,
+        reportType = Prelude.Nothing,
+        resourceLinks = Prelude.Nothing,
+        httpStatus = pHttpStatus_
+      }
+
+-- | The token to use to get the next set of results, or __null__ if there
+-- are no additional results.
+listThingRegistrationTaskReportsResponse_nextToken :: Lens.Lens' ListThingRegistrationTaskReportsResponse (Prelude.Maybe Prelude.Text)
+listThingRegistrationTaskReportsResponse_nextToken = Lens.lens (\ListThingRegistrationTaskReportsResponse' {nextToken} -> nextToken) (\s@ListThingRegistrationTaskReportsResponse' {} a -> s {nextToken = a} :: ListThingRegistrationTaskReportsResponse)
+
+-- | The type of task report.
+listThingRegistrationTaskReportsResponse_reportType :: Lens.Lens' ListThingRegistrationTaskReportsResponse (Prelude.Maybe ReportType)
+listThingRegistrationTaskReportsResponse_reportType = Lens.lens (\ListThingRegistrationTaskReportsResponse' {reportType} -> reportType) (\s@ListThingRegistrationTaskReportsResponse' {} a -> s {reportType = a} :: ListThingRegistrationTaskReportsResponse)
+
+-- | Links to the task resources.
+listThingRegistrationTaskReportsResponse_resourceLinks :: Lens.Lens' ListThingRegistrationTaskReportsResponse (Prelude.Maybe [Prelude.Text])
+listThingRegistrationTaskReportsResponse_resourceLinks = Lens.lens (\ListThingRegistrationTaskReportsResponse' {resourceLinks} -> resourceLinks) (\s@ListThingRegistrationTaskReportsResponse' {} a -> s {resourceLinks = a} :: ListThingRegistrationTaskReportsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listThingRegistrationTaskReportsResponse_httpStatus :: Lens.Lens' ListThingRegistrationTaskReportsResponse Prelude.Int
+listThingRegistrationTaskReportsResponse_httpStatus = Lens.lens (\ListThingRegistrationTaskReportsResponse' {httpStatus} -> httpStatus) (\s@ListThingRegistrationTaskReportsResponse' {} a -> s {httpStatus = a} :: ListThingRegistrationTaskReportsResponse)
+
+instance
+  Prelude.NFData
+    ListThingRegistrationTaskReportsResponse
+  where
+  rnf ListThingRegistrationTaskReportsResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf reportType
+      `Prelude.seq` Prelude.rnf resourceLinks
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListThingRegistrationTasks.hs b/gen/Amazonka/IoT/ListThingRegistrationTasks.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListThingRegistrationTasks.hs
@@ -0,0 +1,233 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListThingRegistrationTasks
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- List bulk thing provisioning tasks.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListThingRegistrationTasks>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListThingRegistrationTasks
+  ( -- * Creating a Request
+    ListThingRegistrationTasks (..),
+    newListThingRegistrationTasks,
+
+    -- * Request Lenses
+    listThingRegistrationTasks_maxResults,
+    listThingRegistrationTasks_nextToken,
+    listThingRegistrationTasks_status,
+
+    -- * Destructuring the Response
+    ListThingRegistrationTasksResponse (..),
+    newListThingRegistrationTasksResponse,
+
+    -- * Response Lenses
+    listThingRegistrationTasksResponse_nextToken,
+    listThingRegistrationTasksResponse_taskIds,
+    listThingRegistrationTasksResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListThingRegistrationTasks' smart constructor.
+data ListThingRegistrationTasks = ListThingRegistrationTasks'
+  { -- | The maximum number of results to return at one time.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | To retrieve the next set of results, the @nextToken@ value from a
+    -- previous response; otherwise __null__ to receive the first set of
+    -- results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The status of the bulk thing provisioning task.
+    status :: Prelude.Maybe TaskStatus
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListThingRegistrationTasks' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listThingRegistrationTasks_maxResults' - The maximum number of results to return at one time.
+--
+-- 'nextToken', 'listThingRegistrationTasks_nextToken' - To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+--
+-- 'status', 'listThingRegistrationTasks_status' - The status of the bulk thing provisioning task.
+newListThingRegistrationTasks ::
+  ListThingRegistrationTasks
+newListThingRegistrationTasks =
+  ListThingRegistrationTasks'
+    { maxResults =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      status = Prelude.Nothing
+    }
+
+-- | The maximum number of results to return at one time.
+listThingRegistrationTasks_maxResults :: Lens.Lens' ListThingRegistrationTasks (Prelude.Maybe Prelude.Natural)
+listThingRegistrationTasks_maxResults = Lens.lens (\ListThingRegistrationTasks' {maxResults} -> maxResults) (\s@ListThingRegistrationTasks' {} a -> s {maxResults = a} :: ListThingRegistrationTasks)
+
+-- | To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+listThingRegistrationTasks_nextToken :: Lens.Lens' ListThingRegistrationTasks (Prelude.Maybe Prelude.Text)
+listThingRegistrationTasks_nextToken = Lens.lens (\ListThingRegistrationTasks' {nextToken} -> nextToken) (\s@ListThingRegistrationTasks' {} a -> s {nextToken = a} :: ListThingRegistrationTasks)
+
+-- | The status of the bulk thing provisioning task.
+listThingRegistrationTasks_status :: Lens.Lens' ListThingRegistrationTasks (Prelude.Maybe TaskStatus)
+listThingRegistrationTasks_status = Lens.lens (\ListThingRegistrationTasks' {status} -> status) (\s@ListThingRegistrationTasks' {} a -> s {status = a} :: ListThingRegistrationTasks)
+
+instance Core.AWSPager ListThingRegistrationTasks where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listThingRegistrationTasksResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listThingRegistrationTasksResponse_taskIds
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listThingRegistrationTasks_nextToken
+          Lens..~ rs
+          Lens.^? listThingRegistrationTasksResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListThingRegistrationTasks where
+  type
+    AWSResponse ListThingRegistrationTasks =
+      ListThingRegistrationTasksResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListThingRegistrationTasksResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (x Data..?> "taskIds" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListThingRegistrationTasks where
+  hashWithSalt _salt ListThingRegistrationTasks' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` status
+
+instance Prelude.NFData ListThingRegistrationTasks where
+  rnf ListThingRegistrationTasks' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf status
+
+instance Data.ToHeaders ListThingRegistrationTasks where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListThingRegistrationTasks where
+  toPath = Prelude.const "/thing-registration-tasks"
+
+instance Data.ToQuery ListThingRegistrationTasks where
+  toQuery ListThingRegistrationTasks' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken,
+        "status" Data.=: status
+      ]
+
+-- | /See:/ 'newListThingRegistrationTasksResponse' smart constructor.
+data ListThingRegistrationTasksResponse = ListThingRegistrationTasksResponse'
+  { -- | The token to use to get the next set of results, or __null__ if there
+    -- are no additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | A list of bulk thing provisioning task IDs.
+    taskIds :: Prelude.Maybe [Prelude.Text],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListThingRegistrationTasksResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listThingRegistrationTasksResponse_nextToken' - The token to use to get the next set of results, or __null__ if there
+-- are no additional results.
+--
+-- 'taskIds', 'listThingRegistrationTasksResponse_taskIds' - A list of bulk thing provisioning task IDs.
+--
+-- 'httpStatus', 'listThingRegistrationTasksResponse_httpStatus' - The response's http status code.
+newListThingRegistrationTasksResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListThingRegistrationTasksResponse
+newListThingRegistrationTasksResponse pHttpStatus_ =
+  ListThingRegistrationTasksResponse'
+    { nextToken =
+        Prelude.Nothing,
+      taskIds = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The token to use to get the next set of results, or __null__ if there
+-- are no additional results.
+listThingRegistrationTasksResponse_nextToken :: Lens.Lens' ListThingRegistrationTasksResponse (Prelude.Maybe Prelude.Text)
+listThingRegistrationTasksResponse_nextToken = Lens.lens (\ListThingRegistrationTasksResponse' {nextToken} -> nextToken) (\s@ListThingRegistrationTasksResponse' {} a -> s {nextToken = a} :: ListThingRegistrationTasksResponse)
+
+-- | A list of bulk thing provisioning task IDs.
+listThingRegistrationTasksResponse_taskIds :: Lens.Lens' ListThingRegistrationTasksResponse (Prelude.Maybe [Prelude.Text])
+listThingRegistrationTasksResponse_taskIds = Lens.lens (\ListThingRegistrationTasksResponse' {taskIds} -> taskIds) (\s@ListThingRegistrationTasksResponse' {} a -> s {taskIds = a} :: ListThingRegistrationTasksResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listThingRegistrationTasksResponse_httpStatus :: Lens.Lens' ListThingRegistrationTasksResponse Prelude.Int
+listThingRegistrationTasksResponse_httpStatus = Lens.lens (\ListThingRegistrationTasksResponse' {httpStatus} -> httpStatus) (\s@ListThingRegistrationTasksResponse' {} a -> s {httpStatus = a} :: ListThingRegistrationTasksResponse)
+
+instance
+  Prelude.NFData
+    ListThingRegistrationTasksResponse
+  where
+  rnf ListThingRegistrationTasksResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf taskIds
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListThingTypes.hs b/gen/Amazonka/IoT/ListThingTypes.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListThingTypes.hs
@@ -0,0 +1,233 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListThingTypes
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the existing thing types.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListThingTypes>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListThingTypes
+  ( -- * Creating a Request
+    ListThingTypes (..),
+    newListThingTypes,
+
+    -- * Request Lenses
+    listThingTypes_maxResults,
+    listThingTypes_nextToken,
+    listThingTypes_thingTypeName,
+
+    -- * Destructuring the Response
+    ListThingTypesResponse (..),
+    newListThingTypesResponse,
+
+    -- * Response Lenses
+    listThingTypesResponse_nextToken,
+    listThingTypesResponse_thingTypes,
+    listThingTypesResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the ListThingTypes operation.
+--
+-- /See:/ 'newListThingTypes' smart constructor.
+data ListThingTypes = ListThingTypes'
+  { -- | The maximum number of results to return in this operation.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | To retrieve the next set of results, the @nextToken@ value from a
+    -- previous response; otherwise __null__ to receive the first set of
+    -- results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The name of the thing type.
+    thingTypeName :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListThingTypes' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listThingTypes_maxResults' - The maximum number of results to return in this operation.
+--
+-- 'nextToken', 'listThingTypes_nextToken' - To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+--
+-- 'thingTypeName', 'listThingTypes_thingTypeName' - The name of the thing type.
+newListThingTypes ::
+  ListThingTypes
+newListThingTypes =
+  ListThingTypes'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      thingTypeName = Prelude.Nothing
+    }
+
+-- | The maximum number of results to return in this operation.
+listThingTypes_maxResults :: Lens.Lens' ListThingTypes (Prelude.Maybe Prelude.Natural)
+listThingTypes_maxResults = Lens.lens (\ListThingTypes' {maxResults} -> maxResults) (\s@ListThingTypes' {} a -> s {maxResults = a} :: ListThingTypes)
+
+-- | To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+listThingTypes_nextToken :: Lens.Lens' ListThingTypes (Prelude.Maybe Prelude.Text)
+listThingTypes_nextToken = Lens.lens (\ListThingTypes' {nextToken} -> nextToken) (\s@ListThingTypes' {} a -> s {nextToken = a} :: ListThingTypes)
+
+-- | The name of the thing type.
+listThingTypes_thingTypeName :: Lens.Lens' ListThingTypes (Prelude.Maybe Prelude.Text)
+listThingTypes_thingTypeName = Lens.lens (\ListThingTypes' {thingTypeName} -> thingTypeName) (\s@ListThingTypes' {} a -> s {thingTypeName = a} :: ListThingTypes)
+
+instance Core.AWSPager ListThingTypes where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listThingTypesResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listThingTypesResponse_thingTypes
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listThingTypes_nextToken
+          Lens..~ rs
+          Lens.^? listThingTypesResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListThingTypes where
+  type
+    AWSResponse ListThingTypes =
+      ListThingTypesResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListThingTypesResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (x Data..?> "thingTypes" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListThingTypes where
+  hashWithSalt _salt ListThingTypes' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` thingTypeName
+
+instance Prelude.NFData ListThingTypes where
+  rnf ListThingTypes' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf thingTypeName
+
+instance Data.ToHeaders ListThingTypes where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListThingTypes where
+  toPath = Prelude.const "/thing-types"
+
+instance Data.ToQuery ListThingTypes where
+  toQuery ListThingTypes' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken,
+        "thingTypeName" Data.=: thingTypeName
+      ]
+
+-- | The output for the ListThingTypes operation.
+--
+-- /See:/ 'newListThingTypesResponse' smart constructor.
+data ListThingTypesResponse = ListThingTypesResponse'
+  { -- | The token for the next set of results. Will not be returned if operation
+    -- has returned all results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The thing types.
+    thingTypes :: Prelude.Maybe [ThingTypeDefinition],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListThingTypesResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listThingTypesResponse_nextToken' - The token for the next set of results. Will not be returned if operation
+-- has returned all results.
+--
+-- 'thingTypes', 'listThingTypesResponse_thingTypes' - The thing types.
+--
+-- 'httpStatus', 'listThingTypesResponse_httpStatus' - The response's http status code.
+newListThingTypesResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListThingTypesResponse
+newListThingTypesResponse pHttpStatus_ =
+  ListThingTypesResponse'
+    { nextToken =
+        Prelude.Nothing,
+      thingTypes = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The token for the next set of results. Will not be returned if operation
+-- has returned all results.
+listThingTypesResponse_nextToken :: Lens.Lens' ListThingTypesResponse (Prelude.Maybe Prelude.Text)
+listThingTypesResponse_nextToken = Lens.lens (\ListThingTypesResponse' {nextToken} -> nextToken) (\s@ListThingTypesResponse' {} a -> s {nextToken = a} :: ListThingTypesResponse)
+
+-- | The thing types.
+listThingTypesResponse_thingTypes :: Lens.Lens' ListThingTypesResponse (Prelude.Maybe [ThingTypeDefinition])
+listThingTypesResponse_thingTypes = Lens.lens (\ListThingTypesResponse' {thingTypes} -> thingTypes) (\s@ListThingTypesResponse' {} a -> s {thingTypes = a} :: ListThingTypesResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listThingTypesResponse_httpStatus :: Lens.Lens' ListThingTypesResponse Prelude.Int
+listThingTypesResponse_httpStatus = Lens.lens (\ListThingTypesResponse' {httpStatus} -> httpStatus) (\s@ListThingTypesResponse' {} a -> s {httpStatus = a} :: ListThingTypesResponse)
+
+instance Prelude.NFData ListThingTypesResponse where
+  rnf ListThingTypesResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf thingTypes
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListThings.hs b/gen/Amazonka/IoT/ListThings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListThings.hs
@@ -0,0 +1,296 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListThings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists your things. Use the __attributeName__ and __attributeValue__
+-- parameters to filter your things. For example, calling @ListThings@ with
+-- attributeName=Color and attributeValue=Red retrieves all things in the
+-- registry that contain an attribute __Color__ with the value __Red__. For
+-- more information, see
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/thing-registry.html#list-things List Things>
+-- from the /Amazon Web Services IoT Core Developer Guide/.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListThings>
+-- action.
+--
+-- You will not be charged for calling this API if an @Access denied@ error
+-- is returned. You will also not be charged if no attributes or pagination
+-- token was provided in request and no pagination token and no results
+-- were returned.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListThings
+  ( -- * Creating a Request
+    ListThings (..),
+    newListThings,
+
+    -- * Request Lenses
+    listThings_attributeName,
+    listThings_attributeValue,
+    listThings_maxResults,
+    listThings_nextToken,
+    listThings_thingTypeName,
+    listThings_usePrefixAttributeValue,
+
+    -- * Destructuring the Response
+    ListThingsResponse (..),
+    newListThingsResponse,
+
+    -- * Response Lenses
+    listThingsResponse_nextToken,
+    listThingsResponse_things,
+    listThingsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the ListThings operation.
+--
+-- /See:/ 'newListThings' smart constructor.
+data ListThings = ListThings'
+  { -- | The attribute name used to search for things.
+    attributeName :: Prelude.Maybe Prelude.Text,
+    -- | The attribute value used to search for things.
+    attributeValue :: Prelude.Maybe Prelude.Text,
+    -- | The maximum number of results to return in this operation.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | To retrieve the next set of results, the @nextToken@ value from a
+    -- previous response; otherwise __null__ to receive the first set of
+    -- results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The name of the thing type used to search for things.
+    thingTypeName :: Prelude.Maybe Prelude.Text,
+    -- | When @true@, the action returns the thing resources with attribute
+    -- values that start with the @attributeValue@ provided.
+    --
+    -- When @false@, or not present, the action returns only the thing
+    -- resources with attribute values that match the entire @attributeValue@
+    -- provided.
+    usePrefixAttributeValue :: Prelude.Maybe Prelude.Bool
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListThings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'attributeName', 'listThings_attributeName' - The attribute name used to search for things.
+--
+-- 'attributeValue', 'listThings_attributeValue' - The attribute value used to search for things.
+--
+-- 'maxResults', 'listThings_maxResults' - The maximum number of results to return in this operation.
+--
+-- 'nextToken', 'listThings_nextToken' - To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+--
+-- 'thingTypeName', 'listThings_thingTypeName' - The name of the thing type used to search for things.
+--
+-- 'usePrefixAttributeValue', 'listThings_usePrefixAttributeValue' - When @true@, the action returns the thing resources with attribute
+-- values that start with the @attributeValue@ provided.
+--
+-- When @false@, or not present, the action returns only the thing
+-- resources with attribute values that match the entire @attributeValue@
+-- provided.
+newListThings ::
+  ListThings
+newListThings =
+  ListThings'
+    { attributeName = Prelude.Nothing,
+      attributeValue = Prelude.Nothing,
+      maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      thingTypeName = Prelude.Nothing,
+      usePrefixAttributeValue = Prelude.Nothing
+    }
+
+-- | The attribute name used to search for things.
+listThings_attributeName :: Lens.Lens' ListThings (Prelude.Maybe Prelude.Text)
+listThings_attributeName = Lens.lens (\ListThings' {attributeName} -> attributeName) (\s@ListThings' {} a -> s {attributeName = a} :: ListThings)
+
+-- | The attribute value used to search for things.
+listThings_attributeValue :: Lens.Lens' ListThings (Prelude.Maybe Prelude.Text)
+listThings_attributeValue = Lens.lens (\ListThings' {attributeValue} -> attributeValue) (\s@ListThings' {} a -> s {attributeValue = a} :: ListThings)
+
+-- | The maximum number of results to return in this operation.
+listThings_maxResults :: Lens.Lens' ListThings (Prelude.Maybe Prelude.Natural)
+listThings_maxResults = Lens.lens (\ListThings' {maxResults} -> maxResults) (\s@ListThings' {} a -> s {maxResults = a} :: ListThings)
+
+-- | To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+listThings_nextToken :: Lens.Lens' ListThings (Prelude.Maybe Prelude.Text)
+listThings_nextToken = Lens.lens (\ListThings' {nextToken} -> nextToken) (\s@ListThings' {} a -> s {nextToken = a} :: ListThings)
+
+-- | The name of the thing type used to search for things.
+listThings_thingTypeName :: Lens.Lens' ListThings (Prelude.Maybe Prelude.Text)
+listThings_thingTypeName = Lens.lens (\ListThings' {thingTypeName} -> thingTypeName) (\s@ListThings' {} a -> s {thingTypeName = a} :: ListThings)
+
+-- | When @true@, the action returns the thing resources with attribute
+-- values that start with the @attributeValue@ provided.
+--
+-- When @false@, or not present, the action returns only the thing
+-- resources with attribute values that match the entire @attributeValue@
+-- provided.
+listThings_usePrefixAttributeValue :: Lens.Lens' ListThings (Prelude.Maybe Prelude.Bool)
+listThings_usePrefixAttributeValue = Lens.lens (\ListThings' {usePrefixAttributeValue} -> usePrefixAttributeValue) (\s@ListThings' {} a -> s {usePrefixAttributeValue = a} :: ListThings)
+
+instance Core.AWSPager ListThings where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listThingsResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listThingsResponse_things
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listThings_nextToken
+          Lens..~ rs
+          Lens.^? listThingsResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListThings where
+  type AWSResponse ListThings = ListThingsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListThingsResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (x Data..?> "things" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListThings where
+  hashWithSalt _salt ListThings' {..} =
+    _salt
+      `Prelude.hashWithSalt` attributeName
+      `Prelude.hashWithSalt` attributeValue
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` thingTypeName
+      `Prelude.hashWithSalt` usePrefixAttributeValue
+
+instance Prelude.NFData ListThings where
+  rnf ListThings' {..} =
+    Prelude.rnf attributeName
+      `Prelude.seq` Prelude.rnf attributeValue
+      `Prelude.seq` Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf thingTypeName
+      `Prelude.seq` Prelude.rnf usePrefixAttributeValue
+
+instance Data.ToHeaders ListThings where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListThings where
+  toPath = Prelude.const "/things"
+
+instance Data.ToQuery ListThings where
+  toQuery ListThings' {..} =
+    Prelude.mconcat
+      [ "attributeName" Data.=: attributeName,
+        "attributeValue" Data.=: attributeValue,
+        "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken,
+        "thingTypeName" Data.=: thingTypeName,
+        "usePrefixAttributeValue"
+          Data.=: usePrefixAttributeValue
+      ]
+
+-- | The output from the ListThings operation.
+--
+-- /See:/ 'newListThingsResponse' smart constructor.
+data ListThingsResponse = ListThingsResponse'
+  { -- | The token to use to get the next set of results. Will not be returned if
+    -- operation has returned all results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The things.
+    things :: Prelude.Maybe [ThingAttribute],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListThingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listThingsResponse_nextToken' - The token to use to get the next set of results. Will not be returned if
+-- operation has returned all results.
+--
+-- 'things', 'listThingsResponse_things' - The things.
+--
+-- 'httpStatus', 'listThingsResponse_httpStatus' - The response's http status code.
+newListThingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListThingsResponse
+newListThingsResponse pHttpStatus_ =
+  ListThingsResponse'
+    { nextToken = Prelude.Nothing,
+      things = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The token to use to get the next set of results. Will not be returned if
+-- operation has returned all results.
+listThingsResponse_nextToken :: Lens.Lens' ListThingsResponse (Prelude.Maybe Prelude.Text)
+listThingsResponse_nextToken = Lens.lens (\ListThingsResponse' {nextToken} -> nextToken) (\s@ListThingsResponse' {} a -> s {nextToken = a} :: ListThingsResponse)
+
+-- | The things.
+listThingsResponse_things :: Lens.Lens' ListThingsResponse (Prelude.Maybe [ThingAttribute])
+listThingsResponse_things = Lens.lens (\ListThingsResponse' {things} -> things) (\s@ListThingsResponse' {} a -> s {things = a} :: ListThingsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listThingsResponse_httpStatus :: Lens.Lens' ListThingsResponse Prelude.Int
+listThingsResponse_httpStatus = Lens.lens (\ListThingsResponse' {httpStatus} -> httpStatus) (\s@ListThingsResponse' {} a -> s {httpStatus = a} :: ListThingsResponse)
+
+instance Prelude.NFData ListThingsResponse where
+  rnf ListThingsResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf things
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListThingsInBillingGroup.hs b/gen/Amazonka/IoT/ListThingsInBillingGroup.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListThingsInBillingGroup.hs
@@ -0,0 +1,239 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListThingsInBillingGroup
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the things you have added to the given billing group.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListThingsInBillingGroup>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListThingsInBillingGroup
+  ( -- * Creating a Request
+    ListThingsInBillingGroup (..),
+    newListThingsInBillingGroup,
+
+    -- * Request Lenses
+    listThingsInBillingGroup_maxResults,
+    listThingsInBillingGroup_nextToken,
+    listThingsInBillingGroup_billingGroupName,
+
+    -- * Destructuring the Response
+    ListThingsInBillingGroupResponse (..),
+    newListThingsInBillingGroupResponse,
+
+    -- * Response Lenses
+    listThingsInBillingGroupResponse_nextToken,
+    listThingsInBillingGroupResponse_things,
+    listThingsInBillingGroupResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListThingsInBillingGroup' smart constructor.
+data ListThingsInBillingGroup = ListThingsInBillingGroup'
+  { -- | The maximum number of results to return per request.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | To retrieve the next set of results, the @nextToken@ value from a
+    -- previous response; otherwise __null__ to receive the first set of
+    -- results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The name of the billing group.
+    billingGroupName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListThingsInBillingGroup' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listThingsInBillingGroup_maxResults' - The maximum number of results to return per request.
+--
+-- 'nextToken', 'listThingsInBillingGroup_nextToken' - To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+--
+-- 'billingGroupName', 'listThingsInBillingGroup_billingGroupName' - The name of the billing group.
+newListThingsInBillingGroup ::
+  -- | 'billingGroupName'
+  Prelude.Text ->
+  ListThingsInBillingGroup
+newListThingsInBillingGroup pBillingGroupName_ =
+  ListThingsInBillingGroup'
+    { maxResults =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      billingGroupName = pBillingGroupName_
+    }
+
+-- | The maximum number of results to return per request.
+listThingsInBillingGroup_maxResults :: Lens.Lens' ListThingsInBillingGroup (Prelude.Maybe Prelude.Natural)
+listThingsInBillingGroup_maxResults = Lens.lens (\ListThingsInBillingGroup' {maxResults} -> maxResults) (\s@ListThingsInBillingGroup' {} a -> s {maxResults = a} :: ListThingsInBillingGroup)
+
+-- | To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+listThingsInBillingGroup_nextToken :: Lens.Lens' ListThingsInBillingGroup (Prelude.Maybe Prelude.Text)
+listThingsInBillingGroup_nextToken = Lens.lens (\ListThingsInBillingGroup' {nextToken} -> nextToken) (\s@ListThingsInBillingGroup' {} a -> s {nextToken = a} :: ListThingsInBillingGroup)
+
+-- | The name of the billing group.
+listThingsInBillingGroup_billingGroupName :: Lens.Lens' ListThingsInBillingGroup Prelude.Text
+listThingsInBillingGroup_billingGroupName = Lens.lens (\ListThingsInBillingGroup' {billingGroupName} -> billingGroupName) (\s@ListThingsInBillingGroup' {} a -> s {billingGroupName = a} :: ListThingsInBillingGroup)
+
+instance Core.AWSPager ListThingsInBillingGroup where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listThingsInBillingGroupResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listThingsInBillingGroupResponse_things
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listThingsInBillingGroup_nextToken
+          Lens..~ rs
+          Lens.^? listThingsInBillingGroupResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListThingsInBillingGroup where
+  type
+    AWSResponse ListThingsInBillingGroup =
+      ListThingsInBillingGroupResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListThingsInBillingGroupResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (x Data..?> "things" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListThingsInBillingGroup where
+  hashWithSalt _salt ListThingsInBillingGroup' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` billingGroupName
+
+instance Prelude.NFData ListThingsInBillingGroup where
+  rnf ListThingsInBillingGroup' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf billingGroupName
+
+instance Data.ToHeaders ListThingsInBillingGroup where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListThingsInBillingGroup where
+  toPath ListThingsInBillingGroup' {..} =
+    Prelude.mconcat
+      [ "/billing-groups/",
+        Data.toBS billingGroupName,
+        "/things"
+      ]
+
+instance Data.ToQuery ListThingsInBillingGroup where
+  toQuery ListThingsInBillingGroup' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken
+      ]
+
+-- | /See:/ 'newListThingsInBillingGroupResponse' smart constructor.
+data ListThingsInBillingGroupResponse = ListThingsInBillingGroupResponse'
+  { -- | The token to use to get the next set of results. Will not be returned if
+    -- operation has returned all results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | A list of things in the billing group.
+    things :: Prelude.Maybe [Prelude.Text],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListThingsInBillingGroupResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listThingsInBillingGroupResponse_nextToken' - The token to use to get the next set of results. Will not be returned if
+-- operation has returned all results.
+--
+-- 'things', 'listThingsInBillingGroupResponse_things' - A list of things in the billing group.
+--
+-- 'httpStatus', 'listThingsInBillingGroupResponse_httpStatus' - The response's http status code.
+newListThingsInBillingGroupResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListThingsInBillingGroupResponse
+newListThingsInBillingGroupResponse pHttpStatus_ =
+  ListThingsInBillingGroupResponse'
+    { nextToken =
+        Prelude.Nothing,
+      things = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The token to use to get the next set of results. Will not be returned if
+-- operation has returned all results.
+listThingsInBillingGroupResponse_nextToken :: Lens.Lens' ListThingsInBillingGroupResponse (Prelude.Maybe Prelude.Text)
+listThingsInBillingGroupResponse_nextToken = Lens.lens (\ListThingsInBillingGroupResponse' {nextToken} -> nextToken) (\s@ListThingsInBillingGroupResponse' {} a -> s {nextToken = a} :: ListThingsInBillingGroupResponse)
+
+-- | A list of things in the billing group.
+listThingsInBillingGroupResponse_things :: Lens.Lens' ListThingsInBillingGroupResponse (Prelude.Maybe [Prelude.Text])
+listThingsInBillingGroupResponse_things = Lens.lens (\ListThingsInBillingGroupResponse' {things} -> things) (\s@ListThingsInBillingGroupResponse' {} a -> s {things = a} :: ListThingsInBillingGroupResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listThingsInBillingGroupResponse_httpStatus :: Lens.Lens' ListThingsInBillingGroupResponse Prelude.Int
+listThingsInBillingGroupResponse_httpStatus = Lens.lens (\ListThingsInBillingGroupResponse' {httpStatus} -> httpStatus) (\s@ListThingsInBillingGroupResponse' {} a -> s {httpStatus = a} :: ListThingsInBillingGroupResponse)
+
+instance
+  Prelude.NFData
+    ListThingsInBillingGroupResponse
+  where
+  rnf ListThingsInBillingGroupResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf things
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListThingsInThingGroup.hs b/gen/Amazonka/IoT/ListThingsInThingGroup.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListThingsInThingGroup.hs
@@ -0,0 +1,255 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListThingsInThingGroup
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the things in the specified group.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListThingsInThingGroup>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListThingsInThingGroup
+  ( -- * Creating a Request
+    ListThingsInThingGroup (..),
+    newListThingsInThingGroup,
+
+    -- * Request Lenses
+    listThingsInThingGroup_maxResults,
+    listThingsInThingGroup_nextToken,
+    listThingsInThingGroup_recursive,
+    listThingsInThingGroup_thingGroupName,
+
+    -- * Destructuring the Response
+    ListThingsInThingGroupResponse (..),
+    newListThingsInThingGroupResponse,
+
+    -- * Response Lenses
+    listThingsInThingGroupResponse_nextToken,
+    listThingsInThingGroupResponse_things,
+    listThingsInThingGroupResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListThingsInThingGroup' smart constructor.
+data ListThingsInThingGroup = ListThingsInThingGroup'
+  { -- | The maximum number of results to return at one time.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | To retrieve the next set of results, the @nextToken@ value from a
+    -- previous response; otherwise __null__ to receive the first set of
+    -- results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | When true, list things in this thing group and in all child groups as
+    -- well.
+    recursive :: Prelude.Maybe Prelude.Bool,
+    -- | The thing group name.
+    thingGroupName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListThingsInThingGroup' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listThingsInThingGroup_maxResults' - The maximum number of results to return at one time.
+--
+-- 'nextToken', 'listThingsInThingGroup_nextToken' - To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+--
+-- 'recursive', 'listThingsInThingGroup_recursive' - When true, list things in this thing group and in all child groups as
+-- well.
+--
+-- 'thingGroupName', 'listThingsInThingGroup_thingGroupName' - The thing group name.
+newListThingsInThingGroup ::
+  -- | 'thingGroupName'
+  Prelude.Text ->
+  ListThingsInThingGroup
+newListThingsInThingGroup pThingGroupName_ =
+  ListThingsInThingGroup'
+    { maxResults =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      recursive = Prelude.Nothing,
+      thingGroupName = pThingGroupName_
+    }
+
+-- | The maximum number of results to return at one time.
+listThingsInThingGroup_maxResults :: Lens.Lens' ListThingsInThingGroup (Prelude.Maybe Prelude.Natural)
+listThingsInThingGroup_maxResults = Lens.lens (\ListThingsInThingGroup' {maxResults} -> maxResults) (\s@ListThingsInThingGroup' {} a -> s {maxResults = a} :: ListThingsInThingGroup)
+
+-- | To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+listThingsInThingGroup_nextToken :: Lens.Lens' ListThingsInThingGroup (Prelude.Maybe Prelude.Text)
+listThingsInThingGroup_nextToken = Lens.lens (\ListThingsInThingGroup' {nextToken} -> nextToken) (\s@ListThingsInThingGroup' {} a -> s {nextToken = a} :: ListThingsInThingGroup)
+
+-- | When true, list things in this thing group and in all child groups as
+-- well.
+listThingsInThingGroup_recursive :: Lens.Lens' ListThingsInThingGroup (Prelude.Maybe Prelude.Bool)
+listThingsInThingGroup_recursive = Lens.lens (\ListThingsInThingGroup' {recursive} -> recursive) (\s@ListThingsInThingGroup' {} a -> s {recursive = a} :: ListThingsInThingGroup)
+
+-- | The thing group name.
+listThingsInThingGroup_thingGroupName :: Lens.Lens' ListThingsInThingGroup Prelude.Text
+listThingsInThingGroup_thingGroupName = Lens.lens (\ListThingsInThingGroup' {thingGroupName} -> thingGroupName) (\s@ListThingsInThingGroup' {} a -> s {thingGroupName = a} :: ListThingsInThingGroup)
+
+instance Core.AWSPager ListThingsInThingGroup where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listThingsInThingGroupResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listThingsInThingGroupResponse_things
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listThingsInThingGroup_nextToken
+          Lens..~ rs
+          Lens.^? listThingsInThingGroupResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListThingsInThingGroup where
+  type
+    AWSResponse ListThingsInThingGroup =
+      ListThingsInThingGroupResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListThingsInThingGroupResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (x Data..?> "things" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListThingsInThingGroup where
+  hashWithSalt _salt ListThingsInThingGroup' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` recursive
+      `Prelude.hashWithSalt` thingGroupName
+
+instance Prelude.NFData ListThingsInThingGroup where
+  rnf ListThingsInThingGroup' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf recursive
+      `Prelude.seq` Prelude.rnf thingGroupName
+
+instance Data.ToHeaders ListThingsInThingGroup where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListThingsInThingGroup where
+  toPath ListThingsInThingGroup' {..} =
+    Prelude.mconcat
+      [ "/thing-groups/",
+        Data.toBS thingGroupName,
+        "/things"
+      ]
+
+instance Data.ToQuery ListThingsInThingGroup where
+  toQuery ListThingsInThingGroup' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken,
+        "recursive" Data.=: recursive
+      ]
+
+-- | /See:/ 'newListThingsInThingGroupResponse' smart constructor.
+data ListThingsInThingGroupResponse = ListThingsInThingGroupResponse'
+  { -- | The token to use to get the next set of results, or __null__ if there
+    -- are no additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The things in the specified thing group.
+    things :: Prelude.Maybe [Prelude.Text],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListThingsInThingGroupResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listThingsInThingGroupResponse_nextToken' - The token to use to get the next set of results, or __null__ if there
+-- are no additional results.
+--
+-- 'things', 'listThingsInThingGroupResponse_things' - The things in the specified thing group.
+--
+-- 'httpStatus', 'listThingsInThingGroupResponse_httpStatus' - The response's http status code.
+newListThingsInThingGroupResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListThingsInThingGroupResponse
+newListThingsInThingGroupResponse pHttpStatus_ =
+  ListThingsInThingGroupResponse'
+    { nextToken =
+        Prelude.Nothing,
+      things = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The token to use to get the next set of results, or __null__ if there
+-- are no additional results.
+listThingsInThingGroupResponse_nextToken :: Lens.Lens' ListThingsInThingGroupResponse (Prelude.Maybe Prelude.Text)
+listThingsInThingGroupResponse_nextToken = Lens.lens (\ListThingsInThingGroupResponse' {nextToken} -> nextToken) (\s@ListThingsInThingGroupResponse' {} a -> s {nextToken = a} :: ListThingsInThingGroupResponse)
+
+-- | The things in the specified thing group.
+listThingsInThingGroupResponse_things :: Lens.Lens' ListThingsInThingGroupResponse (Prelude.Maybe [Prelude.Text])
+listThingsInThingGroupResponse_things = Lens.lens (\ListThingsInThingGroupResponse' {things} -> things) (\s@ListThingsInThingGroupResponse' {} a -> s {things = a} :: ListThingsInThingGroupResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listThingsInThingGroupResponse_httpStatus :: Lens.Lens' ListThingsInThingGroupResponse Prelude.Int
+listThingsInThingGroupResponse_httpStatus = Lens.lens (\ListThingsInThingGroupResponse' {httpStatus} -> httpStatus) (\s@ListThingsInThingGroupResponse' {} a -> s {httpStatus = a} :: ListThingsInThingGroupResponse)
+
+instance
+  Prelude.NFData
+    ListThingsInThingGroupResponse
+  where
+  rnf ListThingsInThingGroupResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf things
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListTopicRuleDestinations.hs b/gen/Amazonka/IoT/ListTopicRuleDestinations.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListTopicRuleDestinations.hs
@@ -0,0 +1,224 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListTopicRuleDestinations
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists all the topic rule destinations in your Amazon Web Services
+-- account.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListTopicRuleDestinations>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListTopicRuleDestinations
+  ( -- * Creating a Request
+    ListTopicRuleDestinations (..),
+    newListTopicRuleDestinations,
+
+    -- * Request Lenses
+    listTopicRuleDestinations_maxResults,
+    listTopicRuleDestinations_nextToken,
+
+    -- * Destructuring the Response
+    ListTopicRuleDestinationsResponse (..),
+    newListTopicRuleDestinationsResponse,
+
+    -- * Response Lenses
+    listTopicRuleDestinationsResponse_destinationSummaries,
+    listTopicRuleDestinationsResponse_nextToken,
+    listTopicRuleDestinationsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListTopicRuleDestinations' smart constructor.
+data ListTopicRuleDestinations = ListTopicRuleDestinations'
+  { -- | The maximum number of results to return at one time.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | To retrieve the next set of results, the @nextToken@ value from a
+    -- previous response; otherwise __null__ to receive the first set of
+    -- results.
+    nextToken :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListTopicRuleDestinations' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listTopicRuleDestinations_maxResults' - The maximum number of results to return at one time.
+--
+-- 'nextToken', 'listTopicRuleDestinations_nextToken' - To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+newListTopicRuleDestinations ::
+  ListTopicRuleDestinations
+newListTopicRuleDestinations =
+  ListTopicRuleDestinations'
+    { maxResults =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing
+    }
+
+-- | The maximum number of results to return at one time.
+listTopicRuleDestinations_maxResults :: Lens.Lens' ListTopicRuleDestinations (Prelude.Maybe Prelude.Natural)
+listTopicRuleDestinations_maxResults = Lens.lens (\ListTopicRuleDestinations' {maxResults} -> maxResults) (\s@ListTopicRuleDestinations' {} a -> s {maxResults = a} :: ListTopicRuleDestinations)
+
+-- | To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+listTopicRuleDestinations_nextToken :: Lens.Lens' ListTopicRuleDestinations (Prelude.Maybe Prelude.Text)
+listTopicRuleDestinations_nextToken = Lens.lens (\ListTopicRuleDestinations' {nextToken} -> nextToken) (\s@ListTopicRuleDestinations' {} a -> s {nextToken = a} :: ListTopicRuleDestinations)
+
+instance Core.AWSPager ListTopicRuleDestinations where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listTopicRuleDestinationsResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listTopicRuleDestinationsResponse_destinationSummaries
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listTopicRuleDestinations_nextToken
+          Lens..~ rs
+          Lens.^? listTopicRuleDestinationsResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListTopicRuleDestinations where
+  type
+    AWSResponse ListTopicRuleDestinations =
+      ListTopicRuleDestinationsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListTopicRuleDestinationsResponse'
+            Prelude.<$> ( x
+                            Data..?> "destinationSummaries"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (x Data..?> "nextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListTopicRuleDestinations where
+  hashWithSalt _salt ListTopicRuleDestinations' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+
+instance Prelude.NFData ListTopicRuleDestinations where
+  rnf ListTopicRuleDestinations' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+
+instance Data.ToHeaders ListTopicRuleDestinations where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListTopicRuleDestinations where
+  toPath = Prelude.const "/destinations"
+
+instance Data.ToQuery ListTopicRuleDestinations where
+  toQuery ListTopicRuleDestinations' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken
+      ]
+
+-- | /See:/ 'newListTopicRuleDestinationsResponse' smart constructor.
+data ListTopicRuleDestinationsResponse = ListTopicRuleDestinationsResponse'
+  { -- | Information about a topic rule destination.
+    destinationSummaries :: Prelude.Maybe [TopicRuleDestinationSummary],
+    -- | The token to use to get the next set of results, or __null__ if there
+    -- are no additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListTopicRuleDestinationsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'destinationSummaries', 'listTopicRuleDestinationsResponse_destinationSummaries' - Information about a topic rule destination.
+--
+-- 'nextToken', 'listTopicRuleDestinationsResponse_nextToken' - The token to use to get the next set of results, or __null__ if there
+-- are no additional results.
+--
+-- 'httpStatus', 'listTopicRuleDestinationsResponse_httpStatus' - The response's http status code.
+newListTopicRuleDestinationsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListTopicRuleDestinationsResponse
+newListTopicRuleDestinationsResponse pHttpStatus_ =
+  ListTopicRuleDestinationsResponse'
+    { destinationSummaries =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | Information about a topic rule destination.
+listTopicRuleDestinationsResponse_destinationSummaries :: Lens.Lens' ListTopicRuleDestinationsResponse (Prelude.Maybe [TopicRuleDestinationSummary])
+listTopicRuleDestinationsResponse_destinationSummaries = Lens.lens (\ListTopicRuleDestinationsResponse' {destinationSummaries} -> destinationSummaries) (\s@ListTopicRuleDestinationsResponse' {} a -> s {destinationSummaries = a} :: ListTopicRuleDestinationsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The token to use to get the next set of results, or __null__ if there
+-- are no additional results.
+listTopicRuleDestinationsResponse_nextToken :: Lens.Lens' ListTopicRuleDestinationsResponse (Prelude.Maybe Prelude.Text)
+listTopicRuleDestinationsResponse_nextToken = Lens.lens (\ListTopicRuleDestinationsResponse' {nextToken} -> nextToken) (\s@ListTopicRuleDestinationsResponse' {} a -> s {nextToken = a} :: ListTopicRuleDestinationsResponse)
+
+-- | The response's http status code.
+listTopicRuleDestinationsResponse_httpStatus :: Lens.Lens' ListTopicRuleDestinationsResponse Prelude.Int
+listTopicRuleDestinationsResponse_httpStatus = Lens.lens (\ListTopicRuleDestinationsResponse' {httpStatus} -> httpStatus) (\s@ListTopicRuleDestinationsResponse' {} a -> s {httpStatus = a} :: ListTopicRuleDestinationsResponse)
+
+instance
+  Prelude.NFData
+    ListTopicRuleDestinationsResponse
+  where
+  rnf ListTopicRuleDestinationsResponse' {..} =
+    Prelude.rnf destinationSummaries
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListTopicRules.hs b/gen/Amazonka/IoT/ListTopicRules.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListTopicRules.hs
@@ -0,0 +1,246 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListTopicRules
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the rules for the specific topic.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListTopicRules>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListTopicRules
+  ( -- * Creating a Request
+    ListTopicRules (..),
+    newListTopicRules,
+
+    -- * Request Lenses
+    listTopicRules_maxResults,
+    listTopicRules_nextToken,
+    listTopicRules_ruleDisabled,
+    listTopicRules_topic,
+
+    -- * Destructuring the Response
+    ListTopicRulesResponse (..),
+    newListTopicRulesResponse,
+
+    -- * Response Lenses
+    listTopicRulesResponse_nextToken,
+    listTopicRulesResponse_rules,
+    listTopicRulesResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the ListTopicRules operation.
+--
+-- /See:/ 'newListTopicRules' smart constructor.
+data ListTopicRules = ListTopicRules'
+  { -- | The maximum number of results to return.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | To retrieve the next set of results, the @nextToken@ value from a
+    -- previous response; otherwise __null__ to receive the first set of
+    -- results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | Specifies whether the rule is disabled.
+    ruleDisabled :: Prelude.Maybe Prelude.Bool,
+    -- | The topic.
+    topic :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListTopicRules' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listTopicRules_maxResults' - The maximum number of results to return.
+--
+-- 'nextToken', 'listTopicRules_nextToken' - To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+--
+-- 'ruleDisabled', 'listTopicRules_ruleDisabled' - Specifies whether the rule is disabled.
+--
+-- 'topic', 'listTopicRules_topic' - The topic.
+newListTopicRules ::
+  ListTopicRules
+newListTopicRules =
+  ListTopicRules'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      ruleDisabled = Prelude.Nothing,
+      topic = Prelude.Nothing
+    }
+
+-- | The maximum number of results to return.
+listTopicRules_maxResults :: Lens.Lens' ListTopicRules (Prelude.Maybe Prelude.Natural)
+listTopicRules_maxResults = Lens.lens (\ListTopicRules' {maxResults} -> maxResults) (\s@ListTopicRules' {} a -> s {maxResults = a} :: ListTopicRules)
+
+-- | To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+listTopicRules_nextToken :: Lens.Lens' ListTopicRules (Prelude.Maybe Prelude.Text)
+listTopicRules_nextToken = Lens.lens (\ListTopicRules' {nextToken} -> nextToken) (\s@ListTopicRules' {} a -> s {nextToken = a} :: ListTopicRules)
+
+-- | Specifies whether the rule is disabled.
+listTopicRules_ruleDisabled :: Lens.Lens' ListTopicRules (Prelude.Maybe Prelude.Bool)
+listTopicRules_ruleDisabled = Lens.lens (\ListTopicRules' {ruleDisabled} -> ruleDisabled) (\s@ListTopicRules' {} a -> s {ruleDisabled = a} :: ListTopicRules)
+
+-- | The topic.
+listTopicRules_topic :: Lens.Lens' ListTopicRules (Prelude.Maybe Prelude.Text)
+listTopicRules_topic = Lens.lens (\ListTopicRules' {topic} -> topic) (\s@ListTopicRules' {} a -> s {topic = a} :: ListTopicRules)
+
+instance Core.AWSPager ListTopicRules where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listTopicRulesResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listTopicRulesResponse_rules
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listTopicRules_nextToken
+          Lens..~ rs
+          Lens.^? listTopicRulesResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListTopicRules where
+  type
+    AWSResponse ListTopicRules =
+      ListTopicRulesResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListTopicRulesResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (x Data..?> "rules" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListTopicRules where
+  hashWithSalt _salt ListTopicRules' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` ruleDisabled
+      `Prelude.hashWithSalt` topic
+
+instance Prelude.NFData ListTopicRules where
+  rnf ListTopicRules' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf ruleDisabled
+      `Prelude.seq` Prelude.rnf topic
+
+instance Data.ToHeaders ListTopicRules where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListTopicRules where
+  toPath = Prelude.const "/rules"
+
+instance Data.ToQuery ListTopicRules where
+  toQuery ListTopicRules' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken,
+        "ruleDisabled" Data.=: ruleDisabled,
+        "topic" Data.=: topic
+      ]
+
+-- | The output from the ListTopicRules operation.
+--
+-- /See:/ 'newListTopicRulesResponse' smart constructor.
+data ListTopicRulesResponse = ListTopicRulesResponse'
+  { -- | The token to use to get the next set of results, or __null__ if there
+    -- are no additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The rules.
+    rules :: Prelude.Maybe [TopicRuleListItem],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListTopicRulesResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listTopicRulesResponse_nextToken' - The token to use to get the next set of results, or __null__ if there
+-- are no additional results.
+--
+-- 'rules', 'listTopicRulesResponse_rules' - The rules.
+--
+-- 'httpStatus', 'listTopicRulesResponse_httpStatus' - The response's http status code.
+newListTopicRulesResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListTopicRulesResponse
+newListTopicRulesResponse pHttpStatus_ =
+  ListTopicRulesResponse'
+    { nextToken =
+        Prelude.Nothing,
+      rules = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The token to use to get the next set of results, or __null__ if there
+-- are no additional results.
+listTopicRulesResponse_nextToken :: Lens.Lens' ListTopicRulesResponse (Prelude.Maybe Prelude.Text)
+listTopicRulesResponse_nextToken = Lens.lens (\ListTopicRulesResponse' {nextToken} -> nextToken) (\s@ListTopicRulesResponse' {} a -> s {nextToken = a} :: ListTopicRulesResponse)
+
+-- | The rules.
+listTopicRulesResponse_rules :: Lens.Lens' ListTopicRulesResponse (Prelude.Maybe [TopicRuleListItem])
+listTopicRulesResponse_rules = Lens.lens (\ListTopicRulesResponse' {rules} -> rules) (\s@ListTopicRulesResponse' {} a -> s {rules = a} :: ListTopicRulesResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listTopicRulesResponse_httpStatus :: Lens.Lens' ListTopicRulesResponse Prelude.Int
+listTopicRulesResponse_httpStatus = Lens.lens (\ListTopicRulesResponse' {httpStatus} -> httpStatus) (\s@ListTopicRulesResponse' {} a -> s {httpStatus = a} :: ListTopicRulesResponse)
+
+instance Prelude.NFData ListTopicRulesResponse where
+  rnf ListTopicRulesResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf rules
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListV2LoggingLevels.hs b/gen/Amazonka/IoT/ListV2LoggingLevels.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListV2LoggingLevels.hs
@@ -0,0 +1,235 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListV2LoggingLevels
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists logging levels.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListV2LoggingLevels>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListV2LoggingLevels
+  ( -- * Creating a Request
+    ListV2LoggingLevels (..),
+    newListV2LoggingLevels,
+
+    -- * Request Lenses
+    listV2LoggingLevels_maxResults,
+    listV2LoggingLevels_nextToken,
+    listV2LoggingLevels_targetType,
+
+    -- * Destructuring the Response
+    ListV2LoggingLevelsResponse (..),
+    newListV2LoggingLevelsResponse,
+
+    -- * Response Lenses
+    listV2LoggingLevelsResponse_logTargetConfigurations,
+    listV2LoggingLevelsResponse_nextToken,
+    listV2LoggingLevelsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListV2LoggingLevels' smart constructor.
+data ListV2LoggingLevels = ListV2LoggingLevels'
+  { -- | The maximum number of results to return at one time.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | To retrieve the next set of results, the @nextToken@ value from a
+    -- previous response; otherwise __null__ to receive the first set of
+    -- results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The type of resource for which you are configuring logging. Must be
+    -- @THING_Group@.
+    targetType :: Prelude.Maybe LogTargetType
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListV2LoggingLevels' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listV2LoggingLevels_maxResults' - The maximum number of results to return at one time.
+--
+-- 'nextToken', 'listV2LoggingLevels_nextToken' - To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+--
+-- 'targetType', 'listV2LoggingLevels_targetType' - The type of resource for which you are configuring logging. Must be
+-- @THING_Group@.
+newListV2LoggingLevels ::
+  ListV2LoggingLevels
+newListV2LoggingLevels =
+  ListV2LoggingLevels'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      targetType = Prelude.Nothing
+    }
+
+-- | The maximum number of results to return at one time.
+listV2LoggingLevels_maxResults :: Lens.Lens' ListV2LoggingLevels (Prelude.Maybe Prelude.Natural)
+listV2LoggingLevels_maxResults = Lens.lens (\ListV2LoggingLevels' {maxResults} -> maxResults) (\s@ListV2LoggingLevels' {} a -> s {maxResults = a} :: ListV2LoggingLevels)
+
+-- | To retrieve the next set of results, the @nextToken@ value from a
+-- previous response; otherwise __null__ to receive the first set of
+-- results.
+listV2LoggingLevels_nextToken :: Lens.Lens' ListV2LoggingLevels (Prelude.Maybe Prelude.Text)
+listV2LoggingLevels_nextToken = Lens.lens (\ListV2LoggingLevels' {nextToken} -> nextToken) (\s@ListV2LoggingLevels' {} a -> s {nextToken = a} :: ListV2LoggingLevels)
+
+-- | The type of resource for which you are configuring logging. Must be
+-- @THING_Group@.
+listV2LoggingLevels_targetType :: Lens.Lens' ListV2LoggingLevels (Prelude.Maybe LogTargetType)
+listV2LoggingLevels_targetType = Lens.lens (\ListV2LoggingLevels' {targetType} -> targetType) (\s@ListV2LoggingLevels' {} a -> s {targetType = a} :: ListV2LoggingLevels)
+
+instance Core.AWSPager ListV2LoggingLevels where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listV2LoggingLevelsResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listV2LoggingLevelsResponse_logTargetConfigurations
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listV2LoggingLevels_nextToken
+          Lens..~ rs
+          Lens.^? listV2LoggingLevelsResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListV2LoggingLevels where
+  type
+    AWSResponse ListV2LoggingLevels =
+      ListV2LoggingLevelsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListV2LoggingLevelsResponse'
+            Prelude.<$> ( x
+                            Data..?> "logTargetConfigurations"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (x Data..?> "nextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListV2LoggingLevels where
+  hashWithSalt _salt ListV2LoggingLevels' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` targetType
+
+instance Prelude.NFData ListV2LoggingLevels where
+  rnf ListV2LoggingLevels' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf targetType
+
+instance Data.ToHeaders ListV2LoggingLevels where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListV2LoggingLevels where
+  toPath = Prelude.const "/v2LoggingLevel"
+
+instance Data.ToQuery ListV2LoggingLevels where
+  toQuery ListV2LoggingLevels' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken,
+        "targetType" Data.=: targetType
+      ]
+
+-- | /See:/ 'newListV2LoggingLevelsResponse' smart constructor.
+data ListV2LoggingLevelsResponse = ListV2LoggingLevelsResponse'
+  { -- | The logging configuration for a target.
+    logTargetConfigurations :: Prelude.Maybe [LogTargetConfiguration],
+    -- | The token to use to get the next set of results, or __null__ if there
+    -- are no additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListV2LoggingLevelsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'logTargetConfigurations', 'listV2LoggingLevelsResponse_logTargetConfigurations' - The logging configuration for a target.
+--
+-- 'nextToken', 'listV2LoggingLevelsResponse_nextToken' - The token to use to get the next set of results, or __null__ if there
+-- are no additional results.
+--
+-- 'httpStatus', 'listV2LoggingLevelsResponse_httpStatus' - The response's http status code.
+newListV2LoggingLevelsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListV2LoggingLevelsResponse
+newListV2LoggingLevelsResponse pHttpStatus_ =
+  ListV2LoggingLevelsResponse'
+    { logTargetConfigurations =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The logging configuration for a target.
+listV2LoggingLevelsResponse_logTargetConfigurations :: Lens.Lens' ListV2LoggingLevelsResponse (Prelude.Maybe [LogTargetConfiguration])
+listV2LoggingLevelsResponse_logTargetConfigurations = Lens.lens (\ListV2LoggingLevelsResponse' {logTargetConfigurations} -> logTargetConfigurations) (\s@ListV2LoggingLevelsResponse' {} a -> s {logTargetConfigurations = a} :: ListV2LoggingLevelsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The token to use to get the next set of results, or __null__ if there
+-- are no additional results.
+listV2LoggingLevelsResponse_nextToken :: Lens.Lens' ListV2LoggingLevelsResponse (Prelude.Maybe Prelude.Text)
+listV2LoggingLevelsResponse_nextToken = Lens.lens (\ListV2LoggingLevelsResponse' {nextToken} -> nextToken) (\s@ListV2LoggingLevelsResponse' {} a -> s {nextToken = a} :: ListV2LoggingLevelsResponse)
+
+-- | The response's http status code.
+listV2LoggingLevelsResponse_httpStatus :: Lens.Lens' ListV2LoggingLevelsResponse Prelude.Int
+listV2LoggingLevelsResponse_httpStatus = Lens.lens (\ListV2LoggingLevelsResponse' {httpStatus} -> httpStatus) (\s@ListV2LoggingLevelsResponse' {} a -> s {httpStatus = a} :: ListV2LoggingLevelsResponse)
+
+instance Prelude.NFData ListV2LoggingLevelsResponse where
+  rnf ListV2LoggingLevelsResponse' {..} =
+    Prelude.rnf logTargetConfigurations
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ListViolationEvents.hs b/gen/Amazonka/IoT/ListViolationEvents.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ListViolationEvents.hs
@@ -0,0 +1,321 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ListViolationEvents
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the Device Defender security profile violations discovered during
+-- the given time period. You can use filters to limit the results to those
+-- alerts issued for a particular security profile, behavior, or thing
+-- (device).
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ListViolationEvents>
+-- action.
+--
+-- This operation returns paginated results.
+module Amazonka.IoT.ListViolationEvents
+  ( -- * Creating a Request
+    ListViolationEvents (..),
+    newListViolationEvents,
+
+    -- * Request Lenses
+    listViolationEvents_behaviorCriteriaType,
+    listViolationEvents_listSuppressedAlerts,
+    listViolationEvents_maxResults,
+    listViolationEvents_nextToken,
+    listViolationEvents_securityProfileName,
+    listViolationEvents_thingName,
+    listViolationEvents_verificationState,
+    listViolationEvents_startTime,
+    listViolationEvents_endTime,
+
+    -- * Destructuring the Response
+    ListViolationEventsResponse (..),
+    newListViolationEventsResponse,
+
+    -- * Response Lenses
+    listViolationEventsResponse_nextToken,
+    listViolationEventsResponse_violationEvents,
+    listViolationEventsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newListViolationEvents' smart constructor.
+data ListViolationEvents = ListViolationEvents'
+  { -- | The criteria for a behavior.
+    behaviorCriteriaType :: Prelude.Maybe BehaviorCriteriaType,
+    -- | A list of all suppressed alerts.
+    listSuppressedAlerts :: Prelude.Maybe Prelude.Bool,
+    -- | The maximum number of results to return at one time.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The token for the next set of results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | A filter to limit results to those alerts generated by the specified
+    -- security profile.
+    securityProfileName :: Prelude.Maybe Prelude.Text,
+    -- | A filter to limit results to those alerts caused by the specified thing.
+    thingName :: Prelude.Maybe Prelude.Text,
+    -- | The verification state of the violation (detect alarm).
+    verificationState :: Prelude.Maybe VerificationState,
+    -- | The start time for the alerts to be listed.
+    startTime :: Data.POSIX,
+    -- | The end time for the alerts to be listed.
+    endTime :: Data.POSIX
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListViolationEvents' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'behaviorCriteriaType', 'listViolationEvents_behaviorCriteriaType' - The criteria for a behavior.
+--
+-- 'listSuppressedAlerts', 'listViolationEvents_listSuppressedAlerts' - A list of all suppressed alerts.
+--
+-- 'maxResults', 'listViolationEvents_maxResults' - The maximum number of results to return at one time.
+--
+-- 'nextToken', 'listViolationEvents_nextToken' - The token for the next set of results.
+--
+-- 'securityProfileName', 'listViolationEvents_securityProfileName' - A filter to limit results to those alerts generated by the specified
+-- security profile.
+--
+-- 'thingName', 'listViolationEvents_thingName' - A filter to limit results to those alerts caused by the specified thing.
+--
+-- 'verificationState', 'listViolationEvents_verificationState' - The verification state of the violation (detect alarm).
+--
+-- 'startTime', 'listViolationEvents_startTime' - The start time for the alerts to be listed.
+--
+-- 'endTime', 'listViolationEvents_endTime' - The end time for the alerts to be listed.
+newListViolationEvents ::
+  -- | 'startTime'
+  Prelude.UTCTime ->
+  -- | 'endTime'
+  Prelude.UTCTime ->
+  ListViolationEvents
+newListViolationEvents pStartTime_ pEndTime_ =
+  ListViolationEvents'
+    { behaviorCriteriaType =
+        Prelude.Nothing,
+      listSuppressedAlerts = Prelude.Nothing,
+      maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      securityProfileName = Prelude.Nothing,
+      thingName = Prelude.Nothing,
+      verificationState = Prelude.Nothing,
+      startTime = Data._Time Lens.# pStartTime_,
+      endTime = Data._Time Lens.# pEndTime_
+    }
+
+-- | The criteria for a behavior.
+listViolationEvents_behaviorCriteriaType :: Lens.Lens' ListViolationEvents (Prelude.Maybe BehaviorCriteriaType)
+listViolationEvents_behaviorCriteriaType = Lens.lens (\ListViolationEvents' {behaviorCriteriaType} -> behaviorCriteriaType) (\s@ListViolationEvents' {} a -> s {behaviorCriteriaType = a} :: ListViolationEvents)
+
+-- | A list of all suppressed alerts.
+listViolationEvents_listSuppressedAlerts :: Lens.Lens' ListViolationEvents (Prelude.Maybe Prelude.Bool)
+listViolationEvents_listSuppressedAlerts = Lens.lens (\ListViolationEvents' {listSuppressedAlerts} -> listSuppressedAlerts) (\s@ListViolationEvents' {} a -> s {listSuppressedAlerts = a} :: ListViolationEvents)
+
+-- | The maximum number of results to return at one time.
+listViolationEvents_maxResults :: Lens.Lens' ListViolationEvents (Prelude.Maybe Prelude.Natural)
+listViolationEvents_maxResults = Lens.lens (\ListViolationEvents' {maxResults} -> maxResults) (\s@ListViolationEvents' {} a -> s {maxResults = a} :: ListViolationEvents)
+
+-- | The token for the next set of results.
+listViolationEvents_nextToken :: Lens.Lens' ListViolationEvents (Prelude.Maybe Prelude.Text)
+listViolationEvents_nextToken = Lens.lens (\ListViolationEvents' {nextToken} -> nextToken) (\s@ListViolationEvents' {} a -> s {nextToken = a} :: ListViolationEvents)
+
+-- | A filter to limit results to those alerts generated by the specified
+-- security profile.
+listViolationEvents_securityProfileName :: Lens.Lens' ListViolationEvents (Prelude.Maybe Prelude.Text)
+listViolationEvents_securityProfileName = Lens.lens (\ListViolationEvents' {securityProfileName} -> securityProfileName) (\s@ListViolationEvents' {} a -> s {securityProfileName = a} :: ListViolationEvents)
+
+-- | A filter to limit results to those alerts caused by the specified thing.
+listViolationEvents_thingName :: Lens.Lens' ListViolationEvents (Prelude.Maybe Prelude.Text)
+listViolationEvents_thingName = Lens.lens (\ListViolationEvents' {thingName} -> thingName) (\s@ListViolationEvents' {} a -> s {thingName = a} :: ListViolationEvents)
+
+-- | The verification state of the violation (detect alarm).
+listViolationEvents_verificationState :: Lens.Lens' ListViolationEvents (Prelude.Maybe VerificationState)
+listViolationEvents_verificationState = Lens.lens (\ListViolationEvents' {verificationState} -> verificationState) (\s@ListViolationEvents' {} a -> s {verificationState = a} :: ListViolationEvents)
+
+-- | The start time for the alerts to be listed.
+listViolationEvents_startTime :: Lens.Lens' ListViolationEvents Prelude.UTCTime
+listViolationEvents_startTime = Lens.lens (\ListViolationEvents' {startTime} -> startTime) (\s@ListViolationEvents' {} a -> s {startTime = a} :: ListViolationEvents) Prelude.. Data._Time
+
+-- | The end time for the alerts to be listed.
+listViolationEvents_endTime :: Lens.Lens' ListViolationEvents Prelude.UTCTime
+listViolationEvents_endTime = Lens.lens (\ListViolationEvents' {endTime} -> endTime) (\s@ListViolationEvents' {} a -> s {endTime = a} :: ListViolationEvents) Prelude.. Data._Time
+
+instance Core.AWSPager ListViolationEvents where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listViolationEventsResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listViolationEventsResponse_violationEvents
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listViolationEvents_nextToken
+          Lens..~ rs
+          Lens.^? listViolationEventsResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListViolationEvents where
+  type
+    AWSResponse ListViolationEvents =
+      ListViolationEventsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListViolationEventsResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> ( x
+                            Data..?> "violationEvents"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListViolationEvents where
+  hashWithSalt _salt ListViolationEvents' {..} =
+    _salt
+      `Prelude.hashWithSalt` behaviorCriteriaType
+      `Prelude.hashWithSalt` listSuppressedAlerts
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` securityProfileName
+      `Prelude.hashWithSalt` thingName
+      `Prelude.hashWithSalt` verificationState
+      `Prelude.hashWithSalt` startTime
+      `Prelude.hashWithSalt` endTime
+
+instance Prelude.NFData ListViolationEvents where
+  rnf ListViolationEvents' {..} =
+    Prelude.rnf behaviorCriteriaType
+      `Prelude.seq` Prelude.rnf listSuppressedAlerts
+      `Prelude.seq` Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf securityProfileName
+      `Prelude.seq` Prelude.rnf thingName
+      `Prelude.seq` Prelude.rnf verificationState
+      `Prelude.seq` Prelude.rnf startTime
+      `Prelude.seq` Prelude.rnf endTime
+
+instance Data.ToHeaders ListViolationEvents where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToPath ListViolationEvents where
+  toPath = Prelude.const "/violation-events"
+
+instance Data.ToQuery ListViolationEvents where
+  toQuery ListViolationEvents' {..} =
+    Prelude.mconcat
+      [ "behaviorCriteriaType" Data.=: behaviorCriteriaType,
+        "listSuppressedAlerts" Data.=: listSuppressedAlerts,
+        "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken,
+        "securityProfileName" Data.=: securityProfileName,
+        "thingName" Data.=: thingName,
+        "verificationState" Data.=: verificationState,
+        "startTime" Data.=: startTime,
+        "endTime" Data.=: endTime
+      ]
+
+-- | /See:/ 'newListViolationEventsResponse' smart constructor.
+data ListViolationEventsResponse = ListViolationEventsResponse'
+  { -- | A token that can be used to retrieve the next set of results, or @null@
+    -- if there are no additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The security profile violation alerts issued for this account during the
+    -- given time period, potentially filtered by security profile, behavior
+    -- violated, or thing (device) violating.
+    violationEvents :: Prelude.Maybe [ViolationEvent],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListViolationEventsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listViolationEventsResponse_nextToken' - A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+--
+-- 'violationEvents', 'listViolationEventsResponse_violationEvents' - The security profile violation alerts issued for this account during the
+-- given time period, potentially filtered by security profile, behavior
+-- violated, or thing (device) violating.
+--
+-- 'httpStatus', 'listViolationEventsResponse_httpStatus' - The response's http status code.
+newListViolationEventsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListViolationEventsResponse
+newListViolationEventsResponse pHttpStatus_ =
+  ListViolationEventsResponse'
+    { nextToken =
+        Prelude.Nothing,
+      violationEvents = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | A token that can be used to retrieve the next set of results, or @null@
+-- if there are no additional results.
+listViolationEventsResponse_nextToken :: Lens.Lens' ListViolationEventsResponse (Prelude.Maybe Prelude.Text)
+listViolationEventsResponse_nextToken = Lens.lens (\ListViolationEventsResponse' {nextToken} -> nextToken) (\s@ListViolationEventsResponse' {} a -> s {nextToken = a} :: ListViolationEventsResponse)
+
+-- | The security profile violation alerts issued for this account during the
+-- given time period, potentially filtered by security profile, behavior
+-- violated, or thing (device) violating.
+listViolationEventsResponse_violationEvents :: Lens.Lens' ListViolationEventsResponse (Prelude.Maybe [ViolationEvent])
+listViolationEventsResponse_violationEvents = Lens.lens (\ListViolationEventsResponse' {violationEvents} -> violationEvents) (\s@ListViolationEventsResponse' {} a -> s {violationEvents = a} :: ListViolationEventsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listViolationEventsResponse_httpStatus :: Lens.Lens' ListViolationEventsResponse Prelude.Int
+listViolationEventsResponse_httpStatus = Lens.lens (\ListViolationEventsResponse' {httpStatus} -> httpStatus) (\s@ListViolationEventsResponse' {} a -> s {httpStatus = a} :: ListViolationEventsResponse)
+
+instance Prelude.NFData ListViolationEventsResponse where
+  rnf ListViolationEventsResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf violationEvents
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/PutVerificationStateOnViolation.hs b/gen/Amazonka/IoT/PutVerificationStateOnViolation.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/PutVerificationStateOnViolation.hs
@@ -0,0 +1,207 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.PutVerificationStateOnViolation
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Set a verification state and provide a description of that verification
+-- state on a violation (detect alarm).
+module Amazonka.IoT.PutVerificationStateOnViolation
+  ( -- * Creating a Request
+    PutVerificationStateOnViolation (..),
+    newPutVerificationStateOnViolation,
+
+    -- * Request Lenses
+    putVerificationStateOnViolation_verificationStateDescription,
+    putVerificationStateOnViolation_violationId,
+    putVerificationStateOnViolation_verificationState,
+
+    -- * Destructuring the Response
+    PutVerificationStateOnViolationResponse (..),
+    newPutVerificationStateOnViolationResponse,
+
+    -- * Response Lenses
+    putVerificationStateOnViolationResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newPutVerificationStateOnViolation' smart constructor.
+data PutVerificationStateOnViolation = PutVerificationStateOnViolation'
+  { -- | The description of the verification state of the violation (detect
+    -- alarm).
+    verificationStateDescription :: Prelude.Maybe Prelude.Text,
+    -- | The violation ID.
+    violationId :: Prelude.Text,
+    -- | The verification state of the violation.
+    verificationState :: VerificationState
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'PutVerificationStateOnViolation' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'verificationStateDescription', 'putVerificationStateOnViolation_verificationStateDescription' - The description of the verification state of the violation (detect
+-- alarm).
+--
+-- 'violationId', 'putVerificationStateOnViolation_violationId' - The violation ID.
+--
+-- 'verificationState', 'putVerificationStateOnViolation_verificationState' - The verification state of the violation.
+newPutVerificationStateOnViolation ::
+  -- | 'violationId'
+  Prelude.Text ->
+  -- | 'verificationState'
+  VerificationState ->
+  PutVerificationStateOnViolation
+newPutVerificationStateOnViolation
+  pViolationId_
+  pVerificationState_ =
+    PutVerificationStateOnViolation'
+      { verificationStateDescription =
+          Prelude.Nothing,
+        violationId = pViolationId_,
+        verificationState = pVerificationState_
+      }
+
+-- | The description of the verification state of the violation (detect
+-- alarm).
+putVerificationStateOnViolation_verificationStateDescription :: Lens.Lens' PutVerificationStateOnViolation (Prelude.Maybe Prelude.Text)
+putVerificationStateOnViolation_verificationStateDescription = Lens.lens (\PutVerificationStateOnViolation' {verificationStateDescription} -> verificationStateDescription) (\s@PutVerificationStateOnViolation' {} a -> s {verificationStateDescription = a} :: PutVerificationStateOnViolation)
+
+-- | The violation ID.
+putVerificationStateOnViolation_violationId :: Lens.Lens' PutVerificationStateOnViolation Prelude.Text
+putVerificationStateOnViolation_violationId = Lens.lens (\PutVerificationStateOnViolation' {violationId} -> violationId) (\s@PutVerificationStateOnViolation' {} a -> s {violationId = a} :: PutVerificationStateOnViolation)
+
+-- | The verification state of the violation.
+putVerificationStateOnViolation_verificationState :: Lens.Lens' PutVerificationStateOnViolation VerificationState
+putVerificationStateOnViolation_verificationState = Lens.lens (\PutVerificationStateOnViolation' {verificationState} -> verificationState) (\s@PutVerificationStateOnViolation' {} a -> s {verificationState = a} :: PutVerificationStateOnViolation)
+
+instance
+  Core.AWSRequest
+    PutVerificationStateOnViolation
+  where
+  type
+    AWSResponse PutVerificationStateOnViolation =
+      PutVerificationStateOnViolationResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          PutVerificationStateOnViolationResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    PutVerificationStateOnViolation
+  where
+  hashWithSalt
+    _salt
+    PutVerificationStateOnViolation' {..} =
+      _salt
+        `Prelude.hashWithSalt` verificationStateDescription
+        `Prelude.hashWithSalt` violationId
+        `Prelude.hashWithSalt` verificationState
+
+instance
+  Prelude.NFData
+    PutVerificationStateOnViolation
+  where
+  rnf PutVerificationStateOnViolation' {..} =
+    Prelude.rnf verificationStateDescription
+      `Prelude.seq` Prelude.rnf violationId
+      `Prelude.seq` Prelude.rnf verificationState
+
+instance
+  Data.ToHeaders
+    PutVerificationStateOnViolation
+  where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON PutVerificationStateOnViolation where
+  toJSON PutVerificationStateOnViolation' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("verificationStateDescription" Data..=)
+              Prelude.<$> verificationStateDescription,
+            Prelude.Just
+              ("verificationState" Data..= verificationState)
+          ]
+      )
+
+instance Data.ToPath PutVerificationStateOnViolation where
+  toPath PutVerificationStateOnViolation' {..} =
+    Prelude.mconcat
+      [ "/violations/verification-state/",
+        Data.toBS violationId
+      ]
+
+instance Data.ToQuery PutVerificationStateOnViolation where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newPutVerificationStateOnViolationResponse' smart constructor.
+data PutVerificationStateOnViolationResponse = PutVerificationStateOnViolationResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'PutVerificationStateOnViolationResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'putVerificationStateOnViolationResponse_httpStatus' - The response's http status code.
+newPutVerificationStateOnViolationResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  PutVerificationStateOnViolationResponse
+newPutVerificationStateOnViolationResponse
+  pHttpStatus_ =
+    PutVerificationStateOnViolationResponse'
+      { httpStatus =
+          pHttpStatus_
+      }
+
+-- | The response's http status code.
+putVerificationStateOnViolationResponse_httpStatus :: Lens.Lens' PutVerificationStateOnViolationResponse Prelude.Int
+putVerificationStateOnViolationResponse_httpStatus = Lens.lens (\PutVerificationStateOnViolationResponse' {httpStatus} -> httpStatus) (\s@PutVerificationStateOnViolationResponse' {} a -> s {httpStatus = a} :: PutVerificationStateOnViolationResponse)
+
+instance
+  Prelude.NFData
+    PutVerificationStateOnViolationResponse
+  where
+  rnf PutVerificationStateOnViolationResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/RegisterCACertificate.hs b/gen/Amazonka/IoT/RegisterCACertificate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/RegisterCACertificate.hs
@@ -0,0 +1,336 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.RegisterCACertificate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Registers a CA certificate with Amazon Web Services IoT Core. There is
+-- no limit to the number of CA certificates you can register in your
+-- Amazon Web Services account. You can register up to 10 CA certificates
+-- with the same @CA subject field@ per Amazon Web Services account.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions RegisterCACertificate>
+-- action.
+module Amazonka.IoT.RegisterCACertificate
+  ( -- * Creating a Request
+    RegisterCACertificate (..),
+    newRegisterCACertificate,
+
+    -- * Request Lenses
+    registerCACertificate_allowAutoRegistration,
+    registerCACertificate_certificateMode,
+    registerCACertificate_registrationConfig,
+    registerCACertificate_setAsActive,
+    registerCACertificate_tags,
+    registerCACertificate_verificationCertificate,
+    registerCACertificate_caCertificate,
+
+    -- * Destructuring the Response
+    RegisterCACertificateResponse (..),
+    newRegisterCACertificateResponse,
+
+    -- * Response Lenses
+    registerCACertificateResponse_certificateArn,
+    registerCACertificateResponse_certificateId,
+    registerCACertificateResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input to the RegisterCACertificate operation.
+--
+-- /See:/ 'newRegisterCACertificate' smart constructor.
+data RegisterCACertificate = RegisterCACertificate'
+  { -- | Allows this CA certificate to be used for auto registration of device
+    -- certificates.
+    allowAutoRegistration :: Prelude.Maybe Prelude.Bool,
+    -- | Describes the certificate mode in which the Certificate Authority (CA)
+    -- will be registered. If the @verificationCertificate@ field is not
+    -- provided, set @certificateMode@ to be @SNI_ONLY@. If the
+    -- @verificationCertificate@ field is provided, set @certificateMode@ to be
+    -- @DEFAULT@. When @certificateMode@ is not provided, it defaults to
+    -- @DEFAULT@. All the device certificates that are registered using this CA
+    -- will be registered in the same certificate mode as the CA. For more
+    -- information about certificate mode for device certificates, see
+    -- <https://docs.aws.amazon.com/iot/latest/apireference/API_CertificateDescription.html#iot-Type-CertificateDescription-certificateMode certificate mode>.
+    certificateMode :: Prelude.Maybe CertificateMode,
+    -- | Information about the registration configuration.
+    registrationConfig :: Prelude.Maybe RegistrationConfig,
+    -- | A boolean value that specifies if the CA certificate is set to active.
+    --
+    -- Valid values: @ACTIVE | INACTIVE@
+    setAsActive :: Prelude.Maybe Prelude.Bool,
+    -- | Metadata which can be used to manage the CA certificate.
+    --
+    -- For URI Request parameters use format: ...key1=value1&key2=value2...
+    --
+    -- For the CLI command-line parameter use format: &&tags
+    -- \"key1=value1&key2=value2...\"
+    --
+    -- For the cli-input-json file use format: \"tags\":
+    -- \"key1=value1&key2=value2...\"
+    tags :: Prelude.Maybe [Tag],
+    -- | The private key verification certificate. If @certificateMode@ is
+    -- @SNI_ONLY@, the @verificationCertificate@ field must be empty. If
+    -- @certificateMode@ is @DEFAULT@ or not provided, the
+    -- @verificationCertificate@ field must not be empty.
+    verificationCertificate :: Prelude.Maybe Prelude.Text,
+    -- | The CA certificate.
+    caCertificate :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'RegisterCACertificate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'allowAutoRegistration', 'registerCACertificate_allowAutoRegistration' - Allows this CA certificate to be used for auto registration of device
+-- certificates.
+--
+-- 'certificateMode', 'registerCACertificate_certificateMode' - Describes the certificate mode in which the Certificate Authority (CA)
+-- will be registered. If the @verificationCertificate@ field is not
+-- provided, set @certificateMode@ to be @SNI_ONLY@. If the
+-- @verificationCertificate@ field is provided, set @certificateMode@ to be
+-- @DEFAULT@. When @certificateMode@ is not provided, it defaults to
+-- @DEFAULT@. All the device certificates that are registered using this CA
+-- will be registered in the same certificate mode as the CA. For more
+-- information about certificate mode for device certificates, see
+-- <https://docs.aws.amazon.com/iot/latest/apireference/API_CertificateDescription.html#iot-Type-CertificateDescription-certificateMode certificate mode>.
+--
+-- 'registrationConfig', 'registerCACertificate_registrationConfig' - Information about the registration configuration.
+--
+-- 'setAsActive', 'registerCACertificate_setAsActive' - A boolean value that specifies if the CA certificate is set to active.
+--
+-- Valid values: @ACTIVE | INACTIVE@
+--
+-- 'tags', 'registerCACertificate_tags' - Metadata which can be used to manage the CA certificate.
+--
+-- For URI Request parameters use format: ...key1=value1&key2=value2...
+--
+-- For the CLI command-line parameter use format: &&tags
+-- \"key1=value1&key2=value2...\"
+--
+-- For the cli-input-json file use format: \"tags\":
+-- \"key1=value1&key2=value2...\"
+--
+-- 'verificationCertificate', 'registerCACertificate_verificationCertificate' - The private key verification certificate. If @certificateMode@ is
+-- @SNI_ONLY@, the @verificationCertificate@ field must be empty. If
+-- @certificateMode@ is @DEFAULT@ or not provided, the
+-- @verificationCertificate@ field must not be empty.
+--
+-- 'caCertificate', 'registerCACertificate_caCertificate' - The CA certificate.
+newRegisterCACertificate ::
+  -- | 'caCertificate'
+  Prelude.Text ->
+  RegisterCACertificate
+newRegisterCACertificate pCaCertificate_ =
+  RegisterCACertificate'
+    { allowAutoRegistration =
+        Prelude.Nothing,
+      certificateMode = Prelude.Nothing,
+      registrationConfig = Prelude.Nothing,
+      setAsActive = Prelude.Nothing,
+      tags = Prelude.Nothing,
+      verificationCertificate = Prelude.Nothing,
+      caCertificate = pCaCertificate_
+    }
+
+-- | Allows this CA certificate to be used for auto registration of device
+-- certificates.
+registerCACertificate_allowAutoRegistration :: Lens.Lens' RegisterCACertificate (Prelude.Maybe Prelude.Bool)
+registerCACertificate_allowAutoRegistration = Lens.lens (\RegisterCACertificate' {allowAutoRegistration} -> allowAutoRegistration) (\s@RegisterCACertificate' {} a -> s {allowAutoRegistration = a} :: RegisterCACertificate)
+
+-- | Describes the certificate mode in which the Certificate Authority (CA)
+-- will be registered. If the @verificationCertificate@ field is not
+-- provided, set @certificateMode@ to be @SNI_ONLY@. If the
+-- @verificationCertificate@ field is provided, set @certificateMode@ to be
+-- @DEFAULT@. When @certificateMode@ is not provided, it defaults to
+-- @DEFAULT@. All the device certificates that are registered using this CA
+-- will be registered in the same certificate mode as the CA. For more
+-- information about certificate mode for device certificates, see
+-- <https://docs.aws.amazon.com/iot/latest/apireference/API_CertificateDescription.html#iot-Type-CertificateDescription-certificateMode certificate mode>.
+registerCACertificate_certificateMode :: Lens.Lens' RegisterCACertificate (Prelude.Maybe CertificateMode)
+registerCACertificate_certificateMode = Lens.lens (\RegisterCACertificate' {certificateMode} -> certificateMode) (\s@RegisterCACertificate' {} a -> s {certificateMode = a} :: RegisterCACertificate)
+
+-- | Information about the registration configuration.
+registerCACertificate_registrationConfig :: Lens.Lens' RegisterCACertificate (Prelude.Maybe RegistrationConfig)
+registerCACertificate_registrationConfig = Lens.lens (\RegisterCACertificate' {registrationConfig} -> registrationConfig) (\s@RegisterCACertificate' {} a -> s {registrationConfig = a} :: RegisterCACertificate)
+
+-- | A boolean value that specifies if the CA certificate is set to active.
+--
+-- Valid values: @ACTIVE | INACTIVE@
+registerCACertificate_setAsActive :: Lens.Lens' RegisterCACertificate (Prelude.Maybe Prelude.Bool)
+registerCACertificate_setAsActive = Lens.lens (\RegisterCACertificate' {setAsActive} -> setAsActive) (\s@RegisterCACertificate' {} a -> s {setAsActive = a} :: RegisterCACertificate)
+
+-- | Metadata which can be used to manage the CA certificate.
+--
+-- For URI Request parameters use format: ...key1=value1&key2=value2...
+--
+-- For the CLI command-line parameter use format: &&tags
+-- \"key1=value1&key2=value2...\"
+--
+-- For the cli-input-json file use format: \"tags\":
+-- \"key1=value1&key2=value2...\"
+registerCACertificate_tags :: Lens.Lens' RegisterCACertificate (Prelude.Maybe [Tag])
+registerCACertificate_tags = Lens.lens (\RegisterCACertificate' {tags} -> tags) (\s@RegisterCACertificate' {} a -> s {tags = a} :: RegisterCACertificate) Prelude.. Lens.mapping Lens.coerced
+
+-- | The private key verification certificate. If @certificateMode@ is
+-- @SNI_ONLY@, the @verificationCertificate@ field must be empty. If
+-- @certificateMode@ is @DEFAULT@ or not provided, the
+-- @verificationCertificate@ field must not be empty.
+registerCACertificate_verificationCertificate :: Lens.Lens' RegisterCACertificate (Prelude.Maybe Prelude.Text)
+registerCACertificate_verificationCertificate = Lens.lens (\RegisterCACertificate' {verificationCertificate} -> verificationCertificate) (\s@RegisterCACertificate' {} a -> s {verificationCertificate = a} :: RegisterCACertificate)
+
+-- | The CA certificate.
+registerCACertificate_caCertificate :: Lens.Lens' RegisterCACertificate Prelude.Text
+registerCACertificate_caCertificate = Lens.lens (\RegisterCACertificate' {caCertificate} -> caCertificate) (\s@RegisterCACertificate' {} a -> s {caCertificate = a} :: RegisterCACertificate)
+
+instance Core.AWSRequest RegisterCACertificate where
+  type
+    AWSResponse RegisterCACertificate =
+      RegisterCACertificateResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          RegisterCACertificateResponse'
+            Prelude.<$> (x Data..?> "certificateArn")
+            Prelude.<*> (x Data..?> "certificateId")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable RegisterCACertificate where
+  hashWithSalt _salt RegisterCACertificate' {..} =
+    _salt
+      `Prelude.hashWithSalt` allowAutoRegistration
+      `Prelude.hashWithSalt` certificateMode
+      `Prelude.hashWithSalt` registrationConfig
+      `Prelude.hashWithSalt` setAsActive
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` verificationCertificate
+      `Prelude.hashWithSalt` caCertificate
+
+instance Prelude.NFData RegisterCACertificate where
+  rnf RegisterCACertificate' {..} =
+    Prelude.rnf allowAutoRegistration
+      `Prelude.seq` Prelude.rnf certificateMode
+      `Prelude.seq` Prelude.rnf registrationConfig
+      `Prelude.seq` Prelude.rnf setAsActive
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf verificationCertificate
+      `Prelude.seq` Prelude.rnf caCertificate
+
+instance Data.ToHeaders RegisterCACertificate where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON RegisterCACertificate where
+  toJSON RegisterCACertificate' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("certificateMode" Data..=)
+              Prelude.<$> certificateMode,
+            ("registrationConfig" Data..=)
+              Prelude.<$> registrationConfig,
+            ("tags" Data..=) Prelude.<$> tags,
+            ("verificationCertificate" Data..=)
+              Prelude.<$> verificationCertificate,
+            Prelude.Just
+              ("caCertificate" Data..= caCertificate)
+          ]
+      )
+
+instance Data.ToPath RegisterCACertificate where
+  toPath = Prelude.const "/cacertificate"
+
+instance Data.ToQuery RegisterCACertificate where
+  toQuery RegisterCACertificate' {..} =
+    Prelude.mconcat
+      [ "allowAutoRegistration"
+          Data.=: allowAutoRegistration,
+        "setAsActive" Data.=: setAsActive
+      ]
+
+-- | The output from the RegisterCACertificateResponse operation.
+--
+-- /See:/ 'newRegisterCACertificateResponse' smart constructor.
+data RegisterCACertificateResponse = RegisterCACertificateResponse'
+  { -- | The CA certificate ARN.
+    certificateArn :: Prelude.Maybe Prelude.Text,
+    -- | The CA certificate identifier.
+    certificateId :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'RegisterCACertificateResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificateArn', 'registerCACertificateResponse_certificateArn' - The CA certificate ARN.
+--
+-- 'certificateId', 'registerCACertificateResponse_certificateId' - The CA certificate identifier.
+--
+-- 'httpStatus', 'registerCACertificateResponse_httpStatus' - The response's http status code.
+newRegisterCACertificateResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  RegisterCACertificateResponse
+newRegisterCACertificateResponse pHttpStatus_ =
+  RegisterCACertificateResponse'
+    { certificateArn =
+        Prelude.Nothing,
+      certificateId = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The CA certificate ARN.
+registerCACertificateResponse_certificateArn :: Lens.Lens' RegisterCACertificateResponse (Prelude.Maybe Prelude.Text)
+registerCACertificateResponse_certificateArn = Lens.lens (\RegisterCACertificateResponse' {certificateArn} -> certificateArn) (\s@RegisterCACertificateResponse' {} a -> s {certificateArn = a} :: RegisterCACertificateResponse)
+
+-- | The CA certificate identifier.
+registerCACertificateResponse_certificateId :: Lens.Lens' RegisterCACertificateResponse (Prelude.Maybe Prelude.Text)
+registerCACertificateResponse_certificateId = Lens.lens (\RegisterCACertificateResponse' {certificateId} -> certificateId) (\s@RegisterCACertificateResponse' {} a -> s {certificateId = a} :: RegisterCACertificateResponse)
+
+-- | The response's http status code.
+registerCACertificateResponse_httpStatus :: Lens.Lens' RegisterCACertificateResponse Prelude.Int
+registerCACertificateResponse_httpStatus = Lens.lens (\RegisterCACertificateResponse' {httpStatus} -> httpStatus) (\s@RegisterCACertificateResponse' {} a -> s {httpStatus = a} :: RegisterCACertificateResponse)
+
+instance Prelude.NFData RegisterCACertificateResponse where
+  rnf RegisterCACertificateResponse' {..} =
+    Prelude.rnf certificateArn
+      `Prelude.seq` Prelude.rnf certificateId
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/RegisterCertificate.hs b/gen/Amazonka/IoT/RegisterCertificate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/RegisterCertificate.hs
@@ -0,0 +1,236 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.RegisterCertificate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Registers a device certificate with IoT in the same
+-- <https://docs.aws.amazon.com/iot/latest/apireference/API_CertificateDescription.html#iot-Type-CertificateDescription-certificateMode certificate mode>
+-- as the signing CA. If you have more than one CA certificate that has the
+-- same subject field, you must specify the CA certificate that was used to
+-- sign the device certificate being registered.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions RegisterCertificate>
+-- action.
+module Amazonka.IoT.RegisterCertificate
+  ( -- * Creating a Request
+    RegisterCertificate (..),
+    newRegisterCertificate,
+
+    -- * Request Lenses
+    registerCertificate_caCertificatePem,
+    registerCertificate_setAsActive,
+    registerCertificate_status,
+    registerCertificate_certificatePem,
+
+    -- * Destructuring the Response
+    RegisterCertificateResponse (..),
+    newRegisterCertificateResponse,
+
+    -- * Response Lenses
+    registerCertificateResponse_certificateArn,
+    registerCertificateResponse_certificateId,
+    registerCertificateResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input to the RegisterCertificate operation.
+--
+-- /See:/ 'newRegisterCertificate' smart constructor.
+data RegisterCertificate = RegisterCertificate'
+  { -- | The CA certificate used to sign the device certificate being registered.
+    caCertificatePem :: Prelude.Maybe Prelude.Text,
+    -- | A boolean value that specifies if the certificate is set to active.
+    --
+    -- Valid values: @ACTIVE | INACTIVE@
+    setAsActive :: Prelude.Maybe Prelude.Bool,
+    -- | The status of the register certificate request. Valid values that you
+    -- can use include @ACTIVE@, @INACTIVE@, and @REVOKED@.
+    status :: Prelude.Maybe CertificateStatus,
+    -- | The certificate data, in PEM format.
+    certificatePem :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'RegisterCertificate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'caCertificatePem', 'registerCertificate_caCertificatePem' - The CA certificate used to sign the device certificate being registered.
+--
+-- 'setAsActive', 'registerCertificate_setAsActive' - A boolean value that specifies if the certificate is set to active.
+--
+-- Valid values: @ACTIVE | INACTIVE@
+--
+-- 'status', 'registerCertificate_status' - The status of the register certificate request. Valid values that you
+-- can use include @ACTIVE@, @INACTIVE@, and @REVOKED@.
+--
+-- 'certificatePem', 'registerCertificate_certificatePem' - The certificate data, in PEM format.
+newRegisterCertificate ::
+  -- | 'certificatePem'
+  Prelude.Text ->
+  RegisterCertificate
+newRegisterCertificate pCertificatePem_ =
+  RegisterCertificate'
+    { caCertificatePem =
+        Prelude.Nothing,
+      setAsActive = Prelude.Nothing,
+      status = Prelude.Nothing,
+      certificatePem = pCertificatePem_
+    }
+
+-- | The CA certificate used to sign the device certificate being registered.
+registerCertificate_caCertificatePem :: Lens.Lens' RegisterCertificate (Prelude.Maybe Prelude.Text)
+registerCertificate_caCertificatePem = Lens.lens (\RegisterCertificate' {caCertificatePem} -> caCertificatePem) (\s@RegisterCertificate' {} a -> s {caCertificatePem = a} :: RegisterCertificate)
+
+-- | A boolean value that specifies if the certificate is set to active.
+--
+-- Valid values: @ACTIVE | INACTIVE@
+registerCertificate_setAsActive :: Lens.Lens' RegisterCertificate (Prelude.Maybe Prelude.Bool)
+registerCertificate_setAsActive = Lens.lens (\RegisterCertificate' {setAsActive} -> setAsActive) (\s@RegisterCertificate' {} a -> s {setAsActive = a} :: RegisterCertificate)
+
+-- | The status of the register certificate request. Valid values that you
+-- can use include @ACTIVE@, @INACTIVE@, and @REVOKED@.
+registerCertificate_status :: Lens.Lens' RegisterCertificate (Prelude.Maybe CertificateStatus)
+registerCertificate_status = Lens.lens (\RegisterCertificate' {status} -> status) (\s@RegisterCertificate' {} a -> s {status = a} :: RegisterCertificate)
+
+-- | The certificate data, in PEM format.
+registerCertificate_certificatePem :: Lens.Lens' RegisterCertificate Prelude.Text
+registerCertificate_certificatePem = Lens.lens (\RegisterCertificate' {certificatePem} -> certificatePem) (\s@RegisterCertificate' {} a -> s {certificatePem = a} :: RegisterCertificate)
+
+instance Core.AWSRequest RegisterCertificate where
+  type
+    AWSResponse RegisterCertificate =
+      RegisterCertificateResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          RegisterCertificateResponse'
+            Prelude.<$> (x Data..?> "certificateArn")
+            Prelude.<*> (x Data..?> "certificateId")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable RegisterCertificate where
+  hashWithSalt _salt RegisterCertificate' {..} =
+    _salt
+      `Prelude.hashWithSalt` caCertificatePem
+      `Prelude.hashWithSalt` setAsActive
+      `Prelude.hashWithSalt` status
+      `Prelude.hashWithSalt` certificatePem
+
+instance Prelude.NFData RegisterCertificate where
+  rnf RegisterCertificate' {..} =
+    Prelude.rnf caCertificatePem
+      `Prelude.seq` Prelude.rnf setAsActive
+      `Prelude.seq` Prelude.rnf status
+      `Prelude.seq` Prelude.rnf certificatePem
+
+instance Data.ToHeaders RegisterCertificate where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON RegisterCertificate where
+  toJSON RegisterCertificate' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("caCertificatePem" Data..=)
+              Prelude.<$> caCertificatePem,
+            ("status" Data..=) Prelude.<$> status,
+            Prelude.Just
+              ("certificatePem" Data..= certificatePem)
+          ]
+      )
+
+instance Data.ToPath RegisterCertificate where
+  toPath = Prelude.const "/certificate/register"
+
+instance Data.ToQuery RegisterCertificate where
+  toQuery RegisterCertificate' {..} =
+    Prelude.mconcat ["setAsActive" Data.=: setAsActive]
+
+-- | The output from the RegisterCertificate operation.
+--
+-- /See:/ 'newRegisterCertificateResponse' smart constructor.
+data RegisterCertificateResponse = RegisterCertificateResponse'
+  { -- | The certificate ARN.
+    certificateArn :: Prelude.Maybe Prelude.Text,
+    -- | The certificate identifier.
+    certificateId :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'RegisterCertificateResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificateArn', 'registerCertificateResponse_certificateArn' - The certificate ARN.
+--
+-- 'certificateId', 'registerCertificateResponse_certificateId' - The certificate identifier.
+--
+-- 'httpStatus', 'registerCertificateResponse_httpStatus' - The response's http status code.
+newRegisterCertificateResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  RegisterCertificateResponse
+newRegisterCertificateResponse pHttpStatus_ =
+  RegisterCertificateResponse'
+    { certificateArn =
+        Prelude.Nothing,
+      certificateId = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The certificate ARN.
+registerCertificateResponse_certificateArn :: Lens.Lens' RegisterCertificateResponse (Prelude.Maybe Prelude.Text)
+registerCertificateResponse_certificateArn = Lens.lens (\RegisterCertificateResponse' {certificateArn} -> certificateArn) (\s@RegisterCertificateResponse' {} a -> s {certificateArn = a} :: RegisterCertificateResponse)
+
+-- | The certificate identifier.
+registerCertificateResponse_certificateId :: Lens.Lens' RegisterCertificateResponse (Prelude.Maybe Prelude.Text)
+registerCertificateResponse_certificateId = Lens.lens (\RegisterCertificateResponse' {certificateId} -> certificateId) (\s@RegisterCertificateResponse' {} a -> s {certificateId = a} :: RegisterCertificateResponse)
+
+-- | The response's http status code.
+registerCertificateResponse_httpStatus :: Lens.Lens' RegisterCertificateResponse Prelude.Int
+registerCertificateResponse_httpStatus = Lens.lens (\RegisterCertificateResponse' {httpStatus} -> httpStatus) (\s@RegisterCertificateResponse' {} a -> s {httpStatus = a} :: RegisterCertificateResponse)
+
+instance Prelude.NFData RegisterCertificateResponse where
+  rnf RegisterCertificateResponse' {..} =
+    Prelude.rnf certificateArn
+      `Prelude.seq` Prelude.rnf certificateId
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/RegisterCertificateWithoutCA.hs b/gen/Amazonka/IoT/RegisterCertificateWithoutCA.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/RegisterCertificateWithoutCA.hs
@@ -0,0 +1,199 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.RegisterCertificateWithoutCA
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Register a certificate that does not have a certificate authority (CA).
+-- For supported certificates, consult
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/x509-client-certs.html#x509-cert-algorithms Certificate signing algorithms supported by IoT>.
+module Amazonka.IoT.RegisterCertificateWithoutCA
+  ( -- * Creating a Request
+    RegisterCertificateWithoutCA (..),
+    newRegisterCertificateWithoutCA,
+
+    -- * Request Lenses
+    registerCertificateWithoutCA_status,
+    registerCertificateWithoutCA_certificatePem,
+
+    -- * Destructuring the Response
+    RegisterCertificateWithoutCAResponse (..),
+    newRegisterCertificateWithoutCAResponse,
+
+    -- * Response Lenses
+    registerCertificateWithoutCAResponse_certificateArn,
+    registerCertificateWithoutCAResponse_certificateId,
+    registerCertificateWithoutCAResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newRegisterCertificateWithoutCA' smart constructor.
+data RegisterCertificateWithoutCA = RegisterCertificateWithoutCA'
+  { -- | The status of the register certificate request.
+    status :: Prelude.Maybe CertificateStatus,
+    -- | The certificate data, in PEM format.
+    certificatePem :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'RegisterCertificateWithoutCA' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'status', 'registerCertificateWithoutCA_status' - The status of the register certificate request.
+--
+-- 'certificatePem', 'registerCertificateWithoutCA_certificatePem' - The certificate data, in PEM format.
+newRegisterCertificateWithoutCA ::
+  -- | 'certificatePem'
+  Prelude.Text ->
+  RegisterCertificateWithoutCA
+newRegisterCertificateWithoutCA pCertificatePem_ =
+  RegisterCertificateWithoutCA'
+    { status =
+        Prelude.Nothing,
+      certificatePem = pCertificatePem_
+    }
+
+-- | The status of the register certificate request.
+registerCertificateWithoutCA_status :: Lens.Lens' RegisterCertificateWithoutCA (Prelude.Maybe CertificateStatus)
+registerCertificateWithoutCA_status = Lens.lens (\RegisterCertificateWithoutCA' {status} -> status) (\s@RegisterCertificateWithoutCA' {} a -> s {status = a} :: RegisterCertificateWithoutCA)
+
+-- | The certificate data, in PEM format.
+registerCertificateWithoutCA_certificatePem :: Lens.Lens' RegisterCertificateWithoutCA Prelude.Text
+registerCertificateWithoutCA_certificatePem = Lens.lens (\RegisterCertificateWithoutCA' {certificatePem} -> certificatePem) (\s@RegisterCertificateWithoutCA' {} a -> s {certificatePem = a} :: RegisterCertificateWithoutCA)
+
+instance Core.AWSRequest RegisterCertificateWithoutCA where
+  type
+    AWSResponse RegisterCertificateWithoutCA =
+      RegisterCertificateWithoutCAResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          RegisterCertificateWithoutCAResponse'
+            Prelude.<$> (x Data..?> "certificateArn")
+            Prelude.<*> (x Data..?> "certificateId")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    RegisterCertificateWithoutCA
+  where
+  hashWithSalt _salt RegisterCertificateWithoutCA' {..} =
+    _salt
+      `Prelude.hashWithSalt` status
+      `Prelude.hashWithSalt` certificatePem
+
+instance Prelude.NFData RegisterCertificateWithoutCA where
+  rnf RegisterCertificateWithoutCA' {..} =
+    Prelude.rnf status
+      `Prelude.seq` Prelude.rnf certificatePem
+
+instance Data.ToHeaders RegisterCertificateWithoutCA where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON RegisterCertificateWithoutCA where
+  toJSON RegisterCertificateWithoutCA' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("status" Data..=) Prelude.<$> status,
+            Prelude.Just
+              ("certificatePem" Data..= certificatePem)
+          ]
+      )
+
+instance Data.ToPath RegisterCertificateWithoutCA where
+  toPath = Prelude.const "/certificate/register-no-ca"
+
+instance Data.ToQuery RegisterCertificateWithoutCA where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newRegisterCertificateWithoutCAResponse' smart constructor.
+data RegisterCertificateWithoutCAResponse = RegisterCertificateWithoutCAResponse'
+  { -- | The Amazon Resource Name (ARN) of the registered certificate.
+    certificateArn :: Prelude.Maybe Prelude.Text,
+    -- | The ID of the registered certificate. (The last part of the certificate
+    -- ARN contains the certificate ID.
+    certificateId :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'RegisterCertificateWithoutCAResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificateArn', 'registerCertificateWithoutCAResponse_certificateArn' - The Amazon Resource Name (ARN) of the registered certificate.
+--
+-- 'certificateId', 'registerCertificateWithoutCAResponse_certificateId' - The ID of the registered certificate. (The last part of the certificate
+-- ARN contains the certificate ID.
+--
+-- 'httpStatus', 'registerCertificateWithoutCAResponse_httpStatus' - The response's http status code.
+newRegisterCertificateWithoutCAResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  RegisterCertificateWithoutCAResponse
+newRegisterCertificateWithoutCAResponse pHttpStatus_ =
+  RegisterCertificateWithoutCAResponse'
+    { certificateArn =
+        Prelude.Nothing,
+      certificateId = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The Amazon Resource Name (ARN) of the registered certificate.
+registerCertificateWithoutCAResponse_certificateArn :: Lens.Lens' RegisterCertificateWithoutCAResponse (Prelude.Maybe Prelude.Text)
+registerCertificateWithoutCAResponse_certificateArn = Lens.lens (\RegisterCertificateWithoutCAResponse' {certificateArn} -> certificateArn) (\s@RegisterCertificateWithoutCAResponse' {} a -> s {certificateArn = a} :: RegisterCertificateWithoutCAResponse)
+
+-- | The ID of the registered certificate. (The last part of the certificate
+-- ARN contains the certificate ID.
+registerCertificateWithoutCAResponse_certificateId :: Lens.Lens' RegisterCertificateWithoutCAResponse (Prelude.Maybe Prelude.Text)
+registerCertificateWithoutCAResponse_certificateId = Lens.lens (\RegisterCertificateWithoutCAResponse' {certificateId} -> certificateId) (\s@RegisterCertificateWithoutCAResponse' {} a -> s {certificateId = a} :: RegisterCertificateWithoutCAResponse)
+
+-- | The response's http status code.
+registerCertificateWithoutCAResponse_httpStatus :: Lens.Lens' RegisterCertificateWithoutCAResponse Prelude.Int
+registerCertificateWithoutCAResponse_httpStatus = Lens.lens (\RegisterCertificateWithoutCAResponse' {httpStatus} -> httpStatus) (\s@RegisterCertificateWithoutCAResponse' {} a -> s {httpStatus = a} :: RegisterCertificateWithoutCAResponse)
+
+instance
+  Prelude.NFData
+    RegisterCertificateWithoutCAResponse
+  where
+  rnf RegisterCertificateWithoutCAResponse' {..} =
+    Prelude.rnf certificateArn
+      `Prelude.seq` Prelude.rnf certificateId
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/RegisterThing.hs b/gen/Amazonka/IoT/RegisterThing.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/RegisterThing.hs
@@ -0,0 +1,207 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.RegisterThing
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Provisions a thing in the device registry. RegisterThing calls other IoT
+-- control plane APIs. These calls might exceed your account level
+-- <https://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html#limits_iot IoT Throttling Limits>
+-- and cause throttle errors. Please contact
+-- <https://console.aws.amazon.com/support/home Amazon Web Services Customer Support>
+-- to raise your throttling limits if necessary.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions RegisterThing>
+-- action.
+module Amazonka.IoT.RegisterThing
+  ( -- * Creating a Request
+    RegisterThing (..),
+    newRegisterThing,
+
+    -- * Request Lenses
+    registerThing_parameters,
+    registerThing_templateBody,
+
+    -- * Destructuring the Response
+    RegisterThingResponse (..),
+    newRegisterThingResponse,
+
+    -- * Response Lenses
+    registerThingResponse_certificatePem,
+    registerThingResponse_resourceArns,
+    registerThingResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newRegisterThing' smart constructor.
+data RegisterThing = RegisterThing'
+  { -- | The parameters for provisioning a thing. See
+    -- <https://docs.aws.amazon.com/iot/latest/developerguide/provision-template.html Provisioning Templates>
+    -- for more information.
+    parameters :: Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text),
+    -- | The provisioning template. See
+    -- <https://docs.aws.amazon.com/iot/latest/developerguide/provision-w-cert.html Provisioning Devices That Have Device Certificates>
+    -- for more information.
+    templateBody :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'RegisterThing' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'parameters', 'registerThing_parameters' - The parameters for provisioning a thing. See
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/provision-template.html Provisioning Templates>
+-- for more information.
+--
+-- 'templateBody', 'registerThing_templateBody' - The provisioning template. See
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/provision-w-cert.html Provisioning Devices That Have Device Certificates>
+-- for more information.
+newRegisterThing ::
+  -- | 'templateBody'
+  Prelude.Text ->
+  RegisterThing
+newRegisterThing pTemplateBody_ =
+  RegisterThing'
+    { parameters = Prelude.Nothing,
+      templateBody = pTemplateBody_
+    }
+
+-- | The parameters for provisioning a thing. See
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/provision-template.html Provisioning Templates>
+-- for more information.
+registerThing_parameters :: Lens.Lens' RegisterThing (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
+registerThing_parameters = Lens.lens (\RegisterThing' {parameters} -> parameters) (\s@RegisterThing' {} a -> s {parameters = a} :: RegisterThing) Prelude.. Lens.mapping Lens.coerced
+
+-- | The provisioning template. See
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/provision-w-cert.html Provisioning Devices That Have Device Certificates>
+-- for more information.
+registerThing_templateBody :: Lens.Lens' RegisterThing Prelude.Text
+registerThing_templateBody = Lens.lens (\RegisterThing' {templateBody} -> templateBody) (\s@RegisterThing' {} a -> s {templateBody = a} :: RegisterThing)
+
+instance Core.AWSRequest RegisterThing where
+  type
+    AWSResponse RegisterThing =
+      RegisterThingResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          RegisterThingResponse'
+            Prelude.<$> (x Data..?> "certificatePem")
+            Prelude.<*> (x Data..?> "resourceArns" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable RegisterThing where
+  hashWithSalt _salt RegisterThing' {..} =
+    _salt
+      `Prelude.hashWithSalt` parameters
+      `Prelude.hashWithSalt` templateBody
+
+instance Prelude.NFData RegisterThing where
+  rnf RegisterThing' {..} =
+    Prelude.rnf parameters
+      `Prelude.seq` Prelude.rnf templateBody
+
+instance Data.ToHeaders RegisterThing where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON RegisterThing where
+  toJSON RegisterThing' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("parameters" Data..=) Prelude.<$> parameters,
+            Prelude.Just ("templateBody" Data..= templateBody)
+          ]
+      )
+
+instance Data.ToPath RegisterThing where
+  toPath = Prelude.const "/things"
+
+instance Data.ToQuery RegisterThing where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newRegisterThingResponse' smart constructor.
+data RegisterThingResponse = RegisterThingResponse'
+  { -- | The certificate data, in PEM format.
+    certificatePem :: Prelude.Maybe Prelude.Text,
+    -- | ARNs for the generated resources.
+    resourceArns :: Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text),
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'RegisterThingResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificatePem', 'registerThingResponse_certificatePem' - The certificate data, in PEM format.
+--
+-- 'resourceArns', 'registerThingResponse_resourceArns' - ARNs for the generated resources.
+--
+-- 'httpStatus', 'registerThingResponse_httpStatus' - The response's http status code.
+newRegisterThingResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  RegisterThingResponse
+newRegisterThingResponse pHttpStatus_ =
+  RegisterThingResponse'
+    { certificatePem =
+        Prelude.Nothing,
+      resourceArns = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The certificate data, in PEM format.
+registerThingResponse_certificatePem :: Lens.Lens' RegisterThingResponse (Prelude.Maybe Prelude.Text)
+registerThingResponse_certificatePem = Lens.lens (\RegisterThingResponse' {certificatePem} -> certificatePem) (\s@RegisterThingResponse' {} a -> s {certificatePem = a} :: RegisterThingResponse)
+
+-- | ARNs for the generated resources.
+registerThingResponse_resourceArns :: Lens.Lens' RegisterThingResponse (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
+registerThingResponse_resourceArns = Lens.lens (\RegisterThingResponse' {resourceArns} -> resourceArns) (\s@RegisterThingResponse' {} a -> s {resourceArns = a} :: RegisterThingResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+registerThingResponse_httpStatus :: Lens.Lens' RegisterThingResponse Prelude.Int
+registerThingResponse_httpStatus = Lens.lens (\RegisterThingResponse' {httpStatus} -> httpStatus) (\s@RegisterThingResponse' {} a -> s {httpStatus = a} :: RegisterThingResponse)
+
+instance Prelude.NFData RegisterThingResponse where
+  rnf RegisterThingResponse' {..} =
+    Prelude.rnf certificatePem
+      `Prelude.seq` Prelude.rnf resourceArns
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/RejectCertificateTransfer.hs b/gen/Amazonka/IoT/RejectCertificateTransfer.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/RejectCertificateTransfer.hs
@@ -0,0 +1,164 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.RejectCertificateTransfer
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Rejects a pending certificate transfer. After IoT rejects a certificate
+-- transfer, the certificate status changes from __PENDING_TRANSFER__ to
+-- __INACTIVE__.
+--
+-- To check for pending certificate transfers, call ListCertificates to
+-- enumerate your certificates.
+--
+-- This operation can only be called by the transfer destination. After it
+-- is called, the certificate will be returned to the source\'s account in
+-- the INACTIVE state.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions RejectCertificateTransfer>
+-- action.
+module Amazonka.IoT.RejectCertificateTransfer
+  ( -- * Creating a Request
+    RejectCertificateTransfer (..),
+    newRejectCertificateTransfer,
+
+    -- * Request Lenses
+    rejectCertificateTransfer_rejectReason,
+    rejectCertificateTransfer_certificateId,
+
+    -- * Destructuring the Response
+    RejectCertificateTransferResponse (..),
+    newRejectCertificateTransferResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the RejectCertificateTransfer operation.
+--
+-- /See:/ 'newRejectCertificateTransfer' smart constructor.
+data RejectCertificateTransfer = RejectCertificateTransfer'
+  { -- | The reason the certificate transfer was rejected.
+    rejectReason :: Prelude.Maybe Prelude.Text,
+    -- | The ID of the certificate. (The last part of the certificate ARN
+    -- contains the certificate ID.)
+    certificateId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'RejectCertificateTransfer' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'rejectReason', 'rejectCertificateTransfer_rejectReason' - The reason the certificate transfer was rejected.
+--
+-- 'certificateId', 'rejectCertificateTransfer_certificateId' - The ID of the certificate. (The last part of the certificate ARN
+-- contains the certificate ID.)
+newRejectCertificateTransfer ::
+  -- | 'certificateId'
+  Prelude.Text ->
+  RejectCertificateTransfer
+newRejectCertificateTransfer pCertificateId_ =
+  RejectCertificateTransfer'
+    { rejectReason =
+        Prelude.Nothing,
+      certificateId = pCertificateId_
+    }
+
+-- | The reason the certificate transfer was rejected.
+rejectCertificateTransfer_rejectReason :: Lens.Lens' RejectCertificateTransfer (Prelude.Maybe Prelude.Text)
+rejectCertificateTransfer_rejectReason = Lens.lens (\RejectCertificateTransfer' {rejectReason} -> rejectReason) (\s@RejectCertificateTransfer' {} a -> s {rejectReason = a} :: RejectCertificateTransfer)
+
+-- | The ID of the certificate. (The last part of the certificate ARN
+-- contains the certificate ID.)
+rejectCertificateTransfer_certificateId :: Lens.Lens' RejectCertificateTransfer Prelude.Text
+rejectCertificateTransfer_certificateId = Lens.lens (\RejectCertificateTransfer' {certificateId} -> certificateId) (\s@RejectCertificateTransfer' {} a -> s {certificateId = a} :: RejectCertificateTransfer)
+
+instance Core.AWSRequest RejectCertificateTransfer where
+  type
+    AWSResponse RejectCertificateTransfer =
+      RejectCertificateTransferResponse
+  request overrides =
+    Request.patchJSON (overrides defaultService)
+  response =
+    Response.receiveNull
+      RejectCertificateTransferResponse'
+
+instance Prelude.Hashable RejectCertificateTransfer where
+  hashWithSalt _salt RejectCertificateTransfer' {..} =
+    _salt
+      `Prelude.hashWithSalt` rejectReason
+      `Prelude.hashWithSalt` certificateId
+
+instance Prelude.NFData RejectCertificateTransfer where
+  rnf RejectCertificateTransfer' {..} =
+    Prelude.rnf rejectReason
+      `Prelude.seq` Prelude.rnf certificateId
+
+instance Data.ToHeaders RejectCertificateTransfer where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON RejectCertificateTransfer where
+  toJSON RejectCertificateTransfer' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [("rejectReason" Data..=) Prelude.<$> rejectReason]
+      )
+
+instance Data.ToPath RejectCertificateTransfer where
+  toPath RejectCertificateTransfer' {..} =
+    Prelude.mconcat
+      [ "/reject-certificate-transfer/",
+        Data.toBS certificateId
+      ]
+
+instance Data.ToQuery RejectCertificateTransfer where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newRejectCertificateTransferResponse' smart constructor.
+data RejectCertificateTransferResponse = RejectCertificateTransferResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'RejectCertificateTransferResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newRejectCertificateTransferResponse ::
+  RejectCertificateTransferResponse
+newRejectCertificateTransferResponse =
+  RejectCertificateTransferResponse'
+
+instance
+  Prelude.NFData
+    RejectCertificateTransferResponse
+  where
+  rnf _ = ()
diff --git a/gen/Amazonka/IoT/RemoveThingFromBillingGroup.hs b/gen/Amazonka/IoT/RemoveThingFromBillingGroup.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/RemoveThingFromBillingGroup.hs
@@ -0,0 +1,201 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.RemoveThingFromBillingGroup
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Removes the given thing from the billing group.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions RemoveThingFromBillingGroup>
+-- action.
+--
+-- This call is asynchronous. It might take several seconds for the
+-- detachment to propagate.
+module Amazonka.IoT.RemoveThingFromBillingGroup
+  ( -- * Creating a Request
+    RemoveThingFromBillingGroup (..),
+    newRemoveThingFromBillingGroup,
+
+    -- * Request Lenses
+    removeThingFromBillingGroup_billingGroupArn,
+    removeThingFromBillingGroup_billingGroupName,
+    removeThingFromBillingGroup_thingArn,
+    removeThingFromBillingGroup_thingName,
+
+    -- * Destructuring the Response
+    RemoveThingFromBillingGroupResponse (..),
+    newRemoveThingFromBillingGroupResponse,
+
+    -- * Response Lenses
+    removeThingFromBillingGroupResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newRemoveThingFromBillingGroup' smart constructor.
+data RemoveThingFromBillingGroup = RemoveThingFromBillingGroup'
+  { -- | The ARN of the billing group.
+    billingGroupArn :: Prelude.Maybe Prelude.Text,
+    -- | The name of the billing group.
+    billingGroupName :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the thing to be removed from the billing group.
+    thingArn :: Prelude.Maybe Prelude.Text,
+    -- | The name of the thing to be removed from the billing group.
+    thingName :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'RemoveThingFromBillingGroup' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'billingGroupArn', 'removeThingFromBillingGroup_billingGroupArn' - The ARN of the billing group.
+--
+-- 'billingGroupName', 'removeThingFromBillingGroup_billingGroupName' - The name of the billing group.
+--
+-- 'thingArn', 'removeThingFromBillingGroup_thingArn' - The ARN of the thing to be removed from the billing group.
+--
+-- 'thingName', 'removeThingFromBillingGroup_thingName' - The name of the thing to be removed from the billing group.
+newRemoveThingFromBillingGroup ::
+  RemoveThingFromBillingGroup
+newRemoveThingFromBillingGroup =
+  RemoveThingFromBillingGroup'
+    { billingGroupArn =
+        Prelude.Nothing,
+      billingGroupName = Prelude.Nothing,
+      thingArn = Prelude.Nothing,
+      thingName = Prelude.Nothing
+    }
+
+-- | The ARN of the billing group.
+removeThingFromBillingGroup_billingGroupArn :: Lens.Lens' RemoveThingFromBillingGroup (Prelude.Maybe Prelude.Text)
+removeThingFromBillingGroup_billingGroupArn = Lens.lens (\RemoveThingFromBillingGroup' {billingGroupArn} -> billingGroupArn) (\s@RemoveThingFromBillingGroup' {} a -> s {billingGroupArn = a} :: RemoveThingFromBillingGroup)
+
+-- | The name of the billing group.
+removeThingFromBillingGroup_billingGroupName :: Lens.Lens' RemoveThingFromBillingGroup (Prelude.Maybe Prelude.Text)
+removeThingFromBillingGroup_billingGroupName = Lens.lens (\RemoveThingFromBillingGroup' {billingGroupName} -> billingGroupName) (\s@RemoveThingFromBillingGroup' {} a -> s {billingGroupName = a} :: RemoveThingFromBillingGroup)
+
+-- | The ARN of the thing to be removed from the billing group.
+removeThingFromBillingGroup_thingArn :: Lens.Lens' RemoveThingFromBillingGroup (Prelude.Maybe Prelude.Text)
+removeThingFromBillingGroup_thingArn = Lens.lens (\RemoveThingFromBillingGroup' {thingArn} -> thingArn) (\s@RemoveThingFromBillingGroup' {} a -> s {thingArn = a} :: RemoveThingFromBillingGroup)
+
+-- | The name of the thing to be removed from the billing group.
+removeThingFromBillingGroup_thingName :: Lens.Lens' RemoveThingFromBillingGroup (Prelude.Maybe Prelude.Text)
+removeThingFromBillingGroup_thingName = Lens.lens (\RemoveThingFromBillingGroup' {thingName} -> thingName) (\s@RemoveThingFromBillingGroup' {} a -> s {thingName = a} :: RemoveThingFromBillingGroup)
+
+instance Core.AWSRequest RemoveThingFromBillingGroup where
+  type
+    AWSResponse RemoveThingFromBillingGroup =
+      RemoveThingFromBillingGroupResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          RemoveThingFromBillingGroupResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable RemoveThingFromBillingGroup where
+  hashWithSalt _salt RemoveThingFromBillingGroup' {..} =
+    _salt
+      `Prelude.hashWithSalt` billingGroupArn
+      `Prelude.hashWithSalt` billingGroupName
+      `Prelude.hashWithSalt` thingArn
+      `Prelude.hashWithSalt` thingName
+
+instance Prelude.NFData RemoveThingFromBillingGroup where
+  rnf RemoveThingFromBillingGroup' {..} =
+    Prelude.rnf billingGroupArn
+      `Prelude.seq` Prelude.rnf billingGroupName
+      `Prelude.seq` Prelude.rnf thingArn
+      `Prelude.seq` Prelude.rnf thingName
+
+instance Data.ToHeaders RemoveThingFromBillingGroup where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON RemoveThingFromBillingGroup where
+  toJSON RemoveThingFromBillingGroup' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("billingGroupArn" Data..=)
+              Prelude.<$> billingGroupArn,
+            ("billingGroupName" Data..=)
+              Prelude.<$> billingGroupName,
+            ("thingArn" Data..=) Prelude.<$> thingArn,
+            ("thingName" Data..=) Prelude.<$> thingName
+          ]
+      )
+
+instance Data.ToPath RemoveThingFromBillingGroup where
+  toPath =
+    Prelude.const
+      "/billing-groups/removeThingFromBillingGroup"
+
+instance Data.ToQuery RemoveThingFromBillingGroup where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newRemoveThingFromBillingGroupResponse' smart constructor.
+data RemoveThingFromBillingGroupResponse = RemoveThingFromBillingGroupResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'RemoveThingFromBillingGroupResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'removeThingFromBillingGroupResponse_httpStatus' - The response's http status code.
+newRemoveThingFromBillingGroupResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  RemoveThingFromBillingGroupResponse
+newRemoveThingFromBillingGroupResponse pHttpStatus_ =
+  RemoveThingFromBillingGroupResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+removeThingFromBillingGroupResponse_httpStatus :: Lens.Lens' RemoveThingFromBillingGroupResponse Prelude.Int
+removeThingFromBillingGroupResponse_httpStatus = Lens.lens (\RemoveThingFromBillingGroupResponse' {httpStatus} -> httpStatus) (\s@RemoveThingFromBillingGroupResponse' {} a -> s {httpStatus = a} :: RemoveThingFromBillingGroupResponse)
+
+instance
+  Prelude.NFData
+    RemoveThingFromBillingGroupResponse
+  where
+  rnf RemoveThingFromBillingGroupResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/RemoveThingFromThingGroup.hs b/gen/Amazonka/IoT/RemoveThingFromThingGroup.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/RemoveThingFromThingGroup.hs
@@ -0,0 +1,201 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.RemoveThingFromThingGroup
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Remove the specified thing from the specified group.
+--
+-- You must specify either a @thingGroupArn@ or a @thingGroupName@ to
+-- identify the thing group and either a @thingArn@ or a @thingName@ to
+-- identify the thing to remove from the thing group.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions RemoveThingFromThingGroup>
+-- action.
+module Amazonka.IoT.RemoveThingFromThingGroup
+  ( -- * Creating a Request
+    RemoveThingFromThingGroup (..),
+    newRemoveThingFromThingGroup,
+
+    -- * Request Lenses
+    removeThingFromThingGroup_thingArn,
+    removeThingFromThingGroup_thingGroupArn,
+    removeThingFromThingGroup_thingGroupName,
+    removeThingFromThingGroup_thingName,
+
+    -- * Destructuring the Response
+    RemoveThingFromThingGroupResponse (..),
+    newRemoveThingFromThingGroupResponse,
+
+    -- * Response Lenses
+    removeThingFromThingGroupResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newRemoveThingFromThingGroup' smart constructor.
+data RemoveThingFromThingGroup = RemoveThingFromThingGroup'
+  { -- | The ARN of the thing to remove from the group.
+    thingArn :: Prelude.Maybe Prelude.Text,
+    -- | The group ARN.
+    thingGroupArn :: Prelude.Maybe Prelude.Text,
+    -- | The group name.
+    thingGroupName :: Prelude.Maybe Prelude.Text,
+    -- | The name of the thing to remove from the group.
+    thingName :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'RemoveThingFromThingGroup' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'thingArn', 'removeThingFromThingGroup_thingArn' - The ARN of the thing to remove from the group.
+--
+-- 'thingGroupArn', 'removeThingFromThingGroup_thingGroupArn' - The group ARN.
+--
+-- 'thingGroupName', 'removeThingFromThingGroup_thingGroupName' - The group name.
+--
+-- 'thingName', 'removeThingFromThingGroup_thingName' - The name of the thing to remove from the group.
+newRemoveThingFromThingGroup ::
+  RemoveThingFromThingGroup
+newRemoveThingFromThingGroup =
+  RemoveThingFromThingGroup'
+    { thingArn =
+        Prelude.Nothing,
+      thingGroupArn = Prelude.Nothing,
+      thingGroupName = Prelude.Nothing,
+      thingName = Prelude.Nothing
+    }
+
+-- | The ARN of the thing to remove from the group.
+removeThingFromThingGroup_thingArn :: Lens.Lens' RemoveThingFromThingGroup (Prelude.Maybe Prelude.Text)
+removeThingFromThingGroup_thingArn = Lens.lens (\RemoveThingFromThingGroup' {thingArn} -> thingArn) (\s@RemoveThingFromThingGroup' {} a -> s {thingArn = a} :: RemoveThingFromThingGroup)
+
+-- | The group ARN.
+removeThingFromThingGroup_thingGroupArn :: Lens.Lens' RemoveThingFromThingGroup (Prelude.Maybe Prelude.Text)
+removeThingFromThingGroup_thingGroupArn = Lens.lens (\RemoveThingFromThingGroup' {thingGroupArn} -> thingGroupArn) (\s@RemoveThingFromThingGroup' {} a -> s {thingGroupArn = a} :: RemoveThingFromThingGroup)
+
+-- | The group name.
+removeThingFromThingGroup_thingGroupName :: Lens.Lens' RemoveThingFromThingGroup (Prelude.Maybe Prelude.Text)
+removeThingFromThingGroup_thingGroupName = Lens.lens (\RemoveThingFromThingGroup' {thingGroupName} -> thingGroupName) (\s@RemoveThingFromThingGroup' {} a -> s {thingGroupName = a} :: RemoveThingFromThingGroup)
+
+-- | The name of the thing to remove from the group.
+removeThingFromThingGroup_thingName :: Lens.Lens' RemoveThingFromThingGroup (Prelude.Maybe Prelude.Text)
+removeThingFromThingGroup_thingName = Lens.lens (\RemoveThingFromThingGroup' {thingName} -> thingName) (\s@RemoveThingFromThingGroup' {} a -> s {thingName = a} :: RemoveThingFromThingGroup)
+
+instance Core.AWSRequest RemoveThingFromThingGroup where
+  type
+    AWSResponse RemoveThingFromThingGroup =
+      RemoveThingFromThingGroupResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          RemoveThingFromThingGroupResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable RemoveThingFromThingGroup where
+  hashWithSalt _salt RemoveThingFromThingGroup' {..} =
+    _salt
+      `Prelude.hashWithSalt` thingArn
+      `Prelude.hashWithSalt` thingGroupArn
+      `Prelude.hashWithSalt` thingGroupName
+      `Prelude.hashWithSalt` thingName
+
+instance Prelude.NFData RemoveThingFromThingGroup where
+  rnf RemoveThingFromThingGroup' {..} =
+    Prelude.rnf thingArn
+      `Prelude.seq` Prelude.rnf thingGroupArn
+      `Prelude.seq` Prelude.rnf thingGroupName
+      `Prelude.seq` Prelude.rnf thingName
+
+instance Data.ToHeaders RemoveThingFromThingGroup where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON RemoveThingFromThingGroup where
+  toJSON RemoveThingFromThingGroup' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("thingArn" Data..=) Prelude.<$> thingArn,
+            ("thingGroupArn" Data..=) Prelude.<$> thingGroupArn,
+            ("thingGroupName" Data..=)
+              Prelude.<$> thingGroupName,
+            ("thingName" Data..=) Prelude.<$> thingName
+          ]
+      )
+
+instance Data.ToPath RemoveThingFromThingGroup where
+  toPath =
+    Prelude.const
+      "/thing-groups/removeThingFromThingGroup"
+
+instance Data.ToQuery RemoveThingFromThingGroup where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newRemoveThingFromThingGroupResponse' smart constructor.
+data RemoveThingFromThingGroupResponse = RemoveThingFromThingGroupResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'RemoveThingFromThingGroupResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'removeThingFromThingGroupResponse_httpStatus' - The response's http status code.
+newRemoveThingFromThingGroupResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  RemoveThingFromThingGroupResponse
+newRemoveThingFromThingGroupResponse pHttpStatus_ =
+  RemoveThingFromThingGroupResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+removeThingFromThingGroupResponse_httpStatus :: Lens.Lens' RemoveThingFromThingGroupResponse Prelude.Int
+removeThingFromThingGroupResponse_httpStatus = Lens.lens (\RemoveThingFromThingGroupResponse' {httpStatus} -> httpStatus) (\s@RemoveThingFromThingGroupResponse' {} a -> s {httpStatus = a} :: RemoveThingFromThingGroupResponse)
+
+instance
+  Prelude.NFData
+    RemoveThingFromThingGroupResponse
+  where
+  rnf RemoveThingFromThingGroupResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ReplaceTopicRule.hs b/gen/Amazonka/IoT/ReplaceTopicRule.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ReplaceTopicRule.hs
@@ -0,0 +1,146 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ReplaceTopicRule
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Replaces the rule. You must specify all parameters for the new rule.
+-- Creating rules is an administrator-level action. Any user who has
+-- permission to create rules will be able to access data processed by the
+-- rule.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ReplaceTopicRule>
+-- action.
+module Amazonka.IoT.ReplaceTopicRule
+  ( -- * Creating a Request
+    ReplaceTopicRule (..),
+    newReplaceTopicRule,
+
+    -- * Request Lenses
+    replaceTopicRule_ruleName,
+    replaceTopicRule_topicRulePayload,
+
+    -- * Destructuring the Response
+    ReplaceTopicRuleResponse (..),
+    newReplaceTopicRuleResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the ReplaceTopicRule operation.
+--
+-- /See:/ 'newReplaceTopicRule' smart constructor.
+data ReplaceTopicRule = ReplaceTopicRule'
+  { -- | The name of the rule.
+    ruleName :: Prelude.Text,
+    -- | The rule payload.
+    topicRulePayload :: TopicRulePayload
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ReplaceTopicRule' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'ruleName', 'replaceTopicRule_ruleName' - The name of the rule.
+--
+-- 'topicRulePayload', 'replaceTopicRule_topicRulePayload' - The rule payload.
+newReplaceTopicRule ::
+  -- | 'ruleName'
+  Prelude.Text ->
+  -- | 'topicRulePayload'
+  TopicRulePayload ->
+  ReplaceTopicRule
+newReplaceTopicRule pRuleName_ pTopicRulePayload_ =
+  ReplaceTopicRule'
+    { ruleName = pRuleName_,
+      topicRulePayload = pTopicRulePayload_
+    }
+
+-- | The name of the rule.
+replaceTopicRule_ruleName :: Lens.Lens' ReplaceTopicRule Prelude.Text
+replaceTopicRule_ruleName = Lens.lens (\ReplaceTopicRule' {ruleName} -> ruleName) (\s@ReplaceTopicRule' {} a -> s {ruleName = a} :: ReplaceTopicRule)
+
+-- | The rule payload.
+replaceTopicRule_topicRulePayload :: Lens.Lens' ReplaceTopicRule TopicRulePayload
+replaceTopicRule_topicRulePayload = Lens.lens (\ReplaceTopicRule' {topicRulePayload} -> topicRulePayload) (\s@ReplaceTopicRule' {} a -> s {topicRulePayload = a} :: ReplaceTopicRule)
+
+instance Core.AWSRequest ReplaceTopicRule where
+  type
+    AWSResponse ReplaceTopicRule =
+      ReplaceTopicRuleResponse
+  request overrides =
+    Request.patchJSON (overrides defaultService)
+  response =
+    Response.receiveNull ReplaceTopicRuleResponse'
+
+instance Prelude.Hashable ReplaceTopicRule where
+  hashWithSalt _salt ReplaceTopicRule' {..} =
+    _salt
+      `Prelude.hashWithSalt` ruleName
+      `Prelude.hashWithSalt` topicRulePayload
+
+instance Prelude.NFData ReplaceTopicRule where
+  rnf ReplaceTopicRule' {..} =
+    Prelude.rnf ruleName
+      `Prelude.seq` Prelude.rnf topicRulePayload
+
+instance Data.ToHeaders ReplaceTopicRule where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON ReplaceTopicRule where
+  toJSON ReplaceTopicRule' {..} =
+    Data.toJSON topicRulePayload
+
+instance Data.ToPath ReplaceTopicRule where
+  toPath ReplaceTopicRule' {..} =
+    Prelude.mconcat ["/rules/", Data.toBS ruleName]
+
+instance Data.ToQuery ReplaceTopicRule where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newReplaceTopicRuleResponse' smart constructor.
+data ReplaceTopicRuleResponse = ReplaceTopicRuleResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ReplaceTopicRuleResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newReplaceTopicRuleResponse ::
+  ReplaceTopicRuleResponse
+newReplaceTopicRuleResponse =
+  ReplaceTopicRuleResponse'
+
+instance Prelude.NFData ReplaceTopicRuleResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/IoT/SearchIndex.hs b/gen/Amazonka/IoT/SearchIndex.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/SearchIndex.hs
@@ -0,0 +1,250 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.SearchIndex
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- The query search index.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions SearchIndex>
+-- action.
+module Amazonka.IoT.SearchIndex
+  ( -- * Creating a Request
+    SearchIndex (..),
+    newSearchIndex,
+
+    -- * Request Lenses
+    searchIndex_indexName,
+    searchIndex_maxResults,
+    searchIndex_nextToken,
+    searchIndex_queryVersion,
+    searchIndex_queryString,
+
+    -- * Destructuring the Response
+    SearchIndexResponse (..),
+    newSearchIndexResponse,
+
+    -- * Response Lenses
+    searchIndexResponse_nextToken,
+    searchIndexResponse_thingGroups,
+    searchIndexResponse_things,
+    searchIndexResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newSearchIndex' smart constructor.
+data SearchIndex = SearchIndex'
+  { -- | The search index name.
+    indexName :: Prelude.Maybe Prelude.Text,
+    -- | The maximum number of results to return at one time.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The token used to get the next set of results, or @null@ if there are no
+    -- additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The query version.
+    queryVersion :: Prelude.Maybe Prelude.Text,
+    -- | The search query string. For more information about the search query
+    -- syntax, see
+    -- <https://docs.aws.amazon.com/iot/latest/developerguide/query-syntax.html Query syntax>.
+    queryString :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'SearchIndex' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'indexName', 'searchIndex_indexName' - The search index name.
+--
+-- 'maxResults', 'searchIndex_maxResults' - The maximum number of results to return at one time.
+--
+-- 'nextToken', 'searchIndex_nextToken' - The token used to get the next set of results, or @null@ if there are no
+-- additional results.
+--
+-- 'queryVersion', 'searchIndex_queryVersion' - The query version.
+--
+-- 'queryString', 'searchIndex_queryString' - The search query string. For more information about the search query
+-- syntax, see
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/query-syntax.html Query syntax>.
+newSearchIndex ::
+  -- | 'queryString'
+  Prelude.Text ->
+  SearchIndex
+newSearchIndex pQueryString_ =
+  SearchIndex'
+    { indexName = Prelude.Nothing,
+      maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      queryVersion = Prelude.Nothing,
+      queryString = pQueryString_
+    }
+
+-- | The search index name.
+searchIndex_indexName :: Lens.Lens' SearchIndex (Prelude.Maybe Prelude.Text)
+searchIndex_indexName = Lens.lens (\SearchIndex' {indexName} -> indexName) (\s@SearchIndex' {} a -> s {indexName = a} :: SearchIndex)
+
+-- | The maximum number of results to return at one time.
+searchIndex_maxResults :: Lens.Lens' SearchIndex (Prelude.Maybe Prelude.Natural)
+searchIndex_maxResults = Lens.lens (\SearchIndex' {maxResults} -> maxResults) (\s@SearchIndex' {} a -> s {maxResults = a} :: SearchIndex)
+
+-- | The token used to get the next set of results, or @null@ if there are no
+-- additional results.
+searchIndex_nextToken :: Lens.Lens' SearchIndex (Prelude.Maybe Prelude.Text)
+searchIndex_nextToken = Lens.lens (\SearchIndex' {nextToken} -> nextToken) (\s@SearchIndex' {} a -> s {nextToken = a} :: SearchIndex)
+
+-- | The query version.
+searchIndex_queryVersion :: Lens.Lens' SearchIndex (Prelude.Maybe Prelude.Text)
+searchIndex_queryVersion = Lens.lens (\SearchIndex' {queryVersion} -> queryVersion) (\s@SearchIndex' {} a -> s {queryVersion = a} :: SearchIndex)
+
+-- | The search query string. For more information about the search query
+-- syntax, see
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/query-syntax.html Query syntax>.
+searchIndex_queryString :: Lens.Lens' SearchIndex Prelude.Text
+searchIndex_queryString = Lens.lens (\SearchIndex' {queryString} -> queryString) (\s@SearchIndex' {} a -> s {queryString = a} :: SearchIndex)
+
+instance Core.AWSRequest SearchIndex where
+  type AWSResponse SearchIndex = SearchIndexResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          SearchIndexResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (x Data..?> "thingGroups" Core..!@ Prelude.mempty)
+            Prelude.<*> (x Data..?> "things" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable SearchIndex where
+  hashWithSalt _salt SearchIndex' {..} =
+    _salt
+      `Prelude.hashWithSalt` indexName
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` queryVersion
+      `Prelude.hashWithSalt` queryString
+
+instance Prelude.NFData SearchIndex where
+  rnf SearchIndex' {..} =
+    Prelude.rnf indexName
+      `Prelude.seq` Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf queryVersion
+      `Prelude.seq` Prelude.rnf queryString
+
+instance Data.ToHeaders SearchIndex where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON SearchIndex where
+  toJSON SearchIndex' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("indexName" Data..=) Prelude.<$> indexName,
+            ("maxResults" Data..=) Prelude.<$> maxResults,
+            ("nextToken" Data..=) Prelude.<$> nextToken,
+            ("queryVersion" Data..=) Prelude.<$> queryVersion,
+            Prelude.Just ("queryString" Data..= queryString)
+          ]
+      )
+
+instance Data.ToPath SearchIndex where
+  toPath = Prelude.const "/indices/search"
+
+instance Data.ToQuery SearchIndex where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newSearchIndexResponse' smart constructor.
+data SearchIndexResponse = SearchIndexResponse'
+  { -- | The token used to get the next set of results, or @null@ if there are no
+    -- additional results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The thing groups that match the search query.
+    thingGroups :: Prelude.Maybe [ThingGroupDocument],
+    -- | The things that match the search query.
+    things :: Prelude.Maybe [ThingDocument],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'SearchIndexResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'searchIndexResponse_nextToken' - The token used to get the next set of results, or @null@ if there are no
+-- additional results.
+--
+-- 'thingGroups', 'searchIndexResponse_thingGroups' - The thing groups that match the search query.
+--
+-- 'things', 'searchIndexResponse_things' - The things that match the search query.
+--
+-- 'httpStatus', 'searchIndexResponse_httpStatus' - The response's http status code.
+newSearchIndexResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  SearchIndexResponse
+newSearchIndexResponse pHttpStatus_ =
+  SearchIndexResponse'
+    { nextToken = Prelude.Nothing,
+      thingGroups = Prelude.Nothing,
+      things = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The token used to get the next set of results, or @null@ if there are no
+-- additional results.
+searchIndexResponse_nextToken :: Lens.Lens' SearchIndexResponse (Prelude.Maybe Prelude.Text)
+searchIndexResponse_nextToken = Lens.lens (\SearchIndexResponse' {nextToken} -> nextToken) (\s@SearchIndexResponse' {} a -> s {nextToken = a} :: SearchIndexResponse)
+
+-- | The thing groups that match the search query.
+searchIndexResponse_thingGroups :: Lens.Lens' SearchIndexResponse (Prelude.Maybe [ThingGroupDocument])
+searchIndexResponse_thingGroups = Lens.lens (\SearchIndexResponse' {thingGroups} -> thingGroups) (\s@SearchIndexResponse' {} a -> s {thingGroups = a} :: SearchIndexResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The things that match the search query.
+searchIndexResponse_things :: Lens.Lens' SearchIndexResponse (Prelude.Maybe [ThingDocument])
+searchIndexResponse_things = Lens.lens (\SearchIndexResponse' {things} -> things) (\s@SearchIndexResponse' {} a -> s {things = a} :: SearchIndexResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+searchIndexResponse_httpStatus :: Lens.Lens' SearchIndexResponse Prelude.Int
+searchIndexResponse_httpStatus = Lens.lens (\SearchIndexResponse' {httpStatus} -> httpStatus) (\s@SearchIndexResponse' {} a -> s {httpStatus = a} :: SearchIndexResponse)
+
+instance Prelude.NFData SearchIndexResponse where
+  rnf SearchIndexResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf thingGroups
+      `Prelude.seq` Prelude.rnf things
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/SetDefaultAuthorizer.hs b/gen/Amazonka/IoT/SetDefaultAuthorizer.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/SetDefaultAuthorizer.hs
@@ -0,0 +1,179 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.SetDefaultAuthorizer
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Sets the default authorizer. This will be used if a websocket connection
+-- is made without specifying an authorizer.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions SetDefaultAuthorizer>
+-- action.
+module Amazonka.IoT.SetDefaultAuthorizer
+  ( -- * Creating a Request
+    SetDefaultAuthorizer (..),
+    newSetDefaultAuthorizer,
+
+    -- * Request Lenses
+    setDefaultAuthorizer_authorizerName,
+
+    -- * Destructuring the Response
+    SetDefaultAuthorizerResponse (..),
+    newSetDefaultAuthorizerResponse,
+
+    -- * Response Lenses
+    setDefaultAuthorizerResponse_authorizerArn,
+    setDefaultAuthorizerResponse_authorizerName,
+    setDefaultAuthorizerResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newSetDefaultAuthorizer' smart constructor.
+data SetDefaultAuthorizer = SetDefaultAuthorizer'
+  { -- | The authorizer name.
+    authorizerName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'SetDefaultAuthorizer' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'authorizerName', 'setDefaultAuthorizer_authorizerName' - The authorizer name.
+newSetDefaultAuthorizer ::
+  -- | 'authorizerName'
+  Prelude.Text ->
+  SetDefaultAuthorizer
+newSetDefaultAuthorizer pAuthorizerName_ =
+  SetDefaultAuthorizer'
+    { authorizerName =
+        pAuthorizerName_
+    }
+
+-- | The authorizer name.
+setDefaultAuthorizer_authorizerName :: Lens.Lens' SetDefaultAuthorizer Prelude.Text
+setDefaultAuthorizer_authorizerName = Lens.lens (\SetDefaultAuthorizer' {authorizerName} -> authorizerName) (\s@SetDefaultAuthorizer' {} a -> s {authorizerName = a} :: SetDefaultAuthorizer)
+
+instance Core.AWSRequest SetDefaultAuthorizer where
+  type
+    AWSResponse SetDefaultAuthorizer =
+      SetDefaultAuthorizerResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          SetDefaultAuthorizerResponse'
+            Prelude.<$> (x Data..?> "authorizerArn")
+            Prelude.<*> (x Data..?> "authorizerName")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable SetDefaultAuthorizer where
+  hashWithSalt _salt SetDefaultAuthorizer' {..} =
+    _salt `Prelude.hashWithSalt` authorizerName
+
+instance Prelude.NFData SetDefaultAuthorizer where
+  rnf SetDefaultAuthorizer' {..} =
+    Prelude.rnf authorizerName
+
+instance Data.ToHeaders SetDefaultAuthorizer where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON SetDefaultAuthorizer where
+  toJSON SetDefaultAuthorizer' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just
+              ("authorizerName" Data..= authorizerName)
+          ]
+      )
+
+instance Data.ToPath SetDefaultAuthorizer where
+  toPath = Prelude.const "/default-authorizer"
+
+instance Data.ToQuery SetDefaultAuthorizer where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newSetDefaultAuthorizerResponse' smart constructor.
+data SetDefaultAuthorizerResponse = SetDefaultAuthorizerResponse'
+  { -- | The authorizer ARN.
+    authorizerArn :: Prelude.Maybe Prelude.Text,
+    -- | The authorizer name.
+    authorizerName :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'SetDefaultAuthorizerResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'authorizerArn', 'setDefaultAuthorizerResponse_authorizerArn' - The authorizer ARN.
+--
+-- 'authorizerName', 'setDefaultAuthorizerResponse_authorizerName' - The authorizer name.
+--
+-- 'httpStatus', 'setDefaultAuthorizerResponse_httpStatus' - The response's http status code.
+newSetDefaultAuthorizerResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  SetDefaultAuthorizerResponse
+newSetDefaultAuthorizerResponse pHttpStatus_ =
+  SetDefaultAuthorizerResponse'
+    { authorizerArn =
+        Prelude.Nothing,
+      authorizerName = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The authorizer ARN.
+setDefaultAuthorizerResponse_authorizerArn :: Lens.Lens' SetDefaultAuthorizerResponse (Prelude.Maybe Prelude.Text)
+setDefaultAuthorizerResponse_authorizerArn = Lens.lens (\SetDefaultAuthorizerResponse' {authorizerArn} -> authorizerArn) (\s@SetDefaultAuthorizerResponse' {} a -> s {authorizerArn = a} :: SetDefaultAuthorizerResponse)
+
+-- | The authorizer name.
+setDefaultAuthorizerResponse_authorizerName :: Lens.Lens' SetDefaultAuthorizerResponse (Prelude.Maybe Prelude.Text)
+setDefaultAuthorizerResponse_authorizerName = Lens.lens (\SetDefaultAuthorizerResponse' {authorizerName} -> authorizerName) (\s@SetDefaultAuthorizerResponse' {} a -> s {authorizerName = a} :: SetDefaultAuthorizerResponse)
+
+-- | The response's http status code.
+setDefaultAuthorizerResponse_httpStatus :: Lens.Lens' SetDefaultAuthorizerResponse Prelude.Int
+setDefaultAuthorizerResponse_httpStatus = Lens.lens (\SetDefaultAuthorizerResponse' {httpStatus} -> httpStatus) (\s@SetDefaultAuthorizerResponse' {} a -> s {httpStatus = a} :: SetDefaultAuthorizerResponse)
+
+instance Prelude.NFData SetDefaultAuthorizerResponse where
+  rnf SetDefaultAuthorizerResponse' {..} =
+    Prelude.rnf authorizerArn
+      `Prelude.seq` Prelude.rnf authorizerName
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/SetDefaultPolicyVersion.hs b/gen/Amazonka/IoT/SetDefaultPolicyVersion.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/SetDefaultPolicyVersion.hs
@@ -0,0 +1,156 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.SetDefaultPolicyVersion
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Sets the specified version of the specified policy as the policy\'s
+-- default (operative) version. This action affects all certificates to
+-- which the policy is attached. To list the principals the policy is
+-- attached to, use the ListPrincipalPolicies action.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions SetDefaultPolicyVersion>
+-- action.
+module Amazonka.IoT.SetDefaultPolicyVersion
+  ( -- * Creating a Request
+    SetDefaultPolicyVersion (..),
+    newSetDefaultPolicyVersion,
+
+    -- * Request Lenses
+    setDefaultPolicyVersion_policyName,
+    setDefaultPolicyVersion_policyVersionId,
+
+    -- * Destructuring the Response
+    SetDefaultPolicyVersionResponse (..),
+    newSetDefaultPolicyVersionResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the SetDefaultPolicyVersion operation.
+--
+-- /See:/ 'newSetDefaultPolicyVersion' smart constructor.
+data SetDefaultPolicyVersion = SetDefaultPolicyVersion'
+  { -- | The policy name.
+    policyName :: Prelude.Text,
+    -- | The policy version ID.
+    policyVersionId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'SetDefaultPolicyVersion' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'policyName', 'setDefaultPolicyVersion_policyName' - The policy name.
+--
+-- 'policyVersionId', 'setDefaultPolicyVersion_policyVersionId' - The policy version ID.
+newSetDefaultPolicyVersion ::
+  -- | 'policyName'
+  Prelude.Text ->
+  -- | 'policyVersionId'
+  Prelude.Text ->
+  SetDefaultPolicyVersion
+newSetDefaultPolicyVersion
+  pPolicyName_
+  pPolicyVersionId_ =
+    SetDefaultPolicyVersion'
+      { policyName = pPolicyName_,
+        policyVersionId = pPolicyVersionId_
+      }
+
+-- | The policy name.
+setDefaultPolicyVersion_policyName :: Lens.Lens' SetDefaultPolicyVersion Prelude.Text
+setDefaultPolicyVersion_policyName = Lens.lens (\SetDefaultPolicyVersion' {policyName} -> policyName) (\s@SetDefaultPolicyVersion' {} a -> s {policyName = a} :: SetDefaultPolicyVersion)
+
+-- | The policy version ID.
+setDefaultPolicyVersion_policyVersionId :: Lens.Lens' SetDefaultPolicyVersion Prelude.Text
+setDefaultPolicyVersion_policyVersionId = Lens.lens (\SetDefaultPolicyVersion' {policyVersionId} -> policyVersionId) (\s@SetDefaultPolicyVersion' {} a -> s {policyVersionId = a} :: SetDefaultPolicyVersion)
+
+instance Core.AWSRequest SetDefaultPolicyVersion where
+  type
+    AWSResponse SetDefaultPolicyVersion =
+      SetDefaultPolicyVersionResponse
+  request overrides =
+    Request.patchJSON (overrides defaultService)
+  response =
+    Response.receiveNull
+      SetDefaultPolicyVersionResponse'
+
+instance Prelude.Hashable SetDefaultPolicyVersion where
+  hashWithSalt _salt SetDefaultPolicyVersion' {..} =
+    _salt
+      `Prelude.hashWithSalt` policyName
+      `Prelude.hashWithSalt` policyVersionId
+
+instance Prelude.NFData SetDefaultPolicyVersion where
+  rnf SetDefaultPolicyVersion' {..} =
+    Prelude.rnf policyName
+      `Prelude.seq` Prelude.rnf policyVersionId
+
+instance Data.ToHeaders SetDefaultPolicyVersion where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON SetDefaultPolicyVersion where
+  toJSON = Prelude.const (Data.Object Prelude.mempty)
+
+instance Data.ToPath SetDefaultPolicyVersion where
+  toPath SetDefaultPolicyVersion' {..} =
+    Prelude.mconcat
+      [ "/policies/",
+        Data.toBS policyName,
+        "/version/",
+        Data.toBS policyVersionId
+      ]
+
+instance Data.ToQuery SetDefaultPolicyVersion where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newSetDefaultPolicyVersionResponse' smart constructor.
+data SetDefaultPolicyVersionResponse = SetDefaultPolicyVersionResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'SetDefaultPolicyVersionResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newSetDefaultPolicyVersionResponse ::
+  SetDefaultPolicyVersionResponse
+newSetDefaultPolicyVersionResponse =
+  SetDefaultPolicyVersionResponse'
+
+instance
+  Prelude.NFData
+    SetDefaultPolicyVersionResponse
+  where
+  rnf _ = ()
diff --git a/gen/Amazonka/IoT/SetLoggingOptions.hs b/gen/Amazonka/IoT/SetLoggingOptions.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/SetLoggingOptions.hs
@@ -0,0 +1,131 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.SetLoggingOptions
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Sets the logging options.
+--
+-- NOTE: use of this command is not recommended. Use @SetV2LoggingOptions@
+-- instead.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions SetLoggingOptions>
+-- action.
+module Amazonka.IoT.SetLoggingOptions
+  ( -- * Creating a Request
+    SetLoggingOptions (..),
+    newSetLoggingOptions,
+
+    -- * Request Lenses
+    setLoggingOptions_loggingOptionsPayload,
+
+    -- * Destructuring the Response
+    SetLoggingOptionsResponse (..),
+    newSetLoggingOptionsResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the SetLoggingOptions operation.
+--
+-- /See:/ 'newSetLoggingOptions' smart constructor.
+data SetLoggingOptions = SetLoggingOptions'
+  { -- | The logging options payload.
+    loggingOptionsPayload :: LoggingOptionsPayload
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'SetLoggingOptions' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'loggingOptionsPayload', 'setLoggingOptions_loggingOptionsPayload' - The logging options payload.
+newSetLoggingOptions ::
+  -- | 'loggingOptionsPayload'
+  LoggingOptionsPayload ->
+  SetLoggingOptions
+newSetLoggingOptions pLoggingOptionsPayload_ =
+  SetLoggingOptions'
+    { loggingOptionsPayload =
+        pLoggingOptionsPayload_
+    }
+
+-- | The logging options payload.
+setLoggingOptions_loggingOptionsPayload :: Lens.Lens' SetLoggingOptions LoggingOptionsPayload
+setLoggingOptions_loggingOptionsPayload = Lens.lens (\SetLoggingOptions' {loggingOptionsPayload} -> loggingOptionsPayload) (\s@SetLoggingOptions' {} a -> s {loggingOptionsPayload = a} :: SetLoggingOptions)
+
+instance Core.AWSRequest SetLoggingOptions where
+  type
+    AWSResponse SetLoggingOptions =
+      SetLoggingOptionsResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveNull SetLoggingOptionsResponse'
+
+instance Prelude.Hashable SetLoggingOptions where
+  hashWithSalt _salt SetLoggingOptions' {..} =
+    _salt `Prelude.hashWithSalt` loggingOptionsPayload
+
+instance Prelude.NFData SetLoggingOptions where
+  rnf SetLoggingOptions' {..} =
+    Prelude.rnf loggingOptionsPayload
+
+instance Data.ToHeaders SetLoggingOptions where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON SetLoggingOptions where
+  toJSON SetLoggingOptions' {..} =
+    Data.toJSON loggingOptionsPayload
+
+instance Data.ToPath SetLoggingOptions where
+  toPath = Prelude.const "/loggingOptions"
+
+instance Data.ToQuery SetLoggingOptions where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newSetLoggingOptionsResponse' smart constructor.
+data SetLoggingOptionsResponse = SetLoggingOptionsResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'SetLoggingOptionsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newSetLoggingOptionsResponse ::
+  SetLoggingOptionsResponse
+newSetLoggingOptionsResponse =
+  SetLoggingOptionsResponse'
+
+instance Prelude.NFData SetLoggingOptionsResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/IoT/SetV2LoggingLevel.hs b/gen/Amazonka/IoT/SetV2LoggingLevel.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/SetV2LoggingLevel.hs
@@ -0,0 +1,145 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.SetV2LoggingLevel
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Sets the logging level.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions SetV2LoggingLevel>
+-- action.
+module Amazonka.IoT.SetV2LoggingLevel
+  ( -- * Creating a Request
+    SetV2LoggingLevel (..),
+    newSetV2LoggingLevel,
+
+    -- * Request Lenses
+    setV2LoggingLevel_logTarget,
+    setV2LoggingLevel_logLevel,
+
+    -- * Destructuring the Response
+    SetV2LoggingLevelResponse (..),
+    newSetV2LoggingLevelResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newSetV2LoggingLevel' smart constructor.
+data SetV2LoggingLevel = SetV2LoggingLevel'
+  { -- | The log target.
+    logTarget :: LogTarget,
+    -- | The log level.
+    logLevel :: LogLevel
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'SetV2LoggingLevel' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'logTarget', 'setV2LoggingLevel_logTarget' - The log target.
+--
+-- 'logLevel', 'setV2LoggingLevel_logLevel' - The log level.
+newSetV2LoggingLevel ::
+  -- | 'logTarget'
+  LogTarget ->
+  -- | 'logLevel'
+  LogLevel ->
+  SetV2LoggingLevel
+newSetV2LoggingLevel pLogTarget_ pLogLevel_ =
+  SetV2LoggingLevel'
+    { logTarget = pLogTarget_,
+      logLevel = pLogLevel_
+    }
+
+-- | The log target.
+setV2LoggingLevel_logTarget :: Lens.Lens' SetV2LoggingLevel LogTarget
+setV2LoggingLevel_logTarget = Lens.lens (\SetV2LoggingLevel' {logTarget} -> logTarget) (\s@SetV2LoggingLevel' {} a -> s {logTarget = a} :: SetV2LoggingLevel)
+
+-- | The log level.
+setV2LoggingLevel_logLevel :: Lens.Lens' SetV2LoggingLevel LogLevel
+setV2LoggingLevel_logLevel = Lens.lens (\SetV2LoggingLevel' {logLevel} -> logLevel) (\s@SetV2LoggingLevel' {} a -> s {logLevel = a} :: SetV2LoggingLevel)
+
+instance Core.AWSRequest SetV2LoggingLevel where
+  type
+    AWSResponse SetV2LoggingLevel =
+      SetV2LoggingLevelResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveNull SetV2LoggingLevelResponse'
+
+instance Prelude.Hashable SetV2LoggingLevel where
+  hashWithSalt _salt SetV2LoggingLevel' {..} =
+    _salt
+      `Prelude.hashWithSalt` logTarget
+      `Prelude.hashWithSalt` logLevel
+
+instance Prelude.NFData SetV2LoggingLevel where
+  rnf SetV2LoggingLevel' {..} =
+    Prelude.rnf logTarget
+      `Prelude.seq` Prelude.rnf logLevel
+
+instance Data.ToHeaders SetV2LoggingLevel where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON SetV2LoggingLevel where
+  toJSON SetV2LoggingLevel' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("logTarget" Data..= logTarget),
+            Prelude.Just ("logLevel" Data..= logLevel)
+          ]
+      )
+
+instance Data.ToPath SetV2LoggingLevel where
+  toPath = Prelude.const "/v2LoggingLevel"
+
+instance Data.ToQuery SetV2LoggingLevel where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newSetV2LoggingLevelResponse' smart constructor.
+data SetV2LoggingLevelResponse = SetV2LoggingLevelResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'SetV2LoggingLevelResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newSetV2LoggingLevelResponse ::
+  SetV2LoggingLevelResponse
+newSetV2LoggingLevelResponse =
+  SetV2LoggingLevelResponse'
+
+instance Prelude.NFData SetV2LoggingLevelResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/IoT/SetV2LoggingOptions.hs b/gen/Amazonka/IoT/SetV2LoggingOptions.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/SetV2LoggingOptions.hs
@@ -0,0 +1,157 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.SetV2LoggingOptions
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Sets the logging options for the V2 logging service.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions SetV2LoggingOptions>
+-- action.
+module Amazonka.IoT.SetV2LoggingOptions
+  ( -- * Creating a Request
+    SetV2LoggingOptions (..),
+    newSetV2LoggingOptions,
+
+    -- * Request Lenses
+    setV2LoggingOptions_defaultLogLevel,
+    setV2LoggingOptions_disableAllLogs,
+    setV2LoggingOptions_roleArn,
+
+    -- * Destructuring the Response
+    SetV2LoggingOptionsResponse (..),
+    newSetV2LoggingOptionsResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newSetV2LoggingOptions' smart constructor.
+data SetV2LoggingOptions = SetV2LoggingOptions'
+  { -- | The default logging level.
+    defaultLogLevel :: Prelude.Maybe LogLevel,
+    -- | If true all logs are disabled. The default is false.
+    disableAllLogs :: Prelude.Maybe Prelude.Bool,
+    -- | The ARN of the role that allows IoT to write to Cloudwatch logs.
+    roleArn :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'SetV2LoggingOptions' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'defaultLogLevel', 'setV2LoggingOptions_defaultLogLevel' - The default logging level.
+--
+-- 'disableAllLogs', 'setV2LoggingOptions_disableAllLogs' - If true all logs are disabled. The default is false.
+--
+-- 'roleArn', 'setV2LoggingOptions_roleArn' - The ARN of the role that allows IoT to write to Cloudwatch logs.
+newSetV2LoggingOptions ::
+  SetV2LoggingOptions
+newSetV2LoggingOptions =
+  SetV2LoggingOptions'
+    { defaultLogLevel =
+        Prelude.Nothing,
+      disableAllLogs = Prelude.Nothing,
+      roleArn = Prelude.Nothing
+    }
+
+-- | The default logging level.
+setV2LoggingOptions_defaultLogLevel :: Lens.Lens' SetV2LoggingOptions (Prelude.Maybe LogLevel)
+setV2LoggingOptions_defaultLogLevel = Lens.lens (\SetV2LoggingOptions' {defaultLogLevel} -> defaultLogLevel) (\s@SetV2LoggingOptions' {} a -> s {defaultLogLevel = a} :: SetV2LoggingOptions)
+
+-- | If true all logs are disabled. The default is false.
+setV2LoggingOptions_disableAllLogs :: Lens.Lens' SetV2LoggingOptions (Prelude.Maybe Prelude.Bool)
+setV2LoggingOptions_disableAllLogs = Lens.lens (\SetV2LoggingOptions' {disableAllLogs} -> disableAllLogs) (\s@SetV2LoggingOptions' {} a -> s {disableAllLogs = a} :: SetV2LoggingOptions)
+
+-- | The ARN of the role that allows IoT to write to Cloudwatch logs.
+setV2LoggingOptions_roleArn :: Lens.Lens' SetV2LoggingOptions (Prelude.Maybe Prelude.Text)
+setV2LoggingOptions_roleArn = Lens.lens (\SetV2LoggingOptions' {roleArn} -> roleArn) (\s@SetV2LoggingOptions' {} a -> s {roleArn = a} :: SetV2LoggingOptions)
+
+instance Core.AWSRequest SetV2LoggingOptions where
+  type
+    AWSResponse SetV2LoggingOptions =
+      SetV2LoggingOptionsResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveNull SetV2LoggingOptionsResponse'
+
+instance Prelude.Hashable SetV2LoggingOptions where
+  hashWithSalt _salt SetV2LoggingOptions' {..} =
+    _salt
+      `Prelude.hashWithSalt` defaultLogLevel
+      `Prelude.hashWithSalt` disableAllLogs
+      `Prelude.hashWithSalt` roleArn
+
+instance Prelude.NFData SetV2LoggingOptions where
+  rnf SetV2LoggingOptions' {..} =
+    Prelude.rnf defaultLogLevel
+      `Prelude.seq` Prelude.rnf disableAllLogs
+      `Prelude.seq` Prelude.rnf roleArn
+
+instance Data.ToHeaders SetV2LoggingOptions where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON SetV2LoggingOptions where
+  toJSON SetV2LoggingOptions' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("defaultLogLevel" Data..=)
+              Prelude.<$> defaultLogLevel,
+            ("disableAllLogs" Data..=)
+              Prelude.<$> disableAllLogs,
+            ("roleArn" Data..=) Prelude.<$> roleArn
+          ]
+      )
+
+instance Data.ToPath SetV2LoggingOptions where
+  toPath = Prelude.const "/v2LoggingOptions"
+
+instance Data.ToQuery SetV2LoggingOptions where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newSetV2LoggingOptionsResponse' smart constructor.
+data SetV2LoggingOptionsResponse = SetV2LoggingOptionsResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'SetV2LoggingOptionsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newSetV2LoggingOptionsResponse ::
+  SetV2LoggingOptionsResponse
+newSetV2LoggingOptionsResponse =
+  SetV2LoggingOptionsResponse'
+
+instance Prelude.NFData SetV2LoggingOptionsResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/IoT/StartAuditMitigationActionsTask.hs b/gen/Amazonka/IoT/StartAuditMitigationActionsTask.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/StartAuditMitigationActionsTask.hs
@@ -0,0 +1,260 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.StartAuditMitigationActionsTask
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Starts a task that applies a set of mitigation actions to the specified
+-- target.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions StartAuditMitigationActionsTask>
+-- action.
+module Amazonka.IoT.StartAuditMitigationActionsTask
+  ( -- * Creating a Request
+    StartAuditMitigationActionsTask (..),
+    newStartAuditMitigationActionsTask,
+
+    -- * Request Lenses
+    startAuditMitigationActionsTask_taskId,
+    startAuditMitigationActionsTask_target,
+    startAuditMitigationActionsTask_auditCheckToActionsMapping,
+    startAuditMitigationActionsTask_clientRequestToken,
+
+    -- * Destructuring the Response
+    StartAuditMitigationActionsTaskResponse (..),
+    newStartAuditMitigationActionsTaskResponse,
+
+    -- * Response Lenses
+    startAuditMitigationActionsTaskResponse_taskId,
+    startAuditMitigationActionsTaskResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newStartAuditMitigationActionsTask' smart constructor.
+data StartAuditMitigationActionsTask = StartAuditMitigationActionsTask'
+  { -- | A unique identifier for the task. You can use this identifier to check
+    -- the status of the task or to cancel it.
+    taskId :: Prelude.Text,
+    -- | Specifies the audit findings to which the mitigation actions are
+    -- applied. You can apply them to a type of audit check, to all findings
+    -- from an audit, or to a specific set of findings.
+    target :: AuditMitigationActionsTaskTarget,
+    -- | For an audit check, specifies which mitigation actions to apply. Those
+    -- actions must be defined in your Amazon Web Services accounts.
+    auditCheckToActionsMapping :: Prelude.HashMap Prelude.Text (Prelude.NonEmpty Prelude.Text),
+    -- | Each audit mitigation task must have a unique client request token. If
+    -- you try to start a new task with the same token as a task that already
+    -- exists, an exception occurs. If you omit this value, a unique client
+    -- request token is generated automatically.
+    clientRequestToken :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'StartAuditMitigationActionsTask' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'taskId', 'startAuditMitigationActionsTask_taskId' - A unique identifier for the task. You can use this identifier to check
+-- the status of the task or to cancel it.
+--
+-- 'target', 'startAuditMitigationActionsTask_target' - Specifies the audit findings to which the mitigation actions are
+-- applied. You can apply them to a type of audit check, to all findings
+-- from an audit, or to a specific set of findings.
+--
+-- 'auditCheckToActionsMapping', 'startAuditMitigationActionsTask_auditCheckToActionsMapping' - For an audit check, specifies which mitigation actions to apply. Those
+-- actions must be defined in your Amazon Web Services accounts.
+--
+-- 'clientRequestToken', 'startAuditMitigationActionsTask_clientRequestToken' - Each audit mitigation task must have a unique client request token. If
+-- you try to start a new task with the same token as a task that already
+-- exists, an exception occurs. If you omit this value, a unique client
+-- request token is generated automatically.
+newStartAuditMitigationActionsTask ::
+  -- | 'taskId'
+  Prelude.Text ->
+  -- | 'target'
+  AuditMitigationActionsTaskTarget ->
+  -- | 'clientRequestToken'
+  Prelude.Text ->
+  StartAuditMitigationActionsTask
+newStartAuditMitigationActionsTask
+  pTaskId_
+  pTarget_
+  pClientRequestToken_ =
+    StartAuditMitigationActionsTask'
+      { taskId = pTaskId_,
+        target = pTarget_,
+        auditCheckToActionsMapping =
+          Prelude.mempty,
+        clientRequestToken = pClientRequestToken_
+      }
+
+-- | A unique identifier for the task. You can use this identifier to check
+-- the status of the task or to cancel it.
+startAuditMitigationActionsTask_taskId :: Lens.Lens' StartAuditMitigationActionsTask Prelude.Text
+startAuditMitigationActionsTask_taskId = Lens.lens (\StartAuditMitigationActionsTask' {taskId} -> taskId) (\s@StartAuditMitigationActionsTask' {} a -> s {taskId = a} :: StartAuditMitigationActionsTask)
+
+-- | Specifies the audit findings to which the mitigation actions are
+-- applied. You can apply them to a type of audit check, to all findings
+-- from an audit, or to a specific set of findings.
+startAuditMitigationActionsTask_target :: Lens.Lens' StartAuditMitigationActionsTask AuditMitigationActionsTaskTarget
+startAuditMitigationActionsTask_target = Lens.lens (\StartAuditMitigationActionsTask' {target} -> target) (\s@StartAuditMitigationActionsTask' {} a -> s {target = a} :: StartAuditMitigationActionsTask)
+
+-- | For an audit check, specifies which mitigation actions to apply. Those
+-- actions must be defined in your Amazon Web Services accounts.
+startAuditMitigationActionsTask_auditCheckToActionsMapping :: Lens.Lens' StartAuditMitigationActionsTask (Prelude.HashMap Prelude.Text (Prelude.NonEmpty Prelude.Text))
+startAuditMitigationActionsTask_auditCheckToActionsMapping = Lens.lens (\StartAuditMitigationActionsTask' {auditCheckToActionsMapping} -> auditCheckToActionsMapping) (\s@StartAuditMitigationActionsTask' {} a -> s {auditCheckToActionsMapping = a} :: StartAuditMitigationActionsTask) Prelude.. Lens.coerced
+
+-- | Each audit mitigation task must have a unique client request token. If
+-- you try to start a new task with the same token as a task that already
+-- exists, an exception occurs. If you omit this value, a unique client
+-- request token is generated automatically.
+startAuditMitigationActionsTask_clientRequestToken :: Lens.Lens' StartAuditMitigationActionsTask Prelude.Text
+startAuditMitigationActionsTask_clientRequestToken = Lens.lens (\StartAuditMitigationActionsTask' {clientRequestToken} -> clientRequestToken) (\s@StartAuditMitigationActionsTask' {} a -> s {clientRequestToken = a} :: StartAuditMitigationActionsTask)
+
+instance
+  Core.AWSRequest
+    StartAuditMitigationActionsTask
+  where
+  type
+    AWSResponse StartAuditMitigationActionsTask =
+      StartAuditMitigationActionsTaskResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          StartAuditMitigationActionsTaskResponse'
+            Prelude.<$> (x Data..?> "taskId")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    StartAuditMitigationActionsTask
+  where
+  hashWithSalt
+    _salt
+    StartAuditMitigationActionsTask' {..} =
+      _salt
+        `Prelude.hashWithSalt` taskId
+        `Prelude.hashWithSalt` target
+        `Prelude.hashWithSalt` auditCheckToActionsMapping
+        `Prelude.hashWithSalt` clientRequestToken
+
+instance
+  Prelude.NFData
+    StartAuditMitigationActionsTask
+  where
+  rnf StartAuditMitigationActionsTask' {..} =
+    Prelude.rnf taskId
+      `Prelude.seq` Prelude.rnf target
+      `Prelude.seq` Prelude.rnf auditCheckToActionsMapping
+      `Prelude.seq` Prelude.rnf clientRequestToken
+
+instance
+  Data.ToHeaders
+    StartAuditMitigationActionsTask
+  where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON StartAuditMitigationActionsTask where
+  toJSON StartAuditMitigationActionsTask' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("target" Data..= target),
+            Prelude.Just
+              ( "auditCheckToActionsMapping"
+                  Data..= auditCheckToActionsMapping
+              ),
+            Prelude.Just
+              ("clientRequestToken" Data..= clientRequestToken)
+          ]
+      )
+
+instance Data.ToPath StartAuditMitigationActionsTask where
+  toPath StartAuditMitigationActionsTask' {..} =
+    Prelude.mconcat
+      ["/audit/mitigationactions/tasks/", Data.toBS taskId]
+
+instance Data.ToQuery StartAuditMitigationActionsTask where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newStartAuditMitigationActionsTaskResponse' smart constructor.
+data StartAuditMitigationActionsTaskResponse = StartAuditMitigationActionsTaskResponse'
+  { -- | The unique identifier for the audit mitigation task. This matches the
+    -- @taskId@ that you specified in the request.
+    taskId :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'StartAuditMitigationActionsTaskResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'taskId', 'startAuditMitigationActionsTaskResponse_taskId' - The unique identifier for the audit mitigation task. This matches the
+-- @taskId@ that you specified in the request.
+--
+-- 'httpStatus', 'startAuditMitigationActionsTaskResponse_httpStatus' - The response's http status code.
+newStartAuditMitigationActionsTaskResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  StartAuditMitigationActionsTaskResponse
+newStartAuditMitigationActionsTaskResponse
+  pHttpStatus_ =
+    StartAuditMitigationActionsTaskResponse'
+      { taskId =
+          Prelude.Nothing,
+        httpStatus = pHttpStatus_
+      }
+
+-- | The unique identifier for the audit mitigation task. This matches the
+-- @taskId@ that you specified in the request.
+startAuditMitigationActionsTaskResponse_taskId :: Lens.Lens' StartAuditMitigationActionsTaskResponse (Prelude.Maybe Prelude.Text)
+startAuditMitigationActionsTaskResponse_taskId = Lens.lens (\StartAuditMitigationActionsTaskResponse' {taskId} -> taskId) (\s@StartAuditMitigationActionsTaskResponse' {} a -> s {taskId = a} :: StartAuditMitigationActionsTaskResponse)
+
+-- | The response's http status code.
+startAuditMitigationActionsTaskResponse_httpStatus :: Lens.Lens' StartAuditMitigationActionsTaskResponse Prelude.Int
+startAuditMitigationActionsTaskResponse_httpStatus = Lens.lens (\StartAuditMitigationActionsTaskResponse' {httpStatus} -> httpStatus) (\s@StartAuditMitigationActionsTaskResponse' {} a -> s {httpStatus = a} :: StartAuditMitigationActionsTaskResponse)
+
+instance
+  Prelude.NFData
+    StartAuditMitigationActionsTaskResponse
+  where
+  rnf StartAuditMitigationActionsTaskResponse' {..} =
+    Prelude.rnf taskId
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/StartDetectMitigationActionsTask.hs b/gen/Amazonka/IoT/StartDetectMitigationActionsTask.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/StartDetectMitigationActionsTask.hs
@@ -0,0 +1,295 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.StartDetectMitigationActionsTask
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Starts a Device Defender ML Detect mitigation actions task.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions StartDetectMitigationActionsTask>
+-- action.
+module Amazonka.IoT.StartDetectMitigationActionsTask
+  ( -- * Creating a Request
+    StartDetectMitigationActionsTask (..),
+    newStartDetectMitigationActionsTask,
+
+    -- * Request Lenses
+    startDetectMitigationActionsTask_includeOnlyActiveViolations,
+    startDetectMitigationActionsTask_includeSuppressedAlerts,
+    startDetectMitigationActionsTask_violationEventOccurrenceRange,
+    startDetectMitigationActionsTask_taskId,
+    startDetectMitigationActionsTask_target,
+    startDetectMitigationActionsTask_actions,
+    startDetectMitigationActionsTask_clientRequestToken,
+
+    -- * Destructuring the Response
+    StartDetectMitigationActionsTaskResponse (..),
+    newStartDetectMitigationActionsTaskResponse,
+
+    -- * Response Lenses
+    startDetectMitigationActionsTaskResponse_taskId,
+    startDetectMitigationActionsTaskResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newStartDetectMitigationActionsTask' smart constructor.
+data StartDetectMitigationActionsTask = StartDetectMitigationActionsTask'
+  { -- | Specifies to list only active violations.
+    includeOnlyActiveViolations :: Prelude.Maybe Prelude.Bool,
+    -- | Specifies to include suppressed alerts.
+    includeSuppressedAlerts :: Prelude.Maybe Prelude.Bool,
+    -- | Specifies the time period of which violation events occurred between.
+    violationEventOccurrenceRange :: Prelude.Maybe ViolationEventOccurrenceRange,
+    -- | The unique identifier of the task.
+    taskId :: Prelude.Text,
+    -- | Specifies the ML Detect findings to which the mitigation actions are
+    -- applied.
+    target :: DetectMitigationActionsTaskTarget,
+    -- | The actions to be performed when a device has unexpected behavior.
+    actions :: Prelude.NonEmpty Prelude.Text,
+    -- | Each mitigation action task must have a unique client request token. If
+    -- you try to create a new task with the same token as a task that already
+    -- exists, an exception occurs. If you omit this value, Amazon Web Services
+    -- SDKs will automatically generate a unique client request.
+    clientRequestToken :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'StartDetectMitigationActionsTask' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'includeOnlyActiveViolations', 'startDetectMitigationActionsTask_includeOnlyActiveViolations' - Specifies to list only active violations.
+--
+-- 'includeSuppressedAlerts', 'startDetectMitigationActionsTask_includeSuppressedAlerts' - Specifies to include suppressed alerts.
+--
+-- 'violationEventOccurrenceRange', 'startDetectMitigationActionsTask_violationEventOccurrenceRange' - Specifies the time period of which violation events occurred between.
+--
+-- 'taskId', 'startDetectMitigationActionsTask_taskId' - The unique identifier of the task.
+--
+-- 'target', 'startDetectMitigationActionsTask_target' - Specifies the ML Detect findings to which the mitigation actions are
+-- applied.
+--
+-- 'actions', 'startDetectMitigationActionsTask_actions' - The actions to be performed when a device has unexpected behavior.
+--
+-- 'clientRequestToken', 'startDetectMitigationActionsTask_clientRequestToken' - Each mitigation action task must have a unique client request token. If
+-- you try to create a new task with the same token as a task that already
+-- exists, an exception occurs. If you omit this value, Amazon Web Services
+-- SDKs will automatically generate a unique client request.
+newStartDetectMitigationActionsTask ::
+  -- | 'taskId'
+  Prelude.Text ->
+  -- | 'target'
+  DetectMitigationActionsTaskTarget ->
+  -- | 'actions'
+  Prelude.NonEmpty Prelude.Text ->
+  -- | 'clientRequestToken'
+  Prelude.Text ->
+  StartDetectMitigationActionsTask
+newStartDetectMitigationActionsTask
+  pTaskId_
+  pTarget_
+  pActions_
+  pClientRequestToken_ =
+    StartDetectMitigationActionsTask'
+      { includeOnlyActiveViolations =
+          Prelude.Nothing,
+        includeSuppressedAlerts = Prelude.Nothing,
+        violationEventOccurrenceRange =
+          Prelude.Nothing,
+        taskId = pTaskId_,
+        target = pTarget_,
+        actions = Lens.coerced Lens.# pActions_,
+        clientRequestToken = pClientRequestToken_
+      }
+
+-- | Specifies to list only active violations.
+startDetectMitigationActionsTask_includeOnlyActiveViolations :: Lens.Lens' StartDetectMitigationActionsTask (Prelude.Maybe Prelude.Bool)
+startDetectMitigationActionsTask_includeOnlyActiveViolations = Lens.lens (\StartDetectMitigationActionsTask' {includeOnlyActiveViolations} -> includeOnlyActiveViolations) (\s@StartDetectMitigationActionsTask' {} a -> s {includeOnlyActiveViolations = a} :: StartDetectMitigationActionsTask)
+
+-- | Specifies to include suppressed alerts.
+startDetectMitigationActionsTask_includeSuppressedAlerts :: Lens.Lens' StartDetectMitigationActionsTask (Prelude.Maybe Prelude.Bool)
+startDetectMitigationActionsTask_includeSuppressedAlerts = Lens.lens (\StartDetectMitigationActionsTask' {includeSuppressedAlerts} -> includeSuppressedAlerts) (\s@StartDetectMitigationActionsTask' {} a -> s {includeSuppressedAlerts = a} :: StartDetectMitigationActionsTask)
+
+-- | Specifies the time period of which violation events occurred between.
+startDetectMitigationActionsTask_violationEventOccurrenceRange :: Lens.Lens' StartDetectMitigationActionsTask (Prelude.Maybe ViolationEventOccurrenceRange)
+startDetectMitigationActionsTask_violationEventOccurrenceRange = Lens.lens (\StartDetectMitigationActionsTask' {violationEventOccurrenceRange} -> violationEventOccurrenceRange) (\s@StartDetectMitigationActionsTask' {} a -> s {violationEventOccurrenceRange = a} :: StartDetectMitigationActionsTask)
+
+-- | The unique identifier of the task.
+startDetectMitigationActionsTask_taskId :: Lens.Lens' StartDetectMitigationActionsTask Prelude.Text
+startDetectMitigationActionsTask_taskId = Lens.lens (\StartDetectMitigationActionsTask' {taskId} -> taskId) (\s@StartDetectMitigationActionsTask' {} a -> s {taskId = a} :: StartDetectMitigationActionsTask)
+
+-- | Specifies the ML Detect findings to which the mitigation actions are
+-- applied.
+startDetectMitigationActionsTask_target :: Lens.Lens' StartDetectMitigationActionsTask DetectMitigationActionsTaskTarget
+startDetectMitigationActionsTask_target = Lens.lens (\StartDetectMitigationActionsTask' {target} -> target) (\s@StartDetectMitigationActionsTask' {} a -> s {target = a} :: StartDetectMitigationActionsTask)
+
+-- | The actions to be performed when a device has unexpected behavior.
+startDetectMitigationActionsTask_actions :: Lens.Lens' StartDetectMitigationActionsTask (Prelude.NonEmpty Prelude.Text)
+startDetectMitigationActionsTask_actions = Lens.lens (\StartDetectMitigationActionsTask' {actions} -> actions) (\s@StartDetectMitigationActionsTask' {} a -> s {actions = a} :: StartDetectMitigationActionsTask) Prelude.. Lens.coerced
+
+-- | Each mitigation action task must have a unique client request token. If
+-- you try to create a new task with the same token as a task that already
+-- exists, an exception occurs. If you omit this value, Amazon Web Services
+-- SDKs will automatically generate a unique client request.
+startDetectMitigationActionsTask_clientRequestToken :: Lens.Lens' StartDetectMitigationActionsTask Prelude.Text
+startDetectMitigationActionsTask_clientRequestToken = Lens.lens (\StartDetectMitigationActionsTask' {clientRequestToken} -> clientRequestToken) (\s@StartDetectMitigationActionsTask' {} a -> s {clientRequestToken = a} :: StartDetectMitigationActionsTask)
+
+instance
+  Core.AWSRequest
+    StartDetectMitigationActionsTask
+  where
+  type
+    AWSResponse StartDetectMitigationActionsTask =
+      StartDetectMitigationActionsTaskResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          StartDetectMitigationActionsTaskResponse'
+            Prelude.<$> (x Data..?> "taskId")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    StartDetectMitigationActionsTask
+  where
+  hashWithSalt
+    _salt
+    StartDetectMitigationActionsTask' {..} =
+      _salt
+        `Prelude.hashWithSalt` includeOnlyActiveViolations
+        `Prelude.hashWithSalt` includeSuppressedAlerts
+        `Prelude.hashWithSalt` violationEventOccurrenceRange
+        `Prelude.hashWithSalt` taskId
+        `Prelude.hashWithSalt` target
+        `Prelude.hashWithSalt` actions
+        `Prelude.hashWithSalt` clientRequestToken
+
+instance
+  Prelude.NFData
+    StartDetectMitigationActionsTask
+  where
+  rnf StartDetectMitigationActionsTask' {..} =
+    Prelude.rnf includeOnlyActiveViolations
+      `Prelude.seq` Prelude.rnf includeSuppressedAlerts
+      `Prelude.seq` Prelude.rnf violationEventOccurrenceRange
+      `Prelude.seq` Prelude.rnf taskId
+      `Prelude.seq` Prelude.rnf target
+      `Prelude.seq` Prelude.rnf actions
+      `Prelude.seq` Prelude.rnf clientRequestToken
+
+instance
+  Data.ToHeaders
+    StartDetectMitigationActionsTask
+  where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON StartDetectMitigationActionsTask where
+  toJSON StartDetectMitigationActionsTask' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("includeOnlyActiveViolations" Data..=)
+              Prelude.<$> includeOnlyActiveViolations,
+            ("includeSuppressedAlerts" Data..=)
+              Prelude.<$> includeSuppressedAlerts,
+            ("violationEventOccurrenceRange" Data..=)
+              Prelude.<$> violationEventOccurrenceRange,
+            Prelude.Just ("target" Data..= target),
+            Prelude.Just ("actions" Data..= actions),
+            Prelude.Just
+              ("clientRequestToken" Data..= clientRequestToken)
+          ]
+      )
+
+instance Data.ToPath StartDetectMitigationActionsTask where
+  toPath StartDetectMitigationActionsTask' {..} =
+    Prelude.mconcat
+      [ "/detect/mitigationactions/tasks/",
+        Data.toBS taskId
+      ]
+
+instance
+  Data.ToQuery
+    StartDetectMitigationActionsTask
+  where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newStartDetectMitigationActionsTaskResponse' smart constructor.
+data StartDetectMitigationActionsTaskResponse = StartDetectMitigationActionsTaskResponse'
+  { -- | The unique identifier of the task.
+    taskId :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'StartDetectMitigationActionsTaskResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'taskId', 'startDetectMitigationActionsTaskResponse_taskId' - The unique identifier of the task.
+--
+-- 'httpStatus', 'startDetectMitigationActionsTaskResponse_httpStatus' - The response's http status code.
+newStartDetectMitigationActionsTaskResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  StartDetectMitigationActionsTaskResponse
+newStartDetectMitigationActionsTaskResponse
+  pHttpStatus_ =
+    StartDetectMitigationActionsTaskResponse'
+      { taskId =
+          Prelude.Nothing,
+        httpStatus = pHttpStatus_
+      }
+
+-- | The unique identifier of the task.
+startDetectMitigationActionsTaskResponse_taskId :: Lens.Lens' StartDetectMitigationActionsTaskResponse (Prelude.Maybe Prelude.Text)
+startDetectMitigationActionsTaskResponse_taskId = Lens.lens (\StartDetectMitigationActionsTaskResponse' {taskId} -> taskId) (\s@StartDetectMitigationActionsTaskResponse' {} a -> s {taskId = a} :: StartDetectMitigationActionsTaskResponse)
+
+-- | The response's http status code.
+startDetectMitigationActionsTaskResponse_httpStatus :: Lens.Lens' StartDetectMitigationActionsTaskResponse Prelude.Int
+startDetectMitigationActionsTaskResponse_httpStatus = Lens.lens (\StartDetectMitigationActionsTaskResponse' {httpStatus} -> httpStatus) (\s@StartDetectMitigationActionsTaskResponse' {} a -> s {httpStatus = a} :: StartDetectMitigationActionsTaskResponse)
+
+instance
+  Prelude.NFData
+    StartDetectMitigationActionsTaskResponse
+  where
+  rnf StartDetectMitigationActionsTaskResponse' {..} =
+    Prelude.rnf taskId
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/StartOnDemandAuditTask.hs b/gen/Amazonka/IoT/StartOnDemandAuditTask.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/StartOnDemandAuditTask.hs
@@ -0,0 +1,179 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.StartOnDemandAuditTask
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Starts an on-demand Device Defender audit.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions StartOnDemandAuditTask>
+-- action.
+module Amazonka.IoT.StartOnDemandAuditTask
+  ( -- * Creating a Request
+    StartOnDemandAuditTask (..),
+    newStartOnDemandAuditTask,
+
+    -- * Request Lenses
+    startOnDemandAuditTask_targetCheckNames,
+
+    -- * Destructuring the Response
+    StartOnDemandAuditTaskResponse (..),
+    newStartOnDemandAuditTaskResponse,
+
+    -- * Response Lenses
+    startOnDemandAuditTaskResponse_taskId,
+    startOnDemandAuditTaskResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newStartOnDemandAuditTask' smart constructor.
+data StartOnDemandAuditTask = StartOnDemandAuditTask'
+  { -- | Which checks are performed during the audit. The checks you specify must
+    -- be enabled for your account or an exception occurs. Use
+    -- @DescribeAccountAuditConfiguration@ to see the list of all checks,
+    -- including those that are enabled or @UpdateAccountAuditConfiguration@ to
+    -- select which checks are enabled.
+    targetCheckNames :: [Prelude.Text]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'StartOnDemandAuditTask' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'targetCheckNames', 'startOnDemandAuditTask_targetCheckNames' - Which checks are performed during the audit. The checks you specify must
+-- be enabled for your account or an exception occurs. Use
+-- @DescribeAccountAuditConfiguration@ to see the list of all checks,
+-- including those that are enabled or @UpdateAccountAuditConfiguration@ to
+-- select which checks are enabled.
+newStartOnDemandAuditTask ::
+  StartOnDemandAuditTask
+newStartOnDemandAuditTask =
+  StartOnDemandAuditTask'
+    { targetCheckNames =
+        Prelude.mempty
+    }
+
+-- | Which checks are performed during the audit. The checks you specify must
+-- be enabled for your account or an exception occurs. Use
+-- @DescribeAccountAuditConfiguration@ to see the list of all checks,
+-- including those that are enabled or @UpdateAccountAuditConfiguration@ to
+-- select which checks are enabled.
+startOnDemandAuditTask_targetCheckNames :: Lens.Lens' StartOnDemandAuditTask [Prelude.Text]
+startOnDemandAuditTask_targetCheckNames = Lens.lens (\StartOnDemandAuditTask' {targetCheckNames} -> targetCheckNames) (\s@StartOnDemandAuditTask' {} a -> s {targetCheckNames = a} :: StartOnDemandAuditTask) Prelude.. Lens.coerced
+
+instance Core.AWSRequest StartOnDemandAuditTask where
+  type
+    AWSResponse StartOnDemandAuditTask =
+      StartOnDemandAuditTaskResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          StartOnDemandAuditTaskResponse'
+            Prelude.<$> (x Data..?> "taskId")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable StartOnDemandAuditTask where
+  hashWithSalt _salt StartOnDemandAuditTask' {..} =
+    _salt `Prelude.hashWithSalt` targetCheckNames
+
+instance Prelude.NFData StartOnDemandAuditTask where
+  rnf StartOnDemandAuditTask' {..} =
+    Prelude.rnf targetCheckNames
+
+instance Data.ToHeaders StartOnDemandAuditTask where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON StartOnDemandAuditTask where
+  toJSON StartOnDemandAuditTask' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just
+              ("targetCheckNames" Data..= targetCheckNames)
+          ]
+      )
+
+instance Data.ToPath StartOnDemandAuditTask where
+  toPath = Prelude.const "/audit/tasks"
+
+instance Data.ToQuery StartOnDemandAuditTask where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newStartOnDemandAuditTaskResponse' smart constructor.
+data StartOnDemandAuditTaskResponse = StartOnDemandAuditTaskResponse'
+  { -- | The ID of the on-demand audit you started.
+    taskId :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'StartOnDemandAuditTaskResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'taskId', 'startOnDemandAuditTaskResponse_taskId' - The ID of the on-demand audit you started.
+--
+-- 'httpStatus', 'startOnDemandAuditTaskResponse_httpStatus' - The response's http status code.
+newStartOnDemandAuditTaskResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  StartOnDemandAuditTaskResponse
+newStartOnDemandAuditTaskResponse pHttpStatus_ =
+  StartOnDemandAuditTaskResponse'
+    { taskId =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The ID of the on-demand audit you started.
+startOnDemandAuditTaskResponse_taskId :: Lens.Lens' StartOnDemandAuditTaskResponse (Prelude.Maybe Prelude.Text)
+startOnDemandAuditTaskResponse_taskId = Lens.lens (\StartOnDemandAuditTaskResponse' {taskId} -> taskId) (\s@StartOnDemandAuditTaskResponse' {} a -> s {taskId = a} :: StartOnDemandAuditTaskResponse)
+
+-- | The response's http status code.
+startOnDemandAuditTaskResponse_httpStatus :: Lens.Lens' StartOnDemandAuditTaskResponse Prelude.Int
+startOnDemandAuditTaskResponse_httpStatus = Lens.lens (\StartOnDemandAuditTaskResponse' {httpStatus} -> httpStatus) (\s@StartOnDemandAuditTaskResponse' {} a -> s {httpStatus = a} :: StartOnDemandAuditTaskResponse)
+
+instance
+  Prelude.NFData
+    StartOnDemandAuditTaskResponse
+  where
+  rnf StartOnDemandAuditTaskResponse' {..} =
+    Prelude.rnf taskId
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/StartThingRegistrationTask.hs b/gen/Amazonka/IoT/StartThingRegistrationTask.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/StartThingRegistrationTask.hs
@@ -0,0 +1,225 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.StartThingRegistrationTask
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a bulk thing provisioning task.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions StartThingRegistrationTask>
+-- action.
+module Amazonka.IoT.StartThingRegistrationTask
+  ( -- * Creating a Request
+    StartThingRegistrationTask (..),
+    newStartThingRegistrationTask,
+
+    -- * Request Lenses
+    startThingRegistrationTask_templateBody,
+    startThingRegistrationTask_inputFileBucket,
+    startThingRegistrationTask_inputFileKey,
+    startThingRegistrationTask_roleArn,
+
+    -- * Destructuring the Response
+    StartThingRegistrationTaskResponse (..),
+    newStartThingRegistrationTaskResponse,
+
+    -- * Response Lenses
+    startThingRegistrationTaskResponse_taskId,
+    startThingRegistrationTaskResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newStartThingRegistrationTask' smart constructor.
+data StartThingRegistrationTask = StartThingRegistrationTask'
+  { -- | The provisioning template.
+    templateBody :: Prelude.Text,
+    -- | The S3 bucket that contains the input file.
+    inputFileBucket :: Prelude.Text,
+    -- | The name of input file within the S3 bucket. This file contains a
+    -- newline delimited JSON file. Each line contains the parameter values to
+    -- provision one device (thing).
+    inputFileKey :: Prelude.Text,
+    -- | The IAM role ARN that grants permission the input file.
+    roleArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'StartThingRegistrationTask' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'templateBody', 'startThingRegistrationTask_templateBody' - The provisioning template.
+--
+-- 'inputFileBucket', 'startThingRegistrationTask_inputFileBucket' - The S3 bucket that contains the input file.
+--
+-- 'inputFileKey', 'startThingRegistrationTask_inputFileKey' - The name of input file within the S3 bucket. This file contains a
+-- newline delimited JSON file. Each line contains the parameter values to
+-- provision one device (thing).
+--
+-- 'roleArn', 'startThingRegistrationTask_roleArn' - The IAM role ARN that grants permission the input file.
+newStartThingRegistrationTask ::
+  -- | 'templateBody'
+  Prelude.Text ->
+  -- | 'inputFileBucket'
+  Prelude.Text ->
+  -- | 'inputFileKey'
+  Prelude.Text ->
+  -- | 'roleArn'
+  Prelude.Text ->
+  StartThingRegistrationTask
+newStartThingRegistrationTask
+  pTemplateBody_
+  pInputFileBucket_
+  pInputFileKey_
+  pRoleArn_ =
+    StartThingRegistrationTask'
+      { templateBody =
+          pTemplateBody_,
+        inputFileBucket = pInputFileBucket_,
+        inputFileKey = pInputFileKey_,
+        roleArn = pRoleArn_
+      }
+
+-- | The provisioning template.
+startThingRegistrationTask_templateBody :: Lens.Lens' StartThingRegistrationTask Prelude.Text
+startThingRegistrationTask_templateBody = Lens.lens (\StartThingRegistrationTask' {templateBody} -> templateBody) (\s@StartThingRegistrationTask' {} a -> s {templateBody = a} :: StartThingRegistrationTask)
+
+-- | The S3 bucket that contains the input file.
+startThingRegistrationTask_inputFileBucket :: Lens.Lens' StartThingRegistrationTask Prelude.Text
+startThingRegistrationTask_inputFileBucket = Lens.lens (\StartThingRegistrationTask' {inputFileBucket} -> inputFileBucket) (\s@StartThingRegistrationTask' {} a -> s {inputFileBucket = a} :: StartThingRegistrationTask)
+
+-- | The name of input file within the S3 bucket. This file contains a
+-- newline delimited JSON file. Each line contains the parameter values to
+-- provision one device (thing).
+startThingRegistrationTask_inputFileKey :: Lens.Lens' StartThingRegistrationTask Prelude.Text
+startThingRegistrationTask_inputFileKey = Lens.lens (\StartThingRegistrationTask' {inputFileKey} -> inputFileKey) (\s@StartThingRegistrationTask' {} a -> s {inputFileKey = a} :: StartThingRegistrationTask)
+
+-- | The IAM role ARN that grants permission the input file.
+startThingRegistrationTask_roleArn :: Lens.Lens' StartThingRegistrationTask Prelude.Text
+startThingRegistrationTask_roleArn = Lens.lens (\StartThingRegistrationTask' {roleArn} -> roleArn) (\s@StartThingRegistrationTask' {} a -> s {roleArn = a} :: StartThingRegistrationTask)
+
+instance Core.AWSRequest StartThingRegistrationTask where
+  type
+    AWSResponse StartThingRegistrationTask =
+      StartThingRegistrationTaskResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          StartThingRegistrationTaskResponse'
+            Prelude.<$> (x Data..?> "taskId")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable StartThingRegistrationTask where
+  hashWithSalt _salt StartThingRegistrationTask' {..} =
+    _salt
+      `Prelude.hashWithSalt` templateBody
+      `Prelude.hashWithSalt` inputFileBucket
+      `Prelude.hashWithSalt` inputFileKey
+      `Prelude.hashWithSalt` roleArn
+
+instance Prelude.NFData StartThingRegistrationTask where
+  rnf StartThingRegistrationTask' {..} =
+    Prelude.rnf templateBody
+      `Prelude.seq` Prelude.rnf inputFileBucket
+      `Prelude.seq` Prelude.rnf inputFileKey
+      `Prelude.seq` Prelude.rnf roleArn
+
+instance Data.ToHeaders StartThingRegistrationTask where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON StartThingRegistrationTask where
+  toJSON StartThingRegistrationTask' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("templateBody" Data..= templateBody),
+            Prelude.Just
+              ("inputFileBucket" Data..= inputFileBucket),
+            Prelude.Just ("inputFileKey" Data..= inputFileKey),
+            Prelude.Just ("roleArn" Data..= roleArn)
+          ]
+      )
+
+instance Data.ToPath StartThingRegistrationTask where
+  toPath = Prelude.const "/thing-registration-tasks"
+
+instance Data.ToQuery StartThingRegistrationTask where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newStartThingRegistrationTaskResponse' smart constructor.
+data StartThingRegistrationTaskResponse = StartThingRegistrationTaskResponse'
+  { -- | The bulk thing provisioning task ID.
+    taskId :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'StartThingRegistrationTaskResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'taskId', 'startThingRegistrationTaskResponse_taskId' - The bulk thing provisioning task ID.
+--
+-- 'httpStatus', 'startThingRegistrationTaskResponse_httpStatus' - The response's http status code.
+newStartThingRegistrationTaskResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  StartThingRegistrationTaskResponse
+newStartThingRegistrationTaskResponse pHttpStatus_ =
+  StartThingRegistrationTaskResponse'
+    { taskId =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The bulk thing provisioning task ID.
+startThingRegistrationTaskResponse_taskId :: Lens.Lens' StartThingRegistrationTaskResponse (Prelude.Maybe Prelude.Text)
+startThingRegistrationTaskResponse_taskId = Lens.lens (\StartThingRegistrationTaskResponse' {taskId} -> taskId) (\s@StartThingRegistrationTaskResponse' {} a -> s {taskId = a} :: StartThingRegistrationTaskResponse)
+
+-- | The response's http status code.
+startThingRegistrationTaskResponse_httpStatus :: Lens.Lens' StartThingRegistrationTaskResponse Prelude.Int
+startThingRegistrationTaskResponse_httpStatus = Lens.lens (\StartThingRegistrationTaskResponse' {httpStatus} -> httpStatus) (\s@StartThingRegistrationTaskResponse' {} a -> s {httpStatus = a} :: StartThingRegistrationTaskResponse)
+
+instance
+  Prelude.NFData
+    StartThingRegistrationTaskResponse
+  where
+  rnf StartThingRegistrationTaskResponse' {..} =
+    Prelude.rnf taskId
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/StopThingRegistrationTask.hs b/gen/Amazonka/IoT/StopThingRegistrationTask.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/StopThingRegistrationTask.hs
@@ -0,0 +1,153 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.StopThingRegistrationTask
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Cancels a bulk thing provisioning task.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions StopThingRegistrationTask>
+-- action.
+module Amazonka.IoT.StopThingRegistrationTask
+  ( -- * Creating a Request
+    StopThingRegistrationTask (..),
+    newStopThingRegistrationTask,
+
+    -- * Request Lenses
+    stopThingRegistrationTask_taskId,
+
+    -- * Destructuring the Response
+    StopThingRegistrationTaskResponse (..),
+    newStopThingRegistrationTaskResponse,
+
+    -- * Response Lenses
+    stopThingRegistrationTaskResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newStopThingRegistrationTask' smart constructor.
+data StopThingRegistrationTask = StopThingRegistrationTask'
+  { -- | The bulk thing provisioning task ID.
+    taskId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'StopThingRegistrationTask' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'taskId', 'stopThingRegistrationTask_taskId' - The bulk thing provisioning task ID.
+newStopThingRegistrationTask ::
+  -- | 'taskId'
+  Prelude.Text ->
+  StopThingRegistrationTask
+newStopThingRegistrationTask pTaskId_ =
+  StopThingRegistrationTask' {taskId = pTaskId_}
+
+-- | The bulk thing provisioning task ID.
+stopThingRegistrationTask_taskId :: Lens.Lens' StopThingRegistrationTask Prelude.Text
+stopThingRegistrationTask_taskId = Lens.lens (\StopThingRegistrationTask' {taskId} -> taskId) (\s@StopThingRegistrationTask' {} a -> s {taskId = a} :: StopThingRegistrationTask)
+
+instance Core.AWSRequest StopThingRegistrationTask where
+  type
+    AWSResponse StopThingRegistrationTask =
+      StopThingRegistrationTaskResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          StopThingRegistrationTaskResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable StopThingRegistrationTask where
+  hashWithSalt _salt StopThingRegistrationTask' {..} =
+    _salt `Prelude.hashWithSalt` taskId
+
+instance Prelude.NFData StopThingRegistrationTask where
+  rnf StopThingRegistrationTask' {..} =
+    Prelude.rnf taskId
+
+instance Data.ToHeaders StopThingRegistrationTask where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON StopThingRegistrationTask where
+  toJSON = Prelude.const (Data.Object Prelude.mempty)
+
+instance Data.ToPath StopThingRegistrationTask where
+  toPath StopThingRegistrationTask' {..} =
+    Prelude.mconcat
+      [ "/thing-registration-tasks/",
+        Data.toBS taskId,
+        "/cancel"
+      ]
+
+instance Data.ToQuery StopThingRegistrationTask where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newStopThingRegistrationTaskResponse' smart constructor.
+data StopThingRegistrationTaskResponse = StopThingRegistrationTaskResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'StopThingRegistrationTaskResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'stopThingRegistrationTaskResponse_httpStatus' - The response's http status code.
+newStopThingRegistrationTaskResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  StopThingRegistrationTaskResponse
+newStopThingRegistrationTaskResponse pHttpStatus_ =
+  StopThingRegistrationTaskResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+stopThingRegistrationTaskResponse_httpStatus :: Lens.Lens' StopThingRegistrationTaskResponse Prelude.Int
+stopThingRegistrationTaskResponse_httpStatus = Lens.lens (\StopThingRegistrationTaskResponse' {httpStatus} -> httpStatus) (\s@StopThingRegistrationTaskResponse' {} a -> s {httpStatus = a} :: StopThingRegistrationTaskResponse)
+
+instance
+  Prelude.NFData
+    StopThingRegistrationTaskResponse
+  where
+  rnf StopThingRegistrationTaskResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/TagResource.hs b/gen/Amazonka/IoT/TagResource.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/TagResource.hs
@@ -0,0 +1,161 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.TagResource
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Adds to or modifies the tags of the given resource. Tags are metadata
+-- which can be used to manage a resource.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions TagResource>
+-- action.
+module Amazonka.IoT.TagResource
+  ( -- * Creating a Request
+    TagResource (..),
+    newTagResource,
+
+    -- * Request Lenses
+    tagResource_resourceArn,
+    tagResource_tags,
+
+    -- * Destructuring the Response
+    TagResourceResponse (..),
+    newTagResourceResponse,
+
+    -- * Response Lenses
+    tagResourceResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newTagResource' smart constructor.
+data TagResource = TagResource'
+  { -- | The ARN of the resource.
+    resourceArn :: Prelude.Text,
+    -- | The new or modified tags for the resource.
+    tags :: [Tag]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TagResource' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'resourceArn', 'tagResource_resourceArn' - The ARN of the resource.
+--
+-- 'tags', 'tagResource_tags' - The new or modified tags for the resource.
+newTagResource ::
+  -- | 'resourceArn'
+  Prelude.Text ->
+  TagResource
+newTagResource pResourceArn_ =
+  TagResource'
+    { resourceArn = pResourceArn_,
+      tags = Prelude.mempty
+    }
+
+-- | The ARN of the resource.
+tagResource_resourceArn :: Lens.Lens' TagResource Prelude.Text
+tagResource_resourceArn = Lens.lens (\TagResource' {resourceArn} -> resourceArn) (\s@TagResource' {} a -> s {resourceArn = a} :: TagResource)
+
+-- | The new or modified tags for the resource.
+tagResource_tags :: Lens.Lens' TagResource [Tag]
+tagResource_tags = Lens.lens (\TagResource' {tags} -> tags) (\s@TagResource' {} a -> s {tags = a} :: TagResource) Prelude.. Lens.coerced
+
+instance Core.AWSRequest TagResource where
+  type AWSResponse TagResource = TagResourceResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          TagResourceResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable TagResource where
+  hashWithSalt _salt TagResource' {..} =
+    _salt
+      `Prelude.hashWithSalt` resourceArn
+      `Prelude.hashWithSalt` tags
+
+instance Prelude.NFData TagResource where
+  rnf TagResource' {..} =
+    Prelude.rnf resourceArn
+      `Prelude.seq` Prelude.rnf tags
+
+instance Data.ToHeaders TagResource where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON TagResource where
+  toJSON TagResource' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("resourceArn" Data..= resourceArn),
+            Prelude.Just ("tags" Data..= tags)
+          ]
+      )
+
+instance Data.ToPath TagResource where
+  toPath = Prelude.const "/tags"
+
+instance Data.ToQuery TagResource where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newTagResourceResponse' smart constructor.
+data TagResourceResponse = TagResourceResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TagResourceResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'tagResourceResponse_httpStatus' - The response's http status code.
+newTagResourceResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  TagResourceResponse
+newTagResourceResponse pHttpStatus_ =
+  TagResourceResponse' {httpStatus = pHttpStatus_}
+
+-- | The response's http status code.
+tagResourceResponse_httpStatus :: Lens.Lens' TagResourceResponse Prelude.Int
+tagResourceResponse_httpStatus = Lens.lens (\TagResourceResponse' {httpStatus} -> httpStatus) (\s@TagResourceResponse' {} a -> s {httpStatus = a} :: TagResourceResponse)
+
+instance Prelude.NFData TagResourceResponse where
+  rnf TagResourceResponse' {..} = Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/TestAuthorization.hs b/gen/Amazonka/IoT/TestAuthorization.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/TestAuthorization.hs
@@ -0,0 +1,253 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.TestAuthorization
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Tests if a specified principal is authorized to perform an IoT action on
+-- a specified resource. Use this to test and debug the authorization
+-- behavior of devices that connect to the IoT device gateway.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions TestAuthorization>
+-- action.
+module Amazonka.IoT.TestAuthorization
+  ( -- * Creating a Request
+    TestAuthorization (..),
+    newTestAuthorization,
+
+    -- * Request Lenses
+    testAuthorization_clientId,
+    testAuthorization_cognitoIdentityPoolId,
+    testAuthorization_policyNamesToAdd,
+    testAuthorization_policyNamesToSkip,
+    testAuthorization_principal,
+    testAuthorization_authInfos,
+
+    -- * Destructuring the Response
+    TestAuthorizationResponse (..),
+    newTestAuthorizationResponse,
+
+    -- * Response Lenses
+    testAuthorizationResponse_authResults,
+    testAuthorizationResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newTestAuthorization' smart constructor.
+data TestAuthorization = TestAuthorization'
+  { -- | The MQTT client ID.
+    clientId :: Prelude.Maybe Prelude.Text,
+    -- | The Cognito identity pool ID.
+    cognitoIdentityPoolId :: Prelude.Maybe Prelude.Text,
+    -- | When testing custom authorization, the policies specified here are
+    -- treated as if they are attached to the principal being authorized.
+    policyNamesToAdd :: Prelude.Maybe [Prelude.Text],
+    -- | When testing custom authorization, the policies specified here are
+    -- treated as if they are not attached to the principal being authorized.
+    policyNamesToSkip :: Prelude.Maybe [Prelude.Text],
+    -- | The principal. Valid principals are CertificateArn
+    -- (arn:aws:iot:/region/:/accountId/:cert\//certificateId/), thingGroupArn
+    -- (arn:aws:iot:/region/:/accountId/:thinggroup\//groupName/) and CognitoId
+    -- (/region/:/id/).
+    principal :: Prelude.Maybe Prelude.Text,
+    -- | A list of authorization info objects. Simulating authorization will
+    -- create a response for each @authInfo@ object in the list.
+    authInfos :: Prelude.NonEmpty AuthInfo
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TestAuthorization' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'clientId', 'testAuthorization_clientId' - The MQTT client ID.
+--
+-- 'cognitoIdentityPoolId', 'testAuthorization_cognitoIdentityPoolId' - The Cognito identity pool ID.
+--
+-- 'policyNamesToAdd', 'testAuthorization_policyNamesToAdd' - When testing custom authorization, the policies specified here are
+-- treated as if they are attached to the principal being authorized.
+--
+-- 'policyNamesToSkip', 'testAuthorization_policyNamesToSkip' - When testing custom authorization, the policies specified here are
+-- treated as if they are not attached to the principal being authorized.
+--
+-- 'principal', 'testAuthorization_principal' - The principal. Valid principals are CertificateArn
+-- (arn:aws:iot:/region/:/accountId/:cert\//certificateId/), thingGroupArn
+-- (arn:aws:iot:/region/:/accountId/:thinggroup\//groupName/) and CognitoId
+-- (/region/:/id/).
+--
+-- 'authInfos', 'testAuthorization_authInfos' - A list of authorization info objects. Simulating authorization will
+-- create a response for each @authInfo@ object in the list.
+newTestAuthorization ::
+  -- | 'authInfos'
+  Prelude.NonEmpty AuthInfo ->
+  TestAuthorization
+newTestAuthorization pAuthInfos_ =
+  TestAuthorization'
+    { clientId = Prelude.Nothing,
+      cognitoIdentityPoolId = Prelude.Nothing,
+      policyNamesToAdd = Prelude.Nothing,
+      policyNamesToSkip = Prelude.Nothing,
+      principal = Prelude.Nothing,
+      authInfos = Lens.coerced Lens.# pAuthInfos_
+    }
+
+-- | The MQTT client ID.
+testAuthorization_clientId :: Lens.Lens' TestAuthorization (Prelude.Maybe Prelude.Text)
+testAuthorization_clientId = Lens.lens (\TestAuthorization' {clientId} -> clientId) (\s@TestAuthorization' {} a -> s {clientId = a} :: TestAuthorization)
+
+-- | The Cognito identity pool ID.
+testAuthorization_cognitoIdentityPoolId :: Lens.Lens' TestAuthorization (Prelude.Maybe Prelude.Text)
+testAuthorization_cognitoIdentityPoolId = Lens.lens (\TestAuthorization' {cognitoIdentityPoolId} -> cognitoIdentityPoolId) (\s@TestAuthorization' {} a -> s {cognitoIdentityPoolId = a} :: TestAuthorization)
+
+-- | When testing custom authorization, the policies specified here are
+-- treated as if they are attached to the principal being authorized.
+testAuthorization_policyNamesToAdd :: Lens.Lens' TestAuthorization (Prelude.Maybe [Prelude.Text])
+testAuthorization_policyNamesToAdd = Lens.lens (\TestAuthorization' {policyNamesToAdd} -> policyNamesToAdd) (\s@TestAuthorization' {} a -> s {policyNamesToAdd = a} :: TestAuthorization) Prelude.. Lens.mapping Lens.coerced
+
+-- | When testing custom authorization, the policies specified here are
+-- treated as if they are not attached to the principal being authorized.
+testAuthorization_policyNamesToSkip :: Lens.Lens' TestAuthorization (Prelude.Maybe [Prelude.Text])
+testAuthorization_policyNamesToSkip = Lens.lens (\TestAuthorization' {policyNamesToSkip} -> policyNamesToSkip) (\s@TestAuthorization' {} a -> s {policyNamesToSkip = a} :: TestAuthorization) Prelude.. Lens.mapping Lens.coerced
+
+-- | The principal. Valid principals are CertificateArn
+-- (arn:aws:iot:/region/:/accountId/:cert\//certificateId/), thingGroupArn
+-- (arn:aws:iot:/region/:/accountId/:thinggroup\//groupName/) and CognitoId
+-- (/region/:/id/).
+testAuthorization_principal :: Lens.Lens' TestAuthorization (Prelude.Maybe Prelude.Text)
+testAuthorization_principal = Lens.lens (\TestAuthorization' {principal} -> principal) (\s@TestAuthorization' {} a -> s {principal = a} :: TestAuthorization)
+
+-- | A list of authorization info objects. Simulating authorization will
+-- create a response for each @authInfo@ object in the list.
+testAuthorization_authInfos :: Lens.Lens' TestAuthorization (Prelude.NonEmpty AuthInfo)
+testAuthorization_authInfos = Lens.lens (\TestAuthorization' {authInfos} -> authInfos) (\s@TestAuthorization' {} a -> s {authInfos = a} :: TestAuthorization) Prelude.. Lens.coerced
+
+instance Core.AWSRequest TestAuthorization where
+  type
+    AWSResponse TestAuthorization =
+      TestAuthorizationResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          TestAuthorizationResponse'
+            Prelude.<$> (x Data..?> "authResults" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable TestAuthorization where
+  hashWithSalt _salt TestAuthorization' {..} =
+    _salt
+      `Prelude.hashWithSalt` clientId
+      `Prelude.hashWithSalt` cognitoIdentityPoolId
+      `Prelude.hashWithSalt` policyNamesToAdd
+      `Prelude.hashWithSalt` policyNamesToSkip
+      `Prelude.hashWithSalt` principal
+      `Prelude.hashWithSalt` authInfos
+
+instance Prelude.NFData TestAuthorization where
+  rnf TestAuthorization' {..} =
+    Prelude.rnf clientId
+      `Prelude.seq` Prelude.rnf cognitoIdentityPoolId
+      `Prelude.seq` Prelude.rnf policyNamesToAdd
+      `Prelude.seq` Prelude.rnf policyNamesToSkip
+      `Prelude.seq` Prelude.rnf principal
+      `Prelude.seq` Prelude.rnf authInfos
+
+instance Data.ToHeaders TestAuthorization where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON TestAuthorization where
+  toJSON TestAuthorization' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("cognitoIdentityPoolId" Data..=)
+              Prelude.<$> cognitoIdentityPoolId,
+            ("policyNamesToAdd" Data..=)
+              Prelude.<$> policyNamesToAdd,
+            ("policyNamesToSkip" Data..=)
+              Prelude.<$> policyNamesToSkip,
+            ("principal" Data..=) Prelude.<$> principal,
+            Prelude.Just ("authInfos" Data..= authInfos)
+          ]
+      )
+
+instance Data.ToPath TestAuthorization where
+  toPath = Prelude.const "/test-authorization"
+
+instance Data.ToQuery TestAuthorization where
+  toQuery TestAuthorization' {..} =
+    Prelude.mconcat ["clientId" Data.=: clientId]
+
+-- | /See:/ 'newTestAuthorizationResponse' smart constructor.
+data TestAuthorizationResponse = TestAuthorizationResponse'
+  { -- | The authentication results.
+    authResults :: Prelude.Maybe [AuthResult],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TestAuthorizationResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'authResults', 'testAuthorizationResponse_authResults' - The authentication results.
+--
+-- 'httpStatus', 'testAuthorizationResponse_httpStatus' - The response's http status code.
+newTestAuthorizationResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  TestAuthorizationResponse
+newTestAuthorizationResponse pHttpStatus_ =
+  TestAuthorizationResponse'
+    { authResults =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The authentication results.
+testAuthorizationResponse_authResults :: Lens.Lens' TestAuthorizationResponse (Prelude.Maybe [AuthResult])
+testAuthorizationResponse_authResults = Lens.lens (\TestAuthorizationResponse' {authResults} -> authResults) (\s@TestAuthorizationResponse' {} a -> s {authResults = a} :: TestAuthorizationResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+testAuthorizationResponse_httpStatus :: Lens.Lens' TestAuthorizationResponse Prelude.Int
+testAuthorizationResponse_httpStatus = Lens.lens (\TestAuthorizationResponse' {httpStatus} -> httpStatus) (\s@TestAuthorizationResponse' {} a -> s {httpStatus = a} :: TestAuthorizationResponse)
+
+instance Prelude.NFData TestAuthorizationResponse where
+  rnf TestAuthorizationResponse' {..} =
+    Prelude.rnf authResults
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/TestInvokeAuthorizer.hs b/gen/Amazonka/IoT/TestInvokeAuthorizer.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/TestInvokeAuthorizer.hs
@@ -0,0 +1,292 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.TestInvokeAuthorizer
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Tests a custom authorization behavior by invoking a specified custom
+-- authorizer. Use this to test and debug the custom authorization behavior
+-- of devices that connect to the IoT device gateway.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions TestInvokeAuthorizer>
+-- action.
+module Amazonka.IoT.TestInvokeAuthorizer
+  ( -- * Creating a Request
+    TestInvokeAuthorizer (..),
+    newTestInvokeAuthorizer,
+
+    -- * Request Lenses
+    testInvokeAuthorizer_httpContext,
+    testInvokeAuthorizer_mqttContext,
+    testInvokeAuthorizer_tlsContext,
+    testInvokeAuthorizer_token,
+    testInvokeAuthorizer_tokenSignature,
+    testInvokeAuthorizer_authorizerName,
+
+    -- * Destructuring the Response
+    TestInvokeAuthorizerResponse (..),
+    newTestInvokeAuthorizerResponse,
+
+    -- * Response Lenses
+    testInvokeAuthorizerResponse_disconnectAfterInSeconds,
+    testInvokeAuthorizerResponse_isAuthenticated,
+    testInvokeAuthorizerResponse_policyDocuments,
+    testInvokeAuthorizerResponse_principalId,
+    testInvokeAuthorizerResponse_refreshAfterInSeconds,
+    testInvokeAuthorizerResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newTestInvokeAuthorizer' smart constructor.
+data TestInvokeAuthorizer = TestInvokeAuthorizer'
+  { -- | Specifies a test HTTP authorization request.
+    httpContext :: Prelude.Maybe HttpContext,
+    -- | Specifies a test MQTT authorization request.
+    mqttContext :: Prelude.Maybe MqttContext,
+    -- | Specifies a test TLS authorization request.
+    tlsContext :: Prelude.Maybe TlsContext,
+    -- | The token returned by your custom authentication service.
+    token :: Prelude.Maybe Prelude.Text,
+    -- | The signature made with the token and your custom authentication
+    -- service\'s private key. This value must be Base-64-encoded.
+    tokenSignature :: Prelude.Maybe Prelude.Text,
+    -- | The custom authorizer name.
+    authorizerName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TestInvokeAuthorizer' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpContext', 'testInvokeAuthorizer_httpContext' - Specifies a test HTTP authorization request.
+--
+-- 'mqttContext', 'testInvokeAuthorizer_mqttContext' - Specifies a test MQTT authorization request.
+--
+-- 'tlsContext', 'testInvokeAuthorizer_tlsContext' - Specifies a test TLS authorization request.
+--
+-- 'token', 'testInvokeAuthorizer_token' - The token returned by your custom authentication service.
+--
+-- 'tokenSignature', 'testInvokeAuthorizer_tokenSignature' - The signature made with the token and your custom authentication
+-- service\'s private key. This value must be Base-64-encoded.
+--
+-- 'authorizerName', 'testInvokeAuthorizer_authorizerName' - The custom authorizer name.
+newTestInvokeAuthorizer ::
+  -- | 'authorizerName'
+  Prelude.Text ->
+  TestInvokeAuthorizer
+newTestInvokeAuthorizer pAuthorizerName_ =
+  TestInvokeAuthorizer'
+    { httpContext =
+        Prelude.Nothing,
+      mqttContext = Prelude.Nothing,
+      tlsContext = Prelude.Nothing,
+      token = Prelude.Nothing,
+      tokenSignature = Prelude.Nothing,
+      authorizerName = pAuthorizerName_
+    }
+
+-- | Specifies a test HTTP authorization request.
+testInvokeAuthorizer_httpContext :: Lens.Lens' TestInvokeAuthorizer (Prelude.Maybe HttpContext)
+testInvokeAuthorizer_httpContext = Lens.lens (\TestInvokeAuthorizer' {httpContext} -> httpContext) (\s@TestInvokeAuthorizer' {} a -> s {httpContext = a} :: TestInvokeAuthorizer)
+
+-- | Specifies a test MQTT authorization request.
+testInvokeAuthorizer_mqttContext :: Lens.Lens' TestInvokeAuthorizer (Prelude.Maybe MqttContext)
+testInvokeAuthorizer_mqttContext = Lens.lens (\TestInvokeAuthorizer' {mqttContext} -> mqttContext) (\s@TestInvokeAuthorizer' {} a -> s {mqttContext = a} :: TestInvokeAuthorizer)
+
+-- | Specifies a test TLS authorization request.
+testInvokeAuthorizer_tlsContext :: Lens.Lens' TestInvokeAuthorizer (Prelude.Maybe TlsContext)
+testInvokeAuthorizer_tlsContext = Lens.lens (\TestInvokeAuthorizer' {tlsContext} -> tlsContext) (\s@TestInvokeAuthorizer' {} a -> s {tlsContext = a} :: TestInvokeAuthorizer)
+
+-- | The token returned by your custom authentication service.
+testInvokeAuthorizer_token :: Lens.Lens' TestInvokeAuthorizer (Prelude.Maybe Prelude.Text)
+testInvokeAuthorizer_token = Lens.lens (\TestInvokeAuthorizer' {token} -> token) (\s@TestInvokeAuthorizer' {} a -> s {token = a} :: TestInvokeAuthorizer)
+
+-- | The signature made with the token and your custom authentication
+-- service\'s private key. This value must be Base-64-encoded.
+testInvokeAuthorizer_tokenSignature :: Lens.Lens' TestInvokeAuthorizer (Prelude.Maybe Prelude.Text)
+testInvokeAuthorizer_tokenSignature = Lens.lens (\TestInvokeAuthorizer' {tokenSignature} -> tokenSignature) (\s@TestInvokeAuthorizer' {} a -> s {tokenSignature = a} :: TestInvokeAuthorizer)
+
+-- | The custom authorizer name.
+testInvokeAuthorizer_authorizerName :: Lens.Lens' TestInvokeAuthorizer Prelude.Text
+testInvokeAuthorizer_authorizerName = Lens.lens (\TestInvokeAuthorizer' {authorizerName} -> authorizerName) (\s@TestInvokeAuthorizer' {} a -> s {authorizerName = a} :: TestInvokeAuthorizer)
+
+instance Core.AWSRequest TestInvokeAuthorizer where
+  type
+    AWSResponse TestInvokeAuthorizer =
+      TestInvokeAuthorizerResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          TestInvokeAuthorizerResponse'
+            Prelude.<$> (x Data..?> "disconnectAfterInSeconds")
+            Prelude.<*> (x Data..?> "isAuthenticated")
+            Prelude.<*> ( x
+                            Data..?> "policyDocuments"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (x Data..?> "principalId")
+            Prelude.<*> (x Data..?> "refreshAfterInSeconds")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable TestInvokeAuthorizer where
+  hashWithSalt _salt TestInvokeAuthorizer' {..} =
+    _salt
+      `Prelude.hashWithSalt` httpContext
+      `Prelude.hashWithSalt` mqttContext
+      `Prelude.hashWithSalt` tlsContext
+      `Prelude.hashWithSalt` token
+      `Prelude.hashWithSalt` tokenSignature
+      `Prelude.hashWithSalt` authorizerName
+
+instance Prelude.NFData TestInvokeAuthorizer where
+  rnf TestInvokeAuthorizer' {..} =
+    Prelude.rnf httpContext
+      `Prelude.seq` Prelude.rnf mqttContext
+      `Prelude.seq` Prelude.rnf tlsContext
+      `Prelude.seq` Prelude.rnf token
+      `Prelude.seq` Prelude.rnf tokenSignature
+      `Prelude.seq` Prelude.rnf authorizerName
+
+instance Data.ToHeaders TestInvokeAuthorizer where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON TestInvokeAuthorizer where
+  toJSON TestInvokeAuthorizer' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("httpContext" Data..=) Prelude.<$> httpContext,
+            ("mqttContext" Data..=) Prelude.<$> mqttContext,
+            ("tlsContext" Data..=) Prelude.<$> tlsContext,
+            ("token" Data..=) Prelude.<$> token,
+            ("tokenSignature" Data..=)
+              Prelude.<$> tokenSignature
+          ]
+      )
+
+instance Data.ToPath TestInvokeAuthorizer where
+  toPath TestInvokeAuthorizer' {..} =
+    Prelude.mconcat
+      ["/authorizer/", Data.toBS authorizerName, "/test"]
+
+instance Data.ToQuery TestInvokeAuthorizer where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newTestInvokeAuthorizerResponse' smart constructor.
+data TestInvokeAuthorizerResponse = TestInvokeAuthorizerResponse'
+  { -- | The number of seconds after which the connection is terminated.
+    disconnectAfterInSeconds :: Prelude.Maybe Prelude.Int,
+    -- | True if the token is authenticated, otherwise false.
+    isAuthenticated :: Prelude.Maybe Prelude.Bool,
+    -- | IAM policy documents.
+    policyDocuments :: Prelude.Maybe [Prelude.Text],
+    -- | The principal ID.
+    principalId :: Prelude.Maybe Prelude.Text,
+    -- | The number of seconds after which the temporary credentials are
+    -- refreshed.
+    refreshAfterInSeconds :: Prelude.Maybe Prelude.Int,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TestInvokeAuthorizerResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'disconnectAfterInSeconds', 'testInvokeAuthorizerResponse_disconnectAfterInSeconds' - The number of seconds after which the connection is terminated.
+--
+-- 'isAuthenticated', 'testInvokeAuthorizerResponse_isAuthenticated' - True if the token is authenticated, otherwise false.
+--
+-- 'policyDocuments', 'testInvokeAuthorizerResponse_policyDocuments' - IAM policy documents.
+--
+-- 'principalId', 'testInvokeAuthorizerResponse_principalId' - The principal ID.
+--
+-- 'refreshAfterInSeconds', 'testInvokeAuthorizerResponse_refreshAfterInSeconds' - The number of seconds after which the temporary credentials are
+-- refreshed.
+--
+-- 'httpStatus', 'testInvokeAuthorizerResponse_httpStatus' - The response's http status code.
+newTestInvokeAuthorizerResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  TestInvokeAuthorizerResponse
+newTestInvokeAuthorizerResponse pHttpStatus_ =
+  TestInvokeAuthorizerResponse'
+    { disconnectAfterInSeconds =
+        Prelude.Nothing,
+      isAuthenticated = Prelude.Nothing,
+      policyDocuments = Prelude.Nothing,
+      principalId = Prelude.Nothing,
+      refreshAfterInSeconds = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The number of seconds after which the connection is terminated.
+testInvokeAuthorizerResponse_disconnectAfterInSeconds :: Lens.Lens' TestInvokeAuthorizerResponse (Prelude.Maybe Prelude.Int)
+testInvokeAuthorizerResponse_disconnectAfterInSeconds = Lens.lens (\TestInvokeAuthorizerResponse' {disconnectAfterInSeconds} -> disconnectAfterInSeconds) (\s@TestInvokeAuthorizerResponse' {} a -> s {disconnectAfterInSeconds = a} :: TestInvokeAuthorizerResponse)
+
+-- | True if the token is authenticated, otherwise false.
+testInvokeAuthorizerResponse_isAuthenticated :: Lens.Lens' TestInvokeAuthorizerResponse (Prelude.Maybe Prelude.Bool)
+testInvokeAuthorizerResponse_isAuthenticated = Lens.lens (\TestInvokeAuthorizerResponse' {isAuthenticated} -> isAuthenticated) (\s@TestInvokeAuthorizerResponse' {} a -> s {isAuthenticated = a} :: TestInvokeAuthorizerResponse)
+
+-- | IAM policy documents.
+testInvokeAuthorizerResponse_policyDocuments :: Lens.Lens' TestInvokeAuthorizerResponse (Prelude.Maybe [Prelude.Text])
+testInvokeAuthorizerResponse_policyDocuments = Lens.lens (\TestInvokeAuthorizerResponse' {policyDocuments} -> policyDocuments) (\s@TestInvokeAuthorizerResponse' {} a -> s {policyDocuments = a} :: TestInvokeAuthorizerResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The principal ID.
+testInvokeAuthorizerResponse_principalId :: Lens.Lens' TestInvokeAuthorizerResponse (Prelude.Maybe Prelude.Text)
+testInvokeAuthorizerResponse_principalId = Lens.lens (\TestInvokeAuthorizerResponse' {principalId} -> principalId) (\s@TestInvokeAuthorizerResponse' {} a -> s {principalId = a} :: TestInvokeAuthorizerResponse)
+
+-- | The number of seconds after which the temporary credentials are
+-- refreshed.
+testInvokeAuthorizerResponse_refreshAfterInSeconds :: Lens.Lens' TestInvokeAuthorizerResponse (Prelude.Maybe Prelude.Int)
+testInvokeAuthorizerResponse_refreshAfterInSeconds = Lens.lens (\TestInvokeAuthorizerResponse' {refreshAfterInSeconds} -> refreshAfterInSeconds) (\s@TestInvokeAuthorizerResponse' {} a -> s {refreshAfterInSeconds = a} :: TestInvokeAuthorizerResponse)
+
+-- | The response's http status code.
+testInvokeAuthorizerResponse_httpStatus :: Lens.Lens' TestInvokeAuthorizerResponse Prelude.Int
+testInvokeAuthorizerResponse_httpStatus = Lens.lens (\TestInvokeAuthorizerResponse' {httpStatus} -> httpStatus) (\s@TestInvokeAuthorizerResponse' {} a -> s {httpStatus = a} :: TestInvokeAuthorizerResponse)
+
+instance Prelude.NFData TestInvokeAuthorizerResponse where
+  rnf TestInvokeAuthorizerResponse' {..} =
+    Prelude.rnf disconnectAfterInSeconds
+      `Prelude.seq` Prelude.rnf isAuthenticated
+      `Prelude.seq` Prelude.rnf policyDocuments
+      `Prelude.seq` Prelude.rnf principalId
+      `Prelude.seq` Prelude.rnf refreshAfterInSeconds
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/TransferCertificate.hs b/gen/Amazonka/IoT/TransferCertificate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/TransferCertificate.hs
@@ -0,0 +1,218 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.TransferCertificate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Transfers the specified certificate to the specified Amazon Web Services
+-- account.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions TransferCertificate>
+-- action.
+--
+-- You can cancel the transfer until it is acknowledged by the recipient.
+--
+-- No notification is sent to the transfer destination\'s account. It is up
+-- to the caller to notify the transfer target.
+--
+-- The certificate being transferred must not be in the ACTIVE state. You
+-- can use the UpdateCertificate action to deactivate it.
+--
+-- The certificate must not have any policies attached to it. You can use
+-- the DetachPolicy action to detach them.
+module Amazonka.IoT.TransferCertificate
+  ( -- * Creating a Request
+    TransferCertificate (..),
+    newTransferCertificate,
+
+    -- * Request Lenses
+    transferCertificate_transferMessage,
+    transferCertificate_certificateId,
+    transferCertificate_targetAwsAccount,
+
+    -- * Destructuring the Response
+    TransferCertificateResponse (..),
+    newTransferCertificateResponse,
+
+    -- * Response Lenses
+    transferCertificateResponse_transferredCertificateArn,
+    transferCertificateResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the TransferCertificate operation.
+--
+-- /See:/ 'newTransferCertificate' smart constructor.
+data TransferCertificate = TransferCertificate'
+  { -- | The transfer message.
+    transferMessage :: Prelude.Maybe Prelude.Text,
+    -- | The ID of the certificate. (The last part of the certificate ARN
+    -- contains the certificate ID.)
+    certificateId :: Prelude.Text,
+    -- | The Amazon Web Services account.
+    targetAwsAccount :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TransferCertificate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'transferMessage', 'transferCertificate_transferMessage' - The transfer message.
+--
+-- 'certificateId', 'transferCertificate_certificateId' - The ID of the certificate. (The last part of the certificate ARN
+-- contains the certificate ID.)
+--
+-- 'targetAwsAccount', 'transferCertificate_targetAwsAccount' - The Amazon Web Services account.
+newTransferCertificate ::
+  -- | 'certificateId'
+  Prelude.Text ->
+  -- | 'targetAwsAccount'
+  Prelude.Text ->
+  TransferCertificate
+newTransferCertificate
+  pCertificateId_
+  pTargetAwsAccount_ =
+    TransferCertificate'
+      { transferMessage =
+          Prelude.Nothing,
+        certificateId = pCertificateId_,
+        targetAwsAccount = pTargetAwsAccount_
+      }
+
+-- | The transfer message.
+transferCertificate_transferMessage :: Lens.Lens' TransferCertificate (Prelude.Maybe Prelude.Text)
+transferCertificate_transferMessage = Lens.lens (\TransferCertificate' {transferMessage} -> transferMessage) (\s@TransferCertificate' {} a -> s {transferMessage = a} :: TransferCertificate)
+
+-- | The ID of the certificate. (The last part of the certificate ARN
+-- contains the certificate ID.)
+transferCertificate_certificateId :: Lens.Lens' TransferCertificate Prelude.Text
+transferCertificate_certificateId = Lens.lens (\TransferCertificate' {certificateId} -> certificateId) (\s@TransferCertificate' {} a -> s {certificateId = a} :: TransferCertificate)
+
+-- | The Amazon Web Services account.
+transferCertificate_targetAwsAccount :: Lens.Lens' TransferCertificate Prelude.Text
+transferCertificate_targetAwsAccount = Lens.lens (\TransferCertificate' {targetAwsAccount} -> targetAwsAccount) (\s@TransferCertificate' {} a -> s {targetAwsAccount = a} :: TransferCertificate)
+
+instance Core.AWSRequest TransferCertificate where
+  type
+    AWSResponse TransferCertificate =
+      TransferCertificateResponse
+  request overrides =
+    Request.patchJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          TransferCertificateResponse'
+            Prelude.<$> (x Data..?> "transferredCertificateArn")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable TransferCertificate where
+  hashWithSalt _salt TransferCertificate' {..} =
+    _salt
+      `Prelude.hashWithSalt` transferMessage
+      `Prelude.hashWithSalt` certificateId
+      `Prelude.hashWithSalt` targetAwsAccount
+
+instance Prelude.NFData TransferCertificate where
+  rnf TransferCertificate' {..} =
+    Prelude.rnf transferMessage
+      `Prelude.seq` Prelude.rnf certificateId
+      `Prelude.seq` Prelude.rnf targetAwsAccount
+
+instance Data.ToHeaders TransferCertificate where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON TransferCertificate where
+  toJSON TransferCertificate' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("transferMessage" Data..=)
+              Prelude.<$> transferMessage
+          ]
+      )
+
+instance Data.ToPath TransferCertificate where
+  toPath TransferCertificate' {..} =
+    Prelude.mconcat
+      ["/transfer-certificate/", Data.toBS certificateId]
+
+instance Data.ToQuery TransferCertificate where
+  toQuery TransferCertificate' {..} =
+    Prelude.mconcat
+      ["targetAwsAccount" Data.=: targetAwsAccount]
+
+-- | The output from the TransferCertificate operation.
+--
+-- /See:/ 'newTransferCertificateResponse' smart constructor.
+data TransferCertificateResponse = TransferCertificateResponse'
+  { -- | The ARN of the certificate.
+    transferredCertificateArn :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TransferCertificateResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'transferredCertificateArn', 'transferCertificateResponse_transferredCertificateArn' - The ARN of the certificate.
+--
+-- 'httpStatus', 'transferCertificateResponse_httpStatus' - The response's http status code.
+newTransferCertificateResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  TransferCertificateResponse
+newTransferCertificateResponse pHttpStatus_ =
+  TransferCertificateResponse'
+    { transferredCertificateArn =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The ARN of the certificate.
+transferCertificateResponse_transferredCertificateArn :: Lens.Lens' TransferCertificateResponse (Prelude.Maybe Prelude.Text)
+transferCertificateResponse_transferredCertificateArn = Lens.lens (\TransferCertificateResponse' {transferredCertificateArn} -> transferredCertificateArn) (\s@TransferCertificateResponse' {} a -> s {transferredCertificateArn = a} :: TransferCertificateResponse)
+
+-- | The response's http status code.
+transferCertificateResponse_httpStatus :: Lens.Lens' TransferCertificateResponse Prelude.Int
+transferCertificateResponse_httpStatus = Lens.lens (\TransferCertificateResponse' {httpStatus} -> httpStatus) (\s@TransferCertificateResponse' {} a -> s {httpStatus = a} :: TransferCertificateResponse)
+
+instance Prelude.NFData TransferCertificateResponse where
+  rnf TransferCertificateResponse' {..} =
+    Prelude.rnf transferredCertificateArn
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/Types.hs b/gen/Amazonka/IoT/Types.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types.hs
@@ -0,0 +1,2440 @@
+{-# LANGUAGE DisambiguateRecordFields #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types
+  ( -- * Service Configuration
+    defaultService,
+
+    -- * Errors
+    _CertificateConflictException,
+    _CertificateStateException,
+    _CertificateValidationException,
+    _ConflictException,
+    _ConflictingResourceUpdateException,
+    _DeleteConflictException,
+    _IndexNotReadyException,
+    _InternalException,
+    _InternalFailureException,
+    _InternalServerException,
+    _InvalidAggregationException,
+    _InvalidQueryException,
+    _InvalidRequestException,
+    _InvalidResponseException,
+    _InvalidStateTransitionException,
+    _LimitExceededException,
+    _MalformedPolicyException,
+    _NotConfiguredException,
+    _RegistrationCodeValidationException,
+    _ResourceAlreadyExistsException,
+    _ResourceNotFoundException,
+    _ResourceRegistrationFailureException,
+    _ServiceUnavailableException,
+    _SqlParseException,
+    _TaskAlreadyExistsException,
+    _ThrottlingException,
+    _TransferAlreadyCompletedException,
+    _TransferConflictException,
+    _UnauthorizedException,
+    _VersionConflictException,
+    _VersionsLimitExceededException,
+
+    -- * AbortAction
+    AbortAction (..),
+
+    -- * ActionType
+    ActionType (..),
+
+    -- * AggregationTypeName
+    AggregationTypeName (..),
+
+    -- * AlertTargetType
+    AlertTargetType (..),
+
+    -- * AuditCheckRunStatus
+    AuditCheckRunStatus (..),
+
+    -- * AuditFindingSeverity
+    AuditFindingSeverity (..),
+
+    -- * AuditFrequency
+    AuditFrequency (..),
+
+    -- * AuditMitigationActionsExecutionStatus
+    AuditMitigationActionsExecutionStatus (..),
+
+    -- * AuditMitigationActionsTaskStatus
+    AuditMitigationActionsTaskStatus (..),
+
+    -- * AuditNotificationType
+    AuditNotificationType (..),
+
+    -- * AuditTaskStatus
+    AuditTaskStatus (..),
+
+    -- * AuditTaskType
+    AuditTaskType (..),
+
+    -- * AuthDecision
+    AuthDecision (..),
+
+    -- * AuthorizerStatus
+    AuthorizerStatus (..),
+
+    -- * AutoRegistrationStatus
+    AutoRegistrationStatus (..),
+
+    -- * AwsJobAbortCriteriaAbortAction
+    AwsJobAbortCriteriaAbortAction (..),
+
+    -- * AwsJobAbortCriteriaFailureType
+    AwsJobAbortCriteriaFailureType (..),
+
+    -- * BehaviorCriteriaType
+    BehaviorCriteriaType (..),
+
+    -- * CACertificateStatus
+    CACertificateStatus (..),
+
+    -- * CACertificateUpdateAction
+    CACertificateUpdateAction (..),
+
+    -- * CannedAccessControlList
+    CannedAccessControlList (..),
+
+    -- * CertificateMode
+    CertificateMode (..),
+
+    -- * CertificateStatus
+    CertificateStatus (..),
+
+    -- * ComparisonOperator
+    ComparisonOperator (..),
+
+    -- * ConfidenceLevel
+    ConfidenceLevel (..),
+
+    -- * CustomMetricType
+    CustomMetricType (..),
+
+    -- * DayOfWeek
+    DayOfWeek (..),
+
+    -- * DetectMitigationActionExecutionStatus
+    DetectMitigationActionExecutionStatus (..),
+
+    -- * DetectMitigationActionsTaskStatus
+    DetectMitigationActionsTaskStatus (..),
+
+    -- * DeviceCertificateUpdateAction
+    DeviceCertificateUpdateAction (..),
+
+    -- * DeviceDefenderIndexingMode
+    DeviceDefenderIndexingMode (..),
+
+    -- * DimensionType
+    DimensionType (..),
+
+    -- * DimensionValueOperator
+    DimensionValueOperator (..),
+
+    -- * DomainConfigurationStatus
+    DomainConfigurationStatus (..),
+
+    -- * DomainType
+    DomainType (..),
+
+    -- * DynamicGroupStatus
+    DynamicGroupStatus (..),
+
+    -- * DynamoKeyType
+    DynamoKeyType (..),
+
+    -- * EventType
+    EventType (..),
+
+    -- * FieldType
+    FieldType (..),
+
+    -- * FleetMetricUnit
+    FleetMetricUnit (..),
+
+    -- * IndexStatus
+    IndexStatus (..),
+
+    -- * JobEndBehavior
+    JobEndBehavior (..),
+
+    -- * JobExecutionFailureType
+    JobExecutionFailureType (..),
+
+    -- * JobExecutionStatus
+    JobExecutionStatus (..),
+
+    -- * JobStatus
+    JobStatus (..),
+
+    -- * LogLevel
+    LogLevel (..),
+
+    -- * LogTargetType
+    LogTargetType (..),
+
+    -- * MessageFormat
+    MessageFormat (..),
+
+    -- * MitigationActionType
+    MitigationActionType (..),
+
+    -- * ModelStatus
+    ModelStatus (..),
+
+    -- * NamedShadowIndexingMode
+    NamedShadowIndexingMode (..),
+
+    -- * OTAUpdateStatus
+    OTAUpdateStatus (..),
+
+    -- * PolicyTemplateName
+    PolicyTemplateName (..),
+
+    -- * Protocol
+    Protocol (..),
+
+    -- * ReportType
+    ReportType (..),
+
+    -- * ResourceType
+    ResourceType (..),
+
+    -- * RetryableFailureType
+    RetryableFailureType (..),
+
+    -- * ServerCertificateStatus
+    ServerCertificateStatus (..),
+
+    -- * ServiceType
+    ServiceType (..),
+
+    -- * TargetSelection
+    TargetSelection (..),
+
+    -- * TaskStatus
+    TaskStatus (..),
+
+    -- * TemplateType
+    TemplateType (..),
+
+    -- * ThingConnectivityIndexingMode
+    ThingConnectivityIndexingMode (..),
+
+    -- * ThingGroupIndexingMode
+    ThingGroupIndexingMode (..),
+
+    -- * ThingIndexingMode
+    ThingIndexingMode (..),
+
+    -- * TopicRuleDestinationStatus
+    TopicRuleDestinationStatus (..),
+
+    -- * VerificationState
+    VerificationState (..),
+
+    -- * ViolationEventType
+    ViolationEventType (..),
+
+    -- * AbortConfig
+    AbortConfig (..),
+    newAbortConfig,
+    abortConfig_criteriaList,
+
+    -- * AbortCriteria
+    AbortCriteria (..),
+    newAbortCriteria,
+    abortCriteria_failureType,
+    abortCriteria_action,
+    abortCriteria_thresholdPercentage,
+    abortCriteria_minNumberOfExecutedThings,
+
+    -- * Action
+    Action (..),
+    newAction,
+    action_cloudwatchAlarm,
+    action_cloudwatchLogs,
+    action_cloudwatchMetric,
+    action_dynamoDB,
+    action_dynamoDBv2,
+    action_elasticsearch,
+    action_firehose,
+    action_http,
+    action_iotAnalytics,
+    action_iotEvents,
+    action_iotSiteWise,
+    action_kafka,
+    action_kinesis,
+    action_lambda,
+    action_location,
+    action_openSearch,
+    action_republish,
+    action_s3,
+    action_salesforce,
+    action_sns,
+    action_sqs,
+    action_stepFunctions,
+    action_timestream,
+
+    -- * ActiveViolation
+    ActiveViolation (..),
+    newActiveViolation,
+    activeViolation_behavior,
+    activeViolation_lastViolationTime,
+    activeViolation_lastViolationValue,
+    activeViolation_securityProfileName,
+    activeViolation_thingName,
+    activeViolation_verificationState,
+    activeViolation_verificationStateDescription,
+    activeViolation_violationEventAdditionalInfo,
+    activeViolation_violationId,
+    activeViolation_violationStartTime,
+
+    -- * AddThingsToThingGroupParams
+    AddThingsToThingGroupParams (..),
+    newAddThingsToThingGroupParams,
+    addThingsToThingGroupParams_overrideDynamicGroups,
+    addThingsToThingGroupParams_thingGroupNames,
+
+    -- * AggregationType
+    AggregationType (..),
+    newAggregationType,
+    aggregationType_values,
+    aggregationType_name,
+
+    -- * AlertTarget
+    AlertTarget (..),
+    newAlertTarget,
+    alertTarget_alertTargetArn,
+    alertTarget_roleArn,
+
+    -- * Allowed
+    Allowed (..),
+    newAllowed,
+    allowed_policies,
+
+    -- * AssetPropertyTimestamp
+    AssetPropertyTimestamp (..),
+    newAssetPropertyTimestamp,
+    assetPropertyTimestamp_offsetInNanos,
+    assetPropertyTimestamp_timeInSeconds,
+
+    -- * AssetPropertyValue
+    AssetPropertyValue (..),
+    newAssetPropertyValue,
+    assetPropertyValue_quality,
+    assetPropertyValue_value,
+    assetPropertyValue_timestamp,
+
+    -- * AssetPropertyVariant
+    AssetPropertyVariant (..),
+    newAssetPropertyVariant,
+    assetPropertyVariant_booleanValue,
+    assetPropertyVariant_doubleValue,
+    assetPropertyVariant_integerValue,
+    assetPropertyVariant_stringValue,
+
+    -- * AttributePayload
+    AttributePayload (..),
+    newAttributePayload,
+    attributePayload_attributes,
+    attributePayload_merge,
+
+    -- * AuditCheckConfiguration
+    AuditCheckConfiguration (..),
+    newAuditCheckConfiguration,
+    auditCheckConfiguration_enabled,
+
+    -- * AuditCheckDetails
+    AuditCheckDetails (..),
+    newAuditCheckDetails,
+    auditCheckDetails_checkCompliant,
+    auditCheckDetails_checkRunStatus,
+    auditCheckDetails_errorCode,
+    auditCheckDetails_message,
+    auditCheckDetails_nonCompliantResourcesCount,
+    auditCheckDetails_suppressedNonCompliantResourcesCount,
+    auditCheckDetails_totalResourcesCount,
+
+    -- * AuditFinding
+    AuditFinding (..),
+    newAuditFinding,
+    auditFinding_checkName,
+    auditFinding_findingId,
+    auditFinding_findingTime,
+    auditFinding_isSuppressed,
+    auditFinding_nonCompliantResource,
+    auditFinding_reasonForNonCompliance,
+    auditFinding_reasonForNonComplianceCode,
+    auditFinding_relatedResources,
+    auditFinding_severity,
+    auditFinding_taskId,
+    auditFinding_taskStartTime,
+
+    -- * AuditMitigationActionExecutionMetadata
+    AuditMitigationActionExecutionMetadata (..),
+    newAuditMitigationActionExecutionMetadata,
+    auditMitigationActionExecutionMetadata_actionId,
+    auditMitigationActionExecutionMetadata_actionName,
+    auditMitigationActionExecutionMetadata_endTime,
+    auditMitigationActionExecutionMetadata_errorCode,
+    auditMitigationActionExecutionMetadata_findingId,
+    auditMitigationActionExecutionMetadata_message,
+    auditMitigationActionExecutionMetadata_startTime,
+    auditMitigationActionExecutionMetadata_status,
+    auditMitigationActionExecutionMetadata_taskId,
+
+    -- * AuditMitigationActionsTaskMetadata
+    AuditMitigationActionsTaskMetadata (..),
+    newAuditMitigationActionsTaskMetadata,
+    auditMitigationActionsTaskMetadata_startTime,
+    auditMitigationActionsTaskMetadata_taskId,
+    auditMitigationActionsTaskMetadata_taskStatus,
+
+    -- * AuditMitigationActionsTaskTarget
+    AuditMitigationActionsTaskTarget (..),
+    newAuditMitigationActionsTaskTarget,
+    auditMitigationActionsTaskTarget_auditCheckToReasonCodeFilter,
+    auditMitigationActionsTaskTarget_auditTaskId,
+    auditMitigationActionsTaskTarget_findingIds,
+
+    -- * AuditNotificationTarget
+    AuditNotificationTarget (..),
+    newAuditNotificationTarget,
+    auditNotificationTarget_enabled,
+    auditNotificationTarget_roleArn,
+    auditNotificationTarget_targetArn,
+
+    -- * AuditSuppression
+    AuditSuppression (..),
+    newAuditSuppression,
+    auditSuppression_description,
+    auditSuppression_expirationDate,
+    auditSuppression_suppressIndefinitely,
+    auditSuppression_checkName,
+    auditSuppression_resourceIdentifier,
+
+    -- * AuditTaskMetadata
+    AuditTaskMetadata (..),
+    newAuditTaskMetadata,
+    auditTaskMetadata_taskId,
+    auditTaskMetadata_taskStatus,
+    auditTaskMetadata_taskType,
+
+    -- * AuthInfo
+    AuthInfo (..),
+    newAuthInfo,
+    authInfo_actionType,
+    authInfo_resources,
+
+    -- * AuthResult
+    AuthResult (..),
+    newAuthResult,
+    authResult_allowed,
+    authResult_authDecision,
+    authResult_authInfo,
+    authResult_denied,
+    authResult_missingContextValues,
+
+    -- * AuthorizerConfig
+    AuthorizerConfig (..),
+    newAuthorizerConfig,
+    authorizerConfig_allowAuthorizerOverride,
+    authorizerConfig_defaultAuthorizerName,
+
+    -- * AuthorizerDescription
+    AuthorizerDescription (..),
+    newAuthorizerDescription,
+    authorizerDescription_authorizerArn,
+    authorizerDescription_authorizerFunctionArn,
+    authorizerDescription_authorizerName,
+    authorizerDescription_creationDate,
+    authorizerDescription_enableCachingForHttp,
+    authorizerDescription_lastModifiedDate,
+    authorizerDescription_signingDisabled,
+    authorizerDescription_status,
+    authorizerDescription_tokenKeyName,
+    authorizerDescription_tokenSigningPublicKeys,
+
+    -- * AuthorizerSummary
+    AuthorizerSummary (..),
+    newAuthorizerSummary,
+    authorizerSummary_authorizerArn,
+    authorizerSummary_authorizerName,
+
+    -- * AwsJobAbortConfig
+    AwsJobAbortConfig (..),
+    newAwsJobAbortConfig,
+    awsJobAbortConfig_abortCriteriaList,
+
+    -- * AwsJobAbortCriteria
+    AwsJobAbortCriteria (..),
+    newAwsJobAbortCriteria,
+    awsJobAbortCriteria_failureType,
+    awsJobAbortCriteria_action,
+    awsJobAbortCriteria_thresholdPercentage,
+    awsJobAbortCriteria_minNumberOfExecutedThings,
+
+    -- * AwsJobExecutionsRolloutConfig
+    AwsJobExecutionsRolloutConfig (..),
+    newAwsJobExecutionsRolloutConfig,
+    awsJobExecutionsRolloutConfig_exponentialRate,
+    awsJobExecutionsRolloutConfig_maximumPerMinute,
+
+    -- * AwsJobExponentialRolloutRate
+    AwsJobExponentialRolloutRate (..),
+    newAwsJobExponentialRolloutRate,
+    awsJobExponentialRolloutRate_baseRatePerMinute,
+    awsJobExponentialRolloutRate_incrementFactor,
+    awsJobExponentialRolloutRate_rateIncreaseCriteria,
+
+    -- * AwsJobPresignedUrlConfig
+    AwsJobPresignedUrlConfig (..),
+    newAwsJobPresignedUrlConfig,
+    awsJobPresignedUrlConfig_expiresInSec,
+
+    -- * AwsJobRateIncreaseCriteria
+    AwsJobRateIncreaseCriteria (..),
+    newAwsJobRateIncreaseCriteria,
+    awsJobRateIncreaseCriteria_numberOfNotifiedThings,
+    awsJobRateIncreaseCriteria_numberOfSucceededThings,
+
+    -- * AwsJobTimeoutConfig
+    AwsJobTimeoutConfig (..),
+    newAwsJobTimeoutConfig,
+    awsJobTimeoutConfig_inProgressTimeoutInMinutes,
+
+    -- * Behavior
+    Behavior (..),
+    newBehavior,
+    behavior_criteria,
+    behavior_metric,
+    behavior_metricDimension,
+    behavior_suppressAlerts,
+    behavior_name,
+
+    -- * BehaviorCriteria
+    BehaviorCriteria (..),
+    newBehaviorCriteria,
+    behaviorCriteria_comparisonOperator,
+    behaviorCriteria_consecutiveDatapointsToAlarm,
+    behaviorCriteria_consecutiveDatapointsToClear,
+    behaviorCriteria_durationSeconds,
+    behaviorCriteria_mlDetectionConfig,
+    behaviorCriteria_statisticalThreshold,
+    behaviorCriteria_value,
+
+    -- * BehaviorModelTrainingSummary
+    BehaviorModelTrainingSummary (..),
+    newBehaviorModelTrainingSummary,
+    behaviorModelTrainingSummary_behaviorName,
+    behaviorModelTrainingSummary_datapointsCollectionPercentage,
+    behaviorModelTrainingSummary_lastModelRefreshDate,
+    behaviorModelTrainingSummary_modelStatus,
+    behaviorModelTrainingSummary_securityProfileName,
+    behaviorModelTrainingSummary_trainingDataCollectionStartDate,
+
+    -- * BillingGroupMetadata
+    BillingGroupMetadata (..),
+    newBillingGroupMetadata,
+    billingGroupMetadata_creationDate,
+
+    -- * BillingGroupProperties
+    BillingGroupProperties (..),
+    newBillingGroupProperties,
+    billingGroupProperties_billingGroupDescription,
+
+    -- * Bucket
+    Bucket (..),
+    newBucket,
+    bucket_count,
+    bucket_keyValue,
+
+    -- * BucketsAggregationType
+    BucketsAggregationType (..),
+    newBucketsAggregationType,
+    bucketsAggregationType_termsAggregation,
+
+    -- * CACertificate
+    CACertificate (..),
+    newCACertificate,
+    cACertificate_certificateArn,
+    cACertificate_certificateId,
+    cACertificate_creationDate,
+    cACertificate_status,
+
+    -- * CACertificateDescription
+    CACertificateDescription (..),
+    newCACertificateDescription,
+    cACertificateDescription_autoRegistrationStatus,
+    cACertificateDescription_certificateArn,
+    cACertificateDescription_certificateId,
+    cACertificateDescription_certificateMode,
+    cACertificateDescription_certificatePem,
+    cACertificateDescription_creationDate,
+    cACertificateDescription_customerVersion,
+    cACertificateDescription_generationId,
+    cACertificateDescription_lastModifiedDate,
+    cACertificateDescription_ownedBy,
+    cACertificateDescription_status,
+    cACertificateDescription_validity,
+
+    -- * Certificate
+    Certificate (..),
+    newCertificate,
+    certificate_certificateArn,
+    certificate_certificateId,
+    certificate_certificateMode,
+    certificate_creationDate,
+    certificate_status,
+
+    -- * CertificateDescription
+    CertificateDescription (..),
+    newCertificateDescription,
+    certificateDescription_caCertificateId,
+    certificateDescription_certificateArn,
+    certificateDescription_certificateId,
+    certificateDescription_certificateMode,
+    certificateDescription_certificatePem,
+    certificateDescription_creationDate,
+    certificateDescription_customerVersion,
+    certificateDescription_generationId,
+    certificateDescription_lastModifiedDate,
+    certificateDescription_ownedBy,
+    certificateDescription_previousOwnedBy,
+    certificateDescription_status,
+    certificateDescription_transferData,
+    certificateDescription_validity,
+
+    -- * CertificateValidity
+    CertificateValidity (..),
+    newCertificateValidity,
+    certificateValidity_notAfter,
+    certificateValidity_notBefore,
+
+    -- * CloudwatchAlarmAction
+    CloudwatchAlarmAction (..),
+    newCloudwatchAlarmAction,
+    cloudwatchAlarmAction_roleArn,
+    cloudwatchAlarmAction_alarmName,
+    cloudwatchAlarmAction_stateReason,
+    cloudwatchAlarmAction_stateValue,
+
+    -- * CloudwatchLogsAction
+    CloudwatchLogsAction (..),
+    newCloudwatchLogsAction,
+    cloudwatchLogsAction_roleArn,
+    cloudwatchLogsAction_logGroupName,
+
+    -- * CloudwatchMetricAction
+    CloudwatchMetricAction (..),
+    newCloudwatchMetricAction,
+    cloudwatchMetricAction_metricTimestamp,
+    cloudwatchMetricAction_roleArn,
+    cloudwatchMetricAction_metricNamespace,
+    cloudwatchMetricAction_metricName,
+    cloudwatchMetricAction_metricValue,
+    cloudwatchMetricAction_metricUnit,
+
+    -- * CodeSigning
+    CodeSigning (..),
+    newCodeSigning,
+    codeSigning_awsSignerJobId,
+    codeSigning_customCodeSigning,
+    codeSigning_startSigningJobParameter,
+
+    -- * CodeSigningCertificateChain
+    CodeSigningCertificateChain (..),
+    newCodeSigningCertificateChain,
+    codeSigningCertificateChain_certificateName,
+    codeSigningCertificateChain_inlineDocument,
+
+    -- * CodeSigningSignature
+    CodeSigningSignature (..),
+    newCodeSigningSignature,
+    codeSigningSignature_inlineDocument,
+
+    -- * Configuration
+    Configuration (..),
+    newConfiguration,
+    configuration_enabled,
+
+    -- * CustomCodeSigning
+    CustomCodeSigning (..),
+    newCustomCodeSigning,
+    customCodeSigning_certificateChain,
+    customCodeSigning_hashAlgorithm,
+    customCodeSigning_signature,
+    customCodeSigning_signatureAlgorithm,
+
+    -- * Denied
+    Denied (..),
+    newDenied,
+    denied_explicitDeny,
+    denied_implicitDeny,
+
+    -- * Destination
+    Destination (..),
+    newDestination,
+    destination_s3Destination,
+
+    -- * DetectMitigationActionExecution
+    DetectMitigationActionExecution (..),
+    newDetectMitigationActionExecution,
+    detectMitigationActionExecution_actionName,
+    detectMitigationActionExecution_errorCode,
+    detectMitigationActionExecution_executionEndDate,
+    detectMitigationActionExecution_executionStartDate,
+    detectMitigationActionExecution_message,
+    detectMitigationActionExecution_status,
+    detectMitigationActionExecution_taskId,
+    detectMitigationActionExecution_thingName,
+    detectMitigationActionExecution_violationId,
+
+    -- * DetectMitigationActionsTaskStatistics
+    DetectMitigationActionsTaskStatistics (..),
+    newDetectMitigationActionsTaskStatistics,
+    detectMitigationActionsTaskStatistics_actionsExecuted,
+    detectMitigationActionsTaskStatistics_actionsFailed,
+    detectMitigationActionsTaskStatistics_actionsSkipped,
+
+    -- * DetectMitigationActionsTaskSummary
+    DetectMitigationActionsTaskSummary (..),
+    newDetectMitigationActionsTaskSummary,
+    detectMitigationActionsTaskSummary_actionsDefinition,
+    detectMitigationActionsTaskSummary_onlyActiveViolationsIncluded,
+    detectMitigationActionsTaskSummary_suppressedAlertsIncluded,
+    detectMitigationActionsTaskSummary_target,
+    detectMitigationActionsTaskSummary_taskEndTime,
+    detectMitigationActionsTaskSummary_taskId,
+    detectMitigationActionsTaskSummary_taskStartTime,
+    detectMitigationActionsTaskSummary_taskStatistics,
+    detectMitigationActionsTaskSummary_taskStatus,
+    detectMitigationActionsTaskSummary_violationEventOccurrenceRange,
+
+    -- * DetectMitigationActionsTaskTarget
+    DetectMitigationActionsTaskTarget (..),
+    newDetectMitigationActionsTaskTarget,
+    detectMitigationActionsTaskTarget_behaviorName,
+    detectMitigationActionsTaskTarget_securityProfileName,
+    detectMitigationActionsTaskTarget_violationIds,
+
+    -- * DocumentParameter
+    DocumentParameter (..),
+    newDocumentParameter,
+    documentParameter_description,
+    documentParameter_example,
+    documentParameter_key,
+    documentParameter_optional,
+    documentParameter_regex,
+
+    -- * DomainConfigurationSummary
+    DomainConfigurationSummary (..),
+    newDomainConfigurationSummary,
+    domainConfigurationSummary_domainConfigurationArn,
+    domainConfigurationSummary_domainConfigurationName,
+    domainConfigurationSummary_serviceType,
+
+    -- * DynamoDBAction
+    DynamoDBAction (..),
+    newDynamoDBAction,
+    dynamoDBAction_hashKeyType,
+    dynamoDBAction_operation,
+    dynamoDBAction_payloadField,
+    dynamoDBAction_rangeKeyField,
+    dynamoDBAction_rangeKeyType,
+    dynamoDBAction_rangeKeyValue,
+    dynamoDBAction_tableName,
+    dynamoDBAction_roleArn,
+    dynamoDBAction_hashKeyField,
+    dynamoDBAction_hashKeyValue,
+
+    -- * DynamoDBv2Action
+    DynamoDBv2Action (..),
+    newDynamoDBv2Action,
+    dynamoDBv2Action_roleArn,
+    dynamoDBv2Action_putItem,
+
+    -- * EffectivePolicy
+    EffectivePolicy (..),
+    newEffectivePolicy,
+    effectivePolicy_policyArn,
+    effectivePolicy_policyDocument,
+    effectivePolicy_policyName,
+
+    -- * ElasticsearchAction
+    ElasticsearchAction (..),
+    newElasticsearchAction,
+    elasticsearchAction_roleArn,
+    elasticsearchAction_endpoint,
+    elasticsearchAction_index,
+    elasticsearchAction_type,
+    elasticsearchAction_id,
+
+    -- * EnableIoTLoggingParams
+    EnableIoTLoggingParams (..),
+    newEnableIoTLoggingParams,
+    enableIoTLoggingParams_roleArnForLogging,
+    enableIoTLoggingParams_logLevel,
+
+    -- * ErrorInfo
+    ErrorInfo (..),
+    newErrorInfo,
+    errorInfo_code,
+    errorInfo_message,
+
+    -- * ExplicitDeny
+    ExplicitDeny (..),
+    newExplicitDeny,
+    explicitDeny_policies,
+
+    -- * ExponentialRolloutRate
+    ExponentialRolloutRate (..),
+    newExponentialRolloutRate,
+    exponentialRolloutRate_baseRatePerMinute,
+    exponentialRolloutRate_incrementFactor,
+    exponentialRolloutRate_rateIncreaseCriteria,
+
+    -- * Field
+    Field (..),
+    newField,
+    field_name,
+    field_type,
+
+    -- * FileLocation
+    FileLocation (..),
+    newFileLocation,
+    fileLocation_s3Location,
+    fileLocation_stream,
+
+    -- * FirehoseAction
+    FirehoseAction (..),
+    newFirehoseAction,
+    firehoseAction_batchMode,
+    firehoseAction_separator,
+    firehoseAction_roleArn,
+    firehoseAction_deliveryStreamName,
+
+    -- * FleetMetricNameAndArn
+    FleetMetricNameAndArn (..),
+    newFleetMetricNameAndArn,
+    fleetMetricNameAndArn_metricArn,
+    fleetMetricNameAndArn_metricName,
+
+    -- * GroupNameAndArn
+    GroupNameAndArn (..),
+    newGroupNameAndArn,
+    groupNameAndArn_groupArn,
+    groupNameAndArn_groupName,
+
+    -- * HttpAction
+    HttpAction (..),
+    newHttpAction,
+    httpAction_auth,
+    httpAction_confirmationUrl,
+    httpAction_headers,
+    httpAction_url,
+
+    -- * HttpActionHeader
+    HttpActionHeader (..),
+    newHttpActionHeader,
+    httpActionHeader_key,
+    httpActionHeader_value,
+
+    -- * HttpAuthorization
+    HttpAuthorization (..),
+    newHttpAuthorization,
+    httpAuthorization_sigv4,
+
+    -- * HttpContext
+    HttpContext (..),
+    newHttpContext,
+    httpContext_headers,
+    httpContext_queryString,
+
+    -- * HttpUrlDestinationConfiguration
+    HttpUrlDestinationConfiguration (..),
+    newHttpUrlDestinationConfiguration,
+    httpUrlDestinationConfiguration_confirmationUrl,
+
+    -- * HttpUrlDestinationProperties
+    HttpUrlDestinationProperties (..),
+    newHttpUrlDestinationProperties,
+    httpUrlDestinationProperties_confirmationUrl,
+
+    -- * HttpUrlDestinationSummary
+    HttpUrlDestinationSummary (..),
+    newHttpUrlDestinationSummary,
+    httpUrlDestinationSummary_confirmationUrl,
+
+    -- * ImplicitDeny
+    ImplicitDeny (..),
+    newImplicitDeny,
+    implicitDeny_policies,
+
+    -- * IndexingFilter
+    IndexingFilter (..),
+    newIndexingFilter,
+    indexingFilter_namedShadowNames,
+
+    -- * IotAnalyticsAction
+    IotAnalyticsAction (..),
+    newIotAnalyticsAction,
+    iotAnalyticsAction_batchMode,
+    iotAnalyticsAction_channelArn,
+    iotAnalyticsAction_channelName,
+    iotAnalyticsAction_roleArn,
+
+    -- * IotEventsAction
+    IotEventsAction (..),
+    newIotEventsAction,
+    iotEventsAction_batchMode,
+    iotEventsAction_messageId,
+    iotEventsAction_inputName,
+    iotEventsAction_roleArn,
+
+    -- * IotSiteWiseAction
+    IotSiteWiseAction (..),
+    newIotSiteWiseAction,
+    iotSiteWiseAction_putAssetPropertyValueEntries,
+    iotSiteWiseAction_roleArn,
+
+    -- * IssuerCertificateIdentifier
+    IssuerCertificateIdentifier (..),
+    newIssuerCertificateIdentifier,
+    issuerCertificateIdentifier_issuerCertificateSerialNumber,
+    issuerCertificateIdentifier_issuerCertificateSubject,
+    issuerCertificateIdentifier_issuerId,
+
+    -- * Job
+    Job (..),
+    newJob,
+    job_abortConfig,
+    job_comment,
+    job_completedAt,
+    job_createdAt,
+    job_description,
+    job_documentParameters,
+    job_forceCanceled,
+    job_isConcurrent,
+    job_jobArn,
+    job_jobExecutionsRetryConfig,
+    job_jobExecutionsRolloutConfig,
+    job_jobId,
+    job_jobProcessDetails,
+    job_jobTemplateArn,
+    job_lastUpdatedAt,
+    job_namespaceId,
+    job_presignedUrlConfig,
+    job_reasonCode,
+    job_schedulingConfig,
+    job_status,
+    job_targetSelection,
+    job_targets,
+    job_timeoutConfig,
+
+    -- * JobExecution
+    JobExecution (..),
+    newJobExecution,
+    jobExecution_approximateSecondsBeforeTimedOut,
+    jobExecution_executionNumber,
+    jobExecution_forceCanceled,
+    jobExecution_jobId,
+    jobExecution_lastUpdatedAt,
+    jobExecution_queuedAt,
+    jobExecution_startedAt,
+    jobExecution_status,
+    jobExecution_statusDetails,
+    jobExecution_thingArn,
+    jobExecution_versionNumber,
+
+    -- * JobExecutionStatusDetails
+    JobExecutionStatusDetails (..),
+    newJobExecutionStatusDetails,
+    jobExecutionStatusDetails_detailsMap,
+
+    -- * JobExecutionSummary
+    JobExecutionSummary (..),
+    newJobExecutionSummary,
+    jobExecutionSummary_executionNumber,
+    jobExecutionSummary_lastUpdatedAt,
+    jobExecutionSummary_queuedAt,
+    jobExecutionSummary_retryAttempt,
+    jobExecutionSummary_startedAt,
+    jobExecutionSummary_status,
+
+    -- * JobExecutionSummaryForJob
+    JobExecutionSummaryForJob (..),
+    newJobExecutionSummaryForJob,
+    jobExecutionSummaryForJob_jobExecutionSummary,
+    jobExecutionSummaryForJob_thingArn,
+
+    -- * JobExecutionSummaryForThing
+    JobExecutionSummaryForThing (..),
+    newJobExecutionSummaryForThing,
+    jobExecutionSummaryForThing_jobExecutionSummary,
+    jobExecutionSummaryForThing_jobId,
+
+    -- * JobExecutionsRetryConfig
+    JobExecutionsRetryConfig (..),
+    newJobExecutionsRetryConfig,
+    jobExecutionsRetryConfig_criteriaList,
+
+    -- * JobExecutionsRolloutConfig
+    JobExecutionsRolloutConfig (..),
+    newJobExecutionsRolloutConfig,
+    jobExecutionsRolloutConfig_exponentialRate,
+    jobExecutionsRolloutConfig_maximumPerMinute,
+
+    -- * JobProcessDetails
+    JobProcessDetails (..),
+    newJobProcessDetails,
+    jobProcessDetails_numberOfCanceledThings,
+    jobProcessDetails_numberOfFailedThings,
+    jobProcessDetails_numberOfInProgressThings,
+    jobProcessDetails_numberOfQueuedThings,
+    jobProcessDetails_numberOfRejectedThings,
+    jobProcessDetails_numberOfRemovedThings,
+    jobProcessDetails_numberOfSucceededThings,
+    jobProcessDetails_numberOfTimedOutThings,
+    jobProcessDetails_processingTargets,
+
+    -- * JobSummary
+    JobSummary (..),
+    newJobSummary,
+    jobSummary_completedAt,
+    jobSummary_createdAt,
+    jobSummary_isConcurrent,
+    jobSummary_jobArn,
+    jobSummary_jobId,
+    jobSummary_lastUpdatedAt,
+    jobSummary_status,
+    jobSummary_targetSelection,
+    jobSummary_thingGroupId,
+
+    -- * JobTemplateSummary
+    JobTemplateSummary (..),
+    newJobTemplateSummary,
+    jobTemplateSummary_createdAt,
+    jobTemplateSummary_description,
+    jobTemplateSummary_jobTemplateArn,
+    jobTemplateSummary_jobTemplateId,
+
+    -- * KafkaAction
+    KafkaAction (..),
+    newKafkaAction,
+    kafkaAction_key,
+    kafkaAction_partition,
+    kafkaAction_destinationArn,
+    kafkaAction_topic,
+    kafkaAction_clientProperties,
+
+    -- * KeyPair
+    KeyPair (..),
+    newKeyPair,
+    keyPair_privateKey,
+    keyPair_publicKey,
+
+    -- * KinesisAction
+    KinesisAction (..),
+    newKinesisAction,
+    kinesisAction_partitionKey,
+    kinesisAction_roleArn,
+    kinesisAction_streamName,
+
+    -- * LambdaAction
+    LambdaAction (..),
+    newLambdaAction,
+    lambdaAction_functionArn,
+
+    -- * LocationAction
+    LocationAction (..),
+    newLocationAction,
+    locationAction_timestamp,
+    locationAction_roleArn,
+    locationAction_trackerName,
+    locationAction_deviceId,
+    locationAction_latitude,
+    locationAction_longitude,
+
+    -- * LocationTimestamp
+    LocationTimestamp (..),
+    newLocationTimestamp,
+    locationTimestamp_unit,
+    locationTimestamp_value,
+
+    -- * LogTarget
+    LogTarget (..),
+    newLogTarget,
+    logTarget_targetName,
+    logTarget_targetType,
+
+    -- * LogTargetConfiguration
+    LogTargetConfiguration (..),
+    newLogTargetConfiguration,
+    logTargetConfiguration_logLevel,
+    logTargetConfiguration_logTarget,
+
+    -- * LoggingOptionsPayload
+    LoggingOptionsPayload (..),
+    newLoggingOptionsPayload,
+    loggingOptionsPayload_logLevel,
+    loggingOptionsPayload_roleArn,
+
+    -- * MachineLearningDetectionConfig
+    MachineLearningDetectionConfig (..),
+    newMachineLearningDetectionConfig,
+    machineLearningDetectionConfig_confidenceLevel,
+
+    -- * ManagedJobTemplateSummary
+    ManagedJobTemplateSummary (..),
+    newManagedJobTemplateSummary,
+    managedJobTemplateSummary_description,
+    managedJobTemplateSummary_environments,
+    managedJobTemplateSummary_templateArn,
+    managedJobTemplateSummary_templateName,
+    managedJobTemplateSummary_templateVersion,
+
+    -- * MetricDatum
+    MetricDatum (..),
+    newMetricDatum,
+    metricDatum_timestamp,
+    metricDatum_value,
+
+    -- * MetricDimension
+    MetricDimension (..),
+    newMetricDimension,
+    metricDimension_operator,
+    metricDimension_dimensionName,
+
+    -- * MetricToRetain
+    MetricToRetain (..),
+    newMetricToRetain,
+    metricToRetain_metricDimension,
+    metricToRetain_metric,
+
+    -- * MetricValue
+    MetricValue (..),
+    newMetricValue,
+    metricValue_cidrs,
+    metricValue_count,
+    metricValue_number,
+    metricValue_numbers,
+    metricValue_ports,
+    metricValue_strings,
+
+    -- * MitigationAction
+    MitigationAction (..),
+    newMitigationAction,
+    mitigationAction_actionParams,
+    mitigationAction_id,
+    mitigationAction_name,
+    mitigationAction_roleArn,
+
+    -- * MitigationActionIdentifier
+    MitigationActionIdentifier (..),
+    newMitigationActionIdentifier,
+    mitigationActionIdentifier_actionArn,
+    mitigationActionIdentifier_actionName,
+    mitigationActionIdentifier_creationDate,
+
+    -- * MitigationActionParams
+    MitigationActionParams (..),
+    newMitigationActionParams,
+    mitigationActionParams_addThingsToThingGroupParams,
+    mitigationActionParams_enableIoTLoggingParams,
+    mitigationActionParams_publishFindingToSnsParams,
+    mitigationActionParams_replaceDefaultPolicyVersionParams,
+    mitigationActionParams_updateCACertificateParams,
+    mitigationActionParams_updateDeviceCertificateParams,
+
+    -- * MqttContext
+    MqttContext (..),
+    newMqttContext,
+    mqttContext_clientId,
+    mqttContext_password,
+    mqttContext_username,
+
+    -- * MqttHeaders
+    MqttHeaders (..),
+    newMqttHeaders,
+    mqttHeaders_contentType,
+    mqttHeaders_correlationData,
+    mqttHeaders_messageExpiry,
+    mqttHeaders_payloadFormatIndicator,
+    mqttHeaders_responseTopic,
+    mqttHeaders_userProperties,
+
+    -- * NonCompliantResource
+    NonCompliantResource (..),
+    newNonCompliantResource,
+    nonCompliantResource_additionalInfo,
+    nonCompliantResource_resourceIdentifier,
+    nonCompliantResource_resourceType,
+
+    -- * OTAUpdateFile
+    OTAUpdateFile (..),
+    newOTAUpdateFile,
+    oTAUpdateFile_attributes,
+    oTAUpdateFile_codeSigning,
+    oTAUpdateFile_fileLocation,
+    oTAUpdateFile_fileName,
+    oTAUpdateFile_fileType,
+    oTAUpdateFile_fileVersion,
+
+    -- * OTAUpdateInfo
+    OTAUpdateInfo (..),
+    newOTAUpdateInfo,
+    oTAUpdateInfo_additionalParameters,
+    oTAUpdateInfo_awsIotJobArn,
+    oTAUpdateInfo_awsIotJobId,
+    oTAUpdateInfo_awsJobExecutionsRolloutConfig,
+    oTAUpdateInfo_awsJobPresignedUrlConfig,
+    oTAUpdateInfo_creationDate,
+    oTAUpdateInfo_description,
+    oTAUpdateInfo_errorInfo,
+    oTAUpdateInfo_lastModifiedDate,
+    oTAUpdateInfo_otaUpdateArn,
+    oTAUpdateInfo_otaUpdateFiles,
+    oTAUpdateInfo_otaUpdateId,
+    oTAUpdateInfo_otaUpdateStatus,
+    oTAUpdateInfo_protocols,
+    oTAUpdateInfo_targetSelection,
+    oTAUpdateInfo_targets,
+
+    -- * OTAUpdateSummary
+    OTAUpdateSummary (..),
+    newOTAUpdateSummary,
+    oTAUpdateSummary_creationDate,
+    oTAUpdateSummary_otaUpdateArn,
+    oTAUpdateSummary_otaUpdateId,
+
+    -- * OpenSearchAction
+    OpenSearchAction (..),
+    newOpenSearchAction,
+    openSearchAction_roleArn,
+    openSearchAction_endpoint,
+    openSearchAction_index,
+    openSearchAction_type,
+    openSearchAction_id,
+
+    -- * OutgoingCertificate
+    OutgoingCertificate (..),
+    newOutgoingCertificate,
+    outgoingCertificate_certificateArn,
+    outgoingCertificate_certificateId,
+    outgoingCertificate_creationDate,
+    outgoingCertificate_transferDate,
+    outgoingCertificate_transferMessage,
+    outgoingCertificate_transferredTo,
+
+    -- * PercentPair
+    PercentPair (..),
+    newPercentPair,
+    percentPair_percent,
+    percentPair_value,
+
+    -- * Policy
+    Policy (..),
+    newPolicy,
+    policy_policyArn,
+    policy_policyName,
+
+    -- * PolicyVersion
+    PolicyVersion (..),
+    newPolicyVersion,
+    policyVersion_createDate,
+    policyVersion_isDefaultVersion,
+    policyVersion_versionId,
+
+    -- * PolicyVersionIdentifier
+    PolicyVersionIdentifier (..),
+    newPolicyVersionIdentifier,
+    policyVersionIdentifier_policyName,
+    policyVersionIdentifier_policyVersionId,
+
+    -- * PresignedUrlConfig
+    PresignedUrlConfig (..),
+    newPresignedUrlConfig,
+    presignedUrlConfig_expiresInSec,
+    presignedUrlConfig_roleArn,
+
+    -- * ProvisioningHook
+    ProvisioningHook (..),
+    newProvisioningHook,
+    provisioningHook_payloadVersion,
+    provisioningHook_targetArn,
+
+    -- * ProvisioningTemplateSummary
+    ProvisioningTemplateSummary (..),
+    newProvisioningTemplateSummary,
+    provisioningTemplateSummary_creationDate,
+    provisioningTemplateSummary_description,
+    provisioningTemplateSummary_enabled,
+    provisioningTemplateSummary_lastModifiedDate,
+    provisioningTemplateSummary_templateArn,
+    provisioningTemplateSummary_templateName,
+    provisioningTemplateSummary_type,
+
+    -- * ProvisioningTemplateVersionSummary
+    ProvisioningTemplateVersionSummary (..),
+    newProvisioningTemplateVersionSummary,
+    provisioningTemplateVersionSummary_creationDate,
+    provisioningTemplateVersionSummary_isDefaultVersion,
+    provisioningTemplateVersionSummary_versionId,
+
+    -- * PublishFindingToSnsParams
+    PublishFindingToSnsParams (..),
+    newPublishFindingToSnsParams,
+    publishFindingToSnsParams_topicArn,
+
+    -- * PutAssetPropertyValueEntry
+    PutAssetPropertyValueEntry (..),
+    newPutAssetPropertyValueEntry,
+    putAssetPropertyValueEntry_assetId,
+    putAssetPropertyValueEntry_entryId,
+    putAssetPropertyValueEntry_propertyAlias,
+    putAssetPropertyValueEntry_propertyId,
+    putAssetPropertyValueEntry_propertyValues,
+
+    -- * PutItemInput
+    PutItemInput (..),
+    newPutItemInput,
+    putItemInput_tableName,
+
+    -- * RateIncreaseCriteria
+    RateIncreaseCriteria (..),
+    newRateIncreaseCriteria,
+    rateIncreaseCriteria_numberOfNotifiedThings,
+    rateIncreaseCriteria_numberOfSucceededThings,
+
+    -- * RegistrationConfig
+    RegistrationConfig (..),
+    newRegistrationConfig,
+    registrationConfig_roleArn,
+    registrationConfig_templateBody,
+    registrationConfig_templateName,
+
+    -- * RelatedResource
+    RelatedResource (..),
+    newRelatedResource,
+    relatedResource_additionalInfo,
+    relatedResource_resourceIdentifier,
+    relatedResource_resourceType,
+
+    -- * ReplaceDefaultPolicyVersionParams
+    ReplaceDefaultPolicyVersionParams (..),
+    newReplaceDefaultPolicyVersionParams,
+    replaceDefaultPolicyVersionParams_templateName,
+
+    -- * RepublishAction
+    RepublishAction (..),
+    newRepublishAction,
+    republishAction_headers,
+    republishAction_qos,
+    republishAction_roleArn,
+    republishAction_topic,
+
+    -- * ResourceIdentifier
+    ResourceIdentifier (..),
+    newResourceIdentifier,
+    resourceIdentifier_account,
+    resourceIdentifier_caCertificateId,
+    resourceIdentifier_clientId,
+    resourceIdentifier_cognitoIdentityPoolId,
+    resourceIdentifier_deviceCertificateArn,
+    resourceIdentifier_deviceCertificateId,
+    resourceIdentifier_iamRoleArn,
+    resourceIdentifier_issuerCertificateIdentifier,
+    resourceIdentifier_policyVersionIdentifier,
+    resourceIdentifier_roleAliasArn,
+
+    -- * RetryCriteria
+    RetryCriteria (..),
+    newRetryCriteria,
+    retryCriteria_failureType,
+    retryCriteria_numberOfRetries,
+
+    -- * RoleAliasDescription
+    RoleAliasDescription (..),
+    newRoleAliasDescription,
+    roleAliasDescription_creationDate,
+    roleAliasDescription_credentialDurationSeconds,
+    roleAliasDescription_lastModifiedDate,
+    roleAliasDescription_owner,
+    roleAliasDescription_roleAlias,
+    roleAliasDescription_roleAliasArn,
+    roleAliasDescription_roleArn,
+
+    -- * S3Action
+    S3Action (..),
+    newS3Action,
+    s3Action_cannedAcl,
+    s3Action_roleArn,
+    s3Action_bucketName,
+    s3Action_key,
+
+    -- * S3Destination
+    S3Destination (..),
+    newS3Destination,
+    s3Destination_bucket,
+    s3Destination_prefix,
+
+    -- * S3Location
+    S3Location (..),
+    newS3Location,
+    s3Location_bucket,
+    s3Location_key,
+    s3Location_version,
+
+    -- * SalesforceAction
+    SalesforceAction (..),
+    newSalesforceAction,
+    salesforceAction_token,
+    salesforceAction_url,
+
+    -- * ScheduledAuditMetadata
+    ScheduledAuditMetadata (..),
+    newScheduledAuditMetadata,
+    scheduledAuditMetadata_dayOfMonth,
+    scheduledAuditMetadata_dayOfWeek,
+    scheduledAuditMetadata_frequency,
+    scheduledAuditMetadata_scheduledAuditArn,
+    scheduledAuditMetadata_scheduledAuditName,
+
+    -- * SchedulingConfig
+    SchedulingConfig (..),
+    newSchedulingConfig,
+    schedulingConfig_endBehavior,
+    schedulingConfig_endTime,
+    schedulingConfig_startTime,
+
+    -- * SecurityProfileIdentifier
+    SecurityProfileIdentifier (..),
+    newSecurityProfileIdentifier,
+    securityProfileIdentifier_name,
+    securityProfileIdentifier_arn,
+
+    -- * SecurityProfileTarget
+    SecurityProfileTarget (..),
+    newSecurityProfileTarget,
+    securityProfileTarget_arn,
+
+    -- * SecurityProfileTargetMapping
+    SecurityProfileTargetMapping (..),
+    newSecurityProfileTargetMapping,
+    securityProfileTargetMapping_securityProfileIdentifier,
+    securityProfileTargetMapping_target,
+
+    -- * ServerCertificateSummary
+    ServerCertificateSummary (..),
+    newServerCertificateSummary,
+    serverCertificateSummary_serverCertificateArn,
+    serverCertificateSummary_serverCertificateStatus,
+    serverCertificateSummary_serverCertificateStatusDetail,
+
+    -- * SigV4Authorization
+    SigV4Authorization (..),
+    newSigV4Authorization,
+    sigV4Authorization_signingRegion,
+    sigV4Authorization_serviceName,
+    sigV4Authorization_roleArn,
+
+    -- * SigningProfileParameter
+    SigningProfileParameter (..),
+    newSigningProfileParameter,
+    signingProfileParameter_certificateArn,
+    signingProfileParameter_certificatePathOnDevice,
+    signingProfileParameter_platform,
+
+    -- * SnsAction
+    SnsAction (..),
+    newSnsAction,
+    snsAction_messageFormat,
+    snsAction_targetArn,
+    snsAction_roleArn,
+
+    -- * SqsAction
+    SqsAction (..),
+    newSqsAction,
+    sqsAction_useBase64,
+    sqsAction_roleArn,
+    sqsAction_queueUrl,
+
+    -- * StartSigningJobParameter
+    StartSigningJobParameter (..),
+    newStartSigningJobParameter,
+    startSigningJobParameter_destination,
+    startSigningJobParameter_signingProfileName,
+    startSigningJobParameter_signingProfileParameter,
+
+    -- * StatisticalThreshold
+    StatisticalThreshold (..),
+    newStatisticalThreshold,
+    statisticalThreshold_statistic,
+
+    -- * Statistics
+    Statistics (..),
+    newStatistics,
+    statistics_average,
+    statistics_count,
+    statistics_maximum,
+    statistics_minimum,
+    statistics_stdDeviation,
+    statistics_sum,
+    statistics_sumOfSquares,
+    statistics_variance,
+
+    -- * StepFunctionsAction
+    StepFunctionsAction (..),
+    newStepFunctionsAction,
+    stepFunctionsAction_executionNamePrefix,
+    stepFunctionsAction_stateMachineName,
+    stepFunctionsAction_roleArn,
+
+    -- * Stream
+    Stream (..),
+    newStream,
+    stream_fileId,
+    stream_streamId,
+
+    -- * StreamFile
+    StreamFile (..),
+    newStreamFile,
+    streamFile_fileId,
+    streamFile_s3Location,
+
+    -- * StreamInfo
+    StreamInfo (..),
+    newStreamInfo,
+    streamInfo_createdAt,
+    streamInfo_description,
+    streamInfo_files,
+    streamInfo_lastUpdatedAt,
+    streamInfo_roleArn,
+    streamInfo_streamArn,
+    streamInfo_streamId,
+    streamInfo_streamVersion,
+
+    -- * StreamSummary
+    StreamSummary (..),
+    newStreamSummary,
+    streamSummary_description,
+    streamSummary_streamArn,
+    streamSummary_streamId,
+    streamSummary_streamVersion,
+
+    -- * Tag
+    Tag (..),
+    newTag,
+    tag_value,
+    tag_key,
+
+    -- * TaskStatistics
+    TaskStatistics (..),
+    newTaskStatistics,
+    taskStatistics_canceledChecks,
+    taskStatistics_compliantChecks,
+    taskStatistics_failedChecks,
+    taskStatistics_inProgressChecks,
+    taskStatistics_nonCompliantChecks,
+    taskStatistics_totalChecks,
+    taskStatistics_waitingForDataCollectionChecks,
+
+    -- * TaskStatisticsForAuditCheck
+    TaskStatisticsForAuditCheck (..),
+    newTaskStatisticsForAuditCheck,
+    taskStatisticsForAuditCheck_canceledFindingsCount,
+    taskStatisticsForAuditCheck_failedFindingsCount,
+    taskStatisticsForAuditCheck_skippedFindingsCount,
+    taskStatisticsForAuditCheck_succeededFindingsCount,
+    taskStatisticsForAuditCheck_totalFindingsCount,
+
+    -- * TermsAggregation
+    TermsAggregation (..),
+    newTermsAggregation,
+    termsAggregation_maxBuckets,
+
+    -- * ThingAttribute
+    ThingAttribute (..),
+    newThingAttribute,
+    thingAttribute_attributes,
+    thingAttribute_thingArn,
+    thingAttribute_thingName,
+    thingAttribute_thingTypeName,
+    thingAttribute_version,
+
+    -- * ThingConnectivity
+    ThingConnectivity (..),
+    newThingConnectivity,
+    thingConnectivity_connected,
+    thingConnectivity_disconnectReason,
+    thingConnectivity_timestamp,
+
+    -- * ThingDocument
+    ThingDocument (..),
+    newThingDocument,
+    thingDocument_attributes,
+    thingDocument_connectivity,
+    thingDocument_deviceDefender,
+    thingDocument_shadow,
+    thingDocument_thingGroupNames,
+    thingDocument_thingId,
+    thingDocument_thingName,
+    thingDocument_thingTypeName,
+
+    -- * ThingGroupDocument
+    ThingGroupDocument (..),
+    newThingGroupDocument,
+    thingGroupDocument_attributes,
+    thingGroupDocument_parentGroupNames,
+    thingGroupDocument_thingGroupDescription,
+    thingGroupDocument_thingGroupId,
+    thingGroupDocument_thingGroupName,
+
+    -- * ThingGroupIndexingConfiguration
+    ThingGroupIndexingConfiguration (..),
+    newThingGroupIndexingConfiguration,
+    thingGroupIndexingConfiguration_customFields,
+    thingGroupIndexingConfiguration_managedFields,
+    thingGroupIndexingConfiguration_thingGroupIndexingMode,
+
+    -- * ThingGroupMetadata
+    ThingGroupMetadata (..),
+    newThingGroupMetadata,
+    thingGroupMetadata_creationDate,
+    thingGroupMetadata_parentGroupName,
+    thingGroupMetadata_rootToParentThingGroups,
+
+    -- * ThingGroupProperties
+    ThingGroupProperties (..),
+    newThingGroupProperties,
+    thingGroupProperties_attributePayload,
+    thingGroupProperties_thingGroupDescription,
+
+    -- * ThingIndexingConfiguration
+    ThingIndexingConfiguration (..),
+    newThingIndexingConfiguration,
+    thingIndexingConfiguration_customFields,
+    thingIndexingConfiguration_deviceDefenderIndexingMode,
+    thingIndexingConfiguration_filter,
+    thingIndexingConfiguration_managedFields,
+    thingIndexingConfiguration_namedShadowIndexingMode,
+    thingIndexingConfiguration_thingConnectivityIndexingMode,
+    thingIndexingConfiguration_thingIndexingMode,
+
+    -- * ThingTypeDefinition
+    ThingTypeDefinition (..),
+    newThingTypeDefinition,
+    thingTypeDefinition_thingTypeArn,
+    thingTypeDefinition_thingTypeMetadata,
+    thingTypeDefinition_thingTypeName,
+    thingTypeDefinition_thingTypeProperties,
+
+    -- * ThingTypeMetadata
+    ThingTypeMetadata (..),
+    newThingTypeMetadata,
+    thingTypeMetadata_creationDate,
+    thingTypeMetadata_deprecated,
+    thingTypeMetadata_deprecationDate,
+
+    -- * ThingTypeProperties
+    ThingTypeProperties (..),
+    newThingTypeProperties,
+    thingTypeProperties_searchableAttributes,
+    thingTypeProperties_thingTypeDescription,
+
+    -- * TimeoutConfig
+    TimeoutConfig (..),
+    newTimeoutConfig,
+    timeoutConfig_inProgressTimeoutInMinutes,
+
+    -- * TimestreamAction
+    TimestreamAction (..),
+    newTimestreamAction,
+    timestreamAction_timestamp,
+    timestreamAction_roleArn,
+    timestreamAction_databaseName,
+    timestreamAction_tableName,
+    timestreamAction_dimensions,
+
+    -- * TimestreamDimension
+    TimestreamDimension (..),
+    newTimestreamDimension,
+    timestreamDimension_name,
+    timestreamDimension_value,
+
+    -- * TimestreamTimestamp
+    TimestreamTimestamp (..),
+    newTimestreamTimestamp,
+    timestreamTimestamp_value,
+    timestreamTimestamp_unit,
+
+    -- * TlsContext
+    TlsContext (..),
+    newTlsContext,
+    tlsContext_serverName,
+
+    -- * TopicRule
+    TopicRule (..),
+    newTopicRule,
+    topicRule_actions,
+    topicRule_awsIotSqlVersion,
+    topicRule_createdAt,
+    topicRule_description,
+    topicRule_errorAction,
+    topicRule_ruleDisabled,
+    topicRule_ruleName,
+    topicRule_sql,
+
+    -- * TopicRuleDestination
+    TopicRuleDestination (..),
+    newTopicRuleDestination,
+    topicRuleDestination_arn,
+    topicRuleDestination_createdAt,
+    topicRuleDestination_httpUrlProperties,
+    topicRuleDestination_lastUpdatedAt,
+    topicRuleDestination_status,
+    topicRuleDestination_statusReason,
+    topicRuleDestination_vpcProperties,
+
+    -- * TopicRuleDestinationConfiguration
+    TopicRuleDestinationConfiguration (..),
+    newTopicRuleDestinationConfiguration,
+    topicRuleDestinationConfiguration_httpUrlConfiguration,
+    topicRuleDestinationConfiguration_vpcConfiguration,
+
+    -- * TopicRuleDestinationSummary
+    TopicRuleDestinationSummary (..),
+    newTopicRuleDestinationSummary,
+    topicRuleDestinationSummary_arn,
+    topicRuleDestinationSummary_createdAt,
+    topicRuleDestinationSummary_httpUrlSummary,
+    topicRuleDestinationSummary_lastUpdatedAt,
+    topicRuleDestinationSummary_status,
+    topicRuleDestinationSummary_statusReason,
+    topicRuleDestinationSummary_vpcDestinationSummary,
+
+    -- * TopicRuleListItem
+    TopicRuleListItem (..),
+    newTopicRuleListItem,
+    topicRuleListItem_createdAt,
+    topicRuleListItem_ruleArn,
+    topicRuleListItem_ruleDisabled,
+    topicRuleListItem_ruleName,
+    topicRuleListItem_topicPattern,
+
+    -- * TopicRulePayload
+    TopicRulePayload (..),
+    newTopicRulePayload,
+    topicRulePayload_awsIotSqlVersion,
+    topicRulePayload_description,
+    topicRulePayload_errorAction,
+    topicRulePayload_ruleDisabled,
+    topicRulePayload_sql,
+    topicRulePayload_actions,
+
+    -- * TransferData
+    TransferData (..),
+    newTransferData,
+    transferData_acceptDate,
+    transferData_rejectDate,
+    transferData_rejectReason,
+    transferData_transferDate,
+    transferData_transferMessage,
+
+    -- * UpdateCACertificateParams
+    UpdateCACertificateParams (..),
+    newUpdateCACertificateParams,
+    updateCACertificateParams_action,
+
+    -- * UpdateDeviceCertificateParams
+    UpdateDeviceCertificateParams (..),
+    newUpdateDeviceCertificateParams,
+    updateDeviceCertificateParams_action,
+
+    -- * UserProperty
+    UserProperty (..),
+    newUserProperty,
+    userProperty_key,
+    userProperty_value,
+
+    -- * ValidationError
+    ValidationError (..),
+    newValidationError,
+    validationError_errorMessage,
+
+    -- * ViolationEvent
+    ViolationEvent (..),
+    newViolationEvent,
+    violationEvent_behavior,
+    violationEvent_metricValue,
+    violationEvent_securityProfileName,
+    violationEvent_thingName,
+    violationEvent_verificationState,
+    violationEvent_verificationStateDescription,
+    violationEvent_violationEventAdditionalInfo,
+    violationEvent_violationEventTime,
+    violationEvent_violationEventType,
+    violationEvent_violationId,
+
+    -- * ViolationEventAdditionalInfo
+    ViolationEventAdditionalInfo (..),
+    newViolationEventAdditionalInfo,
+    violationEventAdditionalInfo_confidenceLevel,
+
+    -- * ViolationEventOccurrenceRange
+    ViolationEventOccurrenceRange (..),
+    newViolationEventOccurrenceRange,
+    violationEventOccurrenceRange_startTime,
+    violationEventOccurrenceRange_endTime,
+
+    -- * VpcDestinationConfiguration
+    VpcDestinationConfiguration (..),
+    newVpcDestinationConfiguration,
+    vpcDestinationConfiguration_securityGroups,
+    vpcDestinationConfiguration_subnetIds,
+    vpcDestinationConfiguration_vpcId,
+    vpcDestinationConfiguration_roleArn,
+
+    -- * VpcDestinationProperties
+    VpcDestinationProperties (..),
+    newVpcDestinationProperties,
+    vpcDestinationProperties_roleArn,
+    vpcDestinationProperties_securityGroups,
+    vpcDestinationProperties_subnetIds,
+    vpcDestinationProperties_vpcId,
+
+    -- * VpcDestinationSummary
+    VpcDestinationSummary (..),
+    newVpcDestinationSummary,
+    vpcDestinationSummary_roleArn,
+    vpcDestinationSummary_securityGroups,
+    vpcDestinationSummary_subnetIds,
+    vpcDestinationSummary_vpcId,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import Amazonka.IoT.Types.AbortAction
+import Amazonka.IoT.Types.AbortConfig
+import Amazonka.IoT.Types.AbortCriteria
+import Amazonka.IoT.Types.Action
+import Amazonka.IoT.Types.ActionType
+import Amazonka.IoT.Types.ActiveViolation
+import Amazonka.IoT.Types.AddThingsToThingGroupParams
+import Amazonka.IoT.Types.AggregationType
+import Amazonka.IoT.Types.AggregationTypeName
+import Amazonka.IoT.Types.AlertTarget
+import Amazonka.IoT.Types.AlertTargetType
+import Amazonka.IoT.Types.Allowed
+import Amazonka.IoT.Types.AssetPropertyTimestamp
+import Amazonka.IoT.Types.AssetPropertyValue
+import Amazonka.IoT.Types.AssetPropertyVariant
+import Amazonka.IoT.Types.AttributePayload
+import Amazonka.IoT.Types.AuditCheckConfiguration
+import Amazonka.IoT.Types.AuditCheckDetails
+import Amazonka.IoT.Types.AuditCheckRunStatus
+import Amazonka.IoT.Types.AuditFinding
+import Amazonka.IoT.Types.AuditFindingSeverity
+import Amazonka.IoT.Types.AuditFrequency
+import Amazonka.IoT.Types.AuditMitigationActionExecutionMetadata
+import Amazonka.IoT.Types.AuditMitigationActionsExecutionStatus
+import Amazonka.IoT.Types.AuditMitigationActionsTaskMetadata
+import Amazonka.IoT.Types.AuditMitigationActionsTaskStatus
+import Amazonka.IoT.Types.AuditMitigationActionsTaskTarget
+import Amazonka.IoT.Types.AuditNotificationTarget
+import Amazonka.IoT.Types.AuditNotificationType
+import Amazonka.IoT.Types.AuditSuppression
+import Amazonka.IoT.Types.AuditTaskMetadata
+import Amazonka.IoT.Types.AuditTaskStatus
+import Amazonka.IoT.Types.AuditTaskType
+import Amazonka.IoT.Types.AuthDecision
+import Amazonka.IoT.Types.AuthInfo
+import Amazonka.IoT.Types.AuthResult
+import Amazonka.IoT.Types.AuthorizerConfig
+import Amazonka.IoT.Types.AuthorizerDescription
+import Amazonka.IoT.Types.AuthorizerStatus
+import Amazonka.IoT.Types.AuthorizerSummary
+import Amazonka.IoT.Types.AutoRegistrationStatus
+import Amazonka.IoT.Types.AwsJobAbortConfig
+import Amazonka.IoT.Types.AwsJobAbortCriteria
+import Amazonka.IoT.Types.AwsJobAbortCriteriaAbortAction
+import Amazonka.IoT.Types.AwsJobAbortCriteriaFailureType
+import Amazonka.IoT.Types.AwsJobExecutionsRolloutConfig
+import Amazonka.IoT.Types.AwsJobExponentialRolloutRate
+import Amazonka.IoT.Types.AwsJobPresignedUrlConfig
+import Amazonka.IoT.Types.AwsJobRateIncreaseCriteria
+import Amazonka.IoT.Types.AwsJobTimeoutConfig
+import Amazonka.IoT.Types.Behavior
+import Amazonka.IoT.Types.BehaviorCriteria
+import Amazonka.IoT.Types.BehaviorCriteriaType
+import Amazonka.IoT.Types.BehaviorModelTrainingSummary
+import Amazonka.IoT.Types.BillingGroupMetadata
+import Amazonka.IoT.Types.BillingGroupProperties
+import Amazonka.IoT.Types.Bucket
+import Amazonka.IoT.Types.BucketsAggregationType
+import Amazonka.IoT.Types.CACertificate
+import Amazonka.IoT.Types.CACertificateDescription
+import Amazonka.IoT.Types.CACertificateStatus
+import Amazonka.IoT.Types.CACertificateUpdateAction
+import Amazonka.IoT.Types.CannedAccessControlList
+import Amazonka.IoT.Types.Certificate
+import Amazonka.IoT.Types.CertificateDescription
+import Amazonka.IoT.Types.CertificateMode
+import Amazonka.IoT.Types.CertificateStatus
+import Amazonka.IoT.Types.CertificateValidity
+import Amazonka.IoT.Types.CloudwatchAlarmAction
+import Amazonka.IoT.Types.CloudwatchLogsAction
+import Amazonka.IoT.Types.CloudwatchMetricAction
+import Amazonka.IoT.Types.CodeSigning
+import Amazonka.IoT.Types.CodeSigningCertificateChain
+import Amazonka.IoT.Types.CodeSigningSignature
+import Amazonka.IoT.Types.ComparisonOperator
+import Amazonka.IoT.Types.ConfidenceLevel
+import Amazonka.IoT.Types.Configuration
+import Amazonka.IoT.Types.CustomCodeSigning
+import Amazonka.IoT.Types.CustomMetricType
+import Amazonka.IoT.Types.DayOfWeek
+import Amazonka.IoT.Types.Denied
+import Amazonka.IoT.Types.Destination
+import Amazonka.IoT.Types.DetectMitigationActionExecution
+import Amazonka.IoT.Types.DetectMitigationActionExecutionStatus
+import Amazonka.IoT.Types.DetectMitigationActionsTaskStatistics
+import Amazonka.IoT.Types.DetectMitigationActionsTaskStatus
+import Amazonka.IoT.Types.DetectMitigationActionsTaskSummary
+import Amazonka.IoT.Types.DetectMitigationActionsTaskTarget
+import Amazonka.IoT.Types.DeviceCertificateUpdateAction
+import Amazonka.IoT.Types.DeviceDefenderIndexingMode
+import Amazonka.IoT.Types.DimensionType
+import Amazonka.IoT.Types.DimensionValueOperator
+import Amazonka.IoT.Types.DocumentParameter
+import Amazonka.IoT.Types.DomainConfigurationStatus
+import Amazonka.IoT.Types.DomainConfigurationSummary
+import Amazonka.IoT.Types.DomainType
+import Amazonka.IoT.Types.DynamicGroupStatus
+import Amazonka.IoT.Types.DynamoDBAction
+import Amazonka.IoT.Types.DynamoDBv2Action
+import Amazonka.IoT.Types.DynamoKeyType
+import Amazonka.IoT.Types.EffectivePolicy
+import Amazonka.IoT.Types.ElasticsearchAction
+import Amazonka.IoT.Types.EnableIoTLoggingParams
+import Amazonka.IoT.Types.ErrorInfo
+import Amazonka.IoT.Types.EventType
+import Amazonka.IoT.Types.ExplicitDeny
+import Amazonka.IoT.Types.ExponentialRolloutRate
+import Amazonka.IoT.Types.Field
+import Amazonka.IoT.Types.FieldType
+import Amazonka.IoT.Types.FileLocation
+import Amazonka.IoT.Types.FirehoseAction
+import Amazonka.IoT.Types.FleetMetricNameAndArn
+import Amazonka.IoT.Types.FleetMetricUnit
+import Amazonka.IoT.Types.GroupNameAndArn
+import Amazonka.IoT.Types.HttpAction
+import Amazonka.IoT.Types.HttpActionHeader
+import Amazonka.IoT.Types.HttpAuthorization
+import Amazonka.IoT.Types.HttpContext
+import Amazonka.IoT.Types.HttpUrlDestinationConfiguration
+import Amazonka.IoT.Types.HttpUrlDestinationProperties
+import Amazonka.IoT.Types.HttpUrlDestinationSummary
+import Amazonka.IoT.Types.ImplicitDeny
+import Amazonka.IoT.Types.IndexStatus
+import Amazonka.IoT.Types.IndexingFilter
+import Amazonka.IoT.Types.IotAnalyticsAction
+import Amazonka.IoT.Types.IotEventsAction
+import Amazonka.IoT.Types.IotSiteWiseAction
+import Amazonka.IoT.Types.IssuerCertificateIdentifier
+import Amazonka.IoT.Types.Job
+import Amazonka.IoT.Types.JobEndBehavior
+import Amazonka.IoT.Types.JobExecution
+import Amazonka.IoT.Types.JobExecutionFailureType
+import Amazonka.IoT.Types.JobExecutionStatus
+import Amazonka.IoT.Types.JobExecutionStatusDetails
+import Amazonka.IoT.Types.JobExecutionSummary
+import Amazonka.IoT.Types.JobExecutionSummaryForJob
+import Amazonka.IoT.Types.JobExecutionSummaryForThing
+import Amazonka.IoT.Types.JobExecutionsRetryConfig
+import Amazonka.IoT.Types.JobExecutionsRolloutConfig
+import Amazonka.IoT.Types.JobProcessDetails
+import Amazonka.IoT.Types.JobStatus
+import Amazonka.IoT.Types.JobSummary
+import Amazonka.IoT.Types.JobTemplateSummary
+import Amazonka.IoT.Types.KafkaAction
+import Amazonka.IoT.Types.KeyPair
+import Amazonka.IoT.Types.KinesisAction
+import Amazonka.IoT.Types.LambdaAction
+import Amazonka.IoT.Types.LocationAction
+import Amazonka.IoT.Types.LocationTimestamp
+import Amazonka.IoT.Types.LogLevel
+import Amazonka.IoT.Types.LogTarget
+import Amazonka.IoT.Types.LogTargetConfiguration
+import Amazonka.IoT.Types.LogTargetType
+import Amazonka.IoT.Types.LoggingOptionsPayload
+import Amazonka.IoT.Types.MachineLearningDetectionConfig
+import Amazonka.IoT.Types.ManagedJobTemplateSummary
+import Amazonka.IoT.Types.MessageFormat
+import Amazonka.IoT.Types.MetricDatum
+import Amazonka.IoT.Types.MetricDimension
+import Amazonka.IoT.Types.MetricToRetain
+import Amazonka.IoT.Types.MetricValue
+import Amazonka.IoT.Types.MitigationAction
+import Amazonka.IoT.Types.MitigationActionIdentifier
+import Amazonka.IoT.Types.MitigationActionParams
+import Amazonka.IoT.Types.MitigationActionType
+import Amazonka.IoT.Types.ModelStatus
+import Amazonka.IoT.Types.MqttContext
+import Amazonka.IoT.Types.MqttHeaders
+import Amazonka.IoT.Types.NamedShadowIndexingMode
+import Amazonka.IoT.Types.NonCompliantResource
+import Amazonka.IoT.Types.OTAUpdateFile
+import Amazonka.IoT.Types.OTAUpdateInfo
+import Amazonka.IoT.Types.OTAUpdateStatus
+import Amazonka.IoT.Types.OTAUpdateSummary
+import Amazonka.IoT.Types.OpenSearchAction
+import Amazonka.IoT.Types.OutgoingCertificate
+import Amazonka.IoT.Types.PercentPair
+import Amazonka.IoT.Types.Policy
+import Amazonka.IoT.Types.PolicyTemplateName
+import Amazonka.IoT.Types.PolicyVersion
+import Amazonka.IoT.Types.PolicyVersionIdentifier
+import Amazonka.IoT.Types.PresignedUrlConfig
+import Amazonka.IoT.Types.Protocol
+import Amazonka.IoT.Types.ProvisioningHook
+import Amazonka.IoT.Types.ProvisioningTemplateSummary
+import Amazonka.IoT.Types.ProvisioningTemplateVersionSummary
+import Amazonka.IoT.Types.PublishFindingToSnsParams
+import Amazonka.IoT.Types.PutAssetPropertyValueEntry
+import Amazonka.IoT.Types.PutItemInput
+import Amazonka.IoT.Types.RateIncreaseCriteria
+import Amazonka.IoT.Types.RegistrationConfig
+import Amazonka.IoT.Types.RelatedResource
+import Amazonka.IoT.Types.ReplaceDefaultPolicyVersionParams
+import Amazonka.IoT.Types.ReportType
+import Amazonka.IoT.Types.RepublishAction
+import Amazonka.IoT.Types.ResourceIdentifier
+import Amazonka.IoT.Types.ResourceType
+import Amazonka.IoT.Types.RetryCriteria
+import Amazonka.IoT.Types.RetryableFailureType
+import Amazonka.IoT.Types.RoleAliasDescription
+import Amazonka.IoT.Types.S3Action
+import Amazonka.IoT.Types.S3Destination
+import Amazonka.IoT.Types.S3Location
+import Amazonka.IoT.Types.SalesforceAction
+import Amazonka.IoT.Types.ScheduledAuditMetadata
+import Amazonka.IoT.Types.SchedulingConfig
+import Amazonka.IoT.Types.SecurityProfileIdentifier
+import Amazonka.IoT.Types.SecurityProfileTarget
+import Amazonka.IoT.Types.SecurityProfileTargetMapping
+import Amazonka.IoT.Types.ServerCertificateStatus
+import Amazonka.IoT.Types.ServerCertificateSummary
+import Amazonka.IoT.Types.ServiceType
+import Amazonka.IoT.Types.SigV4Authorization
+import Amazonka.IoT.Types.SigningProfileParameter
+import Amazonka.IoT.Types.SnsAction
+import Amazonka.IoT.Types.SqsAction
+import Amazonka.IoT.Types.StartSigningJobParameter
+import Amazonka.IoT.Types.StatisticalThreshold
+import Amazonka.IoT.Types.Statistics
+import Amazonka.IoT.Types.StepFunctionsAction
+import Amazonka.IoT.Types.Stream
+import Amazonka.IoT.Types.StreamFile
+import Amazonka.IoT.Types.StreamInfo
+import Amazonka.IoT.Types.StreamSummary
+import Amazonka.IoT.Types.Tag
+import Amazonka.IoT.Types.TargetSelection
+import Amazonka.IoT.Types.TaskStatistics
+import Amazonka.IoT.Types.TaskStatisticsForAuditCheck
+import Amazonka.IoT.Types.TaskStatus
+import Amazonka.IoT.Types.TemplateType
+import Amazonka.IoT.Types.TermsAggregation
+import Amazonka.IoT.Types.ThingAttribute
+import Amazonka.IoT.Types.ThingConnectivity
+import Amazonka.IoT.Types.ThingConnectivityIndexingMode
+import Amazonka.IoT.Types.ThingDocument
+import Amazonka.IoT.Types.ThingGroupDocument
+import Amazonka.IoT.Types.ThingGroupIndexingConfiguration
+import Amazonka.IoT.Types.ThingGroupIndexingMode
+import Amazonka.IoT.Types.ThingGroupMetadata
+import Amazonka.IoT.Types.ThingGroupProperties
+import Amazonka.IoT.Types.ThingIndexingConfiguration
+import Amazonka.IoT.Types.ThingIndexingMode
+import Amazonka.IoT.Types.ThingTypeDefinition
+import Amazonka.IoT.Types.ThingTypeMetadata
+import Amazonka.IoT.Types.ThingTypeProperties
+import Amazonka.IoT.Types.TimeoutConfig
+import Amazonka.IoT.Types.TimestreamAction
+import Amazonka.IoT.Types.TimestreamDimension
+import Amazonka.IoT.Types.TimestreamTimestamp
+import Amazonka.IoT.Types.TlsContext
+import Amazonka.IoT.Types.TopicRule
+import Amazonka.IoT.Types.TopicRuleDestination
+import Amazonka.IoT.Types.TopicRuleDestinationConfiguration
+import Amazonka.IoT.Types.TopicRuleDestinationStatus
+import Amazonka.IoT.Types.TopicRuleDestinationSummary
+import Amazonka.IoT.Types.TopicRuleListItem
+import Amazonka.IoT.Types.TopicRulePayload
+import Amazonka.IoT.Types.TransferData
+import Amazonka.IoT.Types.UpdateCACertificateParams
+import Amazonka.IoT.Types.UpdateDeviceCertificateParams
+import Amazonka.IoT.Types.UserProperty
+import Amazonka.IoT.Types.ValidationError
+import Amazonka.IoT.Types.VerificationState
+import Amazonka.IoT.Types.ViolationEvent
+import Amazonka.IoT.Types.ViolationEventAdditionalInfo
+import Amazonka.IoT.Types.ViolationEventOccurrenceRange
+import Amazonka.IoT.Types.ViolationEventType
+import Amazonka.IoT.Types.VpcDestinationConfiguration
+import Amazonka.IoT.Types.VpcDestinationProperties
+import Amazonka.IoT.Types.VpcDestinationSummary
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Sign.V4 as Sign
+
+-- | API version @2015-05-28@ of the Amazon IoT SDK configuration.
+defaultService :: Core.Service
+defaultService =
+  Core.Service
+    { Core.abbrev = "IoT",
+      Core.signer = Sign.v4,
+      Core.endpointPrefix = "iot",
+      Core.signingName = "execute-api",
+      Core.version = "2015-05-28",
+      Core.s3AddressingStyle = Core.S3AddressingStyleAuto,
+      Core.endpoint = Core.defaultEndpoint defaultService,
+      Core.timeout = Prelude.Just 70,
+      Core.check = Core.statusSuccess,
+      Core.error = Core.parseJSONError "IoT",
+      Core.retry = retry
+    }
+  where
+    retry =
+      Core.Exponential
+        { Core.base = 5.0e-2,
+          Core.growth = 2,
+          Core.attempts = 5,
+          Core.check = check
+        }
+    check e
+      | Lens.has (Core.hasStatus 502) e =
+          Prelude.Just "bad_gateway"
+      | Lens.has (Core.hasStatus 504) e =
+          Prelude.Just "gateway_timeout"
+      | Lens.has (Core.hasStatus 500) e =
+          Prelude.Just "general_server_error"
+      | Lens.has (Core.hasStatus 509) e =
+          Prelude.Just "limit_exceeded"
+      | Lens.has
+          ( Core.hasCode "RequestThrottledException"
+              Prelude.. Core.hasStatus 400
+          )
+          e =
+          Prelude.Just "request_throttled_exception"
+      | Lens.has (Core.hasStatus 503) e =
+          Prelude.Just "service_unavailable"
+      | Lens.has
+          ( Core.hasCode "ThrottledException"
+              Prelude.. Core.hasStatus 400
+          )
+          e =
+          Prelude.Just "throttled_exception"
+      | Lens.has
+          ( Core.hasCode "Throttling"
+              Prelude.. Core.hasStatus 400
+          )
+          e =
+          Prelude.Just "throttling"
+      | Lens.has
+          ( Core.hasCode "ThrottlingException"
+              Prelude.. Core.hasStatus 400
+          )
+          e =
+          Prelude.Just "throttling_exception"
+      | Lens.has
+          ( Core.hasCode
+              "ProvisionedThroughputExceededException"
+              Prelude.. Core.hasStatus 400
+          )
+          e =
+          Prelude.Just "throughput_exceeded"
+      | Lens.has (Core.hasStatus 429) e =
+          Prelude.Just "too_many_requests"
+      | Prelude.otherwise = Prelude.Nothing
+
+-- | Unable to verify the CA certificate used to sign the device certificate
+-- you are attempting to register. This is happens when you have registered
+-- more than one CA certificate that has the same subject field and public
+-- key.
+_CertificateConflictException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_CertificateConflictException =
+  Core._MatchServiceError
+    defaultService
+    "CertificateConflictException"
+    Prelude.. Core.hasStatus 409
+
+-- | The certificate operation is not allowed.
+_CertificateStateException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_CertificateStateException =
+  Core._MatchServiceError
+    defaultService
+    "CertificateStateException"
+    Prelude.. Core.hasStatus 406
+
+-- | The certificate is invalid.
+_CertificateValidationException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_CertificateValidationException =
+  Core._MatchServiceError
+    defaultService
+    "CertificateValidationException"
+    Prelude.. Core.hasStatus 400
+
+-- | A resource with the same name already exists.
+_ConflictException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_ConflictException =
+  Core._MatchServiceError
+    defaultService
+    "ConflictException"
+    Prelude.. Core.hasStatus 409
+
+-- | A conflicting resource update exception. This exception is thrown when
+-- two pending updates cause a conflict.
+_ConflictingResourceUpdateException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_ConflictingResourceUpdateException =
+  Core._MatchServiceError
+    defaultService
+    "ConflictingResourceUpdateException"
+    Prelude.. Core.hasStatus 409
+
+-- | You can\'t delete the resource because it is attached to one or more
+-- resources.
+_DeleteConflictException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_DeleteConflictException =
+  Core._MatchServiceError
+    defaultService
+    "DeleteConflictException"
+    Prelude.. Core.hasStatus 409
+
+-- | The index is not ready.
+_IndexNotReadyException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_IndexNotReadyException =
+  Core._MatchServiceError
+    defaultService
+    "IndexNotReadyException"
+    Prelude.. Core.hasStatus 400
+
+-- | An unexpected error has occurred.
+_InternalException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_InternalException =
+  Core._MatchServiceError
+    defaultService
+    "InternalException"
+    Prelude.. Core.hasStatus 500
+
+-- | An unexpected error has occurred.
+_InternalFailureException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_InternalFailureException =
+  Core._MatchServiceError
+    defaultService
+    "InternalFailureException"
+    Prelude.. Core.hasStatus 500
+
+-- | Internal error from the service that indicates an unexpected error or
+-- that the service is unavailable.
+_InternalServerException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_InternalServerException =
+  Core._MatchServiceError
+    defaultService
+    "InternalServerException"
+    Prelude.. Core.hasStatus 500
+
+-- | The aggregation is invalid.
+_InvalidAggregationException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_InvalidAggregationException =
+  Core._MatchServiceError
+    defaultService
+    "InvalidAggregationException"
+    Prelude.. Core.hasStatus 400
+
+-- | The query is invalid.
+_InvalidQueryException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_InvalidQueryException =
+  Core._MatchServiceError
+    defaultService
+    "InvalidQueryException"
+    Prelude.. Core.hasStatus 400
+
+-- | The request is not valid.
+_InvalidRequestException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_InvalidRequestException =
+  Core._MatchServiceError
+    defaultService
+    "InvalidRequestException"
+    Prelude.. Core.hasStatus 400
+
+-- | The response is invalid.
+_InvalidResponseException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_InvalidResponseException =
+  Core._MatchServiceError
+    defaultService
+    "InvalidResponseException"
+    Prelude.. Core.hasStatus 400
+
+-- | An attempt was made to change to an invalid state, for example by
+-- deleting a job or a job execution which is \"IN_PROGRESS\" without
+-- setting the @force@ parameter.
+_InvalidStateTransitionException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_InvalidStateTransitionException =
+  Core._MatchServiceError
+    defaultService
+    "InvalidStateTransitionException"
+    Prelude.. Core.hasStatus 409
+
+-- | A limit has been exceeded.
+_LimitExceededException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_LimitExceededException =
+  Core._MatchServiceError
+    defaultService
+    "LimitExceededException"
+    Prelude.. Core.hasStatus 410
+
+-- | The policy documentation is not valid.
+_MalformedPolicyException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_MalformedPolicyException =
+  Core._MatchServiceError
+    defaultService
+    "MalformedPolicyException"
+    Prelude.. Core.hasStatus 400
+
+-- | The resource is not configured.
+_NotConfiguredException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_NotConfiguredException =
+  Core._MatchServiceError
+    defaultService
+    "NotConfiguredException"
+    Prelude.. Core.hasStatus 404
+
+-- | The registration code is invalid.
+_RegistrationCodeValidationException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_RegistrationCodeValidationException =
+  Core._MatchServiceError
+    defaultService
+    "RegistrationCodeValidationException"
+    Prelude.. Core.hasStatus 400
+
+-- | The resource already exists.
+_ResourceAlreadyExistsException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_ResourceAlreadyExistsException =
+  Core._MatchServiceError
+    defaultService
+    "ResourceAlreadyExistsException"
+    Prelude.. Core.hasStatus 409
+
+-- | The specified resource does not exist.
+_ResourceNotFoundException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_ResourceNotFoundException =
+  Core._MatchServiceError
+    defaultService
+    "ResourceNotFoundException"
+    Prelude.. Core.hasStatus 404
+
+-- | The resource registration failed.
+_ResourceRegistrationFailureException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_ResourceRegistrationFailureException =
+  Core._MatchServiceError
+    defaultService
+    "ResourceRegistrationFailureException"
+    Prelude.. Core.hasStatus 400
+
+-- | The service is temporarily unavailable.
+_ServiceUnavailableException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_ServiceUnavailableException =
+  Core._MatchServiceError
+    defaultService
+    "ServiceUnavailableException"
+    Prelude.. Core.hasStatus 503
+
+-- | The Rule-SQL expression can\'t be parsed correctly.
+_SqlParseException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_SqlParseException =
+  Core._MatchServiceError
+    defaultService
+    "SqlParseException"
+    Prelude.. Core.hasStatus 400
+
+-- | This exception occurs if you attempt to start a task with the same
+-- task-id as an existing task but with a different clientRequestToken.
+_TaskAlreadyExistsException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_TaskAlreadyExistsException =
+  Core._MatchServiceError
+    defaultService
+    "TaskAlreadyExistsException"
+    Prelude.. Core.hasStatus 400
+
+-- | The rate exceeds the limit.
+_ThrottlingException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_ThrottlingException =
+  Core._MatchServiceError
+    defaultService
+    "ThrottlingException"
+    Prelude.. Core.hasStatus 400
+
+-- | You can\'t revert the certificate transfer because the transfer is
+-- already complete.
+_TransferAlreadyCompletedException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_TransferAlreadyCompletedException =
+  Core._MatchServiceError
+    defaultService
+    "TransferAlreadyCompletedException"
+    Prelude.. Core.hasStatus 410
+
+-- | You can\'t transfer the certificate because authorization policies are
+-- still attached.
+_TransferConflictException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_TransferConflictException =
+  Core._MatchServiceError
+    defaultService
+    "TransferConflictException"
+    Prelude.. Core.hasStatus 409
+
+-- | You are not authorized to perform this operation.
+_UnauthorizedException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_UnauthorizedException =
+  Core._MatchServiceError
+    defaultService
+    "UnauthorizedException"
+    Prelude.. Core.hasStatus 401
+
+-- | An exception thrown when the version of an entity specified with the
+-- @expectedVersion@ parameter does not match the latest version in the
+-- system.
+_VersionConflictException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_VersionConflictException =
+  Core._MatchServiceError
+    defaultService
+    "VersionConflictException"
+    Prelude.. Core.hasStatus 409
+
+-- | The number of policy versions exceeds the limit.
+_VersionsLimitExceededException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_VersionsLimitExceededException =
+  Core._MatchServiceError
+    defaultService
+    "VersionsLimitExceededException"
+    Prelude.. Core.hasStatus 409
diff --git a/gen/Amazonka/IoT/Types/AbortAction.hs b/gen/Amazonka/IoT/Types/AbortAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AbortAction.hs
@@ -0,0 +1,66 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AbortAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AbortAction
+  ( AbortAction
+      ( ..,
+        AbortAction_CANCEL
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype AbortAction = AbortAction'
+  { fromAbortAction ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern AbortAction_CANCEL :: AbortAction
+pattern AbortAction_CANCEL = AbortAction' "CANCEL"
+
+{-# COMPLETE
+  AbortAction_CANCEL,
+  AbortAction'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/AbortConfig.hs b/gen/Amazonka/IoT/Types/AbortConfig.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AbortConfig.hs
@@ -0,0 +1,80 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AbortConfig
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AbortConfig where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.AbortCriteria
+import qualified Amazonka.Prelude as Prelude
+
+-- | The criteria that determine when and how a job abort takes place.
+--
+-- /See:/ 'newAbortConfig' smart constructor.
+data AbortConfig = AbortConfig'
+  { -- | The list of criteria that determine when and how to abort the job.
+    criteriaList :: Prelude.NonEmpty AbortCriteria
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AbortConfig' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'criteriaList', 'abortConfig_criteriaList' - The list of criteria that determine when and how to abort the job.
+newAbortConfig ::
+  -- | 'criteriaList'
+  Prelude.NonEmpty AbortCriteria ->
+  AbortConfig
+newAbortConfig pCriteriaList_ =
+  AbortConfig'
+    { criteriaList =
+        Lens.coerced Lens.# pCriteriaList_
+    }
+
+-- | The list of criteria that determine when and how to abort the job.
+abortConfig_criteriaList :: Lens.Lens' AbortConfig (Prelude.NonEmpty AbortCriteria)
+abortConfig_criteriaList = Lens.lens (\AbortConfig' {criteriaList} -> criteriaList) (\s@AbortConfig' {} a -> s {criteriaList = a} :: AbortConfig) Prelude.. Lens.coerced
+
+instance Data.FromJSON AbortConfig where
+  parseJSON =
+    Data.withObject
+      "AbortConfig"
+      ( \x ->
+          AbortConfig' Prelude.<$> (x Data..: "criteriaList")
+      )
+
+instance Prelude.Hashable AbortConfig where
+  hashWithSalt _salt AbortConfig' {..} =
+    _salt `Prelude.hashWithSalt` criteriaList
+
+instance Prelude.NFData AbortConfig where
+  rnf AbortConfig' {..} = Prelude.rnf criteriaList
+
+instance Data.ToJSON AbortConfig where
+  toJSON AbortConfig' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [Prelude.Just ("criteriaList" Data..= criteriaList)]
+      )
diff --git a/gen/Amazonka/IoT/Types/AbortCriteria.hs b/gen/Amazonka/IoT/Types/AbortCriteria.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AbortCriteria.hs
@@ -0,0 +1,153 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AbortCriteria
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AbortCriteria where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.AbortAction
+import Amazonka.IoT.Types.JobExecutionFailureType
+import qualified Amazonka.Prelude as Prelude
+
+-- | The criteria that determine when and how a job abort takes place.
+--
+-- /See:/ 'newAbortCriteria' smart constructor.
+data AbortCriteria = AbortCriteria'
+  { -- | The type of job execution failures that can initiate a job abort.
+    failureType :: JobExecutionFailureType,
+    -- | The type of job action to take to initiate the job abort.
+    action :: AbortAction,
+    -- | The minimum percentage of job execution failures that must occur to
+    -- initiate the job abort.
+    --
+    -- Amazon Web Services IoT Core supports up to two digits after the decimal
+    -- (for example, 10.9 and 10.99, but not 10.999).
+    thresholdPercentage :: Prelude.Double,
+    -- | The minimum number of things which must receive job execution
+    -- notifications before the job can be aborted.
+    minNumberOfExecutedThings :: Prelude.Natural
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AbortCriteria' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'failureType', 'abortCriteria_failureType' - The type of job execution failures that can initiate a job abort.
+--
+-- 'action', 'abortCriteria_action' - The type of job action to take to initiate the job abort.
+--
+-- 'thresholdPercentage', 'abortCriteria_thresholdPercentage' - The minimum percentage of job execution failures that must occur to
+-- initiate the job abort.
+--
+-- Amazon Web Services IoT Core supports up to two digits after the decimal
+-- (for example, 10.9 and 10.99, but not 10.999).
+--
+-- 'minNumberOfExecutedThings', 'abortCriteria_minNumberOfExecutedThings' - The minimum number of things which must receive job execution
+-- notifications before the job can be aborted.
+newAbortCriteria ::
+  -- | 'failureType'
+  JobExecutionFailureType ->
+  -- | 'action'
+  AbortAction ->
+  -- | 'thresholdPercentage'
+  Prelude.Double ->
+  -- | 'minNumberOfExecutedThings'
+  Prelude.Natural ->
+  AbortCriteria
+newAbortCriteria
+  pFailureType_
+  pAction_
+  pThresholdPercentage_
+  pMinNumberOfExecutedThings_ =
+    AbortCriteria'
+      { failureType = pFailureType_,
+        action = pAction_,
+        thresholdPercentage = pThresholdPercentage_,
+        minNumberOfExecutedThings =
+          pMinNumberOfExecutedThings_
+      }
+
+-- | The type of job execution failures that can initiate a job abort.
+abortCriteria_failureType :: Lens.Lens' AbortCriteria JobExecutionFailureType
+abortCriteria_failureType = Lens.lens (\AbortCriteria' {failureType} -> failureType) (\s@AbortCriteria' {} a -> s {failureType = a} :: AbortCriteria)
+
+-- | The type of job action to take to initiate the job abort.
+abortCriteria_action :: Lens.Lens' AbortCriteria AbortAction
+abortCriteria_action = Lens.lens (\AbortCriteria' {action} -> action) (\s@AbortCriteria' {} a -> s {action = a} :: AbortCriteria)
+
+-- | The minimum percentage of job execution failures that must occur to
+-- initiate the job abort.
+--
+-- Amazon Web Services IoT Core supports up to two digits after the decimal
+-- (for example, 10.9 and 10.99, but not 10.999).
+abortCriteria_thresholdPercentage :: Lens.Lens' AbortCriteria Prelude.Double
+abortCriteria_thresholdPercentage = Lens.lens (\AbortCriteria' {thresholdPercentage} -> thresholdPercentage) (\s@AbortCriteria' {} a -> s {thresholdPercentage = a} :: AbortCriteria)
+
+-- | The minimum number of things which must receive job execution
+-- notifications before the job can be aborted.
+abortCriteria_minNumberOfExecutedThings :: Lens.Lens' AbortCriteria Prelude.Natural
+abortCriteria_minNumberOfExecutedThings = Lens.lens (\AbortCriteria' {minNumberOfExecutedThings} -> minNumberOfExecutedThings) (\s@AbortCriteria' {} a -> s {minNumberOfExecutedThings = a} :: AbortCriteria)
+
+instance Data.FromJSON AbortCriteria where
+  parseJSON =
+    Data.withObject
+      "AbortCriteria"
+      ( \x ->
+          AbortCriteria'
+            Prelude.<$> (x Data..: "failureType")
+            Prelude.<*> (x Data..: "action")
+            Prelude.<*> (x Data..: "thresholdPercentage")
+            Prelude.<*> (x Data..: "minNumberOfExecutedThings")
+      )
+
+instance Prelude.Hashable AbortCriteria where
+  hashWithSalt _salt AbortCriteria' {..} =
+    _salt
+      `Prelude.hashWithSalt` failureType
+      `Prelude.hashWithSalt` action
+      `Prelude.hashWithSalt` thresholdPercentage
+      `Prelude.hashWithSalt` minNumberOfExecutedThings
+
+instance Prelude.NFData AbortCriteria where
+  rnf AbortCriteria' {..} =
+    Prelude.rnf failureType
+      `Prelude.seq` Prelude.rnf action
+      `Prelude.seq` Prelude.rnf thresholdPercentage
+      `Prelude.seq` Prelude.rnf minNumberOfExecutedThings
+
+instance Data.ToJSON AbortCriteria where
+  toJSON AbortCriteria' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("failureType" Data..= failureType),
+            Prelude.Just ("action" Data..= action),
+            Prelude.Just
+              ("thresholdPercentage" Data..= thresholdPercentage),
+            Prelude.Just
+              ( "minNumberOfExecutedThings"
+                  Data..= minNumberOfExecutedThings
+              )
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/Action.hs b/gen/Amazonka/IoT/Types/Action.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/Action.hs
@@ -0,0 +1,431 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.Action
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.Action where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.CloudwatchAlarmAction
+import Amazonka.IoT.Types.CloudwatchLogsAction
+import Amazonka.IoT.Types.CloudwatchMetricAction
+import Amazonka.IoT.Types.DynamoDBAction
+import Amazonka.IoT.Types.DynamoDBv2Action
+import Amazonka.IoT.Types.ElasticsearchAction
+import Amazonka.IoT.Types.FirehoseAction
+import Amazonka.IoT.Types.HttpAction
+import Amazonka.IoT.Types.IotAnalyticsAction
+import Amazonka.IoT.Types.IotEventsAction
+import Amazonka.IoT.Types.IotSiteWiseAction
+import Amazonka.IoT.Types.KafkaAction
+import Amazonka.IoT.Types.KinesisAction
+import Amazonka.IoT.Types.LambdaAction
+import Amazonka.IoT.Types.LocationAction
+import Amazonka.IoT.Types.OpenSearchAction
+import Amazonka.IoT.Types.RepublishAction
+import Amazonka.IoT.Types.S3Action
+import Amazonka.IoT.Types.SalesforceAction
+import Amazonka.IoT.Types.SnsAction
+import Amazonka.IoT.Types.SqsAction
+import Amazonka.IoT.Types.StepFunctionsAction
+import Amazonka.IoT.Types.TimestreamAction
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes the actions associated with a rule.
+--
+-- /See:/ 'newAction' smart constructor.
+data Action = Action'
+  { -- | Change the state of a CloudWatch alarm.
+    cloudwatchAlarm :: Prelude.Maybe CloudwatchAlarmAction,
+    -- | Send data to CloudWatch Logs.
+    cloudwatchLogs :: Prelude.Maybe CloudwatchLogsAction,
+    -- | Capture a CloudWatch metric.
+    cloudwatchMetric :: Prelude.Maybe CloudwatchMetricAction,
+    -- | Write to a DynamoDB table.
+    dynamoDB :: Prelude.Maybe DynamoDBAction,
+    -- | Write to a DynamoDB table. This is a new version of the DynamoDB action.
+    -- It allows you to write each attribute in an MQTT message payload into a
+    -- separate DynamoDB column.
+    dynamoDBv2 :: Prelude.Maybe DynamoDBv2Action,
+    -- | Write data to an Amazon OpenSearch Service domain.
+    --
+    -- The @Elasticsearch@ action can only be used by existing rule actions. To
+    -- create a new rule action or to update an existing rule action, use the
+    -- @OpenSearch@ rule action instead. For more information, see
+    -- <https://docs.aws.amazon.com/iot/latest/apireference/API_OpenSearchAction.html OpenSearchAction>.
+    elasticsearch :: Prelude.Maybe ElasticsearchAction,
+    -- | Write to an Amazon Kinesis Firehose stream.
+    firehose :: Prelude.Maybe FirehoseAction,
+    -- | Send data to an HTTPS endpoint.
+    http :: Prelude.Maybe HttpAction,
+    -- | Sends message data to an IoT Analytics channel.
+    iotAnalytics :: Prelude.Maybe IotAnalyticsAction,
+    -- | Sends an input to an IoT Events detector.
+    iotEvents :: Prelude.Maybe IotEventsAction,
+    -- | Sends data from the MQTT message that triggered the rule to IoT SiteWise
+    -- asset properties.
+    iotSiteWise :: Prelude.Maybe IotSiteWiseAction,
+    -- | Send messages to an Amazon Managed Streaming for Apache Kafka (Amazon
+    -- MSK) or self-managed Apache Kafka cluster.
+    kafka :: Prelude.Maybe KafkaAction,
+    -- | Write data to an Amazon Kinesis stream.
+    kinesis :: Prelude.Maybe KinesisAction,
+    -- | Invoke a Lambda function.
+    lambda :: Prelude.Maybe LambdaAction,
+    -- | The Amazon Location Service rule action sends device location updates
+    -- from an MQTT message to an Amazon Location tracker resource.
+    location :: Prelude.Maybe LocationAction,
+    -- | Write data to an Amazon OpenSearch Service domain.
+    openSearch :: Prelude.Maybe OpenSearchAction,
+    -- | Publish to another MQTT topic.
+    republish :: Prelude.Maybe RepublishAction,
+    -- | Write to an Amazon S3 bucket.
+    s3 :: Prelude.Maybe S3Action,
+    -- | Send a message to a Salesforce IoT Cloud Input Stream.
+    salesforce :: Prelude.Maybe SalesforceAction,
+    -- | Publish to an Amazon SNS topic.
+    sns :: Prelude.Maybe SnsAction,
+    -- | Publish to an Amazon SQS queue.
+    sqs :: Prelude.Maybe SqsAction,
+    -- | Starts execution of a Step Functions state machine.
+    stepFunctions :: Prelude.Maybe StepFunctionsAction,
+    -- | The Timestream rule action writes attributes (measures) from an MQTT
+    -- message into an Amazon Timestream table. For more information, see the
+    -- <https://docs.aws.amazon.com/iot/latest/developerguide/timestream-rule-action.html Timestream>
+    -- topic rule action documentation.
+    timestream :: Prelude.Maybe TimestreamAction
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'Action' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'cloudwatchAlarm', 'action_cloudwatchAlarm' - Change the state of a CloudWatch alarm.
+--
+-- 'cloudwatchLogs', 'action_cloudwatchLogs' - Send data to CloudWatch Logs.
+--
+-- 'cloudwatchMetric', 'action_cloudwatchMetric' - Capture a CloudWatch metric.
+--
+-- 'dynamoDB', 'action_dynamoDB' - Write to a DynamoDB table.
+--
+-- 'dynamoDBv2', 'action_dynamoDBv2' - Write to a DynamoDB table. This is a new version of the DynamoDB action.
+-- It allows you to write each attribute in an MQTT message payload into a
+-- separate DynamoDB column.
+--
+-- 'elasticsearch', 'action_elasticsearch' - Write data to an Amazon OpenSearch Service domain.
+--
+-- The @Elasticsearch@ action can only be used by existing rule actions. To
+-- create a new rule action or to update an existing rule action, use the
+-- @OpenSearch@ rule action instead. For more information, see
+-- <https://docs.aws.amazon.com/iot/latest/apireference/API_OpenSearchAction.html OpenSearchAction>.
+--
+-- 'firehose', 'action_firehose' - Write to an Amazon Kinesis Firehose stream.
+--
+-- 'http', 'action_http' - Send data to an HTTPS endpoint.
+--
+-- 'iotAnalytics', 'action_iotAnalytics' - Sends message data to an IoT Analytics channel.
+--
+-- 'iotEvents', 'action_iotEvents' - Sends an input to an IoT Events detector.
+--
+-- 'iotSiteWise', 'action_iotSiteWise' - Sends data from the MQTT message that triggered the rule to IoT SiteWise
+-- asset properties.
+--
+-- 'kafka', 'action_kafka' - Send messages to an Amazon Managed Streaming for Apache Kafka (Amazon
+-- MSK) or self-managed Apache Kafka cluster.
+--
+-- 'kinesis', 'action_kinesis' - Write data to an Amazon Kinesis stream.
+--
+-- 'lambda', 'action_lambda' - Invoke a Lambda function.
+--
+-- 'location', 'action_location' - The Amazon Location Service rule action sends device location updates
+-- from an MQTT message to an Amazon Location tracker resource.
+--
+-- 'openSearch', 'action_openSearch' - Write data to an Amazon OpenSearch Service domain.
+--
+-- 'republish', 'action_republish' - Publish to another MQTT topic.
+--
+-- 's3', 'action_s3' - Write to an Amazon S3 bucket.
+--
+-- 'salesforce', 'action_salesforce' - Send a message to a Salesforce IoT Cloud Input Stream.
+--
+-- 'sns', 'action_sns' - Publish to an Amazon SNS topic.
+--
+-- 'sqs', 'action_sqs' - Publish to an Amazon SQS queue.
+--
+-- 'stepFunctions', 'action_stepFunctions' - Starts execution of a Step Functions state machine.
+--
+-- 'timestream', 'action_timestream' - The Timestream rule action writes attributes (measures) from an MQTT
+-- message into an Amazon Timestream table. For more information, see the
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/timestream-rule-action.html Timestream>
+-- topic rule action documentation.
+newAction ::
+  Action
+newAction =
+  Action'
+    { cloudwatchAlarm = Prelude.Nothing,
+      cloudwatchLogs = Prelude.Nothing,
+      cloudwatchMetric = Prelude.Nothing,
+      dynamoDB = Prelude.Nothing,
+      dynamoDBv2 = Prelude.Nothing,
+      elasticsearch = Prelude.Nothing,
+      firehose = Prelude.Nothing,
+      http = Prelude.Nothing,
+      iotAnalytics = Prelude.Nothing,
+      iotEvents = Prelude.Nothing,
+      iotSiteWise = Prelude.Nothing,
+      kafka = Prelude.Nothing,
+      kinesis = Prelude.Nothing,
+      lambda = Prelude.Nothing,
+      location = Prelude.Nothing,
+      openSearch = Prelude.Nothing,
+      republish = Prelude.Nothing,
+      s3 = Prelude.Nothing,
+      salesforce = Prelude.Nothing,
+      sns = Prelude.Nothing,
+      sqs = Prelude.Nothing,
+      stepFunctions = Prelude.Nothing,
+      timestream = Prelude.Nothing
+    }
+
+-- | Change the state of a CloudWatch alarm.
+action_cloudwatchAlarm :: Lens.Lens' Action (Prelude.Maybe CloudwatchAlarmAction)
+action_cloudwatchAlarm = Lens.lens (\Action' {cloudwatchAlarm} -> cloudwatchAlarm) (\s@Action' {} a -> s {cloudwatchAlarm = a} :: Action)
+
+-- | Send data to CloudWatch Logs.
+action_cloudwatchLogs :: Lens.Lens' Action (Prelude.Maybe CloudwatchLogsAction)
+action_cloudwatchLogs = Lens.lens (\Action' {cloudwatchLogs} -> cloudwatchLogs) (\s@Action' {} a -> s {cloudwatchLogs = a} :: Action)
+
+-- | Capture a CloudWatch metric.
+action_cloudwatchMetric :: Lens.Lens' Action (Prelude.Maybe CloudwatchMetricAction)
+action_cloudwatchMetric = Lens.lens (\Action' {cloudwatchMetric} -> cloudwatchMetric) (\s@Action' {} a -> s {cloudwatchMetric = a} :: Action)
+
+-- | Write to a DynamoDB table.
+action_dynamoDB :: Lens.Lens' Action (Prelude.Maybe DynamoDBAction)
+action_dynamoDB = Lens.lens (\Action' {dynamoDB} -> dynamoDB) (\s@Action' {} a -> s {dynamoDB = a} :: Action)
+
+-- | Write to a DynamoDB table. This is a new version of the DynamoDB action.
+-- It allows you to write each attribute in an MQTT message payload into a
+-- separate DynamoDB column.
+action_dynamoDBv2 :: Lens.Lens' Action (Prelude.Maybe DynamoDBv2Action)
+action_dynamoDBv2 = Lens.lens (\Action' {dynamoDBv2} -> dynamoDBv2) (\s@Action' {} a -> s {dynamoDBv2 = a} :: Action)
+
+-- | Write data to an Amazon OpenSearch Service domain.
+--
+-- The @Elasticsearch@ action can only be used by existing rule actions. To
+-- create a new rule action or to update an existing rule action, use the
+-- @OpenSearch@ rule action instead. For more information, see
+-- <https://docs.aws.amazon.com/iot/latest/apireference/API_OpenSearchAction.html OpenSearchAction>.
+action_elasticsearch :: Lens.Lens' Action (Prelude.Maybe ElasticsearchAction)
+action_elasticsearch = Lens.lens (\Action' {elasticsearch} -> elasticsearch) (\s@Action' {} a -> s {elasticsearch = a} :: Action)
+
+-- | Write to an Amazon Kinesis Firehose stream.
+action_firehose :: Lens.Lens' Action (Prelude.Maybe FirehoseAction)
+action_firehose = Lens.lens (\Action' {firehose} -> firehose) (\s@Action' {} a -> s {firehose = a} :: Action)
+
+-- | Send data to an HTTPS endpoint.
+action_http :: Lens.Lens' Action (Prelude.Maybe HttpAction)
+action_http = Lens.lens (\Action' {http} -> http) (\s@Action' {} a -> s {http = a} :: Action)
+
+-- | Sends message data to an IoT Analytics channel.
+action_iotAnalytics :: Lens.Lens' Action (Prelude.Maybe IotAnalyticsAction)
+action_iotAnalytics = Lens.lens (\Action' {iotAnalytics} -> iotAnalytics) (\s@Action' {} a -> s {iotAnalytics = a} :: Action)
+
+-- | Sends an input to an IoT Events detector.
+action_iotEvents :: Lens.Lens' Action (Prelude.Maybe IotEventsAction)
+action_iotEvents = Lens.lens (\Action' {iotEvents} -> iotEvents) (\s@Action' {} a -> s {iotEvents = a} :: Action)
+
+-- | Sends data from the MQTT message that triggered the rule to IoT SiteWise
+-- asset properties.
+action_iotSiteWise :: Lens.Lens' Action (Prelude.Maybe IotSiteWiseAction)
+action_iotSiteWise = Lens.lens (\Action' {iotSiteWise} -> iotSiteWise) (\s@Action' {} a -> s {iotSiteWise = a} :: Action)
+
+-- | Send messages to an Amazon Managed Streaming for Apache Kafka (Amazon
+-- MSK) or self-managed Apache Kafka cluster.
+action_kafka :: Lens.Lens' Action (Prelude.Maybe KafkaAction)
+action_kafka = Lens.lens (\Action' {kafka} -> kafka) (\s@Action' {} a -> s {kafka = a} :: Action)
+
+-- | Write data to an Amazon Kinesis stream.
+action_kinesis :: Lens.Lens' Action (Prelude.Maybe KinesisAction)
+action_kinesis = Lens.lens (\Action' {kinesis} -> kinesis) (\s@Action' {} a -> s {kinesis = a} :: Action)
+
+-- | Invoke a Lambda function.
+action_lambda :: Lens.Lens' Action (Prelude.Maybe LambdaAction)
+action_lambda = Lens.lens (\Action' {lambda} -> lambda) (\s@Action' {} a -> s {lambda = a} :: Action)
+
+-- | The Amazon Location Service rule action sends device location updates
+-- from an MQTT message to an Amazon Location tracker resource.
+action_location :: Lens.Lens' Action (Prelude.Maybe LocationAction)
+action_location = Lens.lens (\Action' {location} -> location) (\s@Action' {} a -> s {location = a} :: Action)
+
+-- | Write data to an Amazon OpenSearch Service domain.
+action_openSearch :: Lens.Lens' Action (Prelude.Maybe OpenSearchAction)
+action_openSearch = Lens.lens (\Action' {openSearch} -> openSearch) (\s@Action' {} a -> s {openSearch = a} :: Action)
+
+-- | Publish to another MQTT topic.
+action_republish :: Lens.Lens' Action (Prelude.Maybe RepublishAction)
+action_republish = Lens.lens (\Action' {republish} -> republish) (\s@Action' {} a -> s {republish = a} :: Action)
+
+-- | Write to an Amazon S3 bucket.
+action_s3 :: Lens.Lens' Action (Prelude.Maybe S3Action)
+action_s3 = Lens.lens (\Action' {s3} -> s3) (\s@Action' {} a -> s {s3 = a} :: Action)
+
+-- | Send a message to a Salesforce IoT Cloud Input Stream.
+action_salesforce :: Lens.Lens' Action (Prelude.Maybe SalesforceAction)
+action_salesforce = Lens.lens (\Action' {salesforce} -> salesforce) (\s@Action' {} a -> s {salesforce = a} :: Action)
+
+-- | Publish to an Amazon SNS topic.
+action_sns :: Lens.Lens' Action (Prelude.Maybe SnsAction)
+action_sns = Lens.lens (\Action' {sns} -> sns) (\s@Action' {} a -> s {sns = a} :: Action)
+
+-- | Publish to an Amazon SQS queue.
+action_sqs :: Lens.Lens' Action (Prelude.Maybe SqsAction)
+action_sqs = Lens.lens (\Action' {sqs} -> sqs) (\s@Action' {} a -> s {sqs = a} :: Action)
+
+-- | Starts execution of a Step Functions state machine.
+action_stepFunctions :: Lens.Lens' Action (Prelude.Maybe StepFunctionsAction)
+action_stepFunctions = Lens.lens (\Action' {stepFunctions} -> stepFunctions) (\s@Action' {} a -> s {stepFunctions = a} :: Action)
+
+-- | The Timestream rule action writes attributes (measures) from an MQTT
+-- message into an Amazon Timestream table. For more information, see the
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/timestream-rule-action.html Timestream>
+-- topic rule action documentation.
+action_timestream :: Lens.Lens' Action (Prelude.Maybe TimestreamAction)
+action_timestream = Lens.lens (\Action' {timestream} -> timestream) (\s@Action' {} a -> s {timestream = a} :: Action)
+
+instance Data.FromJSON Action where
+  parseJSON =
+    Data.withObject
+      "Action"
+      ( \x ->
+          Action'
+            Prelude.<$> (x Data..:? "cloudwatchAlarm")
+            Prelude.<*> (x Data..:? "cloudwatchLogs")
+            Prelude.<*> (x Data..:? "cloudwatchMetric")
+            Prelude.<*> (x Data..:? "dynamoDB")
+            Prelude.<*> (x Data..:? "dynamoDBv2")
+            Prelude.<*> (x Data..:? "elasticsearch")
+            Prelude.<*> (x Data..:? "firehose")
+            Prelude.<*> (x Data..:? "http")
+            Prelude.<*> (x Data..:? "iotAnalytics")
+            Prelude.<*> (x Data..:? "iotEvents")
+            Prelude.<*> (x Data..:? "iotSiteWise")
+            Prelude.<*> (x Data..:? "kafka")
+            Prelude.<*> (x Data..:? "kinesis")
+            Prelude.<*> (x Data..:? "lambda")
+            Prelude.<*> (x Data..:? "location")
+            Prelude.<*> (x Data..:? "openSearch")
+            Prelude.<*> (x Data..:? "republish")
+            Prelude.<*> (x Data..:? "s3")
+            Prelude.<*> (x Data..:? "salesforce")
+            Prelude.<*> (x Data..:? "sns")
+            Prelude.<*> (x Data..:? "sqs")
+            Prelude.<*> (x Data..:? "stepFunctions")
+            Prelude.<*> (x Data..:? "timestream")
+      )
+
+instance Prelude.Hashable Action where
+  hashWithSalt _salt Action' {..} =
+    _salt
+      `Prelude.hashWithSalt` cloudwatchAlarm
+      `Prelude.hashWithSalt` cloudwatchLogs
+      `Prelude.hashWithSalt` cloudwatchMetric
+      `Prelude.hashWithSalt` dynamoDB
+      `Prelude.hashWithSalt` dynamoDBv2
+      `Prelude.hashWithSalt` elasticsearch
+      `Prelude.hashWithSalt` firehose
+      `Prelude.hashWithSalt` http
+      `Prelude.hashWithSalt` iotAnalytics
+      `Prelude.hashWithSalt` iotEvents
+      `Prelude.hashWithSalt` iotSiteWise
+      `Prelude.hashWithSalt` kafka
+      `Prelude.hashWithSalt` kinesis
+      `Prelude.hashWithSalt` lambda
+      `Prelude.hashWithSalt` location
+      `Prelude.hashWithSalt` openSearch
+      `Prelude.hashWithSalt` republish
+      `Prelude.hashWithSalt` s3
+      `Prelude.hashWithSalt` salesforce
+      `Prelude.hashWithSalt` sns
+      `Prelude.hashWithSalt` sqs
+      `Prelude.hashWithSalt` stepFunctions
+      `Prelude.hashWithSalt` timestream
+
+instance Prelude.NFData Action where
+  rnf Action' {..} =
+    Prelude.rnf cloudwatchAlarm
+      `Prelude.seq` Prelude.rnf cloudwatchLogs
+      `Prelude.seq` Prelude.rnf cloudwatchMetric
+      `Prelude.seq` Prelude.rnf dynamoDB
+      `Prelude.seq` Prelude.rnf dynamoDBv2
+      `Prelude.seq` Prelude.rnf elasticsearch
+      `Prelude.seq` Prelude.rnf firehose
+      `Prelude.seq` Prelude.rnf http
+      `Prelude.seq` Prelude.rnf iotAnalytics
+      `Prelude.seq` Prelude.rnf iotEvents
+      `Prelude.seq` Prelude.rnf iotSiteWise
+      `Prelude.seq` Prelude.rnf kafka
+      `Prelude.seq` Prelude.rnf kinesis
+      `Prelude.seq` Prelude.rnf lambda
+      `Prelude.seq` Prelude.rnf location
+      `Prelude.seq` Prelude.rnf openSearch
+      `Prelude.seq` Prelude.rnf republish
+      `Prelude.seq` Prelude.rnf s3
+      `Prelude.seq` Prelude.rnf salesforce
+      `Prelude.seq` Prelude.rnf sns
+      `Prelude.seq` Prelude.rnf sqs
+      `Prelude.seq` Prelude.rnf stepFunctions
+      `Prelude.seq` Prelude.rnf timestream
+
+instance Data.ToJSON Action where
+  toJSON Action' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("cloudwatchAlarm" Data..=)
+              Prelude.<$> cloudwatchAlarm,
+            ("cloudwatchLogs" Data..=)
+              Prelude.<$> cloudwatchLogs,
+            ("cloudwatchMetric" Data..=)
+              Prelude.<$> cloudwatchMetric,
+            ("dynamoDB" Data..=) Prelude.<$> dynamoDB,
+            ("dynamoDBv2" Data..=) Prelude.<$> dynamoDBv2,
+            ("elasticsearch" Data..=) Prelude.<$> elasticsearch,
+            ("firehose" Data..=) Prelude.<$> firehose,
+            ("http" Data..=) Prelude.<$> http,
+            ("iotAnalytics" Data..=) Prelude.<$> iotAnalytics,
+            ("iotEvents" Data..=) Prelude.<$> iotEvents,
+            ("iotSiteWise" Data..=) Prelude.<$> iotSiteWise,
+            ("kafka" Data..=) Prelude.<$> kafka,
+            ("kinesis" Data..=) Prelude.<$> kinesis,
+            ("lambda" Data..=) Prelude.<$> lambda,
+            ("location" Data..=) Prelude.<$> location,
+            ("openSearch" Data..=) Prelude.<$> openSearch,
+            ("republish" Data..=) Prelude.<$> republish,
+            ("s3" Data..=) Prelude.<$> s3,
+            ("salesforce" Data..=) Prelude.<$> salesforce,
+            ("sns" Data..=) Prelude.<$> sns,
+            ("sqs" Data..=) Prelude.<$> sqs,
+            ("stepFunctions" Data..=) Prelude.<$> stepFunctions,
+            ("timestream" Data..=) Prelude.<$> timestream
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/ActionType.hs b/gen/Amazonka/IoT/Types/ActionType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ActionType.hs
@@ -0,0 +1,81 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ActionType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ActionType
+  ( ActionType
+      ( ..,
+        ActionType_CONNECT,
+        ActionType_PUBLISH,
+        ActionType_RECEIVE,
+        ActionType_SUBSCRIBE
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype ActionType = ActionType'
+  { fromActionType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern ActionType_CONNECT :: ActionType
+pattern ActionType_CONNECT = ActionType' "CONNECT"
+
+pattern ActionType_PUBLISH :: ActionType
+pattern ActionType_PUBLISH = ActionType' "PUBLISH"
+
+pattern ActionType_RECEIVE :: ActionType
+pattern ActionType_RECEIVE = ActionType' "RECEIVE"
+
+pattern ActionType_SUBSCRIBE :: ActionType
+pattern ActionType_SUBSCRIBE = ActionType' "SUBSCRIBE"
+
+{-# COMPLETE
+  ActionType_CONNECT,
+  ActionType_PUBLISH,
+  ActionType_RECEIVE,
+  ActionType_SUBSCRIBE,
+  ActionType'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/ActiveViolation.hs b/gen/Amazonka/IoT/Types/ActiveViolation.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ActiveViolation.hs
@@ -0,0 +1,188 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ActiveViolation
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ActiveViolation where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.Behavior
+import Amazonka.IoT.Types.MetricValue
+import Amazonka.IoT.Types.VerificationState
+import Amazonka.IoT.Types.ViolationEventAdditionalInfo
+import qualified Amazonka.Prelude as Prelude
+
+-- | Information about an active Device Defender security profile behavior
+-- violation.
+--
+-- /See:/ 'newActiveViolation' smart constructor.
+data ActiveViolation = ActiveViolation'
+  { -- | The behavior that is being violated.
+    behavior :: Prelude.Maybe Behavior,
+    -- | The time the most recent violation occurred.
+    lastViolationTime :: Prelude.Maybe Data.POSIX,
+    -- | The value of the metric (the measurement) that caused the most recent
+    -- violation.
+    lastViolationValue :: Prelude.Maybe MetricValue,
+    -- | The security profile with the behavior is in violation.
+    securityProfileName :: Prelude.Maybe Prelude.Text,
+    -- | The name of the thing responsible for the active violation.
+    thingName :: Prelude.Maybe Prelude.Text,
+    -- | The verification state of the violation (detect alarm).
+    verificationState :: Prelude.Maybe VerificationState,
+    -- | The description of the verification state of the violation.
+    verificationStateDescription :: Prelude.Maybe Prelude.Text,
+    -- | The details of a violation event.
+    violationEventAdditionalInfo :: Prelude.Maybe ViolationEventAdditionalInfo,
+    -- | The ID of the active violation.
+    violationId :: Prelude.Maybe Prelude.Text,
+    -- | The time the violation started.
+    violationStartTime :: Prelude.Maybe Data.POSIX
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ActiveViolation' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'behavior', 'activeViolation_behavior' - The behavior that is being violated.
+--
+-- 'lastViolationTime', 'activeViolation_lastViolationTime' - The time the most recent violation occurred.
+--
+-- 'lastViolationValue', 'activeViolation_lastViolationValue' - The value of the metric (the measurement) that caused the most recent
+-- violation.
+--
+-- 'securityProfileName', 'activeViolation_securityProfileName' - The security profile with the behavior is in violation.
+--
+-- 'thingName', 'activeViolation_thingName' - The name of the thing responsible for the active violation.
+--
+-- 'verificationState', 'activeViolation_verificationState' - The verification state of the violation (detect alarm).
+--
+-- 'verificationStateDescription', 'activeViolation_verificationStateDescription' - The description of the verification state of the violation.
+--
+-- 'violationEventAdditionalInfo', 'activeViolation_violationEventAdditionalInfo' - The details of a violation event.
+--
+-- 'violationId', 'activeViolation_violationId' - The ID of the active violation.
+--
+-- 'violationStartTime', 'activeViolation_violationStartTime' - The time the violation started.
+newActiveViolation ::
+  ActiveViolation
+newActiveViolation =
+  ActiveViolation'
+    { behavior = Prelude.Nothing,
+      lastViolationTime = Prelude.Nothing,
+      lastViolationValue = Prelude.Nothing,
+      securityProfileName = Prelude.Nothing,
+      thingName = Prelude.Nothing,
+      verificationState = Prelude.Nothing,
+      verificationStateDescription = Prelude.Nothing,
+      violationEventAdditionalInfo = Prelude.Nothing,
+      violationId = Prelude.Nothing,
+      violationStartTime = Prelude.Nothing
+    }
+
+-- | The behavior that is being violated.
+activeViolation_behavior :: Lens.Lens' ActiveViolation (Prelude.Maybe Behavior)
+activeViolation_behavior = Lens.lens (\ActiveViolation' {behavior} -> behavior) (\s@ActiveViolation' {} a -> s {behavior = a} :: ActiveViolation)
+
+-- | The time the most recent violation occurred.
+activeViolation_lastViolationTime :: Lens.Lens' ActiveViolation (Prelude.Maybe Prelude.UTCTime)
+activeViolation_lastViolationTime = Lens.lens (\ActiveViolation' {lastViolationTime} -> lastViolationTime) (\s@ActiveViolation' {} a -> s {lastViolationTime = a} :: ActiveViolation) Prelude.. Lens.mapping Data._Time
+
+-- | The value of the metric (the measurement) that caused the most recent
+-- violation.
+activeViolation_lastViolationValue :: Lens.Lens' ActiveViolation (Prelude.Maybe MetricValue)
+activeViolation_lastViolationValue = Lens.lens (\ActiveViolation' {lastViolationValue} -> lastViolationValue) (\s@ActiveViolation' {} a -> s {lastViolationValue = a} :: ActiveViolation)
+
+-- | The security profile with the behavior is in violation.
+activeViolation_securityProfileName :: Lens.Lens' ActiveViolation (Prelude.Maybe Prelude.Text)
+activeViolation_securityProfileName = Lens.lens (\ActiveViolation' {securityProfileName} -> securityProfileName) (\s@ActiveViolation' {} a -> s {securityProfileName = a} :: ActiveViolation)
+
+-- | The name of the thing responsible for the active violation.
+activeViolation_thingName :: Lens.Lens' ActiveViolation (Prelude.Maybe Prelude.Text)
+activeViolation_thingName = Lens.lens (\ActiveViolation' {thingName} -> thingName) (\s@ActiveViolation' {} a -> s {thingName = a} :: ActiveViolation)
+
+-- | The verification state of the violation (detect alarm).
+activeViolation_verificationState :: Lens.Lens' ActiveViolation (Prelude.Maybe VerificationState)
+activeViolation_verificationState = Lens.lens (\ActiveViolation' {verificationState} -> verificationState) (\s@ActiveViolation' {} a -> s {verificationState = a} :: ActiveViolation)
+
+-- | The description of the verification state of the violation.
+activeViolation_verificationStateDescription :: Lens.Lens' ActiveViolation (Prelude.Maybe Prelude.Text)
+activeViolation_verificationStateDescription = Lens.lens (\ActiveViolation' {verificationStateDescription} -> verificationStateDescription) (\s@ActiveViolation' {} a -> s {verificationStateDescription = a} :: ActiveViolation)
+
+-- | The details of a violation event.
+activeViolation_violationEventAdditionalInfo :: Lens.Lens' ActiveViolation (Prelude.Maybe ViolationEventAdditionalInfo)
+activeViolation_violationEventAdditionalInfo = Lens.lens (\ActiveViolation' {violationEventAdditionalInfo} -> violationEventAdditionalInfo) (\s@ActiveViolation' {} a -> s {violationEventAdditionalInfo = a} :: ActiveViolation)
+
+-- | The ID of the active violation.
+activeViolation_violationId :: Lens.Lens' ActiveViolation (Prelude.Maybe Prelude.Text)
+activeViolation_violationId = Lens.lens (\ActiveViolation' {violationId} -> violationId) (\s@ActiveViolation' {} a -> s {violationId = a} :: ActiveViolation)
+
+-- | The time the violation started.
+activeViolation_violationStartTime :: Lens.Lens' ActiveViolation (Prelude.Maybe Prelude.UTCTime)
+activeViolation_violationStartTime = Lens.lens (\ActiveViolation' {violationStartTime} -> violationStartTime) (\s@ActiveViolation' {} a -> s {violationStartTime = a} :: ActiveViolation) Prelude.. Lens.mapping Data._Time
+
+instance Data.FromJSON ActiveViolation where
+  parseJSON =
+    Data.withObject
+      "ActiveViolation"
+      ( \x ->
+          ActiveViolation'
+            Prelude.<$> (x Data..:? "behavior")
+            Prelude.<*> (x Data..:? "lastViolationTime")
+            Prelude.<*> (x Data..:? "lastViolationValue")
+            Prelude.<*> (x Data..:? "securityProfileName")
+            Prelude.<*> (x Data..:? "thingName")
+            Prelude.<*> (x Data..:? "verificationState")
+            Prelude.<*> (x Data..:? "verificationStateDescription")
+            Prelude.<*> (x Data..:? "violationEventAdditionalInfo")
+            Prelude.<*> (x Data..:? "violationId")
+            Prelude.<*> (x Data..:? "violationStartTime")
+      )
+
+instance Prelude.Hashable ActiveViolation where
+  hashWithSalt _salt ActiveViolation' {..} =
+    _salt
+      `Prelude.hashWithSalt` behavior
+      `Prelude.hashWithSalt` lastViolationTime
+      `Prelude.hashWithSalt` lastViolationValue
+      `Prelude.hashWithSalt` securityProfileName
+      `Prelude.hashWithSalt` thingName
+      `Prelude.hashWithSalt` verificationState
+      `Prelude.hashWithSalt` verificationStateDescription
+      `Prelude.hashWithSalt` violationEventAdditionalInfo
+      `Prelude.hashWithSalt` violationId
+      `Prelude.hashWithSalt` violationStartTime
+
+instance Prelude.NFData ActiveViolation where
+  rnf ActiveViolation' {..} =
+    Prelude.rnf behavior
+      `Prelude.seq` Prelude.rnf lastViolationTime
+      `Prelude.seq` Prelude.rnf lastViolationValue
+      `Prelude.seq` Prelude.rnf securityProfileName
+      `Prelude.seq` Prelude.rnf thingName
+      `Prelude.seq` Prelude.rnf verificationState
+      `Prelude.seq` Prelude.rnf verificationStateDescription
+      `Prelude.seq` Prelude.rnf violationEventAdditionalInfo
+      `Prelude.seq` Prelude.rnf violationId
+      `Prelude.seq` Prelude.rnf violationStartTime
diff --git a/gen/Amazonka/IoT/Types/AddThingsToThingGroupParams.hs b/gen/Amazonka/IoT/Types/AddThingsToThingGroupParams.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AddThingsToThingGroupParams.hs
@@ -0,0 +1,112 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AddThingsToThingGroupParams
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AddThingsToThingGroupParams where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Parameters used when defining a mitigation action that move a set of
+-- things to a thing group.
+--
+-- /See:/ 'newAddThingsToThingGroupParams' smart constructor.
+data AddThingsToThingGroupParams = AddThingsToThingGroupParams'
+  { -- | Specifies if this mitigation action can move the things that triggered
+    -- the mitigation action even if they are part of one or more dynamic thing
+    -- groups.
+    overrideDynamicGroups :: Prelude.Maybe Prelude.Bool,
+    -- | The list of groups to which you want to add the things that triggered
+    -- the mitigation action. You can add a thing to a maximum of 10 groups,
+    -- but you can\'t add a thing to more than one group in the same hierarchy.
+    thingGroupNames :: Prelude.NonEmpty Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AddThingsToThingGroupParams' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'overrideDynamicGroups', 'addThingsToThingGroupParams_overrideDynamicGroups' - Specifies if this mitigation action can move the things that triggered
+-- the mitigation action even if they are part of one or more dynamic thing
+-- groups.
+--
+-- 'thingGroupNames', 'addThingsToThingGroupParams_thingGroupNames' - The list of groups to which you want to add the things that triggered
+-- the mitigation action. You can add a thing to a maximum of 10 groups,
+-- but you can\'t add a thing to more than one group in the same hierarchy.
+newAddThingsToThingGroupParams ::
+  -- | 'thingGroupNames'
+  Prelude.NonEmpty Prelude.Text ->
+  AddThingsToThingGroupParams
+newAddThingsToThingGroupParams pThingGroupNames_ =
+  AddThingsToThingGroupParams'
+    { overrideDynamicGroups =
+        Prelude.Nothing,
+      thingGroupNames =
+        Lens.coerced Lens.# pThingGroupNames_
+    }
+
+-- | Specifies if this mitigation action can move the things that triggered
+-- the mitigation action even if they are part of one or more dynamic thing
+-- groups.
+addThingsToThingGroupParams_overrideDynamicGroups :: Lens.Lens' AddThingsToThingGroupParams (Prelude.Maybe Prelude.Bool)
+addThingsToThingGroupParams_overrideDynamicGroups = Lens.lens (\AddThingsToThingGroupParams' {overrideDynamicGroups} -> overrideDynamicGroups) (\s@AddThingsToThingGroupParams' {} a -> s {overrideDynamicGroups = a} :: AddThingsToThingGroupParams)
+
+-- | The list of groups to which you want to add the things that triggered
+-- the mitigation action. You can add a thing to a maximum of 10 groups,
+-- but you can\'t add a thing to more than one group in the same hierarchy.
+addThingsToThingGroupParams_thingGroupNames :: Lens.Lens' AddThingsToThingGroupParams (Prelude.NonEmpty Prelude.Text)
+addThingsToThingGroupParams_thingGroupNames = Lens.lens (\AddThingsToThingGroupParams' {thingGroupNames} -> thingGroupNames) (\s@AddThingsToThingGroupParams' {} a -> s {thingGroupNames = a} :: AddThingsToThingGroupParams) Prelude.. Lens.coerced
+
+instance Data.FromJSON AddThingsToThingGroupParams where
+  parseJSON =
+    Data.withObject
+      "AddThingsToThingGroupParams"
+      ( \x ->
+          AddThingsToThingGroupParams'
+            Prelude.<$> (x Data..:? "overrideDynamicGroups")
+            Prelude.<*> (x Data..: "thingGroupNames")
+      )
+
+instance Prelude.Hashable AddThingsToThingGroupParams where
+  hashWithSalt _salt AddThingsToThingGroupParams' {..} =
+    _salt
+      `Prelude.hashWithSalt` overrideDynamicGroups
+      `Prelude.hashWithSalt` thingGroupNames
+
+instance Prelude.NFData AddThingsToThingGroupParams where
+  rnf AddThingsToThingGroupParams' {..} =
+    Prelude.rnf overrideDynamicGroups
+      `Prelude.seq` Prelude.rnf thingGroupNames
+
+instance Data.ToJSON AddThingsToThingGroupParams where
+  toJSON AddThingsToThingGroupParams' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("overrideDynamicGroups" Data..=)
+              Prelude.<$> overrideDynamicGroups,
+            Prelude.Just
+              ("thingGroupNames" Data..= thingGroupNames)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/AggregationType.hs b/gen/Amazonka/IoT/Types/AggregationType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AggregationType.hs
@@ -0,0 +1,95 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AggregationType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AggregationType where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.AggregationTypeName
+import qualified Amazonka.Prelude as Prelude
+
+-- | The type of aggregation queries.
+--
+-- /See:/ 'newAggregationType' smart constructor.
+data AggregationType = AggregationType'
+  { -- | A list of the values of aggregation types.
+    values :: Prelude.Maybe [Prelude.Text],
+    -- | The name of the aggregation type.
+    name :: AggregationTypeName
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AggregationType' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'values', 'aggregationType_values' - A list of the values of aggregation types.
+--
+-- 'name', 'aggregationType_name' - The name of the aggregation type.
+newAggregationType ::
+  -- | 'name'
+  AggregationTypeName ->
+  AggregationType
+newAggregationType pName_ =
+  AggregationType'
+    { values = Prelude.Nothing,
+      name = pName_
+    }
+
+-- | A list of the values of aggregation types.
+aggregationType_values :: Lens.Lens' AggregationType (Prelude.Maybe [Prelude.Text])
+aggregationType_values = Lens.lens (\AggregationType' {values} -> values) (\s@AggregationType' {} a -> s {values = a} :: AggregationType) Prelude.. Lens.mapping Lens.coerced
+
+-- | The name of the aggregation type.
+aggregationType_name :: Lens.Lens' AggregationType AggregationTypeName
+aggregationType_name = Lens.lens (\AggregationType' {name} -> name) (\s@AggregationType' {} a -> s {name = a} :: AggregationType)
+
+instance Data.FromJSON AggregationType where
+  parseJSON =
+    Data.withObject
+      "AggregationType"
+      ( \x ->
+          AggregationType'
+            Prelude.<$> (x Data..:? "values" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..: "name")
+      )
+
+instance Prelude.Hashable AggregationType where
+  hashWithSalt _salt AggregationType' {..} =
+    _salt
+      `Prelude.hashWithSalt` values
+      `Prelude.hashWithSalt` name
+
+instance Prelude.NFData AggregationType where
+  rnf AggregationType' {..} =
+    Prelude.rnf values `Prelude.seq` Prelude.rnf name
+
+instance Data.ToJSON AggregationType where
+  toJSON AggregationType' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("values" Data..=) Prelude.<$> values,
+            Prelude.Just ("name" Data..= name)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/AggregationTypeName.hs b/gen/Amazonka/IoT/Types/AggregationTypeName.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AggregationTypeName.hs
@@ -0,0 +1,76 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AggregationTypeName
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AggregationTypeName
+  ( AggregationTypeName
+      ( ..,
+        AggregationTypeName_Cardinality,
+        AggregationTypeName_Percentiles,
+        AggregationTypeName_Statistics
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype AggregationTypeName = AggregationTypeName'
+  { fromAggregationTypeName ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern AggregationTypeName_Cardinality :: AggregationTypeName
+pattern AggregationTypeName_Cardinality = AggregationTypeName' "Cardinality"
+
+pattern AggregationTypeName_Percentiles :: AggregationTypeName
+pattern AggregationTypeName_Percentiles = AggregationTypeName' "Percentiles"
+
+pattern AggregationTypeName_Statistics :: AggregationTypeName
+pattern AggregationTypeName_Statistics = AggregationTypeName' "Statistics"
+
+{-# COMPLETE
+  AggregationTypeName_Cardinality,
+  AggregationTypeName_Percentiles,
+  AggregationTypeName_Statistics,
+  AggregationTypeName'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/AlertTarget.hs b/gen/Amazonka/IoT/Types/AlertTarget.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AlertTarget.hs
@@ -0,0 +1,104 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AlertTarget
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AlertTarget where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | A structure containing the alert target ARN and the role ARN.
+--
+-- /See:/ 'newAlertTarget' smart constructor.
+data AlertTarget = AlertTarget'
+  { -- | The Amazon Resource Name (ARN) of the notification target to which
+    -- alerts are sent.
+    alertTargetArn :: Prelude.Text,
+    -- | The ARN of the role that grants permission to send alerts to the
+    -- notification target.
+    roleArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AlertTarget' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'alertTargetArn', 'alertTarget_alertTargetArn' - The Amazon Resource Name (ARN) of the notification target to which
+-- alerts are sent.
+--
+-- 'roleArn', 'alertTarget_roleArn' - The ARN of the role that grants permission to send alerts to the
+-- notification target.
+newAlertTarget ::
+  -- | 'alertTargetArn'
+  Prelude.Text ->
+  -- | 'roleArn'
+  Prelude.Text ->
+  AlertTarget
+newAlertTarget pAlertTargetArn_ pRoleArn_ =
+  AlertTarget'
+    { alertTargetArn = pAlertTargetArn_,
+      roleArn = pRoleArn_
+    }
+
+-- | The Amazon Resource Name (ARN) of the notification target to which
+-- alerts are sent.
+alertTarget_alertTargetArn :: Lens.Lens' AlertTarget Prelude.Text
+alertTarget_alertTargetArn = Lens.lens (\AlertTarget' {alertTargetArn} -> alertTargetArn) (\s@AlertTarget' {} a -> s {alertTargetArn = a} :: AlertTarget)
+
+-- | The ARN of the role that grants permission to send alerts to the
+-- notification target.
+alertTarget_roleArn :: Lens.Lens' AlertTarget Prelude.Text
+alertTarget_roleArn = Lens.lens (\AlertTarget' {roleArn} -> roleArn) (\s@AlertTarget' {} a -> s {roleArn = a} :: AlertTarget)
+
+instance Data.FromJSON AlertTarget where
+  parseJSON =
+    Data.withObject
+      "AlertTarget"
+      ( \x ->
+          AlertTarget'
+            Prelude.<$> (x Data..: "alertTargetArn")
+            Prelude.<*> (x Data..: "roleArn")
+      )
+
+instance Prelude.Hashable AlertTarget where
+  hashWithSalt _salt AlertTarget' {..} =
+    _salt
+      `Prelude.hashWithSalt` alertTargetArn
+      `Prelude.hashWithSalt` roleArn
+
+instance Prelude.NFData AlertTarget where
+  rnf AlertTarget' {..} =
+    Prelude.rnf alertTargetArn
+      `Prelude.seq` Prelude.rnf roleArn
+
+instance Data.ToJSON AlertTarget where
+  toJSON AlertTarget' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just
+              ("alertTargetArn" Data..= alertTargetArn),
+            Prelude.Just ("roleArn" Data..= roleArn)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/AlertTargetType.hs b/gen/Amazonka/IoT/Types/AlertTargetType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AlertTargetType.hs
@@ -0,0 +1,67 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AlertTargetType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AlertTargetType
+  ( AlertTargetType
+      ( ..,
+        AlertTargetType_SNS
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The type of alert target: one of \"SNS\".
+newtype AlertTargetType = AlertTargetType'
+  { fromAlertTargetType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern AlertTargetType_SNS :: AlertTargetType
+pattern AlertTargetType_SNS = AlertTargetType' "SNS"
+
+{-# COMPLETE
+  AlertTargetType_SNS,
+  AlertTargetType'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/Allowed.hs b/gen/Amazonka/IoT/Types/Allowed.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/Allowed.hs
@@ -0,0 +1,68 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.Allowed
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.Allowed where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.Policy
+import qualified Amazonka.Prelude as Prelude
+
+-- | Contains information that allowed the authorization.
+--
+-- /See:/ 'newAllowed' smart constructor.
+data Allowed = Allowed'
+  { -- | A list of policies that allowed the authentication.
+    policies :: Prelude.Maybe [Policy]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'Allowed' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'policies', 'allowed_policies' - A list of policies that allowed the authentication.
+newAllowed ::
+  Allowed
+newAllowed = Allowed' {policies = Prelude.Nothing}
+
+-- | A list of policies that allowed the authentication.
+allowed_policies :: Lens.Lens' Allowed (Prelude.Maybe [Policy])
+allowed_policies = Lens.lens (\Allowed' {policies} -> policies) (\s@Allowed' {} a -> s {policies = a} :: Allowed) Prelude.. Lens.mapping Lens.coerced
+
+instance Data.FromJSON Allowed where
+  parseJSON =
+    Data.withObject
+      "Allowed"
+      ( \x ->
+          Allowed'
+            Prelude.<$> (x Data..:? "policies" Data..!= Prelude.mempty)
+      )
+
+instance Prelude.Hashable Allowed where
+  hashWithSalt _salt Allowed' {..} =
+    _salt `Prelude.hashWithSalt` policies
+
+instance Prelude.NFData Allowed where
+  rnf Allowed' {..} = Prelude.rnf policies
diff --git a/gen/Amazonka/IoT/Types/AssetPropertyTimestamp.hs b/gen/Amazonka/IoT/Types/AssetPropertyTimestamp.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AssetPropertyTimestamp.hs
@@ -0,0 +1,103 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AssetPropertyTimestamp
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AssetPropertyTimestamp where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | An asset property timestamp entry containing the following information.
+--
+-- /See:/ 'newAssetPropertyTimestamp' smart constructor.
+data AssetPropertyTimestamp = AssetPropertyTimestamp'
+  { -- | Optional. A string that contains the nanosecond time offset. Accepts
+    -- substitution templates.
+    offsetInNanos :: Prelude.Maybe Prelude.Text,
+    -- | A string that contains the time in seconds since epoch. Accepts
+    -- substitution templates.
+    timeInSeconds :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AssetPropertyTimestamp' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'offsetInNanos', 'assetPropertyTimestamp_offsetInNanos' - Optional. A string that contains the nanosecond time offset. Accepts
+-- substitution templates.
+--
+-- 'timeInSeconds', 'assetPropertyTimestamp_timeInSeconds' - A string that contains the time in seconds since epoch. Accepts
+-- substitution templates.
+newAssetPropertyTimestamp ::
+  -- | 'timeInSeconds'
+  Prelude.Text ->
+  AssetPropertyTimestamp
+newAssetPropertyTimestamp pTimeInSeconds_ =
+  AssetPropertyTimestamp'
+    { offsetInNanos =
+        Prelude.Nothing,
+      timeInSeconds = pTimeInSeconds_
+    }
+
+-- | Optional. A string that contains the nanosecond time offset. Accepts
+-- substitution templates.
+assetPropertyTimestamp_offsetInNanos :: Lens.Lens' AssetPropertyTimestamp (Prelude.Maybe Prelude.Text)
+assetPropertyTimestamp_offsetInNanos = Lens.lens (\AssetPropertyTimestamp' {offsetInNanos} -> offsetInNanos) (\s@AssetPropertyTimestamp' {} a -> s {offsetInNanos = a} :: AssetPropertyTimestamp)
+
+-- | A string that contains the time in seconds since epoch. Accepts
+-- substitution templates.
+assetPropertyTimestamp_timeInSeconds :: Lens.Lens' AssetPropertyTimestamp Prelude.Text
+assetPropertyTimestamp_timeInSeconds = Lens.lens (\AssetPropertyTimestamp' {timeInSeconds} -> timeInSeconds) (\s@AssetPropertyTimestamp' {} a -> s {timeInSeconds = a} :: AssetPropertyTimestamp)
+
+instance Data.FromJSON AssetPropertyTimestamp where
+  parseJSON =
+    Data.withObject
+      "AssetPropertyTimestamp"
+      ( \x ->
+          AssetPropertyTimestamp'
+            Prelude.<$> (x Data..:? "offsetInNanos")
+            Prelude.<*> (x Data..: "timeInSeconds")
+      )
+
+instance Prelude.Hashable AssetPropertyTimestamp where
+  hashWithSalt _salt AssetPropertyTimestamp' {..} =
+    _salt
+      `Prelude.hashWithSalt` offsetInNanos
+      `Prelude.hashWithSalt` timeInSeconds
+
+instance Prelude.NFData AssetPropertyTimestamp where
+  rnf AssetPropertyTimestamp' {..} =
+    Prelude.rnf offsetInNanos
+      `Prelude.seq` Prelude.rnf timeInSeconds
+
+instance Data.ToJSON AssetPropertyTimestamp where
+  toJSON AssetPropertyTimestamp' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("offsetInNanos" Data..=) Prelude.<$> offsetInNanos,
+            Prelude.Just
+              ("timeInSeconds" Data..= timeInSeconds)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/AssetPropertyValue.hs b/gen/Amazonka/IoT/Types/AssetPropertyValue.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AssetPropertyValue.hs
@@ -0,0 +1,115 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AssetPropertyValue
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AssetPropertyValue where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.AssetPropertyTimestamp
+import Amazonka.IoT.Types.AssetPropertyVariant
+import qualified Amazonka.Prelude as Prelude
+
+-- | An asset property value entry containing the following information.
+--
+-- /See:/ 'newAssetPropertyValue' smart constructor.
+data AssetPropertyValue = AssetPropertyValue'
+  { -- | Optional. A string that describes the quality of the value. Accepts
+    -- substitution templates. Must be @GOOD@, @BAD@, or @UNCERTAIN@.
+    quality :: Prelude.Maybe Prelude.Text,
+    -- | The value of the asset property.
+    value :: AssetPropertyVariant,
+    -- | The asset property value timestamp.
+    timestamp :: AssetPropertyTimestamp
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AssetPropertyValue' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'quality', 'assetPropertyValue_quality' - Optional. A string that describes the quality of the value. Accepts
+-- substitution templates. Must be @GOOD@, @BAD@, or @UNCERTAIN@.
+--
+-- 'value', 'assetPropertyValue_value' - The value of the asset property.
+--
+-- 'timestamp', 'assetPropertyValue_timestamp' - The asset property value timestamp.
+newAssetPropertyValue ::
+  -- | 'value'
+  AssetPropertyVariant ->
+  -- | 'timestamp'
+  AssetPropertyTimestamp ->
+  AssetPropertyValue
+newAssetPropertyValue pValue_ pTimestamp_ =
+  AssetPropertyValue'
+    { quality = Prelude.Nothing,
+      value = pValue_,
+      timestamp = pTimestamp_
+    }
+
+-- | Optional. A string that describes the quality of the value. Accepts
+-- substitution templates. Must be @GOOD@, @BAD@, or @UNCERTAIN@.
+assetPropertyValue_quality :: Lens.Lens' AssetPropertyValue (Prelude.Maybe Prelude.Text)
+assetPropertyValue_quality = Lens.lens (\AssetPropertyValue' {quality} -> quality) (\s@AssetPropertyValue' {} a -> s {quality = a} :: AssetPropertyValue)
+
+-- | The value of the asset property.
+assetPropertyValue_value :: Lens.Lens' AssetPropertyValue AssetPropertyVariant
+assetPropertyValue_value = Lens.lens (\AssetPropertyValue' {value} -> value) (\s@AssetPropertyValue' {} a -> s {value = a} :: AssetPropertyValue)
+
+-- | The asset property value timestamp.
+assetPropertyValue_timestamp :: Lens.Lens' AssetPropertyValue AssetPropertyTimestamp
+assetPropertyValue_timestamp = Lens.lens (\AssetPropertyValue' {timestamp} -> timestamp) (\s@AssetPropertyValue' {} a -> s {timestamp = a} :: AssetPropertyValue)
+
+instance Data.FromJSON AssetPropertyValue where
+  parseJSON =
+    Data.withObject
+      "AssetPropertyValue"
+      ( \x ->
+          AssetPropertyValue'
+            Prelude.<$> (x Data..:? "quality")
+            Prelude.<*> (x Data..: "value")
+            Prelude.<*> (x Data..: "timestamp")
+      )
+
+instance Prelude.Hashable AssetPropertyValue where
+  hashWithSalt _salt AssetPropertyValue' {..} =
+    _salt
+      `Prelude.hashWithSalt` quality
+      `Prelude.hashWithSalt` value
+      `Prelude.hashWithSalt` timestamp
+
+instance Prelude.NFData AssetPropertyValue where
+  rnf AssetPropertyValue' {..} =
+    Prelude.rnf quality
+      `Prelude.seq` Prelude.rnf value
+      `Prelude.seq` Prelude.rnf timestamp
+
+instance Data.ToJSON AssetPropertyValue where
+  toJSON AssetPropertyValue' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("quality" Data..=) Prelude.<$> quality,
+            Prelude.Just ("value" Data..= value),
+            Prelude.Just ("timestamp" Data..= timestamp)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/AssetPropertyVariant.hs b/gen/Amazonka/IoT/Types/AssetPropertyVariant.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AssetPropertyVariant.hs
@@ -0,0 +1,132 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AssetPropertyVariant
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AssetPropertyVariant where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Contains an asset property value (of a single type).
+--
+-- /See:/ 'newAssetPropertyVariant' smart constructor.
+data AssetPropertyVariant = AssetPropertyVariant'
+  { -- | Optional. A string that contains the boolean value (@true@ or @false@)
+    -- of the value entry. Accepts substitution templates.
+    booleanValue :: Prelude.Maybe Prelude.Text,
+    -- | Optional. A string that contains the double value of the value entry.
+    -- Accepts substitution templates.
+    doubleValue :: Prelude.Maybe Prelude.Text,
+    -- | Optional. A string that contains the integer value of the value entry.
+    -- Accepts substitution templates.
+    integerValue :: Prelude.Maybe Prelude.Text,
+    -- | Optional. The string value of the value entry. Accepts substitution
+    -- templates.
+    stringValue :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AssetPropertyVariant' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'booleanValue', 'assetPropertyVariant_booleanValue' - Optional. A string that contains the boolean value (@true@ or @false@)
+-- of the value entry. Accepts substitution templates.
+--
+-- 'doubleValue', 'assetPropertyVariant_doubleValue' - Optional. A string that contains the double value of the value entry.
+-- Accepts substitution templates.
+--
+-- 'integerValue', 'assetPropertyVariant_integerValue' - Optional. A string that contains the integer value of the value entry.
+-- Accepts substitution templates.
+--
+-- 'stringValue', 'assetPropertyVariant_stringValue' - Optional. The string value of the value entry. Accepts substitution
+-- templates.
+newAssetPropertyVariant ::
+  AssetPropertyVariant
+newAssetPropertyVariant =
+  AssetPropertyVariant'
+    { booleanValue =
+        Prelude.Nothing,
+      doubleValue = Prelude.Nothing,
+      integerValue = Prelude.Nothing,
+      stringValue = Prelude.Nothing
+    }
+
+-- | Optional. A string that contains the boolean value (@true@ or @false@)
+-- of the value entry. Accepts substitution templates.
+assetPropertyVariant_booleanValue :: Lens.Lens' AssetPropertyVariant (Prelude.Maybe Prelude.Text)
+assetPropertyVariant_booleanValue = Lens.lens (\AssetPropertyVariant' {booleanValue} -> booleanValue) (\s@AssetPropertyVariant' {} a -> s {booleanValue = a} :: AssetPropertyVariant)
+
+-- | Optional. A string that contains the double value of the value entry.
+-- Accepts substitution templates.
+assetPropertyVariant_doubleValue :: Lens.Lens' AssetPropertyVariant (Prelude.Maybe Prelude.Text)
+assetPropertyVariant_doubleValue = Lens.lens (\AssetPropertyVariant' {doubleValue} -> doubleValue) (\s@AssetPropertyVariant' {} a -> s {doubleValue = a} :: AssetPropertyVariant)
+
+-- | Optional. A string that contains the integer value of the value entry.
+-- Accepts substitution templates.
+assetPropertyVariant_integerValue :: Lens.Lens' AssetPropertyVariant (Prelude.Maybe Prelude.Text)
+assetPropertyVariant_integerValue = Lens.lens (\AssetPropertyVariant' {integerValue} -> integerValue) (\s@AssetPropertyVariant' {} a -> s {integerValue = a} :: AssetPropertyVariant)
+
+-- | Optional. The string value of the value entry. Accepts substitution
+-- templates.
+assetPropertyVariant_stringValue :: Lens.Lens' AssetPropertyVariant (Prelude.Maybe Prelude.Text)
+assetPropertyVariant_stringValue = Lens.lens (\AssetPropertyVariant' {stringValue} -> stringValue) (\s@AssetPropertyVariant' {} a -> s {stringValue = a} :: AssetPropertyVariant)
+
+instance Data.FromJSON AssetPropertyVariant where
+  parseJSON =
+    Data.withObject
+      "AssetPropertyVariant"
+      ( \x ->
+          AssetPropertyVariant'
+            Prelude.<$> (x Data..:? "booleanValue")
+            Prelude.<*> (x Data..:? "doubleValue")
+            Prelude.<*> (x Data..:? "integerValue")
+            Prelude.<*> (x Data..:? "stringValue")
+      )
+
+instance Prelude.Hashable AssetPropertyVariant where
+  hashWithSalt _salt AssetPropertyVariant' {..} =
+    _salt
+      `Prelude.hashWithSalt` booleanValue
+      `Prelude.hashWithSalt` doubleValue
+      `Prelude.hashWithSalt` integerValue
+      `Prelude.hashWithSalt` stringValue
+
+instance Prelude.NFData AssetPropertyVariant where
+  rnf AssetPropertyVariant' {..} =
+    Prelude.rnf booleanValue
+      `Prelude.seq` Prelude.rnf doubleValue
+      `Prelude.seq` Prelude.rnf integerValue
+      `Prelude.seq` Prelude.rnf stringValue
+
+instance Data.ToJSON AssetPropertyVariant where
+  toJSON AssetPropertyVariant' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("booleanValue" Data..=) Prelude.<$> booleanValue,
+            ("doubleValue" Data..=) Prelude.<$> doubleValue,
+            ("integerValue" Data..=) Prelude.<$> integerValue,
+            ("stringValue" Data..=) Prelude.<$> stringValue
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/AttributePayload.hs b/gen/Amazonka/IoT/Types/AttributePayload.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AttributePayload.hs
@@ -0,0 +1,126 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AttributePayload
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AttributePayload where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The attribute payload.
+--
+-- /See:/ 'newAttributePayload' smart constructor.
+data AttributePayload = AttributePayload'
+  { -- | A JSON string containing up to three key-value pair in JSON format. For
+    -- example:
+    --
+    -- @{\\\"attributes\\\":{\\\"string1\\\":\\\"string2\\\"}}@
+    attributes :: Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text),
+    -- | Specifies whether the list of attributes provided in the
+    -- @AttributePayload@ is merged with the attributes stored in the registry,
+    -- instead of overwriting them.
+    --
+    -- To remove an attribute, call @UpdateThing@ with an empty attribute
+    -- value.
+    --
+    -- The @merge@ attribute is only valid when calling @UpdateThing@ or
+    -- @UpdateThingGroup@.
+    merge :: Prelude.Maybe Prelude.Bool
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AttributePayload' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'attributes', 'attributePayload_attributes' - A JSON string containing up to three key-value pair in JSON format. For
+-- example:
+--
+-- @{\\\"attributes\\\":{\\\"string1\\\":\\\"string2\\\"}}@
+--
+-- 'merge', 'attributePayload_merge' - Specifies whether the list of attributes provided in the
+-- @AttributePayload@ is merged with the attributes stored in the registry,
+-- instead of overwriting them.
+--
+-- To remove an attribute, call @UpdateThing@ with an empty attribute
+-- value.
+--
+-- The @merge@ attribute is only valid when calling @UpdateThing@ or
+-- @UpdateThingGroup@.
+newAttributePayload ::
+  AttributePayload
+newAttributePayload =
+  AttributePayload'
+    { attributes = Prelude.Nothing,
+      merge = Prelude.Nothing
+    }
+
+-- | A JSON string containing up to three key-value pair in JSON format. For
+-- example:
+--
+-- @{\\\"attributes\\\":{\\\"string1\\\":\\\"string2\\\"}}@
+attributePayload_attributes :: Lens.Lens' AttributePayload (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
+attributePayload_attributes = Lens.lens (\AttributePayload' {attributes} -> attributes) (\s@AttributePayload' {} a -> s {attributes = a} :: AttributePayload) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies whether the list of attributes provided in the
+-- @AttributePayload@ is merged with the attributes stored in the registry,
+-- instead of overwriting them.
+--
+-- To remove an attribute, call @UpdateThing@ with an empty attribute
+-- value.
+--
+-- The @merge@ attribute is only valid when calling @UpdateThing@ or
+-- @UpdateThingGroup@.
+attributePayload_merge :: Lens.Lens' AttributePayload (Prelude.Maybe Prelude.Bool)
+attributePayload_merge = Lens.lens (\AttributePayload' {merge} -> merge) (\s@AttributePayload' {} a -> s {merge = a} :: AttributePayload)
+
+instance Data.FromJSON AttributePayload where
+  parseJSON =
+    Data.withObject
+      "AttributePayload"
+      ( \x ->
+          AttributePayload'
+            Prelude.<$> (x Data..:? "attributes" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..:? "merge")
+      )
+
+instance Prelude.Hashable AttributePayload where
+  hashWithSalt _salt AttributePayload' {..} =
+    _salt
+      `Prelude.hashWithSalt` attributes
+      `Prelude.hashWithSalt` merge
+
+instance Prelude.NFData AttributePayload where
+  rnf AttributePayload' {..} =
+    Prelude.rnf attributes
+      `Prelude.seq` Prelude.rnf merge
+
+instance Data.ToJSON AttributePayload where
+  toJSON AttributePayload' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("attributes" Data..=) Prelude.<$> attributes,
+            ("merge" Data..=) Prelude.<$> merge
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/AuditCheckConfiguration.hs b/gen/Amazonka/IoT/Types/AuditCheckConfiguration.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AuditCheckConfiguration.hs
@@ -0,0 +1,76 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AuditCheckConfiguration
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AuditCheckConfiguration where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Which audit checks are enabled and disabled for this account.
+--
+-- /See:/ 'newAuditCheckConfiguration' smart constructor.
+data AuditCheckConfiguration = AuditCheckConfiguration'
+  { -- | True if this audit check is enabled for this account.
+    enabled :: Prelude.Maybe Prelude.Bool
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AuditCheckConfiguration' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'enabled', 'auditCheckConfiguration_enabled' - True if this audit check is enabled for this account.
+newAuditCheckConfiguration ::
+  AuditCheckConfiguration
+newAuditCheckConfiguration =
+  AuditCheckConfiguration' {enabled = Prelude.Nothing}
+
+-- | True if this audit check is enabled for this account.
+auditCheckConfiguration_enabled :: Lens.Lens' AuditCheckConfiguration (Prelude.Maybe Prelude.Bool)
+auditCheckConfiguration_enabled = Lens.lens (\AuditCheckConfiguration' {enabled} -> enabled) (\s@AuditCheckConfiguration' {} a -> s {enabled = a} :: AuditCheckConfiguration)
+
+instance Data.FromJSON AuditCheckConfiguration where
+  parseJSON =
+    Data.withObject
+      "AuditCheckConfiguration"
+      ( \x ->
+          AuditCheckConfiguration'
+            Prelude.<$> (x Data..:? "enabled")
+      )
+
+instance Prelude.Hashable AuditCheckConfiguration where
+  hashWithSalt _salt AuditCheckConfiguration' {..} =
+    _salt `Prelude.hashWithSalt` enabled
+
+instance Prelude.NFData AuditCheckConfiguration where
+  rnf AuditCheckConfiguration' {..} =
+    Prelude.rnf enabled
+
+instance Data.ToJSON AuditCheckConfiguration where
+  toJSON AuditCheckConfiguration' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [("enabled" Data..=) Prelude.<$> enabled]
+      )
diff --git a/gen/Amazonka/IoT/Types/AuditCheckDetails.hs b/gen/Amazonka/IoT/Types/AuditCheckDetails.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AuditCheckDetails.hs
@@ -0,0 +1,165 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AuditCheckDetails
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AuditCheckDetails where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.AuditCheckRunStatus
+import qualified Amazonka.Prelude as Prelude
+
+-- | Information about the audit check.
+--
+-- /See:/ 'newAuditCheckDetails' smart constructor.
+data AuditCheckDetails = AuditCheckDetails'
+  { -- | True if the check is complete and found all resources compliant.
+    checkCompliant :: Prelude.Maybe Prelude.Bool,
+    -- | The completion status of this check. One of \"IN_PROGRESS\",
+    -- \"WAITING_FOR_DATA_COLLECTION\", \"CANCELED\", \"COMPLETED_COMPLIANT\",
+    -- \"COMPLETED_NON_COMPLIANT\", or \"FAILED\".
+    checkRunStatus :: Prelude.Maybe AuditCheckRunStatus,
+    -- | The code of any error encountered when this check is performed during
+    -- this audit. One of \"INSUFFICIENT_PERMISSIONS\" or
+    -- \"AUDIT_CHECK_DISABLED\".
+    errorCode :: Prelude.Maybe Prelude.Text,
+    -- | The message associated with any error encountered when this check is
+    -- performed during this audit.
+    message :: Prelude.Maybe Prelude.Text,
+    -- | The number of resources that were found noncompliant during the check.
+    nonCompliantResourcesCount :: Prelude.Maybe Prelude.Integer,
+    -- | Describes how many of the non-compliant resources created during the
+    -- evaluation of an audit check were marked as suppressed.
+    suppressedNonCompliantResourcesCount :: Prelude.Maybe Prelude.Integer,
+    -- | The number of resources on which the check was performed.
+    totalResourcesCount :: Prelude.Maybe Prelude.Integer
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AuditCheckDetails' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'checkCompliant', 'auditCheckDetails_checkCompliant' - True if the check is complete and found all resources compliant.
+--
+-- 'checkRunStatus', 'auditCheckDetails_checkRunStatus' - The completion status of this check. One of \"IN_PROGRESS\",
+-- \"WAITING_FOR_DATA_COLLECTION\", \"CANCELED\", \"COMPLETED_COMPLIANT\",
+-- \"COMPLETED_NON_COMPLIANT\", or \"FAILED\".
+--
+-- 'errorCode', 'auditCheckDetails_errorCode' - The code of any error encountered when this check is performed during
+-- this audit. One of \"INSUFFICIENT_PERMISSIONS\" or
+-- \"AUDIT_CHECK_DISABLED\".
+--
+-- 'message', 'auditCheckDetails_message' - The message associated with any error encountered when this check is
+-- performed during this audit.
+--
+-- 'nonCompliantResourcesCount', 'auditCheckDetails_nonCompliantResourcesCount' - The number of resources that were found noncompliant during the check.
+--
+-- 'suppressedNonCompliantResourcesCount', 'auditCheckDetails_suppressedNonCompliantResourcesCount' - Describes how many of the non-compliant resources created during the
+-- evaluation of an audit check were marked as suppressed.
+--
+-- 'totalResourcesCount', 'auditCheckDetails_totalResourcesCount' - The number of resources on which the check was performed.
+newAuditCheckDetails ::
+  AuditCheckDetails
+newAuditCheckDetails =
+  AuditCheckDetails'
+    { checkCompliant =
+        Prelude.Nothing,
+      checkRunStatus = Prelude.Nothing,
+      errorCode = Prelude.Nothing,
+      message = Prelude.Nothing,
+      nonCompliantResourcesCount = Prelude.Nothing,
+      suppressedNonCompliantResourcesCount =
+        Prelude.Nothing,
+      totalResourcesCount = Prelude.Nothing
+    }
+
+-- | True if the check is complete and found all resources compliant.
+auditCheckDetails_checkCompliant :: Lens.Lens' AuditCheckDetails (Prelude.Maybe Prelude.Bool)
+auditCheckDetails_checkCompliant = Lens.lens (\AuditCheckDetails' {checkCompliant} -> checkCompliant) (\s@AuditCheckDetails' {} a -> s {checkCompliant = a} :: AuditCheckDetails)
+
+-- | The completion status of this check. One of \"IN_PROGRESS\",
+-- \"WAITING_FOR_DATA_COLLECTION\", \"CANCELED\", \"COMPLETED_COMPLIANT\",
+-- \"COMPLETED_NON_COMPLIANT\", or \"FAILED\".
+auditCheckDetails_checkRunStatus :: Lens.Lens' AuditCheckDetails (Prelude.Maybe AuditCheckRunStatus)
+auditCheckDetails_checkRunStatus = Lens.lens (\AuditCheckDetails' {checkRunStatus} -> checkRunStatus) (\s@AuditCheckDetails' {} a -> s {checkRunStatus = a} :: AuditCheckDetails)
+
+-- | The code of any error encountered when this check is performed during
+-- this audit. One of \"INSUFFICIENT_PERMISSIONS\" or
+-- \"AUDIT_CHECK_DISABLED\".
+auditCheckDetails_errorCode :: Lens.Lens' AuditCheckDetails (Prelude.Maybe Prelude.Text)
+auditCheckDetails_errorCode = Lens.lens (\AuditCheckDetails' {errorCode} -> errorCode) (\s@AuditCheckDetails' {} a -> s {errorCode = a} :: AuditCheckDetails)
+
+-- | The message associated with any error encountered when this check is
+-- performed during this audit.
+auditCheckDetails_message :: Lens.Lens' AuditCheckDetails (Prelude.Maybe Prelude.Text)
+auditCheckDetails_message = Lens.lens (\AuditCheckDetails' {message} -> message) (\s@AuditCheckDetails' {} a -> s {message = a} :: AuditCheckDetails)
+
+-- | The number of resources that were found noncompliant during the check.
+auditCheckDetails_nonCompliantResourcesCount :: Lens.Lens' AuditCheckDetails (Prelude.Maybe Prelude.Integer)
+auditCheckDetails_nonCompliantResourcesCount = Lens.lens (\AuditCheckDetails' {nonCompliantResourcesCount} -> nonCompliantResourcesCount) (\s@AuditCheckDetails' {} a -> s {nonCompliantResourcesCount = a} :: AuditCheckDetails)
+
+-- | Describes how many of the non-compliant resources created during the
+-- evaluation of an audit check were marked as suppressed.
+auditCheckDetails_suppressedNonCompliantResourcesCount :: Lens.Lens' AuditCheckDetails (Prelude.Maybe Prelude.Integer)
+auditCheckDetails_suppressedNonCompliantResourcesCount = Lens.lens (\AuditCheckDetails' {suppressedNonCompliantResourcesCount} -> suppressedNonCompliantResourcesCount) (\s@AuditCheckDetails' {} a -> s {suppressedNonCompliantResourcesCount = a} :: AuditCheckDetails)
+
+-- | The number of resources on which the check was performed.
+auditCheckDetails_totalResourcesCount :: Lens.Lens' AuditCheckDetails (Prelude.Maybe Prelude.Integer)
+auditCheckDetails_totalResourcesCount = Lens.lens (\AuditCheckDetails' {totalResourcesCount} -> totalResourcesCount) (\s@AuditCheckDetails' {} a -> s {totalResourcesCount = a} :: AuditCheckDetails)
+
+instance Data.FromJSON AuditCheckDetails where
+  parseJSON =
+    Data.withObject
+      "AuditCheckDetails"
+      ( \x ->
+          AuditCheckDetails'
+            Prelude.<$> (x Data..:? "checkCompliant")
+            Prelude.<*> (x Data..:? "checkRunStatus")
+            Prelude.<*> (x Data..:? "errorCode")
+            Prelude.<*> (x Data..:? "message")
+            Prelude.<*> (x Data..:? "nonCompliantResourcesCount")
+            Prelude.<*> (x Data..:? "suppressedNonCompliantResourcesCount")
+            Prelude.<*> (x Data..:? "totalResourcesCount")
+      )
+
+instance Prelude.Hashable AuditCheckDetails where
+  hashWithSalt _salt AuditCheckDetails' {..} =
+    _salt
+      `Prelude.hashWithSalt` checkCompliant
+      `Prelude.hashWithSalt` checkRunStatus
+      `Prelude.hashWithSalt` errorCode
+      `Prelude.hashWithSalt` message
+      `Prelude.hashWithSalt` nonCompliantResourcesCount
+      `Prelude.hashWithSalt` suppressedNonCompliantResourcesCount
+      `Prelude.hashWithSalt` totalResourcesCount
+
+instance Prelude.NFData AuditCheckDetails where
+  rnf AuditCheckDetails' {..} =
+    Prelude.rnf checkCompliant
+      `Prelude.seq` Prelude.rnf checkRunStatus
+      `Prelude.seq` Prelude.rnf errorCode
+      `Prelude.seq` Prelude.rnf message
+      `Prelude.seq` Prelude.rnf nonCompliantResourcesCount
+      `Prelude.seq` Prelude.rnf suppressedNonCompliantResourcesCount
+      `Prelude.seq` Prelude.rnf totalResourcesCount
diff --git a/gen/Amazonka/IoT/Types/AuditCheckRunStatus.hs b/gen/Amazonka/IoT/Types/AuditCheckRunStatus.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AuditCheckRunStatus.hs
@@ -0,0 +1,91 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AuditCheckRunStatus
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AuditCheckRunStatus
+  ( AuditCheckRunStatus
+      ( ..,
+        AuditCheckRunStatus_CANCELED,
+        AuditCheckRunStatus_COMPLETED_COMPLIANT,
+        AuditCheckRunStatus_COMPLETED_NON_COMPLIANT,
+        AuditCheckRunStatus_FAILED,
+        AuditCheckRunStatus_IN_PROGRESS,
+        AuditCheckRunStatus_WAITING_FOR_DATA_COLLECTION
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype AuditCheckRunStatus = AuditCheckRunStatus'
+  { fromAuditCheckRunStatus ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern AuditCheckRunStatus_CANCELED :: AuditCheckRunStatus
+pattern AuditCheckRunStatus_CANCELED = AuditCheckRunStatus' "CANCELED"
+
+pattern AuditCheckRunStatus_COMPLETED_COMPLIANT :: AuditCheckRunStatus
+pattern AuditCheckRunStatus_COMPLETED_COMPLIANT = AuditCheckRunStatus' "COMPLETED_COMPLIANT"
+
+pattern AuditCheckRunStatus_COMPLETED_NON_COMPLIANT :: AuditCheckRunStatus
+pattern AuditCheckRunStatus_COMPLETED_NON_COMPLIANT = AuditCheckRunStatus' "COMPLETED_NON_COMPLIANT"
+
+pattern AuditCheckRunStatus_FAILED :: AuditCheckRunStatus
+pattern AuditCheckRunStatus_FAILED = AuditCheckRunStatus' "FAILED"
+
+pattern AuditCheckRunStatus_IN_PROGRESS :: AuditCheckRunStatus
+pattern AuditCheckRunStatus_IN_PROGRESS = AuditCheckRunStatus' "IN_PROGRESS"
+
+pattern AuditCheckRunStatus_WAITING_FOR_DATA_COLLECTION :: AuditCheckRunStatus
+pattern AuditCheckRunStatus_WAITING_FOR_DATA_COLLECTION = AuditCheckRunStatus' "WAITING_FOR_DATA_COLLECTION"
+
+{-# COMPLETE
+  AuditCheckRunStatus_CANCELED,
+  AuditCheckRunStatus_COMPLETED_COMPLIANT,
+  AuditCheckRunStatus_COMPLETED_NON_COMPLIANT,
+  AuditCheckRunStatus_FAILED,
+  AuditCheckRunStatus_IN_PROGRESS,
+  AuditCheckRunStatus_WAITING_FOR_DATA_COLLECTION,
+  AuditCheckRunStatus'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/AuditFinding.hs b/gen/Amazonka/IoT/Types/AuditFinding.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AuditFinding.hs
@@ -0,0 +1,204 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AuditFinding
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AuditFinding where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.AuditFindingSeverity
+import Amazonka.IoT.Types.NonCompliantResource
+import Amazonka.IoT.Types.RelatedResource
+import qualified Amazonka.Prelude as Prelude
+
+-- | The findings (results) of the audit.
+--
+-- /See:/ 'newAuditFinding' smart constructor.
+data AuditFinding = AuditFinding'
+  { -- | The audit check that generated this result.
+    checkName :: Prelude.Maybe Prelude.Text,
+    -- | A unique identifier for this set of audit findings. This identifier is
+    -- used to apply mitigation tasks to one or more sets of findings.
+    findingId :: Prelude.Maybe Prelude.Text,
+    -- | The time the result (finding) was discovered.
+    findingTime :: Prelude.Maybe Data.POSIX,
+    -- | Indicates whether the audit finding was suppressed or not during
+    -- reporting.
+    isSuppressed :: Prelude.Maybe Prelude.Bool,
+    -- | The resource that was found to be noncompliant with the audit check.
+    nonCompliantResource :: Prelude.Maybe NonCompliantResource,
+    -- | The reason the resource was noncompliant.
+    reasonForNonCompliance :: Prelude.Maybe Prelude.Text,
+    -- | A code that indicates the reason that the resource was noncompliant.
+    reasonForNonComplianceCode :: Prelude.Maybe Prelude.Text,
+    -- | The list of related resources.
+    relatedResources :: Prelude.Maybe [RelatedResource],
+    -- | The severity of the result (finding).
+    severity :: Prelude.Maybe AuditFindingSeverity,
+    -- | The ID of the audit that generated this result (finding).
+    taskId :: Prelude.Maybe Prelude.Text,
+    -- | The time the audit started.
+    taskStartTime :: Prelude.Maybe Data.POSIX
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AuditFinding' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'checkName', 'auditFinding_checkName' - The audit check that generated this result.
+--
+-- 'findingId', 'auditFinding_findingId' - A unique identifier for this set of audit findings. This identifier is
+-- used to apply mitigation tasks to one or more sets of findings.
+--
+-- 'findingTime', 'auditFinding_findingTime' - The time the result (finding) was discovered.
+--
+-- 'isSuppressed', 'auditFinding_isSuppressed' - Indicates whether the audit finding was suppressed or not during
+-- reporting.
+--
+-- 'nonCompliantResource', 'auditFinding_nonCompliantResource' - The resource that was found to be noncompliant with the audit check.
+--
+-- 'reasonForNonCompliance', 'auditFinding_reasonForNonCompliance' - The reason the resource was noncompliant.
+--
+-- 'reasonForNonComplianceCode', 'auditFinding_reasonForNonComplianceCode' - A code that indicates the reason that the resource was noncompliant.
+--
+-- 'relatedResources', 'auditFinding_relatedResources' - The list of related resources.
+--
+-- 'severity', 'auditFinding_severity' - The severity of the result (finding).
+--
+-- 'taskId', 'auditFinding_taskId' - The ID of the audit that generated this result (finding).
+--
+-- 'taskStartTime', 'auditFinding_taskStartTime' - The time the audit started.
+newAuditFinding ::
+  AuditFinding
+newAuditFinding =
+  AuditFinding'
+    { checkName = Prelude.Nothing,
+      findingId = Prelude.Nothing,
+      findingTime = Prelude.Nothing,
+      isSuppressed = Prelude.Nothing,
+      nonCompliantResource = Prelude.Nothing,
+      reasonForNonCompliance = Prelude.Nothing,
+      reasonForNonComplianceCode = Prelude.Nothing,
+      relatedResources = Prelude.Nothing,
+      severity = Prelude.Nothing,
+      taskId = Prelude.Nothing,
+      taskStartTime = Prelude.Nothing
+    }
+
+-- | The audit check that generated this result.
+auditFinding_checkName :: Lens.Lens' AuditFinding (Prelude.Maybe Prelude.Text)
+auditFinding_checkName = Lens.lens (\AuditFinding' {checkName} -> checkName) (\s@AuditFinding' {} a -> s {checkName = a} :: AuditFinding)
+
+-- | A unique identifier for this set of audit findings. This identifier is
+-- used to apply mitigation tasks to one or more sets of findings.
+auditFinding_findingId :: Lens.Lens' AuditFinding (Prelude.Maybe Prelude.Text)
+auditFinding_findingId = Lens.lens (\AuditFinding' {findingId} -> findingId) (\s@AuditFinding' {} a -> s {findingId = a} :: AuditFinding)
+
+-- | The time the result (finding) was discovered.
+auditFinding_findingTime :: Lens.Lens' AuditFinding (Prelude.Maybe Prelude.UTCTime)
+auditFinding_findingTime = Lens.lens (\AuditFinding' {findingTime} -> findingTime) (\s@AuditFinding' {} a -> s {findingTime = a} :: AuditFinding) Prelude.. Lens.mapping Data._Time
+
+-- | Indicates whether the audit finding was suppressed or not during
+-- reporting.
+auditFinding_isSuppressed :: Lens.Lens' AuditFinding (Prelude.Maybe Prelude.Bool)
+auditFinding_isSuppressed = Lens.lens (\AuditFinding' {isSuppressed} -> isSuppressed) (\s@AuditFinding' {} a -> s {isSuppressed = a} :: AuditFinding)
+
+-- | The resource that was found to be noncompliant with the audit check.
+auditFinding_nonCompliantResource :: Lens.Lens' AuditFinding (Prelude.Maybe NonCompliantResource)
+auditFinding_nonCompliantResource = Lens.lens (\AuditFinding' {nonCompliantResource} -> nonCompliantResource) (\s@AuditFinding' {} a -> s {nonCompliantResource = a} :: AuditFinding)
+
+-- | The reason the resource was noncompliant.
+auditFinding_reasonForNonCompliance :: Lens.Lens' AuditFinding (Prelude.Maybe Prelude.Text)
+auditFinding_reasonForNonCompliance = Lens.lens (\AuditFinding' {reasonForNonCompliance} -> reasonForNonCompliance) (\s@AuditFinding' {} a -> s {reasonForNonCompliance = a} :: AuditFinding)
+
+-- | A code that indicates the reason that the resource was noncompliant.
+auditFinding_reasonForNonComplianceCode :: Lens.Lens' AuditFinding (Prelude.Maybe Prelude.Text)
+auditFinding_reasonForNonComplianceCode = Lens.lens (\AuditFinding' {reasonForNonComplianceCode} -> reasonForNonComplianceCode) (\s@AuditFinding' {} a -> s {reasonForNonComplianceCode = a} :: AuditFinding)
+
+-- | The list of related resources.
+auditFinding_relatedResources :: Lens.Lens' AuditFinding (Prelude.Maybe [RelatedResource])
+auditFinding_relatedResources = Lens.lens (\AuditFinding' {relatedResources} -> relatedResources) (\s@AuditFinding' {} a -> s {relatedResources = a} :: AuditFinding) Prelude.. Lens.mapping Lens.coerced
+
+-- | The severity of the result (finding).
+auditFinding_severity :: Lens.Lens' AuditFinding (Prelude.Maybe AuditFindingSeverity)
+auditFinding_severity = Lens.lens (\AuditFinding' {severity} -> severity) (\s@AuditFinding' {} a -> s {severity = a} :: AuditFinding)
+
+-- | The ID of the audit that generated this result (finding).
+auditFinding_taskId :: Lens.Lens' AuditFinding (Prelude.Maybe Prelude.Text)
+auditFinding_taskId = Lens.lens (\AuditFinding' {taskId} -> taskId) (\s@AuditFinding' {} a -> s {taskId = a} :: AuditFinding)
+
+-- | The time the audit started.
+auditFinding_taskStartTime :: Lens.Lens' AuditFinding (Prelude.Maybe Prelude.UTCTime)
+auditFinding_taskStartTime = Lens.lens (\AuditFinding' {taskStartTime} -> taskStartTime) (\s@AuditFinding' {} a -> s {taskStartTime = a} :: AuditFinding) Prelude.. Lens.mapping Data._Time
+
+instance Data.FromJSON AuditFinding where
+  parseJSON =
+    Data.withObject
+      "AuditFinding"
+      ( \x ->
+          AuditFinding'
+            Prelude.<$> (x Data..:? "checkName")
+            Prelude.<*> (x Data..:? "findingId")
+            Prelude.<*> (x Data..:? "findingTime")
+            Prelude.<*> (x Data..:? "isSuppressed")
+            Prelude.<*> (x Data..:? "nonCompliantResource")
+            Prelude.<*> (x Data..:? "reasonForNonCompliance")
+            Prelude.<*> (x Data..:? "reasonForNonComplianceCode")
+            Prelude.<*> ( x
+                            Data..:? "relatedResources"
+                            Data..!= Prelude.mempty
+                        )
+            Prelude.<*> (x Data..:? "severity")
+            Prelude.<*> (x Data..:? "taskId")
+            Prelude.<*> (x Data..:? "taskStartTime")
+      )
+
+instance Prelude.Hashable AuditFinding where
+  hashWithSalt _salt AuditFinding' {..} =
+    _salt
+      `Prelude.hashWithSalt` checkName
+      `Prelude.hashWithSalt` findingId
+      `Prelude.hashWithSalt` findingTime
+      `Prelude.hashWithSalt` isSuppressed
+      `Prelude.hashWithSalt` nonCompliantResource
+      `Prelude.hashWithSalt` reasonForNonCompliance
+      `Prelude.hashWithSalt` reasonForNonComplianceCode
+      `Prelude.hashWithSalt` relatedResources
+      `Prelude.hashWithSalt` severity
+      `Prelude.hashWithSalt` taskId
+      `Prelude.hashWithSalt` taskStartTime
+
+instance Prelude.NFData AuditFinding where
+  rnf AuditFinding' {..} =
+    Prelude.rnf checkName
+      `Prelude.seq` Prelude.rnf findingId
+      `Prelude.seq` Prelude.rnf findingTime
+      `Prelude.seq` Prelude.rnf isSuppressed
+      `Prelude.seq` Prelude.rnf nonCompliantResource
+      `Prelude.seq` Prelude.rnf reasonForNonCompliance
+      `Prelude.seq` Prelude.rnf reasonForNonComplianceCode
+      `Prelude.seq` Prelude.rnf relatedResources
+      `Prelude.seq` Prelude.rnf severity
+      `Prelude.seq` Prelude.rnf taskId
+      `Prelude.seq` Prelude.rnf taskStartTime
diff --git a/gen/Amazonka/IoT/Types/AuditFindingSeverity.hs b/gen/Amazonka/IoT/Types/AuditFindingSeverity.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AuditFindingSeverity.hs
@@ -0,0 +1,81 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AuditFindingSeverity
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AuditFindingSeverity
+  ( AuditFindingSeverity
+      ( ..,
+        AuditFindingSeverity_CRITICAL,
+        AuditFindingSeverity_HIGH,
+        AuditFindingSeverity_LOW,
+        AuditFindingSeverity_MEDIUM
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype AuditFindingSeverity = AuditFindingSeverity'
+  { fromAuditFindingSeverity ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern AuditFindingSeverity_CRITICAL :: AuditFindingSeverity
+pattern AuditFindingSeverity_CRITICAL = AuditFindingSeverity' "CRITICAL"
+
+pattern AuditFindingSeverity_HIGH :: AuditFindingSeverity
+pattern AuditFindingSeverity_HIGH = AuditFindingSeverity' "HIGH"
+
+pattern AuditFindingSeverity_LOW :: AuditFindingSeverity
+pattern AuditFindingSeverity_LOW = AuditFindingSeverity' "LOW"
+
+pattern AuditFindingSeverity_MEDIUM :: AuditFindingSeverity
+pattern AuditFindingSeverity_MEDIUM = AuditFindingSeverity' "MEDIUM"
+
+{-# COMPLETE
+  AuditFindingSeverity_CRITICAL,
+  AuditFindingSeverity_HIGH,
+  AuditFindingSeverity_LOW,
+  AuditFindingSeverity_MEDIUM,
+  AuditFindingSeverity'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/AuditFrequency.hs b/gen/Amazonka/IoT/Types/AuditFrequency.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AuditFrequency.hs
@@ -0,0 +1,81 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AuditFrequency
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AuditFrequency
+  ( AuditFrequency
+      ( ..,
+        AuditFrequency_BIWEEKLY,
+        AuditFrequency_DAILY,
+        AuditFrequency_MONTHLY,
+        AuditFrequency_WEEKLY
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype AuditFrequency = AuditFrequency'
+  { fromAuditFrequency ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern AuditFrequency_BIWEEKLY :: AuditFrequency
+pattern AuditFrequency_BIWEEKLY = AuditFrequency' "BIWEEKLY"
+
+pattern AuditFrequency_DAILY :: AuditFrequency
+pattern AuditFrequency_DAILY = AuditFrequency' "DAILY"
+
+pattern AuditFrequency_MONTHLY :: AuditFrequency
+pattern AuditFrequency_MONTHLY = AuditFrequency' "MONTHLY"
+
+pattern AuditFrequency_WEEKLY :: AuditFrequency
+pattern AuditFrequency_WEEKLY = AuditFrequency' "WEEKLY"
+
+{-# COMPLETE
+  AuditFrequency_BIWEEKLY,
+  AuditFrequency_DAILY,
+  AuditFrequency_MONTHLY,
+  AuditFrequency_WEEKLY,
+  AuditFrequency'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/AuditMitigationActionExecutionMetadata.hs b/gen/Amazonka/IoT/Types/AuditMitigationActionExecutionMetadata.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AuditMitigationActionExecutionMetadata.hs
@@ -0,0 +1,194 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AuditMitigationActionExecutionMetadata
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AuditMitigationActionExecutionMetadata where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.AuditMitigationActionsExecutionStatus
+import qualified Amazonka.Prelude as Prelude
+
+-- | Returned by ListAuditMitigationActionsTask, this object contains
+-- information that describes a mitigation action that has been started.
+--
+-- /See:/ 'newAuditMitigationActionExecutionMetadata' smart constructor.
+data AuditMitigationActionExecutionMetadata = AuditMitigationActionExecutionMetadata'
+  { -- | The unique identifier for the mitigation action being applied by the
+    -- task.
+    actionId :: Prelude.Maybe Prelude.Text,
+    -- | The friendly name of the mitigation action being applied by the task.
+    actionName :: Prelude.Maybe Prelude.Text,
+    -- | The date and time when the task was completed or canceled. Blank if the
+    -- task is still running.
+    endTime :: Prelude.Maybe Data.POSIX,
+    -- | If an error occurred, the code that indicates which type of error
+    -- occurred.
+    errorCode :: Prelude.Maybe Prelude.Text,
+    -- | The unique identifier for the findings to which the task and associated
+    -- mitigation action are applied.
+    findingId :: Prelude.Maybe Prelude.Text,
+    -- | If an error occurred, a message that describes the error.
+    message :: Prelude.Maybe Prelude.Text,
+    -- | The date and time when the task was started.
+    startTime :: Prelude.Maybe Data.POSIX,
+    -- | The current status of the task being executed.
+    status :: Prelude.Maybe AuditMitigationActionsExecutionStatus,
+    -- | The unique identifier for the task that applies the mitigation action.
+    taskId :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AuditMitigationActionExecutionMetadata' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'actionId', 'auditMitigationActionExecutionMetadata_actionId' - The unique identifier for the mitigation action being applied by the
+-- task.
+--
+-- 'actionName', 'auditMitigationActionExecutionMetadata_actionName' - The friendly name of the mitigation action being applied by the task.
+--
+-- 'endTime', 'auditMitigationActionExecutionMetadata_endTime' - The date and time when the task was completed or canceled. Blank if the
+-- task is still running.
+--
+-- 'errorCode', 'auditMitigationActionExecutionMetadata_errorCode' - If an error occurred, the code that indicates which type of error
+-- occurred.
+--
+-- 'findingId', 'auditMitigationActionExecutionMetadata_findingId' - The unique identifier for the findings to which the task and associated
+-- mitigation action are applied.
+--
+-- 'message', 'auditMitigationActionExecutionMetadata_message' - If an error occurred, a message that describes the error.
+--
+-- 'startTime', 'auditMitigationActionExecutionMetadata_startTime' - The date and time when the task was started.
+--
+-- 'status', 'auditMitigationActionExecutionMetadata_status' - The current status of the task being executed.
+--
+-- 'taskId', 'auditMitigationActionExecutionMetadata_taskId' - The unique identifier for the task that applies the mitigation action.
+newAuditMitigationActionExecutionMetadata ::
+  AuditMitigationActionExecutionMetadata
+newAuditMitigationActionExecutionMetadata =
+  AuditMitigationActionExecutionMetadata'
+    { actionId =
+        Prelude.Nothing,
+      actionName = Prelude.Nothing,
+      endTime = Prelude.Nothing,
+      errorCode = Prelude.Nothing,
+      findingId = Prelude.Nothing,
+      message = Prelude.Nothing,
+      startTime = Prelude.Nothing,
+      status = Prelude.Nothing,
+      taskId = Prelude.Nothing
+    }
+
+-- | The unique identifier for the mitigation action being applied by the
+-- task.
+auditMitigationActionExecutionMetadata_actionId :: Lens.Lens' AuditMitigationActionExecutionMetadata (Prelude.Maybe Prelude.Text)
+auditMitigationActionExecutionMetadata_actionId = Lens.lens (\AuditMitigationActionExecutionMetadata' {actionId} -> actionId) (\s@AuditMitigationActionExecutionMetadata' {} a -> s {actionId = a} :: AuditMitigationActionExecutionMetadata)
+
+-- | The friendly name of the mitigation action being applied by the task.
+auditMitigationActionExecutionMetadata_actionName :: Lens.Lens' AuditMitigationActionExecutionMetadata (Prelude.Maybe Prelude.Text)
+auditMitigationActionExecutionMetadata_actionName = Lens.lens (\AuditMitigationActionExecutionMetadata' {actionName} -> actionName) (\s@AuditMitigationActionExecutionMetadata' {} a -> s {actionName = a} :: AuditMitigationActionExecutionMetadata)
+
+-- | The date and time when the task was completed or canceled. Blank if the
+-- task is still running.
+auditMitigationActionExecutionMetadata_endTime :: Lens.Lens' AuditMitigationActionExecutionMetadata (Prelude.Maybe Prelude.UTCTime)
+auditMitigationActionExecutionMetadata_endTime = Lens.lens (\AuditMitigationActionExecutionMetadata' {endTime} -> endTime) (\s@AuditMitigationActionExecutionMetadata' {} a -> s {endTime = a} :: AuditMitigationActionExecutionMetadata) Prelude.. Lens.mapping Data._Time
+
+-- | If an error occurred, the code that indicates which type of error
+-- occurred.
+auditMitigationActionExecutionMetadata_errorCode :: Lens.Lens' AuditMitigationActionExecutionMetadata (Prelude.Maybe Prelude.Text)
+auditMitigationActionExecutionMetadata_errorCode = Lens.lens (\AuditMitigationActionExecutionMetadata' {errorCode} -> errorCode) (\s@AuditMitigationActionExecutionMetadata' {} a -> s {errorCode = a} :: AuditMitigationActionExecutionMetadata)
+
+-- | The unique identifier for the findings to which the task and associated
+-- mitigation action are applied.
+auditMitigationActionExecutionMetadata_findingId :: Lens.Lens' AuditMitigationActionExecutionMetadata (Prelude.Maybe Prelude.Text)
+auditMitigationActionExecutionMetadata_findingId = Lens.lens (\AuditMitigationActionExecutionMetadata' {findingId} -> findingId) (\s@AuditMitigationActionExecutionMetadata' {} a -> s {findingId = a} :: AuditMitigationActionExecutionMetadata)
+
+-- | If an error occurred, a message that describes the error.
+auditMitigationActionExecutionMetadata_message :: Lens.Lens' AuditMitigationActionExecutionMetadata (Prelude.Maybe Prelude.Text)
+auditMitigationActionExecutionMetadata_message = Lens.lens (\AuditMitigationActionExecutionMetadata' {message} -> message) (\s@AuditMitigationActionExecutionMetadata' {} a -> s {message = a} :: AuditMitigationActionExecutionMetadata)
+
+-- | The date and time when the task was started.
+auditMitigationActionExecutionMetadata_startTime :: Lens.Lens' AuditMitigationActionExecutionMetadata (Prelude.Maybe Prelude.UTCTime)
+auditMitigationActionExecutionMetadata_startTime = Lens.lens (\AuditMitigationActionExecutionMetadata' {startTime} -> startTime) (\s@AuditMitigationActionExecutionMetadata' {} a -> s {startTime = a} :: AuditMitigationActionExecutionMetadata) Prelude.. Lens.mapping Data._Time
+
+-- | The current status of the task being executed.
+auditMitigationActionExecutionMetadata_status :: Lens.Lens' AuditMitigationActionExecutionMetadata (Prelude.Maybe AuditMitigationActionsExecutionStatus)
+auditMitigationActionExecutionMetadata_status = Lens.lens (\AuditMitigationActionExecutionMetadata' {status} -> status) (\s@AuditMitigationActionExecutionMetadata' {} a -> s {status = a} :: AuditMitigationActionExecutionMetadata)
+
+-- | The unique identifier for the task that applies the mitigation action.
+auditMitigationActionExecutionMetadata_taskId :: Lens.Lens' AuditMitigationActionExecutionMetadata (Prelude.Maybe Prelude.Text)
+auditMitigationActionExecutionMetadata_taskId = Lens.lens (\AuditMitigationActionExecutionMetadata' {taskId} -> taskId) (\s@AuditMitigationActionExecutionMetadata' {} a -> s {taskId = a} :: AuditMitigationActionExecutionMetadata)
+
+instance
+  Data.FromJSON
+    AuditMitigationActionExecutionMetadata
+  where
+  parseJSON =
+    Data.withObject
+      "AuditMitigationActionExecutionMetadata"
+      ( \x ->
+          AuditMitigationActionExecutionMetadata'
+            Prelude.<$> (x Data..:? "actionId")
+            Prelude.<*> (x Data..:? "actionName")
+            Prelude.<*> (x Data..:? "endTime")
+            Prelude.<*> (x Data..:? "errorCode")
+            Prelude.<*> (x Data..:? "findingId")
+            Prelude.<*> (x Data..:? "message")
+            Prelude.<*> (x Data..:? "startTime")
+            Prelude.<*> (x Data..:? "status")
+            Prelude.<*> (x Data..:? "taskId")
+      )
+
+instance
+  Prelude.Hashable
+    AuditMitigationActionExecutionMetadata
+  where
+  hashWithSalt
+    _salt
+    AuditMitigationActionExecutionMetadata' {..} =
+      _salt
+        `Prelude.hashWithSalt` actionId
+        `Prelude.hashWithSalt` actionName
+        `Prelude.hashWithSalt` endTime
+        `Prelude.hashWithSalt` errorCode
+        `Prelude.hashWithSalt` findingId
+        `Prelude.hashWithSalt` message
+        `Prelude.hashWithSalt` startTime
+        `Prelude.hashWithSalt` status
+        `Prelude.hashWithSalt` taskId
+
+instance
+  Prelude.NFData
+    AuditMitigationActionExecutionMetadata
+  where
+  rnf AuditMitigationActionExecutionMetadata' {..} =
+    Prelude.rnf actionId
+      `Prelude.seq` Prelude.rnf actionName
+      `Prelude.seq` Prelude.rnf endTime
+      `Prelude.seq` Prelude.rnf errorCode
+      `Prelude.seq` Prelude.rnf findingId
+      `Prelude.seq` Prelude.rnf message
+      `Prelude.seq` Prelude.rnf startTime
+      `Prelude.seq` Prelude.rnf status
+      `Prelude.seq` Prelude.rnf taskId
diff --git a/gen/Amazonka/IoT/Types/AuditMitigationActionsExecutionStatus.hs b/gen/Amazonka/IoT/Types/AuditMitigationActionsExecutionStatus.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AuditMitigationActionsExecutionStatus.hs
@@ -0,0 +1,91 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AuditMitigationActionsExecutionStatus
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AuditMitigationActionsExecutionStatus
+  ( AuditMitigationActionsExecutionStatus
+      ( ..,
+        AuditMitigationActionsExecutionStatus_CANCELED,
+        AuditMitigationActionsExecutionStatus_COMPLETED,
+        AuditMitigationActionsExecutionStatus_FAILED,
+        AuditMitigationActionsExecutionStatus_IN_PROGRESS,
+        AuditMitigationActionsExecutionStatus_PENDING,
+        AuditMitigationActionsExecutionStatus_SKIPPED
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype AuditMitigationActionsExecutionStatus = AuditMitigationActionsExecutionStatus'
+  { fromAuditMitigationActionsExecutionStatus ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern AuditMitigationActionsExecutionStatus_CANCELED :: AuditMitigationActionsExecutionStatus
+pattern AuditMitigationActionsExecutionStatus_CANCELED = AuditMitigationActionsExecutionStatus' "CANCELED"
+
+pattern AuditMitigationActionsExecutionStatus_COMPLETED :: AuditMitigationActionsExecutionStatus
+pattern AuditMitigationActionsExecutionStatus_COMPLETED = AuditMitigationActionsExecutionStatus' "COMPLETED"
+
+pattern AuditMitigationActionsExecutionStatus_FAILED :: AuditMitigationActionsExecutionStatus
+pattern AuditMitigationActionsExecutionStatus_FAILED = AuditMitigationActionsExecutionStatus' "FAILED"
+
+pattern AuditMitigationActionsExecutionStatus_IN_PROGRESS :: AuditMitigationActionsExecutionStatus
+pattern AuditMitigationActionsExecutionStatus_IN_PROGRESS = AuditMitigationActionsExecutionStatus' "IN_PROGRESS"
+
+pattern AuditMitigationActionsExecutionStatus_PENDING :: AuditMitigationActionsExecutionStatus
+pattern AuditMitigationActionsExecutionStatus_PENDING = AuditMitigationActionsExecutionStatus' "PENDING"
+
+pattern AuditMitigationActionsExecutionStatus_SKIPPED :: AuditMitigationActionsExecutionStatus
+pattern AuditMitigationActionsExecutionStatus_SKIPPED = AuditMitigationActionsExecutionStatus' "SKIPPED"
+
+{-# COMPLETE
+  AuditMitigationActionsExecutionStatus_CANCELED,
+  AuditMitigationActionsExecutionStatus_COMPLETED,
+  AuditMitigationActionsExecutionStatus_FAILED,
+  AuditMitigationActionsExecutionStatus_IN_PROGRESS,
+  AuditMitigationActionsExecutionStatus_PENDING,
+  AuditMitigationActionsExecutionStatus_SKIPPED,
+  AuditMitigationActionsExecutionStatus'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/AuditMitigationActionsTaskMetadata.hs b/gen/Amazonka/IoT/Types/AuditMitigationActionsTaskMetadata.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AuditMitigationActionsTaskMetadata.hs
@@ -0,0 +1,110 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AuditMitigationActionsTaskMetadata
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AuditMitigationActionsTaskMetadata where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.AuditMitigationActionsTaskStatus
+import qualified Amazonka.Prelude as Prelude
+
+-- | Information about an audit mitigation actions task that is returned by
+-- @ListAuditMitigationActionsTasks@.
+--
+-- /See:/ 'newAuditMitigationActionsTaskMetadata' smart constructor.
+data AuditMitigationActionsTaskMetadata = AuditMitigationActionsTaskMetadata'
+  { -- | The time at which the audit mitigation actions task was started.
+    startTime :: Prelude.Maybe Data.POSIX,
+    -- | The unique identifier for the task.
+    taskId :: Prelude.Maybe Prelude.Text,
+    -- | The current state of the audit mitigation actions task.
+    taskStatus :: Prelude.Maybe AuditMitigationActionsTaskStatus
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AuditMitigationActionsTaskMetadata' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'startTime', 'auditMitigationActionsTaskMetadata_startTime' - The time at which the audit mitigation actions task was started.
+--
+-- 'taskId', 'auditMitigationActionsTaskMetadata_taskId' - The unique identifier for the task.
+--
+-- 'taskStatus', 'auditMitigationActionsTaskMetadata_taskStatus' - The current state of the audit mitigation actions task.
+newAuditMitigationActionsTaskMetadata ::
+  AuditMitigationActionsTaskMetadata
+newAuditMitigationActionsTaskMetadata =
+  AuditMitigationActionsTaskMetadata'
+    { startTime =
+        Prelude.Nothing,
+      taskId = Prelude.Nothing,
+      taskStatus = Prelude.Nothing
+    }
+
+-- | The time at which the audit mitigation actions task was started.
+auditMitigationActionsTaskMetadata_startTime :: Lens.Lens' AuditMitigationActionsTaskMetadata (Prelude.Maybe Prelude.UTCTime)
+auditMitigationActionsTaskMetadata_startTime = Lens.lens (\AuditMitigationActionsTaskMetadata' {startTime} -> startTime) (\s@AuditMitigationActionsTaskMetadata' {} a -> s {startTime = a} :: AuditMitigationActionsTaskMetadata) Prelude.. Lens.mapping Data._Time
+
+-- | The unique identifier for the task.
+auditMitigationActionsTaskMetadata_taskId :: Lens.Lens' AuditMitigationActionsTaskMetadata (Prelude.Maybe Prelude.Text)
+auditMitigationActionsTaskMetadata_taskId = Lens.lens (\AuditMitigationActionsTaskMetadata' {taskId} -> taskId) (\s@AuditMitigationActionsTaskMetadata' {} a -> s {taskId = a} :: AuditMitigationActionsTaskMetadata)
+
+-- | The current state of the audit mitigation actions task.
+auditMitigationActionsTaskMetadata_taskStatus :: Lens.Lens' AuditMitigationActionsTaskMetadata (Prelude.Maybe AuditMitigationActionsTaskStatus)
+auditMitigationActionsTaskMetadata_taskStatus = Lens.lens (\AuditMitigationActionsTaskMetadata' {taskStatus} -> taskStatus) (\s@AuditMitigationActionsTaskMetadata' {} a -> s {taskStatus = a} :: AuditMitigationActionsTaskMetadata)
+
+instance
+  Data.FromJSON
+    AuditMitigationActionsTaskMetadata
+  where
+  parseJSON =
+    Data.withObject
+      "AuditMitigationActionsTaskMetadata"
+      ( \x ->
+          AuditMitigationActionsTaskMetadata'
+            Prelude.<$> (x Data..:? "startTime")
+            Prelude.<*> (x Data..:? "taskId")
+            Prelude.<*> (x Data..:? "taskStatus")
+      )
+
+instance
+  Prelude.Hashable
+    AuditMitigationActionsTaskMetadata
+  where
+  hashWithSalt
+    _salt
+    AuditMitigationActionsTaskMetadata' {..} =
+      _salt
+        `Prelude.hashWithSalt` startTime
+        `Prelude.hashWithSalt` taskId
+        `Prelude.hashWithSalt` taskStatus
+
+instance
+  Prelude.NFData
+    AuditMitigationActionsTaskMetadata
+  where
+  rnf AuditMitigationActionsTaskMetadata' {..} =
+    Prelude.rnf startTime
+      `Prelude.seq` Prelude.rnf taskId
+      `Prelude.seq` Prelude.rnf taskStatus
diff --git a/gen/Amazonka/IoT/Types/AuditMitigationActionsTaskStatus.hs b/gen/Amazonka/IoT/Types/AuditMitigationActionsTaskStatus.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AuditMitigationActionsTaskStatus.hs
@@ -0,0 +1,81 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AuditMitigationActionsTaskStatus
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AuditMitigationActionsTaskStatus
+  ( AuditMitigationActionsTaskStatus
+      ( ..,
+        AuditMitigationActionsTaskStatus_CANCELED,
+        AuditMitigationActionsTaskStatus_COMPLETED,
+        AuditMitigationActionsTaskStatus_FAILED,
+        AuditMitigationActionsTaskStatus_IN_PROGRESS
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype AuditMitigationActionsTaskStatus = AuditMitigationActionsTaskStatus'
+  { fromAuditMitigationActionsTaskStatus ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern AuditMitigationActionsTaskStatus_CANCELED :: AuditMitigationActionsTaskStatus
+pattern AuditMitigationActionsTaskStatus_CANCELED = AuditMitigationActionsTaskStatus' "CANCELED"
+
+pattern AuditMitigationActionsTaskStatus_COMPLETED :: AuditMitigationActionsTaskStatus
+pattern AuditMitigationActionsTaskStatus_COMPLETED = AuditMitigationActionsTaskStatus' "COMPLETED"
+
+pattern AuditMitigationActionsTaskStatus_FAILED :: AuditMitigationActionsTaskStatus
+pattern AuditMitigationActionsTaskStatus_FAILED = AuditMitigationActionsTaskStatus' "FAILED"
+
+pattern AuditMitigationActionsTaskStatus_IN_PROGRESS :: AuditMitigationActionsTaskStatus
+pattern AuditMitigationActionsTaskStatus_IN_PROGRESS = AuditMitigationActionsTaskStatus' "IN_PROGRESS"
+
+{-# COMPLETE
+  AuditMitigationActionsTaskStatus_CANCELED,
+  AuditMitigationActionsTaskStatus_COMPLETED,
+  AuditMitigationActionsTaskStatus_FAILED,
+  AuditMitigationActionsTaskStatus_IN_PROGRESS,
+  AuditMitigationActionsTaskStatus'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/AuditMitigationActionsTaskTarget.hs b/gen/Amazonka/IoT/Types/AuditMitigationActionsTaskTarget.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AuditMitigationActionsTaskTarget.hs
@@ -0,0 +1,136 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AuditMitigationActionsTaskTarget
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AuditMitigationActionsTaskTarget where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Used in MitigationActionParams, this information identifies the target
+-- findings to which the mitigation actions are applied. Only one entry
+-- appears.
+--
+-- /See:/ 'newAuditMitigationActionsTaskTarget' smart constructor.
+data AuditMitigationActionsTaskTarget = AuditMitigationActionsTaskTarget'
+  { -- | Specifies a filter in the form of an audit check and set of reason codes
+    -- that identify the findings from the audit to which the audit mitigation
+    -- actions task apply.
+    auditCheckToReasonCodeFilter :: Prelude.Maybe (Prelude.HashMap Prelude.Text (Prelude.NonEmpty Prelude.Text)),
+    -- | If the task will apply a mitigation action to findings from a specific
+    -- audit, this value uniquely identifies the audit.
+    auditTaskId :: Prelude.Maybe Prelude.Text,
+    -- | If the task will apply a mitigation action to one or more listed
+    -- findings, this value uniquely identifies those findings.
+    findingIds :: Prelude.Maybe (Prelude.NonEmpty Prelude.Text)
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AuditMitigationActionsTaskTarget' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'auditCheckToReasonCodeFilter', 'auditMitigationActionsTaskTarget_auditCheckToReasonCodeFilter' - Specifies a filter in the form of an audit check and set of reason codes
+-- that identify the findings from the audit to which the audit mitigation
+-- actions task apply.
+--
+-- 'auditTaskId', 'auditMitigationActionsTaskTarget_auditTaskId' - If the task will apply a mitigation action to findings from a specific
+-- audit, this value uniquely identifies the audit.
+--
+-- 'findingIds', 'auditMitigationActionsTaskTarget_findingIds' - If the task will apply a mitigation action to one or more listed
+-- findings, this value uniquely identifies those findings.
+newAuditMitigationActionsTaskTarget ::
+  AuditMitigationActionsTaskTarget
+newAuditMitigationActionsTaskTarget =
+  AuditMitigationActionsTaskTarget'
+    { auditCheckToReasonCodeFilter =
+        Prelude.Nothing,
+      auditTaskId = Prelude.Nothing,
+      findingIds = Prelude.Nothing
+    }
+
+-- | Specifies a filter in the form of an audit check and set of reason codes
+-- that identify the findings from the audit to which the audit mitigation
+-- actions task apply.
+auditMitigationActionsTaskTarget_auditCheckToReasonCodeFilter :: Lens.Lens' AuditMitigationActionsTaskTarget (Prelude.Maybe (Prelude.HashMap Prelude.Text (Prelude.NonEmpty Prelude.Text)))
+auditMitigationActionsTaskTarget_auditCheckToReasonCodeFilter = Lens.lens (\AuditMitigationActionsTaskTarget' {auditCheckToReasonCodeFilter} -> auditCheckToReasonCodeFilter) (\s@AuditMitigationActionsTaskTarget' {} a -> s {auditCheckToReasonCodeFilter = a} :: AuditMitigationActionsTaskTarget) Prelude.. Lens.mapping Lens.coerced
+
+-- | If the task will apply a mitigation action to findings from a specific
+-- audit, this value uniquely identifies the audit.
+auditMitigationActionsTaskTarget_auditTaskId :: Lens.Lens' AuditMitigationActionsTaskTarget (Prelude.Maybe Prelude.Text)
+auditMitigationActionsTaskTarget_auditTaskId = Lens.lens (\AuditMitigationActionsTaskTarget' {auditTaskId} -> auditTaskId) (\s@AuditMitigationActionsTaskTarget' {} a -> s {auditTaskId = a} :: AuditMitigationActionsTaskTarget)
+
+-- | If the task will apply a mitigation action to one or more listed
+-- findings, this value uniquely identifies those findings.
+auditMitigationActionsTaskTarget_findingIds :: Lens.Lens' AuditMitigationActionsTaskTarget (Prelude.Maybe (Prelude.NonEmpty Prelude.Text))
+auditMitigationActionsTaskTarget_findingIds = Lens.lens (\AuditMitigationActionsTaskTarget' {findingIds} -> findingIds) (\s@AuditMitigationActionsTaskTarget' {} a -> s {findingIds = a} :: AuditMitigationActionsTaskTarget) Prelude.. Lens.mapping Lens.coerced
+
+instance
+  Data.FromJSON
+    AuditMitigationActionsTaskTarget
+  where
+  parseJSON =
+    Data.withObject
+      "AuditMitigationActionsTaskTarget"
+      ( \x ->
+          AuditMitigationActionsTaskTarget'
+            Prelude.<$> ( x
+                            Data..:? "auditCheckToReasonCodeFilter"
+                            Data..!= Prelude.mempty
+                        )
+            Prelude.<*> (x Data..:? "auditTaskId")
+            Prelude.<*> (x Data..:? "findingIds")
+      )
+
+instance
+  Prelude.Hashable
+    AuditMitigationActionsTaskTarget
+  where
+  hashWithSalt
+    _salt
+    AuditMitigationActionsTaskTarget' {..} =
+      _salt
+        `Prelude.hashWithSalt` auditCheckToReasonCodeFilter
+        `Prelude.hashWithSalt` auditTaskId
+        `Prelude.hashWithSalt` findingIds
+
+instance
+  Prelude.NFData
+    AuditMitigationActionsTaskTarget
+  where
+  rnf AuditMitigationActionsTaskTarget' {..} =
+    Prelude.rnf auditCheckToReasonCodeFilter
+      `Prelude.seq` Prelude.rnf auditTaskId
+      `Prelude.seq` Prelude.rnf findingIds
+
+instance Data.ToJSON AuditMitigationActionsTaskTarget where
+  toJSON AuditMitigationActionsTaskTarget' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("auditCheckToReasonCodeFilter" Data..=)
+              Prelude.<$> auditCheckToReasonCodeFilter,
+            ("auditTaskId" Data..=) Prelude.<$> auditTaskId,
+            ("findingIds" Data..=) Prelude.<$> findingIds
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/AuditNotificationTarget.hs b/gen/Amazonka/IoT/Types/AuditNotificationTarget.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AuditNotificationTarget.hs
@@ -0,0 +1,109 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AuditNotificationTarget
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AuditNotificationTarget where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Information about the targets to which audit notifications are sent.
+--
+-- /See:/ 'newAuditNotificationTarget' smart constructor.
+data AuditNotificationTarget = AuditNotificationTarget'
+  { -- | True if notifications to the target are enabled.
+    enabled :: Prelude.Maybe Prelude.Bool,
+    -- | The ARN of the role that grants permission to send notifications to the
+    -- target.
+    roleArn :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the target (SNS topic) to which audit notifications are sent.
+    targetArn :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AuditNotificationTarget' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'enabled', 'auditNotificationTarget_enabled' - True if notifications to the target are enabled.
+--
+-- 'roleArn', 'auditNotificationTarget_roleArn' - The ARN of the role that grants permission to send notifications to the
+-- target.
+--
+-- 'targetArn', 'auditNotificationTarget_targetArn' - The ARN of the target (SNS topic) to which audit notifications are sent.
+newAuditNotificationTarget ::
+  AuditNotificationTarget
+newAuditNotificationTarget =
+  AuditNotificationTarget'
+    { enabled = Prelude.Nothing,
+      roleArn = Prelude.Nothing,
+      targetArn = Prelude.Nothing
+    }
+
+-- | True if notifications to the target are enabled.
+auditNotificationTarget_enabled :: Lens.Lens' AuditNotificationTarget (Prelude.Maybe Prelude.Bool)
+auditNotificationTarget_enabled = Lens.lens (\AuditNotificationTarget' {enabled} -> enabled) (\s@AuditNotificationTarget' {} a -> s {enabled = a} :: AuditNotificationTarget)
+
+-- | The ARN of the role that grants permission to send notifications to the
+-- target.
+auditNotificationTarget_roleArn :: Lens.Lens' AuditNotificationTarget (Prelude.Maybe Prelude.Text)
+auditNotificationTarget_roleArn = Lens.lens (\AuditNotificationTarget' {roleArn} -> roleArn) (\s@AuditNotificationTarget' {} a -> s {roleArn = a} :: AuditNotificationTarget)
+
+-- | The ARN of the target (SNS topic) to which audit notifications are sent.
+auditNotificationTarget_targetArn :: Lens.Lens' AuditNotificationTarget (Prelude.Maybe Prelude.Text)
+auditNotificationTarget_targetArn = Lens.lens (\AuditNotificationTarget' {targetArn} -> targetArn) (\s@AuditNotificationTarget' {} a -> s {targetArn = a} :: AuditNotificationTarget)
+
+instance Data.FromJSON AuditNotificationTarget where
+  parseJSON =
+    Data.withObject
+      "AuditNotificationTarget"
+      ( \x ->
+          AuditNotificationTarget'
+            Prelude.<$> (x Data..:? "enabled")
+            Prelude.<*> (x Data..:? "roleArn")
+            Prelude.<*> (x Data..:? "targetArn")
+      )
+
+instance Prelude.Hashable AuditNotificationTarget where
+  hashWithSalt _salt AuditNotificationTarget' {..} =
+    _salt
+      `Prelude.hashWithSalt` enabled
+      `Prelude.hashWithSalt` roleArn
+      `Prelude.hashWithSalt` targetArn
+
+instance Prelude.NFData AuditNotificationTarget where
+  rnf AuditNotificationTarget' {..} =
+    Prelude.rnf enabled
+      `Prelude.seq` Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf targetArn
+
+instance Data.ToJSON AuditNotificationTarget where
+  toJSON AuditNotificationTarget' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("enabled" Data..=) Prelude.<$> enabled,
+            ("roleArn" Data..=) Prelude.<$> roleArn,
+            ("targetArn" Data..=) Prelude.<$> targetArn
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/AuditNotificationType.hs b/gen/Amazonka/IoT/Types/AuditNotificationType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AuditNotificationType.hs
@@ -0,0 +1,66 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AuditNotificationType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AuditNotificationType
+  ( AuditNotificationType
+      ( ..,
+        AuditNotificationType_SNS
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype AuditNotificationType = AuditNotificationType'
+  { fromAuditNotificationType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern AuditNotificationType_SNS :: AuditNotificationType
+pattern AuditNotificationType_SNS = AuditNotificationType' "SNS"
+
+{-# COMPLETE
+  AuditNotificationType_SNS,
+  AuditNotificationType'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/AuditSuppression.hs b/gen/Amazonka/IoT/Types/AuditSuppression.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AuditSuppression.hs
@@ -0,0 +1,126 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AuditSuppression
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AuditSuppression where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.ResourceIdentifier
+import qualified Amazonka.Prelude as Prelude
+
+-- | Filters out specific findings of a Device Defender audit.
+--
+-- /See:/ 'newAuditSuppression' smart constructor.
+data AuditSuppression = AuditSuppression'
+  { -- | The description of the audit suppression.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | The expiration date (epoch timestamp in seconds) that you want the
+    -- suppression to adhere to.
+    expirationDate :: Prelude.Maybe Data.POSIX,
+    -- | Indicates whether a suppression should exist indefinitely or not.
+    suppressIndefinitely :: Prelude.Maybe Prelude.Bool,
+    checkName :: Prelude.Text,
+    resourceIdentifier :: ResourceIdentifier
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AuditSuppression' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'description', 'auditSuppression_description' - The description of the audit suppression.
+--
+-- 'expirationDate', 'auditSuppression_expirationDate' - The expiration date (epoch timestamp in seconds) that you want the
+-- suppression to adhere to.
+--
+-- 'suppressIndefinitely', 'auditSuppression_suppressIndefinitely' - Indicates whether a suppression should exist indefinitely or not.
+--
+-- 'checkName', 'auditSuppression_checkName' - Undocumented member.
+--
+-- 'resourceIdentifier', 'auditSuppression_resourceIdentifier' - Undocumented member.
+newAuditSuppression ::
+  -- | 'checkName'
+  Prelude.Text ->
+  -- | 'resourceIdentifier'
+  ResourceIdentifier ->
+  AuditSuppression
+newAuditSuppression pCheckName_ pResourceIdentifier_ =
+  AuditSuppression'
+    { description = Prelude.Nothing,
+      expirationDate = Prelude.Nothing,
+      suppressIndefinitely = Prelude.Nothing,
+      checkName = pCheckName_,
+      resourceIdentifier = pResourceIdentifier_
+    }
+
+-- | The description of the audit suppression.
+auditSuppression_description :: Lens.Lens' AuditSuppression (Prelude.Maybe Prelude.Text)
+auditSuppression_description = Lens.lens (\AuditSuppression' {description} -> description) (\s@AuditSuppression' {} a -> s {description = a} :: AuditSuppression)
+
+-- | The expiration date (epoch timestamp in seconds) that you want the
+-- suppression to adhere to.
+auditSuppression_expirationDate :: Lens.Lens' AuditSuppression (Prelude.Maybe Prelude.UTCTime)
+auditSuppression_expirationDate = Lens.lens (\AuditSuppression' {expirationDate} -> expirationDate) (\s@AuditSuppression' {} a -> s {expirationDate = a} :: AuditSuppression) Prelude.. Lens.mapping Data._Time
+
+-- | Indicates whether a suppression should exist indefinitely or not.
+auditSuppression_suppressIndefinitely :: Lens.Lens' AuditSuppression (Prelude.Maybe Prelude.Bool)
+auditSuppression_suppressIndefinitely = Lens.lens (\AuditSuppression' {suppressIndefinitely} -> suppressIndefinitely) (\s@AuditSuppression' {} a -> s {suppressIndefinitely = a} :: AuditSuppression)
+
+-- | Undocumented member.
+auditSuppression_checkName :: Lens.Lens' AuditSuppression Prelude.Text
+auditSuppression_checkName = Lens.lens (\AuditSuppression' {checkName} -> checkName) (\s@AuditSuppression' {} a -> s {checkName = a} :: AuditSuppression)
+
+-- | Undocumented member.
+auditSuppression_resourceIdentifier :: Lens.Lens' AuditSuppression ResourceIdentifier
+auditSuppression_resourceIdentifier = Lens.lens (\AuditSuppression' {resourceIdentifier} -> resourceIdentifier) (\s@AuditSuppression' {} a -> s {resourceIdentifier = a} :: AuditSuppression)
+
+instance Data.FromJSON AuditSuppression where
+  parseJSON =
+    Data.withObject
+      "AuditSuppression"
+      ( \x ->
+          AuditSuppression'
+            Prelude.<$> (x Data..:? "description")
+            Prelude.<*> (x Data..:? "expirationDate")
+            Prelude.<*> (x Data..:? "suppressIndefinitely")
+            Prelude.<*> (x Data..: "checkName")
+            Prelude.<*> (x Data..: "resourceIdentifier")
+      )
+
+instance Prelude.Hashable AuditSuppression where
+  hashWithSalt _salt AuditSuppression' {..} =
+    _salt
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` expirationDate
+      `Prelude.hashWithSalt` suppressIndefinitely
+      `Prelude.hashWithSalt` checkName
+      `Prelude.hashWithSalt` resourceIdentifier
+
+instance Prelude.NFData AuditSuppression where
+  rnf AuditSuppression' {..} =
+    Prelude.rnf description
+      `Prelude.seq` Prelude.rnf expirationDate
+      `Prelude.seq` Prelude.rnf suppressIndefinitely
+      `Prelude.seq` Prelude.rnf checkName
+      `Prelude.seq` Prelude.rnf resourceIdentifier
diff --git a/gen/Amazonka/IoT/Types/AuditTaskMetadata.hs b/gen/Amazonka/IoT/Types/AuditTaskMetadata.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AuditTaskMetadata.hs
@@ -0,0 +1,104 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AuditTaskMetadata
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AuditTaskMetadata where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.AuditTaskStatus
+import Amazonka.IoT.Types.AuditTaskType
+import qualified Amazonka.Prelude as Prelude
+
+-- | The audits that were performed.
+--
+-- /See:/ 'newAuditTaskMetadata' smart constructor.
+data AuditTaskMetadata = AuditTaskMetadata'
+  { -- | The ID of this audit.
+    taskId :: Prelude.Maybe Prelude.Text,
+    -- | The status of this audit. One of \"IN_PROGRESS\", \"COMPLETED\",
+    -- \"FAILED\", or \"CANCELED\".
+    taskStatus :: Prelude.Maybe AuditTaskStatus,
+    -- | The type of this audit. One of \"ON_DEMAND_AUDIT_TASK\" or
+    -- \"SCHEDULED_AUDIT_TASK\".
+    taskType :: Prelude.Maybe AuditTaskType
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AuditTaskMetadata' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'taskId', 'auditTaskMetadata_taskId' - The ID of this audit.
+--
+-- 'taskStatus', 'auditTaskMetadata_taskStatus' - The status of this audit. One of \"IN_PROGRESS\", \"COMPLETED\",
+-- \"FAILED\", or \"CANCELED\".
+--
+-- 'taskType', 'auditTaskMetadata_taskType' - The type of this audit. One of \"ON_DEMAND_AUDIT_TASK\" or
+-- \"SCHEDULED_AUDIT_TASK\".
+newAuditTaskMetadata ::
+  AuditTaskMetadata
+newAuditTaskMetadata =
+  AuditTaskMetadata'
+    { taskId = Prelude.Nothing,
+      taskStatus = Prelude.Nothing,
+      taskType = Prelude.Nothing
+    }
+
+-- | The ID of this audit.
+auditTaskMetadata_taskId :: Lens.Lens' AuditTaskMetadata (Prelude.Maybe Prelude.Text)
+auditTaskMetadata_taskId = Lens.lens (\AuditTaskMetadata' {taskId} -> taskId) (\s@AuditTaskMetadata' {} a -> s {taskId = a} :: AuditTaskMetadata)
+
+-- | The status of this audit. One of \"IN_PROGRESS\", \"COMPLETED\",
+-- \"FAILED\", or \"CANCELED\".
+auditTaskMetadata_taskStatus :: Lens.Lens' AuditTaskMetadata (Prelude.Maybe AuditTaskStatus)
+auditTaskMetadata_taskStatus = Lens.lens (\AuditTaskMetadata' {taskStatus} -> taskStatus) (\s@AuditTaskMetadata' {} a -> s {taskStatus = a} :: AuditTaskMetadata)
+
+-- | The type of this audit. One of \"ON_DEMAND_AUDIT_TASK\" or
+-- \"SCHEDULED_AUDIT_TASK\".
+auditTaskMetadata_taskType :: Lens.Lens' AuditTaskMetadata (Prelude.Maybe AuditTaskType)
+auditTaskMetadata_taskType = Lens.lens (\AuditTaskMetadata' {taskType} -> taskType) (\s@AuditTaskMetadata' {} a -> s {taskType = a} :: AuditTaskMetadata)
+
+instance Data.FromJSON AuditTaskMetadata where
+  parseJSON =
+    Data.withObject
+      "AuditTaskMetadata"
+      ( \x ->
+          AuditTaskMetadata'
+            Prelude.<$> (x Data..:? "taskId")
+            Prelude.<*> (x Data..:? "taskStatus")
+            Prelude.<*> (x Data..:? "taskType")
+      )
+
+instance Prelude.Hashable AuditTaskMetadata where
+  hashWithSalt _salt AuditTaskMetadata' {..} =
+    _salt
+      `Prelude.hashWithSalt` taskId
+      `Prelude.hashWithSalt` taskStatus
+      `Prelude.hashWithSalt` taskType
+
+instance Prelude.NFData AuditTaskMetadata where
+  rnf AuditTaskMetadata' {..} =
+    Prelude.rnf taskId
+      `Prelude.seq` Prelude.rnf taskStatus
+      `Prelude.seq` Prelude.rnf taskType
diff --git a/gen/Amazonka/IoT/Types/AuditTaskStatus.hs b/gen/Amazonka/IoT/Types/AuditTaskStatus.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AuditTaskStatus.hs
@@ -0,0 +1,81 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AuditTaskStatus
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AuditTaskStatus
+  ( AuditTaskStatus
+      ( ..,
+        AuditTaskStatus_CANCELED,
+        AuditTaskStatus_COMPLETED,
+        AuditTaskStatus_FAILED,
+        AuditTaskStatus_IN_PROGRESS
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype AuditTaskStatus = AuditTaskStatus'
+  { fromAuditTaskStatus ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern AuditTaskStatus_CANCELED :: AuditTaskStatus
+pattern AuditTaskStatus_CANCELED = AuditTaskStatus' "CANCELED"
+
+pattern AuditTaskStatus_COMPLETED :: AuditTaskStatus
+pattern AuditTaskStatus_COMPLETED = AuditTaskStatus' "COMPLETED"
+
+pattern AuditTaskStatus_FAILED :: AuditTaskStatus
+pattern AuditTaskStatus_FAILED = AuditTaskStatus' "FAILED"
+
+pattern AuditTaskStatus_IN_PROGRESS :: AuditTaskStatus
+pattern AuditTaskStatus_IN_PROGRESS = AuditTaskStatus' "IN_PROGRESS"
+
+{-# COMPLETE
+  AuditTaskStatus_CANCELED,
+  AuditTaskStatus_COMPLETED,
+  AuditTaskStatus_FAILED,
+  AuditTaskStatus_IN_PROGRESS,
+  AuditTaskStatus'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/AuditTaskType.hs b/gen/Amazonka/IoT/Types/AuditTaskType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AuditTaskType.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AuditTaskType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AuditTaskType
+  ( AuditTaskType
+      ( ..,
+        AuditTaskType_ON_DEMAND_AUDIT_TASK,
+        AuditTaskType_SCHEDULED_AUDIT_TASK
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype AuditTaskType = AuditTaskType'
+  { fromAuditTaskType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern AuditTaskType_ON_DEMAND_AUDIT_TASK :: AuditTaskType
+pattern AuditTaskType_ON_DEMAND_AUDIT_TASK = AuditTaskType' "ON_DEMAND_AUDIT_TASK"
+
+pattern AuditTaskType_SCHEDULED_AUDIT_TASK :: AuditTaskType
+pattern AuditTaskType_SCHEDULED_AUDIT_TASK = AuditTaskType' "SCHEDULED_AUDIT_TASK"
+
+{-# COMPLETE
+  AuditTaskType_ON_DEMAND_AUDIT_TASK,
+  AuditTaskType_SCHEDULED_AUDIT_TASK,
+  AuditTaskType'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/AuthDecision.hs b/gen/Amazonka/IoT/Types/AuthDecision.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AuthDecision.hs
@@ -0,0 +1,76 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AuthDecision
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AuthDecision
+  ( AuthDecision
+      ( ..,
+        AuthDecision_ALLOWED,
+        AuthDecision_EXPLICIT_DENY,
+        AuthDecision_IMPLICIT_DENY
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype AuthDecision = AuthDecision'
+  { fromAuthDecision ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern AuthDecision_ALLOWED :: AuthDecision
+pattern AuthDecision_ALLOWED = AuthDecision' "ALLOWED"
+
+pattern AuthDecision_EXPLICIT_DENY :: AuthDecision
+pattern AuthDecision_EXPLICIT_DENY = AuthDecision' "EXPLICIT_DENY"
+
+pattern AuthDecision_IMPLICIT_DENY :: AuthDecision
+pattern AuthDecision_IMPLICIT_DENY = AuthDecision' "IMPLICIT_DENY"
+
+{-# COMPLETE
+  AuthDecision_ALLOWED,
+  AuthDecision_EXPLICIT_DENY,
+  AuthDecision_IMPLICIT_DENY,
+  AuthDecision'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/AuthInfo.hs b/gen/Amazonka/IoT/Types/AuthInfo.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AuthInfo.hs
@@ -0,0 +1,97 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AuthInfo
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AuthInfo where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.ActionType
+import qualified Amazonka.Prelude as Prelude
+
+-- | A collection of authorization information.
+--
+-- /See:/ 'newAuthInfo' smart constructor.
+data AuthInfo = AuthInfo'
+  { -- | The type of action for which the principal is being authorized.
+    actionType :: Prelude.Maybe ActionType,
+    -- | The resources for which the principal is being authorized to perform the
+    -- specified action.
+    resources :: [Prelude.Text]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AuthInfo' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'actionType', 'authInfo_actionType' - The type of action for which the principal is being authorized.
+--
+-- 'resources', 'authInfo_resources' - The resources for which the principal is being authorized to perform the
+-- specified action.
+newAuthInfo ::
+  AuthInfo
+newAuthInfo =
+  AuthInfo'
+    { actionType = Prelude.Nothing,
+      resources = Prelude.mempty
+    }
+
+-- | The type of action for which the principal is being authorized.
+authInfo_actionType :: Lens.Lens' AuthInfo (Prelude.Maybe ActionType)
+authInfo_actionType = Lens.lens (\AuthInfo' {actionType} -> actionType) (\s@AuthInfo' {} a -> s {actionType = a} :: AuthInfo)
+
+-- | The resources for which the principal is being authorized to perform the
+-- specified action.
+authInfo_resources :: Lens.Lens' AuthInfo [Prelude.Text]
+authInfo_resources = Lens.lens (\AuthInfo' {resources} -> resources) (\s@AuthInfo' {} a -> s {resources = a} :: AuthInfo) Prelude.. Lens.coerced
+
+instance Data.FromJSON AuthInfo where
+  parseJSON =
+    Data.withObject
+      "AuthInfo"
+      ( \x ->
+          AuthInfo'
+            Prelude.<$> (x Data..:? "actionType")
+            Prelude.<*> (x Data..:? "resources" Data..!= Prelude.mempty)
+      )
+
+instance Prelude.Hashable AuthInfo where
+  hashWithSalt _salt AuthInfo' {..} =
+    _salt
+      `Prelude.hashWithSalt` actionType
+      `Prelude.hashWithSalt` resources
+
+instance Prelude.NFData AuthInfo where
+  rnf AuthInfo' {..} =
+    Prelude.rnf actionType
+      `Prelude.seq` Prelude.rnf resources
+
+instance Data.ToJSON AuthInfo where
+  toJSON AuthInfo' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("actionType" Data..=) Prelude.<$> actionType,
+            Prelude.Just ("resources" Data..= resources)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/AuthResult.hs b/gen/Amazonka/IoT/Types/AuthResult.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AuthResult.hs
@@ -0,0 +1,133 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AuthResult
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AuthResult where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.Allowed
+import Amazonka.IoT.Types.AuthDecision
+import Amazonka.IoT.Types.AuthInfo
+import Amazonka.IoT.Types.Denied
+import qualified Amazonka.Prelude as Prelude
+
+-- | The authorizer result.
+--
+-- /See:/ 'newAuthResult' smart constructor.
+data AuthResult = AuthResult'
+  { -- | The policies and statements that allowed the specified action.
+    allowed :: Prelude.Maybe Allowed,
+    -- | The final authorization decision of this scenario. Multiple statements
+    -- are taken into account when determining the authorization decision. An
+    -- explicit deny statement can override multiple allow statements.
+    authDecision :: Prelude.Maybe AuthDecision,
+    -- | Authorization information.
+    authInfo :: Prelude.Maybe AuthInfo,
+    -- | The policies and statements that denied the specified action.
+    denied :: Prelude.Maybe Denied,
+    -- | Contains any missing context values found while evaluating policy.
+    missingContextValues :: Prelude.Maybe [Prelude.Text]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AuthResult' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'allowed', 'authResult_allowed' - The policies and statements that allowed the specified action.
+--
+-- 'authDecision', 'authResult_authDecision' - The final authorization decision of this scenario. Multiple statements
+-- are taken into account when determining the authorization decision. An
+-- explicit deny statement can override multiple allow statements.
+--
+-- 'authInfo', 'authResult_authInfo' - Authorization information.
+--
+-- 'denied', 'authResult_denied' - The policies and statements that denied the specified action.
+--
+-- 'missingContextValues', 'authResult_missingContextValues' - Contains any missing context values found while evaluating policy.
+newAuthResult ::
+  AuthResult
+newAuthResult =
+  AuthResult'
+    { allowed = Prelude.Nothing,
+      authDecision = Prelude.Nothing,
+      authInfo = Prelude.Nothing,
+      denied = Prelude.Nothing,
+      missingContextValues = Prelude.Nothing
+    }
+
+-- | The policies and statements that allowed the specified action.
+authResult_allowed :: Lens.Lens' AuthResult (Prelude.Maybe Allowed)
+authResult_allowed = Lens.lens (\AuthResult' {allowed} -> allowed) (\s@AuthResult' {} a -> s {allowed = a} :: AuthResult)
+
+-- | The final authorization decision of this scenario. Multiple statements
+-- are taken into account when determining the authorization decision. An
+-- explicit deny statement can override multiple allow statements.
+authResult_authDecision :: Lens.Lens' AuthResult (Prelude.Maybe AuthDecision)
+authResult_authDecision = Lens.lens (\AuthResult' {authDecision} -> authDecision) (\s@AuthResult' {} a -> s {authDecision = a} :: AuthResult)
+
+-- | Authorization information.
+authResult_authInfo :: Lens.Lens' AuthResult (Prelude.Maybe AuthInfo)
+authResult_authInfo = Lens.lens (\AuthResult' {authInfo} -> authInfo) (\s@AuthResult' {} a -> s {authInfo = a} :: AuthResult)
+
+-- | The policies and statements that denied the specified action.
+authResult_denied :: Lens.Lens' AuthResult (Prelude.Maybe Denied)
+authResult_denied = Lens.lens (\AuthResult' {denied} -> denied) (\s@AuthResult' {} a -> s {denied = a} :: AuthResult)
+
+-- | Contains any missing context values found while evaluating policy.
+authResult_missingContextValues :: Lens.Lens' AuthResult (Prelude.Maybe [Prelude.Text])
+authResult_missingContextValues = Lens.lens (\AuthResult' {missingContextValues} -> missingContextValues) (\s@AuthResult' {} a -> s {missingContextValues = a} :: AuthResult) Prelude.. Lens.mapping Lens.coerced
+
+instance Data.FromJSON AuthResult where
+  parseJSON =
+    Data.withObject
+      "AuthResult"
+      ( \x ->
+          AuthResult'
+            Prelude.<$> (x Data..:? "allowed")
+            Prelude.<*> (x Data..:? "authDecision")
+            Prelude.<*> (x Data..:? "authInfo")
+            Prelude.<*> (x Data..:? "denied")
+            Prelude.<*> ( x
+                            Data..:? "missingContextValues"
+                            Data..!= Prelude.mempty
+                        )
+      )
+
+instance Prelude.Hashable AuthResult where
+  hashWithSalt _salt AuthResult' {..} =
+    _salt
+      `Prelude.hashWithSalt` allowed
+      `Prelude.hashWithSalt` authDecision
+      `Prelude.hashWithSalt` authInfo
+      `Prelude.hashWithSalt` denied
+      `Prelude.hashWithSalt` missingContextValues
+
+instance Prelude.NFData AuthResult where
+  rnf AuthResult' {..} =
+    Prelude.rnf allowed
+      `Prelude.seq` Prelude.rnf authDecision
+      `Prelude.seq` Prelude.rnf authInfo
+      `Prelude.seq` Prelude.rnf denied
+      `Prelude.seq` Prelude.rnf missingContextValues
diff --git a/gen/Amazonka/IoT/Types/AuthorizerConfig.hs b/gen/Amazonka/IoT/Types/AuthorizerConfig.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AuthorizerConfig.hs
@@ -0,0 +1,99 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AuthorizerConfig
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AuthorizerConfig where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | An object that specifies the authorization service for a domain.
+--
+-- /See:/ 'newAuthorizerConfig' smart constructor.
+data AuthorizerConfig = AuthorizerConfig'
+  { -- | A Boolean that specifies whether the domain configuration\'s
+    -- authorization service can be overridden.
+    allowAuthorizerOverride :: Prelude.Maybe Prelude.Bool,
+    -- | The name of the authorization service for a domain configuration.
+    defaultAuthorizerName :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AuthorizerConfig' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'allowAuthorizerOverride', 'authorizerConfig_allowAuthorizerOverride' - A Boolean that specifies whether the domain configuration\'s
+-- authorization service can be overridden.
+--
+-- 'defaultAuthorizerName', 'authorizerConfig_defaultAuthorizerName' - The name of the authorization service for a domain configuration.
+newAuthorizerConfig ::
+  AuthorizerConfig
+newAuthorizerConfig =
+  AuthorizerConfig'
+    { allowAuthorizerOverride =
+        Prelude.Nothing,
+      defaultAuthorizerName = Prelude.Nothing
+    }
+
+-- | A Boolean that specifies whether the domain configuration\'s
+-- authorization service can be overridden.
+authorizerConfig_allowAuthorizerOverride :: Lens.Lens' AuthorizerConfig (Prelude.Maybe Prelude.Bool)
+authorizerConfig_allowAuthorizerOverride = Lens.lens (\AuthorizerConfig' {allowAuthorizerOverride} -> allowAuthorizerOverride) (\s@AuthorizerConfig' {} a -> s {allowAuthorizerOverride = a} :: AuthorizerConfig)
+
+-- | The name of the authorization service for a domain configuration.
+authorizerConfig_defaultAuthorizerName :: Lens.Lens' AuthorizerConfig (Prelude.Maybe Prelude.Text)
+authorizerConfig_defaultAuthorizerName = Lens.lens (\AuthorizerConfig' {defaultAuthorizerName} -> defaultAuthorizerName) (\s@AuthorizerConfig' {} a -> s {defaultAuthorizerName = a} :: AuthorizerConfig)
+
+instance Data.FromJSON AuthorizerConfig where
+  parseJSON =
+    Data.withObject
+      "AuthorizerConfig"
+      ( \x ->
+          AuthorizerConfig'
+            Prelude.<$> (x Data..:? "allowAuthorizerOverride")
+            Prelude.<*> (x Data..:? "defaultAuthorizerName")
+      )
+
+instance Prelude.Hashable AuthorizerConfig where
+  hashWithSalt _salt AuthorizerConfig' {..} =
+    _salt
+      `Prelude.hashWithSalt` allowAuthorizerOverride
+      `Prelude.hashWithSalt` defaultAuthorizerName
+
+instance Prelude.NFData AuthorizerConfig where
+  rnf AuthorizerConfig' {..} =
+    Prelude.rnf allowAuthorizerOverride
+      `Prelude.seq` Prelude.rnf defaultAuthorizerName
+
+instance Data.ToJSON AuthorizerConfig where
+  toJSON AuthorizerConfig' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("allowAuthorizerOverride" Data..=)
+              Prelude.<$> allowAuthorizerOverride,
+            ("defaultAuthorizerName" Data..=)
+              Prelude.<$> defaultAuthorizerName
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/AuthorizerDescription.hs b/gen/Amazonka/IoT/Types/AuthorizerDescription.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AuthorizerDescription.hs
@@ -0,0 +1,197 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AuthorizerDescription
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AuthorizerDescription where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.AuthorizerStatus
+import qualified Amazonka.Prelude as Prelude
+
+-- | The authorizer description.
+--
+-- /See:/ 'newAuthorizerDescription' smart constructor.
+data AuthorizerDescription = AuthorizerDescription'
+  { -- | The authorizer ARN.
+    authorizerArn :: Prelude.Maybe Prelude.Text,
+    -- | The authorizer\'s Lambda function ARN.
+    authorizerFunctionArn :: Prelude.Maybe Prelude.Text,
+    -- | The authorizer name.
+    authorizerName :: Prelude.Maybe Prelude.Text,
+    -- | The UNIX timestamp of when the authorizer was created.
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | When @true@, the result from the authorizer’s Lambda function is cached
+    -- for the time specified in @refreshAfterInSeconds@. The cached result is
+    -- used while the device reuses the same HTTP connection.
+    enableCachingForHttp :: Prelude.Maybe Prelude.Bool,
+    -- | The UNIX timestamp of when the authorizer was last updated.
+    lastModifiedDate :: Prelude.Maybe Data.POSIX,
+    -- | Specifies whether IoT validates the token signature in an authorization
+    -- request.
+    signingDisabled :: Prelude.Maybe Prelude.Bool,
+    -- | The status of the authorizer.
+    status :: Prelude.Maybe AuthorizerStatus,
+    -- | The key used to extract the token from the HTTP headers.
+    tokenKeyName :: Prelude.Maybe Prelude.Text,
+    -- | The public keys used to validate the token signature returned by your
+    -- custom authentication service.
+    tokenSigningPublicKeys :: Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text)
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AuthorizerDescription' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'authorizerArn', 'authorizerDescription_authorizerArn' - The authorizer ARN.
+--
+-- 'authorizerFunctionArn', 'authorizerDescription_authorizerFunctionArn' - The authorizer\'s Lambda function ARN.
+--
+-- 'authorizerName', 'authorizerDescription_authorizerName' - The authorizer name.
+--
+-- 'creationDate', 'authorizerDescription_creationDate' - The UNIX timestamp of when the authorizer was created.
+--
+-- 'enableCachingForHttp', 'authorizerDescription_enableCachingForHttp' - When @true@, the result from the authorizer’s Lambda function is cached
+-- for the time specified in @refreshAfterInSeconds@. The cached result is
+-- used while the device reuses the same HTTP connection.
+--
+-- 'lastModifiedDate', 'authorizerDescription_lastModifiedDate' - The UNIX timestamp of when the authorizer was last updated.
+--
+-- 'signingDisabled', 'authorizerDescription_signingDisabled' - Specifies whether IoT validates the token signature in an authorization
+-- request.
+--
+-- 'status', 'authorizerDescription_status' - The status of the authorizer.
+--
+-- 'tokenKeyName', 'authorizerDescription_tokenKeyName' - The key used to extract the token from the HTTP headers.
+--
+-- 'tokenSigningPublicKeys', 'authorizerDescription_tokenSigningPublicKeys' - The public keys used to validate the token signature returned by your
+-- custom authentication service.
+newAuthorizerDescription ::
+  AuthorizerDescription
+newAuthorizerDescription =
+  AuthorizerDescription'
+    { authorizerArn =
+        Prelude.Nothing,
+      authorizerFunctionArn = Prelude.Nothing,
+      authorizerName = Prelude.Nothing,
+      creationDate = Prelude.Nothing,
+      enableCachingForHttp = Prelude.Nothing,
+      lastModifiedDate = Prelude.Nothing,
+      signingDisabled = Prelude.Nothing,
+      status = Prelude.Nothing,
+      tokenKeyName = Prelude.Nothing,
+      tokenSigningPublicKeys = Prelude.Nothing
+    }
+
+-- | The authorizer ARN.
+authorizerDescription_authorizerArn :: Lens.Lens' AuthorizerDescription (Prelude.Maybe Prelude.Text)
+authorizerDescription_authorizerArn = Lens.lens (\AuthorizerDescription' {authorizerArn} -> authorizerArn) (\s@AuthorizerDescription' {} a -> s {authorizerArn = a} :: AuthorizerDescription)
+
+-- | The authorizer\'s Lambda function ARN.
+authorizerDescription_authorizerFunctionArn :: Lens.Lens' AuthorizerDescription (Prelude.Maybe Prelude.Text)
+authorizerDescription_authorizerFunctionArn = Lens.lens (\AuthorizerDescription' {authorizerFunctionArn} -> authorizerFunctionArn) (\s@AuthorizerDescription' {} a -> s {authorizerFunctionArn = a} :: AuthorizerDescription)
+
+-- | The authorizer name.
+authorizerDescription_authorizerName :: Lens.Lens' AuthorizerDescription (Prelude.Maybe Prelude.Text)
+authorizerDescription_authorizerName = Lens.lens (\AuthorizerDescription' {authorizerName} -> authorizerName) (\s@AuthorizerDescription' {} a -> s {authorizerName = a} :: AuthorizerDescription)
+
+-- | The UNIX timestamp of when the authorizer was created.
+authorizerDescription_creationDate :: Lens.Lens' AuthorizerDescription (Prelude.Maybe Prelude.UTCTime)
+authorizerDescription_creationDate = Lens.lens (\AuthorizerDescription' {creationDate} -> creationDate) (\s@AuthorizerDescription' {} a -> s {creationDate = a} :: AuthorizerDescription) Prelude.. Lens.mapping Data._Time
+
+-- | When @true@, the result from the authorizer’s Lambda function is cached
+-- for the time specified in @refreshAfterInSeconds@. The cached result is
+-- used while the device reuses the same HTTP connection.
+authorizerDescription_enableCachingForHttp :: Lens.Lens' AuthorizerDescription (Prelude.Maybe Prelude.Bool)
+authorizerDescription_enableCachingForHttp = Lens.lens (\AuthorizerDescription' {enableCachingForHttp} -> enableCachingForHttp) (\s@AuthorizerDescription' {} a -> s {enableCachingForHttp = a} :: AuthorizerDescription)
+
+-- | The UNIX timestamp of when the authorizer was last updated.
+authorizerDescription_lastModifiedDate :: Lens.Lens' AuthorizerDescription (Prelude.Maybe Prelude.UTCTime)
+authorizerDescription_lastModifiedDate = Lens.lens (\AuthorizerDescription' {lastModifiedDate} -> lastModifiedDate) (\s@AuthorizerDescription' {} a -> s {lastModifiedDate = a} :: AuthorizerDescription) Prelude.. Lens.mapping Data._Time
+
+-- | Specifies whether IoT validates the token signature in an authorization
+-- request.
+authorizerDescription_signingDisabled :: Lens.Lens' AuthorizerDescription (Prelude.Maybe Prelude.Bool)
+authorizerDescription_signingDisabled = Lens.lens (\AuthorizerDescription' {signingDisabled} -> signingDisabled) (\s@AuthorizerDescription' {} a -> s {signingDisabled = a} :: AuthorizerDescription)
+
+-- | The status of the authorizer.
+authorizerDescription_status :: Lens.Lens' AuthorizerDescription (Prelude.Maybe AuthorizerStatus)
+authorizerDescription_status = Lens.lens (\AuthorizerDescription' {status} -> status) (\s@AuthorizerDescription' {} a -> s {status = a} :: AuthorizerDescription)
+
+-- | The key used to extract the token from the HTTP headers.
+authorizerDescription_tokenKeyName :: Lens.Lens' AuthorizerDescription (Prelude.Maybe Prelude.Text)
+authorizerDescription_tokenKeyName = Lens.lens (\AuthorizerDescription' {tokenKeyName} -> tokenKeyName) (\s@AuthorizerDescription' {} a -> s {tokenKeyName = a} :: AuthorizerDescription)
+
+-- | The public keys used to validate the token signature returned by your
+-- custom authentication service.
+authorizerDescription_tokenSigningPublicKeys :: Lens.Lens' AuthorizerDescription (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
+authorizerDescription_tokenSigningPublicKeys = Lens.lens (\AuthorizerDescription' {tokenSigningPublicKeys} -> tokenSigningPublicKeys) (\s@AuthorizerDescription' {} a -> s {tokenSigningPublicKeys = a} :: AuthorizerDescription) Prelude.. Lens.mapping Lens.coerced
+
+instance Data.FromJSON AuthorizerDescription where
+  parseJSON =
+    Data.withObject
+      "AuthorizerDescription"
+      ( \x ->
+          AuthorizerDescription'
+            Prelude.<$> (x Data..:? "authorizerArn")
+            Prelude.<*> (x Data..:? "authorizerFunctionArn")
+            Prelude.<*> (x Data..:? "authorizerName")
+            Prelude.<*> (x Data..:? "creationDate")
+            Prelude.<*> (x Data..:? "enableCachingForHttp")
+            Prelude.<*> (x Data..:? "lastModifiedDate")
+            Prelude.<*> (x Data..:? "signingDisabled")
+            Prelude.<*> (x Data..:? "status")
+            Prelude.<*> (x Data..:? "tokenKeyName")
+            Prelude.<*> ( x
+                            Data..:? "tokenSigningPublicKeys"
+                            Data..!= Prelude.mempty
+                        )
+      )
+
+instance Prelude.Hashable AuthorizerDescription where
+  hashWithSalt _salt AuthorizerDescription' {..} =
+    _salt
+      `Prelude.hashWithSalt` authorizerArn
+      `Prelude.hashWithSalt` authorizerFunctionArn
+      `Prelude.hashWithSalt` authorizerName
+      `Prelude.hashWithSalt` creationDate
+      `Prelude.hashWithSalt` enableCachingForHttp
+      `Prelude.hashWithSalt` lastModifiedDate
+      `Prelude.hashWithSalt` signingDisabled
+      `Prelude.hashWithSalt` status
+      `Prelude.hashWithSalt` tokenKeyName
+      `Prelude.hashWithSalt` tokenSigningPublicKeys
+
+instance Prelude.NFData AuthorizerDescription where
+  rnf AuthorizerDescription' {..} =
+    Prelude.rnf authorizerArn
+      `Prelude.seq` Prelude.rnf authorizerFunctionArn
+      `Prelude.seq` Prelude.rnf authorizerName
+      `Prelude.seq` Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf enableCachingForHttp
+      `Prelude.seq` Prelude.rnf lastModifiedDate
+      `Prelude.seq` Prelude.rnf signingDisabled
+      `Prelude.seq` Prelude.rnf status
+      `Prelude.seq` Prelude.rnf tokenKeyName
+      `Prelude.seq` Prelude.rnf tokenSigningPublicKeys
diff --git a/gen/Amazonka/IoT/Types/AuthorizerStatus.hs b/gen/Amazonka/IoT/Types/AuthorizerStatus.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AuthorizerStatus.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AuthorizerStatus
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AuthorizerStatus
+  ( AuthorizerStatus
+      ( ..,
+        AuthorizerStatus_ACTIVE,
+        AuthorizerStatus_INACTIVE
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype AuthorizerStatus = AuthorizerStatus'
+  { fromAuthorizerStatus ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern AuthorizerStatus_ACTIVE :: AuthorizerStatus
+pattern AuthorizerStatus_ACTIVE = AuthorizerStatus' "ACTIVE"
+
+pattern AuthorizerStatus_INACTIVE :: AuthorizerStatus
+pattern AuthorizerStatus_INACTIVE = AuthorizerStatus' "INACTIVE"
+
+{-# COMPLETE
+  AuthorizerStatus_ACTIVE,
+  AuthorizerStatus_INACTIVE,
+  AuthorizerStatus'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/AuthorizerSummary.hs b/gen/Amazonka/IoT/Types/AuthorizerSummary.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AuthorizerSummary.hs
@@ -0,0 +1,84 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AuthorizerSummary
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AuthorizerSummary where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The authorizer summary.
+--
+-- /See:/ 'newAuthorizerSummary' smart constructor.
+data AuthorizerSummary = AuthorizerSummary'
+  { -- | The authorizer ARN.
+    authorizerArn :: Prelude.Maybe Prelude.Text,
+    -- | The authorizer name.
+    authorizerName :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AuthorizerSummary' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'authorizerArn', 'authorizerSummary_authorizerArn' - The authorizer ARN.
+--
+-- 'authorizerName', 'authorizerSummary_authorizerName' - The authorizer name.
+newAuthorizerSummary ::
+  AuthorizerSummary
+newAuthorizerSummary =
+  AuthorizerSummary'
+    { authorizerArn = Prelude.Nothing,
+      authorizerName = Prelude.Nothing
+    }
+
+-- | The authorizer ARN.
+authorizerSummary_authorizerArn :: Lens.Lens' AuthorizerSummary (Prelude.Maybe Prelude.Text)
+authorizerSummary_authorizerArn = Lens.lens (\AuthorizerSummary' {authorizerArn} -> authorizerArn) (\s@AuthorizerSummary' {} a -> s {authorizerArn = a} :: AuthorizerSummary)
+
+-- | The authorizer name.
+authorizerSummary_authorizerName :: Lens.Lens' AuthorizerSummary (Prelude.Maybe Prelude.Text)
+authorizerSummary_authorizerName = Lens.lens (\AuthorizerSummary' {authorizerName} -> authorizerName) (\s@AuthorizerSummary' {} a -> s {authorizerName = a} :: AuthorizerSummary)
+
+instance Data.FromJSON AuthorizerSummary where
+  parseJSON =
+    Data.withObject
+      "AuthorizerSummary"
+      ( \x ->
+          AuthorizerSummary'
+            Prelude.<$> (x Data..:? "authorizerArn")
+            Prelude.<*> (x Data..:? "authorizerName")
+      )
+
+instance Prelude.Hashable AuthorizerSummary where
+  hashWithSalt _salt AuthorizerSummary' {..} =
+    _salt
+      `Prelude.hashWithSalt` authorizerArn
+      `Prelude.hashWithSalt` authorizerName
+
+instance Prelude.NFData AuthorizerSummary where
+  rnf AuthorizerSummary' {..} =
+    Prelude.rnf authorizerArn
+      `Prelude.seq` Prelude.rnf authorizerName
diff --git a/gen/Amazonka/IoT/Types/AutoRegistrationStatus.hs b/gen/Amazonka/IoT/Types/AutoRegistrationStatus.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AutoRegistrationStatus.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AutoRegistrationStatus
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AutoRegistrationStatus
+  ( AutoRegistrationStatus
+      ( ..,
+        AutoRegistrationStatus_DISABLE,
+        AutoRegistrationStatus_ENABLE
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype AutoRegistrationStatus = AutoRegistrationStatus'
+  { fromAutoRegistrationStatus ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern AutoRegistrationStatus_DISABLE :: AutoRegistrationStatus
+pattern AutoRegistrationStatus_DISABLE = AutoRegistrationStatus' "DISABLE"
+
+pattern AutoRegistrationStatus_ENABLE :: AutoRegistrationStatus
+pattern AutoRegistrationStatus_ENABLE = AutoRegistrationStatus' "ENABLE"
+
+{-# COMPLETE
+  AutoRegistrationStatus_DISABLE,
+  AutoRegistrationStatus_ENABLE,
+  AutoRegistrationStatus'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/AwsJobAbortConfig.hs b/gen/Amazonka/IoT/Types/AwsJobAbortConfig.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AwsJobAbortConfig.hs
@@ -0,0 +1,75 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AwsJobAbortConfig
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AwsJobAbortConfig where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.AwsJobAbortCriteria
+import qualified Amazonka.Prelude as Prelude
+
+-- | The criteria that determine when and how a job abort takes place.
+--
+-- /See:/ 'newAwsJobAbortConfig' smart constructor.
+data AwsJobAbortConfig = AwsJobAbortConfig'
+  { -- | The list of criteria that determine when and how to abort the job.
+    abortCriteriaList :: Prelude.NonEmpty AwsJobAbortCriteria
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AwsJobAbortConfig' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'abortCriteriaList', 'awsJobAbortConfig_abortCriteriaList' - The list of criteria that determine when and how to abort the job.
+newAwsJobAbortConfig ::
+  -- | 'abortCriteriaList'
+  Prelude.NonEmpty AwsJobAbortCriteria ->
+  AwsJobAbortConfig
+newAwsJobAbortConfig pAbortCriteriaList_ =
+  AwsJobAbortConfig'
+    { abortCriteriaList =
+        Lens.coerced Lens.# pAbortCriteriaList_
+    }
+
+-- | The list of criteria that determine when and how to abort the job.
+awsJobAbortConfig_abortCriteriaList :: Lens.Lens' AwsJobAbortConfig (Prelude.NonEmpty AwsJobAbortCriteria)
+awsJobAbortConfig_abortCriteriaList = Lens.lens (\AwsJobAbortConfig' {abortCriteriaList} -> abortCriteriaList) (\s@AwsJobAbortConfig' {} a -> s {abortCriteriaList = a} :: AwsJobAbortConfig) Prelude.. Lens.coerced
+
+instance Prelude.Hashable AwsJobAbortConfig where
+  hashWithSalt _salt AwsJobAbortConfig' {..} =
+    _salt `Prelude.hashWithSalt` abortCriteriaList
+
+instance Prelude.NFData AwsJobAbortConfig where
+  rnf AwsJobAbortConfig' {..} =
+    Prelude.rnf abortCriteriaList
+
+instance Data.ToJSON AwsJobAbortConfig where
+  toJSON AwsJobAbortConfig' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just
+              ("abortCriteriaList" Data..= abortCriteriaList)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/AwsJobAbortCriteria.hs b/gen/Amazonka/IoT/Types/AwsJobAbortCriteria.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AwsJobAbortCriteria.hs
@@ -0,0 +1,141 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AwsJobAbortCriteria
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AwsJobAbortCriteria where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.AwsJobAbortCriteriaAbortAction
+import Amazonka.IoT.Types.AwsJobAbortCriteriaFailureType
+import qualified Amazonka.Prelude as Prelude
+
+-- | The criteria that determine when and how a job abort takes place.
+--
+-- /See:/ 'newAwsJobAbortCriteria' smart constructor.
+data AwsJobAbortCriteria = AwsJobAbortCriteria'
+  { -- | The type of job execution failures that can initiate a job abort.
+    failureType :: AwsJobAbortCriteriaFailureType,
+    -- | The type of job action to take to initiate the job abort.
+    action :: AwsJobAbortCriteriaAbortAction,
+    -- | The minimum percentage of job execution failures that must occur to
+    -- initiate the job abort.
+    --
+    -- Amazon Web Services IoT Core supports up to two digits after the decimal
+    -- (for example, 10.9 and 10.99, but not 10.999).
+    thresholdPercentage :: Prelude.Double,
+    -- | The minimum number of things which must receive job execution
+    -- notifications before the job can be aborted.
+    minNumberOfExecutedThings :: Prelude.Natural
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AwsJobAbortCriteria' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'failureType', 'awsJobAbortCriteria_failureType' - The type of job execution failures that can initiate a job abort.
+--
+-- 'action', 'awsJobAbortCriteria_action' - The type of job action to take to initiate the job abort.
+--
+-- 'thresholdPercentage', 'awsJobAbortCriteria_thresholdPercentage' - The minimum percentage of job execution failures that must occur to
+-- initiate the job abort.
+--
+-- Amazon Web Services IoT Core supports up to two digits after the decimal
+-- (for example, 10.9 and 10.99, but not 10.999).
+--
+-- 'minNumberOfExecutedThings', 'awsJobAbortCriteria_minNumberOfExecutedThings' - The minimum number of things which must receive job execution
+-- notifications before the job can be aborted.
+newAwsJobAbortCriteria ::
+  -- | 'failureType'
+  AwsJobAbortCriteriaFailureType ->
+  -- | 'action'
+  AwsJobAbortCriteriaAbortAction ->
+  -- | 'thresholdPercentage'
+  Prelude.Double ->
+  -- | 'minNumberOfExecutedThings'
+  Prelude.Natural ->
+  AwsJobAbortCriteria
+newAwsJobAbortCriteria
+  pFailureType_
+  pAction_
+  pThresholdPercentage_
+  pMinNumberOfExecutedThings_ =
+    AwsJobAbortCriteria'
+      { failureType = pFailureType_,
+        action = pAction_,
+        thresholdPercentage = pThresholdPercentage_,
+        minNumberOfExecutedThings =
+          pMinNumberOfExecutedThings_
+      }
+
+-- | The type of job execution failures that can initiate a job abort.
+awsJobAbortCriteria_failureType :: Lens.Lens' AwsJobAbortCriteria AwsJobAbortCriteriaFailureType
+awsJobAbortCriteria_failureType = Lens.lens (\AwsJobAbortCriteria' {failureType} -> failureType) (\s@AwsJobAbortCriteria' {} a -> s {failureType = a} :: AwsJobAbortCriteria)
+
+-- | The type of job action to take to initiate the job abort.
+awsJobAbortCriteria_action :: Lens.Lens' AwsJobAbortCriteria AwsJobAbortCriteriaAbortAction
+awsJobAbortCriteria_action = Lens.lens (\AwsJobAbortCriteria' {action} -> action) (\s@AwsJobAbortCriteria' {} a -> s {action = a} :: AwsJobAbortCriteria)
+
+-- | The minimum percentage of job execution failures that must occur to
+-- initiate the job abort.
+--
+-- Amazon Web Services IoT Core supports up to two digits after the decimal
+-- (for example, 10.9 and 10.99, but not 10.999).
+awsJobAbortCriteria_thresholdPercentage :: Lens.Lens' AwsJobAbortCriteria Prelude.Double
+awsJobAbortCriteria_thresholdPercentage = Lens.lens (\AwsJobAbortCriteria' {thresholdPercentage} -> thresholdPercentage) (\s@AwsJobAbortCriteria' {} a -> s {thresholdPercentage = a} :: AwsJobAbortCriteria)
+
+-- | The minimum number of things which must receive job execution
+-- notifications before the job can be aborted.
+awsJobAbortCriteria_minNumberOfExecutedThings :: Lens.Lens' AwsJobAbortCriteria Prelude.Natural
+awsJobAbortCriteria_minNumberOfExecutedThings = Lens.lens (\AwsJobAbortCriteria' {minNumberOfExecutedThings} -> minNumberOfExecutedThings) (\s@AwsJobAbortCriteria' {} a -> s {minNumberOfExecutedThings = a} :: AwsJobAbortCriteria)
+
+instance Prelude.Hashable AwsJobAbortCriteria where
+  hashWithSalt _salt AwsJobAbortCriteria' {..} =
+    _salt
+      `Prelude.hashWithSalt` failureType
+      `Prelude.hashWithSalt` action
+      `Prelude.hashWithSalt` thresholdPercentage
+      `Prelude.hashWithSalt` minNumberOfExecutedThings
+
+instance Prelude.NFData AwsJobAbortCriteria where
+  rnf AwsJobAbortCriteria' {..} =
+    Prelude.rnf failureType
+      `Prelude.seq` Prelude.rnf action
+      `Prelude.seq` Prelude.rnf thresholdPercentage
+      `Prelude.seq` Prelude.rnf minNumberOfExecutedThings
+
+instance Data.ToJSON AwsJobAbortCriteria where
+  toJSON AwsJobAbortCriteria' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("failureType" Data..= failureType),
+            Prelude.Just ("action" Data..= action),
+            Prelude.Just
+              ("thresholdPercentage" Data..= thresholdPercentage),
+            Prelude.Just
+              ( "minNumberOfExecutedThings"
+                  Data..= minNumberOfExecutedThings
+              )
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/AwsJobAbortCriteriaAbortAction.hs b/gen/Amazonka/IoT/Types/AwsJobAbortCriteriaAbortAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AwsJobAbortCriteriaAbortAction.hs
@@ -0,0 +1,66 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AwsJobAbortCriteriaAbortAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AwsJobAbortCriteriaAbortAction
+  ( AwsJobAbortCriteriaAbortAction
+      ( ..,
+        AwsJobAbortCriteriaAbortAction_CANCEL
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype AwsJobAbortCriteriaAbortAction = AwsJobAbortCriteriaAbortAction'
+  { fromAwsJobAbortCriteriaAbortAction ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern AwsJobAbortCriteriaAbortAction_CANCEL :: AwsJobAbortCriteriaAbortAction
+pattern AwsJobAbortCriteriaAbortAction_CANCEL = AwsJobAbortCriteriaAbortAction' "CANCEL"
+
+{-# COMPLETE
+  AwsJobAbortCriteriaAbortAction_CANCEL,
+  AwsJobAbortCriteriaAbortAction'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/AwsJobAbortCriteriaFailureType.hs b/gen/Amazonka/IoT/Types/AwsJobAbortCriteriaFailureType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AwsJobAbortCriteriaFailureType.hs
@@ -0,0 +1,81 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AwsJobAbortCriteriaFailureType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AwsJobAbortCriteriaFailureType
+  ( AwsJobAbortCriteriaFailureType
+      ( ..,
+        AwsJobAbortCriteriaFailureType_ALL,
+        AwsJobAbortCriteriaFailureType_FAILED,
+        AwsJobAbortCriteriaFailureType_REJECTED,
+        AwsJobAbortCriteriaFailureType_TIMED_OUT
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype AwsJobAbortCriteriaFailureType = AwsJobAbortCriteriaFailureType'
+  { fromAwsJobAbortCriteriaFailureType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern AwsJobAbortCriteriaFailureType_ALL :: AwsJobAbortCriteriaFailureType
+pattern AwsJobAbortCriteriaFailureType_ALL = AwsJobAbortCriteriaFailureType' "ALL"
+
+pattern AwsJobAbortCriteriaFailureType_FAILED :: AwsJobAbortCriteriaFailureType
+pattern AwsJobAbortCriteriaFailureType_FAILED = AwsJobAbortCriteriaFailureType' "FAILED"
+
+pattern AwsJobAbortCriteriaFailureType_REJECTED :: AwsJobAbortCriteriaFailureType
+pattern AwsJobAbortCriteriaFailureType_REJECTED = AwsJobAbortCriteriaFailureType' "REJECTED"
+
+pattern AwsJobAbortCriteriaFailureType_TIMED_OUT :: AwsJobAbortCriteriaFailureType
+pattern AwsJobAbortCriteriaFailureType_TIMED_OUT = AwsJobAbortCriteriaFailureType' "TIMED_OUT"
+
+{-# COMPLETE
+  AwsJobAbortCriteriaFailureType_ALL,
+  AwsJobAbortCriteriaFailureType_FAILED,
+  AwsJobAbortCriteriaFailureType_REJECTED,
+  AwsJobAbortCriteriaFailureType_TIMED_OUT,
+  AwsJobAbortCriteriaFailureType'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/AwsJobExecutionsRolloutConfig.hs b/gen/Amazonka/IoT/Types/AwsJobExecutionsRolloutConfig.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AwsJobExecutionsRolloutConfig.hs
@@ -0,0 +1,103 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AwsJobExecutionsRolloutConfig
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AwsJobExecutionsRolloutConfig where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.AwsJobExponentialRolloutRate
+import qualified Amazonka.Prelude as Prelude
+
+-- | Configuration for the rollout of OTA updates.
+--
+-- /See:/ 'newAwsJobExecutionsRolloutConfig' smart constructor.
+data AwsJobExecutionsRolloutConfig = AwsJobExecutionsRolloutConfig'
+  { -- | The rate of increase for a job rollout. This parameter allows you to
+    -- define an exponential rate increase for a job rollout.
+    exponentialRate :: Prelude.Maybe AwsJobExponentialRolloutRate,
+    -- | The maximum number of OTA update job executions started per minute.
+    maximumPerMinute :: Prelude.Maybe Prelude.Natural
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AwsJobExecutionsRolloutConfig' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'exponentialRate', 'awsJobExecutionsRolloutConfig_exponentialRate' - The rate of increase for a job rollout. This parameter allows you to
+-- define an exponential rate increase for a job rollout.
+--
+-- 'maximumPerMinute', 'awsJobExecutionsRolloutConfig_maximumPerMinute' - The maximum number of OTA update job executions started per minute.
+newAwsJobExecutionsRolloutConfig ::
+  AwsJobExecutionsRolloutConfig
+newAwsJobExecutionsRolloutConfig =
+  AwsJobExecutionsRolloutConfig'
+    { exponentialRate =
+        Prelude.Nothing,
+      maximumPerMinute = Prelude.Nothing
+    }
+
+-- | The rate of increase for a job rollout. This parameter allows you to
+-- define an exponential rate increase for a job rollout.
+awsJobExecutionsRolloutConfig_exponentialRate :: Lens.Lens' AwsJobExecutionsRolloutConfig (Prelude.Maybe AwsJobExponentialRolloutRate)
+awsJobExecutionsRolloutConfig_exponentialRate = Lens.lens (\AwsJobExecutionsRolloutConfig' {exponentialRate} -> exponentialRate) (\s@AwsJobExecutionsRolloutConfig' {} a -> s {exponentialRate = a} :: AwsJobExecutionsRolloutConfig)
+
+-- | The maximum number of OTA update job executions started per minute.
+awsJobExecutionsRolloutConfig_maximumPerMinute :: Lens.Lens' AwsJobExecutionsRolloutConfig (Prelude.Maybe Prelude.Natural)
+awsJobExecutionsRolloutConfig_maximumPerMinute = Lens.lens (\AwsJobExecutionsRolloutConfig' {maximumPerMinute} -> maximumPerMinute) (\s@AwsJobExecutionsRolloutConfig' {} a -> s {maximumPerMinute = a} :: AwsJobExecutionsRolloutConfig)
+
+instance Data.FromJSON AwsJobExecutionsRolloutConfig where
+  parseJSON =
+    Data.withObject
+      "AwsJobExecutionsRolloutConfig"
+      ( \x ->
+          AwsJobExecutionsRolloutConfig'
+            Prelude.<$> (x Data..:? "exponentialRate")
+            Prelude.<*> (x Data..:? "maximumPerMinute")
+      )
+
+instance
+  Prelude.Hashable
+    AwsJobExecutionsRolloutConfig
+  where
+  hashWithSalt _salt AwsJobExecutionsRolloutConfig' {..} =
+    _salt
+      `Prelude.hashWithSalt` exponentialRate
+      `Prelude.hashWithSalt` maximumPerMinute
+
+instance Prelude.NFData AwsJobExecutionsRolloutConfig where
+  rnf AwsJobExecutionsRolloutConfig' {..} =
+    Prelude.rnf exponentialRate
+      `Prelude.seq` Prelude.rnf maximumPerMinute
+
+instance Data.ToJSON AwsJobExecutionsRolloutConfig where
+  toJSON AwsJobExecutionsRolloutConfig' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("exponentialRate" Data..=)
+              Prelude.<$> exponentialRate,
+            ("maximumPerMinute" Data..=)
+              Prelude.<$> maximumPerMinute
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/AwsJobExponentialRolloutRate.hs b/gen/Amazonka/IoT/Types/AwsJobExponentialRolloutRate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AwsJobExponentialRolloutRate.hs
@@ -0,0 +1,144 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AwsJobExponentialRolloutRate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AwsJobExponentialRolloutRate where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.AwsJobRateIncreaseCriteria
+import qualified Amazonka.Prelude as Prelude
+
+-- | The rate of increase for a job rollout. This parameter allows you to
+-- define an exponential rate increase for a job rollout.
+--
+-- /See:/ 'newAwsJobExponentialRolloutRate' smart constructor.
+data AwsJobExponentialRolloutRate = AwsJobExponentialRolloutRate'
+  { -- | The minimum number of things that will be notified of a pending job, per
+    -- minute, at the start of the job rollout. This is the initial rate of the
+    -- rollout.
+    baseRatePerMinute :: Prelude.Natural,
+    -- | The rate of increase for a job rollout. The number of things notified is
+    -- multiplied by this factor.
+    incrementFactor :: Prelude.Double,
+    -- | The criteria to initiate the increase in rate of rollout for a job.
+    --
+    -- Amazon Web Services IoT Core supports up to one digit after the decimal
+    -- (for example, 1.5, but not 1.55).
+    rateIncreaseCriteria :: AwsJobRateIncreaseCriteria
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AwsJobExponentialRolloutRate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'baseRatePerMinute', 'awsJobExponentialRolloutRate_baseRatePerMinute' - The minimum number of things that will be notified of a pending job, per
+-- minute, at the start of the job rollout. This is the initial rate of the
+-- rollout.
+--
+-- 'incrementFactor', 'awsJobExponentialRolloutRate_incrementFactor' - The rate of increase for a job rollout. The number of things notified is
+-- multiplied by this factor.
+--
+-- 'rateIncreaseCriteria', 'awsJobExponentialRolloutRate_rateIncreaseCriteria' - The criteria to initiate the increase in rate of rollout for a job.
+--
+-- Amazon Web Services IoT Core supports up to one digit after the decimal
+-- (for example, 1.5, but not 1.55).
+newAwsJobExponentialRolloutRate ::
+  -- | 'baseRatePerMinute'
+  Prelude.Natural ->
+  -- | 'incrementFactor'
+  Prelude.Double ->
+  -- | 'rateIncreaseCriteria'
+  AwsJobRateIncreaseCriteria ->
+  AwsJobExponentialRolloutRate
+newAwsJobExponentialRolloutRate
+  pBaseRatePerMinute_
+  pIncrementFactor_
+  pRateIncreaseCriteria_ =
+    AwsJobExponentialRolloutRate'
+      { baseRatePerMinute =
+          pBaseRatePerMinute_,
+        incrementFactor = pIncrementFactor_,
+        rateIncreaseCriteria = pRateIncreaseCriteria_
+      }
+
+-- | The minimum number of things that will be notified of a pending job, per
+-- minute, at the start of the job rollout. This is the initial rate of the
+-- rollout.
+awsJobExponentialRolloutRate_baseRatePerMinute :: Lens.Lens' AwsJobExponentialRolloutRate Prelude.Natural
+awsJobExponentialRolloutRate_baseRatePerMinute = Lens.lens (\AwsJobExponentialRolloutRate' {baseRatePerMinute} -> baseRatePerMinute) (\s@AwsJobExponentialRolloutRate' {} a -> s {baseRatePerMinute = a} :: AwsJobExponentialRolloutRate)
+
+-- | The rate of increase for a job rollout. The number of things notified is
+-- multiplied by this factor.
+awsJobExponentialRolloutRate_incrementFactor :: Lens.Lens' AwsJobExponentialRolloutRate Prelude.Double
+awsJobExponentialRolloutRate_incrementFactor = Lens.lens (\AwsJobExponentialRolloutRate' {incrementFactor} -> incrementFactor) (\s@AwsJobExponentialRolloutRate' {} a -> s {incrementFactor = a} :: AwsJobExponentialRolloutRate)
+
+-- | The criteria to initiate the increase in rate of rollout for a job.
+--
+-- Amazon Web Services IoT Core supports up to one digit after the decimal
+-- (for example, 1.5, but not 1.55).
+awsJobExponentialRolloutRate_rateIncreaseCriteria :: Lens.Lens' AwsJobExponentialRolloutRate AwsJobRateIncreaseCriteria
+awsJobExponentialRolloutRate_rateIncreaseCriteria = Lens.lens (\AwsJobExponentialRolloutRate' {rateIncreaseCriteria} -> rateIncreaseCriteria) (\s@AwsJobExponentialRolloutRate' {} a -> s {rateIncreaseCriteria = a} :: AwsJobExponentialRolloutRate)
+
+instance Data.FromJSON AwsJobExponentialRolloutRate where
+  parseJSON =
+    Data.withObject
+      "AwsJobExponentialRolloutRate"
+      ( \x ->
+          AwsJobExponentialRolloutRate'
+            Prelude.<$> (x Data..: "baseRatePerMinute")
+            Prelude.<*> (x Data..: "incrementFactor")
+            Prelude.<*> (x Data..: "rateIncreaseCriteria")
+      )
+
+instance
+  Prelude.Hashable
+    AwsJobExponentialRolloutRate
+  where
+  hashWithSalt _salt AwsJobExponentialRolloutRate' {..} =
+    _salt
+      `Prelude.hashWithSalt` baseRatePerMinute
+      `Prelude.hashWithSalt` incrementFactor
+      `Prelude.hashWithSalt` rateIncreaseCriteria
+
+instance Prelude.NFData AwsJobExponentialRolloutRate where
+  rnf AwsJobExponentialRolloutRate' {..} =
+    Prelude.rnf baseRatePerMinute
+      `Prelude.seq` Prelude.rnf incrementFactor
+      `Prelude.seq` Prelude.rnf rateIncreaseCriteria
+
+instance Data.ToJSON AwsJobExponentialRolloutRate where
+  toJSON AwsJobExponentialRolloutRate' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just
+              ("baseRatePerMinute" Data..= baseRatePerMinute),
+            Prelude.Just
+              ("incrementFactor" Data..= incrementFactor),
+            Prelude.Just
+              ( "rateIncreaseCriteria"
+                  Data..= rateIncreaseCriteria
+              )
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/AwsJobPresignedUrlConfig.hs b/gen/Amazonka/IoT/Types/AwsJobPresignedUrlConfig.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AwsJobPresignedUrlConfig.hs
@@ -0,0 +1,86 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AwsJobPresignedUrlConfig
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AwsJobPresignedUrlConfig where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Configuration information for pre-signed URLs. Valid when @protocols@
+-- contains HTTP.
+--
+-- /See:/ 'newAwsJobPresignedUrlConfig' smart constructor.
+data AwsJobPresignedUrlConfig = AwsJobPresignedUrlConfig'
+  { -- | How long (in seconds) pre-signed URLs are valid. Valid values are 60 -
+    -- 3600, the default value is 1800 seconds. Pre-signed URLs are generated
+    -- when a request for the job document is received.
+    expiresInSec :: Prelude.Maybe Prelude.Integer
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AwsJobPresignedUrlConfig' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'expiresInSec', 'awsJobPresignedUrlConfig_expiresInSec' - How long (in seconds) pre-signed URLs are valid. Valid values are 60 -
+-- 3600, the default value is 1800 seconds. Pre-signed URLs are generated
+-- when a request for the job document is received.
+newAwsJobPresignedUrlConfig ::
+  AwsJobPresignedUrlConfig
+newAwsJobPresignedUrlConfig =
+  AwsJobPresignedUrlConfig'
+    { expiresInSec =
+        Prelude.Nothing
+    }
+
+-- | How long (in seconds) pre-signed URLs are valid. Valid values are 60 -
+-- 3600, the default value is 1800 seconds. Pre-signed URLs are generated
+-- when a request for the job document is received.
+awsJobPresignedUrlConfig_expiresInSec :: Lens.Lens' AwsJobPresignedUrlConfig (Prelude.Maybe Prelude.Integer)
+awsJobPresignedUrlConfig_expiresInSec = Lens.lens (\AwsJobPresignedUrlConfig' {expiresInSec} -> expiresInSec) (\s@AwsJobPresignedUrlConfig' {} a -> s {expiresInSec = a} :: AwsJobPresignedUrlConfig)
+
+instance Data.FromJSON AwsJobPresignedUrlConfig where
+  parseJSON =
+    Data.withObject
+      "AwsJobPresignedUrlConfig"
+      ( \x ->
+          AwsJobPresignedUrlConfig'
+            Prelude.<$> (x Data..:? "expiresInSec")
+      )
+
+instance Prelude.Hashable AwsJobPresignedUrlConfig where
+  hashWithSalt _salt AwsJobPresignedUrlConfig' {..} =
+    _salt `Prelude.hashWithSalt` expiresInSec
+
+instance Prelude.NFData AwsJobPresignedUrlConfig where
+  rnf AwsJobPresignedUrlConfig' {..} =
+    Prelude.rnf expiresInSec
+
+instance Data.ToJSON AwsJobPresignedUrlConfig where
+  toJSON AwsJobPresignedUrlConfig' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [("expiresInSec" Data..=) Prelude.<$> expiresInSec]
+      )
diff --git a/gen/Amazonka/IoT/Types/AwsJobRateIncreaseCriteria.hs b/gen/Amazonka/IoT/Types/AwsJobRateIncreaseCriteria.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AwsJobRateIncreaseCriteria.hs
@@ -0,0 +1,102 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AwsJobRateIncreaseCriteria
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AwsJobRateIncreaseCriteria where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The criteria to initiate the increase in rate of rollout for a job.
+--
+-- /See:/ 'newAwsJobRateIncreaseCriteria' smart constructor.
+data AwsJobRateIncreaseCriteria = AwsJobRateIncreaseCriteria'
+  { -- | When this number of things have been notified, it will initiate an
+    -- increase in the rollout rate.
+    numberOfNotifiedThings :: Prelude.Maybe Prelude.Natural,
+    -- | When this number of things have succeeded in their job execution, it
+    -- will initiate an increase in the rollout rate.
+    numberOfSucceededThings :: Prelude.Maybe Prelude.Natural
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AwsJobRateIncreaseCriteria' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'numberOfNotifiedThings', 'awsJobRateIncreaseCriteria_numberOfNotifiedThings' - When this number of things have been notified, it will initiate an
+-- increase in the rollout rate.
+--
+-- 'numberOfSucceededThings', 'awsJobRateIncreaseCriteria_numberOfSucceededThings' - When this number of things have succeeded in their job execution, it
+-- will initiate an increase in the rollout rate.
+newAwsJobRateIncreaseCriteria ::
+  AwsJobRateIncreaseCriteria
+newAwsJobRateIncreaseCriteria =
+  AwsJobRateIncreaseCriteria'
+    { numberOfNotifiedThings =
+        Prelude.Nothing,
+      numberOfSucceededThings = Prelude.Nothing
+    }
+
+-- | When this number of things have been notified, it will initiate an
+-- increase in the rollout rate.
+awsJobRateIncreaseCriteria_numberOfNotifiedThings :: Lens.Lens' AwsJobRateIncreaseCriteria (Prelude.Maybe Prelude.Natural)
+awsJobRateIncreaseCriteria_numberOfNotifiedThings = Lens.lens (\AwsJobRateIncreaseCriteria' {numberOfNotifiedThings} -> numberOfNotifiedThings) (\s@AwsJobRateIncreaseCriteria' {} a -> s {numberOfNotifiedThings = a} :: AwsJobRateIncreaseCriteria)
+
+-- | When this number of things have succeeded in their job execution, it
+-- will initiate an increase in the rollout rate.
+awsJobRateIncreaseCriteria_numberOfSucceededThings :: Lens.Lens' AwsJobRateIncreaseCriteria (Prelude.Maybe Prelude.Natural)
+awsJobRateIncreaseCriteria_numberOfSucceededThings = Lens.lens (\AwsJobRateIncreaseCriteria' {numberOfSucceededThings} -> numberOfSucceededThings) (\s@AwsJobRateIncreaseCriteria' {} a -> s {numberOfSucceededThings = a} :: AwsJobRateIncreaseCriteria)
+
+instance Data.FromJSON AwsJobRateIncreaseCriteria where
+  parseJSON =
+    Data.withObject
+      "AwsJobRateIncreaseCriteria"
+      ( \x ->
+          AwsJobRateIncreaseCriteria'
+            Prelude.<$> (x Data..:? "numberOfNotifiedThings")
+            Prelude.<*> (x Data..:? "numberOfSucceededThings")
+      )
+
+instance Prelude.Hashable AwsJobRateIncreaseCriteria where
+  hashWithSalt _salt AwsJobRateIncreaseCriteria' {..} =
+    _salt
+      `Prelude.hashWithSalt` numberOfNotifiedThings
+      `Prelude.hashWithSalt` numberOfSucceededThings
+
+instance Prelude.NFData AwsJobRateIncreaseCriteria where
+  rnf AwsJobRateIncreaseCriteria' {..} =
+    Prelude.rnf numberOfNotifiedThings
+      `Prelude.seq` Prelude.rnf numberOfSucceededThings
+
+instance Data.ToJSON AwsJobRateIncreaseCriteria where
+  toJSON AwsJobRateIncreaseCriteria' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("numberOfNotifiedThings" Data..=)
+              Prelude.<$> numberOfNotifiedThings,
+            ("numberOfSucceededThings" Data..=)
+              Prelude.<$> numberOfSucceededThings
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/AwsJobTimeoutConfig.hs b/gen/Amazonka/IoT/Types/AwsJobTimeoutConfig.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/AwsJobTimeoutConfig.hs
@@ -0,0 +1,95 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.AwsJobTimeoutConfig
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.AwsJobTimeoutConfig where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Specifies the amount of time each device has to finish its execution of
+-- the job. A timer is started when the job execution status is set to
+-- @IN_PROGRESS@. If the job execution status is not set to another
+-- terminal state before the timer expires, it will be automatically set to
+-- @TIMED_OUT@.
+--
+-- /See:/ 'newAwsJobTimeoutConfig' smart constructor.
+data AwsJobTimeoutConfig = AwsJobTimeoutConfig'
+  { -- | Specifies the amount of time, in minutes, this device has to finish
+    -- execution of this job. The timeout interval can be anywhere between 1
+    -- minute and 7 days (1 to 10080 minutes). The in progress timer can\'t be
+    -- updated and will apply to all job executions for the job. Whenever a job
+    -- execution remains in the IN_PROGRESS status for longer than this
+    -- interval, the job execution will fail and switch to the terminal
+    -- @TIMED_OUT@ status.
+    inProgressTimeoutInMinutes :: Prelude.Maybe Prelude.Integer
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AwsJobTimeoutConfig' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'inProgressTimeoutInMinutes', 'awsJobTimeoutConfig_inProgressTimeoutInMinutes' - Specifies the amount of time, in minutes, this device has to finish
+-- execution of this job. The timeout interval can be anywhere between 1
+-- minute and 7 days (1 to 10080 minutes). The in progress timer can\'t be
+-- updated and will apply to all job executions for the job. Whenever a job
+-- execution remains in the IN_PROGRESS status for longer than this
+-- interval, the job execution will fail and switch to the terminal
+-- @TIMED_OUT@ status.
+newAwsJobTimeoutConfig ::
+  AwsJobTimeoutConfig
+newAwsJobTimeoutConfig =
+  AwsJobTimeoutConfig'
+    { inProgressTimeoutInMinutes =
+        Prelude.Nothing
+    }
+
+-- | Specifies the amount of time, in minutes, this device has to finish
+-- execution of this job. The timeout interval can be anywhere between 1
+-- minute and 7 days (1 to 10080 minutes). The in progress timer can\'t be
+-- updated and will apply to all job executions for the job. Whenever a job
+-- execution remains in the IN_PROGRESS status for longer than this
+-- interval, the job execution will fail and switch to the terminal
+-- @TIMED_OUT@ status.
+awsJobTimeoutConfig_inProgressTimeoutInMinutes :: Lens.Lens' AwsJobTimeoutConfig (Prelude.Maybe Prelude.Integer)
+awsJobTimeoutConfig_inProgressTimeoutInMinutes = Lens.lens (\AwsJobTimeoutConfig' {inProgressTimeoutInMinutes} -> inProgressTimeoutInMinutes) (\s@AwsJobTimeoutConfig' {} a -> s {inProgressTimeoutInMinutes = a} :: AwsJobTimeoutConfig)
+
+instance Prelude.Hashable AwsJobTimeoutConfig where
+  hashWithSalt _salt AwsJobTimeoutConfig' {..} =
+    _salt
+      `Prelude.hashWithSalt` inProgressTimeoutInMinutes
+
+instance Prelude.NFData AwsJobTimeoutConfig where
+  rnf AwsJobTimeoutConfig' {..} =
+    Prelude.rnf inProgressTimeoutInMinutes
+
+instance Data.ToJSON AwsJobTimeoutConfig where
+  toJSON AwsJobTimeoutConfig' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("inProgressTimeoutInMinutes" Data..=)
+              Prelude.<$> inProgressTimeoutInMinutes
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/Behavior.hs b/gen/Amazonka/IoT/Types/Behavior.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/Behavior.hs
@@ -0,0 +1,150 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.Behavior
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.Behavior where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.BehaviorCriteria
+import Amazonka.IoT.Types.MetricDimension
+import qualified Amazonka.Prelude as Prelude
+
+-- | A Device Defender security profile behavior.
+--
+-- /See:/ 'newBehavior' smart constructor.
+data Behavior = Behavior'
+  { -- | The criteria that determine if a device is behaving normally in regard
+    -- to the @metric@.
+    criteria :: Prelude.Maybe BehaviorCriteria,
+    -- | What is measured by the behavior.
+    metric :: Prelude.Maybe Prelude.Text,
+    -- | The dimension for a metric in your behavior. For example, using a
+    -- @TOPIC_FILTER@ dimension, you can narrow down the scope of the metric to
+    -- only MQTT topics where the name matches the pattern specified in the
+    -- dimension. This can\'t be used with custom metrics.
+    metricDimension :: Prelude.Maybe MetricDimension,
+    -- | Suppresses alerts.
+    suppressAlerts :: Prelude.Maybe Prelude.Bool,
+    -- | The name you\'ve given to the behavior.
+    name :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'Behavior' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'criteria', 'behavior_criteria' - The criteria that determine if a device is behaving normally in regard
+-- to the @metric@.
+--
+-- 'metric', 'behavior_metric' - What is measured by the behavior.
+--
+-- 'metricDimension', 'behavior_metricDimension' - The dimension for a metric in your behavior. For example, using a
+-- @TOPIC_FILTER@ dimension, you can narrow down the scope of the metric to
+-- only MQTT topics where the name matches the pattern specified in the
+-- dimension. This can\'t be used with custom metrics.
+--
+-- 'suppressAlerts', 'behavior_suppressAlerts' - Suppresses alerts.
+--
+-- 'name', 'behavior_name' - The name you\'ve given to the behavior.
+newBehavior ::
+  -- | 'name'
+  Prelude.Text ->
+  Behavior
+newBehavior pName_ =
+  Behavior'
+    { criteria = Prelude.Nothing,
+      metric = Prelude.Nothing,
+      metricDimension = Prelude.Nothing,
+      suppressAlerts = Prelude.Nothing,
+      name = pName_
+    }
+
+-- | The criteria that determine if a device is behaving normally in regard
+-- to the @metric@.
+behavior_criteria :: Lens.Lens' Behavior (Prelude.Maybe BehaviorCriteria)
+behavior_criteria = Lens.lens (\Behavior' {criteria} -> criteria) (\s@Behavior' {} a -> s {criteria = a} :: Behavior)
+
+-- | What is measured by the behavior.
+behavior_metric :: Lens.Lens' Behavior (Prelude.Maybe Prelude.Text)
+behavior_metric = Lens.lens (\Behavior' {metric} -> metric) (\s@Behavior' {} a -> s {metric = a} :: Behavior)
+
+-- | The dimension for a metric in your behavior. For example, using a
+-- @TOPIC_FILTER@ dimension, you can narrow down the scope of the metric to
+-- only MQTT topics where the name matches the pattern specified in the
+-- dimension. This can\'t be used with custom metrics.
+behavior_metricDimension :: Lens.Lens' Behavior (Prelude.Maybe MetricDimension)
+behavior_metricDimension = Lens.lens (\Behavior' {metricDimension} -> metricDimension) (\s@Behavior' {} a -> s {metricDimension = a} :: Behavior)
+
+-- | Suppresses alerts.
+behavior_suppressAlerts :: Lens.Lens' Behavior (Prelude.Maybe Prelude.Bool)
+behavior_suppressAlerts = Lens.lens (\Behavior' {suppressAlerts} -> suppressAlerts) (\s@Behavior' {} a -> s {suppressAlerts = a} :: Behavior)
+
+-- | The name you\'ve given to the behavior.
+behavior_name :: Lens.Lens' Behavior Prelude.Text
+behavior_name = Lens.lens (\Behavior' {name} -> name) (\s@Behavior' {} a -> s {name = a} :: Behavior)
+
+instance Data.FromJSON Behavior where
+  parseJSON =
+    Data.withObject
+      "Behavior"
+      ( \x ->
+          Behavior'
+            Prelude.<$> (x Data..:? "criteria")
+            Prelude.<*> (x Data..:? "metric")
+            Prelude.<*> (x Data..:? "metricDimension")
+            Prelude.<*> (x Data..:? "suppressAlerts")
+            Prelude.<*> (x Data..: "name")
+      )
+
+instance Prelude.Hashable Behavior where
+  hashWithSalt _salt Behavior' {..} =
+    _salt
+      `Prelude.hashWithSalt` criteria
+      `Prelude.hashWithSalt` metric
+      `Prelude.hashWithSalt` metricDimension
+      `Prelude.hashWithSalt` suppressAlerts
+      `Prelude.hashWithSalt` name
+
+instance Prelude.NFData Behavior where
+  rnf Behavior' {..} =
+    Prelude.rnf criteria
+      `Prelude.seq` Prelude.rnf metric
+      `Prelude.seq` Prelude.rnf metricDimension
+      `Prelude.seq` Prelude.rnf suppressAlerts
+      `Prelude.seq` Prelude.rnf name
+
+instance Data.ToJSON Behavior where
+  toJSON Behavior' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("criteria" Data..=) Prelude.<$> criteria,
+            ("metric" Data..=) Prelude.<$> metric,
+            ("metricDimension" Data..=)
+              Prelude.<$> metricDimension,
+            ("suppressAlerts" Data..=)
+              Prelude.<$> suppressAlerts,
+            Prelude.Just ("name" Data..= name)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/BehaviorCriteria.hs b/gen/Amazonka/IoT/Types/BehaviorCriteria.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/BehaviorCriteria.hs
@@ -0,0 +1,241 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.BehaviorCriteria
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.BehaviorCriteria where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.ComparisonOperator
+import Amazonka.IoT.Types.MachineLearningDetectionConfig
+import Amazonka.IoT.Types.MetricValue
+import Amazonka.IoT.Types.StatisticalThreshold
+import qualified Amazonka.Prelude as Prelude
+
+-- | The criteria by which the behavior is determined to be normal.
+--
+-- /See:/ 'newBehaviorCriteria' smart constructor.
+data BehaviorCriteria = BehaviorCriteria'
+  { -- | The operator that relates the thing measured (@metric@) to the criteria
+    -- (containing a @value@ or @statisticalThreshold@). Valid operators
+    -- include:
+    --
+    -- -   @string-list@: @in-set@ and @not-in-set@
+    --
+    -- -   @number-list@: @in-set@ and @not-in-set@
+    --
+    -- -   @ip-address-list@: @in-cidr-set@ and @not-in-cidr-set@
+    --
+    -- -   @number@: @less-than@, @less-than-equals@, @greater-than@, and
+    --     @greater-than-equals@
+    comparisonOperator :: Prelude.Maybe ComparisonOperator,
+    -- | If a device is in violation of the behavior for the specified number of
+    -- consecutive datapoints, an alarm occurs. If not specified, the default
+    -- is 1.
+    consecutiveDatapointsToAlarm :: Prelude.Maybe Prelude.Natural,
+    -- | If an alarm has occurred and the offending device is no longer in
+    -- violation of the behavior for the specified number of consecutive
+    -- datapoints, the alarm is cleared. If not specified, the default is 1.
+    consecutiveDatapointsToClear :: Prelude.Maybe Prelude.Natural,
+    -- | Use this to specify the time duration over which the behavior is
+    -- evaluated, for those criteria that have a time dimension (for example,
+    -- @NUM_MESSAGES_SENT@). For a @statisticalThreshhold@ metric comparison,
+    -- measurements from all devices are accumulated over this time duration
+    -- before being used to calculate percentiles, and later, measurements from
+    -- an individual device are also accumulated over this time duration before
+    -- being given a percentile rank. Cannot be used with list-based metric
+    -- datatypes.
+    durationSeconds :: Prelude.Maybe Prelude.Int,
+    -- | The configuration of an ML Detect
+    mlDetectionConfig :: Prelude.Maybe MachineLearningDetectionConfig,
+    -- | A statistical ranking (percentile)that indicates a threshold value by
+    -- which a behavior is determined to be in compliance or in violation of
+    -- the behavior.
+    statisticalThreshold :: Prelude.Maybe StatisticalThreshold,
+    -- | The value to be compared with the @metric@.
+    value :: Prelude.Maybe MetricValue
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'BehaviorCriteria' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'comparisonOperator', 'behaviorCriteria_comparisonOperator' - The operator that relates the thing measured (@metric@) to the criteria
+-- (containing a @value@ or @statisticalThreshold@). Valid operators
+-- include:
+--
+-- -   @string-list@: @in-set@ and @not-in-set@
+--
+-- -   @number-list@: @in-set@ and @not-in-set@
+--
+-- -   @ip-address-list@: @in-cidr-set@ and @not-in-cidr-set@
+--
+-- -   @number@: @less-than@, @less-than-equals@, @greater-than@, and
+--     @greater-than-equals@
+--
+-- 'consecutiveDatapointsToAlarm', 'behaviorCriteria_consecutiveDatapointsToAlarm' - If a device is in violation of the behavior for the specified number of
+-- consecutive datapoints, an alarm occurs. If not specified, the default
+-- is 1.
+--
+-- 'consecutiveDatapointsToClear', 'behaviorCriteria_consecutiveDatapointsToClear' - If an alarm has occurred and the offending device is no longer in
+-- violation of the behavior for the specified number of consecutive
+-- datapoints, the alarm is cleared. If not specified, the default is 1.
+--
+-- 'durationSeconds', 'behaviorCriteria_durationSeconds' - Use this to specify the time duration over which the behavior is
+-- evaluated, for those criteria that have a time dimension (for example,
+-- @NUM_MESSAGES_SENT@). For a @statisticalThreshhold@ metric comparison,
+-- measurements from all devices are accumulated over this time duration
+-- before being used to calculate percentiles, and later, measurements from
+-- an individual device are also accumulated over this time duration before
+-- being given a percentile rank. Cannot be used with list-based metric
+-- datatypes.
+--
+-- 'mlDetectionConfig', 'behaviorCriteria_mlDetectionConfig' - The configuration of an ML Detect
+--
+-- 'statisticalThreshold', 'behaviorCriteria_statisticalThreshold' - A statistical ranking (percentile)that indicates a threshold value by
+-- which a behavior is determined to be in compliance or in violation of
+-- the behavior.
+--
+-- 'value', 'behaviorCriteria_value' - The value to be compared with the @metric@.
+newBehaviorCriteria ::
+  BehaviorCriteria
+newBehaviorCriteria =
+  BehaviorCriteria'
+    { comparisonOperator =
+        Prelude.Nothing,
+      consecutiveDatapointsToAlarm = Prelude.Nothing,
+      consecutiveDatapointsToClear = Prelude.Nothing,
+      durationSeconds = Prelude.Nothing,
+      mlDetectionConfig = Prelude.Nothing,
+      statisticalThreshold = Prelude.Nothing,
+      value = Prelude.Nothing
+    }
+
+-- | The operator that relates the thing measured (@metric@) to the criteria
+-- (containing a @value@ or @statisticalThreshold@). Valid operators
+-- include:
+--
+-- -   @string-list@: @in-set@ and @not-in-set@
+--
+-- -   @number-list@: @in-set@ and @not-in-set@
+--
+-- -   @ip-address-list@: @in-cidr-set@ and @not-in-cidr-set@
+--
+-- -   @number@: @less-than@, @less-than-equals@, @greater-than@, and
+--     @greater-than-equals@
+behaviorCriteria_comparisonOperator :: Lens.Lens' BehaviorCriteria (Prelude.Maybe ComparisonOperator)
+behaviorCriteria_comparisonOperator = Lens.lens (\BehaviorCriteria' {comparisonOperator} -> comparisonOperator) (\s@BehaviorCriteria' {} a -> s {comparisonOperator = a} :: BehaviorCriteria)
+
+-- | If a device is in violation of the behavior for the specified number of
+-- consecutive datapoints, an alarm occurs. If not specified, the default
+-- is 1.
+behaviorCriteria_consecutiveDatapointsToAlarm :: Lens.Lens' BehaviorCriteria (Prelude.Maybe Prelude.Natural)
+behaviorCriteria_consecutiveDatapointsToAlarm = Lens.lens (\BehaviorCriteria' {consecutiveDatapointsToAlarm} -> consecutiveDatapointsToAlarm) (\s@BehaviorCriteria' {} a -> s {consecutiveDatapointsToAlarm = a} :: BehaviorCriteria)
+
+-- | If an alarm has occurred and the offending device is no longer in
+-- violation of the behavior for the specified number of consecutive
+-- datapoints, the alarm is cleared. If not specified, the default is 1.
+behaviorCriteria_consecutiveDatapointsToClear :: Lens.Lens' BehaviorCriteria (Prelude.Maybe Prelude.Natural)
+behaviorCriteria_consecutiveDatapointsToClear = Lens.lens (\BehaviorCriteria' {consecutiveDatapointsToClear} -> consecutiveDatapointsToClear) (\s@BehaviorCriteria' {} a -> s {consecutiveDatapointsToClear = a} :: BehaviorCriteria)
+
+-- | Use this to specify the time duration over which the behavior is
+-- evaluated, for those criteria that have a time dimension (for example,
+-- @NUM_MESSAGES_SENT@). For a @statisticalThreshhold@ metric comparison,
+-- measurements from all devices are accumulated over this time duration
+-- before being used to calculate percentiles, and later, measurements from
+-- an individual device are also accumulated over this time duration before
+-- being given a percentile rank. Cannot be used with list-based metric
+-- datatypes.
+behaviorCriteria_durationSeconds :: Lens.Lens' BehaviorCriteria (Prelude.Maybe Prelude.Int)
+behaviorCriteria_durationSeconds = Lens.lens (\BehaviorCriteria' {durationSeconds} -> durationSeconds) (\s@BehaviorCriteria' {} a -> s {durationSeconds = a} :: BehaviorCriteria)
+
+-- | The configuration of an ML Detect
+behaviorCriteria_mlDetectionConfig :: Lens.Lens' BehaviorCriteria (Prelude.Maybe MachineLearningDetectionConfig)
+behaviorCriteria_mlDetectionConfig = Lens.lens (\BehaviorCriteria' {mlDetectionConfig} -> mlDetectionConfig) (\s@BehaviorCriteria' {} a -> s {mlDetectionConfig = a} :: BehaviorCriteria)
+
+-- | A statistical ranking (percentile)that indicates a threshold value by
+-- which a behavior is determined to be in compliance or in violation of
+-- the behavior.
+behaviorCriteria_statisticalThreshold :: Lens.Lens' BehaviorCriteria (Prelude.Maybe StatisticalThreshold)
+behaviorCriteria_statisticalThreshold = Lens.lens (\BehaviorCriteria' {statisticalThreshold} -> statisticalThreshold) (\s@BehaviorCriteria' {} a -> s {statisticalThreshold = a} :: BehaviorCriteria)
+
+-- | The value to be compared with the @metric@.
+behaviorCriteria_value :: Lens.Lens' BehaviorCriteria (Prelude.Maybe MetricValue)
+behaviorCriteria_value = Lens.lens (\BehaviorCriteria' {value} -> value) (\s@BehaviorCriteria' {} a -> s {value = a} :: BehaviorCriteria)
+
+instance Data.FromJSON BehaviorCriteria where
+  parseJSON =
+    Data.withObject
+      "BehaviorCriteria"
+      ( \x ->
+          BehaviorCriteria'
+            Prelude.<$> (x Data..:? "comparisonOperator")
+            Prelude.<*> (x Data..:? "consecutiveDatapointsToAlarm")
+            Prelude.<*> (x Data..:? "consecutiveDatapointsToClear")
+            Prelude.<*> (x Data..:? "durationSeconds")
+            Prelude.<*> (x Data..:? "mlDetectionConfig")
+            Prelude.<*> (x Data..:? "statisticalThreshold")
+            Prelude.<*> (x Data..:? "value")
+      )
+
+instance Prelude.Hashable BehaviorCriteria where
+  hashWithSalt _salt BehaviorCriteria' {..} =
+    _salt
+      `Prelude.hashWithSalt` comparisonOperator
+      `Prelude.hashWithSalt` consecutiveDatapointsToAlarm
+      `Prelude.hashWithSalt` consecutiveDatapointsToClear
+      `Prelude.hashWithSalt` durationSeconds
+      `Prelude.hashWithSalt` mlDetectionConfig
+      `Prelude.hashWithSalt` statisticalThreshold
+      `Prelude.hashWithSalt` value
+
+instance Prelude.NFData BehaviorCriteria where
+  rnf BehaviorCriteria' {..} =
+    Prelude.rnf comparisonOperator
+      `Prelude.seq` Prelude.rnf consecutiveDatapointsToAlarm
+      `Prelude.seq` Prelude.rnf consecutiveDatapointsToClear
+      `Prelude.seq` Prelude.rnf durationSeconds
+      `Prelude.seq` Prelude.rnf mlDetectionConfig
+      `Prelude.seq` Prelude.rnf statisticalThreshold
+      `Prelude.seq` Prelude.rnf value
+
+instance Data.ToJSON BehaviorCriteria where
+  toJSON BehaviorCriteria' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("comparisonOperator" Data..=)
+              Prelude.<$> comparisonOperator,
+            ("consecutiveDatapointsToAlarm" Data..=)
+              Prelude.<$> consecutiveDatapointsToAlarm,
+            ("consecutiveDatapointsToClear" Data..=)
+              Prelude.<$> consecutiveDatapointsToClear,
+            ("durationSeconds" Data..=)
+              Prelude.<$> durationSeconds,
+            ("mlDetectionConfig" Data..=)
+              Prelude.<$> mlDetectionConfig,
+            ("statisticalThreshold" Data..=)
+              Prelude.<$> statisticalThreshold,
+            ("value" Data..=) Prelude.<$> value
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/BehaviorCriteriaType.hs b/gen/Amazonka/IoT/Types/BehaviorCriteriaType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/BehaviorCriteriaType.hs
@@ -0,0 +1,76 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.BehaviorCriteriaType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.BehaviorCriteriaType
+  ( BehaviorCriteriaType
+      ( ..,
+        BehaviorCriteriaType_MACHINE_LEARNING,
+        BehaviorCriteriaType_STATIC,
+        BehaviorCriteriaType_STATISTICAL
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype BehaviorCriteriaType = BehaviorCriteriaType'
+  { fromBehaviorCriteriaType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern BehaviorCriteriaType_MACHINE_LEARNING :: BehaviorCriteriaType
+pattern BehaviorCriteriaType_MACHINE_LEARNING = BehaviorCriteriaType' "MACHINE_LEARNING"
+
+pattern BehaviorCriteriaType_STATIC :: BehaviorCriteriaType
+pattern BehaviorCriteriaType_STATIC = BehaviorCriteriaType' "STATIC"
+
+pattern BehaviorCriteriaType_STATISTICAL :: BehaviorCriteriaType
+pattern BehaviorCriteriaType_STATISTICAL = BehaviorCriteriaType' "STATISTICAL"
+
+{-# COMPLETE
+  BehaviorCriteriaType_MACHINE_LEARNING,
+  BehaviorCriteriaType_STATIC,
+  BehaviorCriteriaType_STATISTICAL,
+  BehaviorCriteriaType'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/BehaviorModelTrainingSummary.hs b/gen/Amazonka/IoT/Types/BehaviorModelTrainingSummary.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/BehaviorModelTrainingSummary.hs
@@ -0,0 +1,139 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.BehaviorModelTrainingSummary
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.BehaviorModelTrainingSummary where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.ModelStatus
+import qualified Amazonka.Prelude as Prelude
+
+-- | The summary of an ML Detect behavior model.
+--
+-- /See:/ 'newBehaviorModelTrainingSummary' smart constructor.
+data BehaviorModelTrainingSummary = BehaviorModelTrainingSummary'
+  { -- | The name of the behavior.
+    behaviorName :: Prelude.Maybe Prelude.Text,
+    -- | The percentage of datapoints collected.
+    datapointsCollectionPercentage :: Prelude.Maybe Prelude.Double,
+    -- | The date the model was last refreshed.
+    lastModelRefreshDate :: Prelude.Maybe Data.POSIX,
+    -- | The status of the behavior model.
+    modelStatus :: Prelude.Maybe ModelStatus,
+    -- | The name of the security profile.
+    securityProfileName :: Prelude.Maybe Prelude.Text,
+    -- | The date a training model started collecting data.
+    trainingDataCollectionStartDate :: Prelude.Maybe Data.POSIX
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'BehaviorModelTrainingSummary' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'behaviorName', 'behaviorModelTrainingSummary_behaviorName' - The name of the behavior.
+--
+-- 'datapointsCollectionPercentage', 'behaviorModelTrainingSummary_datapointsCollectionPercentage' - The percentage of datapoints collected.
+--
+-- 'lastModelRefreshDate', 'behaviorModelTrainingSummary_lastModelRefreshDate' - The date the model was last refreshed.
+--
+-- 'modelStatus', 'behaviorModelTrainingSummary_modelStatus' - The status of the behavior model.
+--
+-- 'securityProfileName', 'behaviorModelTrainingSummary_securityProfileName' - The name of the security profile.
+--
+-- 'trainingDataCollectionStartDate', 'behaviorModelTrainingSummary_trainingDataCollectionStartDate' - The date a training model started collecting data.
+newBehaviorModelTrainingSummary ::
+  BehaviorModelTrainingSummary
+newBehaviorModelTrainingSummary =
+  BehaviorModelTrainingSummary'
+    { behaviorName =
+        Prelude.Nothing,
+      datapointsCollectionPercentage =
+        Prelude.Nothing,
+      lastModelRefreshDate = Prelude.Nothing,
+      modelStatus = Prelude.Nothing,
+      securityProfileName = Prelude.Nothing,
+      trainingDataCollectionStartDate =
+        Prelude.Nothing
+    }
+
+-- | The name of the behavior.
+behaviorModelTrainingSummary_behaviorName :: Lens.Lens' BehaviorModelTrainingSummary (Prelude.Maybe Prelude.Text)
+behaviorModelTrainingSummary_behaviorName = Lens.lens (\BehaviorModelTrainingSummary' {behaviorName} -> behaviorName) (\s@BehaviorModelTrainingSummary' {} a -> s {behaviorName = a} :: BehaviorModelTrainingSummary)
+
+-- | The percentage of datapoints collected.
+behaviorModelTrainingSummary_datapointsCollectionPercentage :: Lens.Lens' BehaviorModelTrainingSummary (Prelude.Maybe Prelude.Double)
+behaviorModelTrainingSummary_datapointsCollectionPercentage = Lens.lens (\BehaviorModelTrainingSummary' {datapointsCollectionPercentage} -> datapointsCollectionPercentage) (\s@BehaviorModelTrainingSummary' {} a -> s {datapointsCollectionPercentage = a} :: BehaviorModelTrainingSummary)
+
+-- | The date the model was last refreshed.
+behaviorModelTrainingSummary_lastModelRefreshDate :: Lens.Lens' BehaviorModelTrainingSummary (Prelude.Maybe Prelude.UTCTime)
+behaviorModelTrainingSummary_lastModelRefreshDate = Lens.lens (\BehaviorModelTrainingSummary' {lastModelRefreshDate} -> lastModelRefreshDate) (\s@BehaviorModelTrainingSummary' {} a -> s {lastModelRefreshDate = a} :: BehaviorModelTrainingSummary) Prelude.. Lens.mapping Data._Time
+
+-- | The status of the behavior model.
+behaviorModelTrainingSummary_modelStatus :: Lens.Lens' BehaviorModelTrainingSummary (Prelude.Maybe ModelStatus)
+behaviorModelTrainingSummary_modelStatus = Lens.lens (\BehaviorModelTrainingSummary' {modelStatus} -> modelStatus) (\s@BehaviorModelTrainingSummary' {} a -> s {modelStatus = a} :: BehaviorModelTrainingSummary)
+
+-- | The name of the security profile.
+behaviorModelTrainingSummary_securityProfileName :: Lens.Lens' BehaviorModelTrainingSummary (Prelude.Maybe Prelude.Text)
+behaviorModelTrainingSummary_securityProfileName = Lens.lens (\BehaviorModelTrainingSummary' {securityProfileName} -> securityProfileName) (\s@BehaviorModelTrainingSummary' {} a -> s {securityProfileName = a} :: BehaviorModelTrainingSummary)
+
+-- | The date a training model started collecting data.
+behaviorModelTrainingSummary_trainingDataCollectionStartDate :: Lens.Lens' BehaviorModelTrainingSummary (Prelude.Maybe Prelude.UTCTime)
+behaviorModelTrainingSummary_trainingDataCollectionStartDate = Lens.lens (\BehaviorModelTrainingSummary' {trainingDataCollectionStartDate} -> trainingDataCollectionStartDate) (\s@BehaviorModelTrainingSummary' {} a -> s {trainingDataCollectionStartDate = a} :: BehaviorModelTrainingSummary) Prelude.. Lens.mapping Data._Time
+
+instance Data.FromJSON BehaviorModelTrainingSummary where
+  parseJSON =
+    Data.withObject
+      "BehaviorModelTrainingSummary"
+      ( \x ->
+          BehaviorModelTrainingSummary'
+            Prelude.<$> (x Data..:? "behaviorName")
+            Prelude.<*> (x Data..:? "datapointsCollectionPercentage")
+            Prelude.<*> (x Data..:? "lastModelRefreshDate")
+            Prelude.<*> (x Data..:? "modelStatus")
+            Prelude.<*> (x Data..:? "securityProfileName")
+            Prelude.<*> (x Data..:? "trainingDataCollectionStartDate")
+      )
+
+instance
+  Prelude.Hashable
+    BehaviorModelTrainingSummary
+  where
+  hashWithSalt _salt BehaviorModelTrainingSummary' {..} =
+    _salt
+      `Prelude.hashWithSalt` behaviorName
+      `Prelude.hashWithSalt` datapointsCollectionPercentage
+      `Prelude.hashWithSalt` lastModelRefreshDate
+      `Prelude.hashWithSalt` modelStatus
+      `Prelude.hashWithSalt` securityProfileName
+      `Prelude.hashWithSalt` trainingDataCollectionStartDate
+
+instance Prelude.NFData BehaviorModelTrainingSummary where
+  rnf BehaviorModelTrainingSummary' {..} =
+    Prelude.rnf behaviorName
+      `Prelude.seq` Prelude.rnf datapointsCollectionPercentage
+      `Prelude.seq` Prelude.rnf lastModelRefreshDate
+      `Prelude.seq` Prelude.rnf modelStatus
+      `Prelude.seq` Prelude.rnf securityProfileName
+      `Prelude.seq` Prelude.rnf trainingDataCollectionStartDate
diff --git a/gen/Amazonka/IoT/Types/BillingGroupMetadata.hs b/gen/Amazonka/IoT/Types/BillingGroupMetadata.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/BillingGroupMetadata.hs
@@ -0,0 +1,72 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.BillingGroupMetadata
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.BillingGroupMetadata where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Additional information about the billing group.
+--
+-- /See:/ 'newBillingGroupMetadata' smart constructor.
+data BillingGroupMetadata = BillingGroupMetadata'
+  { -- | The date the billing group was created.
+    creationDate :: Prelude.Maybe Data.POSIX
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'BillingGroupMetadata' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'creationDate', 'billingGroupMetadata_creationDate' - The date the billing group was created.
+newBillingGroupMetadata ::
+  BillingGroupMetadata
+newBillingGroupMetadata =
+  BillingGroupMetadata'
+    { creationDate =
+        Prelude.Nothing
+    }
+
+-- | The date the billing group was created.
+billingGroupMetadata_creationDate :: Lens.Lens' BillingGroupMetadata (Prelude.Maybe Prelude.UTCTime)
+billingGroupMetadata_creationDate = Lens.lens (\BillingGroupMetadata' {creationDate} -> creationDate) (\s@BillingGroupMetadata' {} a -> s {creationDate = a} :: BillingGroupMetadata) Prelude.. Lens.mapping Data._Time
+
+instance Data.FromJSON BillingGroupMetadata where
+  parseJSON =
+    Data.withObject
+      "BillingGroupMetadata"
+      ( \x ->
+          BillingGroupMetadata'
+            Prelude.<$> (x Data..:? "creationDate")
+      )
+
+instance Prelude.Hashable BillingGroupMetadata where
+  hashWithSalt _salt BillingGroupMetadata' {..} =
+    _salt `Prelude.hashWithSalt` creationDate
+
+instance Prelude.NFData BillingGroupMetadata where
+  rnf BillingGroupMetadata' {..} =
+    Prelude.rnf creationDate
diff --git a/gen/Amazonka/IoT/Types/BillingGroupProperties.hs b/gen/Amazonka/IoT/Types/BillingGroupProperties.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/BillingGroupProperties.hs
@@ -0,0 +1,82 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.BillingGroupProperties
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.BillingGroupProperties where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The properties of a billing group.
+--
+-- /See:/ 'newBillingGroupProperties' smart constructor.
+data BillingGroupProperties = BillingGroupProperties'
+  { -- | The description of the billing group.
+    billingGroupDescription :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'BillingGroupProperties' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'billingGroupDescription', 'billingGroupProperties_billingGroupDescription' - The description of the billing group.
+newBillingGroupProperties ::
+  BillingGroupProperties
+newBillingGroupProperties =
+  BillingGroupProperties'
+    { billingGroupDescription =
+        Prelude.Nothing
+    }
+
+-- | The description of the billing group.
+billingGroupProperties_billingGroupDescription :: Lens.Lens' BillingGroupProperties (Prelude.Maybe Prelude.Text)
+billingGroupProperties_billingGroupDescription = Lens.lens (\BillingGroupProperties' {billingGroupDescription} -> billingGroupDescription) (\s@BillingGroupProperties' {} a -> s {billingGroupDescription = a} :: BillingGroupProperties)
+
+instance Data.FromJSON BillingGroupProperties where
+  parseJSON =
+    Data.withObject
+      "BillingGroupProperties"
+      ( \x ->
+          BillingGroupProperties'
+            Prelude.<$> (x Data..:? "billingGroupDescription")
+      )
+
+instance Prelude.Hashable BillingGroupProperties where
+  hashWithSalt _salt BillingGroupProperties' {..} =
+    _salt
+      `Prelude.hashWithSalt` billingGroupDescription
+
+instance Prelude.NFData BillingGroupProperties where
+  rnf BillingGroupProperties' {..} =
+    Prelude.rnf billingGroupDescription
+
+instance Data.ToJSON BillingGroupProperties where
+  toJSON BillingGroupProperties' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("billingGroupDescription" Data..=)
+              Prelude.<$> billingGroupDescription
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/Bucket.hs b/gen/Amazonka/IoT/Types/Bucket.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/Bucket.hs
@@ -0,0 +1,87 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.Bucket
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.Bucket where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | A count of documents that meets a specific aggregation criteria.
+--
+-- /See:/ 'newBucket' smart constructor.
+data Bucket = Bucket'
+  { -- | The number of documents that have the value counted for the particular
+    -- bucket.
+    count :: Prelude.Maybe Prelude.Int,
+    -- | The value counted for the particular bucket.
+    keyValue :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'Bucket' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'count', 'bucket_count' - The number of documents that have the value counted for the particular
+-- bucket.
+--
+-- 'keyValue', 'bucket_keyValue' - The value counted for the particular bucket.
+newBucket ::
+  Bucket
+newBucket =
+  Bucket'
+    { count = Prelude.Nothing,
+      keyValue = Prelude.Nothing
+    }
+
+-- | The number of documents that have the value counted for the particular
+-- bucket.
+bucket_count :: Lens.Lens' Bucket (Prelude.Maybe Prelude.Int)
+bucket_count = Lens.lens (\Bucket' {count} -> count) (\s@Bucket' {} a -> s {count = a} :: Bucket)
+
+-- | The value counted for the particular bucket.
+bucket_keyValue :: Lens.Lens' Bucket (Prelude.Maybe Prelude.Text)
+bucket_keyValue = Lens.lens (\Bucket' {keyValue} -> keyValue) (\s@Bucket' {} a -> s {keyValue = a} :: Bucket)
+
+instance Data.FromJSON Bucket where
+  parseJSON =
+    Data.withObject
+      "Bucket"
+      ( \x ->
+          Bucket'
+            Prelude.<$> (x Data..:? "count")
+            Prelude.<*> (x Data..:? "keyValue")
+      )
+
+instance Prelude.Hashable Bucket where
+  hashWithSalt _salt Bucket' {..} =
+    _salt
+      `Prelude.hashWithSalt` count
+      `Prelude.hashWithSalt` keyValue
+
+instance Prelude.NFData Bucket where
+  rnf Bucket' {..} =
+    Prelude.rnf count
+      `Prelude.seq` Prelude.rnf keyValue
diff --git a/gen/Amazonka/IoT/Types/BucketsAggregationType.hs b/gen/Amazonka/IoT/Types/BucketsAggregationType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/BucketsAggregationType.hs
@@ -0,0 +1,79 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.BucketsAggregationType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.BucketsAggregationType where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.TermsAggregation
+import qualified Amazonka.Prelude as Prelude
+
+-- | The type of bucketed aggregation performed.
+--
+-- /See:/ 'newBucketsAggregationType' smart constructor.
+data BucketsAggregationType = BucketsAggregationType'
+  { -- | Performs an aggregation that will return a list of buckets. The list of
+    -- buckets is a ranked list of the number of occurrences of an aggregation
+    -- field value.
+    termsAggregation :: Prelude.Maybe TermsAggregation
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'BucketsAggregationType' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'termsAggregation', 'bucketsAggregationType_termsAggregation' - Performs an aggregation that will return a list of buckets. The list of
+-- buckets is a ranked list of the number of occurrences of an aggregation
+-- field value.
+newBucketsAggregationType ::
+  BucketsAggregationType
+newBucketsAggregationType =
+  BucketsAggregationType'
+    { termsAggregation =
+        Prelude.Nothing
+    }
+
+-- | Performs an aggregation that will return a list of buckets. The list of
+-- buckets is a ranked list of the number of occurrences of an aggregation
+-- field value.
+bucketsAggregationType_termsAggregation :: Lens.Lens' BucketsAggregationType (Prelude.Maybe TermsAggregation)
+bucketsAggregationType_termsAggregation = Lens.lens (\BucketsAggregationType' {termsAggregation} -> termsAggregation) (\s@BucketsAggregationType' {} a -> s {termsAggregation = a} :: BucketsAggregationType)
+
+instance Prelude.Hashable BucketsAggregationType where
+  hashWithSalt _salt BucketsAggregationType' {..} =
+    _salt `Prelude.hashWithSalt` termsAggregation
+
+instance Prelude.NFData BucketsAggregationType where
+  rnf BucketsAggregationType' {..} =
+    Prelude.rnf termsAggregation
+
+instance Data.ToJSON BucketsAggregationType where
+  toJSON BucketsAggregationType' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("termsAggregation" Data..=)
+              Prelude.<$> termsAggregation
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/CACertificate.hs b/gen/Amazonka/IoT/Types/CACertificate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/CACertificate.hs
@@ -0,0 +1,115 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.CACertificate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.CACertificate where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.CACertificateStatus
+import qualified Amazonka.Prelude as Prelude
+
+-- | A CA certificate.
+--
+-- /See:/ 'newCACertificate' smart constructor.
+data CACertificate = CACertificate'
+  { -- | The ARN of the CA certificate.
+    certificateArn :: Prelude.Maybe Prelude.Text,
+    -- | The ID of the CA certificate.
+    certificateId :: Prelude.Maybe Prelude.Text,
+    -- | The date the CA certificate was created.
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | The status of the CA certificate.
+    --
+    -- The status value REGISTER_INACTIVE is deprecated and should not be used.
+    status :: Prelude.Maybe CACertificateStatus
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CACertificate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificateArn', 'cACertificate_certificateArn' - The ARN of the CA certificate.
+--
+-- 'certificateId', 'cACertificate_certificateId' - The ID of the CA certificate.
+--
+-- 'creationDate', 'cACertificate_creationDate' - The date the CA certificate was created.
+--
+-- 'status', 'cACertificate_status' - The status of the CA certificate.
+--
+-- The status value REGISTER_INACTIVE is deprecated and should not be used.
+newCACertificate ::
+  CACertificate
+newCACertificate =
+  CACertificate'
+    { certificateArn = Prelude.Nothing,
+      certificateId = Prelude.Nothing,
+      creationDate = Prelude.Nothing,
+      status = Prelude.Nothing
+    }
+
+-- | The ARN of the CA certificate.
+cACertificate_certificateArn :: Lens.Lens' CACertificate (Prelude.Maybe Prelude.Text)
+cACertificate_certificateArn = Lens.lens (\CACertificate' {certificateArn} -> certificateArn) (\s@CACertificate' {} a -> s {certificateArn = a} :: CACertificate)
+
+-- | The ID of the CA certificate.
+cACertificate_certificateId :: Lens.Lens' CACertificate (Prelude.Maybe Prelude.Text)
+cACertificate_certificateId = Lens.lens (\CACertificate' {certificateId} -> certificateId) (\s@CACertificate' {} a -> s {certificateId = a} :: CACertificate)
+
+-- | The date the CA certificate was created.
+cACertificate_creationDate :: Lens.Lens' CACertificate (Prelude.Maybe Prelude.UTCTime)
+cACertificate_creationDate = Lens.lens (\CACertificate' {creationDate} -> creationDate) (\s@CACertificate' {} a -> s {creationDate = a} :: CACertificate) Prelude.. Lens.mapping Data._Time
+
+-- | The status of the CA certificate.
+--
+-- The status value REGISTER_INACTIVE is deprecated and should not be used.
+cACertificate_status :: Lens.Lens' CACertificate (Prelude.Maybe CACertificateStatus)
+cACertificate_status = Lens.lens (\CACertificate' {status} -> status) (\s@CACertificate' {} a -> s {status = a} :: CACertificate)
+
+instance Data.FromJSON CACertificate where
+  parseJSON =
+    Data.withObject
+      "CACertificate"
+      ( \x ->
+          CACertificate'
+            Prelude.<$> (x Data..:? "certificateArn")
+            Prelude.<*> (x Data..:? "certificateId")
+            Prelude.<*> (x Data..:? "creationDate")
+            Prelude.<*> (x Data..:? "status")
+      )
+
+instance Prelude.Hashable CACertificate where
+  hashWithSalt _salt CACertificate' {..} =
+    _salt
+      `Prelude.hashWithSalt` certificateArn
+      `Prelude.hashWithSalt` certificateId
+      `Prelude.hashWithSalt` creationDate
+      `Prelude.hashWithSalt` status
+
+instance Prelude.NFData CACertificate where
+  rnf CACertificate' {..} =
+    Prelude.rnf certificateArn
+      `Prelude.seq` Prelude.rnf certificateId
+      `Prelude.seq` Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf status
diff --git a/gen/Amazonka/IoT/Types/CACertificateDescription.hs b/gen/Amazonka/IoT/Types/CACertificateDescription.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/CACertificateDescription.hs
@@ -0,0 +1,227 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.CACertificateDescription
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.CACertificateDescription where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.AutoRegistrationStatus
+import Amazonka.IoT.Types.CACertificateStatus
+import Amazonka.IoT.Types.CertificateMode
+import Amazonka.IoT.Types.CertificateValidity
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes a CA certificate.
+--
+-- /See:/ 'newCACertificateDescription' smart constructor.
+data CACertificateDescription = CACertificateDescription'
+  { -- | Whether the CA certificate configured for auto registration of device
+    -- certificates. Valid values are \"ENABLE\" and \"DISABLE\"
+    autoRegistrationStatus :: Prelude.Maybe AutoRegistrationStatus,
+    -- | The CA certificate ARN.
+    certificateArn :: Prelude.Maybe Prelude.Text,
+    -- | The CA certificate ID.
+    certificateId :: Prelude.Maybe Prelude.Text,
+    -- | The mode of the CA.
+    --
+    -- All the device certificates that are registered using this CA will be
+    -- registered in the same mode as the CA. For more information about
+    -- certificate mode for device certificates, see
+    -- <https://docs.aws.amazon.com/iot/latest/apireference/API_CertificateDescription.html#iot-Type-CertificateDescription-certificateMode certificate mode>.
+    certificateMode :: Prelude.Maybe CertificateMode,
+    -- | The CA certificate data, in PEM format.
+    certificatePem :: Prelude.Maybe Prelude.Text,
+    -- | The date the CA certificate was created.
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | The customer version of the CA certificate.
+    customerVersion :: Prelude.Maybe Prelude.Natural,
+    -- | The generation ID of the CA certificate.
+    generationId :: Prelude.Maybe Prelude.Text,
+    -- | The date the CA certificate was last modified.
+    lastModifiedDate :: Prelude.Maybe Data.POSIX,
+    -- | The owner of the CA certificate.
+    ownedBy :: Prelude.Maybe Prelude.Text,
+    -- | The status of a CA certificate.
+    status :: Prelude.Maybe CACertificateStatus,
+    -- | When the CA certificate is valid.
+    validity :: Prelude.Maybe CertificateValidity
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CACertificateDescription' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'autoRegistrationStatus', 'cACertificateDescription_autoRegistrationStatus' - Whether the CA certificate configured for auto registration of device
+-- certificates. Valid values are \"ENABLE\" and \"DISABLE\"
+--
+-- 'certificateArn', 'cACertificateDescription_certificateArn' - The CA certificate ARN.
+--
+-- 'certificateId', 'cACertificateDescription_certificateId' - The CA certificate ID.
+--
+-- 'certificateMode', 'cACertificateDescription_certificateMode' - The mode of the CA.
+--
+-- All the device certificates that are registered using this CA will be
+-- registered in the same mode as the CA. For more information about
+-- certificate mode for device certificates, see
+-- <https://docs.aws.amazon.com/iot/latest/apireference/API_CertificateDescription.html#iot-Type-CertificateDescription-certificateMode certificate mode>.
+--
+-- 'certificatePem', 'cACertificateDescription_certificatePem' - The CA certificate data, in PEM format.
+--
+-- 'creationDate', 'cACertificateDescription_creationDate' - The date the CA certificate was created.
+--
+-- 'customerVersion', 'cACertificateDescription_customerVersion' - The customer version of the CA certificate.
+--
+-- 'generationId', 'cACertificateDescription_generationId' - The generation ID of the CA certificate.
+--
+-- 'lastModifiedDate', 'cACertificateDescription_lastModifiedDate' - The date the CA certificate was last modified.
+--
+-- 'ownedBy', 'cACertificateDescription_ownedBy' - The owner of the CA certificate.
+--
+-- 'status', 'cACertificateDescription_status' - The status of a CA certificate.
+--
+-- 'validity', 'cACertificateDescription_validity' - When the CA certificate is valid.
+newCACertificateDescription ::
+  CACertificateDescription
+newCACertificateDescription =
+  CACertificateDescription'
+    { autoRegistrationStatus =
+        Prelude.Nothing,
+      certificateArn = Prelude.Nothing,
+      certificateId = Prelude.Nothing,
+      certificateMode = Prelude.Nothing,
+      certificatePem = Prelude.Nothing,
+      creationDate = Prelude.Nothing,
+      customerVersion = Prelude.Nothing,
+      generationId = Prelude.Nothing,
+      lastModifiedDate = Prelude.Nothing,
+      ownedBy = Prelude.Nothing,
+      status = Prelude.Nothing,
+      validity = Prelude.Nothing
+    }
+
+-- | Whether the CA certificate configured for auto registration of device
+-- certificates. Valid values are \"ENABLE\" and \"DISABLE\"
+cACertificateDescription_autoRegistrationStatus :: Lens.Lens' CACertificateDescription (Prelude.Maybe AutoRegistrationStatus)
+cACertificateDescription_autoRegistrationStatus = Lens.lens (\CACertificateDescription' {autoRegistrationStatus} -> autoRegistrationStatus) (\s@CACertificateDescription' {} a -> s {autoRegistrationStatus = a} :: CACertificateDescription)
+
+-- | The CA certificate ARN.
+cACertificateDescription_certificateArn :: Lens.Lens' CACertificateDescription (Prelude.Maybe Prelude.Text)
+cACertificateDescription_certificateArn = Lens.lens (\CACertificateDescription' {certificateArn} -> certificateArn) (\s@CACertificateDescription' {} a -> s {certificateArn = a} :: CACertificateDescription)
+
+-- | The CA certificate ID.
+cACertificateDescription_certificateId :: Lens.Lens' CACertificateDescription (Prelude.Maybe Prelude.Text)
+cACertificateDescription_certificateId = Lens.lens (\CACertificateDescription' {certificateId} -> certificateId) (\s@CACertificateDescription' {} a -> s {certificateId = a} :: CACertificateDescription)
+
+-- | The mode of the CA.
+--
+-- All the device certificates that are registered using this CA will be
+-- registered in the same mode as the CA. For more information about
+-- certificate mode for device certificates, see
+-- <https://docs.aws.amazon.com/iot/latest/apireference/API_CertificateDescription.html#iot-Type-CertificateDescription-certificateMode certificate mode>.
+cACertificateDescription_certificateMode :: Lens.Lens' CACertificateDescription (Prelude.Maybe CertificateMode)
+cACertificateDescription_certificateMode = Lens.lens (\CACertificateDescription' {certificateMode} -> certificateMode) (\s@CACertificateDescription' {} a -> s {certificateMode = a} :: CACertificateDescription)
+
+-- | The CA certificate data, in PEM format.
+cACertificateDescription_certificatePem :: Lens.Lens' CACertificateDescription (Prelude.Maybe Prelude.Text)
+cACertificateDescription_certificatePem = Lens.lens (\CACertificateDescription' {certificatePem} -> certificatePem) (\s@CACertificateDescription' {} a -> s {certificatePem = a} :: CACertificateDescription)
+
+-- | The date the CA certificate was created.
+cACertificateDescription_creationDate :: Lens.Lens' CACertificateDescription (Prelude.Maybe Prelude.UTCTime)
+cACertificateDescription_creationDate = Lens.lens (\CACertificateDescription' {creationDate} -> creationDate) (\s@CACertificateDescription' {} a -> s {creationDate = a} :: CACertificateDescription) Prelude.. Lens.mapping Data._Time
+
+-- | The customer version of the CA certificate.
+cACertificateDescription_customerVersion :: Lens.Lens' CACertificateDescription (Prelude.Maybe Prelude.Natural)
+cACertificateDescription_customerVersion = Lens.lens (\CACertificateDescription' {customerVersion} -> customerVersion) (\s@CACertificateDescription' {} a -> s {customerVersion = a} :: CACertificateDescription)
+
+-- | The generation ID of the CA certificate.
+cACertificateDescription_generationId :: Lens.Lens' CACertificateDescription (Prelude.Maybe Prelude.Text)
+cACertificateDescription_generationId = Lens.lens (\CACertificateDescription' {generationId} -> generationId) (\s@CACertificateDescription' {} a -> s {generationId = a} :: CACertificateDescription)
+
+-- | The date the CA certificate was last modified.
+cACertificateDescription_lastModifiedDate :: Lens.Lens' CACertificateDescription (Prelude.Maybe Prelude.UTCTime)
+cACertificateDescription_lastModifiedDate = Lens.lens (\CACertificateDescription' {lastModifiedDate} -> lastModifiedDate) (\s@CACertificateDescription' {} a -> s {lastModifiedDate = a} :: CACertificateDescription) Prelude.. Lens.mapping Data._Time
+
+-- | The owner of the CA certificate.
+cACertificateDescription_ownedBy :: Lens.Lens' CACertificateDescription (Prelude.Maybe Prelude.Text)
+cACertificateDescription_ownedBy = Lens.lens (\CACertificateDescription' {ownedBy} -> ownedBy) (\s@CACertificateDescription' {} a -> s {ownedBy = a} :: CACertificateDescription)
+
+-- | The status of a CA certificate.
+cACertificateDescription_status :: Lens.Lens' CACertificateDescription (Prelude.Maybe CACertificateStatus)
+cACertificateDescription_status = Lens.lens (\CACertificateDescription' {status} -> status) (\s@CACertificateDescription' {} a -> s {status = a} :: CACertificateDescription)
+
+-- | When the CA certificate is valid.
+cACertificateDescription_validity :: Lens.Lens' CACertificateDescription (Prelude.Maybe CertificateValidity)
+cACertificateDescription_validity = Lens.lens (\CACertificateDescription' {validity} -> validity) (\s@CACertificateDescription' {} a -> s {validity = a} :: CACertificateDescription)
+
+instance Data.FromJSON CACertificateDescription where
+  parseJSON =
+    Data.withObject
+      "CACertificateDescription"
+      ( \x ->
+          CACertificateDescription'
+            Prelude.<$> (x Data..:? "autoRegistrationStatus")
+            Prelude.<*> (x Data..:? "certificateArn")
+            Prelude.<*> (x Data..:? "certificateId")
+            Prelude.<*> (x Data..:? "certificateMode")
+            Prelude.<*> (x Data..:? "certificatePem")
+            Prelude.<*> (x Data..:? "creationDate")
+            Prelude.<*> (x Data..:? "customerVersion")
+            Prelude.<*> (x Data..:? "generationId")
+            Prelude.<*> (x Data..:? "lastModifiedDate")
+            Prelude.<*> (x Data..:? "ownedBy")
+            Prelude.<*> (x Data..:? "status")
+            Prelude.<*> (x Data..:? "validity")
+      )
+
+instance Prelude.Hashable CACertificateDescription where
+  hashWithSalt _salt CACertificateDescription' {..} =
+    _salt
+      `Prelude.hashWithSalt` autoRegistrationStatus
+      `Prelude.hashWithSalt` certificateArn
+      `Prelude.hashWithSalt` certificateId
+      `Prelude.hashWithSalt` certificateMode
+      `Prelude.hashWithSalt` certificatePem
+      `Prelude.hashWithSalt` creationDate
+      `Prelude.hashWithSalt` customerVersion
+      `Prelude.hashWithSalt` generationId
+      `Prelude.hashWithSalt` lastModifiedDate
+      `Prelude.hashWithSalt` ownedBy
+      `Prelude.hashWithSalt` status
+      `Prelude.hashWithSalt` validity
+
+instance Prelude.NFData CACertificateDescription where
+  rnf CACertificateDescription' {..} =
+    Prelude.rnf autoRegistrationStatus
+      `Prelude.seq` Prelude.rnf certificateArn
+      `Prelude.seq` Prelude.rnf certificateId
+      `Prelude.seq` Prelude.rnf certificateMode
+      `Prelude.seq` Prelude.rnf certificatePem
+      `Prelude.seq` Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf customerVersion
+      `Prelude.seq` Prelude.rnf generationId
+      `Prelude.seq` Prelude.rnf lastModifiedDate
+      `Prelude.seq` Prelude.rnf ownedBy
+      `Prelude.seq` Prelude.rnf status
+      `Prelude.seq` Prelude.rnf validity
diff --git a/gen/Amazonka/IoT/Types/CACertificateStatus.hs b/gen/Amazonka/IoT/Types/CACertificateStatus.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/CACertificateStatus.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.CACertificateStatus
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.CACertificateStatus
+  ( CACertificateStatus
+      ( ..,
+        CACertificateStatus_ACTIVE,
+        CACertificateStatus_INACTIVE
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype CACertificateStatus = CACertificateStatus'
+  { fromCACertificateStatus ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern CACertificateStatus_ACTIVE :: CACertificateStatus
+pattern CACertificateStatus_ACTIVE = CACertificateStatus' "ACTIVE"
+
+pattern CACertificateStatus_INACTIVE :: CACertificateStatus
+pattern CACertificateStatus_INACTIVE = CACertificateStatus' "INACTIVE"
+
+{-# COMPLETE
+  CACertificateStatus_ACTIVE,
+  CACertificateStatus_INACTIVE,
+  CACertificateStatus'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/CACertificateUpdateAction.hs b/gen/Amazonka/IoT/Types/CACertificateUpdateAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/CACertificateUpdateAction.hs
@@ -0,0 +1,66 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.CACertificateUpdateAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.CACertificateUpdateAction
+  ( CACertificateUpdateAction
+      ( ..,
+        CACertificateUpdateAction_DEACTIVATE
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype CACertificateUpdateAction = CACertificateUpdateAction'
+  { fromCACertificateUpdateAction ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern CACertificateUpdateAction_DEACTIVATE :: CACertificateUpdateAction
+pattern CACertificateUpdateAction_DEACTIVATE = CACertificateUpdateAction' "DEACTIVATE"
+
+{-# COMPLETE
+  CACertificateUpdateAction_DEACTIVATE,
+  CACertificateUpdateAction'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/CannedAccessControlList.hs b/gen/Amazonka/IoT/Types/CannedAccessControlList.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/CannedAccessControlList.hs
@@ -0,0 +1,101 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.CannedAccessControlList
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.CannedAccessControlList
+  ( CannedAccessControlList
+      ( ..,
+        CannedAccessControlList_Authenticated_read,
+        CannedAccessControlList_Aws_exec_read,
+        CannedAccessControlList_Bucket_owner_full_control,
+        CannedAccessControlList_Bucket_owner_read,
+        CannedAccessControlList_Log_delivery_write,
+        CannedAccessControlList_Private,
+        CannedAccessControlList_Public_read,
+        CannedAccessControlList_Public_read_write
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype CannedAccessControlList = CannedAccessControlList'
+  { fromCannedAccessControlList ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern CannedAccessControlList_Authenticated_read :: CannedAccessControlList
+pattern CannedAccessControlList_Authenticated_read = CannedAccessControlList' "authenticated-read"
+
+pattern CannedAccessControlList_Aws_exec_read :: CannedAccessControlList
+pattern CannedAccessControlList_Aws_exec_read = CannedAccessControlList' "aws-exec-read"
+
+pattern CannedAccessControlList_Bucket_owner_full_control :: CannedAccessControlList
+pattern CannedAccessControlList_Bucket_owner_full_control = CannedAccessControlList' "bucket-owner-full-control"
+
+pattern CannedAccessControlList_Bucket_owner_read :: CannedAccessControlList
+pattern CannedAccessControlList_Bucket_owner_read = CannedAccessControlList' "bucket-owner-read"
+
+pattern CannedAccessControlList_Log_delivery_write :: CannedAccessControlList
+pattern CannedAccessControlList_Log_delivery_write = CannedAccessControlList' "log-delivery-write"
+
+pattern CannedAccessControlList_Private :: CannedAccessControlList
+pattern CannedAccessControlList_Private = CannedAccessControlList' "private"
+
+pattern CannedAccessControlList_Public_read :: CannedAccessControlList
+pattern CannedAccessControlList_Public_read = CannedAccessControlList' "public-read"
+
+pattern CannedAccessControlList_Public_read_write :: CannedAccessControlList
+pattern CannedAccessControlList_Public_read_write = CannedAccessControlList' "public-read-write"
+
+{-# COMPLETE
+  CannedAccessControlList_Authenticated_read,
+  CannedAccessControlList_Aws_exec_read,
+  CannedAccessControlList_Bucket_owner_full_control,
+  CannedAccessControlList_Bucket_owner_read,
+  CannedAccessControlList_Log_delivery_write,
+  CannedAccessControlList_Private,
+  CannedAccessControlList_Public_read,
+  CannedAccessControlList_Public_read_write,
+  CannedAccessControlList'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/Certificate.hs b/gen/Amazonka/IoT/Types/Certificate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/Certificate.hs
@@ -0,0 +1,167 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.Certificate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.Certificate where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.CertificateMode
+import Amazonka.IoT.Types.CertificateStatus
+import qualified Amazonka.Prelude as Prelude
+
+-- | Information about a certificate.
+--
+-- /See:/ 'newCertificate' smart constructor.
+data Certificate = Certificate'
+  { -- | The ARN of the certificate.
+    certificateArn :: Prelude.Maybe Prelude.Text,
+    -- | The ID of the certificate. (The last part of the certificate ARN
+    -- contains the certificate ID.)
+    certificateId :: Prelude.Maybe Prelude.Text,
+    -- | The mode of the certificate.
+    --
+    -- @DEFAULT@: A certificate in @DEFAULT@ mode is either generated by Amazon
+    -- Web Services IoT Core or registered with an issuer certificate authority
+    -- (CA) in @DEFAULT@ mode. Devices with certificates in @DEFAULT@ mode
+    -- aren\'t required to send the Server Name Indication (SNI) extension when
+    -- connecting to Amazon Web Services IoT Core. However, to use features
+    -- such as custom domains and VPC endpoints, we recommend that you use the
+    -- SNI extension when connecting to Amazon Web Services IoT Core.
+    --
+    -- @SNI_ONLY@: A certificate in @SNI_ONLY@ mode is registered without an
+    -- issuer CA. Devices with certificates in @SNI_ONLY@ mode must send the
+    -- SNI extension when connecting to Amazon Web Services IoT Core.
+    certificateMode :: Prelude.Maybe CertificateMode,
+    -- | The date and time the certificate was created.
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | The status of the certificate.
+    --
+    -- The status value REGISTER_INACTIVE is deprecated and should not be used.
+    status :: Prelude.Maybe CertificateStatus
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'Certificate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificateArn', 'certificate_certificateArn' - The ARN of the certificate.
+--
+-- 'certificateId', 'certificate_certificateId' - The ID of the certificate. (The last part of the certificate ARN
+-- contains the certificate ID.)
+--
+-- 'certificateMode', 'certificate_certificateMode' - The mode of the certificate.
+--
+-- @DEFAULT@: A certificate in @DEFAULT@ mode is either generated by Amazon
+-- Web Services IoT Core or registered with an issuer certificate authority
+-- (CA) in @DEFAULT@ mode. Devices with certificates in @DEFAULT@ mode
+-- aren\'t required to send the Server Name Indication (SNI) extension when
+-- connecting to Amazon Web Services IoT Core. However, to use features
+-- such as custom domains and VPC endpoints, we recommend that you use the
+-- SNI extension when connecting to Amazon Web Services IoT Core.
+--
+-- @SNI_ONLY@: A certificate in @SNI_ONLY@ mode is registered without an
+-- issuer CA. Devices with certificates in @SNI_ONLY@ mode must send the
+-- SNI extension when connecting to Amazon Web Services IoT Core.
+--
+-- 'creationDate', 'certificate_creationDate' - The date and time the certificate was created.
+--
+-- 'status', 'certificate_status' - The status of the certificate.
+--
+-- The status value REGISTER_INACTIVE is deprecated and should not be used.
+newCertificate ::
+  Certificate
+newCertificate =
+  Certificate'
+    { certificateArn = Prelude.Nothing,
+      certificateId = Prelude.Nothing,
+      certificateMode = Prelude.Nothing,
+      creationDate = Prelude.Nothing,
+      status = Prelude.Nothing
+    }
+
+-- | The ARN of the certificate.
+certificate_certificateArn :: Lens.Lens' Certificate (Prelude.Maybe Prelude.Text)
+certificate_certificateArn = Lens.lens (\Certificate' {certificateArn} -> certificateArn) (\s@Certificate' {} a -> s {certificateArn = a} :: Certificate)
+
+-- | The ID of the certificate. (The last part of the certificate ARN
+-- contains the certificate ID.)
+certificate_certificateId :: Lens.Lens' Certificate (Prelude.Maybe Prelude.Text)
+certificate_certificateId = Lens.lens (\Certificate' {certificateId} -> certificateId) (\s@Certificate' {} a -> s {certificateId = a} :: Certificate)
+
+-- | The mode of the certificate.
+--
+-- @DEFAULT@: A certificate in @DEFAULT@ mode is either generated by Amazon
+-- Web Services IoT Core or registered with an issuer certificate authority
+-- (CA) in @DEFAULT@ mode. Devices with certificates in @DEFAULT@ mode
+-- aren\'t required to send the Server Name Indication (SNI) extension when
+-- connecting to Amazon Web Services IoT Core. However, to use features
+-- such as custom domains and VPC endpoints, we recommend that you use the
+-- SNI extension when connecting to Amazon Web Services IoT Core.
+--
+-- @SNI_ONLY@: A certificate in @SNI_ONLY@ mode is registered without an
+-- issuer CA. Devices with certificates in @SNI_ONLY@ mode must send the
+-- SNI extension when connecting to Amazon Web Services IoT Core.
+certificate_certificateMode :: Lens.Lens' Certificate (Prelude.Maybe CertificateMode)
+certificate_certificateMode = Lens.lens (\Certificate' {certificateMode} -> certificateMode) (\s@Certificate' {} a -> s {certificateMode = a} :: Certificate)
+
+-- | The date and time the certificate was created.
+certificate_creationDate :: Lens.Lens' Certificate (Prelude.Maybe Prelude.UTCTime)
+certificate_creationDate = Lens.lens (\Certificate' {creationDate} -> creationDate) (\s@Certificate' {} a -> s {creationDate = a} :: Certificate) Prelude.. Lens.mapping Data._Time
+
+-- | The status of the certificate.
+--
+-- The status value REGISTER_INACTIVE is deprecated and should not be used.
+certificate_status :: Lens.Lens' Certificate (Prelude.Maybe CertificateStatus)
+certificate_status = Lens.lens (\Certificate' {status} -> status) (\s@Certificate' {} a -> s {status = a} :: Certificate)
+
+instance Data.FromJSON Certificate where
+  parseJSON =
+    Data.withObject
+      "Certificate"
+      ( \x ->
+          Certificate'
+            Prelude.<$> (x Data..:? "certificateArn")
+            Prelude.<*> (x Data..:? "certificateId")
+            Prelude.<*> (x Data..:? "certificateMode")
+            Prelude.<*> (x Data..:? "creationDate")
+            Prelude.<*> (x Data..:? "status")
+      )
+
+instance Prelude.Hashable Certificate where
+  hashWithSalt _salt Certificate' {..} =
+    _salt
+      `Prelude.hashWithSalt` certificateArn
+      `Prelude.hashWithSalt` certificateId
+      `Prelude.hashWithSalt` certificateMode
+      `Prelude.hashWithSalt` creationDate
+      `Prelude.hashWithSalt` status
+
+instance Prelude.NFData Certificate where
+  rnf Certificate' {..} =
+    Prelude.rnf certificateArn
+      `Prelude.seq` Prelude.rnf certificateId
+      `Prelude.seq` Prelude.rnf certificateMode
+      `Prelude.seq` Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf status
diff --git a/gen/Amazonka/IoT/Types/CertificateDescription.hs b/gen/Amazonka/IoT/Types/CertificateDescription.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/CertificateDescription.hs
@@ -0,0 +1,281 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.CertificateDescription
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.CertificateDescription where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.CertificateMode
+import Amazonka.IoT.Types.CertificateStatus
+import Amazonka.IoT.Types.CertificateValidity
+import Amazonka.IoT.Types.TransferData
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes a certificate.
+--
+-- /See:/ 'newCertificateDescription' smart constructor.
+data CertificateDescription = CertificateDescription'
+  { -- | The certificate ID of the CA certificate used to sign this certificate.
+    caCertificateId :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the certificate.
+    certificateArn :: Prelude.Maybe Prelude.Text,
+    -- | The ID of the certificate.
+    certificateId :: Prelude.Maybe Prelude.Text,
+    -- | The mode of the certificate.
+    --
+    -- @DEFAULT@: A certificate in @DEFAULT@ mode is either generated by Amazon
+    -- Web Services IoT Core or registered with an issuer certificate authority
+    -- (CA) in @DEFAULT@ mode. Devices with certificates in @DEFAULT@ mode
+    -- aren\'t required to send the Server Name Indication (SNI) extension when
+    -- connecting to Amazon Web Services IoT Core. However, to use features
+    -- such as custom domains and VPC endpoints, we recommend that you use the
+    -- SNI extension when connecting to Amazon Web Services IoT Core.
+    --
+    -- @SNI_ONLY@: A certificate in @SNI_ONLY@ mode is registered without an
+    -- issuer CA. Devices with certificates in @SNI_ONLY@ mode must send the
+    -- SNI extension when connecting to Amazon Web Services IoT Core.
+    --
+    -- For more information about the value for SNI extension, see
+    -- <https://docs.aws.amazon.com/iot/latest/developerguide/transport-security.html Transport security in IoT>.
+    certificateMode :: Prelude.Maybe CertificateMode,
+    -- | The certificate data, in PEM format.
+    certificatePem :: Prelude.Maybe Prelude.Text,
+    -- | The date and time the certificate was created.
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | The customer version of the certificate.
+    customerVersion :: Prelude.Maybe Prelude.Natural,
+    -- | The generation ID of the certificate.
+    generationId :: Prelude.Maybe Prelude.Text,
+    -- | The date and time the certificate was last modified.
+    lastModifiedDate :: Prelude.Maybe Data.POSIX,
+    -- | The ID of the Amazon Web Services account that owns the certificate.
+    ownedBy :: Prelude.Maybe Prelude.Text,
+    -- | The ID of the Amazon Web Services account of the previous owner of the
+    -- certificate.
+    previousOwnedBy :: Prelude.Maybe Prelude.Text,
+    -- | The status of the certificate.
+    status :: Prelude.Maybe CertificateStatus,
+    -- | The transfer data.
+    transferData :: Prelude.Maybe TransferData,
+    -- | When the certificate is valid.
+    validity :: Prelude.Maybe CertificateValidity
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CertificateDescription' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'caCertificateId', 'certificateDescription_caCertificateId' - The certificate ID of the CA certificate used to sign this certificate.
+--
+-- 'certificateArn', 'certificateDescription_certificateArn' - The ARN of the certificate.
+--
+-- 'certificateId', 'certificateDescription_certificateId' - The ID of the certificate.
+--
+-- 'certificateMode', 'certificateDescription_certificateMode' - The mode of the certificate.
+--
+-- @DEFAULT@: A certificate in @DEFAULT@ mode is either generated by Amazon
+-- Web Services IoT Core or registered with an issuer certificate authority
+-- (CA) in @DEFAULT@ mode. Devices with certificates in @DEFAULT@ mode
+-- aren\'t required to send the Server Name Indication (SNI) extension when
+-- connecting to Amazon Web Services IoT Core. However, to use features
+-- such as custom domains and VPC endpoints, we recommend that you use the
+-- SNI extension when connecting to Amazon Web Services IoT Core.
+--
+-- @SNI_ONLY@: A certificate in @SNI_ONLY@ mode is registered without an
+-- issuer CA. Devices with certificates in @SNI_ONLY@ mode must send the
+-- SNI extension when connecting to Amazon Web Services IoT Core.
+--
+-- For more information about the value for SNI extension, see
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/transport-security.html Transport security in IoT>.
+--
+-- 'certificatePem', 'certificateDescription_certificatePem' - The certificate data, in PEM format.
+--
+-- 'creationDate', 'certificateDescription_creationDate' - The date and time the certificate was created.
+--
+-- 'customerVersion', 'certificateDescription_customerVersion' - The customer version of the certificate.
+--
+-- 'generationId', 'certificateDescription_generationId' - The generation ID of the certificate.
+--
+-- 'lastModifiedDate', 'certificateDescription_lastModifiedDate' - The date and time the certificate was last modified.
+--
+-- 'ownedBy', 'certificateDescription_ownedBy' - The ID of the Amazon Web Services account that owns the certificate.
+--
+-- 'previousOwnedBy', 'certificateDescription_previousOwnedBy' - The ID of the Amazon Web Services account of the previous owner of the
+-- certificate.
+--
+-- 'status', 'certificateDescription_status' - The status of the certificate.
+--
+-- 'transferData', 'certificateDescription_transferData' - The transfer data.
+--
+-- 'validity', 'certificateDescription_validity' - When the certificate is valid.
+newCertificateDescription ::
+  CertificateDescription
+newCertificateDescription =
+  CertificateDescription'
+    { caCertificateId =
+        Prelude.Nothing,
+      certificateArn = Prelude.Nothing,
+      certificateId = Prelude.Nothing,
+      certificateMode = Prelude.Nothing,
+      certificatePem = Prelude.Nothing,
+      creationDate = Prelude.Nothing,
+      customerVersion = Prelude.Nothing,
+      generationId = Prelude.Nothing,
+      lastModifiedDate = Prelude.Nothing,
+      ownedBy = Prelude.Nothing,
+      previousOwnedBy = Prelude.Nothing,
+      status = Prelude.Nothing,
+      transferData = Prelude.Nothing,
+      validity = Prelude.Nothing
+    }
+
+-- | The certificate ID of the CA certificate used to sign this certificate.
+certificateDescription_caCertificateId :: Lens.Lens' CertificateDescription (Prelude.Maybe Prelude.Text)
+certificateDescription_caCertificateId = Lens.lens (\CertificateDescription' {caCertificateId} -> caCertificateId) (\s@CertificateDescription' {} a -> s {caCertificateId = a} :: CertificateDescription)
+
+-- | The ARN of the certificate.
+certificateDescription_certificateArn :: Lens.Lens' CertificateDescription (Prelude.Maybe Prelude.Text)
+certificateDescription_certificateArn = Lens.lens (\CertificateDescription' {certificateArn} -> certificateArn) (\s@CertificateDescription' {} a -> s {certificateArn = a} :: CertificateDescription)
+
+-- | The ID of the certificate.
+certificateDescription_certificateId :: Lens.Lens' CertificateDescription (Prelude.Maybe Prelude.Text)
+certificateDescription_certificateId = Lens.lens (\CertificateDescription' {certificateId} -> certificateId) (\s@CertificateDescription' {} a -> s {certificateId = a} :: CertificateDescription)
+
+-- | The mode of the certificate.
+--
+-- @DEFAULT@: A certificate in @DEFAULT@ mode is either generated by Amazon
+-- Web Services IoT Core or registered with an issuer certificate authority
+-- (CA) in @DEFAULT@ mode. Devices with certificates in @DEFAULT@ mode
+-- aren\'t required to send the Server Name Indication (SNI) extension when
+-- connecting to Amazon Web Services IoT Core. However, to use features
+-- such as custom domains and VPC endpoints, we recommend that you use the
+-- SNI extension when connecting to Amazon Web Services IoT Core.
+--
+-- @SNI_ONLY@: A certificate in @SNI_ONLY@ mode is registered without an
+-- issuer CA. Devices with certificates in @SNI_ONLY@ mode must send the
+-- SNI extension when connecting to Amazon Web Services IoT Core.
+--
+-- For more information about the value for SNI extension, see
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/transport-security.html Transport security in IoT>.
+certificateDescription_certificateMode :: Lens.Lens' CertificateDescription (Prelude.Maybe CertificateMode)
+certificateDescription_certificateMode = Lens.lens (\CertificateDescription' {certificateMode} -> certificateMode) (\s@CertificateDescription' {} a -> s {certificateMode = a} :: CertificateDescription)
+
+-- | The certificate data, in PEM format.
+certificateDescription_certificatePem :: Lens.Lens' CertificateDescription (Prelude.Maybe Prelude.Text)
+certificateDescription_certificatePem = Lens.lens (\CertificateDescription' {certificatePem} -> certificatePem) (\s@CertificateDescription' {} a -> s {certificatePem = a} :: CertificateDescription)
+
+-- | The date and time the certificate was created.
+certificateDescription_creationDate :: Lens.Lens' CertificateDescription (Prelude.Maybe Prelude.UTCTime)
+certificateDescription_creationDate = Lens.lens (\CertificateDescription' {creationDate} -> creationDate) (\s@CertificateDescription' {} a -> s {creationDate = a} :: CertificateDescription) Prelude.. Lens.mapping Data._Time
+
+-- | The customer version of the certificate.
+certificateDescription_customerVersion :: Lens.Lens' CertificateDescription (Prelude.Maybe Prelude.Natural)
+certificateDescription_customerVersion = Lens.lens (\CertificateDescription' {customerVersion} -> customerVersion) (\s@CertificateDescription' {} a -> s {customerVersion = a} :: CertificateDescription)
+
+-- | The generation ID of the certificate.
+certificateDescription_generationId :: Lens.Lens' CertificateDescription (Prelude.Maybe Prelude.Text)
+certificateDescription_generationId = Lens.lens (\CertificateDescription' {generationId} -> generationId) (\s@CertificateDescription' {} a -> s {generationId = a} :: CertificateDescription)
+
+-- | The date and time the certificate was last modified.
+certificateDescription_lastModifiedDate :: Lens.Lens' CertificateDescription (Prelude.Maybe Prelude.UTCTime)
+certificateDescription_lastModifiedDate = Lens.lens (\CertificateDescription' {lastModifiedDate} -> lastModifiedDate) (\s@CertificateDescription' {} a -> s {lastModifiedDate = a} :: CertificateDescription) Prelude.. Lens.mapping Data._Time
+
+-- | The ID of the Amazon Web Services account that owns the certificate.
+certificateDescription_ownedBy :: Lens.Lens' CertificateDescription (Prelude.Maybe Prelude.Text)
+certificateDescription_ownedBy = Lens.lens (\CertificateDescription' {ownedBy} -> ownedBy) (\s@CertificateDescription' {} a -> s {ownedBy = a} :: CertificateDescription)
+
+-- | The ID of the Amazon Web Services account of the previous owner of the
+-- certificate.
+certificateDescription_previousOwnedBy :: Lens.Lens' CertificateDescription (Prelude.Maybe Prelude.Text)
+certificateDescription_previousOwnedBy = Lens.lens (\CertificateDescription' {previousOwnedBy} -> previousOwnedBy) (\s@CertificateDescription' {} a -> s {previousOwnedBy = a} :: CertificateDescription)
+
+-- | The status of the certificate.
+certificateDescription_status :: Lens.Lens' CertificateDescription (Prelude.Maybe CertificateStatus)
+certificateDescription_status = Lens.lens (\CertificateDescription' {status} -> status) (\s@CertificateDescription' {} a -> s {status = a} :: CertificateDescription)
+
+-- | The transfer data.
+certificateDescription_transferData :: Lens.Lens' CertificateDescription (Prelude.Maybe TransferData)
+certificateDescription_transferData = Lens.lens (\CertificateDescription' {transferData} -> transferData) (\s@CertificateDescription' {} a -> s {transferData = a} :: CertificateDescription)
+
+-- | When the certificate is valid.
+certificateDescription_validity :: Lens.Lens' CertificateDescription (Prelude.Maybe CertificateValidity)
+certificateDescription_validity = Lens.lens (\CertificateDescription' {validity} -> validity) (\s@CertificateDescription' {} a -> s {validity = a} :: CertificateDescription)
+
+instance Data.FromJSON CertificateDescription where
+  parseJSON =
+    Data.withObject
+      "CertificateDescription"
+      ( \x ->
+          CertificateDescription'
+            Prelude.<$> (x Data..:? "caCertificateId")
+            Prelude.<*> (x Data..:? "certificateArn")
+            Prelude.<*> (x Data..:? "certificateId")
+            Prelude.<*> (x Data..:? "certificateMode")
+            Prelude.<*> (x Data..:? "certificatePem")
+            Prelude.<*> (x Data..:? "creationDate")
+            Prelude.<*> (x Data..:? "customerVersion")
+            Prelude.<*> (x Data..:? "generationId")
+            Prelude.<*> (x Data..:? "lastModifiedDate")
+            Prelude.<*> (x Data..:? "ownedBy")
+            Prelude.<*> (x Data..:? "previousOwnedBy")
+            Prelude.<*> (x Data..:? "status")
+            Prelude.<*> (x Data..:? "transferData")
+            Prelude.<*> (x Data..:? "validity")
+      )
+
+instance Prelude.Hashable CertificateDescription where
+  hashWithSalt _salt CertificateDescription' {..} =
+    _salt
+      `Prelude.hashWithSalt` caCertificateId
+      `Prelude.hashWithSalt` certificateArn
+      `Prelude.hashWithSalt` certificateId
+      `Prelude.hashWithSalt` certificateMode
+      `Prelude.hashWithSalt` certificatePem
+      `Prelude.hashWithSalt` creationDate
+      `Prelude.hashWithSalt` customerVersion
+      `Prelude.hashWithSalt` generationId
+      `Prelude.hashWithSalt` lastModifiedDate
+      `Prelude.hashWithSalt` ownedBy
+      `Prelude.hashWithSalt` previousOwnedBy
+      `Prelude.hashWithSalt` status
+      `Prelude.hashWithSalt` transferData
+      `Prelude.hashWithSalt` validity
+
+instance Prelude.NFData CertificateDescription where
+  rnf CertificateDescription' {..} =
+    Prelude.rnf caCertificateId
+      `Prelude.seq` Prelude.rnf certificateArn
+      `Prelude.seq` Prelude.rnf certificateId
+      `Prelude.seq` Prelude.rnf certificateMode
+      `Prelude.seq` Prelude.rnf certificatePem
+      `Prelude.seq` Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf customerVersion
+      `Prelude.seq` Prelude.rnf generationId
+      `Prelude.seq` Prelude.rnf lastModifiedDate
+      `Prelude.seq` Prelude.rnf ownedBy
+      `Prelude.seq` Prelude.rnf previousOwnedBy
+      `Prelude.seq` Prelude.rnf status
+      `Prelude.seq` Prelude.rnf transferData
+      `Prelude.seq` Prelude.rnf validity
diff --git a/gen/Amazonka/IoT/Types/CertificateMode.hs b/gen/Amazonka/IoT/Types/CertificateMode.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/CertificateMode.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.CertificateMode
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.CertificateMode
+  ( CertificateMode
+      ( ..,
+        CertificateMode_DEFAULT,
+        CertificateMode_SNI_ONLY
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype CertificateMode = CertificateMode'
+  { fromCertificateMode ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern CertificateMode_DEFAULT :: CertificateMode
+pattern CertificateMode_DEFAULT = CertificateMode' "DEFAULT"
+
+pattern CertificateMode_SNI_ONLY :: CertificateMode
+pattern CertificateMode_SNI_ONLY = CertificateMode' "SNI_ONLY"
+
+{-# COMPLETE
+  CertificateMode_DEFAULT,
+  CertificateMode_SNI_ONLY,
+  CertificateMode'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/CertificateStatus.hs b/gen/Amazonka/IoT/Types/CertificateStatus.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/CertificateStatus.hs
@@ -0,0 +1,91 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.CertificateStatus
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.CertificateStatus
+  ( CertificateStatus
+      ( ..,
+        CertificateStatus_ACTIVE,
+        CertificateStatus_INACTIVE,
+        CertificateStatus_PENDING_ACTIVATION,
+        CertificateStatus_PENDING_TRANSFER,
+        CertificateStatus_REGISTER_INACTIVE,
+        CertificateStatus_REVOKED
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype CertificateStatus = CertificateStatus'
+  { fromCertificateStatus ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern CertificateStatus_ACTIVE :: CertificateStatus
+pattern CertificateStatus_ACTIVE = CertificateStatus' "ACTIVE"
+
+pattern CertificateStatus_INACTIVE :: CertificateStatus
+pattern CertificateStatus_INACTIVE = CertificateStatus' "INACTIVE"
+
+pattern CertificateStatus_PENDING_ACTIVATION :: CertificateStatus
+pattern CertificateStatus_PENDING_ACTIVATION = CertificateStatus' "PENDING_ACTIVATION"
+
+pattern CertificateStatus_PENDING_TRANSFER :: CertificateStatus
+pattern CertificateStatus_PENDING_TRANSFER = CertificateStatus' "PENDING_TRANSFER"
+
+pattern CertificateStatus_REGISTER_INACTIVE :: CertificateStatus
+pattern CertificateStatus_REGISTER_INACTIVE = CertificateStatus' "REGISTER_INACTIVE"
+
+pattern CertificateStatus_REVOKED :: CertificateStatus
+pattern CertificateStatus_REVOKED = CertificateStatus' "REVOKED"
+
+{-# COMPLETE
+  CertificateStatus_ACTIVE,
+  CertificateStatus_INACTIVE,
+  CertificateStatus_PENDING_ACTIVATION,
+  CertificateStatus_PENDING_TRANSFER,
+  CertificateStatus_REGISTER_INACTIVE,
+  CertificateStatus_REVOKED,
+  CertificateStatus'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/CertificateValidity.hs b/gen/Amazonka/IoT/Types/CertificateValidity.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/CertificateValidity.hs
@@ -0,0 +1,84 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.CertificateValidity
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.CertificateValidity where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | When the certificate is valid.
+--
+-- /See:/ 'newCertificateValidity' smart constructor.
+data CertificateValidity = CertificateValidity'
+  { -- | The certificate is not valid after this date.
+    notAfter :: Prelude.Maybe Data.POSIX,
+    -- | The certificate is not valid before this date.
+    notBefore :: Prelude.Maybe Data.POSIX
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CertificateValidity' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'notAfter', 'certificateValidity_notAfter' - The certificate is not valid after this date.
+--
+-- 'notBefore', 'certificateValidity_notBefore' - The certificate is not valid before this date.
+newCertificateValidity ::
+  CertificateValidity
+newCertificateValidity =
+  CertificateValidity'
+    { notAfter = Prelude.Nothing,
+      notBefore = Prelude.Nothing
+    }
+
+-- | The certificate is not valid after this date.
+certificateValidity_notAfter :: Lens.Lens' CertificateValidity (Prelude.Maybe Prelude.UTCTime)
+certificateValidity_notAfter = Lens.lens (\CertificateValidity' {notAfter} -> notAfter) (\s@CertificateValidity' {} a -> s {notAfter = a} :: CertificateValidity) Prelude.. Lens.mapping Data._Time
+
+-- | The certificate is not valid before this date.
+certificateValidity_notBefore :: Lens.Lens' CertificateValidity (Prelude.Maybe Prelude.UTCTime)
+certificateValidity_notBefore = Lens.lens (\CertificateValidity' {notBefore} -> notBefore) (\s@CertificateValidity' {} a -> s {notBefore = a} :: CertificateValidity) Prelude.. Lens.mapping Data._Time
+
+instance Data.FromJSON CertificateValidity where
+  parseJSON =
+    Data.withObject
+      "CertificateValidity"
+      ( \x ->
+          CertificateValidity'
+            Prelude.<$> (x Data..:? "notAfter")
+            Prelude.<*> (x Data..:? "notBefore")
+      )
+
+instance Prelude.Hashable CertificateValidity where
+  hashWithSalt _salt CertificateValidity' {..} =
+    _salt
+      `Prelude.hashWithSalt` notAfter
+      `Prelude.hashWithSalt` notBefore
+
+instance Prelude.NFData CertificateValidity where
+  rnf CertificateValidity' {..} =
+    Prelude.rnf notAfter
+      `Prelude.seq` Prelude.rnf notBefore
diff --git a/gen/Amazonka/IoT/Types/CloudwatchAlarmAction.hs b/gen/Amazonka/IoT/Types/CloudwatchAlarmAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/CloudwatchAlarmAction.hs
@@ -0,0 +1,134 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.CloudwatchAlarmAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.CloudwatchAlarmAction where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes an action that updates a CloudWatch alarm.
+--
+-- /See:/ 'newCloudwatchAlarmAction' smart constructor.
+data CloudwatchAlarmAction = CloudwatchAlarmAction'
+  { -- | The IAM role that allows access to the CloudWatch alarm.
+    roleArn :: Prelude.Text,
+    -- | The CloudWatch alarm name.
+    alarmName :: Prelude.Text,
+    -- | The reason for the alarm change.
+    stateReason :: Prelude.Text,
+    -- | The value of the alarm state. Acceptable values are: OK, ALARM,
+    -- INSUFFICIENT_DATA.
+    stateValue :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CloudwatchAlarmAction' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'roleArn', 'cloudwatchAlarmAction_roleArn' - The IAM role that allows access to the CloudWatch alarm.
+--
+-- 'alarmName', 'cloudwatchAlarmAction_alarmName' - The CloudWatch alarm name.
+--
+-- 'stateReason', 'cloudwatchAlarmAction_stateReason' - The reason for the alarm change.
+--
+-- 'stateValue', 'cloudwatchAlarmAction_stateValue' - The value of the alarm state. Acceptable values are: OK, ALARM,
+-- INSUFFICIENT_DATA.
+newCloudwatchAlarmAction ::
+  -- | 'roleArn'
+  Prelude.Text ->
+  -- | 'alarmName'
+  Prelude.Text ->
+  -- | 'stateReason'
+  Prelude.Text ->
+  -- | 'stateValue'
+  Prelude.Text ->
+  CloudwatchAlarmAction
+newCloudwatchAlarmAction
+  pRoleArn_
+  pAlarmName_
+  pStateReason_
+  pStateValue_ =
+    CloudwatchAlarmAction'
+      { roleArn = pRoleArn_,
+        alarmName = pAlarmName_,
+        stateReason = pStateReason_,
+        stateValue = pStateValue_
+      }
+
+-- | The IAM role that allows access to the CloudWatch alarm.
+cloudwatchAlarmAction_roleArn :: Lens.Lens' CloudwatchAlarmAction Prelude.Text
+cloudwatchAlarmAction_roleArn = Lens.lens (\CloudwatchAlarmAction' {roleArn} -> roleArn) (\s@CloudwatchAlarmAction' {} a -> s {roleArn = a} :: CloudwatchAlarmAction)
+
+-- | The CloudWatch alarm name.
+cloudwatchAlarmAction_alarmName :: Lens.Lens' CloudwatchAlarmAction Prelude.Text
+cloudwatchAlarmAction_alarmName = Lens.lens (\CloudwatchAlarmAction' {alarmName} -> alarmName) (\s@CloudwatchAlarmAction' {} a -> s {alarmName = a} :: CloudwatchAlarmAction)
+
+-- | The reason for the alarm change.
+cloudwatchAlarmAction_stateReason :: Lens.Lens' CloudwatchAlarmAction Prelude.Text
+cloudwatchAlarmAction_stateReason = Lens.lens (\CloudwatchAlarmAction' {stateReason} -> stateReason) (\s@CloudwatchAlarmAction' {} a -> s {stateReason = a} :: CloudwatchAlarmAction)
+
+-- | The value of the alarm state. Acceptable values are: OK, ALARM,
+-- INSUFFICIENT_DATA.
+cloudwatchAlarmAction_stateValue :: Lens.Lens' CloudwatchAlarmAction Prelude.Text
+cloudwatchAlarmAction_stateValue = Lens.lens (\CloudwatchAlarmAction' {stateValue} -> stateValue) (\s@CloudwatchAlarmAction' {} a -> s {stateValue = a} :: CloudwatchAlarmAction)
+
+instance Data.FromJSON CloudwatchAlarmAction where
+  parseJSON =
+    Data.withObject
+      "CloudwatchAlarmAction"
+      ( \x ->
+          CloudwatchAlarmAction'
+            Prelude.<$> (x Data..: "roleArn")
+            Prelude.<*> (x Data..: "alarmName")
+            Prelude.<*> (x Data..: "stateReason")
+            Prelude.<*> (x Data..: "stateValue")
+      )
+
+instance Prelude.Hashable CloudwatchAlarmAction where
+  hashWithSalt _salt CloudwatchAlarmAction' {..} =
+    _salt
+      `Prelude.hashWithSalt` roleArn
+      `Prelude.hashWithSalt` alarmName
+      `Prelude.hashWithSalt` stateReason
+      `Prelude.hashWithSalt` stateValue
+
+instance Prelude.NFData CloudwatchAlarmAction where
+  rnf CloudwatchAlarmAction' {..} =
+    Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf alarmName
+      `Prelude.seq` Prelude.rnf stateReason
+      `Prelude.seq` Prelude.rnf stateValue
+
+instance Data.ToJSON CloudwatchAlarmAction where
+  toJSON CloudwatchAlarmAction' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("roleArn" Data..= roleArn),
+            Prelude.Just ("alarmName" Data..= alarmName),
+            Prelude.Just ("stateReason" Data..= stateReason),
+            Prelude.Just ("stateValue" Data..= stateValue)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/CloudwatchLogsAction.hs b/gen/Amazonka/IoT/Types/CloudwatchLogsAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/CloudwatchLogsAction.hs
@@ -0,0 +1,97 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.CloudwatchLogsAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.CloudwatchLogsAction where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes an action that sends data to CloudWatch Logs.
+--
+-- /See:/ 'newCloudwatchLogsAction' smart constructor.
+data CloudwatchLogsAction = CloudwatchLogsAction'
+  { -- | The IAM role that allows access to the CloudWatch log.
+    roleArn :: Prelude.Text,
+    -- | The CloudWatch log group to which the action sends data.
+    logGroupName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CloudwatchLogsAction' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'roleArn', 'cloudwatchLogsAction_roleArn' - The IAM role that allows access to the CloudWatch log.
+--
+-- 'logGroupName', 'cloudwatchLogsAction_logGroupName' - The CloudWatch log group to which the action sends data.
+newCloudwatchLogsAction ::
+  -- | 'roleArn'
+  Prelude.Text ->
+  -- | 'logGroupName'
+  Prelude.Text ->
+  CloudwatchLogsAction
+newCloudwatchLogsAction pRoleArn_ pLogGroupName_ =
+  CloudwatchLogsAction'
+    { roleArn = pRoleArn_,
+      logGroupName = pLogGroupName_
+    }
+
+-- | The IAM role that allows access to the CloudWatch log.
+cloudwatchLogsAction_roleArn :: Lens.Lens' CloudwatchLogsAction Prelude.Text
+cloudwatchLogsAction_roleArn = Lens.lens (\CloudwatchLogsAction' {roleArn} -> roleArn) (\s@CloudwatchLogsAction' {} a -> s {roleArn = a} :: CloudwatchLogsAction)
+
+-- | The CloudWatch log group to which the action sends data.
+cloudwatchLogsAction_logGroupName :: Lens.Lens' CloudwatchLogsAction Prelude.Text
+cloudwatchLogsAction_logGroupName = Lens.lens (\CloudwatchLogsAction' {logGroupName} -> logGroupName) (\s@CloudwatchLogsAction' {} a -> s {logGroupName = a} :: CloudwatchLogsAction)
+
+instance Data.FromJSON CloudwatchLogsAction where
+  parseJSON =
+    Data.withObject
+      "CloudwatchLogsAction"
+      ( \x ->
+          CloudwatchLogsAction'
+            Prelude.<$> (x Data..: "roleArn")
+            Prelude.<*> (x Data..: "logGroupName")
+      )
+
+instance Prelude.Hashable CloudwatchLogsAction where
+  hashWithSalt _salt CloudwatchLogsAction' {..} =
+    _salt
+      `Prelude.hashWithSalt` roleArn
+      `Prelude.hashWithSalt` logGroupName
+
+instance Prelude.NFData CloudwatchLogsAction where
+  rnf CloudwatchLogsAction' {..} =
+    Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf logGroupName
+
+instance Data.ToJSON CloudwatchLogsAction where
+  toJSON CloudwatchLogsAction' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("roleArn" Data..= roleArn),
+            Prelude.Just ("logGroupName" Data..= logGroupName)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/CloudwatchMetricAction.hs b/gen/Amazonka/IoT/Types/CloudwatchMetricAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/CloudwatchMetricAction.hs
@@ -0,0 +1,172 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.CloudwatchMetricAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.CloudwatchMetricAction where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes an action that captures a CloudWatch metric.
+--
+-- /See:/ 'newCloudwatchMetricAction' smart constructor.
+data CloudwatchMetricAction = CloudwatchMetricAction'
+  { -- | An optional
+    -- <https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#about_timestamp Unix timestamp>.
+    metricTimestamp :: Prelude.Maybe Prelude.Text,
+    -- | The IAM role that allows access to the CloudWatch metric.
+    roleArn :: Prelude.Text,
+    -- | The CloudWatch metric namespace name.
+    metricNamespace :: Prelude.Text,
+    -- | The CloudWatch metric name.
+    metricName :: Prelude.Text,
+    -- | The CloudWatch metric value.
+    metricValue :: Prelude.Text,
+    -- | The
+    -- <https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#Unit metric unit>
+    -- supported by CloudWatch.
+    metricUnit :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CloudwatchMetricAction' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'metricTimestamp', 'cloudwatchMetricAction_metricTimestamp' - An optional
+-- <https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#about_timestamp Unix timestamp>.
+--
+-- 'roleArn', 'cloudwatchMetricAction_roleArn' - The IAM role that allows access to the CloudWatch metric.
+--
+-- 'metricNamespace', 'cloudwatchMetricAction_metricNamespace' - The CloudWatch metric namespace name.
+--
+-- 'metricName', 'cloudwatchMetricAction_metricName' - The CloudWatch metric name.
+--
+-- 'metricValue', 'cloudwatchMetricAction_metricValue' - The CloudWatch metric value.
+--
+-- 'metricUnit', 'cloudwatchMetricAction_metricUnit' - The
+-- <https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#Unit metric unit>
+-- supported by CloudWatch.
+newCloudwatchMetricAction ::
+  -- | 'roleArn'
+  Prelude.Text ->
+  -- | 'metricNamespace'
+  Prelude.Text ->
+  -- | 'metricName'
+  Prelude.Text ->
+  -- | 'metricValue'
+  Prelude.Text ->
+  -- | 'metricUnit'
+  Prelude.Text ->
+  CloudwatchMetricAction
+newCloudwatchMetricAction
+  pRoleArn_
+  pMetricNamespace_
+  pMetricName_
+  pMetricValue_
+  pMetricUnit_ =
+    CloudwatchMetricAction'
+      { metricTimestamp =
+          Prelude.Nothing,
+        roleArn = pRoleArn_,
+        metricNamespace = pMetricNamespace_,
+        metricName = pMetricName_,
+        metricValue = pMetricValue_,
+        metricUnit = pMetricUnit_
+      }
+
+-- | An optional
+-- <https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#about_timestamp Unix timestamp>.
+cloudwatchMetricAction_metricTimestamp :: Lens.Lens' CloudwatchMetricAction (Prelude.Maybe Prelude.Text)
+cloudwatchMetricAction_metricTimestamp = Lens.lens (\CloudwatchMetricAction' {metricTimestamp} -> metricTimestamp) (\s@CloudwatchMetricAction' {} a -> s {metricTimestamp = a} :: CloudwatchMetricAction)
+
+-- | The IAM role that allows access to the CloudWatch metric.
+cloudwatchMetricAction_roleArn :: Lens.Lens' CloudwatchMetricAction Prelude.Text
+cloudwatchMetricAction_roleArn = Lens.lens (\CloudwatchMetricAction' {roleArn} -> roleArn) (\s@CloudwatchMetricAction' {} a -> s {roleArn = a} :: CloudwatchMetricAction)
+
+-- | The CloudWatch metric namespace name.
+cloudwatchMetricAction_metricNamespace :: Lens.Lens' CloudwatchMetricAction Prelude.Text
+cloudwatchMetricAction_metricNamespace = Lens.lens (\CloudwatchMetricAction' {metricNamespace} -> metricNamespace) (\s@CloudwatchMetricAction' {} a -> s {metricNamespace = a} :: CloudwatchMetricAction)
+
+-- | The CloudWatch metric name.
+cloudwatchMetricAction_metricName :: Lens.Lens' CloudwatchMetricAction Prelude.Text
+cloudwatchMetricAction_metricName = Lens.lens (\CloudwatchMetricAction' {metricName} -> metricName) (\s@CloudwatchMetricAction' {} a -> s {metricName = a} :: CloudwatchMetricAction)
+
+-- | The CloudWatch metric value.
+cloudwatchMetricAction_metricValue :: Lens.Lens' CloudwatchMetricAction Prelude.Text
+cloudwatchMetricAction_metricValue = Lens.lens (\CloudwatchMetricAction' {metricValue} -> metricValue) (\s@CloudwatchMetricAction' {} a -> s {metricValue = a} :: CloudwatchMetricAction)
+
+-- | The
+-- <https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#Unit metric unit>
+-- supported by CloudWatch.
+cloudwatchMetricAction_metricUnit :: Lens.Lens' CloudwatchMetricAction Prelude.Text
+cloudwatchMetricAction_metricUnit = Lens.lens (\CloudwatchMetricAction' {metricUnit} -> metricUnit) (\s@CloudwatchMetricAction' {} a -> s {metricUnit = a} :: CloudwatchMetricAction)
+
+instance Data.FromJSON CloudwatchMetricAction where
+  parseJSON =
+    Data.withObject
+      "CloudwatchMetricAction"
+      ( \x ->
+          CloudwatchMetricAction'
+            Prelude.<$> (x Data..:? "metricTimestamp")
+            Prelude.<*> (x Data..: "roleArn")
+            Prelude.<*> (x Data..: "metricNamespace")
+            Prelude.<*> (x Data..: "metricName")
+            Prelude.<*> (x Data..: "metricValue")
+            Prelude.<*> (x Data..: "metricUnit")
+      )
+
+instance Prelude.Hashable CloudwatchMetricAction where
+  hashWithSalt _salt CloudwatchMetricAction' {..} =
+    _salt
+      `Prelude.hashWithSalt` metricTimestamp
+      `Prelude.hashWithSalt` roleArn
+      `Prelude.hashWithSalt` metricNamespace
+      `Prelude.hashWithSalt` metricName
+      `Prelude.hashWithSalt` metricValue
+      `Prelude.hashWithSalt` metricUnit
+
+instance Prelude.NFData CloudwatchMetricAction where
+  rnf CloudwatchMetricAction' {..} =
+    Prelude.rnf metricTimestamp
+      `Prelude.seq` Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf metricNamespace
+      `Prelude.seq` Prelude.rnf metricName
+      `Prelude.seq` Prelude.rnf metricValue
+      `Prelude.seq` Prelude.rnf metricUnit
+
+instance Data.ToJSON CloudwatchMetricAction where
+  toJSON CloudwatchMetricAction' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("metricTimestamp" Data..=)
+              Prelude.<$> metricTimestamp,
+            Prelude.Just ("roleArn" Data..= roleArn),
+            Prelude.Just
+              ("metricNamespace" Data..= metricNamespace),
+            Prelude.Just ("metricName" Data..= metricName),
+            Prelude.Just ("metricValue" Data..= metricValue),
+            Prelude.Just ("metricUnit" Data..= metricUnit)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/CodeSigning.hs b/gen/Amazonka/IoT/Types/CodeSigning.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/CodeSigning.hs
@@ -0,0 +1,111 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.CodeSigning
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.CodeSigning where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.CustomCodeSigning
+import Amazonka.IoT.Types.StartSigningJobParameter
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes the method to use when code signing a file.
+--
+-- /See:/ 'newCodeSigning' smart constructor.
+data CodeSigning = CodeSigning'
+  { -- | The ID of the @AWSSignerJob@ which was created to sign the file.
+    awsSignerJobId :: Prelude.Maybe Prelude.Text,
+    -- | A custom method for code signing a file.
+    customCodeSigning :: Prelude.Maybe CustomCodeSigning,
+    -- | Describes the code-signing job.
+    startSigningJobParameter :: Prelude.Maybe StartSigningJobParameter
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CodeSigning' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'awsSignerJobId', 'codeSigning_awsSignerJobId' - The ID of the @AWSSignerJob@ which was created to sign the file.
+--
+-- 'customCodeSigning', 'codeSigning_customCodeSigning' - A custom method for code signing a file.
+--
+-- 'startSigningJobParameter', 'codeSigning_startSigningJobParameter' - Describes the code-signing job.
+newCodeSigning ::
+  CodeSigning
+newCodeSigning =
+  CodeSigning'
+    { awsSignerJobId = Prelude.Nothing,
+      customCodeSigning = Prelude.Nothing,
+      startSigningJobParameter = Prelude.Nothing
+    }
+
+-- | The ID of the @AWSSignerJob@ which was created to sign the file.
+codeSigning_awsSignerJobId :: Lens.Lens' CodeSigning (Prelude.Maybe Prelude.Text)
+codeSigning_awsSignerJobId = Lens.lens (\CodeSigning' {awsSignerJobId} -> awsSignerJobId) (\s@CodeSigning' {} a -> s {awsSignerJobId = a} :: CodeSigning)
+
+-- | A custom method for code signing a file.
+codeSigning_customCodeSigning :: Lens.Lens' CodeSigning (Prelude.Maybe CustomCodeSigning)
+codeSigning_customCodeSigning = Lens.lens (\CodeSigning' {customCodeSigning} -> customCodeSigning) (\s@CodeSigning' {} a -> s {customCodeSigning = a} :: CodeSigning)
+
+-- | Describes the code-signing job.
+codeSigning_startSigningJobParameter :: Lens.Lens' CodeSigning (Prelude.Maybe StartSigningJobParameter)
+codeSigning_startSigningJobParameter = Lens.lens (\CodeSigning' {startSigningJobParameter} -> startSigningJobParameter) (\s@CodeSigning' {} a -> s {startSigningJobParameter = a} :: CodeSigning)
+
+instance Data.FromJSON CodeSigning where
+  parseJSON =
+    Data.withObject
+      "CodeSigning"
+      ( \x ->
+          CodeSigning'
+            Prelude.<$> (x Data..:? "awsSignerJobId")
+            Prelude.<*> (x Data..:? "customCodeSigning")
+            Prelude.<*> (x Data..:? "startSigningJobParameter")
+      )
+
+instance Prelude.Hashable CodeSigning where
+  hashWithSalt _salt CodeSigning' {..} =
+    _salt
+      `Prelude.hashWithSalt` awsSignerJobId
+      `Prelude.hashWithSalt` customCodeSigning
+      `Prelude.hashWithSalt` startSigningJobParameter
+
+instance Prelude.NFData CodeSigning where
+  rnf CodeSigning' {..} =
+    Prelude.rnf awsSignerJobId
+      `Prelude.seq` Prelude.rnf customCodeSigning
+      `Prelude.seq` Prelude.rnf startSigningJobParameter
+
+instance Data.ToJSON CodeSigning where
+  toJSON CodeSigning' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("awsSignerJobId" Data..=)
+              Prelude.<$> awsSignerJobId,
+            ("customCodeSigning" Data..=)
+              Prelude.<$> customCodeSigning,
+            ("startSigningJobParameter" Data..=)
+              Prelude.<$> startSigningJobParameter
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/CodeSigningCertificateChain.hs b/gen/Amazonka/IoT/Types/CodeSigningCertificateChain.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/CodeSigningCertificateChain.hs
@@ -0,0 +1,99 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.CodeSigningCertificateChain
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.CodeSigningCertificateChain where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes the certificate chain being used when code signing a file.
+--
+-- /See:/ 'newCodeSigningCertificateChain' smart constructor.
+data CodeSigningCertificateChain = CodeSigningCertificateChain'
+  { -- | The name of the certificate.
+    certificateName :: Prelude.Maybe Prelude.Text,
+    -- | A base64 encoded binary representation of the code signing certificate
+    -- chain.
+    inlineDocument :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CodeSigningCertificateChain' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificateName', 'codeSigningCertificateChain_certificateName' - The name of the certificate.
+--
+-- 'inlineDocument', 'codeSigningCertificateChain_inlineDocument' - A base64 encoded binary representation of the code signing certificate
+-- chain.
+newCodeSigningCertificateChain ::
+  CodeSigningCertificateChain
+newCodeSigningCertificateChain =
+  CodeSigningCertificateChain'
+    { certificateName =
+        Prelude.Nothing,
+      inlineDocument = Prelude.Nothing
+    }
+
+-- | The name of the certificate.
+codeSigningCertificateChain_certificateName :: Lens.Lens' CodeSigningCertificateChain (Prelude.Maybe Prelude.Text)
+codeSigningCertificateChain_certificateName = Lens.lens (\CodeSigningCertificateChain' {certificateName} -> certificateName) (\s@CodeSigningCertificateChain' {} a -> s {certificateName = a} :: CodeSigningCertificateChain)
+
+-- | A base64 encoded binary representation of the code signing certificate
+-- chain.
+codeSigningCertificateChain_inlineDocument :: Lens.Lens' CodeSigningCertificateChain (Prelude.Maybe Prelude.Text)
+codeSigningCertificateChain_inlineDocument = Lens.lens (\CodeSigningCertificateChain' {inlineDocument} -> inlineDocument) (\s@CodeSigningCertificateChain' {} a -> s {inlineDocument = a} :: CodeSigningCertificateChain)
+
+instance Data.FromJSON CodeSigningCertificateChain where
+  parseJSON =
+    Data.withObject
+      "CodeSigningCertificateChain"
+      ( \x ->
+          CodeSigningCertificateChain'
+            Prelude.<$> (x Data..:? "certificateName")
+            Prelude.<*> (x Data..:? "inlineDocument")
+      )
+
+instance Prelude.Hashable CodeSigningCertificateChain where
+  hashWithSalt _salt CodeSigningCertificateChain' {..} =
+    _salt
+      `Prelude.hashWithSalt` certificateName
+      `Prelude.hashWithSalt` inlineDocument
+
+instance Prelude.NFData CodeSigningCertificateChain where
+  rnf CodeSigningCertificateChain' {..} =
+    Prelude.rnf certificateName
+      `Prelude.seq` Prelude.rnf inlineDocument
+
+instance Data.ToJSON CodeSigningCertificateChain where
+  toJSON CodeSigningCertificateChain' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("certificateName" Data..=)
+              Prelude.<$> certificateName,
+            ("inlineDocument" Data..=)
+              Prelude.<$> inlineDocument
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/CodeSigningSignature.hs b/gen/Amazonka/IoT/Types/CodeSigningSignature.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/CodeSigningSignature.hs
@@ -0,0 +1,89 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.CodeSigningSignature
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.CodeSigningSignature where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes the signature for a file.
+--
+-- /See:/ 'newCodeSigningSignature' smart constructor.
+data CodeSigningSignature = CodeSigningSignature'
+  { -- | A base64 encoded binary representation of the code signing signature.
+    inlineDocument :: Prelude.Maybe Data.Base64
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CodeSigningSignature' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'inlineDocument', 'codeSigningSignature_inlineDocument' - A base64 encoded binary representation of the code signing signature.--
+-- -- /Note:/ This 'Lens' automatically encodes and decodes Base64 data.
+-- -- The underlying isomorphism will encode to Base64 representation during
+-- -- serialisation, and decode from Base64 representation during deserialisation.
+-- -- This 'Lens' accepts and returns only raw unencoded data.
+newCodeSigningSignature ::
+  CodeSigningSignature
+newCodeSigningSignature =
+  CodeSigningSignature'
+    { inlineDocument =
+        Prelude.Nothing
+    }
+
+-- | A base64 encoded binary representation of the code signing signature.--
+-- -- /Note:/ This 'Lens' automatically encodes and decodes Base64 data.
+-- -- The underlying isomorphism will encode to Base64 representation during
+-- -- serialisation, and decode from Base64 representation during deserialisation.
+-- -- This 'Lens' accepts and returns only raw unencoded data.
+codeSigningSignature_inlineDocument :: Lens.Lens' CodeSigningSignature (Prelude.Maybe Prelude.ByteString)
+codeSigningSignature_inlineDocument = Lens.lens (\CodeSigningSignature' {inlineDocument} -> inlineDocument) (\s@CodeSigningSignature' {} a -> s {inlineDocument = a} :: CodeSigningSignature) Prelude.. Lens.mapping Data._Base64
+
+instance Data.FromJSON CodeSigningSignature where
+  parseJSON =
+    Data.withObject
+      "CodeSigningSignature"
+      ( \x ->
+          CodeSigningSignature'
+            Prelude.<$> (x Data..:? "inlineDocument")
+      )
+
+instance Prelude.Hashable CodeSigningSignature where
+  hashWithSalt _salt CodeSigningSignature' {..} =
+    _salt `Prelude.hashWithSalt` inlineDocument
+
+instance Prelude.NFData CodeSigningSignature where
+  rnf CodeSigningSignature' {..} =
+    Prelude.rnf inlineDocument
+
+instance Data.ToJSON CodeSigningSignature where
+  toJSON CodeSigningSignature' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("inlineDocument" Data..=)
+              Prelude.<$> inlineDocument
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/ComparisonOperator.hs b/gen/Amazonka/IoT/Types/ComparisonOperator.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ComparisonOperator.hs
@@ -0,0 +1,111 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ComparisonOperator
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ComparisonOperator
+  ( ComparisonOperator
+      ( ..,
+        ComparisonOperator_Greater_than,
+        ComparisonOperator_Greater_than_equals,
+        ComparisonOperator_In_cidr_set,
+        ComparisonOperator_In_port_set,
+        ComparisonOperator_In_set,
+        ComparisonOperator_Less_than,
+        ComparisonOperator_Less_than_equals,
+        ComparisonOperator_Not_in_cidr_set,
+        ComparisonOperator_Not_in_port_set,
+        ComparisonOperator_Not_in_set
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype ComparisonOperator = ComparisonOperator'
+  { fromComparisonOperator ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern ComparisonOperator_Greater_than :: ComparisonOperator
+pattern ComparisonOperator_Greater_than = ComparisonOperator' "greater-than"
+
+pattern ComparisonOperator_Greater_than_equals :: ComparisonOperator
+pattern ComparisonOperator_Greater_than_equals = ComparisonOperator' "greater-than-equals"
+
+pattern ComparisonOperator_In_cidr_set :: ComparisonOperator
+pattern ComparisonOperator_In_cidr_set = ComparisonOperator' "in-cidr-set"
+
+pattern ComparisonOperator_In_port_set :: ComparisonOperator
+pattern ComparisonOperator_In_port_set = ComparisonOperator' "in-port-set"
+
+pattern ComparisonOperator_In_set :: ComparisonOperator
+pattern ComparisonOperator_In_set = ComparisonOperator' "in-set"
+
+pattern ComparisonOperator_Less_than :: ComparisonOperator
+pattern ComparisonOperator_Less_than = ComparisonOperator' "less-than"
+
+pattern ComparisonOperator_Less_than_equals :: ComparisonOperator
+pattern ComparisonOperator_Less_than_equals = ComparisonOperator' "less-than-equals"
+
+pattern ComparisonOperator_Not_in_cidr_set :: ComparisonOperator
+pattern ComparisonOperator_Not_in_cidr_set = ComparisonOperator' "not-in-cidr-set"
+
+pattern ComparisonOperator_Not_in_port_set :: ComparisonOperator
+pattern ComparisonOperator_Not_in_port_set = ComparisonOperator' "not-in-port-set"
+
+pattern ComparisonOperator_Not_in_set :: ComparisonOperator
+pattern ComparisonOperator_Not_in_set = ComparisonOperator' "not-in-set"
+
+{-# COMPLETE
+  ComparisonOperator_Greater_than,
+  ComparisonOperator_Greater_than_equals,
+  ComparisonOperator_In_cidr_set,
+  ComparisonOperator_In_port_set,
+  ComparisonOperator_In_set,
+  ComparisonOperator_Less_than,
+  ComparisonOperator_Less_than_equals,
+  ComparisonOperator_Not_in_cidr_set,
+  ComparisonOperator_Not_in_port_set,
+  ComparisonOperator_Not_in_set,
+  ComparisonOperator'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/ConfidenceLevel.hs b/gen/Amazonka/IoT/Types/ConfidenceLevel.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ConfidenceLevel.hs
@@ -0,0 +1,76 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ConfidenceLevel
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ConfidenceLevel
+  ( ConfidenceLevel
+      ( ..,
+        ConfidenceLevel_HIGH,
+        ConfidenceLevel_LOW,
+        ConfidenceLevel_MEDIUM
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype ConfidenceLevel = ConfidenceLevel'
+  { fromConfidenceLevel ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern ConfidenceLevel_HIGH :: ConfidenceLevel
+pattern ConfidenceLevel_HIGH = ConfidenceLevel' "HIGH"
+
+pattern ConfidenceLevel_LOW :: ConfidenceLevel
+pattern ConfidenceLevel_LOW = ConfidenceLevel' "LOW"
+
+pattern ConfidenceLevel_MEDIUM :: ConfidenceLevel
+pattern ConfidenceLevel_MEDIUM = ConfidenceLevel' "MEDIUM"
+
+{-# COMPLETE
+  ConfidenceLevel_HIGH,
+  ConfidenceLevel_LOW,
+  ConfidenceLevel_MEDIUM,
+  ConfidenceLevel'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/Configuration.hs b/gen/Amazonka/IoT/Types/Configuration.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/Configuration.hs
@@ -0,0 +1,74 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.Configuration
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.Configuration where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Configuration.
+--
+-- /See:/ 'newConfiguration' smart constructor.
+data Configuration = Configuration'
+  { -- | True to enable the configuration.
+    enabled :: Prelude.Maybe Prelude.Bool
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'Configuration' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'enabled', 'configuration_enabled' - True to enable the configuration.
+newConfiguration ::
+  Configuration
+newConfiguration =
+  Configuration' {enabled = Prelude.Nothing}
+
+-- | True to enable the configuration.
+configuration_enabled :: Lens.Lens' Configuration (Prelude.Maybe Prelude.Bool)
+configuration_enabled = Lens.lens (\Configuration' {enabled} -> enabled) (\s@Configuration' {} a -> s {enabled = a} :: Configuration)
+
+instance Data.FromJSON Configuration where
+  parseJSON =
+    Data.withObject
+      "Configuration"
+      ( \x ->
+          Configuration' Prelude.<$> (x Data..:? "Enabled")
+      )
+
+instance Prelude.Hashable Configuration where
+  hashWithSalt _salt Configuration' {..} =
+    _salt `Prelude.hashWithSalt` enabled
+
+instance Prelude.NFData Configuration where
+  rnf Configuration' {..} = Prelude.rnf enabled
+
+instance Data.ToJSON Configuration where
+  toJSON Configuration' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [("Enabled" Data..=) Prelude.<$> enabled]
+      )
diff --git a/gen/Amazonka/IoT/Types/CustomCodeSigning.hs b/gen/Amazonka/IoT/Types/CustomCodeSigning.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/CustomCodeSigning.hs
@@ -0,0 +1,154 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.CustomCodeSigning
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.CustomCodeSigning where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.CodeSigningCertificateChain
+import Amazonka.IoT.Types.CodeSigningSignature
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes a custom method used to code sign a file.
+--
+-- /See:/ 'newCustomCodeSigning' smart constructor.
+data CustomCodeSigning = CustomCodeSigning'
+  { -- | The certificate chain.
+    certificateChain :: Prelude.Maybe CodeSigningCertificateChain,
+    -- | The hash algorithm used to code sign the file. You can use a string as
+    -- the algorithm name if the target over-the-air (OTA) update devices are
+    -- able to verify the signature that was generated using the same signature
+    -- algorithm. For example, FreeRTOS uses @SHA256@ or @SHA1@, so you can
+    -- pass either of them based on which was used for generating the
+    -- signature.
+    hashAlgorithm :: Prelude.Maybe Prelude.Text,
+    -- | The signature for the file.
+    signature :: Prelude.Maybe CodeSigningSignature,
+    -- | The signature algorithm used to code sign the file. You can use a string
+    -- as the algorithm name if the target over-the-air (OTA) update devices
+    -- are able to verify the signature that was generated using the same
+    -- signature algorithm. For example, FreeRTOS uses @ECDSA@ or @RSA@, so you
+    -- can pass either of them based on which was used for generating the
+    -- signature.
+    signatureAlgorithm :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CustomCodeSigning' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificateChain', 'customCodeSigning_certificateChain' - The certificate chain.
+--
+-- 'hashAlgorithm', 'customCodeSigning_hashAlgorithm' - The hash algorithm used to code sign the file. You can use a string as
+-- the algorithm name if the target over-the-air (OTA) update devices are
+-- able to verify the signature that was generated using the same signature
+-- algorithm. For example, FreeRTOS uses @SHA256@ or @SHA1@, so you can
+-- pass either of them based on which was used for generating the
+-- signature.
+--
+-- 'signature', 'customCodeSigning_signature' - The signature for the file.
+--
+-- 'signatureAlgorithm', 'customCodeSigning_signatureAlgorithm' - The signature algorithm used to code sign the file. You can use a string
+-- as the algorithm name if the target over-the-air (OTA) update devices
+-- are able to verify the signature that was generated using the same
+-- signature algorithm. For example, FreeRTOS uses @ECDSA@ or @RSA@, so you
+-- can pass either of them based on which was used for generating the
+-- signature.
+newCustomCodeSigning ::
+  CustomCodeSigning
+newCustomCodeSigning =
+  CustomCodeSigning'
+    { certificateChain =
+        Prelude.Nothing,
+      hashAlgorithm = Prelude.Nothing,
+      signature = Prelude.Nothing,
+      signatureAlgorithm = Prelude.Nothing
+    }
+
+-- | The certificate chain.
+customCodeSigning_certificateChain :: Lens.Lens' CustomCodeSigning (Prelude.Maybe CodeSigningCertificateChain)
+customCodeSigning_certificateChain = Lens.lens (\CustomCodeSigning' {certificateChain} -> certificateChain) (\s@CustomCodeSigning' {} a -> s {certificateChain = a} :: CustomCodeSigning)
+
+-- | The hash algorithm used to code sign the file. You can use a string as
+-- the algorithm name if the target over-the-air (OTA) update devices are
+-- able to verify the signature that was generated using the same signature
+-- algorithm. For example, FreeRTOS uses @SHA256@ or @SHA1@, so you can
+-- pass either of them based on which was used for generating the
+-- signature.
+customCodeSigning_hashAlgorithm :: Lens.Lens' CustomCodeSigning (Prelude.Maybe Prelude.Text)
+customCodeSigning_hashAlgorithm = Lens.lens (\CustomCodeSigning' {hashAlgorithm} -> hashAlgorithm) (\s@CustomCodeSigning' {} a -> s {hashAlgorithm = a} :: CustomCodeSigning)
+
+-- | The signature for the file.
+customCodeSigning_signature :: Lens.Lens' CustomCodeSigning (Prelude.Maybe CodeSigningSignature)
+customCodeSigning_signature = Lens.lens (\CustomCodeSigning' {signature} -> signature) (\s@CustomCodeSigning' {} a -> s {signature = a} :: CustomCodeSigning)
+
+-- | The signature algorithm used to code sign the file. You can use a string
+-- as the algorithm name if the target over-the-air (OTA) update devices
+-- are able to verify the signature that was generated using the same
+-- signature algorithm. For example, FreeRTOS uses @ECDSA@ or @RSA@, so you
+-- can pass either of them based on which was used for generating the
+-- signature.
+customCodeSigning_signatureAlgorithm :: Lens.Lens' CustomCodeSigning (Prelude.Maybe Prelude.Text)
+customCodeSigning_signatureAlgorithm = Lens.lens (\CustomCodeSigning' {signatureAlgorithm} -> signatureAlgorithm) (\s@CustomCodeSigning' {} a -> s {signatureAlgorithm = a} :: CustomCodeSigning)
+
+instance Data.FromJSON CustomCodeSigning where
+  parseJSON =
+    Data.withObject
+      "CustomCodeSigning"
+      ( \x ->
+          CustomCodeSigning'
+            Prelude.<$> (x Data..:? "certificateChain")
+            Prelude.<*> (x Data..:? "hashAlgorithm")
+            Prelude.<*> (x Data..:? "signature")
+            Prelude.<*> (x Data..:? "signatureAlgorithm")
+      )
+
+instance Prelude.Hashable CustomCodeSigning where
+  hashWithSalt _salt CustomCodeSigning' {..} =
+    _salt
+      `Prelude.hashWithSalt` certificateChain
+      `Prelude.hashWithSalt` hashAlgorithm
+      `Prelude.hashWithSalt` signature
+      `Prelude.hashWithSalt` signatureAlgorithm
+
+instance Prelude.NFData CustomCodeSigning where
+  rnf CustomCodeSigning' {..} =
+    Prelude.rnf certificateChain
+      `Prelude.seq` Prelude.rnf hashAlgorithm
+      `Prelude.seq` Prelude.rnf signature
+      `Prelude.seq` Prelude.rnf signatureAlgorithm
+
+instance Data.ToJSON CustomCodeSigning where
+  toJSON CustomCodeSigning' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("certificateChain" Data..=)
+              Prelude.<$> certificateChain,
+            ("hashAlgorithm" Data..=) Prelude.<$> hashAlgorithm,
+            ("signature" Data..=) Prelude.<$> signature,
+            ("signatureAlgorithm" Data..=)
+              Prelude.<$> signatureAlgorithm
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/CustomMetricType.hs b/gen/Amazonka/IoT/Types/CustomMetricType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/CustomMetricType.hs
@@ -0,0 +1,81 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.CustomMetricType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.CustomMetricType
+  ( CustomMetricType
+      ( ..,
+        CustomMetricType_Ip_address_list,
+        CustomMetricType_Number,
+        CustomMetricType_Number_list,
+        CustomMetricType_String_list
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype CustomMetricType = CustomMetricType'
+  { fromCustomMetricType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern CustomMetricType_Ip_address_list :: CustomMetricType
+pattern CustomMetricType_Ip_address_list = CustomMetricType' "ip-address-list"
+
+pattern CustomMetricType_Number :: CustomMetricType
+pattern CustomMetricType_Number = CustomMetricType' "number"
+
+pattern CustomMetricType_Number_list :: CustomMetricType
+pattern CustomMetricType_Number_list = CustomMetricType' "number-list"
+
+pattern CustomMetricType_String_list :: CustomMetricType
+pattern CustomMetricType_String_list = CustomMetricType' "string-list"
+
+{-# COMPLETE
+  CustomMetricType_Ip_address_list,
+  CustomMetricType_Number,
+  CustomMetricType_Number_list,
+  CustomMetricType_String_list,
+  CustomMetricType'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/DayOfWeek.hs b/gen/Amazonka/IoT/Types/DayOfWeek.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/DayOfWeek.hs
@@ -0,0 +1,96 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.DayOfWeek
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.DayOfWeek
+  ( DayOfWeek
+      ( ..,
+        DayOfWeek_FRI,
+        DayOfWeek_MON,
+        DayOfWeek_SAT,
+        DayOfWeek_SUN,
+        DayOfWeek_THU,
+        DayOfWeek_TUE,
+        DayOfWeek_WED
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype DayOfWeek = DayOfWeek'
+  { fromDayOfWeek ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern DayOfWeek_FRI :: DayOfWeek
+pattern DayOfWeek_FRI = DayOfWeek' "FRI"
+
+pattern DayOfWeek_MON :: DayOfWeek
+pattern DayOfWeek_MON = DayOfWeek' "MON"
+
+pattern DayOfWeek_SAT :: DayOfWeek
+pattern DayOfWeek_SAT = DayOfWeek' "SAT"
+
+pattern DayOfWeek_SUN :: DayOfWeek
+pattern DayOfWeek_SUN = DayOfWeek' "SUN"
+
+pattern DayOfWeek_THU :: DayOfWeek
+pattern DayOfWeek_THU = DayOfWeek' "THU"
+
+pattern DayOfWeek_TUE :: DayOfWeek
+pattern DayOfWeek_TUE = DayOfWeek' "TUE"
+
+pattern DayOfWeek_WED :: DayOfWeek
+pattern DayOfWeek_WED = DayOfWeek' "WED"
+
+{-# COMPLETE
+  DayOfWeek_FRI,
+  DayOfWeek_MON,
+  DayOfWeek_SAT,
+  DayOfWeek_SUN,
+  DayOfWeek_THU,
+  DayOfWeek_TUE,
+  DayOfWeek_WED,
+  DayOfWeek'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/Denied.hs b/gen/Amazonka/IoT/Types/Denied.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/Denied.hs
@@ -0,0 +1,92 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.Denied
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.Denied where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.ExplicitDeny
+import Amazonka.IoT.Types.ImplicitDeny
+import qualified Amazonka.Prelude as Prelude
+
+-- | Contains information that denied the authorization.
+--
+-- /See:/ 'newDenied' smart constructor.
+data Denied = Denied'
+  { -- | Information that explicitly denies the authorization.
+    explicitDeny :: Prelude.Maybe ExplicitDeny,
+    -- | Information that implicitly denies the authorization. When a policy
+    -- doesn\'t explicitly deny or allow an action on a resource it is
+    -- considered an implicit deny.
+    implicitDeny :: Prelude.Maybe ImplicitDeny
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'Denied' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'explicitDeny', 'denied_explicitDeny' - Information that explicitly denies the authorization.
+--
+-- 'implicitDeny', 'denied_implicitDeny' - Information that implicitly denies the authorization. When a policy
+-- doesn\'t explicitly deny or allow an action on a resource it is
+-- considered an implicit deny.
+newDenied ::
+  Denied
+newDenied =
+  Denied'
+    { explicitDeny = Prelude.Nothing,
+      implicitDeny = Prelude.Nothing
+    }
+
+-- | Information that explicitly denies the authorization.
+denied_explicitDeny :: Lens.Lens' Denied (Prelude.Maybe ExplicitDeny)
+denied_explicitDeny = Lens.lens (\Denied' {explicitDeny} -> explicitDeny) (\s@Denied' {} a -> s {explicitDeny = a} :: Denied)
+
+-- | Information that implicitly denies the authorization. When a policy
+-- doesn\'t explicitly deny or allow an action on a resource it is
+-- considered an implicit deny.
+denied_implicitDeny :: Lens.Lens' Denied (Prelude.Maybe ImplicitDeny)
+denied_implicitDeny = Lens.lens (\Denied' {implicitDeny} -> implicitDeny) (\s@Denied' {} a -> s {implicitDeny = a} :: Denied)
+
+instance Data.FromJSON Denied where
+  parseJSON =
+    Data.withObject
+      "Denied"
+      ( \x ->
+          Denied'
+            Prelude.<$> (x Data..:? "explicitDeny")
+            Prelude.<*> (x Data..:? "implicitDeny")
+      )
+
+instance Prelude.Hashable Denied where
+  hashWithSalt _salt Denied' {..} =
+    _salt
+      `Prelude.hashWithSalt` explicitDeny
+      `Prelude.hashWithSalt` implicitDeny
+
+instance Prelude.NFData Denied where
+  rnf Denied' {..} =
+    Prelude.rnf explicitDeny
+      `Prelude.seq` Prelude.rnf implicitDeny
diff --git a/gen/Amazonka/IoT/Types/Destination.hs b/gen/Amazonka/IoT/Types/Destination.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/Destination.hs
@@ -0,0 +1,78 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.Destination
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.Destination where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.S3Destination
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes the location of the updated firmware.
+--
+-- /See:/ 'newDestination' smart constructor.
+data Destination = Destination'
+  { -- | Describes the location in S3 of the updated firmware.
+    s3Destination :: Prelude.Maybe S3Destination
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'Destination' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 's3Destination', 'destination_s3Destination' - Describes the location in S3 of the updated firmware.
+newDestination ::
+  Destination
+newDestination =
+  Destination' {s3Destination = Prelude.Nothing}
+
+-- | Describes the location in S3 of the updated firmware.
+destination_s3Destination :: Lens.Lens' Destination (Prelude.Maybe S3Destination)
+destination_s3Destination = Lens.lens (\Destination' {s3Destination} -> s3Destination) (\s@Destination' {} a -> s {s3Destination = a} :: Destination)
+
+instance Data.FromJSON Destination where
+  parseJSON =
+    Data.withObject
+      "Destination"
+      ( \x ->
+          Destination'
+            Prelude.<$> (x Data..:? "s3Destination")
+      )
+
+instance Prelude.Hashable Destination where
+  hashWithSalt _salt Destination' {..} =
+    _salt `Prelude.hashWithSalt` s3Destination
+
+instance Prelude.NFData Destination where
+  rnf Destination' {..} = Prelude.rnf s3Destination
+
+instance Data.ToJSON Destination where
+  toJSON Destination' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("s3Destination" Data..=)
+              Prelude.<$> s3Destination
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/DetectMitigationActionExecution.hs b/gen/Amazonka/IoT/Types/DetectMitigationActionExecution.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/DetectMitigationActionExecution.hs
@@ -0,0 +1,181 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.DetectMitigationActionExecution
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.DetectMitigationActionExecution where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.DetectMitigationActionExecutionStatus
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes which mitigation actions should be executed.
+--
+-- /See:/ 'newDetectMitigationActionExecution' smart constructor.
+data DetectMitigationActionExecution = DetectMitigationActionExecution'
+  { -- | The friendly name that uniquely identifies the mitigation action.
+    actionName :: Prelude.Maybe Prelude.Text,
+    -- | The error code of a mitigation action.
+    errorCode :: Prelude.Maybe Prelude.Text,
+    -- | The date a mitigation action ended.
+    executionEndDate :: Prelude.Maybe Data.POSIX,
+    -- | The date a mitigation action was started.
+    executionStartDate :: Prelude.Maybe Data.POSIX,
+    -- | The message of a mitigation action.
+    message :: Prelude.Maybe Prelude.Text,
+    -- | The status of a mitigation action.
+    status :: Prelude.Maybe DetectMitigationActionExecutionStatus,
+    -- | The unique identifier of the task.
+    taskId :: Prelude.Maybe Prelude.Text,
+    -- | The name of the thing.
+    thingName :: Prelude.Maybe Prelude.Text,
+    -- | The unique identifier of the violation.
+    violationId :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DetectMitigationActionExecution' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'actionName', 'detectMitigationActionExecution_actionName' - The friendly name that uniquely identifies the mitigation action.
+--
+-- 'errorCode', 'detectMitigationActionExecution_errorCode' - The error code of a mitigation action.
+--
+-- 'executionEndDate', 'detectMitigationActionExecution_executionEndDate' - The date a mitigation action ended.
+--
+-- 'executionStartDate', 'detectMitigationActionExecution_executionStartDate' - The date a mitigation action was started.
+--
+-- 'message', 'detectMitigationActionExecution_message' - The message of a mitigation action.
+--
+-- 'status', 'detectMitigationActionExecution_status' - The status of a mitigation action.
+--
+-- 'taskId', 'detectMitigationActionExecution_taskId' - The unique identifier of the task.
+--
+-- 'thingName', 'detectMitigationActionExecution_thingName' - The name of the thing.
+--
+-- 'violationId', 'detectMitigationActionExecution_violationId' - The unique identifier of the violation.
+newDetectMitigationActionExecution ::
+  DetectMitigationActionExecution
+newDetectMitigationActionExecution =
+  DetectMitigationActionExecution'
+    { actionName =
+        Prelude.Nothing,
+      errorCode = Prelude.Nothing,
+      executionEndDate = Prelude.Nothing,
+      executionStartDate = Prelude.Nothing,
+      message = Prelude.Nothing,
+      status = Prelude.Nothing,
+      taskId = Prelude.Nothing,
+      thingName = Prelude.Nothing,
+      violationId = Prelude.Nothing
+    }
+
+-- | The friendly name that uniquely identifies the mitigation action.
+detectMitigationActionExecution_actionName :: Lens.Lens' DetectMitigationActionExecution (Prelude.Maybe Prelude.Text)
+detectMitigationActionExecution_actionName = Lens.lens (\DetectMitigationActionExecution' {actionName} -> actionName) (\s@DetectMitigationActionExecution' {} a -> s {actionName = a} :: DetectMitigationActionExecution)
+
+-- | The error code of a mitigation action.
+detectMitigationActionExecution_errorCode :: Lens.Lens' DetectMitigationActionExecution (Prelude.Maybe Prelude.Text)
+detectMitigationActionExecution_errorCode = Lens.lens (\DetectMitigationActionExecution' {errorCode} -> errorCode) (\s@DetectMitigationActionExecution' {} a -> s {errorCode = a} :: DetectMitigationActionExecution)
+
+-- | The date a mitigation action ended.
+detectMitigationActionExecution_executionEndDate :: Lens.Lens' DetectMitigationActionExecution (Prelude.Maybe Prelude.UTCTime)
+detectMitigationActionExecution_executionEndDate = Lens.lens (\DetectMitigationActionExecution' {executionEndDate} -> executionEndDate) (\s@DetectMitigationActionExecution' {} a -> s {executionEndDate = a} :: DetectMitigationActionExecution) Prelude.. Lens.mapping Data._Time
+
+-- | The date a mitigation action was started.
+detectMitigationActionExecution_executionStartDate :: Lens.Lens' DetectMitigationActionExecution (Prelude.Maybe Prelude.UTCTime)
+detectMitigationActionExecution_executionStartDate = Lens.lens (\DetectMitigationActionExecution' {executionStartDate} -> executionStartDate) (\s@DetectMitigationActionExecution' {} a -> s {executionStartDate = a} :: DetectMitigationActionExecution) Prelude.. Lens.mapping Data._Time
+
+-- | The message of a mitigation action.
+detectMitigationActionExecution_message :: Lens.Lens' DetectMitigationActionExecution (Prelude.Maybe Prelude.Text)
+detectMitigationActionExecution_message = Lens.lens (\DetectMitigationActionExecution' {message} -> message) (\s@DetectMitigationActionExecution' {} a -> s {message = a} :: DetectMitigationActionExecution)
+
+-- | The status of a mitigation action.
+detectMitigationActionExecution_status :: Lens.Lens' DetectMitigationActionExecution (Prelude.Maybe DetectMitigationActionExecutionStatus)
+detectMitigationActionExecution_status = Lens.lens (\DetectMitigationActionExecution' {status} -> status) (\s@DetectMitigationActionExecution' {} a -> s {status = a} :: DetectMitigationActionExecution)
+
+-- | The unique identifier of the task.
+detectMitigationActionExecution_taskId :: Lens.Lens' DetectMitigationActionExecution (Prelude.Maybe Prelude.Text)
+detectMitigationActionExecution_taskId = Lens.lens (\DetectMitigationActionExecution' {taskId} -> taskId) (\s@DetectMitigationActionExecution' {} a -> s {taskId = a} :: DetectMitigationActionExecution)
+
+-- | The name of the thing.
+detectMitigationActionExecution_thingName :: Lens.Lens' DetectMitigationActionExecution (Prelude.Maybe Prelude.Text)
+detectMitigationActionExecution_thingName = Lens.lens (\DetectMitigationActionExecution' {thingName} -> thingName) (\s@DetectMitigationActionExecution' {} a -> s {thingName = a} :: DetectMitigationActionExecution)
+
+-- | The unique identifier of the violation.
+detectMitigationActionExecution_violationId :: Lens.Lens' DetectMitigationActionExecution (Prelude.Maybe Prelude.Text)
+detectMitigationActionExecution_violationId = Lens.lens (\DetectMitigationActionExecution' {violationId} -> violationId) (\s@DetectMitigationActionExecution' {} a -> s {violationId = a} :: DetectMitigationActionExecution)
+
+instance
+  Data.FromJSON
+    DetectMitigationActionExecution
+  where
+  parseJSON =
+    Data.withObject
+      "DetectMitigationActionExecution"
+      ( \x ->
+          DetectMitigationActionExecution'
+            Prelude.<$> (x Data..:? "actionName")
+            Prelude.<*> (x Data..:? "errorCode")
+            Prelude.<*> (x Data..:? "executionEndDate")
+            Prelude.<*> (x Data..:? "executionStartDate")
+            Prelude.<*> (x Data..:? "message")
+            Prelude.<*> (x Data..:? "status")
+            Prelude.<*> (x Data..:? "taskId")
+            Prelude.<*> (x Data..:? "thingName")
+            Prelude.<*> (x Data..:? "violationId")
+      )
+
+instance
+  Prelude.Hashable
+    DetectMitigationActionExecution
+  where
+  hashWithSalt
+    _salt
+    DetectMitigationActionExecution' {..} =
+      _salt
+        `Prelude.hashWithSalt` actionName
+        `Prelude.hashWithSalt` errorCode
+        `Prelude.hashWithSalt` executionEndDate
+        `Prelude.hashWithSalt` executionStartDate
+        `Prelude.hashWithSalt` message
+        `Prelude.hashWithSalt` status
+        `Prelude.hashWithSalt` taskId
+        `Prelude.hashWithSalt` thingName
+        `Prelude.hashWithSalt` violationId
+
+instance
+  Prelude.NFData
+    DetectMitigationActionExecution
+  where
+  rnf DetectMitigationActionExecution' {..} =
+    Prelude.rnf actionName
+      `Prelude.seq` Prelude.rnf errorCode
+      `Prelude.seq` Prelude.rnf executionEndDate
+      `Prelude.seq` Prelude.rnf executionStartDate
+      `Prelude.seq` Prelude.rnf message
+      `Prelude.seq` Prelude.rnf status
+      `Prelude.seq` Prelude.rnf taskId
+      `Prelude.seq` Prelude.rnf thingName
+      `Prelude.seq` Prelude.rnf violationId
diff --git a/gen/Amazonka/IoT/Types/DetectMitigationActionExecutionStatus.hs b/gen/Amazonka/IoT/Types/DetectMitigationActionExecutionStatus.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/DetectMitigationActionExecutionStatus.hs
@@ -0,0 +1,81 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.DetectMitigationActionExecutionStatus
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.DetectMitigationActionExecutionStatus
+  ( DetectMitigationActionExecutionStatus
+      ( ..,
+        DetectMitigationActionExecutionStatus_FAILED,
+        DetectMitigationActionExecutionStatus_IN_PROGRESS,
+        DetectMitigationActionExecutionStatus_SKIPPED,
+        DetectMitigationActionExecutionStatus_SUCCESSFUL
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype DetectMitigationActionExecutionStatus = DetectMitigationActionExecutionStatus'
+  { fromDetectMitigationActionExecutionStatus ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern DetectMitigationActionExecutionStatus_FAILED :: DetectMitigationActionExecutionStatus
+pattern DetectMitigationActionExecutionStatus_FAILED = DetectMitigationActionExecutionStatus' "FAILED"
+
+pattern DetectMitigationActionExecutionStatus_IN_PROGRESS :: DetectMitigationActionExecutionStatus
+pattern DetectMitigationActionExecutionStatus_IN_PROGRESS = DetectMitigationActionExecutionStatus' "IN_PROGRESS"
+
+pattern DetectMitigationActionExecutionStatus_SKIPPED :: DetectMitigationActionExecutionStatus
+pattern DetectMitigationActionExecutionStatus_SKIPPED = DetectMitigationActionExecutionStatus' "SKIPPED"
+
+pattern DetectMitigationActionExecutionStatus_SUCCESSFUL :: DetectMitigationActionExecutionStatus
+pattern DetectMitigationActionExecutionStatus_SUCCESSFUL = DetectMitigationActionExecutionStatus' "SUCCESSFUL"
+
+{-# COMPLETE
+  DetectMitigationActionExecutionStatus_FAILED,
+  DetectMitigationActionExecutionStatus_IN_PROGRESS,
+  DetectMitigationActionExecutionStatus_SKIPPED,
+  DetectMitigationActionExecutionStatus_SUCCESSFUL,
+  DetectMitigationActionExecutionStatus'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/DetectMitigationActionsTaskStatistics.hs b/gen/Amazonka/IoT/Types/DetectMitigationActionsTaskStatistics.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/DetectMitigationActionsTaskStatistics.hs
@@ -0,0 +1,108 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.DetectMitigationActionsTaskStatistics
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.DetectMitigationActionsTaskStatistics where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The statistics of a mitigation action task.
+--
+-- /See:/ 'newDetectMitigationActionsTaskStatistics' smart constructor.
+data DetectMitigationActionsTaskStatistics = DetectMitigationActionsTaskStatistics'
+  { -- | The actions that were performed.
+    actionsExecuted :: Prelude.Maybe Prelude.Integer,
+    -- | The actions that failed.
+    actionsFailed :: Prelude.Maybe Prelude.Integer,
+    -- | The actions that were skipped.
+    actionsSkipped :: Prelude.Maybe Prelude.Integer
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DetectMitigationActionsTaskStatistics' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'actionsExecuted', 'detectMitigationActionsTaskStatistics_actionsExecuted' - The actions that were performed.
+--
+-- 'actionsFailed', 'detectMitigationActionsTaskStatistics_actionsFailed' - The actions that failed.
+--
+-- 'actionsSkipped', 'detectMitigationActionsTaskStatistics_actionsSkipped' - The actions that were skipped.
+newDetectMitigationActionsTaskStatistics ::
+  DetectMitigationActionsTaskStatistics
+newDetectMitigationActionsTaskStatistics =
+  DetectMitigationActionsTaskStatistics'
+    { actionsExecuted =
+        Prelude.Nothing,
+      actionsFailed = Prelude.Nothing,
+      actionsSkipped = Prelude.Nothing
+    }
+
+-- | The actions that were performed.
+detectMitigationActionsTaskStatistics_actionsExecuted :: Lens.Lens' DetectMitigationActionsTaskStatistics (Prelude.Maybe Prelude.Integer)
+detectMitigationActionsTaskStatistics_actionsExecuted = Lens.lens (\DetectMitigationActionsTaskStatistics' {actionsExecuted} -> actionsExecuted) (\s@DetectMitigationActionsTaskStatistics' {} a -> s {actionsExecuted = a} :: DetectMitigationActionsTaskStatistics)
+
+-- | The actions that failed.
+detectMitigationActionsTaskStatistics_actionsFailed :: Lens.Lens' DetectMitigationActionsTaskStatistics (Prelude.Maybe Prelude.Integer)
+detectMitigationActionsTaskStatistics_actionsFailed = Lens.lens (\DetectMitigationActionsTaskStatistics' {actionsFailed} -> actionsFailed) (\s@DetectMitigationActionsTaskStatistics' {} a -> s {actionsFailed = a} :: DetectMitigationActionsTaskStatistics)
+
+-- | The actions that were skipped.
+detectMitigationActionsTaskStatistics_actionsSkipped :: Lens.Lens' DetectMitigationActionsTaskStatistics (Prelude.Maybe Prelude.Integer)
+detectMitigationActionsTaskStatistics_actionsSkipped = Lens.lens (\DetectMitigationActionsTaskStatistics' {actionsSkipped} -> actionsSkipped) (\s@DetectMitigationActionsTaskStatistics' {} a -> s {actionsSkipped = a} :: DetectMitigationActionsTaskStatistics)
+
+instance
+  Data.FromJSON
+    DetectMitigationActionsTaskStatistics
+  where
+  parseJSON =
+    Data.withObject
+      "DetectMitigationActionsTaskStatistics"
+      ( \x ->
+          DetectMitigationActionsTaskStatistics'
+            Prelude.<$> (x Data..:? "actionsExecuted")
+            Prelude.<*> (x Data..:? "actionsFailed")
+            Prelude.<*> (x Data..:? "actionsSkipped")
+      )
+
+instance
+  Prelude.Hashable
+    DetectMitigationActionsTaskStatistics
+  where
+  hashWithSalt
+    _salt
+    DetectMitigationActionsTaskStatistics' {..} =
+      _salt
+        `Prelude.hashWithSalt` actionsExecuted
+        `Prelude.hashWithSalt` actionsFailed
+        `Prelude.hashWithSalt` actionsSkipped
+
+instance
+  Prelude.NFData
+    DetectMitigationActionsTaskStatistics
+  where
+  rnf DetectMitigationActionsTaskStatistics' {..} =
+    Prelude.rnf actionsExecuted
+      `Prelude.seq` Prelude.rnf actionsFailed
+      `Prelude.seq` Prelude.rnf actionsSkipped
diff --git a/gen/Amazonka/IoT/Types/DetectMitigationActionsTaskStatus.hs b/gen/Amazonka/IoT/Types/DetectMitigationActionsTaskStatus.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/DetectMitigationActionsTaskStatus.hs
@@ -0,0 +1,81 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.DetectMitigationActionsTaskStatus
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.DetectMitigationActionsTaskStatus
+  ( DetectMitigationActionsTaskStatus
+      ( ..,
+        DetectMitigationActionsTaskStatus_CANCELED,
+        DetectMitigationActionsTaskStatus_FAILED,
+        DetectMitigationActionsTaskStatus_IN_PROGRESS,
+        DetectMitigationActionsTaskStatus_SUCCESSFUL
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype DetectMitigationActionsTaskStatus = DetectMitigationActionsTaskStatus'
+  { fromDetectMitigationActionsTaskStatus ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern DetectMitigationActionsTaskStatus_CANCELED :: DetectMitigationActionsTaskStatus
+pattern DetectMitigationActionsTaskStatus_CANCELED = DetectMitigationActionsTaskStatus' "CANCELED"
+
+pattern DetectMitigationActionsTaskStatus_FAILED :: DetectMitigationActionsTaskStatus
+pattern DetectMitigationActionsTaskStatus_FAILED = DetectMitigationActionsTaskStatus' "FAILED"
+
+pattern DetectMitigationActionsTaskStatus_IN_PROGRESS :: DetectMitigationActionsTaskStatus
+pattern DetectMitigationActionsTaskStatus_IN_PROGRESS = DetectMitigationActionsTaskStatus' "IN_PROGRESS"
+
+pattern DetectMitigationActionsTaskStatus_SUCCESSFUL :: DetectMitigationActionsTaskStatus
+pattern DetectMitigationActionsTaskStatus_SUCCESSFUL = DetectMitigationActionsTaskStatus' "SUCCESSFUL"
+
+{-# COMPLETE
+  DetectMitigationActionsTaskStatus_CANCELED,
+  DetectMitigationActionsTaskStatus_FAILED,
+  DetectMitigationActionsTaskStatus_IN_PROGRESS,
+  DetectMitigationActionsTaskStatus_SUCCESSFUL,
+  DetectMitigationActionsTaskStatus'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/DetectMitigationActionsTaskSummary.hs b/gen/Amazonka/IoT/Types/DetectMitigationActionsTaskSummary.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/DetectMitigationActionsTaskSummary.hs
@@ -0,0 +1,206 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.DetectMitigationActionsTaskSummary
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.DetectMitigationActionsTaskSummary where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.DetectMitigationActionsTaskStatistics
+import Amazonka.IoT.Types.DetectMitigationActionsTaskStatus
+import Amazonka.IoT.Types.DetectMitigationActionsTaskTarget
+import Amazonka.IoT.Types.MitigationAction
+import Amazonka.IoT.Types.ViolationEventOccurrenceRange
+import qualified Amazonka.Prelude as Prelude
+
+-- | The summary of the mitigation action tasks.
+--
+-- /See:/ 'newDetectMitigationActionsTaskSummary' smart constructor.
+data DetectMitigationActionsTaskSummary = DetectMitigationActionsTaskSummary'
+  { -- | The definition of the actions.
+    actionsDefinition :: Prelude.Maybe [MitigationAction],
+    -- | Includes only active violations.
+    onlyActiveViolationsIncluded :: Prelude.Maybe Prelude.Bool,
+    -- | Includes suppressed alerts.
+    suppressedAlertsIncluded :: Prelude.Maybe Prelude.Bool,
+    -- | Specifies the ML Detect findings to which the mitigation actions are
+    -- applied.
+    target :: Prelude.Maybe DetectMitigationActionsTaskTarget,
+    -- | The date the task ended.
+    taskEndTime :: Prelude.Maybe Data.POSIX,
+    -- | The unique identifier of the task.
+    taskId :: Prelude.Maybe Prelude.Text,
+    -- | The date the task started.
+    taskStartTime :: Prelude.Maybe Data.POSIX,
+    -- | The statistics of a mitigation action task.
+    taskStatistics :: Prelude.Maybe DetectMitigationActionsTaskStatistics,
+    -- | The status of the task.
+    taskStatus :: Prelude.Maybe DetectMitigationActionsTaskStatus,
+    -- | Specifies the time period of which violation events occurred between.
+    violationEventOccurrenceRange :: Prelude.Maybe ViolationEventOccurrenceRange
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DetectMitigationActionsTaskSummary' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'actionsDefinition', 'detectMitigationActionsTaskSummary_actionsDefinition' - The definition of the actions.
+--
+-- 'onlyActiveViolationsIncluded', 'detectMitigationActionsTaskSummary_onlyActiveViolationsIncluded' - Includes only active violations.
+--
+-- 'suppressedAlertsIncluded', 'detectMitigationActionsTaskSummary_suppressedAlertsIncluded' - Includes suppressed alerts.
+--
+-- 'target', 'detectMitigationActionsTaskSummary_target' - Specifies the ML Detect findings to which the mitigation actions are
+-- applied.
+--
+-- 'taskEndTime', 'detectMitigationActionsTaskSummary_taskEndTime' - The date the task ended.
+--
+-- 'taskId', 'detectMitigationActionsTaskSummary_taskId' - The unique identifier of the task.
+--
+-- 'taskStartTime', 'detectMitigationActionsTaskSummary_taskStartTime' - The date the task started.
+--
+-- 'taskStatistics', 'detectMitigationActionsTaskSummary_taskStatistics' - The statistics of a mitigation action task.
+--
+-- 'taskStatus', 'detectMitigationActionsTaskSummary_taskStatus' - The status of the task.
+--
+-- 'violationEventOccurrenceRange', 'detectMitigationActionsTaskSummary_violationEventOccurrenceRange' - Specifies the time period of which violation events occurred between.
+newDetectMitigationActionsTaskSummary ::
+  DetectMitigationActionsTaskSummary
+newDetectMitigationActionsTaskSummary =
+  DetectMitigationActionsTaskSummary'
+    { actionsDefinition =
+        Prelude.Nothing,
+      onlyActiveViolationsIncluded =
+        Prelude.Nothing,
+      suppressedAlertsIncluded =
+        Prelude.Nothing,
+      target = Prelude.Nothing,
+      taskEndTime = Prelude.Nothing,
+      taskId = Prelude.Nothing,
+      taskStartTime = Prelude.Nothing,
+      taskStatistics = Prelude.Nothing,
+      taskStatus = Prelude.Nothing,
+      violationEventOccurrenceRange =
+        Prelude.Nothing
+    }
+
+-- | The definition of the actions.
+detectMitigationActionsTaskSummary_actionsDefinition :: Lens.Lens' DetectMitigationActionsTaskSummary (Prelude.Maybe [MitigationAction])
+detectMitigationActionsTaskSummary_actionsDefinition = Lens.lens (\DetectMitigationActionsTaskSummary' {actionsDefinition} -> actionsDefinition) (\s@DetectMitigationActionsTaskSummary' {} a -> s {actionsDefinition = a} :: DetectMitigationActionsTaskSummary) Prelude.. Lens.mapping Lens.coerced
+
+-- | Includes only active violations.
+detectMitigationActionsTaskSummary_onlyActiveViolationsIncluded :: Lens.Lens' DetectMitigationActionsTaskSummary (Prelude.Maybe Prelude.Bool)
+detectMitigationActionsTaskSummary_onlyActiveViolationsIncluded = Lens.lens (\DetectMitigationActionsTaskSummary' {onlyActiveViolationsIncluded} -> onlyActiveViolationsIncluded) (\s@DetectMitigationActionsTaskSummary' {} a -> s {onlyActiveViolationsIncluded = a} :: DetectMitigationActionsTaskSummary)
+
+-- | Includes suppressed alerts.
+detectMitigationActionsTaskSummary_suppressedAlertsIncluded :: Lens.Lens' DetectMitigationActionsTaskSummary (Prelude.Maybe Prelude.Bool)
+detectMitigationActionsTaskSummary_suppressedAlertsIncluded = Lens.lens (\DetectMitigationActionsTaskSummary' {suppressedAlertsIncluded} -> suppressedAlertsIncluded) (\s@DetectMitigationActionsTaskSummary' {} a -> s {suppressedAlertsIncluded = a} :: DetectMitigationActionsTaskSummary)
+
+-- | Specifies the ML Detect findings to which the mitigation actions are
+-- applied.
+detectMitigationActionsTaskSummary_target :: Lens.Lens' DetectMitigationActionsTaskSummary (Prelude.Maybe DetectMitigationActionsTaskTarget)
+detectMitigationActionsTaskSummary_target = Lens.lens (\DetectMitigationActionsTaskSummary' {target} -> target) (\s@DetectMitigationActionsTaskSummary' {} a -> s {target = a} :: DetectMitigationActionsTaskSummary)
+
+-- | The date the task ended.
+detectMitigationActionsTaskSummary_taskEndTime :: Lens.Lens' DetectMitigationActionsTaskSummary (Prelude.Maybe Prelude.UTCTime)
+detectMitigationActionsTaskSummary_taskEndTime = Lens.lens (\DetectMitigationActionsTaskSummary' {taskEndTime} -> taskEndTime) (\s@DetectMitigationActionsTaskSummary' {} a -> s {taskEndTime = a} :: DetectMitigationActionsTaskSummary) Prelude.. Lens.mapping Data._Time
+
+-- | The unique identifier of the task.
+detectMitigationActionsTaskSummary_taskId :: Lens.Lens' DetectMitigationActionsTaskSummary (Prelude.Maybe Prelude.Text)
+detectMitigationActionsTaskSummary_taskId = Lens.lens (\DetectMitigationActionsTaskSummary' {taskId} -> taskId) (\s@DetectMitigationActionsTaskSummary' {} a -> s {taskId = a} :: DetectMitigationActionsTaskSummary)
+
+-- | The date the task started.
+detectMitigationActionsTaskSummary_taskStartTime :: Lens.Lens' DetectMitigationActionsTaskSummary (Prelude.Maybe Prelude.UTCTime)
+detectMitigationActionsTaskSummary_taskStartTime = Lens.lens (\DetectMitigationActionsTaskSummary' {taskStartTime} -> taskStartTime) (\s@DetectMitigationActionsTaskSummary' {} a -> s {taskStartTime = a} :: DetectMitigationActionsTaskSummary) Prelude.. Lens.mapping Data._Time
+
+-- | The statistics of a mitigation action task.
+detectMitigationActionsTaskSummary_taskStatistics :: Lens.Lens' DetectMitigationActionsTaskSummary (Prelude.Maybe DetectMitigationActionsTaskStatistics)
+detectMitigationActionsTaskSummary_taskStatistics = Lens.lens (\DetectMitigationActionsTaskSummary' {taskStatistics} -> taskStatistics) (\s@DetectMitigationActionsTaskSummary' {} a -> s {taskStatistics = a} :: DetectMitigationActionsTaskSummary)
+
+-- | The status of the task.
+detectMitigationActionsTaskSummary_taskStatus :: Lens.Lens' DetectMitigationActionsTaskSummary (Prelude.Maybe DetectMitigationActionsTaskStatus)
+detectMitigationActionsTaskSummary_taskStatus = Lens.lens (\DetectMitigationActionsTaskSummary' {taskStatus} -> taskStatus) (\s@DetectMitigationActionsTaskSummary' {} a -> s {taskStatus = a} :: DetectMitigationActionsTaskSummary)
+
+-- | Specifies the time period of which violation events occurred between.
+detectMitigationActionsTaskSummary_violationEventOccurrenceRange :: Lens.Lens' DetectMitigationActionsTaskSummary (Prelude.Maybe ViolationEventOccurrenceRange)
+detectMitigationActionsTaskSummary_violationEventOccurrenceRange = Lens.lens (\DetectMitigationActionsTaskSummary' {violationEventOccurrenceRange} -> violationEventOccurrenceRange) (\s@DetectMitigationActionsTaskSummary' {} a -> s {violationEventOccurrenceRange = a} :: DetectMitigationActionsTaskSummary)
+
+instance
+  Data.FromJSON
+    DetectMitigationActionsTaskSummary
+  where
+  parseJSON =
+    Data.withObject
+      "DetectMitigationActionsTaskSummary"
+      ( \x ->
+          DetectMitigationActionsTaskSummary'
+            Prelude.<$> ( x
+                            Data..:? "actionsDefinition"
+                            Data..!= Prelude.mempty
+                        )
+            Prelude.<*> (x Data..:? "onlyActiveViolationsIncluded")
+            Prelude.<*> (x Data..:? "suppressedAlertsIncluded")
+            Prelude.<*> (x Data..:? "target")
+            Prelude.<*> (x Data..:? "taskEndTime")
+            Prelude.<*> (x Data..:? "taskId")
+            Prelude.<*> (x Data..:? "taskStartTime")
+            Prelude.<*> (x Data..:? "taskStatistics")
+            Prelude.<*> (x Data..:? "taskStatus")
+            Prelude.<*> (x Data..:? "violationEventOccurrenceRange")
+      )
+
+instance
+  Prelude.Hashable
+    DetectMitigationActionsTaskSummary
+  where
+  hashWithSalt
+    _salt
+    DetectMitigationActionsTaskSummary' {..} =
+      _salt
+        `Prelude.hashWithSalt` actionsDefinition
+        `Prelude.hashWithSalt` onlyActiveViolationsIncluded
+        `Prelude.hashWithSalt` suppressedAlertsIncluded
+        `Prelude.hashWithSalt` target
+        `Prelude.hashWithSalt` taskEndTime
+        `Prelude.hashWithSalt` taskId
+        `Prelude.hashWithSalt` taskStartTime
+        `Prelude.hashWithSalt` taskStatistics
+        `Prelude.hashWithSalt` taskStatus
+        `Prelude.hashWithSalt` violationEventOccurrenceRange
+
+instance
+  Prelude.NFData
+    DetectMitigationActionsTaskSummary
+  where
+  rnf DetectMitigationActionsTaskSummary' {..} =
+    Prelude.rnf actionsDefinition
+      `Prelude.seq` Prelude.rnf onlyActiveViolationsIncluded
+      `Prelude.seq` Prelude.rnf suppressedAlertsIncluded
+      `Prelude.seq` Prelude.rnf target
+      `Prelude.seq` Prelude.rnf taskEndTime
+      `Prelude.seq` Prelude.rnf taskId
+      `Prelude.seq` Prelude.rnf taskStartTime
+      `Prelude.seq` Prelude.rnf taskStatistics
+      `Prelude.seq` Prelude.rnf taskStatus
+      `Prelude.seq` Prelude.rnf violationEventOccurrenceRange
diff --git a/gen/Amazonka/IoT/Types/DetectMitigationActionsTaskTarget.hs b/gen/Amazonka/IoT/Types/DetectMitigationActionsTaskTarget.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/DetectMitigationActionsTaskTarget.hs
@@ -0,0 +1,122 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.DetectMitigationActionsTaskTarget
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.DetectMitigationActionsTaskTarget where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The target of a mitigation action task.
+--
+-- /See:/ 'newDetectMitigationActionsTaskTarget' smart constructor.
+data DetectMitigationActionsTaskTarget = DetectMitigationActionsTaskTarget'
+  { -- | The name of the behavior.
+    behaviorName :: Prelude.Maybe Prelude.Text,
+    -- | The name of the security profile.
+    securityProfileName :: Prelude.Maybe Prelude.Text,
+    -- | The unique identifiers of the violations.
+    violationIds :: Prelude.Maybe (Prelude.NonEmpty Prelude.Text)
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DetectMitigationActionsTaskTarget' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'behaviorName', 'detectMitigationActionsTaskTarget_behaviorName' - The name of the behavior.
+--
+-- 'securityProfileName', 'detectMitigationActionsTaskTarget_securityProfileName' - The name of the security profile.
+--
+-- 'violationIds', 'detectMitigationActionsTaskTarget_violationIds' - The unique identifiers of the violations.
+newDetectMitigationActionsTaskTarget ::
+  DetectMitigationActionsTaskTarget
+newDetectMitigationActionsTaskTarget =
+  DetectMitigationActionsTaskTarget'
+    { behaviorName =
+        Prelude.Nothing,
+      securityProfileName = Prelude.Nothing,
+      violationIds = Prelude.Nothing
+    }
+
+-- | The name of the behavior.
+detectMitigationActionsTaskTarget_behaviorName :: Lens.Lens' DetectMitigationActionsTaskTarget (Prelude.Maybe Prelude.Text)
+detectMitigationActionsTaskTarget_behaviorName = Lens.lens (\DetectMitigationActionsTaskTarget' {behaviorName} -> behaviorName) (\s@DetectMitigationActionsTaskTarget' {} a -> s {behaviorName = a} :: DetectMitigationActionsTaskTarget)
+
+-- | The name of the security profile.
+detectMitigationActionsTaskTarget_securityProfileName :: Lens.Lens' DetectMitigationActionsTaskTarget (Prelude.Maybe Prelude.Text)
+detectMitigationActionsTaskTarget_securityProfileName = Lens.lens (\DetectMitigationActionsTaskTarget' {securityProfileName} -> securityProfileName) (\s@DetectMitigationActionsTaskTarget' {} a -> s {securityProfileName = a} :: DetectMitigationActionsTaskTarget)
+
+-- | The unique identifiers of the violations.
+detectMitigationActionsTaskTarget_violationIds :: Lens.Lens' DetectMitigationActionsTaskTarget (Prelude.Maybe (Prelude.NonEmpty Prelude.Text))
+detectMitigationActionsTaskTarget_violationIds = Lens.lens (\DetectMitigationActionsTaskTarget' {violationIds} -> violationIds) (\s@DetectMitigationActionsTaskTarget' {} a -> s {violationIds = a} :: DetectMitigationActionsTaskTarget) Prelude.. Lens.mapping Lens.coerced
+
+instance
+  Data.FromJSON
+    DetectMitigationActionsTaskTarget
+  where
+  parseJSON =
+    Data.withObject
+      "DetectMitigationActionsTaskTarget"
+      ( \x ->
+          DetectMitigationActionsTaskTarget'
+            Prelude.<$> (x Data..:? "behaviorName")
+            Prelude.<*> (x Data..:? "securityProfileName")
+            Prelude.<*> (x Data..:? "violationIds")
+      )
+
+instance
+  Prelude.Hashable
+    DetectMitigationActionsTaskTarget
+  where
+  hashWithSalt
+    _salt
+    DetectMitigationActionsTaskTarget' {..} =
+      _salt
+        `Prelude.hashWithSalt` behaviorName
+        `Prelude.hashWithSalt` securityProfileName
+        `Prelude.hashWithSalt` violationIds
+
+instance
+  Prelude.NFData
+    DetectMitigationActionsTaskTarget
+  where
+  rnf DetectMitigationActionsTaskTarget' {..} =
+    Prelude.rnf behaviorName
+      `Prelude.seq` Prelude.rnf securityProfileName
+      `Prelude.seq` Prelude.rnf violationIds
+
+instance
+  Data.ToJSON
+    DetectMitigationActionsTaskTarget
+  where
+  toJSON DetectMitigationActionsTaskTarget' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("behaviorName" Data..=) Prelude.<$> behaviorName,
+            ("securityProfileName" Data..=)
+              Prelude.<$> securityProfileName,
+            ("violationIds" Data..=) Prelude.<$> violationIds
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/DeviceCertificateUpdateAction.hs b/gen/Amazonka/IoT/Types/DeviceCertificateUpdateAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/DeviceCertificateUpdateAction.hs
@@ -0,0 +1,66 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.DeviceCertificateUpdateAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.DeviceCertificateUpdateAction
+  ( DeviceCertificateUpdateAction
+      ( ..,
+        DeviceCertificateUpdateAction_DEACTIVATE
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype DeviceCertificateUpdateAction = DeviceCertificateUpdateAction'
+  { fromDeviceCertificateUpdateAction ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern DeviceCertificateUpdateAction_DEACTIVATE :: DeviceCertificateUpdateAction
+pattern DeviceCertificateUpdateAction_DEACTIVATE = DeviceCertificateUpdateAction' "DEACTIVATE"
+
+{-# COMPLETE
+  DeviceCertificateUpdateAction_DEACTIVATE,
+  DeviceCertificateUpdateAction'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/DeviceDefenderIndexingMode.hs b/gen/Amazonka/IoT/Types/DeviceDefenderIndexingMode.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/DeviceDefenderIndexingMode.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.DeviceDefenderIndexingMode
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.DeviceDefenderIndexingMode
+  ( DeviceDefenderIndexingMode
+      ( ..,
+        DeviceDefenderIndexingMode_OFF,
+        DeviceDefenderIndexingMode_VIOLATIONS
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype DeviceDefenderIndexingMode = DeviceDefenderIndexingMode'
+  { fromDeviceDefenderIndexingMode ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern DeviceDefenderIndexingMode_OFF :: DeviceDefenderIndexingMode
+pattern DeviceDefenderIndexingMode_OFF = DeviceDefenderIndexingMode' "OFF"
+
+pattern DeviceDefenderIndexingMode_VIOLATIONS :: DeviceDefenderIndexingMode
+pattern DeviceDefenderIndexingMode_VIOLATIONS = DeviceDefenderIndexingMode' "VIOLATIONS"
+
+{-# COMPLETE
+  DeviceDefenderIndexingMode_OFF,
+  DeviceDefenderIndexingMode_VIOLATIONS,
+  DeviceDefenderIndexingMode'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/DimensionType.hs b/gen/Amazonka/IoT/Types/DimensionType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/DimensionType.hs
@@ -0,0 +1,66 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.DimensionType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.DimensionType
+  ( DimensionType
+      ( ..,
+        DimensionType_TOPIC_FILTER
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype DimensionType = DimensionType'
+  { fromDimensionType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern DimensionType_TOPIC_FILTER :: DimensionType
+pattern DimensionType_TOPIC_FILTER = DimensionType' "TOPIC_FILTER"
+
+{-# COMPLETE
+  DimensionType_TOPIC_FILTER,
+  DimensionType'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/DimensionValueOperator.hs b/gen/Amazonka/IoT/Types/DimensionValueOperator.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/DimensionValueOperator.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.DimensionValueOperator
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.DimensionValueOperator
+  ( DimensionValueOperator
+      ( ..,
+        DimensionValueOperator_IN,
+        DimensionValueOperator_NOT_IN
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype DimensionValueOperator = DimensionValueOperator'
+  { fromDimensionValueOperator ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern DimensionValueOperator_IN :: DimensionValueOperator
+pattern DimensionValueOperator_IN = DimensionValueOperator' "IN"
+
+pattern DimensionValueOperator_NOT_IN :: DimensionValueOperator
+pattern DimensionValueOperator_NOT_IN = DimensionValueOperator' "NOT_IN"
+
+{-# COMPLETE
+  DimensionValueOperator_IN,
+  DimensionValueOperator_NOT_IN,
+  DimensionValueOperator'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/DocumentParameter.hs b/gen/Amazonka/IoT/Types/DocumentParameter.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/DocumentParameter.hs
@@ -0,0 +1,142 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.DocumentParameter
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.DocumentParameter where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | A map of key-value pairs containing the patterns that need to be
+-- replaced in a managed template job document schema. You can use the
+-- description of each key as a guidance to specify the inputs during
+-- runtime when creating a job.
+--
+-- @documentParameters@ can only be used when creating jobs from Amazon Web
+-- Services managed templates. This parameter can\'t be used with custom
+-- job templates or to create jobs from them.
+--
+-- /See:/ 'newDocumentParameter' smart constructor.
+data DocumentParameter = DocumentParameter'
+  { -- | Description of the map field containing the patterns that need to be
+    -- replaced in a managed template job document schema.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | An example illustrating a pattern that need to be replaced in a managed
+    -- template job document schema.
+    example :: Prelude.Maybe Prelude.Text,
+    -- | Key of the map field containing the patterns that need to be replaced in
+    -- a managed template job document schema.
+    key :: Prelude.Maybe Prelude.Text,
+    -- | Specifies whether a pattern that needs to be replaced in a managed
+    -- template job document schema is optional or required.
+    optional :: Prelude.Maybe Prelude.Bool,
+    -- | A regular expression of the patterns that need to be replaced in a
+    -- managed template job document schema.
+    regex :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DocumentParameter' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'description', 'documentParameter_description' - Description of the map field containing the patterns that need to be
+-- replaced in a managed template job document schema.
+--
+-- 'example', 'documentParameter_example' - An example illustrating a pattern that need to be replaced in a managed
+-- template job document schema.
+--
+-- 'key', 'documentParameter_key' - Key of the map field containing the patterns that need to be replaced in
+-- a managed template job document schema.
+--
+-- 'optional', 'documentParameter_optional' - Specifies whether a pattern that needs to be replaced in a managed
+-- template job document schema is optional or required.
+--
+-- 'regex', 'documentParameter_regex' - A regular expression of the patterns that need to be replaced in a
+-- managed template job document schema.
+newDocumentParameter ::
+  DocumentParameter
+newDocumentParameter =
+  DocumentParameter'
+    { description = Prelude.Nothing,
+      example = Prelude.Nothing,
+      key = Prelude.Nothing,
+      optional = Prelude.Nothing,
+      regex = Prelude.Nothing
+    }
+
+-- | Description of the map field containing the patterns that need to be
+-- replaced in a managed template job document schema.
+documentParameter_description :: Lens.Lens' DocumentParameter (Prelude.Maybe Prelude.Text)
+documentParameter_description = Lens.lens (\DocumentParameter' {description} -> description) (\s@DocumentParameter' {} a -> s {description = a} :: DocumentParameter)
+
+-- | An example illustrating a pattern that need to be replaced in a managed
+-- template job document schema.
+documentParameter_example :: Lens.Lens' DocumentParameter (Prelude.Maybe Prelude.Text)
+documentParameter_example = Lens.lens (\DocumentParameter' {example} -> example) (\s@DocumentParameter' {} a -> s {example = a} :: DocumentParameter)
+
+-- | Key of the map field containing the patterns that need to be replaced in
+-- a managed template job document schema.
+documentParameter_key :: Lens.Lens' DocumentParameter (Prelude.Maybe Prelude.Text)
+documentParameter_key = Lens.lens (\DocumentParameter' {key} -> key) (\s@DocumentParameter' {} a -> s {key = a} :: DocumentParameter)
+
+-- | Specifies whether a pattern that needs to be replaced in a managed
+-- template job document schema is optional or required.
+documentParameter_optional :: Lens.Lens' DocumentParameter (Prelude.Maybe Prelude.Bool)
+documentParameter_optional = Lens.lens (\DocumentParameter' {optional} -> optional) (\s@DocumentParameter' {} a -> s {optional = a} :: DocumentParameter)
+
+-- | A regular expression of the patterns that need to be replaced in a
+-- managed template job document schema.
+documentParameter_regex :: Lens.Lens' DocumentParameter (Prelude.Maybe Prelude.Text)
+documentParameter_regex = Lens.lens (\DocumentParameter' {regex} -> regex) (\s@DocumentParameter' {} a -> s {regex = a} :: DocumentParameter)
+
+instance Data.FromJSON DocumentParameter where
+  parseJSON =
+    Data.withObject
+      "DocumentParameter"
+      ( \x ->
+          DocumentParameter'
+            Prelude.<$> (x Data..:? "description")
+            Prelude.<*> (x Data..:? "example")
+            Prelude.<*> (x Data..:? "key")
+            Prelude.<*> (x Data..:? "optional")
+            Prelude.<*> (x Data..:? "regex")
+      )
+
+instance Prelude.Hashable DocumentParameter where
+  hashWithSalt _salt DocumentParameter' {..} =
+    _salt
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` example
+      `Prelude.hashWithSalt` key
+      `Prelude.hashWithSalt` optional
+      `Prelude.hashWithSalt` regex
+
+instance Prelude.NFData DocumentParameter where
+  rnf DocumentParameter' {..} =
+    Prelude.rnf description
+      `Prelude.seq` Prelude.rnf example
+      `Prelude.seq` Prelude.rnf key
+      `Prelude.seq` Prelude.rnf optional
+      `Prelude.seq` Prelude.rnf regex
diff --git a/gen/Amazonka/IoT/Types/DomainConfigurationStatus.hs b/gen/Amazonka/IoT/Types/DomainConfigurationStatus.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/DomainConfigurationStatus.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.DomainConfigurationStatus
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.DomainConfigurationStatus
+  ( DomainConfigurationStatus
+      ( ..,
+        DomainConfigurationStatus_DISABLED,
+        DomainConfigurationStatus_ENABLED
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype DomainConfigurationStatus = DomainConfigurationStatus'
+  { fromDomainConfigurationStatus ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern DomainConfigurationStatus_DISABLED :: DomainConfigurationStatus
+pattern DomainConfigurationStatus_DISABLED = DomainConfigurationStatus' "DISABLED"
+
+pattern DomainConfigurationStatus_ENABLED :: DomainConfigurationStatus
+pattern DomainConfigurationStatus_ENABLED = DomainConfigurationStatus' "ENABLED"
+
+{-# COMPLETE
+  DomainConfigurationStatus_DISABLED,
+  DomainConfigurationStatus_ENABLED,
+  DomainConfigurationStatus'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/DomainConfigurationSummary.hs b/gen/Amazonka/IoT/Types/DomainConfigurationSummary.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/DomainConfigurationSummary.hs
@@ -0,0 +1,111 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.DomainConfigurationSummary
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.DomainConfigurationSummary where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.ServiceType
+import qualified Amazonka.Prelude as Prelude
+
+-- | The summary of a domain configuration. A domain configuration specifies
+-- custom IoT-specific information about a domain. A domain configuration
+-- can be associated with an Amazon Web Services-managed domain (for
+-- example, dbc123defghijk.iot.us-west-2.amazonaws.com), a customer managed
+-- domain, or a default endpoint.
+--
+-- -   Data
+--
+-- -   Jobs
+--
+-- -   CredentialProvider
+--
+-- /See:/ 'newDomainConfigurationSummary' smart constructor.
+data DomainConfigurationSummary = DomainConfigurationSummary'
+  { -- | The ARN of the domain configuration.
+    domainConfigurationArn :: Prelude.Maybe Prelude.Text,
+    -- | The name of the domain configuration. This value must be unique to a
+    -- region.
+    domainConfigurationName :: Prelude.Maybe Prelude.Text,
+    -- | The type of service delivered by the endpoint.
+    serviceType :: Prelude.Maybe ServiceType
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DomainConfigurationSummary' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'domainConfigurationArn', 'domainConfigurationSummary_domainConfigurationArn' - The ARN of the domain configuration.
+--
+-- 'domainConfigurationName', 'domainConfigurationSummary_domainConfigurationName' - The name of the domain configuration. This value must be unique to a
+-- region.
+--
+-- 'serviceType', 'domainConfigurationSummary_serviceType' - The type of service delivered by the endpoint.
+newDomainConfigurationSummary ::
+  DomainConfigurationSummary
+newDomainConfigurationSummary =
+  DomainConfigurationSummary'
+    { domainConfigurationArn =
+        Prelude.Nothing,
+      domainConfigurationName = Prelude.Nothing,
+      serviceType = Prelude.Nothing
+    }
+
+-- | The ARN of the domain configuration.
+domainConfigurationSummary_domainConfigurationArn :: Lens.Lens' DomainConfigurationSummary (Prelude.Maybe Prelude.Text)
+domainConfigurationSummary_domainConfigurationArn = Lens.lens (\DomainConfigurationSummary' {domainConfigurationArn} -> domainConfigurationArn) (\s@DomainConfigurationSummary' {} a -> s {domainConfigurationArn = a} :: DomainConfigurationSummary)
+
+-- | The name of the domain configuration. This value must be unique to a
+-- region.
+domainConfigurationSummary_domainConfigurationName :: Lens.Lens' DomainConfigurationSummary (Prelude.Maybe Prelude.Text)
+domainConfigurationSummary_domainConfigurationName = Lens.lens (\DomainConfigurationSummary' {domainConfigurationName} -> domainConfigurationName) (\s@DomainConfigurationSummary' {} a -> s {domainConfigurationName = a} :: DomainConfigurationSummary)
+
+-- | The type of service delivered by the endpoint.
+domainConfigurationSummary_serviceType :: Lens.Lens' DomainConfigurationSummary (Prelude.Maybe ServiceType)
+domainConfigurationSummary_serviceType = Lens.lens (\DomainConfigurationSummary' {serviceType} -> serviceType) (\s@DomainConfigurationSummary' {} a -> s {serviceType = a} :: DomainConfigurationSummary)
+
+instance Data.FromJSON DomainConfigurationSummary where
+  parseJSON =
+    Data.withObject
+      "DomainConfigurationSummary"
+      ( \x ->
+          DomainConfigurationSummary'
+            Prelude.<$> (x Data..:? "domainConfigurationArn")
+            Prelude.<*> (x Data..:? "domainConfigurationName")
+            Prelude.<*> (x Data..:? "serviceType")
+      )
+
+instance Prelude.Hashable DomainConfigurationSummary where
+  hashWithSalt _salt DomainConfigurationSummary' {..} =
+    _salt
+      `Prelude.hashWithSalt` domainConfigurationArn
+      `Prelude.hashWithSalt` domainConfigurationName
+      `Prelude.hashWithSalt` serviceType
+
+instance Prelude.NFData DomainConfigurationSummary where
+  rnf DomainConfigurationSummary' {..} =
+    Prelude.rnf domainConfigurationArn
+      `Prelude.seq` Prelude.rnf domainConfigurationName
+      `Prelude.seq` Prelude.rnf serviceType
diff --git a/gen/Amazonka/IoT/Types/DomainType.hs b/gen/Amazonka/IoT/Types/DomainType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/DomainType.hs
@@ -0,0 +1,76 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.DomainType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.DomainType
+  ( DomainType
+      ( ..,
+        DomainType_AWS_MANAGED,
+        DomainType_CUSTOMER_MANAGED,
+        DomainType_ENDPOINT
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype DomainType = DomainType'
+  { fromDomainType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern DomainType_AWS_MANAGED :: DomainType
+pattern DomainType_AWS_MANAGED = DomainType' "AWS_MANAGED"
+
+pattern DomainType_CUSTOMER_MANAGED :: DomainType
+pattern DomainType_CUSTOMER_MANAGED = DomainType' "CUSTOMER_MANAGED"
+
+pattern DomainType_ENDPOINT :: DomainType
+pattern DomainType_ENDPOINT = DomainType' "ENDPOINT"
+
+{-# COMPLETE
+  DomainType_AWS_MANAGED,
+  DomainType_CUSTOMER_MANAGED,
+  DomainType_ENDPOINT,
+  DomainType'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/DynamicGroupStatus.hs b/gen/Amazonka/IoT/Types/DynamicGroupStatus.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/DynamicGroupStatus.hs
@@ -0,0 +1,76 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.DynamicGroupStatus
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.DynamicGroupStatus
+  ( DynamicGroupStatus
+      ( ..,
+        DynamicGroupStatus_ACTIVE,
+        DynamicGroupStatus_BUILDING,
+        DynamicGroupStatus_REBUILDING
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype DynamicGroupStatus = DynamicGroupStatus'
+  { fromDynamicGroupStatus ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern DynamicGroupStatus_ACTIVE :: DynamicGroupStatus
+pattern DynamicGroupStatus_ACTIVE = DynamicGroupStatus' "ACTIVE"
+
+pattern DynamicGroupStatus_BUILDING :: DynamicGroupStatus
+pattern DynamicGroupStatus_BUILDING = DynamicGroupStatus' "BUILDING"
+
+pattern DynamicGroupStatus_REBUILDING :: DynamicGroupStatus
+pattern DynamicGroupStatus_REBUILDING = DynamicGroupStatus' "REBUILDING"
+
+{-# COMPLETE
+  DynamicGroupStatus_ACTIVE,
+  DynamicGroupStatus_BUILDING,
+  DynamicGroupStatus_REBUILDING,
+  DynamicGroupStatus'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/DynamoDBAction.hs b/gen/Amazonka/IoT/Types/DynamoDBAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/DynamoDBAction.hs
@@ -0,0 +1,233 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.DynamoDBAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.DynamoDBAction where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.DynamoKeyType
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes an action to write to a DynamoDB table.
+--
+-- The @tableName@, @hashKeyField@, and @rangeKeyField@ values must match
+-- the values used when you created the table.
+--
+-- The @hashKeyValue@ and @rangeKeyvalue@ fields use a substitution
+-- template syntax. These templates provide data at runtime. The syntax is
+-- as follows: ${/sql-expression/}.
+--
+-- You can specify any valid expression in a WHERE or SELECT clause,
+-- including JSON properties, comparisons, calculations, and functions. For
+-- example, the following field uses the third level of the topic:
+--
+-- @\"hashKeyValue\": \"${topic(3)}\"@
+--
+-- The following field uses the timestamp:
+--
+-- @\"rangeKeyValue\": \"${timestamp()}\"@
+--
+-- /See:/ 'newDynamoDBAction' smart constructor.
+data DynamoDBAction = DynamoDBAction'
+  { -- | The hash key type. Valid values are \"STRING\" or \"NUMBER\"
+    hashKeyType :: Prelude.Maybe DynamoKeyType,
+    -- | The type of operation to be performed. This follows the substitution
+    -- template, so it can be @${operation}@, but the substitution must result
+    -- in one of the following: @INSERT@, @UPDATE@, or @DELETE@.
+    operation :: Prelude.Maybe Prelude.Text,
+    -- | The action payload. This name can be customized.
+    payloadField :: Prelude.Maybe Prelude.Text,
+    -- | The range key name.
+    rangeKeyField :: Prelude.Maybe Prelude.Text,
+    -- | The range key type. Valid values are \"STRING\" or \"NUMBER\"
+    rangeKeyType :: Prelude.Maybe DynamoKeyType,
+    -- | The range key value.
+    rangeKeyValue :: Prelude.Maybe Prelude.Text,
+    -- | The name of the DynamoDB table.
+    tableName :: Prelude.Text,
+    -- | The ARN of the IAM role that grants access to the DynamoDB table.
+    roleArn :: Prelude.Text,
+    -- | The hash key name.
+    hashKeyField :: Prelude.Text,
+    -- | The hash key value.
+    hashKeyValue :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DynamoDBAction' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'hashKeyType', 'dynamoDBAction_hashKeyType' - The hash key type. Valid values are \"STRING\" or \"NUMBER\"
+--
+-- 'operation', 'dynamoDBAction_operation' - The type of operation to be performed. This follows the substitution
+-- template, so it can be @${operation}@, but the substitution must result
+-- in one of the following: @INSERT@, @UPDATE@, or @DELETE@.
+--
+-- 'payloadField', 'dynamoDBAction_payloadField' - The action payload. This name can be customized.
+--
+-- 'rangeKeyField', 'dynamoDBAction_rangeKeyField' - The range key name.
+--
+-- 'rangeKeyType', 'dynamoDBAction_rangeKeyType' - The range key type. Valid values are \"STRING\" or \"NUMBER\"
+--
+-- 'rangeKeyValue', 'dynamoDBAction_rangeKeyValue' - The range key value.
+--
+-- 'tableName', 'dynamoDBAction_tableName' - The name of the DynamoDB table.
+--
+-- 'roleArn', 'dynamoDBAction_roleArn' - The ARN of the IAM role that grants access to the DynamoDB table.
+--
+-- 'hashKeyField', 'dynamoDBAction_hashKeyField' - The hash key name.
+--
+-- 'hashKeyValue', 'dynamoDBAction_hashKeyValue' - The hash key value.
+newDynamoDBAction ::
+  -- | 'tableName'
+  Prelude.Text ->
+  -- | 'roleArn'
+  Prelude.Text ->
+  -- | 'hashKeyField'
+  Prelude.Text ->
+  -- | 'hashKeyValue'
+  Prelude.Text ->
+  DynamoDBAction
+newDynamoDBAction
+  pTableName_
+  pRoleArn_
+  pHashKeyField_
+  pHashKeyValue_ =
+    DynamoDBAction'
+      { hashKeyType = Prelude.Nothing,
+        operation = Prelude.Nothing,
+        payloadField = Prelude.Nothing,
+        rangeKeyField = Prelude.Nothing,
+        rangeKeyType = Prelude.Nothing,
+        rangeKeyValue = Prelude.Nothing,
+        tableName = pTableName_,
+        roleArn = pRoleArn_,
+        hashKeyField = pHashKeyField_,
+        hashKeyValue = pHashKeyValue_
+      }
+
+-- | The hash key type. Valid values are \"STRING\" or \"NUMBER\"
+dynamoDBAction_hashKeyType :: Lens.Lens' DynamoDBAction (Prelude.Maybe DynamoKeyType)
+dynamoDBAction_hashKeyType = Lens.lens (\DynamoDBAction' {hashKeyType} -> hashKeyType) (\s@DynamoDBAction' {} a -> s {hashKeyType = a} :: DynamoDBAction)
+
+-- | The type of operation to be performed. This follows the substitution
+-- template, so it can be @${operation}@, but the substitution must result
+-- in one of the following: @INSERT@, @UPDATE@, or @DELETE@.
+dynamoDBAction_operation :: Lens.Lens' DynamoDBAction (Prelude.Maybe Prelude.Text)
+dynamoDBAction_operation = Lens.lens (\DynamoDBAction' {operation} -> operation) (\s@DynamoDBAction' {} a -> s {operation = a} :: DynamoDBAction)
+
+-- | The action payload. This name can be customized.
+dynamoDBAction_payloadField :: Lens.Lens' DynamoDBAction (Prelude.Maybe Prelude.Text)
+dynamoDBAction_payloadField = Lens.lens (\DynamoDBAction' {payloadField} -> payloadField) (\s@DynamoDBAction' {} a -> s {payloadField = a} :: DynamoDBAction)
+
+-- | The range key name.
+dynamoDBAction_rangeKeyField :: Lens.Lens' DynamoDBAction (Prelude.Maybe Prelude.Text)
+dynamoDBAction_rangeKeyField = Lens.lens (\DynamoDBAction' {rangeKeyField} -> rangeKeyField) (\s@DynamoDBAction' {} a -> s {rangeKeyField = a} :: DynamoDBAction)
+
+-- | The range key type. Valid values are \"STRING\" or \"NUMBER\"
+dynamoDBAction_rangeKeyType :: Lens.Lens' DynamoDBAction (Prelude.Maybe DynamoKeyType)
+dynamoDBAction_rangeKeyType = Lens.lens (\DynamoDBAction' {rangeKeyType} -> rangeKeyType) (\s@DynamoDBAction' {} a -> s {rangeKeyType = a} :: DynamoDBAction)
+
+-- | The range key value.
+dynamoDBAction_rangeKeyValue :: Lens.Lens' DynamoDBAction (Prelude.Maybe Prelude.Text)
+dynamoDBAction_rangeKeyValue = Lens.lens (\DynamoDBAction' {rangeKeyValue} -> rangeKeyValue) (\s@DynamoDBAction' {} a -> s {rangeKeyValue = a} :: DynamoDBAction)
+
+-- | The name of the DynamoDB table.
+dynamoDBAction_tableName :: Lens.Lens' DynamoDBAction Prelude.Text
+dynamoDBAction_tableName = Lens.lens (\DynamoDBAction' {tableName} -> tableName) (\s@DynamoDBAction' {} a -> s {tableName = a} :: DynamoDBAction)
+
+-- | The ARN of the IAM role that grants access to the DynamoDB table.
+dynamoDBAction_roleArn :: Lens.Lens' DynamoDBAction Prelude.Text
+dynamoDBAction_roleArn = Lens.lens (\DynamoDBAction' {roleArn} -> roleArn) (\s@DynamoDBAction' {} a -> s {roleArn = a} :: DynamoDBAction)
+
+-- | The hash key name.
+dynamoDBAction_hashKeyField :: Lens.Lens' DynamoDBAction Prelude.Text
+dynamoDBAction_hashKeyField = Lens.lens (\DynamoDBAction' {hashKeyField} -> hashKeyField) (\s@DynamoDBAction' {} a -> s {hashKeyField = a} :: DynamoDBAction)
+
+-- | The hash key value.
+dynamoDBAction_hashKeyValue :: Lens.Lens' DynamoDBAction Prelude.Text
+dynamoDBAction_hashKeyValue = Lens.lens (\DynamoDBAction' {hashKeyValue} -> hashKeyValue) (\s@DynamoDBAction' {} a -> s {hashKeyValue = a} :: DynamoDBAction)
+
+instance Data.FromJSON DynamoDBAction where
+  parseJSON =
+    Data.withObject
+      "DynamoDBAction"
+      ( \x ->
+          DynamoDBAction'
+            Prelude.<$> (x Data..:? "hashKeyType")
+            Prelude.<*> (x Data..:? "operation")
+            Prelude.<*> (x Data..:? "payloadField")
+            Prelude.<*> (x Data..:? "rangeKeyField")
+            Prelude.<*> (x Data..:? "rangeKeyType")
+            Prelude.<*> (x Data..:? "rangeKeyValue")
+            Prelude.<*> (x Data..: "tableName")
+            Prelude.<*> (x Data..: "roleArn")
+            Prelude.<*> (x Data..: "hashKeyField")
+            Prelude.<*> (x Data..: "hashKeyValue")
+      )
+
+instance Prelude.Hashable DynamoDBAction where
+  hashWithSalt _salt DynamoDBAction' {..} =
+    _salt
+      `Prelude.hashWithSalt` hashKeyType
+      `Prelude.hashWithSalt` operation
+      `Prelude.hashWithSalt` payloadField
+      `Prelude.hashWithSalt` rangeKeyField
+      `Prelude.hashWithSalt` rangeKeyType
+      `Prelude.hashWithSalt` rangeKeyValue
+      `Prelude.hashWithSalt` tableName
+      `Prelude.hashWithSalt` roleArn
+      `Prelude.hashWithSalt` hashKeyField
+      `Prelude.hashWithSalt` hashKeyValue
+
+instance Prelude.NFData DynamoDBAction where
+  rnf DynamoDBAction' {..} =
+    Prelude.rnf hashKeyType
+      `Prelude.seq` Prelude.rnf operation
+      `Prelude.seq` Prelude.rnf payloadField
+      `Prelude.seq` Prelude.rnf rangeKeyField
+      `Prelude.seq` Prelude.rnf rangeKeyType
+      `Prelude.seq` Prelude.rnf rangeKeyValue
+      `Prelude.seq` Prelude.rnf tableName
+      `Prelude.seq` Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf hashKeyField
+      `Prelude.seq` Prelude.rnf hashKeyValue
+
+instance Data.ToJSON DynamoDBAction where
+  toJSON DynamoDBAction' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("hashKeyType" Data..=) Prelude.<$> hashKeyType,
+            ("operation" Data..=) Prelude.<$> operation,
+            ("payloadField" Data..=) Prelude.<$> payloadField,
+            ("rangeKeyField" Data..=) Prelude.<$> rangeKeyField,
+            ("rangeKeyType" Data..=) Prelude.<$> rangeKeyType,
+            ("rangeKeyValue" Data..=) Prelude.<$> rangeKeyValue,
+            Prelude.Just ("tableName" Data..= tableName),
+            Prelude.Just ("roleArn" Data..= roleArn),
+            Prelude.Just ("hashKeyField" Data..= hashKeyField),
+            Prelude.Just ("hashKeyValue" Data..= hashKeyValue)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/DynamoDBv2Action.hs b/gen/Amazonka/IoT/Types/DynamoDBv2Action.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/DynamoDBv2Action.hs
@@ -0,0 +1,119 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.DynamoDBv2Action
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.DynamoDBv2Action where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.PutItemInput
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes an action to write to a DynamoDB table.
+--
+-- This DynamoDB action writes each attribute in the message payload into
+-- it\'s own column in the DynamoDB table.
+--
+-- /See:/ 'newDynamoDBv2Action' smart constructor.
+data DynamoDBv2Action = DynamoDBv2Action'
+  { -- | The ARN of the IAM role that grants access to the DynamoDB table.
+    roleArn :: Prelude.Text,
+    -- | Specifies the DynamoDB table to which the message data will be written.
+    -- For example:
+    --
+    -- @{ \"dynamoDBv2\": { \"roleArn\": \"aws:iam:12341251:my-role\" \"putItem\": { \"tableName\": \"my-table\" } } }@
+    --
+    -- Each attribute in the message payload will be written to a separate
+    -- column in the DynamoDB database.
+    putItem :: PutItemInput
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DynamoDBv2Action' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'roleArn', 'dynamoDBv2Action_roleArn' - The ARN of the IAM role that grants access to the DynamoDB table.
+--
+-- 'putItem', 'dynamoDBv2Action_putItem' - Specifies the DynamoDB table to which the message data will be written.
+-- For example:
+--
+-- @{ \"dynamoDBv2\": { \"roleArn\": \"aws:iam:12341251:my-role\" \"putItem\": { \"tableName\": \"my-table\" } } }@
+--
+-- Each attribute in the message payload will be written to a separate
+-- column in the DynamoDB database.
+newDynamoDBv2Action ::
+  -- | 'roleArn'
+  Prelude.Text ->
+  -- | 'putItem'
+  PutItemInput ->
+  DynamoDBv2Action
+newDynamoDBv2Action pRoleArn_ pPutItem_ =
+  DynamoDBv2Action'
+    { roleArn = pRoleArn_,
+      putItem = pPutItem_
+    }
+
+-- | The ARN of the IAM role that grants access to the DynamoDB table.
+dynamoDBv2Action_roleArn :: Lens.Lens' DynamoDBv2Action Prelude.Text
+dynamoDBv2Action_roleArn = Lens.lens (\DynamoDBv2Action' {roleArn} -> roleArn) (\s@DynamoDBv2Action' {} a -> s {roleArn = a} :: DynamoDBv2Action)
+
+-- | Specifies the DynamoDB table to which the message data will be written.
+-- For example:
+--
+-- @{ \"dynamoDBv2\": { \"roleArn\": \"aws:iam:12341251:my-role\" \"putItem\": { \"tableName\": \"my-table\" } } }@
+--
+-- Each attribute in the message payload will be written to a separate
+-- column in the DynamoDB database.
+dynamoDBv2Action_putItem :: Lens.Lens' DynamoDBv2Action PutItemInput
+dynamoDBv2Action_putItem = Lens.lens (\DynamoDBv2Action' {putItem} -> putItem) (\s@DynamoDBv2Action' {} a -> s {putItem = a} :: DynamoDBv2Action)
+
+instance Data.FromJSON DynamoDBv2Action where
+  parseJSON =
+    Data.withObject
+      "DynamoDBv2Action"
+      ( \x ->
+          DynamoDBv2Action'
+            Prelude.<$> (x Data..: "roleArn")
+            Prelude.<*> (x Data..: "putItem")
+      )
+
+instance Prelude.Hashable DynamoDBv2Action where
+  hashWithSalt _salt DynamoDBv2Action' {..} =
+    _salt
+      `Prelude.hashWithSalt` roleArn
+      `Prelude.hashWithSalt` putItem
+
+instance Prelude.NFData DynamoDBv2Action where
+  rnf DynamoDBv2Action' {..} =
+    Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf putItem
+
+instance Data.ToJSON DynamoDBv2Action where
+  toJSON DynamoDBv2Action' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("roleArn" Data..= roleArn),
+            Prelude.Just ("putItem" Data..= putItem)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/DynamoKeyType.hs b/gen/Amazonka/IoT/Types/DynamoKeyType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/DynamoKeyType.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.DynamoKeyType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.DynamoKeyType
+  ( DynamoKeyType
+      ( ..,
+        DynamoKeyType_NUMBER,
+        DynamoKeyType_STRING
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype DynamoKeyType = DynamoKeyType'
+  { fromDynamoKeyType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern DynamoKeyType_NUMBER :: DynamoKeyType
+pattern DynamoKeyType_NUMBER = DynamoKeyType' "NUMBER"
+
+pattern DynamoKeyType_STRING :: DynamoKeyType
+pattern DynamoKeyType_STRING = DynamoKeyType' "STRING"
+
+{-# COMPLETE
+  DynamoKeyType_NUMBER,
+  DynamoKeyType_STRING,
+  DynamoKeyType'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/EffectivePolicy.hs b/gen/Amazonka/IoT/Types/EffectivePolicy.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/EffectivePolicy.hs
@@ -0,0 +1,96 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.EffectivePolicy
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.EffectivePolicy where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The policy that has the effect on the authorization results.
+--
+-- /See:/ 'newEffectivePolicy' smart constructor.
+data EffectivePolicy = EffectivePolicy'
+  { -- | The policy ARN.
+    policyArn :: Prelude.Maybe Prelude.Text,
+    -- | The IAM policy document.
+    policyDocument :: Prelude.Maybe Prelude.Text,
+    -- | The policy name.
+    policyName :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'EffectivePolicy' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'policyArn', 'effectivePolicy_policyArn' - The policy ARN.
+--
+-- 'policyDocument', 'effectivePolicy_policyDocument' - The IAM policy document.
+--
+-- 'policyName', 'effectivePolicy_policyName' - The policy name.
+newEffectivePolicy ::
+  EffectivePolicy
+newEffectivePolicy =
+  EffectivePolicy'
+    { policyArn = Prelude.Nothing,
+      policyDocument = Prelude.Nothing,
+      policyName = Prelude.Nothing
+    }
+
+-- | The policy ARN.
+effectivePolicy_policyArn :: Lens.Lens' EffectivePolicy (Prelude.Maybe Prelude.Text)
+effectivePolicy_policyArn = Lens.lens (\EffectivePolicy' {policyArn} -> policyArn) (\s@EffectivePolicy' {} a -> s {policyArn = a} :: EffectivePolicy)
+
+-- | The IAM policy document.
+effectivePolicy_policyDocument :: Lens.Lens' EffectivePolicy (Prelude.Maybe Prelude.Text)
+effectivePolicy_policyDocument = Lens.lens (\EffectivePolicy' {policyDocument} -> policyDocument) (\s@EffectivePolicy' {} a -> s {policyDocument = a} :: EffectivePolicy)
+
+-- | The policy name.
+effectivePolicy_policyName :: Lens.Lens' EffectivePolicy (Prelude.Maybe Prelude.Text)
+effectivePolicy_policyName = Lens.lens (\EffectivePolicy' {policyName} -> policyName) (\s@EffectivePolicy' {} a -> s {policyName = a} :: EffectivePolicy)
+
+instance Data.FromJSON EffectivePolicy where
+  parseJSON =
+    Data.withObject
+      "EffectivePolicy"
+      ( \x ->
+          EffectivePolicy'
+            Prelude.<$> (x Data..:? "policyArn")
+            Prelude.<*> (x Data..:? "policyDocument")
+            Prelude.<*> (x Data..:? "policyName")
+      )
+
+instance Prelude.Hashable EffectivePolicy where
+  hashWithSalt _salt EffectivePolicy' {..} =
+    _salt
+      `Prelude.hashWithSalt` policyArn
+      `Prelude.hashWithSalt` policyDocument
+      `Prelude.hashWithSalt` policyName
+
+instance Prelude.NFData EffectivePolicy where
+  rnf EffectivePolicy' {..} =
+    Prelude.rnf policyArn
+      `Prelude.seq` Prelude.rnf policyDocument
+      `Prelude.seq` Prelude.rnf policyName
diff --git a/gen/Amazonka/IoT/Types/ElasticsearchAction.hs b/gen/Amazonka/IoT/Types/ElasticsearchAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ElasticsearchAction.hs
@@ -0,0 +1,153 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ElasticsearchAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ElasticsearchAction where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes an action that writes data to an Amazon OpenSearch Service
+-- domain.
+--
+-- The @Elasticsearch@ action can only be used by existing rule actions. To
+-- create a new rule action or to update an existing rule action, use the
+-- @OpenSearch@ rule action instead. For more information, see
+-- <https://docs.aws.amazon.com/iot/latest/apireference/API_OpenSearchAction.html OpenSearchAction>.
+--
+-- /See:/ 'newElasticsearchAction' smart constructor.
+data ElasticsearchAction = ElasticsearchAction'
+  { -- | The IAM role ARN that has access to OpenSearch.
+    roleArn :: Prelude.Text,
+    -- | The endpoint of your OpenSearch domain.
+    endpoint :: Prelude.Text,
+    -- | The index where you want to store your data.
+    index :: Prelude.Text,
+    -- | The type of document you are storing.
+    type' :: Prelude.Text,
+    -- | The unique identifier for the document you are storing.
+    id :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ElasticsearchAction' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'roleArn', 'elasticsearchAction_roleArn' - The IAM role ARN that has access to OpenSearch.
+--
+-- 'endpoint', 'elasticsearchAction_endpoint' - The endpoint of your OpenSearch domain.
+--
+-- 'index', 'elasticsearchAction_index' - The index where you want to store your data.
+--
+-- 'type'', 'elasticsearchAction_type' - The type of document you are storing.
+--
+-- 'id', 'elasticsearchAction_id' - The unique identifier for the document you are storing.
+newElasticsearchAction ::
+  -- | 'roleArn'
+  Prelude.Text ->
+  -- | 'endpoint'
+  Prelude.Text ->
+  -- | 'index'
+  Prelude.Text ->
+  -- | 'type''
+  Prelude.Text ->
+  -- | 'id'
+  Prelude.Text ->
+  ElasticsearchAction
+newElasticsearchAction
+  pRoleArn_
+  pEndpoint_
+  pIndex_
+  pType_
+  pId_ =
+    ElasticsearchAction'
+      { roleArn = pRoleArn_,
+        endpoint = pEndpoint_,
+        index = pIndex_,
+        type' = pType_,
+        id = pId_
+      }
+
+-- | The IAM role ARN that has access to OpenSearch.
+elasticsearchAction_roleArn :: Lens.Lens' ElasticsearchAction Prelude.Text
+elasticsearchAction_roleArn = Lens.lens (\ElasticsearchAction' {roleArn} -> roleArn) (\s@ElasticsearchAction' {} a -> s {roleArn = a} :: ElasticsearchAction)
+
+-- | The endpoint of your OpenSearch domain.
+elasticsearchAction_endpoint :: Lens.Lens' ElasticsearchAction Prelude.Text
+elasticsearchAction_endpoint = Lens.lens (\ElasticsearchAction' {endpoint} -> endpoint) (\s@ElasticsearchAction' {} a -> s {endpoint = a} :: ElasticsearchAction)
+
+-- | The index where you want to store your data.
+elasticsearchAction_index :: Lens.Lens' ElasticsearchAction Prelude.Text
+elasticsearchAction_index = Lens.lens (\ElasticsearchAction' {index} -> index) (\s@ElasticsearchAction' {} a -> s {index = a} :: ElasticsearchAction)
+
+-- | The type of document you are storing.
+elasticsearchAction_type :: Lens.Lens' ElasticsearchAction Prelude.Text
+elasticsearchAction_type = Lens.lens (\ElasticsearchAction' {type'} -> type') (\s@ElasticsearchAction' {} a -> s {type' = a} :: ElasticsearchAction)
+
+-- | The unique identifier for the document you are storing.
+elasticsearchAction_id :: Lens.Lens' ElasticsearchAction Prelude.Text
+elasticsearchAction_id = Lens.lens (\ElasticsearchAction' {id} -> id) (\s@ElasticsearchAction' {} a -> s {id = a} :: ElasticsearchAction)
+
+instance Data.FromJSON ElasticsearchAction where
+  parseJSON =
+    Data.withObject
+      "ElasticsearchAction"
+      ( \x ->
+          ElasticsearchAction'
+            Prelude.<$> (x Data..: "roleArn")
+            Prelude.<*> (x Data..: "endpoint")
+            Prelude.<*> (x Data..: "index")
+            Prelude.<*> (x Data..: "type")
+            Prelude.<*> (x Data..: "id")
+      )
+
+instance Prelude.Hashable ElasticsearchAction where
+  hashWithSalt _salt ElasticsearchAction' {..} =
+    _salt
+      `Prelude.hashWithSalt` roleArn
+      `Prelude.hashWithSalt` endpoint
+      `Prelude.hashWithSalt` index
+      `Prelude.hashWithSalt` type'
+      `Prelude.hashWithSalt` id
+
+instance Prelude.NFData ElasticsearchAction where
+  rnf ElasticsearchAction' {..} =
+    Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf endpoint
+      `Prelude.seq` Prelude.rnf index
+      `Prelude.seq` Prelude.rnf type'
+      `Prelude.seq` Prelude.rnf id
+
+instance Data.ToJSON ElasticsearchAction where
+  toJSON ElasticsearchAction' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("roleArn" Data..= roleArn),
+            Prelude.Just ("endpoint" Data..= endpoint),
+            Prelude.Just ("index" Data..= index),
+            Prelude.Just ("type" Data..= type'),
+            Prelude.Just ("id" Data..= id)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/EnableIoTLoggingParams.hs b/gen/Amazonka/IoT/Types/EnableIoTLoggingParams.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/EnableIoTLoggingParams.hs
@@ -0,0 +1,103 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.EnableIoTLoggingParams
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.EnableIoTLoggingParams where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.LogLevel
+import qualified Amazonka.Prelude as Prelude
+
+-- | Parameters used when defining a mitigation action that enable Amazon Web
+-- Services IoT Core logging.
+--
+-- /See:/ 'newEnableIoTLoggingParams' smart constructor.
+data EnableIoTLoggingParams = EnableIoTLoggingParams'
+  { -- | The Amazon Resource Name (ARN) of the IAM role used for logging.
+    roleArnForLogging :: Prelude.Text,
+    -- | Specifies the type of information to be logged.
+    logLevel :: LogLevel
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'EnableIoTLoggingParams' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'roleArnForLogging', 'enableIoTLoggingParams_roleArnForLogging' - The Amazon Resource Name (ARN) of the IAM role used for logging.
+--
+-- 'logLevel', 'enableIoTLoggingParams_logLevel' - Specifies the type of information to be logged.
+newEnableIoTLoggingParams ::
+  -- | 'roleArnForLogging'
+  Prelude.Text ->
+  -- | 'logLevel'
+  LogLevel ->
+  EnableIoTLoggingParams
+newEnableIoTLoggingParams
+  pRoleArnForLogging_
+  pLogLevel_ =
+    EnableIoTLoggingParams'
+      { roleArnForLogging =
+          pRoleArnForLogging_,
+        logLevel = pLogLevel_
+      }
+
+-- | The Amazon Resource Name (ARN) of the IAM role used for logging.
+enableIoTLoggingParams_roleArnForLogging :: Lens.Lens' EnableIoTLoggingParams Prelude.Text
+enableIoTLoggingParams_roleArnForLogging = Lens.lens (\EnableIoTLoggingParams' {roleArnForLogging} -> roleArnForLogging) (\s@EnableIoTLoggingParams' {} a -> s {roleArnForLogging = a} :: EnableIoTLoggingParams)
+
+-- | Specifies the type of information to be logged.
+enableIoTLoggingParams_logLevel :: Lens.Lens' EnableIoTLoggingParams LogLevel
+enableIoTLoggingParams_logLevel = Lens.lens (\EnableIoTLoggingParams' {logLevel} -> logLevel) (\s@EnableIoTLoggingParams' {} a -> s {logLevel = a} :: EnableIoTLoggingParams)
+
+instance Data.FromJSON EnableIoTLoggingParams where
+  parseJSON =
+    Data.withObject
+      "EnableIoTLoggingParams"
+      ( \x ->
+          EnableIoTLoggingParams'
+            Prelude.<$> (x Data..: "roleArnForLogging")
+            Prelude.<*> (x Data..: "logLevel")
+      )
+
+instance Prelude.Hashable EnableIoTLoggingParams where
+  hashWithSalt _salt EnableIoTLoggingParams' {..} =
+    _salt
+      `Prelude.hashWithSalt` roleArnForLogging
+      `Prelude.hashWithSalt` logLevel
+
+instance Prelude.NFData EnableIoTLoggingParams where
+  rnf EnableIoTLoggingParams' {..} =
+    Prelude.rnf roleArnForLogging
+      `Prelude.seq` Prelude.rnf logLevel
+
+instance Data.ToJSON EnableIoTLoggingParams where
+  toJSON EnableIoTLoggingParams' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just
+              ("roleArnForLogging" Data..= roleArnForLogging),
+            Prelude.Just ("logLevel" Data..= logLevel)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/ErrorInfo.hs b/gen/Amazonka/IoT/Types/ErrorInfo.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ErrorInfo.hs
@@ -0,0 +1,83 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ErrorInfo
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ErrorInfo where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Error information.
+--
+-- /See:/ 'newErrorInfo' smart constructor.
+data ErrorInfo = ErrorInfo'
+  { -- | The error code.
+    code :: Prelude.Maybe Prelude.Text,
+    -- | The error message.
+    message :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ErrorInfo' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'code', 'errorInfo_code' - The error code.
+--
+-- 'message', 'errorInfo_message' - The error message.
+newErrorInfo ::
+  ErrorInfo
+newErrorInfo =
+  ErrorInfo'
+    { code = Prelude.Nothing,
+      message = Prelude.Nothing
+    }
+
+-- | The error code.
+errorInfo_code :: Lens.Lens' ErrorInfo (Prelude.Maybe Prelude.Text)
+errorInfo_code = Lens.lens (\ErrorInfo' {code} -> code) (\s@ErrorInfo' {} a -> s {code = a} :: ErrorInfo)
+
+-- | The error message.
+errorInfo_message :: Lens.Lens' ErrorInfo (Prelude.Maybe Prelude.Text)
+errorInfo_message = Lens.lens (\ErrorInfo' {message} -> message) (\s@ErrorInfo' {} a -> s {message = a} :: ErrorInfo)
+
+instance Data.FromJSON ErrorInfo where
+  parseJSON =
+    Data.withObject
+      "ErrorInfo"
+      ( \x ->
+          ErrorInfo'
+            Prelude.<$> (x Data..:? "code")
+            Prelude.<*> (x Data..:? "message")
+      )
+
+instance Prelude.Hashable ErrorInfo where
+  hashWithSalt _salt ErrorInfo' {..} =
+    _salt
+      `Prelude.hashWithSalt` code
+      `Prelude.hashWithSalt` message
+
+instance Prelude.NFData ErrorInfo where
+  rnf ErrorInfo' {..} =
+    Prelude.rnf code `Prelude.seq` Prelude.rnf message
diff --git a/gen/Amazonka/IoT/Types/EventType.hs b/gen/Amazonka/IoT/Types/EventType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/EventType.hs
@@ -0,0 +1,116 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.EventType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.EventType
+  ( EventType
+      ( ..,
+        EventType_CA_CERTIFICATE,
+        EventType_CERTIFICATE,
+        EventType_JOB,
+        EventType_JOB_EXECUTION,
+        EventType_POLICY,
+        EventType_THING,
+        EventType_THING_GROUP,
+        EventType_THING_GROUP_HIERARCHY,
+        EventType_THING_GROUP_MEMBERSHIP,
+        EventType_THING_TYPE,
+        EventType_THING_TYPE_ASSOCIATION
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype EventType = EventType'
+  { fromEventType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern EventType_CA_CERTIFICATE :: EventType
+pattern EventType_CA_CERTIFICATE = EventType' "CA_CERTIFICATE"
+
+pattern EventType_CERTIFICATE :: EventType
+pattern EventType_CERTIFICATE = EventType' "CERTIFICATE"
+
+pattern EventType_JOB :: EventType
+pattern EventType_JOB = EventType' "JOB"
+
+pattern EventType_JOB_EXECUTION :: EventType
+pattern EventType_JOB_EXECUTION = EventType' "JOB_EXECUTION"
+
+pattern EventType_POLICY :: EventType
+pattern EventType_POLICY = EventType' "POLICY"
+
+pattern EventType_THING :: EventType
+pattern EventType_THING = EventType' "THING"
+
+pattern EventType_THING_GROUP :: EventType
+pattern EventType_THING_GROUP = EventType' "THING_GROUP"
+
+pattern EventType_THING_GROUP_HIERARCHY :: EventType
+pattern EventType_THING_GROUP_HIERARCHY = EventType' "THING_GROUP_HIERARCHY"
+
+pattern EventType_THING_GROUP_MEMBERSHIP :: EventType
+pattern EventType_THING_GROUP_MEMBERSHIP = EventType' "THING_GROUP_MEMBERSHIP"
+
+pattern EventType_THING_TYPE :: EventType
+pattern EventType_THING_TYPE = EventType' "THING_TYPE"
+
+pattern EventType_THING_TYPE_ASSOCIATION :: EventType
+pattern EventType_THING_TYPE_ASSOCIATION = EventType' "THING_TYPE_ASSOCIATION"
+
+{-# COMPLETE
+  EventType_CA_CERTIFICATE,
+  EventType_CERTIFICATE,
+  EventType_JOB,
+  EventType_JOB_EXECUTION,
+  EventType_POLICY,
+  EventType_THING,
+  EventType_THING_GROUP,
+  EventType_THING_GROUP_HIERARCHY,
+  EventType_THING_GROUP_MEMBERSHIP,
+  EventType_THING_TYPE,
+  EventType_THING_TYPE_ASSOCIATION,
+  EventType'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/ExplicitDeny.hs b/gen/Amazonka/IoT/Types/ExplicitDeny.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ExplicitDeny.hs
@@ -0,0 +1,69 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ExplicitDeny
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ExplicitDeny where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.Policy
+import qualified Amazonka.Prelude as Prelude
+
+-- | Information that explicitly denies authorization.
+--
+-- /See:/ 'newExplicitDeny' smart constructor.
+data ExplicitDeny = ExplicitDeny'
+  { -- | The policies that denied the authorization.
+    policies :: Prelude.Maybe [Policy]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ExplicitDeny' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'policies', 'explicitDeny_policies' - The policies that denied the authorization.
+newExplicitDeny ::
+  ExplicitDeny
+newExplicitDeny =
+  ExplicitDeny' {policies = Prelude.Nothing}
+
+-- | The policies that denied the authorization.
+explicitDeny_policies :: Lens.Lens' ExplicitDeny (Prelude.Maybe [Policy])
+explicitDeny_policies = Lens.lens (\ExplicitDeny' {policies} -> policies) (\s@ExplicitDeny' {} a -> s {policies = a} :: ExplicitDeny) Prelude.. Lens.mapping Lens.coerced
+
+instance Data.FromJSON ExplicitDeny where
+  parseJSON =
+    Data.withObject
+      "ExplicitDeny"
+      ( \x ->
+          ExplicitDeny'
+            Prelude.<$> (x Data..:? "policies" Data..!= Prelude.mempty)
+      )
+
+instance Prelude.Hashable ExplicitDeny where
+  hashWithSalt _salt ExplicitDeny' {..} =
+    _salt `Prelude.hashWithSalt` policies
+
+instance Prelude.NFData ExplicitDeny where
+  rnf ExplicitDeny' {..} = Prelude.rnf policies
diff --git a/gen/Amazonka/IoT/Types/ExponentialRolloutRate.hs b/gen/Amazonka/IoT/Types/ExponentialRolloutRate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ExponentialRolloutRate.hs
@@ -0,0 +1,137 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ExponentialRolloutRate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ExponentialRolloutRate where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.RateIncreaseCriteria
+import qualified Amazonka.Prelude as Prelude
+
+-- | Allows you to create an exponential rate of rollout for a job.
+--
+-- /See:/ 'newExponentialRolloutRate' smart constructor.
+data ExponentialRolloutRate = ExponentialRolloutRate'
+  { -- | The minimum number of things that will be notified of a pending job, per
+    -- minute at the start of job rollout. This parameter allows you to define
+    -- the initial rate of rollout.
+    baseRatePerMinute :: Prelude.Natural,
+    -- | The exponential factor to increase the rate of rollout for a job.
+    --
+    -- Amazon Web Services IoT Core supports up to one digit after the decimal
+    -- (for example, 1.5, but not 1.55).
+    incrementFactor :: Prelude.Double,
+    -- | The criteria to initiate the increase in rate of rollout for a job.
+    rateIncreaseCriteria :: RateIncreaseCriteria
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ExponentialRolloutRate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'baseRatePerMinute', 'exponentialRolloutRate_baseRatePerMinute' - The minimum number of things that will be notified of a pending job, per
+-- minute at the start of job rollout. This parameter allows you to define
+-- the initial rate of rollout.
+--
+-- 'incrementFactor', 'exponentialRolloutRate_incrementFactor' - The exponential factor to increase the rate of rollout for a job.
+--
+-- Amazon Web Services IoT Core supports up to one digit after the decimal
+-- (for example, 1.5, but not 1.55).
+--
+-- 'rateIncreaseCriteria', 'exponentialRolloutRate_rateIncreaseCriteria' - The criteria to initiate the increase in rate of rollout for a job.
+newExponentialRolloutRate ::
+  -- | 'baseRatePerMinute'
+  Prelude.Natural ->
+  -- | 'incrementFactor'
+  Prelude.Double ->
+  -- | 'rateIncreaseCriteria'
+  RateIncreaseCriteria ->
+  ExponentialRolloutRate
+newExponentialRolloutRate
+  pBaseRatePerMinute_
+  pIncrementFactor_
+  pRateIncreaseCriteria_ =
+    ExponentialRolloutRate'
+      { baseRatePerMinute =
+          pBaseRatePerMinute_,
+        incrementFactor = pIncrementFactor_,
+        rateIncreaseCriteria = pRateIncreaseCriteria_
+      }
+
+-- | The minimum number of things that will be notified of a pending job, per
+-- minute at the start of job rollout. This parameter allows you to define
+-- the initial rate of rollout.
+exponentialRolloutRate_baseRatePerMinute :: Lens.Lens' ExponentialRolloutRate Prelude.Natural
+exponentialRolloutRate_baseRatePerMinute = Lens.lens (\ExponentialRolloutRate' {baseRatePerMinute} -> baseRatePerMinute) (\s@ExponentialRolloutRate' {} a -> s {baseRatePerMinute = a} :: ExponentialRolloutRate)
+
+-- | The exponential factor to increase the rate of rollout for a job.
+--
+-- Amazon Web Services IoT Core supports up to one digit after the decimal
+-- (for example, 1.5, but not 1.55).
+exponentialRolloutRate_incrementFactor :: Lens.Lens' ExponentialRolloutRate Prelude.Double
+exponentialRolloutRate_incrementFactor = Lens.lens (\ExponentialRolloutRate' {incrementFactor} -> incrementFactor) (\s@ExponentialRolloutRate' {} a -> s {incrementFactor = a} :: ExponentialRolloutRate)
+
+-- | The criteria to initiate the increase in rate of rollout for a job.
+exponentialRolloutRate_rateIncreaseCriteria :: Lens.Lens' ExponentialRolloutRate RateIncreaseCriteria
+exponentialRolloutRate_rateIncreaseCriteria = Lens.lens (\ExponentialRolloutRate' {rateIncreaseCriteria} -> rateIncreaseCriteria) (\s@ExponentialRolloutRate' {} a -> s {rateIncreaseCriteria = a} :: ExponentialRolloutRate)
+
+instance Data.FromJSON ExponentialRolloutRate where
+  parseJSON =
+    Data.withObject
+      "ExponentialRolloutRate"
+      ( \x ->
+          ExponentialRolloutRate'
+            Prelude.<$> (x Data..: "baseRatePerMinute")
+            Prelude.<*> (x Data..: "incrementFactor")
+            Prelude.<*> (x Data..: "rateIncreaseCriteria")
+      )
+
+instance Prelude.Hashable ExponentialRolloutRate where
+  hashWithSalt _salt ExponentialRolloutRate' {..} =
+    _salt
+      `Prelude.hashWithSalt` baseRatePerMinute
+      `Prelude.hashWithSalt` incrementFactor
+      `Prelude.hashWithSalt` rateIncreaseCriteria
+
+instance Prelude.NFData ExponentialRolloutRate where
+  rnf ExponentialRolloutRate' {..} =
+    Prelude.rnf baseRatePerMinute
+      `Prelude.seq` Prelude.rnf incrementFactor
+      `Prelude.seq` Prelude.rnf rateIncreaseCriteria
+
+instance Data.ToJSON ExponentialRolloutRate where
+  toJSON ExponentialRolloutRate' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just
+              ("baseRatePerMinute" Data..= baseRatePerMinute),
+            Prelude.Just
+              ("incrementFactor" Data..= incrementFactor),
+            Prelude.Just
+              ( "rateIncreaseCriteria"
+                  Data..= rateIncreaseCriteria
+              )
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/Field.hs b/gen/Amazonka/IoT/Types/Field.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/Field.hs
@@ -0,0 +1,93 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.Field
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.Field where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.FieldType
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes the name and data type at a field.
+--
+-- /See:/ 'newField' smart constructor.
+data Field = Field'
+  { -- | The name of the field.
+    name :: Prelude.Maybe Prelude.Text,
+    -- | The data type of the field.
+    type' :: Prelude.Maybe FieldType
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'Field' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'name', 'field_name' - The name of the field.
+--
+-- 'type'', 'field_type' - The data type of the field.
+newField ::
+  Field
+newField =
+  Field'
+    { name = Prelude.Nothing,
+      type' = Prelude.Nothing
+    }
+
+-- | The name of the field.
+field_name :: Lens.Lens' Field (Prelude.Maybe Prelude.Text)
+field_name = Lens.lens (\Field' {name} -> name) (\s@Field' {} a -> s {name = a} :: Field)
+
+-- | The data type of the field.
+field_type :: Lens.Lens' Field (Prelude.Maybe FieldType)
+field_type = Lens.lens (\Field' {type'} -> type') (\s@Field' {} a -> s {type' = a} :: Field)
+
+instance Data.FromJSON Field where
+  parseJSON =
+    Data.withObject
+      "Field"
+      ( \x ->
+          Field'
+            Prelude.<$> (x Data..:? "name")
+            Prelude.<*> (x Data..:? "type")
+      )
+
+instance Prelude.Hashable Field where
+  hashWithSalt _salt Field' {..} =
+    _salt
+      `Prelude.hashWithSalt` name
+      `Prelude.hashWithSalt` type'
+
+instance Prelude.NFData Field where
+  rnf Field' {..} =
+    Prelude.rnf name `Prelude.seq` Prelude.rnf type'
+
+instance Data.ToJSON Field where
+  toJSON Field' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("name" Data..=) Prelude.<$> name,
+            ("type" Data..=) Prelude.<$> type'
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/FieldType.hs b/gen/Amazonka/IoT/Types/FieldType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/FieldType.hs
@@ -0,0 +1,76 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.FieldType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.FieldType
+  ( FieldType
+      ( ..,
+        FieldType_Boolean,
+        FieldType_Number,
+        FieldType_String
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype FieldType = FieldType'
+  { fromFieldType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern FieldType_Boolean :: FieldType
+pattern FieldType_Boolean = FieldType' "Boolean"
+
+pattern FieldType_Number :: FieldType
+pattern FieldType_Number = FieldType' "Number"
+
+pattern FieldType_String :: FieldType
+pattern FieldType_String = FieldType' "String"
+
+{-# COMPLETE
+  FieldType_Boolean,
+  FieldType_Number,
+  FieldType_String,
+  FieldType'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/FileLocation.hs b/gen/Amazonka/IoT/Types/FileLocation.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/FileLocation.hs
@@ -0,0 +1,95 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.FileLocation
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.FileLocation where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.S3Location
+import Amazonka.IoT.Types.Stream
+import qualified Amazonka.Prelude as Prelude
+
+-- | The location of the OTA update.
+--
+-- /See:/ 'newFileLocation' smart constructor.
+data FileLocation = FileLocation'
+  { -- | The location of the updated firmware in S3.
+    s3Location :: Prelude.Maybe S3Location,
+    -- | The stream that contains the OTA update.
+    stream :: Prelude.Maybe Stream
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'FileLocation' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 's3Location', 'fileLocation_s3Location' - The location of the updated firmware in S3.
+--
+-- 'stream', 'fileLocation_stream' - The stream that contains the OTA update.
+newFileLocation ::
+  FileLocation
+newFileLocation =
+  FileLocation'
+    { s3Location = Prelude.Nothing,
+      stream = Prelude.Nothing
+    }
+
+-- | The location of the updated firmware in S3.
+fileLocation_s3Location :: Lens.Lens' FileLocation (Prelude.Maybe S3Location)
+fileLocation_s3Location = Lens.lens (\FileLocation' {s3Location} -> s3Location) (\s@FileLocation' {} a -> s {s3Location = a} :: FileLocation)
+
+-- | The stream that contains the OTA update.
+fileLocation_stream :: Lens.Lens' FileLocation (Prelude.Maybe Stream)
+fileLocation_stream = Lens.lens (\FileLocation' {stream} -> stream) (\s@FileLocation' {} a -> s {stream = a} :: FileLocation)
+
+instance Data.FromJSON FileLocation where
+  parseJSON =
+    Data.withObject
+      "FileLocation"
+      ( \x ->
+          FileLocation'
+            Prelude.<$> (x Data..:? "s3Location")
+            Prelude.<*> (x Data..:? "stream")
+      )
+
+instance Prelude.Hashable FileLocation where
+  hashWithSalt _salt FileLocation' {..} =
+    _salt
+      `Prelude.hashWithSalt` s3Location
+      `Prelude.hashWithSalt` stream
+
+instance Prelude.NFData FileLocation where
+  rnf FileLocation' {..} =
+    Prelude.rnf s3Location
+      `Prelude.seq` Prelude.rnf stream
+
+instance Data.ToJSON FileLocation where
+  toJSON FileLocation' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("s3Location" Data..=) Prelude.<$> s3Location,
+            ("stream" Data..=) Prelude.<$> stream
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/FirehoseAction.hs b/gen/Amazonka/IoT/Types/FirehoseAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/FirehoseAction.hs
@@ -0,0 +1,152 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.FirehoseAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.FirehoseAction where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes an action that writes data to an Amazon Kinesis Firehose
+-- stream.
+--
+-- /See:/ 'newFirehoseAction' smart constructor.
+data FirehoseAction = FirehoseAction'
+  { -- | Whether to deliver the Kinesis Data Firehose stream as a batch by using
+    -- <https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html PutRecordBatch>
+    -- . The default value is @false@.
+    --
+    -- When @batchMode@ is @true@ and the rule\'s SQL statement evaluates to an
+    -- Array, each Array element forms one record in the
+    -- <https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html PutRecordBatch>
+    -- request. The resulting array can\'t have more than 500 records.
+    batchMode :: Prelude.Maybe Prelude.Bool,
+    -- | A character separator that will be used to separate records written to
+    -- the Firehose stream. Valid values are: \'\\n\' (newline), \'\\t\' (tab),
+    -- \'\\r\\n\' (Windows newline), \',\' (comma).
+    separator :: Prelude.Maybe Prelude.Text,
+    -- | The IAM role that grants access to the Amazon Kinesis Firehose stream.
+    roleArn :: Prelude.Text,
+    -- | The delivery stream name.
+    deliveryStreamName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'FirehoseAction' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'batchMode', 'firehoseAction_batchMode' - Whether to deliver the Kinesis Data Firehose stream as a batch by using
+-- <https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html PutRecordBatch>
+-- . The default value is @false@.
+--
+-- When @batchMode@ is @true@ and the rule\'s SQL statement evaluates to an
+-- Array, each Array element forms one record in the
+-- <https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html PutRecordBatch>
+-- request. The resulting array can\'t have more than 500 records.
+--
+-- 'separator', 'firehoseAction_separator' - A character separator that will be used to separate records written to
+-- the Firehose stream. Valid values are: \'\\n\' (newline), \'\\t\' (tab),
+-- \'\\r\\n\' (Windows newline), \',\' (comma).
+--
+-- 'roleArn', 'firehoseAction_roleArn' - The IAM role that grants access to the Amazon Kinesis Firehose stream.
+--
+-- 'deliveryStreamName', 'firehoseAction_deliveryStreamName' - The delivery stream name.
+newFirehoseAction ::
+  -- | 'roleArn'
+  Prelude.Text ->
+  -- | 'deliveryStreamName'
+  Prelude.Text ->
+  FirehoseAction
+newFirehoseAction pRoleArn_ pDeliveryStreamName_ =
+  FirehoseAction'
+    { batchMode = Prelude.Nothing,
+      separator = Prelude.Nothing,
+      roleArn = pRoleArn_,
+      deliveryStreamName = pDeliveryStreamName_
+    }
+
+-- | Whether to deliver the Kinesis Data Firehose stream as a batch by using
+-- <https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html PutRecordBatch>
+-- . The default value is @false@.
+--
+-- When @batchMode@ is @true@ and the rule\'s SQL statement evaluates to an
+-- Array, each Array element forms one record in the
+-- <https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html PutRecordBatch>
+-- request. The resulting array can\'t have more than 500 records.
+firehoseAction_batchMode :: Lens.Lens' FirehoseAction (Prelude.Maybe Prelude.Bool)
+firehoseAction_batchMode = Lens.lens (\FirehoseAction' {batchMode} -> batchMode) (\s@FirehoseAction' {} a -> s {batchMode = a} :: FirehoseAction)
+
+-- | A character separator that will be used to separate records written to
+-- the Firehose stream. Valid values are: \'\\n\' (newline), \'\\t\' (tab),
+-- \'\\r\\n\' (Windows newline), \',\' (comma).
+firehoseAction_separator :: Lens.Lens' FirehoseAction (Prelude.Maybe Prelude.Text)
+firehoseAction_separator = Lens.lens (\FirehoseAction' {separator} -> separator) (\s@FirehoseAction' {} a -> s {separator = a} :: FirehoseAction)
+
+-- | The IAM role that grants access to the Amazon Kinesis Firehose stream.
+firehoseAction_roleArn :: Lens.Lens' FirehoseAction Prelude.Text
+firehoseAction_roleArn = Lens.lens (\FirehoseAction' {roleArn} -> roleArn) (\s@FirehoseAction' {} a -> s {roleArn = a} :: FirehoseAction)
+
+-- | The delivery stream name.
+firehoseAction_deliveryStreamName :: Lens.Lens' FirehoseAction Prelude.Text
+firehoseAction_deliveryStreamName = Lens.lens (\FirehoseAction' {deliveryStreamName} -> deliveryStreamName) (\s@FirehoseAction' {} a -> s {deliveryStreamName = a} :: FirehoseAction)
+
+instance Data.FromJSON FirehoseAction where
+  parseJSON =
+    Data.withObject
+      "FirehoseAction"
+      ( \x ->
+          FirehoseAction'
+            Prelude.<$> (x Data..:? "batchMode")
+            Prelude.<*> (x Data..:? "separator")
+            Prelude.<*> (x Data..: "roleArn")
+            Prelude.<*> (x Data..: "deliveryStreamName")
+      )
+
+instance Prelude.Hashable FirehoseAction where
+  hashWithSalt _salt FirehoseAction' {..} =
+    _salt
+      `Prelude.hashWithSalt` batchMode
+      `Prelude.hashWithSalt` separator
+      `Prelude.hashWithSalt` roleArn
+      `Prelude.hashWithSalt` deliveryStreamName
+
+instance Prelude.NFData FirehoseAction where
+  rnf FirehoseAction' {..} =
+    Prelude.rnf batchMode
+      `Prelude.seq` Prelude.rnf separator
+      `Prelude.seq` Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf deliveryStreamName
+
+instance Data.ToJSON FirehoseAction where
+  toJSON FirehoseAction' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("batchMode" Data..=) Prelude.<$> batchMode,
+            ("separator" Data..=) Prelude.<$> separator,
+            Prelude.Just ("roleArn" Data..= roleArn),
+            Prelude.Just
+              ("deliveryStreamName" Data..= deliveryStreamName)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/FleetMetricNameAndArn.hs b/gen/Amazonka/IoT/Types/FleetMetricNameAndArn.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/FleetMetricNameAndArn.hs
@@ -0,0 +1,84 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.FleetMetricNameAndArn
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.FleetMetricNameAndArn where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The name and ARN of a fleet metric.
+--
+-- /See:/ 'newFleetMetricNameAndArn' smart constructor.
+data FleetMetricNameAndArn = FleetMetricNameAndArn'
+  { -- | The fleet metric ARN.
+    metricArn :: Prelude.Maybe Prelude.Text,
+    -- | The fleet metric name.
+    metricName :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'FleetMetricNameAndArn' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'metricArn', 'fleetMetricNameAndArn_metricArn' - The fleet metric ARN.
+--
+-- 'metricName', 'fleetMetricNameAndArn_metricName' - The fleet metric name.
+newFleetMetricNameAndArn ::
+  FleetMetricNameAndArn
+newFleetMetricNameAndArn =
+  FleetMetricNameAndArn'
+    { metricArn = Prelude.Nothing,
+      metricName = Prelude.Nothing
+    }
+
+-- | The fleet metric ARN.
+fleetMetricNameAndArn_metricArn :: Lens.Lens' FleetMetricNameAndArn (Prelude.Maybe Prelude.Text)
+fleetMetricNameAndArn_metricArn = Lens.lens (\FleetMetricNameAndArn' {metricArn} -> metricArn) (\s@FleetMetricNameAndArn' {} a -> s {metricArn = a} :: FleetMetricNameAndArn)
+
+-- | The fleet metric name.
+fleetMetricNameAndArn_metricName :: Lens.Lens' FleetMetricNameAndArn (Prelude.Maybe Prelude.Text)
+fleetMetricNameAndArn_metricName = Lens.lens (\FleetMetricNameAndArn' {metricName} -> metricName) (\s@FleetMetricNameAndArn' {} a -> s {metricName = a} :: FleetMetricNameAndArn)
+
+instance Data.FromJSON FleetMetricNameAndArn where
+  parseJSON =
+    Data.withObject
+      "FleetMetricNameAndArn"
+      ( \x ->
+          FleetMetricNameAndArn'
+            Prelude.<$> (x Data..:? "metricArn")
+            Prelude.<*> (x Data..:? "metricName")
+      )
+
+instance Prelude.Hashable FleetMetricNameAndArn where
+  hashWithSalt _salt FleetMetricNameAndArn' {..} =
+    _salt
+      `Prelude.hashWithSalt` metricArn
+      `Prelude.hashWithSalt` metricName
+
+instance Prelude.NFData FleetMetricNameAndArn where
+  rnf FleetMetricNameAndArn' {..} =
+    Prelude.rnf metricArn
+      `Prelude.seq` Prelude.rnf metricName
diff --git a/gen/Amazonka/IoT/Types/FleetMetricUnit.hs b/gen/Amazonka/IoT/Types/FleetMetricUnit.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/FleetMetricUnit.hs
@@ -0,0 +1,196 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.FleetMetricUnit
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.FleetMetricUnit
+  ( FleetMetricUnit
+      ( ..,
+        FleetMetricUnit_Bits,
+        FleetMetricUnit_Bits_Second,
+        FleetMetricUnit_Bytes,
+        FleetMetricUnit_Bytes_Second,
+        FleetMetricUnit_Count,
+        FleetMetricUnit_Count_Second,
+        FleetMetricUnit_Gigabits,
+        FleetMetricUnit_Gigabits_Second,
+        FleetMetricUnit_Gigabytes,
+        FleetMetricUnit_Gigabytes_Second,
+        FleetMetricUnit_Kilobits,
+        FleetMetricUnit_Kilobits_Second,
+        FleetMetricUnit_Kilobytes,
+        FleetMetricUnit_Kilobytes_Second,
+        FleetMetricUnit_Megabits,
+        FleetMetricUnit_Megabits_Second,
+        FleetMetricUnit_Megabytes,
+        FleetMetricUnit_Megabytes_Second,
+        FleetMetricUnit_Microseconds,
+        FleetMetricUnit_Milliseconds,
+        FleetMetricUnit_None,
+        FleetMetricUnit_Percent,
+        FleetMetricUnit_Seconds,
+        FleetMetricUnit_Terabits,
+        FleetMetricUnit_Terabits_Second,
+        FleetMetricUnit_Terabytes,
+        FleetMetricUnit_Terabytes_Second
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype FleetMetricUnit = FleetMetricUnit'
+  { fromFleetMetricUnit ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern FleetMetricUnit_Bits :: FleetMetricUnit
+pattern FleetMetricUnit_Bits = FleetMetricUnit' "Bits"
+
+pattern FleetMetricUnit_Bits_Second :: FleetMetricUnit
+pattern FleetMetricUnit_Bits_Second = FleetMetricUnit' "Bits/Second"
+
+pattern FleetMetricUnit_Bytes :: FleetMetricUnit
+pattern FleetMetricUnit_Bytes = FleetMetricUnit' "Bytes"
+
+pattern FleetMetricUnit_Bytes_Second :: FleetMetricUnit
+pattern FleetMetricUnit_Bytes_Second = FleetMetricUnit' "Bytes/Second"
+
+pattern FleetMetricUnit_Count :: FleetMetricUnit
+pattern FleetMetricUnit_Count = FleetMetricUnit' "Count"
+
+pattern FleetMetricUnit_Count_Second :: FleetMetricUnit
+pattern FleetMetricUnit_Count_Second = FleetMetricUnit' "Count/Second"
+
+pattern FleetMetricUnit_Gigabits :: FleetMetricUnit
+pattern FleetMetricUnit_Gigabits = FleetMetricUnit' "Gigabits"
+
+pattern FleetMetricUnit_Gigabits_Second :: FleetMetricUnit
+pattern FleetMetricUnit_Gigabits_Second = FleetMetricUnit' "Gigabits/Second"
+
+pattern FleetMetricUnit_Gigabytes :: FleetMetricUnit
+pattern FleetMetricUnit_Gigabytes = FleetMetricUnit' "Gigabytes"
+
+pattern FleetMetricUnit_Gigabytes_Second :: FleetMetricUnit
+pattern FleetMetricUnit_Gigabytes_Second = FleetMetricUnit' "Gigabytes/Second"
+
+pattern FleetMetricUnit_Kilobits :: FleetMetricUnit
+pattern FleetMetricUnit_Kilobits = FleetMetricUnit' "Kilobits"
+
+pattern FleetMetricUnit_Kilobits_Second :: FleetMetricUnit
+pattern FleetMetricUnit_Kilobits_Second = FleetMetricUnit' "Kilobits/Second"
+
+pattern FleetMetricUnit_Kilobytes :: FleetMetricUnit
+pattern FleetMetricUnit_Kilobytes = FleetMetricUnit' "Kilobytes"
+
+pattern FleetMetricUnit_Kilobytes_Second :: FleetMetricUnit
+pattern FleetMetricUnit_Kilobytes_Second = FleetMetricUnit' "Kilobytes/Second"
+
+pattern FleetMetricUnit_Megabits :: FleetMetricUnit
+pattern FleetMetricUnit_Megabits = FleetMetricUnit' "Megabits"
+
+pattern FleetMetricUnit_Megabits_Second :: FleetMetricUnit
+pattern FleetMetricUnit_Megabits_Second = FleetMetricUnit' "Megabits/Second"
+
+pattern FleetMetricUnit_Megabytes :: FleetMetricUnit
+pattern FleetMetricUnit_Megabytes = FleetMetricUnit' "Megabytes"
+
+pattern FleetMetricUnit_Megabytes_Second :: FleetMetricUnit
+pattern FleetMetricUnit_Megabytes_Second = FleetMetricUnit' "Megabytes/Second"
+
+pattern FleetMetricUnit_Microseconds :: FleetMetricUnit
+pattern FleetMetricUnit_Microseconds = FleetMetricUnit' "Microseconds"
+
+pattern FleetMetricUnit_Milliseconds :: FleetMetricUnit
+pattern FleetMetricUnit_Milliseconds = FleetMetricUnit' "Milliseconds"
+
+pattern FleetMetricUnit_None :: FleetMetricUnit
+pattern FleetMetricUnit_None = FleetMetricUnit' "None"
+
+pattern FleetMetricUnit_Percent :: FleetMetricUnit
+pattern FleetMetricUnit_Percent = FleetMetricUnit' "Percent"
+
+pattern FleetMetricUnit_Seconds :: FleetMetricUnit
+pattern FleetMetricUnit_Seconds = FleetMetricUnit' "Seconds"
+
+pattern FleetMetricUnit_Terabits :: FleetMetricUnit
+pattern FleetMetricUnit_Terabits = FleetMetricUnit' "Terabits"
+
+pattern FleetMetricUnit_Terabits_Second :: FleetMetricUnit
+pattern FleetMetricUnit_Terabits_Second = FleetMetricUnit' "Terabits/Second"
+
+pattern FleetMetricUnit_Terabytes :: FleetMetricUnit
+pattern FleetMetricUnit_Terabytes = FleetMetricUnit' "Terabytes"
+
+pattern FleetMetricUnit_Terabytes_Second :: FleetMetricUnit
+pattern FleetMetricUnit_Terabytes_Second = FleetMetricUnit' "Terabytes/Second"
+
+{-# COMPLETE
+  FleetMetricUnit_Bits,
+  FleetMetricUnit_Bits_Second,
+  FleetMetricUnit_Bytes,
+  FleetMetricUnit_Bytes_Second,
+  FleetMetricUnit_Count,
+  FleetMetricUnit_Count_Second,
+  FleetMetricUnit_Gigabits,
+  FleetMetricUnit_Gigabits_Second,
+  FleetMetricUnit_Gigabytes,
+  FleetMetricUnit_Gigabytes_Second,
+  FleetMetricUnit_Kilobits,
+  FleetMetricUnit_Kilobits_Second,
+  FleetMetricUnit_Kilobytes,
+  FleetMetricUnit_Kilobytes_Second,
+  FleetMetricUnit_Megabits,
+  FleetMetricUnit_Megabits_Second,
+  FleetMetricUnit_Megabytes,
+  FleetMetricUnit_Megabytes_Second,
+  FleetMetricUnit_Microseconds,
+  FleetMetricUnit_Milliseconds,
+  FleetMetricUnit_None,
+  FleetMetricUnit_Percent,
+  FleetMetricUnit_Seconds,
+  FleetMetricUnit_Terabits,
+  FleetMetricUnit_Terabits_Second,
+  FleetMetricUnit_Terabytes,
+  FleetMetricUnit_Terabytes_Second,
+  FleetMetricUnit'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/GroupNameAndArn.hs b/gen/Amazonka/IoT/Types/GroupNameAndArn.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/GroupNameAndArn.hs
@@ -0,0 +1,84 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.GroupNameAndArn
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.GroupNameAndArn where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The name and ARN of a group.
+--
+-- /See:/ 'newGroupNameAndArn' smart constructor.
+data GroupNameAndArn = GroupNameAndArn'
+  { -- | The group ARN.
+    groupArn :: Prelude.Maybe Prelude.Text,
+    -- | The group name.
+    groupName :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GroupNameAndArn' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'groupArn', 'groupNameAndArn_groupArn' - The group ARN.
+--
+-- 'groupName', 'groupNameAndArn_groupName' - The group name.
+newGroupNameAndArn ::
+  GroupNameAndArn
+newGroupNameAndArn =
+  GroupNameAndArn'
+    { groupArn = Prelude.Nothing,
+      groupName = Prelude.Nothing
+    }
+
+-- | The group ARN.
+groupNameAndArn_groupArn :: Lens.Lens' GroupNameAndArn (Prelude.Maybe Prelude.Text)
+groupNameAndArn_groupArn = Lens.lens (\GroupNameAndArn' {groupArn} -> groupArn) (\s@GroupNameAndArn' {} a -> s {groupArn = a} :: GroupNameAndArn)
+
+-- | The group name.
+groupNameAndArn_groupName :: Lens.Lens' GroupNameAndArn (Prelude.Maybe Prelude.Text)
+groupNameAndArn_groupName = Lens.lens (\GroupNameAndArn' {groupName} -> groupName) (\s@GroupNameAndArn' {} a -> s {groupName = a} :: GroupNameAndArn)
+
+instance Data.FromJSON GroupNameAndArn where
+  parseJSON =
+    Data.withObject
+      "GroupNameAndArn"
+      ( \x ->
+          GroupNameAndArn'
+            Prelude.<$> (x Data..:? "groupArn")
+            Prelude.<*> (x Data..:? "groupName")
+      )
+
+instance Prelude.Hashable GroupNameAndArn where
+  hashWithSalt _salt GroupNameAndArn' {..} =
+    _salt
+      `Prelude.hashWithSalt` groupArn
+      `Prelude.hashWithSalt` groupName
+
+instance Prelude.NFData GroupNameAndArn where
+  rnf GroupNameAndArn' {..} =
+    Prelude.rnf groupArn
+      `Prelude.seq` Prelude.rnf groupName
diff --git a/gen/Amazonka/IoT/Types/HttpAction.hs b/gen/Amazonka/IoT/Types/HttpAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/HttpAction.hs
@@ -0,0 +1,148 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.HttpAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.HttpAction where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.HttpActionHeader
+import Amazonka.IoT.Types.HttpAuthorization
+import qualified Amazonka.Prelude as Prelude
+
+-- | Send data to an HTTPS endpoint.
+--
+-- /See:/ 'newHttpAction' smart constructor.
+data HttpAction = HttpAction'
+  { -- | The authentication method to use when sending data to an HTTPS endpoint.
+    auth :: Prelude.Maybe HttpAuthorization,
+    -- | The URL to which IoT sends a confirmation message. The value of the
+    -- confirmation URL must be a prefix of the endpoint URL. If you do not
+    -- specify a confirmation URL IoT uses the endpoint URL as the confirmation
+    -- URL. If you use substitution templates in the confirmationUrl, you must
+    -- create and enable topic rule destinations that match each possible value
+    -- of the substitution template before traffic is allowed to your endpoint
+    -- URL.
+    confirmationUrl :: Prelude.Maybe Prelude.Text,
+    -- | The HTTP headers to send with the message data.
+    headers :: Prelude.Maybe [HttpActionHeader],
+    -- | The endpoint URL. If substitution templates are used in the URL, you
+    -- must also specify a @confirmationUrl@. If this is a new destination, a
+    -- new @TopicRuleDestination@ is created if possible.
+    url :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'HttpAction' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'auth', 'httpAction_auth' - The authentication method to use when sending data to an HTTPS endpoint.
+--
+-- 'confirmationUrl', 'httpAction_confirmationUrl' - The URL to which IoT sends a confirmation message. The value of the
+-- confirmation URL must be a prefix of the endpoint URL. If you do not
+-- specify a confirmation URL IoT uses the endpoint URL as the confirmation
+-- URL. If you use substitution templates in the confirmationUrl, you must
+-- create and enable topic rule destinations that match each possible value
+-- of the substitution template before traffic is allowed to your endpoint
+-- URL.
+--
+-- 'headers', 'httpAction_headers' - The HTTP headers to send with the message data.
+--
+-- 'url', 'httpAction_url' - The endpoint URL. If substitution templates are used in the URL, you
+-- must also specify a @confirmationUrl@. If this is a new destination, a
+-- new @TopicRuleDestination@ is created if possible.
+newHttpAction ::
+  -- | 'url'
+  Prelude.Text ->
+  HttpAction
+newHttpAction pUrl_ =
+  HttpAction'
+    { auth = Prelude.Nothing,
+      confirmationUrl = Prelude.Nothing,
+      headers = Prelude.Nothing,
+      url = pUrl_
+    }
+
+-- | The authentication method to use when sending data to an HTTPS endpoint.
+httpAction_auth :: Lens.Lens' HttpAction (Prelude.Maybe HttpAuthorization)
+httpAction_auth = Lens.lens (\HttpAction' {auth} -> auth) (\s@HttpAction' {} a -> s {auth = a} :: HttpAction)
+
+-- | The URL to which IoT sends a confirmation message. The value of the
+-- confirmation URL must be a prefix of the endpoint URL. If you do not
+-- specify a confirmation URL IoT uses the endpoint URL as the confirmation
+-- URL. If you use substitution templates in the confirmationUrl, you must
+-- create and enable topic rule destinations that match each possible value
+-- of the substitution template before traffic is allowed to your endpoint
+-- URL.
+httpAction_confirmationUrl :: Lens.Lens' HttpAction (Prelude.Maybe Prelude.Text)
+httpAction_confirmationUrl = Lens.lens (\HttpAction' {confirmationUrl} -> confirmationUrl) (\s@HttpAction' {} a -> s {confirmationUrl = a} :: HttpAction)
+
+-- | The HTTP headers to send with the message data.
+httpAction_headers :: Lens.Lens' HttpAction (Prelude.Maybe [HttpActionHeader])
+httpAction_headers = Lens.lens (\HttpAction' {headers} -> headers) (\s@HttpAction' {} a -> s {headers = a} :: HttpAction) Prelude.. Lens.mapping Lens.coerced
+
+-- | The endpoint URL. If substitution templates are used in the URL, you
+-- must also specify a @confirmationUrl@. If this is a new destination, a
+-- new @TopicRuleDestination@ is created if possible.
+httpAction_url :: Lens.Lens' HttpAction Prelude.Text
+httpAction_url = Lens.lens (\HttpAction' {url} -> url) (\s@HttpAction' {} a -> s {url = a} :: HttpAction)
+
+instance Data.FromJSON HttpAction where
+  parseJSON =
+    Data.withObject
+      "HttpAction"
+      ( \x ->
+          HttpAction'
+            Prelude.<$> (x Data..:? "auth")
+            Prelude.<*> (x Data..:? "confirmationUrl")
+            Prelude.<*> (x Data..:? "headers" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..: "url")
+      )
+
+instance Prelude.Hashable HttpAction where
+  hashWithSalt _salt HttpAction' {..} =
+    _salt
+      `Prelude.hashWithSalt` auth
+      `Prelude.hashWithSalt` confirmationUrl
+      `Prelude.hashWithSalt` headers
+      `Prelude.hashWithSalt` url
+
+instance Prelude.NFData HttpAction where
+  rnf HttpAction' {..} =
+    Prelude.rnf auth
+      `Prelude.seq` Prelude.rnf confirmationUrl
+      `Prelude.seq` Prelude.rnf headers
+      `Prelude.seq` Prelude.rnf url
+
+instance Data.ToJSON HttpAction where
+  toJSON HttpAction' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("auth" Data..=) Prelude.<$> auth,
+            ("confirmationUrl" Data..=)
+              Prelude.<$> confirmationUrl,
+            ("headers" Data..=) Prelude.<$> headers,
+            Prelude.Just ("url" Data..= url)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/HttpActionHeader.hs b/gen/Amazonka/IoT/Types/HttpActionHeader.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/HttpActionHeader.hs
@@ -0,0 +1,93 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.HttpActionHeader
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.HttpActionHeader where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The HTTP action header.
+--
+-- /See:/ 'newHttpActionHeader' smart constructor.
+data HttpActionHeader = HttpActionHeader'
+  { -- | The HTTP header key.
+    key :: Prelude.Text,
+    -- | The HTTP header value. Substitution templates are supported.
+    value :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'HttpActionHeader' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'key', 'httpActionHeader_key' - The HTTP header key.
+--
+-- 'value', 'httpActionHeader_value' - The HTTP header value. Substitution templates are supported.
+newHttpActionHeader ::
+  -- | 'key'
+  Prelude.Text ->
+  -- | 'value'
+  Prelude.Text ->
+  HttpActionHeader
+newHttpActionHeader pKey_ pValue_ =
+  HttpActionHeader' {key = pKey_, value = pValue_}
+
+-- | The HTTP header key.
+httpActionHeader_key :: Lens.Lens' HttpActionHeader Prelude.Text
+httpActionHeader_key = Lens.lens (\HttpActionHeader' {key} -> key) (\s@HttpActionHeader' {} a -> s {key = a} :: HttpActionHeader)
+
+-- | The HTTP header value. Substitution templates are supported.
+httpActionHeader_value :: Lens.Lens' HttpActionHeader Prelude.Text
+httpActionHeader_value = Lens.lens (\HttpActionHeader' {value} -> value) (\s@HttpActionHeader' {} a -> s {value = a} :: HttpActionHeader)
+
+instance Data.FromJSON HttpActionHeader where
+  parseJSON =
+    Data.withObject
+      "HttpActionHeader"
+      ( \x ->
+          HttpActionHeader'
+            Prelude.<$> (x Data..: "key")
+            Prelude.<*> (x Data..: "value")
+      )
+
+instance Prelude.Hashable HttpActionHeader where
+  hashWithSalt _salt HttpActionHeader' {..} =
+    _salt
+      `Prelude.hashWithSalt` key
+      `Prelude.hashWithSalt` value
+
+instance Prelude.NFData HttpActionHeader where
+  rnf HttpActionHeader' {..} =
+    Prelude.rnf key `Prelude.seq` Prelude.rnf value
+
+instance Data.ToJSON HttpActionHeader where
+  toJSON HttpActionHeader' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("key" Data..= key),
+            Prelude.Just ("value" Data..= value)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/HttpAuthorization.hs b/gen/Amazonka/IoT/Types/HttpAuthorization.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/HttpAuthorization.hs
@@ -0,0 +1,78 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.HttpAuthorization
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.HttpAuthorization where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.SigV4Authorization
+import qualified Amazonka.Prelude as Prelude
+
+-- | The authorization method used to send messages.
+--
+-- /See:/ 'newHttpAuthorization' smart constructor.
+data HttpAuthorization = HttpAuthorization'
+  { -- | Use Sig V4 authorization. For more information, see
+    -- <https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html Signature Version 4 Signing Process>.
+    sigv4 :: Prelude.Maybe SigV4Authorization
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'HttpAuthorization' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'sigv4', 'httpAuthorization_sigv4' - Use Sig V4 authorization. For more information, see
+-- <https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html Signature Version 4 Signing Process>.
+newHttpAuthorization ::
+  HttpAuthorization
+newHttpAuthorization =
+  HttpAuthorization' {sigv4 = Prelude.Nothing}
+
+-- | Use Sig V4 authorization. For more information, see
+-- <https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html Signature Version 4 Signing Process>.
+httpAuthorization_sigv4 :: Lens.Lens' HttpAuthorization (Prelude.Maybe SigV4Authorization)
+httpAuthorization_sigv4 = Lens.lens (\HttpAuthorization' {sigv4} -> sigv4) (\s@HttpAuthorization' {} a -> s {sigv4 = a} :: HttpAuthorization)
+
+instance Data.FromJSON HttpAuthorization where
+  parseJSON =
+    Data.withObject
+      "HttpAuthorization"
+      ( \x ->
+          HttpAuthorization' Prelude.<$> (x Data..:? "sigv4")
+      )
+
+instance Prelude.Hashable HttpAuthorization where
+  hashWithSalt _salt HttpAuthorization' {..} =
+    _salt `Prelude.hashWithSalt` sigv4
+
+instance Prelude.NFData HttpAuthorization where
+  rnf HttpAuthorization' {..} = Prelude.rnf sigv4
+
+instance Data.ToJSON HttpAuthorization where
+  toJSON HttpAuthorization' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [("sigv4" Data..=) Prelude.<$> sigv4]
+      )
diff --git a/gen/Amazonka/IoT/Types/HttpContext.hs b/gen/Amazonka/IoT/Types/HttpContext.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/HttpContext.hs
@@ -0,0 +1,83 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.HttpContext
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.HttpContext where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Specifies the HTTP context to use for the test authorizer request.
+--
+-- /See:/ 'newHttpContext' smart constructor.
+data HttpContext = HttpContext'
+  { -- | The header keys and values in an HTTP authorization request.
+    headers :: Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text),
+    -- | The query string keys and values in an HTTP authorization request.
+    queryString :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'HttpContext' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'headers', 'httpContext_headers' - The header keys and values in an HTTP authorization request.
+--
+-- 'queryString', 'httpContext_queryString' - The query string keys and values in an HTTP authorization request.
+newHttpContext ::
+  HttpContext
+newHttpContext =
+  HttpContext'
+    { headers = Prelude.Nothing,
+      queryString = Prelude.Nothing
+    }
+
+-- | The header keys and values in an HTTP authorization request.
+httpContext_headers :: Lens.Lens' HttpContext (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
+httpContext_headers = Lens.lens (\HttpContext' {headers} -> headers) (\s@HttpContext' {} a -> s {headers = a} :: HttpContext) Prelude.. Lens.mapping Lens.coerced
+
+-- | The query string keys and values in an HTTP authorization request.
+httpContext_queryString :: Lens.Lens' HttpContext (Prelude.Maybe Prelude.Text)
+httpContext_queryString = Lens.lens (\HttpContext' {queryString} -> queryString) (\s@HttpContext' {} a -> s {queryString = a} :: HttpContext)
+
+instance Prelude.Hashable HttpContext where
+  hashWithSalt _salt HttpContext' {..} =
+    _salt
+      `Prelude.hashWithSalt` headers
+      `Prelude.hashWithSalt` queryString
+
+instance Prelude.NFData HttpContext where
+  rnf HttpContext' {..} =
+    Prelude.rnf headers
+      `Prelude.seq` Prelude.rnf queryString
+
+instance Data.ToJSON HttpContext where
+  toJSON HttpContext' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("headers" Data..=) Prelude.<$> headers,
+            ("queryString" Data..=) Prelude.<$> queryString
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/HttpUrlDestinationConfiguration.hs b/gen/Amazonka/IoT/Types/HttpUrlDestinationConfiguration.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/HttpUrlDestinationConfiguration.hs
@@ -0,0 +1,86 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.HttpUrlDestinationConfiguration
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.HttpUrlDestinationConfiguration where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | HTTP URL destination configuration used by the topic rule\'s HTTP
+-- action.
+--
+-- /See:/ 'newHttpUrlDestinationConfiguration' smart constructor.
+data HttpUrlDestinationConfiguration = HttpUrlDestinationConfiguration'
+  { -- | The URL IoT uses to confirm ownership of or access to the topic rule
+    -- destination URL.
+    confirmationUrl :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'HttpUrlDestinationConfiguration' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'confirmationUrl', 'httpUrlDestinationConfiguration_confirmationUrl' - The URL IoT uses to confirm ownership of or access to the topic rule
+-- destination URL.
+newHttpUrlDestinationConfiguration ::
+  -- | 'confirmationUrl'
+  Prelude.Text ->
+  HttpUrlDestinationConfiguration
+newHttpUrlDestinationConfiguration pConfirmationUrl_ =
+  HttpUrlDestinationConfiguration'
+    { confirmationUrl =
+        pConfirmationUrl_
+    }
+
+-- | The URL IoT uses to confirm ownership of or access to the topic rule
+-- destination URL.
+httpUrlDestinationConfiguration_confirmationUrl :: Lens.Lens' HttpUrlDestinationConfiguration Prelude.Text
+httpUrlDestinationConfiguration_confirmationUrl = Lens.lens (\HttpUrlDestinationConfiguration' {confirmationUrl} -> confirmationUrl) (\s@HttpUrlDestinationConfiguration' {} a -> s {confirmationUrl = a} :: HttpUrlDestinationConfiguration)
+
+instance
+  Prelude.Hashable
+    HttpUrlDestinationConfiguration
+  where
+  hashWithSalt
+    _salt
+    HttpUrlDestinationConfiguration' {..} =
+      _salt `Prelude.hashWithSalt` confirmationUrl
+
+instance
+  Prelude.NFData
+    HttpUrlDestinationConfiguration
+  where
+  rnf HttpUrlDestinationConfiguration' {..} =
+    Prelude.rnf confirmationUrl
+
+instance Data.ToJSON HttpUrlDestinationConfiguration where
+  toJSON HttpUrlDestinationConfiguration' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just
+              ("confirmationUrl" Data..= confirmationUrl)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/HttpUrlDestinationProperties.hs b/gen/Amazonka/IoT/Types/HttpUrlDestinationProperties.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/HttpUrlDestinationProperties.hs
@@ -0,0 +1,75 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.HttpUrlDestinationProperties
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.HttpUrlDestinationProperties where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | HTTP URL destination properties.
+--
+-- /See:/ 'newHttpUrlDestinationProperties' smart constructor.
+data HttpUrlDestinationProperties = HttpUrlDestinationProperties'
+  { -- | The URL used to confirm the HTTP topic rule destination URL.
+    confirmationUrl :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'HttpUrlDestinationProperties' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'confirmationUrl', 'httpUrlDestinationProperties_confirmationUrl' - The URL used to confirm the HTTP topic rule destination URL.
+newHttpUrlDestinationProperties ::
+  HttpUrlDestinationProperties
+newHttpUrlDestinationProperties =
+  HttpUrlDestinationProperties'
+    { confirmationUrl =
+        Prelude.Nothing
+    }
+
+-- | The URL used to confirm the HTTP topic rule destination URL.
+httpUrlDestinationProperties_confirmationUrl :: Lens.Lens' HttpUrlDestinationProperties (Prelude.Maybe Prelude.Text)
+httpUrlDestinationProperties_confirmationUrl = Lens.lens (\HttpUrlDestinationProperties' {confirmationUrl} -> confirmationUrl) (\s@HttpUrlDestinationProperties' {} a -> s {confirmationUrl = a} :: HttpUrlDestinationProperties)
+
+instance Data.FromJSON HttpUrlDestinationProperties where
+  parseJSON =
+    Data.withObject
+      "HttpUrlDestinationProperties"
+      ( \x ->
+          HttpUrlDestinationProperties'
+            Prelude.<$> (x Data..:? "confirmationUrl")
+      )
+
+instance
+  Prelude.Hashable
+    HttpUrlDestinationProperties
+  where
+  hashWithSalt _salt HttpUrlDestinationProperties' {..} =
+    _salt `Prelude.hashWithSalt` confirmationUrl
+
+instance Prelude.NFData HttpUrlDestinationProperties where
+  rnf HttpUrlDestinationProperties' {..} =
+    Prelude.rnf confirmationUrl
diff --git a/gen/Amazonka/IoT/Types/HttpUrlDestinationSummary.hs b/gen/Amazonka/IoT/Types/HttpUrlDestinationSummary.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/HttpUrlDestinationSummary.hs
@@ -0,0 +1,75 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.HttpUrlDestinationSummary
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.HttpUrlDestinationSummary where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Information about an HTTP URL destination.
+--
+-- /See:/ 'newHttpUrlDestinationSummary' smart constructor.
+data HttpUrlDestinationSummary = HttpUrlDestinationSummary'
+  { -- | The URL used to confirm ownership of or access to the HTTP topic rule
+    -- destination URL.
+    confirmationUrl :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'HttpUrlDestinationSummary' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'confirmationUrl', 'httpUrlDestinationSummary_confirmationUrl' - The URL used to confirm ownership of or access to the HTTP topic rule
+-- destination URL.
+newHttpUrlDestinationSummary ::
+  HttpUrlDestinationSummary
+newHttpUrlDestinationSummary =
+  HttpUrlDestinationSummary'
+    { confirmationUrl =
+        Prelude.Nothing
+    }
+
+-- | The URL used to confirm ownership of or access to the HTTP topic rule
+-- destination URL.
+httpUrlDestinationSummary_confirmationUrl :: Lens.Lens' HttpUrlDestinationSummary (Prelude.Maybe Prelude.Text)
+httpUrlDestinationSummary_confirmationUrl = Lens.lens (\HttpUrlDestinationSummary' {confirmationUrl} -> confirmationUrl) (\s@HttpUrlDestinationSummary' {} a -> s {confirmationUrl = a} :: HttpUrlDestinationSummary)
+
+instance Data.FromJSON HttpUrlDestinationSummary where
+  parseJSON =
+    Data.withObject
+      "HttpUrlDestinationSummary"
+      ( \x ->
+          HttpUrlDestinationSummary'
+            Prelude.<$> (x Data..:? "confirmationUrl")
+      )
+
+instance Prelude.Hashable HttpUrlDestinationSummary where
+  hashWithSalt _salt HttpUrlDestinationSummary' {..} =
+    _salt `Prelude.hashWithSalt` confirmationUrl
+
+instance Prelude.NFData HttpUrlDestinationSummary where
+  rnf HttpUrlDestinationSummary' {..} =
+    Prelude.rnf confirmationUrl
diff --git a/gen/Amazonka/IoT/Types/ImplicitDeny.hs b/gen/Amazonka/IoT/Types/ImplicitDeny.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ImplicitDeny.hs
@@ -0,0 +1,74 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ImplicitDeny
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ImplicitDeny where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.Policy
+import qualified Amazonka.Prelude as Prelude
+
+-- | Information that implicitly denies authorization. When policy doesn\'t
+-- explicitly deny or allow an action on a resource it is considered an
+-- implicit deny.
+--
+-- /See:/ 'newImplicitDeny' smart constructor.
+data ImplicitDeny = ImplicitDeny'
+  { -- | Policies that don\'t contain a matching allow or deny statement for the
+    -- specified action on the specified resource.
+    policies :: Prelude.Maybe [Policy]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ImplicitDeny' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'policies', 'implicitDeny_policies' - Policies that don\'t contain a matching allow or deny statement for the
+-- specified action on the specified resource.
+newImplicitDeny ::
+  ImplicitDeny
+newImplicitDeny =
+  ImplicitDeny' {policies = Prelude.Nothing}
+
+-- | Policies that don\'t contain a matching allow or deny statement for the
+-- specified action on the specified resource.
+implicitDeny_policies :: Lens.Lens' ImplicitDeny (Prelude.Maybe [Policy])
+implicitDeny_policies = Lens.lens (\ImplicitDeny' {policies} -> policies) (\s@ImplicitDeny' {} a -> s {policies = a} :: ImplicitDeny) Prelude.. Lens.mapping Lens.coerced
+
+instance Data.FromJSON ImplicitDeny where
+  parseJSON =
+    Data.withObject
+      "ImplicitDeny"
+      ( \x ->
+          ImplicitDeny'
+            Prelude.<$> (x Data..:? "policies" Data..!= Prelude.mempty)
+      )
+
+instance Prelude.Hashable ImplicitDeny where
+  hashWithSalt _salt ImplicitDeny' {..} =
+    _salt `Prelude.hashWithSalt` policies
+
+instance Prelude.NFData ImplicitDeny where
+  rnf ImplicitDeny' {..} = Prelude.rnf policies
diff --git a/gen/Amazonka/IoT/Types/IndexStatus.hs b/gen/Amazonka/IoT/Types/IndexStatus.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/IndexStatus.hs
@@ -0,0 +1,76 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.IndexStatus
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.IndexStatus
+  ( IndexStatus
+      ( ..,
+        IndexStatus_ACTIVE,
+        IndexStatus_BUILDING,
+        IndexStatus_REBUILDING
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype IndexStatus = IndexStatus'
+  { fromIndexStatus ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern IndexStatus_ACTIVE :: IndexStatus
+pattern IndexStatus_ACTIVE = IndexStatus' "ACTIVE"
+
+pattern IndexStatus_BUILDING :: IndexStatus
+pattern IndexStatus_BUILDING = IndexStatus' "BUILDING"
+
+pattern IndexStatus_REBUILDING :: IndexStatus
+pattern IndexStatus_REBUILDING = IndexStatus' "REBUILDING"
+
+{-# COMPLETE
+  IndexStatus_ACTIVE,
+  IndexStatus_BUILDING,
+  IndexStatus_REBUILDING,
+  IndexStatus'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/IndexingFilter.hs b/gen/Amazonka/IoT/Types/IndexingFilter.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/IndexingFilter.hs
@@ -0,0 +1,94 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.IndexingFilter
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.IndexingFilter where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Provides additional filters for specific data sources. Named shadow is
+-- the only data source that currently supports and requires a filter. To
+-- add named shadows to your fleet indexing configuration, set
+-- @namedShadowIndexingMode@ to be @ON@ and specify your shadow names in
+-- @filter@.
+--
+-- /See:/ 'newIndexingFilter' smart constructor.
+data IndexingFilter = IndexingFilter'
+  { -- | The shadow names that you select to index. The default maximum number of
+    -- shadow names for indexing is 10. To increase the limit, see
+    -- <https://docs.aws.amazon.com/general/latest/gr/iot_device_management.html#fleet-indexing-limits Amazon Web Services IoT Device Management Quotas>
+    -- in the /Amazon Web Services General Reference/.
+    namedShadowNames :: Prelude.Maybe [Prelude.Text]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'IndexingFilter' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'namedShadowNames', 'indexingFilter_namedShadowNames' - The shadow names that you select to index. The default maximum number of
+-- shadow names for indexing is 10. To increase the limit, see
+-- <https://docs.aws.amazon.com/general/latest/gr/iot_device_management.html#fleet-indexing-limits Amazon Web Services IoT Device Management Quotas>
+-- in the /Amazon Web Services General Reference/.
+newIndexingFilter ::
+  IndexingFilter
+newIndexingFilter =
+  IndexingFilter' {namedShadowNames = Prelude.Nothing}
+
+-- | The shadow names that you select to index. The default maximum number of
+-- shadow names for indexing is 10. To increase the limit, see
+-- <https://docs.aws.amazon.com/general/latest/gr/iot_device_management.html#fleet-indexing-limits Amazon Web Services IoT Device Management Quotas>
+-- in the /Amazon Web Services General Reference/.
+indexingFilter_namedShadowNames :: Lens.Lens' IndexingFilter (Prelude.Maybe [Prelude.Text])
+indexingFilter_namedShadowNames = Lens.lens (\IndexingFilter' {namedShadowNames} -> namedShadowNames) (\s@IndexingFilter' {} a -> s {namedShadowNames = a} :: IndexingFilter) Prelude.. Lens.mapping Lens.coerced
+
+instance Data.FromJSON IndexingFilter where
+  parseJSON =
+    Data.withObject
+      "IndexingFilter"
+      ( \x ->
+          IndexingFilter'
+            Prelude.<$> ( x
+                            Data..:? "namedShadowNames"
+                            Data..!= Prelude.mempty
+                        )
+      )
+
+instance Prelude.Hashable IndexingFilter where
+  hashWithSalt _salt IndexingFilter' {..} =
+    _salt `Prelude.hashWithSalt` namedShadowNames
+
+instance Prelude.NFData IndexingFilter where
+  rnf IndexingFilter' {..} =
+    Prelude.rnf namedShadowNames
+
+instance Data.ToJSON IndexingFilter where
+  toJSON IndexingFilter' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("namedShadowNames" Data..=)
+              Prelude.<$> namedShadowNames
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/IotAnalyticsAction.hs b/gen/Amazonka/IoT/Types/IotAnalyticsAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/IotAnalyticsAction.hs
@@ -0,0 +1,152 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.IotAnalyticsAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.IotAnalyticsAction where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Sends message data to an IoT Analytics channel.
+--
+-- /See:/ 'newIotAnalyticsAction' smart constructor.
+data IotAnalyticsAction = IotAnalyticsAction'
+  { -- | Whether to process the action as a batch. The default value is @false@.
+    --
+    -- When @batchMode@ is @true@ and the rule SQL statement evaluates to an
+    -- Array, each Array element is delivered as a separate message when passed
+    -- by
+    -- <https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_BatchPutMessage.html BatchPutMessage>
+    -- to the IoT Analytics channel. The resulting array can\'t have more than
+    -- 100 messages.
+    batchMode :: Prelude.Maybe Prelude.Bool,
+    -- | (deprecated) The ARN of the IoT Analytics channel to which message data
+    -- will be sent.
+    channelArn :: Prelude.Maybe Prelude.Text,
+    -- | The name of the IoT Analytics channel to which message data will be
+    -- sent.
+    channelName :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the role which has a policy that grants IoT Analytics
+    -- permission to send message data via IoT Analytics
+    -- (iotanalytics:BatchPutMessage).
+    roleArn :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'IotAnalyticsAction' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'batchMode', 'iotAnalyticsAction_batchMode' - Whether to process the action as a batch. The default value is @false@.
+--
+-- When @batchMode@ is @true@ and the rule SQL statement evaluates to an
+-- Array, each Array element is delivered as a separate message when passed
+-- by
+-- <https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_BatchPutMessage.html BatchPutMessage>
+-- to the IoT Analytics channel. The resulting array can\'t have more than
+-- 100 messages.
+--
+-- 'channelArn', 'iotAnalyticsAction_channelArn' - (deprecated) The ARN of the IoT Analytics channel to which message data
+-- will be sent.
+--
+-- 'channelName', 'iotAnalyticsAction_channelName' - The name of the IoT Analytics channel to which message data will be
+-- sent.
+--
+-- 'roleArn', 'iotAnalyticsAction_roleArn' - The ARN of the role which has a policy that grants IoT Analytics
+-- permission to send message data via IoT Analytics
+-- (iotanalytics:BatchPutMessage).
+newIotAnalyticsAction ::
+  IotAnalyticsAction
+newIotAnalyticsAction =
+  IotAnalyticsAction'
+    { batchMode = Prelude.Nothing,
+      channelArn = Prelude.Nothing,
+      channelName = Prelude.Nothing,
+      roleArn = Prelude.Nothing
+    }
+
+-- | Whether to process the action as a batch. The default value is @false@.
+--
+-- When @batchMode@ is @true@ and the rule SQL statement evaluates to an
+-- Array, each Array element is delivered as a separate message when passed
+-- by
+-- <https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_BatchPutMessage.html BatchPutMessage>
+-- to the IoT Analytics channel. The resulting array can\'t have more than
+-- 100 messages.
+iotAnalyticsAction_batchMode :: Lens.Lens' IotAnalyticsAction (Prelude.Maybe Prelude.Bool)
+iotAnalyticsAction_batchMode = Lens.lens (\IotAnalyticsAction' {batchMode} -> batchMode) (\s@IotAnalyticsAction' {} a -> s {batchMode = a} :: IotAnalyticsAction)
+
+-- | (deprecated) The ARN of the IoT Analytics channel to which message data
+-- will be sent.
+iotAnalyticsAction_channelArn :: Lens.Lens' IotAnalyticsAction (Prelude.Maybe Prelude.Text)
+iotAnalyticsAction_channelArn = Lens.lens (\IotAnalyticsAction' {channelArn} -> channelArn) (\s@IotAnalyticsAction' {} a -> s {channelArn = a} :: IotAnalyticsAction)
+
+-- | The name of the IoT Analytics channel to which message data will be
+-- sent.
+iotAnalyticsAction_channelName :: Lens.Lens' IotAnalyticsAction (Prelude.Maybe Prelude.Text)
+iotAnalyticsAction_channelName = Lens.lens (\IotAnalyticsAction' {channelName} -> channelName) (\s@IotAnalyticsAction' {} a -> s {channelName = a} :: IotAnalyticsAction)
+
+-- | The ARN of the role which has a policy that grants IoT Analytics
+-- permission to send message data via IoT Analytics
+-- (iotanalytics:BatchPutMessage).
+iotAnalyticsAction_roleArn :: Lens.Lens' IotAnalyticsAction (Prelude.Maybe Prelude.Text)
+iotAnalyticsAction_roleArn = Lens.lens (\IotAnalyticsAction' {roleArn} -> roleArn) (\s@IotAnalyticsAction' {} a -> s {roleArn = a} :: IotAnalyticsAction)
+
+instance Data.FromJSON IotAnalyticsAction where
+  parseJSON =
+    Data.withObject
+      "IotAnalyticsAction"
+      ( \x ->
+          IotAnalyticsAction'
+            Prelude.<$> (x Data..:? "batchMode")
+            Prelude.<*> (x Data..:? "channelArn")
+            Prelude.<*> (x Data..:? "channelName")
+            Prelude.<*> (x Data..:? "roleArn")
+      )
+
+instance Prelude.Hashable IotAnalyticsAction where
+  hashWithSalt _salt IotAnalyticsAction' {..} =
+    _salt
+      `Prelude.hashWithSalt` batchMode
+      `Prelude.hashWithSalt` channelArn
+      `Prelude.hashWithSalt` channelName
+      `Prelude.hashWithSalt` roleArn
+
+instance Prelude.NFData IotAnalyticsAction where
+  rnf IotAnalyticsAction' {..} =
+    Prelude.rnf batchMode
+      `Prelude.seq` Prelude.rnf channelArn
+      `Prelude.seq` Prelude.rnf channelName
+      `Prelude.seq` Prelude.rnf roleArn
+
+instance Data.ToJSON IotAnalyticsAction where
+  toJSON IotAnalyticsAction' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("batchMode" Data..=) Prelude.<$> batchMode,
+            ("channelArn" Data..=) Prelude.<$> channelArn,
+            ("channelName" Data..=) Prelude.<$> channelName,
+            ("roleArn" Data..=) Prelude.<$> roleArn
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/IotEventsAction.hs b/gen/Amazonka/IoT/Types/IotEventsAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/IotEventsAction.hs
@@ -0,0 +1,171 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.IotEventsAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.IotEventsAction where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Sends an input to an IoT Events detector.
+--
+-- /See:/ 'newIotEventsAction' smart constructor.
+data IotEventsAction = IotEventsAction'
+  { -- | Whether to process the event actions as a batch. The default value is
+    -- @false@.
+    --
+    -- When @batchMode@ is @true@, you can\'t specify a @messageId@.
+    --
+    -- When @batchMode@ is @true@ and the rule SQL statement evaluates to an
+    -- Array, each Array element is treated as a separate message when it\'s
+    -- sent to IoT Events by calling
+    -- <https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchPutMessage.html BatchPutMessage>
+    -- . The resulting array can\'t have more than 10 messages.
+    batchMode :: Prelude.Maybe Prelude.Bool,
+    -- | The ID of the message. The default @messageId@ is a new UUID value.
+    --
+    -- When @batchMode@ is @true@, you can\'t specify a @messageId@--a new UUID
+    -- value will be assigned.
+    --
+    -- Assign a value to this property to ensure that only one input (message)
+    -- with a given @messageId@ will be processed by an IoT Events detector.
+    messageId :: Prelude.Maybe Prelude.Text,
+    -- | The name of the IoT Events input.
+    inputName :: Prelude.Text,
+    -- | The ARN of the role that grants IoT permission to send an input to an
+    -- IoT Events detector. (\"Action\":\"iotevents:BatchPutMessage\").
+    roleArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'IotEventsAction' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'batchMode', 'iotEventsAction_batchMode' - Whether to process the event actions as a batch. The default value is
+-- @false@.
+--
+-- When @batchMode@ is @true@, you can\'t specify a @messageId@.
+--
+-- When @batchMode@ is @true@ and the rule SQL statement evaluates to an
+-- Array, each Array element is treated as a separate message when it\'s
+-- sent to IoT Events by calling
+-- <https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchPutMessage.html BatchPutMessage>
+-- . The resulting array can\'t have more than 10 messages.
+--
+-- 'messageId', 'iotEventsAction_messageId' - The ID of the message. The default @messageId@ is a new UUID value.
+--
+-- When @batchMode@ is @true@, you can\'t specify a @messageId@--a new UUID
+-- value will be assigned.
+--
+-- Assign a value to this property to ensure that only one input (message)
+-- with a given @messageId@ will be processed by an IoT Events detector.
+--
+-- 'inputName', 'iotEventsAction_inputName' - The name of the IoT Events input.
+--
+-- 'roleArn', 'iotEventsAction_roleArn' - The ARN of the role that grants IoT permission to send an input to an
+-- IoT Events detector. (\"Action\":\"iotevents:BatchPutMessage\").
+newIotEventsAction ::
+  -- | 'inputName'
+  Prelude.Text ->
+  -- | 'roleArn'
+  Prelude.Text ->
+  IotEventsAction
+newIotEventsAction pInputName_ pRoleArn_ =
+  IotEventsAction'
+    { batchMode = Prelude.Nothing,
+      messageId = Prelude.Nothing,
+      inputName = pInputName_,
+      roleArn = pRoleArn_
+    }
+
+-- | Whether to process the event actions as a batch. The default value is
+-- @false@.
+--
+-- When @batchMode@ is @true@, you can\'t specify a @messageId@.
+--
+-- When @batchMode@ is @true@ and the rule SQL statement evaluates to an
+-- Array, each Array element is treated as a separate message when it\'s
+-- sent to IoT Events by calling
+-- <https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchPutMessage.html BatchPutMessage>
+-- . The resulting array can\'t have more than 10 messages.
+iotEventsAction_batchMode :: Lens.Lens' IotEventsAction (Prelude.Maybe Prelude.Bool)
+iotEventsAction_batchMode = Lens.lens (\IotEventsAction' {batchMode} -> batchMode) (\s@IotEventsAction' {} a -> s {batchMode = a} :: IotEventsAction)
+
+-- | The ID of the message. The default @messageId@ is a new UUID value.
+--
+-- When @batchMode@ is @true@, you can\'t specify a @messageId@--a new UUID
+-- value will be assigned.
+--
+-- Assign a value to this property to ensure that only one input (message)
+-- with a given @messageId@ will be processed by an IoT Events detector.
+iotEventsAction_messageId :: Lens.Lens' IotEventsAction (Prelude.Maybe Prelude.Text)
+iotEventsAction_messageId = Lens.lens (\IotEventsAction' {messageId} -> messageId) (\s@IotEventsAction' {} a -> s {messageId = a} :: IotEventsAction)
+
+-- | The name of the IoT Events input.
+iotEventsAction_inputName :: Lens.Lens' IotEventsAction Prelude.Text
+iotEventsAction_inputName = Lens.lens (\IotEventsAction' {inputName} -> inputName) (\s@IotEventsAction' {} a -> s {inputName = a} :: IotEventsAction)
+
+-- | The ARN of the role that grants IoT permission to send an input to an
+-- IoT Events detector. (\"Action\":\"iotevents:BatchPutMessage\").
+iotEventsAction_roleArn :: Lens.Lens' IotEventsAction Prelude.Text
+iotEventsAction_roleArn = Lens.lens (\IotEventsAction' {roleArn} -> roleArn) (\s@IotEventsAction' {} a -> s {roleArn = a} :: IotEventsAction)
+
+instance Data.FromJSON IotEventsAction where
+  parseJSON =
+    Data.withObject
+      "IotEventsAction"
+      ( \x ->
+          IotEventsAction'
+            Prelude.<$> (x Data..:? "batchMode")
+            Prelude.<*> (x Data..:? "messageId")
+            Prelude.<*> (x Data..: "inputName")
+            Prelude.<*> (x Data..: "roleArn")
+      )
+
+instance Prelude.Hashable IotEventsAction where
+  hashWithSalt _salt IotEventsAction' {..} =
+    _salt
+      `Prelude.hashWithSalt` batchMode
+      `Prelude.hashWithSalt` messageId
+      `Prelude.hashWithSalt` inputName
+      `Prelude.hashWithSalt` roleArn
+
+instance Prelude.NFData IotEventsAction where
+  rnf IotEventsAction' {..} =
+    Prelude.rnf batchMode
+      `Prelude.seq` Prelude.rnf messageId
+      `Prelude.seq` Prelude.rnf inputName
+      `Prelude.seq` Prelude.rnf roleArn
+
+instance Data.ToJSON IotEventsAction where
+  toJSON IotEventsAction' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("batchMode" Data..=) Prelude.<$> batchMode,
+            ("messageId" Data..=) Prelude.<$> messageId,
+            Prelude.Just ("inputName" Data..= inputName),
+            Prelude.Just ("roleArn" Data..= roleArn)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/IotSiteWiseAction.hs b/gen/Amazonka/IoT/Types/IotSiteWiseAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/IotSiteWiseAction.hs
@@ -0,0 +1,114 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.IotSiteWiseAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.IotSiteWiseAction where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.PutAssetPropertyValueEntry
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes an action to send data from an MQTT message that triggered the
+-- rule to IoT SiteWise asset properties.
+--
+-- /See:/ 'newIotSiteWiseAction' smart constructor.
+data IotSiteWiseAction = IotSiteWiseAction'
+  { -- | A list of asset property value entries.
+    putAssetPropertyValueEntries :: Prelude.NonEmpty PutAssetPropertyValueEntry,
+    -- | The ARN of the role that grants IoT permission to send an asset property
+    -- value to IoT SiteWise.
+    -- (@\"Action\": \"iotsitewise:BatchPutAssetPropertyValue\"@). The trust
+    -- policy can restrict access to specific asset hierarchy paths.
+    roleArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'IotSiteWiseAction' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'putAssetPropertyValueEntries', 'iotSiteWiseAction_putAssetPropertyValueEntries' - A list of asset property value entries.
+--
+-- 'roleArn', 'iotSiteWiseAction_roleArn' - The ARN of the role that grants IoT permission to send an asset property
+-- value to IoT SiteWise.
+-- (@\"Action\": \"iotsitewise:BatchPutAssetPropertyValue\"@). The trust
+-- policy can restrict access to specific asset hierarchy paths.
+newIotSiteWiseAction ::
+  -- | 'putAssetPropertyValueEntries'
+  Prelude.NonEmpty PutAssetPropertyValueEntry ->
+  -- | 'roleArn'
+  Prelude.Text ->
+  IotSiteWiseAction
+newIotSiteWiseAction
+  pPutAssetPropertyValueEntries_
+  pRoleArn_ =
+    IotSiteWiseAction'
+      { putAssetPropertyValueEntries =
+          Lens.coerced Lens.# pPutAssetPropertyValueEntries_,
+        roleArn = pRoleArn_
+      }
+
+-- | A list of asset property value entries.
+iotSiteWiseAction_putAssetPropertyValueEntries :: Lens.Lens' IotSiteWiseAction (Prelude.NonEmpty PutAssetPropertyValueEntry)
+iotSiteWiseAction_putAssetPropertyValueEntries = Lens.lens (\IotSiteWiseAction' {putAssetPropertyValueEntries} -> putAssetPropertyValueEntries) (\s@IotSiteWiseAction' {} a -> s {putAssetPropertyValueEntries = a} :: IotSiteWiseAction) Prelude.. Lens.coerced
+
+-- | The ARN of the role that grants IoT permission to send an asset property
+-- value to IoT SiteWise.
+-- (@\"Action\": \"iotsitewise:BatchPutAssetPropertyValue\"@). The trust
+-- policy can restrict access to specific asset hierarchy paths.
+iotSiteWiseAction_roleArn :: Lens.Lens' IotSiteWiseAction Prelude.Text
+iotSiteWiseAction_roleArn = Lens.lens (\IotSiteWiseAction' {roleArn} -> roleArn) (\s@IotSiteWiseAction' {} a -> s {roleArn = a} :: IotSiteWiseAction)
+
+instance Data.FromJSON IotSiteWiseAction where
+  parseJSON =
+    Data.withObject
+      "IotSiteWiseAction"
+      ( \x ->
+          IotSiteWiseAction'
+            Prelude.<$> (x Data..: "putAssetPropertyValueEntries")
+            Prelude.<*> (x Data..: "roleArn")
+      )
+
+instance Prelude.Hashable IotSiteWiseAction where
+  hashWithSalt _salt IotSiteWiseAction' {..} =
+    _salt
+      `Prelude.hashWithSalt` putAssetPropertyValueEntries
+      `Prelude.hashWithSalt` roleArn
+
+instance Prelude.NFData IotSiteWiseAction where
+  rnf IotSiteWiseAction' {..} =
+    Prelude.rnf putAssetPropertyValueEntries
+      `Prelude.seq` Prelude.rnf roleArn
+
+instance Data.ToJSON IotSiteWiseAction where
+  toJSON IotSiteWiseAction' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just
+              ( "putAssetPropertyValueEntries"
+                  Data..= putAssetPropertyValueEntries
+              ),
+            Prelude.Just ("roleArn" Data..= roleArn)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/IssuerCertificateIdentifier.hs b/gen/Amazonka/IoT/Types/IssuerCertificateIdentifier.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/IssuerCertificateIdentifier.hs
@@ -0,0 +1,109 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.IssuerCertificateIdentifier
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.IssuerCertificateIdentifier where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The certificate issuer indentifier.
+--
+-- /See:/ 'newIssuerCertificateIdentifier' smart constructor.
+data IssuerCertificateIdentifier = IssuerCertificateIdentifier'
+  { -- | The issuer certificate serial number.
+    issuerCertificateSerialNumber :: Prelude.Maybe Prelude.Text,
+    -- | The subject of the issuer certificate.
+    issuerCertificateSubject :: Prelude.Maybe Prelude.Text,
+    -- | The issuer ID.
+    issuerId :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'IssuerCertificateIdentifier' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'issuerCertificateSerialNumber', 'issuerCertificateIdentifier_issuerCertificateSerialNumber' - The issuer certificate serial number.
+--
+-- 'issuerCertificateSubject', 'issuerCertificateIdentifier_issuerCertificateSubject' - The subject of the issuer certificate.
+--
+-- 'issuerId', 'issuerCertificateIdentifier_issuerId' - The issuer ID.
+newIssuerCertificateIdentifier ::
+  IssuerCertificateIdentifier
+newIssuerCertificateIdentifier =
+  IssuerCertificateIdentifier'
+    { issuerCertificateSerialNumber =
+        Prelude.Nothing,
+      issuerCertificateSubject = Prelude.Nothing,
+      issuerId = Prelude.Nothing
+    }
+
+-- | The issuer certificate serial number.
+issuerCertificateIdentifier_issuerCertificateSerialNumber :: Lens.Lens' IssuerCertificateIdentifier (Prelude.Maybe Prelude.Text)
+issuerCertificateIdentifier_issuerCertificateSerialNumber = Lens.lens (\IssuerCertificateIdentifier' {issuerCertificateSerialNumber} -> issuerCertificateSerialNumber) (\s@IssuerCertificateIdentifier' {} a -> s {issuerCertificateSerialNumber = a} :: IssuerCertificateIdentifier)
+
+-- | The subject of the issuer certificate.
+issuerCertificateIdentifier_issuerCertificateSubject :: Lens.Lens' IssuerCertificateIdentifier (Prelude.Maybe Prelude.Text)
+issuerCertificateIdentifier_issuerCertificateSubject = Lens.lens (\IssuerCertificateIdentifier' {issuerCertificateSubject} -> issuerCertificateSubject) (\s@IssuerCertificateIdentifier' {} a -> s {issuerCertificateSubject = a} :: IssuerCertificateIdentifier)
+
+-- | The issuer ID.
+issuerCertificateIdentifier_issuerId :: Lens.Lens' IssuerCertificateIdentifier (Prelude.Maybe Prelude.Text)
+issuerCertificateIdentifier_issuerId = Lens.lens (\IssuerCertificateIdentifier' {issuerId} -> issuerId) (\s@IssuerCertificateIdentifier' {} a -> s {issuerId = a} :: IssuerCertificateIdentifier)
+
+instance Data.FromJSON IssuerCertificateIdentifier where
+  parseJSON =
+    Data.withObject
+      "IssuerCertificateIdentifier"
+      ( \x ->
+          IssuerCertificateIdentifier'
+            Prelude.<$> (x Data..:? "issuerCertificateSerialNumber")
+            Prelude.<*> (x Data..:? "issuerCertificateSubject")
+            Prelude.<*> (x Data..:? "issuerId")
+      )
+
+instance Prelude.Hashable IssuerCertificateIdentifier where
+  hashWithSalt _salt IssuerCertificateIdentifier' {..} =
+    _salt
+      `Prelude.hashWithSalt` issuerCertificateSerialNumber
+      `Prelude.hashWithSalt` issuerCertificateSubject
+      `Prelude.hashWithSalt` issuerId
+
+instance Prelude.NFData IssuerCertificateIdentifier where
+  rnf IssuerCertificateIdentifier' {..} =
+    Prelude.rnf issuerCertificateSerialNumber
+      `Prelude.seq` Prelude.rnf issuerCertificateSubject
+      `Prelude.seq` Prelude.rnf issuerId
+
+instance Data.ToJSON IssuerCertificateIdentifier where
+  toJSON IssuerCertificateIdentifier' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("issuerCertificateSerialNumber" Data..=)
+              Prelude.<$> issuerCertificateSerialNumber,
+            ("issuerCertificateSubject" Data..=)
+              Prelude.<$> issuerCertificateSubject,
+            ("issuerId" Data..=) Prelude.<$> issuerId
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/Job.hs b/gen/Amazonka/IoT/Types/Job.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/Job.hs
@@ -0,0 +1,454 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.Job
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.Job where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.AbortConfig
+import Amazonka.IoT.Types.JobExecutionsRetryConfig
+import Amazonka.IoT.Types.JobExecutionsRolloutConfig
+import Amazonka.IoT.Types.JobProcessDetails
+import Amazonka.IoT.Types.JobStatus
+import Amazonka.IoT.Types.PresignedUrlConfig
+import Amazonka.IoT.Types.SchedulingConfig
+import Amazonka.IoT.Types.TargetSelection
+import Amazonka.IoT.Types.TimeoutConfig
+import qualified Amazonka.Prelude as Prelude
+
+-- | The @Job@ object contains details about a job.
+--
+-- /See:/ 'newJob' smart constructor.
+data Job = Job'
+  { -- | Configuration for criteria to abort the job.
+    abortConfig :: Prelude.Maybe AbortConfig,
+    -- | If the job was updated, describes the reason for the update.
+    comment :: Prelude.Maybe Prelude.Text,
+    -- | The time, in seconds since the epoch, when the job was completed.
+    completedAt :: Prelude.Maybe Data.POSIX,
+    -- | The time, in seconds since the epoch, when the job was created.
+    createdAt :: Prelude.Maybe Data.POSIX,
+    -- | A short text description of the job.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | A key-value map that pairs the patterns that need to be replaced in a
+    -- managed template job document schema. You can use the description of
+    -- each key as a guidance to specify the inputs during runtime when
+    -- creating a job.
+    --
+    -- @documentParameters@ can only be used when creating jobs from Amazon Web
+    -- Services managed templates. This parameter can\'t be used with custom
+    -- job templates or to create jobs from them.
+    documentParameters :: Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text),
+    -- | Will be @true@ if the job was canceled with the optional @force@
+    -- parameter set to @true@.
+    forceCanceled :: Prelude.Maybe Prelude.Bool,
+    -- | Indicates whether a job is concurrent. Will be true when a job is
+    -- rolling out new job executions or canceling previously created
+    -- executions, otherwise false.
+    isConcurrent :: Prelude.Maybe Prelude.Bool,
+    -- | An ARN identifying the job with format
+    -- \"arn:aws:iot:region:account:job\/jobId\".
+    jobArn :: Prelude.Maybe Prelude.Text,
+    -- | The configuration for the criteria to retry the job.
+    jobExecutionsRetryConfig :: Prelude.Maybe JobExecutionsRetryConfig,
+    -- | Allows you to create a staged rollout of a job.
+    jobExecutionsRolloutConfig :: Prelude.Maybe JobExecutionsRolloutConfig,
+    -- | The unique identifier you assigned to this job when it was created.
+    jobId :: Prelude.Maybe Prelude.Text,
+    -- | Details about the job process.
+    jobProcessDetails :: Prelude.Maybe JobProcessDetails,
+    -- | The ARN of the job template used to create the job.
+    jobTemplateArn :: Prelude.Maybe Prelude.Text,
+    -- | The time, in seconds since the epoch, when the job was last updated.
+    lastUpdatedAt :: Prelude.Maybe Data.POSIX,
+    -- | The namespace used to indicate that a job is a customer-managed job.
+    --
+    -- When you specify a value for this parameter, Amazon Web Services IoT
+    -- Core sends jobs notifications to MQTT topics that contain the value in
+    -- the following format.
+    --
+    -- @$aws\/things\/@/@THING_NAME@/@\/jobs\/@/@JOB_ID@/@\/notify-namespace-@/@NAMESPACE_ID@/@\/@
+    --
+    -- The @namespaceId@ feature is in public preview.
+    namespaceId :: Prelude.Maybe Prelude.Text,
+    -- | Configuration for pre-signed S3 URLs.
+    presignedUrlConfig :: Prelude.Maybe PresignedUrlConfig,
+    -- | If the job was updated, provides the reason code for the update.
+    reasonCode :: Prelude.Maybe Prelude.Text,
+    -- | The configuration that allows you to schedule a job for a future date
+    -- and time in addition to specifying the end behavior for each job
+    -- execution.
+    schedulingConfig :: Prelude.Maybe SchedulingConfig,
+    -- | The status of the job, one of @IN_PROGRESS@, @CANCELED@,
+    -- @DELETION_IN_PROGRESS@ or @COMPLETED@.
+    status :: Prelude.Maybe JobStatus,
+    -- | Specifies whether the job will continue to run (CONTINUOUS), or will be
+    -- complete after all those things specified as targets have completed the
+    -- job (SNAPSHOT). If continuous, the job may also be run on a thing when a
+    -- change is detected in a target. For example, a job will run on a device
+    -- when the thing representing the device is added to a target group, even
+    -- after the job was completed by all things originally in the group.
+    --
+    -- We recommend that you use continuous jobs instead of snapshot jobs for
+    -- dynamic thing group targets. By using continuous jobs, devices that join
+    -- the group receive the job execution even after the job has been created.
+    targetSelection :: Prelude.Maybe TargetSelection,
+    -- | A list of IoT things and thing groups to which the job should be sent.
+    targets :: Prelude.Maybe (Prelude.NonEmpty Prelude.Text),
+    -- | Specifies the amount of time each device has to finish its execution of
+    -- the job. A timer is started when the job execution status is set to
+    -- @IN_PROGRESS@. If the job execution status is not set to another
+    -- terminal state before the timer expires, it will be automatically set to
+    -- @TIMED_OUT@.
+    timeoutConfig :: Prelude.Maybe TimeoutConfig
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'Job' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'abortConfig', 'job_abortConfig' - Configuration for criteria to abort the job.
+--
+-- 'comment', 'job_comment' - If the job was updated, describes the reason for the update.
+--
+-- 'completedAt', 'job_completedAt' - The time, in seconds since the epoch, when the job was completed.
+--
+-- 'createdAt', 'job_createdAt' - The time, in seconds since the epoch, when the job was created.
+--
+-- 'description', 'job_description' - A short text description of the job.
+--
+-- 'documentParameters', 'job_documentParameters' - A key-value map that pairs the patterns that need to be replaced in a
+-- managed template job document schema. You can use the description of
+-- each key as a guidance to specify the inputs during runtime when
+-- creating a job.
+--
+-- @documentParameters@ can only be used when creating jobs from Amazon Web
+-- Services managed templates. This parameter can\'t be used with custom
+-- job templates or to create jobs from them.
+--
+-- 'forceCanceled', 'job_forceCanceled' - Will be @true@ if the job was canceled with the optional @force@
+-- parameter set to @true@.
+--
+-- 'isConcurrent', 'job_isConcurrent' - Indicates whether a job is concurrent. Will be true when a job is
+-- rolling out new job executions or canceling previously created
+-- executions, otherwise false.
+--
+-- 'jobArn', 'job_jobArn' - An ARN identifying the job with format
+-- \"arn:aws:iot:region:account:job\/jobId\".
+--
+-- 'jobExecutionsRetryConfig', 'job_jobExecutionsRetryConfig' - The configuration for the criteria to retry the job.
+--
+-- 'jobExecutionsRolloutConfig', 'job_jobExecutionsRolloutConfig' - Allows you to create a staged rollout of a job.
+--
+-- 'jobId', 'job_jobId' - The unique identifier you assigned to this job when it was created.
+--
+-- 'jobProcessDetails', 'job_jobProcessDetails' - Details about the job process.
+--
+-- 'jobTemplateArn', 'job_jobTemplateArn' - The ARN of the job template used to create the job.
+--
+-- 'lastUpdatedAt', 'job_lastUpdatedAt' - The time, in seconds since the epoch, when the job was last updated.
+--
+-- 'namespaceId', 'job_namespaceId' - The namespace used to indicate that a job is a customer-managed job.
+--
+-- When you specify a value for this parameter, Amazon Web Services IoT
+-- Core sends jobs notifications to MQTT topics that contain the value in
+-- the following format.
+--
+-- @$aws\/things\/@/@THING_NAME@/@\/jobs\/@/@JOB_ID@/@\/notify-namespace-@/@NAMESPACE_ID@/@\/@
+--
+-- The @namespaceId@ feature is in public preview.
+--
+-- 'presignedUrlConfig', 'job_presignedUrlConfig' - Configuration for pre-signed S3 URLs.
+--
+-- 'reasonCode', 'job_reasonCode' - If the job was updated, provides the reason code for the update.
+--
+-- 'schedulingConfig', 'job_schedulingConfig' - The configuration that allows you to schedule a job for a future date
+-- and time in addition to specifying the end behavior for each job
+-- execution.
+--
+-- 'status', 'job_status' - The status of the job, one of @IN_PROGRESS@, @CANCELED@,
+-- @DELETION_IN_PROGRESS@ or @COMPLETED@.
+--
+-- 'targetSelection', 'job_targetSelection' - Specifies whether the job will continue to run (CONTINUOUS), or will be
+-- complete after all those things specified as targets have completed the
+-- job (SNAPSHOT). If continuous, the job may also be run on a thing when a
+-- change is detected in a target. For example, a job will run on a device
+-- when the thing representing the device is added to a target group, even
+-- after the job was completed by all things originally in the group.
+--
+-- We recommend that you use continuous jobs instead of snapshot jobs for
+-- dynamic thing group targets. By using continuous jobs, devices that join
+-- the group receive the job execution even after the job has been created.
+--
+-- 'targets', 'job_targets' - A list of IoT things and thing groups to which the job should be sent.
+--
+-- 'timeoutConfig', 'job_timeoutConfig' - Specifies the amount of time each device has to finish its execution of
+-- the job. A timer is started when the job execution status is set to
+-- @IN_PROGRESS@. If the job execution status is not set to another
+-- terminal state before the timer expires, it will be automatically set to
+-- @TIMED_OUT@.
+newJob ::
+  Job
+newJob =
+  Job'
+    { abortConfig = Prelude.Nothing,
+      comment = Prelude.Nothing,
+      completedAt = Prelude.Nothing,
+      createdAt = Prelude.Nothing,
+      description = Prelude.Nothing,
+      documentParameters = Prelude.Nothing,
+      forceCanceled = Prelude.Nothing,
+      isConcurrent = Prelude.Nothing,
+      jobArn = Prelude.Nothing,
+      jobExecutionsRetryConfig = Prelude.Nothing,
+      jobExecutionsRolloutConfig = Prelude.Nothing,
+      jobId = Prelude.Nothing,
+      jobProcessDetails = Prelude.Nothing,
+      jobTemplateArn = Prelude.Nothing,
+      lastUpdatedAt = Prelude.Nothing,
+      namespaceId = Prelude.Nothing,
+      presignedUrlConfig = Prelude.Nothing,
+      reasonCode = Prelude.Nothing,
+      schedulingConfig = Prelude.Nothing,
+      status = Prelude.Nothing,
+      targetSelection = Prelude.Nothing,
+      targets = Prelude.Nothing,
+      timeoutConfig = Prelude.Nothing
+    }
+
+-- | Configuration for criteria to abort the job.
+job_abortConfig :: Lens.Lens' Job (Prelude.Maybe AbortConfig)
+job_abortConfig = Lens.lens (\Job' {abortConfig} -> abortConfig) (\s@Job' {} a -> s {abortConfig = a} :: Job)
+
+-- | If the job was updated, describes the reason for the update.
+job_comment :: Lens.Lens' Job (Prelude.Maybe Prelude.Text)
+job_comment = Lens.lens (\Job' {comment} -> comment) (\s@Job' {} a -> s {comment = a} :: Job)
+
+-- | The time, in seconds since the epoch, when the job was completed.
+job_completedAt :: Lens.Lens' Job (Prelude.Maybe Prelude.UTCTime)
+job_completedAt = Lens.lens (\Job' {completedAt} -> completedAt) (\s@Job' {} a -> s {completedAt = a} :: Job) Prelude.. Lens.mapping Data._Time
+
+-- | The time, in seconds since the epoch, when the job was created.
+job_createdAt :: Lens.Lens' Job (Prelude.Maybe Prelude.UTCTime)
+job_createdAt = Lens.lens (\Job' {createdAt} -> createdAt) (\s@Job' {} a -> s {createdAt = a} :: Job) Prelude.. Lens.mapping Data._Time
+
+-- | A short text description of the job.
+job_description :: Lens.Lens' Job (Prelude.Maybe Prelude.Text)
+job_description = Lens.lens (\Job' {description} -> description) (\s@Job' {} a -> s {description = a} :: Job)
+
+-- | A key-value map that pairs the patterns that need to be replaced in a
+-- managed template job document schema. You can use the description of
+-- each key as a guidance to specify the inputs during runtime when
+-- creating a job.
+--
+-- @documentParameters@ can only be used when creating jobs from Amazon Web
+-- Services managed templates. This parameter can\'t be used with custom
+-- job templates or to create jobs from them.
+job_documentParameters :: Lens.Lens' Job (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
+job_documentParameters = Lens.lens (\Job' {documentParameters} -> documentParameters) (\s@Job' {} a -> s {documentParameters = a} :: Job) Prelude.. Lens.mapping Lens.coerced
+
+-- | Will be @true@ if the job was canceled with the optional @force@
+-- parameter set to @true@.
+job_forceCanceled :: Lens.Lens' Job (Prelude.Maybe Prelude.Bool)
+job_forceCanceled = Lens.lens (\Job' {forceCanceled} -> forceCanceled) (\s@Job' {} a -> s {forceCanceled = a} :: Job)
+
+-- | Indicates whether a job is concurrent. Will be true when a job is
+-- rolling out new job executions or canceling previously created
+-- executions, otherwise false.
+job_isConcurrent :: Lens.Lens' Job (Prelude.Maybe Prelude.Bool)
+job_isConcurrent = Lens.lens (\Job' {isConcurrent} -> isConcurrent) (\s@Job' {} a -> s {isConcurrent = a} :: Job)
+
+-- | An ARN identifying the job with format
+-- \"arn:aws:iot:region:account:job\/jobId\".
+job_jobArn :: Lens.Lens' Job (Prelude.Maybe Prelude.Text)
+job_jobArn = Lens.lens (\Job' {jobArn} -> jobArn) (\s@Job' {} a -> s {jobArn = a} :: Job)
+
+-- | The configuration for the criteria to retry the job.
+job_jobExecutionsRetryConfig :: Lens.Lens' Job (Prelude.Maybe JobExecutionsRetryConfig)
+job_jobExecutionsRetryConfig = Lens.lens (\Job' {jobExecutionsRetryConfig} -> jobExecutionsRetryConfig) (\s@Job' {} a -> s {jobExecutionsRetryConfig = a} :: Job)
+
+-- | Allows you to create a staged rollout of a job.
+job_jobExecutionsRolloutConfig :: Lens.Lens' Job (Prelude.Maybe JobExecutionsRolloutConfig)
+job_jobExecutionsRolloutConfig = Lens.lens (\Job' {jobExecutionsRolloutConfig} -> jobExecutionsRolloutConfig) (\s@Job' {} a -> s {jobExecutionsRolloutConfig = a} :: Job)
+
+-- | The unique identifier you assigned to this job when it was created.
+job_jobId :: Lens.Lens' Job (Prelude.Maybe Prelude.Text)
+job_jobId = Lens.lens (\Job' {jobId} -> jobId) (\s@Job' {} a -> s {jobId = a} :: Job)
+
+-- | Details about the job process.
+job_jobProcessDetails :: Lens.Lens' Job (Prelude.Maybe JobProcessDetails)
+job_jobProcessDetails = Lens.lens (\Job' {jobProcessDetails} -> jobProcessDetails) (\s@Job' {} a -> s {jobProcessDetails = a} :: Job)
+
+-- | The ARN of the job template used to create the job.
+job_jobTemplateArn :: Lens.Lens' Job (Prelude.Maybe Prelude.Text)
+job_jobTemplateArn = Lens.lens (\Job' {jobTemplateArn} -> jobTemplateArn) (\s@Job' {} a -> s {jobTemplateArn = a} :: Job)
+
+-- | The time, in seconds since the epoch, when the job was last updated.
+job_lastUpdatedAt :: Lens.Lens' Job (Prelude.Maybe Prelude.UTCTime)
+job_lastUpdatedAt = Lens.lens (\Job' {lastUpdatedAt} -> lastUpdatedAt) (\s@Job' {} a -> s {lastUpdatedAt = a} :: Job) Prelude.. Lens.mapping Data._Time
+
+-- | The namespace used to indicate that a job is a customer-managed job.
+--
+-- When you specify a value for this parameter, Amazon Web Services IoT
+-- Core sends jobs notifications to MQTT topics that contain the value in
+-- the following format.
+--
+-- @$aws\/things\/@/@THING_NAME@/@\/jobs\/@/@JOB_ID@/@\/notify-namespace-@/@NAMESPACE_ID@/@\/@
+--
+-- The @namespaceId@ feature is in public preview.
+job_namespaceId :: Lens.Lens' Job (Prelude.Maybe Prelude.Text)
+job_namespaceId = Lens.lens (\Job' {namespaceId} -> namespaceId) (\s@Job' {} a -> s {namespaceId = a} :: Job)
+
+-- | Configuration for pre-signed S3 URLs.
+job_presignedUrlConfig :: Lens.Lens' Job (Prelude.Maybe PresignedUrlConfig)
+job_presignedUrlConfig = Lens.lens (\Job' {presignedUrlConfig} -> presignedUrlConfig) (\s@Job' {} a -> s {presignedUrlConfig = a} :: Job)
+
+-- | If the job was updated, provides the reason code for the update.
+job_reasonCode :: Lens.Lens' Job (Prelude.Maybe Prelude.Text)
+job_reasonCode = Lens.lens (\Job' {reasonCode} -> reasonCode) (\s@Job' {} a -> s {reasonCode = a} :: Job)
+
+-- | The configuration that allows you to schedule a job for a future date
+-- and time in addition to specifying the end behavior for each job
+-- execution.
+job_schedulingConfig :: Lens.Lens' Job (Prelude.Maybe SchedulingConfig)
+job_schedulingConfig = Lens.lens (\Job' {schedulingConfig} -> schedulingConfig) (\s@Job' {} a -> s {schedulingConfig = a} :: Job)
+
+-- | The status of the job, one of @IN_PROGRESS@, @CANCELED@,
+-- @DELETION_IN_PROGRESS@ or @COMPLETED@.
+job_status :: Lens.Lens' Job (Prelude.Maybe JobStatus)
+job_status = Lens.lens (\Job' {status} -> status) (\s@Job' {} a -> s {status = a} :: Job)
+
+-- | Specifies whether the job will continue to run (CONTINUOUS), or will be
+-- complete after all those things specified as targets have completed the
+-- job (SNAPSHOT). If continuous, the job may also be run on a thing when a
+-- change is detected in a target. For example, a job will run on a device
+-- when the thing representing the device is added to a target group, even
+-- after the job was completed by all things originally in the group.
+--
+-- We recommend that you use continuous jobs instead of snapshot jobs for
+-- dynamic thing group targets. By using continuous jobs, devices that join
+-- the group receive the job execution even after the job has been created.
+job_targetSelection :: Lens.Lens' Job (Prelude.Maybe TargetSelection)
+job_targetSelection = Lens.lens (\Job' {targetSelection} -> targetSelection) (\s@Job' {} a -> s {targetSelection = a} :: Job)
+
+-- | A list of IoT things and thing groups to which the job should be sent.
+job_targets :: Lens.Lens' Job (Prelude.Maybe (Prelude.NonEmpty Prelude.Text))
+job_targets = Lens.lens (\Job' {targets} -> targets) (\s@Job' {} a -> s {targets = a} :: Job) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies the amount of time each device has to finish its execution of
+-- the job. A timer is started when the job execution status is set to
+-- @IN_PROGRESS@. If the job execution status is not set to another
+-- terminal state before the timer expires, it will be automatically set to
+-- @TIMED_OUT@.
+job_timeoutConfig :: Lens.Lens' Job (Prelude.Maybe TimeoutConfig)
+job_timeoutConfig = Lens.lens (\Job' {timeoutConfig} -> timeoutConfig) (\s@Job' {} a -> s {timeoutConfig = a} :: Job)
+
+instance Data.FromJSON Job where
+  parseJSON =
+    Data.withObject
+      "Job"
+      ( \x ->
+          Job'
+            Prelude.<$> (x Data..:? "abortConfig")
+            Prelude.<*> (x Data..:? "comment")
+            Prelude.<*> (x Data..:? "completedAt")
+            Prelude.<*> (x Data..:? "createdAt")
+            Prelude.<*> (x Data..:? "description")
+            Prelude.<*> ( x
+                            Data..:? "documentParameters"
+                            Data..!= Prelude.mempty
+                        )
+            Prelude.<*> (x Data..:? "forceCanceled")
+            Prelude.<*> (x Data..:? "isConcurrent")
+            Prelude.<*> (x Data..:? "jobArn")
+            Prelude.<*> (x Data..:? "jobExecutionsRetryConfig")
+            Prelude.<*> (x Data..:? "jobExecutionsRolloutConfig")
+            Prelude.<*> (x Data..:? "jobId")
+            Prelude.<*> (x Data..:? "jobProcessDetails")
+            Prelude.<*> (x Data..:? "jobTemplateArn")
+            Prelude.<*> (x Data..:? "lastUpdatedAt")
+            Prelude.<*> (x Data..:? "namespaceId")
+            Prelude.<*> (x Data..:? "presignedUrlConfig")
+            Prelude.<*> (x Data..:? "reasonCode")
+            Prelude.<*> (x Data..:? "schedulingConfig")
+            Prelude.<*> (x Data..:? "status")
+            Prelude.<*> (x Data..:? "targetSelection")
+            Prelude.<*> (x Data..:? "targets")
+            Prelude.<*> (x Data..:? "timeoutConfig")
+      )
+
+instance Prelude.Hashable Job where
+  hashWithSalt _salt Job' {..} =
+    _salt
+      `Prelude.hashWithSalt` abortConfig
+      `Prelude.hashWithSalt` comment
+      `Prelude.hashWithSalt` completedAt
+      `Prelude.hashWithSalt` createdAt
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` documentParameters
+      `Prelude.hashWithSalt` forceCanceled
+      `Prelude.hashWithSalt` isConcurrent
+      `Prelude.hashWithSalt` jobArn
+      `Prelude.hashWithSalt` jobExecutionsRetryConfig
+      `Prelude.hashWithSalt` jobExecutionsRolloutConfig
+      `Prelude.hashWithSalt` jobId
+      `Prelude.hashWithSalt` jobProcessDetails
+      `Prelude.hashWithSalt` jobTemplateArn
+      `Prelude.hashWithSalt` lastUpdatedAt
+      `Prelude.hashWithSalt` namespaceId
+      `Prelude.hashWithSalt` presignedUrlConfig
+      `Prelude.hashWithSalt` reasonCode
+      `Prelude.hashWithSalt` schedulingConfig
+      `Prelude.hashWithSalt` status
+      `Prelude.hashWithSalt` targetSelection
+      `Prelude.hashWithSalt` targets
+      `Prelude.hashWithSalt` timeoutConfig
+
+instance Prelude.NFData Job where
+  rnf Job' {..} =
+    Prelude.rnf abortConfig
+      `Prelude.seq` Prelude.rnf comment
+      `Prelude.seq` Prelude.rnf completedAt
+      `Prelude.seq` Prelude.rnf createdAt
+      `Prelude.seq` Prelude.rnf description
+      `Prelude.seq` Prelude.rnf documentParameters
+      `Prelude.seq` Prelude.rnf forceCanceled
+      `Prelude.seq` Prelude.rnf isConcurrent
+      `Prelude.seq` Prelude.rnf jobArn
+      `Prelude.seq` Prelude.rnf jobExecutionsRetryConfig
+      `Prelude.seq` Prelude.rnf jobExecutionsRolloutConfig
+      `Prelude.seq` Prelude.rnf jobId
+      `Prelude.seq` Prelude.rnf jobProcessDetails
+      `Prelude.seq` Prelude.rnf jobTemplateArn
+      `Prelude.seq` Prelude.rnf lastUpdatedAt
+      `Prelude.seq` Prelude.rnf namespaceId
+      `Prelude.seq` Prelude.rnf presignedUrlConfig
+      `Prelude.seq` Prelude.rnf reasonCode
+      `Prelude.seq` Prelude.rnf schedulingConfig
+      `Prelude.seq` Prelude.rnf status
+      `Prelude.seq` Prelude.rnf targetSelection
+      `Prelude.seq` Prelude.rnf targets
+      `Prelude.seq` Prelude.rnf
+        timeoutConfig
diff --git a/gen/Amazonka/IoT/Types/JobEndBehavior.hs b/gen/Amazonka/IoT/Types/JobEndBehavior.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/JobEndBehavior.hs
@@ -0,0 +1,76 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.JobEndBehavior
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.JobEndBehavior
+  ( JobEndBehavior
+      ( ..,
+        JobEndBehavior_CANCEL,
+        JobEndBehavior_FORCE_CANCEL,
+        JobEndBehavior_STOP_ROLLOUT
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype JobEndBehavior = JobEndBehavior'
+  { fromJobEndBehavior ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern JobEndBehavior_CANCEL :: JobEndBehavior
+pattern JobEndBehavior_CANCEL = JobEndBehavior' "CANCEL"
+
+pattern JobEndBehavior_FORCE_CANCEL :: JobEndBehavior
+pattern JobEndBehavior_FORCE_CANCEL = JobEndBehavior' "FORCE_CANCEL"
+
+pattern JobEndBehavior_STOP_ROLLOUT :: JobEndBehavior
+pattern JobEndBehavior_STOP_ROLLOUT = JobEndBehavior' "STOP_ROLLOUT"
+
+{-# COMPLETE
+  JobEndBehavior_CANCEL,
+  JobEndBehavior_FORCE_CANCEL,
+  JobEndBehavior_STOP_ROLLOUT,
+  JobEndBehavior'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/JobExecution.hs b/gen/Amazonka/IoT/Types/JobExecution.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/JobExecution.hs
@@ -0,0 +1,232 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.JobExecution
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.JobExecution where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.JobExecutionStatus
+import Amazonka.IoT.Types.JobExecutionStatusDetails
+import qualified Amazonka.Prelude as Prelude
+
+-- | The job execution object represents the execution of a job on a
+-- particular device.
+--
+-- /See:/ 'newJobExecution' smart constructor.
+data JobExecution = JobExecution'
+  { -- | The estimated number of seconds that remain before the job execution
+    -- status will be changed to @TIMED_OUT@. The timeout interval can be
+    -- anywhere between 1 minute and 7 days (1 to 10080 minutes). The actual
+    -- job execution timeout can occur up to 60 seconds later than the
+    -- estimated duration. This value will not be included if the job execution
+    -- has reached a terminal status.
+    approximateSecondsBeforeTimedOut :: Prelude.Maybe Prelude.Integer,
+    -- | A string (consisting of the digits \"0\" through \"9\") which identifies
+    -- this particular job execution on this particular device. It can be used
+    -- in commands which return or update job execution information.
+    executionNumber :: Prelude.Maybe Prelude.Integer,
+    -- | Will be @true@ if the job execution was canceled with the optional
+    -- @force@ parameter set to @true@.
+    forceCanceled :: Prelude.Maybe Prelude.Bool,
+    -- | The unique identifier you assigned to the job when it was created.
+    jobId :: Prelude.Maybe Prelude.Text,
+    -- | The time, in seconds since the epoch, when the job execution was last
+    -- updated.
+    lastUpdatedAt :: Prelude.Maybe Data.POSIX,
+    -- | The time, in seconds since the epoch, when the job execution was queued.
+    queuedAt :: Prelude.Maybe Data.POSIX,
+    -- | The time, in seconds since the epoch, when the job execution started.
+    startedAt :: Prelude.Maybe Data.POSIX,
+    -- | The status of the job execution (IN_PROGRESS, QUEUED, FAILED, SUCCEEDED,
+    -- TIMED_OUT, CANCELED, or REJECTED).
+    status :: Prelude.Maybe JobExecutionStatus,
+    -- | A collection of name\/value pairs that describe the status of the job
+    -- execution.
+    statusDetails :: Prelude.Maybe JobExecutionStatusDetails,
+    -- | The ARN of the thing on which the job execution is running.
+    thingArn :: Prelude.Maybe Prelude.Text,
+    -- | The version of the job execution. Job execution versions are incremented
+    -- each time they are updated by a device.
+    versionNumber :: Prelude.Maybe Prelude.Integer
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'JobExecution' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'approximateSecondsBeforeTimedOut', 'jobExecution_approximateSecondsBeforeTimedOut' - The estimated number of seconds that remain before the job execution
+-- status will be changed to @TIMED_OUT@. The timeout interval can be
+-- anywhere between 1 minute and 7 days (1 to 10080 minutes). The actual
+-- job execution timeout can occur up to 60 seconds later than the
+-- estimated duration. This value will not be included if the job execution
+-- has reached a terminal status.
+--
+-- 'executionNumber', 'jobExecution_executionNumber' - A string (consisting of the digits \"0\" through \"9\") which identifies
+-- this particular job execution on this particular device. It can be used
+-- in commands which return or update job execution information.
+--
+-- 'forceCanceled', 'jobExecution_forceCanceled' - Will be @true@ if the job execution was canceled with the optional
+-- @force@ parameter set to @true@.
+--
+-- 'jobId', 'jobExecution_jobId' - The unique identifier you assigned to the job when it was created.
+--
+-- 'lastUpdatedAt', 'jobExecution_lastUpdatedAt' - The time, in seconds since the epoch, when the job execution was last
+-- updated.
+--
+-- 'queuedAt', 'jobExecution_queuedAt' - The time, in seconds since the epoch, when the job execution was queued.
+--
+-- 'startedAt', 'jobExecution_startedAt' - The time, in seconds since the epoch, when the job execution started.
+--
+-- 'status', 'jobExecution_status' - The status of the job execution (IN_PROGRESS, QUEUED, FAILED, SUCCEEDED,
+-- TIMED_OUT, CANCELED, or REJECTED).
+--
+-- 'statusDetails', 'jobExecution_statusDetails' - A collection of name\/value pairs that describe the status of the job
+-- execution.
+--
+-- 'thingArn', 'jobExecution_thingArn' - The ARN of the thing on which the job execution is running.
+--
+-- 'versionNumber', 'jobExecution_versionNumber' - The version of the job execution. Job execution versions are incremented
+-- each time they are updated by a device.
+newJobExecution ::
+  JobExecution
+newJobExecution =
+  JobExecution'
+    { approximateSecondsBeforeTimedOut =
+        Prelude.Nothing,
+      executionNumber = Prelude.Nothing,
+      forceCanceled = Prelude.Nothing,
+      jobId = Prelude.Nothing,
+      lastUpdatedAt = Prelude.Nothing,
+      queuedAt = Prelude.Nothing,
+      startedAt = Prelude.Nothing,
+      status = Prelude.Nothing,
+      statusDetails = Prelude.Nothing,
+      thingArn = Prelude.Nothing,
+      versionNumber = Prelude.Nothing
+    }
+
+-- | The estimated number of seconds that remain before the job execution
+-- status will be changed to @TIMED_OUT@. The timeout interval can be
+-- anywhere between 1 minute and 7 days (1 to 10080 minutes). The actual
+-- job execution timeout can occur up to 60 seconds later than the
+-- estimated duration. This value will not be included if the job execution
+-- has reached a terminal status.
+jobExecution_approximateSecondsBeforeTimedOut :: Lens.Lens' JobExecution (Prelude.Maybe Prelude.Integer)
+jobExecution_approximateSecondsBeforeTimedOut = Lens.lens (\JobExecution' {approximateSecondsBeforeTimedOut} -> approximateSecondsBeforeTimedOut) (\s@JobExecution' {} a -> s {approximateSecondsBeforeTimedOut = a} :: JobExecution)
+
+-- | A string (consisting of the digits \"0\" through \"9\") which identifies
+-- this particular job execution on this particular device. It can be used
+-- in commands which return or update job execution information.
+jobExecution_executionNumber :: Lens.Lens' JobExecution (Prelude.Maybe Prelude.Integer)
+jobExecution_executionNumber = Lens.lens (\JobExecution' {executionNumber} -> executionNumber) (\s@JobExecution' {} a -> s {executionNumber = a} :: JobExecution)
+
+-- | Will be @true@ if the job execution was canceled with the optional
+-- @force@ parameter set to @true@.
+jobExecution_forceCanceled :: Lens.Lens' JobExecution (Prelude.Maybe Prelude.Bool)
+jobExecution_forceCanceled = Lens.lens (\JobExecution' {forceCanceled} -> forceCanceled) (\s@JobExecution' {} a -> s {forceCanceled = a} :: JobExecution)
+
+-- | The unique identifier you assigned to the job when it was created.
+jobExecution_jobId :: Lens.Lens' JobExecution (Prelude.Maybe Prelude.Text)
+jobExecution_jobId = Lens.lens (\JobExecution' {jobId} -> jobId) (\s@JobExecution' {} a -> s {jobId = a} :: JobExecution)
+
+-- | The time, in seconds since the epoch, when the job execution was last
+-- updated.
+jobExecution_lastUpdatedAt :: Lens.Lens' JobExecution (Prelude.Maybe Prelude.UTCTime)
+jobExecution_lastUpdatedAt = Lens.lens (\JobExecution' {lastUpdatedAt} -> lastUpdatedAt) (\s@JobExecution' {} a -> s {lastUpdatedAt = a} :: JobExecution) Prelude.. Lens.mapping Data._Time
+
+-- | The time, in seconds since the epoch, when the job execution was queued.
+jobExecution_queuedAt :: Lens.Lens' JobExecution (Prelude.Maybe Prelude.UTCTime)
+jobExecution_queuedAt = Lens.lens (\JobExecution' {queuedAt} -> queuedAt) (\s@JobExecution' {} a -> s {queuedAt = a} :: JobExecution) Prelude.. Lens.mapping Data._Time
+
+-- | The time, in seconds since the epoch, when the job execution started.
+jobExecution_startedAt :: Lens.Lens' JobExecution (Prelude.Maybe Prelude.UTCTime)
+jobExecution_startedAt = Lens.lens (\JobExecution' {startedAt} -> startedAt) (\s@JobExecution' {} a -> s {startedAt = a} :: JobExecution) Prelude.. Lens.mapping Data._Time
+
+-- | The status of the job execution (IN_PROGRESS, QUEUED, FAILED, SUCCEEDED,
+-- TIMED_OUT, CANCELED, or REJECTED).
+jobExecution_status :: Lens.Lens' JobExecution (Prelude.Maybe JobExecutionStatus)
+jobExecution_status = Lens.lens (\JobExecution' {status} -> status) (\s@JobExecution' {} a -> s {status = a} :: JobExecution)
+
+-- | A collection of name\/value pairs that describe the status of the job
+-- execution.
+jobExecution_statusDetails :: Lens.Lens' JobExecution (Prelude.Maybe JobExecutionStatusDetails)
+jobExecution_statusDetails = Lens.lens (\JobExecution' {statusDetails} -> statusDetails) (\s@JobExecution' {} a -> s {statusDetails = a} :: JobExecution)
+
+-- | The ARN of the thing on which the job execution is running.
+jobExecution_thingArn :: Lens.Lens' JobExecution (Prelude.Maybe Prelude.Text)
+jobExecution_thingArn = Lens.lens (\JobExecution' {thingArn} -> thingArn) (\s@JobExecution' {} a -> s {thingArn = a} :: JobExecution)
+
+-- | The version of the job execution. Job execution versions are incremented
+-- each time they are updated by a device.
+jobExecution_versionNumber :: Lens.Lens' JobExecution (Prelude.Maybe Prelude.Integer)
+jobExecution_versionNumber = Lens.lens (\JobExecution' {versionNumber} -> versionNumber) (\s@JobExecution' {} a -> s {versionNumber = a} :: JobExecution)
+
+instance Data.FromJSON JobExecution where
+  parseJSON =
+    Data.withObject
+      "JobExecution"
+      ( \x ->
+          JobExecution'
+            Prelude.<$> (x Data..:? "approximateSecondsBeforeTimedOut")
+            Prelude.<*> (x Data..:? "executionNumber")
+            Prelude.<*> (x Data..:? "forceCanceled")
+            Prelude.<*> (x Data..:? "jobId")
+            Prelude.<*> (x Data..:? "lastUpdatedAt")
+            Prelude.<*> (x Data..:? "queuedAt")
+            Prelude.<*> (x Data..:? "startedAt")
+            Prelude.<*> (x Data..:? "status")
+            Prelude.<*> (x Data..:? "statusDetails")
+            Prelude.<*> (x Data..:? "thingArn")
+            Prelude.<*> (x Data..:? "versionNumber")
+      )
+
+instance Prelude.Hashable JobExecution where
+  hashWithSalt _salt JobExecution' {..} =
+    _salt
+      `Prelude.hashWithSalt` approximateSecondsBeforeTimedOut
+      `Prelude.hashWithSalt` executionNumber
+      `Prelude.hashWithSalt` forceCanceled
+      `Prelude.hashWithSalt` jobId
+      `Prelude.hashWithSalt` lastUpdatedAt
+      `Prelude.hashWithSalt` queuedAt
+      `Prelude.hashWithSalt` startedAt
+      `Prelude.hashWithSalt` status
+      `Prelude.hashWithSalt` statusDetails
+      `Prelude.hashWithSalt` thingArn
+      `Prelude.hashWithSalt` versionNumber
+
+instance Prelude.NFData JobExecution where
+  rnf JobExecution' {..} =
+    Prelude.rnf approximateSecondsBeforeTimedOut
+      `Prelude.seq` Prelude.rnf executionNumber
+      `Prelude.seq` Prelude.rnf forceCanceled
+      `Prelude.seq` Prelude.rnf jobId
+      `Prelude.seq` Prelude.rnf lastUpdatedAt
+      `Prelude.seq` Prelude.rnf queuedAt
+      `Prelude.seq` Prelude.rnf startedAt
+      `Prelude.seq` Prelude.rnf status
+      `Prelude.seq` Prelude.rnf statusDetails
+      `Prelude.seq` Prelude.rnf thingArn
+      `Prelude.seq` Prelude.rnf versionNumber
diff --git a/gen/Amazonka/IoT/Types/JobExecutionFailureType.hs b/gen/Amazonka/IoT/Types/JobExecutionFailureType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/JobExecutionFailureType.hs
@@ -0,0 +1,81 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.JobExecutionFailureType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.JobExecutionFailureType
+  ( JobExecutionFailureType
+      ( ..,
+        JobExecutionFailureType_ALL,
+        JobExecutionFailureType_FAILED,
+        JobExecutionFailureType_REJECTED,
+        JobExecutionFailureType_TIMED_OUT
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype JobExecutionFailureType = JobExecutionFailureType'
+  { fromJobExecutionFailureType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern JobExecutionFailureType_ALL :: JobExecutionFailureType
+pattern JobExecutionFailureType_ALL = JobExecutionFailureType' "ALL"
+
+pattern JobExecutionFailureType_FAILED :: JobExecutionFailureType
+pattern JobExecutionFailureType_FAILED = JobExecutionFailureType' "FAILED"
+
+pattern JobExecutionFailureType_REJECTED :: JobExecutionFailureType
+pattern JobExecutionFailureType_REJECTED = JobExecutionFailureType' "REJECTED"
+
+pattern JobExecutionFailureType_TIMED_OUT :: JobExecutionFailureType
+pattern JobExecutionFailureType_TIMED_OUT = JobExecutionFailureType' "TIMED_OUT"
+
+{-# COMPLETE
+  JobExecutionFailureType_ALL,
+  JobExecutionFailureType_FAILED,
+  JobExecutionFailureType_REJECTED,
+  JobExecutionFailureType_TIMED_OUT,
+  JobExecutionFailureType'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/JobExecutionStatus.hs b/gen/Amazonka/IoT/Types/JobExecutionStatus.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/JobExecutionStatus.hs
@@ -0,0 +1,101 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.JobExecutionStatus
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.JobExecutionStatus
+  ( JobExecutionStatus
+      ( ..,
+        JobExecutionStatus_CANCELED,
+        JobExecutionStatus_FAILED,
+        JobExecutionStatus_IN_PROGRESS,
+        JobExecutionStatus_QUEUED,
+        JobExecutionStatus_REJECTED,
+        JobExecutionStatus_REMOVED,
+        JobExecutionStatus_SUCCEEDED,
+        JobExecutionStatus_TIMED_OUT
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype JobExecutionStatus = JobExecutionStatus'
+  { fromJobExecutionStatus ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern JobExecutionStatus_CANCELED :: JobExecutionStatus
+pattern JobExecutionStatus_CANCELED = JobExecutionStatus' "CANCELED"
+
+pattern JobExecutionStatus_FAILED :: JobExecutionStatus
+pattern JobExecutionStatus_FAILED = JobExecutionStatus' "FAILED"
+
+pattern JobExecutionStatus_IN_PROGRESS :: JobExecutionStatus
+pattern JobExecutionStatus_IN_PROGRESS = JobExecutionStatus' "IN_PROGRESS"
+
+pattern JobExecutionStatus_QUEUED :: JobExecutionStatus
+pattern JobExecutionStatus_QUEUED = JobExecutionStatus' "QUEUED"
+
+pattern JobExecutionStatus_REJECTED :: JobExecutionStatus
+pattern JobExecutionStatus_REJECTED = JobExecutionStatus' "REJECTED"
+
+pattern JobExecutionStatus_REMOVED :: JobExecutionStatus
+pattern JobExecutionStatus_REMOVED = JobExecutionStatus' "REMOVED"
+
+pattern JobExecutionStatus_SUCCEEDED :: JobExecutionStatus
+pattern JobExecutionStatus_SUCCEEDED = JobExecutionStatus' "SUCCEEDED"
+
+pattern JobExecutionStatus_TIMED_OUT :: JobExecutionStatus
+pattern JobExecutionStatus_TIMED_OUT = JobExecutionStatus' "TIMED_OUT"
+
+{-# COMPLETE
+  JobExecutionStatus_CANCELED,
+  JobExecutionStatus_FAILED,
+  JobExecutionStatus_IN_PROGRESS,
+  JobExecutionStatus_QUEUED,
+  JobExecutionStatus_REJECTED,
+  JobExecutionStatus_REMOVED,
+  JobExecutionStatus_SUCCEEDED,
+  JobExecutionStatus_TIMED_OUT,
+  JobExecutionStatus'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/JobExecutionStatusDetails.hs b/gen/Amazonka/IoT/Types/JobExecutionStatusDetails.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/JobExecutionStatusDetails.hs
@@ -0,0 +1,72 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.JobExecutionStatusDetails
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.JobExecutionStatusDetails where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Details of the job execution status.
+--
+-- /See:/ 'newJobExecutionStatusDetails' smart constructor.
+data JobExecutionStatusDetails = JobExecutionStatusDetails'
+  { -- | The job execution status.
+    detailsMap :: Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text)
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'JobExecutionStatusDetails' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'detailsMap', 'jobExecutionStatusDetails_detailsMap' - The job execution status.
+newJobExecutionStatusDetails ::
+  JobExecutionStatusDetails
+newJobExecutionStatusDetails =
+  JobExecutionStatusDetails'
+    { detailsMap =
+        Prelude.Nothing
+    }
+
+-- | The job execution status.
+jobExecutionStatusDetails_detailsMap :: Lens.Lens' JobExecutionStatusDetails (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
+jobExecutionStatusDetails_detailsMap = Lens.lens (\JobExecutionStatusDetails' {detailsMap} -> detailsMap) (\s@JobExecutionStatusDetails' {} a -> s {detailsMap = a} :: JobExecutionStatusDetails) Prelude.. Lens.mapping Lens.coerced
+
+instance Data.FromJSON JobExecutionStatusDetails where
+  parseJSON =
+    Data.withObject
+      "JobExecutionStatusDetails"
+      ( \x ->
+          JobExecutionStatusDetails'
+            Prelude.<$> (x Data..:? "detailsMap" Data..!= Prelude.mempty)
+      )
+
+instance Prelude.Hashable JobExecutionStatusDetails where
+  hashWithSalt _salt JobExecutionStatusDetails' {..} =
+    _salt `Prelude.hashWithSalt` detailsMap
+
+instance Prelude.NFData JobExecutionStatusDetails where
+  rnf JobExecutionStatusDetails' {..} =
+    Prelude.rnf detailsMap
diff --git a/gen/Amazonka/IoT/Types/JobExecutionSummary.hs b/gen/Amazonka/IoT/Types/JobExecutionSummary.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/JobExecutionSummary.hs
@@ -0,0 +1,146 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.JobExecutionSummary
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.JobExecutionSummary where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.JobExecutionStatus
+import qualified Amazonka.Prelude as Prelude
+
+-- | The job execution summary.
+--
+-- /See:/ 'newJobExecutionSummary' smart constructor.
+data JobExecutionSummary = JobExecutionSummary'
+  { -- | A string (consisting of the digits \"0\" through \"9\") which identifies
+    -- this particular job execution on this particular device. It can be used
+    -- later in commands which return or update job execution information.
+    executionNumber :: Prelude.Maybe Prelude.Integer,
+    -- | The time, in seconds since the epoch, when the job execution was last
+    -- updated.
+    lastUpdatedAt :: Prelude.Maybe Data.POSIX,
+    -- | The time, in seconds since the epoch, when the job execution was queued.
+    queuedAt :: Prelude.Maybe Data.POSIX,
+    -- | The number that indicates how many retry attempts have been completed
+    -- for this job on this device.
+    retryAttempt :: Prelude.Maybe Prelude.Int,
+    -- | The time, in seconds since the epoch, when the job execution started.
+    startedAt :: Prelude.Maybe Data.POSIX,
+    -- | The status of the job execution.
+    status :: Prelude.Maybe JobExecutionStatus
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'JobExecutionSummary' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'executionNumber', 'jobExecutionSummary_executionNumber' - A string (consisting of the digits \"0\" through \"9\") which identifies
+-- this particular job execution on this particular device. It can be used
+-- later in commands which return or update job execution information.
+--
+-- 'lastUpdatedAt', 'jobExecutionSummary_lastUpdatedAt' - The time, in seconds since the epoch, when the job execution was last
+-- updated.
+--
+-- 'queuedAt', 'jobExecutionSummary_queuedAt' - The time, in seconds since the epoch, when the job execution was queued.
+--
+-- 'retryAttempt', 'jobExecutionSummary_retryAttempt' - The number that indicates how many retry attempts have been completed
+-- for this job on this device.
+--
+-- 'startedAt', 'jobExecutionSummary_startedAt' - The time, in seconds since the epoch, when the job execution started.
+--
+-- 'status', 'jobExecutionSummary_status' - The status of the job execution.
+newJobExecutionSummary ::
+  JobExecutionSummary
+newJobExecutionSummary =
+  JobExecutionSummary'
+    { executionNumber =
+        Prelude.Nothing,
+      lastUpdatedAt = Prelude.Nothing,
+      queuedAt = Prelude.Nothing,
+      retryAttempt = Prelude.Nothing,
+      startedAt = Prelude.Nothing,
+      status = Prelude.Nothing
+    }
+
+-- | A string (consisting of the digits \"0\" through \"9\") which identifies
+-- this particular job execution on this particular device. It can be used
+-- later in commands which return or update job execution information.
+jobExecutionSummary_executionNumber :: Lens.Lens' JobExecutionSummary (Prelude.Maybe Prelude.Integer)
+jobExecutionSummary_executionNumber = Lens.lens (\JobExecutionSummary' {executionNumber} -> executionNumber) (\s@JobExecutionSummary' {} a -> s {executionNumber = a} :: JobExecutionSummary)
+
+-- | The time, in seconds since the epoch, when the job execution was last
+-- updated.
+jobExecutionSummary_lastUpdatedAt :: Lens.Lens' JobExecutionSummary (Prelude.Maybe Prelude.UTCTime)
+jobExecutionSummary_lastUpdatedAt = Lens.lens (\JobExecutionSummary' {lastUpdatedAt} -> lastUpdatedAt) (\s@JobExecutionSummary' {} a -> s {lastUpdatedAt = a} :: JobExecutionSummary) Prelude.. Lens.mapping Data._Time
+
+-- | The time, in seconds since the epoch, when the job execution was queued.
+jobExecutionSummary_queuedAt :: Lens.Lens' JobExecutionSummary (Prelude.Maybe Prelude.UTCTime)
+jobExecutionSummary_queuedAt = Lens.lens (\JobExecutionSummary' {queuedAt} -> queuedAt) (\s@JobExecutionSummary' {} a -> s {queuedAt = a} :: JobExecutionSummary) Prelude.. Lens.mapping Data._Time
+
+-- | The number that indicates how many retry attempts have been completed
+-- for this job on this device.
+jobExecutionSummary_retryAttempt :: Lens.Lens' JobExecutionSummary (Prelude.Maybe Prelude.Int)
+jobExecutionSummary_retryAttempt = Lens.lens (\JobExecutionSummary' {retryAttempt} -> retryAttempt) (\s@JobExecutionSummary' {} a -> s {retryAttempt = a} :: JobExecutionSummary)
+
+-- | The time, in seconds since the epoch, when the job execution started.
+jobExecutionSummary_startedAt :: Lens.Lens' JobExecutionSummary (Prelude.Maybe Prelude.UTCTime)
+jobExecutionSummary_startedAt = Lens.lens (\JobExecutionSummary' {startedAt} -> startedAt) (\s@JobExecutionSummary' {} a -> s {startedAt = a} :: JobExecutionSummary) Prelude.. Lens.mapping Data._Time
+
+-- | The status of the job execution.
+jobExecutionSummary_status :: Lens.Lens' JobExecutionSummary (Prelude.Maybe JobExecutionStatus)
+jobExecutionSummary_status = Lens.lens (\JobExecutionSummary' {status} -> status) (\s@JobExecutionSummary' {} a -> s {status = a} :: JobExecutionSummary)
+
+instance Data.FromJSON JobExecutionSummary where
+  parseJSON =
+    Data.withObject
+      "JobExecutionSummary"
+      ( \x ->
+          JobExecutionSummary'
+            Prelude.<$> (x Data..:? "executionNumber")
+            Prelude.<*> (x Data..:? "lastUpdatedAt")
+            Prelude.<*> (x Data..:? "queuedAt")
+            Prelude.<*> (x Data..:? "retryAttempt")
+            Prelude.<*> (x Data..:? "startedAt")
+            Prelude.<*> (x Data..:? "status")
+      )
+
+instance Prelude.Hashable JobExecutionSummary where
+  hashWithSalt _salt JobExecutionSummary' {..} =
+    _salt
+      `Prelude.hashWithSalt` executionNumber
+      `Prelude.hashWithSalt` lastUpdatedAt
+      `Prelude.hashWithSalt` queuedAt
+      `Prelude.hashWithSalt` retryAttempt
+      `Prelude.hashWithSalt` startedAt
+      `Prelude.hashWithSalt` status
+
+instance Prelude.NFData JobExecutionSummary where
+  rnf JobExecutionSummary' {..} =
+    Prelude.rnf executionNumber
+      `Prelude.seq` Prelude.rnf lastUpdatedAt
+      `Prelude.seq` Prelude.rnf queuedAt
+      `Prelude.seq` Prelude.rnf retryAttempt
+      `Prelude.seq` Prelude.rnf startedAt
+      `Prelude.seq` Prelude.rnf status
diff --git a/gen/Amazonka/IoT/Types/JobExecutionSummaryForJob.hs b/gen/Amazonka/IoT/Types/JobExecutionSummaryForJob.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/JobExecutionSummaryForJob.hs
@@ -0,0 +1,87 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.JobExecutionSummaryForJob
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.JobExecutionSummaryForJob where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.JobExecutionSummary
+import qualified Amazonka.Prelude as Prelude
+
+-- | Contains a summary of information about job executions for a specific
+-- job.
+--
+-- /See:/ 'newJobExecutionSummaryForJob' smart constructor.
+data JobExecutionSummaryForJob = JobExecutionSummaryForJob'
+  { -- | Contains a subset of information about a job execution.
+    jobExecutionSummary :: Prelude.Maybe JobExecutionSummary,
+    -- | The ARN of the thing on which the job execution is running.
+    thingArn :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'JobExecutionSummaryForJob' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'jobExecutionSummary', 'jobExecutionSummaryForJob_jobExecutionSummary' - Contains a subset of information about a job execution.
+--
+-- 'thingArn', 'jobExecutionSummaryForJob_thingArn' - The ARN of the thing on which the job execution is running.
+newJobExecutionSummaryForJob ::
+  JobExecutionSummaryForJob
+newJobExecutionSummaryForJob =
+  JobExecutionSummaryForJob'
+    { jobExecutionSummary =
+        Prelude.Nothing,
+      thingArn = Prelude.Nothing
+    }
+
+-- | Contains a subset of information about a job execution.
+jobExecutionSummaryForJob_jobExecutionSummary :: Lens.Lens' JobExecutionSummaryForJob (Prelude.Maybe JobExecutionSummary)
+jobExecutionSummaryForJob_jobExecutionSummary = Lens.lens (\JobExecutionSummaryForJob' {jobExecutionSummary} -> jobExecutionSummary) (\s@JobExecutionSummaryForJob' {} a -> s {jobExecutionSummary = a} :: JobExecutionSummaryForJob)
+
+-- | The ARN of the thing on which the job execution is running.
+jobExecutionSummaryForJob_thingArn :: Lens.Lens' JobExecutionSummaryForJob (Prelude.Maybe Prelude.Text)
+jobExecutionSummaryForJob_thingArn = Lens.lens (\JobExecutionSummaryForJob' {thingArn} -> thingArn) (\s@JobExecutionSummaryForJob' {} a -> s {thingArn = a} :: JobExecutionSummaryForJob)
+
+instance Data.FromJSON JobExecutionSummaryForJob where
+  parseJSON =
+    Data.withObject
+      "JobExecutionSummaryForJob"
+      ( \x ->
+          JobExecutionSummaryForJob'
+            Prelude.<$> (x Data..:? "jobExecutionSummary")
+            Prelude.<*> (x Data..:? "thingArn")
+      )
+
+instance Prelude.Hashable JobExecutionSummaryForJob where
+  hashWithSalt _salt JobExecutionSummaryForJob' {..} =
+    _salt
+      `Prelude.hashWithSalt` jobExecutionSummary
+      `Prelude.hashWithSalt` thingArn
+
+instance Prelude.NFData JobExecutionSummaryForJob where
+  rnf JobExecutionSummaryForJob' {..} =
+    Prelude.rnf jobExecutionSummary
+      `Prelude.seq` Prelude.rnf thingArn
diff --git a/gen/Amazonka/IoT/Types/JobExecutionSummaryForThing.hs b/gen/Amazonka/IoT/Types/JobExecutionSummaryForThing.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/JobExecutionSummaryForThing.hs
@@ -0,0 +1,86 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.JobExecutionSummaryForThing
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.JobExecutionSummaryForThing where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.JobExecutionSummary
+import qualified Amazonka.Prelude as Prelude
+
+-- | The job execution summary for a thing.
+--
+-- /See:/ 'newJobExecutionSummaryForThing' smart constructor.
+data JobExecutionSummaryForThing = JobExecutionSummaryForThing'
+  { -- | Contains a subset of information about a job execution.
+    jobExecutionSummary :: Prelude.Maybe JobExecutionSummary,
+    -- | The unique identifier you assigned to this job when it was created.
+    jobId :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'JobExecutionSummaryForThing' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'jobExecutionSummary', 'jobExecutionSummaryForThing_jobExecutionSummary' - Contains a subset of information about a job execution.
+--
+-- 'jobId', 'jobExecutionSummaryForThing_jobId' - The unique identifier you assigned to this job when it was created.
+newJobExecutionSummaryForThing ::
+  JobExecutionSummaryForThing
+newJobExecutionSummaryForThing =
+  JobExecutionSummaryForThing'
+    { jobExecutionSummary =
+        Prelude.Nothing,
+      jobId = Prelude.Nothing
+    }
+
+-- | Contains a subset of information about a job execution.
+jobExecutionSummaryForThing_jobExecutionSummary :: Lens.Lens' JobExecutionSummaryForThing (Prelude.Maybe JobExecutionSummary)
+jobExecutionSummaryForThing_jobExecutionSummary = Lens.lens (\JobExecutionSummaryForThing' {jobExecutionSummary} -> jobExecutionSummary) (\s@JobExecutionSummaryForThing' {} a -> s {jobExecutionSummary = a} :: JobExecutionSummaryForThing)
+
+-- | The unique identifier you assigned to this job when it was created.
+jobExecutionSummaryForThing_jobId :: Lens.Lens' JobExecutionSummaryForThing (Prelude.Maybe Prelude.Text)
+jobExecutionSummaryForThing_jobId = Lens.lens (\JobExecutionSummaryForThing' {jobId} -> jobId) (\s@JobExecutionSummaryForThing' {} a -> s {jobId = a} :: JobExecutionSummaryForThing)
+
+instance Data.FromJSON JobExecutionSummaryForThing where
+  parseJSON =
+    Data.withObject
+      "JobExecutionSummaryForThing"
+      ( \x ->
+          JobExecutionSummaryForThing'
+            Prelude.<$> (x Data..:? "jobExecutionSummary")
+            Prelude.<*> (x Data..:? "jobId")
+      )
+
+instance Prelude.Hashable JobExecutionSummaryForThing where
+  hashWithSalt _salt JobExecutionSummaryForThing' {..} =
+    _salt
+      `Prelude.hashWithSalt` jobExecutionSummary
+      `Prelude.hashWithSalt` jobId
+
+instance Prelude.NFData JobExecutionSummaryForThing where
+  rnf JobExecutionSummaryForThing' {..} =
+    Prelude.rnf jobExecutionSummary
+      `Prelude.seq` Prelude.rnf jobId
diff --git a/gen/Amazonka/IoT/Types/JobExecutionsRetryConfig.hs b/gen/Amazonka/IoT/Types/JobExecutionsRetryConfig.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/JobExecutionsRetryConfig.hs
@@ -0,0 +1,86 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.JobExecutionsRetryConfig
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.JobExecutionsRetryConfig where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.RetryCriteria
+import qualified Amazonka.Prelude as Prelude
+
+-- | The configuration that determines how many retries are allowed for each
+-- failure type for a job.
+--
+-- /See:/ 'newJobExecutionsRetryConfig' smart constructor.
+data JobExecutionsRetryConfig = JobExecutionsRetryConfig'
+  { -- | The list of criteria that determines how many retries are allowed for
+    -- each failure type for a job.
+    criteriaList :: Prelude.NonEmpty RetryCriteria
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'JobExecutionsRetryConfig' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'criteriaList', 'jobExecutionsRetryConfig_criteriaList' - The list of criteria that determines how many retries are allowed for
+-- each failure type for a job.
+newJobExecutionsRetryConfig ::
+  -- | 'criteriaList'
+  Prelude.NonEmpty RetryCriteria ->
+  JobExecutionsRetryConfig
+newJobExecutionsRetryConfig pCriteriaList_ =
+  JobExecutionsRetryConfig'
+    { criteriaList =
+        Lens.coerced Lens.# pCriteriaList_
+    }
+
+-- | The list of criteria that determines how many retries are allowed for
+-- each failure type for a job.
+jobExecutionsRetryConfig_criteriaList :: Lens.Lens' JobExecutionsRetryConfig (Prelude.NonEmpty RetryCriteria)
+jobExecutionsRetryConfig_criteriaList = Lens.lens (\JobExecutionsRetryConfig' {criteriaList} -> criteriaList) (\s@JobExecutionsRetryConfig' {} a -> s {criteriaList = a} :: JobExecutionsRetryConfig) Prelude.. Lens.coerced
+
+instance Data.FromJSON JobExecutionsRetryConfig where
+  parseJSON =
+    Data.withObject
+      "JobExecutionsRetryConfig"
+      ( \x ->
+          JobExecutionsRetryConfig'
+            Prelude.<$> (x Data..: "criteriaList")
+      )
+
+instance Prelude.Hashable JobExecutionsRetryConfig where
+  hashWithSalt _salt JobExecutionsRetryConfig' {..} =
+    _salt `Prelude.hashWithSalt` criteriaList
+
+instance Prelude.NFData JobExecutionsRetryConfig where
+  rnf JobExecutionsRetryConfig' {..} =
+    Prelude.rnf criteriaList
+
+instance Data.ToJSON JobExecutionsRetryConfig where
+  toJSON JobExecutionsRetryConfig' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [Prelude.Just ("criteriaList" Data..= criteriaList)]
+      )
diff --git a/gen/Amazonka/IoT/Types/JobExecutionsRolloutConfig.hs b/gen/Amazonka/IoT/Types/JobExecutionsRolloutConfig.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/JobExecutionsRolloutConfig.hs
@@ -0,0 +1,103 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.JobExecutionsRolloutConfig
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.JobExecutionsRolloutConfig where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.ExponentialRolloutRate
+import qualified Amazonka.Prelude as Prelude
+
+-- | Allows you to create a staged rollout of a job.
+--
+-- /See:/ 'newJobExecutionsRolloutConfig' smart constructor.
+data JobExecutionsRolloutConfig = JobExecutionsRolloutConfig'
+  { -- | The rate of increase for a job rollout. This parameter allows you to
+    -- define an exponential rate for a job rollout.
+    exponentialRate :: Prelude.Maybe ExponentialRolloutRate,
+    -- | The maximum number of things that will be notified of a pending job, per
+    -- minute. This parameter allows you to create a staged rollout.
+    maximumPerMinute :: Prelude.Maybe Prelude.Natural
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'JobExecutionsRolloutConfig' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'exponentialRate', 'jobExecutionsRolloutConfig_exponentialRate' - The rate of increase for a job rollout. This parameter allows you to
+-- define an exponential rate for a job rollout.
+--
+-- 'maximumPerMinute', 'jobExecutionsRolloutConfig_maximumPerMinute' - The maximum number of things that will be notified of a pending job, per
+-- minute. This parameter allows you to create a staged rollout.
+newJobExecutionsRolloutConfig ::
+  JobExecutionsRolloutConfig
+newJobExecutionsRolloutConfig =
+  JobExecutionsRolloutConfig'
+    { exponentialRate =
+        Prelude.Nothing,
+      maximumPerMinute = Prelude.Nothing
+    }
+
+-- | The rate of increase for a job rollout. This parameter allows you to
+-- define an exponential rate for a job rollout.
+jobExecutionsRolloutConfig_exponentialRate :: Lens.Lens' JobExecutionsRolloutConfig (Prelude.Maybe ExponentialRolloutRate)
+jobExecutionsRolloutConfig_exponentialRate = Lens.lens (\JobExecutionsRolloutConfig' {exponentialRate} -> exponentialRate) (\s@JobExecutionsRolloutConfig' {} a -> s {exponentialRate = a} :: JobExecutionsRolloutConfig)
+
+-- | The maximum number of things that will be notified of a pending job, per
+-- minute. This parameter allows you to create a staged rollout.
+jobExecutionsRolloutConfig_maximumPerMinute :: Lens.Lens' JobExecutionsRolloutConfig (Prelude.Maybe Prelude.Natural)
+jobExecutionsRolloutConfig_maximumPerMinute = Lens.lens (\JobExecutionsRolloutConfig' {maximumPerMinute} -> maximumPerMinute) (\s@JobExecutionsRolloutConfig' {} a -> s {maximumPerMinute = a} :: JobExecutionsRolloutConfig)
+
+instance Data.FromJSON JobExecutionsRolloutConfig where
+  parseJSON =
+    Data.withObject
+      "JobExecutionsRolloutConfig"
+      ( \x ->
+          JobExecutionsRolloutConfig'
+            Prelude.<$> (x Data..:? "exponentialRate")
+            Prelude.<*> (x Data..:? "maximumPerMinute")
+      )
+
+instance Prelude.Hashable JobExecutionsRolloutConfig where
+  hashWithSalt _salt JobExecutionsRolloutConfig' {..} =
+    _salt
+      `Prelude.hashWithSalt` exponentialRate
+      `Prelude.hashWithSalt` maximumPerMinute
+
+instance Prelude.NFData JobExecutionsRolloutConfig where
+  rnf JobExecutionsRolloutConfig' {..} =
+    Prelude.rnf exponentialRate
+      `Prelude.seq` Prelude.rnf maximumPerMinute
+
+instance Data.ToJSON JobExecutionsRolloutConfig where
+  toJSON JobExecutionsRolloutConfig' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("exponentialRate" Data..=)
+              Prelude.<$> exponentialRate,
+            ("maximumPerMinute" Data..=)
+              Prelude.<$> maximumPerMinute
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/JobProcessDetails.hs b/gen/Amazonka/IoT/Types/JobProcessDetails.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/JobProcessDetails.hs
@@ -0,0 +1,184 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.JobProcessDetails
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.JobProcessDetails where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The job process details.
+--
+-- /See:/ 'newJobProcessDetails' smart constructor.
+data JobProcessDetails = JobProcessDetails'
+  { -- | The number of things that cancelled the job.
+    numberOfCanceledThings :: Prelude.Maybe Prelude.Int,
+    -- | The number of things that failed executing the job.
+    numberOfFailedThings :: Prelude.Maybe Prelude.Int,
+    -- | The number of things currently executing the job.
+    numberOfInProgressThings :: Prelude.Maybe Prelude.Int,
+    -- | The number of things that are awaiting execution of the job.
+    numberOfQueuedThings :: Prelude.Maybe Prelude.Int,
+    -- | The number of things that rejected the job.
+    numberOfRejectedThings :: Prelude.Maybe Prelude.Int,
+    -- | The number of things that are no longer scheduled to execute the job
+    -- because they have been deleted or have been removed from the group that
+    -- was a target of the job.
+    numberOfRemovedThings :: Prelude.Maybe Prelude.Int,
+    -- | The number of things which successfully completed the job.
+    numberOfSucceededThings :: Prelude.Maybe Prelude.Int,
+    -- | The number of things whose job execution status is @TIMED_OUT@.
+    numberOfTimedOutThings :: Prelude.Maybe Prelude.Int,
+    -- | The target devices to which the job execution is being rolled out. This
+    -- value will be null after the job execution has finished rolling out to
+    -- all the target devices.
+    processingTargets :: Prelude.Maybe [Prelude.Text]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'JobProcessDetails' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'numberOfCanceledThings', 'jobProcessDetails_numberOfCanceledThings' - The number of things that cancelled the job.
+--
+-- 'numberOfFailedThings', 'jobProcessDetails_numberOfFailedThings' - The number of things that failed executing the job.
+--
+-- 'numberOfInProgressThings', 'jobProcessDetails_numberOfInProgressThings' - The number of things currently executing the job.
+--
+-- 'numberOfQueuedThings', 'jobProcessDetails_numberOfQueuedThings' - The number of things that are awaiting execution of the job.
+--
+-- 'numberOfRejectedThings', 'jobProcessDetails_numberOfRejectedThings' - The number of things that rejected the job.
+--
+-- 'numberOfRemovedThings', 'jobProcessDetails_numberOfRemovedThings' - The number of things that are no longer scheduled to execute the job
+-- because they have been deleted or have been removed from the group that
+-- was a target of the job.
+--
+-- 'numberOfSucceededThings', 'jobProcessDetails_numberOfSucceededThings' - The number of things which successfully completed the job.
+--
+-- 'numberOfTimedOutThings', 'jobProcessDetails_numberOfTimedOutThings' - The number of things whose job execution status is @TIMED_OUT@.
+--
+-- 'processingTargets', 'jobProcessDetails_processingTargets' - The target devices to which the job execution is being rolled out. This
+-- value will be null after the job execution has finished rolling out to
+-- all the target devices.
+newJobProcessDetails ::
+  JobProcessDetails
+newJobProcessDetails =
+  JobProcessDetails'
+    { numberOfCanceledThings =
+        Prelude.Nothing,
+      numberOfFailedThings = Prelude.Nothing,
+      numberOfInProgressThings = Prelude.Nothing,
+      numberOfQueuedThings = Prelude.Nothing,
+      numberOfRejectedThings = Prelude.Nothing,
+      numberOfRemovedThings = Prelude.Nothing,
+      numberOfSucceededThings = Prelude.Nothing,
+      numberOfTimedOutThings = Prelude.Nothing,
+      processingTargets = Prelude.Nothing
+    }
+
+-- | The number of things that cancelled the job.
+jobProcessDetails_numberOfCanceledThings :: Lens.Lens' JobProcessDetails (Prelude.Maybe Prelude.Int)
+jobProcessDetails_numberOfCanceledThings = Lens.lens (\JobProcessDetails' {numberOfCanceledThings} -> numberOfCanceledThings) (\s@JobProcessDetails' {} a -> s {numberOfCanceledThings = a} :: JobProcessDetails)
+
+-- | The number of things that failed executing the job.
+jobProcessDetails_numberOfFailedThings :: Lens.Lens' JobProcessDetails (Prelude.Maybe Prelude.Int)
+jobProcessDetails_numberOfFailedThings = Lens.lens (\JobProcessDetails' {numberOfFailedThings} -> numberOfFailedThings) (\s@JobProcessDetails' {} a -> s {numberOfFailedThings = a} :: JobProcessDetails)
+
+-- | The number of things currently executing the job.
+jobProcessDetails_numberOfInProgressThings :: Lens.Lens' JobProcessDetails (Prelude.Maybe Prelude.Int)
+jobProcessDetails_numberOfInProgressThings = Lens.lens (\JobProcessDetails' {numberOfInProgressThings} -> numberOfInProgressThings) (\s@JobProcessDetails' {} a -> s {numberOfInProgressThings = a} :: JobProcessDetails)
+
+-- | The number of things that are awaiting execution of the job.
+jobProcessDetails_numberOfQueuedThings :: Lens.Lens' JobProcessDetails (Prelude.Maybe Prelude.Int)
+jobProcessDetails_numberOfQueuedThings = Lens.lens (\JobProcessDetails' {numberOfQueuedThings} -> numberOfQueuedThings) (\s@JobProcessDetails' {} a -> s {numberOfQueuedThings = a} :: JobProcessDetails)
+
+-- | The number of things that rejected the job.
+jobProcessDetails_numberOfRejectedThings :: Lens.Lens' JobProcessDetails (Prelude.Maybe Prelude.Int)
+jobProcessDetails_numberOfRejectedThings = Lens.lens (\JobProcessDetails' {numberOfRejectedThings} -> numberOfRejectedThings) (\s@JobProcessDetails' {} a -> s {numberOfRejectedThings = a} :: JobProcessDetails)
+
+-- | The number of things that are no longer scheduled to execute the job
+-- because they have been deleted or have been removed from the group that
+-- was a target of the job.
+jobProcessDetails_numberOfRemovedThings :: Lens.Lens' JobProcessDetails (Prelude.Maybe Prelude.Int)
+jobProcessDetails_numberOfRemovedThings = Lens.lens (\JobProcessDetails' {numberOfRemovedThings} -> numberOfRemovedThings) (\s@JobProcessDetails' {} a -> s {numberOfRemovedThings = a} :: JobProcessDetails)
+
+-- | The number of things which successfully completed the job.
+jobProcessDetails_numberOfSucceededThings :: Lens.Lens' JobProcessDetails (Prelude.Maybe Prelude.Int)
+jobProcessDetails_numberOfSucceededThings = Lens.lens (\JobProcessDetails' {numberOfSucceededThings} -> numberOfSucceededThings) (\s@JobProcessDetails' {} a -> s {numberOfSucceededThings = a} :: JobProcessDetails)
+
+-- | The number of things whose job execution status is @TIMED_OUT@.
+jobProcessDetails_numberOfTimedOutThings :: Lens.Lens' JobProcessDetails (Prelude.Maybe Prelude.Int)
+jobProcessDetails_numberOfTimedOutThings = Lens.lens (\JobProcessDetails' {numberOfTimedOutThings} -> numberOfTimedOutThings) (\s@JobProcessDetails' {} a -> s {numberOfTimedOutThings = a} :: JobProcessDetails)
+
+-- | The target devices to which the job execution is being rolled out. This
+-- value will be null after the job execution has finished rolling out to
+-- all the target devices.
+jobProcessDetails_processingTargets :: Lens.Lens' JobProcessDetails (Prelude.Maybe [Prelude.Text])
+jobProcessDetails_processingTargets = Lens.lens (\JobProcessDetails' {processingTargets} -> processingTargets) (\s@JobProcessDetails' {} a -> s {processingTargets = a} :: JobProcessDetails) Prelude.. Lens.mapping Lens.coerced
+
+instance Data.FromJSON JobProcessDetails where
+  parseJSON =
+    Data.withObject
+      "JobProcessDetails"
+      ( \x ->
+          JobProcessDetails'
+            Prelude.<$> (x Data..:? "numberOfCanceledThings")
+            Prelude.<*> (x Data..:? "numberOfFailedThings")
+            Prelude.<*> (x Data..:? "numberOfInProgressThings")
+            Prelude.<*> (x Data..:? "numberOfQueuedThings")
+            Prelude.<*> (x Data..:? "numberOfRejectedThings")
+            Prelude.<*> (x Data..:? "numberOfRemovedThings")
+            Prelude.<*> (x Data..:? "numberOfSucceededThings")
+            Prelude.<*> (x Data..:? "numberOfTimedOutThings")
+            Prelude.<*> ( x
+                            Data..:? "processingTargets"
+                            Data..!= Prelude.mempty
+                        )
+      )
+
+instance Prelude.Hashable JobProcessDetails where
+  hashWithSalt _salt JobProcessDetails' {..} =
+    _salt
+      `Prelude.hashWithSalt` numberOfCanceledThings
+      `Prelude.hashWithSalt` numberOfFailedThings
+      `Prelude.hashWithSalt` numberOfInProgressThings
+      `Prelude.hashWithSalt` numberOfQueuedThings
+      `Prelude.hashWithSalt` numberOfRejectedThings
+      `Prelude.hashWithSalt` numberOfRemovedThings
+      `Prelude.hashWithSalt` numberOfSucceededThings
+      `Prelude.hashWithSalt` numberOfTimedOutThings
+      `Prelude.hashWithSalt` processingTargets
+
+instance Prelude.NFData JobProcessDetails where
+  rnf JobProcessDetails' {..} =
+    Prelude.rnf numberOfCanceledThings
+      `Prelude.seq` Prelude.rnf numberOfFailedThings
+      `Prelude.seq` Prelude.rnf numberOfInProgressThings
+      `Prelude.seq` Prelude.rnf numberOfQueuedThings
+      `Prelude.seq` Prelude.rnf numberOfRejectedThings
+      `Prelude.seq` Prelude.rnf numberOfRemovedThings
+      `Prelude.seq` Prelude.rnf numberOfSucceededThings
+      `Prelude.seq` Prelude.rnf numberOfTimedOutThings
+      `Prelude.seq` Prelude.rnf processingTargets
diff --git a/gen/Amazonka/IoT/Types/JobStatus.hs b/gen/Amazonka/IoT/Types/JobStatus.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/JobStatus.hs
@@ -0,0 +1,86 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.JobStatus
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.JobStatus
+  ( JobStatus
+      ( ..,
+        JobStatus_CANCELED,
+        JobStatus_COMPLETED,
+        JobStatus_DELETION_IN_PROGRESS,
+        JobStatus_IN_PROGRESS,
+        JobStatus_SCHEDULED
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype JobStatus = JobStatus'
+  { fromJobStatus ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern JobStatus_CANCELED :: JobStatus
+pattern JobStatus_CANCELED = JobStatus' "CANCELED"
+
+pattern JobStatus_COMPLETED :: JobStatus
+pattern JobStatus_COMPLETED = JobStatus' "COMPLETED"
+
+pattern JobStatus_DELETION_IN_PROGRESS :: JobStatus
+pattern JobStatus_DELETION_IN_PROGRESS = JobStatus' "DELETION_IN_PROGRESS"
+
+pattern JobStatus_IN_PROGRESS :: JobStatus
+pattern JobStatus_IN_PROGRESS = JobStatus' "IN_PROGRESS"
+
+pattern JobStatus_SCHEDULED :: JobStatus
+pattern JobStatus_SCHEDULED = JobStatus' "SCHEDULED"
+
+{-# COMPLETE
+  JobStatus_CANCELED,
+  JobStatus_COMPLETED,
+  JobStatus_DELETION_IN_PROGRESS,
+  JobStatus_IN_PROGRESS,
+  JobStatus_SCHEDULED,
+  JobStatus'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/JobSummary.hs b/gen/Amazonka/IoT/Types/JobSummary.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/JobSummary.hs
@@ -0,0 +1,203 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.JobSummary
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.JobSummary where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.JobStatus
+import Amazonka.IoT.Types.TargetSelection
+import qualified Amazonka.Prelude as Prelude
+
+-- | The job summary.
+--
+-- /See:/ 'newJobSummary' smart constructor.
+data JobSummary = JobSummary'
+  { -- | The time, in seconds since the epoch, when the job completed.
+    completedAt :: Prelude.Maybe Data.POSIX,
+    -- | The time, in seconds since the epoch, when the job was created.
+    createdAt :: Prelude.Maybe Data.POSIX,
+    -- | Indicates whether a job is concurrent. Will be true when a job is
+    -- rolling out new job executions or canceling previously created
+    -- executions, otherwise false.
+    isConcurrent :: Prelude.Maybe Prelude.Bool,
+    -- | The job ARN.
+    jobArn :: Prelude.Maybe Prelude.Text,
+    -- | The unique identifier you assigned to this job when it was created.
+    jobId :: Prelude.Maybe Prelude.Text,
+    -- | The time, in seconds since the epoch, when the job was last updated.
+    lastUpdatedAt :: Prelude.Maybe Data.POSIX,
+    -- | The job summary status.
+    status :: Prelude.Maybe JobStatus,
+    -- | Specifies whether the job will continue to run (CONTINUOUS), or will be
+    -- complete after all those things specified as targets have completed the
+    -- job (SNAPSHOT). If continuous, the job may also be run on a thing when a
+    -- change is detected in a target. For example, a job will run on a thing
+    -- when the thing is added to a target group, even after the job was
+    -- completed by all things originally in the group.
+    --
+    -- We recommend that you use continuous jobs instead of snapshot jobs for
+    -- dynamic thing group targets. By using continuous jobs, devices that join
+    -- the group receive the job execution even after the job has been created.
+    targetSelection :: Prelude.Maybe TargetSelection,
+    -- | The ID of the thing group.
+    thingGroupId :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'JobSummary' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'completedAt', 'jobSummary_completedAt' - The time, in seconds since the epoch, when the job completed.
+--
+-- 'createdAt', 'jobSummary_createdAt' - The time, in seconds since the epoch, when the job was created.
+--
+-- 'isConcurrent', 'jobSummary_isConcurrent' - Indicates whether a job is concurrent. Will be true when a job is
+-- rolling out new job executions or canceling previously created
+-- executions, otherwise false.
+--
+-- 'jobArn', 'jobSummary_jobArn' - The job ARN.
+--
+-- 'jobId', 'jobSummary_jobId' - The unique identifier you assigned to this job when it was created.
+--
+-- 'lastUpdatedAt', 'jobSummary_lastUpdatedAt' - The time, in seconds since the epoch, when the job was last updated.
+--
+-- 'status', 'jobSummary_status' - The job summary status.
+--
+-- 'targetSelection', 'jobSummary_targetSelection' - Specifies whether the job will continue to run (CONTINUOUS), or will be
+-- complete after all those things specified as targets have completed the
+-- job (SNAPSHOT). If continuous, the job may also be run on a thing when a
+-- change is detected in a target. For example, a job will run on a thing
+-- when the thing is added to a target group, even after the job was
+-- completed by all things originally in the group.
+--
+-- We recommend that you use continuous jobs instead of snapshot jobs for
+-- dynamic thing group targets. By using continuous jobs, devices that join
+-- the group receive the job execution even after the job has been created.
+--
+-- 'thingGroupId', 'jobSummary_thingGroupId' - The ID of the thing group.
+newJobSummary ::
+  JobSummary
+newJobSummary =
+  JobSummary'
+    { completedAt = Prelude.Nothing,
+      createdAt = Prelude.Nothing,
+      isConcurrent = Prelude.Nothing,
+      jobArn = Prelude.Nothing,
+      jobId = Prelude.Nothing,
+      lastUpdatedAt = Prelude.Nothing,
+      status = Prelude.Nothing,
+      targetSelection = Prelude.Nothing,
+      thingGroupId = Prelude.Nothing
+    }
+
+-- | The time, in seconds since the epoch, when the job completed.
+jobSummary_completedAt :: Lens.Lens' JobSummary (Prelude.Maybe Prelude.UTCTime)
+jobSummary_completedAt = Lens.lens (\JobSummary' {completedAt} -> completedAt) (\s@JobSummary' {} a -> s {completedAt = a} :: JobSummary) Prelude.. Lens.mapping Data._Time
+
+-- | The time, in seconds since the epoch, when the job was created.
+jobSummary_createdAt :: Lens.Lens' JobSummary (Prelude.Maybe Prelude.UTCTime)
+jobSummary_createdAt = Lens.lens (\JobSummary' {createdAt} -> createdAt) (\s@JobSummary' {} a -> s {createdAt = a} :: JobSummary) Prelude.. Lens.mapping Data._Time
+
+-- | Indicates whether a job is concurrent. Will be true when a job is
+-- rolling out new job executions or canceling previously created
+-- executions, otherwise false.
+jobSummary_isConcurrent :: Lens.Lens' JobSummary (Prelude.Maybe Prelude.Bool)
+jobSummary_isConcurrent = Lens.lens (\JobSummary' {isConcurrent} -> isConcurrent) (\s@JobSummary' {} a -> s {isConcurrent = a} :: JobSummary)
+
+-- | The job ARN.
+jobSummary_jobArn :: Lens.Lens' JobSummary (Prelude.Maybe Prelude.Text)
+jobSummary_jobArn = Lens.lens (\JobSummary' {jobArn} -> jobArn) (\s@JobSummary' {} a -> s {jobArn = a} :: JobSummary)
+
+-- | The unique identifier you assigned to this job when it was created.
+jobSummary_jobId :: Lens.Lens' JobSummary (Prelude.Maybe Prelude.Text)
+jobSummary_jobId = Lens.lens (\JobSummary' {jobId} -> jobId) (\s@JobSummary' {} a -> s {jobId = a} :: JobSummary)
+
+-- | The time, in seconds since the epoch, when the job was last updated.
+jobSummary_lastUpdatedAt :: Lens.Lens' JobSummary (Prelude.Maybe Prelude.UTCTime)
+jobSummary_lastUpdatedAt = Lens.lens (\JobSummary' {lastUpdatedAt} -> lastUpdatedAt) (\s@JobSummary' {} a -> s {lastUpdatedAt = a} :: JobSummary) Prelude.. Lens.mapping Data._Time
+
+-- | The job summary status.
+jobSummary_status :: Lens.Lens' JobSummary (Prelude.Maybe JobStatus)
+jobSummary_status = Lens.lens (\JobSummary' {status} -> status) (\s@JobSummary' {} a -> s {status = a} :: JobSummary)
+
+-- | Specifies whether the job will continue to run (CONTINUOUS), or will be
+-- complete after all those things specified as targets have completed the
+-- job (SNAPSHOT). If continuous, the job may also be run on a thing when a
+-- change is detected in a target. For example, a job will run on a thing
+-- when the thing is added to a target group, even after the job was
+-- completed by all things originally in the group.
+--
+-- We recommend that you use continuous jobs instead of snapshot jobs for
+-- dynamic thing group targets. By using continuous jobs, devices that join
+-- the group receive the job execution even after the job has been created.
+jobSummary_targetSelection :: Lens.Lens' JobSummary (Prelude.Maybe TargetSelection)
+jobSummary_targetSelection = Lens.lens (\JobSummary' {targetSelection} -> targetSelection) (\s@JobSummary' {} a -> s {targetSelection = a} :: JobSummary)
+
+-- | The ID of the thing group.
+jobSummary_thingGroupId :: Lens.Lens' JobSummary (Prelude.Maybe Prelude.Text)
+jobSummary_thingGroupId = Lens.lens (\JobSummary' {thingGroupId} -> thingGroupId) (\s@JobSummary' {} a -> s {thingGroupId = a} :: JobSummary)
+
+instance Data.FromJSON JobSummary where
+  parseJSON =
+    Data.withObject
+      "JobSummary"
+      ( \x ->
+          JobSummary'
+            Prelude.<$> (x Data..:? "completedAt")
+            Prelude.<*> (x Data..:? "createdAt")
+            Prelude.<*> (x Data..:? "isConcurrent")
+            Prelude.<*> (x Data..:? "jobArn")
+            Prelude.<*> (x Data..:? "jobId")
+            Prelude.<*> (x Data..:? "lastUpdatedAt")
+            Prelude.<*> (x Data..:? "status")
+            Prelude.<*> (x Data..:? "targetSelection")
+            Prelude.<*> (x Data..:? "thingGroupId")
+      )
+
+instance Prelude.Hashable JobSummary where
+  hashWithSalt _salt JobSummary' {..} =
+    _salt
+      `Prelude.hashWithSalt` completedAt
+      `Prelude.hashWithSalt` createdAt
+      `Prelude.hashWithSalt` isConcurrent
+      `Prelude.hashWithSalt` jobArn
+      `Prelude.hashWithSalt` jobId
+      `Prelude.hashWithSalt` lastUpdatedAt
+      `Prelude.hashWithSalt` status
+      `Prelude.hashWithSalt` targetSelection
+      `Prelude.hashWithSalt` thingGroupId
+
+instance Prelude.NFData JobSummary where
+  rnf JobSummary' {..} =
+    Prelude.rnf completedAt
+      `Prelude.seq` Prelude.rnf createdAt
+      `Prelude.seq` Prelude.rnf isConcurrent
+      `Prelude.seq` Prelude.rnf jobArn
+      `Prelude.seq` Prelude.rnf jobId
+      `Prelude.seq` Prelude.rnf lastUpdatedAt
+      `Prelude.seq` Prelude.rnf status
+      `Prelude.seq` Prelude.rnf targetSelection
+      `Prelude.seq` Prelude.rnf thingGroupId
diff --git a/gen/Amazonka/IoT/Types/JobTemplateSummary.hs b/gen/Amazonka/IoT/Types/JobTemplateSummary.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/JobTemplateSummary.hs
@@ -0,0 +1,108 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.JobTemplateSummary
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.JobTemplateSummary where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | An object that contains information about the job template.
+--
+-- /See:/ 'newJobTemplateSummary' smart constructor.
+data JobTemplateSummary = JobTemplateSummary'
+  { -- | The time, in seconds since the epoch, when the job template was created.
+    createdAt :: Prelude.Maybe Data.POSIX,
+    -- | A description of the job template.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the job template.
+    jobTemplateArn :: Prelude.Maybe Prelude.Text,
+    -- | The unique identifier of the job template.
+    jobTemplateId :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'JobTemplateSummary' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'createdAt', 'jobTemplateSummary_createdAt' - The time, in seconds since the epoch, when the job template was created.
+--
+-- 'description', 'jobTemplateSummary_description' - A description of the job template.
+--
+-- 'jobTemplateArn', 'jobTemplateSummary_jobTemplateArn' - The ARN of the job template.
+--
+-- 'jobTemplateId', 'jobTemplateSummary_jobTemplateId' - The unique identifier of the job template.
+newJobTemplateSummary ::
+  JobTemplateSummary
+newJobTemplateSummary =
+  JobTemplateSummary'
+    { createdAt = Prelude.Nothing,
+      description = Prelude.Nothing,
+      jobTemplateArn = Prelude.Nothing,
+      jobTemplateId = Prelude.Nothing
+    }
+
+-- | The time, in seconds since the epoch, when the job template was created.
+jobTemplateSummary_createdAt :: Lens.Lens' JobTemplateSummary (Prelude.Maybe Prelude.UTCTime)
+jobTemplateSummary_createdAt = Lens.lens (\JobTemplateSummary' {createdAt} -> createdAt) (\s@JobTemplateSummary' {} a -> s {createdAt = a} :: JobTemplateSummary) Prelude.. Lens.mapping Data._Time
+
+-- | A description of the job template.
+jobTemplateSummary_description :: Lens.Lens' JobTemplateSummary (Prelude.Maybe Prelude.Text)
+jobTemplateSummary_description = Lens.lens (\JobTemplateSummary' {description} -> description) (\s@JobTemplateSummary' {} a -> s {description = a} :: JobTemplateSummary)
+
+-- | The ARN of the job template.
+jobTemplateSummary_jobTemplateArn :: Lens.Lens' JobTemplateSummary (Prelude.Maybe Prelude.Text)
+jobTemplateSummary_jobTemplateArn = Lens.lens (\JobTemplateSummary' {jobTemplateArn} -> jobTemplateArn) (\s@JobTemplateSummary' {} a -> s {jobTemplateArn = a} :: JobTemplateSummary)
+
+-- | The unique identifier of the job template.
+jobTemplateSummary_jobTemplateId :: Lens.Lens' JobTemplateSummary (Prelude.Maybe Prelude.Text)
+jobTemplateSummary_jobTemplateId = Lens.lens (\JobTemplateSummary' {jobTemplateId} -> jobTemplateId) (\s@JobTemplateSummary' {} a -> s {jobTemplateId = a} :: JobTemplateSummary)
+
+instance Data.FromJSON JobTemplateSummary where
+  parseJSON =
+    Data.withObject
+      "JobTemplateSummary"
+      ( \x ->
+          JobTemplateSummary'
+            Prelude.<$> (x Data..:? "createdAt")
+            Prelude.<*> (x Data..:? "description")
+            Prelude.<*> (x Data..:? "jobTemplateArn")
+            Prelude.<*> (x Data..:? "jobTemplateId")
+      )
+
+instance Prelude.Hashable JobTemplateSummary where
+  hashWithSalt _salt JobTemplateSummary' {..} =
+    _salt
+      `Prelude.hashWithSalt` createdAt
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` jobTemplateArn
+      `Prelude.hashWithSalt` jobTemplateId
+
+instance Prelude.NFData JobTemplateSummary where
+  rnf JobTemplateSummary' {..} =
+    Prelude.rnf createdAt
+      `Prelude.seq` Prelude.rnf description
+      `Prelude.seq` Prelude.rnf jobTemplateArn
+      `Prelude.seq` Prelude.rnf jobTemplateId
diff --git a/gen/Amazonka/IoT/Types/KafkaAction.hs b/gen/Amazonka/IoT/Types/KafkaAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/KafkaAction.hs
@@ -0,0 +1,142 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.KafkaAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.KafkaAction where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Send messages to an Amazon Managed Streaming for Apache Kafka (Amazon
+-- MSK) or self-managed Apache Kafka cluster.
+--
+-- /See:/ 'newKafkaAction' smart constructor.
+data KafkaAction = KafkaAction'
+  { -- | The Kafka message key.
+    key :: Prelude.Maybe Prelude.Text,
+    -- | The Kafka message partition.
+    partition :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of Kafka action\'s VPC @TopicRuleDestination@.
+    destinationArn :: Prelude.Text,
+    -- | The Kafka topic for messages to be sent to the Kafka broker.
+    topic :: Prelude.Text,
+    -- | Properties of the Apache Kafka producer client.
+    clientProperties :: Prelude.HashMap Prelude.Text Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'KafkaAction' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'key', 'kafkaAction_key' - The Kafka message key.
+--
+-- 'partition', 'kafkaAction_partition' - The Kafka message partition.
+--
+-- 'destinationArn', 'kafkaAction_destinationArn' - The ARN of Kafka action\'s VPC @TopicRuleDestination@.
+--
+-- 'topic', 'kafkaAction_topic' - The Kafka topic for messages to be sent to the Kafka broker.
+--
+-- 'clientProperties', 'kafkaAction_clientProperties' - Properties of the Apache Kafka producer client.
+newKafkaAction ::
+  -- | 'destinationArn'
+  Prelude.Text ->
+  -- | 'topic'
+  Prelude.Text ->
+  KafkaAction
+newKafkaAction pDestinationArn_ pTopic_ =
+  KafkaAction'
+    { key = Prelude.Nothing,
+      partition = Prelude.Nothing,
+      destinationArn = pDestinationArn_,
+      topic = pTopic_,
+      clientProperties = Prelude.mempty
+    }
+
+-- | The Kafka message key.
+kafkaAction_key :: Lens.Lens' KafkaAction (Prelude.Maybe Prelude.Text)
+kafkaAction_key = Lens.lens (\KafkaAction' {key} -> key) (\s@KafkaAction' {} a -> s {key = a} :: KafkaAction)
+
+-- | The Kafka message partition.
+kafkaAction_partition :: Lens.Lens' KafkaAction (Prelude.Maybe Prelude.Text)
+kafkaAction_partition = Lens.lens (\KafkaAction' {partition} -> partition) (\s@KafkaAction' {} a -> s {partition = a} :: KafkaAction)
+
+-- | The ARN of Kafka action\'s VPC @TopicRuleDestination@.
+kafkaAction_destinationArn :: Lens.Lens' KafkaAction Prelude.Text
+kafkaAction_destinationArn = Lens.lens (\KafkaAction' {destinationArn} -> destinationArn) (\s@KafkaAction' {} a -> s {destinationArn = a} :: KafkaAction)
+
+-- | The Kafka topic for messages to be sent to the Kafka broker.
+kafkaAction_topic :: Lens.Lens' KafkaAction Prelude.Text
+kafkaAction_topic = Lens.lens (\KafkaAction' {topic} -> topic) (\s@KafkaAction' {} a -> s {topic = a} :: KafkaAction)
+
+-- | Properties of the Apache Kafka producer client.
+kafkaAction_clientProperties :: Lens.Lens' KafkaAction (Prelude.HashMap Prelude.Text Prelude.Text)
+kafkaAction_clientProperties = Lens.lens (\KafkaAction' {clientProperties} -> clientProperties) (\s@KafkaAction' {} a -> s {clientProperties = a} :: KafkaAction) Prelude.. Lens.coerced
+
+instance Data.FromJSON KafkaAction where
+  parseJSON =
+    Data.withObject
+      "KafkaAction"
+      ( \x ->
+          KafkaAction'
+            Prelude.<$> (x Data..:? "key")
+            Prelude.<*> (x Data..:? "partition")
+            Prelude.<*> (x Data..: "destinationArn")
+            Prelude.<*> (x Data..: "topic")
+            Prelude.<*> ( x
+                            Data..:? "clientProperties"
+                            Data..!= Prelude.mempty
+                        )
+      )
+
+instance Prelude.Hashable KafkaAction where
+  hashWithSalt _salt KafkaAction' {..} =
+    _salt
+      `Prelude.hashWithSalt` key
+      `Prelude.hashWithSalt` partition
+      `Prelude.hashWithSalt` destinationArn
+      `Prelude.hashWithSalt` topic
+      `Prelude.hashWithSalt` clientProperties
+
+instance Prelude.NFData KafkaAction where
+  rnf KafkaAction' {..} =
+    Prelude.rnf key
+      `Prelude.seq` Prelude.rnf partition
+      `Prelude.seq` Prelude.rnf destinationArn
+      `Prelude.seq` Prelude.rnf topic
+      `Prelude.seq` Prelude.rnf clientProperties
+
+instance Data.ToJSON KafkaAction where
+  toJSON KafkaAction' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("key" Data..=) Prelude.<$> key,
+            ("partition" Data..=) Prelude.<$> partition,
+            Prelude.Just
+              ("destinationArn" Data..= destinationArn),
+            Prelude.Just ("topic" Data..= topic),
+            Prelude.Just
+              ("clientProperties" Data..= clientProperties)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/KeyPair.hs b/gen/Amazonka/IoT/Types/KeyPair.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/KeyPair.hs
@@ -0,0 +1,84 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.KeyPair
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.KeyPair where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes a key pair.
+--
+-- /See:/ 'newKeyPair' smart constructor.
+data KeyPair = KeyPair'
+  { -- | The private key.
+    privateKey :: Prelude.Maybe (Data.Sensitive Prelude.Text),
+    -- | The public key.
+    publicKey :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'KeyPair' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'privateKey', 'keyPair_privateKey' - The private key.
+--
+-- 'publicKey', 'keyPair_publicKey' - The public key.
+newKeyPair ::
+  KeyPair
+newKeyPair =
+  KeyPair'
+    { privateKey = Prelude.Nothing,
+      publicKey = Prelude.Nothing
+    }
+
+-- | The private key.
+keyPair_privateKey :: Lens.Lens' KeyPair (Prelude.Maybe Prelude.Text)
+keyPair_privateKey = Lens.lens (\KeyPair' {privateKey} -> privateKey) (\s@KeyPair' {} a -> s {privateKey = a} :: KeyPair) Prelude.. Lens.mapping Data._Sensitive
+
+-- | The public key.
+keyPair_publicKey :: Lens.Lens' KeyPair (Prelude.Maybe Prelude.Text)
+keyPair_publicKey = Lens.lens (\KeyPair' {publicKey} -> publicKey) (\s@KeyPair' {} a -> s {publicKey = a} :: KeyPair)
+
+instance Data.FromJSON KeyPair where
+  parseJSON =
+    Data.withObject
+      "KeyPair"
+      ( \x ->
+          KeyPair'
+            Prelude.<$> (x Data..:? "PrivateKey")
+            Prelude.<*> (x Data..:? "PublicKey")
+      )
+
+instance Prelude.Hashable KeyPair where
+  hashWithSalt _salt KeyPair' {..} =
+    _salt
+      `Prelude.hashWithSalt` privateKey
+      `Prelude.hashWithSalt` publicKey
+
+instance Prelude.NFData KeyPair where
+  rnf KeyPair' {..} =
+    Prelude.rnf privateKey
+      `Prelude.seq` Prelude.rnf publicKey
diff --git a/gen/Amazonka/IoT/Types/KinesisAction.hs b/gen/Amazonka/IoT/Types/KinesisAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/KinesisAction.hs
@@ -0,0 +1,110 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.KinesisAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.KinesisAction where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes an action to write data to an Amazon Kinesis stream.
+--
+-- /See:/ 'newKinesisAction' smart constructor.
+data KinesisAction = KinesisAction'
+  { -- | The partition key.
+    partitionKey :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the IAM role that grants access to the Amazon Kinesis stream.
+    roleArn :: Prelude.Text,
+    -- | The name of the Amazon Kinesis stream.
+    streamName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'KinesisAction' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'partitionKey', 'kinesisAction_partitionKey' - The partition key.
+--
+-- 'roleArn', 'kinesisAction_roleArn' - The ARN of the IAM role that grants access to the Amazon Kinesis stream.
+--
+-- 'streamName', 'kinesisAction_streamName' - The name of the Amazon Kinesis stream.
+newKinesisAction ::
+  -- | 'roleArn'
+  Prelude.Text ->
+  -- | 'streamName'
+  Prelude.Text ->
+  KinesisAction
+newKinesisAction pRoleArn_ pStreamName_ =
+  KinesisAction'
+    { partitionKey = Prelude.Nothing,
+      roleArn = pRoleArn_,
+      streamName = pStreamName_
+    }
+
+-- | The partition key.
+kinesisAction_partitionKey :: Lens.Lens' KinesisAction (Prelude.Maybe Prelude.Text)
+kinesisAction_partitionKey = Lens.lens (\KinesisAction' {partitionKey} -> partitionKey) (\s@KinesisAction' {} a -> s {partitionKey = a} :: KinesisAction)
+
+-- | The ARN of the IAM role that grants access to the Amazon Kinesis stream.
+kinesisAction_roleArn :: Lens.Lens' KinesisAction Prelude.Text
+kinesisAction_roleArn = Lens.lens (\KinesisAction' {roleArn} -> roleArn) (\s@KinesisAction' {} a -> s {roleArn = a} :: KinesisAction)
+
+-- | The name of the Amazon Kinesis stream.
+kinesisAction_streamName :: Lens.Lens' KinesisAction Prelude.Text
+kinesisAction_streamName = Lens.lens (\KinesisAction' {streamName} -> streamName) (\s@KinesisAction' {} a -> s {streamName = a} :: KinesisAction)
+
+instance Data.FromJSON KinesisAction where
+  parseJSON =
+    Data.withObject
+      "KinesisAction"
+      ( \x ->
+          KinesisAction'
+            Prelude.<$> (x Data..:? "partitionKey")
+            Prelude.<*> (x Data..: "roleArn")
+            Prelude.<*> (x Data..: "streamName")
+      )
+
+instance Prelude.Hashable KinesisAction where
+  hashWithSalt _salt KinesisAction' {..} =
+    _salt
+      `Prelude.hashWithSalt` partitionKey
+      `Prelude.hashWithSalt` roleArn
+      `Prelude.hashWithSalt` streamName
+
+instance Prelude.NFData KinesisAction where
+  rnf KinesisAction' {..} =
+    Prelude.rnf partitionKey
+      `Prelude.seq` Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf streamName
+
+instance Data.ToJSON KinesisAction where
+  toJSON KinesisAction' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("partitionKey" Data..=) Prelude.<$> partitionKey,
+            Prelude.Just ("roleArn" Data..= roleArn),
+            Prelude.Just ("streamName" Data..= streamName)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/LambdaAction.hs b/gen/Amazonka/IoT/Types/LambdaAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/LambdaAction.hs
@@ -0,0 +1,76 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.LambdaAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.LambdaAction where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes an action to invoke a Lambda function.
+--
+-- /See:/ 'newLambdaAction' smart constructor.
+data LambdaAction = LambdaAction'
+  { -- | The ARN of the Lambda function.
+    functionArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'LambdaAction' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'functionArn', 'lambdaAction_functionArn' - The ARN of the Lambda function.
+newLambdaAction ::
+  -- | 'functionArn'
+  Prelude.Text ->
+  LambdaAction
+newLambdaAction pFunctionArn_ =
+  LambdaAction' {functionArn = pFunctionArn_}
+
+-- | The ARN of the Lambda function.
+lambdaAction_functionArn :: Lens.Lens' LambdaAction Prelude.Text
+lambdaAction_functionArn = Lens.lens (\LambdaAction' {functionArn} -> functionArn) (\s@LambdaAction' {} a -> s {functionArn = a} :: LambdaAction)
+
+instance Data.FromJSON LambdaAction where
+  parseJSON =
+    Data.withObject
+      "LambdaAction"
+      ( \x ->
+          LambdaAction' Prelude.<$> (x Data..: "functionArn")
+      )
+
+instance Prelude.Hashable LambdaAction where
+  hashWithSalt _salt LambdaAction' {..} =
+    _salt `Prelude.hashWithSalt` functionArn
+
+instance Prelude.NFData LambdaAction where
+  rnf LambdaAction' {..} = Prelude.rnf functionArn
+
+instance Data.ToJSON LambdaAction where
+  toJSON LambdaAction' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [Prelude.Just ("functionArn" Data..= functionArn)]
+      )
diff --git a/gen/Amazonka/IoT/Types/LocationAction.hs b/gen/Amazonka/IoT/Types/LocationAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/LocationAction.hs
@@ -0,0 +1,177 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.LocationAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.LocationAction where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.LocationTimestamp
+import qualified Amazonka.Prelude as Prelude
+
+-- | The Amazon Location rule action sends device location updates from an
+-- MQTT message to an Amazon Location tracker resource.
+--
+-- /See:/ 'newLocationAction' smart constructor.
+data LocationAction = LocationAction'
+  { -- | The time that the location data was sampled. The default value is the
+    -- time the MQTT message was processed.
+    timestamp :: Prelude.Maybe LocationTimestamp,
+    -- | The IAM role that grants permission to write to the Amazon Location
+    -- resource.
+    roleArn :: Prelude.Text,
+    -- | The name of the tracker resource in Amazon Location in which the
+    -- location is updated.
+    trackerName :: Prelude.Text,
+    -- | The unique ID of the device providing the location data.
+    deviceId :: Prelude.Text,
+    -- | A string that evaluates to a double value that represents the latitude
+    -- of the device\'s location.
+    latitude :: Prelude.Text,
+    -- | A string that evaluates to a double value that represents the longitude
+    -- of the device\'s location.
+    longitude :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'LocationAction' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'timestamp', 'locationAction_timestamp' - The time that the location data was sampled. The default value is the
+-- time the MQTT message was processed.
+--
+-- 'roleArn', 'locationAction_roleArn' - The IAM role that grants permission to write to the Amazon Location
+-- resource.
+--
+-- 'trackerName', 'locationAction_trackerName' - The name of the tracker resource in Amazon Location in which the
+-- location is updated.
+--
+-- 'deviceId', 'locationAction_deviceId' - The unique ID of the device providing the location data.
+--
+-- 'latitude', 'locationAction_latitude' - A string that evaluates to a double value that represents the latitude
+-- of the device\'s location.
+--
+-- 'longitude', 'locationAction_longitude' - A string that evaluates to a double value that represents the longitude
+-- of the device\'s location.
+newLocationAction ::
+  -- | 'roleArn'
+  Prelude.Text ->
+  -- | 'trackerName'
+  Prelude.Text ->
+  -- | 'deviceId'
+  Prelude.Text ->
+  -- | 'latitude'
+  Prelude.Text ->
+  -- | 'longitude'
+  Prelude.Text ->
+  LocationAction
+newLocationAction
+  pRoleArn_
+  pTrackerName_
+  pDeviceId_
+  pLatitude_
+  pLongitude_ =
+    LocationAction'
+      { timestamp = Prelude.Nothing,
+        roleArn = pRoleArn_,
+        trackerName = pTrackerName_,
+        deviceId = pDeviceId_,
+        latitude = pLatitude_,
+        longitude = pLongitude_
+      }
+
+-- | The time that the location data was sampled. The default value is the
+-- time the MQTT message was processed.
+locationAction_timestamp :: Lens.Lens' LocationAction (Prelude.Maybe LocationTimestamp)
+locationAction_timestamp = Lens.lens (\LocationAction' {timestamp} -> timestamp) (\s@LocationAction' {} a -> s {timestamp = a} :: LocationAction)
+
+-- | The IAM role that grants permission to write to the Amazon Location
+-- resource.
+locationAction_roleArn :: Lens.Lens' LocationAction Prelude.Text
+locationAction_roleArn = Lens.lens (\LocationAction' {roleArn} -> roleArn) (\s@LocationAction' {} a -> s {roleArn = a} :: LocationAction)
+
+-- | The name of the tracker resource in Amazon Location in which the
+-- location is updated.
+locationAction_trackerName :: Lens.Lens' LocationAction Prelude.Text
+locationAction_trackerName = Lens.lens (\LocationAction' {trackerName} -> trackerName) (\s@LocationAction' {} a -> s {trackerName = a} :: LocationAction)
+
+-- | The unique ID of the device providing the location data.
+locationAction_deviceId :: Lens.Lens' LocationAction Prelude.Text
+locationAction_deviceId = Lens.lens (\LocationAction' {deviceId} -> deviceId) (\s@LocationAction' {} a -> s {deviceId = a} :: LocationAction)
+
+-- | A string that evaluates to a double value that represents the latitude
+-- of the device\'s location.
+locationAction_latitude :: Lens.Lens' LocationAction Prelude.Text
+locationAction_latitude = Lens.lens (\LocationAction' {latitude} -> latitude) (\s@LocationAction' {} a -> s {latitude = a} :: LocationAction)
+
+-- | A string that evaluates to a double value that represents the longitude
+-- of the device\'s location.
+locationAction_longitude :: Lens.Lens' LocationAction Prelude.Text
+locationAction_longitude = Lens.lens (\LocationAction' {longitude} -> longitude) (\s@LocationAction' {} a -> s {longitude = a} :: LocationAction)
+
+instance Data.FromJSON LocationAction where
+  parseJSON =
+    Data.withObject
+      "LocationAction"
+      ( \x ->
+          LocationAction'
+            Prelude.<$> (x Data..:? "timestamp")
+            Prelude.<*> (x Data..: "roleArn")
+            Prelude.<*> (x Data..: "trackerName")
+            Prelude.<*> (x Data..: "deviceId")
+            Prelude.<*> (x Data..: "latitude")
+            Prelude.<*> (x Data..: "longitude")
+      )
+
+instance Prelude.Hashable LocationAction where
+  hashWithSalt _salt LocationAction' {..} =
+    _salt
+      `Prelude.hashWithSalt` timestamp
+      `Prelude.hashWithSalt` roleArn
+      `Prelude.hashWithSalt` trackerName
+      `Prelude.hashWithSalt` deviceId
+      `Prelude.hashWithSalt` latitude
+      `Prelude.hashWithSalt` longitude
+
+instance Prelude.NFData LocationAction where
+  rnf LocationAction' {..} =
+    Prelude.rnf timestamp
+      `Prelude.seq` Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf trackerName
+      `Prelude.seq` Prelude.rnf deviceId
+      `Prelude.seq` Prelude.rnf latitude
+      `Prelude.seq` Prelude.rnf longitude
+
+instance Data.ToJSON LocationAction where
+  toJSON LocationAction' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("timestamp" Data..=) Prelude.<$> timestamp,
+            Prelude.Just ("roleArn" Data..= roleArn),
+            Prelude.Just ("trackerName" Data..= trackerName),
+            Prelude.Just ("deviceId" Data..= deviceId),
+            Prelude.Just ("latitude" Data..= latitude),
+            Prelude.Just ("longitude" Data..= longitude)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/LocationTimestamp.hs b/gen/Amazonka/IoT/Types/LocationTimestamp.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/LocationTimestamp.hs
@@ -0,0 +1,107 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.LocationTimestamp
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.LocationTimestamp where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes how to interpret an application-defined timestamp value from
+-- an MQTT message payload and the precision of that value.
+--
+-- /See:/ 'newLocationTimestamp' smart constructor.
+data LocationTimestamp = LocationTimestamp'
+  { -- | The precision of the timestamp value that results from the expression
+    -- described in @value@.
+    --
+    -- Valid values: @SECONDS@ | @MILLISECONDS@ | @MICROSECONDS@ |
+    -- @NANOSECONDS@. The default is @MILLISECONDS@.
+    unit :: Prelude.Maybe Prelude.Text,
+    -- | An expression that returns a long epoch time value.
+    value :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'LocationTimestamp' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'unit', 'locationTimestamp_unit' - The precision of the timestamp value that results from the expression
+-- described in @value@.
+--
+-- Valid values: @SECONDS@ | @MILLISECONDS@ | @MICROSECONDS@ |
+-- @NANOSECONDS@. The default is @MILLISECONDS@.
+--
+-- 'value', 'locationTimestamp_value' - An expression that returns a long epoch time value.
+newLocationTimestamp ::
+  -- | 'value'
+  Prelude.Text ->
+  LocationTimestamp
+newLocationTimestamp pValue_ =
+  LocationTimestamp'
+    { unit = Prelude.Nothing,
+      value = pValue_
+    }
+
+-- | The precision of the timestamp value that results from the expression
+-- described in @value@.
+--
+-- Valid values: @SECONDS@ | @MILLISECONDS@ | @MICROSECONDS@ |
+-- @NANOSECONDS@. The default is @MILLISECONDS@.
+locationTimestamp_unit :: Lens.Lens' LocationTimestamp (Prelude.Maybe Prelude.Text)
+locationTimestamp_unit = Lens.lens (\LocationTimestamp' {unit} -> unit) (\s@LocationTimestamp' {} a -> s {unit = a} :: LocationTimestamp)
+
+-- | An expression that returns a long epoch time value.
+locationTimestamp_value :: Lens.Lens' LocationTimestamp Prelude.Text
+locationTimestamp_value = Lens.lens (\LocationTimestamp' {value} -> value) (\s@LocationTimestamp' {} a -> s {value = a} :: LocationTimestamp)
+
+instance Data.FromJSON LocationTimestamp where
+  parseJSON =
+    Data.withObject
+      "LocationTimestamp"
+      ( \x ->
+          LocationTimestamp'
+            Prelude.<$> (x Data..:? "unit")
+            Prelude.<*> (x Data..: "value")
+      )
+
+instance Prelude.Hashable LocationTimestamp where
+  hashWithSalt _salt LocationTimestamp' {..} =
+    _salt
+      `Prelude.hashWithSalt` unit
+      `Prelude.hashWithSalt` value
+
+instance Prelude.NFData LocationTimestamp where
+  rnf LocationTimestamp' {..} =
+    Prelude.rnf unit `Prelude.seq` Prelude.rnf value
+
+instance Data.ToJSON LocationTimestamp where
+  toJSON LocationTimestamp' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("unit" Data..=) Prelude.<$> unit,
+            Prelude.Just ("value" Data..= value)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/LogLevel.hs b/gen/Amazonka/IoT/Types/LogLevel.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/LogLevel.hs
@@ -0,0 +1,86 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.LogLevel
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.LogLevel
+  ( LogLevel
+      ( ..,
+        LogLevel_DEBUG,
+        LogLevel_DISABLED,
+        LogLevel_ERROR,
+        LogLevel_INFO,
+        LogLevel_WARN
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype LogLevel = LogLevel'
+  { fromLogLevel ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern LogLevel_DEBUG :: LogLevel
+pattern LogLevel_DEBUG = LogLevel' "DEBUG"
+
+pattern LogLevel_DISABLED :: LogLevel
+pattern LogLevel_DISABLED = LogLevel' "DISABLED"
+
+pattern LogLevel_ERROR :: LogLevel
+pattern LogLevel_ERROR = LogLevel' "ERROR"
+
+pattern LogLevel_INFO :: LogLevel
+pattern LogLevel_INFO = LogLevel' "INFO"
+
+pattern LogLevel_WARN :: LogLevel
+pattern LogLevel_WARN = LogLevel' "WARN"
+
+{-# COMPLETE
+  LogLevel_DEBUG,
+  LogLevel_DISABLED,
+  LogLevel_ERROR,
+  LogLevel_INFO,
+  LogLevel_WARN,
+  LogLevel'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/LogTarget.hs b/gen/Amazonka/IoT/Types/LogTarget.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/LogTarget.hs
@@ -0,0 +1,96 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.LogTarget
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.LogTarget where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.LogTargetType
+import qualified Amazonka.Prelude as Prelude
+
+-- | A log target.
+--
+-- /See:/ 'newLogTarget' smart constructor.
+data LogTarget = LogTarget'
+  { -- | The target name.
+    targetName :: Prelude.Maybe Prelude.Text,
+    -- | The target type.
+    targetType :: LogTargetType
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'LogTarget' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'targetName', 'logTarget_targetName' - The target name.
+--
+-- 'targetType', 'logTarget_targetType' - The target type.
+newLogTarget ::
+  -- | 'targetType'
+  LogTargetType ->
+  LogTarget
+newLogTarget pTargetType_ =
+  LogTarget'
+    { targetName = Prelude.Nothing,
+      targetType = pTargetType_
+    }
+
+-- | The target name.
+logTarget_targetName :: Lens.Lens' LogTarget (Prelude.Maybe Prelude.Text)
+logTarget_targetName = Lens.lens (\LogTarget' {targetName} -> targetName) (\s@LogTarget' {} a -> s {targetName = a} :: LogTarget)
+
+-- | The target type.
+logTarget_targetType :: Lens.Lens' LogTarget LogTargetType
+logTarget_targetType = Lens.lens (\LogTarget' {targetType} -> targetType) (\s@LogTarget' {} a -> s {targetType = a} :: LogTarget)
+
+instance Data.FromJSON LogTarget where
+  parseJSON =
+    Data.withObject
+      "LogTarget"
+      ( \x ->
+          LogTarget'
+            Prelude.<$> (x Data..:? "targetName")
+            Prelude.<*> (x Data..: "targetType")
+      )
+
+instance Prelude.Hashable LogTarget where
+  hashWithSalt _salt LogTarget' {..} =
+    _salt
+      `Prelude.hashWithSalt` targetName
+      `Prelude.hashWithSalt` targetType
+
+instance Prelude.NFData LogTarget where
+  rnf LogTarget' {..} =
+    Prelude.rnf targetName
+      `Prelude.seq` Prelude.rnf targetType
+
+instance Data.ToJSON LogTarget where
+  toJSON LogTarget' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("targetName" Data..=) Prelude.<$> targetName,
+            Prelude.Just ("targetType" Data..= targetType)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/LogTargetConfiguration.hs b/gen/Amazonka/IoT/Types/LogTargetConfiguration.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/LogTargetConfiguration.hs
@@ -0,0 +1,86 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.LogTargetConfiguration
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.LogTargetConfiguration where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.LogLevel
+import Amazonka.IoT.Types.LogTarget
+import qualified Amazonka.Prelude as Prelude
+
+-- | The target configuration.
+--
+-- /See:/ 'newLogTargetConfiguration' smart constructor.
+data LogTargetConfiguration = LogTargetConfiguration'
+  { -- | The logging level.
+    logLevel :: Prelude.Maybe LogLevel,
+    -- | A log target
+    logTarget :: Prelude.Maybe LogTarget
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'LogTargetConfiguration' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'logLevel', 'logTargetConfiguration_logLevel' - The logging level.
+--
+-- 'logTarget', 'logTargetConfiguration_logTarget' - A log target
+newLogTargetConfiguration ::
+  LogTargetConfiguration
+newLogTargetConfiguration =
+  LogTargetConfiguration'
+    { logLevel = Prelude.Nothing,
+      logTarget = Prelude.Nothing
+    }
+
+-- | The logging level.
+logTargetConfiguration_logLevel :: Lens.Lens' LogTargetConfiguration (Prelude.Maybe LogLevel)
+logTargetConfiguration_logLevel = Lens.lens (\LogTargetConfiguration' {logLevel} -> logLevel) (\s@LogTargetConfiguration' {} a -> s {logLevel = a} :: LogTargetConfiguration)
+
+-- | A log target
+logTargetConfiguration_logTarget :: Lens.Lens' LogTargetConfiguration (Prelude.Maybe LogTarget)
+logTargetConfiguration_logTarget = Lens.lens (\LogTargetConfiguration' {logTarget} -> logTarget) (\s@LogTargetConfiguration' {} a -> s {logTarget = a} :: LogTargetConfiguration)
+
+instance Data.FromJSON LogTargetConfiguration where
+  parseJSON =
+    Data.withObject
+      "LogTargetConfiguration"
+      ( \x ->
+          LogTargetConfiguration'
+            Prelude.<$> (x Data..:? "logLevel")
+            Prelude.<*> (x Data..:? "logTarget")
+      )
+
+instance Prelude.Hashable LogTargetConfiguration where
+  hashWithSalt _salt LogTargetConfiguration' {..} =
+    _salt
+      `Prelude.hashWithSalt` logLevel
+      `Prelude.hashWithSalt` logTarget
+
+instance Prelude.NFData LogTargetConfiguration where
+  rnf LogTargetConfiguration' {..} =
+    Prelude.rnf logLevel
+      `Prelude.seq` Prelude.rnf logTarget
diff --git a/gen/Amazonka/IoT/Types/LogTargetType.hs b/gen/Amazonka/IoT/Types/LogTargetType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/LogTargetType.hs
@@ -0,0 +1,86 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.LogTargetType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.LogTargetType
+  ( LogTargetType
+      ( ..,
+        LogTargetType_CLIENT_ID,
+        LogTargetType_DEFAULT,
+        LogTargetType_PRINCIPAL_ID,
+        LogTargetType_SOURCE_IP,
+        LogTargetType_THING_GROUP
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype LogTargetType = LogTargetType'
+  { fromLogTargetType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern LogTargetType_CLIENT_ID :: LogTargetType
+pattern LogTargetType_CLIENT_ID = LogTargetType' "CLIENT_ID"
+
+pattern LogTargetType_DEFAULT :: LogTargetType
+pattern LogTargetType_DEFAULT = LogTargetType' "DEFAULT"
+
+pattern LogTargetType_PRINCIPAL_ID :: LogTargetType
+pattern LogTargetType_PRINCIPAL_ID = LogTargetType' "PRINCIPAL_ID"
+
+pattern LogTargetType_SOURCE_IP :: LogTargetType
+pattern LogTargetType_SOURCE_IP = LogTargetType' "SOURCE_IP"
+
+pattern LogTargetType_THING_GROUP :: LogTargetType
+pattern LogTargetType_THING_GROUP = LogTargetType' "THING_GROUP"
+
+{-# COMPLETE
+  LogTargetType_CLIENT_ID,
+  LogTargetType_DEFAULT,
+  LogTargetType_PRINCIPAL_ID,
+  LogTargetType_SOURCE_IP,
+  LogTargetType_THING_GROUP,
+  LogTargetType'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/LoggingOptionsPayload.hs b/gen/Amazonka/IoT/Types/LoggingOptionsPayload.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/LoggingOptionsPayload.hs
@@ -0,0 +1,86 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.LoggingOptionsPayload
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.LoggingOptionsPayload where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.LogLevel
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes the logging options payload.
+--
+-- /See:/ 'newLoggingOptionsPayload' smart constructor.
+data LoggingOptionsPayload = LoggingOptionsPayload'
+  { -- | The log level.
+    logLevel :: Prelude.Maybe LogLevel,
+    -- | The ARN of the IAM role that grants access.
+    roleArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'LoggingOptionsPayload' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'logLevel', 'loggingOptionsPayload_logLevel' - The log level.
+--
+-- 'roleArn', 'loggingOptionsPayload_roleArn' - The ARN of the IAM role that grants access.
+newLoggingOptionsPayload ::
+  -- | 'roleArn'
+  Prelude.Text ->
+  LoggingOptionsPayload
+newLoggingOptionsPayload pRoleArn_ =
+  LoggingOptionsPayload'
+    { logLevel = Prelude.Nothing,
+      roleArn = pRoleArn_
+    }
+
+-- | The log level.
+loggingOptionsPayload_logLevel :: Lens.Lens' LoggingOptionsPayload (Prelude.Maybe LogLevel)
+loggingOptionsPayload_logLevel = Lens.lens (\LoggingOptionsPayload' {logLevel} -> logLevel) (\s@LoggingOptionsPayload' {} a -> s {logLevel = a} :: LoggingOptionsPayload)
+
+-- | The ARN of the IAM role that grants access.
+loggingOptionsPayload_roleArn :: Lens.Lens' LoggingOptionsPayload Prelude.Text
+loggingOptionsPayload_roleArn = Lens.lens (\LoggingOptionsPayload' {roleArn} -> roleArn) (\s@LoggingOptionsPayload' {} a -> s {roleArn = a} :: LoggingOptionsPayload)
+
+instance Prelude.Hashable LoggingOptionsPayload where
+  hashWithSalt _salt LoggingOptionsPayload' {..} =
+    _salt
+      `Prelude.hashWithSalt` logLevel
+      `Prelude.hashWithSalt` roleArn
+
+instance Prelude.NFData LoggingOptionsPayload where
+  rnf LoggingOptionsPayload' {..} =
+    Prelude.rnf logLevel
+      `Prelude.seq` Prelude.rnf roleArn
+
+instance Data.ToJSON LoggingOptionsPayload where
+  toJSON LoggingOptionsPayload' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("logLevel" Data..=) Prelude.<$> logLevel,
+            Prelude.Just ("roleArn" Data..= roleArn)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/MachineLearningDetectionConfig.hs b/gen/Amazonka/IoT/Types/MachineLearningDetectionConfig.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/MachineLearningDetectionConfig.hs
@@ -0,0 +1,95 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.MachineLearningDetectionConfig
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.MachineLearningDetectionConfig where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.ConfidenceLevel
+import qualified Amazonka.Prelude as Prelude
+
+-- | The configuration of an ML Detect Security Profile.
+--
+-- /See:/ 'newMachineLearningDetectionConfig' smart constructor.
+data MachineLearningDetectionConfig = MachineLearningDetectionConfig'
+  { -- | The sensitivity of anomalous behavior evaluation. Can be @Low@,
+    -- @Medium@, or @High@.
+    confidenceLevel :: ConfidenceLevel
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'MachineLearningDetectionConfig' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'confidenceLevel', 'machineLearningDetectionConfig_confidenceLevel' - The sensitivity of anomalous behavior evaluation. Can be @Low@,
+-- @Medium@, or @High@.
+newMachineLearningDetectionConfig ::
+  -- | 'confidenceLevel'
+  ConfidenceLevel ->
+  MachineLearningDetectionConfig
+newMachineLearningDetectionConfig pConfidenceLevel_ =
+  MachineLearningDetectionConfig'
+    { confidenceLevel =
+        pConfidenceLevel_
+    }
+
+-- | The sensitivity of anomalous behavior evaluation. Can be @Low@,
+-- @Medium@, or @High@.
+machineLearningDetectionConfig_confidenceLevel :: Lens.Lens' MachineLearningDetectionConfig ConfidenceLevel
+machineLearningDetectionConfig_confidenceLevel = Lens.lens (\MachineLearningDetectionConfig' {confidenceLevel} -> confidenceLevel) (\s@MachineLearningDetectionConfig' {} a -> s {confidenceLevel = a} :: MachineLearningDetectionConfig)
+
+instance Data.FromJSON MachineLearningDetectionConfig where
+  parseJSON =
+    Data.withObject
+      "MachineLearningDetectionConfig"
+      ( \x ->
+          MachineLearningDetectionConfig'
+            Prelude.<$> (x Data..: "confidenceLevel")
+      )
+
+instance
+  Prelude.Hashable
+    MachineLearningDetectionConfig
+  where
+  hashWithSalt
+    _salt
+    MachineLearningDetectionConfig' {..} =
+      _salt `Prelude.hashWithSalt` confidenceLevel
+
+instance
+  Prelude.NFData
+    MachineLearningDetectionConfig
+  where
+  rnf MachineLearningDetectionConfig' {..} =
+    Prelude.rnf confidenceLevel
+
+instance Data.ToJSON MachineLearningDetectionConfig where
+  toJSON MachineLearningDetectionConfig' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just
+              ("confidenceLevel" Data..= confidenceLevel)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/ManagedJobTemplateSummary.hs b/gen/Amazonka/IoT/Types/ManagedJobTemplateSummary.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ManagedJobTemplateSummary.hs
@@ -0,0 +1,121 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ManagedJobTemplateSummary
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ManagedJobTemplateSummary where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | An object that contains information about the managed template.
+--
+-- /See:/ 'newManagedJobTemplateSummary' smart constructor.
+data ManagedJobTemplateSummary = ManagedJobTemplateSummary'
+  { -- | The description for a managed template.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | A list of environments that are supported with the managed job template.
+    environments :: Prelude.Maybe [Prelude.Text],
+    -- | The Amazon Resource Name (ARN) for a managed template.
+    templateArn :: Prelude.Maybe Prelude.Text,
+    -- | The unique Name for a managed template.
+    templateName :: Prelude.Maybe Prelude.Text,
+    -- | The version for a managed template.
+    templateVersion :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ManagedJobTemplateSummary' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'description', 'managedJobTemplateSummary_description' - The description for a managed template.
+--
+-- 'environments', 'managedJobTemplateSummary_environments' - A list of environments that are supported with the managed job template.
+--
+-- 'templateArn', 'managedJobTemplateSummary_templateArn' - The Amazon Resource Name (ARN) for a managed template.
+--
+-- 'templateName', 'managedJobTemplateSummary_templateName' - The unique Name for a managed template.
+--
+-- 'templateVersion', 'managedJobTemplateSummary_templateVersion' - The version for a managed template.
+newManagedJobTemplateSummary ::
+  ManagedJobTemplateSummary
+newManagedJobTemplateSummary =
+  ManagedJobTemplateSummary'
+    { description =
+        Prelude.Nothing,
+      environments = Prelude.Nothing,
+      templateArn = Prelude.Nothing,
+      templateName = Prelude.Nothing,
+      templateVersion = Prelude.Nothing
+    }
+
+-- | The description for a managed template.
+managedJobTemplateSummary_description :: Lens.Lens' ManagedJobTemplateSummary (Prelude.Maybe Prelude.Text)
+managedJobTemplateSummary_description = Lens.lens (\ManagedJobTemplateSummary' {description} -> description) (\s@ManagedJobTemplateSummary' {} a -> s {description = a} :: ManagedJobTemplateSummary)
+
+-- | A list of environments that are supported with the managed job template.
+managedJobTemplateSummary_environments :: Lens.Lens' ManagedJobTemplateSummary (Prelude.Maybe [Prelude.Text])
+managedJobTemplateSummary_environments = Lens.lens (\ManagedJobTemplateSummary' {environments} -> environments) (\s@ManagedJobTemplateSummary' {} a -> s {environments = a} :: ManagedJobTemplateSummary) Prelude.. Lens.mapping Lens.coerced
+
+-- | The Amazon Resource Name (ARN) for a managed template.
+managedJobTemplateSummary_templateArn :: Lens.Lens' ManagedJobTemplateSummary (Prelude.Maybe Prelude.Text)
+managedJobTemplateSummary_templateArn = Lens.lens (\ManagedJobTemplateSummary' {templateArn} -> templateArn) (\s@ManagedJobTemplateSummary' {} a -> s {templateArn = a} :: ManagedJobTemplateSummary)
+
+-- | The unique Name for a managed template.
+managedJobTemplateSummary_templateName :: Lens.Lens' ManagedJobTemplateSummary (Prelude.Maybe Prelude.Text)
+managedJobTemplateSummary_templateName = Lens.lens (\ManagedJobTemplateSummary' {templateName} -> templateName) (\s@ManagedJobTemplateSummary' {} a -> s {templateName = a} :: ManagedJobTemplateSummary)
+
+-- | The version for a managed template.
+managedJobTemplateSummary_templateVersion :: Lens.Lens' ManagedJobTemplateSummary (Prelude.Maybe Prelude.Text)
+managedJobTemplateSummary_templateVersion = Lens.lens (\ManagedJobTemplateSummary' {templateVersion} -> templateVersion) (\s@ManagedJobTemplateSummary' {} a -> s {templateVersion = a} :: ManagedJobTemplateSummary)
+
+instance Data.FromJSON ManagedJobTemplateSummary where
+  parseJSON =
+    Data.withObject
+      "ManagedJobTemplateSummary"
+      ( \x ->
+          ManagedJobTemplateSummary'
+            Prelude.<$> (x Data..:? "description")
+            Prelude.<*> (x Data..:? "environments" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..:? "templateArn")
+            Prelude.<*> (x Data..:? "templateName")
+            Prelude.<*> (x Data..:? "templateVersion")
+      )
+
+instance Prelude.Hashable ManagedJobTemplateSummary where
+  hashWithSalt _salt ManagedJobTemplateSummary' {..} =
+    _salt
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` environments
+      `Prelude.hashWithSalt` templateArn
+      `Prelude.hashWithSalt` templateName
+      `Prelude.hashWithSalt` templateVersion
+
+instance Prelude.NFData ManagedJobTemplateSummary where
+  rnf ManagedJobTemplateSummary' {..} =
+    Prelude.rnf description
+      `Prelude.seq` Prelude.rnf environments
+      `Prelude.seq` Prelude.rnf templateArn
+      `Prelude.seq` Prelude.rnf templateName
+      `Prelude.seq` Prelude.rnf templateVersion
diff --git a/gen/Amazonka/IoT/Types/MessageFormat.hs b/gen/Amazonka/IoT/Types/MessageFormat.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/MessageFormat.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.MessageFormat
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.MessageFormat
+  ( MessageFormat
+      ( ..,
+        MessageFormat_JSON,
+        MessageFormat_RAW
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype MessageFormat = MessageFormat'
+  { fromMessageFormat ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern MessageFormat_JSON :: MessageFormat
+pattern MessageFormat_JSON = MessageFormat' "JSON"
+
+pattern MessageFormat_RAW :: MessageFormat
+pattern MessageFormat_RAW = MessageFormat' "RAW"
+
+{-# COMPLETE
+  MessageFormat_JSON,
+  MessageFormat_RAW,
+  MessageFormat'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/MetricDatum.hs b/gen/Amazonka/IoT/Types/MetricDatum.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/MetricDatum.hs
@@ -0,0 +1,85 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.MetricDatum
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.MetricDatum where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.MetricValue
+import qualified Amazonka.Prelude as Prelude
+
+-- | A metric.
+--
+-- /See:/ 'newMetricDatum' smart constructor.
+data MetricDatum = MetricDatum'
+  { -- | The time the metric value was reported.
+    timestamp :: Prelude.Maybe Data.POSIX,
+    -- | The value reported for the metric.
+    value :: Prelude.Maybe MetricValue
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'MetricDatum' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'timestamp', 'metricDatum_timestamp' - The time the metric value was reported.
+--
+-- 'value', 'metricDatum_value' - The value reported for the metric.
+newMetricDatum ::
+  MetricDatum
+newMetricDatum =
+  MetricDatum'
+    { timestamp = Prelude.Nothing,
+      value = Prelude.Nothing
+    }
+
+-- | The time the metric value was reported.
+metricDatum_timestamp :: Lens.Lens' MetricDatum (Prelude.Maybe Prelude.UTCTime)
+metricDatum_timestamp = Lens.lens (\MetricDatum' {timestamp} -> timestamp) (\s@MetricDatum' {} a -> s {timestamp = a} :: MetricDatum) Prelude.. Lens.mapping Data._Time
+
+-- | The value reported for the metric.
+metricDatum_value :: Lens.Lens' MetricDatum (Prelude.Maybe MetricValue)
+metricDatum_value = Lens.lens (\MetricDatum' {value} -> value) (\s@MetricDatum' {} a -> s {value = a} :: MetricDatum)
+
+instance Data.FromJSON MetricDatum where
+  parseJSON =
+    Data.withObject
+      "MetricDatum"
+      ( \x ->
+          MetricDatum'
+            Prelude.<$> (x Data..:? "timestamp")
+            Prelude.<*> (x Data..:? "value")
+      )
+
+instance Prelude.Hashable MetricDatum where
+  hashWithSalt _salt MetricDatum' {..} =
+    _salt
+      `Prelude.hashWithSalt` timestamp
+      `Prelude.hashWithSalt` value
+
+instance Prelude.NFData MetricDatum where
+  rnf MetricDatum' {..} =
+    Prelude.rnf timestamp
+      `Prelude.seq` Prelude.rnf value
diff --git a/gen/Amazonka/IoT/Types/MetricDimension.hs b/gen/Amazonka/IoT/Types/MetricDimension.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/MetricDimension.hs
@@ -0,0 +1,112 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.MetricDimension
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.MetricDimension where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.DimensionValueOperator
+import qualified Amazonka.Prelude as Prelude
+
+-- | The dimension of a metric.
+--
+-- /See:/ 'newMetricDimension' smart constructor.
+data MetricDimension = MetricDimension'
+  { -- | Defines how the @dimensionValues@ of a dimension are interpreted. For
+    -- example, for dimension type TOPIC_FILTER, the @IN@ operator, a message
+    -- will be counted only if its topic matches one of the topic filters. With
+    -- @NOT_IN@ operator, a message will be counted only if it doesn\'t match
+    -- any of the topic filters. The operator is optional: if it\'s not
+    -- provided (is @null@), it will be interpreted as @IN@.
+    operator :: Prelude.Maybe DimensionValueOperator,
+    -- | A unique identifier for the dimension.
+    dimensionName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'MetricDimension' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'operator', 'metricDimension_operator' - Defines how the @dimensionValues@ of a dimension are interpreted. For
+-- example, for dimension type TOPIC_FILTER, the @IN@ operator, a message
+-- will be counted only if its topic matches one of the topic filters. With
+-- @NOT_IN@ operator, a message will be counted only if it doesn\'t match
+-- any of the topic filters. The operator is optional: if it\'s not
+-- provided (is @null@), it will be interpreted as @IN@.
+--
+-- 'dimensionName', 'metricDimension_dimensionName' - A unique identifier for the dimension.
+newMetricDimension ::
+  -- | 'dimensionName'
+  Prelude.Text ->
+  MetricDimension
+newMetricDimension pDimensionName_ =
+  MetricDimension'
+    { operator = Prelude.Nothing,
+      dimensionName = pDimensionName_
+    }
+
+-- | Defines how the @dimensionValues@ of a dimension are interpreted. For
+-- example, for dimension type TOPIC_FILTER, the @IN@ operator, a message
+-- will be counted only if its topic matches one of the topic filters. With
+-- @NOT_IN@ operator, a message will be counted only if it doesn\'t match
+-- any of the topic filters. The operator is optional: if it\'s not
+-- provided (is @null@), it will be interpreted as @IN@.
+metricDimension_operator :: Lens.Lens' MetricDimension (Prelude.Maybe DimensionValueOperator)
+metricDimension_operator = Lens.lens (\MetricDimension' {operator} -> operator) (\s@MetricDimension' {} a -> s {operator = a} :: MetricDimension)
+
+-- | A unique identifier for the dimension.
+metricDimension_dimensionName :: Lens.Lens' MetricDimension Prelude.Text
+metricDimension_dimensionName = Lens.lens (\MetricDimension' {dimensionName} -> dimensionName) (\s@MetricDimension' {} a -> s {dimensionName = a} :: MetricDimension)
+
+instance Data.FromJSON MetricDimension where
+  parseJSON =
+    Data.withObject
+      "MetricDimension"
+      ( \x ->
+          MetricDimension'
+            Prelude.<$> (x Data..:? "operator")
+            Prelude.<*> (x Data..: "dimensionName")
+      )
+
+instance Prelude.Hashable MetricDimension where
+  hashWithSalt _salt MetricDimension' {..} =
+    _salt
+      `Prelude.hashWithSalt` operator
+      `Prelude.hashWithSalt` dimensionName
+
+instance Prelude.NFData MetricDimension where
+  rnf MetricDimension' {..} =
+    Prelude.rnf operator
+      `Prelude.seq` Prelude.rnf dimensionName
+
+instance Data.ToJSON MetricDimension where
+  toJSON MetricDimension' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("operator" Data..=) Prelude.<$> operator,
+            Prelude.Just
+              ("dimensionName" Data..= dimensionName)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/MetricToRetain.hs b/gen/Amazonka/IoT/Types/MetricToRetain.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/MetricToRetain.hs
@@ -0,0 +1,97 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.MetricToRetain
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.MetricToRetain where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.MetricDimension
+import qualified Amazonka.Prelude as Prelude
+
+-- | The metric you want to retain. Dimensions are optional.
+--
+-- /See:/ 'newMetricToRetain' smart constructor.
+data MetricToRetain = MetricToRetain'
+  { -- | The dimension of a metric. This can\'t be used with custom metrics.
+    metricDimension :: Prelude.Maybe MetricDimension,
+    -- | What is measured by the behavior.
+    metric :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'MetricToRetain' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'metricDimension', 'metricToRetain_metricDimension' - The dimension of a metric. This can\'t be used with custom metrics.
+--
+-- 'metric', 'metricToRetain_metric' - What is measured by the behavior.
+newMetricToRetain ::
+  -- | 'metric'
+  Prelude.Text ->
+  MetricToRetain
+newMetricToRetain pMetric_ =
+  MetricToRetain'
+    { metricDimension = Prelude.Nothing,
+      metric = pMetric_
+    }
+
+-- | The dimension of a metric. This can\'t be used with custom metrics.
+metricToRetain_metricDimension :: Lens.Lens' MetricToRetain (Prelude.Maybe MetricDimension)
+metricToRetain_metricDimension = Lens.lens (\MetricToRetain' {metricDimension} -> metricDimension) (\s@MetricToRetain' {} a -> s {metricDimension = a} :: MetricToRetain)
+
+-- | What is measured by the behavior.
+metricToRetain_metric :: Lens.Lens' MetricToRetain Prelude.Text
+metricToRetain_metric = Lens.lens (\MetricToRetain' {metric} -> metric) (\s@MetricToRetain' {} a -> s {metric = a} :: MetricToRetain)
+
+instance Data.FromJSON MetricToRetain where
+  parseJSON =
+    Data.withObject
+      "MetricToRetain"
+      ( \x ->
+          MetricToRetain'
+            Prelude.<$> (x Data..:? "metricDimension")
+            Prelude.<*> (x Data..: "metric")
+      )
+
+instance Prelude.Hashable MetricToRetain where
+  hashWithSalt _salt MetricToRetain' {..} =
+    _salt
+      `Prelude.hashWithSalt` metricDimension
+      `Prelude.hashWithSalt` metric
+
+instance Prelude.NFData MetricToRetain where
+  rnf MetricToRetain' {..} =
+    Prelude.rnf metricDimension
+      `Prelude.seq` Prelude.rnf metric
+
+instance Data.ToJSON MetricToRetain where
+  toJSON MetricToRetain' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("metricDimension" Data..=)
+              Prelude.<$> metricDimension,
+            Prelude.Just ("metric" Data..= metric)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/MetricValue.hs b/gen/Amazonka/IoT/Types/MetricValue.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/MetricValue.hs
@@ -0,0 +1,154 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.MetricValue
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.MetricValue where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The value to be compared with the @metric@.
+--
+-- /See:/ 'newMetricValue' smart constructor.
+data MetricValue = MetricValue'
+  { -- | If the @comparisonOperator@ calls for a set of CIDRs, use this to
+    -- specify that set to be compared with the @metric@.
+    cidrs :: Prelude.Maybe [Prelude.Text],
+    -- | If the @comparisonOperator@ calls for a numeric value, use this to
+    -- specify that numeric value to be compared with the @metric@.
+    count :: Prelude.Maybe Prelude.Natural,
+    -- | The numeral value of a metric.
+    number :: Prelude.Maybe Prelude.Double,
+    -- | The numeral values of a metric.
+    numbers :: Prelude.Maybe [Prelude.Double],
+    -- | If the @comparisonOperator@ calls for a set of ports, use this to
+    -- specify that set to be compared with the @metric@.
+    ports :: Prelude.Maybe [Prelude.Natural],
+    -- | The string values of a metric.
+    strings :: Prelude.Maybe [Prelude.Text]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'MetricValue' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'cidrs', 'metricValue_cidrs' - If the @comparisonOperator@ calls for a set of CIDRs, use this to
+-- specify that set to be compared with the @metric@.
+--
+-- 'count', 'metricValue_count' - If the @comparisonOperator@ calls for a numeric value, use this to
+-- specify that numeric value to be compared with the @metric@.
+--
+-- 'number', 'metricValue_number' - The numeral value of a metric.
+--
+-- 'numbers', 'metricValue_numbers' - The numeral values of a metric.
+--
+-- 'ports', 'metricValue_ports' - If the @comparisonOperator@ calls for a set of ports, use this to
+-- specify that set to be compared with the @metric@.
+--
+-- 'strings', 'metricValue_strings' - The string values of a metric.
+newMetricValue ::
+  MetricValue
+newMetricValue =
+  MetricValue'
+    { cidrs = Prelude.Nothing,
+      count = Prelude.Nothing,
+      number = Prelude.Nothing,
+      numbers = Prelude.Nothing,
+      ports = Prelude.Nothing,
+      strings = Prelude.Nothing
+    }
+
+-- | If the @comparisonOperator@ calls for a set of CIDRs, use this to
+-- specify that set to be compared with the @metric@.
+metricValue_cidrs :: Lens.Lens' MetricValue (Prelude.Maybe [Prelude.Text])
+metricValue_cidrs = Lens.lens (\MetricValue' {cidrs} -> cidrs) (\s@MetricValue' {} a -> s {cidrs = a} :: MetricValue) Prelude.. Lens.mapping Lens.coerced
+
+-- | If the @comparisonOperator@ calls for a numeric value, use this to
+-- specify that numeric value to be compared with the @metric@.
+metricValue_count :: Lens.Lens' MetricValue (Prelude.Maybe Prelude.Natural)
+metricValue_count = Lens.lens (\MetricValue' {count} -> count) (\s@MetricValue' {} a -> s {count = a} :: MetricValue)
+
+-- | The numeral value of a metric.
+metricValue_number :: Lens.Lens' MetricValue (Prelude.Maybe Prelude.Double)
+metricValue_number = Lens.lens (\MetricValue' {number} -> number) (\s@MetricValue' {} a -> s {number = a} :: MetricValue)
+
+-- | The numeral values of a metric.
+metricValue_numbers :: Lens.Lens' MetricValue (Prelude.Maybe [Prelude.Double])
+metricValue_numbers = Lens.lens (\MetricValue' {numbers} -> numbers) (\s@MetricValue' {} a -> s {numbers = a} :: MetricValue) Prelude.. Lens.mapping Lens.coerced
+
+-- | If the @comparisonOperator@ calls for a set of ports, use this to
+-- specify that set to be compared with the @metric@.
+metricValue_ports :: Lens.Lens' MetricValue (Prelude.Maybe [Prelude.Natural])
+metricValue_ports = Lens.lens (\MetricValue' {ports} -> ports) (\s@MetricValue' {} a -> s {ports = a} :: MetricValue) Prelude.. Lens.mapping Lens.coerced
+
+-- | The string values of a metric.
+metricValue_strings :: Lens.Lens' MetricValue (Prelude.Maybe [Prelude.Text])
+metricValue_strings = Lens.lens (\MetricValue' {strings} -> strings) (\s@MetricValue' {} a -> s {strings = a} :: MetricValue) Prelude.. Lens.mapping Lens.coerced
+
+instance Data.FromJSON MetricValue where
+  parseJSON =
+    Data.withObject
+      "MetricValue"
+      ( \x ->
+          MetricValue'
+            Prelude.<$> (x Data..:? "cidrs" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..:? "count")
+            Prelude.<*> (x Data..:? "number")
+            Prelude.<*> (x Data..:? "numbers" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..:? "ports" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..:? "strings" Data..!= Prelude.mempty)
+      )
+
+instance Prelude.Hashable MetricValue where
+  hashWithSalt _salt MetricValue' {..} =
+    _salt
+      `Prelude.hashWithSalt` cidrs
+      `Prelude.hashWithSalt` count
+      `Prelude.hashWithSalt` number
+      `Prelude.hashWithSalt` numbers
+      `Prelude.hashWithSalt` ports
+      `Prelude.hashWithSalt` strings
+
+instance Prelude.NFData MetricValue where
+  rnf MetricValue' {..} =
+    Prelude.rnf cidrs
+      `Prelude.seq` Prelude.rnf count
+      `Prelude.seq` Prelude.rnf number
+      `Prelude.seq` Prelude.rnf numbers
+      `Prelude.seq` Prelude.rnf ports
+      `Prelude.seq` Prelude.rnf strings
+
+instance Data.ToJSON MetricValue where
+  toJSON MetricValue' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("cidrs" Data..=) Prelude.<$> cidrs,
+            ("count" Data..=) Prelude.<$> count,
+            ("number" Data..=) Prelude.<$> number,
+            ("numbers" Data..=) Prelude.<$> numbers,
+            ("ports" Data..=) Prelude.<$> ports,
+            ("strings" Data..=) Prelude.<$> strings
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/MitigationAction.hs b/gen/Amazonka/IoT/Types/MitigationAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/MitigationAction.hs
@@ -0,0 +1,113 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.MitigationAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.MitigationAction where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.MitigationActionParams
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes which changes should be applied as part of a mitigation
+-- action.
+--
+-- /See:/ 'newMitigationAction' smart constructor.
+data MitigationAction = MitigationAction'
+  { -- | The set of parameters for this mitigation action. The parameters vary,
+    -- depending on the kind of action you apply.
+    actionParams :: Prelude.Maybe MitigationActionParams,
+    -- | A unique identifier for the mitigation action.
+    id :: Prelude.Maybe Prelude.Text,
+    -- | A user-friendly name for the mitigation action.
+    name :: Prelude.Maybe Prelude.Text,
+    -- | The IAM role ARN used to apply this mitigation action.
+    roleArn :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'MitigationAction' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'actionParams', 'mitigationAction_actionParams' - The set of parameters for this mitigation action. The parameters vary,
+-- depending on the kind of action you apply.
+--
+-- 'id', 'mitigationAction_id' - A unique identifier for the mitigation action.
+--
+-- 'name', 'mitigationAction_name' - A user-friendly name for the mitigation action.
+--
+-- 'roleArn', 'mitigationAction_roleArn' - The IAM role ARN used to apply this mitigation action.
+newMitigationAction ::
+  MitigationAction
+newMitigationAction =
+  MitigationAction'
+    { actionParams = Prelude.Nothing,
+      id = Prelude.Nothing,
+      name = Prelude.Nothing,
+      roleArn = Prelude.Nothing
+    }
+
+-- | The set of parameters for this mitigation action. The parameters vary,
+-- depending on the kind of action you apply.
+mitigationAction_actionParams :: Lens.Lens' MitigationAction (Prelude.Maybe MitigationActionParams)
+mitigationAction_actionParams = Lens.lens (\MitigationAction' {actionParams} -> actionParams) (\s@MitigationAction' {} a -> s {actionParams = a} :: MitigationAction)
+
+-- | A unique identifier for the mitigation action.
+mitigationAction_id :: Lens.Lens' MitigationAction (Prelude.Maybe Prelude.Text)
+mitigationAction_id = Lens.lens (\MitigationAction' {id} -> id) (\s@MitigationAction' {} a -> s {id = a} :: MitigationAction)
+
+-- | A user-friendly name for the mitigation action.
+mitigationAction_name :: Lens.Lens' MitigationAction (Prelude.Maybe Prelude.Text)
+mitigationAction_name = Lens.lens (\MitigationAction' {name} -> name) (\s@MitigationAction' {} a -> s {name = a} :: MitigationAction)
+
+-- | The IAM role ARN used to apply this mitigation action.
+mitigationAction_roleArn :: Lens.Lens' MitigationAction (Prelude.Maybe Prelude.Text)
+mitigationAction_roleArn = Lens.lens (\MitigationAction' {roleArn} -> roleArn) (\s@MitigationAction' {} a -> s {roleArn = a} :: MitigationAction)
+
+instance Data.FromJSON MitigationAction where
+  parseJSON =
+    Data.withObject
+      "MitigationAction"
+      ( \x ->
+          MitigationAction'
+            Prelude.<$> (x Data..:? "actionParams")
+            Prelude.<*> (x Data..:? "id")
+            Prelude.<*> (x Data..:? "name")
+            Prelude.<*> (x Data..:? "roleArn")
+      )
+
+instance Prelude.Hashable MitigationAction where
+  hashWithSalt _salt MitigationAction' {..} =
+    _salt
+      `Prelude.hashWithSalt` actionParams
+      `Prelude.hashWithSalt` id
+      `Prelude.hashWithSalt` name
+      `Prelude.hashWithSalt` roleArn
+
+instance Prelude.NFData MitigationAction where
+  rnf MitigationAction' {..} =
+    Prelude.rnf actionParams
+      `Prelude.seq` Prelude.rnf id
+      `Prelude.seq` Prelude.rnf name
+      `Prelude.seq` Prelude.rnf roleArn
diff --git a/gen/Amazonka/IoT/Types/MitigationActionIdentifier.hs b/gen/Amazonka/IoT/Types/MitigationActionIdentifier.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/MitigationActionIdentifier.hs
@@ -0,0 +1,98 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.MitigationActionIdentifier
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.MitigationActionIdentifier where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Information that identifies a mitigation action. This information is
+-- returned by ListMitigationActions.
+--
+-- /See:/ 'newMitigationActionIdentifier' smart constructor.
+data MitigationActionIdentifier = MitigationActionIdentifier'
+  { -- | The IAM role ARN used to apply this mitigation action.
+    actionArn :: Prelude.Maybe Prelude.Text,
+    -- | The friendly name of the mitigation action.
+    actionName :: Prelude.Maybe Prelude.Text,
+    -- | The date when this mitigation action was created.
+    creationDate :: Prelude.Maybe Data.POSIX
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'MitigationActionIdentifier' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'actionArn', 'mitigationActionIdentifier_actionArn' - The IAM role ARN used to apply this mitigation action.
+--
+-- 'actionName', 'mitigationActionIdentifier_actionName' - The friendly name of the mitigation action.
+--
+-- 'creationDate', 'mitigationActionIdentifier_creationDate' - The date when this mitigation action was created.
+newMitigationActionIdentifier ::
+  MitigationActionIdentifier
+newMitigationActionIdentifier =
+  MitigationActionIdentifier'
+    { actionArn =
+        Prelude.Nothing,
+      actionName = Prelude.Nothing,
+      creationDate = Prelude.Nothing
+    }
+
+-- | The IAM role ARN used to apply this mitigation action.
+mitigationActionIdentifier_actionArn :: Lens.Lens' MitigationActionIdentifier (Prelude.Maybe Prelude.Text)
+mitigationActionIdentifier_actionArn = Lens.lens (\MitigationActionIdentifier' {actionArn} -> actionArn) (\s@MitigationActionIdentifier' {} a -> s {actionArn = a} :: MitigationActionIdentifier)
+
+-- | The friendly name of the mitigation action.
+mitigationActionIdentifier_actionName :: Lens.Lens' MitigationActionIdentifier (Prelude.Maybe Prelude.Text)
+mitigationActionIdentifier_actionName = Lens.lens (\MitigationActionIdentifier' {actionName} -> actionName) (\s@MitigationActionIdentifier' {} a -> s {actionName = a} :: MitigationActionIdentifier)
+
+-- | The date when this mitigation action was created.
+mitigationActionIdentifier_creationDate :: Lens.Lens' MitigationActionIdentifier (Prelude.Maybe Prelude.UTCTime)
+mitigationActionIdentifier_creationDate = Lens.lens (\MitigationActionIdentifier' {creationDate} -> creationDate) (\s@MitigationActionIdentifier' {} a -> s {creationDate = a} :: MitigationActionIdentifier) Prelude.. Lens.mapping Data._Time
+
+instance Data.FromJSON MitigationActionIdentifier where
+  parseJSON =
+    Data.withObject
+      "MitigationActionIdentifier"
+      ( \x ->
+          MitigationActionIdentifier'
+            Prelude.<$> (x Data..:? "actionArn")
+            Prelude.<*> (x Data..:? "actionName")
+            Prelude.<*> (x Data..:? "creationDate")
+      )
+
+instance Prelude.Hashable MitigationActionIdentifier where
+  hashWithSalt _salt MitigationActionIdentifier' {..} =
+    _salt
+      `Prelude.hashWithSalt` actionArn
+      `Prelude.hashWithSalt` actionName
+      `Prelude.hashWithSalt` creationDate
+
+instance Prelude.NFData MitigationActionIdentifier where
+  rnf MitigationActionIdentifier' {..} =
+    Prelude.rnf actionArn
+      `Prelude.seq` Prelude.rnf actionName
+      `Prelude.seq` Prelude.rnf creationDate
diff --git a/gen/Amazonka/IoT/Types/MitigationActionParams.hs b/gen/Amazonka/IoT/Types/MitigationActionParams.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/MitigationActionParams.hs
@@ -0,0 +1,184 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.MitigationActionParams
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.MitigationActionParams where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.AddThingsToThingGroupParams
+import Amazonka.IoT.Types.EnableIoTLoggingParams
+import Amazonka.IoT.Types.PublishFindingToSnsParams
+import Amazonka.IoT.Types.ReplaceDefaultPolicyVersionParams
+import Amazonka.IoT.Types.UpdateCACertificateParams
+import Amazonka.IoT.Types.UpdateDeviceCertificateParams
+import qualified Amazonka.Prelude as Prelude
+
+-- | The set of parameters for this mitigation action. You can specify only
+-- one type of parameter (in other words, you can apply only one action for
+-- each defined mitigation action).
+--
+-- /See:/ 'newMitigationActionParams' smart constructor.
+data MitigationActionParams = MitigationActionParams'
+  { -- | Parameters to define a mitigation action that moves devices associated
+    -- with a certificate to one or more specified thing groups, typically for
+    -- quarantine.
+    addThingsToThingGroupParams :: Prelude.Maybe AddThingsToThingGroupParams,
+    -- | Parameters to define a mitigation action that enables Amazon Web
+    -- Services IoT Core logging at a specified level of detail.
+    enableIoTLoggingParams :: Prelude.Maybe EnableIoTLoggingParams,
+    -- | Parameters to define a mitigation action that publishes findings to
+    -- Amazon Simple Notification Service (Amazon SNS. You can implement your
+    -- own custom actions in response to the Amazon SNS messages.
+    publishFindingToSnsParams :: Prelude.Maybe PublishFindingToSnsParams,
+    -- | Parameters to define a mitigation action that adds a blank policy to
+    -- restrict permissions.
+    replaceDefaultPolicyVersionParams :: Prelude.Maybe ReplaceDefaultPolicyVersionParams,
+    -- | Parameters to define a mitigation action that changes the state of the
+    -- CA certificate to inactive.
+    updateCACertificateParams :: Prelude.Maybe UpdateCACertificateParams,
+    -- | Parameters to define a mitigation action that changes the state of the
+    -- device certificate to inactive.
+    updateDeviceCertificateParams :: Prelude.Maybe UpdateDeviceCertificateParams
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'MitigationActionParams' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'addThingsToThingGroupParams', 'mitigationActionParams_addThingsToThingGroupParams' - Parameters to define a mitigation action that moves devices associated
+-- with a certificate to one or more specified thing groups, typically for
+-- quarantine.
+--
+-- 'enableIoTLoggingParams', 'mitigationActionParams_enableIoTLoggingParams' - Parameters to define a mitigation action that enables Amazon Web
+-- Services IoT Core logging at a specified level of detail.
+--
+-- 'publishFindingToSnsParams', 'mitigationActionParams_publishFindingToSnsParams' - Parameters to define a mitigation action that publishes findings to
+-- Amazon Simple Notification Service (Amazon SNS. You can implement your
+-- own custom actions in response to the Amazon SNS messages.
+--
+-- 'replaceDefaultPolicyVersionParams', 'mitigationActionParams_replaceDefaultPolicyVersionParams' - Parameters to define a mitigation action that adds a blank policy to
+-- restrict permissions.
+--
+-- 'updateCACertificateParams', 'mitigationActionParams_updateCACertificateParams' - Parameters to define a mitigation action that changes the state of the
+-- CA certificate to inactive.
+--
+-- 'updateDeviceCertificateParams', 'mitigationActionParams_updateDeviceCertificateParams' - Parameters to define a mitigation action that changes the state of the
+-- device certificate to inactive.
+newMitigationActionParams ::
+  MitigationActionParams
+newMitigationActionParams =
+  MitigationActionParams'
+    { addThingsToThingGroupParams =
+        Prelude.Nothing,
+      enableIoTLoggingParams = Prelude.Nothing,
+      publishFindingToSnsParams = Prelude.Nothing,
+      replaceDefaultPolicyVersionParams = Prelude.Nothing,
+      updateCACertificateParams = Prelude.Nothing,
+      updateDeviceCertificateParams = Prelude.Nothing
+    }
+
+-- | Parameters to define a mitigation action that moves devices associated
+-- with a certificate to one or more specified thing groups, typically for
+-- quarantine.
+mitigationActionParams_addThingsToThingGroupParams :: Lens.Lens' MitigationActionParams (Prelude.Maybe AddThingsToThingGroupParams)
+mitigationActionParams_addThingsToThingGroupParams = Lens.lens (\MitigationActionParams' {addThingsToThingGroupParams} -> addThingsToThingGroupParams) (\s@MitigationActionParams' {} a -> s {addThingsToThingGroupParams = a} :: MitigationActionParams)
+
+-- | Parameters to define a mitigation action that enables Amazon Web
+-- Services IoT Core logging at a specified level of detail.
+mitigationActionParams_enableIoTLoggingParams :: Lens.Lens' MitigationActionParams (Prelude.Maybe EnableIoTLoggingParams)
+mitigationActionParams_enableIoTLoggingParams = Lens.lens (\MitigationActionParams' {enableIoTLoggingParams} -> enableIoTLoggingParams) (\s@MitigationActionParams' {} a -> s {enableIoTLoggingParams = a} :: MitigationActionParams)
+
+-- | Parameters to define a mitigation action that publishes findings to
+-- Amazon Simple Notification Service (Amazon SNS. You can implement your
+-- own custom actions in response to the Amazon SNS messages.
+mitigationActionParams_publishFindingToSnsParams :: Lens.Lens' MitigationActionParams (Prelude.Maybe PublishFindingToSnsParams)
+mitigationActionParams_publishFindingToSnsParams = Lens.lens (\MitigationActionParams' {publishFindingToSnsParams} -> publishFindingToSnsParams) (\s@MitigationActionParams' {} a -> s {publishFindingToSnsParams = a} :: MitigationActionParams)
+
+-- | Parameters to define a mitigation action that adds a blank policy to
+-- restrict permissions.
+mitigationActionParams_replaceDefaultPolicyVersionParams :: Lens.Lens' MitigationActionParams (Prelude.Maybe ReplaceDefaultPolicyVersionParams)
+mitigationActionParams_replaceDefaultPolicyVersionParams = Lens.lens (\MitigationActionParams' {replaceDefaultPolicyVersionParams} -> replaceDefaultPolicyVersionParams) (\s@MitigationActionParams' {} a -> s {replaceDefaultPolicyVersionParams = a} :: MitigationActionParams)
+
+-- | Parameters to define a mitigation action that changes the state of the
+-- CA certificate to inactive.
+mitigationActionParams_updateCACertificateParams :: Lens.Lens' MitigationActionParams (Prelude.Maybe UpdateCACertificateParams)
+mitigationActionParams_updateCACertificateParams = Lens.lens (\MitigationActionParams' {updateCACertificateParams} -> updateCACertificateParams) (\s@MitigationActionParams' {} a -> s {updateCACertificateParams = a} :: MitigationActionParams)
+
+-- | Parameters to define a mitigation action that changes the state of the
+-- device certificate to inactive.
+mitigationActionParams_updateDeviceCertificateParams :: Lens.Lens' MitigationActionParams (Prelude.Maybe UpdateDeviceCertificateParams)
+mitigationActionParams_updateDeviceCertificateParams = Lens.lens (\MitigationActionParams' {updateDeviceCertificateParams} -> updateDeviceCertificateParams) (\s@MitigationActionParams' {} a -> s {updateDeviceCertificateParams = a} :: MitigationActionParams)
+
+instance Data.FromJSON MitigationActionParams where
+  parseJSON =
+    Data.withObject
+      "MitigationActionParams"
+      ( \x ->
+          MitigationActionParams'
+            Prelude.<$> (x Data..:? "addThingsToThingGroupParams")
+            Prelude.<*> (x Data..:? "enableIoTLoggingParams")
+            Prelude.<*> (x Data..:? "publishFindingToSnsParams")
+            Prelude.<*> (x Data..:? "replaceDefaultPolicyVersionParams")
+            Prelude.<*> (x Data..:? "updateCACertificateParams")
+            Prelude.<*> (x Data..:? "updateDeviceCertificateParams")
+      )
+
+instance Prelude.Hashable MitigationActionParams where
+  hashWithSalt _salt MitigationActionParams' {..} =
+    _salt
+      `Prelude.hashWithSalt` addThingsToThingGroupParams
+      `Prelude.hashWithSalt` enableIoTLoggingParams
+      `Prelude.hashWithSalt` publishFindingToSnsParams
+      `Prelude.hashWithSalt` replaceDefaultPolicyVersionParams
+      `Prelude.hashWithSalt` updateCACertificateParams
+      `Prelude.hashWithSalt` updateDeviceCertificateParams
+
+instance Prelude.NFData MitigationActionParams where
+  rnf MitigationActionParams' {..} =
+    Prelude.rnf addThingsToThingGroupParams
+      `Prelude.seq` Prelude.rnf enableIoTLoggingParams
+      `Prelude.seq` Prelude.rnf publishFindingToSnsParams
+      `Prelude.seq` Prelude.rnf replaceDefaultPolicyVersionParams
+      `Prelude.seq` Prelude.rnf updateCACertificateParams
+      `Prelude.seq` Prelude.rnf updateDeviceCertificateParams
+
+instance Data.ToJSON MitigationActionParams where
+  toJSON MitigationActionParams' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("addThingsToThingGroupParams" Data..=)
+              Prelude.<$> addThingsToThingGroupParams,
+            ("enableIoTLoggingParams" Data..=)
+              Prelude.<$> enableIoTLoggingParams,
+            ("publishFindingToSnsParams" Data..=)
+              Prelude.<$> publishFindingToSnsParams,
+            ("replaceDefaultPolicyVersionParams" Data..=)
+              Prelude.<$> replaceDefaultPolicyVersionParams,
+            ("updateCACertificateParams" Data..=)
+              Prelude.<$> updateCACertificateParams,
+            ("updateDeviceCertificateParams" Data..=)
+              Prelude.<$> updateDeviceCertificateParams
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/MitigationActionType.hs b/gen/Amazonka/IoT/Types/MitigationActionType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/MitigationActionType.hs
@@ -0,0 +1,91 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.MitigationActionType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.MitigationActionType
+  ( MitigationActionType
+      ( ..,
+        MitigationActionType_ADD_THINGS_TO_THING_GROUP,
+        MitigationActionType_ENABLE_IOT_LOGGING,
+        MitigationActionType_PUBLISH_FINDING_TO_SNS,
+        MitigationActionType_REPLACE_DEFAULT_POLICY_VERSION,
+        MitigationActionType_UPDATE_CA_CERTIFICATE,
+        MitigationActionType_UPDATE_DEVICE_CERTIFICATE
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype MitigationActionType = MitigationActionType'
+  { fromMitigationActionType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern MitigationActionType_ADD_THINGS_TO_THING_GROUP :: MitigationActionType
+pattern MitigationActionType_ADD_THINGS_TO_THING_GROUP = MitigationActionType' "ADD_THINGS_TO_THING_GROUP"
+
+pattern MitigationActionType_ENABLE_IOT_LOGGING :: MitigationActionType
+pattern MitigationActionType_ENABLE_IOT_LOGGING = MitigationActionType' "ENABLE_IOT_LOGGING"
+
+pattern MitigationActionType_PUBLISH_FINDING_TO_SNS :: MitigationActionType
+pattern MitigationActionType_PUBLISH_FINDING_TO_SNS = MitigationActionType' "PUBLISH_FINDING_TO_SNS"
+
+pattern MitigationActionType_REPLACE_DEFAULT_POLICY_VERSION :: MitigationActionType
+pattern MitigationActionType_REPLACE_DEFAULT_POLICY_VERSION = MitigationActionType' "REPLACE_DEFAULT_POLICY_VERSION"
+
+pattern MitigationActionType_UPDATE_CA_CERTIFICATE :: MitigationActionType
+pattern MitigationActionType_UPDATE_CA_CERTIFICATE = MitigationActionType' "UPDATE_CA_CERTIFICATE"
+
+pattern MitigationActionType_UPDATE_DEVICE_CERTIFICATE :: MitigationActionType
+pattern MitigationActionType_UPDATE_DEVICE_CERTIFICATE = MitigationActionType' "UPDATE_DEVICE_CERTIFICATE"
+
+{-# COMPLETE
+  MitigationActionType_ADD_THINGS_TO_THING_GROUP,
+  MitigationActionType_ENABLE_IOT_LOGGING,
+  MitigationActionType_PUBLISH_FINDING_TO_SNS,
+  MitigationActionType_REPLACE_DEFAULT_POLICY_VERSION,
+  MitigationActionType_UPDATE_CA_CERTIFICATE,
+  MitigationActionType_UPDATE_DEVICE_CERTIFICATE,
+  MitigationActionType'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/ModelStatus.hs b/gen/Amazonka/IoT/Types/ModelStatus.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ModelStatus.hs
@@ -0,0 +1,76 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ModelStatus
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ModelStatus
+  ( ModelStatus
+      ( ..,
+        ModelStatus_ACTIVE,
+        ModelStatus_EXPIRED,
+        ModelStatus_PENDING_BUILD
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype ModelStatus = ModelStatus'
+  { fromModelStatus ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern ModelStatus_ACTIVE :: ModelStatus
+pattern ModelStatus_ACTIVE = ModelStatus' "ACTIVE"
+
+pattern ModelStatus_EXPIRED :: ModelStatus
+pattern ModelStatus_EXPIRED = ModelStatus' "EXPIRED"
+
+pattern ModelStatus_PENDING_BUILD :: ModelStatus
+pattern ModelStatus_PENDING_BUILD = ModelStatus' "PENDING_BUILD"
+
+{-# COMPLETE
+  ModelStatus_ACTIVE,
+  ModelStatus_EXPIRED,
+  ModelStatus_PENDING_BUILD,
+  ModelStatus'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/MqttContext.hs b/gen/Amazonka/IoT/Types/MqttContext.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/MqttContext.hs
@@ -0,0 +1,103 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.MqttContext
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.MqttContext where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Specifies the MQTT context to use for the test authorizer request
+--
+-- /See:/ 'newMqttContext' smart constructor.
+data MqttContext = MqttContext'
+  { -- | The value of the @clientId@ key in an MQTT authorization request.
+    clientId :: Prelude.Maybe Prelude.Text,
+    -- | The value of the @password@ key in an MQTT authorization request.
+    password :: Prelude.Maybe Data.Base64,
+    -- | The value of the @username@ key in an MQTT authorization request.
+    username :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'MqttContext' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'clientId', 'mqttContext_clientId' - The value of the @clientId@ key in an MQTT authorization request.
+--
+-- 'password', 'mqttContext_password' - The value of the @password@ key in an MQTT authorization request.--
+-- -- /Note:/ This 'Lens' automatically encodes and decodes Base64 data.
+-- -- The underlying isomorphism will encode to Base64 representation during
+-- -- serialisation, and decode from Base64 representation during deserialisation.
+-- -- This 'Lens' accepts and returns only raw unencoded data.
+--
+-- 'username', 'mqttContext_username' - The value of the @username@ key in an MQTT authorization request.
+newMqttContext ::
+  MqttContext
+newMqttContext =
+  MqttContext'
+    { clientId = Prelude.Nothing,
+      password = Prelude.Nothing,
+      username = Prelude.Nothing
+    }
+
+-- | The value of the @clientId@ key in an MQTT authorization request.
+mqttContext_clientId :: Lens.Lens' MqttContext (Prelude.Maybe Prelude.Text)
+mqttContext_clientId = Lens.lens (\MqttContext' {clientId} -> clientId) (\s@MqttContext' {} a -> s {clientId = a} :: MqttContext)
+
+-- | The value of the @password@ key in an MQTT authorization request.--
+-- -- /Note:/ This 'Lens' automatically encodes and decodes Base64 data.
+-- -- The underlying isomorphism will encode to Base64 representation during
+-- -- serialisation, and decode from Base64 representation during deserialisation.
+-- -- This 'Lens' accepts and returns only raw unencoded data.
+mqttContext_password :: Lens.Lens' MqttContext (Prelude.Maybe Prelude.ByteString)
+mqttContext_password = Lens.lens (\MqttContext' {password} -> password) (\s@MqttContext' {} a -> s {password = a} :: MqttContext) Prelude.. Lens.mapping Data._Base64
+
+-- | The value of the @username@ key in an MQTT authorization request.
+mqttContext_username :: Lens.Lens' MqttContext (Prelude.Maybe Prelude.Text)
+mqttContext_username = Lens.lens (\MqttContext' {username} -> username) (\s@MqttContext' {} a -> s {username = a} :: MqttContext)
+
+instance Prelude.Hashable MqttContext where
+  hashWithSalt _salt MqttContext' {..} =
+    _salt
+      `Prelude.hashWithSalt` clientId
+      `Prelude.hashWithSalt` password
+      `Prelude.hashWithSalt` username
+
+instance Prelude.NFData MqttContext where
+  rnf MqttContext' {..} =
+    Prelude.rnf clientId
+      `Prelude.seq` Prelude.rnf password
+      `Prelude.seq` Prelude.rnf username
+
+instance Data.ToJSON MqttContext where
+  toJSON MqttContext' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("clientId" Data..=) Prelude.<$> clientId,
+            ("password" Data..=) Prelude.<$> password,
+            ("username" Data..=) Prelude.<$> username
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/MqttHeaders.hs b/gen/Amazonka/IoT/Types/MqttHeaders.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/MqttHeaders.hs
@@ -0,0 +1,296 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.MqttHeaders
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.MqttHeaders where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.UserProperty
+import qualified Amazonka.Prelude as Prelude
+
+-- | Specifies MQTT Version 5.0 headers information. For more information,
+-- see
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/mqtt.html MQTT>
+-- from Amazon Web Services IoT Core Developer Guide.
+--
+-- /See:/ 'newMqttHeaders' smart constructor.
+data MqttHeaders = MqttHeaders'
+  { -- | A UTF-8 encoded string that describes the content of the publishing
+    -- message.
+    --
+    -- For more information, see
+    -- <https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901118 Content Type>
+    -- from the MQTT Version 5.0 specification.
+    --
+    -- Supports
+    -- <https://docs.aws.amazon.com/iot/latest/developerguide/iot-substitution-templates.html substitution templates>.
+    contentType :: Prelude.Maybe Prelude.Text,
+    -- | The base64-encoded binary data used by the sender of the request message
+    -- to identify which request the response message is for when it\'s
+    -- received.
+    --
+    -- For more information, see
+    -- <https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901115 Correlation Data>
+    -- from the MQTT Version 5.0 specification.
+    --
+    -- This binary data must be based64-encoded.
+    --
+    -- Supports
+    -- <https://docs.aws.amazon.com/iot/latest/developerguide/iot-substitution-templates.html substitution templates>.
+    correlationData :: Prelude.Maybe Prelude.Text,
+    -- | A user-defined integer value that will persist a message at the message
+    -- broker for a specified amount of time to ensure that the message will
+    -- expire if it\'s no longer relevant to the subscriber. The value of
+    -- @messageExpiry@ represents the number of seconds before it expires. For
+    -- more information about the limits of @messageExpiry@, see
+    -- <https://docs.aws.amazon.com/iot/latest/developerguide/mqtt.html Amazon Web Services IoT Core message broker and protocol limits and quotas>
+    -- from the Amazon Web Services Reference Guide.
+    --
+    -- Supports
+    -- <https://docs.aws.amazon.com/iot/latest/developerguide/iot-substitution-templates.html substitution templates>.
+    messageExpiry :: Prelude.Maybe Prelude.Text,
+    -- | An @Enum@ string value that indicates whether the payload is formatted
+    -- as UTF-8.
+    --
+    -- Valid values are @UNSPECIFIED_BYTES@ and @UTF8_DATA@.
+    --
+    -- For more information, see
+    -- <https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901111 Payload Format Indicator>
+    -- from the MQTT Version 5.0 specification.
+    --
+    -- Supports
+    -- <https://docs.aws.amazon.com/iot/latest/developerguide/iot-substitution-templates.html substitution templates>.
+    payloadFormatIndicator :: Prelude.Maybe Prelude.Text,
+    -- | A UTF-8 encoded string that\'s used as the topic name for a response
+    -- message. The response topic is used to describe the topic which the
+    -- receiver should publish to as part of the request-response flow. The
+    -- topic must not contain wildcard characters.
+    --
+    -- For more information, see
+    -- <https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901114 Response Topic>
+    -- from the MQTT Version 5.0 specification.
+    --
+    -- Supports
+    -- <https://docs.aws.amazon.com/iot/latest/developerguide/iot-substitution-templates.html substitution templates>.
+    responseTopic :: Prelude.Maybe Prelude.Text,
+    -- | An array of key-value pairs that you define in the MQTT5 header.
+    userProperties :: Prelude.Maybe (Prelude.NonEmpty UserProperty)
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'MqttHeaders' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'contentType', 'mqttHeaders_contentType' - A UTF-8 encoded string that describes the content of the publishing
+-- message.
+--
+-- For more information, see
+-- <https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901118 Content Type>
+-- from the MQTT Version 5.0 specification.
+--
+-- Supports
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/iot-substitution-templates.html substitution templates>.
+--
+-- 'correlationData', 'mqttHeaders_correlationData' - The base64-encoded binary data used by the sender of the request message
+-- to identify which request the response message is for when it\'s
+-- received.
+--
+-- For more information, see
+-- <https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901115 Correlation Data>
+-- from the MQTT Version 5.0 specification.
+--
+-- This binary data must be based64-encoded.
+--
+-- Supports
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/iot-substitution-templates.html substitution templates>.
+--
+-- 'messageExpiry', 'mqttHeaders_messageExpiry' - A user-defined integer value that will persist a message at the message
+-- broker for a specified amount of time to ensure that the message will
+-- expire if it\'s no longer relevant to the subscriber. The value of
+-- @messageExpiry@ represents the number of seconds before it expires. For
+-- more information about the limits of @messageExpiry@, see
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/mqtt.html Amazon Web Services IoT Core message broker and protocol limits and quotas>
+-- from the Amazon Web Services Reference Guide.
+--
+-- Supports
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/iot-substitution-templates.html substitution templates>.
+--
+-- 'payloadFormatIndicator', 'mqttHeaders_payloadFormatIndicator' - An @Enum@ string value that indicates whether the payload is formatted
+-- as UTF-8.
+--
+-- Valid values are @UNSPECIFIED_BYTES@ and @UTF8_DATA@.
+--
+-- For more information, see
+-- <https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901111 Payload Format Indicator>
+-- from the MQTT Version 5.0 specification.
+--
+-- Supports
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/iot-substitution-templates.html substitution templates>.
+--
+-- 'responseTopic', 'mqttHeaders_responseTopic' - A UTF-8 encoded string that\'s used as the topic name for a response
+-- message. The response topic is used to describe the topic which the
+-- receiver should publish to as part of the request-response flow. The
+-- topic must not contain wildcard characters.
+--
+-- For more information, see
+-- <https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901114 Response Topic>
+-- from the MQTT Version 5.0 specification.
+--
+-- Supports
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/iot-substitution-templates.html substitution templates>.
+--
+-- 'userProperties', 'mqttHeaders_userProperties' - An array of key-value pairs that you define in the MQTT5 header.
+newMqttHeaders ::
+  MqttHeaders
+newMqttHeaders =
+  MqttHeaders'
+    { contentType = Prelude.Nothing,
+      correlationData = Prelude.Nothing,
+      messageExpiry = Prelude.Nothing,
+      payloadFormatIndicator = Prelude.Nothing,
+      responseTopic = Prelude.Nothing,
+      userProperties = Prelude.Nothing
+    }
+
+-- | A UTF-8 encoded string that describes the content of the publishing
+-- message.
+--
+-- For more information, see
+-- <https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901118 Content Type>
+-- from the MQTT Version 5.0 specification.
+--
+-- Supports
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/iot-substitution-templates.html substitution templates>.
+mqttHeaders_contentType :: Lens.Lens' MqttHeaders (Prelude.Maybe Prelude.Text)
+mqttHeaders_contentType = Lens.lens (\MqttHeaders' {contentType} -> contentType) (\s@MqttHeaders' {} a -> s {contentType = a} :: MqttHeaders)
+
+-- | The base64-encoded binary data used by the sender of the request message
+-- to identify which request the response message is for when it\'s
+-- received.
+--
+-- For more information, see
+-- <https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901115 Correlation Data>
+-- from the MQTT Version 5.0 specification.
+--
+-- This binary data must be based64-encoded.
+--
+-- Supports
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/iot-substitution-templates.html substitution templates>.
+mqttHeaders_correlationData :: Lens.Lens' MqttHeaders (Prelude.Maybe Prelude.Text)
+mqttHeaders_correlationData = Lens.lens (\MqttHeaders' {correlationData} -> correlationData) (\s@MqttHeaders' {} a -> s {correlationData = a} :: MqttHeaders)
+
+-- | A user-defined integer value that will persist a message at the message
+-- broker for a specified amount of time to ensure that the message will
+-- expire if it\'s no longer relevant to the subscriber. The value of
+-- @messageExpiry@ represents the number of seconds before it expires. For
+-- more information about the limits of @messageExpiry@, see
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/mqtt.html Amazon Web Services IoT Core message broker and protocol limits and quotas>
+-- from the Amazon Web Services Reference Guide.
+--
+-- Supports
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/iot-substitution-templates.html substitution templates>.
+mqttHeaders_messageExpiry :: Lens.Lens' MqttHeaders (Prelude.Maybe Prelude.Text)
+mqttHeaders_messageExpiry = Lens.lens (\MqttHeaders' {messageExpiry} -> messageExpiry) (\s@MqttHeaders' {} a -> s {messageExpiry = a} :: MqttHeaders)
+
+-- | An @Enum@ string value that indicates whether the payload is formatted
+-- as UTF-8.
+--
+-- Valid values are @UNSPECIFIED_BYTES@ and @UTF8_DATA@.
+--
+-- For more information, see
+-- <https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901111 Payload Format Indicator>
+-- from the MQTT Version 5.0 specification.
+--
+-- Supports
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/iot-substitution-templates.html substitution templates>.
+mqttHeaders_payloadFormatIndicator :: Lens.Lens' MqttHeaders (Prelude.Maybe Prelude.Text)
+mqttHeaders_payloadFormatIndicator = Lens.lens (\MqttHeaders' {payloadFormatIndicator} -> payloadFormatIndicator) (\s@MqttHeaders' {} a -> s {payloadFormatIndicator = a} :: MqttHeaders)
+
+-- | A UTF-8 encoded string that\'s used as the topic name for a response
+-- message. The response topic is used to describe the topic which the
+-- receiver should publish to as part of the request-response flow. The
+-- topic must not contain wildcard characters.
+--
+-- For more information, see
+-- <https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901114 Response Topic>
+-- from the MQTT Version 5.0 specification.
+--
+-- Supports
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/iot-substitution-templates.html substitution templates>.
+mqttHeaders_responseTopic :: Lens.Lens' MqttHeaders (Prelude.Maybe Prelude.Text)
+mqttHeaders_responseTopic = Lens.lens (\MqttHeaders' {responseTopic} -> responseTopic) (\s@MqttHeaders' {} a -> s {responseTopic = a} :: MqttHeaders)
+
+-- | An array of key-value pairs that you define in the MQTT5 header.
+mqttHeaders_userProperties :: Lens.Lens' MqttHeaders (Prelude.Maybe (Prelude.NonEmpty UserProperty))
+mqttHeaders_userProperties = Lens.lens (\MqttHeaders' {userProperties} -> userProperties) (\s@MqttHeaders' {} a -> s {userProperties = a} :: MqttHeaders) Prelude.. Lens.mapping Lens.coerced
+
+instance Data.FromJSON MqttHeaders where
+  parseJSON =
+    Data.withObject
+      "MqttHeaders"
+      ( \x ->
+          MqttHeaders'
+            Prelude.<$> (x Data..:? "contentType")
+            Prelude.<*> (x Data..:? "correlationData")
+            Prelude.<*> (x Data..:? "messageExpiry")
+            Prelude.<*> (x Data..:? "payloadFormatIndicator")
+            Prelude.<*> (x Data..:? "responseTopic")
+            Prelude.<*> (x Data..:? "userProperties")
+      )
+
+instance Prelude.Hashable MqttHeaders where
+  hashWithSalt _salt MqttHeaders' {..} =
+    _salt
+      `Prelude.hashWithSalt` contentType
+      `Prelude.hashWithSalt` correlationData
+      `Prelude.hashWithSalt` messageExpiry
+      `Prelude.hashWithSalt` payloadFormatIndicator
+      `Prelude.hashWithSalt` responseTopic
+      `Prelude.hashWithSalt` userProperties
+
+instance Prelude.NFData MqttHeaders where
+  rnf MqttHeaders' {..} =
+    Prelude.rnf contentType
+      `Prelude.seq` Prelude.rnf correlationData
+      `Prelude.seq` Prelude.rnf messageExpiry
+      `Prelude.seq` Prelude.rnf payloadFormatIndicator
+      `Prelude.seq` Prelude.rnf responseTopic
+      `Prelude.seq` Prelude.rnf userProperties
+
+instance Data.ToJSON MqttHeaders where
+  toJSON MqttHeaders' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("contentType" Data..=) Prelude.<$> contentType,
+            ("correlationData" Data..=)
+              Prelude.<$> correlationData,
+            ("messageExpiry" Data..=) Prelude.<$> messageExpiry,
+            ("payloadFormatIndicator" Data..=)
+              Prelude.<$> payloadFormatIndicator,
+            ("responseTopic" Data..=) Prelude.<$> responseTopic,
+            ("userProperties" Data..=)
+              Prelude.<$> userProperties
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/NamedShadowIndexingMode.hs b/gen/Amazonka/IoT/Types/NamedShadowIndexingMode.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/NamedShadowIndexingMode.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.NamedShadowIndexingMode
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.NamedShadowIndexingMode
+  ( NamedShadowIndexingMode
+      ( ..,
+        NamedShadowIndexingMode_OFF,
+        NamedShadowIndexingMode_ON
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype NamedShadowIndexingMode = NamedShadowIndexingMode'
+  { fromNamedShadowIndexingMode ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern NamedShadowIndexingMode_OFF :: NamedShadowIndexingMode
+pattern NamedShadowIndexingMode_OFF = NamedShadowIndexingMode' "OFF"
+
+pattern NamedShadowIndexingMode_ON :: NamedShadowIndexingMode
+pattern NamedShadowIndexingMode_ON = NamedShadowIndexingMode' "ON"
+
+{-# COMPLETE
+  NamedShadowIndexingMode_OFF,
+  NamedShadowIndexingMode_ON,
+  NamedShadowIndexingMode'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/NonCompliantResource.hs b/gen/Amazonka/IoT/Types/NonCompliantResource.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/NonCompliantResource.hs
@@ -0,0 +1,100 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.NonCompliantResource
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.NonCompliantResource where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.ResourceIdentifier
+import Amazonka.IoT.Types.ResourceType
+import qualified Amazonka.Prelude as Prelude
+
+-- | Information about the resource that was noncompliant with the audit
+-- check.
+--
+-- /See:/ 'newNonCompliantResource' smart constructor.
+data NonCompliantResource = NonCompliantResource'
+  { -- | Other information about the noncompliant resource.
+    additionalInfo :: Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text),
+    -- | Information that identifies the noncompliant resource.
+    resourceIdentifier :: Prelude.Maybe ResourceIdentifier,
+    -- | The type of the noncompliant resource.
+    resourceType :: Prelude.Maybe ResourceType
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'NonCompliantResource' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'additionalInfo', 'nonCompliantResource_additionalInfo' - Other information about the noncompliant resource.
+--
+-- 'resourceIdentifier', 'nonCompliantResource_resourceIdentifier' - Information that identifies the noncompliant resource.
+--
+-- 'resourceType', 'nonCompliantResource_resourceType' - The type of the noncompliant resource.
+newNonCompliantResource ::
+  NonCompliantResource
+newNonCompliantResource =
+  NonCompliantResource'
+    { additionalInfo =
+        Prelude.Nothing,
+      resourceIdentifier = Prelude.Nothing,
+      resourceType = Prelude.Nothing
+    }
+
+-- | Other information about the noncompliant resource.
+nonCompliantResource_additionalInfo :: Lens.Lens' NonCompliantResource (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
+nonCompliantResource_additionalInfo = Lens.lens (\NonCompliantResource' {additionalInfo} -> additionalInfo) (\s@NonCompliantResource' {} a -> s {additionalInfo = a} :: NonCompliantResource) Prelude.. Lens.mapping Lens.coerced
+
+-- | Information that identifies the noncompliant resource.
+nonCompliantResource_resourceIdentifier :: Lens.Lens' NonCompliantResource (Prelude.Maybe ResourceIdentifier)
+nonCompliantResource_resourceIdentifier = Lens.lens (\NonCompliantResource' {resourceIdentifier} -> resourceIdentifier) (\s@NonCompliantResource' {} a -> s {resourceIdentifier = a} :: NonCompliantResource)
+
+-- | The type of the noncompliant resource.
+nonCompliantResource_resourceType :: Lens.Lens' NonCompliantResource (Prelude.Maybe ResourceType)
+nonCompliantResource_resourceType = Lens.lens (\NonCompliantResource' {resourceType} -> resourceType) (\s@NonCompliantResource' {} a -> s {resourceType = a} :: NonCompliantResource)
+
+instance Data.FromJSON NonCompliantResource where
+  parseJSON =
+    Data.withObject
+      "NonCompliantResource"
+      ( \x ->
+          NonCompliantResource'
+            Prelude.<$> (x Data..:? "additionalInfo" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..:? "resourceIdentifier")
+            Prelude.<*> (x Data..:? "resourceType")
+      )
+
+instance Prelude.Hashable NonCompliantResource where
+  hashWithSalt _salt NonCompliantResource' {..} =
+    _salt
+      `Prelude.hashWithSalt` additionalInfo
+      `Prelude.hashWithSalt` resourceIdentifier
+      `Prelude.hashWithSalt` resourceType
+
+instance Prelude.NFData NonCompliantResource where
+  rnf NonCompliantResource' {..} =
+    Prelude.rnf additionalInfo
+      `Prelude.seq` Prelude.rnf resourceIdentifier
+      `Prelude.seq` Prelude.rnf resourceType
diff --git a/gen/Amazonka/IoT/Types/OTAUpdateFile.hs b/gen/Amazonka/IoT/Types/OTAUpdateFile.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/OTAUpdateFile.hs
@@ -0,0 +1,150 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.OTAUpdateFile
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.OTAUpdateFile where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.CodeSigning
+import Amazonka.IoT.Types.FileLocation
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes a file to be associated with an OTA update.
+--
+-- /See:/ 'newOTAUpdateFile' smart constructor.
+data OTAUpdateFile = OTAUpdateFile'
+  { -- | A list of name\/attribute pairs.
+    attributes :: Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text),
+    -- | The code signing method of the file.
+    codeSigning :: Prelude.Maybe CodeSigning,
+    -- | The location of the updated firmware.
+    fileLocation :: Prelude.Maybe FileLocation,
+    -- | The name of the file.
+    fileName :: Prelude.Maybe Prelude.Text,
+    -- | An integer value you can include in the job document to allow your
+    -- devices to identify the type of file received from the cloud.
+    fileType :: Prelude.Maybe Prelude.Natural,
+    -- | The file version.
+    fileVersion :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'OTAUpdateFile' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'attributes', 'oTAUpdateFile_attributes' - A list of name\/attribute pairs.
+--
+-- 'codeSigning', 'oTAUpdateFile_codeSigning' - The code signing method of the file.
+--
+-- 'fileLocation', 'oTAUpdateFile_fileLocation' - The location of the updated firmware.
+--
+-- 'fileName', 'oTAUpdateFile_fileName' - The name of the file.
+--
+-- 'fileType', 'oTAUpdateFile_fileType' - An integer value you can include in the job document to allow your
+-- devices to identify the type of file received from the cloud.
+--
+-- 'fileVersion', 'oTAUpdateFile_fileVersion' - The file version.
+newOTAUpdateFile ::
+  OTAUpdateFile
+newOTAUpdateFile =
+  OTAUpdateFile'
+    { attributes = Prelude.Nothing,
+      codeSigning = Prelude.Nothing,
+      fileLocation = Prelude.Nothing,
+      fileName = Prelude.Nothing,
+      fileType = Prelude.Nothing,
+      fileVersion = Prelude.Nothing
+    }
+
+-- | A list of name\/attribute pairs.
+oTAUpdateFile_attributes :: Lens.Lens' OTAUpdateFile (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
+oTAUpdateFile_attributes = Lens.lens (\OTAUpdateFile' {attributes} -> attributes) (\s@OTAUpdateFile' {} a -> s {attributes = a} :: OTAUpdateFile) Prelude.. Lens.mapping Lens.coerced
+
+-- | The code signing method of the file.
+oTAUpdateFile_codeSigning :: Lens.Lens' OTAUpdateFile (Prelude.Maybe CodeSigning)
+oTAUpdateFile_codeSigning = Lens.lens (\OTAUpdateFile' {codeSigning} -> codeSigning) (\s@OTAUpdateFile' {} a -> s {codeSigning = a} :: OTAUpdateFile)
+
+-- | The location of the updated firmware.
+oTAUpdateFile_fileLocation :: Lens.Lens' OTAUpdateFile (Prelude.Maybe FileLocation)
+oTAUpdateFile_fileLocation = Lens.lens (\OTAUpdateFile' {fileLocation} -> fileLocation) (\s@OTAUpdateFile' {} a -> s {fileLocation = a} :: OTAUpdateFile)
+
+-- | The name of the file.
+oTAUpdateFile_fileName :: Lens.Lens' OTAUpdateFile (Prelude.Maybe Prelude.Text)
+oTAUpdateFile_fileName = Lens.lens (\OTAUpdateFile' {fileName} -> fileName) (\s@OTAUpdateFile' {} a -> s {fileName = a} :: OTAUpdateFile)
+
+-- | An integer value you can include in the job document to allow your
+-- devices to identify the type of file received from the cloud.
+oTAUpdateFile_fileType :: Lens.Lens' OTAUpdateFile (Prelude.Maybe Prelude.Natural)
+oTAUpdateFile_fileType = Lens.lens (\OTAUpdateFile' {fileType} -> fileType) (\s@OTAUpdateFile' {} a -> s {fileType = a} :: OTAUpdateFile)
+
+-- | The file version.
+oTAUpdateFile_fileVersion :: Lens.Lens' OTAUpdateFile (Prelude.Maybe Prelude.Text)
+oTAUpdateFile_fileVersion = Lens.lens (\OTAUpdateFile' {fileVersion} -> fileVersion) (\s@OTAUpdateFile' {} a -> s {fileVersion = a} :: OTAUpdateFile)
+
+instance Data.FromJSON OTAUpdateFile where
+  parseJSON =
+    Data.withObject
+      "OTAUpdateFile"
+      ( \x ->
+          OTAUpdateFile'
+            Prelude.<$> (x Data..:? "attributes" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..:? "codeSigning")
+            Prelude.<*> (x Data..:? "fileLocation")
+            Prelude.<*> (x Data..:? "fileName")
+            Prelude.<*> (x Data..:? "fileType")
+            Prelude.<*> (x Data..:? "fileVersion")
+      )
+
+instance Prelude.Hashable OTAUpdateFile where
+  hashWithSalt _salt OTAUpdateFile' {..} =
+    _salt
+      `Prelude.hashWithSalt` attributes
+      `Prelude.hashWithSalt` codeSigning
+      `Prelude.hashWithSalt` fileLocation
+      `Prelude.hashWithSalt` fileName
+      `Prelude.hashWithSalt` fileType
+      `Prelude.hashWithSalt` fileVersion
+
+instance Prelude.NFData OTAUpdateFile where
+  rnf OTAUpdateFile' {..} =
+    Prelude.rnf attributes
+      `Prelude.seq` Prelude.rnf codeSigning
+      `Prelude.seq` Prelude.rnf fileLocation
+      `Prelude.seq` Prelude.rnf fileName
+      `Prelude.seq` Prelude.rnf fileType
+      `Prelude.seq` Prelude.rnf fileVersion
+
+instance Data.ToJSON OTAUpdateFile where
+  toJSON OTAUpdateFile' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("attributes" Data..=) Prelude.<$> attributes,
+            ("codeSigning" Data..=) Prelude.<$> codeSigning,
+            ("fileLocation" Data..=) Prelude.<$> fileLocation,
+            ("fileName" Data..=) Prelude.<$> fileName,
+            ("fileType" Data..=) Prelude.<$> fileType,
+            ("fileVersion" Data..=) Prelude.<$> fileVersion
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/OTAUpdateInfo.hs b/gen/Amazonka/IoT/Types/OTAUpdateInfo.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/OTAUpdateInfo.hs
@@ -0,0 +1,290 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.OTAUpdateInfo
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.OTAUpdateInfo where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.AwsJobExecutionsRolloutConfig
+import Amazonka.IoT.Types.AwsJobPresignedUrlConfig
+import Amazonka.IoT.Types.ErrorInfo
+import Amazonka.IoT.Types.OTAUpdateFile
+import Amazonka.IoT.Types.OTAUpdateStatus
+import Amazonka.IoT.Types.Protocol
+import Amazonka.IoT.Types.TargetSelection
+import qualified Amazonka.Prelude as Prelude
+
+-- | Information about an OTA update.
+--
+-- /See:/ 'newOTAUpdateInfo' smart constructor.
+data OTAUpdateInfo = OTAUpdateInfo'
+  { -- | A collection of name\/value pairs
+    additionalParameters :: Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text),
+    -- | The IoT job ARN associated with the OTA update.
+    awsIotJobArn :: Prelude.Maybe Prelude.Text,
+    -- | The IoT job ID associated with the OTA update.
+    awsIotJobId :: Prelude.Maybe Prelude.Text,
+    -- | Configuration for the rollout of OTA updates.
+    awsJobExecutionsRolloutConfig :: Prelude.Maybe AwsJobExecutionsRolloutConfig,
+    -- | Configuration information for pre-signed URLs. Valid when @protocols@
+    -- contains HTTP.
+    awsJobPresignedUrlConfig :: Prelude.Maybe AwsJobPresignedUrlConfig,
+    -- | The date when the OTA update was created.
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | A description of the OTA update.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | Error information associated with the OTA update.
+    errorInfo :: Prelude.Maybe ErrorInfo,
+    -- | The date when the OTA update was last updated.
+    lastModifiedDate :: Prelude.Maybe Data.POSIX,
+    -- | The OTA update ARN.
+    otaUpdateArn :: Prelude.Maybe Prelude.Text,
+    -- | A list of files associated with the OTA update.
+    otaUpdateFiles :: Prelude.Maybe (Prelude.NonEmpty OTAUpdateFile),
+    -- | The OTA update ID.
+    otaUpdateId :: Prelude.Maybe Prelude.Text,
+    -- | The status of the OTA update.
+    otaUpdateStatus :: Prelude.Maybe OTAUpdateStatus,
+    -- | The protocol used to transfer the OTA update image. Valid values are
+    -- [HTTP], [MQTT], [HTTP, MQTT]. When both HTTP and MQTT are specified, the
+    -- target device can choose the protocol.
+    protocols :: Prelude.Maybe (Prelude.NonEmpty Protocol),
+    -- | Specifies whether the OTA update will continue to run (CONTINUOUS), or
+    -- will be complete after all those things specified as targets have
+    -- completed the OTA update (SNAPSHOT). If continuous, the OTA update may
+    -- also be run on a thing when a change is detected in a target. For
+    -- example, an OTA update will run on a thing when the thing is added to a
+    -- target group, even after the OTA update was completed by all things
+    -- originally in the group.
+    targetSelection :: Prelude.Maybe TargetSelection,
+    -- | The targets of the OTA update.
+    targets :: Prelude.Maybe (Prelude.NonEmpty Prelude.Text)
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'OTAUpdateInfo' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'additionalParameters', 'oTAUpdateInfo_additionalParameters' - A collection of name\/value pairs
+--
+-- 'awsIotJobArn', 'oTAUpdateInfo_awsIotJobArn' - The IoT job ARN associated with the OTA update.
+--
+-- 'awsIotJobId', 'oTAUpdateInfo_awsIotJobId' - The IoT job ID associated with the OTA update.
+--
+-- 'awsJobExecutionsRolloutConfig', 'oTAUpdateInfo_awsJobExecutionsRolloutConfig' - Configuration for the rollout of OTA updates.
+--
+-- 'awsJobPresignedUrlConfig', 'oTAUpdateInfo_awsJobPresignedUrlConfig' - Configuration information for pre-signed URLs. Valid when @protocols@
+-- contains HTTP.
+--
+-- 'creationDate', 'oTAUpdateInfo_creationDate' - The date when the OTA update was created.
+--
+-- 'description', 'oTAUpdateInfo_description' - A description of the OTA update.
+--
+-- 'errorInfo', 'oTAUpdateInfo_errorInfo' - Error information associated with the OTA update.
+--
+-- 'lastModifiedDate', 'oTAUpdateInfo_lastModifiedDate' - The date when the OTA update was last updated.
+--
+-- 'otaUpdateArn', 'oTAUpdateInfo_otaUpdateArn' - The OTA update ARN.
+--
+-- 'otaUpdateFiles', 'oTAUpdateInfo_otaUpdateFiles' - A list of files associated with the OTA update.
+--
+-- 'otaUpdateId', 'oTAUpdateInfo_otaUpdateId' - The OTA update ID.
+--
+-- 'otaUpdateStatus', 'oTAUpdateInfo_otaUpdateStatus' - The status of the OTA update.
+--
+-- 'protocols', 'oTAUpdateInfo_protocols' - The protocol used to transfer the OTA update image. Valid values are
+-- [HTTP], [MQTT], [HTTP, MQTT]. When both HTTP and MQTT are specified, the
+-- target device can choose the protocol.
+--
+-- 'targetSelection', 'oTAUpdateInfo_targetSelection' - Specifies whether the OTA update will continue to run (CONTINUOUS), or
+-- will be complete after all those things specified as targets have
+-- completed the OTA update (SNAPSHOT). If continuous, the OTA update may
+-- also be run on a thing when a change is detected in a target. For
+-- example, an OTA update will run on a thing when the thing is added to a
+-- target group, even after the OTA update was completed by all things
+-- originally in the group.
+--
+-- 'targets', 'oTAUpdateInfo_targets' - The targets of the OTA update.
+newOTAUpdateInfo ::
+  OTAUpdateInfo
+newOTAUpdateInfo =
+  OTAUpdateInfo'
+    { additionalParameters =
+        Prelude.Nothing,
+      awsIotJobArn = Prelude.Nothing,
+      awsIotJobId = Prelude.Nothing,
+      awsJobExecutionsRolloutConfig = Prelude.Nothing,
+      awsJobPresignedUrlConfig = Prelude.Nothing,
+      creationDate = Prelude.Nothing,
+      description = Prelude.Nothing,
+      errorInfo = Prelude.Nothing,
+      lastModifiedDate = Prelude.Nothing,
+      otaUpdateArn = Prelude.Nothing,
+      otaUpdateFiles = Prelude.Nothing,
+      otaUpdateId = Prelude.Nothing,
+      otaUpdateStatus = Prelude.Nothing,
+      protocols = Prelude.Nothing,
+      targetSelection = Prelude.Nothing,
+      targets = Prelude.Nothing
+    }
+
+-- | A collection of name\/value pairs
+oTAUpdateInfo_additionalParameters :: Lens.Lens' OTAUpdateInfo (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
+oTAUpdateInfo_additionalParameters = Lens.lens (\OTAUpdateInfo' {additionalParameters} -> additionalParameters) (\s@OTAUpdateInfo' {} a -> s {additionalParameters = a} :: OTAUpdateInfo) Prelude.. Lens.mapping Lens.coerced
+
+-- | The IoT job ARN associated with the OTA update.
+oTAUpdateInfo_awsIotJobArn :: Lens.Lens' OTAUpdateInfo (Prelude.Maybe Prelude.Text)
+oTAUpdateInfo_awsIotJobArn = Lens.lens (\OTAUpdateInfo' {awsIotJobArn} -> awsIotJobArn) (\s@OTAUpdateInfo' {} a -> s {awsIotJobArn = a} :: OTAUpdateInfo)
+
+-- | The IoT job ID associated with the OTA update.
+oTAUpdateInfo_awsIotJobId :: Lens.Lens' OTAUpdateInfo (Prelude.Maybe Prelude.Text)
+oTAUpdateInfo_awsIotJobId = Lens.lens (\OTAUpdateInfo' {awsIotJobId} -> awsIotJobId) (\s@OTAUpdateInfo' {} a -> s {awsIotJobId = a} :: OTAUpdateInfo)
+
+-- | Configuration for the rollout of OTA updates.
+oTAUpdateInfo_awsJobExecutionsRolloutConfig :: Lens.Lens' OTAUpdateInfo (Prelude.Maybe AwsJobExecutionsRolloutConfig)
+oTAUpdateInfo_awsJobExecutionsRolloutConfig = Lens.lens (\OTAUpdateInfo' {awsJobExecutionsRolloutConfig} -> awsJobExecutionsRolloutConfig) (\s@OTAUpdateInfo' {} a -> s {awsJobExecutionsRolloutConfig = a} :: OTAUpdateInfo)
+
+-- | Configuration information for pre-signed URLs. Valid when @protocols@
+-- contains HTTP.
+oTAUpdateInfo_awsJobPresignedUrlConfig :: Lens.Lens' OTAUpdateInfo (Prelude.Maybe AwsJobPresignedUrlConfig)
+oTAUpdateInfo_awsJobPresignedUrlConfig = Lens.lens (\OTAUpdateInfo' {awsJobPresignedUrlConfig} -> awsJobPresignedUrlConfig) (\s@OTAUpdateInfo' {} a -> s {awsJobPresignedUrlConfig = a} :: OTAUpdateInfo)
+
+-- | The date when the OTA update was created.
+oTAUpdateInfo_creationDate :: Lens.Lens' OTAUpdateInfo (Prelude.Maybe Prelude.UTCTime)
+oTAUpdateInfo_creationDate = Lens.lens (\OTAUpdateInfo' {creationDate} -> creationDate) (\s@OTAUpdateInfo' {} a -> s {creationDate = a} :: OTAUpdateInfo) Prelude.. Lens.mapping Data._Time
+
+-- | A description of the OTA update.
+oTAUpdateInfo_description :: Lens.Lens' OTAUpdateInfo (Prelude.Maybe Prelude.Text)
+oTAUpdateInfo_description = Lens.lens (\OTAUpdateInfo' {description} -> description) (\s@OTAUpdateInfo' {} a -> s {description = a} :: OTAUpdateInfo)
+
+-- | Error information associated with the OTA update.
+oTAUpdateInfo_errorInfo :: Lens.Lens' OTAUpdateInfo (Prelude.Maybe ErrorInfo)
+oTAUpdateInfo_errorInfo = Lens.lens (\OTAUpdateInfo' {errorInfo} -> errorInfo) (\s@OTAUpdateInfo' {} a -> s {errorInfo = a} :: OTAUpdateInfo)
+
+-- | The date when the OTA update was last updated.
+oTAUpdateInfo_lastModifiedDate :: Lens.Lens' OTAUpdateInfo (Prelude.Maybe Prelude.UTCTime)
+oTAUpdateInfo_lastModifiedDate = Lens.lens (\OTAUpdateInfo' {lastModifiedDate} -> lastModifiedDate) (\s@OTAUpdateInfo' {} a -> s {lastModifiedDate = a} :: OTAUpdateInfo) Prelude.. Lens.mapping Data._Time
+
+-- | The OTA update ARN.
+oTAUpdateInfo_otaUpdateArn :: Lens.Lens' OTAUpdateInfo (Prelude.Maybe Prelude.Text)
+oTAUpdateInfo_otaUpdateArn = Lens.lens (\OTAUpdateInfo' {otaUpdateArn} -> otaUpdateArn) (\s@OTAUpdateInfo' {} a -> s {otaUpdateArn = a} :: OTAUpdateInfo)
+
+-- | A list of files associated with the OTA update.
+oTAUpdateInfo_otaUpdateFiles :: Lens.Lens' OTAUpdateInfo (Prelude.Maybe (Prelude.NonEmpty OTAUpdateFile))
+oTAUpdateInfo_otaUpdateFiles = Lens.lens (\OTAUpdateInfo' {otaUpdateFiles} -> otaUpdateFiles) (\s@OTAUpdateInfo' {} a -> s {otaUpdateFiles = a} :: OTAUpdateInfo) Prelude.. Lens.mapping Lens.coerced
+
+-- | The OTA update ID.
+oTAUpdateInfo_otaUpdateId :: Lens.Lens' OTAUpdateInfo (Prelude.Maybe Prelude.Text)
+oTAUpdateInfo_otaUpdateId = Lens.lens (\OTAUpdateInfo' {otaUpdateId} -> otaUpdateId) (\s@OTAUpdateInfo' {} a -> s {otaUpdateId = a} :: OTAUpdateInfo)
+
+-- | The status of the OTA update.
+oTAUpdateInfo_otaUpdateStatus :: Lens.Lens' OTAUpdateInfo (Prelude.Maybe OTAUpdateStatus)
+oTAUpdateInfo_otaUpdateStatus = Lens.lens (\OTAUpdateInfo' {otaUpdateStatus} -> otaUpdateStatus) (\s@OTAUpdateInfo' {} a -> s {otaUpdateStatus = a} :: OTAUpdateInfo)
+
+-- | The protocol used to transfer the OTA update image. Valid values are
+-- [HTTP], [MQTT], [HTTP, MQTT]. When both HTTP and MQTT are specified, the
+-- target device can choose the protocol.
+oTAUpdateInfo_protocols :: Lens.Lens' OTAUpdateInfo (Prelude.Maybe (Prelude.NonEmpty Protocol))
+oTAUpdateInfo_protocols = Lens.lens (\OTAUpdateInfo' {protocols} -> protocols) (\s@OTAUpdateInfo' {} a -> s {protocols = a} :: OTAUpdateInfo) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies whether the OTA update will continue to run (CONTINUOUS), or
+-- will be complete after all those things specified as targets have
+-- completed the OTA update (SNAPSHOT). If continuous, the OTA update may
+-- also be run on a thing when a change is detected in a target. For
+-- example, an OTA update will run on a thing when the thing is added to a
+-- target group, even after the OTA update was completed by all things
+-- originally in the group.
+oTAUpdateInfo_targetSelection :: Lens.Lens' OTAUpdateInfo (Prelude.Maybe TargetSelection)
+oTAUpdateInfo_targetSelection = Lens.lens (\OTAUpdateInfo' {targetSelection} -> targetSelection) (\s@OTAUpdateInfo' {} a -> s {targetSelection = a} :: OTAUpdateInfo)
+
+-- | The targets of the OTA update.
+oTAUpdateInfo_targets :: Lens.Lens' OTAUpdateInfo (Prelude.Maybe (Prelude.NonEmpty Prelude.Text))
+oTAUpdateInfo_targets = Lens.lens (\OTAUpdateInfo' {targets} -> targets) (\s@OTAUpdateInfo' {} a -> s {targets = a} :: OTAUpdateInfo) Prelude.. Lens.mapping Lens.coerced
+
+instance Data.FromJSON OTAUpdateInfo where
+  parseJSON =
+    Data.withObject
+      "OTAUpdateInfo"
+      ( \x ->
+          OTAUpdateInfo'
+            Prelude.<$> ( x
+                            Data..:? "additionalParameters"
+                            Data..!= Prelude.mempty
+                        )
+            Prelude.<*> (x Data..:? "awsIotJobArn")
+            Prelude.<*> (x Data..:? "awsIotJobId")
+            Prelude.<*> (x Data..:? "awsJobExecutionsRolloutConfig")
+            Prelude.<*> (x Data..:? "awsJobPresignedUrlConfig")
+            Prelude.<*> (x Data..:? "creationDate")
+            Prelude.<*> (x Data..:? "description")
+            Prelude.<*> (x Data..:? "errorInfo")
+            Prelude.<*> (x Data..:? "lastModifiedDate")
+            Prelude.<*> (x Data..:? "otaUpdateArn")
+            Prelude.<*> (x Data..:? "otaUpdateFiles")
+            Prelude.<*> (x Data..:? "otaUpdateId")
+            Prelude.<*> (x Data..:? "otaUpdateStatus")
+            Prelude.<*> (x Data..:? "protocols")
+            Prelude.<*> (x Data..:? "targetSelection")
+            Prelude.<*> (x Data..:? "targets")
+      )
+
+instance Prelude.Hashable OTAUpdateInfo where
+  hashWithSalt _salt OTAUpdateInfo' {..} =
+    _salt
+      `Prelude.hashWithSalt` additionalParameters
+      `Prelude.hashWithSalt` awsIotJobArn
+      `Prelude.hashWithSalt` awsIotJobId
+      `Prelude.hashWithSalt` awsJobExecutionsRolloutConfig
+      `Prelude.hashWithSalt` awsJobPresignedUrlConfig
+      `Prelude.hashWithSalt` creationDate
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` errorInfo
+      `Prelude.hashWithSalt` lastModifiedDate
+      `Prelude.hashWithSalt` otaUpdateArn
+      `Prelude.hashWithSalt` otaUpdateFiles
+      `Prelude.hashWithSalt` otaUpdateId
+      `Prelude.hashWithSalt` otaUpdateStatus
+      `Prelude.hashWithSalt` protocols
+      `Prelude.hashWithSalt` targetSelection
+      `Prelude.hashWithSalt` targets
+
+instance Prelude.NFData OTAUpdateInfo where
+  rnf OTAUpdateInfo' {..} =
+    Prelude.rnf additionalParameters
+      `Prelude.seq` Prelude.rnf awsIotJobArn
+      `Prelude.seq` Prelude.rnf awsIotJobId
+      `Prelude.seq` Prelude.rnf awsJobExecutionsRolloutConfig
+      `Prelude.seq` Prelude.rnf awsJobPresignedUrlConfig
+      `Prelude.seq` Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf description
+      `Prelude.seq` Prelude.rnf errorInfo
+      `Prelude.seq` Prelude.rnf lastModifiedDate
+      `Prelude.seq` Prelude.rnf otaUpdateArn
+      `Prelude.seq` Prelude.rnf otaUpdateFiles
+      `Prelude.seq` Prelude.rnf otaUpdateId
+      `Prelude.seq` Prelude.rnf otaUpdateStatus
+      `Prelude.seq` Prelude.rnf protocols
+      `Prelude.seq` Prelude.rnf targetSelection
+      `Prelude.seq` Prelude.rnf targets
diff --git a/gen/Amazonka/IoT/Types/OTAUpdateStatus.hs b/gen/Amazonka/IoT/Types/OTAUpdateStatus.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/OTAUpdateStatus.hs
@@ -0,0 +1,81 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.OTAUpdateStatus
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.OTAUpdateStatus
+  ( OTAUpdateStatus
+      ( ..,
+        OTAUpdateStatus_CREATE_COMPLETE,
+        OTAUpdateStatus_CREATE_FAILED,
+        OTAUpdateStatus_CREATE_IN_PROGRESS,
+        OTAUpdateStatus_CREATE_PENDING
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype OTAUpdateStatus = OTAUpdateStatus'
+  { fromOTAUpdateStatus ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern OTAUpdateStatus_CREATE_COMPLETE :: OTAUpdateStatus
+pattern OTAUpdateStatus_CREATE_COMPLETE = OTAUpdateStatus' "CREATE_COMPLETE"
+
+pattern OTAUpdateStatus_CREATE_FAILED :: OTAUpdateStatus
+pattern OTAUpdateStatus_CREATE_FAILED = OTAUpdateStatus' "CREATE_FAILED"
+
+pattern OTAUpdateStatus_CREATE_IN_PROGRESS :: OTAUpdateStatus
+pattern OTAUpdateStatus_CREATE_IN_PROGRESS = OTAUpdateStatus' "CREATE_IN_PROGRESS"
+
+pattern OTAUpdateStatus_CREATE_PENDING :: OTAUpdateStatus
+pattern OTAUpdateStatus_CREATE_PENDING = OTAUpdateStatus' "CREATE_PENDING"
+
+{-# COMPLETE
+  OTAUpdateStatus_CREATE_COMPLETE,
+  OTAUpdateStatus_CREATE_FAILED,
+  OTAUpdateStatus_CREATE_IN_PROGRESS,
+  OTAUpdateStatus_CREATE_PENDING,
+  OTAUpdateStatus'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/OTAUpdateSummary.hs b/gen/Amazonka/IoT/Types/OTAUpdateSummary.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/OTAUpdateSummary.hs
@@ -0,0 +1,96 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.OTAUpdateSummary
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.OTAUpdateSummary where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | An OTA update summary.
+--
+-- /See:/ 'newOTAUpdateSummary' smart constructor.
+data OTAUpdateSummary = OTAUpdateSummary'
+  { -- | The date when the OTA update was created.
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | The OTA update ARN.
+    otaUpdateArn :: Prelude.Maybe Prelude.Text,
+    -- | The OTA update ID.
+    otaUpdateId :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'OTAUpdateSummary' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'creationDate', 'oTAUpdateSummary_creationDate' - The date when the OTA update was created.
+--
+-- 'otaUpdateArn', 'oTAUpdateSummary_otaUpdateArn' - The OTA update ARN.
+--
+-- 'otaUpdateId', 'oTAUpdateSummary_otaUpdateId' - The OTA update ID.
+newOTAUpdateSummary ::
+  OTAUpdateSummary
+newOTAUpdateSummary =
+  OTAUpdateSummary'
+    { creationDate = Prelude.Nothing,
+      otaUpdateArn = Prelude.Nothing,
+      otaUpdateId = Prelude.Nothing
+    }
+
+-- | The date when the OTA update was created.
+oTAUpdateSummary_creationDate :: Lens.Lens' OTAUpdateSummary (Prelude.Maybe Prelude.UTCTime)
+oTAUpdateSummary_creationDate = Lens.lens (\OTAUpdateSummary' {creationDate} -> creationDate) (\s@OTAUpdateSummary' {} a -> s {creationDate = a} :: OTAUpdateSummary) Prelude.. Lens.mapping Data._Time
+
+-- | The OTA update ARN.
+oTAUpdateSummary_otaUpdateArn :: Lens.Lens' OTAUpdateSummary (Prelude.Maybe Prelude.Text)
+oTAUpdateSummary_otaUpdateArn = Lens.lens (\OTAUpdateSummary' {otaUpdateArn} -> otaUpdateArn) (\s@OTAUpdateSummary' {} a -> s {otaUpdateArn = a} :: OTAUpdateSummary)
+
+-- | The OTA update ID.
+oTAUpdateSummary_otaUpdateId :: Lens.Lens' OTAUpdateSummary (Prelude.Maybe Prelude.Text)
+oTAUpdateSummary_otaUpdateId = Lens.lens (\OTAUpdateSummary' {otaUpdateId} -> otaUpdateId) (\s@OTAUpdateSummary' {} a -> s {otaUpdateId = a} :: OTAUpdateSummary)
+
+instance Data.FromJSON OTAUpdateSummary where
+  parseJSON =
+    Data.withObject
+      "OTAUpdateSummary"
+      ( \x ->
+          OTAUpdateSummary'
+            Prelude.<$> (x Data..:? "creationDate")
+            Prelude.<*> (x Data..:? "otaUpdateArn")
+            Prelude.<*> (x Data..:? "otaUpdateId")
+      )
+
+instance Prelude.Hashable OTAUpdateSummary where
+  hashWithSalt _salt OTAUpdateSummary' {..} =
+    _salt
+      `Prelude.hashWithSalt` creationDate
+      `Prelude.hashWithSalt` otaUpdateArn
+      `Prelude.hashWithSalt` otaUpdateId
+
+instance Prelude.NFData OTAUpdateSummary where
+  rnf OTAUpdateSummary' {..} =
+    Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf otaUpdateArn
+      `Prelude.seq` Prelude.rnf otaUpdateId
diff --git a/gen/Amazonka/IoT/Types/OpenSearchAction.hs b/gen/Amazonka/IoT/Types/OpenSearchAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/OpenSearchAction.hs
@@ -0,0 +1,148 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.OpenSearchAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.OpenSearchAction where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes an action that writes data to an Amazon OpenSearch Service
+-- domain.
+--
+-- /See:/ 'newOpenSearchAction' smart constructor.
+data OpenSearchAction = OpenSearchAction'
+  { -- | The IAM role ARN that has access to OpenSearch.
+    roleArn :: Prelude.Text,
+    -- | The endpoint of your OpenSearch domain.
+    endpoint :: Prelude.Text,
+    -- | The OpenSearch index where you want to store your data.
+    index :: Prelude.Text,
+    -- | The type of document you are storing.
+    type' :: Prelude.Text,
+    -- | The unique identifier for the document you are storing.
+    id :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'OpenSearchAction' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'roleArn', 'openSearchAction_roleArn' - The IAM role ARN that has access to OpenSearch.
+--
+-- 'endpoint', 'openSearchAction_endpoint' - The endpoint of your OpenSearch domain.
+--
+-- 'index', 'openSearchAction_index' - The OpenSearch index where you want to store your data.
+--
+-- 'type'', 'openSearchAction_type' - The type of document you are storing.
+--
+-- 'id', 'openSearchAction_id' - The unique identifier for the document you are storing.
+newOpenSearchAction ::
+  -- | 'roleArn'
+  Prelude.Text ->
+  -- | 'endpoint'
+  Prelude.Text ->
+  -- | 'index'
+  Prelude.Text ->
+  -- | 'type''
+  Prelude.Text ->
+  -- | 'id'
+  Prelude.Text ->
+  OpenSearchAction
+newOpenSearchAction
+  pRoleArn_
+  pEndpoint_
+  pIndex_
+  pType_
+  pId_ =
+    OpenSearchAction'
+      { roleArn = pRoleArn_,
+        endpoint = pEndpoint_,
+        index = pIndex_,
+        type' = pType_,
+        id = pId_
+      }
+
+-- | The IAM role ARN that has access to OpenSearch.
+openSearchAction_roleArn :: Lens.Lens' OpenSearchAction Prelude.Text
+openSearchAction_roleArn = Lens.lens (\OpenSearchAction' {roleArn} -> roleArn) (\s@OpenSearchAction' {} a -> s {roleArn = a} :: OpenSearchAction)
+
+-- | The endpoint of your OpenSearch domain.
+openSearchAction_endpoint :: Lens.Lens' OpenSearchAction Prelude.Text
+openSearchAction_endpoint = Lens.lens (\OpenSearchAction' {endpoint} -> endpoint) (\s@OpenSearchAction' {} a -> s {endpoint = a} :: OpenSearchAction)
+
+-- | The OpenSearch index where you want to store your data.
+openSearchAction_index :: Lens.Lens' OpenSearchAction Prelude.Text
+openSearchAction_index = Lens.lens (\OpenSearchAction' {index} -> index) (\s@OpenSearchAction' {} a -> s {index = a} :: OpenSearchAction)
+
+-- | The type of document you are storing.
+openSearchAction_type :: Lens.Lens' OpenSearchAction Prelude.Text
+openSearchAction_type = Lens.lens (\OpenSearchAction' {type'} -> type') (\s@OpenSearchAction' {} a -> s {type' = a} :: OpenSearchAction)
+
+-- | The unique identifier for the document you are storing.
+openSearchAction_id :: Lens.Lens' OpenSearchAction Prelude.Text
+openSearchAction_id = Lens.lens (\OpenSearchAction' {id} -> id) (\s@OpenSearchAction' {} a -> s {id = a} :: OpenSearchAction)
+
+instance Data.FromJSON OpenSearchAction where
+  parseJSON =
+    Data.withObject
+      "OpenSearchAction"
+      ( \x ->
+          OpenSearchAction'
+            Prelude.<$> (x Data..: "roleArn")
+            Prelude.<*> (x Data..: "endpoint")
+            Prelude.<*> (x Data..: "index")
+            Prelude.<*> (x Data..: "type")
+            Prelude.<*> (x Data..: "id")
+      )
+
+instance Prelude.Hashable OpenSearchAction where
+  hashWithSalt _salt OpenSearchAction' {..} =
+    _salt
+      `Prelude.hashWithSalt` roleArn
+      `Prelude.hashWithSalt` endpoint
+      `Prelude.hashWithSalt` index
+      `Prelude.hashWithSalt` type'
+      `Prelude.hashWithSalt` id
+
+instance Prelude.NFData OpenSearchAction where
+  rnf OpenSearchAction' {..} =
+    Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf endpoint
+      `Prelude.seq` Prelude.rnf index
+      `Prelude.seq` Prelude.rnf type'
+      `Prelude.seq` Prelude.rnf id
+
+instance Data.ToJSON OpenSearchAction where
+  toJSON OpenSearchAction' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("roleArn" Data..= roleArn),
+            Prelude.Just ("endpoint" Data..= endpoint),
+            Prelude.Just ("index" Data..= index),
+            Prelude.Just ("type" Data..= type'),
+            Prelude.Just ("id" Data..= id)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/OutgoingCertificate.hs b/gen/Amazonka/IoT/Types/OutgoingCertificate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/OutgoingCertificate.hs
@@ -0,0 +1,133 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.OutgoingCertificate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.OutgoingCertificate where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | A certificate that has been transferred but not yet accepted.
+--
+-- /See:/ 'newOutgoingCertificate' smart constructor.
+data OutgoingCertificate = OutgoingCertificate'
+  { -- | The certificate ARN.
+    certificateArn :: Prelude.Maybe Prelude.Text,
+    -- | The certificate ID.
+    certificateId :: Prelude.Maybe Prelude.Text,
+    -- | The certificate creation date.
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | The date the transfer was initiated.
+    transferDate :: Prelude.Maybe Data.POSIX,
+    -- | The transfer message.
+    transferMessage :: Prelude.Maybe Prelude.Text,
+    -- | The Amazon Web Services account to which the transfer was made.
+    transferredTo :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'OutgoingCertificate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificateArn', 'outgoingCertificate_certificateArn' - The certificate ARN.
+--
+-- 'certificateId', 'outgoingCertificate_certificateId' - The certificate ID.
+--
+-- 'creationDate', 'outgoingCertificate_creationDate' - The certificate creation date.
+--
+-- 'transferDate', 'outgoingCertificate_transferDate' - The date the transfer was initiated.
+--
+-- 'transferMessage', 'outgoingCertificate_transferMessage' - The transfer message.
+--
+-- 'transferredTo', 'outgoingCertificate_transferredTo' - The Amazon Web Services account to which the transfer was made.
+newOutgoingCertificate ::
+  OutgoingCertificate
+newOutgoingCertificate =
+  OutgoingCertificate'
+    { certificateArn =
+        Prelude.Nothing,
+      certificateId = Prelude.Nothing,
+      creationDate = Prelude.Nothing,
+      transferDate = Prelude.Nothing,
+      transferMessage = Prelude.Nothing,
+      transferredTo = Prelude.Nothing
+    }
+
+-- | The certificate ARN.
+outgoingCertificate_certificateArn :: Lens.Lens' OutgoingCertificate (Prelude.Maybe Prelude.Text)
+outgoingCertificate_certificateArn = Lens.lens (\OutgoingCertificate' {certificateArn} -> certificateArn) (\s@OutgoingCertificate' {} a -> s {certificateArn = a} :: OutgoingCertificate)
+
+-- | The certificate ID.
+outgoingCertificate_certificateId :: Lens.Lens' OutgoingCertificate (Prelude.Maybe Prelude.Text)
+outgoingCertificate_certificateId = Lens.lens (\OutgoingCertificate' {certificateId} -> certificateId) (\s@OutgoingCertificate' {} a -> s {certificateId = a} :: OutgoingCertificate)
+
+-- | The certificate creation date.
+outgoingCertificate_creationDate :: Lens.Lens' OutgoingCertificate (Prelude.Maybe Prelude.UTCTime)
+outgoingCertificate_creationDate = Lens.lens (\OutgoingCertificate' {creationDate} -> creationDate) (\s@OutgoingCertificate' {} a -> s {creationDate = a} :: OutgoingCertificate) Prelude.. Lens.mapping Data._Time
+
+-- | The date the transfer was initiated.
+outgoingCertificate_transferDate :: Lens.Lens' OutgoingCertificate (Prelude.Maybe Prelude.UTCTime)
+outgoingCertificate_transferDate = Lens.lens (\OutgoingCertificate' {transferDate} -> transferDate) (\s@OutgoingCertificate' {} a -> s {transferDate = a} :: OutgoingCertificate) Prelude.. Lens.mapping Data._Time
+
+-- | The transfer message.
+outgoingCertificate_transferMessage :: Lens.Lens' OutgoingCertificate (Prelude.Maybe Prelude.Text)
+outgoingCertificate_transferMessage = Lens.lens (\OutgoingCertificate' {transferMessage} -> transferMessage) (\s@OutgoingCertificate' {} a -> s {transferMessage = a} :: OutgoingCertificate)
+
+-- | The Amazon Web Services account to which the transfer was made.
+outgoingCertificate_transferredTo :: Lens.Lens' OutgoingCertificate (Prelude.Maybe Prelude.Text)
+outgoingCertificate_transferredTo = Lens.lens (\OutgoingCertificate' {transferredTo} -> transferredTo) (\s@OutgoingCertificate' {} a -> s {transferredTo = a} :: OutgoingCertificate)
+
+instance Data.FromJSON OutgoingCertificate where
+  parseJSON =
+    Data.withObject
+      "OutgoingCertificate"
+      ( \x ->
+          OutgoingCertificate'
+            Prelude.<$> (x Data..:? "certificateArn")
+            Prelude.<*> (x Data..:? "certificateId")
+            Prelude.<*> (x Data..:? "creationDate")
+            Prelude.<*> (x Data..:? "transferDate")
+            Prelude.<*> (x Data..:? "transferMessage")
+            Prelude.<*> (x Data..:? "transferredTo")
+      )
+
+instance Prelude.Hashable OutgoingCertificate where
+  hashWithSalt _salt OutgoingCertificate' {..} =
+    _salt
+      `Prelude.hashWithSalt` certificateArn
+      `Prelude.hashWithSalt` certificateId
+      `Prelude.hashWithSalt` creationDate
+      `Prelude.hashWithSalt` transferDate
+      `Prelude.hashWithSalt` transferMessage
+      `Prelude.hashWithSalt` transferredTo
+
+instance Prelude.NFData OutgoingCertificate where
+  rnf OutgoingCertificate' {..} =
+    Prelude.rnf certificateArn
+      `Prelude.seq` Prelude.rnf certificateId
+      `Prelude.seq` Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf transferDate
+      `Prelude.seq` Prelude.rnf transferMessage
+      `Prelude.seq` Prelude.rnf transferredTo
diff --git a/gen/Amazonka/IoT/Types/PercentPair.hs b/gen/Amazonka/IoT/Types/PercentPair.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/PercentPair.hs
@@ -0,0 +1,83 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.PercentPair
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.PercentPair where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes the percentile and percentile value.
+--
+-- /See:/ 'newPercentPair' smart constructor.
+data PercentPair = PercentPair'
+  { -- | The percentile.
+    percent :: Prelude.Maybe Prelude.Double,
+    -- | The value of the percentile.
+    value :: Prelude.Maybe Prelude.Double
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'PercentPair' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'percent', 'percentPair_percent' - The percentile.
+--
+-- 'value', 'percentPair_value' - The value of the percentile.
+newPercentPair ::
+  PercentPair
+newPercentPair =
+  PercentPair'
+    { percent = Prelude.Nothing,
+      value = Prelude.Nothing
+    }
+
+-- | The percentile.
+percentPair_percent :: Lens.Lens' PercentPair (Prelude.Maybe Prelude.Double)
+percentPair_percent = Lens.lens (\PercentPair' {percent} -> percent) (\s@PercentPair' {} a -> s {percent = a} :: PercentPair)
+
+-- | The value of the percentile.
+percentPair_value :: Lens.Lens' PercentPair (Prelude.Maybe Prelude.Double)
+percentPair_value = Lens.lens (\PercentPair' {value} -> value) (\s@PercentPair' {} a -> s {value = a} :: PercentPair)
+
+instance Data.FromJSON PercentPair where
+  parseJSON =
+    Data.withObject
+      "PercentPair"
+      ( \x ->
+          PercentPair'
+            Prelude.<$> (x Data..:? "percent")
+            Prelude.<*> (x Data..:? "value")
+      )
+
+instance Prelude.Hashable PercentPair where
+  hashWithSalt _salt PercentPair' {..} =
+    _salt
+      `Prelude.hashWithSalt` percent
+      `Prelude.hashWithSalt` value
+
+instance Prelude.NFData PercentPair where
+  rnf PercentPair' {..} =
+    Prelude.rnf percent `Prelude.seq` Prelude.rnf value
diff --git a/gen/Amazonka/IoT/Types/Policy.hs b/gen/Amazonka/IoT/Types/Policy.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/Policy.hs
@@ -0,0 +1,84 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.Policy
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.Policy where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes an IoT policy.
+--
+-- /See:/ 'newPolicy' smart constructor.
+data Policy = Policy'
+  { -- | The policy ARN.
+    policyArn :: Prelude.Maybe Prelude.Text,
+    -- | The policy name.
+    policyName :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'Policy' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'policyArn', 'policy_policyArn' - The policy ARN.
+--
+-- 'policyName', 'policy_policyName' - The policy name.
+newPolicy ::
+  Policy
+newPolicy =
+  Policy'
+    { policyArn = Prelude.Nothing,
+      policyName = Prelude.Nothing
+    }
+
+-- | The policy ARN.
+policy_policyArn :: Lens.Lens' Policy (Prelude.Maybe Prelude.Text)
+policy_policyArn = Lens.lens (\Policy' {policyArn} -> policyArn) (\s@Policy' {} a -> s {policyArn = a} :: Policy)
+
+-- | The policy name.
+policy_policyName :: Lens.Lens' Policy (Prelude.Maybe Prelude.Text)
+policy_policyName = Lens.lens (\Policy' {policyName} -> policyName) (\s@Policy' {} a -> s {policyName = a} :: Policy)
+
+instance Data.FromJSON Policy where
+  parseJSON =
+    Data.withObject
+      "Policy"
+      ( \x ->
+          Policy'
+            Prelude.<$> (x Data..:? "policyArn")
+            Prelude.<*> (x Data..:? "policyName")
+      )
+
+instance Prelude.Hashable Policy where
+  hashWithSalt _salt Policy' {..} =
+    _salt
+      `Prelude.hashWithSalt` policyArn
+      `Prelude.hashWithSalt` policyName
+
+instance Prelude.NFData Policy where
+  rnf Policy' {..} =
+    Prelude.rnf policyArn
+      `Prelude.seq` Prelude.rnf policyName
diff --git a/gen/Amazonka/IoT/Types/PolicyTemplateName.hs b/gen/Amazonka/IoT/Types/PolicyTemplateName.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/PolicyTemplateName.hs
@@ -0,0 +1,66 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.PolicyTemplateName
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.PolicyTemplateName
+  ( PolicyTemplateName
+      ( ..,
+        PolicyTemplateName_BLANK_POLICY
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype PolicyTemplateName = PolicyTemplateName'
+  { fromPolicyTemplateName ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern PolicyTemplateName_BLANK_POLICY :: PolicyTemplateName
+pattern PolicyTemplateName_BLANK_POLICY = PolicyTemplateName' "BLANK_POLICY"
+
+{-# COMPLETE
+  PolicyTemplateName_BLANK_POLICY,
+  PolicyTemplateName'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/PolicyVersion.hs b/gen/Amazonka/IoT/Types/PolicyVersion.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/PolicyVersion.hs
@@ -0,0 +1,96 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.PolicyVersion
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.PolicyVersion where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes a policy version.
+--
+-- /See:/ 'newPolicyVersion' smart constructor.
+data PolicyVersion = PolicyVersion'
+  { -- | The date and time the policy was created.
+    createDate :: Prelude.Maybe Data.POSIX,
+    -- | Specifies whether the policy version is the default.
+    isDefaultVersion :: Prelude.Maybe Prelude.Bool,
+    -- | The policy version ID.
+    versionId :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'PolicyVersion' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'createDate', 'policyVersion_createDate' - The date and time the policy was created.
+--
+-- 'isDefaultVersion', 'policyVersion_isDefaultVersion' - Specifies whether the policy version is the default.
+--
+-- 'versionId', 'policyVersion_versionId' - The policy version ID.
+newPolicyVersion ::
+  PolicyVersion
+newPolicyVersion =
+  PolicyVersion'
+    { createDate = Prelude.Nothing,
+      isDefaultVersion = Prelude.Nothing,
+      versionId = Prelude.Nothing
+    }
+
+-- | The date and time the policy was created.
+policyVersion_createDate :: Lens.Lens' PolicyVersion (Prelude.Maybe Prelude.UTCTime)
+policyVersion_createDate = Lens.lens (\PolicyVersion' {createDate} -> createDate) (\s@PolicyVersion' {} a -> s {createDate = a} :: PolicyVersion) Prelude.. Lens.mapping Data._Time
+
+-- | Specifies whether the policy version is the default.
+policyVersion_isDefaultVersion :: Lens.Lens' PolicyVersion (Prelude.Maybe Prelude.Bool)
+policyVersion_isDefaultVersion = Lens.lens (\PolicyVersion' {isDefaultVersion} -> isDefaultVersion) (\s@PolicyVersion' {} a -> s {isDefaultVersion = a} :: PolicyVersion)
+
+-- | The policy version ID.
+policyVersion_versionId :: Lens.Lens' PolicyVersion (Prelude.Maybe Prelude.Text)
+policyVersion_versionId = Lens.lens (\PolicyVersion' {versionId} -> versionId) (\s@PolicyVersion' {} a -> s {versionId = a} :: PolicyVersion)
+
+instance Data.FromJSON PolicyVersion where
+  parseJSON =
+    Data.withObject
+      "PolicyVersion"
+      ( \x ->
+          PolicyVersion'
+            Prelude.<$> (x Data..:? "createDate")
+            Prelude.<*> (x Data..:? "isDefaultVersion")
+            Prelude.<*> (x Data..:? "versionId")
+      )
+
+instance Prelude.Hashable PolicyVersion where
+  hashWithSalt _salt PolicyVersion' {..} =
+    _salt
+      `Prelude.hashWithSalt` createDate
+      `Prelude.hashWithSalt` isDefaultVersion
+      `Prelude.hashWithSalt` versionId
+
+instance Prelude.NFData PolicyVersion where
+  rnf PolicyVersion' {..} =
+    Prelude.rnf createDate
+      `Prelude.seq` Prelude.rnf isDefaultVersion
+      `Prelude.seq` Prelude.rnf versionId
diff --git a/gen/Amazonka/IoT/Types/PolicyVersionIdentifier.hs b/gen/Amazonka/IoT/Types/PolicyVersionIdentifier.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/PolicyVersionIdentifier.hs
@@ -0,0 +1,96 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.PolicyVersionIdentifier
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.PolicyVersionIdentifier where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Information about the version of the policy associated with the
+-- resource.
+--
+-- /See:/ 'newPolicyVersionIdentifier' smart constructor.
+data PolicyVersionIdentifier = PolicyVersionIdentifier'
+  { -- | The name of the policy.
+    policyName :: Prelude.Maybe Prelude.Text,
+    -- | The ID of the version of the policy associated with the resource.
+    policyVersionId :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'PolicyVersionIdentifier' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'policyName', 'policyVersionIdentifier_policyName' - The name of the policy.
+--
+-- 'policyVersionId', 'policyVersionIdentifier_policyVersionId' - The ID of the version of the policy associated with the resource.
+newPolicyVersionIdentifier ::
+  PolicyVersionIdentifier
+newPolicyVersionIdentifier =
+  PolicyVersionIdentifier'
+    { policyName =
+        Prelude.Nothing,
+      policyVersionId = Prelude.Nothing
+    }
+
+-- | The name of the policy.
+policyVersionIdentifier_policyName :: Lens.Lens' PolicyVersionIdentifier (Prelude.Maybe Prelude.Text)
+policyVersionIdentifier_policyName = Lens.lens (\PolicyVersionIdentifier' {policyName} -> policyName) (\s@PolicyVersionIdentifier' {} a -> s {policyName = a} :: PolicyVersionIdentifier)
+
+-- | The ID of the version of the policy associated with the resource.
+policyVersionIdentifier_policyVersionId :: Lens.Lens' PolicyVersionIdentifier (Prelude.Maybe Prelude.Text)
+policyVersionIdentifier_policyVersionId = Lens.lens (\PolicyVersionIdentifier' {policyVersionId} -> policyVersionId) (\s@PolicyVersionIdentifier' {} a -> s {policyVersionId = a} :: PolicyVersionIdentifier)
+
+instance Data.FromJSON PolicyVersionIdentifier where
+  parseJSON =
+    Data.withObject
+      "PolicyVersionIdentifier"
+      ( \x ->
+          PolicyVersionIdentifier'
+            Prelude.<$> (x Data..:? "policyName")
+            Prelude.<*> (x Data..:? "policyVersionId")
+      )
+
+instance Prelude.Hashable PolicyVersionIdentifier where
+  hashWithSalt _salt PolicyVersionIdentifier' {..} =
+    _salt
+      `Prelude.hashWithSalt` policyName
+      `Prelude.hashWithSalt` policyVersionId
+
+instance Prelude.NFData PolicyVersionIdentifier where
+  rnf PolicyVersionIdentifier' {..} =
+    Prelude.rnf policyName
+      `Prelude.seq` Prelude.rnf policyVersionId
+
+instance Data.ToJSON PolicyVersionIdentifier where
+  toJSON PolicyVersionIdentifier' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("policyName" Data..=) Prelude.<$> policyName,
+            ("policyVersionId" Data..=)
+              Prelude.<$> policyVersionId
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/PresignedUrlConfig.hs b/gen/Amazonka/IoT/Types/PresignedUrlConfig.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/PresignedUrlConfig.hs
@@ -0,0 +1,117 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.PresignedUrlConfig
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.PresignedUrlConfig where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Configuration for pre-signed S3 URLs.
+--
+-- /See:/ 'newPresignedUrlConfig' smart constructor.
+data PresignedUrlConfig = PresignedUrlConfig'
+  { -- | How long (in seconds) pre-signed URLs are valid. Valid values are 60 -
+    -- 3600, the default value is 3600 seconds. Pre-signed URLs are generated
+    -- when Jobs receives an MQTT request for the job document.
+    expiresInSec :: Prelude.Maybe Prelude.Natural,
+    -- | The ARN of an IAM role that grants grants permission to download files
+    -- from the S3 bucket where the job data\/updates are stored. The role must
+    -- also grant permission for IoT to download the files.
+    --
+    -- For information about addressing the confused deputy problem, see
+    -- <https://docs.aws.amazon.com/iot/latest/developerguide/cross-service-confused-deputy-prevention.html cross-service confused deputy prevention>
+    -- in the /Amazon Web Services IoT Core developer guide/.
+    roleArn :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'PresignedUrlConfig' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'expiresInSec', 'presignedUrlConfig_expiresInSec' - How long (in seconds) pre-signed URLs are valid. Valid values are 60 -
+-- 3600, the default value is 3600 seconds. Pre-signed URLs are generated
+-- when Jobs receives an MQTT request for the job document.
+--
+-- 'roleArn', 'presignedUrlConfig_roleArn' - The ARN of an IAM role that grants grants permission to download files
+-- from the S3 bucket where the job data\/updates are stored. The role must
+-- also grant permission for IoT to download the files.
+--
+-- For information about addressing the confused deputy problem, see
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/cross-service-confused-deputy-prevention.html cross-service confused deputy prevention>
+-- in the /Amazon Web Services IoT Core developer guide/.
+newPresignedUrlConfig ::
+  PresignedUrlConfig
+newPresignedUrlConfig =
+  PresignedUrlConfig'
+    { expiresInSec = Prelude.Nothing,
+      roleArn = Prelude.Nothing
+    }
+
+-- | How long (in seconds) pre-signed URLs are valid. Valid values are 60 -
+-- 3600, the default value is 3600 seconds. Pre-signed URLs are generated
+-- when Jobs receives an MQTT request for the job document.
+presignedUrlConfig_expiresInSec :: Lens.Lens' PresignedUrlConfig (Prelude.Maybe Prelude.Natural)
+presignedUrlConfig_expiresInSec = Lens.lens (\PresignedUrlConfig' {expiresInSec} -> expiresInSec) (\s@PresignedUrlConfig' {} a -> s {expiresInSec = a} :: PresignedUrlConfig)
+
+-- | The ARN of an IAM role that grants grants permission to download files
+-- from the S3 bucket where the job data\/updates are stored. The role must
+-- also grant permission for IoT to download the files.
+--
+-- For information about addressing the confused deputy problem, see
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/cross-service-confused-deputy-prevention.html cross-service confused deputy prevention>
+-- in the /Amazon Web Services IoT Core developer guide/.
+presignedUrlConfig_roleArn :: Lens.Lens' PresignedUrlConfig (Prelude.Maybe Prelude.Text)
+presignedUrlConfig_roleArn = Lens.lens (\PresignedUrlConfig' {roleArn} -> roleArn) (\s@PresignedUrlConfig' {} a -> s {roleArn = a} :: PresignedUrlConfig)
+
+instance Data.FromJSON PresignedUrlConfig where
+  parseJSON =
+    Data.withObject
+      "PresignedUrlConfig"
+      ( \x ->
+          PresignedUrlConfig'
+            Prelude.<$> (x Data..:? "expiresInSec")
+            Prelude.<*> (x Data..:? "roleArn")
+      )
+
+instance Prelude.Hashable PresignedUrlConfig where
+  hashWithSalt _salt PresignedUrlConfig' {..} =
+    _salt
+      `Prelude.hashWithSalt` expiresInSec
+      `Prelude.hashWithSalt` roleArn
+
+instance Prelude.NFData PresignedUrlConfig where
+  rnf PresignedUrlConfig' {..} =
+    Prelude.rnf expiresInSec
+      `Prelude.seq` Prelude.rnf roleArn
+
+instance Data.ToJSON PresignedUrlConfig where
+  toJSON PresignedUrlConfig' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("expiresInSec" Data..=) Prelude.<$> expiresInSec,
+            ("roleArn" Data..=) Prelude.<$> roleArn
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/Protocol.hs b/gen/Amazonka/IoT/Types/Protocol.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/Protocol.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.Protocol
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.Protocol
+  ( Protocol
+      ( ..,
+        Protocol_HTTP,
+        Protocol_MQTT
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype Protocol = Protocol'
+  { fromProtocol ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern Protocol_HTTP :: Protocol
+pattern Protocol_HTTP = Protocol' "HTTP"
+
+pattern Protocol_MQTT :: Protocol
+pattern Protocol_MQTT = Protocol' "MQTT"
+
+{-# COMPLETE
+  Protocol_HTTP,
+  Protocol_MQTT,
+  Protocol'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/ProvisioningHook.hs b/gen/Amazonka/IoT/Types/ProvisioningHook.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ProvisioningHook.hs
@@ -0,0 +1,108 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ProvisioningHook
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ProvisioningHook where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Structure that contains @payloadVersion@ and @targetArn@.
+--
+-- /See:/ 'newProvisioningHook' smart constructor.
+data ProvisioningHook = ProvisioningHook'
+  { -- | The payload that was sent to the target function.
+    --
+    -- /Note:/ Only Lambda functions are currently supported.
+    payloadVersion :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the target function.
+    --
+    -- /Note:/ Only Lambda functions are currently supported.
+    targetArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ProvisioningHook' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'payloadVersion', 'provisioningHook_payloadVersion' - The payload that was sent to the target function.
+--
+-- /Note:/ Only Lambda functions are currently supported.
+--
+-- 'targetArn', 'provisioningHook_targetArn' - The ARN of the target function.
+--
+-- /Note:/ Only Lambda functions are currently supported.
+newProvisioningHook ::
+  -- | 'targetArn'
+  Prelude.Text ->
+  ProvisioningHook
+newProvisioningHook pTargetArn_ =
+  ProvisioningHook'
+    { payloadVersion = Prelude.Nothing,
+      targetArn = pTargetArn_
+    }
+
+-- | The payload that was sent to the target function.
+--
+-- /Note:/ Only Lambda functions are currently supported.
+provisioningHook_payloadVersion :: Lens.Lens' ProvisioningHook (Prelude.Maybe Prelude.Text)
+provisioningHook_payloadVersion = Lens.lens (\ProvisioningHook' {payloadVersion} -> payloadVersion) (\s@ProvisioningHook' {} a -> s {payloadVersion = a} :: ProvisioningHook)
+
+-- | The ARN of the target function.
+--
+-- /Note:/ Only Lambda functions are currently supported.
+provisioningHook_targetArn :: Lens.Lens' ProvisioningHook Prelude.Text
+provisioningHook_targetArn = Lens.lens (\ProvisioningHook' {targetArn} -> targetArn) (\s@ProvisioningHook' {} a -> s {targetArn = a} :: ProvisioningHook)
+
+instance Data.FromJSON ProvisioningHook where
+  parseJSON =
+    Data.withObject
+      "ProvisioningHook"
+      ( \x ->
+          ProvisioningHook'
+            Prelude.<$> (x Data..:? "payloadVersion")
+            Prelude.<*> (x Data..: "targetArn")
+      )
+
+instance Prelude.Hashable ProvisioningHook where
+  hashWithSalt _salt ProvisioningHook' {..} =
+    _salt
+      `Prelude.hashWithSalt` payloadVersion
+      `Prelude.hashWithSalt` targetArn
+
+instance Prelude.NFData ProvisioningHook where
+  rnf ProvisioningHook' {..} =
+    Prelude.rnf payloadVersion
+      `Prelude.seq` Prelude.rnf targetArn
+
+instance Data.ToJSON ProvisioningHook where
+  toJSON ProvisioningHook' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("payloadVersion" Data..=)
+              Prelude.<$> payloadVersion,
+            Prelude.Just ("targetArn" Data..= targetArn)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/ProvisioningTemplateSummary.hs b/gen/Amazonka/IoT/Types/ProvisioningTemplateSummary.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ProvisioningTemplateSummary.hs
@@ -0,0 +1,158 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ProvisioningTemplateSummary
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ProvisioningTemplateSummary where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.TemplateType
+import qualified Amazonka.Prelude as Prelude
+
+-- | A summary of information about a provisioning template.
+--
+-- /See:/ 'newProvisioningTemplateSummary' smart constructor.
+data ProvisioningTemplateSummary = ProvisioningTemplateSummary'
+  { -- | The date when the provisioning template summary was created.
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | The description of the provisioning template.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | True if the fleet provision template is enabled, otherwise false.
+    enabled :: Prelude.Maybe Prelude.Bool,
+    -- | The date when the provisioning template summary was last modified.
+    lastModifiedDate :: Prelude.Maybe Data.POSIX,
+    -- | The ARN of the provisioning template.
+    templateArn :: Prelude.Maybe Prelude.Text,
+    -- | The name of the provisioning template.
+    templateName :: Prelude.Maybe Prelude.Text,
+    -- | The type you define in a provisioning template. You can create a
+    -- template with only one type. You can\'t change the template type after
+    -- its creation. The default value is @FLEET_PROVISIONING@. For more
+    -- information about provisioning template, see:
+    -- <https://docs.aws.amazon.com/iot/latest/developerguide/provision-template.html Provisioning template>.
+    type' :: Prelude.Maybe TemplateType
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ProvisioningTemplateSummary' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'creationDate', 'provisioningTemplateSummary_creationDate' - The date when the provisioning template summary was created.
+--
+-- 'description', 'provisioningTemplateSummary_description' - The description of the provisioning template.
+--
+-- 'enabled', 'provisioningTemplateSummary_enabled' - True if the fleet provision template is enabled, otherwise false.
+--
+-- 'lastModifiedDate', 'provisioningTemplateSummary_lastModifiedDate' - The date when the provisioning template summary was last modified.
+--
+-- 'templateArn', 'provisioningTemplateSummary_templateArn' - The ARN of the provisioning template.
+--
+-- 'templateName', 'provisioningTemplateSummary_templateName' - The name of the provisioning template.
+--
+-- 'type'', 'provisioningTemplateSummary_type' - The type you define in a provisioning template. You can create a
+-- template with only one type. You can\'t change the template type after
+-- its creation. The default value is @FLEET_PROVISIONING@. For more
+-- information about provisioning template, see:
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/provision-template.html Provisioning template>.
+newProvisioningTemplateSummary ::
+  ProvisioningTemplateSummary
+newProvisioningTemplateSummary =
+  ProvisioningTemplateSummary'
+    { creationDate =
+        Prelude.Nothing,
+      description = Prelude.Nothing,
+      enabled = Prelude.Nothing,
+      lastModifiedDate = Prelude.Nothing,
+      templateArn = Prelude.Nothing,
+      templateName = Prelude.Nothing,
+      type' = Prelude.Nothing
+    }
+
+-- | The date when the provisioning template summary was created.
+provisioningTemplateSummary_creationDate :: Lens.Lens' ProvisioningTemplateSummary (Prelude.Maybe Prelude.UTCTime)
+provisioningTemplateSummary_creationDate = Lens.lens (\ProvisioningTemplateSummary' {creationDate} -> creationDate) (\s@ProvisioningTemplateSummary' {} a -> s {creationDate = a} :: ProvisioningTemplateSummary) Prelude.. Lens.mapping Data._Time
+
+-- | The description of the provisioning template.
+provisioningTemplateSummary_description :: Lens.Lens' ProvisioningTemplateSummary (Prelude.Maybe Prelude.Text)
+provisioningTemplateSummary_description = Lens.lens (\ProvisioningTemplateSummary' {description} -> description) (\s@ProvisioningTemplateSummary' {} a -> s {description = a} :: ProvisioningTemplateSummary)
+
+-- | True if the fleet provision template is enabled, otherwise false.
+provisioningTemplateSummary_enabled :: Lens.Lens' ProvisioningTemplateSummary (Prelude.Maybe Prelude.Bool)
+provisioningTemplateSummary_enabled = Lens.lens (\ProvisioningTemplateSummary' {enabled} -> enabled) (\s@ProvisioningTemplateSummary' {} a -> s {enabled = a} :: ProvisioningTemplateSummary)
+
+-- | The date when the provisioning template summary was last modified.
+provisioningTemplateSummary_lastModifiedDate :: Lens.Lens' ProvisioningTemplateSummary (Prelude.Maybe Prelude.UTCTime)
+provisioningTemplateSummary_lastModifiedDate = Lens.lens (\ProvisioningTemplateSummary' {lastModifiedDate} -> lastModifiedDate) (\s@ProvisioningTemplateSummary' {} a -> s {lastModifiedDate = a} :: ProvisioningTemplateSummary) Prelude.. Lens.mapping Data._Time
+
+-- | The ARN of the provisioning template.
+provisioningTemplateSummary_templateArn :: Lens.Lens' ProvisioningTemplateSummary (Prelude.Maybe Prelude.Text)
+provisioningTemplateSummary_templateArn = Lens.lens (\ProvisioningTemplateSummary' {templateArn} -> templateArn) (\s@ProvisioningTemplateSummary' {} a -> s {templateArn = a} :: ProvisioningTemplateSummary)
+
+-- | The name of the provisioning template.
+provisioningTemplateSummary_templateName :: Lens.Lens' ProvisioningTemplateSummary (Prelude.Maybe Prelude.Text)
+provisioningTemplateSummary_templateName = Lens.lens (\ProvisioningTemplateSummary' {templateName} -> templateName) (\s@ProvisioningTemplateSummary' {} a -> s {templateName = a} :: ProvisioningTemplateSummary)
+
+-- | The type you define in a provisioning template. You can create a
+-- template with only one type. You can\'t change the template type after
+-- its creation. The default value is @FLEET_PROVISIONING@. For more
+-- information about provisioning template, see:
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/provision-template.html Provisioning template>.
+provisioningTemplateSummary_type :: Lens.Lens' ProvisioningTemplateSummary (Prelude.Maybe TemplateType)
+provisioningTemplateSummary_type = Lens.lens (\ProvisioningTemplateSummary' {type'} -> type') (\s@ProvisioningTemplateSummary' {} a -> s {type' = a} :: ProvisioningTemplateSummary)
+
+instance Data.FromJSON ProvisioningTemplateSummary where
+  parseJSON =
+    Data.withObject
+      "ProvisioningTemplateSummary"
+      ( \x ->
+          ProvisioningTemplateSummary'
+            Prelude.<$> (x Data..:? "creationDate")
+            Prelude.<*> (x Data..:? "description")
+            Prelude.<*> (x Data..:? "enabled")
+            Prelude.<*> (x Data..:? "lastModifiedDate")
+            Prelude.<*> (x Data..:? "templateArn")
+            Prelude.<*> (x Data..:? "templateName")
+            Prelude.<*> (x Data..:? "type")
+      )
+
+instance Prelude.Hashable ProvisioningTemplateSummary where
+  hashWithSalt _salt ProvisioningTemplateSummary' {..} =
+    _salt
+      `Prelude.hashWithSalt` creationDate
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` enabled
+      `Prelude.hashWithSalt` lastModifiedDate
+      `Prelude.hashWithSalt` templateArn
+      `Prelude.hashWithSalt` templateName
+      `Prelude.hashWithSalt` type'
+
+instance Prelude.NFData ProvisioningTemplateSummary where
+  rnf ProvisioningTemplateSummary' {..} =
+    Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf description
+      `Prelude.seq` Prelude.rnf enabled
+      `Prelude.seq` Prelude.rnf lastModifiedDate
+      `Prelude.seq` Prelude.rnf templateArn
+      `Prelude.seq` Prelude.rnf templateName
+      `Prelude.seq` Prelude.rnf type'
diff --git a/gen/Amazonka/IoT/Types/ProvisioningTemplateVersionSummary.hs b/gen/Amazonka/IoT/Types/ProvisioningTemplateVersionSummary.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ProvisioningTemplateVersionSummary.hs
@@ -0,0 +1,111 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ProvisioningTemplateVersionSummary
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ProvisioningTemplateVersionSummary where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | A summary of information about a fleet provision template version.
+--
+-- /See:/ 'newProvisioningTemplateVersionSummary' smart constructor.
+data ProvisioningTemplateVersionSummary = ProvisioningTemplateVersionSummary'
+  { -- | The date when the provisioning template version was created
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | True if the provisioning template version is the default version,
+    -- otherwise false.
+    isDefaultVersion :: Prelude.Maybe Prelude.Bool,
+    -- | The ID of the fleet provisioning template version.
+    versionId :: Prelude.Maybe Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ProvisioningTemplateVersionSummary' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'creationDate', 'provisioningTemplateVersionSummary_creationDate' - The date when the provisioning template version was created
+--
+-- 'isDefaultVersion', 'provisioningTemplateVersionSummary_isDefaultVersion' - True if the provisioning template version is the default version,
+-- otherwise false.
+--
+-- 'versionId', 'provisioningTemplateVersionSummary_versionId' - The ID of the fleet provisioning template version.
+newProvisioningTemplateVersionSummary ::
+  ProvisioningTemplateVersionSummary
+newProvisioningTemplateVersionSummary =
+  ProvisioningTemplateVersionSummary'
+    { creationDate =
+        Prelude.Nothing,
+      isDefaultVersion = Prelude.Nothing,
+      versionId = Prelude.Nothing
+    }
+
+-- | The date when the provisioning template version was created
+provisioningTemplateVersionSummary_creationDate :: Lens.Lens' ProvisioningTemplateVersionSummary (Prelude.Maybe Prelude.UTCTime)
+provisioningTemplateVersionSummary_creationDate = Lens.lens (\ProvisioningTemplateVersionSummary' {creationDate} -> creationDate) (\s@ProvisioningTemplateVersionSummary' {} a -> s {creationDate = a} :: ProvisioningTemplateVersionSummary) Prelude.. Lens.mapping Data._Time
+
+-- | True if the provisioning template version is the default version,
+-- otherwise false.
+provisioningTemplateVersionSummary_isDefaultVersion :: Lens.Lens' ProvisioningTemplateVersionSummary (Prelude.Maybe Prelude.Bool)
+provisioningTemplateVersionSummary_isDefaultVersion = Lens.lens (\ProvisioningTemplateVersionSummary' {isDefaultVersion} -> isDefaultVersion) (\s@ProvisioningTemplateVersionSummary' {} a -> s {isDefaultVersion = a} :: ProvisioningTemplateVersionSummary)
+
+-- | The ID of the fleet provisioning template version.
+provisioningTemplateVersionSummary_versionId :: Lens.Lens' ProvisioningTemplateVersionSummary (Prelude.Maybe Prelude.Int)
+provisioningTemplateVersionSummary_versionId = Lens.lens (\ProvisioningTemplateVersionSummary' {versionId} -> versionId) (\s@ProvisioningTemplateVersionSummary' {} a -> s {versionId = a} :: ProvisioningTemplateVersionSummary)
+
+instance
+  Data.FromJSON
+    ProvisioningTemplateVersionSummary
+  where
+  parseJSON =
+    Data.withObject
+      "ProvisioningTemplateVersionSummary"
+      ( \x ->
+          ProvisioningTemplateVersionSummary'
+            Prelude.<$> (x Data..:? "creationDate")
+            Prelude.<*> (x Data..:? "isDefaultVersion")
+            Prelude.<*> (x Data..:? "versionId")
+      )
+
+instance
+  Prelude.Hashable
+    ProvisioningTemplateVersionSummary
+  where
+  hashWithSalt
+    _salt
+    ProvisioningTemplateVersionSummary' {..} =
+      _salt
+        `Prelude.hashWithSalt` creationDate
+        `Prelude.hashWithSalt` isDefaultVersion
+        `Prelude.hashWithSalt` versionId
+
+instance
+  Prelude.NFData
+    ProvisioningTemplateVersionSummary
+  where
+  rnf ProvisioningTemplateVersionSummary' {..} =
+    Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf isDefaultVersion
+      `Prelude.seq` Prelude.rnf versionId
diff --git a/gen/Amazonka/IoT/Types/PublishFindingToSnsParams.hs b/gen/Amazonka/IoT/Types/PublishFindingToSnsParams.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/PublishFindingToSnsParams.hs
@@ -0,0 +1,80 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.PublishFindingToSnsParams
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.PublishFindingToSnsParams where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Parameters to define a mitigation action that publishes findings to
+-- Amazon SNS. You can implement your own custom actions in response to the
+-- Amazon SNS messages.
+--
+-- /See:/ 'newPublishFindingToSnsParams' smart constructor.
+data PublishFindingToSnsParams = PublishFindingToSnsParams'
+  { -- | The ARN of the topic to which you want to publish the findings.
+    topicArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'PublishFindingToSnsParams' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'topicArn', 'publishFindingToSnsParams_topicArn' - The ARN of the topic to which you want to publish the findings.
+newPublishFindingToSnsParams ::
+  -- | 'topicArn'
+  Prelude.Text ->
+  PublishFindingToSnsParams
+newPublishFindingToSnsParams pTopicArn_ =
+  PublishFindingToSnsParams' {topicArn = pTopicArn_}
+
+-- | The ARN of the topic to which you want to publish the findings.
+publishFindingToSnsParams_topicArn :: Lens.Lens' PublishFindingToSnsParams Prelude.Text
+publishFindingToSnsParams_topicArn = Lens.lens (\PublishFindingToSnsParams' {topicArn} -> topicArn) (\s@PublishFindingToSnsParams' {} a -> s {topicArn = a} :: PublishFindingToSnsParams)
+
+instance Data.FromJSON PublishFindingToSnsParams where
+  parseJSON =
+    Data.withObject
+      "PublishFindingToSnsParams"
+      ( \x ->
+          PublishFindingToSnsParams'
+            Prelude.<$> (x Data..: "topicArn")
+      )
+
+instance Prelude.Hashable PublishFindingToSnsParams where
+  hashWithSalt _salt PublishFindingToSnsParams' {..} =
+    _salt `Prelude.hashWithSalt` topicArn
+
+instance Prelude.NFData PublishFindingToSnsParams where
+  rnf PublishFindingToSnsParams' {..} =
+    Prelude.rnf topicArn
+
+instance Data.ToJSON PublishFindingToSnsParams where
+  toJSON PublishFindingToSnsParams' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [Prelude.Just ("topicArn" Data..= topicArn)]
+      )
diff --git a/gen/Amazonka/IoT/Types/PutAssetPropertyValueEntry.hs b/gen/Amazonka/IoT/Types/PutAssetPropertyValueEntry.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/PutAssetPropertyValueEntry.hs
@@ -0,0 +1,165 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.PutAssetPropertyValueEntry
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.PutAssetPropertyValueEntry where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.AssetPropertyValue
+import qualified Amazonka.Prelude as Prelude
+
+-- | An asset property value entry containing the following information.
+--
+-- /See:/ 'newPutAssetPropertyValueEntry' smart constructor.
+data PutAssetPropertyValueEntry = PutAssetPropertyValueEntry'
+  { -- | The ID of the IoT SiteWise asset. You must specify either a
+    -- @propertyAlias@ or both an @aliasId@ and a @propertyId@. Accepts
+    -- substitution templates.
+    assetId :: Prelude.Maybe Prelude.Text,
+    -- | Optional. A unique identifier for this entry that you can define to
+    -- better track which message caused an error in case of failure. Accepts
+    -- substitution templates. Defaults to a new UUID.
+    entryId :: Prelude.Maybe Prelude.Text,
+    -- | The name of the property alias associated with your asset property. You
+    -- must specify either a @propertyAlias@ or both an @aliasId@ and a
+    -- @propertyId@. Accepts substitution templates.
+    propertyAlias :: Prelude.Maybe Prelude.Text,
+    -- | The ID of the asset\'s property. You must specify either a
+    -- @propertyAlias@ or both an @aliasId@ and a @propertyId@. Accepts
+    -- substitution templates.
+    propertyId :: Prelude.Maybe Prelude.Text,
+    -- | A list of property values to insert that each contain timestamp,
+    -- quality, and value (TQV) information.
+    propertyValues :: Prelude.NonEmpty AssetPropertyValue
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'PutAssetPropertyValueEntry' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'assetId', 'putAssetPropertyValueEntry_assetId' - The ID of the IoT SiteWise asset. You must specify either a
+-- @propertyAlias@ or both an @aliasId@ and a @propertyId@. Accepts
+-- substitution templates.
+--
+-- 'entryId', 'putAssetPropertyValueEntry_entryId' - Optional. A unique identifier for this entry that you can define to
+-- better track which message caused an error in case of failure. Accepts
+-- substitution templates. Defaults to a new UUID.
+--
+-- 'propertyAlias', 'putAssetPropertyValueEntry_propertyAlias' - The name of the property alias associated with your asset property. You
+-- must specify either a @propertyAlias@ or both an @aliasId@ and a
+-- @propertyId@. Accepts substitution templates.
+--
+-- 'propertyId', 'putAssetPropertyValueEntry_propertyId' - The ID of the asset\'s property. You must specify either a
+-- @propertyAlias@ or both an @aliasId@ and a @propertyId@. Accepts
+-- substitution templates.
+--
+-- 'propertyValues', 'putAssetPropertyValueEntry_propertyValues' - A list of property values to insert that each contain timestamp,
+-- quality, and value (TQV) information.
+newPutAssetPropertyValueEntry ::
+  -- | 'propertyValues'
+  Prelude.NonEmpty AssetPropertyValue ->
+  PutAssetPropertyValueEntry
+newPutAssetPropertyValueEntry pPropertyValues_ =
+  PutAssetPropertyValueEntry'
+    { assetId =
+        Prelude.Nothing,
+      entryId = Prelude.Nothing,
+      propertyAlias = Prelude.Nothing,
+      propertyId = Prelude.Nothing,
+      propertyValues =
+        Lens.coerced Lens.# pPropertyValues_
+    }
+
+-- | The ID of the IoT SiteWise asset. You must specify either a
+-- @propertyAlias@ or both an @aliasId@ and a @propertyId@. Accepts
+-- substitution templates.
+putAssetPropertyValueEntry_assetId :: Lens.Lens' PutAssetPropertyValueEntry (Prelude.Maybe Prelude.Text)
+putAssetPropertyValueEntry_assetId = Lens.lens (\PutAssetPropertyValueEntry' {assetId} -> assetId) (\s@PutAssetPropertyValueEntry' {} a -> s {assetId = a} :: PutAssetPropertyValueEntry)
+
+-- | Optional. A unique identifier for this entry that you can define to
+-- better track which message caused an error in case of failure. Accepts
+-- substitution templates. Defaults to a new UUID.
+putAssetPropertyValueEntry_entryId :: Lens.Lens' PutAssetPropertyValueEntry (Prelude.Maybe Prelude.Text)
+putAssetPropertyValueEntry_entryId = Lens.lens (\PutAssetPropertyValueEntry' {entryId} -> entryId) (\s@PutAssetPropertyValueEntry' {} a -> s {entryId = a} :: PutAssetPropertyValueEntry)
+
+-- | The name of the property alias associated with your asset property. You
+-- must specify either a @propertyAlias@ or both an @aliasId@ and a
+-- @propertyId@. Accepts substitution templates.
+putAssetPropertyValueEntry_propertyAlias :: Lens.Lens' PutAssetPropertyValueEntry (Prelude.Maybe Prelude.Text)
+putAssetPropertyValueEntry_propertyAlias = Lens.lens (\PutAssetPropertyValueEntry' {propertyAlias} -> propertyAlias) (\s@PutAssetPropertyValueEntry' {} a -> s {propertyAlias = a} :: PutAssetPropertyValueEntry)
+
+-- | The ID of the asset\'s property. You must specify either a
+-- @propertyAlias@ or both an @aliasId@ and a @propertyId@. Accepts
+-- substitution templates.
+putAssetPropertyValueEntry_propertyId :: Lens.Lens' PutAssetPropertyValueEntry (Prelude.Maybe Prelude.Text)
+putAssetPropertyValueEntry_propertyId = Lens.lens (\PutAssetPropertyValueEntry' {propertyId} -> propertyId) (\s@PutAssetPropertyValueEntry' {} a -> s {propertyId = a} :: PutAssetPropertyValueEntry)
+
+-- | A list of property values to insert that each contain timestamp,
+-- quality, and value (TQV) information.
+putAssetPropertyValueEntry_propertyValues :: Lens.Lens' PutAssetPropertyValueEntry (Prelude.NonEmpty AssetPropertyValue)
+putAssetPropertyValueEntry_propertyValues = Lens.lens (\PutAssetPropertyValueEntry' {propertyValues} -> propertyValues) (\s@PutAssetPropertyValueEntry' {} a -> s {propertyValues = a} :: PutAssetPropertyValueEntry) Prelude.. Lens.coerced
+
+instance Data.FromJSON PutAssetPropertyValueEntry where
+  parseJSON =
+    Data.withObject
+      "PutAssetPropertyValueEntry"
+      ( \x ->
+          PutAssetPropertyValueEntry'
+            Prelude.<$> (x Data..:? "assetId")
+            Prelude.<*> (x Data..:? "entryId")
+            Prelude.<*> (x Data..:? "propertyAlias")
+            Prelude.<*> (x Data..:? "propertyId")
+            Prelude.<*> (x Data..: "propertyValues")
+      )
+
+instance Prelude.Hashable PutAssetPropertyValueEntry where
+  hashWithSalt _salt PutAssetPropertyValueEntry' {..} =
+    _salt
+      `Prelude.hashWithSalt` assetId
+      `Prelude.hashWithSalt` entryId
+      `Prelude.hashWithSalt` propertyAlias
+      `Prelude.hashWithSalt` propertyId
+      `Prelude.hashWithSalt` propertyValues
+
+instance Prelude.NFData PutAssetPropertyValueEntry where
+  rnf PutAssetPropertyValueEntry' {..} =
+    Prelude.rnf assetId
+      `Prelude.seq` Prelude.rnf entryId
+      `Prelude.seq` Prelude.rnf propertyAlias
+      `Prelude.seq` Prelude.rnf propertyId
+      `Prelude.seq` Prelude.rnf propertyValues
+
+instance Data.ToJSON PutAssetPropertyValueEntry where
+  toJSON PutAssetPropertyValueEntry' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("assetId" Data..=) Prelude.<$> assetId,
+            ("entryId" Data..=) Prelude.<$> entryId,
+            ("propertyAlias" Data..=) Prelude.<$> propertyAlias,
+            ("propertyId" Data..=) Prelude.<$> propertyId,
+            Prelude.Just
+              ("propertyValues" Data..= propertyValues)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/PutItemInput.hs b/gen/Amazonka/IoT/Types/PutItemInput.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/PutItemInput.hs
@@ -0,0 +1,77 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.PutItemInput
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.PutItemInput where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The input for the DynamoActionVS action that specifies the DynamoDB
+-- table to which the message data will be written.
+--
+-- /See:/ 'newPutItemInput' smart constructor.
+data PutItemInput = PutItemInput'
+  { -- | The table where the message data will be written.
+    tableName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'PutItemInput' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'tableName', 'putItemInput_tableName' - The table where the message data will be written.
+newPutItemInput ::
+  -- | 'tableName'
+  Prelude.Text ->
+  PutItemInput
+newPutItemInput pTableName_ =
+  PutItemInput' {tableName = pTableName_}
+
+-- | The table where the message data will be written.
+putItemInput_tableName :: Lens.Lens' PutItemInput Prelude.Text
+putItemInput_tableName = Lens.lens (\PutItemInput' {tableName} -> tableName) (\s@PutItemInput' {} a -> s {tableName = a} :: PutItemInput)
+
+instance Data.FromJSON PutItemInput where
+  parseJSON =
+    Data.withObject
+      "PutItemInput"
+      ( \x ->
+          PutItemInput' Prelude.<$> (x Data..: "tableName")
+      )
+
+instance Prelude.Hashable PutItemInput where
+  hashWithSalt _salt PutItemInput' {..} =
+    _salt `Prelude.hashWithSalt` tableName
+
+instance Prelude.NFData PutItemInput where
+  rnf PutItemInput' {..} = Prelude.rnf tableName
+
+instance Data.ToJSON PutItemInput where
+  toJSON PutItemInput' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [Prelude.Just ("tableName" Data..= tableName)]
+      )
diff --git a/gen/Amazonka/IoT/Types/RateIncreaseCriteria.hs b/gen/Amazonka/IoT/Types/RateIncreaseCriteria.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/RateIncreaseCriteria.hs
@@ -0,0 +1,103 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.RateIncreaseCriteria
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.RateIncreaseCriteria where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Allows you to define a criteria to initiate the increase in rate of
+-- rollout for a job.
+--
+-- /See:/ 'newRateIncreaseCriteria' smart constructor.
+data RateIncreaseCriteria = RateIncreaseCriteria'
+  { -- | The threshold for number of notified things that will initiate the
+    -- increase in rate of rollout.
+    numberOfNotifiedThings :: Prelude.Maybe Prelude.Natural,
+    -- | The threshold for number of succeeded things that will initiate the
+    -- increase in rate of rollout.
+    numberOfSucceededThings :: Prelude.Maybe Prelude.Natural
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'RateIncreaseCriteria' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'numberOfNotifiedThings', 'rateIncreaseCriteria_numberOfNotifiedThings' - The threshold for number of notified things that will initiate the
+-- increase in rate of rollout.
+--
+-- 'numberOfSucceededThings', 'rateIncreaseCriteria_numberOfSucceededThings' - The threshold for number of succeeded things that will initiate the
+-- increase in rate of rollout.
+newRateIncreaseCriteria ::
+  RateIncreaseCriteria
+newRateIncreaseCriteria =
+  RateIncreaseCriteria'
+    { numberOfNotifiedThings =
+        Prelude.Nothing,
+      numberOfSucceededThings = Prelude.Nothing
+    }
+
+-- | The threshold for number of notified things that will initiate the
+-- increase in rate of rollout.
+rateIncreaseCriteria_numberOfNotifiedThings :: Lens.Lens' RateIncreaseCriteria (Prelude.Maybe Prelude.Natural)
+rateIncreaseCriteria_numberOfNotifiedThings = Lens.lens (\RateIncreaseCriteria' {numberOfNotifiedThings} -> numberOfNotifiedThings) (\s@RateIncreaseCriteria' {} a -> s {numberOfNotifiedThings = a} :: RateIncreaseCriteria)
+
+-- | The threshold for number of succeeded things that will initiate the
+-- increase in rate of rollout.
+rateIncreaseCriteria_numberOfSucceededThings :: Lens.Lens' RateIncreaseCriteria (Prelude.Maybe Prelude.Natural)
+rateIncreaseCriteria_numberOfSucceededThings = Lens.lens (\RateIncreaseCriteria' {numberOfSucceededThings} -> numberOfSucceededThings) (\s@RateIncreaseCriteria' {} a -> s {numberOfSucceededThings = a} :: RateIncreaseCriteria)
+
+instance Data.FromJSON RateIncreaseCriteria where
+  parseJSON =
+    Data.withObject
+      "RateIncreaseCriteria"
+      ( \x ->
+          RateIncreaseCriteria'
+            Prelude.<$> (x Data..:? "numberOfNotifiedThings")
+            Prelude.<*> (x Data..:? "numberOfSucceededThings")
+      )
+
+instance Prelude.Hashable RateIncreaseCriteria where
+  hashWithSalt _salt RateIncreaseCriteria' {..} =
+    _salt
+      `Prelude.hashWithSalt` numberOfNotifiedThings
+      `Prelude.hashWithSalt` numberOfSucceededThings
+
+instance Prelude.NFData RateIncreaseCriteria where
+  rnf RateIncreaseCriteria' {..} =
+    Prelude.rnf numberOfNotifiedThings
+      `Prelude.seq` Prelude.rnf numberOfSucceededThings
+
+instance Data.ToJSON RateIncreaseCriteria where
+  toJSON RateIncreaseCriteria' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("numberOfNotifiedThings" Data..=)
+              Prelude.<$> numberOfNotifiedThings,
+            ("numberOfSucceededThings" Data..=)
+              Prelude.<$> numberOfSucceededThings
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/RegistrationConfig.hs b/gen/Amazonka/IoT/Types/RegistrationConfig.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/RegistrationConfig.hs
@@ -0,0 +1,106 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.RegistrationConfig
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.RegistrationConfig where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The registration configuration.
+--
+-- /See:/ 'newRegistrationConfig' smart constructor.
+data RegistrationConfig = RegistrationConfig'
+  { -- | The ARN of the role.
+    roleArn :: Prelude.Maybe Prelude.Text,
+    -- | The template body.
+    templateBody :: Prelude.Maybe Prelude.Text,
+    -- | The name of the provisioning template.
+    templateName :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'RegistrationConfig' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'roleArn', 'registrationConfig_roleArn' - The ARN of the role.
+--
+-- 'templateBody', 'registrationConfig_templateBody' - The template body.
+--
+-- 'templateName', 'registrationConfig_templateName' - The name of the provisioning template.
+newRegistrationConfig ::
+  RegistrationConfig
+newRegistrationConfig =
+  RegistrationConfig'
+    { roleArn = Prelude.Nothing,
+      templateBody = Prelude.Nothing,
+      templateName = Prelude.Nothing
+    }
+
+-- | The ARN of the role.
+registrationConfig_roleArn :: Lens.Lens' RegistrationConfig (Prelude.Maybe Prelude.Text)
+registrationConfig_roleArn = Lens.lens (\RegistrationConfig' {roleArn} -> roleArn) (\s@RegistrationConfig' {} a -> s {roleArn = a} :: RegistrationConfig)
+
+-- | The template body.
+registrationConfig_templateBody :: Lens.Lens' RegistrationConfig (Prelude.Maybe Prelude.Text)
+registrationConfig_templateBody = Lens.lens (\RegistrationConfig' {templateBody} -> templateBody) (\s@RegistrationConfig' {} a -> s {templateBody = a} :: RegistrationConfig)
+
+-- | The name of the provisioning template.
+registrationConfig_templateName :: Lens.Lens' RegistrationConfig (Prelude.Maybe Prelude.Text)
+registrationConfig_templateName = Lens.lens (\RegistrationConfig' {templateName} -> templateName) (\s@RegistrationConfig' {} a -> s {templateName = a} :: RegistrationConfig)
+
+instance Data.FromJSON RegistrationConfig where
+  parseJSON =
+    Data.withObject
+      "RegistrationConfig"
+      ( \x ->
+          RegistrationConfig'
+            Prelude.<$> (x Data..:? "roleArn")
+            Prelude.<*> (x Data..:? "templateBody")
+            Prelude.<*> (x Data..:? "templateName")
+      )
+
+instance Prelude.Hashable RegistrationConfig where
+  hashWithSalt _salt RegistrationConfig' {..} =
+    _salt
+      `Prelude.hashWithSalt` roleArn
+      `Prelude.hashWithSalt` templateBody
+      `Prelude.hashWithSalt` templateName
+
+instance Prelude.NFData RegistrationConfig where
+  rnf RegistrationConfig' {..} =
+    Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf templateBody
+      `Prelude.seq` Prelude.rnf templateName
+
+instance Data.ToJSON RegistrationConfig where
+  toJSON RegistrationConfig' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("roleArn" Data..=) Prelude.<$> roleArn,
+            ("templateBody" Data..=) Prelude.<$> templateBody,
+            ("templateName" Data..=) Prelude.<$> templateName
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/RelatedResource.hs b/gen/Amazonka/IoT/Types/RelatedResource.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/RelatedResource.hs
@@ -0,0 +1,98 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.RelatedResource
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.RelatedResource where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.ResourceIdentifier
+import Amazonka.IoT.Types.ResourceType
+import qualified Amazonka.Prelude as Prelude
+
+-- | Information about a related resource.
+--
+-- /See:/ 'newRelatedResource' smart constructor.
+data RelatedResource = RelatedResource'
+  { -- | Other information about the resource.
+    additionalInfo :: Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text),
+    -- | Information that identifies the resource.
+    resourceIdentifier :: Prelude.Maybe ResourceIdentifier,
+    -- | The type of resource.
+    resourceType :: Prelude.Maybe ResourceType
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'RelatedResource' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'additionalInfo', 'relatedResource_additionalInfo' - Other information about the resource.
+--
+-- 'resourceIdentifier', 'relatedResource_resourceIdentifier' - Information that identifies the resource.
+--
+-- 'resourceType', 'relatedResource_resourceType' - The type of resource.
+newRelatedResource ::
+  RelatedResource
+newRelatedResource =
+  RelatedResource'
+    { additionalInfo = Prelude.Nothing,
+      resourceIdentifier = Prelude.Nothing,
+      resourceType = Prelude.Nothing
+    }
+
+-- | Other information about the resource.
+relatedResource_additionalInfo :: Lens.Lens' RelatedResource (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
+relatedResource_additionalInfo = Lens.lens (\RelatedResource' {additionalInfo} -> additionalInfo) (\s@RelatedResource' {} a -> s {additionalInfo = a} :: RelatedResource) Prelude.. Lens.mapping Lens.coerced
+
+-- | Information that identifies the resource.
+relatedResource_resourceIdentifier :: Lens.Lens' RelatedResource (Prelude.Maybe ResourceIdentifier)
+relatedResource_resourceIdentifier = Lens.lens (\RelatedResource' {resourceIdentifier} -> resourceIdentifier) (\s@RelatedResource' {} a -> s {resourceIdentifier = a} :: RelatedResource)
+
+-- | The type of resource.
+relatedResource_resourceType :: Lens.Lens' RelatedResource (Prelude.Maybe ResourceType)
+relatedResource_resourceType = Lens.lens (\RelatedResource' {resourceType} -> resourceType) (\s@RelatedResource' {} a -> s {resourceType = a} :: RelatedResource)
+
+instance Data.FromJSON RelatedResource where
+  parseJSON =
+    Data.withObject
+      "RelatedResource"
+      ( \x ->
+          RelatedResource'
+            Prelude.<$> (x Data..:? "additionalInfo" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..:? "resourceIdentifier")
+            Prelude.<*> (x Data..:? "resourceType")
+      )
+
+instance Prelude.Hashable RelatedResource where
+  hashWithSalt _salt RelatedResource' {..} =
+    _salt
+      `Prelude.hashWithSalt` additionalInfo
+      `Prelude.hashWithSalt` resourceIdentifier
+      `Prelude.hashWithSalt` resourceType
+
+instance Prelude.NFData RelatedResource where
+  rnf RelatedResource' {..} =
+    Prelude.rnf additionalInfo
+      `Prelude.seq` Prelude.rnf resourceIdentifier
+      `Prelude.seq` Prelude.rnf resourceType
diff --git a/gen/Amazonka/IoT/Types/ReplaceDefaultPolicyVersionParams.hs b/gen/Amazonka/IoT/Types/ReplaceDefaultPolicyVersionParams.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ReplaceDefaultPolicyVersionParams.hs
@@ -0,0 +1,100 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ReplaceDefaultPolicyVersionParams
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ReplaceDefaultPolicyVersionParams where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.PolicyTemplateName
+import qualified Amazonka.Prelude as Prelude
+
+-- | Parameters to define a mitigation action that adds a blank policy to
+-- restrict permissions.
+--
+-- /See:/ 'newReplaceDefaultPolicyVersionParams' smart constructor.
+data ReplaceDefaultPolicyVersionParams = ReplaceDefaultPolicyVersionParams'
+  { -- | The name of the template to be applied. The only supported value is
+    -- @BLANK_POLICY@.
+    templateName :: PolicyTemplateName
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ReplaceDefaultPolicyVersionParams' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'templateName', 'replaceDefaultPolicyVersionParams_templateName' - The name of the template to be applied. The only supported value is
+-- @BLANK_POLICY@.
+newReplaceDefaultPolicyVersionParams ::
+  -- | 'templateName'
+  PolicyTemplateName ->
+  ReplaceDefaultPolicyVersionParams
+newReplaceDefaultPolicyVersionParams pTemplateName_ =
+  ReplaceDefaultPolicyVersionParams'
+    { templateName =
+        pTemplateName_
+    }
+
+-- | The name of the template to be applied. The only supported value is
+-- @BLANK_POLICY@.
+replaceDefaultPolicyVersionParams_templateName :: Lens.Lens' ReplaceDefaultPolicyVersionParams PolicyTemplateName
+replaceDefaultPolicyVersionParams_templateName = Lens.lens (\ReplaceDefaultPolicyVersionParams' {templateName} -> templateName) (\s@ReplaceDefaultPolicyVersionParams' {} a -> s {templateName = a} :: ReplaceDefaultPolicyVersionParams)
+
+instance
+  Data.FromJSON
+    ReplaceDefaultPolicyVersionParams
+  where
+  parseJSON =
+    Data.withObject
+      "ReplaceDefaultPolicyVersionParams"
+      ( \x ->
+          ReplaceDefaultPolicyVersionParams'
+            Prelude.<$> (x Data..: "templateName")
+      )
+
+instance
+  Prelude.Hashable
+    ReplaceDefaultPolicyVersionParams
+  where
+  hashWithSalt
+    _salt
+    ReplaceDefaultPolicyVersionParams' {..} =
+      _salt `Prelude.hashWithSalt` templateName
+
+instance
+  Prelude.NFData
+    ReplaceDefaultPolicyVersionParams
+  where
+  rnf ReplaceDefaultPolicyVersionParams' {..} =
+    Prelude.rnf templateName
+
+instance
+  Data.ToJSON
+    ReplaceDefaultPolicyVersionParams
+  where
+  toJSON ReplaceDefaultPolicyVersionParams' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [Prelude.Just ("templateName" Data..= templateName)]
+      )
diff --git a/gen/Amazonka/IoT/Types/ReportType.hs b/gen/Amazonka/IoT/Types/ReportType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ReportType.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ReportType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ReportType
+  ( ReportType
+      ( ..,
+        ReportType_ERRORS,
+        ReportType_RESULTS
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype ReportType = ReportType'
+  { fromReportType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern ReportType_ERRORS :: ReportType
+pattern ReportType_ERRORS = ReportType' "ERRORS"
+
+pattern ReportType_RESULTS :: ReportType
+pattern ReportType_RESULTS = ReportType' "RESULTS"
+
+{-# COMPLETE
+  ReportType_ERRORS,
+  ReportType_RESULTS,
+  ReportType'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/RepublishAction.hs b/gen/Amazonka/IoT/Types/RepublishAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/RepublishAction.hs
@@ -0,0 +1,133 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.RepublishAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.RepublishAction where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.MqttHeaders
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes an action to republish to another topic.
+--
+-- /See:/ 'newRepublishAction' smart constructor.
+data RepublishAction = RepublishAction'
+  { -- | MQTT Version 5.0 headers information. For more information, see
+    -- <https://docs.aws.amazon.com/iot/latest/developerguide/mqtt.html MQTT>
+    -- from the Amazon Web Services IoT Core Developer Guide.
+    headers :: Prelude.Maybe MqttHeaders,
+    -- | The Quality of Service (QoS) level to use when republishing messages.
+    -- The default value is 0.
+    qos :: Prelude.Maybe Prelude.Natural,
+    -- | The ARN of the IAM role that grants access.
+    roleArn :: Prelude.Text,
+    -- | The name of the MQTT topic.
+    topic :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'RepublishAction' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'headers', 'republishAction_headers' - MQTT Version 5.0 headers information. For more information, see
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/mqtt.html MQTT>
+-- from the Amazon Web Services IoT Core Developer Guide.
+--
+-- 'qos', 'republishAction_qos' - The Quality of Service (QoS) level to use when republishing messages.
+-- The default value is 0.
+--
+-- 'roleArn', 'republishAction_roleArn' - The ARN of the IAM role that grants access.
+--
+-- 'topic', 'republishAction_topic' - The name of the MQTT topic.
+newRepublishAction ::
+  -- | 'roleArn'
+  Prelude.Text ->
+  -- | 'topic'
+  Prelude.Text ->
+  RepublishAction
+newRepublishAction pRoleArn_ pTopic_ =
+  RepublishAction'
+    { headers = Prelude.Nothing,
+      qos = Prelude.Nothing,
+      roleArn = pRoleArn_,
+      topic = pTopic_
+    }
+
+-- | MQTT Version 5.0 headers information. For more information, see
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/mqtt.html MQTT>
+-- from the Amazon Web Services IoT Core Developer Guide.
+republishAction_headers :: Lens.Lens' RepublishAction (Prelude.Maybe MqttHeaders)
+republishAction_headers = Lens.lens (\RepublishAction' {headers} -> headers) (\s@RepublishAction' {} a -> s {headers = a} :: RepublishAction)
+
+-- | The Quality of Service (QoS) level to use when republishing messages.
+-- The default value is 0.
+republishAction_qos :: Lens.Lens' RepublishAction (Prelude.Maybe Prelude.Natural)
+republishAction_qos = Lens.lens (\RepublishAction' {qos} -> qos) (\s@RepublishAction' {} a -> s {qos = a} :: RepublishAction)
+
+-- | The ARN of the IAM role that grants access.
+republishAction_roleArn :: Lens.Lens' RepublishAction Prelude.Text
+republishAction_roleArn = Lens.lens (\RepublishAction' {roleArn} -> roleArn) (\s@RepublishAction' {} a -> s {roleArn = a} :: RepublishAction)
+
+-- | The name of the MQTT topic.
+republishAction_topic :: Lens.Lens' RepublishAction Prelude.Text
+republishAction_topic = Lens.lens (\RepublishAction' {topic} -> topic) (\s@RepublishAction' {} a -> s {topic = a} :: RepublishAction)
+
+instance Data.FromJSON RepublishAction where
+  parseJSON =
+    Data.withObject
+      "RepublishAction"
+      ( \x ->
+          RepublishAction'
+            Prelude.<$> (x Data..:? "headers")
+            Prelude.<*> (x Data..:? "qos")
+            Prelude.<*> (x Data..: "roleArn")
+            Prelude.<*> (x Data..: "topic")
+      )
+
+instance Prelude.Hashable RepublishAction where
+  hashWithSalt _salt RepublishAction' {..} =
+    _salt
+      `Prelude.hashWithSalt` headers
+      `Prelude.hashWithSalt` qos
+      `Prelude.hashWithSalt` roleArn
+      `Prelude.hashWithSalt` topic
+
+instance Prelude.NFData RepublishAction where
+  rnf RepublishAction' {..} =
+    Prelude.rnf headers
+      `Prelude.seq` Prelude.rnf qos
+      `Prelude.seq` Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf topic
+
+instance Data.ToJSON RepublishAction where
+  toJSON RepublishAction' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("headers" Data..=) Prelude.<$> headers,
+            ("qos" Data..=) Prelude.<$> qos,
+            Prelude.Just ("roleArn" Data..= roleArn),
+            Prelude.Just ("topic" Data..= topic)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/ResourceIdentifier.hs b/gen/Amazonka/IoT/Types/ResourceIdentifier.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ResourceIdentifier.hs
@@ -0,0 +1,205 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ResourceIdentifier
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ResourceIdentifier where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.IssuerCertificateIdentifier
+import Amazonka.IoT.Types.PolicyVersionIdentifier
+import qualified Amazonka.Prelude as Prelude
+
+-- | Information that identifies the noncompliant resource.
+--
+-- /See:/ 'newResourceIdentifier' smart constructor.
+data ResourceIdentifier = ResourceIdentifier'
+  { -- | The account with which the resource is associated.
+    account :: Prelude.Maybe Prelude.Text,
+    -- | The ID of the CA certificate used to authorize the certificate.
+    caCertificateId :: Prelude.Maybe Prelude.Text,
+    -- | The client ID.
+    clientId :: Prelude.Maybe Prelude.Text,
+    -- | The ID of the Amazon Cognito identity pool.
+    cognitoIdentityPoolId :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the identified device certificate.
+    deviceCertificateArn :: Prelude.Maybe Prelude.Text,
+    -- | The ID of the certificate attached to the resource.
+    deviceCertificateId :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the IAM role that has overly permissive actions.
+    iamRoleArn :: Prelude.Maybe Prelude.Text,
+    -- | The issuer certificate identifier.
+    issuerCertificateIdentifier :: Prelude.Maybe IssuerCertificateIdentifier,
+    -- | The version of the policy associated with the resource.
+    policyVersionIdentifier :: Prelude.Maybe PolicyVersionIdentifier,
+    -- | The ARN of the role alias that has overly permissive actions.
+    roleAliasArn :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ResourceIdentifier' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'account', 'resourceIdentifier_account' - The account with which the resource is associated.
+--
+-- 'caCertificateId', 'resourceIdentifier_caCertificateId' - The ID of the CA certificate used to authorize the certificate.
+--
+-- 'clientId', 'resourceIdentifier_clientId' - The client ID.
+--
+-- 'cognitoIdentityPoolId', 'resourceIdentifier_cognitoIdentityPoolId' - The ID of the Amazon Cognito identity pool.
+--
+-- 'deviceCertificateArn', 'resourceIdentifier_deviceCertificateArn' - The ARN of the identified device certificate.
+--
+-- 'deviceCertificateId', 'resourceIdentifier_deviceCertificateId' - The ID of the certificate attached to the resource.
+--
+-- 'iamRoleArn', 'resourceIdentifier_iamRoleArn' - The ARN of the IAM role that has overly permissive actions.
+--
+-- 'issuerCertificateIdentifier', 'resourceIdentifier_issuerCertificateIdentifier' - The issuer certificate identifier.
+--
+-- 'policyVersionIdentifier', 'resourceIdentifier_policyVersionIdentifier' - The version of the policy associated with the resource.
+--
+-- 'roleAliasArn', 'resourceIdentifier_roleAliasArn' - The ARN of the role alias that has overly permissive actions.
+newResourceIdentifier ::
+  ResourceIdentifier
+newResourceIdentifier =
+  ResourceIdentifier'
+    { account = Prelude.Nothing,
+      caCertificateId = Prelude.Nothing,
+      clientId = Prelude.Nothing,
+      cognitoIdentityPoolId = Prelude.Nothing,
+      deviceCertificateArn = Prelude.Nothing,
+      deviceCertificateId = Prelude.Nothing,
+      iamRoleArn = Prelude.Nothing,
+      issuerCertificateIdentifier = Prelude.Nothing,
+      policyVersionIdentifier = Prelude.Nothing,
+      roleAliasArn = Prelude.Nothing
+    }
+
+-- | The account with which the resource is associated.
+resourceIdentifier_account :: Lens.Lens' ResourceIdentifier (Prelude.Maybe Prelude.Text)
+resourceIdentifier_account = Lens.lens (\ResourceIdentifier' {account} -> account) (\s@ResourceIdentifier' {} a -> s {account = a} :: ResourceIdentifier)
+
+-- | The ID of the CA certificate used to authorize the certificate.
+resourceIdentifier_caCertificateId :: Lens.Lens' ResourceIdentifier (Prelude.Maybe Prelude.Text)
+resourceIdentifier_caCertificateId = Lens.lens (\ResourceIdentifier' {caCertificateId} -> caCertificateId) (\s@ResourceIdentifier' {} a -> s {caCertificateId = a} :: ResourceIdentifier)
+
+-- | The client ID.
+resourceIdentifier_clientId :: Lens.Lens' ResourceIdentifier (Prelude.Maybe Prelude.Text)
+resourceIdentifier_clientId = Lens.lens (\ResourceIdentifier' {clientId} -> clientId) (\s@ResourceIdentifier' {} a -> s {clientId = a} :: ResourceIdentifier)
+
+-- | The ID of the Amazon Cognito identity pool.
+resourceIdentifier_cognitoIdentityPoolId :: Lens.Lens' ResourceIdentifier (Prelude.Maybe Prelude.Text)
+resourceIdentifier_cognitoIdentityPoolId = Lens.lens (\ResourceIdentifier' {cognitoIdentityPoolId} -> cognitoIdentityPoolId) (\s@ResourceIdentifier' {} a -> s {cognitoIdentityPoolId = a} :: ResourceIdentifier)
+
+-- | The ARN of the identified device certificate.
+resourceIdentifier_deviceCertificateArn :: Lens.Lens' ResourceIdentifier (Prelude.Maybe Prelude.Text)
+resourceIdentifier_deviceCertificateArn = Lens.lens (\ResourceIdentifier' {deviceCertificateArn} -> deviceCertificateArn) (\s@ResourceIdentifier' {} a -> s {deviceCertificateArn = a} :: ResourceIdentifier)
+
+-- | The ID of the certificate attached to the resource.
+resourceIdentifier_deviceCertificateId :: Lens.Lens' ResourceIdentifier (Prelude.Maybe Prelude.Text)
+resourceIdentifier_deviceCertificateId = Lens.lens (\ResourceIdentifier' {deviceCertificateId} -> deviceCertificateId) (\s@ResourceIdentifier' {} a -> s {deviceCertificateId = a} :: ResourceIdentifier)
+
+-- | The ARN of the IAM role that has overly permissive actions.
+resourceIdentifier_iamRoleArn :: Lens.Lens' ResourceIdentifier (Prelude.Maybe Prelude.Text)
+resourceIdentifier_iamRoleArn = Lens.lens (\ResourceIdentifier' {iamRoleArn} -> iamRoleArn) (\s@ResourceIdentifier' {} a -> s {iamRoleArn = a} :: ResourceIdentifier)
+
+-- | The issuer certificate identifier.
+resourceIdentifier_issuerCertificateIdentifier :: Lens.Lens' ResourceIdentifier (Prelude.Maybe IssuerCertificateIdentifier)
+resourceIdentifier_issuerCertificateIdentifier = Lens.lens (\ResourceIdentifier' {issuerCertificateIdentifier} -> issuerCertificateIdentifier) (\s@ResourceIdentifier' {} a -> s {issuerCertificateIdentifier = a} :: ResourceIdentifier)
+
+-- | The version of the policy associated with the resource.
+resourceIdentifier_policyVersionIdentifier :: Lens.Lens' ResourceIdentifier (Prelude.Maybe PolicyVersionIdentifier)
+resourceIdentifier_policyVersionIdentifier = Lens.lens (\ResourceIdentifier' {policyVersionIdentifier} -> policyVersionIdentifier) (\s@ResourceIdentifier' {} a -> s {policyVersionIdentifier = a} :: ResourceIdentifier)
+
+-- | The ARN of the role alias that has overly permissive actions.
+resourceIdentifier_roleAliasArn :: Lens.Lens' ResourceIdentifier (Prelude.Maybe Prelude.Text)
+resourceIdentifier_roleAliasArn = Lens.lens (\ResourceIdentifier' {roleAliasArn} -> roleAliasArn) (\s@ResourceIdentifier' {} a -> s {roleAliasArn = a} :: ResourceIdentifier)
+
+instance Data.FromJSON ResourceIdentifier where
+  parseJSON =
+    Data.withObject
+      "ResourceIdentifier"
+      ( \x ->
+          ResourceIdentifier'
+            Prelude.<$> (x Data..:? "account")
+            Prelude.<*> (x Data..:? "caCertificateId")
+            Prelude.<*> (x Data..:? "clientId")
+            Prelude.<*> (x Data..:? "cognitoIdentityPoolId")
+            Prelude.<*> (x Data..:? "deviceCertificateArn")
+            Prelude.<*> (x Data..:? "deviceCertificateId")
+            Prelude.<*> (x Data..:? "iamRoleArn")
+            Prelude.<*> (x Data..:? "issuerCertificateIdentifier")
+            Prelude.<*> (x Data..:? "policyVersionIdentifier")
+            Prelude.<*> (x Data..:? "roleAliasArn")
+      )
+
+instance Prelude.Hashable ResourceIdentifier where
+  hashWithSalt _salt ResourceIdentifier' {..} =
+    _salt
+      `Prelude.hashWithSalt` account
+      `Prelude.hashWithSalt` caCertificateId
+      `Prelude.hashWithSalt` clientId
+      `Prelude.hashWithSalt` cognitoIdentityPoolId
+      `Prelude.hashWithSalt` deviceCertificateArn
+      `Prelude.hashWithSalt` deviceCertificateId
+      `Prelude.hashWithSalt` iamRoleArn
+      `Prelude.hashWithSalt` issuerCertificateIdentifier
+      `Prelude.hashWithSalt` policyVersionIdentifier
+      `Prelude.hashWithSalt` roleAliasArn
+
+instance Prelude.NFData ResourceIdentifier where
+  rnf ResourceIdentifier' {..} =
+    Prelude.rnf account
+      `Prelude.seq` Prelude.rnf caCertificateId
+      `Prelude.seq` Prelude.rnf clientId
+      `Prelude.seq` Prelude.rnf cognitoIdentityPoolId
+      `Prelude.seq` Prelude.rnf deviceCertificateArn
+      `Prelude.seq` Prelude.rnf deviceCertificateId
+      `Prelude.seq` Prelude.rnf iamRoleArn
+      `Prelude.seq` Prelude.rnf issuerCertificateIdentifier
+      `Prelude.seq` Prelude.rnf policyVersionIdentifier
+      `Prelude.seq` Prelude.rnf roleAliasArn
+
+instance Data.ToJSON ResourceIdentifier where
+  toJSON ResourceIdentifier' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("account" Data..=) Prelude.<$> account,
+            ("caCertificateId" Data..=)
+              Prelude.<$> caCertificateId,
+            ("clientId" Data..=) Prelude.<$> clientId,
+            ("cognitoIdentityPoolId" Data..=)
+              Prelude.<$> cognitoIdentityPoolId,
+            ("deviceCertificateArn" Data..=)
+              Prelude.<$> deviceCertificateArn,
+            ("deviceCertificateId" Data..=)
+              Prelude.<$> deviceCertificateId,
+            ("iamRoleArn" Data..=) Prelude.<$> iamRoleArn,
+            ("issuerCertificateIdentifier" Data..=)
+              Prelude.<$> issuerCertificateIdentifier,
+            ("policyVersionIdentifier" Data..=)
+              Prelude.<$> policyVersionIdentifier,
+            ("roleAliasArn" Data..=) Prelude.<$> roleAliasArn
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/ResourceType.hs b/gen/Amazonka/IoT/Types/ResourceType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ResourceType.hs
@@ -0,0 +1,106 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ResourceType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ResourceType
+  ( ResourceType
+      ( ..,
+        ResourceType_ACCOUNT_SETTINGS,
+        ResourceType_CA_CERTIFICATE,
+        ResourceType_CLIENT_ID,
+        ResourceType_COGNITO_IDENTITY_POOL,
+        ResourceType_DEVICE_CERTIFICATE,
+        ResourceType_IAM_ROLE,
+        ResourceType_IOT_POLICY,
+        ResourceType_ISSUER_CERTIFICATE,
+        ResourceType_ROLE_ALIAS
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype ResourceType = ResourceType'
+  { fromResourceType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern ResourceType_ACCOUNT_SETTINGS :: ResourceType
+pattern ResourceType_ACCOUNT_SETTINGS = ResourceType' "ACCOUNT_SETTINGS"
+
+pattern ResourceType_CA_CERTIFICATE :: ResourceType
+pattern ResourceType_CA_CERTIFICATE = ResourceType' "CA_CERTIFICATE"
+
+pattern ResourceType_CLIENT_ID :: ResourceType
+pattern ResourceType_CLIENT_ID = ResourceType' "CLIENT_ID"
+
+pattern ResourceType_COGNITO_IDENTITY_POOL :: ResourceType
+pattern ResourceType_COGNITO_IDENTITY_POOL = ResourceType' "COGNITO_IDENTITY_POOL"
+
+pattern ResourceType_DEVICE_CERTIFICATE :: ResourceType
+pattern ResourceType_DEVICE_CERTIFICATE = ResourceType' "DEVICE_CERTIFICATE"
+
+pattern ResourceType_IAM_ROLE :: ResourceType
+pattern ResourceType_IAM_ROLE = ResourceType' "IAM_ROLE"
+
+pattern ResourceType_IOT_POLICY :: ResourceType
+pattern ResourceType_IOT_POLICY = ResourceType' "IOT_POLICY"
+
+pattern ResourceType_ISSUER_CERTIFICATE :: ResourceType
+pattern ResourceType_ISSUER_CERTIFICATE = ResourceType' "ISSUER_CERTIFICATE"
+
+pattern ResourceType_ROLE_ALIAS :: ResourceType
+pattern ResourceType_ROLE_ALIAS = ResourceType' "ROLE_ALIAS"
+
+{-# COMPLETE
+  ResourceType_ACCOUNT_SETTINGS,
+  ResourceType_CA_CERTIFICATE,
+  ResourceType_CLIENT_ID,
+  ResourceType_COGNITO_IDENTITY_POOL,
+  ResourceType_DEVICE_CERTIFICATE,
+  ResourceType_IAM_ROLE,
+  ResourceType_IOT_POLICY,
+  ResourceType_ISSUER_CERTIFICATE,
+  ResourceType_ROLE_ALIAS,
+  ResourceType'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/RetryCriteria.hs b/gen/Amazonka/IoT/Types/RetryCriteria.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/RetryCriteria.hs
@@ -0,0 +1,100 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.RetryCriteria
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.RetryCriteria where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.RetryableFailureType
+import qualified Amazonka.Prelude as Prelude
+
+-- | The criteria that determines how many retries are allowed for each
+-- failure type for a job.
+--
+-- /See:/ 'newRetryCriteria' smart constructor.
+data RetryCriteria = RetryCriteria'
+  { -- | The type of job execution failures that can initiate a job retry.
+    failureType :: RetryableFailureType,
+    -- | The number of retries allowed for a failure type for the job.
+    numberOfRetries :: Prelude.Natural
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'RetryCriteria' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'failureType', 'retryCriteria_failureType' - The type of job execution failures that can initiate a job retry.
+--
+-- 'numberOfRetries', 'retryCriteria_numberOfRetries' - The number of retries allowed for a failure type for the job.
+newRetryCriteria ::
+  -- | 'failureType'
+  RetryableFailureType ->
+  -- | 'numberOfRetries'
+  Prelude.Natural ->
+  RetryCriteria
+newRetryCriteria pFailureType_ pNumberOfRetries_ =
+  RetryCriteria'
+    { failureType = pFailureType_,
+      numberOfRetries = pNumberOfRetries_
+    }
+
+-- | The type of job execution failures that can initiate a job retry.
+retryCriteria_failureType :: Lens.Lens' RetryCriteria RetryableFailureType
+retryCriteria_failureType = Lens.lens (\RetryCriteria' {failureType} -> failureType) (\s@RetryCriteria' {} a -> s {failureType = a} :: RetryCriteria)
+
+-- | The number of retries allowed for a failure type for the job.
+retryCriteria_numberOfRetries :: Lens.Lens' RetryCriteria Prelude.Natural
+retryCriteria_numberOfRetries = Lens.lens (\RetryCriteria' {numberOfRetries} -> numberOfRetries) (\s@RetryCriteria' {} a -> s {numberOfRetries = a} :: RetryCriteria)
+
+instance Data.FromJSON RetryCriteria where
+  parseJSON =
+    Data.withObject
+      "RetryCriteria"
+      ( \x ->
+          RetryCriteria'
+            Prelude.<$> (x Data..: "failureType")
+            Prelude.<*> (x Data..: "numberOfRetries")
+      )
+
+instance Prelude.Hashable RetryCriteria where
+  hashWithSalt _salt RetryCriteria' {..} =
+    _salt
+      `Prelude.hashWithSalt` failureType
+      `Prelude.hashWithSalt` numberOfRetries
+
+instance Prelude.NFData RetryCriteria where
+  rnf RetryCriteria' {..} =
+    Prelude.rnf failureType
+      `Prelude.seq` Prelude.rnf numberOfRetries
+
+instance Data.ToJSON RetryCriteria where
+  toJSON RetryCriteria' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("failureType" Data..= failureType),
+            Prelude.Just
+              ("numberOfRetries" Data..= numberOfRetries)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/RetryableFailureType.hs b/gen/Amazonka/IoT/Types/RetryableFailureType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/RetryableFailureType.hs
@@ -0,0 +1,76 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.RetryableFailureType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.RetryableFailureType
+  ( RetryableFailureType
+      ( ..,
+        RetryableFailureType_ALL,
+        RetryableFailureType_FAILED,
+        RetryableFailureType_TIMED_OUT
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype RetryableFailureType = RetryableFailureType'
+  { fromRetryableFailureType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern RetryableFailureType_ALL :: RetryableFailureType
+pattern RetryableFailureType_ALL = RetryableFailureType' "ALL"
+
+pattern RetryableFailureType_FAILED :: RetryableFailureType
+pattern RetryableFailureType_FAILED = RetryableFailureType' "FAILED"
+
+pattern RetryableFailureType_TIMED_OUT :: RetryableFailureType
+pattern RetryableFailureType_TIMED_OUT = RetryableFailureType' "TIMED_OUT"
+
+{-# COMPLETE
+  RetryableFailureType_ALL,
+  RetryableFailureType_FAILED,
+  RetryableFailureType_TIMED_OUT,
+  RetryableFailureType'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/RoleAliasDescription.hs b/gen/Amazonka/IoT/Types/RoleAliasDescription.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/RoleAliasDescription.hs
@@ -0,0 +1,145 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.RoleAliasDescription
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.RoleAliasDescription where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Role alias description.
+--
+-- /See:/ 'newRoleAliasDescription' smart constructor.
+data RoleAliasDescription = RoleAliasDescription'
+  { -- | The UNIX timestamp of when the role alias was created.
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | The number of seconds for which the credential is valid.
+    credentialDurationSeconds :: Prelude.Maybe Prelude.Natural,
+    -- | The UNIX timestamp of when the role alias was last modified.
+    lastModifiedDate :: Prelude.Maybe Data.POSIX,
+    -- | The role alias owner.
+    owner :: Prelude.Maybe Prelude.Text,
+    -- | The role alias.
+    roleAlias :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the role alias.
+    roleAliasArn :: Prelude.Maybe Prelude.Text,
+    -- | The role ARN.
+    roleArn :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'RoleAliasDescription' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'creationDate', 'roleAliasDescription_creationDate' - The UNIX timestamp of when the role alias was created.
+--
+-- 'credentialDurationSeconds', 'roleAliasDescription_credentialDurationSeconds' - The number of seconds for which the credential is valid.
+--
+-- 'lastModifiedDate', 'roleAliasDescription_lastModifiedDate' - The UNIX timestamp of when the role alias was last modified.
+--
+-- 'owner', 'roleAliasDescription_owner' - The role alias owner.
+--
+-- 'roleAlias', 'roleAliasDescription_roleAlias' - The role alias.
+--
+-- 'roleAliasArn', 'roleAliasDescription_roleAliasArn' - The ARN of the role alias.
+--
+-- 'roleArn', 'roleAliasDescription_roleArn' - The role ARN.
+newRoleAliasDescription ::
+  RoleAliasDescription
+newRoleAliasDescription =
+  RoleAliasDescription'
+    { creationDate =
+        Prelude.Nothing,
+      credentialDurationSeconds = Prelude.Nothing,
+      lastModifiedDate = Prelude.Nothing,
+      owner = Prelude.Nothing,
+      roleAlias = Prelude.Nothing,
+      roleAliasArn = Prelude.Nothing,
+      roleArn = Prelude.Nothing
+    }
+
+-- | The UNIX timestamp of when the role alias was created.
+roleAliasDescription_creationDate :: Lens.Lens' RoleAliasDescription (Prelude.Maybe Prelude.UTCTime)
+roleAliasDescription_creationDate = Lens.lens (\RoleAliasDescription' {creationDate} -> creationDate) (\s@RoleAliasDescription' {} a -> s {creationDate = a} :: RoleAliasDescription) Prelude.. Lens.mapping Data._Time
+
+-- | The number of seconds for which the credential is valid.
+roleAliasDescription_credentialDurationSeconds :: Lens.Lens' RoleAliasDescription (Prelude.Maybe Prelude.Natural)
+roleAliasDescription_credentialDurationSeconds = Lens.lens (\RoleAliasDescription' {credentialDurationSeconds} -> credentialDurationSeconds) (\s@RoleAliasDescription' {} a -> s {credentialDurationSeconds = a} :: RoleAliasDescription)
+
+-- | The UNIX timestamp of when the role alias was last modified.
+roleAliasDescription_lastModifiedDate :: Lens.Lens' RoleAliasDescription (Prelude.Maybe Prelude.UTCTime)
+roleAliasDescription_lastModifiedDate = Lens.lens (\RoleAliasDescription' {lastModifiedDate} -> lastModifiedDate) (\s@RoleAliasDescription' {} a -> s {lastModifiedDate = a} :: RoleAliasDescription) Prelude.. Lens.mapping Data._Time
+
+-- | The role alias owner.
+roleAliasDescription_owner :: Lens.Lens' RoleAliasDescription (Prelude.Maybe Prelude.Text)
+roleAliasDescription_owner = Lens.lens (\RoleAliasDescription' {owner} -> owner) (\s@RoleAliasDescription' {} a -> s {owner = a} :: RoleAliasDescription)
+
+-- | The role alias.
+roleAliasDescription_roleAlias :: Lens.Lens' RoleAliasDescription (Prelude.Maybe Prelude.Text)
+roleAliasDescription_roleAlias = Lens.lens (\RoleAliasDescription' {roleAlias} -> roleAlias) (\s@RoleAliasDescription' {} a -> s {roleAlias = a} :: RoleAliasDescription)
+
+-- | The ARN of the role alias.
+roleAliasDescription_roleAliasArn :: Lens.Lens' RoleAliasDescription (Prelude.Maybe Prelude.Text)
+roleAliasDescription_roleAliasArn = Lens.lens (\RoleAliasDescription' {roleAliasArn} -> roleAliasArn) (\s@RoleAliasDescription' {} a -> s {roleAliasArn = a} :: RoleAliasDescription)
+
+-- | The role ARN.
+roleAliasDescription_roleArn :: Lens.Lens' RoleAliasDescription (Prelude.Maybe Prelude.Text)
+roleAliasDescription_roleArn = Lens.lens (\RoleAliasDescription' {roleArn} -> roleArn) (\s@RoleAliasDescription' {} a -> s {roleArn = a} :: RoleAliasDescription)
+
+instance Data.FromJSON RoleAliasDescription where
+  parseJSON =
+    Data.withObject
+      "RoleAliasDescription"
+      ( \x ->
+          RoleAliasDescription'
+            Prelude.<$> (x Data..:? "creationDate")
+            Prelude.<*> (x Data..:? "credentialDurationSeconds")
+            Prelude.<*> (x Data..:? "lastModifiedDate")
+            Prelude.<*> (x Data..:? "owner")
+            Prelude.<*> (x Data..:? "roleAlias")
+            Prelude.<*> (x Data..:? "roleAliasArn")
+            Prelude.<*> (x Data..:? "roleArn")
+      )
+
+instance Prelude.Hashable RoleAliasDescription where
+  hashWithSalt _salt RoleAliasDescription' {..} =
+    _salt
+      `Prelude.hashWithSalt` creationDate
+      `Prelude.hashWithSalt` credentialDurationSeconds
+      `Prelude.hashWithSalt` lastModifiedDate
+      `Prelude.hashWithSalt` owner
+      `Prelude.hashWithSalt` roleAlias
+      `Prelude.hashWithSalt` roleAliasArn
+      `Prelude.hashWithSalt` roleArn
+
+instance Prelude.NFData RoleAliasDescription where
+  rnf RoleAliasDescription' {..} =
+    Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf credentialDurationSeconds
+      `Prelude.seq` Prelude.rnf lastModifiedDate
+      `Prelude.seq` Prelude.rnf owner
+      `Prelude.seq` Prelude.rnf roleAlias
+      `Prelude.seq` Prelude.rnf roleAliasArn
+      `Prelude.seq` Prelude.rnf roleArn
diff --git a/gen/Amazonka/IoT/Types/S3Action.hs b/gen/Amazonka/IoT/Types/S3Action.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/S3Action.hs
@@ -0,0 +1,135 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.S3Action
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.S3Action where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.CannedAccessControlList
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes an action to write data to an Amazon S3 bucket.
+--
+-- /See:/ 'newS3Action' smart constructor.
+data S3Action = S3Action'
+  { -- | The Amazon S3 canned ACL that controls access to the object identified
+    -- by the object key. For more information, see
+    -- <https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl S3 canned ACLs>.
+    cannedAcl :: Prelude.Maybe CannedAccessControlList,
+    -- | The ARN of the IAM role that grants access.
+    roleArn :: Prelude.Text,
+    -- | The Amazon S3 bucket.
+    bucketName :: Prelude.Text,
+    -- | The object key. For more information, see
+    -- <https://docs.aws.amazon.com/AmazonS3/latest/dev/list_amazons3.html Actions, resources, and condition keys for Amazon S3>.
+    key :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'S3Action' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'cannedAcl', 's3Action_cannedAcl' - The Amazon S3 canned ACL that controls access to the object identified
+-- by the object key. For more information, see
+-- <https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl S3 canned ACLs>.
+--
+-- 'roleArn', 's3Action_roleArn' - The ARN of the IAM role that grants access.
+--
+-- 'bucketName', 's3Action_bucketName' - The Amazon S3 bucket.
+--
+-- 'key', 's3Action_key' - The object key. For more information, see
+-- <https://docs.aws.amazon.com/AmazonS3/latest/dev/list_amazons3.html Actions, resources, and condition keys for Amazon S3>.
+newS3Action ::
+  -- | 'roleArn'
+  Prelude.Text ->
+  -- | 'bucketName'
+  Prelude.Text ->
+  -- | 'key'
+  Prelude.Text ->
+  S3Action
+newS3Action pRoleArn_ pBucketName_ pKey_ =
+  S3Action'
+    { cannedAcl = Prelude.Nothing,
+      roleArn = pRoleArn_,
+      bucketName = pBucketName_,
+      key = pKey_
+    }
+
+-- | The Amazon S3 canned ACL that controls access to the object identified
+-- by the object key. For more information, see
+-- <https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl S3 canned ACLs>.
+s3Action_cannedAcl :: Lens.Lens' S3Action (Prelude.Maybe CannedAccessControlList)
+s3Action_cannedAcl = Lens.lens (\S3Action' {cannedAcl} -> cannedAcl) (\s@S3Action' {} a -> s {cannedAcl = a} :: S3Action)
+
+-- | The ARN of the IAM role that grants access.
+s3Action_roleArn :: Lens.Lens' S3Action Prelude.Text
+s3Action_roleArn = Lens.lens (\S3Action' {roleArn} -> roleArn) (\s@S3Action' {} a -> s {roleArn = a} :: S3Action)
+
+-- | The Amazon S3 bucket.
+s3Action_bucketName :: Lens.Lens' S3Action Prelude.Text
+s3Action_bucketName = Lens.lens (\S3Action' {bucketName} -> bucketName) (\s@S3Action' {} a -> s {bucketName = a} :: S3Action)
+
+-- | The object key. For more information, see
+-- <https://docs.aws.amazon.com/AmazonS3/latest/dev/list_amazons3.html Actions, resources, and condition keys for Amazon S3>.
+s3Action_key :: Lens.Lens' S3Action Prelude.Text
+s3Action_key = Lens.lens (\S3Action' {key} -> key) (\s@S3Action' {} a -> s {key = a} :: S3Action)
+
+instance Data.FromJSON S3Action where
+  parseJSON =
+    Data.withObject
+      "S3Action"
+      ( \x ->
+          S3Action'
+            Prelude.<$> (x Data..:? "cannedAcl")
+            Prelude.<*> (x Data..: "roleArn")
+            Prelude.<*> (x Data..: "bucketName")
+            Prelude.<*> (x Data..: "key")
+      )
+
+instance Prelude.Hashable S3Action where
+  hashWithSalt _salt S3Action' {..} =
+    _salt
+      `Prelude.hashWithSalt` cannedAcl
+      `Prelude.hashWithSalt` roleArn
+      `Prelude.hashWithSalt` bucketName
+      `Prelude.hashWithSalt` key
+
+instance Prelude.NFData S3Action where
+  rnf S3Action' {..} =
+    Prelude.rnf cannedAcl
+      `Prelude.seq` Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf bucketName
+      `Prelude.seq` Prelude.rnf key
+
+instance Data.ToJSON S3Action where
+  toJSON S3Action' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("cannedAcl" Data..=) Prelude.<$> cannedAcl,
+            Prelude.Just ("roleArn" Data..= roleArn),
+            Prelude.Just ("bucketName" Data..= bucketName),
+            Prelude.Just ("key" Data..= key)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/S3Destination.hs b/gen/Amazonka/IoT/Types/S3Destination.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/S3Destination.hs
@@ -0,0 +1,92 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.S3Destination
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.S3Destination where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes the location of updated firmware in S3.
+--
+-- /See:/ 'newS3Destination' smart constructor.
+data S3Destination = S3Destination'
+  { -- | The S3 bucket that contains the updated firmware.
+    bucket :: Prelude.Maybe Prelude.Text,
+    -- | The S3 prefix.
+    prefix :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'S3Destination' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'bucket', 's3Destination_bucket' - The S3 bucket that contains the updated firmware.
+--
+-- 'prefix', 's3Destination_prefix' - The S3 prefix.
+newS3Destination ::
+  S3Destination
+newS3Destination =
+  S3Destination'
+    { bucket = Prelude.Nothing,
+      prefix = Prelude.Nothing
+    }
+
+-- | The S3 bucket that contains the updated firmware.
+s3Destination_bucket :: Lens.Lens' S3Destination (Prelude.Maybe Prelude.Text)
+s3Destination_bucket = Lens.lens (\S3Destination' {bucket} -> bucket) (\s@S3Destination' {} a -> s {bucket = a} :: S3Destination)
+
+-- | The S3 prefix.
+s3Destination_prefix :: Lens.Lens' S3Destination (Prelude.Maybe Prelude.Text)
+s3Destination_prefix = Lens.lens (\S3Destination' {prefix} -> prefix) (\s@S3Destination' {} a -> s {prefix = a} :: S3Destination)
+
+instance Data.FromJSON S3Destination where
+  parseJSON =
+    Data.withObject
+      "S3Destination"
+      ( \x ->
+          S3Destination'
+            Prelude.<$> (x Data..:? "bucket")
+            Prelude.<*> (x Data..:? "prefix")
+      )
+
+instance Prelude.Hashable S3Destination where
+  hashWithSalt _salt S3Destination' {..} =
+    _salt
+      `Prelude.hashWithSalt` bucket
+      `Prelude.hashWithSalt` prefix
+
+instance Prelude.NFData S3Destination where
+  rnf S3Destination' {..} =
+    Prelude.rnf bucket `Prelude.seq` Prelude.rnf prefix
+
+instance Data.ToJSON S3Destination where
+  toJSON S3Destination' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("bucket" Data..=) Prelude.<$> bucket,
+            ("prefix" Data..=) Prelude.<$> prefix
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/S3Location.hs b/gen/Amazonka/IoT/Types/S3Location.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/S3Location.hs
@@ -0,0 +1,106 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.S3Location
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.S3Location where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The S3 location.
+--
+-- /See:/ 'newS3Location' smart constructor.
+data S3Location = S3Location'
+  { -- | The S3 bucket.
+    bucket :: Prelude.Maybe Prelude.Text,
+    -- | The S3 key.
+    key :: Prelude.Maybe Prelude.Text,
+    -- | The S3 bucket version.
+    version :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'S3Location' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'bucket', 's3Location_bucket' - The S3 bucket.
+--
+-- 'key', 's3Location_key' - The S3 key.
+--
+-- 'version', 's3Location_version' - The S3 bucket version.
+newS3Location ::
+  S3Location
+newS3Location =
+  S3Location'
+    { bucket = Prelude.Nothing,
+      key = Prelude.Nothing,
+      version = Prelude.Nothing
+    }
+
+-- | The S3 bucket.
+s3Location_bucket :: Lens.Lens' S3Location (Prelude.Maybe Prelude.Text)
+s3Location_bucket = Lens.lens (\S3Location' {bucket} -> bucket) (\s@S3Location' {} a -> s {bucket = a} :: S3Location)
+
+-- | The S3 key.
+s3Location_key :: Lens.Lens' S3Location (Prelude.Maybe Prelude.Text)
+s3Location_key = Lens.lens (\S3Location' {key} -> key) (\s@S3Location' {} a -> s {key = a} :: S3Location)
+
+-- | The S3 bucket version.
+s3Location_version :: Lens.Lens' S3Location (Prelude.Maybe Prelude.Text)
+s3Location_version = Lens.lens (\S3Location' {version} -> version) (\s@S3Location' {} a -> s {version = a} :: S3Location)
+
+instance Data.FromJSON S3Location where
+  parseJSON =
+    Data.withObject
+      "S3Location"
+      ( \x ->
+          S3Location'
+            Prelude.<$> (x Data..:? "bucket")
+            Prelude.<*> (x Data..:? "key")
+            Prelude.<*> (x Data..:? "version")
+      )
+
+instance Prelude.Hashable S3Location where
+  hashWithSalt _salt S3Location' {..} =
+    _salt
+      `Prelude.hashWithSalt` bucket
+      `Prelude.hashWithSalt` key
+      `Prelude.hashWithSalt` version
+
+instance Prelude.NFData S3Location where
+  rnf S3Location' {..} =
+    Prelude.rnf bucket
+      `Prelude.seq` Prelude.rnf key
+      `Prelude.seq` Prelude.rnf version
+
+instance Data.ToJSON S3Location where
+  toJSON S3Location' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("bucket" Data..=) Prelude.<$> bucket,
+            ("key" Data..=) Prelude.<$> key,
+            ("version" Data..=) Prelude.<$> version
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/SalesforceAction.hs b/gen/Amazonka/IoT/Types/SalesforceAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/SalesforceAction.hs
@@ -0,0 +1,106 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.SalesforceAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.SalesforceAction where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes an action to write a message to a Salesforce IoT Cloud Input
+-- Stream.
+--
+-- /See:/ 'newSalesforceAction' smart constructor.
+data SalesforceAction = SalesforceAction'
+  { -- | The token used to authenticate access to the Salesforce IoT Cloud Input
+    -- Stream. The token is available from the Salesforce IoT Cloud platform
+    -- after creation of the Input Stream.
+    token :: Prelude.Text,
+    -- | The URL exposed by the Salesforce IoT Cloud Input Stream. The URL is
+    -- available from the Salesforce IoT Cloud platform after creation of the
+    -- Input Stream.
+    url :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'SalesforceAction' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'token', 'salesforceAction_token' - The token used to authenticate access to the Salesforce IoT Cloud Input
+-- Stream. The token is available from the Salesforce IoT Cloud platform
+-- after creation of the Input Stream.
+--
+-- 'url', 'salesforceAction_url' - The URL exposed by the Salesforce IoT Cloud Input Stream. The URL is
+-- available from the Salesforce IoT Cloud platform after creation of the
+-- Input Stream.
+newSalesforceAction ::
+  -- | 'token'
+  Prelude.Text ->
+  -- | 'url'
+  Prelude.Text ->
+  SalesforceAction
+newSalesforceAction pToken_ pUrl_ =
+  SalesforceAction' {token = pToken_, url = pUrl_}
+
+-- | The token used to authenticate access to the Salesforce IoT Cloud Input
+-- Stream. The token is available from the Salesforce IoT Cloud platform
+-- after creation of the Input Stream.
+salesforceAction_token :: Lens.Lens' SalesforceAction Prelude.Text
+salesforceAction_token = Lens.lens (\SalesforceAction' {token} -> token) (\s@SalesforceAction' {} a -> s {token = a} :: SalesforceAction)
+
+-- | The URL exposed by the Salesforce IoT Cloud Input Stream. The URL is
+-- available from the Salesforce IoT Cloud platform after creation of the
+-- Input Stream.
+salesforceAction_url :: Lens.Lens' SalesforceAction Prelude.Text
+salesforceAction_url = Lens.lens (\SalesforceAction' {url} -> url) (\s@SalesforceAction' {} a -> s {url = a} :: SalesforceAction)
+
+instance Data.FromJSON SalesforceAction where
+  parseJSON =
+    Data.withObject
+      "SalesforceAction"
+      ( \x ->
+          SalesforceAction'
+            Prelude.<$> (x Data..: "token")
+            Prelude.<*> (x Data..: "url")
+      )
+
+instance Prelude.Hashable SalesforceAction where
+  hashWithSalt _salt SalesforceAction' {..} =
+    _salt
+      `Prelude.hashWithSalt` token
+      `Prelude.hashWithSalt` url
+
+instance Prelude.NFData SalesforceAction where
+  rnf SalesforceAction' {..} =
+    Prelude.rnf token `Prelude.seq` Prelude.rnf url
+
+instance Data.ToJSON SalesforceAction where
+  toJSON SalesforceAction' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("token" Data..= token),
+            Prelude.Just ("url" Data..= url)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/ScheduledAuditMetadata.hs b/gen/Amazonka/IoT/Types/ScheduledAuditMetadata.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ScheduledAuditMetadata.hs
@@ -0,0 +1,135 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ScheduledAuditMetadata
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ScheduledAuditMetadata where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.AuditFrequency
+import Amazonka.IoT.Types.DayOfWeek
+import qualified Amazonka.Prelude as Prelude
+
+-- | Information about the scheduled audit.
+--
+-- /See:/ 'newScheduledAuditMetadata' smart constructor.
+data ScheduledAuditMetadata = ScheduledAuditMetadata'
+  { -- | The day of the month on which the scheduled audit is run (if the
+    -- @frequency@ is \"MONTHLY\"). If days 29-31 are specified, and the month
+    -- does not have that many days, the audit takes place on the \"LAST\" day
+    -- of the month.
+    dayOfMonth :: Prelude.Maybe Prelude.Text,
+    -- | The day of the week on which the scheduled audit is run (if the
+    -- @frequency@ is \"WEEKLY\" or \"BIWEEKLY\").
+    dayOfWeek :: Prelude.Maybe DayOfWeek,
+    -- | How often the scheduled audit occurs.
+    frequency :: Prelude.Maybe AuditFrequency,
+    -- | The ARN of the scheduled audit.
+    scheduledAuditArn :: Prelude.Maybe Prelude.Text,
+    -- | The name of the scheduled audit.
+    scheduledAuditName :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ScheduledAuditMetadata' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'dayOfMonth', 'scheduledAuditMetadata_dayOfMonth' - The day of the month on which the scheduled audit is run (if the
+-- @frequency@ is \"MONTHLY\"). If days 29-31 are specified, and the month
+-- does not have that many days, the audit takes place on the \"LAST\" day
+-- of the month.
+--
+-- 'dayOfWeek', 'scheduledAuditMetadata_dayOfWeek' - The day of the week on which the scheduled audit is run (if the
+-- @frequency@ is \"WEEKLY\" or \"BIWEEKLY\").
+--
+-- 'frequency', 'scheduledAuditMetadata_frequency' - How often the scheduled audit occurs.
+--
+-- 'scheduledAuditArn', 'scheduledAuditMetadata_scheduledAuditArn' - The ARN of the scheduled audit.
+--
+-- 'scheduledAuditName', 'scheduledAuditMetadata_scheduledAuditName' - The name of the scheduled audit.
+newScheduledAuditMetadata ::
+  ScheduledAuditMetadata
+newScheduledAuditMetadata =
+  ScheduledAuditMetadata'
+    { dayOfMonth =
+        Prelude.Nothing,
+      dayOfWeek = Prelude.Nothing,
+      frequency = Prelude.Nothing,
+      scheduledAuditArn = Prelude.Nothing,
+      scheduledAuditName = Prelude.Nothing
+    }
+
+-- | The day of the month on which the scheduled audit is run (if the
+-- @frequency@ is \"MONTHLY\"). If days 29-31 are specified, and the month
+-- does not have that many days, the audit takes place on the \"LAST\" day
+-- of the month.
+scheduledAuditMetadata_dayOfMonth :: Lens.Lens' ScheduledAuditMetadata (Prelude.Maybe Prelude.Text)
+scheduledAuditMetadata_dayOfMonth = Lens.lens (\ScheduledAuditMetadata' {dayOfMonth} -> dayOfMonth) (\s@ScheduledAuditMetadata' {} a -> s {dayOfMonth = a} :: ScheduledAuditMetadata)
+
+-- | The day of the week on which the scheduled audit is run (if the
+-- @frequency@ is \"WEEKLY\" or \"BIWEEKLY\").
+scheduledAuditMetadata_dayOfWeek :: Lens.Lens' ScheduledAuditMetadata (Prelude.Maybe DayOfWeek)
+scheduledAuditMetadata_dayOfWeek = Lens.lens (\ScheduledAuditMetadata' {dayOfWeek} -> dayOfWeek) (\s@ScheduledAuditMetadata' {} a -> s {dayOfWeek = a} :: ScheduledAuditMetadata)
+
+-- | How often the scheduled audit occurs.
+scheduledAuditMetadata_frequency :: Lens.Lens' ScheduledAuditMetadata (Prelude.Maybe AuditFrequency)
+scheduledAuditMetadata_frequency = Lens.lens (\ScheduledAuditMetadata' {frequency} -> frequency) (\s@ScheduledAuditMetadata' {} a -> s {frequency = a} :: ScheduledAuditMetadata)
+
+-- | The ARN of the scheduled audit.
+scheduledAuditMetadata_scheduledAuditArn :: Lens.Lens' ScheduledAuditMetadata (Prelude.Maybe Prelude.Text)
+scheduledAuditMetadata_scheduledAuditArn = Lens.lens (\ScheduledAuditMetadata' {scheduledAuditArn} -> scheduledAuditArn) (\s@ScheduledAuditMetadata' {} a -> s {scheduledAuditArn = a} :: ScheduledAuditMetadata)
+
+-- | The name of the scheduled audit.
+scheduledAuditMetadata_scheduledAuditName :: Lens.Lens' ScheduledAuditMetadata (Prelude.Maybe Prelude.Text)
+scheduledAuditMetadata_scheduledAuditName = Lens.lens (\ScheduledAuditMetadata' {scheduledAuditName} -> scheduledAuditName) (\s@ScheduledAuditMetadata' {} a -> s {scheduledAuditName = a} :: ScheduledAuditMetadata)
+
+instance Data.FromJSON ScheduledAuditMetadata where
+  parseJSON =
+    Data.withObject
+      "ScheduledAuditMetadata"
+      ( \x ->
+          ScheduledAuditMetadata'
+            Prelude.<$> (x Data..:? "dayOfMonth")
+            Prelude.<*> (x Data..:? "dayOfWeek")
+            Prelude.<*> (x Data..:? "frequency")
+            Prelude.<*> (x Data..:? "scheduledAuditArn")
+            Prelude.<*> (x Data..:? "scheduledAuditName")
+      )
+
+instance Prelude.Hashable ScheduledAuditMetadata where
+  hashWithSalt _salt ScheduledAuditMetadata' {..} =
+    _salt
+      `Prelude.hashWithSalt` dayOfMonth
+      `Prelude.hashWithSalt` dayOfWeek
+      `Prelude.hashWithSalt` frequency
+      `Prelude.hashWithSalt` scheduledAuditArn
+      `Prelude.hashWithSalt` scheduledAuditName
+
+instance Prelude.NFData ScheduledAuditMetadata where
+  rnf ScheduledAuditMetadata' {..} =
+    Prelude.rnf dayOfMonth
+      `Prelude.seq` Prelude.rnf dayOfWeek
+      `Prelude.seq` Prelude.rnf frequency
+      `Prelude.seq` Prelude.rnf scheduledAuditArn
+      `Prelude.seq` Prelude.rnf scheduledAuditName
diff --git a/gen/Amazonka/IoT/Types/SchedulingConfig.hs b/gen/Amazonka/IoT/Types/SchedulingConfig.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/SchedulingConfig.hs
@@ -0,0 +1,140 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.SchedulingConfig
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.SchedulingConfig where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.JobEndBehavior
+import qualified Amazonka.Prelude as Prelude
+
+-- | Specifies the date and time that a job will begin the rollout of the job
+-- document to all devices in the target group. Additionally, you can
+-- specify the end behavior for each job execution when it reaches the
+-- scheduled end time.
+--
+-- /See:/ 'newSchedulingConfig' smart constructor.
+data SchedulingConfig = SchedulingConfig'
+  { -- | Specifies the end behavior for all job executions after a job reaches
+    -- the selected @endTime@. If @endTime@ is not selected when creating the
+    -- job, then @endBehavior@ does not apply.
+    endBehavior :: Prelude.Maybe JobEndBehavior,
+    -- | The time a job will stop rollout of the job document to all devices in
+    -- the target group for a job. The @endTime@ must take place no later than
+    -- two years from the current time and be scheduled a minimum of thirty
+    -- minutes from the current time. The minimum duration between @startTime@
+    -- and @endTime@ is thirty minutes. The maximum duration between
+    -- @startTime@ and @endTime@ is two years.
+    endTime :: Prelude.Maybe Prelude.Text,
+    -- | The time a job will begin rollout of the job document to all devices in
+    -- the target group for a job. The @startTime@ can be scheduled up to a
+    -- year in advance and must be scheduled a minimum of thirty minutes from
+    -- the current time.
+    startTime :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'SchedulingConfig' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'endBehavior', 'schedulingConfig_endBehavior' - Specifies the end behavior for all job executions after a job reaches
+-- the selected @endTime@. If @endTime@ is not selected when creating the
+-- job, then @endBehavior@ does not apply.
+--
+-- 'endTime', 'schedulingConfig_endTime' - The time a job will stop rollout of the job document to all devices in
+-- the target group for a job. The @endTime@ must take place no later than
+-- two years from the current time and be scheduled a minimum of thirty
+-- minutes from the current time. The minimum duration between @startTime@
+-- and @endTime@ is thirty minutes. The maximum duration between
+-- @startTime@ and @endTime@ is two years.
+--
+-- 'startTime', 'schedulingConfig_startTime' - The time a job will begin rollout of the job document to all devices in
+-- the target group for a job. The @startTime@ can be scheduled up to a
+-- year in advance and must be scheduled a minimum of thirty minutes from
+-- the current time.
+newSchedulingConfig ::
+  SchedulingConfig
+newSchedulingConfig =
+  SchedulingConfig'
+    { endBehavior = Prelude.Nothing,
+      endTime = Prelude.Nothing,
+      startTime = Prelude.Nothing
+    }
+
+-- | Specifies the end behavior for all job executions after a job reaches
+-- the selected @endTime@. If @endTime@ is not selected when creating the
+-- job, then @endBehavior@ does not apply.
+schedulingConfig_endBehavior :: Lens.Lens' SchedulingConfig (Prelude.Maybe JobEndBehavior)
+schedulingConfig_endBehavior = Lens.lens (\SchedulingConfig' {endBehavior} -> endBehavior) (\s@SchedulingConfig' {} a -> s {endBehavior = a} :: SchedulingConfig)
+
+-- | The time a job will stop rollout of the job document to all devices in
+-- the target group for a job. The @endTime@ must take place no later than
+-- two years from the current time and be scheduled a minimum of thirty
+-- minutes from the current time. The minimum duration between @startTime@
+-- and @endTime@ is thirty minutes. The maximum duration between
+-- @startTime@ and @endTime@ is two years.
+schedulingConfig_endTime :: Lens.Lens' SchedulingConfig (Prelude.Maybe Prelude.Text)
+schedulingConfig_endTime = Lens.lens (\SchedulingConfig' {endTime} -> endTime) (\s@SchedulingConfig' {} a -> s {endTime = a} :: SchedulingConfig)
+
+-- | The time a job will begin rollout of the job document to all devices in
+-- the target group for a job. The @startTime@ can be scheduled up to a
+-- year in advance and must be scheduled a minimum of thirty minutes from
+-- the current time.
+schedulingConfig_startTime :: Lens.Lens' SchedulingConfig (Prelude.Maybe Prelude.Text)
+schedulingConfig_startTime = Lens.lens (\SchedulingConfig' {startTime} -> startTime) (\s@SchedulingConfig' {} a -> s {startTime = a} :: SchedulingConfig)
+
+instance Data.FromJSON SchedulingConfig where
+  parseJSON =
+    Data.withObject
+      "SchedulingConfig"
+      ( \x ->
+          SchedulingConfig'
+            Prelude.<$> (x Data..:? "endBehavior")
+            Prelude.<*> (x Data..:? "endTime")
+            Prelude.<*> (x Data..:? "startTime")
+      )
+
+instance Prelude.Hashable SchedulingConfig where
+  hashWithSalt _salt SchedulingConfig' {..} =
+    _salt
+      `Prelude.hashWithSalt` endBehavior
+      `Prelude.hashWithSalt` endTime
+      `Prelude.hashWithSalt` startTime
+
+instance Prelude.NFData SchedulingConfig where
+  rnf SchedulingConfig' {..} =
+    Prelude.rnf endBehavior
+      `Prelude.seq` Prelude.rnf endTime
+      `Prelude.seq` Prelude.rnf startTime
+
+instance Data.ToJSON SchedulingConfig where
+  toJSON SchedulingConfig' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("endBehavior" Data..=) Prelude.<$> endBehavior,
+            ("endTime" Data..=) Prelude.<$> endTime,
+            ("startTime" Data..=) Prelude.<$> startTime
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/SecurityProfileIdentifier.hs b/gen/Amazonka/IoT/Types/SecurityProfileIdentifier.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/SecurityProfileIdentifier.hs
@@ -0,0 +1,87 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.SecurityProfileIdentifier
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.SecurityProfileIdentifier where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Identifying information for a Device Defender security profile.
+--
+-- /See:/ 'newSecurityProfileIdentifier' smart constructor.
+data SecurityProfileIdentifier = SecurityProfileIdentifier'
+  { -- | The name you\'ve given to the security profile.
+    name :: Prelude.Text,
+    -- | The ARN of the security profile.
+    arn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'SecurityProfileIdentifier' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'name', 'securityProfileIdentifier_name' - The name you\'ve given to the security profile.
+--
+-- 'arn', 'securityProfileIdentifier_arn' - The ARN of the security profile.
+newSecurityProfileIdentifier ::
+  -- | 'name'
+  Prelude.Text ->
+  -- | 'arn'
+  Prelude.Text ->
+  SecurityProfileIdentifier
+newSecurityProfileIdentifier pName_ pArn_ =
+  SecurityProfileIdentifier'
+    { name = pName_,
+      arn = pArn_
+    }
+
+-- | The name you\'ve given to the security profile.
+securityProfileIdentifier_name :: Lens.Lens' SecurityProfileIdentifier Prelude.Text
+securityProfileIdentifier_name = Lens.lens (\SecurityProfileIdentifier' {name} -> name) (\s@SecurityProfileIdentifier' {} a -> s {name = a} :: SecurityProfileIdentifier)
+
+-- | The ARN of the security profile.
+securityProfileIdentifier_arn :: Lens.Lens' SecurityProfileIdentifier Prelude.Text
+securityProfileIdentifier_arn = Lens.lens (\SecurityProfileIdentifier' {arn} -> arn) (\s@SecurityProfileIdentifier' {} a -> s {arn = a} :: SecurityProfileIdentifier)
+
+instance Data.FromJSON SecurityProfileIdentifier where
+  parseJSON =
+    Data.withObject
+      "SecurityProfileIdentifier"
+      ( \x ->
+          SecurityProfileIdentifier'
+            Prelude.<$> (x Data..: "name")
+            Prelude.<*> (x Data..: "arn")
+      )
+
+instance Prelude.Hashable SecurityProfileIdentifier where
+  hashWithSalt _salt SecurityProfileIdentifier' {..} =
+    _salt
+      `Prelude.hashWithSalt` name
+      `Prelude.hashWithSalt` arn
+
+instance Prelude.NFData SecurityProfileIdentifier where
+  rnf SecurityProfileIdentifier' {..} =
+    Prelude.rnf name `Prelude.seq` Prelude.rnf arn
diff --git a/gen/Amazonka/IoT/Types/SecurityProfileTarget.hs b/gen/Amazonka/IoT/Types/SecurityProfileTarget.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/SecurityProfileTarget.hs
@@ -0,0 +1,70 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.SecurityProfileTarget
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.SecurityProfileTarget where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | A target to which an alert is sent when a security profile behavior is
+-- violated.
+--
+-- /See:/ 'newSecurityProfileTarget' smart constructor.
+data SecurityProfileTarget = SecurityProfileTarget'
+  { -- | The ARN of the security profile.
+    arn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'SecurityProfileTarget' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'arn', 'securityProfileTarget_arn' - The ARN of the security profile.
+newSecurityProfileTarget ::
+  -- | 'arn'
+  Prelude.Text ->
+  SecurityProfileTarget
+newSecurityProfileTarget pArn_ =
+  SecurityProfileTarget' {arn = pArn_}
+
+-- | The ARN of the security profile.
+securityProfileTarget_arn :: Lens.Lens' SecurityProfileTarget Prelude.Text
+securityProfileTarget_arn = Lens.lens (\SecurityProfileTarget' {arn} -> arn) (\s@SecurityProfileTarget' {} a -> s {arn = a} :: SecurityProfileTarget)
+
+instance Data.FromJSON SecurityProfileTarget where
+  parseJSON =
+    Data.withObject
+      "SecurityProfileTarget"
+      ( \x ->
+          SecurityProfileTarget' Prelude.<$> (x Data..: "arn")
+      )
+
+instance Prelude.Hashable SecurityProfileTarget where
+  hashWithSalt _salt SecurityProfileTarget' {..} =
+    _salt `Prelude.hashWithSalt` arn
+
+instance Prelude.NFData SecurityProfileTarget where
+  rnf SecurityProfileTarget' {..} = Prelude.rnf arn
diff --git a/gen/Amazonka/IoT/Types/SecurityProfileTargetMapping.hs b/gen/Amazonka/IoT/Types/SecurityProfileTargetMapping.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/SecurityProfileTargetMapping.hs
@@ -0,0 +1,93 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.SecurityProfileTargetMapping
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.SecurityProfileTargetMapping where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.SecurityProfileIdentifier
+import Amazonka.IoT.Types.SecurityProfileTarget
+import qualified Amazonka.Prelude as Prelude
+
+-- | Information about a security profile and the target associated with it.
+--
+-- /See:/ 'newSecurityProfileTargetMapping' smart constructor.
+data SecurityProfileTargetMapping = SecurityProfileTargetMapping'
+  { -- | Information that identifies the security profile.
+    securityProfileIdentifier :: Prelude.Maybe SecurityProfileIdentifier,
+    -- | Information about the target (thing group) associated with the security
+    -- profile.
+    target :: Prelude.Maybe SecurityProfileTarget
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'SecurityProfileTargetMapping' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'securityProfileIdentifier', 'securityProfileTargetMapping_securityProfileIdentifier' - Information that identifies the security profile.
+--
+-- 'target', 'securityProfileTargetMapping_target' - Information about the target (thing group) associated with the security
+-- profile.
+newSecurityProfileTargetMapping ::
+  SecurityProfileTargetMapping
+newSecurityProfileTargetMapping =
+  SecurityProfileTargetMapping'
+    { securityProfileIdentifier =
+        Prelude.Nothing,
+      target = Prelude.Nothing
+    }
+
+-- | Information that identifies the security profile.
+securityProfileTargetMapping_securityProfileIdentifier :: Lens.Lens' SecurityProfileTargetMapping (Prelude.Maybe SecurityProfileIdentifier)
+securityProfileTargetMapping_securityProfileIdentifier = Lens.lens (\SecurityProfileTargetMapping' {securityProfileIdentifier} -> securityProfileIdentifier) (\s@SecurityProfileTargetMapping' {} a -> s {securityProfileIdentifier = a} :: SecurityProfileTargetMapping)
+
+-- | Information about the target (thing group) associated with the security
+-- profile.
+securityProfileTargetMapping_target :: Lens.Lens' SecurityProfileTargetMapping (Prelude.Maybe SecurityProfileTarget)
+securityProfileTargetMapping_target = Lens.lens (\SecurityProfileTargetMapping' {target} -> target) (\s@SecurityProfileTargetMapping' {} a -> s {target = a} :: SecurityProfileTargetMapping)
+
+instance Data.FromJSON SecurityProfileTargetMapping where
+  parseJSON =
+    Data.withObject
+      "SecurityProfileTargetMapping"
+      ( \x ->
+          SecurityProfileTargetMapping'
+            Prelude.<$> (x Data..:? "securityProfileIdentifier")
+            Prelude.<*> (x Data..:? "target")
+      )
+
+instance
+  Prelude.Hashable
+    SecurityProfileTargetMapping
+  where
+  hashWithSalt _salt SecurityProfileTargetMapping' {..} =
+    _salt
+      `Prelude.hashWithSalt` securityProfileIdentifier
+      `Prelude.hashWithSalt` target
+
+instance Prelude.NFData SecurityProfileTargetMapping where
+  rnf SecurityProfileTargetMapping' {..} =
+    Prelude.rnf securityProfileIdentifier
+      `Prelude.seq` Prelude.rnf target
diff --git a/gen/Amazonka/IoT/Types/ServerCertificateStatus.hs b/gen/Amazonka/IoT/Types/ServerCertificateStatus.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ServerCertificateStatus.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ServerCertificateStatus
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ServerCertificateStatus
+  ( ServerCertificateStatus
+      ( ..,
+        ServerCertificateStatus_INVALID,
+        ServerCertificateStatus_VALID
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype ServerCertificateStatus = ServerCertificateStatus'
+  { fromServerCertificateStatus ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern ServerCertificateStatus_INVALID :: ServerCertificateStatus
+pattern ServerCertificateStatus_INVALID = ServerCertificateStatus' "INVALID"
+
+pattern ServerCertificateStatus_VALID :: ServerCertificateStatus
+pattern ServerCertificateStatus_VALID = ServerCertificateStatus' "VALID"
+
+{-# COMPLETE
+  ServerCertificateStatus_INVALID,
+  ServerCertificateStatus_VALID,
+  ServerCertificateStatus'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/ServerCertificateSummary.hs b/gen/Amazonka/IoT/Types/ServerCertificateSummary.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ServerCertificateSummary.hs
@@ -0,0 +1,98 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ServerCertificateSummary
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ServerCertificateSummary where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.ServerCertificateStatus
+import qualified Amazonka.Prelude as Prelude
+
+-- | An object that contains information about a server certificate.
+--
+-- /See:/ 'newServerCertificateSummary' smart constructor.
+data ServerCertificateSummary = ServerCertificateSummary'
+  { -- | The ARN of the server certificate.
+    serverCertificateArn :: Prelude.Maybe Prelude.Text,
+    -- | The status of the server certificate.
+    serverCertificateStatus :: Prelude.Maybe ServerCertificateStatus,
+    -- | Details that explain the status of the server certificate.
+    serverCertificateStatusDetail :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ServerCertificateSummary' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'serverCertificateArn', 'serverCertificateSummary_serverCertificateArn' - The ARN of the server certificate.
+--
+-- 'serverCertificateStatus', 'serverCertificateSummary_serverCertificateStatus' - The status of the server certificate.
+--
+-- 'serverCertificateStatusDetail', 'serverCertificateSummary_serverCertificateStatusDetail' - Details that explain the status of the server certificate.
+newServerCertificateSummary ::
+  ServerCertificateSummary
+newServerCertificateSummary =
+  ServerCertificateSummary'
+    { serverCertificateArn =
+        Prelude.Nothing,
+      serverCertificateStatus = Prelude.Nothing,
+      serverCertificateStatusDetail = Prelude.Nothing
+    }
+
+-- | The ARN of the server certificate.
+serverCertificateSummary_serverCertificateArn :: Lens.Lens' ServerCertificateSummary (Prelude.Maybe Prelude.Text)
+serverCertificateSummary_serverCertificateArn = Lens.lens (\ServerCertificateSummary' {serverCertificateArn} -> serverCertificateArn) (\s@ServerCertificateSummary' {} a -> s {serverCertificateArn = a} :: ServerCertificateSummary)
+
+-- | The status of the server certificate.
+serverCertificateSummary_serverCertificateStatus :: Lens.Lens' ServerCertificateSummary (Prelude.Maybe ServerCertificateStatus)
+serverCertificateSummary_serverCertificateStatus = Lens.lens (\ServerCertificateSummary' {serverCertificateStatus} -> serverCertificateStatus) (\s@ServerCertificateSummary' {} a -> s {serverCertificateStatus = a} :: ServerCertificateSummary)
+
+-- | Details that explain the status of the server certificate.
+serverCertificateSummary_serverCertificateStatusDetail :: Lens.Lens' ServerCertificateSummary (Prelude.Maybe Prelude.Text)
+serverCertificateSummary_serverCertificateStatusDetail = Lens.lens (\ServerCertificateSummary' {serverCertificateStatusDetail} -> serverCertificateStatusDetail) (\s@ServerCertificateSummary' {} a -> s {serverCertificateStatusDetail = a} :: ServerCertificateSummary)
+
+instance Data.FromJSON ServerCertificateSummary where
+  parseJSON =
+    Data.withObject
+      "ServerCertificateSummary"
+      ( \x ->
+          ServerCertificateSummary'
+            Prelude.<$> (x Data..:? "serverCertificateArn")
+            Prelude.<*> (x Data..:? "serverCertificateStatus")
+            Prelude.<*> (x Data..:? "serverCertificateStatusDetail")
+      )
+
+instance Prelude.Hashable ServerCertificateSummary where
+  hashWithSalt _salt ServerCertificateSummary' {..} =
+    _salt
+      `Prelude.hashWithSalt` serverCertificateArn
+      `Prelude.hashWithSalt` serverCertificateStatus
+      `Prelude.hashWithSalt` serverCertificateStatusDetail
+
+instance Prelude.NFData ServerCertificateSummary where
+  rnf ServerCertificateSummary' {..} =
+    Prelude.rnf serverCertificateArn
+      `Prelude.seq` Prelude.rnf serverCertificateStatus
+      `Prelude.seq` Prelude.rnf serverCertificateStatusDetail
diff --git a/gen/Amazonka/IoT/Types/ServiceType.hs b/gen/Amazonka/IoT/Types/ServiceType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ServiceType.hs
@@ -0,0 +1,76 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ServiceType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ServiceType
+  ( ServiceType
+      ( ..,
+        ServiceType_CREDENTIAL_PROVIDER,
+        ServiceType_DATA,
+        ServiceType_JOBS
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype ServiceType = ServiceType'
+  { fromServiceType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern ServiceType_CREDENTIAL_PROVIDER :: ServiceType
+pattern ServiceType_CREDENTIAL_PROVIDER = ServiceType' "CREDENTIAL_PROVIDER"
+
+pattern ServiceType_DATA :: ServiceType
+pattern ServiceType_DATA = ServiceType' "DATA"
+
+pattern ServiceType_JOBS :: ServiceType
+pattern ServiceType_JOBS = ServiceType' "JOBS"
+
+{-# COMPLETE
+  ServiceType_CREDENTIAL_PROVIDER,
+  ServiceType_DATA,
+  ServiceType_JOBS,
+  ServiceType'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/SigV4Authorization.hs b/gen/Amazonka/IoT/Types/SigV4Authorization.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/SigV4Authorization.hs
@@ -0,0 +1,118 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.SigV4Authorization
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.SigV4Authorization where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | For more information, see
+-- <https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html Signature Version 4 signing process>.
+--
+-- /See:/ 'newSigV4Authorization' smart constructor.
+data SigV4Authorization = SigV4Authorization'
+  { -- | The signing region.
+    signingRegion :: Prelude.Text,
+    -- | The service name to use while signing with Sig V4.
+    serviceName :: Prelude.Text,
+    -- | The ARN of the signing role.
+    roleArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'SigV4Authorization' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'signingRegion', 'sigV4Authorization_signingRegion' - The signing region.
+--
+-- 'serviceName', 'sigV4Authorization_serviceName' - The service name to use while signing with Sig V4.
+--
+-- 'roleArn', 'sigV4Authorization_roleArn' - The ARN of the signing role.
+newSigV4Authorization ::
+  -- | 'signingRegion'
+  Prelude.Text ->
+  -- | 'serviceName'
+  Prelude.Text ->
+  -- | 'roleArn'
+  Prelude.Text ->
+  SigV4Authorization
+newSigV4Authorization
+  pSigningRegion_
+  pServiceName_
+  pRoleArn_ =
+    SigV4Authorization'
+      { signingRegion =
+          pSigningRegion_,
+        serviceName = pServiceName_,
+        roleArn = pRoleArn_
+      }
+
+-- | The signing region.
+sigV4Authorization_signingRegion :: Lens.Lens' SigV4Authorization Prelude.Text
+sigV4Authorization_signingRegion = Lens.lens (\SigV4Authorization' {signingRegion} -> signingRegion) (\s@SigV4Authorization' {} a -> s {signingRegion = a} :: SigV4Authorization)
+
+-- | The service name to use while signing with Sig V4.
+sigV4Authorization_serviceName :: Lens.Lens' SigV4Authorization Prelude.Text
+sigV4Authorization_serviceName = Lens.lens (\SigV4Authorization' {serviceName} -> serviceName) (\s@SigV4Authorization' {} a -> s {serviceName = a} :: SigV4Authorization)
+
+-- | The ARN of the signing role.
+sigV4Authorization_roleArn :: Lens.Lens' SigV4Authorization Prelude.Text
+sigV4Authorization_roleArn = Lens.lens (\SigV4Authorization' {roleArn} -> roleArn) (\s@SigV4Authorization' {} a -> s {roleArn = a} :: SigV4Authorization)
+
+instance Data.FromJSON SigV4Authorization where
+  parseJSON =
+    Data.withObject
+      "SigV4Authorization"
+      ( \x ->
+          SigV4Authorization'
+            Prelude.<$> (x Data..: "signingRegion")
+            Prelude.<*> (x Data..: "serviceName")
+            Prelude.<*> (x Data..: "roleArn")
+      )
+
+instance Prelude.Hashable SigV4Authorization where
+  hashWithSalt _salt SigV4Authorization' {..} =
+    _salt
+      `Prelude.hashWithSalt` signingRegion
+      `Prelude.hashWithSalt` serviceName
+      `Prelude.hashWithSalt` roleArn
+
+instance Prelude.NFData SigV4Authorization where
+  rnf SigV4Authorization' {..} =
+    Prelude.rnf signingRegion
+      `Prelude.seq` Prelude.rnf serviceName
+      `Prelude.seq` Prelude.rnf roleArn
+
+instance Data.ToJSON SigV4Authorization where
+  toJSON SigV4Authorization' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just
+              ("signingRegion" Data..= signingRegion),
+            Prelude.Just ("serviceName" Data..= serviceName),
+            Prelude.Just ("roleArn" Data..= roleArn)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/SigningProfileParameter.hs b/gen/Amazonka/IoT/Types/SigningProfileParameter.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/SigningProfileParameter.hs
@@ -0,0 +1,109 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.SigningProfileParameter
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.SigningProfileParameter where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes the code-signing profile.
+--
+-- /See:/ 'newSigningProfileParameter' smart constructor.
+data SigningProfileParameter = SigningProfileParameter'
+  { -- | Certificate ARN.
+    certificateArn :: Prelude.Maybe Prelude.Text,
+    -- | The location of the code-signing certificate on your device.
+    certificatePathOnDevice :: Prelude.Maybe Prelude.Text,
+    -- | The hardware platform of your device.
+    platform :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'SigningProfileParameter' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificateArn', 'signingProfileParameter_certificateArn' - Certificate ARN.
+--
+-- 'certificatePathOnDevice', 'signingProfileParameter_certificatePathOnDevice' - The location of the code-signing certificate on your device.
+--
+-- 'platform', 'signingProfileParameter_platform' - The hardware platform of your device.
+newSigningProfileParameter ::
+  SigningProfileParameter
+newSigningProfileParameter =
+  SigningProfileParameter'
+    { certificateArn =
+        Prelude.Nothing,
+      certificatePathOnDevice = Prelude.Nothing,
+      platform = Prelude.Nothing
+    }
+
+-- | Certificate ARN.
+signingProfileParameter_certificateArn :: Lens.Lens' SigningProfileParameter (Prelude.Maybe Prelude.Text)
+signingProfileParameter_certificateArn = Lens.lens (\SigningProfileParameter' {certificateArn} -> certificateArn) (\s@SigningProfileParameter' {} a -> s {certificateArn = a} :: SigningProfileParameter)
+
+-- | The location of the code-signing certificate on your device.
+signingProfileParameter_certificatePathOnDevice :: Lens.Lens' SigningProfileParameter (Prelude.Maybe Prelude.Text)
+signingProfileParameter_certificatePathOnDevice = Lens.lens (\SigningProfileParameter' {certificatePathOnDevice} -> certificatePathOnDevice) (\s@SigningProfileParameter' {} a -> s {certificatePathOnDevice = a} :: SigningProfileParameter)
+
+-- | The hardware platform of your device.
+signingProfileParameter_platform :: Lens.Lens' SigningProfileParameter (Prelude.Maybe Prelude.Text)
+signingProfileParameter_platform = Lens.lens (\SigningProfileParameter' {platform} -> platform) (\s@SigningProfileParameter' {} a -> s {platform = a} :: SigningProfileParameter)
+
+instance Data.FromJSON SigningProfileParameter where
+  parseJSON =
+    Data.withObject
+      "SigningProfileParameter"
+      ( \x ->
+          SigningProfileParameter'
+            Prelude.<$> (x Data..:? "certificateArn")
+            Prelude.<*> (x Data..:? "certificatePathOnDevice")
+            Prelude.<*> (x Data..:? "platform")
+      )
+
+instance Prelude.Hashable SigningProfileParameter where
+  hashWithSalt _salt SigningProfileParameter' {..} =
+    _salt
+      `Prelude.hashWithSalt` certificateArn
+      `Prelude.hashWithSalt` certificatePathOnDevice
+      `Prelude.hashWithSalt` platform
+
+instance Prelude.NFData SigningProfileParameter where
+  rnf SigningProfileParameter' {..} =
+    Prelude.rnf certificateArn
+      `Prelude.seq` Prelude.rnf certificatePathOnDevice
+      `Prelude.seq` Prelude.rnf platform
+
+instance Data.ToJSON SigningProfileParameter where
+  toJSON SigningProfileParameter' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("certificateArn" Data..=)
+              Prelude.<$> certificateArn,
+            ("certificatePathOnDevice" Data..=)
+              Prelude.<$> certificatePathOnDevice,
+            ("platform" Data..=) Prelude.<$> platform
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/SnsAction.hs b/gen/Amazonka/IoT/Types/SnsAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/SnsAction.hs
@@ -0,0 +1,129 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.SnsAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.SnsAction where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.MessageFormat
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes an action to publish to an Amazon SNS topic.
+--
+-- /See:/ 'newSnsAction' smart constructor.
+data SnsAction = SnsAction'
+  { -- | (Optional) The message format of the message to publish. Accepted values
+    -- are \"JSON\" and \"RAW\". The default value of the attribute is \"RAW\".
+    -- SNS uses this setting to determine if the payload should be parsed and
+    -- relevant platform-specific bits of the payload should be extracted. To
+    -- read more about SNS message formats, see
+    -- <https://docs.aws.amazon.com/sns/latest/dg/json-formats.html> refer to
+    -- their official documentation.
+    messageFormat :: Prelude.Maybe MessageFormat,
+    -- | The ARN of the SNS topic.
+    targetArn :: Prelude.Text,
+    -- | The ARN of the IAM role that grants access.
+    roleArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'SnsAction' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'messageFormat', 'snsAction_messageFormat' - (Optional) The message format of the message to publish. Accepted values
+-- are \"JSON\" and \"RAW\". The default value of the attribute is \"RAW\".
+-- SNS uses this setting to determine if the payload should be parsed and
+-- relevant platform-specific bits of the payload should be extracted. To
+-- read more about SNS message formats, see
+-- <https://docs.aws.amazon.com/sns/latest/dg/json-formats.html> refer to
+-- their official documentation.
+--
+-- 'targetArn', 'snsAction_targetArn' - The ARN of the SNS topic.
+--
+-- 'roleArn', 'snsAction_roleArn' - The ARN of the IAM role that grants access.
+newSnsAction ::
+  -- | 'targetArn'
+  Prelude.Text ->
+  -- | 'roleArn'
+  Prelude.Text ->
+  SnsAction
+newSnsAction pTargetArn_ pRoleArn_ =
+  SnsAction'
+    { messageFormat = Prelude.Nothing,
+      targetArn = pTargetArn_,
+      roleArn = pRoleArn_
+    }
+
+-- | (Optional) The message format of the message to publish. Accepted values
+-- are \"JSON\" and \"RAW\". The default value of the attribute is \"RAW\".
+-- SNS uses this setting to determine if the payload should be parsed and
+-- relevant platform-specific bits of the payload should be extracted. To
+-- read more about SNS message formats, see
+-- <https://docs.aws.amazon.com/sns/latest/dg/json-formats.html> refer to
+-- their official documentation.
+snsAction_messageFormat :: Lens.Lens' SnsAction (Prelude.Maybe MessageFormat)
+snsAction_messageFormat = Lens.lens (\SnsAction' {messageFormat} -> messageFormat) (\s@SnsAction' {} a -> s {messageFormat = a} :: SnsAction)
+
+-- | The ARN of the SNS topic.
+snsAction_targetArn :: Lens.Lens' SnsAction Prelude.Text
+snsAction_targetArn = Lens.lens (\SnsAction' {targetArn} -> targetArn) (\s@SnsAction' {} a -> s {targetArn = a} :: SnsAction)
+
+-- | The ARN of the IAM role that grants access.
+snsAction_roleArn :: Lens.Lens' SnsAction Prelude.Text
+snsAction_roleArn = Lens.lens (\SnsAction' {roleArn} -> roleArn) (\s@SnsAction' {} a -> s {roleArn = a} :: SnsAction)
+
+instance Data.FromJSON SnsAction where
+  parseJSON =
+    Data.withObject
+      "SnsAction"
+      ( \x ->
+          SnsAction'
+            Prelude.<$> (x Data..:? "messageFormat")
+            Prelude.<*> (x Data..: "targetArn")
+            Prelude.<*> (x Data..: "roleArn")
+      )
+
+instance Prelude.Hashable SnsAction where
+  hashWithSalt _salt SnsAction' {..} =
+    _salt
+      `Prelude.hashWithSalt` messageFormat
+      `Prelude.hashWithSalt` targetArn
+      `Prelude.hashWithSalt` roleArn
+
+instance Prelude.NFData SnsAction where
+  rnf SnsAction' {..} =
+    Prelude.rnf messageFormat
+      `Prelude.seq` Prelude.rnf targetArn
+      `Prelude.seq` Prelude.rnf roleArn
+
+instance Data.ToJSON SnsAction where
+  toJSON SnsAction' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("messageFormat" Data..=) Prelude.<$> messageFormat,
+            Prelude.Just ("targetArn" Data..= targetArn),
+            Prelude.Just ("roleArn" Data..= roleArn)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/SqsAction.hs b/gen/Amazonka/IoT/Types/SqsAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/SqsAction.hs
@@ -0,0 +1,110 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.SqsAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.SqsAction where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes an action to publish data to an Amazon SQS queue.
+--
+-- /See:/ 'newSqsAction' smart constructor.
+data SqsAction = SqsAction'
+  { -- | Specifies whether to use Base64 encoding.
+    useBase64 :: Prelude.Maybe Prelude.Bool,
+    -- | The ARN of the IAM role that grants access.
+    roleArn :: Prelude.Text,
+    -- | The URL of the Amazon SQS queue.
+    queueUrl :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'SqsAction' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'useBase64', 'sqsAction_useBase64' - Specifies whether to use Base64 encoding.
+--
+-- 'roleArn', 'sqsAction_roleArn' - The ARN of the IAM role that grants access.
+--
+-- 'queueUrl', 'sqsAction_queueUrl' - The URL of the Amazon SQS queue.
+newSqsAction ::
+  -- | 'roleArn'
+  Prelude.Text ->
+  -- | 'queueUrl'
+  Prelude.Text ->
+  SqsAction
+newSqsAction pRoleArn_ pQueueUrl_ =
+  SqsAction'
+    { useBase64 = Prelude.Nothing,
+      roleArn = pRoleArn_,
+      queueUrl = pQueueUrl_
+    }
+
+-- | Specifies whether to use Base64 encoding.
+sqsAction_useBase64 :: Lens.Lens' SqsAction (Prelude.Maybe Prelude.Bool)
+sqsAction_useBase64 = Lens.lens (\SqsAction' {useBase64} -> useBase64) (\s@SqsAction' {} a -> s {useBase64 = a} :: SqsAction)
+
+-- | The ARN of the IAM role that grants access.
+sqsAction_roleArn :: Lens.Lens' SqsAction Prelude.Text
+sqsAction_roleArn = Lens.lens (\SqsAction' {roleArn} -> roleArn) (\s@SqsAction' {} a -> s {roleArn = a} :: SqsAction)
+
+-- | The URL of the Amazon SQS queue.
+sqsAction_queueUrl :: Lens.Lens' SqsAction Prelude.Text
+sqsAction_queueUrl = Lens.lens (\SqsAction' {queueUrl} -> queueUrl) (\s@SqsAction' {} a -> s {queueUrl = a} :: SqsAction)
+
+instance Data.FromJSON SqsAction where
+  parseJSON =
+    Data.withObject
+      "SqsAction"
+      ( \x ->
+          SqsAction'
+            Prelude.<$> (x Data..:? "useBase64")
+            Prelude.<*> (x Data..: "roleArn")
+            Prelude.<*> (x Data..: "queueUrl")
+      )
+
+instance Prelude.Hashable SqsAction where
+  hashWithSalt _salt SqsAction' {..} =
+    _salt
+      `Prelude.hashWithSalt` useBase64
+      `Prelude.hashWithSalt` roleArn
+      `Prelude.hashWithSalt` queueUrl
+
+instance Prelude.NFData SqsAction where
+  rnf SqsAction' {..} =
+    Prelude.rnf useBase64
+      `Prelude.seq` Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf queueUrl
+
+instance Data.ToJSON SqsAction where
+  toJSON SqsAction' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("useBase64" Data..=) Prelude.<$> useBase64,
+            Prelude.Just ("roleArn" Data..= roleArn),
+            Prelude.Just ("queueUrl" Data..= queueUrl)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/StartSigningJobParameter.hs b/gen/Amazonka/IoT/Types/StartSigningJobParameter.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/StartSigningJobParameter.hs
@@ -0,0 +1,111 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.StartSigningJobParameter
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.StartSigningJobParameter where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.Destination
+import Amazonka.IoT.Types.SigningProfileParameter
+import qualified Amazonka.Prelude as Prelude
+
+-- | Information required to start a signing job.
+--
+-- /See:/ 'newStartSigningJobParameter' smart constructor.
+data StartSigningJobParameter = StartSigningJobParameter'
+  { -- | The location to write the code-signed file.
+    destination :: Prelude.Maybe Destination,
+    -- | The code-signing profile name.
+    signingProfileName :: Prelude.Maybe Prelude.Text,
+    -- | Describes the code-signing profile.
+    signingProfileParameter :: Prelude.Maybe SigningProfileParameter
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'StartSigningJobParameter' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'destination', 'startSigningJobParameter_destination' - The location to write the code-signed file.
+--
+-- 'signingProfileName', 'startSigningJobParameter_signingProfileName' - The code-signing profile name.
+--
+-- 'signingProfileParameter', 'startSigningJobParameter_signingProfileParameter' - Describes the code-signing profile.
+newStartSigningJobParameter ::
+  StartSigningJobParameter
+newStartSigningJobParameter =
+  StartSigningJobParameter'
+    { destination =
+        Prelude.Nothing,
+      signingProfileName = Prelude.Nothing,
+      signingProfileParameter = Prelude.Nothing
+    }
+
+-- | The location to write the code-signed file.
+startSigningJobParameter_destination :: Lens.Lens' StartSigningJobParameter (Prelude.Maybe Destination)
+startSigningJobParameter_destination = Lens.lens (\StartSigningJobParameter' {destination} -> destination) (\s@StartSigningJobParameter' {} a -> s {destination = a} :: StartSigningJobParameter)
+
+-- | The code-signing profile name.
+startSigningJobParameter_signingProfileName :: Lens.Lens' StartSigningJobParameter (Prelude.Maybe Prelude.Text)
+startSigningJobParameter_signingProfileName = Lens.lens (\StartSigningJobParameter' {signingProfileName} -> signingProfileName) (\s@StartSigningJobParameter' {} a -> s {signingProfileName = a} :: StartSigningJobParameter)
+
+-- | Describes the code-signing profile.
+startSigningJobParameter_signingProfileParameter :: Lens.Lens' StartSigningJobParameter (Prelude.Maybe SigningProfileParameter)
+startSigningJobParameter_signingProfileParameter = Lens.lens (\StartSigningJobParameter' {signingProfileParameter} -> signingProfileParameter) (\s@StartSigningJobParameter' {} a -> s {signingProfileParameter = a} :: StartSigningJobParameter)
+
+instance Data.FromJSON StartSigningJobParameter where
+  parseJSON =
+    Data.withObject
+      "StartSigningJobParameter"
+      ( \x ->
+          StartSigningJobParameter'
+            Prelude.<$> (x Data..:? "destination")
+            Prelude.<*> (x Data..:? "signingProfileName")
+            Prelude.<*> (x Data..:? "signingProfileParameter")
+      )
+
+instance Prelude.Hashable StartSigningJobParameter where
+  hashWithSalt _salt StartSigningJobParameter' {..} =
+    _salt
+      `Prelude.hashWithSalt` destination
+      `Prelude.hashWithSalt` signingProfileName
+      `Prelude.hashWithSalt` signingProfileParameter
+
+instance Prelude.NFData StartSigningJobParameter where
+  rnf StartSigningJobParameter' {..} =
+    Prelude.rnf destination
+      `Prelude.seq` Prelude.rnf signingProfileName
+      `Prelude.seq` Prelude.rnf signingProfileParameter
+
+instance Data.ToJSON StartSigningJobParameter where
+  toJSON StartSigningJobParameter' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("destination" Data..=) Prelude.<$> destination,
+            ("signingProfileName" Data..=)
+              Prelude.<$> signingProfileName,
+            ("signingProfileParameter" Data..=)
+              Prelude.<$> signingProfileParameter
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/StatisticalThreshold.hs b/gen/Amazonka/IoT/Types/StatisticalThreshold.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/StatisticalThreshold.hs
@@ -0,0 +1,101 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.StatisticalThreshold
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.StatisticalThreshold where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | A statistical ranking (percentile) that indicates a threshold value by
+-- which a behavior is determined to be in compliance or in violation of
+-- the behavior.
+--
+-- /See:/ 'newStatisticalThreshold' smart constructor.
+data StatisticalThreshold = StatisticalThreshold'
+  { -- | The percentile that resolves to a threshold value by which compliance
+    -- with a behavior is determined. Metrics are collected over the specified
+    -- period (@durationSeconds@) from all reporting devices in your account
+    -- and statistical ranks are calculated. Then, the measurements from a
+    -- device are collected over the same period. If the accumulated
+    -- measurements from the device fall above or below (@comparisonOperator@)
+    -- the value associated with the percentile specified, then the device is
+    -- considered to be in compliance with the behavior, otherwise a violation
+    -- occurs.
+    statistic :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'StatisticalThreshold' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'statistic', 'statisticalThreshold_statistic' - The percentile that resolves to a threshold value by which compliance
+-- with a behavior is determined. Metrics are collected over the specified
+-- period (@durationSeconds@) from all reporting devices in your account
+-- and statistical ranks are calculated. Then, the measurements from a
+-- device are collected over the same period. If the accumulated
+-- measurements from the device fall above or below (@comparisonOperator@)
+-- the value associated with the percentile specified, then the device is
+-- considered to be in compliance with the behavior, otherwise a violation
+-- occurs.
+newStatisticalThreshold ::
+  StatisticalThreshold
+newStatisticalThreshold =
+  StatisticalThreshold' {statistic = Prelude.Nothing}
+
+-- | The percentile that resolves to a threshold value by which compliance
+-- with a behavior is determined. Metrics are collected over the specified
+-- period (@durationSeconds@) from all reporting devices in your account
+-- and statistical ranks are calculated. Then, the measurements from a
+-- device are collected over the same period. If the accumulated
+-- measurements from the device fall above or below (@comparisonOperator@)
+-- the value associated with the percentile specified, then the device is
+-- considered to be in compliance with the behavior, otherwise a violation
+-- occurs.
+statisticalThreshold_statistic :: Lens.Lens' StatisticalThreshold (Prelude.Maybe Prelude.Text)
+statisticalThreshold_statistic = Lens.lens (\StatisticalThreshold' {statistic} -> statistic) (\s@StatisticalThreshold' {} a -> s {statistic = a} :: StatisticalThreshold)
+
+instance Data.FromJSON StatisticalThreshold where
+  parseJSON =
+    Data.withObject
+      "StatisticalThreshold"
+      ( \x ->
+          StatisticalThreshold'
+            Prelude.<$> (x Data..:? "statistic")
+      )
+
+instance Prelude.Hashable StatisticalThreshold where
+  hashWithSalt _salt StatisticalThreshold' {..} =
+    _salt `Prelude.hashWithSalt` statistic
+
+instance Prelude.NFData StatisticalThreshold where
+  rnf StatisticalThreshold' {..} = Prelude.rnf statistic
+
+instance Data.ToJSON StatisticalThreshold where
+  toJSON StatisticalThreshold' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [("statistic" Data..=) Prelude.<$> statistic]
+      )
diff --git a/gen/Amazonka/IoT/Types/Statistics.hs b/gen/Amazonka/IoT/Types/Statistics.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/Statistics.hs
@@ -0,0 +1,161 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.Statistics
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.Statistics where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | A map of key-value pairs for all supported statistics. For issues with
+-- missing or unexpected values for this API, consult
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/fleet-indexing-troubleshooting.html Fleet indexing troubleshooting guide>.
+--
+-- /See:/ 'newStatistics' smart constructor.
+data Statistics = Statistics'
+  { -- | The average of the aggregated field values.
+    average :: Prelude.Maybe Prelude.Double,
+    -- | The count of things that match the query string criteria and contain a
+    -- valid aggregation field value.
+    count :: Prelude.Maybe Prelude.Int,
+    -- | The maximum aggregated field value.
+    maximum :: Prelude.Maybe Prelude.Double,
+    -- | The minimum aggregated field value.
+    minimum :: Prelude.Maybe Prelude.Double,
+    -- | The standard deviation of the aggregated field values.
+    stdDeviation :: Prelude.Maybe Prelude.Double,
+    -- | The sum of the aggregated field values.
+    sum :: Prelude.Maybe Prelude.Double,
+    -- | The sum of the squares of the aggregated field values.
+    sumOfSquares :: Prelude.Maybe Prelude.Double,
+    -- | The variance of the aggregated field values.
+    variance :: Prelude.Maybe Prelude.Double
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'Statistics' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'average', 'statistics_average' - The average of the aggregated field values.
+--
+-- 'count', 'statistics_count' - The count of things that match the query string criteria and contain a
+-- valid aggregation field value.
+--
+-- 'maximum', 'statistics_maximum' - The maximum aggregated field value.
+--
+-- 'minimum', 'statistics_minimum' - The minimum aggregated field value.
+--
+-- 'stdDeviation', 'statistics_stdDeviation' - The standard deviation of the aggregated field values.
+--
+-- 'sum', 'statistics_sum' - The sum of the aggregated field values.
+--
+-- 'sumOfSquares', 'statistics_sumOfSquares' - The sum of the squares of the aggregated field values.
+--
+-- 'variance', 'statistics_variance' - The variance of the aggregated field values.
+newStatistics ::
+  Statistics
+newStatistics =
+  Statistics'
+    { average = Prelude.Nothing,
+      count = Prelude.Nothing,
+      maximum = Prelude.Nothing,
+      minimum = Prelude.Nothing,
+      stdDeviation = Prelude.Nothing,
+      sum = Prelude.Nothing,
+      sumOfSquares = Prelude.Nothing,
+      variance = Prelude.Nothing
+    }
+
+-- | The average of the aggregated field values.
+statistics_average :: Lens.Lens' Statistics (Prelude.Maybe Prelude.Double)
+statistics_average = Lens.lens (\Statistics' {average} -> average) (\s@Statistics' {} a -> s {average = a} :: Statistics)
+
+-- | The count of things that match the query string criteria and contain a
+-- valid aggregation field value.
+statistics_count :: Lens.Lens' Statistics (Prelude.Maybe Prelude.Int)
+statistics_count = Lens.lens (\Statistics' {count} -> count) (\s@Statistics' {} a -> s {count = a} :: Statistics)
+
+-- | The maximum aggregated field value.
+statistics_maximum :: Lens.Lens' Statistics (Prelude.Maybe Prelude.Double)
+statistics_maximum = Lens.lens (\Statistics' {maximum} -> maximum) (\s@Statistics' {} a -> s {maximum = a} :: Statistics)
+
+-- | The minimum aggregated field value.
+statistics_minimum :: Lens.Lens' Statistics (Prelude.Maybe Prelude.Double)
+statistics_minimum = Lens.lens (\Statistics' {minimum} -> minimum) (\s@Statistics' {} a -> s {minimum = a} :: Statistics)
+
+-- | The standard deviation of the aggregated field values.
+statistics_stdDeviation :: Lens.Lens' Statistics (Prelude.Maybe Prelude.Double)
+statistics_stdDeviation = Lens.lens (\Statistics' {stdDeviation} -> stdDeviation) (\s@Statistics' {} a -> s {stdDeviation = a} :: Statistics)
+
+-- | The sum of the aggregated field values.
+statistics_sum :: Lens.Lens' Statistics (Prelude.Maybe Prelude.Double)
+statistics_sum = Lens.lens (\Statistics' {sum} -> sum) (\s@Statistics' {} a -> s {sum = a} :: Statistics)
+
+-- | The sum of the squares of the aggregated field values.
+statistics_sumOfSquares :: Lens.Lens' Statistics (Prelude.Maybe Prelude.Double)
+statistics_sumOfSquares = Lens.lens (\Statistics' {sumOfSquares} -> sumOfSquares) (\s@Statistics' {} a -> s {sumOfSquares = a} :: Statistics)
+
+-- | The variance of the aggregated field values.
+statistics_variance :: Lens.Lens' Statistics (Prelude.Maybe Prelude.Double)
+statistics_variance = Lens.lens (\Statistics' {variance} -> variance) (\s@Statistics' {} a -> s {variance = a} :: Statistics)
+
+instance Data.FromJSON Statistics where
+  parseJSON =
+    Data.withObject
+      "Statistics"
+      ( \x ->
+          Statistics'
+            Prelude.<$> (x Data..:? "average")
+            Prelude.<*> (x Data..:? "count")
+            Prelude.<*> (x Data..:? "maximum")
+            Prelude.<*> (x Data..:? "minimum")
+            Prelude.<*> (x Data..:? "stdDeviation")
+            Prelude.<*> (x Data..:? "sum")
+            Prelude.<*> (x Data..:? "sumOfSquares")
+            Prelude.<*> (x Data..:? "variance")
+      )
+
+instance Prelude.Hashable Statistics where
+  hashWithSalt _salt Statistics' {..} =
+    _salt
+      `Prelude.hashWithSalt` average
+      `Prelude.hashWithSalt` count
+      `Prelude.hashWithSalt` maximum
+      `Prelude.hashWithSalt` minimum
+      `Prelude.hashWithSalt` stdDeviation
+      `Prelude.hashWithSalt` sum
+      `Prelude.hashWithSalt` sumOfSquares
+      `Prelude.hashWithSalt` variance
+
+instance Prelude.NFData Statistics where
+  rnf Statistics' {..} =
+    Prelude.rnf average
+      `Prelude.seq` Prelude.rnf count
+      `Prelude.seq` Prelude.rnf maximum
+      `Prelude.seq` Prelude.rnf minimum
+      `Prelude.seq` Prelude.rnf stdDeviation
+      `Prelude.seq` Prelude.rnf sum
+      `Prelude.seq` Prelude.rnf sumOfSquares
+      `Prelude.seq` Prelude.rnf variance
diff --git a/gen/Amazonka/IoT/Types/StepFunctionsAction.hs b/gen/Amazonka/IoT/Types/StepFunctionsAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/StepFunctionsAction.hs
@@ -0,0 +1,128 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.StepFunctionsAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.StepFunctionsAction where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Starts execution of a Step Functions state machine.
+--
+-- /See:/ 'newStepFunctionsAction' smart constructor.
+data StepFunctionsAction = StepFunctionsAction'
+  { -- | (Optional) A name will be given to the state machine execution
+    -- consisting of this prefix followed by a UUID. Step Functions
+    -- automatically creates a unique name for each state machine execution if
+    -- one is not provided.
+    executionNamePrefix :: Prelude.Maybe Prelude.Text,
+    -- | The name of the Step Functions state machine whose execution will be
+    -- started.
+    stateMachineName :: Prelude.Text,
+    -- | The ARN of the role that grants IoT permission to start execution of a
+    -- state machine (\"Action\":\"states:StartExecution\").
+    roleArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'StepFunctionsAction' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'executionNamePrefix', 'stepFunctionsAction_executionNamePrefix' - (Optional) A name will be given to the state machine execution
+-- consisting of this prefix followed by a UUID. Step Functions
+-- automatically creates a unique name for each state machine execution if
+-- one is not provided.
+--
+-- 'stateMachineName', 'stepFunctionsAction_stateMachineName' - The name of the Step Functions state machine whose execution will be
+-- started.
+--
+-- 'roleArn', 'stepFunctionsAction_roleArn' - The ARN of the role that grants IoT permission to start execution of a
+-- state machine (\"Action\":\"states:StartExecution\").
+newStepFunctionsAction ::
+  -- | 'stateMachineName'
+  Prelude.Text ->
+  -- | 'roleArn'
+  Prelude.Text ->
+  StepFunctionsAction
+newStepFunctionsAction pStateMachineName_ pRoleArn_ =
+  StepFunctionsAction'
+    { executionNamePrefix =
+        Prelude.Nothing,
+      stateMachineName = pStateMachineName_,
+      roleArn = pRoleArn_
+    }
+
+-- | (Optional) A name will be given to the state machine execution
+-- consisting of this prefix followed by a UUID. Step Functions
+-- automatically creates a unique name for each state machine execution if
+-- one is not provided.
+stepFunctionsAction_executionNamePrefix :: Lens.Lens' StepFunctionsAction (Prelude.Maybe Prelude.Text)
+stepFunctionsAction_executionNamePrefix = Lens.lens (\StepFunctionsAction' {executionNamePrefix} -> executionNamePrefix) (\s@StepFunctionsAction' {} a -> s {executionNamePrefix = a} :: StepFunctionsAction)
+
+-- | The name of the Step Functions state machine whose execution will be
+-- started.
+stepFunctionsAction_stateMachineName :: Lens.Lens' StepFunctionsAction Prelude.Text
+stepFunctionsAction_stateMachineName = Lens.lens (\StepFunctionsAction' {stateMachineName} -> stateMachineName) (\s@StepFunctionsAction' {} a -> s {stateMachineName = a} :: StepFunctionsAction)
+
+-- | The ARN of the role that grants IoT permission to start execution of a
+-- state machine (\"Action\":\"states:StartExecution\").
+stepFunctionsAction_roleArn :: Lens.Lens' StepFunctionsAction Prelude.Text
+stepFunctionsAction_roleArn = Lens.lens (\StepFunctionsAction' {roleArn} -> roleArn) (\s@StepFunctionsAction' {} a -> s {roleArn = a} :: StepFunctionsAction)
+
+instance Data.FromJSON StepFunctionsAction where
+  parseJSON =
+    Data.withObject
+      "StepFunctionsAction"
+      ( \x ->
+          StepFunctionsAction'
+            Prelude.<$> (x Data..:? "executionNamePrefix")
+            Prelude.<*> (x Data..: "stateMachineName")
+            Prelude.<*> (x Data..: "roleArn")
+      )
+
+instance Prelude.Hashable StepFunctionsAction where
+  hashWithSalt _salt StepFunctionsAction' {..} =
+    _salt
+      `Prelude.hashWithSalt` executionNamePrefix
+      `Prelude.hashWithSalt` stateMachineName
+      `Prelude.hashWithSalt` roleArn
+
+instance Prelude.NFData StepFunctionsAction where
+  rnf StepFunctionsAction' {..} =
+    Prelude.rnf executionNamePrefix
+      `Prelude.seq` Prelude.rnf stateMachineName
+      `Prelude.seq` Prelude.rnf roleArn
+
+instance Data.ToJSON StepFunctionsAction where
+  toJSON StepFunctionsAction' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("executionNamePrefix" Data..=)
+              Prelude.<$> executionNamePrefix,
+            Prelude.Just
+              ("stateMachineName" Data..= stateMachineName),
+            Prelude.Just ("roleArn" Data..= roleArn)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/Stream.hs b/gen/Amazonka/IoT/Types/Stream.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/Stream.hs
@@ -0,0 +1,93 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.Stream
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.Stream where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes a group of files that can be streamed.
+--
+-- /See:/ 'newStream' smart constructor.
+data Stream = Stream'
+  { -- | The ID of a file associated with a stream.
+    fileId :: Prelude.Maybe Prelude.Natural,
+    -- | The stream ID.
+    streamId :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'Stream' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'fileId', 'stream_fileId' - The ID of a file associated with a stream.
+--
+-- 'streamId', 'stream_streamId' - The stream ID.
+newStream ::
+  Stream
+newStream =
+  Stream'
+    { fileId = Prelude.Nothing,
+      streamId = Prelude.Nothing
+    }
+
+-- | The ID of a file associated with a stream.
+stream_fileId :: Lens.Lens' Stream (Prelude.Maybe Prelude.Natural)
+stream_fileId = Lens.lens (\Stream' {fileId} -> fileId) (\s@Stream' {} a -> s {fileId = a} :: Stream)
+
+-- | The stream ID.
+stream_streamId :: Lens.Lens' Stream (Prelude.Maybe Prelude.Text)
+stream_streamId = Lens.lens (\Stream' {streamId} -> streamId) (\s@Stream' {} a -> s {streamId = a} :: Stream)
+
+instance Data.FromJSON Stream where
+  parseJSON =
+    Data.withObject
+      "Stream"
+      ( \x ->
+          Stream'
+            Prelude.<$> (x Data..:? "fileId")
+            Prelude.<*> (x Data..:? "streamId")
+      )
+
+instance Prelude.Hashable Stream where
+  hashWithSalt _salt Stream' {..} =
+    _salt
+      `Prelude.hashWithSalt` fileId
+      `Prelude.hashWithSalt` streamId
+
+instance Prelude.NFData Stream where
+  rnf Stream' {..} =
+    Prelude.rnf fileId
+      `Prelude.seq` Prelude.rnf streamId
+
+instance Data.ToJSON Stream where
+  toJSON Stream' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("fileId" Data..=) Prelude.<$> fileId,
+            ("streamId" Data..=) Prelude.<$> streamId
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/StreamFile.hs b/gen/Amazonka/IoT/Types/StreamFile.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/StreamFile.hs
@@ -0,0 +1,94 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.StreamFile
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.StreamFile where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.S3Location
+import qualified Amazonka.Prelude as Prelude
+
+-- | Represents a file to stream.
+--
+-- /See:/ 'newStreamFile' smart constructor.
+data StreamFile = StreamFile'
+  { -- | The file ID.
+    fileId :: Prelude.Maybe Prelude.Natural,
+    -- | The location of the file in S3.
+    s3Location :: Prelude.Maybe S3Location
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'StreamFile' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'fileId', 'streamFile_fileId' - The file ID.
+--
+-- 's3Location', 'streamFile_s3Location' - The location of the file in S3.
+newStreamFile ::
+  StreamFile
+newStreamFile =
+  StreamFile'
+    { fileId = Prelude.Nothing,
+      s3Location = Prelude.Nothing
+    }
+
+-- | The file ID.
+streamFile_fileId :: Lens.Lens' StreamFile (Prelude.Maybe Prelude.Natural)
+streamFile_fileId = Lens.lens (\StreamFile' {fileId} -> fileId) (\s@StreamFile' {} a -> s {fileId = a} :: StreamFile)
+
+-- | The location of the file in S3.
+streamFile_s3Location :: Lens.Lens' StreamFile (Prelude.Maybe S3Location)
+streamFile_s3Location = Lens.lens (\StreamFile' {s3Location} -> s3Location) (\s@StreamFile' {} a -> s {s3Location = a} :: StreamFile)
+
+instance Data.FromJSON StreamFile where
+  parseJSON =
+    Data.withObject
+      "StreamFile"
+      ( \x ->
+          StreamFile'
+            Prelude.<$> (x Data..:? "fileId")
+            Prelude.<*> (x Data..:? "s3Location")
+      )
+
+instance Prelude.Hashable StreamFile where
+  hashWithSalt _salt StreamFile' {..} =
+    _salt
+      `Prelude.hashWithSalt` fileId
+      `Prelude.hashWithSalt` s3Location
+
+instance Prelude.NFData StreamFile where
+  rnf StreamFile' {..} =
+    Prelude.rnf fileId
+      `Prelude.seq` Prelude.rnf s3Location
+
+instance Data.ToJSON StreamFile where
+  toJSON StreamFile' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("fileId" Data..=) Prelude.<$> fileId,
+            ("s3Location" Data..=) Prelude.<$> s3Location
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/StreamInfo.hs b/gen/Amazonka/IoT/Types/StreamInfo.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/StreamInfo.hs
@@ -0,0 +1,157 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.StreamInfo
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.StreamInfo where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.StreamFile
+import qualified Amazonka.Prelude as Prelude
+
+-- | Information about a stream.
+--
+-- /See:/ 'newStreamInfo' smart constructor.
+data StreamInfo = StreamInfo'
+  { -- | The date when the stream was created.
+    createdAt :: Prelude.Maybe Data.POSIX,
+    -- | The description of the stream.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | The files to stream.
+    files :: Prelude.Maybe (Prelude.NonEmpty StreamFile),
+    -- | The date when the stream was last updated.
+    lastUpdatedAt :: Prelude.Maybe Data.POSIX,
+    -- | An IAM role IoT assumes to access your S3 files.
+    roleArn :: Prelude.Maybe Prelude.Text,
+    -- | The stream ARN.
+    streamArn :: Prelude.Maybe Prelude.Text,
+    -- | The stream ID.
+    streamId :: Prelude.Maybe Prelude.Text,
+    -- | The stream version.
+    streamVersion :: Prelude.Maybe Prelude.Natural
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'StreamInfo' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'createdAt', 'streamInfo_createdAt' - The date when the stream was created.
+--
+-- 'description', 'streamInfo_description' - The description of the stream.
+--
+-- 'files', 'streamInfo_files' - The files to stream.
+--
+-- 'lastUpdatedAt', 'streamInfo_lastUpdatedAt' - The date when the stream was last updated.
+--
+-- 'roleArn', 'streamInfo_roleArn' - An IAM role IoT assumes to access your S3 files.
+--
+-- 'streamArn', 'streamInfo_streamArn' - The stream ARN.
+--
+-- 'streamId', 'streamInfo_streamId' - The stream ID.
+--
+-- 'streamVersion', 'streamInfo_streamVersion' - The stream version.
+newStreamInfo ::
+  StreamInfo
+newStreamInfo =
+  StreamInfo'
+    { createdAt = Prelude.Nothing,
+      description = Prelude.Nothing,
+      files = Prelude.Nothing,
+      lastUpdatedAt = Prelude.Nothing,
+      roleArn = Prelude.Nothing,
+      streamArn = Prelude.Nothing,
+      streamId = Prelude.Nothing,
+      streamVersion = Prelude.Nothing
+    }
+
+-- | The date when the stream was created.
+streamInfo_createdAt :: Lens.Lens' StreamInfo (Prelude.Maybe Prelude.UTCTime)
+streamInfo_createdAt = Lens.lens (\StreamInfo' {createdAt} -> createdAt) (\s@StreamInfo' {} a -> s {createdAt = a} :: StreamInfo) Prelude.. Lens.mapping Data._Time
+
+-- | The description of the stream.
+streamInfo_description :: Lens.Lens' StreamInfo (Prelude.Maybe Prelude.Text)
+streamInfo_description = Lens.lens (\StreamInfo' {description} -> description) (\s@StreamInfo' {} a -> s {description = a} :: StreamInfo)
+
+-- | The files to stream.
+streamInfo_files :: Lens.Lens' StreamInfo (Prelude.Maybe (Prelude.NonEmpty StreamFile))
+streamInfo_files = Lens.lens (\StreamInfo' {files} -> files) (\s@StreamInfo' {} a -> s {files = a} :: StreamInfo) Prelude.. Lens.mapping Lens.coerced
+
+-- | The date when the stream was last updated.
+streamInfo_lastUpdatedAt :: Lens.Lens' StreamInfo (Prelude.Maybe Prelude.UTCTime)
+streamInfo_lastUpdatedAt = Lens.lens (\StreamInfo' {lastUpdatedAt} -> lastUpdatedAt) (\s@StreamInfo' {} a -> s {lastUpdatedAt = a} :: StreamInfo) Prelude.. Lens.mapping Data._Time
+
+-- | An IAM role IoT assumes to access your S3 files.
+streamInfo_roleArn :: Lens.Lens' StreamInfo (Prelude.Maybe Prelude.Text)
+streamInfo_roleArn = Lens.lens (\StreamInfo' {roleArn} -> roleArn) (\s@StreamInfo' {} a -> s {roleArn = a} :: StreamInfo)
+
+-- | The stream ARN.
+streamInfo_streamArn :: Lens.Lens' StreamInfo (Prelude.Maybe Prelude.Text)
+streamInfo_streamArn = Lens.lens (\StreamInfo' {streamArn} -> streamArn) (\s@StreamInfo' {} a -> s {streamArn = a} :: StreamInfo)
+
+-- | The stream ID.
+streamInfo_streamId :: Lens.Lens' StreamInfo (Prelude.Maybe Prelude.Text)
+streamInfo_streamId = Lens.lens (\StreamInfo' {streamId} -> streamId) (\s@StreamInfo' {} a -> s {streamId = a} :: StreamInfo)
+
+-- | The stream version.
+streamInfo_streamVersion :: Lens.Lens' StreamInfo (Prelude.Maybe Prelude.Natural)
+streamInfo_streamVersion = Lens.lens (\StreamInfo' {streamVersion} -> streamVersion) (\s@StreamInfo' {} a -> s {streamVersion = a} :: StreamInfo)
+
+instance Data.FromJSON StreamInfo where
+  parseJSON =
+    Data.withObject
+      "StreamInfo"
+      ( \x ->
+          StreamInfo'
+            Prelude.<$> (x Data..:? "createdAt")
+            Prelude.<*> (x Data..:? "description")
+            Prelude.<*> (x Data..:? "files")
+            Prelude.<*> (x Data..:? "lastUpdatedAt")
+            Prelude.<*> (x Data..:? "roleArn")
+            Prelude.<*> (x Data..:? "streamArn")
+            Prelude.<*> (x Data..:? "streamId")
+            Prelude.<*> (x Data..:? "streamVersion")
+      )
+
+instance Prelude.Hashable StreamInfo where
+  hashWithSalt _salt StreamInfo' {..} =
+    _salt
+      `Prelude.hashWithSalt` createdAt
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` files
+      `Prelude.hashWithSalt` lastUpdatedAt
+      `Prelude.hashWithSalt` roleArn
+      `Prelude.hashWithSalt` streamArn
+      `Prelude.hashWithSalt` streamId
+      `Prelude.hashWithSalt` streamVersion
+
+instance Prelude.NFData StreamInfo where
+  rnf StreamInfo' {..} =
+    Prelude.rnf createdAt
+      `Prelude.seq` Prelude.rnf description
+      `Prelude.seq` Prelude.rnf files
+      `Prelude.seq` Prelude.rnf lastUpdatedAt
+      `Prelude.seq` Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf streamArn
+      `Prelude.seq` Prelude.rnf streamId
+      `Prelude.seq` Prelude.rnf streamVersion
diff --git a/gen/Amazonka/IoT/Types/StreamSummary.hs b/gen/Amazonka/IoT/Types/StreamSummary.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/StreamSummary.hs
@@ -0,0 +1,108 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.StreamSummary
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.StreamSummary where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | A summary of a stream.
+--
+-- /See:/ 'newStreamSummary' smart constructor.
+data StreamSummary = StreamSummary'
+  { -- | A description of the stream.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | The stream ARN.
+    streamArn :: Prelude.Maybe Prelude.Text,
+    -- | The stream ID.
+    streamId :: Prelude.Maybe Prelude.Text,
+    -- | The stream version.
+    streamVersion :: Prelude.Maybe Prelude.Natural
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'StreamSummary' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'description', 'streamSummary_description' - A description of the stream.
+--
+-- 'streamArn', 'streamSummary_streamArn' - The stream ARN.
+--
+-- 'streamId', 'streamSummary_streamId' - The stream ID.
+--
+-- 'streamVersion', 'streamSummary_streamVersion' - The stream version.
+newStreamSummary ::
+  StreamSummary
+newStreamSummary =
+  StreamSummary'
+    { description = Prelude.Nothing,
+      streamArn = Prelude.Nothing,
+      streamId = Prelude.Nothing,
+      streamVersion = Prelude.Nothing
+    }
+
+-- | A description of the stream.
+streamSummary_description :: Lens.Lens' StreamSummary (Prelude.Maybe Prelude.Text)
+streamSummary_description = Lens.lens (\StreamSummary' {description} -> description) (\s@StreamSummary' {} a -> s {description = a} :: StreamSummary)
+
+-- | The stream ARN.
+streamSummary_streamArn :: Lens.Lens' StreamSummary (Prelude.Maybe Prelude.Text)
+streamSummary_streamArn = Lens.lens (\StreamSummary' {streamArn} -> streamArn) (\s@StreamSummary' {} a -> s {streamArn = a} :: StreamSummary)
+
+-- | The stream ID.
+streamSummary_streamId :: Lens.Lens' StreamSummary (Prelude.Maybe Prelude.Text)
+streamSummary_streamId = Lens.lens (\StreamSummary' {streamId} -> streamId) (\s@StreamSummary' {} a -> s {streamId = a} :: StreamSummary)
+
+-- | The stream version.
+streamSummary_streamVersion :: Lens.Lens' StreamSummary (Prelude.Maybe Prelude.Natural)
+streamSummary_streamVersion = Lens.lens (\StreamSummary' {streamVersion} -> streamVersion) (\s@StreamSummary' {} a -> s {streamVersion = a} :: StreamSummary)
+
+instance Data.FromJSON StreamSummary where
+  parseJSON =
+    Data.withObject
+      "StreamSummary"
+      ( \x ->
+          StreamSummary'
+            Prelude.<$> (x Data..:? "description")
+            Prelude.<*> (x Data..:? "streamArn")
+            Prelude.<*> (x Data..:? "streamId")
+            Prelude.<*> (x Data..:? "streamVersion")
+      )
+
+instance Prelude.Hashable StreamSummary where
+  hashWithSalt _salt StreamSummary' {..} =
+    _salt
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` streamArn
+      `Prelude.hashWithSalt` streamId
+      `Prelude.hashWithSalt` streamVersion
+
+instance Prelude.NFData StreamSummary where
+  rnf StreamSummary' {..} =
+    Prelude.rnf description
+      `Prelude.seq` Prelude.rnf streamArn
+      `Prelude.seq` Prelude.rnf streamId
+      `Prelude.seq` Prelude.rnf streamVersion
diff --git a/gen/Amazonka/IoT/Types/Tag.hs b/gen/Amazonka/IoT/Types/Tag.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/Tag.hs
@@ -0,0 +1,91 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.Tag
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.Tag where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | A set of key\/value pairs that are used to manage the resource.
+--
+-- /See:/ 'newTag' smart constructor.
+data Tag = Tag'
+  { -- | The tag\'s value.
+    value :: Prelude.Maybe Prelude.Text,
+    -- | The tag\'s key.
+    key :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'Tag' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'value', 'tag_value' - The tag\'s value.
+--
+-- 'key', 'tag_key' - The tag\'s key.
+newTag ::
+  -- | 'key'
+  Prelude.Text ->
+  Tag
+newTag pKey_ =
+  Tag' {value = Prelude.Nothing, key = pKey_}
+
+-- | The tag\'s value.
+tag_value :: Lens.Lens' Tag (Prelude.Maybe Prelude.Text)
+tag_value = Lens.lens (\Tag' {value} -> value) (\s@Tag' {} a -> s {value = a} :: Tag)
+
+-- | The tag\'s key.
+tag_key :: Lens.Lens' Tag Prelude.Text
+tag_key = Lens.lens (\Tag' {key} -> key) (\s@Tag' {} a -> s {key = a} :: Tag)
+
+instance Data.FromJSON Tag where
+  parseJSON =
+    Data.withObject
+      "Tag"
+      ( \x ->
+          Tag'
+            Prelude.<$> (x Data..:? "Value")
+            Prelude.<*> (x Data..: "Key")
+      )
+
+instance Prelude.Hashable Tag where
+  hashWithSalt _salt Tag' {..} =
+    _salt
+      `Prelude.hashWithSalt` value
+      `Prelude.hashWithSalt` key
+
+instance Prelude.NFData Tag where
+  rnf Tag' {..} =
+    Prelude.rnf value `Prelude.seq` Prelude.rnf key
+
+instance Data.ToJSON Tag where
+  toJSON Tag' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("Value" Data..=) Prelude.<$> value,
+            Prelude.Just ("Key" Data..= key)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/TargetSelection.hs b/gen/Amazonka/IoT/Types/TargetSelection.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/TargetSelection.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.TargetSelection
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.TargetSelection
+  ( TargetSelection
+      ( ..,
+        TargetSelection_CONTINUOUS,
+        TargetSelection_SNAPSHOT
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype TargetSelection = TargetSelection'
+  { fromTargetSelection ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern TargetSelection_CONTINUOUS :: TargetSelection
+pattern TargetSelection_CONTINUOUS = TargetSelection' "CONTINUOUS"
+
+pattern TargetSelection_SNAPSHOT :: TargetSelection
+pattern TargetSelection_SNAPSHOT = TargetSelection' "SNAPSHOT"
+
+{-# COMPLETE
+  TargetSelection_CONTINUOUS,
+  TargetSelection_SNAPSHOT,
+  TargetSelection'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/TaskStatistics.hs b/gen/Amazonka/IoT/Types/TaskStatistics.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/TaskStatistics.hs
@@ -0,0 +1,144 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.TaskStatistics
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.TaskStatistics where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Statistics for the checks performed during the audit.
+--
+-- /See:/ 'newTaskStatistics' smart constructor.
+data TaskStatistics = TaskStatistics'
+  { -- | The number of checks that did not run because the audit was canceled.
+    canceledChecks :: Prelude.Maybe Prelude.Int,
+    -- | The number of checks that found compliant resources.
+    compliantChecks :: Prelude.Maybe Prelude.Int,
+    -- | The number of checks.
+    failedChecks :: Prelude.Maybe Prelude.Int,
+    -- | The number of checks in progress.
+    inProgressChecks :: Prelude.Maybe Prelude.Int,
+    -- | The number of checks that found noncompliant resources.
+    nonCompliantChecks :: Prelude.Maybe Prelude.Int,
+    -- | The number of checks in this audit.
+    totalChecks :: Prelude.Maybe Prelude.Int,
+    -- | The number of checks waiting for data collection.
+    waitingForDataCollectionChecks :: Prelude.Maybe Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TaskStatistics' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'canceledChecks', 'taskStatistics_canceledChecks' - The number of checks that did not run because the audit was canceled.
+--
+-- 'compliantChecks', 'taskStatistics_compliantChecks' - The number of checks that found compliant resources.
+--
+-- 'failedChecks', 'taskStatistics_failedChecks' - The number of checks.
+--
+-- 'inProgressChecks', 'taskStatistics_inProgressChecks' - The number of checks in progress.
+--
+-- 'nonCompliantChecks', 'taskStatistics_nonCompliantChecks' - The number of checks that found noncompliant resources.
+--
+-- 'totalChecks', 'taskStatistics_totalChecks' - The number of checks in this audit.
+--
+-- 'waitingForDataCollectionChecks', 'taskStatistics_waitingForDataCollectionChecks' - The number of checks waiting for data collection.
+newTaskStatistics ::
+  TaskStatistics
+newTaskStatistics =
+  TaskStatistics'
+    { canceledChecks = Prelude.Nothing,
+      compliantChecks = Prelude.Nothing,
+      failedChecks = Prelude.Nothing,
+      inProgressChecks = Prelude.Nothing,
+      nonCompliantChecks = Prelude.Nothing,
+      totalChecks = Prelude.Nothing,
+      waitingForDataCollectionChecks = Prelude.Nothing
+    }
+
+-- | The number of checks that did not run because the audit was canceled.
+taskStatistics_canceledChecks :: Lens.Lens' TaskStatistics (Prelude.Maybe Prelude.Int)
+taskStatistics_canceledChecks = Lens.lens (\TaskStatistics' {canceledChecks} -> canceledChecks) (\s@TaskStatistics' {} a -> s {canceledChecks = a} :: TaskStatistics)
+
+-- | The number of checks that found compliant resources.
+taskStatistics_compliantChecks :: Lens.Lens' TaskStatistics (Prelude.Maybe Prelude.Int)
+taskStatistics_compliantChecks = Lens.lens (\TaskStatistics' {compliantChecks} -> compliantChecks) (\s@TaskStatistics' {} a -> s {compliantChecks = a} :: TaskStatistics)
+
+-- | The number of checks.
+taskStatistics_failedChecks :: Lens.Lens' TaskStatistics (Prelude.Maybe Prelude.Int)
+taskStatistics_failedChecks = Lens.lens (\TaskStatistics' {failedChecks} -> failedChecks) (\s@TaskStatistics' {} a -> s {failedChecks = a} :: TaskStatistics)
+
+-- | The number of checks in progress.
+taskStatistics_inProgressChecks :: Lens.Lens' TaskStatistics (Prelude.Maybe Prelude.Int)
+taskStatistics_inProgressChecks = Lens.lens (\TaskStatistics' {inProgressChecks} -> inProgressChecks) (\s@TaskStatistics' {} a -> s {inProgressChecks = a} :: TaskStatistics)
+
+-- | The number of checks that found noncompliant resources.
+taskStatistics_nonCompliantChecks :: Lens.Lens' TaskStatistics (Prelude.Maybe Prelude.Int)
+taskStatistics_nonCompliantChecks = Lens.lens (\TaskStatistics' {nonCompliantChecks} -> nonCompliantChecks) (\s@TaskStatistics' {} a -> s {nonCompliantChecks = a} :: TaskStatistics)
+
+-- | The number of checks in this audit.
+taskStatistics_totalChecks :: Lens.Lens' TaskStatistics (Prelude.Maybe Prelude.Int)
+taskStatistics_totalChecks = Lens.lens (\TaskStatistics' {totalChecks} -> totalChecks) (\s@TaskStatistics' {} a -> s {totalChecks = a} :: TaskStatistics)
+
+-- | The number of checks waiting for data collection.
+taskStatistics_waitingForDataCollectionChecks :: Lens.Lens' TaskStatistics (Prelude.Maybe Prelude.Int)
+taskStatistics_waitingForDataCollectionChecks = Lens.lens (\TaskStatistics' {waitingForDataCollectionChecks} -> waitingForDataCollectionChecks) (\s@TaskStatistics' {} a -> s {waitingForDataCollectionChecks = a} :: TaskStatistics)
+
+instance Data.FromJSON TaskStatistics where
+  parseJSON =
+    Data.withObject
+      "TaskStatistics"
+      ( \x ->
+          TaskStatistics'
+            Prelude.<$> (x Data..:? "canceledChecks")
+            Prelude.<*> (x Data..:? "compliantChecks")
+            Prelude.<*> (x Data..:? "failedChecks")
+            Prelude.<*> (x Data..:? "inProgressChecks")
+            Prelude.<*> (x Data..:? "nonCompliantChecks")
+            Prelude.<*> (x Data..:? "totalChecks")
+            Prelude.<*> (x Data..:? "waitingForDataCollectionChecks")
+      )
+
+instance Prelude.Hashable TaskStatistics where
+  hashWithSalt _salt TaskStatistics' {..} =
+    _salt
+      `Prelude.hashWithSalt` canceledChecks
+      `Prelude.hashWithSalt` compliantChecks
+      `Prelude.hashWithSalt` failedChecks
+      `Prelude.hashWithSalt` inProgressChecks
+      `Prelude.hashWithSalt` nonCompliantChecks
+      `Prelude.hashWithSalt` totalChecks
+      `Prelude.hashWithSalt` waitingForDataCollectionChecks
+
+instance Prelude.NFData TaskStatistics where
+  rnf TaskStatistics' {..} =
+    Prelude.rnf canceledChecks
+      `Prelude.seq` Prelude.rnf compliantChecks
+      `Prelude.seq` Prelude.rnf failedChecks
+      `Prelude.seq` Prelude.rnf inProgressChecks
+      `Prelude.seq` Prelude.rnf nonCompliantChecks
+      `Prelude.seq` Prelude.rnf totalChecks
+      `Prelude.seq` Prelude.rnf waitingForDataCollectionChecks
diff --git a/gen/Amazonka/IoT/Types/TaskStatisticsForAuditCheck.hs b/gen/Amazonka/IoT/Types/TaskStatisticsForAuditCheck.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/TaskStatisticsForAuditCheck.hs
@@ -0,0 +1,135 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.TaskStatisticsForAuditCheck
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.TaskStatisticsForAuditCheck where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Provides summary counts of how many tasks for findings are in a
+-- particular state. This information is included in the response from
+-- DescribeAuditMitigationActionsTask.
+--
+-- /See:/ 'newTaskStatisticsForAuditCheck' smart constructor.
+data TaskStatisticsForAuditCheck = TaskStatisticsForAuditCheck'
+  { -- | The number of findings to which the mitigation action task was canceled
+    -- when applied.
+    canceledFindingsCount :: Prelude.Maybe Prelude.Integer,
+    -- | The number of findings for which at least one of the actions failed when
+    -- applied.
+    failedFindingsCount :: Prelude.Maybe Prelude.Integer,
+    -- | The number of findings skipped because of filter conditions provided in
+    -- the parameters to the command.
+    skippedFindingsCount :: Prelude.Maybe Prelude.Integer,
+    -- | The number of findings for which all mitigation actions succeeded when
+    -- applied.
+    succeededFindingsCount :: Prelude.Maybe Prelude.Integer,
+    -- | The total number of findings to which a task is being applied.
+    totalFindingsCount :: Prelude.Maybe Prelude.Integer
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TaskStatisticsForAuditCheck' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'canceledFindingsCount', 'taskStatisticsForAuditCheck_canceledFindingsCount' - The number of findings to which the mitigation action task was canceled
+-- when applied.
+--
+-- 'failedFindingsCount', 'taskStatisticsForAuditCheck_failedFindingsCount' - The number of findings for which at least one of the actions failed when
+-- applied.
+--
+-- 'skippedFindingsCount', 'taskStatisticsForAuditCheck_skippedFindingsCount' - The number of findings skipped because of filter conditions provided in
+-- the parameters to the command.
+--
+-- 'succeededFindingsCount', 'taskStatisticsForAuditCheck_succeededFindingsCount' - The number of findings for which all mitigation actions succeeded when
+-- applied.
+--
+-- 'totalFindingsCount', 'taskStatisticsForAuditCheck_totalFindingsCount' - The total number of findings to which a task is being applied.
+newTaskStatisticsForAuditCheck ::
+  TaskStatisticsForAuditCheck
+newTaskStatisticsForAuditCheck =
+  TaskStatisticsForAuditCheck'
+    { canceledFindingsCount =
+        Prelude.Nothing,
+      failedFindingsCount = Prelude.Nothing,
+      skippedFindingsCount = Prelude.Nothing,
+      succeededFindingsCount = Prelude.Nothing,
+      totalFindingsCount = Prelude.Nothing
+    }
+
+-- | The number of findings to which the mitigation action task was canceled
+-- when applied.
+taskStatisticsForAuditCheck_canceledFindingsCount :: Lens.Lens' TaskStatisticsForAuditCheck (Prelude.Maybe Prelude.Integer)
+taskStatisticsForAuditCheck_canceledFindingsCount = Lens.lens (\TaskStatisticsForAuditCheck' {canceledFindingsCount} -> canceledFindingsCount) (\s@TaskStatisticsForAuditCheck' {} a -> s {canceledFindingsCount = a} :: TaskStatisticsForAuditCheck)
+
+-- | The number of findings for which at least one of the actions failed when
+-- applied.
+taskStatisticsForAuditCheck_failedFindingsCount :: Lens.Lens' TaskStatisticsForAuditCheck (Prelude.Maybe Prelude.Integer)
+taskStatisticsForAuditCheck_failedFindingsCount = Lens.lens (\TaskStatisticsForAuditCheck' {failedFindingsCount} -> failedFindingsCount) (\s@TaskStatisticsForAuditCheck' {} a -> s {failedFindingsCount = a} :: TaskStatisticsForAuditCheck)
+
+-- | The number of findings skipped because of filter conditions provided in
+-- the parameters to the command.
+taskStatisticsForAuditCheck_skippedFindingsCount :: Lens.Lens' TaskStatisticsForAuditCheck (Prelude.Maybe Prelude.Integer)
+taskStatisticsForAuditCheck_skippedFindingsCount = Lens.lens (\TaskStatisticsForAuditCheck' {skippedFindingsCount} -> skippedFindingsCount) (\s@TaskStatisticsForAuditCheck' {} a -> s {skippedFindingsCount = a} :: TaskStatisticsForAuditCheck)
+
+-- | The number of findings for which all mitigation actions succeeded when
+-- applied.
+taskStatisticsForAuditCheck_succeededFindingsCount :: Lens.Lens' TaskStatisticsForAuditCheck (Prelude.Maybe Prelude.Integer)
+taskStatisticsForAuditCheck_succeededFindingsCount = Lens.lens (\TaskStatisticsForAuditCheck' {succeededFindingsCount} -> succeededFindingsCount) (\s@TaskStatisticsForAuditCheck' {} a -> s {succeededFindingsCount = a} :: TaskStatisticsForAuditCheck)
+
+-- | The total number of findings to which a task is being applied.
+taskStatisticsForAuditCheck_totalFindingsCount :: Lens.Lens' TaskStatisticsForAuditCheck (Prelude.Maybe Prelude.Integer)
+taskStatisticsForAuditCheck_totalFindingsCount = Lens.lens (\TaskStatisticsForAuditCheck' {totalFindingsCount} -> totalFindingsCount) (\s@TaskStatisticsForAuditCheck' {} a -> s {totalFindingsCount = a} :: TaskStatisticsForAuditCheck)
+
+instance Data.FromJSON TaskStatisticsForAuditCheck where
+  parseJSON =
+    Data.withObject
+      "TaskStatisticsForAuditCheck"
+      ( \x ->
+          TaskStatisticsForAuditCheck'
+            Prelude.<$> (x Data..:? "canceledFindingsCount")
+            Prelude.<*> (x Data..:? "failedFindingsCount")
+            Prelude.<*> (x Data..:? "skippedFindingsCount")
+            Prelude.<*> (x Data..:? "succeededFindingsCount")
+            Prelude.<*> (x Data..:? "totalFindingsCount")
+      )
+
+instance Prelude.Hashable TaskStatisticsForAuditCheck where
+  hashWithSalt _salt TaskStatisticsForAuditCheck' {..} =
+    _salt
+      `Prelude.hashWithSalt` canceledFindingsCount
+      `Prelude.hashWithSalt` failedFindingsCount
+      `Prelude.hashWithSalt` skippedFindingsCount
+      `Prelude.hashWithSalt` succeededFindingsCount
+      `Prelude.hashWithSalt` totalFindingsCount
+
+instance Prelude.NFData TaskStatisticsForAuditCheck where
+  rnf TaskStatisticsForAuditCheck' {..} =
+    Prelude.rnf canceledFindingsCount
+      `Prelude.seq` Prelude.rnf failedFindingsCount
+      `Prelude.seq` Prelude.rnf skippedFindingsCount
+      `Prelude.seq` Prelude.rnf succeededFindingsCount
+      `Prelude.seq` Prelude.rnf totalFindingsCount
diff --git a/gen/Amazonka/IoT/Types/TaskStatus.hs b/gen/Amazonka/IoT/Types/TaskStatus.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/TaskStatus.hs
@@ -0,0 +1,86 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.TaskStatus
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.TaskStatus
+  ( TaskStatus
+      ( ..,
+        TaskStatus_Cancelled,
+        TaskStatus_Cancelling,
+        TaskStatus_Completed,
+        TaskStatus_Failed,
+        TaskStatus_InProgress
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype TaskStatus = TaskStatus'
+  { fromTaskStatus ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern TaskStatus_Cancelled :: TaskStatus
+pattern TaskStatus_Cancelled = TaskStatus' "Cancelled"
+
+pattern TaskStatus_Cancelling :: TaskStatus
+pattern TaskStatus_Cancelling = TaskStatus' "Cancelling"
+
+pattern TaskStatus_Completed :: TaskStatus
+pattern TaskStatus_Completed = TaskStatus' "Completed"
+
+pattern TaskStatus_Failed :: TaskStatus
+pattern TaskStatus_Failed = TaskStatus' "Failed"
+
+pattern TaskStatus_InProgress :: TaskStatus
+pattern TaskStatus_InProgress = TaskStatus' "InProgress"
+
+{-# COMPLETE
+  TaskStatus_Cancelled,
+  TaskStatus_Cancelling,
+  TaskStatus_Completed,
+  TaskStatus_Failed,
+  TaskStatus_InProgress,
+  TaskStatus'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/TemplateType.hs b/gen/Amazonka/IoT/Types/TemplateType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/TemplateType.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.TemplateType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.TemplateType
+  ( TemplateType
+      ( ..,
+        TemplateType_FLEET_PROVISIONING,
+        TemplateType_JITP
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype TemplateType = TemplateType'
+  { fromTemplateType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern TemplateType_FLEET_PROVISIONING :: TemplateType
+pattern TemplateType_FLEET_PROVISIONING = TemplateType' "FLEET_PROVISIONING"
+
+pattern TemplateType_JITP :: TemplateType
+pattern TemplateType_JITP = TemplateType' "JITP"
+
+{-# COMPLETE
+  TemplateType_FLEET_PROVISIONING,
+  TemplateType_JITP,
+  TemplateType'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/TermsAggregation.hs b/gen/Amazonka/IoT/Types/TermsAggregation.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/TermsAggregation.hs
@@ -0,0 +1,68 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.TermsAggregation
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.TermsAggregation where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Performs an aggregation that will return a list of buckets. The list of
+-- buckets is a ranked list of the number of occurrences of an aggregation
+-- field value.
+--
+-- /See:/ 'newTermsAggregation' smart constructor.
+data TermsAggregation = TermsAggregation'
+  { -- | The number of buckets to return in the response. Default to 10.
+    maxBuckets :: Prelude.Maybe Prelude.Natural
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TermsAggregation' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxBuckets', 'termsAggregation_maxBuckets' - The number of buckets to return in the response. Default to 10.
+newTermsAggregation ::
+  TermsAggregation
+newTermsAggregation =
+  TermsAggregation' {maxBuckets = Prelude.Nothing}
+
+-- | The number of buckets to return in the response. Default to 10.
+termsAggregation_maxBuckets :: Lens.Lens' TermsAggregation (Prelude.Maybe Prelude.Natural)
+termsAggregation_maxBuckets = Lens.lens (\TermsAggregation' {maxBuckets} -> maxBuckets) (\s@TermsAggregation' {} a -> s {maxBuckets = a} :: TermsAggregation)
+
+instance Prelude.Hashable TermsAggregation where
+  hashWithSalt _salt TermsAggregation' {..} =
+    _salt `Prelude.hashWithSalt` maxBuckets
+
+instance Prelude.NFData TermsAggregation where
+  rnf TermsAggregation' {..} = Prelude.rnf maxBuckets
+
+instance Data.ToJSON TermsAggregation where
+  toJSON TermsAggregation' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [("maxBuckets" Data..=) Prelude.<$> maxBuckets]
+      )
diff --git a/gen/Amazonka/IoT/Types/ThingAttribute.hs b/gen/Amazonka/IoT/Types/ThingAttribute.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ThingAttribute.hs
@@ -0,0 +1,124 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ThingAttribute
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ThingAttribute where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The properties of the thing, including thing name, thing type name, and
+-- a list of thing attributes.
+--
+-- /See:/ 'newThingAttribute' smart constructor.
+data ThingAttribute = ThingAttribute'
+  { -- | A list of thing attributes which are name-value pairs.
+    attributes :: Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text),
+    -- | The thing ARN.
+    thingArn :: Prelude.Maybe Prelude.Text,
+    -- | The name of the thing.
+    thingName :: Prelude.Maybe Prelude.Text,
+    -- | The name of the thing type, if the thing has been associated with a
+    -- type.
+    thingTypeName :: Prelude.Maybe Prelude.Text,
+    -- | The version of the thing record in the registry.
+    version :: Prelude.Maybe Prelude.Integer
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ThingAttribute' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'attributes', 'thingAttribute_attributes' - A list of thing attributes which are name-value pairs.
+--
+-- 'thingArn', 'thingAttribute_thingArn' - The thing ARN.
+--
+-- 'thingName', 'thingAttribute_thingName' - The name of the thing.
+--
+-- 'thingTypeName', 'thingAttribute_thingTypeName' - The name of the thing type, if the thing has been associated with a
+-- type.
+--
+-- 'version', 'thingAttribute_version' - The version of the thing record in the registry.
+newThingAttribute ::
+  ThingAttribute
+newThingAttribute =
+  ThingAttribute'
+    { attributes = Prelude.Nothing,
+      thingArn = Prelude.Nothing,
+      thingName = Prelude.Nothing,
+      thingTypeName = Prelude.Nothing,
+      version = Prelude.Nothing
+    }
+
+-- | A list of thing attributes which are name-value pairs.
+thingAttribute_attributes :: Lens.Lens' ThingAttribute (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
+thingAttribute_attributes = Lens.lens (\ThingAttribute' {attributes} -> attributes) (\s@ThingAttribute' {} a -> s {attributes = a} :: ThingAttribute) Prelude.. Lens.mapping Lens.coerced
+
+-- | The thing ARN.
+thingAttribute_thingArn :: Lens.Lens' ThingAttribute (Prelude.Maybe Prelude.Text)
+thingAttribute_thingArn = Lens.lens (\ThingAttribute' {thingArn} -> thingArn) (\s@ThingAttribute' {} a -> s {thingArn = a} :: ThingAttribute)
+
+-- | The name of the thing.
+thingAttribute_thingName :: Lens.Lens' ThingAttribute (Prelude.Maybe Prelude.Text)
+thingAttribute_thingName = Lens.lens (\ThingAttribute' {thingName} -> thingName) (\s@ThingAttribute' {} a -> s {thingName = a} :: ThingAttribute)
+
+-- | The name of the thing type, if the thing has been associated with a
+-- type.
+thingAttribute_thingTypeName :: Lens.Lens' ThingAttribute (Prelude.Maybe Prelude.Text)
+thingAttribute_thingTypeName = Lens.lens (\ThingAttribute' {thingTypeName} -> thingTypeName) (\s@ThingAttribute' {} a -> s {thingTypeName = a} :: ThingAttribute)
+
+-- | The version of the thing record in the registry.
+thingAttribute_version :: Lens.Lens' ThingAttribute (Prelude.Maybe Prelude.Integer)
+thingAttribute_version = Lens.lens (\ThingAttribute' {version} -> version) (\s@ThingAttribute' {} a -> s {version = a} :: ThingAttribute)
+
+instance Data.FromJSON ThingAttribute where
+  parseJSON =
+    Data.withObject
+      "ThingAttribute"
+      ( \x ->
+          ThingAttribute'
+            Prelude.<$> (x Data..:? "attributes" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..:? "thingArn")
+            Prelude.<*> (x Data..:? "thingName")
+            Prelude.<*> (x Data..:? "thingTypeName")
+            Prelude.<*> (x Data..:? "version")
+      )
+
+instance Prelude.Hashable ThingAttribute where
+  hashWithSalt _salt ThingAttribute' {..} =
+    _salt
+      `Prelude.hashWithSalt` attributes
+      `Prelude.hashWithSalt` thingArn
+      `Prelude.hashWithSalt` thingName
+      `Prelude.hashWithSalt` thingTypeName
+      `Prelude.hashWithSalt` version
+
+instance Prelude.NFData ThingAttribute where
+  rnf ThingAttribute' {..} =
+    Prelude.rnf attributes
+      `Prelude.seq` Prelude.rnf thingArn
+      `Prelude.seq` Prelude.rnf thingName
+      `Prelude.seq` Prelude.rnf thingTypeName
+      `Prelude.seq` Prelude.rnf version
diff --git a/gen/Amazonka/IoT/Types/ThingConnectivity.hs b/gen/Amazonka/IoT/Types/ThingConnectivity.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ThingConnectivity.hs
@@ -0,0 +1,111 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ThingConnectivity
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ThingConnectivity where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The connectivity status of the thing.
+--
+-- /See:/ 'newThingConnectivity' smart constructor.
+data ThingConnectivity = ThingConnectivity'
+  { -- | True if the thing is connected to the Amazon Web Services IoT Core
+    -- service; false if it is not connected.
+    connected :: Prelude.Maybe Prelude.Bool,
+    -- | The reason why the client is disconnected. If the thing has been
+    -- disconnected for approximately an hour, the @disconnectReason@ value
+    -- might be missing.
+    disconnectReason :: Prelude.Maybe Prelude.Text,
+    -- | The epoch time (in milliseconds) when the thing last connected or
+    -- disconnected. If the thing has been disconnected for approximately an
+    -- hour, the time value might be missing.
+    timestamp :: Prelude.Maybe Prelude.Integer
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ThingConnectivity' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'connected', 'thingConnectivity_connected' - True if the thing is connected to the Amazon Web Services IoT Core
+-- service; false if it is not connected.
+--
+-- 'disconnectReason', 'thingConnectivity_disconnectReason' - The reason why the client is disconnected. If the thing has been
+-- disconnected for approximately an hour, the @disconnectReason@ value
+-- might be missing.
+--
+-- 'timestamp', 'thingConnectivity_timestamp' - The epoch time (in milliseconds) when the thing last connected or
+-- disconnected. If the thing has been disconnected for approximately an
+-- hour, the time value might be missing.
+newThingConnectivity ::
+  ThingConnectivity
+newThingConnectivity =
+  ThingConnectivity'
+    { connected = Prelude.Nothing,
+      disconnectReason = Prelude.Nothing,
+      timestamp = Prelude.Nothing
+    }
+
+-- | True if the thing is connected to the Amazon Web Services IoT Core
+-- service; false if it is not connected.
+thingConnectivity_connected :: Lens.Lens' ThingConnectivity (Prelude.Maybe Prelude.Bool)
+thingConnectivity_connected = Lens.lens (\ThingConnectivity' {connected} -> connected) (\s@ThingConnectivity' {} a -> s {connected = a} :: ThingConnectivity)
+
+-- | The reason why the client is disconnected. If the thing has been
+-- disconnected for approximately an hour, the @disconnectReason@ value
+-- might be missing.
+thingConnectivity_disconnectReason :: Lens.Lens' ThingConnectivity (Prelude.Maybe Prelude.Text)
+thingConnectivity_disconnectReason = Lens.lens (\ThingConnectivity' {disconnectReason} -> disconnectReason) (\s@ThingConnectivity' {} a -> s {disconnectReason = a} :: ThingConnectivity)
+
+-- | The epoch time (in milliseconds) when the thing last connected or
+-- disconnected. If the thing has been disconnected for approximately an
+-- hour, the time value might be missing.
+thingConnectivity_timestamp :: Lens.Lens' ThingConnectivity (Prelude.Maybe Prelude.Integer)
+thingConnectivity_timestamp = Lens.lens (\ThingConnectivity' {timestamp} -> timestamp) (\s@ThingConnectivity' {} a -> s {timestamp = a} :: ThingConnectivity)
+
+instance Data.FromJSON ThingConnectivity where
+  parseJSON =
+    Data.withObject
+      "ThingConnectivity"
+      ( \x ->
+          ThingConnectivity'
+            Prelude.<$> (x Data..:? "connected")
+            Prelude.<*> (x Data..:? "disconnectReason")
+            Prelude.<*> (x Data..:? "timestamp")
+      )
+
+instance Prelude.Hashable ThingConnectivity where
+  hashWithSalt _salt ThingConnectivity' {..} =
+    _salt
+      `Prelude.hashWithSalt` connected
+      `Prelude.hashWithSalt` disconnectReason
+      `Prelude.hashWithSalt` timestamp
+
+instance Prelude.NFData ThingConnectivity where
+  rnf ThingConnectivity' {..} =
+    Prelude.rnf connected
+      `Prelude.seq` Prelude.rnf disconnectReason
+      `Prelude.seq` Prelude.rnf timestamp
diff --git a/gen/Amazonka/IoT/Types/ThingConnectivityIndexingMode.hs b/gen/Amazonka/IoT/Types/ThingConnectivityIndexingMode.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ThingConnectivityIndexingMode.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ThingConnectivityIndexingMode
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ThingConnectivityIndexingMode
+  ( ThingConnectivityIndexingMode
+      ( ..,
+        ThingConnectivityIndexingMode_OFF,
+        ThingConnectivityIndexingMode_STATUS
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype ThingConnectivityIndexingMode = ThingConnectivityIndexingMode'
+  { fromThingConnectivityIndexingMode ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern ThingConnectivityIndexingMode_OFF :: ThingConnectivityIndexingMode
+pattern ThingConnectivityIndexingMode_OFF = ThingConnectivityIndexingMode' "OFF"
+
+pattern ThingConnectivityIndexingMode_STATUS :: ThingConnectivityIndexingMode
+pattern ThingConnectivityIndexingMode_STATUS = ThingConnectivityIndexingMode' "STATUS"
+
+{-# COMPLETE
+  ThingConnectivityIndexingMode_OFF,
+  ThingConnectivityIndexingMode_STATUS,
+  ThingConnectivityIndexingMode'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/ThingDocument.hs b/gen/Amazonka/IoT/Types/ThingDocument.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ThingDocument.hs
@@ -0,0 +1,181 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ThingDocument
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ThingDocument where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.ThingConnectivity
+import qualified Amazonka.Prelude as Prelude
+
+-- | The thing search index document.
+--
+-- /See:/ 'newThingDocument' smart constructor.
+data ThingDocument = ThingDocument'
+  { -- | The attributes.
+    attributes :: Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text),
+    -- | Indicates whether the thing is connected to the Amazon Web Services IoT
+    -- Core service.
+    connectivity :: Prelude.Maybe ThingConnectivity,
+    -- | Contains Device Defender data.
+    --
+    -- For more information about Device Defender, see
+    -- <https://docs.aws.amazon.com/iot/latest/developerguide/device-defender.html Device Defender>.
+    deviceDefender :: Prelude.Maybe Prelude.Text,
+    -- | The unnamed shadow and named shadow.
+    --
+    -- For more information about shadows, see
+    -- <https://docs.aws.amazon.com/iot/latest/developerguide/iot-device-shadows.html IoT Device Shadow service.>
+    shadow :: Prelude.Maybe Prelude.Text,
+    -- | Thing group names.
+    thingGroupNames :: Prelude.Maybe [Prelude.Text],
+    -- | The thing ID.
+    thingId :: Prelude.Maybe Prelude.Text,
+    -- | The thing name.
+    thingName :: Prelude.Maybe Prelude.Text,
+    -- | The thing type name.
+    thingTypeName :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ThingDocument' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'attributes', 'thingDocument_attributes' - The attributes.
+--
+-- 'connectivity', 'thingDocument_connectivity' - Indicates whether the thing is connected to the Amazon Web Services IoT
+-- Core service.
+--
+-- 'deviceDefender', 'thingDocument_deviceDefender' - Contains Device Defender data.
+--
+-- For more information about Device Defender, see
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/device-defender.html Device Defender>.
+--
+-- 'shadow', 'thingDocument_shadow' - The unnamed shadow and named shadow.
+--
+-- For more information about shadows, see
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/iot-device-shadows.html IoT Device Shadow service.>
+--
+-- 'thingGroupNames', 'thingDocument_thingGroupNames' - Thing group names.
+--
+-- 'thingId', 'thingDocument_thingId' - The thing ID.
+--
+-- 'thingName', 'thingDocument_thingName' - The thing name.
+--
+-- 'thingTypeName', 'thingDocument_thingTypeName' - The thing type name.
+newThingDocument ::
+  ThingDocument
+newThingDocument =
+  ThingDocument'
+    { attributes = Prelude.Nothing,
+      connectivity = Prelude.Nothing,
+      deviceDefender = Prelude.Nothing,
+      shadow = Prelude.Nothing,
+      thingGroupNames = Prelude.Nothing,
+      thingId = Prelude.Nothing,
+      thingName = Prelude.Nothing,
+      thingTypeName = Prelude.Nothing
+    }
+
+-- | The attributes.
+thingDocument_attributes :: Lens.Lens' ThingDocument (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
+thingDocument_attributes = Lens.lens (\ThingDocument' {attributes} -> attributes) (\s@ThingDocument' {} a -> s {attributes = a} :: ThingDocument) Prelude.. Lens.mapping Lens.coerced
+
+-- | Indicates whether the thing is connected to the Amazon Web Services IoT
+-- Core service.
+thingDocument_connectivity :: Lens.Lens' ThingDocument (Prelude.Maybe ThingConnectivity)
+thingDocument_connectivity = Lens.lens (\ThingDocument' {connectivity} -> connectivity) (\s@ThingDocument' {} a -> s {connectivity = a} :: ThingDocument)
+
+-- | Contains Device Defender data.
+--
+-- For more information about Device Defender, see
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/device-defender.html Device Defender>.
+thingDocument_deviceDefender :: Lens.Lens' ThingDocument (Prelude.Maybe Prelude.Text)
+thingDocument_deviceDefender = Lens.lens (\ThingDocument' {deviceDefender} -> deviceDefender) (\s@ThingDocument' {} a -> s {deviceDefender = a} :: ThingDocument)
+
+-- | The unnamed shadow and named shadow.
+--
+-- For more information about shadows, see
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/iot-device-shadows.html IoT Device Shadow service.>
+thingDocument_shadow :: Lens.Lens' ThingDocument (Prelude.Maybe Prelude.Text)
+thingDocument_shadow = Lens.lens (\ThingDocument' {shadow} -> shadow) (\s@ThingDocument' {} a -> s {shadow = a} :: ThingDocument)
+
+-- | Thing group names.
+thingDocument_thingGroupNames :: Lens.Lens' ThingDocument (Prelude.Maybe [Prelude.Text])
+thingDocument_thingGroupNames = Lens.lens (\ThingDocument' {thingGroupNames} -> thingGroupNames) (\s@ThingDocument' {} a -> s {thingGroupNames = a} :: ThingDocument) Prelude.. Lens.mapping Lens.coerced
+
+-- | The thing ID.
+thingDocument_thingId :: Lens.Lens' ThingDocument (Prelude.Maybe Prelude.Text)
+thingDocument_thingId = Lens.lens (\ThingDocument' {thingId} -> thingId) (\s@ThingDocument' {} a -> s {thingId = a} :: ThingDocument)
+
+-- | The thing name.
+thingDocument_thingName :: Lens.Lens' ThingDocument (Prelude.Maybe Prelude.Text)
+thingDocument_thingName = Lens.lens (\ThingDocument' {thingName} -> thingName) (\s@ThingDocument' {} a -> s {thingName = a} :: ThingDocument)
+
+-- | The thing type name.
+thingDocument_thingTypeName :: Lens.Lens' ThingDocument (Prelude.Maybe Prelude.Text)
+thingDocument_thingTypeName = Lens.lens (\ThingDocument' {thingTypeName} -> thingTypeName) (\s@ThingDocument' {} a -> s {thingTypeName = a} :: ThingDocument)
+
+instance Data.FromJSON ThingDocument where
+  parseJSON =
+    Data.withObject
+      "ThingDocument"
+      ( \x ->
+          ThingDocument'
+            Prelude.<$> (x Data..:? "attributes" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..:? "connectivity")
+            Prelude.<*> (x Data..:? "deviceDefender")
+            Prelude.<*> (x Data..:? "shadow")
+            Prelude.<*> ( x
+                            Data..:? "thingGroupNames"
+                            Data..!= Prelude.mempty
+                        )
+            Prelude.<*> (x Data..:? "thingId")
+            Prelude.<*> (x Data..:? "thingName")
+            Prelude.<*> (x Data..:? "thingTypeName")
+      )
+
+instance Prelude.Hashable ThingDocument where
+  hashWithSalt _salt ThingDocument' {..} =
+    _salt
+      `Prelude.hashWithSalt` attributes
+      `Prelude.hashWithSalt` connectivity
+      `Prelude.hashWithSalt` deviceDefender
+      `Prelude.hashWithSalt` shadow
+      `Prelude.hashWithSalt` thingGroupNames
+      `Prelude.hashWithSalt` thingId
+      `Prelude.hashWithSalt` thingName
+      `Prelude.hashWithSalt` thingTypeName
+
+instance Prelude.NFData ThingDocument where
+  rnf ThingDocument' {..} =
+    Prelude.rnf attributes
+      `Prelude.seq` Prelude.rnf connectivity
+      `Prelude.seq` Prelude.rnf deviceDefender
+      `Prelude.seq` Prelude.rnf shadow
+      `Prelude.seq` Prelude.rnf thingGroupNames
+      `Prelude.seq` Prelude.rnf thingId
+      `Prelude.seq` Prelude.rnf thingName
+      `Prelude.seq` Prelude.rnf thingTypeName
diff --git a/gen/Amazonka/IoT/Types/ThingGroupDocument.hs b/gen/Amazonka/IoT/Types/ThingGroupDocument.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ThingGroupDocument.hs
@@ -0,0 +1,123 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ThingGroupDocument
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ThingGroupDocument where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The thing group search index document.
+--
+-- /See:/ 'newThingGroupDocument' smart constructor.
+data ThingGroupDocument = ThingGroupDocument'
+  { -- | The thing group attributes.
+    attributes :: Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text),
+    -- | Parent group names.
+    parentGroupNames :: Prelude.Maybe [Prelude.Text],
+    -- | The thing group description.
+    thingGroupDescription :: Prelude.Maybe Prelude.Text,
+    -- | The thing group ID.
+    thingGroupId :: Prelude.Maybe Prelude.Text,
+    -- | The thing group name.
+    thingGroupName :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ThingGroupDocument' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'attributes', 'thingGroupDocument_attributes' - The thing group attributes.
+--
+-- 'parentGroupNames', 'thingGroupDocument_parentGroupNames' - Parent group names.
+--
+-- 'thingGroupDescription', 'thingGroupDocument_thingGroupDescription' - The thing group description.
+--
+-- 'thingGroupId', 'thingGroupDocument_thingGroupId' - The thing group ID.
+--
+-- 'thingGroupName', 'thingGroupDocument_thingGroupName' - The thing group name.
+newThingGroupDocument ::
+  ThingGroupDocument
+newThingGroupDocument =
+  ThingGroupDocument'
+    { attributes = Prelude.Nothing,
+      parentGroupNames = Prelude.Nothing,
+      thingGroupDescription = Prelude.Nothing,
+      thingGroupId = Prelude.Nothing,
+      thingGroupName = Prelude.Nothing
+    }
+
+-- | The thing group attributes.
+thingGroupDocument_attributes :: Lens.Lens' ThingGroupDocument (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
+thingGroupDocument_attributes = Lens.lens (\ThingGroupDocument' {attributes} -> attributes) (\s@ThingGroupDocument' {} a -> s {attributes = a} :: ThingGroupDocument) Prelude.. Lens.mapping Lens.coerced
+
+-- | Parent group names.
+thingGroupDocument_parentGroupNames :: Lens.Lens' ThingGroupDocument (Prelude.Maybe [Prelude.Text])
+thingGroupDocument_parentGroupNames = Lens.lens (\ThingGroupDocument' {parentGroupNames} -> parentGroupNames) (\s@ThingGroupDocument' {} a -> s {parentGroupNames = a} :: ThingGroupDocument) Prelude.. Lens.mapping Lens.coerced
+
+-- | The thing group description.
+thingGroupDocument_thingGroupDescription :: Lens.Lens' ThingGroupDocument (Prelude.Maybe Prelude.Text)
+thingGroupDocument_thingGroupDescription = Lens.lens (\ThingGroupDocument' {thingGroupDescription} -> thingGroupDescription) (\s@ThingGroupDocument' {} a -> s {thingGroupDescription = a} :: ThingGroupDocument)
+
+-- | The thing group ID.
+thingGroupDocument_thingGroupId :: Lens.Lens' ThingGroupDocument (Prelude.Maybe Prelude.Text)
+thingGroupDocument_thingGroupId = Lens.lens (\ThingGroupDocument' {thingGroupId} -> thingGroupId) (\s@ThingGroupDocument' {} a -> s {thingGroupId = a} :: ThingGroupDocument)
+
+-- | The thing group name.
+thingGroupDocument_thingGroupName :: Lens.Lens' ThingGroupDocument (Prelude.Maybe Prelude.Text)
+thingGroupDocument_thingGroupName = Lens.lens (\ThingGroupDocument' {thingGroupName} -> thingGroupName) (\s@ThingGroupDocument' {} a -> s {thingGroupName = a} :: ThingGroupDocument)
+
+instance Data.FromJSON ThingGroupDocument where
+  parseJSON =
+    Data.withObject
+      "ThingGroupDocument"
+      ( \x ->
+          ThingGroupDocument'
+            Prelude.<$> (x Data..:? "attributes" Data..!= Prelude.mempty)
+            Prelude.<*> ( x
+                            Data..:? "parentGroupNames"
+                            Data..!= Prelude.mempty
+                        )
+            Prelude.<*> (x Data..:? "thingGroupDescription")
+            Prelude.<*> (x Data..:? "thingGroupId")
+            Prelude.<*> (x Data..:? "thingGroupName")
+      )
+
+instance Prelude.Hashable ThingGroupDocument where
+  hashWithSalt _salt ThingGroupDocument' {..} =
+    _salt
+      `Prelude.hashWithSalt` attributes
+      `Prelude.hashWithSalt` parentGroupNames
+      `Prelude.hashWithSalt` thingGroupDescription
+      `Prelude.hashWithSalt` thingGroupId
+      `Prelude.hashWithSalt` thingGroupName
+
+instance Prelude.NFData ThingGroupDocument where
+  rnf ThingGroupDocument' {..} =
+    Prelude.rnf attributes
+      `Prelude.seq` Prelude.rnf parentGroupNames
+      `Prelude.seq` Prelude.rnf thingGroupDescription
+      `Prelude.seq` Prelude.rnf thingGroupId
+      `Prelude.seq` Prelude.rnf thingGroupName
diff --git a/gen/Amazonka/IoT/Types/ThingGroupIndexingConfiguration.hs b/gen/Amazonka/IoT/Types/ThingGroupIndexingConfiguration.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ThingGroupIndexingConfiguration.hs
@@ -0,0 +1,151 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ThingGroupIndexingConfiguration
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ThingGroupIndexingConfiguration where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.Field
+import Amazonka.IoT.Types.ThingGroupIndexingMode
+import qualified Amazonka.Prelude as Prelude
+
+-- | Thing group indexing configuration.
+--
+-- /See:/ 'newThingGroupIndexingConfiguration' smart constructor.
+data ThingGroupIndexingConfiguration = ThingGroupIndexingConfiguration'
+  { -- | A list of thing group fields to index. This list cannot contain any
+    -- managed fields. Use the GetIndexingConfiguration API to get a list of
+    -- managed fields.
+    --
+    -- Contains custom field names and their data type.
+    customFields :: Prelude.Maybe [Field],
+    -- | Contains fields that are indexed and whose types are already known by
+    -- the Fleet Indexing service. This is an optional field. For more
+    -- information, see
+    -- <https://docs.aws.amazon.com/iot/latest/developerguide/managing-fleet-index.html#managed-field Managed fields>
+    -- in the /Amazon Web Services IoT Core Developer Guide/.
+    managedFields :: Prelude.Maybe [Field],
+    -- | Thing group indexing mode.
+    thingGroupIndexingMode :: ThingGroupIndexingMode
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ThingGroupIndexingConfiguration' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'customFields', 'thingGroupIndexingConfiguration_customFields' - A list of thing group fields to index. This list cannot contain any
+-- managed fields. Use the GetIndexingConfiguration API to get a list of
+-- managed fields.
+--
+-- Contains custom field names and their data type.
+--
+-- 'managedFields', 'thingGroupIndexingConfiguration_managedFields' - Contains fields that are indexed and whose types are already known by
+-- the Fleet Indexing service. This is an optional field. For more
+-- information, see
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/managing-fleet-index.html#managed-field Managed fields>
+-- in the /Amazon Web Services IoT Core Developer Guide/.
+--
+-- 'thingGroupIndexingMode', 'thingGroupIndexingConfiguration_thingGroupIndexingMode' - Thing group indexing mode.
+newThingGroupIndexingConfiguration ::
+  -- | 'thingGroupIndexingMode'
+  ThingGroupIndexingMode ->
+  ThingGroupIndexingConfiguration
+newThingGroupIndexingConfiguration
+  pThingGroupIndexingMode_ =
+    ThingGroupIndexingConfiguration'
+      { customFields =
+          Prelude.Nothing,
+        managedFields = Prelude.Nothing,
+        thingGroupIndexingMode =
+          pThingGroupIndexingMode_
+      }
+
+-- | A list of thing group fields to index. This list cannot contain any
+-- managed fields. Use the GetIndexingConfiguration API to get a list of
+-- managed fields.
+--
+-- Contains custom field names and their data type.
+thingGroupIndexingConfiguration_customFields :: Lens.Lens' ThingGroupIndexingConfiguration (Prelude.Maybe [Field])
+thingGroupIndexingConfiguration_customFields = Lens.lens (\ThingGroupIndexingConfiguration' {customFields} -> customFields) (\s@ThingGroupIndexingConfiguration' {} a -> s {customFields = a} :: ThingGroupIndexingConfiguration) Prelude.. Lens.mapping Lens.coerced
+
+-- | Contains fields that are indexed and whose types are already known by
+-- the Fleet Indexing service. This is an optional field. For more
+-- information, see
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/managing-fleet-index.html#managed-field Managed fields>
+-- in the /Amazon Web Services IoT Core Developer Guide/.
+thingGroupIndexingConfiguration_managedFields :: Lens.Lens' ThingGroupIndexingConfiguration (Prelude.Maybe [Field])
+thingGroupIndexingConfiguration_managedFields = Lens.lens (\ThingGroupIndexingConfiguration' {managedFields} -> managedFields) (\s@ThingGroupIndexingConfiguration' {} a -> s {managedFields = a} :: ThingGroupIndexingConfiguration) Prelude.. Lens.mapping Lens.coerced
+
+-- | Thing group indexing mode.
+thingGroupIndexingConfiguration_thingGroupIndexingMode :: Lens.Lens' ThingGroupIndexingConfiguration ThingGroupIndexingMode
+thingGroupIndexingConfiguration_thingGroupIndexingMode = Lens.lens (\ThingGroupIndexingConfiguration' {thingGroupIndexingMode} -> thingGroupIndexingMode) (\s@ThingGroupIndexingConfiguration' {} a -> s {thingGroupIndexingMode = a} :: ThingGroupIndexingConfiguration)
+
+instance
+  Data.FromJSON
+    ThingGroupIndexingConfiguration
+  where
+  parseJSON =
+    Data.withObject
+      "ThingGroupIndexingConfiguration"
+      ( \x ->
+          ThingGroupIndexingConfiguration'
+            Prelude.<$> (x Data..:? "customFields" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..:? "managedFields" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..: "thingGroupIndexingMode")
+      )
+
+instance
+  Prelude.Hashable
+    ThingGroupIndexingConfiguration
+  where
+  hashWithSalt
+    _salt
+    ThingGroupIndexingConfiguration' {..} =
+      _salt
+        `Prelude.hashWithSalt` customFields
+        `Prelude.hashWithSalt` managedFields
+        `Prelude.hashWithSalt` thingGroupIndexingMode
+
+instance
+  Prelude.NFData
+    ThingGroupIndexingConfiguration
+  where
+  rnf ThingGroupIndexingConfiguration' {..} =
+    Prelude.rnf customFields
+      `Prelude.seq` Prelude.rnf managedFields
+      `Prelude.seq` Prelude.rnf thingGroupIndexingMode
+
+instance Data.ToJSON ThingGroupIndexingConfiguration where
+  toJSON ThingGroupIndexingConfiguration' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("customFields" Data..=) Prelude.<$> customFields,
+            ("managedFields" Data..=) Prelude.<$> managedFields,
+            Prelude.Just
+              ( "thingGroupIndexingMode"
+                  Data..= thingGroupIndexingMode
+              )
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/ThingGroupIndexingMode.hs b/gen/Amazonka/IoT/Types/ThingGroupIndexingMode.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ThingGroupIndexingMode.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ThingGroupIndexingMode
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ThingGroupIndexingMode
+  ( ThingGroupIndexingMode
+      ( ..,
+        ThingGroupIndexingMode_OFF,
+        ThingGroupIndexingMode_ON
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype ThingGroupIndexingMode = ThingGroupIndexingMode'
+  { fromThingGroupIndexingMode ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern ThingGroupIndexingMode_OFF :: ThingGroupIndexingMode
+pattern ThingGroupIndexingMode_OFF = ThingGroupIndexingMode' "OFF"
+
+pattern ThingGroupIndexingMode_ON :: ThingGroupIndexingMode
+pattern ThingGroupIndexingMode_ON = ThingGroupIndexingMode' "ON"
+
+{-# COMPLETE
+  ThingGroupIndexingMode_OFF,
+  ThingGroupIndexingMode_ON,
+  ThingGroupIndexingMode'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/ThingGroupMetadata.hs b/gen/Amazonka/IoT/Types/ThingGroupMetadata.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ThingGroupMetadata.hs
@@ -0,0 +1,100 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ThingGroupMetadata
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ThingGroupMetadata where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.GroupNameAndArn
+import qualified Amazonka.Prelude as Prelude
+
+-- | Thing group metadata.
+--
+-- /See:/ 'newThingGroupMetadata' smart constructor.
+data ThingGroupMetadata = ThingGroupMetadata'
+  { -- | The UNIX timestamp of when the thing group was created.
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | The parent thing group name.
+    parentGroupName :: Prelude.Maybe Prelude.Text,
+    -- | The root parent thing group.
+    rootToParentThingGroups :: Prelude.Maybe [GroupNameAndArn]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ThingGroupMetadata' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'creationDate', 'thingGroupMetadata_creationDate' - The UNIX timestamp of when the thing group was created.
+--
+-- 'parentGroupName', 'thingGroupMetadata_parentGroupName' - The parent thing group name.
+--
+-- 'rootToParentThingGroups', 'thingGroupMetadata_rootToParentThingGroups' - The root parent thing group.
+newThingGroupMetadata ::
+  ThingGroupMetadata
+newThingGroupMetadata =
+  ThingGroupMetadata'
+    { creationDate = Prelude.Nothing,
+      parentGroupName = Prelude.Nothing,
+      rootToParentThingGroups = Prelude.Nothing
+    }
+
+-- | The UNIX timestamp of when the thing group was created.
+thingGroupMetadata_creationDate :: Lens.Lens' ThingGroupMetadata (Prelude.Maybe Prelude.UTCTime)
+thingGroupMetadata_creationDate = Lens.lens (\ThingGroupMetadata' {creationDate} -> creationDate) (\s@ThingGroupMetadata' {} a -> s {creationDate = a} :: ThingGroupMetadata) Prelude.. Lens.mapping Data._Time
+
+-- | The parent thing group name.
+thingGroupMetadata_parentGroupName :: Lens.Lens' ThingGroupMetadata (Prelude.Maybe Prelude.Text)
+thingGroupMetadata_parentGroupName = Lens.lens (\ThingGroupMetadata' {parentGroupName} -> parentGroupName) (\s@ThingGroupMetadata' {} a -> s {parentGroupName = a} :: ThingGroupMetadata)
+
+-- | The root parent thing group.
+thingGroupMetadata_rootToParentThingGroups :: Lens.Lens' ThingGroupMetadata (Prelude.Maybe [GroupNameAndArn])
+thingGroupMetadata_rootToParentThingGroups = Lens.lens (\ThingGroupMetadata' {rootToParentThingGroups} -> rootToParentThingGroups) (\s@ThingGroupMetadata' {} a -> s {rootToParentThingGroups = a} :: ThingGroupMetadata) Prelude.. Lens.mapping Lens.coerced
+
+instance Data.FromJSON ThingGroupMetadata where
+  parseJSON =
+    Data.withObject
+      "ThingGroupMetadata"
+      ( \x ->
+          ThingGroupMetadata'
+            Prelude.<$> (x Data..:? "creationDate")
+            Prelude.<*> (x Data..:? "parentGroupName")
+            Prelude.<*> ( x
+                            Data..:? "rootToParentThingGroups"
+                            Data..!= Prelude.mempty
+                        )
+      )
+
+instance Prelude.Hashable ThingGroupMetadata where
+  hashWithSalt _salt ThingGroupMetadata' {..} =
+    _salt
+      `Prelude.hashWithSalt` creationDate
+      `Prelude.hashWithSalt` parentGroupName
+      `Prelude.hashWithSalt` rootToParentThingGroups
+
+instance Prelude.NFData ThingGroupMetadata where
+  rnf ThingGroupMetadata' {..} =
+    Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf parentGroupName
+      `Prelude.seq` Prelude.rnf rootToParentThingGroups
diff --git a/gen/Amazonka/IoT/Types/ThingGroupProperties.hs b/gen/Amazonka/IoT/Types/ThingGroupProperties.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ThingGroupProperties.hs
@@ -0,0 +1,97 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ThingGroupProperties
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ThingGroupProperties where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.AttributePayload
+import qualified Amazonka.Prelude as Prelude
+
+-- | Thing group properties.
+--
+-- /See:/ 'newThingGroupProperties' smart constructor.
+data ThingGroupProperties = ThingGroupProperties'
+  { -- | The thing group attributes in JSON format.
+    attributePayload :: Prelude.Maybe AttributePayload,
+    -- | The thing group description.
+    thingGroupDescription :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ThingGroupProperties' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'attributePayload', 'thingGroupProperties_attributePayload' - The thing group attributes in JSON format.
+--
+-- 'thingGroupDescription', 'thingGroupProperties_thingGroupDescription' - The thing group description.
+newThingGroupProperties ::
+  ThingGroupProperties
+newThingGroupProperties =
+  ThingGroupProperties'
+    { attributePayload =
+        Prelude.Nothing,
+      thingGroupDescription = Prelude.Nothing
+    }
+
+-- | The thing group attributes in JSON format.
+thingGroupProperties_attributePayload :: Lens.Lens' ThingGroupProperties (Prelude.Maybe AttributePayload)
+thingGroupProperties_attributePayload = Lens.lens (\ThingGroupProperties' {attributePayload} -> attributePayload) (\s@ThingGroupProperties' {} a -> s {attributePayload = a} :: ThingGroupProperties)
+
+-- | The thing group description.
+thingGroupProperties_thingGroupDescription :: Lens.Lens' ThingGroupProperties (Prelude.Maybe Prelude.Text)
+thingGroupProperties_thingGroupDescription = Lens.lens (\ThingGroupProperties' {thingGroupDescription} -> thingGroupDescription) (\s@ThingGroupProperties' {} a -> s {thingGroupDescription = a} :: ThingGroupProperties)
+
+instance Data.FromJSON ThingGroupProperties where
+  parseJSON =
+    Data.withObject
+      "ThingGroupProperties"
+      ( \x ->
+          ThingGroupProperties'
+            Prelude.<$> (x Data..:? "attributePayload")
+            Prelude.<*> (x Data..:? "thingGroupDescription")
+      )
+
+instance Prelude.Hashable ThingGroupProperties where
+  hashWithSalt _salt ThingGroupProperties' {..} =
+    _salt
+      `Prelude.hashWithSalt` attributePayload
+      `Prelude.hashWithSalt` thingGroupDescription
+
+instance Prelude.NFData ThingGroupProperties where
+  rnf ThingGroupProperties' {..} =
+    Prelude.rnf attributePayload
+      `Prelude.seq` Prelude.rnf thingGroupDescription
+
+instance Data.ToJSON ThingGroupProperties where
+  toJSON ThingGroupProperties' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("attributePayload" Data..=)
+              Prelude.<$> attributePayload,
+            ("thingGroupDescription" Data..=)
+              Prelude.<$> thingGroupDescription
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/ThingIndexingConfiguration.hs b/gen/Amazonka/IoT/Types/ThingIndexingConfiguration.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ThingIndexingConfiguration.hs
@@ -0,0 +1,277 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ThingIndexingConfiguration
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ThingIndexingConfiguration where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.DeviceDefenderIndexingMode
+import Amazonka.IoT.Types.Field
+import Amazonka.IoT.Types.IndexingFilter
+import Amazonka.IoT.Types.NamedShadowIndexingMode
+import Amazonka.IoT.Types.ThingConnectivityIndexingMode
+import Amazonka.IoT.Types.ThingIndexingMode
+import qualified Amazonka.Prelude as Prelude
+
+-- | The thing indexing configuration. For more information, see
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/managing-index.html Managing Thing Indexing>.
+--
+-- /See:/ 'newThingIndexingConfiguration' smart constructor.
+data ThingIndexingConfiguration = ThingIndexingConfiguration'
+  { -- | Contains custom field names and their data type.
+    customFields :: Prelude.Maybe [Field],
+    -- | Device Defender indexing mode. Valid values are:
+    --
+    -- -   VIOLATIONS – Your thing index contains Device Defender violations.
+    --     To enable Device Defender indexing, /deviceDefenderIndexingMode/
+    --     must not be set to OFF.
+    --
+    -- -   OFF - Device Defender indexing is disabled.
+    --
+    -- For more information about Device Defender violations, see
+    -- <https://docs.aws.amazon.com/iot/latest/developerguide/device-defender-detect.html Device Defender Detect.>
+    deviceDefenderIndexingMode :: Prelude.Maybe DeviceDefenderIndexingMode,
+    -- | Provides additional filters for specific data sources. Named shadow is
+    -- the only data source that currently supports and requires a filter. To
+    -- add named shadows to your fleet indexing configuration, set
+    -- @namedShadowIndexingMode@ to be @ON@ and specify your shadow names in
+    -- @filter@.
+    filter' :: Prelude.Maybe IndexingFilter,
+    -- | Contains fields that are indexed and whose types are already known by
+    -- the Fleet Indexing service.
+    managedFields :: Prelude.Maybe [Field],
+    -- | Named shadow indexing mode. Valid values are:
+    --
+    -- -   ON – Your thing index contains named shadow. To enable thing named
+    --     shadow indexing, /namedShadowIndexingMode/ must not be set to OFF.
+    --
+    -- -   OFF - Named shadow indexing is disabled.
+    --
+    -- For more information about Shadows, see
+    -- <https://docs.aws.amazon.com/iot/latest/developerguide/iot-device-shadows.html IoT Device Shadow service.>
+    namedShadowIndexingMode :: Prelude.Maybe NamedShadowIndexingMode,
+    -- | Thing connectivity indexing mode. Valid values are:
+    --
+    -- -   STATUS – Your thing index contains connectivity status. To enable
+    --     thing connectivity indexing, /thingIndexMode/ must not be set to
+    --     OFF.
+    --
+    -- -   OFF - Thing connectivity status indexing is disabled.
+    thingConnectivityIndexingMode :: Prelude.Maybe ThingConnectivityIndexingMode,
+    -- | Thing indexing mode. Valid values are:
+    --
+    -- -   REGISTRY – Your thing index contains registry data only.
+    --
+    -- -   REGISTRY_AND_SHADOW - Your thing index contains registry and shadow
+    --     data.
+    --
+    -- -   OFF - Thing indexing is disabled.
+    thingIndexingMode :: ThingIndexingMode
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ThingIndexingConfiguration' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'customFields', 'thingIndexingConfiguration_customFields' - Contains custom field names and their data type.
+--
+-- 'deviceDefenderIndexingMode', 'thingIndexingConfiguration_deviceDefenderIndexingMode' - Device Defender indexing mode. Valid values are:
+--
+-- -   VIOLATIONS – Your thing index contains Device Defender violations.
+--     To enable Device Defender indexing, /deviceDefenderIndexingMode/
+--     must not be set to OFF.
+--
+-- -   OFF - Device Defender indexing is disabled.
+--
+-- For more information about Device Defender violations, see
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/device-defender-detect.html Device Defender Detect.>
+--
+-- 'filter'', 'thingIndexingConfiguration_filter' - Provides additional filters for specific data sources. Named shadow is
+-- the only data source that currently supports and requires a filter. To
+-- add named shadows to your fleet indexing configuration, set
+-- @namedShadowIndexingMode@ to be @ON@ and specify your shadow names in
+-- @filter@.
+--
+-- 'managedFields', 'thingIndexingConfiguration_managedFields' - Contains fields that are indexed and whose types are already known by
+-- the Fleet Indexing service.
+--
+-- 'namedShadowIndexingMode', 'thingIndexingConfiguration_namedShadowIndexingMode' - Named shadow indexing mode. Valid values are:
+--
+-- -   ON – Your thing index contains named shadow. To enable thing named
+--     shadow indexing, /namedShadowIndexingMode/ must not be set to OFF.
+--
+-- -   OFF - Named shadow indexing is disabled.
+--
+-- For more information about Shadows, see
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/iot-device-shadows.html IoT Device Shadow service.>
+--
+-- 'thingConnectivityIndexingMode', 'thingIndexingConfiguration_thingConnectivityIndexingMode' - Thing connectivity indexing mode. Valid values are:
+--
+-- -   STATUS – Your thing index contains connectivity status. To enable
+--     thing connectivity indexing, /thingIndexMode/ must not be set to
+--     OFF.
+--
+-- -   OFF - Thing connectivity status indexing is disabled.
+--
+-- 'thingIndexingMode', 'thingIndexingConfiguration_thingIndexingMode' - Thing indexing mode. Valid values are:
+--
+-- -   REGISTRY – Your thing index contains registry data only.
+--
+-- -   REGISTRY_AND_SHADOW - Your thing index contains registry and shadow
+--     data.
+--
+-- -   OFF - Thing indexing is disabled.
+newThingIndexingConfiguration ::
+  -- | 'thingIndexingMode'
+  ThingIndexingMode ->
+  ThingIndexingConfiguration
+newThingIndexingConfiguration pThingIndexingMode_ =
+  ThingIndexingConfiguration'
+    { customFields =
+        Prelude.Nothing,
+      deviceDefenderIndexingMode = Prelude.Nothing,
+      filter' = Prelude.Nothing,
+      managedFields = Prelude.Nothing,
+      namedShadowIndexingMode = Prelude.Nothing,
+      thingConnectivityIndexingMode = Prelude.Nothing,
+      thingIndexingMode = pThingIndexingMode_
+    }
+
+-- | Contains custom field names and their data type.
+thingIndexingConfiguration_customFields :: Lens.Lens' ThingIndexingConfiguration (Prelude.Maybe [Field])
+thingIndexingConfiguration_customFields = Lens.lens (\ThingIndexingConfiguration' {customFields} -> customFields) (\s@ThingIndexingConfiguration' {} a -> s {customFields = a} :: ThingIndexingConfiguration) Prelude.. Lens.mapping Lens.coerced
+
+-- | Device Defender indexing mode. Valid values are:
+--
+-- -   VIOLATIONS – Your thing index contains Device Defender violations.
+--     To enable Device Defender indexing, /deviceDefenderIndexingMode/
+--     must not be set to OFF.
+--
+-- -   OFF - Device Defender indexing is disabled.
+--
+-- For more information about Device Defender violations, see
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/device-defender-detect.html Device Defender Detect.>
+thingIndexingConfiguration_deviceDefenderIndexingMode :: Lens.Lens' ThingIndexingConfiguration (Prelude.Maybe DeviceDefenderIndexingMode)
+thingIndexingConfiguration_deviceDefenderIndexingMode = Lens.lens (\ThingIndexingConfiguration' {deviceDefenderIndexingMode} -> deviceDefenderIndexingMode) (\s@ThingIndexingConfiguration' {} a -> s {deviceDefenderIndexingMode = a} :: ThingIndexingConfiguration)
+
+-- | Provides additional filters for specific data sources. Named shadow is
+-- the only data source that currently supports and requires a filter. To
+-- add named shadows to your fleet indexing configuration, set
+-- @namedShadowIndexingMode@ to be @ON@ and specify your shadow names in
+-- @filter@.
+thingIndexingConfiguration_filter :: Lens.Lens' ThingIndexingConfiguration (Prelude.Maybe IndexingFilter)
+thingIndexingConfiguration_filter = Lens.lens (\ThingIndexingConfiguration' {filter'} -> filter') (\s@ThingIndexingConfiguration' {} a -> s {filter' = a} :: ThingIndexingConfiguration)
+
+-- | Contains fields that are indexed and whose types are already known by
+-- the Fleet Indexing service.
+thingIndexingConfiguration_managedFields :: Lens.Lens' ThingIndexingConfiguration (Prelude.Maybe [Field])
+thingIndexingConfiguration_managedFields = Lens.lens (\ThingIndexingConfiguration' {managedFields} -> managedFields) (\s@ThingIndexingConfiguration' {} a -> s {managedFields = a} :: ThingIndexingConfiguration) Prelude.. Lens.mapping Lens.coerced
+
+-- | Named shadow indexing mode. Valid values are:
+--
+-- -   ON – Your thing index contains named shadow. To enable thing named
+--     shadow indexing, /namedShadowIndexingMode/ must not be set to OFF.
+--
+-- -   OFF - Named shadow indexing is disabled.
+--
+-- For more information about Shadows, see
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/iot-device-shadows.html IoT Device Shadow service.>
+thingIndexingConfiguration_namedShadowIndexingMode :: Lens.Lens' ThingIndexingConfiguration (Prelude.Maybe NamedShadowIndexingMode)
+thingIndexingConfiguration_namedShadowIndexingMode = Lens.lens (\ThingIndexingConfiguration' {namedShadowIndexingMode} -> namedShadowIndexingMode) (\s@ThingIndexingConfiguration' {} a -> s {namedShadowIndexingMode = a} :: ThingIndexingConfiguration)
+
+-- | Thing connectivity indexing mode. Valid values are:
+--
+-- -   STATUS – Your thing index contains connectivity status. To enable
+--     thing connectivity indexing, /thingIndexMode/ must not be set to
+--     OFF.
+--
+-- -   OFF - Thing connectivity status indexing is disabled.
+thingIndexingConfiguration_thingConnectivityIndexingMode :: Lens.Lens' ThingIndexingConfiguration (Prelude.Maybe ThingConnectivityIndexingMode)
+thingIndexingConfiguration_thingConnectivityIndexingMode = Lens.lens (\ThingIndexingConfiguration' {thingConnectivityIndexingMode} -> thingConnectivityIndexingMode) (\s@ThingIndexingConfiguration' {} a -> s {thingConnectivityIndexingMode = a} :: ThingIndexingConfiguration)
+
+-- | Thing indexing mode. Valid values are:
+--
+-- -   REGISTRY – Your thing index contains registry data only.
+--
+-- -   REGISTRY_AND_SHADOW - Your thing index contains registry and shadow
+--     data.
+--
+-- -   OFF - Thing indexing is disabled.
+thingIndexingConfiguration_thingIndexingMode :: Lens.Lens' ThingIndexingConfiguration ThingIndexingMode
+thingIndexingConfiguration_thingIndexingMode = Lens.lens (\ThingIndexingConfiguration' {thingIndexingMode} -> thingIndexingMode) (\s@ThingIndexingConfiguration' {} a -> s {thingIndexingMode = a} :: ThingIndexingConfiguration)
+
+instance Data.FromJSON ThingIndexingConfiguration where
+  parseJSON =
+    Data.withObject
+      "ThingIndexingConfiguration"
+      ( \x ->
+          ThingIndexingConfiguration'
+            Prelude.<$> (x Data..:? "customFields" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..:? "deviceDefenderIndexingMode")
+            Prelude.<*> (x Data..:? "filter")
+            Prelude.<*> (x Data..:? "managedFields" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..:? "namedShadowIndexingMode")
+            Prelude.<*> (x Data..:? "thingConnectivityIndexingMode")
+            Prelude.<*> (x Data..: "thingIndexingMode")
+      )
+
+instance Prelude.Hashable ThingIndexingConfiguration where
+  hashWithSalt _salt ThingIndexingConfiguration' {..} =
+    _salt
+      `Prelude.hashWithSalt` customFields
+      `Prelude.hashWithSalt` deviceDefenderIndexingMode
+      `Prelude.hashWithSalt` filter'
+      `Prelude.hashWithSalt` managedFields
+      `Prelude.hashWithSalt` namedShadowIndexingMode
+      `Prelude.hashWithSalt` thingConnectivityIndexingMode
+      `Prelude.hashWithSalt` thingIndexingMode
+
+instance Prelude.NFData ThingIndexingConfiguration where
+  rnf ThingIndexingConfiguration' {..} =
+    Prelude.rnf customFields
+      `Prelude.seq` Prelude.rnf deviceDefenderIndexingMode
+      `Prelude.seq` Prelude.rnf filter'
+      `Prelude.seq` Prelude.rnf managedFields
+      `Prelude.seq` Prelude.rnf namedShadowIndexingMode
+      `Prelude.seq` Prelude.rnf thingConnectivityIndexingMode
+      `Prelude.seq` Prelude.rnf thingIndexingMode
+
+instance Data.ToJSON ThingIndexingConfiguration where
+  toJSON ThingIndexingConfiguration' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("customFields" Data..=) Prelude.<$> customFields,
+            ("deviceDefenderIndexingMode" Data..=)
+              Prelude.<$> deviceDefenderIndexingMode,
+            ("filter" Data..=) Prelude.<$> filter',
+            ("managedFields" Data..=) Prelude.<$> managedFields,
+            ("namedShadowIndexingMode" Data..=)
+              Prelude.<$> namedShadowIndexingMode,
+            ("thingConnectivityIndexingMode" Data..=)
+              Prelude.<$> thingConnectivityIndexingMode,
+            Prelude.Just
+              ("thingIndexingMode" Data..= thingIndexingMode)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/ThingIndexingMode.hs b/gen/Amazonka/IoT/Types/ThingIndexingMode.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ThingIndexingMode.hs
@@ -0,0 +1,76 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ThingIndexingMode
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ThingIndexingMode
+  ( ThingIndexingMode
+      ( ..,
+        ThingIndexingMode_OFF,
+        ThingIndexingMode_REGISTRY,
+        ThingIndexingMode_REGISTRY_AND_SHADOW
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype ThingIndexingMode = ThingIndexingMode'
+  { fromThingIndexingMode ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern ThingIndexingMode_OFF :: ThingIndexingMode
+pattern ThingIndexingMode_OFF = ThingIndexingMode' "OFF"
+
+pattern ThingIndexingMode_REGISTRY :: ThingIndexingMode
+pattern ThingIndexingMode_REGISTRY = ThingIndexingMode' "REGISTRY"
+
+pattern ThingIndexingMode_REGISTRY_AND_SHADOW :: ThingIndexingMode
+pattern ThingIndexingMode_REGISTRY_AND_SHADOW = ThingIndexingMode' "REGISTRY_AND_SHADOW"
+
+{-# COMPLETE
+  ThingIndexingMode_OFF,
+  ThingIndexingMode_REGISTRY,
+  ThingIndexingMode_REGISTRY_AND_SHADOW,
+  ThingIndexingMode'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/ThingTypeDefinition.hs b/gen/Amazonka/IoT/Types/ThingTypeDefinition.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ThingTypeDefinition.hs
@@ -0,0 +1,118 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ThingTypeDefinition
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ThingTypeDefinition where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.ThingTypeMetadata
+import Amazonka.IoT.Types.ThingTypeProperties
+import qualified Amazonka.Prelude as Prelude
+
+-- | The definition of the thing type, including thing type name and
+-- description.
+--
+-- /See:/ 'newThingTypeDefinition' smart constructor.
+data ThingTypeDefinition = ThingTypeDefinition'
+  { -- | The thing type ARN.
+    thingTypeArn :: Prelude.Maybe Prelude.Text,
+    -- | The ThingTypeMetadata contains additional information about the thing
+    -- type including: creation date and time, a value indicating whether the
+    -- thing type is deprecated, and a date and time when it was deprecated.
+    thingTypeMetadata :: Prelude.Maybe ThingTypeMetadata,
+    -- | The name of the thing type.
+    thingTypeName :: Prelude.Maybe Prelude.Text,
+    -- | The ThingTypeProperties for the thing type.
+    thingTypeProperties :: Prelude.Maybe ThingTypeProperties
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ThingTypeDefinition' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'thingTypeArn', 'thingTypeDefinition_thingTypeArn' - The thing type ARN.
+--
+-- 'thingTypeMetadata', 'thingTypeDefinition_thingTypeMetadata' - The ThingTypeMetadata contains additional information about the thing
+-- type including: creation date and time, a value indicating whether the
+-- thing type is deprecated, and a date and time when it was deprecated.
+--
+-- 'thingTypeName', 'thingTypeDefinition_thingTypeName' - The name of the thing type.
+--
+-- 'thingTypeProperties', 'thingTypeDefinition_thingTypeProperties' - The ThingTypeProperties for the thing type.
+newThingTypeDefinition ::
+  ThingTypeDefinition
+newThingTypeDefinition =
+  ThingTypeDefinition'
+    { thingTypeArn =
+        Prelude.Nothing,
+      thingTypeMetadata = Prelude.Nothing,
+      thingTypeName = Prelude.Nothing,
+      thingTypeProperties = Prelude.Nothing
+    }
+
+-- | The thing type ARN.
+thingTypeDefinition_thingTypeArn :: Lens.Lens' ThingTypeDefinition (Prelude.Maybe Prelude.Text)
+thingTypeDefinition_thingTypeArn = Lens.lens (\ThingTypeDefinition' {thingTypeArn} -> thingTypeArn) (\s@ThingTypeDefinition' {} a -> s {thingTypeArn = a} :: ThingTypeDefinition)
+
+-- | The ThingTypeMetadata contains additional information about the thing
+-- type including: creation date and time, a value indicating whether the
+-- thing type is deprecated, and a date and time when it was deprecated.
+thingTypeDefinition_thingTypeMetadata :: Lens.Lens' ThingTypeDefinition (Prelude.Maybe ThingTypeMetadata)
+thingTypeDefinition_thingTypeMetadata = Lens.lens (\ThingTypeDefinition' {thingTypeMetadata} -> thingTypeMetadata) (\s@ThingTypeDefinition' {} a -> s {thingTypeMetadata = a} :: ThingTypeDefinition)
+
+-- | The name of the thing type.
+thingTypeDefinition_thingTypeName :: Lens.Lens' ThingTypeDefinition (Prelude.Maybe Prelude.Text)
+thingTypeDefinition_thingTypeName = Lens.lens (\ThingTypeDefinition' {thingTypeName} -> thingTypeName) (\s@ThingTypeDefinition' {} a -> s {thingTypeName = a} :: ThingTypeDefinition)
+
+-- | The ThingTypeProperties for the thing type.
+thingTypeDefinition_thingTypeProperties :: Lens.Lens' ThingTypeDefinition (Prelude.Maybe ThingTypeProperties)
+thingTypeDefinition_thingTypeProperties = Lens.lens (\ThingTypeDefinition' {thingTypeProperties} -> thingTypeProperties) (\s@ThingTypeDefinition' {} a -> s {thingTypeProperties = a} :: ThingTypeDefinition)
+
+instance Data.FromJSON ThingTypeDefinition where
+  parseJSON =
+    Data.withObject
+      "ThingTypeDefinition"
+      ( \x ->
+          ThingTypeDefinition'
+            Prelude.<$> (x Data..:? "thingTypeArn")
+            Prelude.<*> (x Data..:? "thingTypeMetadata")
+            Prelude.<*> (x Data..:? "thingTypeName")
+            Prelude.<*> (x Data..:? "thingTypeProperties")
+      )
+
+instance Prelude.Hashable ThingTypeDefinition where
+  hashWithSalt _salt ThingTypeDefinition' {..} =
+    _salt
+      `Prelude.hashWithSalt` thingTypeArn
+      `Prelude.hashWithSalt` thingTypeMetadata
+      `Prelude.hashWithSalt` thingTypeName
+      `Prelude.hashWithSalt` thingTypeProperties
+
+instance Prelude.NFData ThingTypeDefinition where
+  rnf ThingTypeDefinition' {..} =
+    Prelude.rnf thingTypeArn
+      `Prelude.seq` Prelude.rnf thingTypeMetadata
+      `Prelude.seq` Prelude.rnf thingTypeName
+      `Prelude.seq` Prelude.rnf thingTypeProperties
diff --git a/gen/Amazonka/IoT/Types/ThingTypeMetadata.hs b/gen/Amazonka/IoT/Types/ThingTypeMetadata.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ThingTypeMetadata.hs
@@ -0,0 +1,101 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ThingTypeMetadata
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ThingTypeMetadata where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The ThingTypeMetadata contains additional information about the thing
+-- type including: creation date and time, a value indicating whether the
+-- thing type is deprecated, and a date and time when time was deprecated.
+--
+-- /See:/ 'newThingTypeMetadata' smart constructor.
+data ThingTypeMetadata = ThingTypeMetadata'
+  { -- | The date and time when the thing type was created.
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | Whether the thing type is deprecated. If __true__, no new things could
+    -- be associated with this type.
+    deprecated :: Prelude.Maybe Prelude.Bool,
+    -- | The date and time when the thing type was deprecated.
+    deprecationDate :: Prelude.Maybe Data.POSIX
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ThingTypeMetadata' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'creationDate', 'thingTypeMetadata_creationDate' - The date and time when the thing type was created.
+--
+-- 'deprecated', 'thingTypeMetadata_deprecated' - Whether the thing type is deprecated. If __true__, no new things could
+-- be associated with this type.
+--
+-- 'deprecationDate', 'thingTypeMetadata_deprecationDate' - The date and time when the thing type was deprecated.
+newThingTypeMetadata ::
+  ThingTypeMetadata
+newThingTypeMetadata =
+  ThingTypeMetadata'
+    { creationDate = Prelude.Nothing,
+      deprecated = Prelude.Nothing,
+      deprecationDate = Prelude.Nothing
+    }
+
+-- | The date and time when the thing type was created.
+thingTypeMetadata_creationDate :: Lens.Lens' ThingTypeMetadata (Prelude.Maybe Prelude.UTCTime)
+thingTypeMetadata_creationDate = Lens.lens (\ThingTypeMetadata' {creationDate} -> creationDate) (\s@ThingTypeMetadata' {} a -> s {creationDate = a} :: ThingTypeMetadata) Prelude.. Lens.mapping Data._Time
+
+-- | Whether the thing type is deprecated. If __true__, no new things could
+-- be associated with this type.
+thingTypeMetadata_deprecated :: Lens.Lens' ThingTypeMetadata (Prelude.Maybe Prelude.Bool)
+thingTypeMetadata_deprecated = Lens.lens (\ThingTypeMetadata' {deprecated} -> deprecated) (\s@ThingTypeMetadata' {} a -> s {deprecated = a} :: ThingTypeMetadata)
+
+-- | The date and time when the thing type was deprecated.
+thingTypeMetadata_deprecationDate :: Lens.Lens' ThingTypeMetadata (Prelude.Maybe Prelude.UTCTime)
+thingTypeMetadata_deprecationDate = Lens.lens (\ThingTypeMetadata' {deprecationDate} -> deprecationDate) (\s@ThingTypeMetadata' {} a -> s {deprecationDate = a} :: ThingTypeMetadata) Prelude.. Lens.mapping Data._Time
+
+instance Data.FromJSON ThingTypeMetadata where
+  parseJSON =
+    Data.withObject
+      "ThingTypeMetadata"
+      ( \x ->
+          ThingTypeMetadata'
+            Prelude.<$> (x Data..:? "creationDate")
+            Prelude.<*> (x Data..:? "deprecated")
+            Prelude.<*> (x Data..:? "deprecationDate")
+      )
+
+instance Prelude.Hashable ThingTypeMetadata where
+  hashWithSalt _salt ThingTypeMetadata' {..} =
+    _salt
+      `Prelude.hashWithSalt` creationDate
+      `Prelude.hashWithSalt` deprecated
+      `Prelude.hashWithSalt` deprecationDate
+
+instance Prelude.NFData ThingTypeMetadata where
+  rnf ThingTypeMetadata' {..} =
+    Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf deprecated
+      `Prelude.seq` Prelude.rnf deprecationDate
diff --git a/gen/Amazonka/IoT/Types/ThingTypeProperties.hs b/gen/Amazonka/IoT/Types/ThingTypeProperties.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ThingTypeProperties.hs
@@ -0,0 +1,101 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ThingTypeProperties
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ThingTypeProperties where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The ThingTypeProperties contains information about the thing type
+-- including: a thing type description, and a list of searchable thing
+-- attribute names.
+--
+-- /See:/ 'newThingTypeProperties' smart constructor.
+data ThingTypeProperties = ThingTypeProperties'
+  { -- | A list of searchable thing attribute names.
+    searchableAttributes :: Prelude.Maybe [Prelude.Text],
+    -- | The description of the thing type.
+    thingTypeDescription :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ThingTypeProperties' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'searchableAttributes', 'thingTypeProperties_searchableAttributes' - A list of searchable thing attribute names.
+--
+-- 'thingTypeDescription', 'thingTypeProperties_thingTypeDescription' - The description of the thing type.
+newThingTypeProperties ::
+  ThingTypeProperties
+newThingTypeProperties =
+  ThingTypeProperties'
+    { searchableAttributes =
+        Prelude.Nothing,
+      thingTypeDescription = Prelude.Nothing
+    }
+
+-- | A list of searchable thing attribute names.
+thingTypeProperties_searchableAttributes :: Lens.Lens' ThingTypeProperties (Prelude.Maybe [Prelude.Text])
+thingTypeProperties_searchableAttributes = Lens.lens (\ThingTypeProperties' {searchableAttributes} -> searchableAttributes) (\s@ThingTypeProperties' {} a -> s {searchableAttributes = a} :: ThingTypeProperties) Prelude.. Lens.mapping Lens.coerced
+
+-- | The description of the thing type.
+thingTypeProperties_thingTypeDescription :: Lens.Lens' ThingTypeProperties (Prelude.Maybe Prelude.Text)
+thingTypeProperties_thingTypeDescription = Lens.lens (\ThingTypeProperties' {thingTypeDescription} -> thingTypeDescription) (\s@ThingTypeProperties' {} a -> s {thingTypeDescription = a} :: ThingTypeProperties)
+
+instance Data.FromJSON ThingTypeProperties where
+  parseJSON =
+    Data.withObject
+      "ThingTypeProperties"
+      ( \x ->
+          ThingTypeProperties'
+            Prelude.<$> ( x
+                            Data..:? "searchableAttributes"
+                            Data..!= Prelude.mempty
+                        )
+            Prelude.<*> (x Data..:? "thingTypeDescription")
+      )
+
+instance Prelude.Hashable ThingTypeProperties where
+  hashWithSalt _salt ThingTypeProperties' {..} =
+    _salt
+      `Prelude.hashWithSalt` searchableAttributes
+      `Prelude.hashWithSalt` thingTypeDescription
+
+instance Prelude.NFData ThingTypeProperties where
+  rnf ThingTypeProperties' {..} =
+    Prelude.rnf searchableAttributes
+      `Prelude.seq` Prelude.rnf thingTypeDescription
+
+instance Data.ToJSON ThingTypeProperties where
+  toJSON ThingTypeProperties' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("searchableAttributes" Data..=)
+              Prelude.<$> searchableAttributes,
+            ("thingTypeDescription" Data..=)
+              Prelude.<$> thingTypeDescription
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/TimeoutConfig.hs b/gen/Amazonka/IoT/Types/TimeoutConfig.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/TimeoutConfig.hs
@@ -0,0 +1,104 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.TimeoutConfig
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.TimeoutConfig where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Specifies the amount of time each device has to finish its execution of
+-- the job. A timer is started when the job execution status is set to
+-- @IN_PROGRESS@. If the job execution status is not set to another
+-- terminal state before the timer expires, it will be automatically set to
+-- @TIMED_OUT@.
+--
+-- /See:/ 'newTimeoutConfig' smart constructor.
+data TimeoutConfig = TimeoutConfig'
+  { -- | Specifies the amount of time, in minutes, this device has to finish
+    -- execution of this job. The timeout interval can be anywhere between 1
+    -- minute and 7 days (1 to 10080 minutes). The in progress timer can\'t be
+    -- updated and will apply to all job executions for the job. Whenever a job
+    -- execution remains in the IN_PROGRESS status for longer than this
+    -- interval, the job execution will fail and switch to the terminal
+    -- @TIMED_OUT@ status.
+    inProgressTimeoutInMinutes :: Prelude.Maybe Prelude.Integer
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TimeoutConfig' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'inProgressTimeoutInMinutes', 'timeoutConfig_inProgressTimeoutInMinutes' - Specifies the amount of time, in minutes, this device has to finish
+-- execution of this job. The timeout interval can be anywhere between 1
+-- minute and 7 days (1 to 10080 minutes). The in progress timer can\'t be
+-- updated and will apply to all job executions for the job. Whenever a job
+-- execution remains in the IN_PROGRESS status for longer than this
+-- interval, the job execution will fail and switch to the terminal
+-- @TIMED_OUT@ status.
+newTimeoutConfig ::
+  TimeoutConfig
+newTimeoutConfig =
+  TimeoutConfig'
+    { inProgressTimeoutInMinutes =
+        Prelude.Nothing
+    }
+
+-- | Specifies the amount of time, in minutes, this device has to finish
+-- execution of this job. The timeout interval can be anywhere between 1
+-- minute and 7 days (1 to 10080 minutes). The in progress timer can\'t be
+-- updated and will apply to all job executions for the job. Whenever a job
+-- execution remains in the IN_PROGRESS status for longer than this
+-- interval, the job execution will fail and switch to the terminal
+-- @TIMED_OUT@ status.
+timeoutConfig_inProgressTimeoutInMinutes :: Lens.Lens' TimeoutConfig (Prelude.Maybe Prelude.Integer)
+timeoutConfig_inProgressTimeoutInMinutes = Lens.lens (\TimeoutConfig' {inProgressTimeoutInMinutes} -> inProgressTimeoutInMinutes) (\s@TimeoutConfig' {} a -> s {inProgressTimeoutInMinutes = a} :: TimeoutConfig)
+
+instance Data.FromJSON TimeoutConfig where
+  parseJSON =
+    Data.withObject
+      "TimeoutConfig"
+      ( \x ->
+          TimeoutConfig'
+            Prelude.<$> (x Data..:? "inProgressTimeoutInMinutes")
+      )
+
+instance Prelude.Hashable TimeoutConfig where
+  hashWithSalt _salt TimeoutConfig' {..} =
+    _salt
+      `Prelude.hashWithSalt` inProgressTimeoutInMinutes
+
+instance Prelude.NFData TimeoutConfig where
+  rnf TimeoutConfig' {..} =
+    Prelude.rnf inProgressTimeoutInMinutes
+
+instance Data.ToJSON TimeoutConfig where
+  toJSON TimeoutConfig' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("inProgressTimeoutInMinutes" Data..=)
+              Prelude.<$> inProgressTimeoutInMinutes
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/TimestreamAction.hs b/gen/Amazonka/IoT/Types/TimestreamAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/TimestreamAction.hs
@@ -0,0 +1,179 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.TimestreamAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.TimestreamAction where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.TimestreamDimension
+import Amazonka.IoT.Types.TimestreamTimestamp
+import qualified Amazonka.Prelude as Prelude
+
+-- | The Timestream rule action writes attributes (measures) from an MQTT
+-- message into an Amazon Timestream table. For more information, see the
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/timestream-rule-action.html Timestream>
+-- topic rule action documentation.
+--
+-- /See:/ 'newTimestreamAction' smart constructor.
+data TimestreamAction = TimestreamAction'
+  { -- | Specifies an application-defined value to replace the default value
+    -- assigned to the Timestream record\'s timestamp in the @time@ column.
+    --
+    -- You can use this property to specify the value and the precision of the
+    -- Timestream record\'s timestamp. You can specify a value from the message
+    -- payload or a value computed by a substitution template.
+    --
+    -- If omitted, the topic rule action assigns the timestamp, in
+    -- milliseconds, at the time it processed the rule.
+    timestamp :: Prelude.Maybe TimestreamTimestamp,
+    -- | The ARN of the role that grants permission to write to the Amazon
+    -- Timestream database table.
+    roleArn :: Prelude.Text,
+    -- | The name of an Amazon Timestream database.
+    databaseName :: Prelude.Text,
+    -- | The name of the database table into which to write the measure records.
+    tableName :: Prelude.Text,
+    -- | Metadata attributes of the time series that are written in each measure
+    -- record.
+    dimensions :: Prelude.NonEmpty TimestreamDimension
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TimestreamAction' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'timestamp', 'timestreamAction_timestamp' - Specifies an application-defined value to replace the default value
+-- assigned to the Timestream record\'s timestamp in the @time@ column.
+--
+-- You can use this property to specify the value and the precision of the
+-- Timestream record\'s timestamp. You can specify a value from the message
+-- payload or a value computed by a substitution template.
+--
+-- If omitted, the topic rule action assigns the timestamp, in
+-- milliseconds, at the time it processed the rule.
+--
+-- 'roleArn', 'timestreamAction_roleArn' - The ARN of the role that grants permission to write to the Amazon
+-- Timestream database table.
+--
+-- 'databaseName', 'timestreamAction_databaseName' - The name of an Amazon Timestream database.
+--
+-- 'tableName', 'timestreamAction_tableName' - The name of the database table into which to write the measure records.
+--
+-- 'dimensions', 'timestreamAction_dimensions' - Metadata attributes of the time series that are written in each measure
+-- record.
+newTimestreamAction ::
+  -- | 'roleArn'
+  Prelude.Text ->
+  -- | 'databaseName'
+  Prelude.Text ->
+  -- | 'tableName'
+  Prelude.Text ->
+  -- | 'dimensions'
+  Prelude.NonEmpty TimestreamDimension ->
+  TimestreamAction
+newTimestreamAction
+  pRoleArn_
+  pDatabaseName_
+  pTableName_
+  pDimensions_ =
+    TimestreamAction'
+      { timestamp = Prelude.Nothing,
+        roleArn = pRoleArn_,
+        databaseName = pDatabaseName_,
+        tableName = pTableName_,
+        dimensions = Lens.coerced Lens.# pDimensions_
+      }
+
+-- | Specifies an application-defined value to replace the default value
+-- assigned to the Timestream record\'s timestamp in the @time@ column.
+--
+-- You can use this property to specify the value and the precision of the
+-- Timestream record\'s timestamp. You can specify a value from the message
+-- payload or a value computed by a substitution template.
+--
+-- If omitted, the topic rule action assigns the timestamp, in
+-- milliseconds, at the time it processed the rule.
+timestreamAction_timestamp :: Lens.Lens' TimestreamAction (Prelude.Maybe TimestreamTimestamp)
+timestreamAction_timestamp = Lens.lens (\TimestreamAction' {timestamp} -> timestamp) (\s@TimestreamAction' {} a -> s {timestamp = a} :: TimestreamAction)
+
+-- | The ARN of the role that grants permission to write to the Amazon
+-- Timestream database table.
+timestreamAction_roleArn :: Lens.Lens' TimestreamAction Prelude.Text
+timestreamAction_roleArn = Lens.lens (\TimestreamAction' {roleArn} -> roleArn) (\s@TimestreamAction' {} a -> s {roleArn = a} :: TimestreamAction)
+
+-- | The name of an Amazon Timestream database.
+timestreamAction_databaseName :: Lens.Lens' TimestreamAction Prelude.Text
+timestreamAction_databaseName = Lens.lens (\TimestreamAction' {databaseName} -> databaseName) (\s@TimestreamAction' {} a -> s {databaseName = a} :: TimestreamAction)
+
+-- | The name of the database table into which to write the measure records.
+timestreamAction_tableName :: Lens.Lens' TimestreamAction Prelude.Text
+timestreamAction_tableName = Lens.lens (\TimestreamAction' {tableName} -> tableName) (\s@TimestreamAction' {} a -> s {tableName = a} :: TimestreamAction)
+
+-- | Metadata attributes of the time series that are written in each measure
+-- record.
+timestreamAction_dimensions :: Lens.Lens' TimestreamAction (Prelude.NonEmpty TimestreamDimension)
+timestreamAction_dimensions = Lens.lens (\TimestreamAction' {dimensions} -> dimensions) (\s@TimestreamAction' {} a -> s {dimensions = a} :: TimestreamAction) Prelude.. Lens.coerced
+
+instance Data.FromJSON TimestreamAction where
+  parseJSON =
+    Data.withObject
+      "TimestreamAction"
+      ( \x ->
+          TimestreamAction'
+            Prelude.<$> (x Data..:? "timestamp")
+            Prelude.<*> (x Data..: "roleArn")
+            Prelude.<*> (x Data..: "databaseName")
+            Prelude.<*> (x Data..: "tableName")
+            Prelude.<*> (x Data..: "dimensions")
+      )
+
+instance Prelude.Hashable TimestreamAction where
+  hashWithSalt _salt TimestreamAction' {..} =
+    _salt
+      `Prelude.hashWithSalt` timestamp
+      `Prelude.hashWithSalt` roleArn
+      `Prelude.hashWithSalt` databaseName
+      `Prelude.hashWithSalt` tableName
+      `Prelude.hashWithSalt` dimensions
+
+instance Prelude.NFData TimestreamAction where
+  rnf TimestreamAction' {..} =
+    Prelude.rnf timestamp
+      `Prelude.seq` Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf databaseName
+      `Prelude.seq` Prelude.rnf tableName
+      `Prelude.seq` Prelude.rnf dimensions
+
+instance Data.ToJSON TimestreamAction where
+  toJSON TimestreamAction' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("timestamp" Data..=) Prelude.<$> timestamp,
+            Prelude.Just ("roleArn" Data..= roleArn),
+            Prelude.Just ("databaseName" Data..= databaseName),
+            Prelude.Just ("tableName" Data..= tableName),
+            Prelude.Just ("dimensions" Data..= dimensions)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/TimestreamDimension.hs b/gen/Amazonka/IoT/Types/TimestreamDimension.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/TimestreamDimension.hs
@@ -0,0 +1,112 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.TimestreamDimension
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.TimestreamDimension where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Metadata attributes of the time series that are written in each measure
+-- record.
+--
+-- /See:/ 'newTimestreamDimension' smart constructor.
+data TimestreamDimension = TimestreamDimension'
+  { -- | The metadata dimension name. This is the name of the column in the
+    -- Amazon Timestream database table record.
+    --
+    -- Dimensions cannot be named: @measure_name@, @measure_value@, or @time@.
+    -- These names are reserved. Dimension names cannot start with @ts_@ or
+    -- @measure_value@ and they cannot contain the colon (@:@) character.
+    name :: Prelude.Text,
+    -- | The value to write in this column of the database record.
+    value :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TimestreamDimension' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'name', 'timestreamDimension_name' - The metadata dimension name. This is the name of the column in the
+-- Amazon Timestream database table record.
+--
+-- Dimensions cannot be named: @measure_name@, @measure_value@, or @time@.
+-- These names are reserved. Dimension names cannot start with @ts_@ or
+-- @measure_value@ and they cannot contain the colon (@:@) character.
+--
+-- 'value', 'timestreamDimension_value' - The value to write in this column of the database record.
+newTimestreamDimension ::
+  -- | 'name'
+  Prelude.Text ->
+  -- | 'value'
+  Prelude.Text ->
+  TimestreamDimension
+newTimestreamDimension pName_ pValue_ =
+  TimestreamDimension'
+    { name = pName_,
+      value = pValue_
+    }
+
+-- | The metadata dimension name. This is the name of the column in the
+-- Amazon Timestream database table record.
+--
+-- Dimensions cannot be named: @measure_name@, @measure_value@, or @time@.
+-- These names are reserved. Dimension names cannot start with @ts_@ or
+-- @measure_value@ and they cannot contain the colon (@:@) character.
+timestreamDimension_name :: Lens.Lens' TimestreamDimension Prelude.Text
+timestreamDimension_name = Lens.lens (\TimestreamDimension' {name} -> name) (\s@TimestreamDimension' {} a -> s {name = a} :: TimestreamDimension)
+
+-- | The value to write in this column of the database record.
+timestreamDimension_value :: Lens.Lens' TimestreamDimension Prelude.Text
+timestreamDimension_value = Lens.lens (\TimestreamDimension' {value} -> value) (\s@TimestreamDimension' {} a -> s {value = a} :: TimestreamDimension)
+
+instance Data.FromJSON TimestreamDimension where
+  parseJSON =
+    Data.withObject
+      "TimestreamDimension"
+      ( \x ->
+          TimestreamDimension'
+            Prelude.<$> (x Data..: "name")
+            Prelude.<*> (x Data..: "value")
+      )
+
+instance Prelude.Hashable TimestreamDimension where
+  hashWithSalt _salt TimestreamDimension' {..} =
+    _salt
+      `Prelude.hashWithSalt` name
+      `Prelude.hashWithSalt` value
+
+instance Prelude.NFData TimestreamDimension where
+  rnf TimestreamDimension' {..} =
+    Prelude.rnf name `Prelude.seq` Prelude.rnf value
+
+instance Data.ToJSON TimestreamDimension where
+  toJSON TimestreamDimension' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("name" Data..= name),
+            Prelude.Just ("value" Data..= value)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/TimestreamTimestamp.hs b/gen/Amazonka/IoT/Types/TimestreamTimestamp.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/TimestreamTimestamp.hs
@@ -0,0 +1,109 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.TimestreamTimestamp
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.TimestreamTimestamp where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes how to interpret an application-defined timestamp value from
+-- an MQTT message payload and the precision of that value.
+--
+-- /See:/ 'newTimestreamTimestamp' smart constructor.
+data TimestreamTimestamp = TimestreamTimestamp'
+  { -- | An expression that returns a long epoch time value.
+    value :: Prelude.Text,
+    -- | The precision of the timestamp value that results from the expression
+    -- described in @value@.
+    --
+    -- Valid values: @SECONDS@ | @MILLISECONDS@ | @MICROSECONDS@ |
+    -- @NANOSECONDS@. The default is @MILLISECONDS@.
+    unit :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TimestreamTimestamp' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'value', 'timestreamTimestamp_value' - An expression that returns a long epoch time value.
+--
+-- 'unit', 'timestreamTimestamp_unit' - The precision of the timestamp value that results from the expression
+-- described in @value@.
+--
+-- Valid values: @SECONDS@ | @MILLISECONDS@ | @MICROSECONDS@ |
+-- @NANOSECONDS@. The default is @MILLISECONDS@.
+newTimestreamTimestamp ::
+  -- | 'value'
+  Prelude.Text ->
+  -- | 'unit'
+  Prelude.Text ->
+  TimestreamTimestamp
+newTimestreamTimestamp pValue_ pUnit_ =
+  TimestreamTimestamp'
+    { value = pValue_,
+      unit = pUnit_
+    }
+
+-- | An expression that returns a long epoch time value.
+timestreamTimestamp_value :: Lens.Lens' TimestreamTimestamp Prelude.Text
+timestreamTimestamp_value = Lens.lens (\TimestreamTimestamp' {value} -> value) (\s@TimestreamTimestamp' {} a -> s {value = a} :: TimestreamTimestamp)
+
+-- | The precision of the timestamp value that results from the expression
+-- described in @value@.
+--
+-- Valid values: @SECONDS@ | @MILLISECONDS@ | @MICROSECONDS@ |
+-- @NANOSECONDS@. The default is @MILLISECONDS@.
+timestreamTimestamp_unit :: Lens.Lens' TimestreamTimestamp Prelude.Text
+timestreamTimestamp_unit = Lens.lens (\TimestreamTimestamp' {unit} -> unit) (\s@TimestreamTimestamp' {} a -> s {unit = a} :: TimestreamTimestamp)
+
+instance Data.FromJSON TimestreamTimestamp where
+  parseJSON =
+    Data.withObject
+      "TimestreamTimestamp"
+      ( \x ->
+          TimestreamTimestamp'
+            Prelude.<$> (x Data..: "value")
+            Prelude.<*> (x Data..: "unit")
+      )
+
+instance Prelude.Hashable TimestreamTimestamp where
+  hashWithSalt _salt TimestreamTimestamp' {..} =
+    _salt
+      `Prelude.hashWithSalt` value
+      `Prelude.hashWithSalt` unit
+
+instance Prelude.NFData TimestreamTimestamp where
+  rnf TimestreamTimestamp' {..} =
+    Prelude.rnf value `Prelude.seq` Prelude.rnf unit
+
+instance Data.ToJSON TimestreamTimestamp where
+  toJSON TimestreamTimestamp' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("value" Data..= value),
+            Prelude.Just ("unit" Data..= unit)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/TlsContext.hs b/gen/Amazonka/IoT/Types/TlsContext.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/TlsContext.hs
@@ -0,0 +1,66 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.TlsContext
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.TlsContext where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Specifies the TLS context to use for the test authorizer request.
+--
+-- /See:/ 'newTlsContext' smart constructor.
+data TlsContext = TlsContext'
+  { -- | The value of the @serverName@ key in a TLS authorization request.
+    serverName :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TlsContext' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'serverName', 'tlsContext_serverName' - The value of the @serverName@ key in a TLS authorization request.
+newTlsContext ::
+  TlsContext
+newTlsContext =
+  TlsContext' {serverName = Prelude.Nothing}
+
+-- | The value of the @serverName@ key in a TLS authorization request.
+tlsContext_serverName :: Lens.Lens' TlsContext (Prelude.Maybe Prelude.Text)
+tlsContext_serverName = Lens.lens (\TlsContext' {serverName} -> serverName) (\s@TlsContext' {} a -> s {serverName = a} :: TlsContext)
+
+instance Prelude.Hashable TlsContext where
+  hashWithSalt _salt TlsContext' {..} =
+    _salt `Prelude.hashWithSalt` serverName
+
+instance Prelude.NFData TlsContext where
+  rnf TlsContext' {..} = Prelude.rnf serverName
+
+instance Data.ToJSON TlsContext where
+  toJSON TlsContext' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [("serverName" Data..=) Prelude.<$> serverName]
+      )
diff --git a/gen/Amazonka/IoT/Types/TopicRule.hs b/gen/Amazonka/IoT/Types/TopicRule.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/TopicRule.hs
@@ -0,0 +1,160 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.TopicRule
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.TopicRule where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.Action
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes a rule.
+--
+-- /See:/ 'newTopicRule' smart constructor.
+data TopicRule = TopicRule'
+  { -- | The actions associated with the rule.
+    actions :: Prelude.Maybe [Action],
+    -- | The version of the SQL rules engine to use when evaluating the rule.
+    awsIotSqlVersion :: Prelude.Maybe Prelude.Text,
+    -- | The date and time the rule was created.
+    createdAt :: Prelude.Maybe Data.POSIX,
+    -- | The description of the rule.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | The action to perform when an error occurs.
+    errorAction :: Prelude.Maybe Action,
+    -- | Specifies whether the rule is disabled.
+    ruleDisabled :: Prelude.Maybe Prelude.Bool,
+    -- | The name of the rule.
+    ruleName :: Prelude.Maybe Prelude.Text,
+    -- | The SQL statement used to query the topic. When using a SQL query with
+    -- multiple lines, be sure to escape the newline characters.
+    sql :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TopicRule' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'actions', 'topicRule_actions' - The actions associated with the rule.
+--
+-- 'awsIotSqlVersion', 'topicRule_awsIotSqlVersion' - The version of the SQL rules engine to use when evaluating the rule.
+--
+-- 'createdAt', 'topicRule_createdAt' - The date and time the rule was created.
+--
+-- 'description', 'topicRule_description' - The description of the rule.
+--
+-- 'errorAction', 'topicRule_errorAction' - The action to perform when an error occurs.
+--
+-- 'ruleDisabled', 'topicRule_ruleDisabled' - Specifies whether the rule is disabled.
+--
+-- 'ruleName', 'topicRule_ruleName' - The name of the rule.
+--
+-- 'sql', 'topicRule_sql' - The SQL statement used to query the topic. When using a SQL query with
+-- multiple lines, be sure to escape the newline characters.
+newTopicRule ::
+  TopicRule
+newTopicRule =
+  TopicRule'
+    { actions = Prelude.Nothing,
+      awsIotSqlVersion = Prelude.Nothing,
+      createdAt = Prelude.Nothing,
+      description = Prelude.Nothing,
+      errorAction = Prelude.Nothing,
+      ruleDisabled = Prelude.Nothing,
+      ruleName = Prelude.Nothing,
+      sql = Prelude.Nothing
+    }
+
+-- | The actions associated with the rule.
+topicRule_actions :: Lens.Lens' TopicRule (Prelude.Maybe [Action])
+topicRule_actions = Lens.lens (\TopicRule' {actions} -> actions) (\s@TopicRule' {} a -> s {actions = a} :: TopicRule) Prelude.. Lens.mapping Lens.coerced
+
+-- | The version of the SQL rules engine to use when evaluating the rule.
+topicRule_awsIotSqlVersion :: Lens.Lens' TopicRule (Prelude.Maybe Prelude.Text)
+topicRule_awsIotSqlVersion = Lens.lens (\TopicRule' {awsIotSqlVersion} -> awsIotSqlVersion) (\s@TopicRule' {} a -> s {awsIotSqlVersion = a} :: TopicRule)
+
+-- | The date and time the rule was created.
+topicRule_createdAt :: Lens.Lens' TopicRule (Prelude.Maybe Prelude.UTCTime)
+topicRule_createdAt = Lens.lens (\TopicRule' {createdAt} -> createdAt) (\s@TopicRule' {} a -> s {createdAt = a} :: TopicRule) Prelude.. Lens.mapping Data._Time
+
+-- | The description of the rule.
+topicRule_description :: Lens.Lens' TopicRule (Prelude.Maybe Prelude.Text)
+topicRule_description = Lens.lens (\TopicRule' {description} -> description) (\s@TopicRule' {} a -> s {description = a} :: TopicRule)
+
+-- | The action to perform when an error occurs.
+topicRule_errorAction :: Lens.Lens' TopicRule (Prelude.Maybe Action)
+topicRule_errorAction = Lens.lens (\TopicRule' {errorAction} -> errorAction) (\s@TopicRule' {} a -> s {errorAction = a} :: TopicRule)
+
+-- | Specifies whether the rule is disabled.
+topicRule_ruleDisabled :: Lens.Lens' TopicRule (Prelude.Maybe Prelude.Bool)
+topicRule_ruleDisabled = Lens.lens (\TopicRule' {ruleDisabled} -> ruleDisabled) (\s@TopicRule' {} a -> s {ruleDisabled = a} :: TopicRule)
+
+-- | The name of the rule.
+topicRule_ruleName :: Lens.Lens' TopicRule (Prelude.Maybe Prelude.Text)
+topicRule_ruleName = Lens.lens (\TopicRule' {ruleName} -> ruleName) (\s@TopicRule' {} a -> s {ruleName = a} :: TopicRule)
+
+-- | The SQL statement used to query the topic. When using a SQL query with
+-- multiple lines, be sure to escape the newline characters.
+topicRule_sql :: Lens.Lens' TopicRule (Prelude.Maybe Prelude.Text)
+topicRule_sql = Lens.lens (\TopicRule' {sql} -> sql) (\s@TopicRule' {} a -> s {sql = a} :: TopicRule)
+
+instance Data.FromJSON TopicRule where
+  parseJSON =
+    Data.withObject
+      "TopicRule"
+      ( \x ->
+          TopicRule'
+            Prelude.<$> (x Data..:? "actions" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..:? "awsIotSqlVersion")
+            Prelude.<*> (x Data..:? "createdAt")
+            Prelude.<*> (x Data..:? "description")
+            Prelude.<*> (x Data..:? "errorAction")
+            Prelude.<*> (x Data..:? "ruleDisabled")
+            Prelude.<*> (x Data..:? "ruleName")
+            Prelude.<*> (x Data..:? "sql")
+      )
+
+instance Prelude.Hashable TopicRule where
+  hashWithSalt _salt TopicRule' {..} =
+    _salt
+      `Prelude.hashWithSalt` actions
+      `Prelude.hashWithSalt` awsIotSqlVersion
+      `Prelude.hashWithSalt` createdAt
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` errorAction
+      `Prelude.hashWithSalt` ruleDisabled
+      `Prelude.hashWithSalt` ruleName
+      `Prelude.hashWithSalt` sql
+
+instance Prelude.NFData TopicRule where
+  rnf TopicRule' {..} =
+    Prelude.rnf actions
+      `Prelude.seq` Prelude.rnf awsIotSqlVersion
+      `Prelude.seq` Prelude.rnf createdAt
+      `Prelude.seq` Prelude.rnf description
+      `Prelude.seq` Prelude.rnf errorAction
+      `Prelude.seq` Prelude.rnf ruleDisabled
+      `Prelude.seq` Prelude.rnf ruleName
+      `Prelude.seq` Prelude.rnf sql
diff --git a/gen/Amazonka/IoT/Types/TopicRuleDestination.hs b/gen/Amazonka/IoT/Types/TopicRuleDestination.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/TopicRuleDestination.hs
@@ -0,0 +1,225 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.TopicRuleDestination
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.TopicRuleDestination where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.HttpUrlDestinationProperties
+import Amazonka.IoT.Types.TopicRuleDestinationStatus
+import Amazonka.IoT.Types.VpcDestinationProperties
+import qualified Amazonka.Prelude as Prelude
+
+-- | A topic rule destination.
+--
+-- /See:/ 'newTopicRuleDestination' smart constructor.
+data TopicRuleDestination = TopicRuleDestination'
+  { -- | The topic rule destination URL.
+    arn :: Prelude.Maybe Prelude.Text,
+    -- | The date and time when the topic rule destination was created.
+    createdAt :: Prelude.Maybe Data.POSIX,
+    -- | Properties of the HTTP URL.
+    httpUrlProperties :: Prelude.Maybe HttpUrlDestinationProperties,
+    -- | The date and time when the topic rule destination was last updated.
+    lastUpdatedAt :: Prelude.Maybe Data.POSIX,
+    -- | The status of the topic rule destination. Valid values are:
+    --
+    -- [IN_PROGRESS]
+    --     A topic rule destination was created but has not been confirmed. You
+    --     can set @status@ to @IN_PROGRESS@ by calling
+    --     @UpdateTopicRuleDestination@. Calling @UpdateTopicRuleDestination@
+    --     causes a new confirmation challenge to be sent to your confirmation
+    --     endpoint.
+    --
+    -- [ENABLED]
+    --     Confirmation was completed, and traffic to this destination is
+    --     allowed. You can set @status@ to @DISABLED@ by calling
+    --     @UpdateTopicRuleDestination@.
+    --
+    -- [DISABLED]
+    --     Confirmation was completed, and traffic to this destination is not
+    --     allowed. You can set @status@ to @ENABLED@ by calling
+    --     @UpdateTopicRuleDestination@.
+    --
+    -- [ERROR]
+    --     Confirmation could not be completed, for example if the confirmation
+    --     timed out. You can call @GetTopicRuleDestination@ for details about
+    --     the error. You can set @status@ to @IN_PROGRESS@ by calling
+    --     @UpdateTopicRuleDestination@. Calling @UpdateTopicRuleDestination@
+    --     causes a new confirmation challenge to be sent to your confirmation
+    --     endpoint.
+    status :: Prelude.Maybe TopicRuleDestinationStatus,
+    -- | Additional details or reason why the topic rule destination is in the
+    -- current status.
+    statusReason :: Prelude.Maybe Prelude.Text,
+    -- | Properties of the virtual private cloud (VPC) connection.
+    vpcProperties :: Prelude.Maybe VpcDestinationProperties
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TopicRuleDestination' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'arn', 'topicRuleDestination_arn' - The topic rule destination URL.
+--
+-- 'createdAt', 'topicRuleDestination_createdAt' - The date and time when the topic rule destination was created.
+--
+-- 'httpUrlProperties', 'topicRuleDestination_httpUrlProperties' - Properties of the HTTP URL.
+--
+-- 'lastUpdatedAt', 'topicRuleDestination_lastUpdatedAt' - The date and time when the topic rule destination was last updated.
+--
+-- 'status', 'topicRuleDestination_status' - The status of the topic rule destination. Valid values are:
+--
+-- [IN_PROGRESS]
+--     A topic rule destination was created but has not been confirmed. You
+--     can set @status@ to @IN_PROGRESS@ by calling
+--     @UpdateTopicRuleDestination@. Calling @UpdateTopicRuleDestination@
+--     causes a new confirmation challenge to be sent to your confirmation
+--     endpoint.
+--
+-- [ENABLED]
+--     Confirmation was completed, and traffic to this destination is
+--     allowed. You can set @status@ to @DISABLED@ by calling
+--     @UpdateTopicRuleDestination@.
+--
+-- [DISABLED]
+--     Confirmation was completed, and traffic to this destination is not
+--     allowed. You can set @status@ to @ENABLED@ by calling
+--     @UpdateTopicRuleDestination@.
+--
+-- [ERROR]
+--     Confirmation could not be completed, for example if the confirmation
+--     timed out. You can call @GetTopicRuleDestination@ for details about
+--     the error. You can set @status@ to @IN_PROGRESS@ by calling
+--     @UpdateTopicRuleDestination@. Calling @UpdateTopicRuleDestination@
+--     causes a new confirmation challenge to be sent to your confirmation
+--     endpoint.
+--
+-- 'statusReason', 'topicRuleDestination_statusReason' - Additional details or reason why the topic rule destination is in the
+-- current status.
+--
+-- 'vpcProperties', 'topicRuleDestination_vpcProperties' - Properties of the virtual private cloud (VPC) connection.
+newTopicRuleDestination ::
+  TopicRuleDestination
+newTopicRuleDestination =
+  TopicRuleDestination'
+    { arn = Prelude.Nothing,
+      createdAt = Prelude.Nothing,
+      httpUrlProperties = Prelude.Nothing,
+      lastUpdatedAt = Prelude.Nothing,
+      status = Prelude.Nothing,
+      statusReason = Prelude.Nothing,
+      vpcProperties = Prelude.Nothing
+    }
+
+-- | The topic rule destination URL.
+topicRuleDestination_arn :: Lens.Lens' TopicRuleDestination (Prelude.Maybe Prelude.Text)
+topicRuleDestination_arn = Lens.lens (\TopicRuleDestination' {arn} -> arn) (\s@TopicRuleDestination' {} a -> s {arn = a} :: TopicRuleDestination)
+
+-- | The date and time when the topic rule destination was created.
+topicRuleDestination_createdAt :: Lens.Lens' TopicRuleDestination (Prelude.Maybe Prelude.UTCTime)
+topicRuleDestination_createdAt = Lens.lens (\TopicRuleDestination' {createdAt} -> createdAt) (\s@TopicRuleDestination' {} a -> s {createdAt = a} :: TopicRuleDestination) Prelude.. Lens.mapping Data._Time
+
+-- | Properties of the HTTP URL.
+topicRuleDestination_httpUrlProperties :: Lens.Lens' TopicRuleDestination (Prelude.Maybe HttpUrlDestinationProperties)
+topicRuleDestination_httpUrlProperties = Lens.lens (\TopicRuleDestination' {httpUrlProperties} -> httpUrlProperties) (\s@TopicRuleDestination' {} a -> s {httpUrlProperties = a} :: TopicRuleDestination)
+
+-- | The date and time when the topic rule destination was last updated.
+topicRuleDestination_lastUpdatedAt :: Lens.Lens' TopicRuleDestination (Prelude.Maybe Prelude.UTCTime)
+topicRuleDestination_lastUpdatedAt = Lens.lens (\TopicRuleDestination' {lastUpdatedAt} -> lastUpdatedAt) (\s@TopicRuleDestination' {} a -> s {lastUpdatedAt = a} :: TopicRuleDestination) Prelude.. Lens.mapping Data._Time
+
+-- | The status of the topic rule destination. Valid values are:
+--
+-- [IN_PROGRESS]
+--     A topic rule destination was created but has not been confirmed. You
+--     can set @status@ to @IN_PROGRESS@ by calling
+--     @UpdateTopicRuleDestination@. Calling @UpdateTopicRuleDestination@
+--     causes a new confirmation challenge to be sent to your confirmation
+--     endpoint.
+--
+-- [ENABLED]
+--     Confirmation was completed, and traffic to this destination is
+--     allowed. You can set @status@ to @DISABLED@ by calling
+--     @UpdateTopicRuleDestination@.
+--
+-- [DISABLED]
+--     Confirmation was completed, and traffic to this destination is not
+--     allowed. You can set @status@ to @ENABLED@ by calling
+--     @UpdateTopicRuleDestination@.
+--
+-- [ERROR]
+--     Confirmation could not be completed, for example if the confirmation
+--     timed out. You can call @GetTopicRuleDestination@ for details about
+--     the error. You can set @status@ to @IN_PROGRESS@ by calling
+--     @UpdateTopicRuleDestination@. Calling @UpdateTopicRuleDestination@
+--     causes a new confirmation challenge to be sent to your confirmation
+--     endpoint.
+topicRuleDestination_status :: Lens.Lens' TopicRuleDestination (Prelude.Maybe TopicRuleDestinationStatus)
+topicRuleDestination_status = Lens.lens (\TopicRuleDestination' {status} -> status) (\s@TopicRuleDestination' {} a -> s {status = a} :: TopicRuleDestination)
+
+-- | Additional details or reason why the topic rule destination is in the
+-- current status.
+topicRuleDestination_statusReason :: Lens.Lens' TopicRuleDestination (Prelude.Maybe Prelude.Text)
+topicRuleDestination_statusReason = Lens.lens (\TopicRuleDestination' {statusReason} -> statusReason) (\s@TopicRuleDestination' {} a -> s {statusReason = a} :: TopicRuleDestination)
+
+-- | Properties of the virtual private cloud (VPC) connection.
+topicRuleDestination_vpcProperties :: Lens.Lens' TopicRuleDestination (Prelude.Maybe VpcDestinationProperties)
+topicRuleDestination_vpcProperties = Lens.lens (\TopicRuleDestination' {vpcProperties} -> vpcProperties) (\s@TopicRuleDestination' {} a -> s {vpcProperties = a} :: TopicRuleDestination)
+
+instance Data.FromJSON TopicRuleDestination where
+  parseJSON =
+    Data.withObject
+      "TopicRuleDestination"
+      ( \x ->
+          TopicRuleDestination'
+            Prelude.<$> (x Data..:? "arn")
+            Prelude.<*> (x Data..:? "createdAt")
+            Prelude.<*> (x Data..:? "httpUrlProperties")
+            Prelude.<*> (x Data..:? "lastUpdatedAt")
+            Prelude.<*> (x Data..:? "status")
+            Prelude.<*> (x Data..:? "statusReason")
+            Prelude.<*> (x Data..:? "vpcProperties")
+      )
+
+instance Prelude.Hashable TopicRuleDestination where
+  hashWithSalt _salt TopicRuleDestination' {..} =
+    _salt
+      `Prelude.hashWithSalt` arn
+      `Prelude.hashWithSalt` createdAt
+      `Prelude.hashWithSalt` httpUrlProperties
+      `Prelude.hashWithSalt` lastUpdatedAt
+      `Prelude.hashWithSalt` status
+      `Prelude.hashWithSalt` statusReason
+      `Prelude.hashWithSalt` vpcProperties
+
+instance Prelude.NFData TopicRuleDestination where
+  rnf TopicRuleDestination' {..} =
+    Prelude.rnf arn
+      `Prelude.seq` Prelude.rnf createdAt
+      `Prelude.seq` Prelude.rnf httpUrlProperties
+      `Prelude.seq` Prelude.rnf lastUpdatedAt
+      `Prelude.seq` Prelude.rnf status
+      `Prelude.seq` Prelude.rnf statusReason
+      `Prelude.seq` Prelude.rnf vpcProperties
diff --git a/gen/Amazonka/IoT/Types/TopicRuleDestinationConfiguration.hs b/gen/Amazonka/IoT/Types/TopicRuleDestinationConfiguration.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/TopicRuleDestinationConfiguration.hs
@@ -0,0 +1,99 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.TopicRuleDestinationConfiguration
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.TopicRuleDestinationConfiguration where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.HttpUrlDestinationConfiguration
+import Amazonka.IoT.Types.VpcDestinationConfiguration
+import qualified Amazonka.Prelude as Prelude
+
+-- | Configuration of the topic rule destination.
+--
+-- /See:/ 'newTopicRuleDestinationConfiguration' smart constructor.
+data TopicRuleDestinationConfiguration = TopicRuleDestinationConfiguration'
+  { -- | Configuration of the HTTP URL.
+    httpUrlConfiguration :: Prelude.Maybe HttpUrlDestinationConfiguration,
+    -- | Configuration of the virtual private cloud (VPC) connection.
+    vpcConfiguration :: Prelude.Maybe VpcDestinationConfiguration
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TopicRuleDestinationConfiguration' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpUrlConfiguration', 'topicRuleDestinationConfiguration_httpUrlConfiguration' - Configuration of the HTTP URL.
+--
+-- 'vpcConfiguration', 'topicRuleDestinationConfiguration_vpcConfiguration' - Configuration of the virtual private cloud (VPC) connection.
+newTopicRuleDestinationConfiguration ::
+  TopicRuleDestinationConfiguration
+newTopicRuleDestinationConfiguration =
+  TopicRuleDestinationConfiguration'
+    { httpUrlConfiguration =
+        Prelude.Nothing,
+      vpcConfiguration = Prelude.Nothing
+    }
+
+-- | Configuration of the HTTP URL.
+topicRuleDestinationConfiguration_httpUrlConfiguration :: Lens.Lens' TopicRuleDestinationConfiguration (Prelude.Maybe HttpUrlDestinationConfiguration)
+topicRuleDestinationConfiguration_httpUrlConfiguration = Lens.lens (\TopicRuleDestinationConfiguration' {httpUrlConfiguration} -> httpUrlConfiguration) (\s@TopicRuleDestinationConfiguration' {} a -> s {httpUrlConfiguration = a} :: TopicRuleDestinationConfiguration)
+
+-- | Configuration of the virtual private cloud (VPC) connection.
+topicRuleDestinationConfiguration_vpcConfiguration :: Lens.Lens' TopicRuleDestinationConfiguration (Prelude.Maybe VpcDestinationConfiguration)
+topicRuleDestinationConfiguration_vpcConfiguration = Lens.lens (\TopicRuleDestinationConfiguration' {vpcConfiguration} -> vpcConfiguration) (\s@TopicRuleDestinationConfiguration' {} a -> s {vpcConfiguration = a} :: TopicRuleDestinationConfiguration)
+
+instance
+  Prelude.Hashable
+    TopicRuleDestinationConfiguration
+  where
+  hashWithSalt
+    _salt
+    TopicRuleDestinationConfiguration' {..} =
+      _salt
+        `Prelude.hashWithSalt` httpUrlConfiguration
+        `Prelude.hashWithSalt` vpcConfiguration
+
+instance
+  Prelude.NFData
+    TopicRuleDestinationConfiguration
+  where
+  rnf TopicRuleDestinationConfiguration' {..} =
+    Prelude.rnf httpUrlConfiguration
+      `Prelude.seq` Prelude.rnf vpcConfiguration
+
+instance
+  Data.ToJSON
+    TopicRuleDestinationConfiguration
+  where
+  toJSON TopicRuleDestinationConfiguration' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("httpUrlConfiguration" Data..=)
+              Prelude.<$> httpUrlConfiguration,
+            ("vpcConfiguration" Data..=)
+              Prelude.<$> vpcConfiguration
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/TopicRuleDestinationStatus.hs b/gen/Amazonka/IoT/Types/TopicRuleDestinationStatus.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/TopicRuleDestinationStatus.hs
@@ -0,0 +1,86 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.TopicRuleDestinationStatus
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.TopicRuleDestinationStatus
+  ( TopicRuleDestinationStatus
+      ( ..,
+        TopicRuleDestinationStatus_DELETING,
+        TopicRuleDestinationStatus_DISABLED,
+        TopicRuleDestinationStatus_ENABLED,
+        TopicRuleDestinationStatus_ERROR,
+        TopicRuleDestinationStatus_IN_PROGRESS
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype TopicRuleDestinationStatus = TopicRuleDestinationStatus'
+  { fromTopicRuleDestinationStatus ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern TopicRuleDestinationStatus_DELETING :: TopicRuleDestinationStatus
+pattern TopicRuleDestinationStatus_DELETING = TopicRuleDestinationStatus' "DELETING"
+
+pattern TopicRuleDestinationStatus_DISABLED :: TopicRuleDestinationStatus
+pattern TopicRuleDestinationStatus_DISABLED = TopicRuleDestinationStatus' "DISABLED"
+
+pattern TopicRuleDestinationStatus_ENABLED :: TopicRuleDestinationStatus
+pattern TopicRuleDestinationStatus_ENABLED = TopicRuleDestinationStatus' "ENABLED"
+
+pattern TopicRuleDestinationStatus_ERROR :: TopicRuleDestinationStatus
+pattern TopicRuleDestinationStatus_ERROR = TopicRuleDestinationStatus' "ERROR"
+
+pattern TopicRuleDestinationStatus_IN_PROGRESS :: TopicRuleDestinationStatus
+pattern TopicRuleDestinationStatus_IN_PROGRESS = TopicRuleDestinationStatus' "IN_PROGRESS"
+
+{-# COMPLETE
+  TopicRuleDestinationStatus_DELETING,
+  TopicRuleDestinationStatus_DISABLED,
+  TopicRuleDestinationStatus_ENABLED,
+  TopicRuleDestinationStatus_ERROR,
+  TopicRuleDestinationStatus_IN_PROGRESS,
+  TopicRuleDestinationStatus'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/TopicRuleDestinationSummary.hs b/gen/Amazonka/IoT/Types/TopicRuleDestinationSummary.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/TopicRuleDestinationSummary.hs
@@ -0,0 +1,222 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.TopicRuleDestinationSummary
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.TopicRuleDestinationSummary where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.HttpUrlDestinationSummary
+import Amazonka.IoT.Types.TopicRuleDestinationStatus
+import Amazonka.IoT.Types.VpcDestinationSummary
+import qualified Amazonka.Prelude as Prelude
+
+-- | Information about the topic rule destination.
+--
+-- /See:/ 'newTopicRuleDestinationSummary' smart constructor.
+data TopicRuleDestinationSummary = TopicRuleDestinationSummary'
+  { -- | The topic rule destination ARN.
+    arn :: Prelude.Maybe Prelude.Text,
+    -- | The date and time when the topic rule destination was created.
+    createdAt :: Prelude.Maybe Data.POSIX,
+    -- | Information about the HTTP URL.
+    httpUrlSummary :: Prelude.Maybe HttpUrlDestinationSummary,
+    -- | The date and time when the topic rule destination was last updated.
+    lastUpdatedAt :: Prelude.Maybe Data.POSIX,
+    -- | The status of the topic rule destination. Valid values are:
+    --
+    -- [IN_PROGRESS]
+    --     A topic rule destination was created but has not been confirmed. You
+    --     can set @status@ to @IN_PROGRESS@ by calling
+    --     @UpdateTopicRuleDestination@. Calling @UpdateTopicRuleDestination@
+    --     causes a new confirmation challenge to be sent to your confirmation
+    --     endpoint.
+    --
+    -- [ENABLED]
+    --     Confirmation was completed, and traffic to this destination is
+    --     allowed. You can set @status@ to @DISABLED@ by calling
+    --     @UpdateTopicRuleDestination@.
+    --
+    -- [DISABLED]
+    --     Confirmation was completed, and traffic to this destination is not
+    --     allowed. You can set @status@ to @ENABLED@ by calling
+    --     @UpdateTopicRuleDestination@.
+    --
+    -- [ERROR]
+    --     Confirmation could not be completed, for example if the confirmation
+    --     timed out. You can call @GetTopicRuleDestination@ for details about
+    --     the error. You can set @status@ to @IN_PROGRESS@ by calling
+    --     @UpdateTopicRuleDestination@. Calling @UpdateTopicRuleDestination@
+    --     causes a new confirmation challenge to be sent to your confirmation
+    --     endpoint.
+    status :: Prelude.Maybe TopicRuleDestinationStatus,
+    -- | The reason the topic rule destination is in the current status.
+    statusReason :: Prelude.Maybe Prelude.Text,
+    -- | Information about the virtual private cloud (VPC) connection.
+    vpcDestinationSummary :: Prelude.Maybe VpcDestinationSummary
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TopicRuleDestinationSummary' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'arn', 'topicRuleDestinationSummary_arn' - The topic rule destination ARN.
+--
+-- 'createdAt', 'topicRuleDestinationSummary_createdAt' - The date and time when the topic rule destination was created.
+--
+-- 'httpUrlSummary', 'topicRuleDestinationSummary_httpUrlSummary' - Information about the HTTP URL.
+--
+-- 'lastUpdatedAt', 'topicRuleDestinationSummary_lastUpdatedAt' - The date and time when the topic rule destination was last updated.
+--
+-- 'status', 'topicRuleDestinationSummary_status' - The status of the topic rule destination. Valid values are:
+--
+-- [IN_PROGRESS]
+--     A topic rule destination was created but has not been confirmed. You
+--     can set @status@ to @IN_PROGRESS@ by calling
+--     @UpdateTopicRuleDestination@. Calling @UpdateTopicRuleDestination@
+--     causes a new confirmation challenge to be sent to your confirmation
+--     endpoint.
+--
+-- [ENABLED]
+--     Confirmation was completed, and traffic to this destination is
+--     allowed. You can set @status@ to @DISABLED@ by calling
+--     @UpdateTopicRuleDestination@.
+--
+-- [DISABLED]
+--     Confirmation was completed, and traffic to this destination is not
+--     allowed. You can set @status@ to @ENABLED@ by calling
+--     @UpdateTopicRuleDestination@.
+--
+-- [ERROR]
+--     Confirmation could not be completed, for example if the confirmation
+--     timed out. You can call @GetTopicRuleDestination@ for details about
+--     the error. You can set @status@ to @IN_PROGRESS@ by calling
+--     @UpdateTopicRuleDestination@. Calling @UpdateTopicRuleDestination@
+--     causes a new confirmation challenge to be sent to your confirmation
+--     endpoint.
+--
+-- 'statusReason', 'topicRuleDestinationSummary_statusReason' - The reason the topic rule destination is in the current status.
+--
+-- 'vpcDestinationSummary', 'topicRuleDestinationSummary_vpcDestinationSummary' - Information about the virtual private cloud (VPC) connection.
+newTopicRuleDestinationSummary ::
+  TopicRuleDestinationSummary
+newTopicRuleDestinationSummary =
+  TopicRuleDestinationSummary'
+    { arn = Prelude.Nothing,
+      createdAt = Prelude.Nothing,
+      httpUrlSummary = Prelude.Nothing,
+      lastUpdatedAt = Prelude.Nothing,
+      status = Prelude.Nothing,
+      statusReason = Prelude.Nothing,
+      vpcDestinationSummary = Prelude.Nothing
+    }
+
+-- | The topic rule destination ARN.
+topicRuleDestinationSummary_arn :: Lens.Lens' TopicRuleDestinationSummary (Prelude.Maybe Prelude.Text)
+topicRuleDestinationSummary_arn = Lens.lens (\TopicRuleDestinationSummary' {arn} -> arn) (\s@TopicRuleDestinationSummary' {} a -> s {arn = a} :: TopicRuleDestinationSummary)
+
+-- | The date and time when the topic rule destination was created.
+topicRuleDestinationSummary_createdAt :: Lens.Lens' TopicRuleDestinationSummary (Prelude.Maybe Prelude.UTCTime)
+topicRuleDestinationSummary_createdAt = Lens.lens (\TopicRuleDestinationSummary' {createdAt} -> createdAt) (\s@TopicRuleDestinationSummary' {} a -> s {createdAt = a} :: TopicRuleDestinationSummary) Prelude.. Lens.mapping Data._Time
+
+-- | Information about the HTTP URL.
+topicRuleDestinationSummary_httpUrlSummary :: Lens.Lens' TopicRuleDestinationSummary (Prelude.Maybe HttpUrlDestinationSummary)
+topicRuleDestinationSummary_httpUrlSummary = Lens.lens (\TopicRuleDestinationSummary' {httpUrlSummary} -> httpUrlSummary) (\s@TopicRuleDestinationSummary' {} a -> s {httpUrlSummary = a} :: TopicRuleDestinationSummary)
+
+-- | The date and time when the topic rule destination was last updated.
+topicRuleDestinationSummary_lastUpdatedAt :: Lens.Lens' TopicRuleDestinationSummary (Prelude.Maybe Prelude.UTCTime)
+topicRuleDestinationSummary_lastUpdatedAt = Lens.lens (\TopicRuleDestinationSummary' {lastUpdatedAt} -> lastUpdatedAt) (\s@TopicRuleDestinationSummary' {} a -> s {lastUpdatedAt = a} :: TopicRuleDestinationSummary) Prelude.. Lens.mapping Data._Time
+
+-- | The status of the topic rule destination. Valid values are:
+--
+-- [IN_PROGRESS]
+--     A topic rule destination was created but has not been confirmed. You
+--     can set @status@ to @IN_PROGRESS@ by calling
+--     @UpdateTopicRuleDestination@. Calling @UpdateTopicRuleDestination@
+--     causes a new confirmation challenge to be sent to your confirmation
+--     endpoint.
+--
+-- [ENABLED]
+--     Confirmation was completed, and traffic to this destination is
+--     allowed. You can set @status@ to @DISABLED@ by calling
+--     @UpdateTopicRuleDestination@.
+--
+-- [DISABLED]
+--     Confirmation was completed, and traffic to this destination is not
+--     allowed. You can set @status@ to @ENABLED@ by calling
+--     @UpdateTopicRuleDestination@.
+--
+-- [ERROR]
+--     Confirmation could not be completed, for example if the confirmation
+--     timed out. You can call @GetTopicRuleDestination@ for details about
+--     the error. You can set @status@ to @IN_PROGRESS@ by calling
+--     @UpdateTopicRuleDestination@. Calling @UpdateTopicRuleDestination@
+--     causes a new confirmation challenge to be sent to your confirmation
+--     endpoint.
+topicRuleDestinationSummary_status :: Lens.Lens' TopicRuleDestinationSummary (Prelude.Maybe TopicRuleDestinationStatus)
+topicRuleDestinationSummary_status = Lens.lens (\TopicRuleDestinationSummary' {status} -> status) (\s@TopicRuleDestinationSummary' {} a -> s {status = a} :: TopicRuleDestinationSummary)
+
+-- | The reason the topic rule destination is in the current status.
+topicRuleDestinationSummary_statusReason :: Lens.Lens' TopicRuleDestinationSummary (Prelude.Maybe Prelude.Text)
+topicRuleDestinationSummary_statusReason = Lens.lens (\TopicRuleDestinationSummary' {statusReason} -> statusReason) (\s@TopicRuleDestinationSummary' {} a -> s {statusReason = a} :: TopicRuleDestinationSummary)
+
+-- | Information about the virtual private cloud (VPC) connection.
+topicRuleDestinationSummary_vpcDestinationSummary :: Lens.Lens' TopicRuleDestinationSummary (Prelude.Maybe VpcDestinationSummary)
+topicRuleDestinationSummary_vpcDestinationSummary = Lens.lens (\TopicRuleDestinationSummary' {vpcDestinationSummary} -> vpcDestinationSummary) (\s@TopicRuleDestinationSummary' {} a -> s {vpcDestinationSummary = a} :: TopicRuleDestinationSummary)
+
+instance Data.FromJSON TopicRuleDestinationSummary where
+  parseJSON =
+    Data.withObject
+      "TopicRuleDestinationSummary"
+      ( \x ->
+          TopicRuleDestinationSummary'
+            Prelude.<$> (x Data..:? "arn")
+            Prelude.<*> (x Data..:? "createdAt")
+            Prelude.<*> (x Data..:? "httpUrlSummary")
+            Prelude.<*> (x Data..:? "lastUpdatedAt")
+            Prelude.<*> (x Data..:? "status")
+            Prelude.<*> (x Data..:? "statusReason")
+            Prelude.<*> (x Data..:? "vpcDestinationSummary")
+      )
+
+instance Prelude.Hashable TopicRuleDestinationSummary where
+  hashWithSalt _salt TopicRuleDestinationSummary' {..} =
+    _salt
+      `Prelude.hashWithSalt` arn
+      `Prelude.hashWithSalt` createdAt
+      `Prelude.hashWithSalt` httpUrlSummary
+      `Prelude.hashWithSalt` lastUpdatedAt
+      `Prelude.hashWithSalt` status
+      `Prelude.hashWithSalt` statusReason
+      `Prelude.hashWithSalt` vpcDestinationSummary
+
+instance Prelude.NFData TopicRuleDestinationSummary where
+  rnf TopicRuleDestinationSummary' {..} =
+    Prelude.rnf arn
+      `Prelude.seq` Prelude.rnf createdAt
+      `Prelude.seq` Prelude.rnf httpUrlSummary
+      `Prelude.seq` Prelude.rnf lastUpdatedAt
+      `Prelude.seq` Prelude.rnf status
+      `Prelude.seq` Prelude.rnf statusReason
+      `Prelude.seq` Prelude.rnf vpcDestinationSummary
diff --git a/gen/Amazonka/IoT/Types/TopicRuleListItem.hs b/gen/Amazonka/IoT/Types/TopicRuleListItem.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/TopicRuleListItem.hs
@@ -0,0 +1,120 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.TopicRuleListItem
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.TopicRuleListItem where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes a rule.
+--
+-- /See:/ 'newTopicRuleListItem' smart constructor.
+data TopicRuleListItem = TopicRuleListItem'
+  { -- | The date and time the rule was created.
+    createdAt :: Prelude.Maybe Data.POSIX,
+    -- | The rule ARN.
+    ruleArn :: Prelude.Maybe Prelude.Text,
+    -- | Specifies whether the rule is disabled.
+    ruleDisabled :: Prelude.Maybe Prelude.Bool,
+    -- | The name of the rule.
+    ruleName :: Prelude.Maybe Prelude.Text,
+    -- | The pattern for the topic names that apply.
+    topicPattern :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TopicRuleListItem' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'createdAt', 'topicRuleListItem_createdAt' - The date and time the rule was created.
+--
+-- 'ruleArn', 'topicRuleListItem_ruleArn' - The rule ARN.
+--
+-- 'ruleDisabled', 'topicRuleListItem_ruleDisabled' - Specifies whether the rule is disabled.
+--
+-- 'ruleName', 'topicRuleListItem_ruleName' - The name of the rule.
+--
+-- 'topicPattern', 'topicRuleListItem_topicPattern' - The pattern for the topic names that apply.
+newTopicRuleListItem ::
+  TopicRuleListItem
+newTopicRuleListItem =
+  TopicRuleListItem'
+    { createdAt = Prelude.Nothing,
+      ruleArn = Prelude.Nothing,
+      ruleDisabled = Prelude.Nothing,
+      ruleName = Prelude.Nothing,
+      topicPattern = Prelude.Nothing
+    }
+
+-- | The date and time the rule was created.
+topicRuleListItem_createdAt :: Lens.Lens' TopicRuleListItem (Prelude.Maybe Prelude.UTCTime)
+topicRuleListItem_createdAt = Lens.lens (\TopicRuleListItem' {createdAt} -> createdAt) (\s@TopicRuleListItem' {} a -> s {createdAt = a} :: TopicRuleListItem) Prelude.. Lens.mapping Data._Time
+
+-- | The rule ARN.
+topicRuleListItem_ruleArn :: Lens.Lens' TopicRuleListItem (Prelude.Maybe Prelude.Text)
+topicRuleListItem_ruleArn = Lens.lens (\TopicRuleListItem' {ruleArn} -> ruleArn) (\s@TopicRuleListItem' {} a -> s {ruleArn = a} :: TopicRuleListItem)
+
+-- | Specifies whether the rule is disabled.
+topicRuleListItem_ruleDisabled :: Lens.Lens' TopicRuleListItem (Prelude.Maybe Prelude.Bool)
+topicRuleListItem_ruleDisabled = Lens.lens (\TopicRuleListItem' {ruleDisabled} -> ruleDisabled) (\s@TopicRuleListItem' {} a -> s {ruleDisabled = a} :: TopicRuleListItem)
+
+-- | The name of the rule.
+topicRuleListItem_ruleName :: Lens.Lens' TopicRuleListItem (Prelude.Maybe Prelude.Text)
+topicRuleListItem_ruleName = Lens.lens (\TopicRuleListItem' {ruleName} -> ruleName) (\s@TopicRuleListItem' {} a -> s {ruleName = a} :: TopicRuleListItem)
+
+-- | The pattern for the topic names that apply.
+topicRuleListItem_topicPattern :: Lens.Lens' TopicRuleListItem (Prelude.Maybe Prelude.Text)
+topicRuleListItem_topicPattern = Lens.lens (\TopicRuleListItem' {topicPattern} -> topicPattern) (\s@TopicRuleListItem' {} a -> s {topicPattern = a} :: TopicRuleListItem)
+
+instance Data.FromJSON TopicRuleListItem where
+  parseJSON =
+    Data.withObject
+      "TopicRuleListItem"
+      ( \x ->
+          TopicRuleListItem'
+            Prelude.<$> (x Data..:? "createdAt")
+            Prelude.<*> (x Data..:? "ruleArn")
+            Prelude.<*> (x Data..:? "ruleDisabled")
+            Prelude.<*> (x Data..:? "ruleName")
+            Prelude.<*> (x Data..:? "topicPattern")
+      )
+
+instance Prelude.Hashable TopicRuleListItem where
+  hashWithSalt _salt TopicRuleListItem' {..} =
+    _salt
+      `Prelude.hashWithSalt` createdAt
+      `Prelude.hashWithSalt` ruleArn
+      `Prelude.hashWithSalt` ruleDisabled
+      `Prelude.hashWithSalt` ruleName
+      `Prelude.hashWithSalt` topicPattern
+
+instance Prelude.NFData TopicRuleListItem where
+  rnf TopicRuleListItem' {..} =
+    Prelude.rnf createdAt
+      `Prelude.seq` Prelude.rnf ruleArn
+      `Prelude.seq` Prelude.rnf ruleDisabled
+      `Prelude.seq` Prelude.rnf ruleName
+      `Prelude.seq` Prelude.rnf topicPattern
diff --git a/gen/Amazonka/IoT/Types/TopicRulePayload.hs b/gen/Amazonka/IoT/Types/TopicRulePayload.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/TopicRulePayload.hs
@@ -0,0 +1,142 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.TopicRulePayload
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.TopicRulePayload where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.Action
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes a rule.
+--
+-- /See:/ 'newTopicRulePayload' smart constructor.
+data TopicRulePayload = TopicRulePayload'
+  { -- | The version of the SQL rules engine to use when evaluating the rule.
+    awsIotSqlVersion :: Prelude.Maybe Prelude.Text,
+    -- | The description of the rule.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | The action to take when an error occurs.
+    errorAction :: Prelude.Maybe Action,
+    -- | Specifies whether the rule is disabled.
+    ruleDisabled :: Prelude.Maybe Prelude.Bool,
+    -- | The SQL statement used to query the topic. For more information, see
+    -- <https://docs.aws.amazon.com/iot/latest/developerguide/iot-sql-reference.html IoT SQL Reference>
+    -- in the /IoT Developer Guide/.
+    sql :: Prelude.Text,
+    -- | The actions associated with the rule.
+    actions :: [Action]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TopicRulePayload' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'awsIotSqlVersion', 'topicRulePayload_awsIotSqlVersion' - The version of the SQL rules engine to use when evaluating the rule.
+--
+-- 'description', 'topicRulePayload_description' - The description of the rule.
+--
+-- 'errorAction', 'topicRulePayload_errorAction' - The action to take when an error occurs.
+--
+-- 'ruleDisabled', 'topicRulePayload_ruleDisabled' - Specifies whether the rule is disabled.
+--
+-- 'sql', 'topicRulePayload_sql' - The SQL statement used to query the topic. For more information, see
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/iot-sql-reference.html IoT SQL Reference>
+-- in the /IoT Developer Guide/.
+--
+-- 'actions', 'topicRulePayload_actions' - The actions associated with the rule.
+newTopicRulePayload ::
+  -- | 'sql'
+  Prelude.Text ->
+  TopicRulePayload
+newTopicRulePayload pSql_ =
+  TopicRulePayload'
+    { awsIotSqlVersion =
+        Prelude.Nothing,
+      description = Prelude.Nothing,
+      errorAction = Prelude.Nothing,
+      ruleDisabled = Prelude.Nothing,
+      sql = pSql_,
+      actions = Prelude.mempty
+    }
+
+-- | The version of the SQL rules engine to use when evaluating the rule.
+topicRulePayload_awsIotSqlVersion :: Lens.Lens' TopicRulePayload (Prelude.Maybe Prelude.Text)
+topicRulePayload_awsIotSqlVersion = Lens.lens (\TopicRulePayload' {awsIotSqlVersion} -> awsIotSqlVersion) (\s@TopicRulePayload' {} a -> s {awsIotSqlVersion = a} :: TopicRulePayload)
+
+-- | The description of the rule.
+topicRulePayload_description :: Lens.Lens' TopicRulePayload (Prelude.Maybe Prelude.Text)
+topicRulePayload_description = Lens.lens (\TopicRulePayload' {description} -> description) (\s@TopicRulePayload' {} a -> s {description = a} :: TopicRulePayload)
+
+-- | The action to take when an error occurs.
+topicRulePayload_errorAction :: Lens.Lens' TopicRulePayload (Prelude.Maybe Action)
+topicRulePayload_errorAction = Lens.lens (\TopicRulePayload' {errorAction} -> errorAction) (\s@TopicRulePayload' {} a -> s {errorAction = a} :: TopicRulePayload)
+
+-- | Specifies whether the rule is disabled.
+topicRulePayload_ruleDisabled :: Lens.Lens' TopicRulePayload (Prelude.Maybe Prelude.Bool)
+topicRulePayload_ruleDisabled = Lens.lens (\TopicRulePayload' {ruleDisabled} -> ruleDisabled) (\s@TopicRulePayload' {} a -> s {ruleDisabled = a} :: TopicRulePayload)
+
+-- | The SQL statement used to query the topic. For more information, see
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/iot-sql-reference.html IoT SQL Reference>
+-- in the /IoT Developer Guide/.
+topicRulePayload_sql :: Lens.Lens' TopicRulePayload Prelude.Text
+topicRulePayload_sql = Lens.lens (\TopicRulePayload' {sql} -> sql) (\s@TopicRulePayload' {} a -> s {sql = a} :: TopicRulePayload)
+
+-- | The actions associated with the rule.
+topicRulePayload_actions :: Lens.Lens' TopicRulePayload [Action]
+topicRulePayload_actions = Lens.lens (\TopicRulePayload' {actions} -> actions) (\s@TopicRulePayload' {} a -> s {actions = a} :: TopicRulePayload) Prelude.. Lens.coerced
+
+instance Prelude.Hashable TopicRulePayload where
+  hashWithSalt _salt TopicRulePayload' {..} =
+    _salt
+      `Prelude.hashWithSalt` awsIotSqlVersion
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` errorAction
+      `Prelude.hashWithSalt` ruleDisabled
+      `Prelude.hashWithSalt` sql
+      `Prelude.hashWithSalt` actions
+
+instance Prelude.NFData TopicRulePayload where
+  rnf TopicRulePayload' {..} =
+    Prelude.rnf awsIotSqlVersion
+      `Prelude.seq` Prelude.rnf description
+      `Prelude.seq` Prelude.rnf errorAction
+      `Prelude.seq` Prelude.rnf ruleDisabled
+      `Prelude.seq` Prelude.rnf sql
+      `Prelude.seq` Prelude.rnf actions
+
+instance Data.ToJSON TopicRulePayload where
+  toJSON TopicRulePayload' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("awsIotSqlVersion" Data..=)
+              Prelude.<$> awsIotSqlVersion,
+            ("description" Data..=) Prelude.<$> description,
+            ("errorAction" Data..=) Prelude.<$> errorAction,
+            ("ruleDisabled" Data..=) Prelude.<$> ruleDisabled,
+            Prelude.Just ("sql" Data..= sql),
+            Prelude.Just ("actions" Data..= actions)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/TransferData.hs b/gen/Amazonka/IoT/Types/TransferData.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/TransferData.hs
@@ -0,0 +1,120 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.TransferData
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.TransferData where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Data used to transfer a certificate to an Amazon Web Services account.
+--
+-- /See:/ 'newTransferData' smart constructor.
+data TransferData = TransferData'
+  { -- | The date the transfer was accepted.
+    acceptDate :: Prelude.Maybe Data.POSIX,
+    -- | The date the transfer was rejected.
+    rejectDate :: Prelude.Maybe Data.POSIX,
+    -- | The reason why the transfer was rejected.
+    rejectReason :: Prelude.Maybe Prelude.Text,
+    -- | The date the transfer took place.
+    transferDate :: Prelude.Maybe Data.POSIX,
+    -- | The transfer message.
+    transferMessage :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TransferData' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'acceptDate', 'transferData_acceptDate' - The date the transfer was accepted.
+--
+-- 'rejectDate', 'transferData_rejectDate' - The date the transfer was rejected.
+--
+-- 'rejectReason', 'transferData_rejectReason' - The reason why the transfer was rejected.
+--
+-- 'transferDate', 'transferData_transferDate' - The date the transfer took place.
+--
+-- 'transferMessage', 'transferData_transferMessage' - The transfer message.
+newTransferData ::
+  TransferData
+newTransferData =
+  TransferData'
+    { acceptDate = Prelude.Nothing,
+      rejectDate = Prelude.Nothing,
+      rejectReason = Prelude.Nothing,
+      transferDate = Prelude.Nothing,
+      transferMessage = Prelude.Nothing
+    }
+
+-- | The date the transfer was accepted.
+transferData_acceptDate :: Lens.Lens' TransferData (Prelude.Maybe Prelude.UTCTime)
+transferData_acceptDate = Lens.lens (\TransferData' {acceptDate} -> acceptDate) (\s@TransferData' {} a -> s {acceptDate = a} :: TransferData) Prelude.. Lens.mapping Data._Time
+
+-- | The date the transfer was rejected.
+transferData_rejectDate :: Lens.Lens' TransferData (Prelude.Maybe Prelude.UTCTime)
+transferData_rejectDate = Lens.lens (\TransferData' {rejectDate} -> rejectDate) (\s@TransferData' {} a -> s {rejectDate = a} :: TransferData) Prelude.. Lens.mapping Data._Time
+
+-- | The reason why the transfer was rejected.
+transferData_rejectReason :: Lens.Lens' TransferData (Prelude.Maybe Prelude.Text)
+transferData_rejectReason = Lens.lens (\TransferData' {rejectReason} -> rejectReason) (\s@TransferData' {} a -> s {rejectReason = a} :: TransferData)
+
+-- | The date the transfer took place.
+transferData_transferDate :: Lens.Lens' TransferData (Prelude.Maybe Prelude.UTCTime)
+transferData_transferDate = Lens.lens (\TransferData' {transferDate} -> transferDate) (\s@TransferData' {} a -> s {transferDate = a} :: TransferData) Prelude.. Lens.mapping Data._Time
+
+-- | The transfer message.
+transferData_transferMessage :: Lens.Lens' TransferData (Prelude.Maybe Prelude.Text)
+transferData_transferMessage = Lens.lens (\TransferData' {transferMessage} -> transferMessage) (\s@TransferData' {} a -> s {transferMessage = a} :: TransferData)
+
+instance Data.FromJSON TransferData where
+  parseJSON =
+    Data.withObject
+      "TransferData"
+      ( \x ->
+          TransferData'
+            Prelude.<$> (x Data..:? "acceptDate")
+            Prelude.<*> (x Data..:? "rejectDate")
+            Prelude.<*> (x Data..:? "rejectReason")
+            Prelude.<*> (x Data..:? "transferDate")
+            Prelude.<*> (x Data..:? "transferMessage")
+      )
+
+instance Prelude.Hashable TransferData where
+  hashWithSalt _salt TransferData' {..} =
+    _salt
+      `Prelude.hashWithSalt` acceptDate
+      `Prelude.hashWithSalt` rejectDate
+      `Prelude.hashWithSalt` rejectReason
+      `Prelude.hashWithSalt` transferDate
+      `Prelude.hashWithSalt` transferMessage
+
+instance Prelude.NFData TransferData where
+  rnf TransferData' {..} =
+    Prelude.rnf acceptDate
+      `Prelude.seq` Prelude.rnf rejectDate
+      `Prelude.seq` Prelude.rnf rejectReason
+      `Prelude.seq` Prelude.rnf transferDate
+      `Prelude.seq` Prelude.rnf transferMessage
diff --git a/gen/Amazonka/IoT/Types/UpdateCACertificateParams.hs b/gen/Amazonka/IoT/Types/UpdateCACertificateParams.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/UpdateCACertificateParams.hs
@@ -0,0 +1,83 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.UpdateCACertificateParams
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.UpdateCACertificateParams where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.CACertificateUpdateAction
+import qualified Amazonka.Prelude as Prelude
+
+-- | Parameters to define a mitigation action that changes the state of the
+-- CA certificate to inactive.
+--
+-- /See:/ 'newUpdateCACertificateParams' smart constructor.
+data UpdateCACertificateParams = UpdateCACertificateParams'
+  { -- | The action that you want to apply to the CA certificate. The only
+    -- supported value is @DEACTIVATE@.
+    action :: CACertificateUpdateAction
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateCACertificateParams' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'action', 'updateCACertificateParams_action' - The action that you want to apply to the CA certificate. The only
+-- supported value is @DEACTIVATE@.
+newUpdateCACertificateParams ::
+  -- | 'action'
+  CACertificateUpdateAction ->
+  UpdateCACertificateParams
+newUpdateCACertificateParams pAction_ =
+  UpdateCACertificateParams' {action = pAction_}
+
+-- | The action that you want to apply to the CA certificate. The only
+-- supported value is @DEACTIVATE@.
+updateCACertificateParams_action :: Lens.Lens' UpdateCACertificateParams CACertificateUpdateAction
+updateCACertificateParams_action = Lens.lens (\UpdateCACertificateParams' {action} -> action) (\s@UpdateCACertificateParams' {} a -> s {action = a} :: UpdateCACertificateParams)
+
+instance Data.FromJSON UpdateCACertificateParams where
+  parseJSON =
+    Data.withObject
+      "UpdateCACertificateParams"
+      ( \x ->
+          UpdateCACertificateParams'
+            Prelude.<$> (x Data..: "action")
+      )
+
+instance Prelude.Hashable UpdateCACertificateParams where
+  hashWithSalt _salt UpdateCACertificateParams' {..} =
+    _salt `Prelude.hashWithSalt` action
+
+instance Prelude.NFData UpdateCACertificateParams where
+  rnf UpdateCACertificateParams' {..} =
+    Prelude.rnf action
+
+instance Data.ToJSON UpdateCACertificateParams where
+  toJSON UpdateCACertificateParams' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [Prelude.Just ("action" Data..= action)]
+      )
diff --git a/gen/Amazonka/IoT/Types/UpdateDeviceCertificateParams.hs b/gen/Amazonka/IoT/Types/UpdateDeviceCertificateParams.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/UpdateDeviceCertificateParams.hs
@@ -0,0 +1,86 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.UpdateDeviceCertificateParams
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.UpdateDeviceCertificateParams where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.DeviceCertificateUpdateAction
+import qualified Amazonka.Prelude as Prelude
+
+-- | Parameters to define a mitigation action that changes the state of the
+-- device certificate to inactive.
+--
+-- /See:/ 'newUpdateDeviceCertificateParams' smart constructor.
+data UpdateDeviceCertificateParams = UpdateDeviceCertificateParams'
+  { -- | The action that you want to apply to the device certificate. The only
+    -- supported value is @DEACTIVATE@.
+    action :: DeviceCertificateUpdateAction
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateDeviceCertificateParams' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'action', 'updateDeviceCertificateParams_action' - The action that you want to apply to the device certificate. The only
+-- supported value is @DEACTIVATE@.
+newUpdateDeviceCertificateParams ::
+  -- | 'action'
+  DeviceCertificateUpdateAction ->
+  UpdateDeviceCertificateParams
+newUpdateDeviceCertificateParams pAction_ =
+  UpdateDeviceCertificateParams' {action = pAction_}
+
+-- | The action that you want to apply to the device certificate. The only
+-- supported value is @DEACTIVATE@.
+updateDeviceCertificateParams_action :: Lens.Lens' UpdateDeviceCertificateParams DeviceCertificateUpdateAction
+updateDeviceCertificateParams_action = Lens.lens (\UpdateDeviceCertificateParams' {action} -> action) (\s@UpdateDeviceCertificateParams' {} a -> s {action = a} :: UpdateDeviceCertificateParams)
+
+instance Data.FromJSON UpdateDeviceCertificateParams where
+  parseJSON =
+    Data.withObject
+      "UpdateDeviceCertificateParams"
+      ( \x ->
+          UpdateDeviceCertificateParams'
+            Prelude.<$> (x Data..: "action")
+      )
+
+instance
+  Prelude.Hashable
+    UpdateDeviceCertificateParams
+  where
+  hashWithSalt _salt UpdateDeviceCertificateParams' {..} =
+    _salt `Prelude.hashWithSalt` action
+
+instance Prelude.NFData UpdateDeviceCertificateParams where
+  rnf UpdateDeviceCertificateParams' {..} =
+    Prelude.rnf action
+
+instance Data.ToJSON UpdateDeviceCertificateParams where
+  toJSON UpdateDeviceCertificateParams' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [Prelude.Just ("action" Data..= action)]
+      )
diff --git a/gen/Amazonka/IoT/Types/UserProperty.hs b/gen/Amazonka/IoT/Types/UserProperty.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/UserProperty.hs
@@ -0,0 +1,95 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.UserProperty
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.UserProperty where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | A key-value pair that you define in the header. Both the key and the
+-- value are either literal strings or valid
+-- <https://docs.aws.amazon.com/iot/latest/developerguide/iot-substitution-templates.html substitution templates>.
+--
+-- /See:/ 'newUserProperty' smart constructor.
+data UserProperty = UserProperty'
+  { -- | A key to be specified in @UserProperty@.
+    key :: Prelude.Text,
+    -- | A value to be specified in @UserProperty@.
+    value :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UserProperty' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'key', 'userProperty_key' - A key to be specified in @UserProperty@.
+--
+-- 'value', 'userProperty_value' - A value to be specified in @UserProperty@.
+newUserProperty ::
+  -- | 'key'
+  Prelude.Text ->
+  -- | 'value'
+  Prelude.Text ->
+  UserProperty
+newUserProperty pKey_ pValue_ =
+  UserProperty' {key = pKey_, value = pValue_}
+
+-- | A key to be specified in @UserProperty@.
+userProperty_key :: Lens.Lens' UserProperty Prelude.Text
+userProperty_key = Lens.lens (\UserProperty' {key} -> key) (\s@UserProperty' {} a -> s {key = a} :: UserProperty)
+
+-- | A value to be specified in @UserProperty@.
+userProperty_value :: Lens.Lens' UserProperty Prelude.Text
+userProperty_value = Lens.lens (\UserProperty' {value} -> value) (\s@UserProperty' {} a -> s {value = a} :: UserProperty)
+
+instance Data.FromJSON UserProperty where
+  parseJSON =
+    Data.withObject
+      "UserProperty"
+      ( \x ->
+          UserProperty'
+            Prelude.<$> (x Data..: "key")
+            Prelude.<*> (x Data..: "value")
+      )
+
+instance Prelude.Hashable UserProperty where
+  hashWithSalt _salt UserProperty' {..} =
+    _salt
+      `Prelude.hashWithSalt` key
+      `Prelude.hashWithSalt` value
+
+instance Prelude.NFData UserProperty where
+  rnf UserProperty' {..} =
+    Prelude.rnf key `Prelude.seq` Prelude.rnf value
+
+instance Data.ToJSON UserProperty where
+  toJSON UserProperty' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("key" Data..= key),
+            Prelude.Just ("value" Data..= value)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/ValidationError.hs b/gen/Amazonka/IoT/Types/ValidationError.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ValidationError.hs
@@ -0,0 +1,68 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ValidationError
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ValidationError where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Information about an error found in a behavior specification.
+--
+-- /See:/ 'newValidationError' smart constructor.
+data ValidationError = ValidationError'
+  { -- | The description of an error found in the behaviors.
+    errorMessage :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ValidationError' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'errorMessage', 'validationError_errorMessage' - The description of an error found in the behaviors.
+newValidationError ::
+  ValidationError
+newValidationError =
+  ValidationError' {errorMessage = Prelude.Nothing}
+
+-- | The description of an error found in the behaviors.
+validationError_errorMessage :: Lens.Lens' ValidationError (Prelude.Maybe Prelude.Text)
+validationError_errorMessage = Lens.lens (\ValidationError' {errorMessage} -> errorMessage) (\s@ValidationError' {} a -> s {errorMessage = a} :: ValidationError)
+
+instance Data.FromJSON ValidationError where
+  parseJSON =
+    Data.withObject
+      "ValidationError"
+      ( \x ->
+          ValidationError'
+            Prelude.<$> (x Data..:? "errorMessage")
+      )
+
+instance Prelude.Hashable ValidationError where
+  hashWithSalt _salt ValidationError' {..} =
+    _salt `Prelude.hashWithSalt` errorMessage
+
+instance Prelude.NFData ValidationError where
+  rnf ValidationError' {..} = Prelude.rnf errorMessage
diff --git a/gen/Amazonka/IoT/Types/VerificationState.hs b/gen/Amazonka/IoT/Types/VerificationState.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/VerificationState.hs
@@ -0,0 +1,81 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.VerificationState
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.VerificationState
+  ( VerificationState
+      ( ..,
+        VerificationState_BENIGN_POSITIVE,
+        VerificationState_FALSE_POSITIVE,
+        VerificationState_TRUE_POSITIVE,
+        VerificationState_UNKNOWN
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype VerificationState = VerificationState'
+  { fromVerificationState ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern VerificationState_BENIGN_POSITIVE :: VerificationState
+pattern VerificationState_BENIGN_POSITIVE = VerificationState' "BENIGN_POSITIVE"
+
+pattern VerificationState_FALSE_POSITIVE :: VerificationState
+pattern VerificationState_FALSE_POSITIVE = VerificationState' "FALSE_POSITIVE"
+
+pattern VerificationState_TRUE_POSITIVE :: VerificationState
+pattern VerificationState_TRUE_POSITIVE = VerificationState' "TRUE_POSITIVE"
+
+pattern VerificationState_UNKNOWN :: VerificationState
+pattern VerificationState_UNKNOWN = VerificationState' "UNKNOWN"
+
+{-# COMPLETE
+  VerificationState_BENIGN_POSITIVE,
+  VerificationState_FALSE_POSITIVE,
+  VerificationState_TRUE_POSITIVE,
+  VerificationState_UNKNOWN,
+  VerificationState'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/ViolationEvent.hs b/gen/Amazonka/IoT/Types/ViolationEvent.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ViolationEvent.hs
@@ -0,0 +1,185 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ViolationEvent
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ViolationEvent where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.Behavior
+import Amazonka.IoT.Types.MetricValue
+import Amazonka.IoT.Types.VerificationState
+import Amazonka.IoT.Types.ViolationEventAdditionalInfo
+import Amazonka.IoT.Types.ViolationEventType
+import qualified Amazonka.Prelude as Prelude
+
+-- | Information about a Device Defender security profile behavior violation.
+--
+-- /See:/ 'newViolationEvent' smart constructor.
+data ViolationEvent = ViolationEvent'
+  { -- | The behavior that was violated.
+    behavior :: Prelude.Maybe Behavior,
+    -- | The value of the metric (the measurement).
+    metricValue :: Prelude.Maybe MetricValue,
+    -- | The name of the security profile whose behavior was violated.
+    securityProfileName :: Prelude.Maybe Prelude.Text,
+    -- | The name of the thing responsible for the violation event.
+    thingName :: Prelude.Maybe Prelude.Text,
+    -- | The verification state of the violation (detect alarm).
+    verificationState :: Prelude.Maybe VerificationState,
+    -- | The description of the verification state of the violation.
+    verificationStateDescription :: Prelude.Maybe Prelude.Text,
+    -- | The details of a violation event.
+    violationEventAdditionalInfo :: Prelude.Maybe ViolationEventAdditionalInfo,
+    -- | The time the violation event occurred.
+    violationEventTime :: Prelude.Maybe Data.POSIX,
+    -- | The type of violation event.
+    violationEventType :: Prelude.Maybe ViolationEventType,
+    -- | The ID of the violation event.
+    violationId :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ViolationEvent' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'behavior', 'violationEvent_behavior' - The behavior that was violated.
+--
+-- 'metricValue', 'violationEvent_metricValue' - The value of the metric (the measurement).
+--
+-- 'securityProfileName', 'violationEvent_securityProfileName' - The name of the security profile whose behavior was violated.
+--
+-- 'thingName', 'violationEvent_thingName' - The name of the thing responsible for the violation event.
+--
+-- 'verificationState', 'violationEvent_verificationState' - The verification state of the violation (detect alarm).
+--
+-- 'verificationStateDescription', 'violationEvent_verificationStateDescription' - The description of the verification state of the violation.
+--
+-- 'violationEventAdditionalInfo', 'violationEvent_violationEventAdditionalInfo' - The details of a violation event.
+--
+-- 'violationEventTime', 'violationEvent_violationEventTime' - The time the violation event occurred.
+--
+-- 'violationEventType', 'violationEvent_violationEventType' - The type of violation event.
+--
+-- 'violationId', 'violationEvent_violationId' - The ID of the violation event.
+newViolationEvent ::
+  ViolationEvent
+newViolationEvent =
+  ViolationEvent'
+    { behavior = Prelude.Nothing,
+      metricValue = Prelude.Nothing,
+      securityProfileName = Prelude.Nothing,
+      thingName = Prelude.Nothing,
+      verificationState = Prelude.Nothing,
+      verificationStateDescription = Prelude.Nothing,
+      violationEventAdditionalInfo = Prelude.Nothing,
+      violationEventTime = Prelude.Nothing,
+      violationEventType = Prelude.Nothing,
+      violationId = Prelude.Nothing
+    }
+
+-- | The behavior that was violated.
+violationEvent_behavior :: Lens.Lens' ViolationEvent (Prelude.Maybe Behavior)
+violationEvent_behavior = Lens.lens (\ViolationEvent' {behavior} -> behavior) (\s@ViolationEvent' {} a -> s {behavior = a} :: ViolationEvent)
+
+-- | The value of the metric (the measurement).
+violationEvent_metricValue :: Lens.Lens' ViolationEvent (Prelude.Maybe MetricValue)
+violationEvent_metricValue = Lens.lens (\ViolationEvent' {metricValue} -> metricValue) (\s@ViolationEvent' {} a -> s {metricValue = a} :: ViolationEvent)
+
+-- | The name of the security profile whose behavior was violated.
+violationEvent_securityProfileName :: Lens.Lens' ViolationEvent (Prelude.Maybe Prelude.Text)
+violationEvent_securityProfileName = Lens.lens (\ViolationEvent' {securityProfileName} -> securityProfileName) (\s@ViolationEvent' {} a -> s {securityProfileName = a} :: ViolationEvent)
+
+-- | The name of the thing responsible for the violation event.
+violationEvent_thingName :: Lens.Lens' ViolationEvent (Prelude.Maybe Prelude.Text)
+violationEvent_thingName = Lens.lens (\ViolationEvent' {thingName} -> thingName) (\s@ViolationEvent' {} a -> s {thingName = a} :: ViolationEvent)
+
+-- | The verification state of the violation (detect alarm).
+violationEvent_verificationState :: Lens.Lens' ViolationEvent (Prelude.Maybe VerificationState)
+violationEvent_verificationState = Lens.lens (\ViolationEvent' {verificationState} -> verificationState) (\s@ViolationEvent' {} a -> s {verificationState = a} :: ViolationEvent)
+
+-- | The description of the verification state of the violation.
+violationEvent_verificationStateDescription :: Lens.Lens' ViolationEvent (Prelude.Maybe Prelude.Text)
+violationEvent_verificationStateDescription = Lens.lens (\ViolationEvent' {verificationStateDescription} -> verificationStateDescription) (\s@ViolationEvent' {} a -> s {verificationStateDescription = a} :: ViolationEvent)
+
+-- | The details of a violation event.
+violationEvent_violationEventAdditionalInfo :: Lens.Lens' ViolationEvent (Prelude.Maybe ViolationEventAdditionalInfo)
+violationEvent_violationEventAdditionalInfo = Lens.lens (\ViolationEvent' {violationEventAdditionalInfo} -> violationEventAdditionalInfo) (\s@ViolationEvent' {} a -> s {violationEventAdditionalInfo = a} :: ViolationEvent)
+
+-- | The time the violation event occurred.
+violationEvent_violationEventTime :: Lens.Lens' ViolationEvent (Prelude.Maybe Prelude.UTCTime)
+violationEvent_violationEventTime = Lens.lens (\ViolationEvent' {violationEventTime} -> violationEventTime) (\s@ViolationEvent' {} a -> s {violationEventTime = a} :: ViolationEvent) Prelude.. Lens.mapping Data._Time
+
+-- | The type of violation event.
+violationEvent_violationEventType :: Lens.Lens' ViolationEvent (Prelude.Maybe ViolationEventType)
+violationEvent_violationEventType = Lens.lens (\ViolationEvent' {violationEventType} -> violationEventType) (\s@ViolationEvent' {} a -> s {violationEventType = a} :: ViolationEvent)
+
+-- | The ID of the violation event.
+violationEvent_violationId :: Lens.Lens' ViolationEvent (Prelude.Maybe Prelude.Text)
+violationEvent_violationId = Lens.lens (\ViolationEvent' {violationId} -> violationId) (\s@ViolationEvent' {} a -> s {violationId = a} :: ViolationEvent)
+
+instance Data.FromJSON ViolationEvent where
+  parseJSON =
+    Data.withObject
+      "ViolationEvent"
+      ( \x ->
+          ViolationEvent'
+            Prelude.<$> (x Data..:? "behavior")
+            Prelude.<*> (x Data..:? "metricValue")
+            Prelude.<*> (x Data..:? "securityProfileName")
+            Prelude.<*> (x Data..:? "thingName")
+            Prelude.<*> (x Data..:? "verificationState")
+            Prelude.<*> (x Data..:? "verificationStateDescription")
+            Prelude.<*> (x Data..:? "violationEventAdditionalInfo")
+            Prelude.<*> (x Data..:? "violationEventTime")
+            Prelude.<*> (x Data..:? "violationEventType")
+            Prelude.<*> (x Data..:? "violationId")
+      )
+
+instance Prelude.Hashable ViolationEvent where
+  hashWithSalt _salt ViolationEvent' {..} =
+    _salt
+      `Prelude.hashWithSalt` behavior
+      `Prelude.hashWithSalt` metricValue
+      `Prelude.hashWithSalt` securityProfileName
+      `Prelude.hashWithSalt` thingName
+      `Prelude.hashWithSalt` verificationState
+      `Prelude.hashWithSalt` verificationStateDescription
+      `Prelude.hashWithSalt` violationEventAdditionalInfo
+      `Prelude.hashWithSalt` violationEventTime
+      `Prelude.hashWithSalt` violationEventType
+      `Prelude.hashWithSalt` violationId
+
+instance Prelude.NFData ViolationEvent where
+  rnf ViolationEvent' {..} =
+    Prelude.rnf behavior
+      `Prelude.seq` Prelude.rnf metricValue
+      `Prelude.seq` Prelude.rnf securityProfileName
+      `Prelude.seq` Prelude.rnf thingName
+      `Prelude.seq` Prelude.rnf verificationState
+      `Prelude.seq` Prelude.rnf verificationStateDescription
+      `Prelude.seq` Prelude.rnf violationEventAdditionalInfo
+      `Prelude.seq` Prelude.rnf violationEventTime
+      `Prelude.seq` Prelude.rnf violationEventType
+      `Prelude.seq` Prelude.rnf violationId
diff --git a/gen/Amazonka/IoT/Types/ViolationEventAdditionalInfo.hs b/gen/Amazonka/IoT/Types/ViolationEventAdditionalInfo.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ViolationEventAdditionalInfo.hs
@@ -0,0 +1,79 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ViolationEventAdditionalInfo
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ViolationEventAdditionalInfo where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types.ConfidenceLevel
+import qualified Amazonka.Prelude as Prelude
+
+-- | The details of a violation event.
+--
+-- /See:/ 'newViolationEventAdditionalInfo' smart constructor.
+data ViolationEventAdditionalInfo = ViolationEventAdditionalInfo'
+  { -- | The sensitivity of anomalous behavior evaluation. Can be @Low@,
+    -- @Medium@, or @High@.
+    confidenceLevel :: Prelude.Maybe ConfidenceLevel
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ViolationEventAdditionalInfo' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'confidenceLevel', 'violationEventAdditionalInfo_confidenceLevel' - The sensitivity of anomalous behavior evaluation. Can be @Low@,
+-- @Medium@, or @High@.
+newViolationEventAdditionalInfo ::
+  ViolationEventAdditionalInfo
+newViolationEventAdditionalInfo =
+  ViolationEventAdditionalInfo'
+    { confidenceLevel =
+        Prelude.Nothing
+    }
+
+-- | The sensitivity of anomalous behavior evaluation. Can be @Low@,
+-- @Medium@, or @High@.
+violationEventAdditionalInfo_confidenceLevel :: Lens.Lens' ViolationEventAdditionalInfo (Prelude.Maybe ConfidenceLevel)
+violationEventAdditionalInfo_confidenceLevel = Lens.lens (\ViolationEventAdditionalInfo' {confidenceLevel} -> confidenceLevel) (\s@ViolationEventAdditionalInfo' {} a -> s {confidenceLevel = a} :: ViolationEventAdditionalInfo)
+
+instance Data.FromJSON ViolationEventAdditionalInfo where
+  parseJSON =
+    Data.withObject
+      "ViolationEventAdditionalInfo"
+      ( \x ->
+          ViolationEventAdditionalInfo'
+            Prelude.<$> (x Data..:? "confidenceLevel")
+      )
+
+instance
+  Prelude.Hashable
+    ViolationEventAdditionalInfo
+  where
+  hashWithSalt _salt ViolationEventAdditionalInfo' {..} =
+    _salt `Prelude.hashWithSalt` confidenceLevel
+
+instance Prelude.NFData ViolationEventAdditionalInfo where
+  rnf ViolationEventAdditionalInfo' {..} =
+    Prelude.rnf confidenceLevel
diff --git a/gen/Amazonka/IoT/Types/ViolationEventOccurrenceRange.hs b/gen/Amazonka/IoT/Types/ViolationEventOccurrenceRange.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ViolationEventOccurrenceRange.hs
@@ -0,0 +1,109 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ViolationEventOccurrenceRange
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ViolationEventOccurrenceRange where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Specifies the time period of which violation events occurred between.
+--
+-- /See:/ 'newViolationEventOccurrenceRange' smart constructor.
+data ViolationEventOccurrenceRange = ViolationEventOccurrenceRange'
+  { -- | The start date and time of a time period in which violation events
+    -- occurred.
+    startTime :: Data.POSIX,
+    -- | The end date and time of a time period in which violation events
+    -- occurred.
+    endTime :: Data.POSIX
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ViolationEventOccurrenceRange' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'startTime', 'violationEventOccurrenceRange_startTime' - The start date and time of a time period in which violation events
+-- occurred.
+--
+-- 'endTime', 'violationEventOccurrenceRange_endTime' - The end date and time of a time period in which violation events
+-- occurred.
+newViolationEventOccurrenceRange ::
+  -- | 'startTime'
+  Prelude.UTCTime ->
+  -- | 'endTime'
+  Prelude.UTCTime ->
+  ViolationEventOccurrenceRange
+newViolationEventOccurrenceRange
+  pStartTime_
+  pEndTime_ =
+    ViolationEventOccurrenceRange'
+      { startTime =
+          Data._Time Lens.# pStartTime_,
+        endTime = Data._Time Lens.# pEndTime_
+      }
+
+-- | The start date and time of a time period in which violation events
+-- occurred.
+violationEventOccurrenceRange_startTime :: Lens.Lens' ViolationEventOccurrenceRange Prelude.UTCTime
+violationEventOccurrenceRange_startTime = Lens.lens (\ViolationEventOccurrenceRange' {startTime} -> startTime) (\s@ViolationEventOccurrenceRange' {} a -> s {startTime = a} :: ViolationEventOccurrenceRange) Prelude.. Data._Time
+
+-- | The end date and time of a time period in which violation events
+-- occurred.
+violationEventOccurrenceRange_endTime :: Lens.Lens' ViolationEventOccurrenceRange Prelude.UTCTime
+violationEventOccurrenceRange_endTime = Lens.lens (\ViolationEventOccurrenceRange' {endTime} -> endTime) (\s@ViolationEventOccurrenceRange' {} a -> s {endTime = a} :: ViolationEventOccurrenceRange) Prelude.. Data._Time
+
+instance Data.FromJSON ViolationEventOccurrenceRange where
+  parseJSON =
+    Data.withObject
+      "ViolationEventOccurrenceRange"
+      ( \x ->
+          ViolationEventOccurrenceRange'
+            Prelude.<$> (x Data..: "startTime")
+            Prelude.<*> (x Data..: "endTime")
+      )
+
+instance
+  Prelude.Hashable
+    ViolationEventOccurrenceRange
+  where
+  hashWithSalt _salt ViolationEventOccurrenceRange' {..} =
+    _salt
+      `Prelude.hashWithSalt` startTime
+      `Prelude.hashWithSalt` endTime
+
+instance Prelude.NFData ViolationEventOccurrenceRange where
+  rnf ViolationEventOccurrenceRange' {..} =
+    Prelude.rnf startTime
+      `Prelude.seq` Prelude.rnf endTime
+
+instance Data.ToJSON ViolationEventOccurrenceRange where
+  toJSON ViolationEventOccurrenceRange' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("startTime" Data..= startTime),
+            Prelude.Just ("endTime" Data..= endTime)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/ViolationEventType.hs b/gen/Amazonka/IoT/Types/ViolationEventType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/ViolationEventType.hs
@@ -0,0 +1,76 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.ViolationEventType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.ViolationEventType
+  ( ViolationEventType
+      ( ..,
+        ViolationEventType_Alarm_cleared,
+        ViolationEventType_Alarm_invalidated,
+        ViolationEventType_In_alarm
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype ViolationEventType = ViolationEventType'
+  { fromViolationEventType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern ViolationEventType_Alarm_cleared :: ViolationEventType
+pattern ViolationEventType_Alarm_cleared = ViolationEventType' "alarm-cleared"
+
+pattern ViolationEventType_Alarm_invalidated :: ViolationEventType
+pattern ViolationEventType_Alarm_invalidated = ViolationEventType' "alarm-invalidated"
+
+pattern ViolationEventType_In_alarm :: ViolationEventType
+pattern ViolationEventType_In_alarm = ViolationEventType' "in-alarm"
+
+{-# COMPLETE
+  ViolationEventType_Alarm_cleared,
+  ViolationEventType_Alarm_invalidated,
+  ViolationEventType_In_alarm,
+  ViolationEventType'
+  #-}
diff --git a/gen/Amazonka/IoT/Types/VpcDestinationConfiguration.hs b/gen/Amazonka/IoT/Types/VpcDestinationConfiguration.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/VpcDestinationConfiguration.hs
@@ -0,0 +1,117 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.VpcDestinationConfiguration
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.VpcDestinationConfiguration where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The configuration information for a virtual private cloud (VPC)
+-- destination.
+--
+-- /See:/ 'newVpcDestinationConfiguration' smart constructor.
+data VpcDestinationConfiguration = VpcDestinationConfiguration'
+  { -- | The security groups of the VPC destination.
+    securityGroups :: Prelude.Maybe [Prelude.Text],
+    -- | The subnet IDs of the VPC destination.
+    subnetIds :: [Prelude.Text],
+    -- | The ID of the VPC.
+    vpcId :: Prelude.Text,
+    -- | The ARN of a role that has permission to create and attach to elastic
+    -- network interfaces (ENIs).
+    roleArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'VpcDestinationConfiguration' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'securityGroups', 'vpcDestinationConfiguration_securityGroups' - The security groups of the VPC destination.
+--
+-- 'subnetIds', 'vpcDestinationConfiguration_subnetIds' - The subnet IDs of the VPC destination.
+--
+-- 'vpcId', 'vpcDestinationConfiguration_vpcId' - The ID of the VPC.
+--
+-- 'roleArn', 'vpcDestinationConfiguration_roleArn' - The ARN of a role that has permission to create and attach to elastic
+-- network interfaces (ENIs).
+newVpcDestinationConfiguration ::
+  -- | 'vpcId'
+  Prelude.Text ->
+  -- | 'roleArn'
+  Prelude.Text ->
+  VpcDestinationConfiguration
+newVpcDestinationConfiguration pVpcId_ pRoleArn_ =
+  VpcDestinationConfiguration'
+    { securityGroups =
+        Prelude.Nothing,
+      subnetIds = Prelude.mempty,
+      vpcId = pVpcId_,
+      roleArn = pRoleArn_
+    }
+
+-- | The security groups of the VPC destination.
+vpcDestinationConfiguration_securityGroups :: Lens.Lens' VpcDestinationConfiguration (Prelude.Maybe [Prelude.Text])
+vpcDestinationConfiguration_securityGroups = Lens.lens (\VpcDestinationConfiguration' {securityGroups} -> securityGroups) (\s@VpcDestinationConfiguration' {} a -> s {securityGroups = a} :: VpcDestinationConfiguration) Prelude.. Lens.mapping Lens.coerced
+
+-- | The subnet IDs of the VPC destination.
+vpcDestinationConfiguration_subnetIds :: Lens.Lens' VpcDestinationConfiguration [Prelude.Text]
+vpcDestinationConfiguration_subnetIds = Lens.lens (\VpcDestinationConfiguration' {subnetIds} -> subnetIds) (\s@VpcDestinationConfiguration' {} a -> s {subnetIds = a} :: VpcDestinationConfiguration) Prelude.. Lens.coerced
+
+-- | The ID of the VPC.
+vpcDestinationConfiguration_vpcId :: Lens.Lens' VpcDestinationConfiguration Prelude.Text
+vpcDestinationConfiguration_vpcId = Lens.lens (\VpcDestinationConfiguration' {vpcId} -> vpcId) (\s@VpcDestinationConfiguration' {} a -> s {vpcId = a} :: VpcDestinationConfiguration)
+
+-- | The ARN of a role that has permission to create and attach to elastic
+-- network interfaces (ENIs).
+vpcDestinationConfiguration_roleArn :: Lens.Lens' VpcDestinationConfiguration Prelude.Text
+vpcDestinationConfiguration_roleArn = Lens.lens (\VpcDestinationConfiguration' {roleArn} -> roleArn) (\s@VpcDestinationConfiguration' {} a -> s {roleArn = a} :: VpcDestinationConfiguration)
+
+instance Prelude.Hashable VpcDestinationConfiguration where
+  hashWithSalt _salt VpcDestinationConfiguration' {..} =
+    _salt
+      `Prelude.hashWithSalt` securityGroups
+      `Prelude.hashWithSalt` subnetIds
+      `Prelude.hashWithSalt` vpcId
+      `Prelude.hashWithSalt` roleArn
+
+instance Prelude.NFData VpcDestinationConfiguration where
+  rnf VpcDestinationConfiguration' {..} =
+    Prelude.rnf securityGroups
+      `Prelude.seq` Prelude.rnf subnetIds
+      `Prelude.seq` Prelude.rnf vpcId
+      `Prelude.seq` Prelude.rnf roleArn
+
+instance Data.ToJSON VpcDestinationConfiguration where
+  toJSON VpcDestinationConfiguration' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("securityGroups" Data..=)
+              Prelude.<$> securityGroups,
+            Prelude.Just ("subnetIds" Data..= subnetIds),
+            Prelude.Just ("vpcId" Data..= vpcId),
+            Prelude.Just ("roleArn" Data..= roleArn)
+          ]
+      )
diff --git a/gen/Amazonka/IoT/Types/VpcDestinationProperties.hs b/gen/Amazonka/IoT/Types/VpcDestinationProperties.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/VpcDestinationProperties.hs
@@ -0,0 +1,112 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.VpcDestinationProperties
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.VpcDestinationProperties where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The properties of a virtual private cloud (VPC) destination.
+--
+-- /See:/ 'newVpcDestinationProperties' smart constructor.
+data VpcDestinationProperties = VpcDestinationProperties'
+  { -- | The ARN of a role that has permission to create and attach to elastic
+    -- network interfaces (ENIs).
+    roleArn :: Prelude.Maybe Prelude.Text,
+    -- | The security groups of the VPC destination.
+    securityGroups :: Prelude.Maybe [Prelude.Text],
+    -- | The subnet IDs of the VPC destination.
+    subnetIds :: Prelude.Maybe [Prelude.Text],
+    -- | The ID of the VPC.
+    vpcId :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'VpcDestinationProperties' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'roleArn', 'vpcDestinationProperties_roleArn' - The ARN of a role that has permission to create and attach to elastic
+-- network interfaces (ENIs).
+--
+-- 'securityGroups', 'vpcDestinationProperties_securityGroups' - The security groups of the VPC destination.
+--
+-- 'subnetIds', 'vpcDestinationProperties_subnetIds' - The subnet IDs of the VPC destination.
+--
+-- 'vpcId', 'vpcDestinationProperties_vpcId' - The ID of the VPC.
+newVpcDestinationProperties ::
+  VpcDestinationProperties
+newVpcDestinationProperties =
+  VpcDestinationProperties'
+    { roleArn =
+        Prelude.Nothing,
+      securityGroups = Prelude.Nothing,
+      subnetIds = Prelude.Nothing,
+      vpcId = Prelude.Nothing
+    }
+
+-- | The ARN of a role that has permission to create and attach to elastic
+-- network interfaces (ENIs).
+vpcDestinationProperties_roleArn :: Lens.Lens' VpcDestinationProperties (Prelude.Maybe Prelude.Text)
+vpcDestinationProperties_roleArn = Lens.lens (\VpcDestinationProperties' {roleArn} -> roleArn) (\s@VpcDestinationProperties' {} a -> s {roleArn = a} :: VpcDestinationProperties)
+
+-- | The security groups of the VPC destination.
+vpcDestinationProperties_securityGroups :: Lens.Lens' VpcDestinationProperties (Prelude.Maybe [Prelude.Text])
+vpcDestinationProperties_securityGroups = Lens.lens (\VpcDestinationProperties' {securityGroups} -> securityGroups) (\s@VpcDestinationProperties' {} a -> s {securityGroups = a} :: VpcDestinationProperties) Prelude.. Lens.mapping Lens.coerced
+
+-- | The subnet IDs of the VPC destination.
+vpcDestinationProperties_subnetIds :: Lens.Lens' VpcDestinationProperties (Prelude.Maybe [Prelude.Text])
+vpcDestinationProperties_subnetIds = Lens.lens (\VpcDestinationProperties' {subnetIds} -> subnetIds) (\s@VpcDestinationProperties' {} a -> s {subnetIds = a} :: VpcDestinationProperties) Prelude.. Lens.mapping Lens.coerced
+
+-- | The ID of the VPC.
+vpcDestinationProperties_vpcId :: Lens.Lens' VpcDestinationProperties (Prelude.Maybe Prelude.Text)
+vpcDestinationProperties_vpcId = Lens.lens (\VpcDestinationProperties' {vpcId} -> vpcId) (\s@VpcDestinationProperties' {} a -> s {vpcId = a} :: VpcDestinationProperties)
+
+instance Data.FromJSON VpcDestinationProperties where
+  parseJSON =
+    Data.withObject
+      "VpcDestinationProperties"
+      ( \x ->
+          VpcDestinationProperties'
+            Prelude.<$> (x Data..:? "roleArn")
+            Prelude.<*> (x Data..:? "securityGroups" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..:? "subnetIds" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..:? "vpcId")
+      )
+
+instance Prelude.Hashable VpcDestinationProperties where
+  hashWithSalt _salt VpcDestinationProperties' {..} =
+    _salt
+      `Prelude.hashWithSalt` roleArn
+      `Prelude.hashWithSalt` securityGroups
+      `Prelude.hashWithSalt` subnetIds
+      `Prelude.hashWithSalt` vpcId
+
+instance Prelude.NFData VpcDestinationProperties where
+  rnf VpcDestinationProperties' {..} =
+    Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf securityGroups
+      `Prelude.seq` Prelude.rnf subnetIds
+      `Prelude.seq` Prelude.rnf vpcId
diff --git a/gen/Amazonka/IoT/Types/VpcDestinationSummary.hs b/gen/Amazonka/IoT/Types/VpcDestinationSummary.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Types/VpcDestinationSummary.hs
@@ -0,0 +1,111 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Types.VpcDestinationSummary
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Types.VpcDestinationSummary where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The summary of a virtual private cloud (VPC) destination.
+--
+-- /See:/ 'newVpcDestinationSummary' smart constructor.
+data VpcDestinationSummary = VpcDestinationSummary'
+  { -- | The ARN of a role that has permission to create and attach to elastic
+    -- network interfaces (ENIs).
+    roleArn :: Prelude.Maybe Prelude.Text,
+    -- | The security groups of the VPC destination.
+    securityGroups :: Prelude.Maybe [Prelude.Text],
+    -- | The subnet IDs of the VPC destination.
+    subnetIds :: Prelude.Maybe [Prelude.Text],
+    -- | The ID of the VPC.
+    vpcId :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'VpcDestinationSummary' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'roleArn', 'vpcDestinationSummary_roleArn' - The ARN of a role that has permission to create and attach to elastic
+-- network interfaces (ENIs).
+--
+-- 'securityGroups', 'vpcDestinationSummary_securityGroups' - The security groups of the VPC destination.
+--
+-- 'subnetIds', 'vpcDestinationSummary_subnetIds' - The subnet IDs of the VPC destination.
+--
+-- 'vpcId', 'vpcDestinationSummary_vpcId' - The ID of the VPC.
+newVpcDestinationSummary ::
+  VpcDestinationSummary
+newVpcDestinationSummary =
+  VpcDestinationSummary'
+    { roleArn = Prelude.Nothing,
+      securityGroups = Prelude.Nothing,
+      subnetIds = Prelude.Nothing,
+      vpcId = Prelude.Nothing
+    }
+
+-- | The ARN of a role that has permission to create and attach to elastic
+-- network interfaces (ENIs).
+vpcDestinationSummary_roleArn :: Lens.Lens' VpcDestinationSummary (Prelude.Maybe Prelude.Text)
+vpcDestinationSummary_roleArn = Lens.lens (\VpcDestinationSummary' {roleArn} -> roleArn) (\s@VpcDestinationSummary' {} a -> s {roleArn = a} :: VpcDestinationSummary)
+
+-- | The security groups of the VPC destination.
+vpcDestinationSummary_securityGroups :: Lens.Lens' VpcDestinationSummary (Prelude.Maybe [Prelude.Text])
+vpcDestinationSummary_securityGroups = Lens.lens (\VpcDestinationSummary' {securityGroups} -> securityGroups) (\s@VpcDestinationSummary' {} a -> s {securityGroups = a} :: VpcDestinationSummary) Prelude.. Lens.mapping Lens.coerced
+
+-- | The subnet IDs of the VPC destination.
+vpcDestinationSummary_subnetIds :: Lens.Lens' VpcDestinationSummary (Prelude.Maybe [Prelude.Text])
+vpcDestinationSummary_subnetIds = Lens.lens (\VpcDestinationSummary' {subnetIds} -> subnetIds) (\s@VpcDestinationSummary' {} a -> s {subnetIds = a} :: VpcDestinationSummary) Prelude.. Lens.mapping Lens.coerced
+
+-- | The ID of the VPC.
+vpcDestinationSummary_vpcId :: Lens.Lens' VpcDestinationSummary (Prelude.Maybe Prelude.Text)
+vpcDestinationSummary_vpcId = Lens.lens (\VpcDestinationSummary' {vpcId} -> vpcId) (\s@VpcDestinationSummary' {} a -> s {vpcId = a} :: VpcDestinationSummary)
+
+instance Data.FromJSON VpcDestinationSummary where
+  parseJSON =
+    Data.withObject
+      "VpcDestinationSummary"
+      ( \x ->
+          VpcDestinationSummary'
+            Prelude.<$> (x Data..:? "roleArn")
+            Prelude.<*> (x Data..:? "securityGroups" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..:? "subnetIds" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..:? "vpcId")
+      )
+
+instance Prelude.Hashable VpcDestinationSummary where
+  hashWithSalt _salt VpcDestinationSummary' {..} =
+    _salt
+      `Prelude.hashWithSalt` roleArn
+      `Prelude.hashWithSalt` securityGroups
+      `Prelude.hashWithSalt` subnetIds
+      `Prelude.hashWithSalt` vpcId
+
+instance Prelude.NFData VpcDestinationSummary where
+  rnf VpcDestinationSummary' {..} =
+    Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf securityGroups
+      `Prelude.seq` Prelude.rnf subnetIds
+      `Prelude.seq` Prelude.rnf vpcId
diff --git a/gen/Amazonka/IoT/UntagResource.hs b/gen/Amazonka/IoT/UntagResource.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/UntagResource.hs
@@ -0,0 +1,163 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.UntagResource
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Removes the given tags (metadata) from the resource.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions UntagResource>
+-- action.
+module Amazonka.IoT.UntagResource
+  ( -- * Creating a Request
+    UntagResource (..),
+    newUntagResource,
+
+    -- * Request Lenses
+    untagResource_resourceArn,
+    untagResource_tagKeys,
+
+    -- * Destructuring the Response
+    UntagResourceResponse (..),
+    newUntagResourceResponse,
+
+    -- * Response Lenses
+    untagResourceResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newUntagResource' smart constructor.
+data UntagResource = UntagResource'
+  { -- | The ARN of the resource.
+    resourceArn :: Prelude.Text,
+    -- | A list of the keys of the tags to be removed from the resource.
+    tagKeys :: [Prelude.Text]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UntagResource' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'resourceArn', 'untagResource_resourceArn' - The ARN of the resource.
+--
+-- 'tagKeys', 'untagResource_tagKeys' - A list of the keys of the tags to be removed from the resource.
+newUntagResource ::
+  -- | 'resourceArn'
+  Prelude.Text ->
+  UntagResource
+newUntagResource pResourceArn_ =
+  UntagResource'
+    { resourceArn = pResourceArn_,
+      tagKeys = Prelude.mempty
+    }
+
+-- | The ARN of the resource.
+untagResource_resourceArn :: Lens.Lens' UntagResource Prelude.Text
+untagResource_resourceArn = Lens.lens (\UntagResource' {resourceArn} -> resourceArn) (\s@UntagResource' {} a -> s {resourceArn = a} :: UntagResource)
+
+-- | A list of the keys of the tags to be removed from the resource.
+untagResource_tagKeys :: Lens.Lens' UntagResource [Prelude.Text]
+untagResource_tagKeys = Lens.lens (\UntagResource' {tagKeys} -> tagKeys) (\s@UntagResource' {} a -> s {tagKeys = a} :: UntagResource) Prelude.. Lens.coerced
+
+instance Core.AWSRequest UntagResource where
+  type
+    AWSResponse UntagResource =
+      UntagResourceResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          UntagResourceResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable UntagResource where
+  hashWithSalt _salt UntagResource' {..} =
+    _salt
+      `Prelude.hashWithSalt` resourceArn
+      `Prelude.hashWithSalt` tagKeys
+
+instance Prelude.NFData UntagResource where
+  rnf UntagResource' {..} =
+    Prelude.rnf resourceArn
+      `Prelude.seq` Prelude.rnf tagKeys
+
+instance Data.ToHeaders UntagResource where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON UntagResource where
+  toJSON UntagResource' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("resourceArn" Data..= resourceArn),
+            Prelude.Just ("tagKeys" Data..= tagKeys)
+          ]
+      )
+
+instance Data.ToPath UntagResource where
+  toPath = Prelude.const "/untag"
+
+instance Data.ToQuery UntagResource where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUntagResourceResponse' smart constructor.
+data UntagResourceResponse = UntagResourceResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UntagResourceResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'untagResourceResponse_httpStatus' - The response's http status code.
+newUntagResourceResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  UntagResourceResponse
+newUntagResourceResponse pHttpStatus_ =
+  UntagResourceResponse' {httpStatus = pHttpStatus_}
+
+-- | The response's http status code.
+untagResourceResponse_httpStatus :: Lens.Lens' UntagResourceResponse Prelude.Int
+untagResourceResponse_httpStatus = Lens.lens (\UntagResourceResponse' {httpStatus} -> httpStatus) (\s@UntagResourceResponse' {} a -> s {httpStatus = a} :: UntagResourceResponse)
+
+instance Prelude.NFData UntagResourceResponse where
+  rnf UntagResourceResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/UpdateAccountAuditConfiguration.hs b/gen/Amazonka/IoT/UpdateAccountAuditConfiguration.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/UpdateAccountAuditConfiguration.hs
@@ -0,0 +1,246 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.UpdateAccountAuditConfiguration
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Configures or reconfigures the Device Defender audit settings for this
+-- account. Settings include how audit notifications are sent and which
+-- audit checks are enabled or disabled.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions UpdateAccountAuditConfiguration>
+-- action.
+module Amazonka.IoT.UpdateAccountAuditConfiguration
+  ( -- * Creating a Request
+    UpdateAccountAuditConfiguration (..),
+    newUpdateAccountAuditConfiguration,
+
+    -- * Request Lenses
+    updateAccountAuditConfiguration_auditCheckConfigurations,
+    updateAccountAuditConfiguration_auditNotificationTargetConfigurations,
+    updateAccountAuditConfiguration_roleArn,
+
+    -- * Destructuring the Response
+    UpdateAccountAuditConfigurationResponse (..),
+    newUpdateAccountAuditConfigurationResponse,
+
+    -- * Response Lenses
+    updateAccountAuditConfigurationResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newUpdateAccountAuditConfiguration' smart constructor.
+data UpdateAccountAuditConfiguration = UpdateAccountAuditConfiguration'
+  { -- | Specifies which audit checks are enabled and disabled for this account.
+    -- Use @DescribeAccountAuditConfiguration@ to see the list of all checks,
+    -- including those that are currently enabled.
+    --
+    -- Some data collection might start immediately when certain checks are
+    -- enabled. When a check is disabled, any data collected so far in relation
+    -- to the check is deleted.
+    --
+    -- You cannot disable a check if it\'s used by any scheduled audit. You
+    -- must first delete the check from the scheduled audit or delete the
+    -- scheduled audit itself.
+    --
+    -- On the first call to @UpdateAccountAuditConfiguration@, this parameter
+    -- is required and must specify at least one enabled check.
+    auditCheckConfigurations :: Prelude.Maybe (Prelude.HashMap Prelude.Text AuditCheckConfiguration),
+    -- | Information about the targets to which audit notifications are sent.
+    auditNotificationTargetConfigurations :: Prelude.Maybe (Prelude.HashMap AuditNotificationType AuditNotificationTarget),
+    -- | The Amazon Resource Name (ARN) of the role that grants permission to IoT
+    -- to access information about your devices, policies, certificates, and
+    -- other items as required when performing an audit.
+    roleArn :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateAccountAuditConfiguration' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'auditCheckConfigurations', 'updateAccountAuditConfiguration_auditCheckConfigurations' - Specifies which audit checks are enabled and disabled for this account.
+-- Use @DescribeAccountAuditConfiguration@ to see the list of all checks,
+-- including those that are currently enabled.
+--
+-- Some data collection might start immediately when certain checks are
+-- enabled. When a check is disabled, any data collected so far in relation
+-- to the check is deleted.
+--
+-- You cannot disable a check if it\'s used by any scheduled audit. You
+-- must first delete the check from the scheduled audit or delete the
+-- scheduled audit itself.
+--
+-- On the first call to @UpdateAccountAuditConfiguration@, this parameter
+-- is required and must specify at least one enabled check.
+--
+-- 'auditNotificationTargetConfigurations', 'updateAccountAuditConfiguration_auditNotificationTargetConfigurations' - Information about the targets to which audit notifications are sent.
+--
+-- 'roleArn', 'updateAccountAuditConfiguration_roleArn' - The Amazon Resource Name (ARN) of the role that grants permission to IoT
+-- to access information about your devices, policies, certificates, and
+-- other items as required when performing an audit.
+newUpdateAccountAuditConfiguration ::
+  UpdateAccountAuditConfiguration
+newUpdateAccountAuditConfiguration =
+  UpdateAccountAuditConfiguration'
+    { auditCheckConfigurations =
+        Prelude.Nothing,
+      auditNotificationTargetConfigurations =
+        Prelude.Nothing,
+      roleArn = Prelude.Nothing
+    }
+
+-- | Specifies which audit checks are enabled and disabled for this account.
+-- Use @DescribeAccountAuditConfiguration@ to see the list of all checks,
+-- including those that are currently enabled.
+--
+-- Some data collection might start immediately when certain checks are
+-- enabled. When a check is disabled, any data collected so far in relation
+-- to the check is deleted.
+--
+-- You cannot disable a check if it\'s used by any scheduled audit. You
+-- must first delete the check from the scheduled audit or delete the
+-- scheduled audit itself.
+--
+-- On the first call to @UpdateAccountAuditConfiguration@, this parameter
+-- is required and must specify at least one enabled check.
+updateAccountAuditConfiguration_auditCheckConfigurations :: Lens.Lens' UpdateAccountAuditConfiguration (Prelude.Maybe (Prelude.HashMap Prelude.Text AuditCheckConfiguration))
+updateAccountAuditConfiguration_auditCheckConfigurations = Lens.lens (\UpdateAccountAuditConfiguration' {auditCheckConfigurations} -> auditCheckConfigurations) (\s@UpdateAccountAuditConfiguration' {} a -> s {auditCheckConfigurations = a} :: UpdateAccountAuditConfiguration) Prelude.. Lens.mapping Lens.coerced
+
+-- | Information about the targets to which audit notifications are sent.
+updateAccountAuditConfiguration_auditNotificationTargetConfigurations :: Lens.Lens' UpdateAccountAuditConfiguration (Prelude.Maybe (Prelude.HashMap AuditNotificationType AuditNotificationTarget))
+updateAccountAuditConfiguration_auditNotificationTargetConfigurations = Lens.lens (\UpdateAccountAuditConfiguration' {auditNotificationTargetConfigurations} -> auditNotificationTargetConfigurations) (\s@UpdateAccountAuditConfiguration' {} a -> s {auditNotificationTargetConfigurations = a} :: UpdateAccountAuditConfiguration) Prelude.. Lens.mapping Lens.coerced
+
+-- | The Amazon Resource Name (ARN) of the role that grants permission to IoT
+-- to access information about your devices, policies, certificates, and
+-- other items as required when performing an audit.
+updateAccountAuditConfiguration_roleArn :: Lens.Lens' UpdateAccountAuditConfiguration (Prelude.Maybe Prelude.Text)
+updateAccountAuditConfiguration_roleArn = Lens.lens (\UpdateAccountAuditConfiguration' {roleArn} -> roleArn) (\s@UpdateAccountAuditConfiguration' {} a -> s {roleArn = a} :: UpdateAccountAuditConfiguration)
+
+instance
+  Core.AWSRequest
+    UpdateAccountAuditConfiguration
+  where
+  type
+    AWSResponse UpdateAccountAuditConfiguration =
+      UpdateAccountAuditConfigurationResponse
+  request overrides =
+    Request.patchJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          UpdateAccountAuditConfigurationResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    UpdateAccountAuditConfiguration
+  where
+  hashWithSalt
+    _salt
+    UpdateAccountAuditConfiguration' {..} =
+      _salt
+        `Prelude.hashWithSalt` auditCheckConfigurations
+        `Prelude.hashWithSalt` auditNotificationTargetConfigurations
+        `Prelude.hashWithSalt` roleArn
+
+instance
+  Prelude.NFData
+    UpdateAccountAuditConfiguration
+  where
+  rnf UpdateAccountAuditConfiguration' {..} =
+    Prelude.rnf auditCheckConfigurations
+      `Prelude.seq` Prelude.rnf auditNotificationTargetConfigurations
+      `Prelude.seq` Prelude.rnf roleArn
+
+instance
+  Data.ToHeaders
+    UpdateAccountAuditConfiguration
+  where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON UpdateAccountAuditConfiguration where
+  toJSON UpdateAccountAuditConfiguration' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("auditCheckConfigurations" Data..=)
+              Prelude.<$> auditCheckConfigurations,
+            ("auditNotificationTargetConfigurations" Data..=)
+              Prelude.<$> auditNotificationTargetConfigurations,
+            ("roleArn" Data..=) Prelude.<$> roleArn
+          ]
+      )
+
+instance Data.ToPath UpdateAccountAuditConfiguration where
+  toPath = Prelude.const "/audit/configuration"
+
+instance Data.ToQuery UpdateAccountAuditConfiguration where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateAccountAuditConfigurationResponse' smart constructor.
+data UpdateAccountAuditConfigurationResponse = UpdateAccountAuditConfigurationResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateAccountAuditConfigurationResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'updateAccountAuditConfigurationResponse_httpStatus' - The response's http status code.
+newUpdateAccountAuditConfigurationResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  UpdateAccountAuditConfigurationResponse
+newUpdateAccountAuditConfigurationResponse
+  pHttpStatus_ =
+    UpdateAccountAuditConfigurationResponse'
+      { httpStatus =
+          pHttpStatus_
+      }
+
+-- | The response's http status code.
+updateAccountAuditConfigurationResponse_httpStatus :: Lens.Lens' UpdateAccountAuditConfigurationResponse Prelude.Int
+updateAccountAuditConfigurationResponse_httpStatus = Lens.lens (\UpdateAccountAuditConfigurationResponse' {httpStatus} -> httpStatus) (\s@UpdateAccountAuditConfigurationResponse' {} a -> s {httpStatus = a} :: UpdateAccountAuditConfigurationResponse)
+
+instance
+  Prelude.NFData
+    UpdateAccountAuditConfigurationResponse
+  where
+  rnf UpdateAccountAuditConfigurationResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/UpdateAuditSuppression.hs b/gen/Amazonka/IoT/UpdateAuditSuppression.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/UpdateAuditSuppression.hs
@@ -0,0 +1,213 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.UpdateAuditSuppression
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates a Device Defender audit suppression.
+module Amazonka.IoT.UpdateAuditSuppression
+  ( -- * Creating a Request
+    UpdateAuditSuppression (..),
+    newUpdateAuditSuppression,
+
+    -- * Request Lenses
+    updateAuditSuppression_description,
+    updateAuditSuppression_expirationDate,
+    updateAuditSuppression_suppressIndefinitely,
+    updateAuditSuppression_checkName,
+    updateAuditSuppression_resourceIdentifier,
+
+    -- * Destructuring the Response
+    UpdateAuditSuppressionResponse (..),
+    newUpdateAuditSuppressionResponse,
+
+    -- * Response Lenses
+    updateAuditSuppressionResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newUpdateAuditSuppression' smart constructor.
+data UpdateAuditSuppression = UpdateAuditSuppression'
+  { -- | The description of the audit suppression.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | The expiration date (epoch timestamp in seconds) that you want the
+    -- suppression to adhere to.
+    expirationDate :: Prelude.Maybe Data.POSIX,
+    -- | Indicates whether a suppression should exist indefinitely or not.
+    suppressIndefinitely :: Prelude.Maybe Prelude.Bool,
+    checkName :: Prelude.Text,
+    resourceIdentifier :: ResourceIdentifier
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateAuditSuppression' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'description', 'updateAuditSuppression_description' - The description of the audit suppression.
+--
+-- 'expirationDate', 'updateAuditSuppression_expirationDate' - The expiration date (epoch timestamp in seconds) that you want the
+-- suppression to adhere to.
+--
+-- 'suppressIndefinitely', 'updateAuditSuppression_suppressIndefinitely' - Indicates whether a suppression should exist indefinitely or not.
+--
+-- 'checkName', 'updateAuditSuppression_checkName' - Undocumented member.
+--
+-- 'resourceIdentifier', 'updateAuditSuppression_resourceIdentifier' - Undocumented member.
+newUpdateAuditSuppression ::
+  -- | 'checkName'
+  Prelude.Text ->
+  -- | 'resourceIdentifier'
+  ResourceIdentifier ->
+  UpdateAuditSuppression
+newUpdateAuditSuppression
+  pCheckName_
+  pResourceIdentifier_ =
+    UpdateAuditSuppression'
+      { description =
+          Prelude.Nothing,
+        expirationDate = Prelude.Nothing,
+        suppressIndefinitely = Prelude.Nothing,
+        checkName = pCheckName_,
+        resourceIdentifier = pResourceIdentifier_
+      }
+
+-- | The description of the audit suppression.
+updateAuditSuppression_description :: Lens.Lens' UpdateAuditSuppression (Prelude.Maybe Prelude.Text)
+updateAuditSuppression_description = Lens.lens (\UpdateAuditSuppression' {description} -> description) (\s@UpdateAuditSuppression' {} a -> s {description = a} :: UpdateAuditSuppression)
+
+-- | The expiration date (epoch timestamp in seconds) that you want the
+-- suppression to adhere to.
+updateAuditSuppression_expirationDate :: Lens.Lens' UpdateAuditSuppression (Prelude.Maybe Prelude.UTCTime)
+updateAuditSuppression_expirationDate = Lens.lens (\UpdateAuditSuppression' {expirationDate} -> expirationDate) (\s@UpdateAuditSuppression' {} a -> s {expirationDate = a} :: UpdateAuditSuppression) Prelude.. Lens.mapping Data._Time
+
+-- | Indicates whether a suppression should exist indefinitely or not.
+updateAuditSuppression_suppressIndefinitely :: Lens.Lens' UpdateAuditSuppression (Prelude.Maybe Prelude.Bool)
+updateAuditSuppression_suppressIndefinitely = Lens.lens (\UpdateAuditSuppression' {suppressIndefinitely} -> suppressIndefinitely) (\s@UpdateAuditSuppression' {} a -> s {suppressIndefinitely = a} :: UpdateAuditSuppression)
+
+-- | Undocumented member.
+updateAuditSuppression_checkName :: Lens.Lens' UpdateAuditSuppression Prelude.Text
+updateAuditSuppression_checkName = Lens.lens (\UpdateAuditSuppression' {checkName} -> checkName) (\s@UpdateAuditSuppression' {} a -> s {checkName = a} :: UpdateAuditSuppression)
+
+-- | Undocumented member.
+updateAuditSuppression_resourceIdentifier :: Lens.Lens' UpdateAuditSuppression ResourceIdentifier
+updateAuditSuppression_resourceIdentifier = Lens.lens (\UpdateAuditSuppression' {resourceIdentifier} -> resourceIdentifier) (\s@UpdateAuditSuppression' {} a -> s {resourceIdentifier = a} :: UpdateAuditSuppression)
+
+instance Core.AWSRequest UpdateAuditSuppression where
+  type
+    AWSResponse UpdateAuditSuppression =
+      UpdateAuditSuppressionResponse
+  request overrides =
+    Request.patchJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          UpdateAuditSuppressionResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable UpdateAuditSuppression where
+  hashWithSalt _salt UpdateAuditSuppression' {..} =
+    _salt
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` expirationDate
+      `Prelude.hashWithSalt` suppressIndefinitely
+      `Prelude.hashWithSalt` checkName
+      `Prelude.hashWithSalt` resourceIdentifier
+
+instance Prelude.NFData UpdateAuditSuppression where
+  rnf UpdateAuditSuppression' {..} =
+    Prelude.rnf description
+      `Prelude.seq` Prelude.rnf expirationDate
+      `Prelude.seq` Prelude.rnf suppressIndefinitely
+      `Prelude.seq` Prelude.rnf checkName
+      `Prelude.seq` Prelude.rnf resourceIdentifier
+
+instance Data.ToHeaders UpdateAuditSuppression where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON UpdateAuditSuppression where
+  toJSON UpdateAuditSuppression' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("description" Data..=) Prelude.<$> description,
+            ("expirationDate" Data..=)
+              Prelude.<$> expirationDate,
+            ("suppressIndefinitely" Data..=)
+              Prelude.<$> suppressIndefinitely,
+            Prelude.Just ("checkName" Data..= checkName),
+            Prelude.Just
+              ("resourceIdentifier" Data..= resourceIdentifier)
+          ]
+      )
+
+instance Data.ToPath UpdateAuditSuppression where
+  toPath = Prelude.const "/audit/suppressions/update"
+
+instance Data.ToQuery UpdateAuditSuppression where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateAuditSuppressionResponse' smart constructor.
+data UpdateAuditSuppressionResponse = UpdateAuditSuppressionResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateAuditSuppressionResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'updateAuditSuppressionResponse_httpStatus' - The response's http status code.
+newUpdateAuditSuppressionResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  UpdateAuditSuppressionResponse
+newUpdateAuditSuppressionResponse pHttpStatus_ =
+  UpdateAuditSuppressionResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+updateAuditSuppressionResponse_httpStatus :: Lens.Lens' UpdateAuditSuppressionResponse Prelude.Int
+updateAuditSuppressionResponse_httpStatus = Lens.lens (\UpdateAuditSuppressionResponse' {httpStatus} -> httpStatus) (\s@UpdateAuditSuppressionResponse' {} a -> s {httpStatus = a} :: UpdateAuditSuppressionResponse)
+
+instance
+  Prelude.NFData
+    UpdateAuditSuppressionResponse
+  where
+  rnf UpdateAuditSuppressionResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/UpdateAuthorizer.hs b/gen/Amazonka/IoT/UpdateAuthorizer.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/UpdateAuthorizer.hs
@@ -0,0 +1,253 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.UpdateAuthorizer
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates an authorizer.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions UpdateAuthorizer>
+-- action.
+module Amazonka.IoT.UpdateAuthorizer
+  ( -- * Creating a Request
+    UpdateAuthorizer (..),
+    newUpdateAuthorizer,
+
+    -- * Request Lenses
+    updateAuthorizer_authorizerFunctionArn,
+    updateAuthorizer_enableCachingForHttp,
+    updateAuthorizer_status,
+    updateAuthorizer_tokenKeyName,
+    updateAuthorizer_tokenSigningPublicKeys,
+    updateAuthorizer_authorizerName,
+
+    -- * Destructuring the Response
+    UpdateAuthorizerResponse (..),
+    newUpdateAuthorizerResponse,
+
+    -- * Response Lenses
+    updateAuthorizerResponse_authorizerArn,
+    updateAuthorizerResponse_authorizerName,
+    updateAuthorizerResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newUpdateAuthorizer' smart constructor.
+data UpdateAuthorizer = UpdateAuthorizer'
+  { -- | The ARN of the authorizer\'s Lambda function.
+    authorizerFunctionArn :: Prelude.Maybe Prelude.Text,
+    -- | When @true@, the result from the authorizer’s Lambda function is cached
+    -- for the time specified in @refreshAfterInSeconds@. The cached result is
+    -- used while the device reuses the same HTTP connection.
+    enableCachingForHttp :: Prelude.Maybe Prelude.Bool,
+    -- | The status of the update authorizer request.
+    status :: Prelude.Maybe AuthorizerStatus,
+    -- | The key used to extract the token from the HTTP headers.
+    tokenKeyName :: Prelude.Maybe Prelude.Text,
+    -- | The public keys used to verify the token signature.
+    tokenSigningPublicKeys :: Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text),
+    -- | The authorizer name.
+    authorizerName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateAuthorizer' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'authorizerFunctionArn', 'updateAuthorizer_authorizerFunctionArn' - The ARN of the authorizer\'s Lambda function.
+--
+-- 'enableCachingForHttp', 'updateAuthorizer_enableCachingForHttp' - When @true@, the result from the authorizer’s Lambda function is cached
+-- for the time specified in @refreshAfterInSeconds@. The cached result is
+-- used while the device reuses the same HTTP connection.
+--
+-- 'status', 'updateAuthorizer_status' - The status of the update authorizer request.
+--
+-- 'tokenKeyName', 'updateAuthorizer_tokenKeyName' - The key used to extract the token from the HTTP headers.
+--
+-- 'tokenSigningPublicKeys', 'updateAuthorizer_tokenSigningPublicKeys' - The public keys used to verify the token signature.
+--
+-- 'authorizerName', 'updateAuthorizer_authorizerName' - The authorizer name.
+newUpdateAuthorizer ::
+  -- | 'authorizerName'
+  Prelude.Text ->
+  UpdateAuthorizer
+newUpdateAuthorizer pAuthorizerName_ =
+  UpdateAuthorizer'
+    { authorizerFunctionArn =
+        Prelude.Nothing,
+      enableCachingForHttp = Prelude.Nothing,
+      status = Prelude.Nothing,
+      tokenKeyName = Prelude.Nothing,
+      tokenSigningPublicKeys = Prelude.Nothing,
+      authorizerName = pAuthorizerName_
+    }
+
+-- | The ARN of the authorizer\'s Lambda function.
+updateAuthorizer_authorizerFunctionArn :: Lens.Lens' UpdateAuthorizer (Prelude.Maybe Prelude.Text)
+updateAuthorizer_authorizerFunctionArn = Lens.lens (\UpdateAuthorizer' {authorizerFunctionArn} -> authorizerFunctionArn) (\s@UpdateAuthorizer' {} a -> s {authorizerFunctionArn = a} :: UpdateAuthorizer)
+
+-- | When @true@, the result from the authorizer’s Lambda function is cached
+-- for the time specified in @refreshAfterInSeconds@. The cached result is
+-- used while the device reuses the same HTTP connection.
+updateAuthorizer_enableCachingForHttp :: Lens.Lens' UpdateAuthorizer (Prelude.Maybe Prelude.Bool)
+updateAuthorizer_enableCachingForHttp = Lens.lens (\UpdateAuthorizer' {enableCachingForHttp} -> enableCachingForHttp) (\s@UpdateAuthorizer' {} a -> s {enableCachingForHttp = a} :: UpdateAuthorizer)
+
+-- | The status of the update authorizer request.
+updateAuthorizer_status :: Lens.Lens' UpdateAuthorizer (Prelude.Maybe AuthorizerStatus)
+updateAuthorizer_status = Lens.lens (\UpdateAuthorizer' {status} -> status) (\s@UpdateAuthorizer' {} a -> s {status = a} :: UpdateAuthorizer)
+
+-- | The key used to extract the token from the HTTP headers.
+updateAuthorizer_tokenKeyName :: Lens.Lens' UpdateAuthorizer (Prelude.Maybe Prelude.Text)
+updateAuthorizer_tokenKeyName = Lens.lens (\UpdateAuthorizer' {tokenKeyName} -> tokenKeyName) (\s@UpdateAuthorizer' {} a -> s {tokenKeyName = a} :: UpdateAuthorizer)
+
+-- | The public keys used to verify the token signature.
+updateAuthorizer_tokenSigningPublicKeys :: Lens.Lens' UpdateAuthorizer (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
+updateAuthorizer_tokenSigningPublicKeys = Lens.lens (\UpdateAuthorizer' {tokenSigningPublicKeys} -> tokenSigningPublicKeys) (\s@UpdateAuthorizer' {} a -> s {tokenSigningPublicKeys = a} :: UpdateAuthorizer) Prelude.. Lens.mapping Lens.coerced
+
+-- | The authorizer name.
+updateAuthorizer_authorizerName :: Lens.Lens' UpdateAuthorizer Prelude.Text
+updateAuthorizer_authorizerName = Lens.lens (\UpdateAuthorizer' {authorizerName} -> authorizerName) (\s@UpdateAuthorizer' {} a -> s {authorizerName = a} :: UpdateAuthorizer)
+
+instance Core.AWSRequest UpdateAuthorizer where
+  type
+    AWSResponse UpdateAuthorizer =
+      UpdateAuthorizerResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdateAuthorizerResponse'
+            Prelude.<$> (x Data..?> "authorizerArn")
+            Prelude.<*> (x Data..?> "authorizerName")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable UpdateAuthorizer where
+  hashWithSalt _salt UpdateAuthorizer' {..} =
+    _salt
+      `Prelude.hashWithSalt` authorizerFunctionArn
+      `Prelude.hashWithSalt` enableCachingForHttp
+      `Prelude.hashWithSalt` status
+      `Prelude.hashWithSalt` tokenKeyName
+      `Prelude.hashWithSalt` tokenSigningPublicKeys
+      `Prelude.hashWithSalt` authorizerName
+
+instance Prelude.NFData UpdateAuthorizer where
+  rnf UpdateAuthorizer' {..} =
+    Prelude.rnf authorizerFunctionArn
+      `Prelude.seq` Prelude.rnf enableCachingForHttp
+      `Prelude.seq` Prelude.rnf status
+      `Prelude.seq` Prelude.rnf tokenKeyName
+      `Prelude.seq` Prelude.rnf tokenSigningPublicKeys
+      `Prelude.seq` Prelude.rnf authorizerName
+
+instance Data.ToHeaders UpdateAuthorizer where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON UpdateAuthorizer where
+  toJSON UpdateAuthorizer' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("authorizerFunctionArn" Data..=)
+              Prelude.<$> authorizerFunctionArn,
+            ("enableCachingForHttp" Data..=)
+              Prelude.<$> enableCachingForHttp,
+            ("status" Data..=) Prelude.<$> status,
+            ("tokenKeyName" Data..=) Prelude.<$> tokenKeyName,
+            ("tokenSigningPublicKeys" Data..=)
+              Prelude.<$> tokenSigningPublicKeys
+          ]
+      )
+
+instance Data.ToPath UpdateAuthorizer where
+  toPath UpdateAuthorizer' {..} =
+    Prelude.mconcat
+      ["/authorizer/", Data.toBS authorizerName]
+
+instance Data.ToQuery UpdateAuthorizer where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateAuthorizerResponse' smart constructor.
+data UpdateAuthorizerResponse = UpdateAuthorizerResponse'
+  { -- | The authorizer ARN.
+    authorizerArn :: Prelude.Maybe Prelude.Text,
+    -- | The authorizer name.
+    authorizerName :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateAuthorizerResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'authorizerArn', 'updateAuthorizerResponse_authorizerArn' - The authorizer ARN.
+--
+-- 'authorizerName', 'updateAuthorizerResponse_authorizerName' - The authorizer name.
+--
+-- 'httpStatus', 'updateAuthorizerResponse_httpStatus' - The response's http status code.
+newUpdateAuthorizerResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  UpdateAuthorizerResponse
+newUpdateAuthorizerResponse pHttpStatus_ =
+  UpdateAuthorizerResponse'
+    { authorizerArn =
+        Prelude.Nothing,
+      authorizerName = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The authorizer ARN.
+updateAuthorizerResponse_authorizerArn :: Lens.Lens' UpdateAuthorizerResponse (Prelude.Maybe Prelude.Text)
+updateAuthorizerResponse_authorizerArn = Lens.lens (\UpdateAuthorizerResponse' {authorizerArn} -> authorizerArn) (\s@UpdateAuthorizerResponse' {} a -> s {authorizerArn = a} :: UpdateAuthorizerResponse)
+
+-- | The authorizer name.
+updateAuthorizerResponse_authorizerName :: Lens.Lens' UpdateAuthorizerResponse (Prelude.Maybe Prelude.Text)
+updateAuthorizerResponse_authorizerName = Lens.lens (\UpdateAuthorizerResponse' {authorizerName} -> authorizerName) (\s@UpdateAuthorizerResponse' {} a -> s {authorizerName = a} :: UpdateAuthorizerResponse)
+
+-- | The response's http status code.
+updateAuthorizerResponse_httpStatus :: Lens.Lens' UpdateAuthorizerResponse Prelude.Int
+updateAuthorizerResponse_httpStatus = Lens.lens (\UpdateAuthorizerResponse' {httpStatus} -> httpStatus) (\s@UpdateAuthorizerResponse' {} a -> s {httpStatus = a} :: UpdateAuthorizerResponse)
+
+instance Prelude.NFData UpdateAuthorizerResponse where
+  rnf UpdateAuthorizerResponse' {..} =
+    Prelude.rnf authorizerArn
+      `Prelude.seq` Prelude.rnf authorizerName
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/UpdateBillingGroup.hs b/gen/Amazonka/IoT/UpdateBillingGroup.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/UpdateBillingGroup.hs
@@ -0,0 +1,210 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.UpdateBillingGroup
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates information about the billing group.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions UpdateBillingGroup>
+-- action.
+module Amazonka.IoT.UpdateBillingGroup
+  ( -- * Creating a Request
+    UpdateBillingGroup (..),
+    newUpdateBillingGroup,
+
+    -- * Request Lenses
+    updateBillingGroup_expectedVersion,
+    updateBillingGroup_billingGroupName,
+    updateBillingGroup_billingGroupProperties,
+
+    -- * Destructuring the Response
+    UpdateBillingGroupResponse (..),
+    newUpdateBillingGroupResponse,
+
+    -- * Response Lenses
+    updateBillingGroupResponse_version,
+    updateBillingGroupResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newUpdateBillingGroup' smart constructor.
+data UpdateBillingGroup = UpdateBillingGroup'
+  { -- | The expected version of the billing group. If the version of the billing
+    -- group does not match the expected version specified in the request, the
+    -- @UpdateBillingGroup@ request is rejected with a
+    -- @VersionConflictException@.
+    expectedVersion :: Prelude.Maybe Prelude.Integer,
+    -- | The name of the billing group.
+    billingGroupName :: Prelude.Text,
+    -- | The properties of the billing group.
+    billingGroupProperties :: BillingGroupProperties
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateBillingGroup' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'expectedVersion', 'updateBillingGroup_expectedVersion' - The expected version of the billing group. If the version of the billing
+-- group does not match the expected version specified in the request, the
+-- @UpdateBillingGroup@ request is rejected with a
+-- @VersionConflictException@.
+--
+-- 'billingGroupName', 'updateBillingGroup_billingGroupName' - The name of the billing group.
+--
+-- 'billingGroupProperties', 'updateBillingGroup_billingGroupProperties' - The properties of the billing group.
+newUpdateBillingGroup ::
+  -- | 'billingGroupName'
+  Prelude.Text ->
+  -- | 'billingGroupProperties'
+  BillingGroupProperties ->
+  UpdateBillingGroup
+newUpdateBillingGroup
+  pBillingGroupName_
+  pBillingGroupProperties_ =
+    UpdateBillingGroup'
+      { expectedVersion =
+          Prelude.Nothing,
+        billingGroupName = pBillingGroupName_,
+        billingGroupProperties = pBillingGroupProperties_
+      }
+
+-- | The expected version of the billing group. If the version of the billing
+-- group does not match the expected version specified in the request, the
+-- @UpdateBillingGroup@ request is rejected with a
+-- @VersionConflictException@.
+updateBillingGroup_expectedVersion :: Lens.Lens' UpdateBillingGroup (Prelude.Maybe Prelude.Integer)
+updateBillingGroup_expectedVersion = Lens.lens (\UpdateBillingGroup' {expectedVersion} -> expectedVersion) (\s@UpdateBillingGroup' {} a -> s {expectedVersion = a} :: UpdateBillingGroup)
+
+-- | The name of the billing group.
+updateBillingGroup_billingGroupName :: Lens.Lens' UpdateBillingGroup Prelude.Text
+updateBillingGroup_billingGroupName = Lens.lens (\UpdateBillingGroup' {billingGroupName} -> billingGroupName) (\s@UpdateBillingGroup' {} a -> s {billingGroupName = a} :: UpdateBillingGroup)
+
+-- | The properties of the billing group.
+updateBillingGroup_billingGroupProperties :: Lens.Lens' UpdateBillingGroup BillingGroupProperties
+updateBillingGroup_billingGroupProperties = Lens.lens (\UpdateBillingGroup' {billingGroupProperties} -> billingGroupProperties) (\s@UpdateBillingGroup' {} a -> s {billingGroupProperties = a} :: UpdateBillingGroup)
+
+instance Core.AWSRequest UpdateBillingGroup where
+  type
+    AWSResponse UpdateBillingGroup =
+      UpdateBillingGroupResponse
+  request overrides =
+    Request.patchJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdateBillingGroupResponse'
+            Prelude.<$> (x Data..?> "version")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable UpdateBillingGroup where
+  hashWithSalt _salt UpdateBillingGroup' {..} =
+    _salt
+      `Prelude.hashWithSalt` expectedVersion
+      `Prelude.hashWithSalt` billingGroupName
+      `Prelude.hashWithSalt` billingGroupProperties
+
+instance Prelude.NFData UpdateBillingGroup where
+  rnf UpdateBillingGroup' {..} =
+    Prelude.rnf expectedVersion
+      `Prelude.seq` Prelude.rnf billingGroupName
+      `Prelude.seq` Prelude.rnf billingGroupProperties
+
+instance Data.ToHeaders UpdateBillingGroup where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON UpdateBillingGroup where
+  toJSON UpdateBillingGroup' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("expectedVersion" Data..=)
+              Prelude.<$> expectedVersion,
+            Prelude.Just
+              ( "billingGroupProperties"
+                  Data..= billingGroupProperties
+              )
+          ]
+      )
+
+instance Data.ToPath UpdateBillingGroup where
+  toPath UpdateBillingGroup' {..} =
+    Prelude.mconcat
+      ["/billing-groups/", Data.toBS billingGroupName]
+
+instance Data.ToQuery UpdateBillingGroup where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateBillingGroupResponse' smart constructor.
+data UpdateBillingGroupResponse = UpdateBillingGroupResponse'
+  { -- | The latest version of the billing group.
+    version :: Prelude.Maybe Prelude.Integer,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateBillingGroupResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'version', 'updateBillingGroupResponse_version' - The latest version of the billing group.
+--
+-- 'httpStatus', 'updateBillingGroupResponse_httpStatus' - The response's http status code.
+newUpdateBillingGroupResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  UpdateBillingGroupResponse
+newUpdateBillingGroupResponse pHttpStatus_ =
+  UpdateBillingGroupResponse'
+    { version =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The latest version of the billing group.
+updateBillingGroupResponse_version :: Lens.Lens' UpdateBillingGroupResponse (Prelude.Maybe Prelude.Integer)
+updateBillingGroupResponse_version = Lens.lens (\UpdateBillingGroupResponse' {version} -> version) (\s@UpdateBillingGroupResponse' {} a -> s {version = a} :: UpdateBillingGroupResponse)
+
+-- | The response's http status code.
+updateBillingGroupResponse_httpStatus :: Lens.Lens' UpdateBillingGroupResponse Prelude.Int
+updateBillingGroupResponse_httpStatus = Lens.lens (\UpdateBillingGroupResponse' {httpStatus} -> httpStatus) (\s@UpdateBillingGroupResponse' {} a -> s {httpStatus = a} :: UpdateBillingGroupResponse)
+
+instance Prelude.NFData UpdateBillingGroupResponse where
+  rnf UpdateBillingGroupResponse' {..} =
+    Prelude.rnf version
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/UpdateCACertificate.hs b/gen/Amazonka/IoT/UpdateCACertificate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/UpdateCACertificate.hs
@@ -0,0 +1,203 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.UpdateCACertificate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates a registered CA certificate.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions UpdateCACertificate>
+-- action.
+module Amazonka.IoT.UpdateCACertificate
+  ( -- * Creating a Request
+    UpdateCACertificate (..),
+    newUpdateCACertificate,
+
+    -- * Request Lenses
+    updateCACertificate_newAutoRegistrationStatus,
+    updateCACertificate_newStatus,
+    updateCACertificate_registrationConfig,
+    updateCACertificate_removeAutoRegistration,
+    updateCACertificate_certificateId,
+
+    -- * Destructuring the Response
+    UpdateCACertificateResponse (..),
+    newUpdateCACertificateResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input to the UpdateCACertificate operation.
+--
+-- /See:/ 'newUpdateCACertificate' smart constructor.
+data UpdateCACertificate = UpdateCACertificate'
+  { -- | The new value for the auto registration status. Valid values are:
+    -- \"ENABLE\" or \"DISABLE\".
+    newAutoRegistrationStatus' :: Prelude.Maybe AutoRegistrationStatus,
+    -- | The updated status of the CA certificate.
+    --
+    -- __Note:__ The status value REGISTER_INACTIVE is deprecated and should
+    -- not be used.
+    newStatus' :: Prelude.Maybe CACertificateStatus,
+    -- | Information about the registration configuration.
+    registrationConfig :: Prelude.Maybe RegistrationConfig,
+    -- | If true, removes auto registration.
+    removeAutoRegistration :: Prelude.Maybe Prelude.Bool,
+    -- | The CA certificate identifier.
+    certificateId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateCACertificate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'newAutoRegistrationStatus'', 'updateCACertificate_newAutoRegistrationStatus' - The new value for the auto registration status. Valid values are:
+-- \"ENABLE\" or \"DISABLE\".
+--
+-- 'newStatus'', 'updateCACertificate_newStatus' - The updated status of the CA certificate.
+--
+-- __Note:__ The status value REGISTER_INACTIVE is deprecated and should
+-- not be used.
+--
+-- 'registrationConfig', 'updateCACertificate_registrationConfig' - Information about the registration configuration.
+--
+-- 'removeAutoRegistration', 'updateCACertificate_removeAutoRegistration' - If true, removes auto registration.
+--
+-- 'certificateId', 'updateCACertificate_certificateId' - The CA certificate identifier.
+newUpdateCACertificate ::
+  -- | 'certificateId'
+  Prelude.Text ->
+  UpdateCACertificate
+newUpdateCACertificate pCertificateId_ =
+  UpdateCACertificate'
+    { newAutoRegistrationStatus' =
+        Prelude.Nothing,
+      newStatus' = Prelude.Nothing,
+      registrationConfig = Prelude.Nothing,
+      removeAutoRegistration = Prelude.Nothing,
+      certificateId = pCertificateId_
+    }
+
+-- | The new value for the auto registration status. Valid values are:
+-- \"ENABLE\" or \"DISABLE\".
+updateCACertificate_newAutoRegistrationStatus :: Lens.Lens' UpdateCACertificate (Prelude.Maybe AutoRegistrationStatus)
+updateCACertificate_newAutoRegistrationStatus = Lens.lens (\UpdateCACertificate' {newAutoRegistrationStatus'} -> newAutoRegistrationStatus') (\s@UpdateCACertificate' {} a -> s {newAutoRegistrationStatus' = a} :: UpdateCACertificate)
+
+-- | The updated status of the CA certificate.
+--
+-- __Note:__ The status value REGISTER_INACTIVE is deprecated and should
+-- not be used.
+updateCACertificate_newStatus :: Lens.Lens' UpdateCACertificate (Prelude.Maybe CACertificateStatus)
+updateCACertificate_newStatus = Lens.lens (\UpdateCACertificate' {newStatus'} -> newStatus') (\s@UpdateCACertificate' {} a -> s {newStatus' = a} :: UpdateCACertificate)
+
+-- | Information about the registration configuration.
+updateCACertificate_registrationConfig :: Lens.Lens' UpdateCACertificate (Prelude.Maybe RegistrationConfig)
+updateCACertificate_registrationConfig = Lens.lens (\UpdateCACertificate' {registrationConfig} -> registrationConfig) (\s@UpdateCACertificate' {} a -> s {registrationConfig = a} :: UpdateCACertificate)
+
+-- | If true, removes auto registration.
+updateCACertificate_removeAutoRegistration :: Lens.Lens' UpdateCACertificate (Prelude.Maybe Prelude.Bool)
+updateCACertificate_removeAutoRegistration = Lens.lens (\UpdateCACertificate' {removeAutoRegistration} -> removeAutoRegistration) (\s@UpdateCACertificate' {} a -> s {removeAutoRegistration = a} :: UpdateCACertificate)
+
+-- | The CA certificate identifier.
+updateCACertificate_certificateId :: Lens.Lens' UpdateCACertificate Prelude.Text
+updateCACertificate_certificateId = Lens.lens (\UpdateCACertificate' {certificateId} -> certificateId) (\s@UpdateCACertificate' {} a -> s {certificateId = a} :: UpdateCACertificate)
+
+instance Core.AWSRequest UpdateCACertificate where
+  type
+    AWSResponse UpdateCACertificate =
+      UpdateCACertificateResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveNull UpdateCACertificateResponse'
+
+instance Prelude.Hashable UpdateCACertificate where
+  hashWithSalt _salt UpdateCACertificate' {..} =
+    _salt
+      `Prelude.hashWithSalt` newAutoRegistrationStatus'
+      `Prelude.hashWithSalt` newStatus'
+      `Prelude.hashWithSalt` registrationConfig
+      `Prelude.hashWithSalt` removeAutoRegistration
+      `Prelude.hashWithSalt` certificateId
+
+instance Prelude.NFData UpdateCACertificate where
+  rnf UpdateCACertificate' {..} =
+    Prelude.rnf newAutoRegistrationStatus'
+      `Prelude.seq` Prelude.rnf newStatus'
+      `Prelude.seq` Prelude.rnf registrationConfig
+      `Prelude.seq` Prelude.rnf removeAutoRegistration
+      `Prelude.seq` Prelude.rnf certificateId
+
+instance Data.ToHeaders UpdateCACertificate where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON UpdateCACertificate where
+  toJSON UpdateCACertificate' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("registrationConfig" Data..=)
+              Prelude.<$> registrationConfig,
+            ("removeAutoRegistration" Data..=)
+              Prelude.<$> removeAutoRegistration
+          ]
+      )
+
+instance Data.ToPath UpdateCACertificate where
+  toPath UpdateCACertificate' {..} =
+    Prelude.mconcat
+      ["/cacertificate/", Data.toBS certificateId]
+
+instance Data.ToQuery UpdateCACertificate where
+  toQuery UpdateCACertificate' {..} =
+    Prelude.mconcat
+      [ "newAutoRegistrationStatus"
+          Data.=: newAutoRegistrationStatus',
+        "newStatus" Data.=: newStatus'
+      ]
+
+-- | /See:/ 'newUpdateCACertificateResponse' smart constructor.
+data UpdateCACertificateResponse = UpdateCACertificateResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateCACertificateResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newUpdateCACertificateResponse ::
+  UpdateCACertificateResponse
+newUpdateCACertificateResponse =
+  UpdateCACertificateResponse'
+
+instance Prelude.NFData UpdateCACertificateResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/IoT/UpdateCertificate.hs b/gen/Amazonka/IoT/UpdateCertificate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/UpdateCertificate.hs
@@ -0,0 +1,180 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.UpdateCertificate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates the status of the specified certificate. This operation is
+-- idempotent.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions UpdateCertificate>
+-- action.
+--
+-- Certificates must be in the ACTIVE state to authenticate devices that
+-- use a certificate to connect to IoT.
+--
+-- Within a few minutes of updating a certificate from the ACTIVE state to
+-- any other state, IoT disconnects all devices that used that certificate
+-- to connect. Devices cannot use a certificate that is not in the ACTIVE
+-- state to reconnect.
+module Amazonka.IoT.UpdateCertificate
+  ( -- * Creating a Request
+    UpdateCertificate (..),
+    newUpdateCertificate,
+
+    -- * Request Lenses
+    updateCertificate_certificateId,
+    updateCertificate_newStatus,
+
+    -- * Destructuring the Response
+    UpdateCertificateResponse (..),
+    newUpdateCertificateResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the UpdateCertificate operation.
+--
+-- /See:/ 'newUpdateCertificate' smart constructor.
+data UpdateCertificate = UpdateCertificate'
+  { -- | The ID of the certificate. (The last part of the certificate ARN
+    -- contains the certificate ID.)
+    certificateId :: Prelude.Text,
+    -- | The new status.
+    --
+    -- __Note:__ Setting the status to PENDING_TRANSFER or PENDING_ACTIVATION
+    -- will result in an exception being thrown. PENDING_TRANSFER and
+    -- PENDING_ACTIVATION are statuses used internally by IoT. They are not
+    -- intended for developer use.
+    --
+    -- __Note:__ The status value REGISTER_INACTIVE is deprecated and should
+    -- not be used.
+    newStatus' :: CertificateStatus
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateCertificate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificateId', 'updateCertificate_certificateId' - The ID of the certificate. (The last part of the certificate ARN
+-- contains the certificate ID.)
+--
+-- 'newStatus'', 'updateCertificate_newStatus' - The new status.
+--
+-- __Note:__ Setting the status to PENDING_TRANSFER or PENDING_ACTIVATION
+-- will result in an exception being thrown. PENDING_TRANSFER and
+-- PENDING_ACTIVATION are statuses used internally by IoT. They are not
+-- intended for developer use.
+--
+-- __Note:__ The status value REGISTER_INACTIVE is deprecated and should
+-- not be used.
+newUpdateCertificate ::
+  -- | 'certificateId'
+  Prelude.Text ->
+  -- | 'newStatus''
+  CertificateStatus ->
+  UpdateCertificate
+newUpdateCertificate pCertificateId_ pNewStatus_ =
+  UpdateCertificate'
+    { certificateId = pCertificateId_,
+      newStatus' = pNewStatus_
+    }
+
+-- | The ID of the certificate. (The last part of the certificate ARN
+-- contains the certificate ID.)
+updateCertificate_certificateId :: Lens.Lens' UpdateCertificate Prelude.Text
+updateCertificate_certificateId = Lens.lens (\UpdateCertificate' {certificateId} -> certificateId) (\s@UpdateCertificate' {} a -> s {certificateId = a} :: UpdateCertificate)
+
+-- | The new status.
+--
+-- __Note:__ Setting the status to PENDING_TRANSFER or PENDING_ACTIVATION
+-- will result in an exception being thrown. PENDING_TRANSFER and
+-- PENDING_ACTIVATION are statuses used internally by IoT. They are not
+-- intended for developer use.
+--
+-- __Note:__ The status value REGISTER_INACTIVE is deprecated and should
+-- not be used.
+updateCertificate_newStatus :: Lens.Lens' UpdateCertificate CertificateStatus
+updateCertificate_newStatus = Lens.lens (\UpdateCertificate' {newStatus'} -> newStatus') (\s@UpdateCertificate' {} a -> s {newStatus' = a} :: UpdateCertificate)
+
+instance Core.AWSRequest UpdateCertificate where
+  type
+    AWSResponse UpdateCertificate =
+      UpdateCertificateResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveNull UpdateCertificateResponse'
+
+instance Prelude.Hashable UpdateCertificate where
+  hashWithSalt _salt UpdateCertificate' {..} =
+    _salt
+      `Prelude.hashWithSalt` certificateId
+      `Prelude.hashWithSalt` newStatus'
+
+instance Prelude.NFData UpdateCertificate where
+  rnf UpdateCertificate' {..} =
+    Prelude.rnf certificateId
+      `Prelude.seq` Prelude.rnf newStatus'
+
+instance Data.ToHeaders UpdateCertificate where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON UpdateCertificate where
+  toJSON = Prelude.const (Data.Object Prelude.mempty)
+
+instance Data.ToPath UpdateCertificate where
+  toPath UpdateCertificate' {..} =
+    Prelude.mconcat
+      ["/certificates/", Data.toBS certificateId]
+
+instance Data.ToQuery UpdateCertificate where
+  toQuery UpdateCertificate' {..} =
+    Prelude.mconcat ["newStatus" Data.=: newStatus']
+
+-- | /See:/ 'newUpdateCertificateResponse' smart constructor.
+data UpdateCertificateResponse = UpdateCertificateResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateCertificateResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newUpdateCertificateResponse ::
+  UpdateCertificateResponse
+newUpdateCertificateResponse =
+  UpdateCertificateResponse'
+
+instance Prelude.NFData UpdateCertificateResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/IoT/UpdateCustomMetric.hs b/gen/Amazonka/IoT/UpdateCustomMetric.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/UpdateCustomMetric.hs
@@ -0,0 +1,261 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.UpdateCustomMetric
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates a Device Defender detect custom metric.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions UpdateCustomMetric>
+-- action.
+module Amazonka.IoT.UpdateCustomMetric
+  ( -- * Creating a Request
+    UpdateCustomMetric (..),
+    newUpdateCustomMetric,
+
+    -- * Request Lenses
+    updateCustomMetric_metricName,
+    updateCustomMetric_displayName,
+
+    -- * Destructuring the Response
+    UpdateCustomMetricResponse (..),
+    newUpdateCustomMetricResponse,
+
+    -- * Response Lenses
+    updateCustomMetricResponse_creationDate,
+    updateCustomMetricResponse_displayName,
+    updateCustomMetricResponse_lastModifiedDate,
+    updateCustomMetricResponse_metricArn,
+    updateCustomMetricResponse_metricName,
+    updateCustomMetricResponse_metricType,
+    updateCustomMetricResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newUpdateCustomMetric' smart constructor.
+data UpdateCustomMetric = UpdateCustomMetric'
+  { -- | The name of the custom metric. Cannot be updated.
+    metricName :: Prelude.Text,
+    -- | Field represents a friendly name in the console for the custom metric,
+    -- it doesn\'t have to be unique. Don\'t use this name as the metric
+    -- identifier in the device metric report. Can be updated.
+    displayName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateCustomMetric' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'metricName', 'updateCustomMetric_metricName' - The name of the custom metric. Cannot be updated.
+--
+-- 'displayName', 'updateCustomMetric_displayName' - Field represents a friendly name in the console for the custom metric,
+-- it doesn\'t have to be unique. Don\'t use this name as the metric
+-- identifier in the device metric report. Can be updated.
+newUpdateCustomMetric ::
+  -- | 'metricName'
+  Prelude.Text ->
+  -- | 'displayName'
+  Prelude.Text ->
+  UpdateCustomMetric
+newUpdateCustomMetric pMetricName_ pDisplayName_ =
+  UpdateCustomMetric'
+    { metricName = pMetricName_,
+      displayName = pDisplayName_
+    }
+
+-- | The name of the custom metric. Cannot be updated.
+updateCustomMetric_metricName :: Lens.Lens' UpdateCustomMetric Prelude.Text
+updateCustomMetric_metricName = Lens.lens (\UpdateCustomMetric' {metricName} -> metricName) (\s@UpdateCustomMetric' {} a -> s {metricName = a} :: UpdateCustomMetric)
+
+-- | Field represents a friendly name in the console for the custom metric,
+-- it doesn\'t have to be unique. Don\'t use this name as the metric
+-- identifier in the device metric report. Can be updated.
+updateCustomMetric_displayName :: Lens.Lens' UpdateCustomMetric Prelude.Text
+updateCustomMetric_displayName = Lens.lens (\UpdateCustomMetric' {displayName} -> displayName) (\s@UpdateCustomMetric' {} a -> s {displayName = a} :: UpdateCustomMetric)
+
+instance Core.AWSRequest UpdateCustomMetric where
+  type
+    AWSResponse UpdateCustomMetric =
+      UpdateCustomMetricResponse
+  request overrides =
+    Request.patchJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdateCustomMetricResponse'
+            Prelude.<$> (x Data..?> "creationDate")
+            Prelude.<*> (x Data..?> "displayName")
+            Prelude.<*> (x Data..?> "lastModifiedDate")
+            Prelude.<*> (x Data..?> "metricArn")
+            Prelude.<*> (x Data..?> "metricName")
+            Prelude.<*> (x Data..?> "metricType")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable UpdateCustomMetric where
+  hashWithSalt _salt UpdateCustomMetric' {..} =
+    _salt
+      `Prelude.hashWithSalt` metricName
+      `Prelude.hashWithSalt` displayName
+
+instance Prelude.NFData UpdateCustomMetric where
+  rnf UpdateCustomMetric' {..} =
+    Prelude.rnf metricName
+      `Prelude.seq` Prelude.rnf displayName
+
+instance Data.ToHeaders UpdateCustomMetric where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON UpdateCustomMetric where
+  toJSON UpdateCustomMetric' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [Prelude.Just ("displayName" Data..= displayName)]
+      )
+
+instance Data.ToPath UpdateCustomMetric where
+  toPath UpdateCustomMetric' {..} =
+    Prelude.mconcat
+      ["/custom-metric/", Data.toBS metricName]
+
+instance Data.ToQuery UpdateCustomMetric where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateCustomMetricResponse' smart constructor.
+data UpdateCustomMetricResponse = UpdateCustomMetricResponse'
+  { -- | The creation date of the custom metric in milliseconds since epoch.
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | A friendly name in the console for the custom metric
+    displayName :: Prelude.Maybe Prelude.Text,
+    -- | The time the custom metric was last modified in milliseconds since
+    -- epoch.
+    lastModifiedDate :: Prelude.Maybe Data.POSIX,
+    -- | The Amazon Resource Number (ARN) of the custom metric.
+    metricArn :: Prelude.Maybe Prelude.Text,
+    -- | The name of the custom metric.
+    metricName :: Prelude.Maybe Prelude.Text,
+    -- | The type of the custom metric.
+    --
+    -- The type @number@ only takes a single metric value as an input, but
+    -- while submitting the metrics value in the DeviceMetrics report, it must
+    -- be passed as an array with a single value.
+    metricType :: Prelude.Maybe CustomMetricType,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateCustomMetricResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'creationDate', 'updateCustomMetricResponse_creationDate' - The creation date of the custom metric in milliseconds since epoch.
+--
+-- 'displayName', 'updateCustomMetricResponse_displayName' - A friendly name in the console for the custom metric
+--
+-- 'lastModifiedDate', 'updateCustomMetricResponse_lastModifiedDate' - The time the custom metric was last modified in milliseconds since
+-- epoch.
+--
+-- 'metricArn', 'updateCustomMetricResponse_metricArn' - The Amazon Resource Number (ARN) of the custom metric.
+--
+-- 'metricName', 'updateCustomMetricResponse_metricName' - The name of the custom metric.
+--
+-- 'metricType', 'updateCustomMetricResponse_metricType' - The type of the custom metric.
+--
+-- The type @number@ only takes a single metric value as an input, but
+-- while submitting the metrics value in the DeviceMetrics report, it must
+-- be passed as an array with a single value.
+--
+-- 'httpStatus', 'updateCustomMetricResponse_httpStatus' - The response's http status code.
+newUpdateCustomMetricResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  UpdateCustomMetricResponse
+newUpdateCustomMetricResponse pHttpStatus_ =
+  UpdateCustomMetricResponse'
+    { creationDate =
+        Prelude.Nothing,
+      displayName = Prelude.Nothing,
+      lastModifiedDate = Prelude.Nothing,
+      metricArn = Prelude.Nothing,
+      metricName = Prelude.Nothing,
+      metricType = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The creation date of the custom metric in milliseconds since epoch.
+updateCustomMetricResponse_creationDate :: Lens.Lens' UpdateCustomMetricResponse (Prelude.Maybe Prelude.UTCTime)
+updateCustomMetricResponse_creationDate = Lens.lens (\UpdateCustomMetricResponse' {creationDate} -> creationDate) (\s@UpdateCustomMetricResponse' {} a -> s {creationDate = a} :: UpdateCustomMetricResponse) Prelude.. Lens.mapping Data._Time
+
+-- | A friendly name in the console for the custom metric
+updateCustomMetricResponse_displayName :: Lens.Lens' UpdateCustomMetricResponse (Prelude.Maybe Prelude.Text)
+updateCustomMetricResponse_displayName = Lens.lens (\UpdateCustomMetricResponse' {displayName} -> displayName) (\s@UpdateCustomMetricResponse' {} a -> s {displayName = a} :: UpdateCustomMetricResponse)
+
+-- | The time the custom metric was last modified in milliseconds since
+-- epoch.
+updateCustomMetricResponse_lastModifiedDate :: Lens.Lens' UpdateCustomMetricResponse (Prelude.Maybe Prelude.UTCTime)
+updateCustomMetricResponse_lastModifiedDate = Lens.lens (\UpdateCustomMetricResponse' {lastModifiedDate} -> lastModifiedDate) (\s@UpdateCustomMetricResponse' {} a -> s {lastModifiedDate = a} :: UpdateCustomMetricResponse) Prelude.. Lens.mapping Data._Time
+
+-- | The Amazon Resource Number (ARN) of the custom metric.
+updateCustomMetricResponse_metricArn :: Lens.Lens' UpdateCustomMetricResponse (Prelude.Maybe Prelude.Text)
+updateCustomMetricResponse_metricArn = Lens.lens (\UpdateCustomMetricResponse' {metricArn} -> metricArn) (\s@UpdateCustomMetricResponse' {} a -> s {metricArn = a} :: UpdateCustomMetricResponse)
+
+-- | The name of the custom metric.
+updateCustomMetricResponse_metricName :: Lens.Lens' UpdateCustomMetricResponse (Prelude.Maybe Prelude.Text)
+updateCustomMetricResponse_metricName = Lens.lens (\UpdateCustomMetricResponse' {metricName} -> metricName) (\s@UpdateCustomMetricResponse' {} a -> s {metricName = a} :: UpdateCustomMetricResponse)
+
+-- | The type of the custom metric.
+--
+-- The type @number@ only takes a single metric value as an input, but
+-- while submitting the metrics value in the DeviceMetrics report, it must
+-- be passed as an array with a single value.
+updateCustomMetricResponse_metricType :: Lens.Lens' UpdateCustomMetricResponse (Prelude.Maybe CustomMetricType)
+updateCustomMetricResponse_metricType = Lens.lens (\UpdateCustomMetricResponse' {metricType} -> metricType) (\s@UpdateCustomMetricResponse' {} a -> s {metricType = a} :: UpdateCustomMetricResponse)
+
+-- | The response's http status code.
+updateCustomMetricResponse_httpStatus :: Lens.Lens' UpdateCustomMetricResponse Prelude.Int
+updateCustomMetricResponse_httpStatus = Lens.lens (\UpdateCustomMetricResponse' {httpStatus} -> httpStatus) (\s@UpdateCustomMetricResponse' {} a -> s {httpStatus = a} :: UpdateCustomMetricResponse)
+
+instance Prelude.NFData UpdateCustomMetricResponse where
+  rnf UpdateCustomMetricResponse' {..} =
+    Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf displayName
+      `Prelude.seq` Prelude.rnf lastModifiedDate
+      `Prelude.seq` Prelude.rnf metricArn
+      `Prelude.seq` Prelude.rnf metricName
+      `Prelude.seq` Prelude.rnf metricType
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/UpdateDimension.hs b/gen/Amazonka/IoT/UpdateDimension.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/UpdateDimension.hs
@@ -0,0 +1,260 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.UpdateDimension
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates the definition for a dimension. You cannot change the type of a
+-- dimension after it is created (you can delete it and recreate it).
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions UpdateDimension>
+-- action.
+module Amazonka.IoT.UpdateDimension
+  ( -- * Creating a Request
+    UpdateDimension (..),
+    newUpdateDimension,
+
+    -- * Request Lenses
+    updateDimension_name,
+    updateDimension_stringValues,
+
+    -- * Destructuring the Response
+    UpdateDimensionResponse (..),
+    newUpdateDimensionResponse,
+
+    -- * Response Lenses
+    updateDimensionResponse_arn,
+    updateDimensionResponse_creationDate,
+    updateDimensionResponse_lastModifiedDate,
+    updateDimensionResponse_name,
+    updateDimensionResponse_stringValues,
+    updateDimensionResponse_type,
+    updateDimensionResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newUpdateDimension' smart constructor.
+data UpdateDimension = UpdateDimension'
+  { -- | A unique identifier for the dimension. Choose something that describes
+    -- the type and value to make it easy to remember what it does.
+    name :: Prelude.Text,
+    -- | Specifies the value or list of values for the dimension. For
+    -- @TOPIC_FILTER@ dimensions, this is a pattern used to match the MQTT
+    -- topic (for example, \"admin\/#\").
+    stringValues :: Prelude.NonEmpty Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateDimension' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'name', 'updateDimension_name' - A unique identifier for the dimension. Choose something that describes
+-- the type and value to make it easy to remember what it does.
+--
+-- 'stringValues', 'updateDimension_stringValues' - Specifies the value or list of values for the dimension. For
+-- @TOPIC_FILTER@ dimensions, this is a pattern used to match the MQTT
+-- topic (for example, \"admin\/#\").
+newUpdateDimension ::
+  -- | 'name'
+  Prelude.Text ->
+  -- | 'stringValues'
+  Prelude.NonEmpty Prelude.Text ->
+  UpdateDimension
+newUpdateDimension pName_ pStringValues_ =
+  UpdateDimension'
+    { name = pName_,
+      stringValues = Lens.coerced Lens.# pStringValues_
+    }
+
+-- | A unique identifier for the dimension. Choose something that describes
+-- the type and value to make it easy to remember what it does.
+updateDimension_name :: Lens.Lens' UpdateDimension Prelude.Text
+updateDimension_name = Lens.lens (\UpdateDimension' {name} -> name) (\s@UpdateDimension' {} a -> s {name = a} :: UpdateDimension)
+
+-- | Specifies the value or list of values for the dimension. For
+-- @TOPIC_FILTER@ dimensions, this is a pattern used to match the MQTT
+-- topic (for example, \"admin\/#\").
+updateDimension_stringValues :: Lens.Lens' UpdateDimension (Prelude.NonEmpty Prelude.Text)
+updateDimension_stringValues = Lens.lens (\UpdateDimension' {stringValues} -> stringValues) (\s@UpdateDimension' {} a -> s {stringValues = a} :: UpdateDimension) Prelude.. Lens.coerced
+
+instance Core.AWSRequest UpdateDimension where
+  type
+    AWSResponse UpdateDimension =
+      UpdateDimensionResponse
+  request overrides =
+    Request.patchJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdateDimensionResponse'
+            Prelude.<$> (x Data..?> "arn")
+            Prelude.<*> (x Data..?> "creationDate")
+            Prelude.<*> (x Data..?> "lastModifiedDate")
+            Prelude.<*> (x Data..?> "name")
+            Prelude.<*> (x Data..?> "stringValues")
+            Prelude.<*> (x Data..?> "type")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable UpdateDimension where
+  hashWithSalt _salt UpdateDimension' {..} =
+    _salt
+      `Prelude.hashWithSalt` name
+      `Prelude.hashWithSalt` stringValues
+
+instance Prelude.NFData UpdateDimension where
+  rnf UpdateDimension' {..} =
+    Prelude.rnf name
+      `Prelude.seq` Prelude.rnf stringValues
+
+instance Data.ToHeaders UpdateDimension where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON UpdateDimension where
+  toJSON UpdateDimension' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [Prelude.Just ("stringValues" Data..= stringValues)]
+      )
+
+instance Data.ToPath UpdateDimension where
+  toPath UpdateDimension' {..} =
+    Prelude.mconcat ["/dimensions/", Data.toBS name]
+
+instance Data.ToQuery UpdateDimension where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateDimensionResponse' smart constructor.
+data UpdateDimensionResponse = UpdateDimensionResponse'
+  { -- | The Amazon Resource Name (ARN)of the created dimension.
+    arn :: Prelude.Maybe Prelude.Text,
+    -- | The date and time, in milliseconds since epoch, when the dimension was
+    -- initially created.
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | The date and time, in milliseconds since epoch, when the dimension was
+    -- most recently updated.
+    lastModifiedDate :: Prelude.Maybe Data.POSIX,
+    -- | A unique identifier for the dimension.
+    name :: Prelude.Maybe Prelude.Text,
+    -- | The value or list of values used to scope the dimension. For example,
+    -- for topic filters, this is the pattern used to match the MQTT topic
+    -- name.
+    stringValues :: Prelude.Maybe (Prelude.NonEmpty Prelude.Text),
+    -- | The type of the dimension.
+    type' :: Prelude.Maybe DimensionType,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateDimensionResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'arn', 'updateDimensionResponse_arn' - The Amazon Resource Name (ARN)of the created dimension.
+--
+-- 'creationDate', 'updateDimensionResponse_creationDate' - The date and time, in milliseconds since epoch, when the dimension was
+-- initially created.
+--
+-- 'lastModifiedDate', 'updateDimensionResponse_lastModifiedDate' - The date and time, in milliseconds since epoch, when the dimension was
+-- most recently updated.
+--
+-- 'name', 'updateDimensionResponse_name' - A unique identifier for the dimension.
+--
+-- 'stringValues', 'updateDimensionResponse_stringValues' - The value or list of values used to scope the dimension. For example,
+-- for topic filters, this is the pattern used to match the MQTT topic
+-- name.
+--
+-- 'type'', 'updateDimensionResponse_type' - The type of the dimension.
+--
+-- 'httpStatus', 'updateDimensionResponse_httpStatus' - The response's http status code.
+newUpdateDimensionResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  UpdateDimensionResponse
+newUpdateDimensionResponse pHttpStatus_ =
+  UpdateDimensionResponse'
+    { arn = Prelude.Nothing,
+      creationDate = Prelude.Nothing,
+      lastModifiedDate = Prelude.Nothing,
+      name = Prelude.Nothing,
+      stringValues = Prelude.Nothing,
+      type' = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The Amazon Resource Name (ARN)of the created dimension.
+updateDimensionResponse_arn :: Lens.Lens' UpdateDimensionResponse (Prelude.Maybe Prelude.Text)
+updateDimensionResponse_arn = Lens.lens (\UpdateDimensionResponse' {arn} -> arn) (\s@UpdateDimensionResponse' {} a -> s {arn = a} :: UpdateDimensionResponse)
+
+-- | The date and time, in milliseconds since epoch, when the dimension was
+-- initially created.
+updateDimensionResponse_creationDate :: Lens.Lens' UpdateDimensionResponse (Prelude.Maybe Prelude.UTCTime)
+updateDimensionResponse_creationDate = Lens.lens (\UpdateDimensionResponse' {creationDate} -> creationDate) (\s@UpdateDimensionResponse' {} a -> s {creationDate = a} :: UpdateDimensionResponse) Prelude.. Lens.mapping Data._Time
+
+-- | The date and time, in milliseconds since epoch, when the dimension was
+-- most recently updated.
+updateDimensionResponse_lastModifiedDate :: Lens.Lens' UpdateDimensionResponse (Prelude.Maybe Prelude.UTCTime)
+updateDimensionResponse_lastModifiedDate = Lens.lens (\UpdateDimensionResponse' {lastModifiedDate} -> lastModifiedDate) (\s@UpdateDimensionResponse' {} a -> s {lastModifiedDate = a} :: UpdateDimensionResponse) Prelude.. Lens.mapping Data._Time
+
+-- | A unique identifier for the dimension.
+updateDimensionResponse_name :: Lens.Lens' UpdateDimensionResponse (Prelude.Maybe Prelude.Text)
+updateDimensionResponse_name = Lens.lens (\UpdateDimensionResponse' {name} -> name) (\s@UpdateDimensionResponse' {} a -> s {name = a} :: UpdateDimensionResponse)
+
+-- | The value or list of values used to scope the dimension. For example,
+-- for topic filters, this is the pattern used to match the MQTT topic
+-- name.
+updateDimensionResponse_stringValues :: Lens.Lens' UpdateDimensionResponse (Prelude.Maybe (Prelude.NonEmpty Prelude.Text))
+updateDimensionResponse_stringValues = Lens.lens (\UpdateDimensionResponse' {stringValues} -> stringValues) (\s@UpdateDimensionResponse' {} a -> s {stringValues = a} :: UpdateDimensionResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The type of the dimension.
+updateDimensionResponse_type :: Lens.Lens' UpdateDimensionResponse (Prelude.Maybe DimensionType)
+updateDimensionResponse_type = Lens.lens (\UpdateDimensionResponse' {type'} -> type') (\s@UpdateDimensionResponse' {} a -> s {type' = a} :: UpdateDimensionResponse)
+
+-- | The response's http status code.
+updateDimensionResponse_httpStatus :: Lens.Lens' UpdateDimensionResponse Prelude.Int
+updateDimensionResponse_httpStatus = Lens.lens (\UpdateDimensionResponse' {httpStatus} -> httpStatus) (\s@UpdateDimensionResponse' {} a -> s {httpStatus = a} :: UpdateDimensionResponse)
+
+instance Prelude.NFData UpdateDimensionResponse where
+  rnf UpdateDimensionResponse' {..} =
+    Prelude.rnf arn
+      `Prelude.seq` Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf lastModifiedDate
+      `Prelude.seq` Prelude.rnf name
+      `Prelude.seq` Prelude.rnf stringValues
+      `Prelude.seq` Prelude.rnf type'
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/UpdateDomainConfiguration.hs b/gen/Amazonka/IoT/UpdateDomainConfiguration.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/UpdateDomainConfiguration.hs
@@ -0,0 +1,230 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.UpdateDomainConfiguration
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates values stored in the domain configuration. Domain configurations
+-- for default endpoints can\'t be updated.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions UpdateDomainConfiguration>
+-- action.
+module Amazonka.IoT.UpdateDomainConfiguration
+  ( -- * Creating a Request
+    UpdateDomainConfiguration (..),
+    newUpdateDomainConfiguration,
+
+    -- * Request Lenses
+    updateDomainConfiguration_authorizerConfig,
+    updateDomainConfiguration_domainConfigurationStatus,
+    updateDomainConfiguration_removeAuthorizerConfig,
+    updateDomainConfiguration_domainConfigurationName,
+
+    -- * Destructuring the Response
+    UpdateDomainConfigurationResponse (..),
+    newUpdateDomainConfigurationResponse,
+
+    -- * Response Lenses
+    updateDomainConfigurationResponse_domainConfigurationArn,
+    updateDomainConfigurationResponse_domainConfigurationName,
+    updateDomainConfigurationResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newUpdateDomainConfiguration' smart constructor.
+data UpdateDomainConfiguration = UpdateDomainConfiguration'
+  { -- | An object that specifies the authorization service for a domain.
+    authorizerConfig :: Prelude.Maybe AuthorizerConfig,
+    -- | The status to which the domain configuration should be updated.
+    domainConfigurationStatus :: Prelude.Maybe DomainConfigurationStatus,
+    -- | Removes the authorization configuration from a domain.
+    removeAuthorizerConfig :: Prelude.Maybe Prelude.Bool,
+    -- | The name of the domain configuration to be updated.
+    domainConfigurationName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateDomainConfiguration' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'authorizerConfig', 'updateDomainConfiguration_authorizerConfig' - An object that specifies the authorization service for a domain.
+--
+-- 'domainConfigurationStatus', 'updateDomainConfiguration_domainConfigurationStatus' - The status to which the domain configuration should be updated.
+--
+-- 'removeAuthorizerConfig', 'updateDomainConfiguration_removeAuthorizerConfig' - Removes the authorization configuration from a domain.
+--
+-- 'domainConfigurationName', 'updateDomainConfiguration_domainConfigurationName' - The name of the domain configuration to be updated.
+newUpdateDomainConfiguration ::
+  -- | 'domainConfigurationName'
+  Prelude.Text ->
+  UpdateDomainConfiguration
+newUpdateDomainConfiguration
+  pDomainConfigurationName_ =
+    UpdateDomainConfiguration'
+      { authorizerConfig =
+          Prelude.Nothing,
+        domainConfigurationStatus = Prelude.Nothing,
+        removeAuthorizerConfig = Prelude.Nothing,
+        domainConfigurationName =
+          pDomainConfigurationName_
+      }
+
+-- | An object that specifies the authorization service for a domain.
+updateDomainConfiguration_authorizerConfig :: Lens.Lens' UpdateDomainConfiguration (Prelude.Maybe AuthorizerConfig)
+updateDomainConfiguration_authorizerConfig = Lens.lens (\UpdateDomainConfiguration' {authorizerConfig} -> authorizerConfig) (\s@UpdateDomainConfiguration' {} a -> s {authorizerConfig = a} :: UpdateDomainConfiguration)
+
+-- | The status to which the domain configuration should be updated.
+updateDomainConfiguration_domainConfigurationStatus :: Lens.Lens' UpdateDomainConfiguration (Prelude.Maybe DomainConfigurationStatus)
+updateDomainConfiguration_domainConfigurationStatus = Lens.lens (\UpdateDomainConfiguration' {domainConfigurationStatus} -> domainConfigurationStatus) (\s@UpdateDomainConfiguration' {} a -> s {domainConfigurationStatus = a} :: UpdateDomainConfiguration)
+
+-- | Removes the authorization configuration from a domain.
+updateDomainConfiguration_removeAuthorizerConfig :: Lens.Lens' UpdateDomainConfiguration (Prelude.Maybe Prelude.Bool)
+updateDomainConfiguration_removeAuthorizerConfig = Lens.lens (\UpdateDomainConfiguration' {removeAuthorizerConfig} -> removeAuthorizerConfig) (\s@UpdateDomainConfiguration' {} a -> s {removeAuthorizerConfig = a} :: UpdateDomainConfiguration)
+
+-- | The name of the domain configuration to be updated.
+updateDomainConfiguration_domainConfigurationName :: Lens.Lens' UpdateDomainConfiguration Prelude.Text
+updateDomainConfiguration_domainConfigurationName = Lens.lens (\UpdateDomainConfiguration' {domainConfigurationName} -> domainConfigurationName) (\s@UpdateDomainConfiguration' {} a -> s {domainConfigurationName = a} :: UpdateDomainConfiguration)
+
+instance Core.AWSRequest UpdateDomainConfiguration where
+  type
+    AWSResponse UpdateDomainConfiguration =
+      UpdateDomainConfigurationResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdateDomainConfigurationResponse'
+            Prelude.<$> (x Data..?> "domainConfigurationArn")
+            Prelude.<*> (x Data..?> "domainConfigurationName")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable UpdateDomainConfiguration where
+  hashWithSalt _salt UpdateDomainConfiguration' {..} =
+    _salt
+      `Prelude.hashWithSalt` authorizerConfig
+      `Prelude.hashWithSalt` domainConfigurationStatus
+      `Prelude.hashWithSalt` removeAuthorizerConfig
+      `Prelude.hashWithSalt` domainConfigurationName
+
+instance Prelude.NFData UpdateDomainConfiguration where
+  rnf UpdateDomainConfiguration' {..} =
+    Prelude.rnf authorizerConfig
+      `Prelude.seq` Prelude.rnf domainConfigurationStatus
+      `Prelude.seq` Prelude.rnf removeAuthorizerConfig
+      `Prelude.seq` Prelude.rnf domainConfigurationName
+
+instance Data.ToHeaders UpdateDomainConfiguration where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON UpdateDomainConfiguration where
+  toJSON UpdateDomainConfiguration' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("authorizerConfig" Data..=)
+              Prelude.<$> authorizerConfig,
+            ("domainConfigurationStatus" Data..=)
+              Prelude.<$> domainConfigurationStatus,
+            ("removeAuthorizerConfig" Data..=)
+              Prelude.<$> removeAuthorizerConfig
+          ]
+      )
+
+instance Data.ToPath UpdateDomainConfiguration where
+  toPath UpdateDomainConfiguration' {..} =
+    Prelude.mconcat
+      [ "/domainConfigurations/",
+        Data.toBS domainConfigurationName
+      ]
+
+instance Data.ToQuery UpdateDomainConfiguration where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateDomainConfigurationResponse' smart constructor.
+data UpdateDomainConfigurationResponse = UpdateDomainConfigurationResponse'
+  { -- | The ARN of the domain configuration that was updated.
+    domainConfigurationArn :: Prelude.Maybe Prelude.Text,
+    -- | The name of the domain configuration that was updated.
+    domainConfigurationName :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateDomainConfigurationResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'domainConfigurationArn', 'updateDomainConfigurationResponse_domainConfigurationArn' - The ARN of the domain configuration that was updated.
+--
+-- 'domainConfigurationName', 'updateDomainConfigurationResponse_domainConfigurationName' - The name of the domain configuration that was updated.
+--
+-- 'httpStatus', 'updateDomainConfigurationResponse_httpStatus' - The response's http status code.
+newUpdateDomainConfigurationResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  UpdateDomainConfigurationResponse
+newUpdateDomainConfigurationResponse pHttpStatus_ =
+  UpdateDomainConfigurationResponse'
+    { domainConfigurationArn =
+        Prelude.Nothing,
+      domainConfigurationName =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The ARN of the domain configuration that was updated.
+updateDomainConfigurationResponse_domainConfigurationArn :: Lens.Lens' UpdateDomainConfigurationResponse (Prelude.Maybe Prelude.Text)
+updateDomainConfigurationResponse_domainConfigurationArn = Lens.lens (\UpdateDomainConfigurationResponse' {domainConfigurationArn} -> domainConfigurationArn) (\s@UpdateDomainConfigurationResponse' {} a -> s {domainConfigurationArn = a} :: UpdateDomainConfigurationResponse)
+
+-- | The name of the domain configuration that was updated.
+updateDomainConfigurationResponse_domainConfigurationName :: Lens.Lens' UpdateDomainConfigurationResponse (Prelude.Maybe Prelude.Text)
+updateDomainConfigurationResponse_domainConfigurationName = Lens.lens (\UpdateDomainConfigurationResponse' {domainConfigurationName} -> domainConfigurationName) (\s@UpdateDomainConfigurationResponse' {} a -> s {domainConfigurationName = a} :: UpdateDomainConfigurationResponse)
+
+-- | The response's http status code.
+updateDomainConfigurationResponse_httpStatus :: Lens.Lens' UpdateDomainConfigurationResponse Prelude.Int
+updateDomainConfigurationResponse_httpStatus = Lens.lens (\UpdateDomainConfigurationResponse' {httpStatus} -> httpStatus) (\s@UpdateDomainConfigurationResponse' {} a -> s {httpStatus = a} :: UpdateDomainConfigurationResponse)
+
+instance
+  Prelude.NFData
+    UpdateDomainConfigurationResponse
+  where
+  rnf UpdateDomainConfigurationResponse' {..} =
+    Prelude.rnf domainConfigurationArn
+      `Prelude.seq` Prelude.rnf domainConfigurationName
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/UpdateDynamicThingGroup.hs b/gen/Amazonka/IoT/UpdateDynamicThingGroup.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/UpdateDynamicThingGroup.hs
@@ -0,0 +1,258 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.UpdateDynamicThingGroup
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates a dynamic thing group.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions UpdateDynamicThingGroup>
+-- action.
+module Amazonka.IoT.UpdateDynamicThingGroup
+  ( -- * Creating a Request
+    UpdateDynamicThingGroup (..),
+    newUpdateDynamicThingGroup,
+
+    -- * Request Lenses
+    updateDynamicThingGroup_expectedVersion,
+    updateDynamicThingGroup_indexName,
+    updateDynamicThingGroup_queryString,
+    updateDynamicThingGroup_queryVersion,
+    updateDynamicThingGroup_thingGroupName,
+    updateDynamicThingGroup_thingGroupProperties,
+
+    -- * Destructuring the Response
+    UpdateDynamicThingGroupResponse (..),
+    newUpdateDynamicThingGroupResponse,
+
+    -- * Response Lenses
+    updateDynamicThingGroupResponse_version,
+    updateDynamicThingGroupResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newUpdateDynamicThingGroup' smart constructor.
+data UpdateDynamicThingGroup = UpdateDynamicThingGroup'
+  { -- | The expected version of the dynamic thing group to update.
+    expectedVersion :: Prelude.Maybe Prelude.Integer,
+    -- | The dynamic thing group index to update.
+    --
+    -- Currently one index is supported: @AWS_Things@.
+    indexName :: Prelude.Maybe Prelude.Text,
+    -- | The dynamic thing group search query string to update.
+    queryString :: Prelude.Maybe Prelude.Text,
+    -- | The dynamic thing group query version to update.
+    --
+    -- Currently one query version is supported: \"2017-09-30\". If not
+    -- specified, the query version defaults to this value.
+    queryVersion :: Prelude.Maybe Prelude.Text,
+    -- | The name of the dynamic thing group to update.
+    thingGroupName :: Prelude.Text,
+    -- | The dynamic thing group properties to update.
+    thingGroupProperties :: ThingGroupProperties
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateDynamicThingGroup' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'expectedVersion', 'updateDynamicThingGroup_expectedVersion' - The expected version of the dynamic thing group to update.
+--
+-- 'indexName', 'updateDynamicThingGroup_indexName' - The dynamic thing group index to update.
+--
+-- Currently one index is supported: @AWS_Things@.
+--
+-- 'queryString', 'updateDynamicThingGroup_queryString' - The dynamic thing group search query string to update.
+--
+-- 'queryVersion', 'updateDynamicThingGroup_queryVersion' - The dynamic thing group query version to update.
+--
+-- Currently one query version is supported: \"2017-09-30\". If not
+-- specified, the query version defaults to this value.
+--
+-- 'thingGroupName', 'updateDynamicThingGroup_thingGroupName' - The name of the dynamic thing group to update.
+--
+-- 'thingGroupProperties', 'updateDynamicThingGroup_thingGroupProperties' - The dynamic thing group properties to update.
+newUpdateDynamicThingGroup ::
+  -- | 'thingGroupName'
+  Prelude.Text ->
+  -- | 'thingGroupProperties'
+  ThingGroupProperties ->
+  UpdateDynamicThingGroup
+newUpdateDynamicThingGroup
+  pThingGroupName_
+  pThingGroupProperties_ =
+    UpdateDynamicThingGroup'
+      { expectedVersion =
+          Prelude.Nothing,
+        indexName = Prelude.Nothing,
+        queryString = Prelude.Nothing,
+        queryVersion = Prelude.Nothing,
+        thingGroupName = pThingGroupName_,
+        thingGroupProperties = pThingGroupProperties_
+      }
+
+-- | The expected version of the dynamic thing group to update.
+updateDynamicThingGroup_expectedVersion :: Lens.Lens' UpdateDynamicThingGroup (Prelude.Maybe Prelude.Integer)
+updateDynamicThingGroup_expectedVersion = Lens.lens (\UpdateDynamicThingGroup' {expectedVersion} -> expectedVersion) (\s@UpdateDynamicThingGroup' {} a -> s {expectedVersion = a} :: UpdateDynamicThingGroup)
+
+-- | The dynamic thing group index to update.
+--
+-- Currently one index is supported: @AWS_Things@.
+updateDynamicThingGroup_indexName :: Lens.Lens' UpdateDynamicThingGroup (Prelude.Maybe Prelude.Text)
+updateDynamicThingGroup_indexName = Lens.lens (\UpdateDynamicThingGroup' {indexName} -> indexName) (\s@UpdateDynamicThingGroup' {} a -> s {indexName = a} :: UpdateDynamicThingGroup)
+
+-- | The dynamic thing group search query string to update.
+updateDynamicThingGroup_queryString :: Lens.Lens' UpdateDynamicThingGroup (Prelude.Maybe Prelude.Text)
+updateDynamicThingGroup_queryString = Lens.lens (\UpdateDynamicThingGroup' {queryString} -> queryString) (\s@UpdateDynamicThingGroup' {} a -> s {queryString = a} :: UpdateDynamicThingGroup)
+
+-- | The dynamic thing group query version to update.
+--
+-- Currently one query version is supported: \"2017-09-30\". If not
+-- specified, the query version defaults to this value.
+updateDynamicThingGroup_queryVersion :: Lens.Lens' UpdateDynamicThingGroup (Prelude.Maybe Prelude.Text)
+updateDynamicThingGroup_queryVersion = Lens.lens (\UpdateDynamicThingGroup' {queryVersion} -> queryVersion) (\s@UpdateDynamicThingGroup' {} a -> s {queryVersion = a} :: UpdateDynamicThingGroup)
+
+-- | The name of the dynamic thing group to update.
+updateDynamicThingGroup_thingGroupName :: Lens.Lens' UpdateDynamicThingGroup Prelude.Text
+updateDynamicThingGroup_thingGroupName = Lens.lens (\UpdateDynamicThingGroup' {thingGroupName} -> thingGroupName) (\s@UpdateDynamicThingGroup' {} a -> s {thingGroupName = a} :: UpdateDynamicThingGroup)
+
+-- | The dynamic thing group properties to update.
+updateDynamicThingGroup_thingGroupProperties :: Lens.Lens' UpdateDynamicThingGroup ThingGroupProperties
+updateDynamicThingGroup_thingGroupProperties = Lens.lens (\UpdateDynamicThingGroup' {thingGroupProperties} -> thingGroupProperties) (\s@UpdateDynamicThingGroup' {} a -> s {thingGroupProperties = a} :: UpdateDynamicThingGroup)
+
+instance Core.AWSRequest UpdateDynamicThingGroup where
+  type
+    AWSResponse UpdateDynamicThingGroup =
+      UpdateDynamicThingGroupResponse
+  request overrides =
+    Request.patchJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdateDynamicThingGroupResponse'
+            Prelude.<$> (x Data..?> "version")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable UpdateDynamicThingGroup where
+  hashWithSalt _salt UpdateDynamicThingGroup' {..} =
+    _salt
+      `Prelude.hashWithSalt` expectedVersion
+      `Prelude.hashWithSalt` indexName
+      `Prelude.hashWithSalt` queryString
+      `Prelude.hashWithSalt` queryVersion
+      `Prelude.hashWithSalt` thingGroupName
+      `Prelude.hashWithSalt` thingGroupProperties
+
+instance Prelude.NFData UpdateDynamicThingGroup where
+  rnf UpdateDynamicThingGroup' {..} =
+    Prelude.rnf expectedVersion
+      `Prelude.seq` Prelude.rnf indexName
+      `Prelude.seq` Prelude.rnf queryString
+      `Prelude.seq` Prelude.rnf queryVersion
+      `Prelude.seq` Prelude.rnf thingGroupName
+      `Prelude.seq` Prelude.rnf thingGroupProperties
+
+instance Data.ToHeaders UpdateDynamicThingGroup where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON UpdateDynamicThingGroup where
+  toJSON UpdateDynamicThingGroup' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("expectedVersion" Data..=)
+              Prelude.<$> expectedVersion,
+            ("indexName" Data..=) Prelude.<$> indexName,
+            ("queryString" Data..=) Prelude.<$> queryString,
+            ("queryVersion" Data..=) Prelude.<$> queryVersion,
+            Prelude.Just
+              ( "thingGroupProperties"
+                  Data..= thingGroupProperties
+              )
+          ]
+      )
+
+instance Data.ToPath UpdateDynamicThingGroup where
+  toPath UpdateDynamicThingGroup' {..} =
+    Prelude.mconcat
+      ["/dynamic-thing-groups/", Data.toBS thingGroupName]
+
+instance Data.ToQuery UpdateDynamicThingGroup where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateDynamicThingGroupResponse' smart constructor.
+data UpdateDynamicThingGroupResponse = UpdateDynamicThingGroupResponse'
+  { -- | The dynamic thing group version.
+    version :: Prelude.Maybe Prelude.Integer,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateDynamicThingGroupResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'version', 'updateDynamicThingGroupResponse_version' - The dynamic thing group version.
+--
+-- 'httpStatus', 'updateDynamicThingGroupResponse_httpStatus' - The response's http status code.
+newUpdateDynamicThingGroupResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  UpdateDynamicThingGroupResponse
+newUpdateDynamicThingGroupResponse pHttpStatus_ =
+  UpdateDynamicThingGroupResponse'
+    { version =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The dynamic thing group version.
+updateDynamicThingGroupResponse_version :: Lens.Lens' UpdateDynamicThingGroupResponse (Prelude.Maybe Prelude.Integer)
+updateDynamicThingGroupResponse_version = Lens.lens (\UpdateDynamicThingGroupResponse' {version} -> version) (\s@UpdateDynamicThingGroupResponse' {} a -> s {version = a} :: UpdateDynamicThingGroupResponse)
+
+-- | The response's http status code.
+updateDynamicThingGroupResponse_httpStatus :: Lens.Lens' UpdateDynamicThingGroupResponse Prelude.Int
+updateDynamicThingGroupResponse_httpStatus = Lens.lens (\UpdateDynamicThingGroupResponse' {httpStatus} -> httpStatus) (\s@UpdateDynamicThingGroupResponse' {} a -> s {httpStatus = a} :: UpdateDynamicThingGroupResponse)
+
+instance
+  Prelude.NFData
+    UpdateDynamicThingGroupResponse
+  where
+  rnf UpdateDynamicThingGroupResponse' {..} =
+    Prelude.rnf version
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/UpdateEventConfigurations.hs b/gen/Amazonka/IoT/UpdateEventConfigurations.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/UpdateEventConfigurations.hs
@@ -0,0 +1,155 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.UpdateEventConfigurations
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates the event configurations.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions UpdateEventConfigurations>
+-- action.
+module Amazonka.IoT.UpdateEventConfigurations
+  ( -- * Creating a Request
+    UpdateEventConfigurations (..),
+    newUpdateEventConfigurations,
+
+    -- * Request Lenses
+    updateEventConfigurations_eventConfigurations,
+
+    -- * Destructuring the Response
+    UpdateEventConfigurationsResponse (..),
+    newUpdateEventConfigurationsResponse,
+
+    -- * Response Lenses
+    updateEventConfigurationsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newUpdateEventConfigurations' smart constructor.
+data UpdateEventConfigurations = UpdateEventConfigurations'
+  { -- | The new event configuration values.
+    eventConfigurations :: Prelude.Maybe (Prelude.HashMap EventType Configuration)
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateEventConfigurations' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'eventConfigurations', 'updateEventConfigurations_eventConfigurations' - The new event configuration values.
+newUpdateEventConfigurations ::
+  UpdateEventConfigurations
+newUpdateEventConfigurations =
+  UpdateEventConfigurations'
+    { eventConfigurations =
+        Prelude.Nothing
+    }
+
+-- | The new event configuration values.
+updateEventConfigurations_eventConfigurations :: Lens.Lens' UpdateEventConfigurations (Prelude.Maybe (Prelude.HashMap EventType Configuration))
+updateEventConfigurations_eventConfigurations = Lens.lens (\UpdateEventConfigurations' {eventConfigurations} -> eventConfigurations) (\s@UpdateEventConfigurations' {} a -> s {eventConfigurations = a} :: UpdateEventConfigurations) Prelude.. Lens.mapping Lens.coerced
+
+instance Core.AWSRequest UpdateEventConfigurations where
+  type
+    AWSResponse UpdateEventConfigurations =
+      UpdateEventConfigurationsResponse
+  request overrides =
+    Request.patchJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          UpdateEventConfigurationsResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable UpdateEventConfigurations where
+  hashWithSalt _salt UpdateEventConfigurations' {..} =
+    _salt `Prelude.hashWithSalt` eventConfigurations
+
+instance Prelude.NFData UpdateEventConfigurations where
+  rnf UpdateEventConfigurations' {..} =
+    Prelude.rnf eventConfigurations
+
+instance Data.ToHeaders UpdateEventConfigurations where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON UpdateEventConfigurations where
+  toJSON UpdateEventConfigurations' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("eventConfigurations" Data..=)
+              Prelude.<$> eventConfigurations
+          ]
+      )
+
+instance Data.ToPath UpdateEventConfigurations where
+  toPath = Prelude.const "/event-configurations"
+
+instance Data.ToQuery UpdateEventConfigurations where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateEventConfigurationsResponse' smart constructor.
+data UpdateEventConfigurationsResponse = UpdateEventConfigurationsResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateEventConfigurationsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'updateEventConfigurationsResponse_httpStatus' - The response's http status code.
+newUpdateEventConfigurationsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  UpdateEventConfigurationsResponse
+newUpdateEventConfigurationsResponse pHttpStatus_ =
+  UpdateEventConfigurationsResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+updateEventConfigurationsResponse_httpStatus :: Lens.Lens' UpdateEventConfigurationsResponse Prelude.Int
+updateEventConfigurationsResponse_httpStatus = Lens.lens (\UpdateEventConfigurationsResponse' {httpStatus} -> httpStatus) (\s@UpdateEventConfigurationsResponse' {} a -> s {httpStatus = a} :: UpdateEventConfigurationsResponse)
+
+instance
+  Prelude.NFData
+    UpdateEventConfigurationsResponse
+  where
+  rnf UpdateEventConfigurationsResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/UpdateFleetMetric.hs b/gen/Amazonka/IoT/UpdateFleetMetric.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/UpdateFleetMetric.hs
@@ -0,0 +1,263 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.UpdateFleetMetric
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates the data for a fleet metric.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions UpdateFleetMetric>
+-- action.
+module Amazonka.IoT.UpdateFleetMetric
+  ( -- * Creating a Request
+    UpdateFleetMetric (..),
+    newUpdateFleetMetric,
+
+    -- * Request Lenses
+    updateFleetMetric_aggregationField,
+    updateFleetMetric_aggregationType,
+    updateFleetMetric_description,
+    updateFleetMetric_expectedVersion,
+    updateFleetMetric_period,
+    updateFleetMetric_queryString,
+    updateFleetMetric_queryVersion,
+    updateFleetMetric_unit,
+    updateFleetMetric_metricName,
+    updateFleetMetric_indexName,
+
+    -- * Destructuring the Response
+    UpdateFleetMetricResponse (..),
+    newUpdateFleetMetricResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newUpdateFleetMetric' smart constructor.
+data UpdateFleetMetric = UpdateFleetMetric'
+  { -- | The field to aggregate.
+    aggregationField :: Prelude.Maybe Prelude.Text,
+    -- | The type of the aggregation query.
+    aggregationType :: Prelude.Maybe AggregationType,
+    -- | The description of the fleet metric.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | The expected version of the fleet metric record in the registry.
+    expectedVersion :: Prelude.Maybe Prelude.Integer,
+    -- | The time in seconds between fleet metric emissions. Range [60(1 min),
+    -- 86400(1 day)] and must be multiple of 60.
+    period :: Prelude.Maybe Prelude.Natural,
+    -- | The search query string.
+    queryString :: Prelude.Maybe Prelude.Text,
+    -- | The version of the query.
+    queryVersion :: Prelude.Maybe Prelude.Text,
+    -- | Used to support unit transformation such as milliseconds to seconds. The
+    -- unit must be supported by
+    -- <https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html CW metric>.
+    unit :: Prelude.Maybe FleetMetricUnit,
+    -- | The name of the fleet metric to update.
+    metricName :: Prelude.Text,
+    -- | The name of the index to search.
+    indexName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateFleetMetric' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'aggregationField', 'updateFleetMetric_aggregationField' - The field to aggregate.
+--
+-- 'aggregationType', 'updateFleetMetric_aggregationType' - The type of the aggregation query.
+--
+-- 'description', 'updateFleetMetric_description' - The description of the fleet metric.
+--
+-- 'expectedVersion', 'updateFleetMetric_expectedVersion' - The expected version of the fleet metric record in the registry.
+--
+-- 'period', 'updateFleetMetric_period' - The time in seconds between fleet metric emissions. Range [60(1 min),
+-- 86400(1 day)] and must be multiple of 60.
+--
+-- 'queryString', 'updateFleetMetric_queryString' - The search query string.
+--
+-- 'queryVersion', 'updateFleetMetric_queryVersion' - The version of the query.
+--
+-- 'unit', 'updateFleetMetric_unit' - Used to support unit transformation such as milliseconds to seconds. The
+-- unit must be supported by
+-- <https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html CW metric>.
+--
+-- 'metricName', 'updateFleetMetric_metricName' - The name of the fleet metric to update.
+--
+-- 'indexName', 'updateFleetMetric_indexName' - The name of the index to search.
+newUpdateFleetMetric ::
+  -- | 'metricName'
+  Prelude.Text ->
+  -- | 'indexName'
+  Prelude.Text ->
+  UpdateFleetMetric
+newUpdateFleetMetric pMetricName_ pIndexName_ =
+  UpdateFleetMetric'
+    { aggregationField =
+        Prelude.Nothing,
+      aggregationType = Prelude.Nothing,
+      description = Prelude.Nothing,
+      expectedVersion = Prelude.Nothing,
+      period = Prelude.Nothing,
+      queryString = Prelude.Nothing,
+      queryVersion = Prelude.Nothing,
+      unit = Prelude.Nothing,
+      metricName = pMetricName_,
+      indexName = pIndexName_
+    }
+
+-- | The field to aggregate.
+updateFleetMetric_aggregationField :: Lens.Lens' UpdateFleetMetric (Prelude.Maybe Prelude.Text)
+updateFleetMetric_aggregationField = Lens.lens (\UpdateFleetMetric' {aggregationField} -> aggregationField) (\s@UpdateFleetMetric' {} a -> s {aggregationField = a} :: UpdateFleetMetric)
+
+-- | The type of the aggregation query.
+updateFleetMetric_aggregationType :: Lens.Lens' UpdateFleetMetric (Prelude.Maybe AggregationType)
+updateFleetMetric_aggregationType = Lens.lens (\UpdateFleetMetric' {aggregationType} -> aggregationType) (\s@UpdateFleetMetric' {} a -> s {aggregationType = a} :: UpdateFleetMetric)
+
+-- | The description of the fleet metric.
+updateFleetMetric_description :: Lens.Lens' UpdateFleetMetric (Prelude.Maybe Prelude.Text)
+updateFleetMetric_description = Lens.lens (\UpdateFleetMetric' {description} -> description) (\s@UpdateFleetMetric' {} a -> s {description = a} :: UpdateFleetMetric)
+
+-- | The expected version of the fleet metric record in the registry.
+updateFleetMetric_expectedVersion :: Lens.Lens' UpdateFleetMetric (Prelude.Maybe Prelude.Integer)
+updateFleetMetric_expectedVersion = Lens.lens (\UpdateFleetMetric' {expectedVersion} -> expectedVersion) (\s@UpdateFleetMetric' {} a -> s {expectedVersion = a} :: UpdateFleetMetric)
+
+-- | The time in seconds between fleet metric emissions. Range [60(1 min),
+-- 86400(1 day)] and must be multiple of 60.
+updateFleetMetric_period :: Lens.Lens' UpdateFleetMetric (Prelude.Maybe Prelude.Natural)
+updateFleetMetric_period = Lens.lens (\UpdateFleetMetric' {period} -> period) (\s@UpdateFleetMetric' {} a -> s {period = a} :: UpdateFleetMetric)
+
+-- | The search query string.
+updateFleetMetric_queryString :: Lens.Lens' UpdateFleetMetric (Prelude.Maybe Prelude.Text)
+updateFleetMetric_queryString = Lens.lens (\UpdateFleetMetric' {queryString} -> queryString) (\s@UpdateFleetMetric' {} a -> s {queryString = a} :: UpdateFleetMetric)
+
+-- | The version of the query.
+updateFleetMetric_queryVersion :: Lens.Lens' UpdateFleetMetric (Prelude.Maybe Prelude.Text)
+updateFleetMetric_queryVersion = Lens.lens (\UpdateFleetMetric' {queryVersion} -> queryVersion) (\s@UpdateFleetMetric' {} a -> s {queryVersion = a} :: UpdateFleetMetric)
+
+-- | Used to support unit transformation such as milliseconds to seconds. The
+-- unit must be supported by
+-- <https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html CW metric>.
+updateFleetMetric_unit :: Lens.Lens' UpdateFleetMetric (Prelude.Maybe FleetMetricUnit)
+updateFleetMetric_unit = Lens.lens (\UpdateFleetMetric' {unit} -> unit) (\s@UpdateFleetMetric' {} a -> s {unit = a} :: UpdateFleetMetric)
+
+-- | The name of the fleet metric to update.
+updateFleetMetric_metricName :: Lens.Lens' UpdateFleetMetric Prelude.Text
+updateFleetMetric_metricName = Lens.lens (\UpdateFleetMetric' {metricName} -> metricName) (\s@UpdateFleetMetric' {} a -> s {metricName = a} :: UpdateFleetMetric)
+
+-- | The name of the index to search.
+updateFleetMetric_indexName :: Lens.Lens' UpdateFleetMetric Prelude.Text
+updateFleetMetric_indexName = Lens.lens (\UpdateFleetMetric' {indexName} -> indexName) (\s@UpdateFleetMetric' {} a -> s {indexName = a} :: UpdateFleetMetric)
+
+instance Core.AWSRequest UpdateFleetMetric where
+  type
+    AWSResponse UpdateFleetMetric =
+      UpdateFleetMetricResponse
+  request overrides =
+    Request.patchJSON (overrides defaultService)
+  response =
+    Response.receiveNull UpdateFleetMetricResponse'
+
+instance Prelude.Hashable UpdateFleetMetric where
+  hashWithSalt _salt UpdateFleetMetric' {..} =
+    _salt
+      `Prelude.hashWithSalt` aggregationField
+      `Prelude.hashWithSalt` aggregationType
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` expectedVersion
+      `Prelude.hashWithSalt` period
+      `Prelude.hashWithSalt` queryString
+      `Prelude.hashWithSalt` queryVersion
+      `Prelude.hashWithSalt` unit
+      `Prelude.hashWithSalt` metricName
+      `Prelude.hashWithSalt` indexName
+
+instance Prelude.NFData UpdateFleetMetric where
+  rnf UpdateFleetMetric' {..} =
+    Prelude.rnf aggregationField
+      `Prelude.seq` Prelude.rnf aggregationType
+      `Prelude.seq` Prelude.rnf description
+      `Prelude.seq` Prelude.rnf expectedVersion
+      `Prelude.seq` Prelude.rnf period
+      `Prelude.seq` Prelude.rnf queryString
+      `Prelude.seq` Prelude.rnf queryVersion
+      `Prelude.seq` Prelude.rnf unit
+      `Prelude.seq` Prelude.rnf metricName
+      `Prelude.seq` Prelude.rnf indexName
+
+instance Data.ToHeaders UpdateFleetMetric where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON UpdateFleetMetric where
+  toJSON UpdateFleetMetric' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("aggregationField" Data..=)
+              Prelude.<$> aggregationField,
+            ("aggregationType" Data..=)
+              Prelude.<$> aggregationType,
+            ("description" Data..=) Prelude.<$> description,
+            ("expectedVersion" Data..=)
+              Prelude.<$> expectedVersion,
+            ("period" Data..=) Prelude.<$> period,
+            ("queryString" Data..=) Prelude.<$> queryString,
+            ("queryVersion" Data..=) Prelude.<$> queryVersion,
+            ("unit" Data..=) Prelude.<$> unit,
+            Prelude.Just ("indexName" Data..= indexName)
+          ]
+      )
+
+instance Data.ToPath UpdateFleetMetric where
+  toPath UpdateFleetMetric' {..} =
+    Prelude.mconcat
+      ["/fleet-metric/", Data.toBS metricName]
+
+instance Data.ToQuery UpdateFleetMetric where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateFleetMetricResponse' smart constructor.
+data UpdateFleetMetricResponse = UpdateFleetMetricResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateFleetMetricResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newUpdateFleetMetricResponse ::
+  UpdateFleetMetricResponse
+newUpdateFleetMetricResponse =
+  UpdateFleetMetricResponse'
+
+instance Prelude.NFData UpdateFleetMetricResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/IoT/UpdateIndexingConfiguration.hs b/gen/Amazonka/IoT/UpdateIndexingConfiguration.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/UpdateIndexingConfiguration.hs
@@ -0,0 +1,170 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.UpdateIndexingConfiguration
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates the search configuration.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions UpdateIndexingConfiguration>
+-- action.
+module Amazonka.IoT.UpdateIndexingConfiguration
+  ( -- * Creating a Request
+    UpdateIndexingConfiguration (..),
+    newUpdateIndexingConfiguration,
+
+    -- * Request Lenses
+    updateIndexingConfiguration_thingGroupIndexingConfiguration,
+    updateIndexingConfiguration_thingIndexingConfiguration,
+
+    -- * Destructuring the Response
+    UpdateIndexingConfigurationResponse (..),
+    newUpdateIndexingConfigurationResponse,
+
+    -- * Response Lenses
+    updateIndexingConfigurationResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newUpdateIndexingConfiguration' smart constructor.
+data UpdateIndexingConfiguration = UpdateIndexingConfiguration'
+  { -- | Thing group indexing configuration.
+    thingGroupIndexingConfiguration :: Prelude.Maybe ThingGroupIndexingConfiguration,
+    -- | Thing indexing configuration.
+    thingIndexingConfiguration :: Prelude.Maybe ThingIndexingConfiguration
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateIndexingConfiguration' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'thingGroupIndexingConfiguration', 'updateIndexingConfiguration_thingGroupIndexingConfiguration' - Thing group indexing configuration.
+--
+-- 'thingIndexingConfiguration', 'updateIndexingConfiguration_thingIndexingConfiguration' - Thing indexing configuration.
+newUpdateIndexingConfiguration ::
+  UpdateIndexingConfiguration
+newUpdateIndexingConfiguration =
+  UpdateIndexingConfiguration'
+    { thingGroupIndexingConfiguration =
+        Prelude.Nothing,
+      thingIndexingConfiguration = Prelude.Nothing
+    }
+
+-- | Thing group indexing configuration.
+updateIndexingConfiguration_thingGroupIndexingConfiguration :: Lens.Lens' UpdateIndexingConfiguration (Prelude.Maybe ThingGroupIndexingConfiguration)
+updateIndexingConfiguration_thingGroupIndexingConfiguration = Lens.lens (\UpdateIndexingConfiguration' {thingGroupIndexingConfiguration} -> thingGroupIndexingConfiguration) (\s@UpdateIndexingConfiguration' {} a -> s {thingGroupIndexingConfiguration = a} :: UpdateIndexingConfiguration)
+
+-- | Thing indexing configuration.
+updateIndexingConfiguration_thingIndexingConfiguration :: Lens.Lens' UpdateIndexingConfiguration (Prelude.Maybe ThingIndexingConfiguration)
+updateIndexingConfiguration_thingIndexingConfiguration = Lens.lens (\UpdateIndexingConfiguration' {thingIndexingConfiguration} -> thingIndexingConfiguration) (\s@UpdateIndexingConfiguration' {} a -> s {thingIndexingConfiguration = a} :: UpdateIndexingConfiguration)
+
+instance Core.AWSRequest UpdateIndexingConfiguration where
+  type
+    AWSResponse UpdateIndexingConfiguration =
+      UpdateIndexingConfigurationResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          UpdateIndexingConfigurationResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable UpdateIndexingConfiguration where
+  hashWithSalt _salt UpdateIndexingConfiguration' {..} =
+    _salt
+      `Prelude.hashWithSalt` thingGroupIndexingConfiguration
+      `Prelude.hashWithSalt` thingIndexingConfiguration
+
+instance Prelude.NFData UpdateIndexingConfiguration where
+  rnf UpdateIndexingConfiguration' {..} =
+    Prelude.rnf thingGroupIndexingConfiguration
+      `Prelude.seq` Prelude.rnf thingIndexingConfiguration
+
+instance Data.ToHeaders UpdateIndexingConfiguration where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON UpdateIndexingConfiguration where
+  toJSON UpdateIndexingConfiguration' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("thingGroupIndexingConfiguration" Data..=)
+              Prelude.<$> thingGroupIndexingConfiguration,
+            ("thingIndexingConfiguration" Data..=)
+              Prelude.<$> thingIndexingConfiguration
+          ]
+      )
+
+instance Data.ToPath UpdateIndexingConfiguration where
+  toPath = Prelude.const "/indexing/config"
+
+instance Data.ToQuery UpdateIndexingConfiguration where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateIndexingConfigurationResponse' smart constructor.
+data UpdateIndexingConfigurationResponse = UpdateIndexingConfigurationResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateIndexingConfigurationResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'updateIndexingConfigurationResponse_httpStatus' - The response's http status code.
+newUpdateIndexingConfigurationResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  UpdateIndexingConfigurationResponse
+newUpdateIndexingConfigurationResponse pHttpStatus_ =
+  UpdateIndexingConfigurationResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+updateIndexingConfigurationResponse_httpStatus :: Lens.Lens' UpdateIndexingConfigurationResponse Prelude.Int
+updateIndexingConfigurationResponse_httpStatus = Lens.lens (\UpdateIndexingConfigurationResponse' {httpStatus} -> httpStatus) (\s@UpdateIndexingConfigurationResponse' {} a -> s {httpStatus = a} :: UpdateIndexingConfigurationResponse)
+
+instance
+  Prelude.NFData
+    UpdateIndexingConfigurationResponse
+  where
+  rnf UpdateIndexingConfigurationResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/UpdateJob.hs b/gen/Amazonka/IoT/UpdateJob.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/UpdateJob.hs
@@ -0,0 +1,256 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.UpdateJob
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates supported fields of the specified job.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions UpdateJob>
+-- action.
+module Amazonka.IoT.UpdateJob
+  ( -- * Creating a Request
+    UpdateJob (..),
+    newUpdateJob,
+
+    -- * Request Lenses
+    updateJob_abortConfig,
+    updateJob_description,
+    updateJob_jobExecutionsRetryConfig,
+    updateJob_jobExecutionsRolloutConfig,
+    updateJob_namespaceId,
+    updateJob_presignedUrlConfig,
+    updateJob_timeoutConfig,
+    updateJob_jobId,
+
+    -- * Destructuring the Response
+    UpdateJobResponse (..),
+    newUpdateJobResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newUpdateJob' smart constructor.
+data UpdateJob = UpdateJob'
+  { -- | Allows you to create criteria to abort a job.
+    abortConfig :: Prelude.Maybe AbortConfig,
+    -- | A short text description of the job.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | Allows you to create the criteria to retry a job.
+    jobExecutionsRetryConfig :: Prelude.Maybe JobExecutionsRetryConfig,
+    -- | Allows you to create a staged rollout of the job.
+    jobExecutionsRolloutConfig :: Prelude.Maybe JobExecutionsRolloutConfig,
+    -- | The namespace used to indicate that a job is a customer-managed job.
+    --
+    -- When you specify a value for this parameter, Amazon Web Services IoT
+    -- Core sends jobs notifications to MQTT topics that contain the value in
+    -- the following format.
+    --
+    -- @$aws\/things\/@/@THING_NAME@/@\/jobs\/@/@JOB_ID@/@\/notify-namespace-@/@NAMESPACE_ID@/@\/@
+    --
+    -- The @namespaceId@ feature is in public preview.
+    namespaceId :: Prelude.Maybe Prelude.Text,
+    -- | Configuration information for pre-signed S3 URLs.
+    presignedUrlConfig :: Prelude.Maybe PresignedUrlConfig,
+    -- | Specifies the amount of time each device has to finish its execution of
+    -- the job. The timer is started when the job execution status is set to
+    -- @IN_PROGRESS@. If the job execution status is not set to another
+    -- terminal state before the time expires, it will be automatically set to
+    -- @TIMED_OUT@.
+    timeoutConfig :: Prelude.Maybe TimeoutConfig,
+    -- | The ID of the job to be updated.
+    jobId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateJob' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'abortConfig', 'updateJob_abortConfig' - Allows you to create criteria to abort a job.
+--
+-- 'description', 'updateJob_description' - A short text description of the job.
+--
+-- 'jobExecutionsRetryConfig', 'updateJob_jobExecutionsRetryConfig' - Allows you to create the criteria to retry a job.
+--
+-- 'jobExecutionsRolloutConfig', 'updateJob_jobExecutionsRolloutConfig' - Allows you to create a staged rollout of the job.
+--
+-- 'namespaceId', 'updateJob_namespaceId' - The namespace used to indicate that a job is a customer-managed job.
+--
+-- When you specify a value for this parameter, Amazon Web Services IoT
+-- Core sends jobs notifications to MQTT topics that contain the value in
+-- the following format.
+--
+-- @$aws\/things\/@/@THING_NAME@/@\/jobs\/@/@JOB_ID@/@\/notify-namespace-@/@NAMESPACE_ID@/@\/@
+--
+-- The @namespaceId@ feature is in public preview.
+--
+-- 'presignedUrlConfig', 'updateJob_presignedUrlConfig' - Configuration information for pre-signed S3 URLs.
+--
+-- 'timeoutConfig', 'updateJob_timeoutConfig' - Specifies the amount of time each device has to finish its execution of
+-- the job. The timer is started when the job execution status is set to
+-- @IN_PROGRESS@. If the job execution status is not set to another
+-- terminal state before the time expires, it will be automatically set to
+-- @TIMED_OUT@.
+--
+-- 'jobId', 'updateJob_jobId' - The ID of the job to be updated.
+newUpdateJob ::
+  -- | 'jobId'
+  Prelude.Text ->
+  UpdateJob
+newUpdateJob pJobId_ =
+  UpdateJob'
+    { abortConfig = Prelude.Nothing,
+      description = Prelude.Nothing,
+      jobExecutionsRetryConfig = Prelude.Nothing,
+      jobExecutionsRolloutConfig = Prelude.Nothing,
+      namespaceId = Prelude.Nothing,
+      presignedUrlConfig = Prelude.Nothing,
+      timeoutConfig = Prelude.Nothing,
+      jobId = pJobId_
+    }
+
+-- | Allows you to create criteria to abort a job.
+updateJob_abortConfig :: Lens.Lens' UpdateJob (Prelude.Maybe AbortConfig)
+updateJob_abortConfig = Lens.lens (\UpdateJob' {abortConfig} -> abortConfig) (\s@UpdateJob' {} a -> s {abortConfig = a} :: UpdateJob)
+
+-- | A short text description of the job.
+updateJob_description :: Lens.Lens' UpdateJob (Prelude.Maybe Prelude.Text)
+updateJob_description = Lens.lens (\UpdateJob' {description} -> description) (\s@UpdateJob' {} a -> s {description = a} :: UpdateJob)
+
+-- | Allows you to create the criteria to retry a job.
+updateJob_jobExecutionsRetryConfig :: Lens.Lens' UpdateJob (Prelude.Maybe JobExecutionsRetryConfig)
+updateJob_jobExecutionsRetryConfig = Lens.lens (\UpdateJob' {jobExecutionsRetryConfig} -> jobExecutionsRetryConfig) (\s@UpdateJob' {} a -> s {jobExecutionsRetryConfig = a} :: UpdateJob)
+
+-- | Allows you to create a staged rollout of the job.
+updateJob_jobExecutionsRolloutConfig :: Lens.Lens' UpdateJob (Prelude.Maybe JobExecutionsRolloutConfig)
+updateJob_jobExecutionsRolloutConfig = Lens.lens (\UpdateJob' {jobExecutionsRolloutConfig} -> jobExecutionsRolloutConfig) (\s@UpdateJob' {} a -> s {jobExecutionsRolloutConfig = a} :: UpdateJob)
+
+-- | The namespace used to indicate that a job is a customer-managed job.
+--
+-- When you specify a value for this parameter, Amazon Web Services IoT
+-- Core sends jobs notifications to MQTT topics that contain the value in
+-- the following format.
+--
+-- @$aws\/things\/@/@THING_NAME@/@\/jobs\/@/@JOB_ID@/@\/notify-namespace-@/@NAMESPACE_ID@/@\/@
+--
+-- The @namespaceId@ feature is in public preview.
+updateJob_namespaceId :: Lens.Lens' UpdateJob (Prelude.Maybe Prelude.Text)
+updateJob_namespaceId = Lens.lens (\UpdateJob' {namespaceId} -> namespaceId) (\s@UpdateJob' {} a -> s {namespaceId = a} :: UpdateJob)
+
+-- | Configuration information for pre-signed S3 URLs.
+updateJob_presignedUrlConfig :: Lens.Lens' UpdateJob (Prelude.Maybe PresignedUrlConfig)
+updateJob_presignedUrlConfig = Lens.lens (\UpdateJob' {presignedUrlConfig} -> presignedUrlConfig) (\s@UpdateJob' {} a -> s {presignedUrlConfig = a} :: UpdateJob)
+
+-- | Specifies the amount of time each device has to finish its execution of
+-- the job. The timer is started when the job execution status is set to
+-- @IN_PROGRESS@. If the job execution status is not set to another
+-- terminal state before the time expires, it will be automatically set to
+-- @TIMED_OUT@.
+updateJob_timeoutConfig :: Lens.Lens' UpdateJob (Prelude.Maybe TimeoutConfig)
+updateJob_timeoutConfig = Lens.lens (\UpdateJob' {timeoutConfig} -> timeoutConfig) (\s@UpdateJob' {} a -> s {timeoutConfig = a} :: UpdateJob)
+
+-- | The ID of the job to be updated.
+updateJob_jobId :: Lens.Lens' UpdateJob Prelude.Text
+updateJob_jobId = Lens.lens (\UpdateJob' {jobId} -> jobId) (\s@UpdateJob' {} a -> s {jobId = a} :: UpdateJob)
+
+instance Core.AWSRequest UpdateJob where
+  type AWSResponse UpdateJob = UpdateJobResponse
+  request overrides =
+    Request.patchJSON (overrides defaultService)
+  response = Response.receiveNull UpdateJobResponse'
+
+instance Prelude.Hashable UpdateJob where
+  hashWithSalt _salt UpdateJob' {..} =
+    _salt
+      `Prelude.hashWithSalt` abortConfig
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` jobExecutionsRetryConfig
+      `Prelude.hashWithSalt` jobExecutionsRolloutConfig
+      `Prelude.hashWithSalt` namespaceId
+      `Prelude.hashWithSalt` presignedUrlConfig
+      `Prelude.hashWithSalt` timeoutConfig
+      `Prelude.hashWithSalt` jobId
+
+instance Prelude.NFData UpdateJob where
+  rnf UpdateJob' {..} =
+    Prelude.rnf abortConfig
+      `Prelude.seq` Prelude.rnf description
+      `Prelude.seq` Prelude.rnf jobExecutionsRetryConfig
+      `Prelude.seq` Prelude.rnf jobExecutionsRolloutConfig
+      `Prelude.seq` Prelude.rnf namespaceId
+      `Prelude.seq` Prelude.rnf presignedUrlConfig
+      `Prelude.seq` Prelude.rnf timeoutConfig
+      `Prelude.seq` Prelude.rnf jobId
+
+instance Data.ToHeaders UpdateJob where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON UpdateJob where
+  toJSON UpdateJob' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("abortConfig" Data..=) Prelude.<$> abortConfig,
+            ("description" Data..=) Prelude.<$> description,
+            ("jobExecutionsRetryConfig" Data..=)
+              Prelude.<$> jobExecutionsRetryConfig,
+            ("jobExecutionsRolloutConfig" Data..=)
+              Prelude.<$> jobExecutionsRolloutConfig,
+            ("presignedUrlConfig" Data..=)
+              Prelude.<$> presignedUrlConfig,
+            ("timeoutConfig" Data..=) Prelude.<$> timeoutConfig
+          ]
+      )
+
+instance Data.ToPath UpdateJob where
+  toPath UpdateJob' {..} =
+    Prelude.mconcat ["/jobs/", Data.toBS jobId]
+
+instance Data.ToQuery UpdateJob where
+  toQuery UpdateJob' {..} =
+    Prelude.mconcat ["namespaceId" Data.=: namespaceId]
+
+-- | /See:/ 'newUpdateJobResponse' smart constructor.
+data UpdateJobResponse = UpdateJobResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateJobResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newUpdateJobResponse ::
+  UpdateJobResponse
+newUpdateJobResponse = UpdateJobResponse'
+
+instance Prelude.NFData UpdateJobResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/IoT/UpdateMitigationAction.hs b/gen/Amazonka/IoT/UpdateMitigationAction.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/UpdateMitigationAction.hs
@@ -0,0 +1,214 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.UpdateMitigationAction
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates the definition for the specified mitigation action.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions UpdateMitigationAction>
+-- action.
+module Amazonka.IoT.UpdateMitigationAction
+  ( -- * Creating a Request
+    UpdateMitigationAction (..),
+    newUpdateMitigationAction,
+
+    -- * Request Lenses
+    updateMitigationAction_actionParams,
+    updateMitigationAction_roleArn,
+    updateMitigationAction_actionName,
+
+    -- * Destructuring the Response
+    UpdateMitigationActionResponse (..),
+    newUpdateMitigationActionResponse,
+
+    -- * Response Lenses
+    updateMitigationActionResponse_actionArn,
+    updateMitigationActionResponse_actionId,
+    updateMitigationActionResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newUpdateMitigationAction' smart constructor.
+data UpdateMitigationAction = UpdateMitigationAction'
+  { -- | Defines the type of action and the parameters for that action.
+    actionParams :: Prelude.Maybe MitigationActionParams,
+    -- | The ARN of the IAM role that is used to apply the mitigation action.
+    roleArn :: Prelude.Maybe Prelude.Text,
+    -- | The friendly name for the mitigation action. You cannot change the name
+    -- by using @UpdateMitigationAction@. Instead, you must delete and recreate
+    -- the mitigation action with the new name.
+    actionName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateMitigationAction' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'actionParams', 'updateMitigationAction_actionParams' - Defines the type of action and the parameters for that action.
+--
+-- 'roleArn', 'updateMitigationAction_roleArn' - The ARN of the IAM role that is used to apply the mitigation action.
+--
+-- 'actionName', 'updateMitigationAction_actionName' - The friendly name for the mitigation action. You cannot change the name
+-- by using @UpdateMitigationAction@. Instead, you must delete and recreate
+-- the mitigation action with the new name.
+newUpdateMitigationAction ::
+  -- | 'actionName'
+  Prelude.Text ->
+  UpdateMitigationAction
+newUpdateMitigationAction pActionName_ =
+  UpdateMitigationAction'
+    { actionParams =
+        Prelude.Nothing,
+      roleArn = Prelude.Nothing,
+      actionName = pActionName_
+    }
+
+-- | Defines the type of action and the parameters for that action.
+updateMitigationAction_actionParams :: Lens.Lens' UpdateMitigationAction (Prelude.Maybe MitigationActionParams)
+updateMitigationAction_actionParams = Lens.lens (\UpdateMitigationAction' {actionParams} -> actionParams) (\s@UpdateMitigationAction' {} a -> s {actionParams = a} :: UpdateMitigationAction)
+
+-- | The ARN of the IAM role that is used to apply the mitigation action.
+updateMitigationAction_roleArn :: Lens.Lens' UpdateMitigationAction (Prelude.Maybe Prelude.Text)
+updateMitigationAction_roleArn = Lens.lens (\UpdateMitigationAction' {roleArn} -> roleArn) (\s@UpdateMitigationAction' {} a -> s {roleArn = a} :: UpdateMitigationAction)
+
+-- | The friendly name for the mitigation action. You cannot change the name
+-- by using @UpdateMitigationAction@. Instead, you must delete and recreate
+-- the mitigation action with the new name.
+updateMitigationAction_actionName :: Lens.Lens' UpdateMitigationAction Prelude.Text
+updateMitigationAction_actionName = Lens.lens (\UpdateMitigationAction' {actionName} -> actionName) (\s@UpdateMitigationAction' {} a -> s {actionName = a} :: UpdateMitigationAction)
+
+instance Core.AWSRequest UpdateMitigationAction where
+  type
+    AWSResponse UpdateMitigationAction =
+      UpdateMitigationActionResponse
+  request overrides =
+    Request.patchJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdateMitigationActionResponse'
+            Prelude.<$> (x Data..?> "actionArn")
+            Prelude.<*> (x Data..?> "actionId")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable UpdateMitigationAction where
+  hashWithSalt _salt UpdateMitigationAction' {..} =
+    _salt
+      `Prelude.hashWithSalt` actionParams
+      `Prelude.hashWithSalt` roleArn
+      `Prelude.hashWithSalt` actionName
+
+instance Prelude.NFData UpdateMitigationAction where
+  rnf UpdateMitigationAction' {..} =
+    Prelude.rnf actionParams
+      `Prelude.seq` Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf actionName
+
+instance Data.ToHeaders UpdateMitigationAction where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON UpdateMitigationAction where
+  toJSON UpdateMitigationAction' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("actionParams" Data..=) Prelude.<$> actionParams,
+            ("roleArn" Data..=) Prelude.<$> roleArn
+          ]
+      )
+
+instance Data.ToPath UpdateMitigationAction where
+  toPath UpdateMitigationAction' {..} =
+    Prelude.mconcat
+      ["/mitigationactions/actions/", Data.toBS actionName]
+
+instance Data.ToQuery UpdateMitigationAction where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateMitigationActionResponse' smart constructor.
+data UpdateMitigationActionResponse = UpdateMitigationActionResponse'
+  { -- | The ARN for the new mitigation action.
+    actionArn :: Prelude.Maybe Prelude.Text,
+    -- | A unique identifier for the mitigation action.
+    actionId :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateMitigationActionResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'actionArn', 'updateMitigationActionResponse_actionArn' - The ARN for the new mitigation action.
+--
+-- 'actionId', 'updateMitigationActionResponse_actionId' - A unique identifier for the mitigation action.
+--
+-- 'httpStatus', 'updateMitigationActionResponse_httpStatus' - The response's http status code.
+newUpdateMitigationActionResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  UpdateMitigationActionResponse
+newUpdateMitigationActionResponse pHttpStatus_ =
+  UpdateMitigationActionResponse'
+    { actionArn =
+        Prelude.Nothing,
+      actionId = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The ARN for the new mitigation action.
+updateMitigationActionResponse_actionArn :: Lens.Lens' UpdateMitigationActionResponse (Prelude.Maybe Prelude.Text)
+updateMitigationActionResponse_actionArn = Lens.lens (\UpdateMitigationActionResponse' {actionArn} -> actionArn) (\s@UpdateMitigationActionResponse' {} a -> s {actionArn = a} :: UpdateMitigationActionResponse)
+
+-- | A unique identifier for the mitigation action.
+updateMitigationActionResponse_actionId :: Lens.Lens' UpdateMitigationActionResponse (Prelude.Maybe Prelude.Text)
+updateMitigationActionResponse_actionId = Lens.lens (\UpdateMitigationActionResponse' {actionId} -> actionId) (\s@UpdateMitigationActionResponse' {} a -> s {actionId = a} :: UpdateMitigationActionResponse)
+
+-- | The response's http status code.
+updateMitigationActionResponse_httpStatus :: Lens.Lens' UpdateMitigationActionResponse Prelude.Int
+updateMitigationActionResponse_httpStatus = Lens.lens (\UpdateMitigationActionResponse' {httpStatus} -> httpStatus) (\s@UpdateMitigationActionResponse' {} a -> s {httpStatus = a} :: UpdateMitigationActionResponse)
+
+instance
+  Prelude.NFData
+    UpdateMitigationActionResponse
+  where
+  rnf UpdateMitigationActionResponse' {..} =
+    Prelude.rnf actionArn
+      `Prelude.seq` Prelude.rnf actionId
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/UpdateProvisioningTemplate.hs b/gen/Amazonka/IoT/UpdateProvisioningTemplate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/UpdateProvisioningTemplate.hs
@@ -0,0 +1,252 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.UpdateProvisioningTemplate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates a provisioning template.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions UpdateProvisioningTemplate>
+-- action.
+module Amazonka.IoT.UpdateProvisioningTemplate
+  ( -- * Creating a Request
+    UpdateProvisioningTemplate (..),
+    newUpdateProvisioningTemplate,
+
+    -- * Request Lenses
+    updateProvisioningTemplate_defaultVersionId,
+    updateProvisioningTemplate_description,
+    updateProvisioningTemplate_enabled,
+    updateProvisioningTemplate_preProvisioningHook,
+    updateProvisioningTemplate_provisioningRoleArn,
+    updateProvisioningTemplate_removePreProvisioningHook,
+    updateProvisioningTemplate_templateName,
+
+    -- * Destructuring the Response
+    UpdateProvisioningTemplateResponse (..),
+    newUpdateProvisioningTemplateResponse,
+
+    -- * Response Lenses
+    updateProvisioningTemplateResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newUpdateProvisioningTemplate' smart constructor.
+data UpdateProvisioningTemplate = UpdateProvisioningTemplate'
+  { -- | The ID of the default provisioning template version.
+    defaultVersionId :: Prelude.Maybe Prelude.Int,
+    -- | The description of the provisioning template.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | True to enable the provisioning template, otherwise false.
+    enabled :: Prelude.Maybe Prelude.Bool,
+    -- | Updates the pre-provisioning hook template. Only supports template of
+    -- type @FLEET_PROVISIONING@. For more information about provisioning
+    -- template types, see
+    -- <https://docs.aws.amazon.com/iot/latest/apireference/API_CreateProvisioningTemplate.html#iot-CreateProvisioningTemplate-request-type type>.
+    preProvisioningHook :: Prelude.Maybe ProvisioningHook,
+    -- | The ARN of the role associated with the provisioning template. This IoT
+    -- role grants permission to provision a device.
+    provisioningRoleArn :: Prelude.Maybe Prelude.Text,
+    -- | Removes pre-provisioning hook template.
+    removePreProvisioningHook :: Prelude.Maybe Prelude.Bool,
+    -- | The name of the provisioning template.
+    templateName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateProvisioningTemplate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'defaultVersionId', 'updateProvisioningTemplate_defaultVersionId' - The ID of the default provisioning template version.
+--
+-- 'description', 'updateProvisioningTemplate_description' - The description of the provisioning template.
+--
+-- 'enabled', 'updateProvisioningTemplate_enabled' - True to enable the provisioning template, otherwise false.
+--
+-- 'preProvisioningHook', 'updateProvisioningTemplate_preProvisioningHook' - Updates the pre-provisioning hook template. Only supports template of
+-- type @FLEET_PROVISIONING@. For more information about provisioning
+-- template types, see
+-- <https://docs.aws.amazon.com/iot/latest/apireference/API_CreateProvisioningTemplate.html#iot-CreateProvisioningTemplate-request-type type>.
+--
+-- 'provisioningRoleArn', 'updateProvisioningTemplate_provisioningRoleArn' - The ARN of the role associated with the provisioning template. This IoT
+-- role grants permission to provision a device.
+--
+-- 'removePreProvisioningHook', 'updateProvisioningTemplate_removePreProvisioningHook' - Removes pre-provisioning hook template.
+--
+-- 'templateName', 'updateProvisioningTemplate_templateName' - The name of the provisioning template.
+newUpdateProvisioningTemplate ::
+  -- | 'templateName'
+  Prelude.Text ->
+  UpdateProvisioningTemplate
+newUpdateProvisioningTemplate pTemplateName_ =
+  UpdateProvisioningTemplate'
+    { defaultVersionId =
+        Prelude.Nothing,
+      description = Prelude.Nothing,
+      enabled = Prelude.Nothing,
+      preProvisioningHook = Prelude.Nothing,
+      provisioningRoleArn = Prelude.Nothing,
+      removePreProvisioningHook = Prelude.Nothing,
+      templateName = pTemplateName_
+    }
+
+-- | The ID of the default provisioning template version.
+updateProvisioningTemplate_defaultVersionId :: Lens.Lens' UpdateProvisioningTemplate (Prelude.Maybe Prelude.Int)
+updateProvisioningTemplate_defaultVersionId = Lens.lens (\UpdateProvisioningTemplate' {defaultVersionId} -> defaultVersionId) (\s@UpdateProvisioningTemplate' {} a -> s {defaultVersionId = a} :: UpdateProvisioningTemplate)
+
+-- | The description of the provisioning template.
+updateProvisioningTemplate_description :: Lens.Lens' UpdateProvisioningTemplate (Prelude.Maybe Prelude.Text)
+updateProvisioningTemplate_description = Lens.lens (\UpdateProvisioningTemplate' {description} -> description) (\s@UpdateProvisioningTemplate' {} a -> s {description = a} :: UpdateProvisioningTemplate)
+
+-- | True to enable the provisioning template, otherwise false.
+updateProvisioningTemplate_enabled :: Lens.Lens' UpdateProvisioningTemplate (Prelude.Maybe Prelude.Bool)
+updateProvisioningTemplate_enabled = Lens.lens (\UpdateProvisioningTemplate' {enabled} -> enabled) (\s@UpdateProvisioningTemplate' {} a -> s {enabled = a} :: UpdateProvisioningTemplate)
+
+-- | Updates the pre-provisioning hook template. Only supports template of
+-- type @FLEET_PROVISIONING@. For more information about provisioning
+-- template types, see
+-- <https://docs.aws.amazon.com/iot/latest/apireference/API_CreateProvisioningTemplate.html#iot-CreateProvisioningTemplate-request-type type>.
+updateProvisioningTemplate_preProvisioningHook :: Lens.Lens' UpdateProvisioningTemplate (Prelude.Maybe ProvisioningHook)
+updateProvisioningTemplate_preProvisioningHook = Lens.lens (\UpdateProvisioningTemplate' {preProvisioningHook} -> preProvisioningHook) (\s@UpdateProvisioningTemplate' {} a -> s {preProvisioningHook = a} :: UpdateProvisioningTemplate)
+
+-- | The ARN of the role associated with the provisioning template. This IoT
+-- role grants permission to provision a device.
+updateProvisioningTemplate_provisioningRoleArn :: Lens.Lens' UpdateProvisioningTemplate (Prelude.Maybe Prelude.Text)
+updateProvisioningTemplate_provisioningRoleArn = Lens.lens (\UpdateProvisioningTemplate' {provisioningRoleArn} -> provisioningRoleArn) (\s@UpdateProvisioningTemplate' {} a -> s {provisioningRoleArn = a} :: UpdateProvisioningTemplate)
+
+-- | Removes pre-provisioning hook template.
+updateProvisioningTemplate_removePreProvisioningHook :: Lens.Lens' UpdateProvisioningTemplate (Prelude.Maybe Prelude.Bool)
+updateProvisioningTemplate_removePreProvisioningHook = Lens.lens (\UpdateProvisioningTemplate' {removePreProvisioningHook} -> removePreProvisioningHook) (\s@UpdateProvisioningTemplate' {} a -> s {removePreProvisioningHook = a} :: UpdateProvisioningTemplate)
+
+-- | The name of the provisioning template.
+updateProvisioningTemplate_templateName :: Lens.Lens' UpdateProvisioningTemplate Prelude.Text
+updateProvisioningTemplate_templateName = Lens.lens (\UpdateProvisioningTemplate' {templateName} -> templateName) (\s@UpdateProvisioningTemplate' {} a -> s {templateName = a} :: UpdateProvisioningTemplate)
+
+instance Core.AWSRequest UpdateProvisioningTemplate where
+  type
+    AWSResponse UpdateProvisioningTemplate =
+      UpdateProvisioningTemplateResponse
+  request overrides =
+    Request.patchJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          UpdateProvisioningTemplateResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable UpdateProvisioningTemplate where
+  hashWithSalt _salt UpdateProvisioningTemplate' {..} =
+    _salt
+      `Prelude.hashWithSalt` defaultVersionId
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` enabled
+      `Prelude.hashWithSalt` preProvisioningHook
+      `Prelude.hashWithSalt` provisioningRoleArn
+      `Prelude.hashWithSalt` removePreProvisioningHook
+      `Prelude.hashWithSalt` templateName
+
+instance Prelude.NFData UpdateProvisioningTemplate where
+  rnf UpdateProvisioningTemplate' {..} =
+    Prelude.rnf defaultVersionId
+      `Prelude.seq` Prelude.rnf description
+      `Prelude.seq` Prelude.rnf enabled
+      `Prelude.seq` Prelude.rnf preProvisioningHook
+      `Prelude.seq` Prelude.rnf provisioningRoleArn
+      `Prelude.seq` Prelude.rnf removePreProvisioningHook
+      `Prelude.seq` Prelude.rnf templateName
+
+instance Data.ToHeaders UpdateProvisioningTemplate where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON UpdateProvisioningTemplate where
+  toJSON UpdateProvisioningTemplate' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("defaultVersionId" Data..=)
+              Prelude.<$> defaultVersionId,
+            ("description" Data..=) Prelude.<$> description,
+            ("enabled" Data..=) Prelude.<$> enabled,
+            ("preProvisioningHook" Data..=)
+              Prelude.<$> preProvisioningHook,
+            ("provisioningRoleArn" Data..=)
+              Prelude.<$> provisioningRoleArn,
+            ("removePreProvisioningHook" Data..=)
+              Prelude.<$> removePreProvisioningHook
+          ]
+      )
+
+instance Data.ToPath UpdateProvisioningTemplate where
+  toPath UpdateProvisioningTemplate' {..} =
+    Prelude.mconcat
+      ["/provisioning-templates/", Data.toBS templateName]
+
+instance Data.ToQuery UpdateProvisioningTemplate where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateProvisioningTemplateResponse' smart constructor.
+data UpdateProvisioningTemplateResponse = UpdateProvisioningTemplateResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateProvisioningTemplateResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'updateProvisioningTemplateResponse_httpStatus' - The response's http status code.
+newUpdateProvisioningTemplateResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  UpdateProvisioningTemplateResponse
+newUpdateProvisioningTemplateResponse pHttpStatus_ =
+  UpdateProvisioningTemplateResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+updateProvisioningTemplateResponse_httpStatus :: Lens.Lens' UpdateProvisioningTemplateResponse Prelude.Int
+updateProvisioningTemplateResponse_httpStatus = Lens.lens (\UpdateProvisioningTemplateResponse' {httpStatus} -> httpStatus) (\s@UpdateProvisioningTemplateResponse' {} a -> s {httpStatus = a} :: UpdateProvisioningTemplateResponse)
+
+instance
+  Prelude.NFData
+    UpdateProvisioningTemplateResponse
+  where
+  rnf UpdateProvisioningTemplateResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/UpdateRoleAlias.hs b/gen/Amazonka/IoT/UpdateRoleAlias.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/UpdateRoleAlias.hs
@@ -0,0 +1,215 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.UpdateRoleAlias
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates a role alias.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions UpdateRoleAlias>
+-- action.
+module Amazonka.IoT.UpdateRoleAlias
+  ( -- * Creating a Request
+    UpdateRoleAlias (..),
+    newUpdateRoleAlias,
+
+    -- * Request Lenses
+    updateRoleAlias_credentialDurationSeconds,
+    updateRoleAlias_roleArn,
+    updateRoleAlias_roleAlias,
+
+    -- * Destructuring the Response
+    UpdateRoleAliasResponse (..),
+    newUpdateRoleAliasResponse,
+
+    -- * Response Lenses
+    updateRoleAliasResponse_roleAlias,
+    updateRoleAliasResponse_roleAliasArn,
+    updateRoleAliasResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newUpdateRoleAlias' smart constructor.
+data UpdateRoleAlias = UpdateRoleAlias'
+  { -- | The number of seconds the credential will be valid.
+    --
+    -- This value must be less than or equal to the maximum session duration of
+    -- the IAM role that the role alias references.
+    credentialDurationSeconds :: Prelude.Maybe Prelude.Natural,
+    -- | The role ARN.
+    roleArn :: Prelude.Maybe Prelude.Text,
+    -- | The role alias to update.
+    roleAlias :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateRoleAlias' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'credentialDurationSeconds', 'updateRoleAlias_credentialDurationSeconds' - The number of seconds the credential will be valid.
+--
+-- This value must be less than or equal to the maximum session duration of
+-- the IAM role that the role alias references.
+--
+-- 'roleArn', 'updateRoleAlias_roleArn' - The role ARN.
+--
+-- 'roleAlias', 'updateRoleAlias_roleAlias' - The role alias to update.
+newUpdateRoleAlias ::
+  -- | 'roleAlias'
+  Prelude.Text ->
+  UpdateRoleAlias
+newUpdateRoleAlias pRoleAlias_ =
+  UpdateRoleAlias'
+    { credentialDurationSeconds =
+        Prelude.Nothing,
+      roleArn = Prelude.Nothing,
+      roleAlias = pRoleAlias_
+    }
+
+-- | The number of seconds the credential will be valid.
+--
+-- This value must be less than or equal to the maximum session duration of
+-- the IAM role that the role alias references.
+updateRoleAlias_credentialDurationSeconds :: Lens.Lens' UpdateRoleAlias (Prelude.Maybe Prelude.Natural)
+updateRoleAlias_credentialDurationSeconds = Lens.lens (\UpdateRoleAlias' {credentialDurationSeconds} -> credentialDurationSeconds) (\s@UpdateRoleAlias' {} a -> s {credentialDurationSeconds = a} :: UpdateRoleAlias)
+
+-- | The role ARN.
+updateRoleAlias_roleArn :: Lens.Lens' UpdateRoleAlias (Prelude.Maybe Prelude.Text)
+updateRoleAlias_roleArn = Lens.lens (\UpdateRoleAlias' {roleArn} -> roleArn) (\s@UpdateRoleAlias' {} a -> s {roleArn = a} :: UpdateRoleAlias)
+
+-- | The role alias to update.
+updateRoleAlias_roleAlias :: Lens.Lens' UpdateRoleAlias Prelude.Text
+updateRoleAlias_roleAlias = Lens.lens (\UpdateRoleAlias' {roleAlias} -> roleAlias) (\s@UpdateRoleAlias' {} a -> s {roleAlias = a} :: UpdateRoleAlias)
+
+instance Core.AWSRequest UpdateRoleAlias where
+  type
+    AWSResponse UpdateRoleAlias =
+      UpdateRoleAliasResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdateRoleAliasResponse'
+            Prelude.<$> (x Data..?> "roleAlias")
+            Prelude.<*> (x Data..?> "roleAliasArn")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable UpdateRoleAlias where
+  hashWithSalt _salt UpdateRoleAlias' {..} =
+    _salt
+      `Prelude.hashWithSalt` credentialDurationSeconds
+      `Prelude.hashWithSalt` roleArn
+      `Prelude.hashWithSalt` roleAlias
+
+instance Prelude.NFData UpdateRoleAlias where
+  rnf UpdateRoleAlias' {..} =
+    Prelude.rnf credentialDurationSeconds
+      `Prelude.seq` Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf roleAlias
+
+instance Data.ToHeaders UpdateRoleAlias where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON UpdateRoleAlias where
+  toJSON UpdateRoleAlias' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("credentialDurationSeconds" Data..=)
+              Prelude.<$> credentialDurationSeconds,
+            ("roleArn" Data..=) Prelude.<$> roleArn
+          ]
+      )
+
+instance Data.ToPath UpdateRoleAlias where
+  toPath UpdateRoleAlias' {..} =
+    Prelude.mconcat
+      ["/role-aliases/", Data.toBS roleAlias]
+
+instance Data.ToQuery UpdateRoleAlias where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateRoleAliasResponse' smart constructor.
+data UpdateRoleAliasResponse = UpdateRoleAliasResponse'
+  { -- | The role alias.
+    roleAlias :: Prelude.Maybe Prelude.Text,
+    -- | The role alias ARN.
+    roleAliasArn :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateRoleAliasResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'roleAlias', 'updateRoleAliasResponse_roleAlias' - The role alias.
+--
+-- 'roleAliasArn', 'updateRoleAliasResponse_roleAliasArn' - The role alias ARN.
+--
+-- 'httpStatus', 'updateRoleAliasResponse_httpStatus' - The response's http status code.
+newUpdateRoleAliasResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  UpdateRoleAliasResponse
+newUpdateRoleAliasResponse pHttpStatus_ =
+  UpdateRoleAliasResponse'
+    { roleAlias =
+        Prelude.Nothing,
+      roleAliasArn = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The role alias.
+updateRoleAliasResponse_roleAlias :: Lens.Lens' UpdateRoleAliasResponse (Prelude.Maybe Prelude.Text)
+updateRoleAliasResponse_roleAlias = Lens.lens (\UpdateRoleAliasResponse' {roleAlias} -> roleAlias) (\s@UpdateRoleAliasResponse' {} a -> s {roleAlias = a} :: UpdateRoleAliasResponse)
+
+-- | The role alias ARN.
+updateRoleAliasResponse_roleAliasArn :: Lens.Lens' UpdateRoleAliasResponse (Prelude.Maybe Prelude.Text)
+updateRoleAliasResponse_roleAliasArn = Lens.lens (\UpdateRoleAliasResponse' {roleAliasArn} -> roleAliasArn) (\s@UpdateRoleAliasResponse' {} a -> s {roleAliasArn = a} :: UpdateRoleAliasResponse)
+
+-- | The response's http status code.
+updateRoleAliasResponse_httpStatus :: Lens.Lens' UpdateRoleAliasResponse Prelude.Int
+updateRoleAliasResponse_httpStatus = Lens.lens (\UpdateRoleAliasResponse' {httpStatus} -> httpStatus) (\s@UpdateRoleAliasResponse' {} a -> s {httpStatus = a} :: UpdateRoleAliasResponse)
+
+instance Prelude.NFData UpdateRoleAliasResponse where
+  rnf UpdateRoleAliasResponse' {..} =
+    Prelude.rnf roleAlias
+      `Prelude.seq` Prelude.rnf roleAliasArn
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/UpdateScheduledAudit.hs b/gen/Amazonka/IoT/UpdateScheduledAudit.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/UpdateScheduledAudit.hs
@@ -0,0 +1,258 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.UpdateScheduledAudit
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates a scheduled audit, including which checks are performed and how
+-- often the audit takes place.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions UpdateScheduledAudit>
+-- action.
+module Amazonka.IoT.UpdateScheduledAudit
+  ( -- * Creating a Request
+    UpdateScheduledAudit (..),
+    newUpdateScheduledAudit,
+
+    -- * Request Lenses
+    updateScheduledAudit_dayOfMonth,
+    updateScheduledAudit_dayOfWeek,
+    updateScheduledAudit_frequency,
+    updateScheduledAudit_targetCheckNames,
+    updateScheduledAudit_scheduledAuditName,
+
+    -- * Destructuring the Response
+    UpdateScheduledAuditResponse (..),
+    newUpdateScheduledAuditResponse,
+
+    -- * Response Lenses
+    updateScheduledAuditResponse_scheduledAuditArn,
+    updateScheduledAuditResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newUpdateScheduledAudit' smart constructor.
+data UpdateScheduledAudit = UpdateScheduledAudit'
+  { -- | The day of the month on which the scheduled audit takes place. This can
+    -- be @1@ through @31@ or @LAST@. This field is required if the @frequency@
+    -- parameter is set to @MONTHLY@. If days 29-31 are specified, and the
+    -- month does not have that many days, the audit takes place on the
+    -- \"LAST\" day of the month.
+    dayOfMonth :: Prelude.Maybe Prelude.Text,
+    -- | The day of the week on which the scheduled audit takes place. This can
+    -- be one of @SUN@, @MON@, @TUE@, @WED@, @THU@, @FRI@, or @SAT@. This field
+    -- is required if the \"frequency\" parameter is set to @WEEKLY@ or
+    -- @BIWEEKLY@.
+    dayOfWeek :: Prelude.Maybe DayOfWeek,
+    -- | How often the scheduled audit takes place, either @DAILY@, @WEEKLY@,
+    -- @BIWEEKLY@, or @MONTHLY@. The start time of each audit is determined by
+    -- the system.
+    frequency :: Prelude.Maybe AuditFrequency,
+    -- | Which checks are performed during the scheduled audit. Checks must be
+    -- enabled for your account. (Use @DescribeAccountAuditConfiguration@ to
+    -- see the list of all checks, including those that are enabled or use
+    -- @UpdateAccountAuditConfiguration@ to select which checks are enabled.)
+    targetCheckNames :: Prelude.Maybe [Prelude.Text],
+    -- | The name of the scheduled audit. (Max. 128 chars)
+    scheduledAuditName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateScheduledAudit' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'dayOfMonth', 'updateScheduledAudit_dayOfMonth' - The day of the month on which the scheduled audit takes place. This can
+-- be @1@ through @31@ or @LAST@. This field is required if the @frequency@
+-- parameter is set to @MONTHLY@. If days 29-31 are specified, and the
+-- month does not have that many days, the audit takes place on the
+-- \"LAST\" day of the month.
+--
+-- 'dayOfWeek', 'updateScheduledAudit_dayOfWeek' - The day of the week on which the scheduled audit takes place. This can
+-- be one of @SUN@, @MON@, @TUE@, @WED@, @THU@, @FRI@, or @SAT@. This field
+-- is required if the \"frequency\" parameter is set to @WEEKLY@ or
+-- @BIWEEKLY@.
+--
+-- 'frequency', 'updateScheduledAudit_frequency' - How often the scheduled audit takes place, either @DAILY@, @WEEKLY@,
+-- @BIWEEKLY@, or @MONTHLY@. The start time of each audit is determined by
+-- the system.
+--
+-- 'targetCheckNames', 'updateScheduledAudit_targetCheckNames' - Which checks are performed during the scheduled audit. Checks must be
+-- enabled for your account. (Use @DescribeAccountAuditConfiguration@ to
+-- see the list of all checks, including those that are enabled or use
+-- @UpdateAccountAuditConfiguration@ to select which checks are enabled.)
+--
+-- 'scheduledAuditName', 'updateScheduledAudit_scheduledAuditName' - The name of the scheduled audit. (Max. 128 chars)
+newUpdateScheduledAudit ::
+  -- | 'scheduledAuditName'
+  Prelude.Text ->
+  UpdateScheduledAudit
+newUpdateScheduledAudit pScheduledAuditName_ =
+  UpdateScheduledAudit'
+    { dayOfMonth = Prelude.Nothing,
+      dayOfWeek = Prelude.Nothing,
+      frequency = Prelude.Nothing,
+      targetCheckNames = Prelude.Nothing,
+      scheduledAuditName = pScheduledAuditName_
+    }
+
+-- | The day of the month on which the scheduled audit takes place. This can
+-- be @1@ through @31@ or @LAST@. This field is required if the @frequency@
+-- parameter is set to @MONTHLY@. If days 29-31 are specified, and the
+-- month does not have that many days, the audit takes place on the
+-- \"LAST\" day of the month.
+updateScheduledAudit_dayOfMonth :: Lens.Lens' UpdateScheduledAudit (Prelude.Maybe Prelude.Text)
+updateScheduledAudit_dayOfMonth = Lens.lens (\UpdateScheduledAudit' {dayOfMonth} -> dayOfMonth) (\s@UpdateScheduledAudit' {} a -> s {dayOfMonth = a} :: UpdateScheduledAudit)
+
+-- | The day of the week on which the scheduled audit takes place. This can
+-- be one of @SUN@, @MON@, @TUE@, @WED@, @THU@, @FRI@, or @SAT@. This field
+-- is required if the \"frequency\" parameter is set to @WEEKLY@ or
+-- @BIWEEKLY@.
+updateScheduledAudit_dayOfWeek :: Lens.Lens' UpdateScheduledAudit (Prelude.Maybe DayOfWeek)
+updateScheduledAudit_dayOfWeek = Lens.lens (\UpdateScheduledAudit' {dayOfWeek} -> dayOfWeek) (\s@UpdateScheduledAudit' {} a -> s {dayOfWeek = a} :: UpdateScheduledAudit)
+
+-- | How often the scheduled audit takes place, either @DAILY@, @WEEKLY@,
+-- @BIWEEKLY@, or @MONTHLY@. The start time of each audit is determined by
+-- the system.
+updateScheduledAudit_frequency :: Lens.Lens' UpdateScheduledAudit (Prelude.Maybe AuditFrequency)
+updateScheduledAudit_frequency = Lens.lens (\UpdateScheduledAudit' {frequency} -> frequency) (\s@UpdateScheduledAudit' {} a -> s {frequency = a} :: UpdateScheduledAudit)
+
+-- | Which checks are performed during the scheduled audit. Checks must be
+-- enabled for your account. (Use @DescribeAccountAuditConfiguration@ to
+-- see the list of all checks, including those that are enabled or use
+-- @UpdateAccountAuditConfiguration@ to select which checks are enabled.)
+updateScheduledAudit_targetCheckNames :: Lens.Lens' UpdateScheduledAudit (Prelude.Maybe [Prelude.Text])
+updateScheduledAudit_targetCheckNames = Lens.lens (\UpdateScheduledAudit' {targetCheckNames} -> targetCheckNames) (\s@UpdateScheduledAudit' {} a -> s {targetCheckNames = a} :: UpdateScheduledAudit) Prelude.. Lens.mapping Lens.coerced
+
+-- | The name of the scheduled audit. (Max. 128 chars)
+updateScheduledAudit_scheduledAuditName :: Lens.Lens' UpdateScheduledAudit Prelude.Text
+updateScheduledAudit_scheduledAuditName = Lens.lens (\UpdateScheduledAudit' {scheduledAuditName} -> scheduledAuditName) (\s@UpdateScheduledAudit' {} a -> s {scheduledAuditName = a} :: UpdateScheduledAudit)
+
+instance Core.AWSRequest UpdateScheduledAudit where
+  type
+    AWSResponse UpdateScheduledAudit =
+      UpdateScheduledAuditResponse
+  request overrides =
+    Request.patchJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdateScheduledAuditResponse'
+            Prelude.<$> (x Data..?> "scheduledAuditArn")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable UpdateScheduledAudit where
+  hashWithSalt _salt UpdateScheduledAudit' {..} =
+    _salt
+      `Prelude.hashWithSalt` dayOfMonth
+      `Prelude.hashWithSalt` dayOfWeek
+      `Prelude.hashWithSalt` frequency
+      `Prelude.hashWithSalt` targetCheckNames
+      `Prelude.hashWithSalt` scheduledAuditName
+
+instance Prelude.NFData UpdateScheduledAudit where
+  rnf UpdateScheduledAudit' {..} =
+    Prelude.rnf dayOfMonth
+      `Prelude.seq` Prelude.rnf dayOfWeek
+      `Prelude.seq` Prelude.rnf frequency
+      `Prelude.seq` Prelude.rnf targetCheckNames
+      `Prelude.seq` Prelude.rnf scheduledAuditName
+
+instance Data.ToHeaders UpdateScheduledAudit where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON UpdateScheduledAudit where
+  toJSON UpdateScheduledAudit' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("dayOfMonth" Data..=) Prelude.<$> dayOfMonth,
+            ("dayOfWeek" Data..=) Prelude.<$> dayOfWeek,
+            ("frequency" Data..=) Prelude.<$> frequency,
+            ("targetCheckNames" Data..=)
+              Prelude.<$> targetCheckNames
+          ]
+      )
+
+instance Data.ToPath UpdateScheduledAudit where
+  toPath UpdateScheduledAudit' {..} =
+    Prelude.mconcat
+      [ "/audit/scheduledaudits/",
+        Data.toBS scheduledAuditName
+      ]
+
+instance Data.ToQuery UpdateScheduledAudit where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateScheduledAuditResponse' smart constructor.
+data UpdateScheduledAuditResponse = UpdateScheduledAuditResponse'
+  { -- | The ARN of the scheduled audit.
+    scheduledAuditArn :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateScheduledAuditResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'scheduledAuditArn', 'updateScheduledAuditResponse_scheduledAuditArn' - The ARN of the scheduled audit.
+--
+-- 'httpStatus', 'updateScheduledAuditResponse_httpStatus' - The response's http status code.
+newUpdateScheduledAuditResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  UpdateScheduledAuditResponse
+newUpdateScheduledAuditResponse pHttpStatus_ =
+  UpdateScheduledAuditResponse'
+    { scheduledAuditArn =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The ARN of the scheduled audit.
+updateScheduledAuditResponse_scheduledAuditArn :: Lens.Lens' UpdateScheduledAuditResponse (Prelude.Maybe Prelude.Text)
+updateScheduledAuditResponse_scheduledAuditArn = Lens.lens (\UpdateScheduledAuditResponse' {scheduledAuditArn} -> scheduledAuditArn) (\s@UpdateScheduledAuditResponse' {} a -> s {scheduledAuditArn = a} :: UpdateScheduledAuditResponse)
+
+-- | The response's http status code.
+updateScheduledAuditResponse_httpStatus :: Lens.Lens' UpdateScheduledAuditResponse Prelude.Int
+updateScheduledAuditResponse_httpStatus = Lens.lens (\UpdateScheduledAuditResponse' {httpStatus} -> httpStatus) (\s@UpdateScheduledAuditResponse' {} a -> s {httpStatus = a} :: UpdateScheduledAuditResponse)
+
+instance Prelude.NFData UpdateScheduledAuditResponse where
+  rnf UpdateScheduledAuditResponse' {..} =
+    Prelude.rnf scheduledAuditArn
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/UpdateSecurityProfile.hs b/gen/Amazonka/IoT/UpdateSecurityProfile.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/UpdateSecurityProfile.hs
@@ -0,0 +1,492 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.UpdateSecurityProfile
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates a Device Defender security profile.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions UpdateSecurityProfile>
+-- action.
+module Amazonka.IoT.UpdateSecurityProfile
+  ( -- * Creating a Request
+    UpdateSecurityProfile (..),
+    newUpdateSecurityProfile,
+
+    -- * Request Lenses
+    updateSecurityProfile_additionalMetricsToRetain,
+    updateSecurityProfile_additionalMetricsToRetainV2,
+    updateSecurityProfile_alertTargets,
+    updateSecurityProfile_behaviors,
+    updateSecurityProfile_deleteAdditionalMetricsToRetain,
+    updateSecurityProfile_deleteAlertTargets,
+    updateSecurityProfile_deleteBehaviors,
+    updateSecurityProfile_expectedVersion,
+    updateSecurityProfile_securityProfileDescription,
+    updateSecurityProfile_securityProfileName,
+
+    -- * Destructuring the Response
+    UpdateSecurityProfileResponse (..),
+    newUpdateSecurityProfileResponse,
+
+    -- * Response Lenses
+    updateSecurityProfileResponse_additionalMetricsToRetain,
+    updateSecurityProfileResponse_additionalMetricsToRetainV2,
+    updateSecurityProfileResponse_alertTargets,
+    updateSecurityProfileResponse_behaviors,
+    updateSecurityProfileResponse_creationDate,
+    updateSecurityProfileResponse_lastModifiedDate,
+    updateSecurityProfileResponse_securityProfileArn,
+    updateSecurityProfileResponse_securityProfileDescription,
+    updateSecurityProfileResponse_securityProfileName,
+    updateSecurityProfileResponse_version,
+    updateSecurityProfileResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newUpdateSecurityProfile' smart constructor.
+data UpdateSecurityProfile = UpdateSecurityProfile'
+  { -- | /Please use UpdateSecurityProfileRequest$additionalMetricsToRetainV2
+    -- instead./
+    --
+    -- A list of metrics whose data is retained (stored). By default, data is
+    -- retained for any metric used in the profile\'s @behaviors@, but it is
+    -- also retained for any metric specified here. Can be used with custom
+    -- metrics; cannot be used with dimensions.
+    additionalMetricsToRetain :: Prelude.Maybe [Prelude.Text],
+    -- | A list of metrics whose data is retained (stored). By default, data is
+    -- retained for any metric used in the profile\'s behaviors, but it is also
+    -- retained for any metric specified here. Can be used with custom metrics;
+    -- cannot be used with dimensions.
+    additionalMetricsToRetainV2 :: Prelude.Maybe [MetricToRetain],
+    -- | Where the alerts are sent. (Alerts are always sent to the console.)
+    alertTargets :: Prelude.Maybe (Prelude.HashMap AlertTargetType AlertTarget),
+    -- | Specifies the behaviors that, when violated by a device (thing), cause
+    -- an alert.
+    behaviors :: Prelude.Maybe [Behavior],
+    -- | If true, delete all @additionalMetricsToRetain@ defined for this
+    -- security profile. If any @additionalMetricsToRetain@ are defined in the
+    -- current invocation, an exception occurs.
+    deleteAdditionalMetricsToRetain :: Prelude.Maybe Prelude.Bool,
+    -- | If true, delete all @alertTargets@ defined for this security profile. If
+    -- any @alertTargets@ are defined in the current invocation, an exception
+    -- occurs.
+    deleteAlertTargets :: Prelude.Maybe Prelude.Bool,
+    -- | If true, delete all @behaviors@ defined for this security profile. If
+    -- any @behaviors@ are defined in the current invocation, an exception
+    -- occurs.
+    deleteBehaviors :: Prelude.Maybe Prelude.Bool,
+    -- | The expected version of the security profile. A new version is generated
+    -- whenever the security profile is updated. If you specify a value that is
+    -- different from the actual version, a @VersionConflictException@ is
+    -- thrown.
+    expectedVersion :: Prelude.Maybe Prelude.Integer,
+    -- | A description of the security profile.
+    securityProfileDescription :: Prelude.Maybe Prelude.Text,
+    -- | The name of the security profile you want to update.
+    securityProfileName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateSecurityProfile' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'additionalMetricsToRetain', 'updateSecurityProfile_additionalMetricsToRetain' - /Please use UpdateSecurityProfileRequest$additionalMetricsToRetainV2
+-- instead./
+--
+-- A list of metrics whose data is retained (stored). By default, data is
+-- retained for any metric used in the profile\'s @behaviors@, but it is
+-- also retained for any metric specified here. Can be used with custom
+-- metrics; cannot be used with dimensions.
+--
+-- 'additionalMetricsToRetainV2', 'updateSecurityProfile_additionalMetricsToRetainV2' - A list of metrics whose data is retained (stored). By default, data is
+-- retained for any metric used in the profile\'s behaviors, but it is also
+-- retained for any metric specified here. Can be used with custom metrics;
+-- cannot be used with dimensions.
+--
+-- 'alertTargets', 'updateSecurityProfile_alertTargets' - Where the alerts are sent. (Alerts are always sent to the console.)
+--
+-- 'behaviors', 'updateSecurityProfile_behaviors' - Specifies the behaviors that, when violated by a device (thing), cause
+-- an alert.
+--
+-- 'deleteAdditionalMetricsToRetain', 'updateSecurityProfile_deleteAdditionalMetricsToRetain' - If true, delete all @additionalMetricsToRetain@ defined for this
+-- security profile. If any @additionalMetricsToRetain@ are defined in the
+-- current invocation, an exception occurs.
+--
+-- 'deleteAlertTargets', 'updateSecurityProfile_deleteAlertTargets' - If true, delete all @alertTargets@ defined for this security profile. If
+-- any @alertTargets@ are defined in the current invocation, an exception
+-- occurs.
+--
+-- 'deleteBehaviors', 'updateSecurityProfile_deleteBehaviors' - If true, delete all @behaviors@ defined for this security profile. If
+-- any @behaviors@ are defined in the current invocation, an exception
+-- occurs.
+--
+-- 'expectedVersion', 'updateSecurityProfile_expectedVersion' - The expected version of the security profile. A new version is generated
+-- whenever the security profile is updated. If you specify a value that is
+-- different from the actual version, a @VersionConflictException@ is
+-- thrown.
+--
+-- 'securityProfileDescription', 'updateSecurityProfile_securityProfileDescription' - A description of the security profile.
+--
+-- 'securityProfileName', 'updateSecurityProfile_securityProfileName' - The name of the security profile you want to update.
+newUpdateSecurityProfile ::
+  -- | 'securityProfileName'
+  Prelude.Text ->
+  UpdateSecurityProfile
+newUpdateSecurityProfile pSecurityProfileName_ =
+  UpdateSecurityProfile'
+    { additionalMetricsToRetain =
+        Prelude.Nothing,
+      additionalMetricsToRetainV2 = Prelude.Nothing,
+      alertTargets = Prelude.Nothing,
+      behaviors = Prelude.Nothing,
+      deleteAdditionalMetricsToRetain = Prelude.Nothing,
+      deleteAlertTargets = Prelude.Nothing,
+      deleteBehaviors = Prelude.Nothing,
+      expectedVersion = Prelude.Nothing,
+      securityProfileDescription = Prelude.Nothing,
+      securityProfileName = pSecurityProfileName_
+    }
+
+-- | /Please use UpdateSecurityProfileRequest$additionalMetricsToRetainV2
+-- instead./
+--
+-- A list of metrics whose data is retained (stored). By default, data is
+-- retained for any metric used in the profile\'s @behaviors@, but it is
+-- also retained for any metric specified here. Can be used with custom
+-- metrics; cannot be used with dimensions.
+updateSecurityProfile_additionalMetricsToRetain :: Lens.Lens' UpdateSecurityProfile (Prelude.Maybe [Prelude.Text])
+updateSecurityProfile_additionalMetricsToRetain = Lens.lens (\UpdateSecurityProfile' {additionalMetricsToRetain} -> additionalMetricsToRetain) (\s@UpdateSecurityProfile' {} a -> s {additionalMetricsToRetain = a} :: UpdateSecurityProfile) Prelude.. Lens.mapping Lens.coerced
+
+-- | A list of metrics whose data is retained (stored). By default, data is
+-- retained for any metric used in the profile\'s behaviors, but it is also
+-- retained for any metric specified here. Can be used with custom metrics;
+-- cannot be used with dimensions.
+updateSecurityProfile_additionalMetricsToRetainV2 :: Lens.Lens' UpdateSecurityProfile (Prelude.Maybe [MetricToRetain])
+updateSecurityProfile_additionalMetricsToRetainV2 = Lens.lens (\UpdateSecurityProfile' {additionalMetricsToRetainV2} -> additionalMetricsToRetainV2) (\s@UpdateSecurityProfile' {} a -> s {additionalMetricsToRetainV2 = a} :: UpdateSecurityProfile) Prelude.. Lens.mapping Lens.coerced
+
+-- | Where the alerts are sent. (Alerts are always sent to the console.)
+updateSecurityProfile_alertTargets :: Lens.Lens' UpdateSecurityProfile (Prelude.Maybe (Prelude.HashMap AlertTargetType AlertTarget))
+updateSecurityProfile_alertTargets = Lens.lens (\UpdateSecurityProfile' {alertTargets} -> alertTargets) (\s@UpdateSecurityProfile' {} a -> s {alertTargets = a} :: UpdateSecurityProfile) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies the behaviors that, when violated by a device (thing), cause
+-- an alert.
+updateSecurityProfile_behaviors :: Lens.Lens' UpdateSecurityProfile (Prelude.Maybe [Behavior])
+updateSecurityProfile_behaviors = Lens.lens (\UpdateSecurityProfile' {behaviors} -> behaviors) (\s@UpdateSecurityProfile' {} a -> s {behaviors = a} :: UpdateSecurityProfile) Prelude.. Lens.mapping Lens.coerced
+
+-- | If true, delete all @additionalMetricsToRetain@ defined for this
+-- security profile. If any @additionalMetricsToRetain@ are defined in the
+-- current invocation, an exception occurs.
+updateSecurityProfile_deleteAdditionalMetricsToRetain :: Lens.Lens' UpdateSecurityProfile (Prelude.Maybe Prelude.Bool)
+updateSecurityProfile_deleteAdditionalMetricsToRetain = Lens.lens (\UpdateSecurityProfile' {deleteAdditionalMetricsToRetain} -> deleteAdditionalMetricsToRetain) (\s@UpdateSecurityProfile' {} a -> s {deleteAdditionalMetricsToRetain = a} :: UpdateSecurityProfile)
+
+-- | If true, delete all @alertTargets@ defined for this security profile. If
+-- any @alertTargets@ are defined in the current invocation, an exception
+-- occurs.
+updateSecurityProfile_deleteAlertTargets :: Lens.Lens' UpdateSecurityProfile (Prelude.Maybe Prelude.Bool)
+updateSecurityProfile_deleteAlertTargets = Lens.lens (\UpdateSecurityProfile' {deleteAlertTargets} -> deleteAlertTargets) (\s@UpdateSecurityProfile' {} a -> s {deleteAlertTargets = a} :: UpdateSecurityProfile)
+
+-- | If true, delete all @behaviors@ defined for this security profile. If
+-- any @behaviors@ are defined in the current invocation, an exception
+-- occurs.
+updateSecurityProfile_deleteBehaviors :: Lens.Lens' UpdateSecurityProfile (Prelude.Maybe Prelude.Bool)
+updateSecurityProfile_deleteBehaviors = Lens.lens (\UpdateSecurityProfile' {deleteBehaviors} -> deleteBehaviors) (\s@UpdateSecurityProfile' {} a -> s {deleteBehaviors = a} :: UpdateSecurityProfile)
+
+-- | The expected version of the security profile. A new version is generated
+-- whenever the security profile is updated. If you specify a value that is
+-- different from the actual version, a @VersionConflictException@ is
+-- thrown.
+updateSecurityProfile_expectedVersion :: Lens.Lens' UpdateSecurityProfile (Prelude.Maybe Prelude.Integer)
+updateSecurityProfile_expectedVersion = Lens.lens (\UpdateSecurityProfile' {expectedVersion} -> expectedVersion) (\s@UpdateSecurityProfile' {} a -> s {expectedVersion = a} :: UpdateSecurityProfile)
+
+-- | A description of the security profile.
+updateSecurityProfile_securityProfileDescription :: Lens.Lens' UpdateSecurityProfile (Prelude.Maybe Prelude.Text)
+updateSecurityProfile_securityProfileDescription = Lens.lens (\UpdateSecurityProfile' {securityProfileDescription} -> securityProfileDescription) (\s@UpdateSecurityProfile' {} a -> s {securityProfileDescription = a} :: UpdateSecurityProfile)
+
+-- | The name of the security profile you want to update.
+updateSecurityProfile_securityProfileName :: Lens.Lens' UpdateSecurityProfile Prelude.Text
+updateSecurityProfile_securityProfileName = Lens.lens (\UpdateSecurityProfile' {securityProfileName} -> securityProfileName) (\s@UpdateSecurityProfile' {} a -> s {securityProfileName = a} :: UpdateSecurityProfile)
+
+instance Core.AWSRequest UpdateSecurityProfile where
+  type
+    AWSResponse UpdateSecurityProfile =
+      UpdateSecurityProfileResponse
+  request overrides =
+    Request.patchJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdateSecurityProfileResponse'
+            Prelude.<$> ( x
+                            Data..?> "additionalMetricsToRetain"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> ( x
+                            Data..?> "additionalMetricsToRetainV2"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (x Data..?> "alertTargets" Core..!@ Prelude.mempty)
+            Prelude.<*> (x Data..?> "behaviors" Core..!@ Prelude.mempty)
+            Prelude.<*> (x Data..?> "creationDate")
+            Prelude.<*> (x Data..?> "lastModifiedDate")
+            Prelude.<*> (x Data..?> "securityProfileArn")
+            Prelude.<*> (x Data..?> "securityProfileDescription")
+            Prelude.<*> (x Data..?> "securityProfileName")
+            Prelude.<*> (x Data..?> "version")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable UpdateSecurityProfile where
+  hashWithSalt _salt UpdateSecurityProfile' {..} =
+    _salt
+      `Prelude.hashWithSalt` additionalMetricsToRetain
+      `Prelude.hashWithSalt` additionalMetricsToRetainV2
+      `Prelude.hashWithSalt` alertTargets
+      `Prelude.hashWithSalt` behaviors
+      `Prelude.hashWithSalt` deleteAdditionalMetricsToRetain
+      `Prelude.hashWithSalt` deleteAlertTargets
+      `Prelude.hashWithSalt` deleteBehaviors
+      `Prelude.hashWithSalt` expectedVersion
+      `Prelude.hashWithSalt` securityProfileDescription
+      `Prelude.hashWithSalt` securityProfileName
+
+instance Prelude.NFData UpdateSecurityProfile where
+  rnf UpdateSecurityProfile' {..} =
+    Prelude.rnf additionalMetricsToRetain
+      `Prelude.seq` Prelude.rnf additionalMetricsToRetainV2
+      `Prelude.seq` Prelude.rnf alertTargets
+      `Prelude.seq` Prelude.rnf behaviors
+      `Prelude.seq` Prelude.rnf deleteAdditionalMetricsToRetain
+      `Prelude.seq` Prelude.rnf deleteAlertTargets
+      `Prelude.seq` Prelude.rnf deleteBehaviors
+      `Prelude.seq` Prelude.rnf expectedVersion
+      `Prelude.seq` Prelude.rnf securityProfileDescription
+      `Prelude.seq` Prelude.rnf securityProfileName
+
+instance Data.ToHeaders UpdateSecurityProfile where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON UpdateSecurityProfile where
+  toJSON UpdateSecurityProfile' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("additionalMetricsToRetain" Data..=)
+              Prelude.<$> additionalMetricsToRetain,
+            ("additionalMetricsToRetainV2" Data..=)
+              Prelude.<$> additionalMetricsToRetainV2,
+            ("alertTargets" Data..=) Prelude.<$> alertTargets,
+            ("behaviors" Data..=) Prelude.<$> behaviors,
+            ("deleteAdditionalMetricsToRetain" Data..=)
+              Prelude.<$> deleteAdditionalMetricsToRetain,
+            ("deleteAlertTargets" Data..=)
+              Prelude.<$> deleteAlertTargets,
+            ("deleteBehaviors" Data..=)
+              Prelude.<$> deleteBehaviors,
+            ("securityProfileDescription" Data..=)
+              Prelude.<$> securityProfileDescription
+          ]
+      )
+
+instance Data.ToPath UpdateSecurityProfile where
+  toPath UpdateSecurityProfile' {..} =
+    Prelude.mconcat
+      [ "/security-profiles/",
+        Data.toBS securityProfileName
+      ]
+
+instance Data.ToQuery UpdateSecurityProfile where
+  toQuery UpdateSecurityProfile' {..} =
+    Prelude.mconcat
+      ["expectedVersion" Data.=: expectedVersion]
+
+-- | /See:/ 'newUpdateSecurityProfileResponse' smart constructor.
+data UpdateSecurityProfileResponse = UpdateSecurityProfileResponse'
+  { -- | /Please use UpdateSecurityProfileResponse$additionalMetricsToRetainV2
+    -- instead./
+    --
+    -- A list of metrics whose data is retained (stored). By default, data is
+    -- retained for any metric used in the security profile\'s @behaviors@, but
+    -- it is also retained for any metric specified here.
+    additionalMetricsToRetain :: Prelude.Maybe [Prelude.Text],
+    -- | A list of metrics whose data is retained (stored). By default, data is
+    -- retained for any metric used in the profile\'s behaviors, but it is also
+    -- retained for any metric specified here. Can be used with custom metrics;
+    -- cannot be used with dimensions.
+    additionalMetricsToRetainV2 :: Prelude.Maybe [MetricToRetain],
+    -- | Where the alerts are sent. (Alerts are always sent to the console.)
+    alertTargets :: Prelude.Maybe (Prelude.HashMap AlertTargetType AlertTarget),
+    -- | Specifies the behaviors that, when violated by a device (thing), cause
+    -- an alert.
+    behaviors :: Prelude.Maybe [Behavior],
+    -- | The time the security profile was created.
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | The time the security profile was last modified.
+    lastModifiedDate :: Prelude.Maybe Data.POSIX,
+    -- | The ARN of the security profile that was updated.
+    securityProfileArn :: Prelude.Maybe Prelude.Text,
+    -- | The description of the security profile.
+    securityProfileDescription :: Prelude.Maybe Prelude.Text,
+    -- | The name of the security profile that was updated.
+    securityProfileName :: Prelude.Maybe Prelude.Text,
+    -- | The updated version of the security profile.
+    version :: Prelude.Maybe Prelude.Integer,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateSecurityProfileResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'additionalMetricsToRetain', 'updateSecurityProfileResponse_additionalMetricsToRetain' - /Please use UpdateSecurityProfileResponse$additionalMetricsToRetainV2
+-- instead./
+--
+-- A list of metrics whose data is retained (stored). By default, data is
+-- retained for any metric used in the security profile\'s @behaviors@, but
+-- it is also retained for any metric specified here.
+--
+-- 'additionalMetricsToRetainV2', 'updateSecurityProfileResponse_additionalMetricsToRetainV2' - A list of metrics whose data is retained (stored). By default, data is
+-- retained for any metric used in the profile\'s behaviors, but it is also
+-- retained for any metric specified here. Can be used with custom metrics;
+-- cannot be used with dimensions.
+--
+-- 'alertTargets', 'updateSecurityProfileResponse_alertTargets' - Where the alerts are sent. (Alerts are always sent to the console.)
+--
+-- 'behaviors', 'updateSecurityProfileResponse_behaviors' - Specifies the behaviors that, when violated by a device (thing), cause
+-- an alert.
+--
+-- 'creationDate', 'updateSecurityProfileResponse_creationDate' - The time the security profile was created.
+--
+-- 'lastModifiedDate', 'updateSecurityProfileResponse_lastModifiedDate' - The time the security profile was last modified.
+--
+-- 'securityProfileArn', 'updateSecurityProfileResponse_securityProfileArn' - The ARN of the security profile that was updated.
+--
+-- 'securityProfileDescription', 'updateSecurityProfileResponse_securityProfileDescription' - The description of the security profile.
+--
+-- 'securityProfileName', 'updateSecurityProfileResponse_securityProfileName' - The name of the security profile that was updated.
+--
+-- 'version', 'updateSecurityProfileResponse_version' - The updated version of the security profile.
+--
+-- 'httpStatus', 'updateSecurityProfileResponse_httpStatus' - The response's http status code.
+newUpdateSecurityProfileResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  UpdateSecurityProfileResponse
+newUpdateSecurityProfileResponse pHttpStatus_ =
+  UpdateSecurityProfileResponse'
+    { additionalMetricsToRetain =
+        Prelude.Nothing,
+      additionalMetricsToRetainV2 =
+        Prelude.Nothing,
+      alertTargets = Prelude.Nothing,
+      behaviors = Prelude.Nothing,
+      creationDate = Prelude.Nothing,
+      lastModifiedDate = Prelude.Nothing,
+      securityProfileArn = Prelude.Nothing,
+      securityProfileDescription = Prelude.Nothing,
+      securityProfileName = Prelude.Nothing,
+      version = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | /Please use UpdateSecurityProfileResponse$additionalMetricsToRetainV2
+-- instead./
+--
+-- A list of metrics whose data is retained (stored). By default, data is
+-- retained for any metric used in the security profile\'s @behaviors@, but
+-- it is also retained for any metric specified here.
+updateSecurityProfileResponse_additionalMetricsToRetain :: Lens.Lens' UpdateSecurityProfileResponse (Prelude.Maybe [Prelude.Text])
+updateSecurityProfileResponse_additionalMetricsToRetain = Lens.lens (\UpdateSecurityProfileResponse' {additionalMetricsToRetain} -> additionalMetricsToRetain) (\s@UpdateSecurityProfileResponse' {} a -> s {additionalMetricsToRetain = a} :: UpdateSecurityProfileResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | A list of metrics whose data is retained (stored). By default, data is
+-- retained for any metric used in the profile\'s behaviors, but it is also
+-- retained for any metric specified here. Can be used with custom metrics;
+-- cannot be used with dimensions.
+updateSecurityProfileResponse_additionalMetricsToRetainV2 :: Lens.Lens' UpdateSecurityProfileResponse (Prelude.Maybe [MetricToRetain])
+updateSecurityProfileResponse_additionalMetricsToRetainV2 = Lens.lens (\UpdateSecurityProfileResponse' {additionalMetricsToRetainV2} -> additionalMetricsToRetainV2) (\s@UpdateSecurityProfileResponse' {} a -> s {additionalMetricsToRetainV2 = a} :: UpdateSecurityProfileResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | Where the alerts are sent. (Alerts are always sent to the console.)
+updateSecurityProfileResponse_alertTargets :: Lens.Lens' UpdateSecurityProfileResponse (Prelude.Maybe (Prelude.HashMap AlertTargetType AlertTarget))
+updateSecurityProfileResponse_alertTargets = Lens.lens (\UpdateSecurityProfileResponse' {alertTargets} -> alertTargets) (\s@UpdateSecurityProfileResponse' {} a -> s {alertTargets = a} :: UpdateSecurityProfileResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies the behaviors that, when violated by a device (thing), cause
+-- an alert.
+updateSecurityProfileResponse_behaviors :: Lens.Lens' UpdateSecurityProfileResponse (Prelude.Maybe [Behavior])
+updateSecurityProfileResponse_behaviors = Lens.lens (\UpdateSecurityProfileResponse' {behaviors} -> behaviors) (\s@UpdateSecurityProfileResponse' {} a -> s {behaviors = a} :: UpdateSecurityProfileResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The time the security profile was created.
+updateSecurityProfileResponse_creationDate :: Lens.Lens' UpdateSecurityProfileResponse (Prelude.Maybe Prelude.UTCTime)
+updateSecurityProfileResponse_creationDate = Lens.lens (\UpdateSecurityProfileResponse' {creationDate} -> creationDate) (\s@UpdateSecurityProfileResponse' {} a -> s {creationDate = a} :: UpdateSecurityProfileResponse) Prelude.. Lens.mapping Data._Time
+
+-- | The time the security profile was last modified.
+updateSecurityProfileResponse_lastModifiedDate :: Lens.Lens' UpdateSecurityProfileResponse (Prelude.Maybe Prelude.UTCTime)
+updateSecurityProfileResponse_lastModifiedDate = Lens.lens (\UpdateSecurityProfileResponse' {lastModifiedDate} -> lastModifiedDate) (\s@UpdateSecurityProfileResponse' {} a -> s {lastModifiedDate = a} :: UpdateSecurityProfileResponse) Prelude.. Lens.mapping Data._Time
+
+-- | The ARN of the security profile that was updated.
+updateSecurityProfileResponse_securityProfileArn :: Lens.Lens' UpdateSecurityProfileResponse (Prelude.Maybe Prelude.Text)
+updateSecurityProfileResponse_securityProfileArn = Lens.lens (\UpdateSecurityProfileResponse' {securityProfileArn} -> securityProfileArn) (\s@UpdateSecurityProfileResponse' {} a -> s {securityProfileArn = a} :: UpdateSecurityProfileResponse)
+
+-- | The description of the security profile.
+updateSecurityProfileResponse_securityProfileDescription :: Lens.Lens' UpdateSecurityProfileResponse (Prelude.Maybe Prelude.Text)
+updateSecurityProfileResponse_securityProfileDescription = Lens.lens (\UpdateSecurityProfileResponse' {securityProfileDescription} -> securityProfileDescription) (\s@UpdateSecurityProfileResponse' {} a -> s {securityProfileDescription = a} :: UpdateSecurityProfileResponse)
+
+-- | The name of the security profile that was updated.
+updateSecurityProfileResponse_securityProfileName :: Lens.Lens' UpdateSecurityProfileResponse (Prelude.Maybe Prelude.Text)
+updateSecurityProfileResponse_securityProfileName = Lens.lens (\UpdateSecurityProfileResponse' {securityProfileName} -> securityProfileName) (\s@UpdateSecurityProfileResponse' {} a -> s {securityProfileName = a} :: UpdateSecurityProfileResponse)
+
+-- | The updated version of the security profile.
+updateSecurityProfileResponse_version :: Lens.Lens' UpdateSecurityProfileResponse (Prelude.Maybe Prelude.Integer)
+updateSecurityProfileResponse_version = Lens.lens (\UpdateSecurityProfileResponse' {version} -> version) (\s@UpdateSecurityProfileResponse' {} a -> s {version = a} :: UpdateSecurityProfileResponse)
+
+-- | The response's http status code.
+updateSecurityProfileResponse_httpStatus :: Lens.Lens' UpdateSecurityProfileResponse Prelude.Int
+updateSecurityProfileResponse_httpStatus = Lens.lens (\UpdateSecurityProfileResponse' {httpStatus} -> httpStatus) (\s@UpdateSecurityProfileResponse' {} a -> s {httpStatus = a} :: UpdateSecurityProfileResponse)
+
+instance Prelude.NFData UpdateSecurityProfileResponse where
+  rnf UpdateSecurityProfileResponse' {..} =
+    Prelude.rnf additionalMetricsToRetain
+      `Prelude.seq` Prelude.rnf additionalMetricsToRetainV2
+      `Prelude.seq` Prelude.rnf alertTargets
+      `Prelude.seq` Prelude.rnf behaviors
+      `Prelude.seq` Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf lastModifiedDate
+      `Prelude.seq` Prelude.rnf securityProfileArn
+      `Prelude.seq` Prelude.rnf securityProfileDescription
+      `Prelude.seq` Prelude.rnf securityProfileName
+      `Prelude.seq` Prelude.rnf version
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/UpdateStream.hs b/gen/Amazonka/IoT/UpdateStream.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/UpdateStream.hs
@@ -0,0 +1,242 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.UpdateStream
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates an existing stream. The stream version will be incremented by
+-- one.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions UpdateStream>
+-- action.
+module Amazonka.IoT.UpdateStream
+  ( -- * Creating a Request
+    UpdateStream (..),
+    newUpdateStream,
+
+    -- * Request Lenses
+    updateStream_description,
+    updateStream_files,
+    updateStream_roleArn,
+    updateStream_streamId,
+
+    -- * Destructuring the Response
+    UpdateStreamResponse (..),
+    newUpdateStreamResponse,
+
+    -- * Response Lenses
+    updateStreamResponse_description,
+    updateStreamResponse_streamArn,
+    updateStreamResponse_streamId,
+    updateStreamResponse_streamVersion,
+    updateStreamResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newUpdateStream' smart constructor.
+data UpdateStream = UpdateStream'
+  { -- | The description of the stream.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | The files associated with the stream.
+    files :: Prelude.Maybe (Prelude.NonEmpty StreamFile),
+    -- | An IAM role that allows the IoT service principal assumes to access your
+    -- S3 files.
+    roleArn :: Prelude.Maybe Prelude.Text,
+    -- | The stream ID.
+    streamId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateStream' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'description', 'updateStream_description' - The description of the stream.
+--
+-- 'files', 'updateStream_files' - The files associated with the stream.
+--
+-- 'roleArn', 'updateStream_roleArn' - An IAM role that allows the IoT service principal assumes to access your
+-- S3 files.
+--
+-- 'streamId', 'updateStream_streamId' - The stream ID.
+newUpdateStream ::
+  -- | 'streamId'
+  Prelude.Text ->
+  UpdateStream
+newUpdateStream pStreamId_ =
+  UpdateStream'
+    { description = Prelude.Nothing,
+      files = Prelude.Nothing,
+      roleArn = Prelude.Nothing,
+      streamId = pStreamId_
+    }
+
+-- | The description of the stream.
+updateStream_description :: Lens.Lens' UpdateStream (Prelude.Maybe Prelude.Text)
+updateStream_description = Lens.lens (\UpdateStream' {description} -> description) (\s@UpdateStream' {} a -> s {description = a} :: UpdateStream)
+
+-- | The files associated with the stream.
+updateStream_files :: Lens.Lens' UpdateStream (Prelude.Maybe (Prelude.NonEmpty StreamFile))
+updateStream_files = Lens.lens (\UpdateStream' {files} -> files) (\s@UpdateStream' {} a -> s {files = a} :: UpdateStream) Prelude.. Lens.mapping Lens.coerced
+
+-- | An IAM role that allows the IoT service principal assumes to access your
+-- S3 files.
+updateStream_roleArn :: Lens.Lens' UpdateStream (Prelude.Maybe Prelude.Text)
+updateStream_roleArn = Lens.lens (\UpdateStream' {roleArn} -> roleArn) (\s@UpdateStream' {} a -> s {roleArn = a} :: UpdateStream)
+
+-- | The stream ID.
+updateStream_streamId :: Lens.Lens' UpdateStream Prelude.Text
+updateStream_streamId = Lens.lens (\UpdateStream' {streamId} -> streamId) (\s@UpdateStream' {} a -> s {streamId = a} :: UpdateStream)
+
+instance Core.AWSRequest UpdateStream where
+  type AWSResponse UpdateStream = UpdateStreamResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdateStreamResponse'
+            Prelude.<$> (x Data..?> "description")
+            Prelude.<*> (x Data..?> "streamArn")
+            Prelude.<*> (x Data..?> "streamId")
+            Prelude.<*> (x Data..?> "streamVersion")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable UpdateStream where
+  hashWithSalt _salt UpdateStream' {..} =
+    _salt
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` files
+      `Prelude.hashWithSalt` roleArn
+      `Prelude.hashWithSalt` streamId
+
+instance Prelude.NFData UpdateStream where
+  rnf UpdateStream' {..} =
+    Prelude.rnf description
+      `Prelude.seq` Prelude.rnf files
+      `Prelude.seq` Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf streamId
+
+instance Data.ToHeaders UpdateStream where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON UpdateStream where
+  toJSON UpdateStream' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("description" Data..=) Prelude.<$> description,
+            ("files" Data..=) Prelude.<$> files,
+            ("roleArn" Data..=) Prelude.<$> roleArn
+          ]
+      )
+
+instance Data.ToPath UpdateStream where
+  toPath UpdateStream' {..} =
+    Prelude.mconcat ["/streams/", Data.toBS streamId]
+
+instance Data.ToQuery UpdateStream where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateStreamResponse' smart constructor.
+data UpdateStreamResponse = UpdateStreamResponse'
+  { -- | A description of the stream.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | The stream ARN.
+    streamArn :: Prelude.Maybe Prelude.Text,
+    -- | The stream ID.
+    streamId :: Prelude.Maybe Prelude.Text,
+    -- | The stream version.
+    streamVersion :: Prelude.Maybe Prelude.Natural,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateStreamResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'description', 'updateStreamResponse_description' - A description of the stream.
+--
+-- 'streamArn', 'updateStreamResponse_streamArn' - The stream ARN.
+--
+-- 'streamId', 'updateStreamResponse_streamId' - The stream ID.
+--
+-- 'streamVersion', 'updateStreamResponse_streamVersion' - The stream version.
+--
+-- 'httpStatus', 'updateStreamResponse_httpStatus' - The response's http status code.
+newUpdateStreamResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  UpdateStreamResponse
+newUpdateStreamResponse pHttpStatus_ =
+  UpdateStreamResponse'
+    { description =
+        Prelude.Nothing,
+      streamArn = Prelude.Nothing,
+      streamId = Prelude.Nothing,
+      streamVersion = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | A description of the stream.
+updateStreamResponse_description :: Lens.Lens' UpdateStreamResponse (Prelude.Maybe Prelude.Text)
+updateStreamResponse_description = Lens.lens (\UpdateStreamResponse' {description} -> description) (\s@UpdateStreamResponse' {} a -> s {description = a} :: UpdateStreamResponse)
+
+-- | The stream ARN.
+updateStreamResponse_streamArn :: Lens.Lens' UpdateStreamResponse (Prelude.Maybe Prelude.Text)
+updateStreamResponse_streamArn = Lens.lens (\UpdateStreamResponse' {streamArn} -> streamArn) (\s@UpdateStreamResponse' {} a -> s {streamArn = a} :: UpdateStreamResponse)
+
+-- | The stream ID.
+updateStreamResponse_streamId :: Lens.Lens' UpdateStreamResponse (Prelude.Maybe Prelude.Text)
+updateStreamResponse_streamId = Lens.lens (\UpdateStreamResponse' {streamId} -> streamId) (\s@UpdateStreamResponse' {} a -> s {streamId = a} :: UpdateStreamResponse)
+
+-- | The stream version.
+updateStreamResponse_streamVersion :: Lens.Lens' UpdateStreamResponse (Prelude.Maybe Prelude.Natural)
+updateStreamResponse_streamVersion = Lens.lens (\UpdateStreamResponse' {streamVersion} -> streamVersion) (\s@UpdateStreamResponse' {} a -> s {streamVersion = a} :: UpdateStreamResponse)
+
+-- | The response's http status code.
+updateStreamResponse_httpStatus :: Lens.Lens' UpdateStreamResponse Prelude.Int
+updateStreamResponse_httpStatus = Lens.lens (\UpdateStreamResponse' {httpStatus} -> httpStatus) (\s@UpdateStreamResponse' {} a -> s {httpStatus = a} :: UpdateStreamResponse)
+
+instance Prelude.NFData UpdateStreamResponse where
+  rnf UpdateStreamResponse' {..} =
+    Prelude.rnf description
+      `Prelude.seq` Prelude.rnf streamArn
+      `Prelude.seq` Prelude.rnf streamId
+      `Prelude.seq` Prelude.rnf streamVersion
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/UpdateThing.hs b/gen/Amazonka/IoT/UpdateThing.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/UpdateThing.hs
@@ -0,0 +1,242 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.UpdateThing
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates the data for a thing.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions UpdateThing>
+-- action.
+module Amazonka.IoT.UpdateThing
+  ( -- * Creating a Request
+    UpdateThing (..),
+    newUpdateThing,
+
+    -- * Request Lenses
+    updateThing_attributePayload,
+    updateThing_expectedVersion,
+    updateThing_removeThingType,
+    updateThing_thingTypeName,
+    updateThing_thingName,
+
+    -- * Destructuring the Response
+    UpdateThingResponse (..),
+    newUpdateThingResponse,
+
+    -- * Response Lenses
+    updateThingResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | The input for the UpdateThing operation.
+--
+-- /See:/ 'newUpdateThing' smart constructor.
+data UpdateThing = UpdateThing'
+  { -- | A list of thing attributes, a JSON string containing name-value pairs.
+    -- For example:
+    --
+    -- @{\\\"attributes\\\":{\\\"name1\\\":\\\"value2\\\"}}@
+    --
+    -- This data is used to add new attributes or update existing attributes.
+    attributePayload :: Prelude.Maybe AttributePayload,
+    -- | The expected version of the thing record in the registry. If the version
+    -- of the record in the registry does not match the expected version
+    -- specified in the request, the @UpdateThing@ request is rejected with a
+    -- @VersionConflictException@.
+    expectedVersion :: Prelude.Maybe Prelude.Integer,
+    -- | Remove a thing type association. If __true__, the association is
+    -- removed.
+    removeThingType :: Prelude.Maybe Prelude.Bool,
+    -- | The name of the thing type.
+    thingTypeName :: Prelude.Maybe Prelude.Text,
+    -- | The name of the thing to update.
+    --
+    -- You can\'t change a thing\'s name. To change a thing\'s name, you must
+    -- create a new thing, give it the new name, and then delete the old thing.
+    thingName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateThing' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'attributePayload', 'updateThing_attributePayload' - A list of thing attributes, a JSON string containing name-value pairs.
+-- For example:
+--
+-- @{\\\"attributes\\\":{\\\"name1\\\":\\\"value2\\\"}}@
+--
+-- This data is used to add new attributes or update existing attributes.
+--
+-- 'expectedVersion', 'updateThing_expectedVersion' - The expected version of the thing record in the registry. If the version
+-- of the record in the registry does not match the expected version
+-- specified in the request, the @UpdateThing@ request is rejected with a
+-- @VersionConflictException@.
+--
+-- 'removeThingType', 'updateThing_removeThingType' - Remove a thing type association. If __true__, the association is
+-- removed.
+--
+-- 'thingTypeName', 'updateThing_thingTypeName' - The name of the thing type.
+--
+-- 'thingName', 'updateThing_thingName' - The name of the thing to update.
+--
+-- You can\'t change a thing\'s name. To change a thing\'s name, you must
+-- create a new thing, give it the new name, and then delete the old thing.
+newUpdateThing ::
+  -- | 'thingName'
+  Prelude.Text ->
+  UpdateThing
+newUpdateThing pThingName_ =
+  UpdateThing'
+    { attributePayload = Prelude.Nothing,
+      expectedVersion = Prelude.Nothing,
+      removeThingType = Prelude.Nothing,
+      thingTypeName = Prelude.Nothing,
+      thingName = pThingName_
+    }
+
+-- | A list of thing attributes, a JSON string containing name-value pairs.
+-- For example:
+--
+-- @{\\\"attributes\\\":{\\\"name1\\\":\\\"value2\\\"}}@
+--
+-- This data is used to add new attributes or update existing attributes.
+updateThing_attributePayload :: Lens.Lens' UpdateThing (Prelude.Maybe AttributePayload)
+updateThing_attributePayload = Lens.lens (\UpdateThing' {attributePayload} -> attributePayload) (\s@UpdateThing' {} a -> s {attributePayload = a} :: UpdateThing)
+
+-- | The expected version of the thing record in the registry. If the version
+-- of the record in the registry does not match the expected version
+-- specified in the request, the @UpdateThing@ request is rejected with a
+-- @VersionConflictException@.
+updateThing_expectedVersion :: Lens.Lens' UpdateThing (Prelude.Maybe Prelude.Integer)
+updateThing_expectedVersion = Lens.lens (\UpdateThing' {expectedVersion} -> expectedVersion) (\s@UpdateThing' {} a -> s {expectedVersion = a} :: UpdateThing)
+
+-- | Remove a thing type association. If __true__, the association is
+-- removed.
+updateThing_removeThingType :: Lens.Lens' UpdateThing (Prelude.Maybe Prelude.Bool)
+updateThing_removeThingType = Lens.lens (\UpdateThing' {removeThingType} -> removeThingType) (\s@UpdateThing' {} a -> s {removeThingType = a} :: UpdateThing)
+
+-- | The name of the thing type.
+updateThing_thingTypeName :: Lens.Lens' UpdateThing (Prelude.Maybe Prelude.Text)
+updateThing_thingTypeName = Lens.lens (\UpdateThing' {thingTypeName} -> thingTypeName) (\s@UpdateThing' {} a -> s {thingTypeName = a} :: UpdateThing)
+
+-- | The name of the thing to update.
+--
+-- You can\'t change a thing\'s name. To change a thing\'s name, you must
+-- create a new thing, give it the new name, and then delete the old thing.
+updateThing_thingName :: Lens.Lens' UpdateThing Prelude.Text
+updateThing_thingName = Lens.lens (\UpdateThing' {thingName} -> thingName) (\s@UpdateThing' {} a -> s {thingName = a} :: UpdateThing)
+
+instance Core.AWSRequest UpdateThing where
+  type AWSResponse UpdateThing = UpdateThingResponse
+  request overrides =
+    Request.patchJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          UpdateThingResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable UpdateThing where
+  hashWithSalt _salt UpdateThing' {..} =
+    _salt
+      `Prelude.hashWithSalt` attributePayload
+      `Prelude.hashWithSalt` expectedVersion
+      `Prelude.hashWithSalt` removeThingType
+      `Prelude.hashWithSalt` thingTypeName
+      `Prelude.hashWithSalt` thingName
+
+instance Prelude.NFData UpdateThing where
+  rnf UpdateThing' {..} =
+    Prelude.rnf attributePayload
+      `Prelude.seq` Prelude.rnf expectedVersion
+      `Prelude.seq` Prelude.rnf removeThingType
+      `Prelude.seq` Prelude.rnf thingTypeName
+      `Prelude.seq` Prelude.rnf thingName
+
+instance Data.ToHeaders UpdateThing where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON UpdateThing where
+  toJSON UpdateThing' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("attributePayload" Data..=)
+              Prelude.<$> attributePayload,
+            ("expectedVersion" Data..=)
+              Prelude.<$> expectedVersion,
+            ("removeThingType" Data..=)
+              Prelude.<$> removeThingType,
+            ("thingTypeName" Data..=) Prelude.<$> thingTypeName
+          ]
+      )
+
+instance Data.ToPath UpdateThing where
+  toPath UpdateThing' {..} =
+    Prelude.mconcat ["/things/", Data.toBS thingName]
+
+instance Data.ToQuery UpdateThing where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | The output from the UpdateThing operation.
+--
+-- /See:/ 'newUpdateThingResponse' smart constructor.
+data UpdateThingResponse = UpdateThingResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateThingResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'updateThingResponse_httpStatus' - The response's http status code.
+newUpdateThingResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  UpdateThingResponse
+newUpdateThingResponse pHttpStatus_ =
+  UpdateThingResponse' {httpStatus = pHttpStatus_}
+
+-- | The response's http status code.
+updateThingResponse_httpStatus :: Lens.Lens' UpdateThingResponse Prelude.Int
+updateThingResponse_httpStatus = Lens.lens (\UpdateThingResponse' {httpStatus} -> httpStatus) (\s@UpdateThingResponse' {} a -> s {httpStatus = a} :: UpdateThingResponse)
+
+instance Prelude.NFData UpdateThingResponse where
+  rnf UpdateThingResponse' {..} = Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/UpdateThingGroup.hs b/gen/Amazonka/IoT/UpdateThingGroup.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/UpdateThingGroup.hs
@@ -0,0 +1,204 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.UpdateThingGroup
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Update a thing group.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions UpdateThingGroup>
+-- action.
+module Amazonka.IoT.UpdateThingGroup
+  ( -- * Creating a Request
+    UpdateThingGroup (..),
+    newUpdateThingGroup,
+
+    -- * Request Lenses
+    updateThingGroup_expectedVersion,
+    updateThingGroup_thingGroupName,
+    updateThingGroup_thingGroupProperties,
+
+    -- * Destructuring the Response
+    UpdateThingGroupResponse (..),
+    newUpdateThingGroupResponse,
+
+    -- * Response Lenses
+    updateThingGroupResponse_version,
+    updateThingGroupResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newUpdateThingGroup' smart constructor.
+data UpdateThingGroup = UpdateThingGroup'
+  { -- | The expected version of the thing group. If this does not match the
+    -- version of the thing group being updated, the update will fail.
+    expectedVersion :: Prelude.Maybe Prelude.Integer,
+    -- | The thing group to update.
+    thingGroupName :: Prelude.Text,
+    -- | The thing group properties.
+    thingGroupProperties :: ThingGroupProperties
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateThingGroup' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'expectedVersion', 'updateThingGroup_expectedVersion' - The expected version of the thing group. If this does not match the
+-- version of the thing group being updated, the update will fail.
+--
+-- 'thingGroupName', 'updateThingGroup_thingGroupName' - The thing group to update.
+--
+-- 'thingGroupProperties', 'updateThingGroup_thingGroupProperties' - The thing group properties.
+newUpdateThingGroup ::
+  -- | 'thingGroupName'
+  Prelude.Text ->
+  -- | 'thingGroupProperties'
+  ThingGroupProperties ->
+  UpdateThingGroup
+newUpdateThingGroup
+  pThingGroupName_
+  pThingGroupProperties_ =
+    UpdateThingGroup'
+      { expectedVersion =
+          Prelude.Nothing,
+        thingGroupName = pThingGroupName_,
+        thingGroupProperties = pThingGroupProperties_
+      }
+
+-- | The expected version of the thing group. If this does not match the
+-- version of the thing group being updated, the update will fail.
+updateThingGroup_expectedVersion :: Lens.Lens' UpdateThingGroup (Prelude.Maybe Prelude.Integer)
+updateThingGroup_expectedVersion = Lens.lens (\UpdateThingGroup' {expectedVersion} -> expectedVersion) (\s@UpdateThingGroup' {} a -> s {expectedVersion = a} :: UpdateThingGroup)
+
+-- | The thing group to update.
+updateThingGroup_thingGroupName :: Lens.Lens' UpdateThingGroup Prelude.Text
+updateThingGroup_thingGroupName = Lens.lens (\UpdateThingGroup' {thingGroupName} -> thingGroupName) (\s@UpdateThingGroup' {} a -> s {thingGroupName = a} :: UpdateThingGroup)
+
+-- | The thing group properties.
+updateThingGroup_thingGroupProperties :: Lens.Lens' UpdateThingGroup ThingGroupProperties
+updateThingGroup_thingGroupProperties = Lens.lens (\UpdateThingGroup' {thingGroupProperties} -> thingGroupProperties) (\s@UpdateThingGroup' {} a -> s {thingGroupProperties = a} :: UpdateThingGroup)
+
+instance Core.AWSRequest UpdateThingGroup where
+  type
+    AWSResponse UpdateThingGroup =
+      UpdateThingGroupResponse
+  request overrides =
+    Request.patchJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdateThingGroupResponse'
+            Prelude.<$> (x Data..?> "version")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable UpdateThingGroup where
+  hashWithSalt _salt UpdateThingGroup' {..} =
+    _salt
+      `Prelude.hashWithSalt` expectedVersion
+      `Prelude.hashWithSalt` thingGroupName
+      `Prelude.hashWithSalt` thingGroupProperties
+
+instance Prelude.NFData UpdateThingGroup where
+  rnf UpdateThingGroup' {..} =
+    Prelude.rnf expectedVersion
+      `Prelude.seq` Prelude.rnf thingGroupName
+      `Prelude.seq` Prelude.rnf thingGroupProperties
+
+instance Data.ToHeaders UpdateThingGroup where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON UpdateThingGroup where
+  toJSON UpdateThingGroup' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("expectedVersion" Data..=)
+              Prelude.<$> expectedVersion,
+            Prelude.Just
+              ( "thingGroupProperties"
+                  Data..= thingGroupProperties
+              )
+          ]
+      )
+
+instance Data.ToPath UpdateThingGroup where
+  toPath UpdateThingGroup' {..} =
+    Prelude.mconcat
+      ["/thing-groups/", Data.toBS thingGroupName]
+
+instance Data.ToQuery UpdateThingGroup where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateThingGroupResponse' smart constructor.
+data UpdateThingGroupResponse = UpdateThingGroupResponse'
+  { -- | The version of the updated thing group.
+    version :: Prelude.Maybe Prelude.Integer,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateThingGroupResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'version', 'updateThingGroupResponse_version' - The version of the updated thing group.
+--
+-- 'httpStatus', 'updateThingGroupResponse_httpStatus' - The response's http status code.
+newUpdateThingGroupResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  UpdateThingGroupResponse
+newUpdateThingGroupResponse pHttpStatus_ =
+  UpdateThingGroupResponse'
+    { version =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The version of the updated thing group.
+updateThingGroupResponse_version :: Lens.Lens' UpdateThingGroupResponse (Prelude.Maybe Prelude.Integer)
+updateThingGroupResponse_version = Lens.lens (\UpdateThingGroupResponse' {version} -> version) (\s@UpdateThingGroupResponse' {} a -> s {version = a} :: UpdateThingGroupResponse)
+
+-- | The response's http status code.
+updateThingGroupResponse_httpStatus :: Lens.Lens' UpdateThingGroupResponse Prelude.Int
+updateThingGroupResponse_httpStatus = Lens.lens (\UpdateThingGroupResponse' {httpStatus} -> httpStatus) (\s@UpdateThingGroupResponse' {} a -> s {httpStatus = a} :: UpdateThingGroupResponse)
+
+instance Prelude.NFData UpdateThingGroupResponse where
+  rnf UpdateThingGroupResponse' {..} =
+    Prelude.rnf version
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/UpdateThingGroupsForThing.hs b/gen/Amazonka/IoT/UpdateThingGroupsForThing.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/UpdateThingGroupsForThing.hs
@@ -0,0 +1,208 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.UpdateThingGroupsForThing
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates the groups to which the thing belongs.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions UpdateThingGroupsForThing>
+-- action.
+module Amazonka.IoT.UpdateThingGroupsForThing
+  ( -- * Creating a Request
+    UpdateThingGroupsForThing (..),
+    newUpdateThingGroupsForThing,
+
+    -- * Request Lenses
+    updateThingGroupsForThing_overrideDynamicGroups,
+    updateThingGroupsForThing_thingGroupsToAdd,
+    updateThingGroupsForThing_thingGroupsToRemove,
+    updateThingGroupsForThing_thingName,
+
+    -- * Destructuring the Response
+    UpdateThingGroupsForThingResponse (..),
+    newUpdateThingGroupsForThingResponse,
+
+    -- * Response Lenses
+    updateThingGroupsForThingResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newUpdateThingGroupsForThing' smart constructor.
+data UpdateThingGroupsForThing = UpdateThingGroupsForThing'
+  { -- | Override dynamic thing groups with static thing groups when 10-group
+    -- limit is reached. If a thing belongs to 10 thing groups, and one or more
+    -- of those groups are dynamic thing groups, adding a thing to a static
+    -- group removes the thing from the last dynamic group.
+    overrideDynamicGroups :: Prelude.Maybe Prelude.Bool,
+    -- | The groups to which the thing will be added.
+    thingGroupsToAdd :: Prelude.Maybe [Prelude.Text],
+    -- | The groups from which the thing will be removed.
+    thingGroupsToRemove :: Prelude.Maybe [Prelude.Text],
+    -- | The thing whose group memberships will be updated.
+    thingName :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateThingGroupsForThing' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'overrideDynamicGroups', 'updateThingGroupsForThing_overrideDynamicGroups' - Override dynamic thing groups with static thing groups when 10-group
+-- limit is reached. If a thing belongs to 10 thing groups, and one or more
+-- of those groups are dynamic thing groups, adding a thing to a static
+-- group removes the thing from the last dynamic group.
+--
+-- 'thingGroupsToAdd', 'updateThingGroupsForThing_thingGroupsToAdd' - The groups to which the thing will be added.
+--
+-- 'thingGroupsToRemove', 'updateThingGroupsForThing_thingGroupsToRemove' - The groups from which the thing will be removed.
+--
+-- 'thingName', 'updateThingGroupsForThing_thingName' - The thing whose group memberships will be updated.
+newUpdateThingGroupsForThing ::
+  UpdateThingGroupsForThing
+newUpdateThingGroupsForThing =
+  UpdateThingGroupsForThing'
+    { overrideDynamicGroups =
+        Prelude.Nothing,
+      thingGroupsToAdd = Prelude.Nothing,
+      thingGroupsToRemove = Prelude.Nothing,
+      thingName = Prelude.Nothing
+    }
+
+-- | Override dynamic thing groups with static thing groups when 10-group
+-- limit is reached. If a thing belongs to 10 thing groups, and one or more
+-- of those groups are dynamic thing groups, adding a thing to a static
+-- group removes the thing from the last dynamic group.
+updateThingGroupsForThing_overrideDynamicGroups :: Lens.Lens' UpdateThingGroupsForThing (Prelude.Maybe Prelude.Bool)
+updateThingGroupsForThing_overrideDynamicGroups = Lens.lens (\UpdateThingGroupsForThing' {overrideDynamicGroups} -> overrideDynamicGroups) (\s@UpdateThingGroupsForThing' {} a -> s {overrideDynamicGroups = a} :: UpdateThingGroupsForThing)
+
+-- | The groups to which the thing will be added.
+updateThingGroupsForThing_thingGroupsToAdd :: Lens.Lens' UpdateThingGroupsForThing (Prelude.Maybe [Prelude.Text])
+updateThingGroupsForThing_thingGroupsToAdd = Lens.lens (\UpdateThingGroupsForThing' {thingGroupsToAdd} -> thingGroupsToAdd) (\s@UpdateThingGroupsForThing' {} a -> s {thingGroupsToAdd = a} :: UpdateThingGroupsForThing) Prelude.. Lens.mapping Lens.coerced
+
+-- | The groups from which the thing will be removed.
+updateThingGroupsForThing_thingGroupsToRemove :: Lens.Lens' UpdateThingGroupsForThing (Prelude.Maybe [Prelude.Text])
+updateThingGroupsForThing_thingGroupsToRemove = Lens.lens (\UpdateThingGroupsForThing' {thingGroupsToRemove} -> thingGroupsToRemove) (\s@UpdateThingGroupsForThing' {} a -> s {thingGroupsToRemove = a} :: UpdateThingGroupsForThing) Prelude.. Lens.mapping Lens.coerced
+
+-- | The thing whose group memberships will be updated.
+updateThingGroupsForThing_thingName :: Lens.Lens' UpdateThingGroupsForThing (Prelude.Maybe Prelude.Text)
+updateThingGroupsForThing_thingName = Lens.lens (\UpdateThingGroupsForThing' {thingName} -> thingName) (\s@UpdateThingGroupsForThing' {} a -> s {thingName = a} :: UpdateThingGroupsForThing)
+
+instance Core.AWSRequest UpdateThingGroupsForThing where
+  type
+    AWSResponse UpdateThingGroupsForThing =
+      UpdateThingGroupsForThingResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          UpdateThingGroupsForThingResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable UpdateThingGroupsForThing where
+  hashWithSalt _salt UpdateThingGroupsForThing' {..} =
+    _salt
+      `Prelude.hashWithSalt` overrideDynamicGroups
+      `Prelude.hashWithSalt` thingGroupsToAdd
+      `Prelude.hashWithSalt` thingGroupsToRemove
+      `Prelude.hashWithSalt` thingName
+
+instance Prelude.NFData UpdateThingGroupsForThing where
+  rnf UpdateThingGroupsForThing' {..} =
+    Prelude.rnf overrideDynamicGroups
+      `Prelude.seq` Prelude.rnf thingGroupsToAdd
+      `Prelude.seq` Prelude.rnf thingGroupsToRemove
+      `Prelude.seq` Prelude.rnf thingName
+
+instance Data.ToHeaders UpdateThingGroupsForThing where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON UpdateThingGroupsForThing where
+  toJSON UpdateThingGroupsForThing' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("overrideDynamicGroups" Data..=)
+              Prelude.<$> overrideDynamicGroups,
+            ("thingGroupsToAdd" Data..=)
+              Prelude.<$> thingGroupsToAdd,
+            ("thingGroupsToRemove" Data..=)
+              Prelude.<$> thingGroupsToRemove,
+            ("thingName" Data..=) Prelude.<$> thingName
+          ]
+      )
+
+instance Data.ToPath UpdateThingGroupsForThing where
+  toPath =
+    Prelude.const
+      "/thing-groups/updateThingGroupsForThing"
+
+instance Data.ToQuery UpdateThingGroupsForThing where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateThingGroupsForThingResponse' smart constructor.
+data UpdateThingGroupsForThingResponse = UpdateThingGroupsForThingResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateThingGroupsForThingResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'updateThingGroupsForThingResponse_httpStatus' - The response's http status code.
+newUpdateThingGroupsForThingResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  UpdateThingGroupsForThingResponse
+newUpdateThingGroupsForThingResponse pHttpStatus_ =
+  UpdateThingGroupsForThingResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+updateThingGroupsForThingResponse_httpStatus :: Lens.Lens' UpdateThingGroupsForThingResponse Prelude.Int
+updateThingGroupsForThingResponse_httpStatus = Lens.lens (\UpdateThingGroupsForThingResponse' {httpStatus} -> httpStatus) (\s@UpdateThingGroupsForThingResponse' {} a -> s {httpStatus = a} :: UpdateThingGroupsForThingResponse)
+
+instance
+  Prelude.NFData
+    UpdateThingGroupsForThingResponse
+  where
+  rnf UpdateThingGroupsForThingResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/UpdateTopicRuleDestination.hs b/gen/Amazonka/IoT/UpdateTopicRuleDestination.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/UpdateTopicRuleDestination.hs
@@ -0,0 +1,246 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.UpdateTopicRuleDestination
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates a topic rule destination. You use this to change the status,
+-- endpoint URL, or confirmation URL of the destination.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions UpdateTopicRuleDestination>
+-- action.
+module Amazonka.IoT.UpdateTopicRuleDestination
+  ( -- * Creating a Request
+    UpdateTopicRuleDestination (..),
+    newUpdateTopicRuleDestination,
+
+    -- * Request Lenses
+    updateTopicRuleDestination_arn,
+    updateTopicRuleDestination_status,
+
+    -- * Destructuring the Response
+    UpdateTopicRuleDestinationResponse (..),
+    newUpdateTopicRuleDestinationResponse,
+
+    -- * Response Lenses
+    updateTopicRuleDestinationResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newUpdateTopicRuleDestination' smart constructor.
+data UpdateTopicRuleDestination = UpdateTopicRuleDestination'
+  { -- | The ARN of the topic rule destination.
+    arn :: Prelude.Text,
+    -- | The status of the topic rule destination. Valid values are:
+    --
+    -- [IN_PROGRESS]
+    --     A topic rule destination was created but has not been confirmed. You
+    --     can set @status@ to @IN_PROGRESS@ by calling
+    --     @UpdateTopicRuleDestination@. Calling @UpdateTopicRuleDestination@
+    --     causes a new confirmation challenge to be sent to your confirmation
+    --     endpoint.
+    --
+    -- [ENABLED]
+    --     Confirmation was completed, and traffic to this destination is
+    --     allowed. You can set @status@ to @DISABLED@ by calling
+    --     @UpdateTopicRuleDestination@.
+    --
+    -- [DISABLED]
+    --     Confirmation was completed, and traffic to this destination is not
+    --     allowed. You can set @status@ to @ENABLED@ by calling
+    --     @UpdateTopicRuleDestination@.
+    --
+    -- [ERROR]
+    --     Confirmation could not be completed, for example if the confirmation
+    --     timed out. You can call @GetTopicRuleDestination@ for details about
+    --     the error. You can set @status@ to @IN_PROGRESS@ by calling
+    --     @UpdateTopicRuleDestination@. Calling @UpdateTopicRuleDestination@
+    --     causes a new confirmation challenge to be sent to your confirmation
+    --     endpoint.
+    status :: TopicRuleDestinationStatus
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateTopicRuleDestination' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'arn', 'updateTopicRuleDestination_arn' - The ARN of the topic rule destination.
+--
+-- 'status', 'updateTopicRuleDestination_status' - The status of the topic rule destination. Valid values are:
+--
+-- [IN_PROGRESS]
+--     A topic rule destination was created but has not been confirmed. You
+--     can set @status@ to @IN_PROGRESS@ by calling
+--     @UpdateTopicRuleDestination@. Calling @UpdateTopicRuleDestination@
+--     causes a new confirmation challenge to be sent to your confirmation
+--     endpoint.
+--
+-- [ENABLED]
+--     Confirmation was completed, and traffic to this destination is
+--     allowed. You can set @status@ to @DISABLED@ by calling
+--     @UpdateTopicRuleDestination@.
+--
+-- [DISABLED]
+--     Confirmation was completed, and traffic to this destination is not
+--     allowed. You can set @status@ to @ENABLED@ by calling
+--     @UpdateTopicRuleDestination@.
+--
+-- [ERROR]
+--     Confirmation could not be completed, for example if the confirmation
+--     timed out. You can call @GetTopicRuleDestination@ for details about
+--     the error. You can set @status@ to @IN_PROGRESS@ by calling
+--     @UpdateTopicRuleDestination@. Calling @UpdateTopicRuleDestination@
+--     causes a new confirmation challenge to be sent to your confirmation
+--     endpoint.
+newUpdateTopicRuleDestination ::
+  -- | 'arn'
+  Prelude.Text ->
+  -- | 'status'
+  TopicRuleDestinationStatus ->
+  UpdateTopicRuleDestination
+newUpdateTopicRuleDestination pArn_ pStatus_ =
+  UpdateTopicRuleDestination'
+    { arn = pArn_,
+      status = pStatus_
+    }
+
+-- | The ARN of the topic rule destination.
+updateTopicRuleDestination_arn :: Lens.Lens' UpdateTopicRuleDestination Prelude.Text
+updateTopicRuleDestination_arn = Lens.lens (\UpdateTopicRuleDestination' {arn} -> arn) (\s@UpdateTopicRuleDestination' {} a -> s {arn = a} :: UpdateTopicRuleDestination)
+
+-- | The status of the topic rule destination. Valid values are:
+--
+-- [IN_PROGRESS]
+--     A topic rule destination was created but has not been confirmed. You
+--     can set @status@ to @IN_PROGRESS@ by calling
+--     @UpdateTopicRuleDestination@. Calling @UpdateTopicRuleDestination@
+--     causes a new confirmation challenge to be sent to your confirmation
+--     endpoint.
+--
+-- [ENABLED]
+--     Confirmation was completed, and traffic to this destination is
+--     allowed. You can set @status@ to @DISABLED@ by calling
+--     @UpdateTopicRuleDestination@.
+--
+-- [DISABLED]
+--     Confirmation was completed, and traffic to this destination is not
+--     allowed. You can set @status@ to @ENABLED@ by calling
+--     @UpdateTopicRuleDestination@.
+--
+-- [ERROR]
+--     Confirmation could not be completed, for example if the confirmation
+--     timed out. You can call @GetTopicRuleDestination@ for details about
+--     the error. You can set @status@ to @IN_PROGRESS@ by calling
+--     @UpdateTopicRuleDestination@. Calling @UpdateTopicRuleDestination@
+--     causes a new confirmation challenge to be sent to your confirmation
+--     endpoint.
+updateTopicRuleDestination_status :: Lens.Lens' UpdateTopicRuleDestination TopicRuleDestinationStatus
+updateTopicRuleDestination_status = Lens.lens (\UpdateTopicRuleDestination' {status} -> status) (\s@UpdateTopicRuleDestination' {} a -> s {status = a} :: UpdateTopicRuleDestination)
+
+instance Core.AWSRequest UpdateTopicRuleDestination where
+  type
+    AWSResponse UpdateTopicRuleDestination =
+      UpdateTopicRuleDestinationResponse
+  request overrides =
+    Request.patchJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          UpdateTopicRuleDestinationResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable UpdateTopicRuleDestination where
+  hashWithSalt _salt UpdateTopicRuleDestination' {..} =
+    _salt
+      `Prelude.hashWithSalt` arn
+      `Prelude.hashWithSalt` status
+
+instance Prelude.NFData UpdateTopicRuleDestination where
+  rnf UpdateTopicRuleDestination' {..} =
+    Prelude.rnf arn `Prelude.seq` Prelude.rnf status
+
+instance Data.ToHeaders UpdateTopicRuleDestination where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON UpdateTopicRuleDestination where
+  toJSON UpdateTopicRuleDestination' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("arn" Data..= arn),
+            Prelude.Just ("status" Data..= status)
+          ]
+      )
+
+instance Data.ToPath UpdateTopicRuleDestination where
+  toPath = Prelude.const "/destinations"
+
+instance Data.ToQuery UpdateTopicRuleDestination where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateTopicRuleDestinationResponse' smart constructor.
+data UpdateTopicRuleDestinationResponse = UpdateTopicRuleDestinationResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateTopicRuleDestinationResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'updateTopicRuleDestinationResponse_httpStatus' - The response's http status code.
+newUpdateTopicRuleDestinationResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  UpdateTopicRuleDestinationResponse
+newUpdateTopicRuleDestinationResponse pHttpStatus_ =
+  UpdateTopicRuleDestinationResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+updateTopicRuleDestinationResponse_httpStatus :: Lens.Lens' UpdateTopicRuleDestinationResponse Prelude.Int
+updateTopicRuleDestinationResponse_httpStatus = Lens.lens (\UpdateTopicRuleDestinationResponse' {httpStatus} -> httpStatus) (\s@UpdateTopicRuleDestinationResponse' {} a -> s {httpStatus = a} :: UpdateTopicRuleDestinationResponse)
+
+instance
+  Prelude.NFData
+    UpdateTopicRuleDestinationResponse
+  where
+  rnf UpdateTopicRuleDestinationResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/ValidateSecurityProfileBehaviors.hs b/gen/Amazonka/IoT/ValidateSecurityProfileBehaviors.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/ValidateSecurityProfileBehaviors.hs
@@ -0,0 +1,204 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.ValidateSecurityProfileBehaviors
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Validates a Device Defender security profile behaviors specification.
+--
+-- Requires permission to access the
+-- <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions ValidateSecurityProfileBehaviors>
+-- action.
+module Amazonka.IoT.ValidateSecurityProfileBehaviors
+  ( -- * Creating a Request
+    ValidateSecurityProfileBehaviors (..),
+    newValidateSecurityProfileBehaviors,
+
+    -- * Request Lenses
+    validateSecurityProfileBehaviors_behaviors,
+
+    -- * Destructuring the Response
+    ValidateSecurityProfileBehaviorsResponse (..),
+    newValidateSecurityProfileBehaviorsResponse,
+
+    -- * Response Lenses
+    validateSecurityProfileBehaviorsResponse_valid,
+    validateSecurityProfileBehaviorsResponse_validationErrors,
+    validateSecurityProfileBehaviorsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+
+-- | /See:/ 'newValidateSecurityProfileBehaviors' smart constructor.
+data ValidateSecurityProfileBehaviors = ValidateSecurityProfileBehaviors'
+  { -- | Specifies the behaviors that, when violated by a device (thing), cause
+    -- an alert.
+    behaviors :: [Behavior]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ValidateSecurityProfileBehaviors' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'behaviors', 'validateSecurityProfileBehaviors_behaviors' - Specifies the behaviors that, when violated by a device (thing), cause
+-- an alert.
+newValidateSecurityProfileBehaviors ::
+  ValidateSecurityProfileBehaviors
+newValidateSecurityProfileBehaviors =
+  ValidateSecurityProfileBehaviors'
+    { behaviors =
+        Prelude.mempty
+    }
+
+-- | Specifies the behaviors that, when violated by a device (thing), cause
+-- an alert.
+validateSecurityProfileBehaviors_behaviors :: Lens.Lens' ValidateSecurityProfileBehaviors [Behavior]
+validateSecurityProfileBehaviors_behaviors = Lens.lens (\ValidateSecurityProfileBehaviors' {behaviors} -> behaviors) (\s@ValidateSecurityProfileBehaviors' {} a -> s {behaviors = a} :: ValidateSecurityProfileBehaviors) Prelude.. Lens.coerced
+
+instance
+  Core.AWSRequest
+    ValidateSecurityProfileBehaviors
+  where
+  type
+    AWSResponse ValidateSecurityProfileBehaviors =
+      ValidateSecurityProfileBehaviorsResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ValidateSecurityProfileBehaviorsResponse'
+            Prelude.<$> (x Data..?> "valid")
+            Prelude.<*> ( x
+                            Data..?> "validationErrors"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    ValidateSecurityProfileBehaviors
+  where
+  hashWithSalt
+    _salt
+    ValidateSecurityProfileBehaviors' {..} =
+      _salt `Prelude.hashWithSalt` behaviors
+
+instance
+  Prelude.NFData
+    ValidateSecurityProfileBehaviors
+  where
+  rnf ValidateSecurityProfileBehaviors' {..} =
+    Prelude.rnf behaviors
+
+instance
+  Data.ToHeaders
+    ValidateSecurityProfileBehaviors
+  where
+  toHeaders = Prelude.const Prelude.mempty
+
+instance Data.ToJSON ValidateSecurityProfileBehaviors where
+  toJSON ValidateSecurityProfileBehaviors' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [Prelude.Just ("behaviors" Data..= behaviors)]
+      )
+
+instance Data.ToPath ValidateSecurityProfileBehaviors where
+  toPath =
+    Prelude.const
+      "/security-profile-behaviors/validate"
+
+instance
+  Data.ToQuery
+    ValidateSecurityProfileBehaviors
+  where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newValidateSecurityProfileBehaviorsResponse' smart constructor.
+data ValidateSecurityProfileBehaviorsResponse = ValidateSecurityProfileBehaviorsResponse'
+  { -- | True if the behaviors were valid.
+    valid :: Prelude.Maybe Prelude.Bool,
+    -- | The list of any errors found in the behaviors.
+    validationErrors :: Prelude.Maybe [ValidationError],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ValidateSecurityProfileBehaviorsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'valid', 'validateSecurityProfileBehaviorsResponse_valid' - True if the behaviors were valid.
+--
+-- 'validationErrors', 'validateSecurityProfileBehaviorsResponse_validationErrors' - The list of any errors found in the behaviors.
+--
+-- 'httpStatus', 'validateSecurityProfileBehaviorsResponse_httpStatus' - The response's http status code.
+newValidateSecurityProfileBehaviorsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ValidateSecurityProfileBehaviorsResponse
+newValidateSecurityProfileBehaviorsResponse
+  pHttpStatus_ =
+    ValidateSecurityProfileBehaviorsResponse'
+      { valid =
+          Prelude.Nothing,
+        validationErrors =
+          Prelude.Nothing,
+        httpStatus = pHttpStatus_
+      }
+
+-- | True if the behaviors were valid.
+validateSecurityProfileBehaviorsResponse_valid :: Lens.Lens' ValidateSecurityProfileBehaviorsResponse (Prelude.Maybe Prelude.Bool)
+validateSecurityProfileBehaviorsResponse_valid = Lens.lens (\ValidateSecurityProfileBehaviorsResponse' {valid} -> valid) (\s@ValidateSecurityProfileBehaviorsResponse' {} a -> s {valid = a} :: ValidateSecurityProfileBehaviorsResponse)
+
+-- | The list of any errors found in the behaviors.
+validateSecurityProfileBehaviorsResponse_validationErrors :: Lens.Lens' ValidateSecurityProfileBehaviorsResponse (Prelude.Maybe [ValidationError])
+validateSecurityProfileBehaviorsResponse_validationErrors = Lens.lens (\ValidateSecurityProfileBehaviorsResponse' {validationErrors} -> validationErrors) (\s@ValidateSecurityProfileBehaviorsResponse' {} a -> s {validationErrors = a} :: ValidateSecurityProfileBehaviorsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+validateSecurityProfileBehaviorsResponse_httpStatus :: Lens.Lens' ValidateSecurityProfileBehaviorsResponse Prelude.Int
+validateSecurityProfileBehaviorsResponse_httpStatus = Lens.lens (\ValidateSecurityProfileBehaviorsResponse' {httpStatus} -> httpStatus) (\s@ValidateSecurityProfileBehaviorsResponse' {} a -> s {httpStatus = a} :: ValidateSecurityProfileBehaviorsResponse)
+
+instance
+  Prelude.NFData
+    ValidateSecurityProfileBehaviorsResponse
+  where
+  rnf ValidateSecurityProfileBehaviorsResponse' {..} =
+    Prelude.rnf valid
+      `Prelude.seq` Prelude.rnf validationErrors
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/IoT/Waiters.hs b/gen/Amazonka/IoT/Waiters.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/IoT/Waiters.hs
@@ -0,0 +1,24 @@
+{-# LANGUAGE DisambiguateRecordFields #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.IoT.Waiters
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.IoT.Waiters where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import Amazonka.IoT.Lens
+import Amazonka.IoT.Types
+import qualified Amazonka.Prelude as Prelude
diff --git a/gen/Network/AWS/IoT.hs b/gen/Network/AWS/IoT.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT.hs
+++ /dev/null
@@ -1,1294 +0,0 @@
-{-# OPTIONS_GHC -fno-warn-unused-imports    #-}
-{-# OPTIONS_GHC -fno-warn-duplicate-exports #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- __AWS IoT__
---
--- AWS IoT provides secure, bi-directional communication between Internet-connected devices (such as sensors, actuators, embedded devices, or smart appliances) and the AWS cloud. You can discover your custom IoT-Data endpoint to communicate with, configure rules for data processing and integration with other services, organize resources associated with each device (Registry), configure logging, and create and manage policies and credentials to authenticate devices.
---
--- For more information about how AWS IoT works, see the <http://docs.aws.amazon.com/iot/latest/developerguide/aws-iot-how-it-works.html Developer Guide> .
---
-module Network.AWS.IoT
-    (
-    -- * Service Configuration
-      ioT
-
-    -- * Errors
-    -- $errors
-
-    -- ** CertificateConflictException
-    , _CertificateConflictException
-
-    -- ** SqlParseException
-    , _SqlParseException
-
-    -- ** IndexNotReadyException
-    , _IndexNotReadyException
-
-    -- ** InvalidRequestException
-    , _InvalidRequestException
-
-    -- ** TransferConflictException
-    , _TransferConflictException
-
-    -- ** CertificateStateException
-    , _CertificateStateException
-
-    -- ** InvalidResponseException
-    , _InvalidResponseException
-
-    -- ** RegistrationCodeValidationException
-    , _RegistrationCodeValidationException
-
-    -- ** MalformedPolicyException
-    , _MalformedPolicyException
-
-    -- ** DeleteConflictException
-    , _DeleteConflictException
-
-    -- ** ResourceAlreadyExistsException
-    , _ResourceAlreadyExistsException
-
-    -- ** NotConfiguredException
-    , _NotConfiguredException
-
-    -- ** CertificateValidationException
-    , _CertificateValidationException
-
-    -- ** ResourceRegistrationFailureException
-    , _ResourceRegistrationFailureException
-
-    -- ** InvalidQueryException
-    , _InvalidQueryException
-
-    -- ** TransferAlreadyCompletedException
-    , _TransferAlreadyCompletedException
-
-    -- ** ThrottlingException
-    , _ThrottlingException
-
-    -- ** ConflictingResourceUpdateException
-    , _ConflictingResourceUpdateException
-
-    -- ** InternalFailureException
-    , _InternalFailureException
-
-    -- ** VersionsLimitExceededException
-    , _VersionsLimitExceededException
-
-    -- ** ServiceUnavailableException
-    , _ServiceUnavailableException
-
-    -- ** InternalException
-    , _InternalException
-
-    -- ** VersionConflictException
-    , _VersionConflictException
-
-    -- ** UnauthorizedException
-    , _UnauthorizedException
-
-    -- ** ResourceNotFoundException
-    , _ResourceNotFoundException
-
-    -- ** LimitExceededException
-    , _LimitExceededException
-
-    -- * Waiters
-    -- $waiters
-
-    -- * Operations
-    -- $operations
-
-    -- ** ListPolicies (Paginated)
-    , module Network.AWS.IoT.ListPolicies
-
-    -- ** CreatePolicy
-    , module Network.AWS.IoT.CreatePolicy
-
-    -- ** RegisterCertificate
-    , module Network.AWS.IoT.RegisterCertificate
-
-    -- ** ListThingPrincipals
-    , module Network.AWS.IoT.ListThingPrincipals
-
-    -- ** DescribeRoleAlias
-    , module Network.AWS.IoT.DescribeRoleAlias
-
-    -- ** CreateOTAUpdate
-    , module Network.AWS.IoT.CreateOTAUpdate
-
-    -- ** DescribeDefaultAuthorizer
-    , module Network.AWS.IoT.DescribeDefaultAuthorizer
-
-    -- ** ListThingRegistrationTaskReports
-    , module Network.AWS.IoT.ListThingRegistrationTaskReports
-
-    -- ** ListPrincipalThings (Paginated)
-    , module Network.AWS.IoT.ListPrincipalThings
-
-    -- ** RemoveThingFromThingGroup
-    , module Network.AWS.IoT.RemoveThingFromThingGroup
-
-    -- ** DescribeEventConfigurations
-    , module Network.AWS.IoT.DescribeEventConfigurations
-
-    -- ** ListThingGroups
-    , module Network.AWS.IoT.ListThingGroups
-
-    -- ** DescribeThingRegistrationTask
-    , module Network.AWS.IoT.DescribeThingRegistrationTask
-
-    -- ** GetLoggingOptions
-    , module Network.AWS.IoT.GetLoggingOptions
-
-    -- ** GetOTAUpdate
-    , module Network.AWS.IoT.GetOTAUpdate
-
-    -- ** GetEffectivePolicies
-    , module Network.AWS.IoT.GetEffectivePolicies
-
-    -- ** ListThingTypes (Paginated)
-    , module Network.AWS.IoT.ListThingTypes
-
-    -- ** SetV2LoggingOptions
-    , module Network.AWS.IoT.SetV2LoggingOptions
-
-    -- ** ListThingGroupsForThing
-    , module Network.AWS.IoT.ListThingGroupsForThing
-
-    -- ** CreateCertificateFromCSR
-    , module Network.AWS.IoT.CreateCertificateFromCSR
-
-    -- ** DeleteThing
-    , module Network.AWS.IoT.DeleteThing
-
-    -- ** UpdateThing
-    , module Network.AWS.IoT.UpdateThing
-
-    -- ** StartThingRegistrationTask
-    , module Network.AWS.IoT.StartThingRegistrationTask
-
-    -- ** ListAuthorizers
-    , module Network.AWS.IoT.ListAuthorizers
-
-    -- ** ListJobExecutionsForJob
-    , module Network.AWS.IoT.ListJobExecutionsForJob
-
-    -- ** SearchIndex
-    , module Network.AWS.IoT.SearchIndex
-
-    -- ** CreateThingType
-    , module Network.AWS.IoT.CreateThingType
-
-    -- ** DeleteV2LoggingLevel
-    , module Network.AWS.IoT.DeleteV2LoggingLevel
-
-    -- ** SetDefaultAuthorizer
-    , module Network.AWS.IoT.SetDefaultAuthorizer
-
-    -- ** DescribeJobExecution
-    , module Network.AWS.IoT.DescribeJobExecution
-
-    -- ** CancelCertificateTransfer
-    , module Network.AWS.IoT.CancelCertificateTransfer
-
-    -- ** GetIndexingConfiguration
-    , module Network.AWS.IoT.GetIndexingConfiguration
-
-    -- ** DeleteRoleAlias
-    , module Network.AWS.IoT.DeleteRoleAlias
-
-    -- ** UpdateRoleAlias
-    , module Network.AWS.IoT.UpdateRoleAlias
-
-    -- ** DeletePolicyVersion
-    , module Network.AWS.IoT.DeletePolicyVersion
-
-    -- ** DisableTopicRule
-    , module Network.AWS.IoT.DisableTopicRule
-
-    -- ** CreateTopicRule
-    , module Network.AWS.IoT.CreateTopicRule
-
-    -- ** CreateJob
-    , module Network.AWS.IoT.CreateJob
-
-    -- ** DescribeIndex
-    , module Network.AWS.IoT.DescribeIndex
-
-    -- ** AssociateTargetsWithJob
-    , module Network.AWS.IoT.AssociateTargetsWithJob
-
-    -- ** ListAttachedPolicies
-    , module Network.AWS.IoT.ListAttachedPolicies
-
-    -- ** CreatePolicyVersion
-    , module Network.AWS.IoT.CreatePolicyVersion
-
-    -- ** ListCACertificates (Paginated)
-    , module Network.AWS.IoT.ListCACertificates
-
-    -- ** DeleteTopicRule
-    , module Network.AWS.IoT.DeleteTopicRule
-
-    -- ** GetJobDocument
-    , module Network.AWS.IoT.GetJobDocument
-
-    -- ** CreateRoleAlias
-    , module Network.AWS.IoT.CreateRoleAlias
-
-    -- ** DeleteCACertificate
-    , module Network.AWS.IoT.DeleteCACertificate
-
-    -- ** UpdateCACertificate
-    , module Network.AWS.IoT.UpdateCACertificate
-
-    -- ** ListTopicRules (Paginated)
-    , module Network.AWS.IoT.ListTopicRules
-
-    -- ** TransferCertificate
-    , module Network.AWS.IoT.TransferCertificate
-
-    -- ** ListJobs
-    , module Network.AWS.IoT.ListJobs
-
-    -- ** ListRoleAliases
-    , module Network.AWS.IoT.ListRoleAliases
-
-    -- ** DescribeThingGroup
-    , module Network.AWS.IoT.DescribeThingGroup
-
-    -- ** GetTopicRule
-    , module Network.AWS.IoT.GetTopicRule
-
-    -- ** DescribeThing
-    , module Network.AWS.IoT.DescribeThing
-
-    -- ** DeletePolicy
-    , module Network.AWS.IoT.DeletePolicy
-
-    -- ** ListThingsInThingGroup
-    , module Network.AWS.IoT.ListThingsInThingGroup
-
-    -- ** ListCertificates (Paginated)
-    , module Network.AWS.IoT.ListCertificates
-
-    -- ** DescribeAuthorizer
-    , module Network.AWS.IoT.DescribeAuthorizer
-
-    -- ** GetPolicyVersion
-    , module Network.AWS.IoT.GetPolicyVersion
-
-    -- ** DeleteCertificate
-    , module Network.AWS.IoT.DeleteCertificate
-
-    -- ** UpdateCertificate
-    , module Network.AWS.IoT.UpdateCertificate
-
-    -- ** UpdateIndexingConfiguration
-    , module Network.AWS.IoT.UpdateIndexingConfiguration
-
-    -- ** TestInvokeAuthorizer
-    , module Network.AWS.IoT.TestInvokeAuthorizer
-
-    -- ** CreateThingGroup
-    , module Network.AWS.IoT.CreateThingGroup
-
-    -- ** DetachPolicy
-    , module Network.AWS.IoT.DetachPolicy
-
-    -- ** DescribeJob
-    , module Network.AWS.IoT.DescribeJob
-
-    -- ** DeleteThingGroup
-    , module Network.AWS.IoT.DeleteThingGroup
-
-    -- ** UpdateThingGroup
-    , module Network.AWS.IoT.UpdateThingGroup
-
-    -- ** ListOTAUpdates
-    , module Network.AWS.IoT.ListOTAUpdates
-
-    -- ** DeleteOTAUpdate
-    , module Network.AWS.IoT.DeleteOTAUpdate
-
-    -- ** ListOutgoingCertificates (Paginated)
-    , module Network.AWS.IoT.ListOutgoingCertificates
-
-    -- ** DescribeCACertificate
-    , module Network.AWS.IoT.DescribeCACertificate
-
-    -- ** GetRegistrationCode
-    , module Network.AWS.IoT.GetRegistrationCode
-
-    -- ** DeleteThingType
-    , module Network.AWS.IoT.DeleteThingType
-
-    -- ** AddThingToThingGroup
-    , module Network.AWS.IoT.AddThingToThingGroup
-
-    -- ** ListCertificatesByCA (Paginated)
-    , module Network.AWS.IoT.ListCertificatesByCA
-
-    -- ** AttachThingPrincipal
-    , module Network.AWS.IoT.AttachThingPrincipal
-
-    -- ** ListThings (Paginated)
-    , module Network.AWS.IoT.ListThings
-
-    -- ** RegisterThing
-    , module Network.AWS.IoT.RegisterThing
-
-    -- ** DeleteRegistrationCode
-    , module Network.AWS.IoT.DeleteRegistrationCode
-
-    -- ** UpdateStream
-    , module Network.AWS.IoT.UpdateStream
-
-    -- ** DeleteStream
-    , module Network.AWS.IoT.DeleteStream
-
-    -- ** ListStreams
-    , module Network.AWS.IoT.ListStreams
-
-    -- ** CreateAuthorizer
-    , module Network.AWS.IoT.CreateAuthorizer
-
-    -- ** TestAuthorization
-    , module Network.AWS.IoT.TestAuthorization
-
-    -- ** ListIndices
-    , module Network.AWS.IoT.ListIndices
-
-    -- ** UpdateAuthorizer
-    , module Network.AWS.IoT.UpdateAuthorizer
-
-    -- ** DeleteAuthorizer
-    , module Network.AWS.IoT.DeleteAuthorizer
-
-    -- ** CreateThing
-    , module Network.AWS.IoT.CreateThing
-
-    -- ** CreateStream
-    , module Network.AWS.IoT.CreateStream
-
-    -- ** ListV2LoggingLevels
-    , module Network.AWS.IoT.ListV2LoggingLevels
-
-    -- ** StopThingRegistrationTask
-    , module Network.AWS.IoT.StopThingRegistrationTask
-
-    -- ** DescribeCertificate
-    , module Network.AWS.IoT.DescribeCertificate
-
-    -- ** ListTargetsForPolicy
-    , module Network.AWS.IoT.ListTargetsForPolicy
-
-    -- ** ClearDefaultAuthorizer
-    , module Network.AWS.IoT.ClearDefaultAuthorizer
-
-    -- ** ReplaceTopicRule
-    , module Network.AWS.IoT.ReplaceTopicRule
-
-    -- ** SetDefaultPolicyVersion
-    , module Network.AWS.IoT.SetDefaultPolicyVersion
-
-    -- ** ListPolicyVersions
-    , module Network.AWS.IoT.ListPolicyVersions
-
-    -- ** SetV2LoggingLevel
-    , module Network.AWS.IoT.SetV2LoggingLevel
-
-    -- ** ListJobExecutionsForThing
-    , module Network.AWS.IoT.ListJobExecutionsForThing
-
-    -- ** AttachPolicy
-    , module Network.AWS.IoT.AttachPolicy
-
-    -- ** CreateKeysAndCertificate
-    , module Network.AWS.IoT.CreateKeysAndCertificate
-
-    -- ** UpdateThingGroupsForThing
-    , module Network.AWS.IoT.UpdateThingGroupsForThing
-
-    -- ** EnableTopicRule
-    , module Network.AWS.IoT.EnableTopicRule
-
-    -- ** AcceptCertificateTransfer
-    , module Network.AWS.IoT.AcceptCertificateTransfer
-
-    -- ** GetPolicy
-    , module Network.AWS.IoT.GetPolicy
-
-    -- ** DescribeEndpoint
-    , module Network.AWS.IoT.DescribeEndpoint
-
-    -- ** UpdateEventConfigurations
-    , module Network.AWS.IoT.UpdateEventConfigurations
-
-    -- ** RegisterCACertificate
-    , module Network.AWS.IoT.RegisterCACertificate
-
-    -- ** SetLoggingOptions
-    , module Network.AWS.IoT.SetLoggingOptions
-
-    -- ** DescribeThingType
-    , module Network.AWS.IoT.DescribeThingType
-
-    -- ** GetV2LoggingOptions
-    , module Network.AWS.IoT.GetV2LoggingOptions
-
-    -- ** ListThingRegistrationTasks
-    , module Network.AWS.IoT.ListThingRegistrationTasks
-
-    -- ** RejectCertificateTransfer
-    , module Network.AWS.IoT.RejectCertificateTransfer
-
-    -- ** DescribeStream
-    , module Network.AWS.IoT.DescribeStream
-
-    -- ** DetachThingPrincipal
-    , module Network.AWS.IoT.DetachThingPrincipal
-
-    -- ** CancelJob
-    , module Network.AWS.IoT.CancelJob
-
-    -- ** DeprecateThingType
-    , module Network.AWS.IoT.DeprecateThingType
-
-    -- * Types
-
-    -- ** ActionType
-    , ActionType (..)
-
-    -- ** AuthDecision
-    , AuthDecision (..)
-
-    -- ** AuthorizerStatus
-    , AuthorizerStatus (..)
-
-    -- ** AutoRegistrationStatus
-    , AutoRegistrationStatus (..)
-
-    -- ** CACertificateStatus
-    , CACertificateStatus (..)
-
-    -- ** CannedAccessControlList
-    , CannedAccessControlList (..)
-
-    -- ** CertificateStatus
-    , CertificateStatus (..)
-
-    -- ** DynamoKeyType
-    , DynamoKeyType (..)
-
-    -- ** EventType
-    , EventType (..)
-
-    -- ** IndexStatus
-    , IndexStatus (..)
-
-    -- ** JobExecutionStatus
-    , JobExecutionStatus (..)
-
-    -- ** JobStatus
-    , JobStatus (..)
-
-    -- ** LogLevel
-    , LogLevel (..)
-
-    -- ** LogTargetType
-    , LogTargetType (..)
-
-    -- ** MessageFormat
-    , MessageFormat (..)
-
-    -- ** OTAUpdateStatus
-    , OTAUpdateStatus (..)
-
-    -- ** ReportType
-    , ReportType (..)
-
-    -- ** TargetSelection
-    , TargetSelection (..)
-
-    -- ** TaskStatus
-    , TaskStatus (..)
-
-    -- ** ThingIndexingMode
-    , ThingIndexingMode (..)
-
-    -- ** Action
-    , Action
-    , action
-    , aCloudwatchMetric
-    , aDynamoDBv2
-    , aCloudwatchAlarm
-    , aSns
-    , aDynamoDB
-    , aFirehose
-    , aIotAnalytics
-    , aLambda
-    , aSalesforce
-    , aKinesis
-    , aS3
-    , aElasticsearch
-    , aRepublish
-    , aSqs
-
-    -- ** Allowed
-    , Allowed
-    , allowed
-    , aPolicies
-
-    -- ** AttributePayload
-    , AttributePayload
-    , attributePayload
-    , apAttributes
-    , apMerge
-
-    -- ** AuthInfo
-    , AuthInfo
-    , authInfo
-    , aiResources
-    , aiActionType
-
-    -- ** AuthResult
-    , AuthResult
-    , authResult
-    , arDenied
-    , arAuthDecision
-    , arAllowed
-    , arMissingContextValues
-    , arAuthInfo
-
-    -- ** AuthorizerDescription
-    , AuthorizerDescription
-    , authorizerDescription
-    , adStatus
-    , adLastModifiedDate
-    , adAuthorizerName
-    , adAuthorizerFunctionARN
-    , adAuthorizerARN
-    , adCreationDate
-    , adTokenSigningPublicKeys
-    , adTokenKeyName
-
-    -- ** AuthorizerSummary
-    , AuthorizerSummary
-    , authorizerSummary
-    , asAuthorizerName
-    , asAuthorizerARN
-
-    -- ** CACertificate
-    , CACertificate
-    , cACertificate
-    , cacStatus
-    , cacCertificateARN
-    , cacCertificateId
-    , cacCreationDate
-
-    -- ** CACertificateDescription
-    , CACertificateDescription
-    , cACertificateDescription
-    , cacdStatus
-    , cacdOwnedBy
-    , cacdLastModifiedDate
-    , cacdCertificatePem
-    , cacdCertificateARN
-    , cacdCertificateId
-    , cacdAutoRegistrationStatus
-    , cacdCreationDate
-    , cacdGenerationId
-    , cacdCustomerVersion
-
-    -- ** Certificate
-    , Certificate
-    , certificate
-    , cStatus
-    , cCertificateARN
-    , cCertificateId
-    , cCreationDate
-
-    -- ** CertificateDescription
-    , CertificateDescription
-    , certificateDescription
-    , cdStatus
-    , cdOwnedBy
-    , cdLastModifiedDate
-    , cdCaCertificateId
-    , cdPreviousOwnedBy
-    , cdCertificatePem
-    , cdCertificateARN
-    , cdCertificateId
-    , cdCreationDate
-    , cdGenerationId
-    , cdTransferData
-    , cdCustomerVersion
-
-    -- ** CloudwatchAlarmAction
-    , CloudwatchAlarmAction
-    , cloudwatchAlarmAction
-    , caaRoleARN
-    , caaAlarmName
-    , caaStateReason
-    , caaStateValue
-
-    -- ** CloudwatchMetricAction
-    , CloudwatchMetricAction
-    , cloudwatchMetricAction
-    , cmaMetricTimestamp
-    , cmaRoleARN
-    , cmaMetricNamespace
-    , cmaMetricName
-    , cmaMetricValue
-    , cmaMetricUnit
-
-    -- ** CodeSigning
-    , CodeSigning
-    , codeSigning
-    , csCustomCodeSigning
-    , csAwsSignerJobId
-
-    -- ** CodeSigningCertificateChain
-    , CodeSigningCertificateChain
-    , codeSigningCertificateChain
-    , csccStream
-    , csccCertificateName
-    , csccInlineDocument
-
-    -- ** CodeSigningSignature
-    , CodeSigningSignature
-    , codeSigningSignature
-    , cssStream
-    , cssInlineDocument
-
-    -- ** Configuration
-    , Configuration
-    , configuration
-    , cEnabled
-
-    -- ** CustomCodeSigning
-    , CustomCodeSigning
-    , customCodeSigning
-    , ccsSignature
-    , ccsHashAlgorithm
-    , ccsCertificateChain
-    , ccsSignatureAlgorithm
-
-    -- ** Denied
-    , Denied
-    , denied
-    , dImplicitDeny
-    , dExplicitDeny
-
-    -- ** DynamoDBAction
-    , DynamoDBAction
-    , dynamoDBAction
-    , ddbaHashKeyType
-    , ddbaOperation
-    , ddbaRangeKeyType
-    , ddbaPayloadField
-    , ddbaRangeKeyField
-    , ddbaRangeKeyValue
-    , ddbaTableName
-    , ddbaRoleARN
-    , ddbaHashKeyField
-    , ddbaHashKeyValue
-
-    -- ** DynamoDBv2Action
-    , DynamoDBv2Action
-    , dynamoDBv2Action
-    , ddaPutItem
-    , ddaRoleARN
-
-    -- ** EffectivePolicy
-    , EffectivePolicy
-    , effectivePolicy
-    , epPolicyName
-    , epPolicyDocument
-    , epPolicyARN
-
-    -- ** ElasticsearchAction
-    , ElasticsearchAction
-    , elasticsearchAction
-    , eaRoleARN
-    , eaEndpoint
-    , eaIndex
-    , eaType
-    , eaId
-
-    -- ** ErrorInfo
-    , ErrorInfo
-    , errorInfo
-    , eiCode
-    , eiMessage
-
-    -- ** ExplicitDeny
-    , ExplicitDeny
-    , explicitDeny
-    , edPolicies
-
-    -- ** FirehoseAction
-    , FirehoseAction
-    , firehoseAction
-    , faSeparator
-    , faRoleARN
-    , faDeliveryStreamName
-
-    -- ** GroupNameAndARN
-    , GroupNameAndARN
-    , groupNameAndARN
-    , gnaaGroupARN
-    , gnaaGroupName
-
-    -- ** ImplicitDeny
-    , ImplicitDeny
-    , implicitDeny
-    , idPolicies
-
-    -- ** IotAnalyticsAction
-    , IotAnalyticsAction
-    , iotAnalyticsAction
-    , iaaChannelARN
-    , iaaChannelName
-    , iaaRoleARN
-
-    -- ** Job
-    , Job
-    , job
-    , jobStatus
-    , jobJobExecutionsRolloutConfig
-    , jobJobId
-    , jobLastUpdatedAt
-    , jobJobARN
-    , jobCreatedAt
-    , jobDocumentParameters
-    , jobJobProcessDetails
-    , jobPresignedURLConfig
-    , jobTargets
-    , jobCompletedAt
-    , jobComment
-    , jobDescription
-    , jobTargetSelection
-
-    -- ** JobExecution
-    , JobExecution
-    , jobExecution
-    , jeStatus
-    , jeJobId
-    , jeLastUpdatedAt
-    , jeQueuedAt
-    , jeStatusDetails
-    , jeThingARN
-    , jeExecutionNumber
-    , jeStartedAt
-
-    -- ** JobExecutionStatusDetails
-    , JobExecutionStatusDetails
-    , jobExecutionStatusDetails
-    , jesdDetailsMap
-
-    -- ** JobExecutionSummary
-    , JobExecutionSummary
-    , jobExecutionSummary
-    , jesStatus
-    , jesLastUpdatedAt
-    , jesQueuedAt
-    , jesExecutionNumber
-    , jesStartedAt
-
-    -- ** JobExecutionSummaryForJob
-    , JobExecutionSummaryForJob
-    , jobExecutionSummaryForJob
-    , jesfjJobExecutionSummary
-    , jesfjThingARN
-
-    -- ** JobExecutionSummaryForThing
-    , JobExecutionSummaryForThing
-    , jobExecutionSummaryForThing
-    , jesftJobId
-    , jesftJobExecutionSummary
-
-    -- ** JobExecutionsRolloutConfig
-    , JobExecutionsRolloutConfig
-    , jobExecutionsRolloutConfig
-    , jercMaximumPerMinute
-
-    -- ** JobProcessDetails
-    , JobProcessDetails
-    , jobProcessDetails
-    , jpdNumberOfRemovedThings
-    , jpdNumberOfQueuedThings
-    , jpdNumberOfFailedThings
-    , jpdNumberOfSucceededThings
-    , jpdNumberOfInProgressThings
-    , jpdNumberOfCanceledThings
-    , jpdNumberOfRejectedThings
-    , jpdProcessingTargets
-
-    -- ** JobSummary
-    , JobSummary
-    , jobSummary
-    , jsStatus
-    , jsJobId
-    , jsLastUpdatedAt
-    , jsJobARN
-    , jsCreatedAt
-    , jsThingGroupId
-    , jsCompletedAt
-    , jsTargetSelection
-
-    -- ** KeyPair
-    , KeyPair
-    , keyPair
-    , kpPrivateKey
-    , kpPublicKey
-
-    -- ** KinesisAction
-    , KinesisAction
-    , kinesisAction
-    , kaPartitionKey
-    , kaRoleARN
-    , kaStreamName
-
-    -- ** LambdaAction
-    , LambdaAction
-    , lambdaAction
-    , laFunctionARN
-
-    -- ** LogTarget
-    , LogTarget
-    , logTarget
-    , ltTargetName
-    , ltTargetType
-
-    -- ** LogTargetConfiguration
-    , LogTargetConfiguration
-    , logTargetConfiguration
-    , ltcLogLevel
-    , ltcLogTarget
-
-    -- ** LoggingOptionsPayload
-    , LoggingOptionsPayload
-    , loggingOptionsPayload
-    , lopLogLevel
-    , lopRoleARN
-
-    -- ** OTAUpdateFile
-    , OTAUpdateFile
-    , oTAUpdateFile
-    , otaufFileVersion
-    , otaufAttributes
-    , otaufFileSource
-    , otaufCodeSigning
-    , otaufFileName
-
-    -- ** OTAUpdateInfo
-    , OTAUpdateInfo
-    , oTAUpdateInfo
-    , otauiLastModifiedDate
-    , otauiAwsIotJobId
-    , otauiOtaUpdateFiles
-    , otauiOtaUpdateStatus
-    , otauiTargets
-    , otauiAwsIotJobARN
-    , otauiCreationDate
-    , otauiAdditionalParameters
-    , otauiOtaUpdateId
-    , otauiErrorInfo
-    , otauiOtaUpdateARN
-    , otauiDescription
-    , otauiTargetSelection
-
-    -- ** OTAUpdateSummary
-    , OTAUpdateSummary
-    , oTAUpdateSummary
-    , otausCreationDate
-    , otausOtaUpdateId
-    , otausOtaUpdateARN
-
-    -- ** OutgoingCertificate
-    , OutgoingCertificate
-    , outgoingCertificate
-    , ocTransferDate
-    , ocCertificateARN
-    , ocCertificateId
-    , ocTransferredTo
-    , ocCreationDate
-    , ocTransferMessage
-
-    -- ** Policy
-    , Policy
-    , policy
-    , pPolicyName
-    , pPolicyARN
-
-    -- ** PolicyVersion
-    , PolicyVersion
-    , policyVersion
-    , pvVersionId
-    , pvCreateDate
-    , pvIsDefaultVersion
-
-    -- ** PresignedURLConfig
-    , PresignedURLConfig
-    , presignedURLConfig
-    , pucExpiresInSec
-    , pucRoleARN
-
-    -- ** PutItemInput
-    , PutItemInput
-    , putItemInput
-    , piiTableName
-
-    -- ** RegistrationConfig
-    , RegistrationConfig
-    , registrationConfig
-    , rcTemplateBody
-    , rcRoleARN
-
-    -- ** RepublishAction
-    , RepublishAction
-    , republishAction
-    , raRoleARN
-    , raTopic
-
-    -- ** RoleAliasDescription
-    , RoleAliasDescription
-    , roleAliasDescription
-    , radRoleAliasARN
-    , radLastModifiedDate
-    , radRoleAlias
-    , radOwner
-    , radCreationDate
-    , radCredentialDurationSeconds
-    , radRoleARN
-
-    -- ** S3Action
-    , S3Action
-    , s3Action
-    , sCannedACL
-    , sRoleARN
-    , sBucketName
-    , sKey
-
-    -- ** S3Location
-    , S3Location
-    , s3Location
-    , slVersion
-    , slBucket
-    , slKey
-
-    -- ** SNSAction
-    , SNSAction
-    , snsAction
-    , snsaMessageFormat
-    , snsaTargetARN
-    , snsaRoleARN
-
-    -- ** SalesforceAction
-    , SalesforceAction
-    , salesforceAction
-    , saToken
-    , saUrl
-
-    -- ** SqsAction
-    , SqsAction
-    , sqsAction
-    , saUseBase64
-    , saRoleARN
-    , saQueueURL
-
-    -- ** Stream
-    , Stream
-    , stream
-    , sFileId
-    , sStreamId
-
-    -- ** StreamFile
-    , StreamFile
-    , streamFile
-    , sfS3Location
-    , sfFileId
-
-    -- ** StreamInfo
-    , StreamInfo
-    , streamInfo
-    , siLastUpdatedAt
-    , siCreatedAt
-    , siStreamVersion
-    , siStreamARN
-    , siFiles
-    , siDescription
-    , siStreamId
-    , siRoleARN
-
-    -- ** StreamSummary
-    , StreamSummary
-    , streamSummary
-    , ssStreamVersion
-    , ssStreamARN
-    , ssDescription
-    , ssStreamId
-
-    -- ** ThingAttribute
-    , ThingAttribute
-    , thingAttribute
-    , taThingTypeName
-    , taThingARN
-    , taAttributes
-    , taVersion
-    , taThingName
-
-    -- ** ThingDocument
-    , ThingDocument
-    , thingDocument
-    , tdThingGroupNames
-    , tdThingTypeName
-    , tdShadow
-    , tdAttributes
-    , tdThingName
-    , tdThingId
-
-    -- ** ThingGroupMetadata
-    , ThingGroupMetadata
-    , thingGroupMetadata
-    , tgmRootToParentThingGroups
-    , tgmParentGroupName
-    , tgmCreationDate
-
-    -- ** ThingGroupProperties
-    , ThingGroupProperties
-    , thingGroupProperties
-    , tgpAttributePayload
-    , tgpThingGroupDescription
-
-    -- ** ThingIndexingConfiguration
-    , ThingIndexingConfiguration
-    , thingIndexingConfiguration
-    , ticThingIndexingMode
-
-    -- ** ThingTypeDefinition
-    , ThingTypeDefinition
-    , thingTypeDefinition
-    , ttdThingTypeProperties
-    , ttdThingTypeName
-    , ttdThingTypeMetadata
-    , ttdThingTypeARN
-
-    -- ** ThingTypeMetadata
-    , ThingTypeMetadata
-    , thingTypeMetadata
-    , ttmDeprecationDate
-    , ttmCreationDate
-    , ttmDeprecated
-
-    -- ** ThingTypeProperties
-    , ThingTypeProperties
-    , thingTypeProperties
-    , ttpSearchableAttributes
-    , ttpThingTypeDescription
-
-    -- ** TopicRule
-    , TopicRule
-    , topicRule
-    , trCreatedAt
-    , trActions
-    , trAwsIotSqlVersion
-    , trErrorAction
-    , trRuleDisabled
-    , trRuleName
-    , trSql
-    , trDescription
-
-    -- ** TopicRuleListItem
-    , TopicRuleListItem
-    , topicRuleListItem
-    , trliCreatedAt
-    , trliRuleDisabled
-    , trliRuleName
-    , trliRuleARN
-    , trliTopicPattern
-
-    -- ** TopicRulePayload
-    , TopicRulePayload
-    , topicRulePayload
-    , trpAwsIotSqlVersion
-    , trpErrorAction
-    , trpRuleDisabled
-    , trpDescription
-    , trpSql
-    , trpActions
-
-    -- ** TransferData
-    , TransferData
-    , transferData
-    , tdTransferDate
-    , tdAcceptDate
-    , tdTransferMessage
-    , tdRejectDate
-    , tdRejectReason
-    ) where
-
-import Network.AWS.IoT.AcceptCertificateTransfer
-import Network.AWS.IoT.AddThingToThingGroup
-import Network.AWS.IoT.AssociateTargetsWithJob
-import Network.AWS.IoT.AttachPolicy
-import Network.AWS.IoT.AttachThingPrincipal
-import Network.AWS.IoT.CancelCertificateTransfer
-import Network.AWS.IoT.CancelJob
-import Network.AWS.IoT.ClearDefaultAuthorizer
-import Network.AWS.IoT.CreateAuthorizer
-import Network.AWS.IoT.CreateCertificateFromCSR
-import Network.AWS.IoT.CreateJob
-import Network.AWS.IoT.CreateKeysAndCertificate
-import Network.AWS.IoT.CreateOTAUpdate
-import Network.AWS.IoT.CreatePolicy
-import Network.AWS.IoT.CreatePolicyVersion
-import Network.AWS.IoT.CreateRoleAlias
-import Network.AWS.IoT.CreateStream
-import Network.AWS.IoT.CreateThing
-import Network.AWS.IoT.CreateThingGroup
-import Network.AWS.IoT.CreateThingType
-import Network.AWS.IoT.CreateTopicRule
-import Network.AWS.IoT.DeleteAuthorizer
-import Network.AWS.IoT.DeleteCACertificate
-import Network.AWS.IoT.DeleteCertificate
-import Network.AWS.IoT.DeleteOTAUpdate
-import Network.AWS.IoT.DeletePolicy
-import Network.AWS.IoT.DeletePolicyVersion
-import Network.AWS.IoT.DeleteRegistrationCode
-import Network.AWS.IoT.DeleteRoleAlias
-import Network.AWS.IoT.DeleteStream
-import Network.AWS.IoT.DeleteThing
-import Network.AWS.IoT.DeleteThingGroup
-import Network.AWS.IoT.DeleteThingType
-import Network.AWS.IoT.DeleteTopicRule
-import Network.AWS.IoT.DeleteV2LoggingLevel
-import Network.AWS.IoT.DeprecateThingType
-import Network.AWS.IoT.DescribeAuthorizer
-import Network.AWS.IoT.DescribeCACertificate
-import Network.AWS.IoT.DescribeCertificate
-import Network.AWS.IoT.DescribeDefaultAuthorizer
-import Network.AWS.IoT.DescribeEndpoint
-import Network.AWS.IoT.DescribeEventConfigurations
-import Network.AWS.IoT.DescribeIndex
-import Network.AWS.IoT.DescribeJob
-import Network.AWS.IoT.DescribeJobExecution
-import Network.AWS.IoT.DescribeRoleAlias
-import Network.AWS.IoT.DescribeStream
-import Network.AWS.IoT.DescribeThing
-import Network.AWS.IoT.DescribeThingGroup
-import Network.AWS.IoT.DescribeThingRegistrationTask
-import Network.AWS.IoT.DescribeThingType
-import Network.AWS.IoT.DetachPolicy
-import Network.AWS.IoT.DetachThingPrincipal
-import Network.AWS.IoT.DisableTopicRule
-import Network.AWS.IoT.EnableTopicRule
-import Network.AWS.IoT.GetEffectivePolicies
-import Network.AWS.IoT.GetIndexingConfiguration
-import Network.AWS.IoT.GetJobDocument
-import Network.AWS.IoT.GetLoggingOptions
-import Network.AWS.IoT.GetOTAUpdate
-import Network.AWS.IoT.GetPolicy
-import Network.AWS.IoT.GetPolicyVersion
-import Network.AWS.IoT.GetRegistrationCode
-import Network.AWS.IoT.GetTopicRule
-import Network.AWS.IoT.GetV2LoggingOptions
-import Network.AWS.IoT.ListAttachedPolicies
-import Network.AWS.IoT.ListAuthorizers
-import Network.AWS.IoT.ListCACertificates
-import Network.AWS.IoT.ListCertificates
-import Network.AWS.IoT.ListCertificatesByCA
-import Network.AWS.IoT.ListIndices
-import Network.AWS.IoT.ListJobExecutionsForJob
-import Network.AWS.IoT.ListJobExecutionsForThing
-import Network.AWS.IoT.ListJobs
-import Network.AWS.IoT.ListOTAUpdates
-import Network.AWS.IoT.ListOutgoingCertificates
-import Network.AWS.IoT.ListPolicies
-import Network.AWS.IoT.ListPolicyVersions
-import Network.AWS.IoT.ListPrincipalThings
-import Network.AWS.IoT.ListRoleAliases
-import Network.AWS.IoT.ListStreams
-import Network.AWS.IoT.ListTargetsForPolicy
-import Network.AWS.IoT.ListThingGroups
-import Network.AWS.IoT.ListThingGroupsForThing
-import Network.AWS.IoT.ListThingPrincipals
-import Network.AWS.IoT.ListThingRegistrationTaskReports
-import Network.AWS.IoT.ListThingRegistrationTasks
-import Network.AWS.IoT.ListThings
-import Network.AWS.IoT.ListThingsInThingGroup
-import Network.AWS.IoT.ListThingTypes
-import Network.AWS.IoT.ListTopicRules
-import Network.AWS.IoT.ListV2LoggingLevels
-import Network.AWS.IoT.RegisterCACertificate
-import Network.AWS.IoT.RegisterCertificate
-import Network.AWS.IoT.RegisterThing
-import Network.AWS.IoT.RejectCertificateTransfer
-import Network.AWS.IoT.RemoveThingFromThingGroup
-import Network.AWS.IoT.ReplaceTopicRule
-import Network.AWS.IoT.SearchIndex
-import Network.AWS.IoT.SetDefaultAuthorizer
-import Network.AWS.IoT.SetDefaultPolicyVersion
-import Network.AWS.IoT.SetLoggingOptions
-import Network.AWS.IoT.SetV2LoggingLevel
-import Network.AWS.IoT.SetV2LoggingOptions
-import Network.AWS.IoT.StartThingRegistrationTask
-import Network.AWS.IoT.StopThingRegistrationTask
-import Network.AWS.IoT.TestAuthorization
-import Network.AWS.IoT.TestInvokeAuthorizer
-import Network.AWS.IoT.TransferCertificate
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.UpdateAuthorizer
-import Network.AWS.IoT.UpdateCACertificate
-import Network.AWS.IoT.UpdateCertificate
-import Network.AWS.IoT.UpdateEventConfigurations
-import Network.AWS.IoT.UpdateIndexingConfiguration
-import Network.AWS.IoT.UpdateRoleAlias
-import Network.AWS.IoT.UpdateStream
-import Network.AWS.IoT.UpdateThing
-import Network.AWS.IoT.UpdateThingGroup
-import Network.AWS.IoT.UpdateThingGroupsForThing
-import Network.AWS.IoT.Waiters
-
-{- $errors
-Error matchers are designed for use with the functions provided by
-<http://hackage.haskell.org/package/lens/docs/Control-Exception-Lens.html Control.Exception.Lens>.
-This allows catching (and rethrowing) service specific errors returned
-by 'IoT'.
--}
-
-{- $operations
-Some AWS operations return results that are incomplete and require subsequent
-requests in order to obtain the entire result set. The process of sending
-subsequent requests to continue where a previous request left off is called
-pagination. For example, the 'ListObjects' operation of Amazon S3 returns up to
-1000 objects at a time, and you must send subsequent requests with the
-appropriate Marker in order to retrieve the next page of results.
-
-Operations that have an 'AWSPager' instance can transparently perform subsequent
-requests, correctly setting Markers and other request facets to iterate through
-the entire result set of a truncated API operation. Operations which support
-this have an additional note in the documentation.
-
-Many operations have the ability to filter results on the server side. See the
-individual operation parameters for details.
--}
-
-{- $waiters
-Waiters poll by repeatedly sending a request until some remote success condition
-configured by the 'Wait' specification is fulfilled. The 'Wait' specification
-determines how many attempts should be made, in addition to delay and retry strategies.
--}
diff --git a/gen/Network/AWS/IoT/AcceptCertificateTransfer.hs b/gen/Network/AWS/IoT/AcceptCertificateTransfer.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/AcceptCertificateTransfer.hs
+++ /dev/null
@@ -1,122 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.AcceptCertificateTransfer
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Accepts a pending certificate transfer. The default state of the certificate is INACTIVE.
---
---
--- To check for pending certificate transfers, call 'ListCertificates' to enumerate your certificates.
---
-module Network.AWS.IoT.AcceptCertificateTransfer
-    (
-    -- * Creating a Request
-      acceptCertificateTransfer
-    , AcceptCertificateTransfer
-    -- * Request Lenses
-    , actSetAsActive
-    , actCertificateId
-
-    -- * Destructuring the Response
-    , acceptCertificateTransferResponse
-    , AcceptCertificateTransferResponse
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the AcceptCertificateTransfer operation.
---
---
---
--- /See:/ 'acceptCertificateTransfer' smart constructor.
-data AcceptCertificateTransfer = AcceptCertificateTransfer'
-  { _actSetAsActive   :: !(Maybe Bool)
-  , _actCertificateId :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'AcceptCertificateTransfer' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'actSetAsActive' - Specifies whether the certificate is active.
---
--- * 'actCertificateId' - The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.)
-acceptCertificateTransfer
-    :: Text -- ^ 'actCertificateId'
-    -> AcceptCertificateTransfer
-acceptCertificateTransfer pCertificateId_ =
-  AcceptCertificateTransfer'
-    {_actSetAsActive = Nothing, _actCertificateId = pCertificateId_}
-
-
--- | Specifies whether the certificate is active.
-actSetAsActive :: Lens' AcceptCertificateTransfer (Maybe Bool)
-actSetAsActive = lens _actSetAsActive (\ s a -> s{_actSetAsActive = a})
-
--- | The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.)
-actCertificateId :: Lens' AcceptCertificateTransfer Text
-actCertificateId = lens _actCertificateId (\ s a -> s{_actCertificateId = a})
-
-instance AWSRequest AcceptCertificateTransfer where
-        type Rs AcceptCertificateTransfer =
-             AcceptCertificateTransferResponse
-        request = patchJSON ioT
-        response
-          = receiveNull AcceptCertificateTransferResponse'
-
-instance Hashable AcceptCertificateTransfer where
-
-instance NFData AcceptCertificateTransfer where
-
-instance ToHeaders AcceptCertificateTransfer where
-        toHeaders = const mempty
-
-instance ToJSON AcceptCertificateTransfer where
-        toJSON = const (Object mempty)
-
-instance ToPath AcceptCertificateTransfer where
-        toPath AcceptCertificateTransfer'{..}
-          = mconcat
-              ["/accept-certificate-transfer/",
-               toBS _actCertificateId]
-
-instance ToQuery AcceptCertificateTransfer where
-        toQuery AcceptCertificateTransfer'{..}
-          = mconcat ["setAsActive" =: _actSetAsActive]
-
--- | /See:/ 'acceptCertificateTransferResponse' smart constructor.
-data AcceptCertificateTransferResponse =
-  AcceptCertificateTransferResponse'
-  deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'AcceptCertificateTransferResponse' with the minimum fields required to make a request.
---
-acceptCertificateTransferResponse
-    :: AcceptCertificateTransferResponse
-acceptCertificateTransferResponse = AcceptCertificateTransferResponse'
-
-
-instance NFData AcceptCertificateTransferResponse
-         where
diff --git a/gen/Network/AWS/IoT/AddThingToThingGroup.hs b/gen/Network/AWS/IoT/AddThingToThingGroup.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/AddThingToThingGroup.hs
+++ /dev/null
@@ -1,150 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.AddThingToThingGroup
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Adds a thing to a thing group.
---
---
-module Network.AWS.IoT.AddThingToThingGroup
-    (
-    -- * Creating a Request
-      addThingToThingGroup
-    , AddThingToThingGroup
-    -- * Request Lenses
-    , atttgThingGroupARN
-    , atttgThingARN
-    , atttgThingGroupName
-    , atttgThingName
-
-    -- * Destructuring the Response
-    , addThingToThingGroupResponse
-    , AddThingToThingGroupResponse
-    -- * Response Lenses
-    , atttgrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'addThingToThingGroup' smart constructor.
-data AddThingToThingGroup = AddThingToThingGroup'
-  { _atttgThingGroupARN  :: !(Maybe Text)
-  , _atttgThingARN       :: !(Maybe Text)
-  , _atttgThingGroupName :: !(Maybe Text)
-  , _atttgThingName      :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'AddThingToThingGroup' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'atttgThingGroupARN' - The ARN of the group to which you are adding a thing.
---
--- * 'atttgThingARN' - The ARN of the thing to add to a group.
---
--- * 'atttgThingGroupName' - The name of the group to which you are adding a thing.
---
--- * 'atttgThingName' - The name of the thing to add to a group.
-addThingToThingGroup
-    :: AddThingToThingGroup
-addThingToThingGroup =
-  AddThingToThingGroup'
-    { _atttgThingGroupARN = Nothing
-    , _atttgThingARN = Nothing
-    , _atttgThingGroupName = Nothing
-    , _atttgThingName = Nothing
-    }
-
-
--- | The ARN of the group to which you are adding a thing.
-atttgThingGroupARN :: Lens' AddThingToThingGroup (Maybe Text)
-atttgThingGroupARN = lens _atttgThingGroupARN (\ s a -> s{_atttgThingGroupARN = a})
-
--- | The ARN of the thing to add to a group.
-atttgThingARN :: Lens' AddThingToThingGroup (Maybe Text)
-atttgThingARN = lens _atttgThingARN (\ s a -> s{_atttgThingARN = a})
-
--- | The name of the group to which you are adding a thing.
-atttgThingGroupName :: Lens' AddThingToThingGroup (Maybe Text)
-atttgThingGroupName = lens _atttgThingGroupName (\ s a -> s{_atttgThingGroupName = a})
-
--- | The name of the thing to add to a group.
-atttgThingName :: Lens' AddThingToThingGroup (Maybe Text)
-atttgThingName = lens _atttgThingName (\ s a -> s{_atttgThingName = a})
-
-instance AWSRequest AddThingToThingGroup where
-        type Rs AddThingToThingGroup =
-             AddThingToThingGroupResponse
-        request = putJSON ioT
-        response
-          = receiveEmpty
-              (\ s h x ->
-                 AddThingToThingGroupResponse' <$>
-                   (pure (fromEnum s)))
-
-instance Hashable AddThingToThingGroup where
-
-instance NFData AddThingToThingGroup where
-
-instance ToHeaders AddThingToThingGroup where
-        toHeaders = const mempty
-
-instance ToJSON AddThingToThingGroup where
-        toJSON AddThingToThingGroup'{..}
-          = object
-              (catMaybes
-                 [("thingGroupArn" .=) <$> _atttgThingGroupARN,
-                  ("thingArn" .=) <$> _atttgThingARN,
-                  ("thingGroupName" .=) <$> _atttgThingGroupName,
-                  ("thingName" .=) <$> _atttgThingName])
-
-instance ToPath AddThingToThingGroup where
-        toPath = const "/thing-groups/addThingToThingGroup"
-
-instance ToQuery AddThingToThingGroup where
-        toQuery = const mempty
-
--- | /See:/ 'addThingToThingGroupResponse' smart constructor.
-newtype AddThingToThingGroupResponse = AddThingToThingGroupResponse'
-  { _atttgrsResponseStatus :: Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'AddThingToThingGroupResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'atttgrsResponseStatus' - -- | The response status code.
-addThingToThingGroupResponse
-    :: Int -- ^ 'atttgrsResponseStatus'
-    -> AddThingToThingGroupResponse
-addThingToThingGroupResponse pResponseStatus_ =
-  AddThingToThingGroupResponse' {_atttgrsResponseStatus = pResponseStatus_}
-
-
--- | -- | The response status code.
-atttgrsResponseStatus :: Lens' AddThingToThingGroupResponse Int
-atttgrsResponseStatus = lens _atttgrsResponseStatus (\ s a -> s{_atttgrsResponseStatus = a})
-
-instance NFData AddThingToThingGroupResponse where
diff --git a/gen/Network/AWS/IoT/AssociateTargetsWithJob.hs b/gen/Network/AWS/IoT/AssociateTargetsWithJob.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/AssociateTargetsWithJob.hs
+++ /dev/null
@@ -1,181 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.AssociateTargetsWithJob
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Associates a group with a continuous job. The following criteria must be met:
---
---
---     * The job must have been created with the @targetSelection@ field set to "CONTINUOUS".
---
---     * The job status must currently be "IN_PROGRESS".
---
---     * The total number of targets associated with a job must not exceed 100.
---
---
---
-module Network.AWS.IoT.AssociateTargetsWithJob
-    (
-    -- * Creating a Request
-      associateTargetsWithJob
-    , AssociateTargetsWithJob
-    -- * Request Lenses
-    , atwjComment
-    , atwjTargets
-    , atwjJobId
-
-    -- * Destructuring the Response
-    , associateTargetsWithJobResponse
-    , AssociateTargetsWithJobResponse
-    -- * Response Lenses
-    , atwjrsJobId
-    , atwjrsJobARN
-    , atwjrsDescription
-    , atwjrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'associateTargetsWithJob' smart constructor.
-data AssociateTargetsWithJob = AssociateTargetsWithJob'
-  { _atwjComment :: !(Maybe Text)
-  , _atwjTargets :: !(List1 Text)
-  , _atwjJobId   :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'AssociateTargetsWithJob' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'atwjComment' - An optional comment string describing why the job was associated with the targets.
---
--- * 'atwjTargets' - A list of thing group ARNs that define the targets of the job.
---
--- * 'atwjJobId' - The unique identifier you assigned to this job when it was created.
-associateTargetsWithJob
-    :: NonEmpty Text -- ^ 'atwjTargets'
-    -> Text -- ^ 'atwjJobId'
-    -> AssociateTargetsWithJob
-associateTargetsWithJob pTargets_ pJobId_ =
-  AssociateTargetsWithJob'
-    { _atwjComment = Nothing
-    , _atwjTargets = _List1 # pTargets_
-    , _atwjJobId = pJobId_
-    }
-
-
--- | An optional comment string describing why the job was associated with the targets.
-atwjComment :: Lens' AssociateTargetsWithJob (Maybe Text)
-atwjComment = lens _atwjComment (\ s a -> s{_atwjComment = a})
-
--- | A list of thing group ARNs that define the targets of the job.
-atwjTargets :: Lens' AssociateTargetsWithJob (NonEmpty Text)
-atwjTargets = lens _atwjTargets (\ s a -> s{_atwjTargets = a}) . _List1
-
--- | The unique identifier you assigned to this job when it was created.
-atwjJobId :: Lens' AssociateTargetsWithJob Text
-atwjJobId = lens _atwjJobId (\ s a -> s{_atwjJobId = a})
-
-instance AWSRequest AssociateTargetsWithJob where
-        type Rs AssociateTargetsWithJob =
-             AssociateTargetsWithJobResponse
-        request = postJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 AssociateTargetsWithJobResponse' <$>
-                   (x .?> "jobId") <*> (x .?> "jobArn") <*>
-                     (x .?> "description")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable AssociateTargetsWithJob where
-
-instance NFData AssociateTargetsWithJob where
-
-instance ToHeaders AssociateTargetsWithJob where
-        toHeaders = const mempty
-
-instance ToJSON AssociateTargetsWithJob where
-        toJSON AssociateTargetsWithJob'{..}
-          = object
-              (catMaybes
-                 [("comment" .=) <$> _atwjComment,
-                  Just ("targets" .= _atwjTargets)])
-
-instance ToPath AssociateTargetsWithJob where
-        toPath AssociateTargetsWithJob'{..}
-          = mconcat ["/jobs/", toBS _atwjJobId, "/targets"]
-
-instance ToQuery AssociateTargetsWithJob where
-        toQuery = const mempty
-
--- | /See:/ 'associateTargetsWithJobResponse' smart constructor.
-data AssociateTargetsWithJobResponse = AssociateTargetsWithJobResponse'
-  { _atwjrsJobId          :: !(Maybe Text)
-  , _atwjrsJobARN         :: !(Maybe Text)
-  , _atwjrsDescription    :: !(Maybe Text)
-  , _atwjrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'AssociateTargetsWithJobResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'atwjrsJobId' - The unique identifier you assigned to this job when it was created.
---
--- * 'atwjrsJobARN' - An ARN identifying the job.
---
--- * 'atwjrsDescription' - A short text description of the job.
---
--- * 'atwjrsResponseStatus' - -- | The response status code.
-associateTargetsWithJobResponse
-    :: Int -- ^ 'atwjrsResponseStatus'
-    -> AssociateTargetsWithJobResponse
-associateTargetsWithJobResponse pResponseStatus_ =
-  AssociateTargetsWithJobResponse'
-    { _atwjrsJobId = Nothing
-    , _atwjrsJobARN = Nothing
-    , _atwjrsDescription = Nothing
-    , _atwjrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The unique identifier you assigned to this job when it was created.
-atwjrsJobId :: Lens' AssociateTargetsWithJobResponse (Maybe Text)
-atwjrsJobId = lens _atwjrsJobId (\ s a -> s{_atwjrsJobId = a})
-
--- | An ARN identifying the job.
-atwjrsJobARN :: Lens' AssociateTargetsWithJobResponse (Maybe Text)
-atwjrsJobARN = lens _atwjrsJobARN (\ s a -> s{_atwjrsJobARN = a})
-
--- | A short text description of the job.
-atwjrsDescription :: Lens' AssociateTargetsWithJobResponse (Maybe Text)
-atwjrsDescription = lens _atwjrsDescription (\ s a -> s{_atwjrsDescription = a})
-
--- | -- | The response status code.
-atwjrsResponseStatus :: Lens' AssociateTargetsWithJobResponse Int
-atwjrsResponseStatus = lens _atwjrsResponseStatus (\ s a -> s{_atwjrsResponseStatus = a})
-
-instance NFData AssociateTargetsWithJobResponse where
diff --git a/gen/Network/AWS/IoT/AttachPolicy.hs b/gen/Network/AWS/IoT/AttachPolicy.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/AttachPolicy.hs
+++ /dev/null
@@ -1,111 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.AttachPolicy
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Attaches a policy to the specified target.
---
---
-module Network.AWS.IoT.AttachPolicy
-    (
-    -- * Creating a Request
-      attachPolicy
-    , AttachPolicy
-    -- * Request Lenses
-    , apPolicyName
-    , apTarget
-
-    -- * Destructuring the Response
-    , attachPolicyResponse
-    , AttachPolicyResponse
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'attachPolicy' smart constructor.
-data AttachPolicy = AttachPolicy'
-  { _apPolicyName :: !Text
-  , _apTarget     :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'AttachPolicy' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'apPolicyName' - The name of the policy to attach.
---
--- * 'apTarget' - The identity to which the policy is attached.
-attachPolicy
-    :: Text -- ^ 'apPolicyName'
-    -> Text -- ^ 'apTarget'
-    -> AttachPolicy
-attachPolicy pPolicyName_ pTarget_ =
-  AttachPolicy' {_apPolicyName = pPolicyName_, _apTarget = pTarget_}
-
-
--- | The name of the policy to attach.
-apPolicyName :: Lens' AttachPolicy Text
-apPolicyName = lens _apPolicyName (\ s a -> s{_apPolicyName = a})
-
--- | The identity to which the policy is attached.
-apTarget :: Lens' AttachPolicy Text
-apTarget = lens _apTarget (\ s a -> s{_apTarget = a})
-
-instance AWSRequest AttachPolicy where
-        type Rs AttachPolicy = AttachPolicyResponse
-        request = putJSON ioT
-        response = receiveNull AttachPolicyResponse'
-
-instance Hashable AttachPolicy where
-
-instance NFData AttachPolicy where
-
-instance ToHeaders AttachPolicy where
-        toHeaders = const mempty
-
-instance ToJSON AttachPolicy where
-        toJSON AttachPolicy'{..}
-          = object (catMaybes [Just ("target" .= _apTarget)])
-
-instance ToPath AttachPolicy where
-        toPath AttachPolicy'{..}
-          = mconcat ["/target-policies/", toBS _apPolicyName]
-
-instance ToQuery AttachPolicy where
-        toQuery = const mempty
-
--- | /See:/ 'attachPolicyResponse' smart constructor.
-data AttachPolicyResponse =
-  AttachPolicyResponse'
-  deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'AttachPolicyResponse' with the minimum fields required to make a request.
---
-attachPolicyResponse
-    :: AttachPolicyResponse
-attachPolicyResponse = AttachPolicyResponse'
-
-
-instance NFData AttachPolicyResponse where
diff --git a/gen/Network/AWS/IoT/AttachThingPrincipal.hs b/gen/Network/AWS/IoT/AttachThingPrincipal.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/AttachThingPrincipal.hs
+++ /dev/null
@@ -1,137 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.AttachThingPrincipal
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Attaches the specified principal to the specified thing.
---
---
-module Network.AWS.IoT.AttachThingPrincipal
-    (
-    -- * Creating a Request
-      attachThingPrincipal
-    , AttachThingPrincipal
-    -- * Request Lenses
-    , atpThingName
-    , atpPrincipal
-
-    -- * Destructuring the Response
-    , attachThingPrincipalResponse
-    , AttachThingPrincipalResponse
-    -- * Response Lenses
-    , atprsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the AttachThingPrincipal operation.
---
---
---
--- /See:/ 'attachThingPrincipal' smart constructor.
-data AttachThingPrincipal = AttachThingPrincipal'
-  { _atpThingName :: !Text
-  , _atpPrincipal :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'AttachThingPrincipal' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'atpThingName' - The name of the thing.
---
--- * 'atpPrincipal' - The principal, such as a certificate or other credential.
-attachThingPrincipal
-    :: Text -- ^ 'atpThingName'
-    -> Text -- ^ 'atpPrincipal'
-    -> AttachThingPrincipal
-attachThingPrincipal pThingName_ pPrincipal_ =
-  AttachThingPrincipal'
-    {_atpThingName = pThingName_, _atpPrincipal = pPrincipal_}
-
-
--- | The name of the thing.
-atpThingName :: Lens' AttachThingPrincipal Text
-atpThingName = lens _atpThingName (\ s a -> s{_atpThingName = a})
-
--- | The principal, such as a certificate or other credential.
-atpPrincipal :: Lens' AttachThingPrincipal Text
-atpPrincipal = lens _atpPrincipal (\ s a -> s{_atpPrincipal = a})
-
-instance AWSRequest AttachThingPrincipal where
-        type Rs AttachThingPrincipal =
-             AttachThingPrincipalResponse
-        request = putJSON ioT
-        response
-          = receiveEmpty
-              (\ s h x ->
-                 AttachThingPrincipalResponse' <$>
-                   (pure (fromEnum s)))
-
-instance Hashable AttachThingPrincipal where
-
-instance NFData AttachThingPrincipal where
-
-instance ToHeaders AttachThingPrincipal where
-        toHeaders AttachThingPrincipal'{..}
-          = mconcat ["x-amzn-principal" =# _atpPrincipal]
-
-instance ToJSON AttachThingPrincipal where
-        toJSON = const (Object mempty)
-
-instance ToPath AttachThingPrincipal where
-        toPath AttachThingPrincipal'{..}
-          = mconcat
-              ["/things/", toBS _atpThingName, "/principals"]
-
-instance ToQuery AttachThingPrincipal where
-        toQuery = const mempty
-
--- | The output from the AttachThingPrincipal operation.
---
---
---
--- /See:/ 'attachThingPrincipalResponse' smart constructor.
-newtype AttachThingPrincipalResponse = AttachThingPrincipalResponse'
-  { _atprsResponseStatus :: Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'AttachThingPrincipalResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'atprsResponseStatus' - -- | The response status code.
-attachThingPrincipalResponse
-    :: Int -- ^ 'atprsResponseStatus'
-    -> AttachThingPrincipalResponse
-attachThingPrincipalResponse pResponseStatus_ =
-  AttachThingPrincipalResponse' {_atprsResponseStatus = pResponseStatus_}
-
-
--- | -- | The response status code.
-atprsResponseStatus :: Lens' AttachThingPrincipalResponse Int
-atprsResponseStatus = lens _atprsResponseStatus (\ s a -> s{_atprsResponseStatus = a})
-
-instance NFData AttachThingPrincipalResponse where
diff --git a/gen/Network/AWS/IoT/CancelCertificateTransfer.hs b/gen/Network/AWS/IoT/CancelCertificateTransfer.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/CancelCertificateTransfer.hs
+++ /dev/null
@@ -1,114 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.CancelCertificateTransfer
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Cancels a pending transfer for the specified certificate.
---
---
--- __Note__ Only the transfer source account can use this operation to cancel a transfer. (Transfer destinations can use 'RejectCertificateTransfer' instead.) After transfer, AWS IoT returns the certificate to the source account in the INACTIVE state. After the destination account has accepted the transfer, the transfer cannot be cancelled.
---
--- After a certificate transfer is cancelled, the status of the certificate changes from PENDING_TRANSFER to INACTIVE.
---
-module Network.AWS.IoT.CancelCertificateTransfer
-    (
-    -- * Creating a Request
-      cancelCertificateTransfer
-    , CancelCertificateTransfer
-    -- * Request Lenses
-    , cctCertificateId
-
-    -- * Destructuring the Response
-    , cancelCertificateTransferResponse
-    , CancelCertificateTransferResponse
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the CancelCertificateTransfer operation.
---
---
---
--- /See:/ 'cancelCertificateTransfer' smart constructor.
-newtype CancelCertificateTransfer = CancelCertificateTransfer'
-  { _cctCertificateId :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CancelCertificateTransfer' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'cctCertificateId' - The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.)
-cancelCertificateTransfer
-    :: Text -- ^ 'cctCertificateId'
-    -> CancelCertificateTransfer
-cancelCertificateTransfer pCertificateId_ =
-  CancelCertificateTransfer' {_cctCertificateId = pCertificateId_}
-
-
--- | The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.)
-cctCertificateId :: Lens' CancelCertificateTransfer Text
-cctCertificateId = lens _cctCertificateId (\ s a -> s{_cctCertificateId = a})
-
-instance AWSRequest CancelCertificateTransfer where
-        type Rs CancelCertificateTransfer =
-             CancelCertificateTransferResponse
-        request = patchJSON ioT
-        response
-          = receiveNull CancelCertificateTransferResponse'
-
-instance Hashable CancelCertificateTransfer where
-
-instance NFData CancelCertificateTransfer where
-
-instance ToHeaders CancelCertificateTransfer where
-        toHeaders = const mempty
-
-instance ToJSON CancelCertificateTransfer where
-        toJSON = const (Object mempty)
-
-instance ToPath CancelCertificateTransfer where
-        toPath CancelCertificateTransfer'{..}
-          = mconcat
-              ["/cancel-certificate-transfer/",
-               toBS _cctCertificateId]
-
-instance ToQuery CancelCertificateTransfer where
-        toQuery = const mempty
-
--- | /See:/ 'cancelCertificateTransferResponse' smart constructor.
-data CancelCertificateTransferResponse =
-  CancelCertificateTransferResponse'
-  deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CancelCertificateTransferResponse' with the minimum fields required to make a request.
---
-cancelCertificateTransferResponse
-    :: CancelCertificateTransferResponse
-cancelCertificateTransferResponse = CancelCertificateTransferResponse'
-
-
-instance NFData CancelCertificateTransferResponse
-         where
diff --git a/gen/Network/AWS/IoT/CancelJob.hs b/gen/Network/AWS/IoT/CancelJob.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/CancelJob.hs
+++ /dev/null
@@ -1,155 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.CancelJob
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Cancels a job.
---
---
-module Network.AWS.IoT.CancelJob
-    (
-    -- * Creating a Request
-      cancelJob
-    , CancelJob
-    -- * Request Lenses
-    , cComment
-    , cJobId
-
-    -- * Destructuring the Response
-    , cancelJobResponse
-    , CancelJobResponse
-    -- * Response Lenses
-    , crsJobId
-    , crsJobARN
-    , crsDescription
-    , crsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'cancelJob' smart constructor.
-data CancelJob = CancelJob'
-  { _cComment :: !(Maybe Text)
-  , _cJobId   :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CancelJob' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'cComment' - An optional comment string describing why the job was canceled.
---
--- * 'cJobId' - The unique identifier you assigned to this job when it was created.
-cancelJob
-    :: Text -- ^ 'cJobId'
-    -> CancelJob
-cancelJob pJobId_ = CancelJob' {_cComment = Nothing, _cJobId = pJobId_}
-
-
--- | An optional comment string describing why the job was canceled.
-cComment :: Lens' CancelJob (Maybe Text)
-cComment = lens _cComment (\ s a -> s{_cComment = a})
-
--- | The unique identifier you assigned to this job when it was created.
-cJobId :: Lens' CancelJob Text
-cJobId = lens _cJobId (\ s a -> s{_cJobId = a})
-
-instance AWSRequest CancelJob where
-        type Rs CancelJob = CancelJobResponse
-        request = putJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 CancelJobResponse' <$>
-                   (x .?> "jobId") <*> (x .?> "jobArn") <*>
-                     (x .?> "description")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable CancelJob where
-
-instance NFData CancelJob where
-
-instance ToHeaders CancelJob where
-        toHeaders = const mempty
-
-instance ToJSON CancelJob where
-        toJSON CancelJob'{..}
-          = object (catMaybes [("comment" .=) <$> _cComment])
-
-instance ToPath CancelJob where
-        toPath CancelJob'{..}
-          = mconcat ["/jobs/", toBS _cJobId, "/cancel"]
-
-instance ToQuery CancelJob where
-        toQuery = const mempty
-
--- | /See:/ 'cancelJobResponse' smart constructor.
-data CancelJobResponse = CancelJobResponse'
-  { _crsJobId          :: !(Maybe Text)
-  , _crsJobARN         :: !(Maybe Text)
-  , _crsDescription    :: !(Maybe Text)
-  , _crsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CancelJobResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'crsJobId' - The unique identifier you assigned to this job when it was created.
---
--- * 'crsJobARN' - The job ARN.
---
--- * 'crsDescription' - A short text description of the job.
---
--- * 'crsResponseStatus' - -- | The response status code.
-cancelJobResponse
-    :: Int -- ^ 'crsResponseStatus'
-    -> CancelJobResponse
-cancelJobResponse pResponseStatus_ =
-  CancelJobResponse'
-    { _crsJobId = Nothing
-    , _crsJobARN = Nothing
-    , _crsDescription = Nothing
-    , _crsResponseStatus = pResponseStatus_
-    }
-
-
--- | The unique identifier you assigned to this job when it was created.
-crsJobId :: Lens' CancelJobResponse (Maybe Text)
-crsJobId = lens _crsJobId (\ s a -> s{_crsJobId = a})
-
--- | The job ARN.
-crsJobARN :: Lens' CancelJobResponse (Maybe Text)
-crsJobARN = lens _crsJobARN (\ s a -> s{_crsJobARN = a})
-
--- | A short text description of the job.
-crsDescription :: Lens' CancelJobResponse (Maybe Text)
-crsDescription = lens _crsDescription (\ s a -> s{_crsDescription = a})
-
--- | -- | The response status code.
-crsResponseStatus :: Lens' CancelJobResponse Int
-crsResponseStatus = lens _crsResponseStatus (\ s a -> s{_crsResponseStatus = a})
-
-instance NFData CancelJobResponse where
diff --git a/gen/Network/AWS/IoT/ClearDefaultAuthorizer.hs b/gen/Network/AWS/IoT/ClearDefaultAuthorizer.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ClearDefaultAuthorizer.hs
+++ /dev/null
@@ -1,102 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ClearDefaultAuthorizer
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Clears the default authorizer.
---
---
-module Network.AWS.IoT.ClearDefaultAuthorizer
-    (
-    -- * Creating a Request
-      clearDefaultAuthorizer
-    , ClearDefaultAuthorizer
-
-    -- * Destructuring the Response
-    , clearDefaultAuthorizerResponse
-    , ClearDefaultAuthorizerResponse
-    -- * Response Lenses
-    , cdarsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'clearDefaultAuthorizer' smart constructor.
-data ClearDefaultAuthorizer =
-  ClearDefaultAuthorizer'
-  deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ClearDefaultAuthorizer' with the minimum fields required to make a request.
---
-clearDefaultAuthorizer
-    :: ClearDefaultAuthorizer
-clearDefaultAuthorizer = ClearDefaultAuthorizer'
-
-
-instance AWSRequest ClearDefaultAuthorizer where
-        type Rs ClearDefaultAuthorizer =
-             ClearDefaultAuthorizerResponse
-        request = delete ioT
-        response
-          = receiveEmpty
-              (\ s h x ->
-                 ClearDefaultAuthorizerResponse' <$>
-                   (pure (fromEnum s)))
-
-instance Hashable ClearDefaultAuthorizer where
-
-instance NFData ClearDefaultAuthorizer where
-
-instance ToHeaders ClearDefaultAuthorizer where
-        toHeaders = const mempty
-
-instance ToPath ClearDefaultAuthorizer where
-        toPath = const "/default-authorizer"
-
-instance ToQuery ClearDefaultAuthorizer where
-        toQuery = const mempty
-
--- | /See:/ 'clearDefaultAuthorizerResponse' smart constructor.
-newtype ClearDefaultAuthorizerResponse = ClearDefaultAuthorizerResponse'
-  { _cdarsResponseStatus :: Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ClearDefaultAuthorizerResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'cdarsResponseStatus' - -- | The response status code.
-clearDefaultAuthorizerResponse
-    :: Int -- ^ 'cdarsResponseStatus'
-    -> ClearDefaultAuthorizerResponse
-clearDefaultAuthorizerResponse pResponseStatus_ =
-  ClearDefaultAuthorizerResponse' {_cdarsResponseStatus = pResponseStatus_}
-
-
--- | -- | The response status code.
-cdarsResponseStatus :: Lens' ClearDefaultAuthorizerResponse Int
-cdarsResponseStatus = lens _cdarsResponseStatus (\ s a -> s{_cdarsResponseStatus = a})
-
-instance NFData ClearDefaultAuthorizerResponse where
diff --git a/gen/Network/AWS/IoT/CreateAuthorizer.hs b/gen/Network/AWS/IoT/CreateAuthorizer.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/CreateAuthorizer.hs
+++ /dev/null
@@ -1,187 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.CreateAuthorizer
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Creates an authorizer.
---
---
-module Network.AWS.IoT.CreateAuthorizer
-    (
-    -- * Creating a Request
-      createAuthorizer
-    , CreateAuthorizer
-    -- * Request Lenses
-    , caStatus
-    , caAuthorizerName
-    , caAuthorizerFunctionARN
-    , caTokenKeyName
-    , caTokenSigningPublicKeys
-
-    -- * Destructuring the Response
-    , createAuthorizerResponse
-    , CreateAuthorizerResponse
-    -- * Response Lenses
-    , carsAuthorizerName
-    , carsAuthorizerARN
-    , carsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'createAuthorizer' smart constructor.
-data CreateAuthorizer = CreateAuthorizer'
-  { _caStatus                 :: !(Maybe AuthorizerStatus)
-  , _caAuthorizerName         :: !Text
-  , _caAuthorizerFunctionARN  :: !Text
-  , _caTokenKeyName           :: !Text
-  , _caTokenSigningPublicKeys :: !(Map Text Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CreateAuthorizer' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'caStatus' - The status of the create authorizer request.
---
--- * 'caAuthorizerName' - The authorizer name.
---
--- * 'caAuthorizerFunctionARN' - The ARN of the authorizer's Lambda function.
---
--- * 'caTokenKeyName' - The name of the token key used to extract the token from the HTTP headers.
---
--- * 'caTokenSigningPublicKeys' - The public keys used to verify the digital signature returned by your custom authentication service.
-createAuthorizer
-    :: Text -- ^ 'caAuthorizerName'
-    -> Text -- ^ 'caAuthorizerFunctionARN'
-    -> Text -- ^ 'caTokenKeyName'
-    -> CreateAuthorizer
-createAuthorizer pAuthorizerName_ pAuthorizerFunctionARN_ pTokenKeyName_ =
-  CreateAuthorizer'
-    { _caStatus = Nothing
-    , _caAuthorizerName = pAuthorizerName_
-    , _caAuthorizerFunctionARN = pAuthorizerFunctionARN_
-    , _caTokenKeyName = pTokenKeyName_
-    , _caTokenSigningPublicKeys = mempty
-    }
-
-
--- | The status of the create authorizer request.
-caStatus :: Lens' CreateAuthorizer (Maybe AuthorizerStatus)
-caStatus = lens _caStatus (\ s a -> s{_caStatus = a})
-
--- | The authorizer name.
-caAuthorizerName :: Lens' CreateAuthorizer Text
-caAuthorizerName = lens _caAuthorizerName (\ s a -> s{_caAuthorizerName = a})
-
--- | The ARN of the authorizer's Lambda function.
-caAuthorizerFunctionARN :: Lens' CreateAuthorizer Text
-caAuthorizerFunctionARN = lens _caAuthorizerFunctionARN (\ s a -> s{_caAuthorizerFunctionARN = a})
-
--- | The name of the token key used to extract the token from the HTTP headers.
-caTokenKeyName :: Lens' CreateAuthorizer Text
-caTokenKeyName = lens _caTokenKeyName (\ s a -> s{_caTokenKeyName = a})
-
--- | The public keys used to verify the digital signature returned by your custom authentication service.
-caTokenSigningPublicKeys :: Lens' CreateAuthorizer (HashMap Text Text)
-caTokenSigningPublicKeys = lens _caTokenSigningPublicKeys (\ s a -> s{_caTokenSigningPublicKeys = a}) . _Map
-
-instance AWSRequest CreateAuthorizer where
-        type Rs CreateAuthorizer = CreateAuthorizerResponse
-        request = postJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 CreateAuthorizerResponse' <$>
-                   (x .?> "authorizerName") <*> (x .?> "authorizerArn")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable CreateAuthorizer where
-
-instance NFData CreateAuthorizer where
-
-instance ToHeaders CreateAuthorizer where
-        toHeaders = const mempty
-
-instance ToJSON CreateAuthorizer where
-        toJSON CreateAuthorizer'{..}
-          = object
-              (catMaybes
-                 [("status" .=) <$> _caStatus,
-                  Just
-                    ("authorizerFunctionArn" .=
-                       _caAuthorizerFunctionARN),
-                  Just ("tokenKeyName" .= _caTokenKeyName),
-                  Just
-                    ("tokenSigningPublicKeys" .=
-                       _caTokenSigningPublicKeys)])
-
-instance ToPath CreateAuthorizer where
-        toPath CreateAuthorizer'{..}
-          = mconcat ["/authorizer/", toBS _caAuthorizerName]
-
-instance ToQuery CreateAuthorizer where
-        toQuery = const mempty
-
--- | /See:/ 'createAuthorizerResponse' smart constructor.
-data CreateAuthorizerResponse = CreateAuthorizerResponse'
-  { _carsAuthorizerName :: !(Maybe Text)
-  , _carsAuthorizerARN  :: !(Maybe Text)
-  , _carsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CreateAuthorizerResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'carsAuthorizerName' - The authorizer's name.
---
--- * 'carsAuthorizerARN' - The authorizer ARN.
---
--- * 'carsResponseStatus' - -- | The response status code.
-createAuthorizerResponse
-    :: Int -- ^ 'carsResponseStatus'
-    -> CreateAuthorizerResponse
-createAuthorizerResponse pResponseStatus_ =
-  CreateAuthorizerResponse'
-    { _carsAuthorizerName = Nothing
-    , _carsAuthorizerARN = Nothing
-    , _carsResponseStatus = pResponseStatus_
-    }
-
-
--- | The authorizer's name.
-carsAuthorizerName :: Lens' CreateAuthorizerResponse (Maybe Text)
-carsAuthorizerName = lens _carsAuthorizerName (\ s a -> s{_carsAuthorizerName = a})
-
--- | The authorizer ARN.
-carsAuthorizerARN :: Lens' CreateAuthorizerResponse (Maybe Text)
-carsAuthorizerARN = lens _carsAuthorizerARN (\ s a -> s{_carsAuthorizerARN = a})
-
--- | -- | The response status code.
-carsResponseStatus :: Lens' CreateAuthorizerResponse Int
-carsResponseStatus = lens _carsResponseStatus (\ s a -> s{_carsResponseStatus = a})
-
-instance NFData CreateAuthorizerResponse where
diff --git a/gen/Network/AWS/IoT/CreateCertificateFromCSR.hs b/gen/Network/AWS/IoT/CreateCertificateFromCSR.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/CreateCertificateFromCSR.hs
+++ /dev/null
@@ -1,199 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.CreateCertificateFromCSR
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Creates an X.509 certificate using the specified certificate signing request.
---
---
--- __Note:__ The CSR must include a public key that is either an RSA key with a length of at least 2048 bits or an ECC key from NIST P-256 or NIST P-384 curves.
---
--- __Note:__ Reusing the same certificate signing request (CSR) results in a distinct certificate.
---
--- You can create multiple certificates in a batch by creating a directory, copying multiple .csr files into that directory, and then specifying that directory on the command line. The following commands show how to create a batch of certificates given a batch of CSRs.
---
--- Assuming a set of CSRs are located inside of the directory my-csr-directory:
---
--- On Linux and OS X, the command is:
---
--- >  ls my-csr-directory/ | xargs -I {} aws iot create-certificate-from-csr --certificate-signing-request file://my-csr-directory/{}
---
--- This command lists all of the CSRs in my-csr-directory and pipes each CSR file name to the aws iot create-certificate-from-csr AWS CLI command to create a certificate for the corresponding CSR.
---
--- The aws iot create-certificate-from-csr part of the command can also be run in parallel to speed up the certificate creation process:
---
--- >  ls my-csr-directory/ | xargs -P 10 -I {} aws iot create-certificate-from-csr --certificate-signing-request file://my-csr-directory/{}
---
--- On Windows PowerShell, the command to create certificates for all CSRs in my-csr-directory is:
---
--- > ls -Name my-csr-directory | %{aws iot create-certificate-from-csr --certificate-signing-request file://my-csr-directory/$_}
---
--- On a Windows command prompt, the command to create certificates for all CSRs in my-csr-directory is:
---
--- > forfiles /p my-csr-directory /c "cmd /c aws iot create-certificate-from-csr --certificate-signing-request file://@path"
---
-module Network.AWS.IoT.CreateCertificateFromCSR
-    (
-    -- * Creating a Request
-      createCertificateFromCSR
-    , CreateCertificateFromCSR
-    -- * Request Lenses
-    , ccfcsrSetAsActive
-    , ccfcsrCertificateSigningRequest
-
-    -- * Destructuring the Response
-    , createCertificateFromCSRResponse
-    , CreateCertificateFromCSRResponse
-    -- * Response Lenses
-    , ccfcsrrsCertificatePem
-    , ccfcsrrsCertificateARN
-    , ccfcsrrsCertificateId
-    , ccfcsrrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the CreateCertificateFromCsr operation.
---
---
---
--- /See:/ 'createCertificateFromCSR' smart constructor.
-data CreateCertificateFromCSR = CreateCertificateFromCSR'
-  { _ccfcsrSetAsActive               :: !(Maybe Bool)
-  , _ccfcsrCertificateSigningRequest :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CreateCertificateFromCSR' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ccfcsrSetAsActive' - Specifies whether the certificate is active.
---
--- * 'ccfcsrCertificateSigningRequest' - The certificate signing request (CSR).
-createCertificateFromCSR
-    :: Text -- ^ 'ccfcsrCertificateSigningRequest'
-    -> CreateCertificateFromCSR
-createCertificateFromCSR pCertificateSigningRequest_ =
-  CreateCertificateFromCSR'
-    { _ccfcsrSetAsActive = Nothing
-    , _ccfcsrCertificateSigningRequest = pCertificateSigningRequest_
-    }
-
-
--- | Specifies whether the certificate is active.
-ccfcsrSetAsActive :: Lens' CreateCertificateFromCSR (Maybe Bool)
-ccfcsrSetAsActive = lens _ccfcsrSetAsActive (\ s a -> s{_ccfcsrSetAsActive = a})
-
--- | The certificate signing request (CSR).
-ccfcsrCertificateSigningRequest :: Lens' CreateCertificateFromCSR Text
-ccfcsrCertificateSigningRequest = lens _ccfcsrCertificateSigningRequest (\ s a -> s{_ccfcsrCertificateSigningRequest = a})
-
-instance AWSRequest CreateCertificateFromCSR where
-        type Rs CreateCertificateFromCSR =
-             CreateCertificateFromCSRResponse
-        request = postJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 CreateCertificateFromCSRResponse' <$>
-                   (x .?> "certificatePem") <*> (x .?> "certificateArn")
-                     <*> (x .?> "certificateId")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable CreateCertificateFromCSR where
-
-instance NFData CreateCertificateFromCSR where
-
-instance ToHeaders CreateCertificateFromCSR where
-        toHeaders = const mempty
-
-instance ToJSON CreateCertificateFromCSR where
-        toJSON CreateCertificateFromCSR'{..}
-          = object
-              (catMaybes
-                 [Just
-                    ("certificateSigningRequest" .=
-                       _ccfcsrCertificateSigningRequest)])
-
-instance ToPath CreateCertificateFromCSR where
-        toPath = const "/certificates"
-
-instance ToQuery CreateCertificateFromCSR where
-        toQuery CreateCertificateFromCSR'{..}
-          = mconcat ["setAsActive" =: _ccfcsrSetAsActive]
-
--- | The output from the CreateCertificateFromCsr operation.
---
---
---
--- /See:/ 'createCertificateFromCSRResponse' smart constructor.
-data CreateCertificateFromCSRResponse = CreateCertificateFromCSRResponse'
-  { _ccfcsrrsCertificatePem :: !(Maybe Text)
-  , _ccfcsrrsCertificateARN :: !(Maybe Text)
-  , _ccfcsrrsCertificateId  :: !(Maybe Text)
-  , _ccfcsrrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CreateCertificateFromCSRResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ccfcsrrsCertificatePem' - The certificate data, in PEM format.
---
--- * 'ccfcsrrsCertificateARN' - The Amazon Resource Name (ARN) of the certificate. You can use the ARN as a principal for policy operations.
---
--- * 'ccfcsrrsCertificateId' - The ID of the certificate. Certificate management operations only take a certificateId.
---
--- * 'ccfcsrrsResponseStatus' - -- | The response status code.
-createCertificateFromCSRResponse
-    :: Int -- ^ 'ccfcsrrsResponseStatus'
-    -> CreateCertificateFromCSRResponse
-createCertificateFromCSRResponse pResponseStatus_ =
-  CreateCertificateFromCSRResponse'
-    { _ccfcsrrsCertificatePem = Nothing
-    , _ccfcsrrsCertificateARN = Nothing
-    , _ccfcsrrsCertificateId = Nothing
-    , _ccfcsrrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The certificate data, in PEM format.
-ccfcsrrsCertificatePem :: Lens' CreateCertificateFromCSRResponse (Maybe Text)
-ccfcsrrsCertificatePem = lens _ccfcsrrsCertificatePem (\ s a -> s{_ccfcsrrsCertificatePem = a})
-
--- | The Amazon Resource Name (ARN) of the certificate. You can use the ARN as a principal for policy operations.
-ccfcsrrsCertificateARN :: Lens' CreateCertificateFromCSRResponse (Maybe Text)
-ccfcsrrsCertificateARN = lens _ccfcsrrsCertificateARN (\ s a -> s{_ccfcsrrsCertificateARN = a})
-
--- | The ID of the certificate. Certificate management operations only take a certificateId.
-ccfcsrrsCertificateId :: Lens' CreateCertificateFromCSRResponse (Maybe Text)
-ccfcsrrsCertificateId = lens _ccfcsrrsCertificateId (\ s a -> s{_ccfcsrrsCertificateId = a})
-
--- | -- | The response status code.
-ccfcsrrsResponseStatus :: Lens' CreateCertificateFromCSRResponse Int
-ccfcsrrsResponseStatus = lens _ccfcsrrsResponseStatus (\ s a -> s{_ccfcsrrsResponseStatus = a})
-
-instance NFData CreateCertificateFromCSRResponse
-         where
diff --git a/gen/Network/AWS/IoT/CreateJob.hs b/gen/Network/AWS/IoT/CreateJob.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/CreateJob.hs
+++ /dev/null
@@ -1,233 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.CreateJob
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Creates a job.
---
---
-module Network.AWS.IoT.CreateJob
-    (
-    -- * Creating a Request
-      createJob
-    , CreateJob
-    -- * Request Lenses
-    , cjJobExecutionsRolloutConfig
-    , cjDocumentSource
-    , cjDocumentParameters
-    , cjPresignedURLConfig
-    , cjDocument
-    , cjDescription
-    , cjTargetSelection
-    , cjJobId
-    , cjTargets
-
-    -- * Destructuring the Response
-    , createJobResponse
-    , CreateJobResponse
-    -- * Response Lenses
-    , cjrsJobId
-    , cjrsJobARN
-    , cjrsDescription
-    , cjrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'createJob' smart constructor.
-data CreateJob = CreateJob'
-  { _cjJobExecutionsRolloutConfig :: !(Maybe JobExecutionsRolloutConfig)
-  , _cjDocumentSource             :: !(Maybe Text)
-  , _cjDocumentParameters         :: !(Maybe (Map Text Text))
-  , _cjPresignedURLConfig         :: !(Maybe PresignedURLConfig)
-  , _cjDocument                   :: !(Maybe Text)
-  , _cjDescription                :: !(Maybe Text)
-  , _cjTargetSelection            :: !(Maybe TargetSelection)
-  , _cjJobId                      :: !Text
-  , _cjTargets                    :: !(List1 Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CreateJob' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'cjJobExecutionsRolloutConfig' - Allows you to create a staged rollout of the job.
---
--- * 'cjDocumentSource' - An S3 link to the job document.
---
--- * 'cjDocumentParameters' - Parameters for the job document.
---
--- * 'cjPresignedURLConfig' - Configuration information for pre-signed S3 URLs.
---
--- * 'cjDocument' - The job document.
---
--- * 'cjDescription' - A short text description of the job.
---
--- * 'cjTargetSelection' - Specifies whether the job will continue to run (CONTINUOUS), or will be complete after all those things specified as targets have completed the job (SNAPSHOT). If continuous, the job may also be run on a thing when a change is detected in a target. For example, a job will run on a thing when the thing is added to a target group, even after the job was completed by all things originally in the group.
---
--- * 'cjJobId' - A job identifier which must be unique for your AWS account. We recommend using a UUID. Alpha-numeric characters, "-" and "_" are valid for use here.
---
--- * 'cjTargets' - A list of things and thing groups to which the job should be sent.
-createJob
-    :: Text -- ^ 'cjJobId'
-    -> NonEmpty Text -- ^ 'cjTargets'
-    -> CreateJob
-createJob pJobId_ pTargets_ =
-  CreateJob'
-    { _cjJobExecutionsRolloutConfig = Nothing
-    , _cjDocumentSource = Nothing
-    , _cjDocumentParameters = Nothing
-    , _cjPresignedURLConfig = Nothing
-    , _cjDocument = Nothing
-    , _cjDescription = Nothing
-    , _cjTargetSelection = Nothing
-    , _cjJobId = pJobId_
-    , _cjTargets = _List1 # pTargets_
-    }
-
-
--- | Allows you to create a staged rollout of the job.
-cjJobExecutionsRolloutConfig :: Lens' CreateJob (Maybe JobExecutionsRolloutConfig)
-cjJobExecutionsRolloutConfig = lens _cjJobExecutionsRolloutConfig (\ s a -> s{_cjJobExecutionsRolloutConfig = a})
-
--- | An S3 link to the job document.
-cjDocumentSource :: Lens' CreateJob (Maybe Text)
-cjDocumentSource = lens _cjDocumentSource (\ s a -> s{_cjDocumentSource = a})
-
--- | Parameters for the job document.
-cjDocumentParameters :: Lens' CreateJob (HashMap Text Text)
-cjDocumentParameters = lens _cjDocumentParameters (\ s a -> s{_cjDocumentParameters = a}) . _Default . _Map
-
--- | Configuration information for pre-signed S3 URLs.
-cjPresignedURLConfig :: Lens' CreateJob (Maybe PresignedURLConfig)
-cjPresignedURLConfig = lens _cjPresignedURLConfig (\ s a -> s{_cjPresignedURLConfig = a})
-
--- | The job document.
-cjDocument :: Lens' CreateJob (Maybe Text)
-cjDocument = lens _cjDocument (\ s a -> s{_cjDocument = a})
-
--- | A short text description of the job.
-cjDescription :: Lens' CreateJob (Maybe Text)
-cjDescription = lens _cjDescription (\ s a -> s{_cjDescription = a})
-
--- | Specifies whether the job will continue to run (CONTINUOUS), or will be complete after all those things specified as targets have completed the job (SNAPSHOT). If continuous, the job may also be run on a thing when a change is detected in a target. For example, a job will run on a thing when the thing is added to a target group, even after the job was completed by all things originally in the group.
-cjTargetSelection :: Lens' CreateJob (Maybe TargetSelection)
-cjTargetSelection = lens _cjTargetSelection (\ s a -> s{_cjTargetSelection = a})
-
--- | A job identifier which must be unique for your AWS account. We recommend using a UUID. Alpha-numeric characters, "-" and "_" are valid for use here.
-cjJobId :: Lens' CreateJob Text
-cjJobId = lens _cjJobId (\ s a -> s{_cjJobId = a})
-
--- | A list of things and thing groups to which the job should be sent.
-cjTargets :: Lens' CreateJob (NonEmpty Text)
-cjTargets = lens _cjTargets (\ s a -> s{_cjTargets = a}) . _List1
-
-instance AWSRequest CreateJob where
-        type Rs CreateJob = CreateJobResponse
-        request = putJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 CreateJobResponse' <$>
-                   (x .?> "jobId") <*> (x .?> "jobArn") <*>
-                     (x .?> "description")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable CreateJob where
-
-instance NFData CreateJob where
-
-instance ToHeaders CreateJob where
-        toHeaders = const mempty
-
-instance ToJSON CreateJob where
-        toJSON CreateJob'{..}
-          = object
-              (catMaybes
-                 [("jobExecutionsRolloutConfig" .=) <$>
-                    _cjJobExecutionsRolloutConfig,
-                  ("documentSource" .=) <$> _cjDocumentSource,
-                  ("documentParameters" .=) <$> _cjDocumentParameters,
-                  ("presignedUrlConfig" .=) <$> _cjPresignedURLConfig,
-                  ("document" .=) <$> _cjDocument,
-                  ("description" .=) <$> _cjDescription,
-                  ("targetSelection" .=) <$> _cjTargetSelection,
-                  Just ("targets" .= _cjTargets)])
-
-instance ToPath CreateJob where
-        toPath CreateJob'{..}
-          = mconcat ["/jobs/", toBS _cjJobId]
-
-instance ToQuery CreateJob where
-        toQuery = const mempty
-
--- | /See:/ 'createJobResponse' smart constructor.
-data CreateJobResponse = CreateJobResponse'
-  { _cjrsJobId          :: !(Maybe Text)
-  , _cjrsJobARN         :: !(Maybe Text)
-  , _cjrsDescription    :: !(Maybe Text)
-  , _cjrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CreateJobResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'cjrsJobId' - The unique identifier you assigned to this job.
---
--- * 'cjrsJobARN' - The job ARN.
---
--- * 'cjrsDescription' - The job description.
---
--- * 'cjrsResponseStatus' - -- | The response status code.
-createJobResponse
-    :: Int -- ^ 'cjrsResponseStatus'
-    -> CreateJobResponse
-createJobResponse pResponseStatus_ =
-  CreateJobResponse'
-    { _cjrsJobId = Nothing
-    , _cjrsJobARN = Nothing
-    , _cjrsDescription = Nothing
-    , _cjrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The unique identifier you assigned to this job.
-cjrsJobId :: Lens' CreateJobResponse (Maybe Text)
-cjrsJobId = lens _cjrsJobId (\ s a -> s{_cjrsJobId = a})
-
--- | The job ARN.
-cjrsJobARN :: Lens' CreateJobResponse (Maybe Text)
-cjrsJobARN = lens _cjrsJobARN (\ s a -> s{_cjrsJobARN = a})
-
--- | The job description.
-cjrsDescription :: Lens' CreateJobResponse (Maybe Text)
-cjrsDescription = lens _cjrsDescription (\ s a -> s{_cjrsDescription = a})
-
--- | -- | The response status code.
-cjrsResponseStatus :: Lens' CreateJobResponse Int
-cjrsResponseStatus = lens _cjrsResponseStatus (\ s a -> s{_cjrsResponseStatus = a})
-
-instance NFData CreateJobResponse where
diff --git a/gen/Network/AWS/IoT/CreateKeysAndCertificate.hs b/gen/Network/AWS/IoT/CreateKeysAndCertificate.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/CreateKeysAndCertificate.hs
+++ /dev/null
@@ -1,168 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.CreateKeysAndCertificate
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Creates a 2048-bit RSA key pair and issues an X.509 certificate using the issued public key.
---
---
--- __Note__ This is the only time AWS IoT issues the private key for this certificate, so it is important to keep it in a secure location.
---
-module Network.AWS.IoT.CreateKeysAndCertificate
-    (
-    -- * Creating a Request
-      createKeysAndCertificate
-    , CreateKeysAndCertificate
-    -- * Request Lenses
-    , ckacSetAsActive
-
-    -- * Destructuring the Response
-    , createKeysAndCertificateResponse
-    , CreateKeysAndCertificateResponse
-    -- * Response Lenses
-    , ckacrsKeyPair
-    , ckacrsCertificatePem
-    , ckacrsCertificateARN
-    , ckacrsCertificateId
-    , ckacrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the CreateKeysAndCertificate operation.
---
---
---
--- /See:/ 'createKeysAndCertificate' smart constructor.
-newtype CreateKeysAndCertificate = CreateKeysAndCertificate'
-  { _ckacSetAsActive :: Maybe Bool
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CreateKeysAndCertificate' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ckacSetAsActive' - Specifies whether the certificate is active.
-createKeysAndCertificate
-    :: CreateKeysAndCertificate
-createKeysAndCertificate =
-  CreateKeysAndCertificate' {_ckacSetAsActive = Nothing}
-
-
--- | Specifies whether the certificate is active.
-ckacSetAsActive :: Lens' CreateKeysAndCertificate (Maybe Bool)
-ckacSetAsActive = lens _ckacSetAsActive (\ s a -> s{_ckacSetAsActive = a})
-
-instance AWSRequest CreateKeysAndCertificate where
-        type Rs CreateKeysAndCertificate =
-             CreateKeysAndCertificateResponse
-        request = postJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 CreateKeysAndCertificateResponse' <$>
-                   (x .?> "keyPair") <*> (x .?> "certificatePem") <*>
-                     (x .?> "certificateArn")
-                     <*> (x .?> "certificateId")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable CreateKeysAndCertificate where
-
-instance NFData CreateKeysAndCertificate where
-
-instance ToHeaders CreateKeysAndCertificate where
-        toHeaders = const mempty
-
-instance ToJSON CreateKeysAndCertificate where
-        toJSON = const (Object mempty)
-
-instance ToPath CreateKeysAndCertificate where
-        toPath = const "/keys-and-certificate"
-
-instance ToQuery CreateKeysAndCertificate where
-        toQuery CreateKeysAndCertificate'{..}
-          = mconcat ["setAsActive" =: _ckacSetAsActive]
-
--- | The output of the CreateKeysAndCertificate operation.
---
---
---
--- /See:/ 'createKeysAndCertificateResponse' smart constructor.
-data CreateKeysAndCertificateResponse = CreateKeysAndCertificateResponse'
-  { _ckacrsKeyPair        :: !(Maybe KeyPair)
-  , _ckacrsCertificatePem :: !(Maybe Text)
-  , _ckacrsCertificateARN :: !(Maybe Text)
-  , _ckacrsCertificateId  :: !(Maybe Text)
-  , _ckacrsResponseStatus :: !Int
-  } deriving (Eq, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CreateKeysAndCertificateResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ckacrsKeyPair' - The generated key pair.
---
--- * 'ckacrsCertificatePem' - The certificate data, in PEM format.
---
--- * 'ckacrsCertificateARN' - The ARN of the certificate.
---
--- * 'ckacrsCertificateId' - The ID of the certificate. AWS IoT issues a default subject name for the certificate (for example, AWS IoT Certificate).
---
--- * 'ckacrsResponseStatus' - -- | The response status code.
-createKeysAndCertificateResponse
-    :: Int -- ^ 'ckacrsResponseStatus'
-    -> CreateKeysAndCertificateResponse
-createKeysAndCertificateResponse pResponseStatus_ =
-  CreateKeysAndCertificateResponse'
-    { _ckacrsKeyPair = Nothing
-    , _ckacrsCertificatePem = Nothing
-    , _ckacrsCertificateARN = Nothing
-    , _ckacrsCertificateId = Nothing
-    , _ckacrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The generated key pair.
-ckacrsKeyPair :: Lens' CreateKeysAndCertificateResponse (Maybe KeyPair)
-ckacrsKeyPair = lens _ckacrsKeyPair (\ s a -> s{_ckacrsKeyPair = a})
-
--- | The certificate data, in PEM format.
-ckacrsCertificatePem :: Lens' CreateKeysAndCertificateResponse (Maybe Text)
-ckacrsCertificatePem = lens _ckacrsCertificatePem (\ s a -> s{_ckacrsCertificatePem = a})
-
--- | The ARN of the certificate.
-ckacrsCertificateARN :: Lens' CreateKeysAndCertificateResponse (Maybe Text)
-ckacrsCertificateARN = lens _ckacrsCertificateARN (\ s a -> s{_ckacrsCertificateARN = a})
-
--- | The ID of the certificate. AWS IoT issues a default subject name for the certificate (for example, AWS IoT Certificate).
-ckacrsCertificateId :: Lens' CreateKeysAndCertificateResponse (Maybe Text)
-ckacrsCertificateId = lens _ckacrsCertificateId (\ s a -> s{_ckacrsCertificateId = a})
-
--- | -- | The response status code.
-ckacrsResponseStatus :: Lens' CreateKeysAndCertificateResponse Int
-ckacrsResponseStatus = lens _ckacrsResponseStatus (\ s a -> s{_ckacrsResponseStatus = a})
-
-instance NFData CreateKeysAndCertificateResponse
-         where
diff --git a/gen/Network/AWS/IoT/CreateOTAUpdate.hs b/gen/Network/AWS/IoT/CreateOTAUpdate.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/CreateOTAUpdate.hs
+++ /dev/null
@@ -1,235 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.CreateOTAUpdate
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Creates an AWS IoT OTAUpdate on a target group of things or groups.
---
---
-module Network.AWS.IoT.CreateOTAUpdate
-    (
-    -- * Creating a Request
-      createOTAUpdate
-    , CreateOTAUpdate
-    -- * Request Lenses
-    , cotauAdditionalParameters
-    , cotauDescription
-    , cotauTargetSelection
-    , cotauOtaUpdateId
-    , cotauTargets
-    , cotauFiles
-    , cotauRoleARN
-
-    -- * Destructuring the Response
-    , createOTAUpdateResponse
-    , CreateOTAUpdateResponse
-    -- * Response Lenses
-    , cotaursAwsIotJobId
-    , cotaursOtaUpdateStatus
-    , cotaursAwsIotJobARN
-    , cotaursOtaUpdateId
-    , cotaursOtaUpdateARN
-    , cotaursResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'createOTAUpdate' smart constructor.
-data CreateOTAUpdate = CreateOTAUpdate'
-  { _cotauAdditionalParameters :: !(Maybe (Map Text Text))
-  , _cotauDescription          :: !(Maybe Text)
-  , _cotauTargetSelection      :: !(Maybe TargetSelection)
-  , _cotauOtaUpdateId          :: !Text
-  , _cotauTargets              :: !(List1 Text)
-  , _cotauFiles                :: !(List1 OTAUpdateFile)
-  , _cotauRoleARN              :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CreateOTAUpdate' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'cotauAdditionalParameters' - A list of additional OTA update parameters which are name-value pairs.
---
--- * 'cotauDescription' - The description of the OTA update.
---
--- * 'cotauTargetSelection' - Specifies whether the update will continue to run (CONTINUOUS), or will be complete after all the things specified as targets have completed the update (SNAPSHOT). If continuous, the update may also be run on a thing when a change is detected in a target. For example, an update will run on a thing when the thing is added to a target group, even after the update was completed by all things originally in the group. Valid values: CONTINUOUS | SNAPSHOT.
---
--- * 'cotauOtaUpdateId' - The ID of the OTA update to be created.
---
--- * 'cotauTargets' - The targeted devices to receive OTA updates.
---
--- * 'cotauFiles' - The files to be streamed by the OTA update.
---
--- * 'cotauRoleARN' - The IAM role that allows access to the AWS IoT Jobs service.
-createOTAUpdate
-    :: Text -- ^ 'cotauOtaUpdateId'
-    -> NonEmpty Text -- ^ 'cotauTargets'
-    -> NonEmpty OTAUpdateFile -- ^ 'cotauFiles'
-    -> Text -- ^ 'cotauRoleARN'
-    -> CreateOTAUpdate
-createOTAUpdate pOtaUpdateId_ pTargets_ pFiles_ pRoleARN_ =
-  CreateOTAUpdate'
-    { _cotauAdditionalParameters = Nothing
-    , _cotauDescription = Nothing
-    , _cotauTargetSelection = Nothing
-    , _cotauOtaUpdateId = pOtaUpdateId_
-    , _cotauTargets = _List1 # pTargets_
-    , _cotauFiles = _List1 # pFiles_
-    , _cotauRoleARN = pRoleARN_
-    }
-
-
--- | A list of additional OTA update parameters which are name-value pairs.
-cotauAdditionalParameters :: Lens' CreateOTAUpdate (HashMap Text Text)
-cotauAdditionalParameters = lens _cotauAdditionalParameters (\ s a -> s{_cotauAdditionalParameters = a}) . _Default . _Map
-
--- | The description of the OTA update.
-cotauDescription :: Lens' CreateOTAUpdate (Maybe Text)
-cotauDescription = lens _cotauDescription (\ s a -> s{_cotauDescription = a})
-
--- | Specifies whether the update will continue to run (CONTINUOUS), or will be complete after all the things specified as targets have completed the update (SNAPSHOT). If continuous, the update may also be run on a thing when a change is detected in a target. For example, an update will run on a thing when the thing is added to a target group, even after the update was completed by all things originally in the group. Valid values: CONTINUOUS | SNAPSHOT.
-cotauTargetSelection :: Lens' CreateOTAUpdate (Maybe TargetSelection)
-cotauTargetSelection = lens _cotauTargetSelection (\ s a -> s{_cotauTargetSelection = a})
-
--- | The ID of the OTA update to be created.
-cotauOtaUpdateId :: Lens' CreateOTAUpdate Text
-cotauOtaUpdateId = lens _cotauOtaUpdateId (\ s a -> s{_cotauOtaUpdateId = a})
-
--- | The targeted devices to receive OTA updates.
-cotauTargets :: Lens' CreateOTAUpdate (NonEmpty Text)
-cotauTargets = lens _cotauTargets (\ s a -> s{_cotauTargets = a}) . _List1
-
--- | The files to be streamed by the OTA update.
-cotauFiles :: Lens' CreateOTAUpdate (NonEmpty OTAUpdateFile)
-cotauFiles = lens _cotauFiles (\ s a -> s{_cotauFiles = a}) . _List1
-
--- | The IAM role that allows access to the AWS IoT Jobs service.
-cotauRoleARN :: Lens' CreateOTAUpdate Text
-cotauRoleARN = lens _cotauRoleARN (\ s a -> s{_cotauRoleARN = a})
-
-instance AWSRequest CreateOTAUpdate where
-        type Rs CreateOTAUpdate = CreateOTAUpdateResponse
-        request = postJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 CreateOTAUpdateResponse' <$>
-                   (x .?> "awsIotJobId") <*> (x .?> "otaUpdateStatus")
-                     <*> (x .?> "awsIotJobArn")
-                     <*> (x .?> "otaUpdateId")
-                     <*> (x .?> "otaUpdateArn")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable CreateOTAUpdate where
-
-instance NFData CreateOTAUpdate where
-
-instance ToHeaders CreateOTAUpdate where
-        toHeaders = const mempty
-
-instance ToJSON CreateOTAUpdate where
-        toJSON CreateOTAUpdate'{..}
-          = object
-              (catMaybes
-                 [("additionalParameters" .=) <$>
-                    _cotauAdditionalParameters,
-                  ("description" .=) <$> _cotauDescription,
-                  ("targetSelection" .=) <$> _cotauTargetSelection,
-                  Just ("targets" .= _cotauTargets),
-                  Just ("files" .= _cotauFiles),
-                  Just ("roleArn" .= _cotauRoleARN)])
-
-instance ToPath CreateOTAUpdate where
-        toPath CreateOTAUpdate'{..}
-          = mconcat ["/otaUpdates/", toBS _cotauOtaUpdateId]
-
-instance ToQuery CreateOTAUpdate where
-        toQuery = const mempty
-
--- | /See:/ 'createOTAUpdateResponse' smart constructor.
-data CreateOTAUpdateResponse = CreateOTAUpdateResponse'
-  { _cotaursAwsIotJobId     :: !(Maybe Text)
-  , _cotaursOtaUpdateStatus :: !(Maybe OTAUpdateStatus)
-  , _cotaursAwsIotJobARN    :: !(Maybe Text)
-  , _cotaursOtaUpdateId     :: !(Maybe Text)
-  , _cotaursOtaUpdateARN    :: !(Maybe Text)
-  , _cotaursResponseStatus  :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CreateOTAUpdateResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'cotaursAwsIotJobId' - The AWS IoT job ID associated with the OTA update.
---
--- * 'cotaursOtaUpdateStatus' - The OTA update status.
---
--- * 'cotaursAwsIotJobARN' - The AWS IoT job ARN associated with the OTA update.
---
--- * 'cotaursOtaUpdateId' - The OTA update ID.
---
--- * 'cotaursOtaUpdateARN' - The OTA update ARN.
---
--- * 'cotaursResponseStatus' - -- | The response status code.
-createOTAUpdateResponse
-    :: Int -- ^ 'cotaursResponseStatus'
-    -> CreateOTAUpdateResponse
-createOTAUpdateResponse pResponseStatus_ =
-  CreateOTAUpdateResponse'
-    { _cotaursAwsIotJobId = Nothing
-    , _cotaursOtaUpdateStatus = Nothing
-    , _cotaursAwsIotJobARN = Nothing
-    , _cotaursOtaUpdateId = Nothing
-    , _cotaursOtaUpdateARN = Nothing
-    , _cotaursResponseStatus = pResponseStatus_
-    }
-
-
--- | The AWS IoT job ID associated with the OTA update.
-cotaursAwsIotJobId :: Lens' CreateOTAUpdateResponse (Maybe Text)
-cotaursAwsIotJobId = lens _cotaursAwsIotJobId (\ s a -> s{_cotaursAwsIotJobId = a})
-
--- | The OTA update status.
-cotaursOtaUpdateStatus :: Lens' CreateOTAUpdateResponse (Maybe OTAUpdateStatus)
-cotaursOtaUpdateStatus = lens _cotaursOtaUpdateStatus (\ s a -> s{_cotaursOtaUpdateStatus = a})
-
--- | The AWS IoT job ARN associated with the OTA update.
-cotaursAwsIotJobARN :: Lens' CreateOTAUpdateResponse (Maybe Text)
-cotaursAwsIotJobARN = lens _cotaursAwsIotJobARN (\ s a -> s{_cotaursAwsIotJobARN = a})
-
--- | The OTA update ID.
-cotaursOtaUpdateId :: Lens' CreateOTAUpdateResponse (Maybe Text)
-cotaursOtaUpdateId = lens _cotaursOtaUpdateId (\ s a -> s{_cotaursOtaUpdateId = a})
-
--- | The OTA update ARN.
-cotaursOtaUpdateARN :: Lens' CreateOTAUpdateResponse (Maybe Text)
-cotaursOtaUpdateARN = lens _cotaursOtaUpdateARN (\ s a -> s{_cotaursOtaUpdateARN = a})
-
--- | -- | The response status code.
-cotaursResponseStatus :: Lens' CreateOTAUpdateResponse Int
-cotaursResponseStatus = lens _cotaursResponseStatus (\ s a -> s{_cotaursResponseStatus = a})
-
-instance NFData CreateOTAUpdateResponse where
diff --git a/gen/Network/AWS/IoT/CreatePolicy.hs b/gen/Network/AWS/IoT/CreatePolicy.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/CreatePolicy.hs
+++ /dev/null
@@ -1,180 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.CreatePolicy
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Creates an AWS IoT policy.
---
---
--- The created policy is the default version for the policy. This operation creates a policy version with a version identifier of __1__ and sets __1__ as the policy's default version.
---
-module Network.AWS.IoT.CreatePolicy
-    (
-    -- * Creating a Request
-      createPolicy
-    , CreatePolicy
-    -- * Request Lenses
-    , cpPolicyName
-    , cpPolicyDocument
-
-    -- * Destructuring the Response
-    , createPolicyResponse
-    , CreatePolicyResponse
-    -- * Response Lenses
-    , cprsPolicyName
-    , cprsPolicyDocument
-    , cprsPolicyVersionId
-    , cprsPolicyARN
-    , cprsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the CreatePolicy operation.
---
---
---
--- /See:/ 'createPolicy' smart constructor.
-data CreatePolicy = CreatePolicy'
-  { _cpPolicyName     :: !Text
-  , _cpPolicyDocument :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CreatePolicy' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'cpPolicyName' - The policy name.
---
--- * 'cpPolicyDocument' - The JSON document that describes the policy. __policyDocument__ must have a minimum length of 1, with a maximum length of 2048, excluding whitespace.
-createPolicy
-    :: Text -- ^ 'cpPolicyName'
-    -> Text -- ^ 'cpPolicyDocument'
-    -> CreatePolicy
-createPolicy pPolicyName_ pPolicyDocument_ =
-  CreatePolicy'
-    {_cpPolicyName = pPolicyName_, _cpPolicyDocument = pPolicyDocument_}
-
-
--- | The policy name.
-cpPolicyName :: Lens' CreatePolicy Text
-cpPolicyName = lens _cpPolicyName (\ s a -> s{_cpPolicyName = a})
-
--- | The JSON document that describes the policy. __policyDocument__ must have a minimum length of 1, with a maximum length of 2048, excluding whitespace.
-cpPolicyDocument :: Lens' CreatePolicy Text
-cpPolicyDocument = lens _cpPolicyDocument (\ s a -> s{_cpPolicyDocument = a})
-
-instance AWSRequest CreatePolicy where
-        type Rs CreatePolicy = CreatePolicyResponse
-        request = postJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 CreatePolicyResponse' <$>
-                   (x .?> "policyName") <*> (x .?> "policyDocument") <*>
-                     (x .?> "policyVersionId")
-                     <*> (x .?> "policyArn")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable CreatePolicy where
-
-instance NFData CreatePolicy where
-
-instance ToHeaders CreatePolicy where
-        toHeaders = const mempty
-
-instance ToJSON CreatePolicy where
-        toJSON CreatePolicy'{..}
-          = object
-              (catMaybes
-                 [Just ("policyDocument" .= _cpPolicyDocument)])
-
-instance ToPath CreatePolicy where
-        toPath CreatePolicy'{..}
-          = mconcat ["/policies/", toBS _cpPolicyName]
-
-instance ToQuery CreatePolicy where
-        toQuery = const mempty
-
--- | The output from the CreatePolicy operation.
---
---
---
--- /See:/ 'createPolicyResponse' smart constructor.
-data CreatePolicyResponse = CreatePolicyResponse'
-  { _cprsPolicyName      :: !(Maybe Text)
-  , _cprsPolicyDocument  :: !(Maybe Text)
-  , _cprsPolicyVersionId :: !(Maybe Text)
-  , _cprsPolicyARN       :: !(Maybe Text)
-  , _cprsResponseStatus  :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CreatePolicyResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'cprsPolicyName' - The policy name.
---
--- * 'cprsPolicyDocument' - The JSON document that describes the policy.
---
--- * 'cprsPolicyVersionId' - The policy version ID.
---
--- * 'cprsPolicyARN' - The policy ARN.
---
--- * 'cprsResponseStatus' - -- | The response status code.
-createPolicyResponse
-    :: Int -- ^ 'cprsResponseStatus'
-    -> CreatePolicyResponse
-createPolicyResponse pResponseStatus_ =
-  CreatePolicyResponse'
-    { _cprsPolicyName = Nothing
-    , _cprsPolicyDocument = Nothing
-    , _cprsPolicyVersionId = Nothing
-    , _cprsPolicyARN = Nothing
-    , _cprsResponseStatus = pResponseStatus_
-    }
-
-
--- | The policy name.
-cprsPolicyName :: Lens' CreatePolicyResponse (Maybe Text)
-cprsPolicyName = lens _cprsPolicyName (\ s a -> s{_cprsPolicyName = a})
-
--- | The JSON document that describes the policy.
-cprsPolicyDocument :: Lens' CreatePolicyResponse (Maybe Text)
-cprsPolicyDocument = lens _cprsPolicyDocument (\ s a -> s{_cprsPolicyDocument = a})
-
--- | The policy version ID.
-cprsPolicyVersionId :: Lens' CreatePolicyResponse (Maybe Text)
-cprsPolicyVersionId = lens _cprsPolicyVersionId (\ s a -> s{_cprsPolicyVersionId = a})
-
--- | The policy ARN.
-cprsPolicyARN :: Lens' CreatePolicyResponse (Maybe Text)
-cprsPolicyARN = lens _cprsPolicyARN (\ s a -> s{_cprsPolicyARN = a})
-
--- | -- | The response status code.
-cprsResponseStatus :: Lens' CreatePolicyResponse Int
-cprsResponseStatus = lens _cprsResponseStatus (\ s a -> s{_cprsResponseStatus = a})
-
-instance NFData CreatePolicyResponse where
diff --git a/gen/Network/AWS/IoT/CreatePolicyVersion.hs b/gen/Network/AWS/IoT/CreatePolicyVersion.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/CreatePolicyVersion.hs
+++ /dev/null
@@ -1,195 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.CreatePolicyVersion
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Creates a new version of the specified AWS IoT policy. To update a policy, create a new policy version. A managed policy can have up to five versions. If the policy has five versions, you must use 'DeletePolicyVersion' to delete an existing version before you create a new one.
---
---
--- Optionally, you can set the new version as the policy's default version. The default version is the operative version (that is, the version that is in effect for the certificates to which the policy is attached).
---
-module Network.AWS.IoT.CreatePolicyVersion
-    (
-    -- * Creating a Request
-      createPolicyVersion
-    , CreatePolicyVersion
-    -- * Request Lenses
-    , cpvSetAsDefault
-    , cpvPolicyName
-    , cpvPolicyDocument
-
-    -- * Destructuring the Response
-    , createPolicyVersionResponse
-    , CreatePolicyVersionResponse
-    -- * Response Lenses
-    , cpvrsPolicyDocument
-    , cpvrsPolicyVersionId
-    , cpvrsPolicyARN
-    , cpvrsIsDefaultVersion
-    , cpvrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the CreatePolicyVersion operation.
---
---
---
--- /See:/ 'createPolicyVersion' smart constructor.
-data CreatePolicyVersion = CreatePolicyVersion'
-  { _cpvSetAsDefault   :: !(Maybe Bool)
-  , _cpvPolicyName     :: !Text
-  , _cpvPolicyDocument :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CreatePolicyVersion' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'cpvSetAsDefault' - Specifies whether the policy version is set as the default. When this parameter is true, the new policy version becomes the operative version (that is, the version that is in effect for the certificates to which the policy is attached).
---
--- * 'cpvPolicyName' - The policy name.
---
--- * 'cpvPolicyDocument' - The JSON document that describes the policy. Minimum length of 1. Maximum length of 2048, excluding whitespace.
-createPolicyVersion
-    :: Text -- ^ 'cpvPolicyName'
-    -> Text -- ^ 'cpvPolicyDocument'
-    -> CreatePolicyVersion
-createPolicyVersion pPolicyName_ pPolicyDocument_ =
-  CreatePolicyVersion'
-    { _cpvSetAsDefault = Nothing
-    , _cpvPolicyName = pPolicyName_
-    , _cpvPolicyDocument = pPolicyDocument_
-    }
-
-
--- | Specifies whether the policy version is set as the default. When this parameter is true, the new policy version becomes the operative version (that is, the version that is in effect for the certificates to which the policy is attached).
-cpvSetAsDefault :: Lens' CreatePolicyVersion (Maybe Bool)
-cpvSetAsDefault = lens _cpvSetAsDefault (\ s a -> s{_cpvSetAsDefault = a})
-
--- | The policy name.
-cpvPolicyName :: Lens' CreatePolicyVersion Text
-cpvPolicyName = lens _cpvPolicyName (\ s a -> s{_cpvPolicyName = a})
-
--- | The JSON document that describes the policy. Minimum length of 1. Maximum length of 2048, excluding whitespace.
-cpvPolicyDocument :: Lens' CreatePolicyVersion Text
-cpvPolicyDocument = lens _cpvPolicyDocument (\ s a -> s{_cpvPolicyDocument = a})
-
-instance AWSRequest CreatePolicyVersion where
-        type Rs CreatePolicyVersion =
-             CreatePolicyVersionResponse
-        request = postJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 CreatePolicyVersionResponse' <$>
-                   (x .?> "policyDocument") <*>
-                     (x .?> "policyVersionId")
-                     <*> (x .?> "policyArn")
-                     <*> (x .?> "isDefaultVersion")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable CreatePolicyVersion where
-
-instance NFData CreatePolicyVersion where
-
-instance ToHeaders CreatePolicyVersion where
-        toHeaders = const mempty
-
-instance ToJSON CreatePolicyVersion where
-        toJSON CreatePolicyVersion'{..}
-          = object
-              (catMaybes
-                 [Just ("policyDocument" .= _cpvPolicyDocument)])
-
-instance ToPath CreatePolicyVersion where
-        toPath CreatePolicyVersion'{..}
-          = mconcat
-              ["/policies/", toBS _cpvPolicyName, "/version"]
-
-instance ToQuery CreatePolicyVersion where
-        toQuery CreatePolicyVersion'{..}
-          = mconcat ["setAsDefault" =: _cpvSetAsDefault]
-
--- | The output of the CreatePolicyVersion operation.
---
---
---
--- /See:/ 'createPolicyVersionResponse' smart constructor.
-data CreatePolicyVersionResponse = CreatePolicyVersionResponse'
-  { _cpvrsPolicyDocument   :: !(Maybe Text)
-  , _cpvrsPolicyVersionId  :: !(Maybe Text)
-  , _cpvrsPolicyARN        :: !(Maybe Text)
-  , _cpvrsIsDefaultVersion :: !(Maybe Bool)
-  , _cpvrsResponseStatus   :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CreatePolicyVersionResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'cpvrsPolicyDocument' - The JSON document that describes the policy.
---
--- * 'cpvrsPolicyVersionId' - The policy version ID.
---
--- * 'cpvrsPolicyARN' - The policy ARN.
---
--- * 'cpvrsIsDefaultVersion' - Specifies whether the policy version is the default.
---
--- * 'cpvrsResponseStatus' - -- | The response status code.
-createPolicyVersionResponse
-    :: Int -- ^ 'cpvrsResponseStatus'
-    -> CreatePolicyVersionResponse
-createPolicyVersionResponse pResponseStatus_ =
-  CreatePolicyVersionResponse'
-    { _cpvrsPolicyDocument = Nothing
-    , _cpvrsPolicyVersionId = Nothing
-    , _cpvrsPolicyARN = Nothing
-    , _cpvrsIsDefaultVersion = Nothing
-    , _cpvrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The JSON document that describes the policy.
-cpvrsPolicyDocument :: Lens' CreatePolicyVersionResponse (Maybe Text)
-cpvrsPolicyDocument = lens _cpvrsPolicyDocument (\ s a -> s{_cpvrsPolicyDocument = a})
-
--- | The policy version ID.
-cpvrsPolicyVersionId :: Lens' CreatePolicyVersionResponse (Maybe Text)
-cpvrsPolicyVersionId = lens _cpvrsPolicyVersionId (\ s a -> s{_cpvrsPolicyVersionId = a})
-
--- | The policy ARN.
-cpvrsPolicyARN :: Lens' CreatePolicyVersionResponse (Maybe Text)
-cpvrsPolicyARN = lens _cpvrsPolicyARN (\ s a -> s{_cpvrsPolicyARN = a})
-
--- | Specifies whether the policy version is the default.
-cpvrsIsDefaultVersion :: Lens' CreatePolicyVersionResponse (Maybe Bool)
-cpvrsIsDefaultVersion = lens _cpvrsIsDefaultVersion (\ s a -> s{_cpvrsIsDefaultVersion = a})
-
--- | -- | The response status code.
-cpvrsResponseStatus :: Lens' CreatePolicyVersionResponse Int
-cpvrsResponseStatus = lens _cpvrsResponseStatus (\ s a -> s{_cpvrsResponseStatus = a})
-
-instance NFData CreatePolicyVersionResponse where
diff --git a/gen/Network/AWS/IoT/CreateRoleAlias.hs b/gen/Network/AWS/IoT/CreateRoleAlias.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/CreateRoleAlias.hs
+++ /dev/null
@@ -1,163 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.CreateRoleAlias
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Creates a role alias.
---
---
-module Network.AWS.IoT.CreateRoleAlias
-    (
-    -- * Creating a Request
-      createRoleAlias
-    , CreateRoleAlias
-    -- * Request Lenses
-    , craCredentialDurationSeconds
-    , craRoleAlias
-    , craRoleARN
-
-    -- * Destructuring the Response
-    , createRoleAliasResponse
-    , CreateRoleAliasResponse
-    -- * Response Lenses
-    , crarsRoleAliasARN
-    , crarsRoleAlias
-    , crarsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'createRoleAlias' smart constructor.
-data CreateRoleAlias = CreateRoleAlias'
-  { _craCredentialDurationSeconds :: !(Maybe Nat)
-  , _craRoleAlias                 :: !Text
-  , _craRoleARN                   :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CreateRoleAlias' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'craCredentialDurationSeconds' - How long (in seconds) the credentials will be valid.
---
--- * 'craRoleAlias' - The role alias that points to a role ARN. This allows you to change the role without having to update the device.
---
--- * 'craRoleARN' - The role ARN.
-createRoleAlias
-    :: Text -- ^ 'craRoleAlias'
-    -> Text -- ^ 'craRoleARN'
-    -> CreateRoleAlias
-createRoleAlias pRoleAlias_ pRoleARN_ =
-  CreateRoleAlias'
-    { _craCredentialDurationSeconds = Nothing
-    , _craRoleAlias = pRoleAlias_
-    , _craRoleARN = pRoleARN_
-    }
-
-
--- | How long (in seconds) the credentials will be valid.
-craCredentialDurationSeconds :: Lens' CreateRoleAlias (Maybe Natural)
-craCredentialDurationSeconds = lens _craCredentialDurationSeconds (\ s a -> s{_craCredentialDurationSeconds = a}) . mapping _Nat
-
--- | The role alias that points to a role ARN. This allows you to change the role without having to update the device.
-craRoleAlias :: Lens' CreateRoleAlias Text
-craRoleAlias = lens _craRoleAlias (\ s a -> s{_craRoleAlias = a})
-
--- | The role ARN.
-craRoleARN :: Lens' CreateRoleAlias Text
-craRoleARN = lens _craRoleARN (\ s a -> s{_craRoleARN = a})
-
-instance AWSRequest CreateRoleAlias where
-        type Rs CreateRoleAlias = CreateRoleAliasResponse
-        request = postJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 CreateRoleAliasResponse' <$>
-                   (x .?> "roleAliasArn") <*> (x .?> "roleAlias") <*>
-                     (pure (fromEnum s)))
-
-instance Hashable CreateRoleAlias where
-
-instance NFData CreateRoleAlias where
-
-instance ToHeaders CreateRoleAlias where
-        toHeaders = const mempty
-
-instance ToJSON CreateRoleAlias where
-        toJSON CreateRoleAlias'{..}
-          = object
-              (catMaybes
-                 [("credentialDurationSeconds" .=) <$>
-                    _craCredentialDurationSeconds,
-                  Just ("roleArn" .= _craRoleARN)])
-
-instance ToPath CreateRoleAlias where
-        toPath CreateRoleAlias'{..}
-          = mconcat ["/role-aliases/", toBS _craRoleAlias]
-
-instance ToQuery CreateRoleAlias where
-        toQuery = const mempty
-
--- | /See:/ 'createRoleAliasResponse' smart constructor.
-data CreateRoleAliasResponse = CreateRoleAliasResponse'
-  { _crarsRoleAliasARN   :: !(Maybe Text)
-  , _crarsRoleAlias      :: !(Maybe Text)
-  , _crarsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CreateRoleAliasResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'crarsRoleAliasARN' - The role alias ARN.
---
--- * 'crarsRoleAlias' - The role alias.
---
--- * 'crarsResponseStatus' - -- | The response status code.
-createRoleAliasResponse
-    :: Int -- ^ 'crarsResponseStatus'
-    -> CreateRoleAliasResponse
-createRoleAliasResponse pResponseStatus_ =
-  CreateRoleAliasResponse'
-    { _crarsRoleAliasARN = Nothing
-    , _crarsRoleAlias = Nothing
-    , _crarsResponseStatus = pResponseStatus_
-    }
-
-
--- | The role alias ARN.
-crarsRoleAliasARN :: Lens' CreateRoleAliasResponse (Maybe Text)
-crarsRoleAliasARN = lens _crarsRoleAliasARN (\ s a -> s{_crarsRoleAliasARN = a})
-
--- | The role alias.
-crarsRoleAlias :: Lens' CreateRoleAliasResponse (Maybe Text)
-crarsRoleAlias = lens _crarsRoleAlias (\ s a -> s{_crarsRoleAlias = a})
-
--- | -- | The response status code.
-crarsResponseStatus :: Lens' CreateRoleAliasResponse Int
-crarsResponseStatus = lens _crarsResponseStatus (\ s a -> s{_crarsResponseStatus = a})
-
-instance NFData CreateRoleAliasResponse where
diff --git a/gen/Network/AWS/IoT/CreateStream.hs b/gen/Network/AWS/IoT/CreateStream.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/CreateStream.hs
+++ /dev/null
@@ -1,193 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.CreateStream
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Creates a stream for delivering one or more large files in chunks over MQTT. A stream transports data bytes in chunks or blocks packaged as MQTT messages from a source like S3. You can have one or more files associated with a stream. The total size of a file associated with the stream cannot exceed more than 2 MB. The stream will be created with version 0. If a stream is created with the same streamID as a stream that existed and was deleted within last 90 days, we will resurrect that old stream by incrementing the version by 1.
---
---
-module Network.AWS.IoT.CreateStream
-    (
-    -- * Creating a Request
-      createStream
-    , CreateStream
-    -- * Request Lenses
-    , csDescription
-    , csStreamId
-    , csFiles
-    , csRoleARN
-
-    -- * Destructuring the Response
-    , createStreamResponse
-    , CreateStreamResponse
-    -- * Response Lenses
-    , csrsStreamVersion
-    , csrsStreamARN
-    , csrsDescription
-    , csrsStreamId
-    , csrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'createStream' smart constructor.
-data CreateStream = CreateStream'
-  { _csDescription :: !(Maybe Text)
-  , _csStreamId    :: !Text
-  , _csFiles       :: !(List1 StreamFile)
-  , _csRoleARN     :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CreateStream' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'csDescription' - A description of the stream.
---
--- * 'csStreamId' - The stream ID.
---
--- * 'csFiles' - The files to stream.
---
--- * 'csRoleARN' - An IAM role that allows the IoT service principal assumes to access your S3 files.
-createStream
-    :: Text -- ^ 'csStreamId'
-    -> NonEmpty StreamFile -- ^ 'csFiles'
-    -> Text -- ^ 'csRoleARN'
-    -> CreateStream
-createStream pStreamId_ pFiles_ pRoleARN_ =
-  CreateStream'
-    { _csDescription = Nothing
-    , _csStreamId = pStreamId_
-    , _csFiles = _List1 # pFiles_
-    , _csRoleARN = pRoleARN_
-    }
-
-
--- | A description of the stream.
-csDescription :: Lens' CreateStream (Maybe Text)
-csDescription = lens _csDescription (\ s a -> s{_csDescription = a})
-
--- | The stream ID.
-csStreamId :: Lens' CreateStream Text
-csStreamId = lens _csStreamId (\ s a -> s{_csStreamId = a})
-
--- | The files to stream.
-csFiles :: Lens' CreateStream (NonEmpty StreamFile)
-csFiles = lens _csFiles (\ s a -> s{_csFiles = a}) . _List1
-
--- | An IAM role that allows the IoT service principal assumes to access your S3 files.
-csRoleARN :: Lens' CreateStream Text
-csRoleARN = lens _csRoleARN (\ s a -> s{_csRoleARN = a})
-
-instance AWSRequest CreateStream where
-        type Rs CreateStream = CreateStreamResponse
-        request = postJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 CreateStreamResponse' <$>
-                   (x .?> "streamVersion") <*> (x .?> "streamArn") <*>
-                     (x .?> "description")
-                     <*> (x .?> "streamId")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable CreateStream where
-
-instance NFData CreateStream where
-
-instance ToHeaders CreateStream where
-        toHeaders = const mempty
-
-instance ToJSON CreateStream where
-        toJSON CreateStream'{..}
-          = object
-              (catMaybes
-                 [("description" .=) <$> _csDescription,
-                  Just ("files" .= _csFiles),
-                  Just ("roleArn" .= _csRoleARN)])
-
-instance ToPath CreateStream where
-        toPath CreateStream'{..}
-          = mconcat ["/streams/", toBS _csStreamId]
-
-instance ToQuery CreateStream where
-        toQuery = const mempty
-
--- | /See:/ 'createStreamResponse' smart constructor.
-data CreateStreamResponse = CreateStreamResponse'
-  { _csrsStreamVersion  :: !(Maybe Nat)
-  , _csrsStreamARN      :: !(Maybe Text)
-  , _csrsDescription    :: !(Maybe Text)
-  , _csrsStreamId       :: !(Maybe Text)
-  , _csrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CreateStreamResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'csrsStreamVersion' - The version of the stream.
---
--- * 'csrsStreamARN' - The stream ARN.
---
--- * 'csrsDescription' - A description of the stream.
---
--- * 'csrsStreamId' - The stream ID.
---
--- * 'csrsResponseStatus' - -- | The response status code.
-createStreamResponse
-    :: Int -- ^ 'csrsResponseStatus'
-    -> CreateStreamResponse
-createStreamResponse pResponseStatus_ =
-  CreateStreamResponse'
-    { _csrsStreamVersion = Nothing
-    , _csrsStreamARN = Nothing
-    , _csrsDescription = Nothing
-    , _csrsStreamId = Nothing
-    , _csrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The version of the stream.
-csrsStreamVersion :: Lens' CreateStreamResponse (Maybe Natural)
-csrsStreamVersion = lens _csrsStreamVersion (\ s a -> s{_csrsStreamVersion = a}) . mapping _Nat
-
--- | The stream ARN.
-csrsStreamARN :: Lens' CreateStreamResponse (Maybe Text)
-csrsStreamARN = lens _csrsStreamARN (\ s a -> s{_csrsStreamARN = a})
-
--- | A description of the stream.
-csrsDescription :: Lens' CreateStreamResponse (Maybe Text)
-csrsDescription = lens _csrsDescription (\ s a -> s{_csrsDescription = a})
-
--- | The stream ID.
-csrsStreamId :: Lens' CreateStreamResponse (Maybe Text)
-csrsStreamId = lens _csrsStreamId (\ s a -> s{_csrsStreamId = a})
-
--- | -- | The response status code.
-csrsResponseStatus :: Lens' CreateStreamResponse Int
-csrsResponseStatus = lens _csrsResponseStatus (\ s a -> s{_csrsResponseStatus = a})
-
-instance NFData CreateStreamResponse where
diff --git a/gen/Network/AWS/IoT/CreateThing.hs b/gen/Network/AWS/IoT/CreateThing.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/CreateThing.hs
+++ /dev/null
@@ -1,179 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.CreateThing
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Creates a thing record in the registry.
---
---
-module Network.AWS.IoT.CreateThing
-    (
-    -- * Creating a Request
-      createThing
-    , CreateThing
-    -- * Request Lenses
-    , ctThingTypeName
-    , ctAttributePayload
-    , ctThingName
-
-    -- * Destructuring the Response
-    , createThingResponse
-    , CreateThingResponse
-    -- * Response Lenses
-    , ctrsThingARN
-    , ctrsThingName
-    , ctrsThingId
-    , ctrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the CreateThing operation.
---
---
---
--- /See:/ 'createThing' smart constructor.
-data CreateThing = CreateThing'
-  { _ctThingTypeName    :: !(Maybe Text)
-  , _ctAttributePayload :: !(Maybe AttributePayload)
-  , _ctThingName        :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CreateThing' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ctThingTypeName' - The name of the thing type associated with the new thing.
---
--- * 'ctAttributePayload' - The attribute payload, which consists of up to three name/value pairs in a JSON document. For example: @{\"attributes\":{\"string1\":\"string2\"}}@
---
--- * 'ctThingName' - The name of the thing to create.
-createThing
-    :: Text -- ^ 'ctThingName'
-    -> CreateThing
-createThing pThingName_ =
-  CreateThing'
-    { _ctThingTypeName = Nothing
-    , _ctAttributePayload = Nothing
-    , _ctThingName = pThingName_
-    }
-
-
--- | The name of the thing type associated with the new thing.
-ctThingTypeName :: Lens' CreateThing (Maybe Text)
-ctThingTypeName = lens _ctThingTypeName (\ s a -> s{_ctThingTypeName = a})
-
--- | The attribute payload, which consists of up to three name/value pairs in a JSON document. For example: @{\"attributes\":{\"string1\":\"string2\"}}@
-ctAttributePayload :: Lens' CreateThing (Maybe AttributePayload)
-ctAttributePayload = lens _ctAttributePayload (\ s a -> s{_ctAttributePayload = a})
-
--- | The name of the thing to create.
-ctThingName :: Lens' CreateThing Text
-ctThingName = lens _ctThingName (\ s a -> s{_ctThingName = a})
-
-instance AWSRequest CreateThing where
-        type Rs CreateThing = CreateThingResponse
-        request = postJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 CreateThingResponse' <$>
-                   (x .?> "thingArn") <*> (x .?> "thingName") <*>
-                     (x .?> "thingId")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable CreateThing where
-
-instance NFData CreateThing where
-
-instance ToHeaders CreateThing where
-        toHeaders = const mempty
-
-instance ToJSON CreateThing where
-        toJSON CreateThing'{..}
-          = object
-              (catMaybes
-                 [("thingTypeName" .=) <$> _ctThingTypeName,
-                  ("attributePayload" .=) <$> _ctAttributePayload])
-
-instance ToPath CreateThing where
-        toPath CreateThing'{..}
-          = mconcat ["/things/", toBS _ctThingName]
-
-instance ToQuery CreateThing where
-        toQuery = const mempty
-
--- | The output of the CreateThing operation.
---
---
---
--- /See:/ 'createThingResponse' smart constructor.
-data CreateThingResponse = CreateThingResponse'
-  { _ctrsThingARN       :: !(Maybe Text)
-  , _ctrsThingName      :: !(Maybe Text)
-  , _ctrsThingId        :: !(Maybe Text)
-  , _ctrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CreateThingResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ctrsThingARN' - The ARN of the new thing.
---
--- * 'ctrsThingName' - The name of the new thing.
---
--- * 'ctrsThingId' - The thing ID.
---
--- * 'ctrsResponseStatus' - -- | The response status code.
-createThingResponse
-    :: Int -- ^ 'ctrsResponseStatus'
-    -> CreateThingResponse
-createThingResponse pResponseStatus_ =
-  CreateThingResponse'
-    { _ctrsThingARN = Nothing
-    , _ctrsThingName = Nothing
-    , _ctrsThingId = Nothing
-    , _ctrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The ARN of the new thing.
-ctrsThingARN :: Lens' CreateThingResponse (Maybe Text)
-ctrsThingARN = lens _ctrsThingARN (\ s a -> s{_ctrsThingARN = a})
-
--- | The name of the new thing.
-ctrsThingName :: Lens' CreateThingResponse (Maybe Text)
-ctrsThingName = lens _ctrsThingName (\ s a -> s{_ctrsThingName = a})
-
--- | The thing ID.
-ctrsThingId :: Lens' CreateThingResponse (Maybe Text)
-ctrsThingId = lens _ctrsThingId (\ s a -> s{_ctrsThingId = a})
-
--- | -- | The response status code.
-ctrsResponseStatus :: Lens' CreateThingResponse Int
-ctrsResponseStatus = lens _ctrsResponseStatus (\ s a -> s{_ctrsResponseStatus = a})
-
-instance NFData CreateThingResponse where
diff --git a/gen/Network/AWS/IoT/CreateThingGroup.hs b/gen/Network/AWS/IoT/CreateThingGroup.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/CreateThingGroup.hs
+++ /dev/null
@@ -1,172 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.CreateThingGroup
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Create a thing group.
---
---
-module Network.AWS.IoT.CreateThingGroup
-    (
-    -- * Creating a Request
-      createThingGroup
-    , CreateThingGroup
-    -- * Request Lenses
-    , ctgParentGroupName
-    , ctgThingGroupProperties
-    , ctgThingGroupName
-
-    -- * Destructuring the Response
-    , createThingGroupResponse
-    , CreateThingGroupResponse
-    -- * Response Lenses
-    , ctgrsThingGroupARN
-    , ctgrsThingGroupId
-    , ctgrsThingGroupName
-    , ctgrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'createThingGroup' smart constructor.
-data CreateThingGroup = CreateThingGroup'
-  { _ctgParentGroupName      :: !(Maybe Text)
-  , _ctgThingGroupProperties :: !(Maybe ThingGroupProperties)
-  , _ctgThingGroupName       :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CreateThingGroup' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ctgParentGroupName' - The name of the parent thing group.
---
--- * 'ctgThingGroupProperties' - The thing group properties.
---
--- * 'ctgThingGroupName' - The thing group name to create.
-createThingGroup
-    :: Text -- ^ 'ctgThingGroupName'
-    -> CreateThingGroup
-createThingGroup pThingGroupName_ =
-  CreateThingGroup'
-    { _ctgParentGroupName = Nothing
-    , _ctgThingGroupProperties = Nothing
-    , _ctgThingGroupName = pThingGroupName_
-    }
-
-
--- | The name of the parent thing group.
-ctgParentGroupName :: Lens' CreateThingGroup (Maybe Text)
-ctgParentGroupName = lens _ctgParentGroupName (\ s a -> s{_ctgParentGroupName = a})
-
--- | The thing group properties.
-ctgThingGroupProperties :: Lens' CreateThingGroup (Maybe ThingGroupProperties)
-ctgThingGroupProperties = lens _ctgThingGroupProperties (\ s a -> s{_ctgThingGroupProperties = a})
-
--- | The thing group name to create.
-ctgThingGroupName :: Lens' CreateThingGroup Text
-ctgThingGroupName = lens _ctgThingGroupName (\ s a -> s{_ctgThingGroupName = a})
-
-instance AWSRequest CreateThingGroup where
-        type Rs CreateThingGroup = CreateThingGroupResponse
-        request = postJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 CreateThingGroupResponse' <$>
-                   (x .?> "thingGroupArn") <*> (x .?> "thingGroupId")
-                     <*> (x .?> "thingGroupName")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable CreateThingGroup where
-
-instance NFData CreateThingGroup where
-
-instance ToHeaders CreateThingGroup where
-        toHeaders = const mempty
-
-instance ToJSON CreateThingGroup where
-        toJSON CreateThingGroup'{..}
-          = object
-              (catMaybes
-                 [("parentGroupName" .=) <$> _ctgParentGroupName,
-                  ("thingGroupProperties" .=) <$>
-                    _ctgThingGroupProperties])
-
-instance ToPath CreateThingGroup where
-        toPath CreateThingGroup'{..}
-          = mconcat ["/thing-groups/", toBS _ctgThingGroupName]
-
-instance ToQuery CreateThingGroup where
-        toQuery = const mempty
-
--- | /See:/ 'createThingGroupResponse' smart constructor.
-data CreateThingGroupResponse = CreateThingGroupResponse'
-  { _ctgrsThingGroupARN  :: !(Maybe Text)
-  , _ctgrsThingGroupId   :: !(Maybe Text)
-  , _ctgrsThingGroupName :: !(Maybe Text)
-  , _ctgrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CreateThingGroupResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ctgrsThingGroupARN' - The thing group ARN.
---
--- * 'ctgrsThingGroupId' - The thing group ID.
---
--- * 'ctgrsThingGroupName' - The thing group name.
---
--- * 'ctgrsResponseStatus' - -- | The response status code.
-createThingGroupResponse
-    :: Int -- ^ 'ctgrsResponseStatus'
-    -> CreateThingGroupResponse
-createThingGroupResponse pResponseStatus_ =
-  CreateThingGroupResponse'
-    { _ctgrsThingGroupARN = Nothing
-    , _ctgrsThingGroupId = Nothing
-    , _ctgrsThingGroupName = Nothing
-    , _ctgrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The thing group ARN.
-ctgrsThingGroupARN :: Lens' CreateThingGroupResponse (Maybe Text)
-ctgrsThingGroupARN = lens _ctgrsThingGroupARN (\ s a -> s{_ctgrsThingGroupARN = a})
-
--- | The thing group ID.
-ctgrsThingGroupId :: Lens' CreateThingGroupResponse (Maybe Text)
-ctgrsThingGroupId = lens _ctgrsThingGroupId (\ s a -> s{_ctgrsThingGroupId = a})
-
--- | The thing group name.
-ctgrsThingGroupName :: Lens' CreateThingGroupResponse (Maybe Text)
-ctgrsThingGroupName = lens _ctgrsThingGroupName (\ s a -> s{_ctgrsThingGroupName = a})
-
--- | -- | The response status code.
-ctgrsResponseStatus :: Lens' CreateThingGroupResponse Int
-ctgrsResponseStatus = lens _ctgrsResponseStatus (\ s a -> s{_ctgrsResponseStatus = a})
-
-instance NFData CreateThingGroupResponse where
diff --git a/gen/Network/AWS/IoT/CreateThingType.hs b/gen/Network/AWS/IoT/CreateThingType.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/CreateThingType.hs
+++ /dev/null
@@ -1,168 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.CreateThingType
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Creates a new thing type.
---
---
-module Network.AWS.IoT.CreateThingType
-    (
-    -- * Creating a Request
-      createThingType
-    , CreateThingType
-    -- * Request Lenses
-    , cttThingTypeProperties
-    , cttThingTypeName
-
-    -- * Destructuring the Response
-    , createThingTypeResponse
-    , CreateThingTypeResponse
-    -- * Response Lenses
-    , cttrsThingTypeName
-    , cttrsThingTypeId
-    , cttrsThingTypeARN
-    , cttrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the CreateThingType operation.
---
---
---
--- /See:/ 'createThingType' smart constructor.
-data CreateThingType = CreateThingType'
-  { _cttThingTypeProperties :: !(Maybe ThingTypeProperties)
-  , _cttThingTypeName       :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CreateThingType' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'cttThingTypeProperties' - The ThingTypeProperties for the thing type to create. It contains information about the new thing type including a description, and a list of searchable thing attribute names.
---
--- * 'cttThingTypeName' - The name of the thing type.
-createThingType
-    :: Text -- ^ 'cttThingTypeName'
-    -> CreateThingType
-createThingType pThingTypeName_ =
-  CreateThingType'
-    {_cttThingTypeProperties = Nothing, _cttThingTypeName = pThingTypeName_}
-
-
--- | The ThingTypeProperties for the thing type to create. It contains information about the new thing type including a description, and a list of searchable thing attribute names.
-cttThingTypeProperties :: Lens' CreateThingType (Maybe ThingTypeProperties)
-cttThingTypeProperties = lens _cttThingTypeProperties (\ s a -> s{_cttThingTypeProperties = a})
-
--- | The name of the thing type.
-cttThingTypeName :: Lens' CreateThingType Text
-cttThingTypeName = lens _cttThingTypeName (\ s a -> s{_cttThingTypeName = a})
-
-instance AWSRequest CreateThingType where
-        type Rs CreateThingType = CreateThingTypeResponse
-        request = postJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 CreateThingTypeResponse' <$>
-                   (x .?> "thingTypeName") <*> (x .?> "thingTypeId") <*>
-                     (x .?> "thingTypeArn")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable CreateThingType where
-
-instance NFData CreateThingType where
-
-instance ToHeaders CreateThingType where
-        toHeaders = const mempty
-
-instance ToJSON CreateThingType where
-        toJSON CreateThingType'{..}
-          = object
-              (catMaybes
-                 [("thingTypeProperties" .=) <$>
-                    _cttThingTypeProperties])
-
-instance ToPath CreateThingType where
-        toPath CreateThingType'{..}
-          = mconcat ["/thing-types/", toBS _cttThingTypeName]
-
-instance ToQuery CreateThingType where
-        toQuery = const mempty
-
--- | The output of the CreateThingType operation.
---
---
---
--- /See:/ 'createThingTypeResponse' smart constructor.
-data CreateThingTypeResponse = CreateThingTypeResponse'
-  { _cttrsThingTypeName  :: !(Maybe Text)
-  , _cttrsThingTypeId    :: !(Maybe Text)
-  , _cttrsThingTypeARN   :: !(Maybe Text)
-  , _cttrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CreateThingTypeResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'cttrsThingTypeName' - The name of the thing type.
---
--- * 'cttrsThingTypeId' - The thing type ID.
---
--- * 'cttrsThingTypeARN' - The Amazon Resource Name (ARN) of the thing type.
---
--- * 'cttrsResponseStatus' - -- | The response status code.
-createThingTypeResponse
-    :: Int -- ^ 'cttrsResponseStatus'
-    -> CreateThingTypeResponse
-createThingTypeResponse pResponseStatus_ =
-  CreateThingTypeResponse'
-    { _cttrsThingTypeName = Nothing
-    , _cttrsThingTypeId = Nothing
-    , _cttrsThingTypeARN = Nothing
-    , _cttrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The name of the thing type.
-cttrsThingTypeName :: Lens' CreateThingTypeResponse (Maybe Text)
-cttrsThingTypeName = lens _cttrsThingTypeName (\ s a -> s{_cttrsThingTypeName = a})
-
--- | The thing type ID.
-cttrsThingTypeId :: Lens' CreateThingTypeResponse (Maybe Text)
-cttrsThingTypeId = lens _cttrsThingTypeId (\ s a -> s{_cttrsThingTypeId = a})
-
--- | The Amazon Resource Name (ARN) of the thing type.
-cttrsThingTypeARN :: Lens' CreateThingTypeResponse (Maybe Text)
-cttrsThingTypeARN = lens _cttrsThingTypeARN (\ s a -> s{_cttrsThingTypeARN = a})
-
--- | -- | The response status code.
-cttrsResponseStatus :: Lens' CreateThingTypeResponse Int
-cttrsResponseStatus = lens _cttrsResponseStatus (\ s a -> s{_cttrsResponseStatus = a})
-
-instance NFData CreateThingTypeResponse where
diff --git a/gen/Network/AWS/IoT/CreateTopicRule.hs b/gen/Network/AWS/IoT/CreateTopicRule.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/CreateTopicRule.hs
+++ /dev/null
@@ -1,118 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.CreateTopicRule
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Creates a rule. Creating rules is an administrator-level action. Any user who has permission to create rules will be able to access data processed by the rule.
---
---
-module Network.AWS.IoT.CreateTopicRule
-    (
-    -- * Creating a Request
-      createTopicRule
-    , CreateTopicRule
-    -- * Request Lenses
-    , ctrRuleName
-    , ctrTopicRulePayload
-
-    -- * Destructuring the Response
-    , createTopicRuleResponse
-    , CreateTopicRuleResponse
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the CreateTopicRule operation.
---
---
---
--- /See:/ 'createTopicRule' smart constructor.
-data CreateTopicRule = CreateTopicRule'
-  { _ctrRuleName         :: !Text
-  , _ctrTopicRulePayload :: !TopicRulePayload
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CreateTopicRule' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ctrRuleName' - The name of the rule.
---
--- * 'ctrTopicRulePayload' - The rule payload.
-createTopicRule
-    :: Text -- ^ 'ctrRuleName'
-    -> TopicRulePayload -- ^ 'ctrTopicRulePayload'
-    -> CreateTopicRule
-createTopicRule pRuleName_ pTopicRulePayload_ =
-  CreateTopicRule'
-    {_ctrRuleName = pRuleName_, _ctrTopicRulePayload = pTopicRulePayload_}
-
-
--- | The name of the rule.
-ctrRuleName :: Lens' CreateTopicRule Text
-ctrRuleName = lens _ctrRuleName (\ s a -> s{_ctrRuleName = a})
-
--- | The rule payload.
-ctrTopicRulePayload :: Lens' CreateTopicRule TopicRulePayload
-ctrTopicRulePayload = lens _ctrTopicRulePayload (\ s a -> s{_ctrTopicRulePayload = a})
-
-instance AWSRequest CreateTopicRule where
-        type Rs CreateTopicRule = CreateTopicRuleResponse
-        request = postJSON ioT
-        response = receiveNull CreateTopicRuleResponse'
-
-instance Hashable CreateTopicRule where
-
-instance NFData CreateTopicRule where
-
-instance ToHeaders CreateTopicRule where
-        toHeaders = const mempty
-
-instance ToJSON CreateTopicRule where
-        toJSON CreateTopicRule'{..}
-          = object
-              (catMaybes
-                 [Just ("topicRulePayload" .= _ctrTopicRulePayload)])
-
-instance ToPath CreateTopicRule where
-        toPath CreateTopicRule'{..}
-          = mconcat ["/rules/", toBS _ctrRuleName]
-
-instance ToQuery CreateTopicRule where
-        toQuery = const mempty
-
--- | /See:/ 'createTopicRuleResponse' smart constructor.
-data CreateTopicRuleResponse =
-  CreateTopicRuleResponse'
-  deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CreateTopicRuleResponse' with the minimum fields required to make a request.
---
-createTopicRuleResponse
-    :: CreateTopicRuleResponse
-createTopicRuleResponse = CreateTopicRuleResponse'
-
-
-instance NFData CreateTopicRuleResponse where
diff --git a/gen/Network/AWS/IoT/DeleteAuthorizer.hs b/gen/Network/AWS/IoT/DeleteAuthorizer.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DeleteAuthorizer.hs
+++ /dev/null
@@ -1,112 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DeleteAuthorizer
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Deletes an authorizer.
---
---
-module Network.AWS.IoT.DeleteAuthorizer
-    (
-    -- * Creating a Request
-      deleteAuthorizer
-    , DeleteAuthorizer
-    -- * Request Lenses
-    , dAuthorizerName
-
-    -- * Destructuring the Response
-    , deleteAuthorizerResponse
-    , DeleteAuthorizerResponse
-    -- * Response Lenses
-    , delrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'deleteAuthorizer' smart constructor.
-newtype DeleteAuthorizer = DeleteAuthorizer'
-  { _dAuthorizerName :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeleteAuthorizer' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dAuthorizerName' - The name of the authorizer to delete.
-deleteAuthorizer
-    :: Text -- ^ 'dAuthorizerName'
-    -> DeleteAuthorizer
-deleteAuthorizer pAuthorizerName_ =
-  DeleteAuthorizer' {_dAuthorizerName = pAuthorizerName_}
-
-
--- | The name of the authorizer to delete.
-dAuthorizerName :: Lens' DeleteAuthorizer Text
-dAuthorizerName = lens _dAuthorizerName (\ s a -> s{_dAuthorizerName = a})
-
-instance AWSRequest DeleteAuthorizer where
-        type Rs DeleteAuthorizer = DeleteAuthorizerResponse
-        request = delete ioT
-        response
-          = receiveEmpty
-              (\ s h x ->
-                 DeleteAuthorizerResponse' <$> (pure (fromEnum s)))
-
-instance Hashable DeleteAuthorizer where
-
-instance NFData DeleteAuthorizer where
-
-instance ToHeaders DeleteAuthorizer where
-        toHeaders = const mempty
-
-instance ToPath DeleteAuthorizer where
-        toPath DeleteAuthorizer'{..}
-          = mconcat ["/authorizer/", toBS _dAuthorizerName]
-
-instance ToQuery DeleteAuthorizer where
-        toQuery = const mempty
-
--- | /See:/ 'deleteAuthorizerResponse' smart constructor.
-newtype DeleteAuthorizerResponse = DeleteAuthorizerResponse'
-  { _delrsResponseStatus :: Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeleteAuthorizerResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'delrsResponseStatus' - -- | The response status code.
-deleteAuthorizerResponse
-    :: Int -- ^ 'delrsResponseStatus'
-    -> DeleteAuthorizerResponse
-deleteAuthorizerResponse pResponseStatus_ =
-  DeleteAuthorizerResponse' {_delrsResponseStatus = pResponseStatus_}
-
-
--- | -- | The response status code.
-delrsResponseStatus :: Lens' DeleteAuthorizerResponse Int
-delrsResponseStatus = lens _delrsResponseStatus (\ s a -> s{_delrsResponseStatus = a})
-
-instance NFData DeleteAuthorizerResponse where
diff --git a/gen/Network/AWS/IoT/DeleteCACertificate.hs b/gen/Network/AWS/IoT/DeleteCACertificate.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DeleteCACertificate.hs
+++ /dev/null
@@ -1,122 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DeleteCACertificate
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Deletes a registered CA certificate.
---
---
-module Network.AWS.IoT.DeleteCACertificate
-    (
-    -- * Creating a Request
-      deleteCACertificate
-    , DeleteCACertificate
-    -- * Request Lenses
-    , dcacCertificateId
-
-    -- * Destructuring the Response
-    , deleteCACertificateResponse
-    , DeleteCACertificateResponse
-    -- * Response Lenses
-    , dcacrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | Input for the DeleteCACertificate operation.
---
---
---
--- /See:/ 'deleteCACertificate' smart constructor.
-newtype DeleteCACertificate = DeleteCACertificate'
-  { _dcacCertificateId :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeleteCACertificate' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dcacCertificateId' - The ID of the certificate to delete. (The last part of the certificate ARN contains the certificate ID.)
-deleteCACertificate
-    :: Text -- ^ 'dcacCertificateId'
-    -> DeleteCACertificate
-deleteCACertificate pCertificateId_ =
-  DeleteCACertificate' {_dcacCertificateId = pCertificateId_}
-
-
--- | The ID of the certificate to delete. (The last part of the certificate ARN contains the certificate ID.)
-dcacCertificateId :: Lens' DeleteCACertificate Text
-dcacCertificateId = lens _dcacCertificateId (\ s a -> s{_dcacCertificateId = a})
-
-instance AWSRequest DeleteCACertificate where
-        type Rs DeleteCACertificate =
-             DeleteCACertificateResponse
-        request = delete ioT
-        response
-          = receiveEmpty
-              (\ s h x ->
-                 DeleteCACertificateResponse' <$> (pure (fromEnum s)))
-
-instance Hashable DeleteCACertificate where
-
-instance NFData DeleteCACertificate where
-
-instance ToHeaders DeleteCACertificate where
-        toHeaders = const mempty
-
-instance ToPath DeleteCACertificate where
-        toPath DeleteCACertificate'{..}
-          = mconcat
-              ["/cacertificate/", toBS _dcacCertificateId]
-
-instance ToQuery DeleteCACertificate where
-        toQuery = const mempty
-
--- | The output for the DeleteCACertificate operation.
---
---
---
--- /See:/ 'deleteCACertificateResponse' smart constructor.
-newtype DeleteCACertificateResponse = DeleteCACertificateResponse'
-  { _dcacrsResponseStatus :: Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeleteCACertificateResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dcacrsResponseStatus' - -- | The response status code.
-deleteCACertificateResponse
-    :: Int -- ^ 'dcacrsResponseStatus'
-    -> DeleteCACertificateResponse
-deleteCACertificateResponse pResponseStatus_ =
-  DeleteCACertificateResponse' {_dcacrsResponseStatus = pResponseStatus_}
-
-
--- | -- | The response status code.
-dcacrsResponseStatus :: Lens' DeleteCACertificateResponse Int
-dcacrsResponseStatus = lens _dcacrsResponseStatus (\ s a -> s{_dcacrsResponseStatus = a})
-
-instance NFData DeleteCACertificateResponse where
diff --git a/gen/Network/AWS/IoT/DeleteCertificate.hs b/gen/Network/AWS/IoT/DeleteCertificate.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DeleteCertificate.hs
+++ /dev/null
@@ -1,114 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DeleteCertificate
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Deletes the specified certificate.
---
---
--- A certificate cannot be deleted if it has a policy attached to it or if its status is set to ACTIVE. To delete a certificate, first use the 'DetachPrincipalPolicy' API to detach all policies. Next, use the 'UpdateCertificate' API to set the certificate to the INACTIVE status.
---
-module Network.AWS.IoT.DeleteCertificate
-    (
-    -- * Creating a Request
-      deleteCertificate
-    , DeleteCertificate
-    -- * Request Lenses
-    , dcForceDelete
-    , dcCertificateId
-
-    -- * Destructuring the Response
-    , deleteCertificateResponse
-    , DeleteCertificateResponse
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the DeleteCertificate operation.
---
---
---
--- /See:/ 'deleteCertificate' smart constructor.
-data DeleteCertificate = DeleteCertificate'
-  { _dcForceDelete   :: !(Maybe Bool)
-  , _dcCertificateId :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeleteCertificate' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dcForceDelete' - Forces a certificate request to be deleted.
---
--- * 'dcCertificateId' - The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.)
-deleteCertificate
-    :: Text -- ^ 'dcCertificateId'
-    -> DeleteCertificate
-deleteCertificate pCertificateId_ =
-  DeleteCertificate'
-    {_dcForceDelete = Nothing, _dcCertificateId = pCertificateId_}
-
-
--- | Forces a certificate request to be deleted.
-dcForceDelete :: Lens' DeleteCertificate (Maybe Bool)
-dcForceDelete = lens _dcForceDelete (\ s a -> s{_dcForceDelete = a})
-
--- | The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.)
-dcCertificateId :: Lens' DeleteCertificate Text
-dcCertificateId = lens _dcCertificateId (\ s a -> s{_dcCertificateId = a})
-
-instance AWSRequest DeleteCertificate where
-        type Rs DeleteCertificate = DeleteCertificateResponse
-        request = delete ioT
-        response = receiveNull DeleteCertificateResponse'
-
-instance Hashable DeleteCertificate where
-
-instance NFData DeleteCertificate where
-
-instance ToHeaders DeleteCertificate where
-        toHeaders = const mempty
-
-instance ToPath DeleteCertificate where
-        toPath DeleteCertificate'{..}
-          = mconcat ["/certificates/", toBS _dcCertificateId]
-
-instance ToQuery DeleteCertificate where
-        toQuery DeleteCertificate'{..}
-          = mconcat ["forceDelete" =: _dcForceDelete]
-
--- | /See:/ 'deleteCertificateResponse' smart constructor.
-data DeleteCertificateResponse =
-  DeleteCertificateResponse'
-  deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeleteCertificateResponse' with the minimum fields required to make a request.
---
-deleteCertificateResponse
-    :: DeleteCertificateResponse
-deleteCertificateResponse = DeleteCertificateResponse'
-
-
-instance NFData DeleteCertificateResponse where
diff --git a/gen/Network/AWS/IoT/DeleteOTAUpdate.hs b/gen/Network/AWS/IoT/DeleteOTAUpdate.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DeleteOTAUpdate.hs
+++ /dev/null
@@ -1,112 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DeleteOTAUpdate
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Delete an OTA update.
---
---
-module Network.AWS.IoT.DeleteOTAUpdate
-    (
-    -- * Creating a Request
-      deleteOTAUpdate
-    , DeleteOTAUpdate
-    -- * Request Lenses
-    , dotauOtaUpdateId
-
-    -- * Destructuring the Response
-    , deleteOTAUpdateResponse
-    , DeleteOTAUpdateResponse
-    -- * Response Lenses
-    , dotaursResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'deleteOTAUpdate' smart constructor.
-newtype DeleteOTAUpdate = DeleteOTAUpdate'
-  { _dotauOtaUpdateId :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeleteOTAUpdate' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dotauOtaUpdateId' - The OTA update ID to delete.
-deleteOTAUpdate
-    :: Text -- ^ 'dotauOtaUpdateId'
-    -> DeleteOTAUpdate
-deleteOTAUpdate pOtaUpdateId_ =
-  DeleteOTAUpdate' {_dotauOtaUpdateId = pOtaUpdateId_}
-
-
--- | The OTA update ID to delete.
-dotauOtaUpdateId :: Lens' DeleteOTAUpdate Text
-dotauOtaUpdateId = lens _dotauOtaUpdateId (\ s a -> s{_dotauOtaUpdateId = a})
-
-instance AWSRequest DeleteOTAUpdate where
-        type Rs DeleteOTAUpdate = DeleteOTAUpdateResponse
-        request = delete ioT
-        response
-          = receiveEmpty
-              (\ s h x ->
-                 DeleteOTAUpdateResponse' <$> (pure (fromEnum s)))
-
-instance Hashable DeleteOTAUpdate where
-
-instance NFData DeleteOTAUpdate where
-
-instance ToHeaders DeleteOTAUpdate where
-        toHeaders = const mempty
-
-instance ToPath DeleteOTAUpdate where
-        toPath DeleteOTAUpdate'{..}
-          = mconcat ["/otaUpdates/", toBS _dotauOtaUpdateId]
-
-instance ToQuery DeleteOTAUpdate where
-        toQuery = const mempty
-
--- | /See:/ 'deleteOTAUpdateResponse' smart constructor.
-newtype DeleteOTAUpdateResponse = DeleteOTAUpdateResponse'
-  { _dotaursResponseStatus :: Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeleteOTAUpdateResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dotaursResponseStatus' - -- | The response status code.
-deleteOTAUpdateResponse
-    :: Int -- ^ 'dotaursResponseStatus'
-    -> DeleteOTAUpdateResponse
-deleteOTAUpdateResponse pResponseStatus_ =
-  DeleteOTAUpdateResponse' {_dotaursResponseStatus = pResponseStatus_}
-
-
--- | -- | The response status code.
-dotaursResponseStatus :: Lens' DeleteOTAUpdateResponse Int
-dotaursResponseStatus = lens _dotaursResponseStatus (\ s a -> s{_dotaursResponseStatus = a})
-
-instance NFData DeleteOTAUpdateResponse where
diff --git a/gen/Network/AWS/IoT/DeletePolicy.hs b/gen/Network/AWS/IoT/DeletePolicy.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DeletePolicy.hs
+++ /dev/null
@@ -1,107 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DeletePolicy
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Deletes the specified policy.
---
---
--- A policy cannot be deleted if it has non-default versions or it is attached to any certificate.
---
--- To delete a policy, use the DeletePolicyVersion API to delete all non-default versions of the policy; use the DetachPrincipalPolicy API to detach the policy from any certificate; and then use the DeletePolicy API to delete the policy.
---
--- When a policy is deleted using DeletePolicy, its default version is deleted with it.
---
-module Network.AWS.IoT.DeletePolicy
-    (
-    -- * Creating a Request
-      deletePolicy
-    , DeletePolicy
-    -- * Request Lenses
-    , dpPolicyName
-
-    -- * Destructuring the Response
-    , deletePolicyResponse
-    , DeletePolicyResponse
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the DeletePolicy operation.
---
---
---
--- /See:/ 'deletePolicy' smart constructor.
-newtype DeletePolicy = DeletePolicy'
-  { _dpPolicyName :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeletePolicy' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dpPolicyName' - The name of the policy to delete.
-deletePolicy
-    :: Text -- ^ 'dpPolicyName'
-    -> DeletePolicy
-deletePolicy pPolicyName_ = DeletePolicy' {_dpPolicyName = pPolicyName_}
-
-
--- | The name of the policy to delete.
-dpPolicyName :: Lens' DeletePolicy Text
-dpPolicyName = lens _dpPolicyName (\ s a -> s{_dpPolicyName = a})
-
-instance AWSRequest DeletePolicy where
-        type Rs DeletePolicy = DeletePolicyResponse
-        request = delete ioT
-        response = receiveNull DeletePolicyResponse'
-
-instance Hashable DeletePolicy where
-
-instance NFData DeletePolicy where
-
-instance ToHeaders DeletePolicy where
-        toHeaders = const mempty
-
-instance ToPath DeletePolicy where
-        toPath DeletePolicy'{..}
-          = mconcat ["/policies/", toBS _dpPolicyName]
-
-instance ToQuery DeletePolicy where
-        toQuery = const mempty
-
--- | /See:/ 'deletePolicyResponse' smart constructor.
-data DeletePolicyResponse =
-  DeletePolicyResponse'
-  deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeletePolicyResponse' with the minimum fields required to make a request.
---
-deletePolicyResponse
-    :: DeletePolicyResponse
-deletePolicyResponse = DeletePolicyResponse'
-
-
-instance NFData DeletePolicyResponse where
diff --git a/gen/Network/AWS/IoT/DeletePolicyVersion.hs b/gen/Network/AWS/IoT/DeletePolicyVersion.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DeletePolicyVersion.hs
+++ /dev/null
@@ -1,115 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DeletePolicyVersion
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Deletes the specified version of the specified policy. You cannot delete the default version of a policy using this API. To delete the default version of a policy, use 'DeletePolicy' . To find out which version of a policy is marked as the default version, use ListPolicyVersions.
---
---
-module Network.AWS.IoT.DeletePolicyVersion
-    (
-    -- * Creating a Request
-      deletePolicyVersion
-    , DeletePolicyVersion
-    -- * Request Lenses
-    , dpvPolicyName
-    , dpvPolicyVersionId
-
-    -- * Destructuring the Response
-    , deletePolicyVersionResponse
-    , DeletePolicyVersionResponse
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the DeletePolicyVersion operation.
---
---
---
--- /See:/ 'deletePolicyVersion' smart constructor.
-data DeletePolicyVersion = DeletePolicyVersion'
-  { _dpvPolicyName      :: !Text
-  , _dpvPolicyVersionId :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeletePolicyVersion' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dpvPolicyName' - The name of the policy.
---
--- * 'dpvPolicyVersionId' - The policy version ID.
-deletePolicyVersion
-    :: Text -- ^ 'dpvPolicyName'
-    -> Text -- ^ 'dpvPolicyVersionId'
-    -> DeletePolicyVersion
-deletePolicyVersion pPolicyName_ pPolicyVersionId_ =
-  DeletePolicyVersion'
-    {_dpvPolicyName = pPolicyName_, _dpvPolicyVersionId = pPolicyVersionId_}
-
-
--- | The name of the policy.
-dpvPolicyName :: Lens' DeletePolicyVersion Text
-dpvPolicyName = lens _dpvPolicyName (\ s a -> s{_dpvPolicyName = a})
-
--- | The policy version ID.
-dpvPolicyVersionId :: Lens' DeletePolicyVersion Text
-dpvPolicyVersionId = lens _dpvPolicyVersionId (\ s a -> s{_dpvPolicyVersionId = a})
-
-instance AWSRequest DeletePolicyVersion where
-        type Rs DeletePolicyVersion =
-             DeletePolicyVersionResponse
-        request = delete ioT
-        response = receiveNull DeletePolicyVersionResponse'
-
-instance Hashable DeletePolicyVersion where
-
-instance NFData DeletePolicyVersion where
-
-instance ToHeaders DeletePolicyVersion where
-        toHeaders = const mempty
-
-instance ToPath DeletePolicyVersion where
-        toPath DeletePolicyVersion'{..}
-          = mconcat
-              ["/policies/", toBS _dpvPolicyName, "/version/",
-               toBS _dpvPolicyVersionId]
-
-instance ToQuery DeletePolicyVersion where
-        toQuery = const mempty
-
--- | /See:/ 'deletePolicyVersionResponse' smart constructor.
-data DeletePolicyVersionResponse =
-  DeletePolicyVersionResponse'
-  deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeletePolicyVersionResponse' with the minimum fields required to make a request.
---
-deletePolicyVersionResponse
-    :: DeletePolicyVersionResponse
-deletePolicyVersionResponse = DeletePolicyVersionResponse'
-
-
-instance NFData DeletePolicyVersionResponse where
diff --git a/gen/Network/AWS/IoT/DeleteRegistrationCode.hs b/gen/Network/AWS/IoT/DeleteRegistrationCode.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DeleteRegistrationCode.hs
+++ /dev/null
@@ -1,110 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DeleteRegistrationCode
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Deletes a CA certificate registration code.
---
---
-module Network.AWS.IoT.DeleteRegistrationCode
-    (
-    -- * Creating a Request
-      deleteRegistrationCode
-    , DeleteRegistrationCode
-
-    -- * Destructuring the Response
-    , deleteRegistrationCodeResponse
-    , DeleteRegistrationCodeResponse
-    -- * Response Lenses
-    , drcrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the DeleteRegistrationCode operation.
---
---
---
--- /See:/ 'deleteRegistrationCode' smart constructor.
-data DeleteRegistrationCode =
-  DeleteRegistrationCode'
-  deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeleteRegistrationCode' with the minimum fields required to make a request.
---
-deleteRegistrationCode
-    :: DeleteRegistrationCode
-deleteRegistrationCode = DeleteRegistrationCode'
-
-
-instance AWSRequest DeleteRegistrationCode where
-        type Rs DeleteRegistrationCode =
-             DeleteRegistrationCodeResponse
-        request = delete ioT
-        response
-          = receiveEmpty
-              (\ s h x ->
-                 DeleteRegistrationCodeResponse' <$>
-                   (pure (fromEnum s)))
-
-instance Hashable DeleteRegistrationCode where
-
-instance NFData DeleteRegistrationCode where
-
-instance ToHeaders DeleteRegistrationCode where
-        toHeaders = const mempty
-
-instance ToPath DeleteRegistrationCode where
-        toPath = const "/registrationcode"
-
-instance ToQuery DeleteRegistrationCode where
-        toQuery = const mempty
-
--- | The output for the DeleteRegistrationCode operation.
---
---
---
--- /See:/ 'deleteRegistrationCodeResponse' smart constructor.
-newtype DeleteRegistrationCodeResponse = DeleteRegistrationCodeResponse'
-  { _drcrsResponseStatus :: Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeleteRegistrationCodeResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'drcrsResponseStatus' - -- | The response status code.
-deleteRegistrationCodeResponse
-    :: Int -- ^ 'drcrsResponseStatus'
-    -> DeleteRegistrationCodeResponse
-deleteRegistrationCodeResponse pResponseStatus_ =
-  DeleteRegistrationCodeResponse' {_drcrsResponseStatus = pResponseStatus_}
-
-
--- | -- | The response status code.
-drcrsResponseStatus :: Lens' DeleteRegistrationCodeResponse Int
-drcrsResponseStatus = lens _drcrsResponseStatus (\ s a -> s{_drcrsResponseStatus = a})
-
-instance NFData DeleteRegistrationCodeResponse where
diff --git a/gen/Network/AWS/IoT/DeleteRoleAlias.hs b/gen/Network/AWS/IoT/DeleteRoleAlias.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DeleteRoleAlias.hs
+++ /dev/null
@@ -1,111 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DeleteRoleAlias
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Deletes a role alias
---
---
-module Network.AWS.IoT.DeleteRoleAlias
-    (
-    -- * Creating a Request
-      deleteRoleAlias
-    , DeleteRoleAlias
-    -- * Request Lenses
-    , dRoleAlias
-
-    -- * Destructuring the Response
-    , deleteRoleAliasResponse
-    , DeleteRoleAliasResponse
-    -- * Response Lenses
-    , drsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'deleteRoleAlias' smart constructor.
-newtype DeleteRoleAlias = DeleteRoleAlias'
-  { _dRoleAlias :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeleteRoleAlias' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dRoleAlias' - The role alias to delete.
-deleteRoleAlias
-    :: Text -- ^ 'dRoleAlias'
-    -> DeleteRoleAlias
-deleteRoleAlias pRoleAlias_ = DeleteRoleAlias' {_dRoleAlias = pRoleAlias_}
-
-
--- | The role alias to delete.
-dRoleAlias :: Lens' DeleteRoleAlias Text
-dRoleAlias = lens _dRoleAlias (\ s a -> s{_dRoleAlias = a})
-
-instance AWSRequest DeleteRoleAlias where
-        type Rs DeleteRoleAlias = DeleteRoleAliasResponse
-        request = delete ioT
-        response
-          = receiveEmpty
-              (\ s h x ->
-                 DeleteRoleAliasResponse' <$> (pure (fromEnum s)))
-
-instance Hashable DeleteRoleAlias where
-
-instance NFData DeleteRoleAlias where
-
-instance ToHeaders DeleteRoleAlias where
-        toHeaders = const mempty
-
-instance ToPath DeleteRoleAlias where
-        toPath DeleteRoleAlias'{..}
-          = mconcat ["/role-aliases/", toBS _dRoleAlias]
-
-instance ToQuery DeleteRoleAlias where
-        toQuery = const mempty
-
--- | /See:/ 'deleteRoleAliasResponse' smart constructor.
-newtype DeleteRoleAliasResponse = DeleteRoleAliasResponse'
-  { _drsResponseStatus :: Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeleteRoleAliasResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'drsResponseStatus' - -- | The response status code.
-deleteRoleAliasResponse
-    :: Int -- ^ 'drsResponseStatus'
-    -> DeleteRoleAliasResponse
-deleteRoleAliasResponse pResponseStatus_ =
-  DeleteRoleAliasResponse' {_drsResponseStatus = pResponseStatus_}
-
-
--- | -- | The response status code.
-drsResponseStatus :: Lens' DeleteRoleAliasResponse Int
-drsResponseStatus = lens _drsResponseStatus (\ s a -> s{_drsResponseStatus = a})
-
-instance NFData DeleteRoleAliasResponse where
diff --git a/gen/Network/AWS/IoT/DeleteStream.hs b/gen/Network/AWS/IoT/DeleteStream.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DeleteStream.hs
+++ /dev/null
@@ -1,111 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DeleteStream
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Deletes a stream.
---
---
-module Network.AWS.IoT.DeleteStream
-    (
-    -- * Creating a Request
-      deleteStream
-    , DeleteStream
-    -- * Request Lenses
-    , dsStreamId
-
-    -- * Destructuring the Response
-    , deleteStreamResponse
-    , DeleteStreamResponse
-    -- * Response Lenses
-    , dsrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'deleteStream' smart constructor.
-newtype DeleteStream = DeleteStream'
-  { _dsStreamId :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeleteStream' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dsStreamId' - The stream ID.
-deleteStream
-    :: Text -- ^ 'dsStreamId'
-    -> DeleteStream
-deleteStream pStreamId_ = DeleteStream' {_dsStreamId = pStreamId_}
-
-
--- | The stream ID.
-dsStreamId :: Lens' DeleteStream Text
-dsStreamId = lens _dsStreamId (\ s a -> s{_dsStreamId = a})
-
-instance AWSRequest DeleteStream where
-        type Rs DeleteStream = DeleteStreamResponse
-        request = delete ioT
-        response
-          = receiveEmpty
-              (\ s h x ->
-                 DeleteStreamResponse' <$> (pure (fromEnum s)))
-
-instance Hashable DeleteStream where
-
-instance NFData DeleteStream where
-
-instance ToHeaders DeleteStream where
-        toHeaders = const mempty
-
-instance ToPath DeleteStream where
-        toPath DeleteStream'{..}
-          = mconcat ["/streams/", toBS _dsStreamId]
-
-instance ToQuery DeleteStream where
-        toQuery = const mempty
-
--- | /See:/ 'deleteStreamResponse' smart constructor.
-newtype DeleteStreamResponse = DeleteStreamResponse'
-  { _dsrsResponseStatus :: Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeleteStreamResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dsrsResponseStatus' - -- | The response status code.
-deleteStreamResponse
-    :: Int -- ^ 'dsrsResponseStatus'
-    -> DeleteStreamResponse
-deleteStreamResponse pResponseStatus_ =
-  DeleteStreamResponse' {_dsrsResponseStatus = pResponseStatus_}
-
-
--- | -- | The response status code.
-dsrsResponseStatus :: Lens' DeleteStreamResponse Int
-dsrsResponseStatus = lens _dsrsResponseStatus (\ s a -> s{_dsrsResponseStatus = a})
-
-instance NFData DeleteStreamResponse where
diff --git a/gen/Network/AWS/IoT/DeleteThing.hs b/gen/Network/AWS/IoT/DeleteThing.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DeleteThing.hs
+++ /dev/null
@@ -1,129 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DeleteThing
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Deletes the specified thing.
---
---
-module Network.AWS.IoT.DeleteThing
-    (
-    -- * Creating a Request
-      deleteThing
-    , DeleteThing
-    -- * Request Lenses
-    , dtExpectedVersion
-    , dtThingName
-
-    -- * Destructuring the Response
-    , deleteThingResponse
-    , DeleteThingResponse
-    -- * Response Lenses
-    , ddrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the DeleteThing operation.
---
---
---
--- /See:/ 'deleteThing' smart constructor.
-data DeleteThing = DeleteThing'
-  { _dtExpectedVersion :: !(Maybe Integer)
-  , _dtThingName       :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeleteThing' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dtExpectedVersion' - The expected version of the thing record in the registry. If the version of the record in the registry does not match the expected version specified in the request, the @DeleteThing@ request is rejected with a @VersionConflictException@ .
---
--- * 'dtThingName' - The name of the thing to delete.
-deleteThing
-    :: Text -- ^ 'dtThingName'
-    -> DeleteThing
-deleteThing pThingName_ =
-  DeleteThing' {_dtExpectedVersion = Nothing, _dtThingName = pThingName_}
-
-
--- | The expected version of the thing record in the registry. If the version of the record in the registry does not match the expected version specified in the request, the @DeleteThing@ request is rejected with a @VersionConflictException@ .
-dtExpectedVersion :: Lens' DeleteThing (Maybe Integer)
-dtExpectedVersion = lens _dtExpectedVersion (\ s a -> s{_dtExpectedVersion = a})
-
--- | The name of the thing to delete.
-dtThingName :: Lens' DeleteThing Text
-dtThingName = lens _dtThingName (\ s a -> s{_dtThingName = a})
-
-instance AWSRequest DeleteThing where
-        type Rs DeleteThing = DeleteThingResponse
-        request = delete ioT
-        response
-          = receiveEmpty
-              (\ s h x ->
-                 DeleteThingResponse' <$> (pure (fromEnum s)))
-
-instance Hashable DeleteThing where
-
-instance NFData DeleteThing where
-
-instance ToHeaders DeleteThing where
-        toHeaders = const mempty
-
-instance ToPath DeleteThing where
-        toPath DeleteThing'{..}
-          = mconcat ["/things/", toBS _dtThingName]
-
-instance ToQuery DeleteThing where
-        toQuery DeleteThing'{..}
-          = mconcat ["expectedVersion" =: _dtExpectedVersion]
-
--- | The output of the DeleteThing operation.
---
---
---
--- /See:/ 'deleteThingResponse' smart constructor.
-newtype DeleteThingResponse = DeleteThingResponse'
-  { _ddrsResponseStatus :: Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeleteThingResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ddrsResponseStatus' - -- | The response status code.
-deleteThingResponse
-    :: Int -- ^ 'ddrsResponseStatus'
-    -> DeleteThingResponse
-deleteThingResponse pResponseStatus_ =
-  DeleteThingResponse' {_ddrsResponseStatus = pResponseStatus_}
-
-
--- | -- | The response status code.
-ddrsResponseStatus :: Lens' DeleteThingResponse Int
-ddrsResponseStatus = lens _ddrsResponseStatus (\ s a -> s{_ddrsResponseStatus = a})
-
-instance NFData DeleteThingResponse where
diff --git a/gen/Network/AWS/IoT/DeleteThingGroup.hs b/gen/Network/AWS/IoT/DeleteThingGroup.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DeleteThingGroup.hs
+++ /dev/null
@@ -1,122 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DeleteThingGroup
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Deletes a thing group.
---
---
-module Network.AWS.IoT.DeleteThingGroup
-    (
-    -- * Creating a Request
-      deleteThingGroup
-    , DeleteThingGroup
-    -- * Request Lenses
-    , dExpectedVersion
-    , dThingGroupName
-
-    -- * Destructuring the Response
-    , deleteThingGroupResponse
-    , DeleteThingGroupResponse
-    -- * Response Lenses
-    , dtgtrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'deleteThingGroup' smart constructor.
-data DeleteThingGroup = DeleteThingGroup'
-  { _dExpectedVersion :: !(Maybe Integer)
-  , _dThingGroupName  :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeleteThingGroup' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dExpectedVersion' - The expected version of the thing group to delete.
---
--- * 'dThingGroupName' - The name of the thing group to delete.
-deleteThingGroup
-    :: Text -- ^ 'dThingGroupName'
-    -> DeleteThingGroup
-deleteThingGroup pThingGroupName_ =
-  DeleteThingGroup'
-    {_dExpectedVersion = Nothing, _dThingGroupName = pThingGroupName_}
-
-
--- | The expected version of the thing group to delete.
-dExpectedVersion :: Lens' DeleteThingGroup (Maybe Integer)
-dExpectedVersion = lens _dExpectedVersion (\ s a -> s{_dExpectedVersion = a})
-
--- | The name of the thing group to delete.
-dThingGroupName :: Lens' DeleteThingGroup Text
-dThingGroupName = lens _dThingGroupName (\ s a -> s{_dThingGroupName = a})
-
-instance AWSRequest DeleteThingGroup where
-        type Rs DeleteThingGroup = DeleteThingGroupResponse
-        request = delete ioT
-        response
-          = receiveEmpty
-              (\ s h x ->
-                 DeleteThingGroupResponse' <$> (pure (fromEnum s)))
-
-instance Hashable DeleteThingGroup where
-
-instance NFData DeleteThingGroup where
-
-instance ToHeaders DeleteThingGroup where
-        toHeaders = const mempty
-
-instance ToPath DeleteThingGroup where
-        toPath DeleteThingGroup'{..}
-          = mconcat ["/thing-groups/", toBS _dThingGroupName]
-
-instance ToQuery DeleteThingGroup where
-        toQuery DeleteThingGroup'{..}
-          = mconcat ["expectedVersion" =: _dExpectedVersion]
-
--- | /See:/ 'deleteThingGroupResponse' smart constructor.
-newtype DeleteThingGroupResponse = DeleteThingGroupResponse'
-  { _dtgtrsResponseStatus :: Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeleteThingGroupResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dtgtrsResponseStatus' - -- | The response status code.
-deleteThingGroupResponse
-    :: Int -- ^ 'dtgtrsResponseStatus'
-    -> DeleteThingGroupResponse
-deleteThingGroupResponse pResponseStatus_ =
-  DeleteThingGroupResponse' {_dtgtrsResponseStatus = pResponseStatus_}
-
-
--- | -- | The response status code.
-dtgtrsResponseStatus :: Lens' DeleteThingGroupResponse Int
-dtgtrsResponseStatus = lens _dtgtrsResponseStatus (\ s a -> s{_dtgtrsResponseStatus = a})
-
-instance NFData DeleteThingGroupResponse where
diff --git a/gen/Network/AWS/IoT/DeleteThingType.hs b/gen/Network/AWS/IoT/DeleteThingType.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DeleteThingType.hs
+++ /dev/null
@@ -1,120 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DeleteThingType
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Deletes the specified thing type . You cannot delete a thing type if it has things associated with it. To delete a thing type, first mark it as deprecated by calling 'DeprecateThingType' , then remove any associated things by calling 'UpdateThing' to change the thing type on any associated thing, and finally use 'DeleteThingType' to delete the thing type.
---
---
-module Network.AWS.IoT.DeleteThingType
-    (
-    -- * Creating a Request
-      deleteThingType
-    , DeleteThingType
-    -- * Request Lenses
-    , dttThingTypeName
-
-    -- * Destructuring the Response
-    , deleteThingTypeResponse
-    , DeleteThingTypeResponse
-    -- * Response Lenses
-    , dttrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the DeleteThingType operation.
---
---
---
--- /See:/ 'deleteThingType' smart constructor.
-newtype DeleteThingType = DeleteThingType'
-  { _dttThingTypeName :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeleteThingType' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dttThingTypeName' - The name of the thing type.
-deleteThingType
-    :: Text -- ^ 'dttThingTypeName'
-    -> DeleteThingType
-deleteThingType pThingTypeName_ =
-  DeleteThingType' {_dttThingTypeName = pThingTypeName_}
-
-
--- | The name of the thing type.
-dttThingTypeName :: Lens' DeleteThingType Text
-dttThingTypeName = lens _dttThingTypeName (\ s a -> s{_dttThingTypeName = a})
-
-instance AWSRequest DeleteThingType where
-        type Rs DeleteThingType = DeleteThingTypeResponse
-        request = delete ioT
-        response
-          = receiveEmpty
-              (\ s h x ->
-                 DeleteThingTypeResponse' <$> (pure (fromEnum s)))
-
-instance Hashable DeleteThingType where
-
-instance NFData DeleteThingType where
-
-instance ToHeaders DeleteThingType where
-        toHeaders = const mempty
-
-instance ToPath DeleteThingType where
-        toPath DeleteThingType'{..}
-          = mconcat ["/thing-types/", toBS _dttThingTypeName]
-
-instance ToQuery DeleteThingType where
-        toQuery = const mempty
-
--- | The output for the DeleteThingType operation.
---
---
---
--- /See:/ 'deleteThingTypeResponse' smart constructor.
-newtype DeleteThingTypeResponse = DeleteThingTypeResponse'
-  { _dttrsResponseStatus :: Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeleteThingTypeResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dttrsResponseStatus' - -- | The response status code.
-deleteThingTypeResponse
-    :: Int -- ^ 'dttrsResponseStatus'
-    -> DeleteThingTypeResponse
-deleteThingTypeResponse pResponseStatus_ =
-  DeleteThingTypeResponse' {_dttrsResponseStatus = pResponseStatus_}
-
-
--- | -- | The response status code.
-dttrsResponseStatus :: Lens' DeleteThingTypeResponse Int
-dttrsResponseStatus = lens _dttrsResponseStatus (\ s a -> s{_dttrsResponseStatus = a})
-
-instance NFData DeleteThingTypeResponse where
diff --git a/gen/Network/AWS/IoT/DeleteTopicRule.hs b/gen/Network/AWS/IoT/DeleteTopicRule.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DeleteTopicRule.hs
+++ /dev/null
@@ -1,101 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DeleteTopicRule
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Deletes the rule.
---
---
-module Network.AWS.IoT.DeleteTopicRule
-    (
-    -- * Creating a Request
-      deleteTopicRule
-    , DeleteTopicRule
-    -- * Request Lenses
-    , dRuleName
-
-    -- * Destructuring the Response
-    , deleteTopicRuleResponse
-    , DeleteTopicRuleResponse
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the DeleteTopicRule operation.
---
---
---
--- /See:/ 'deleteTopicRule' smart constructor.
-newtype DeleteTopicRule = DeleteTopicRule'
-  { _dRuleName :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeleteTopicRule' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dRuleName' - The name of the rule.
-deleteTopicRule
-    :: Text -- ^ 'dRuleName'
-    -> DeleteTopicRule
-deleteTopicRule pRuleName_ = DeleteTopicRule' {_dRuleName = pRuleName_}
-
-
--- | The name of the rule.
-dRuleName :: Lens' DeleteTopicRule Text
-dRuleName = lens _dRuleName (\ s a -> s{_dRuleName = a})
-
-instance AWSRequest DeleteTopicRule where
-        type Rs DeleteTopicRule = DeleteTopicRuleResponse
-        request = delete ioT
-        response = receiveNull DeleteTopicRuleResponse'
-
-instance Hashable DeleteTopicRule where
-
-instance NFData DeleteTopicRule where
-
-instance ToHeaders DeleteTopicRule where
-        toHeaders = const mempty
-
-instance ToPath DeleteTopicRule where
-        toPath DeleteTopicRule'{..}
-          = mconcat ["/rules/", toBS _dRuleName]
-
-instance ToQuery DeleteTopicRule where
-        toQuery = const mempty
-
--- | /See:/ 'deleteTopicRuleResponse' smart constructor.
-data DeleteTopicRuleResponse =
-  DeleteTopicRuleResponse'
-  deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeleteTopicRuleResponse' with the minimum fields required to make a request.
---
-deleteTopicRuleResponse
-    :: DeleteTopicRuleResponse
-deleteTopicRuleResponse = DeleteTopicRuleResponse'
-
-
-instance NFData DeleteTopicRuleResponse where
diff --git a/gen/Network/AWS/IoT/DeleteV2LoggingLevel.hs b/gen/Network/AWS/IoT/DeleteV2LoggingLevel.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DeleteV2LoggingLevel.hs
+++ /dev/null
@@ -1,111 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DeleteV2LoggingLevel
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Deletes a logging level.
---
---
-module Network.AWS.IoT.DeleteV2LoggingLevel
-    (
-    -- * Creating a Request
-      deleteV2LoggingLevel
-    , DeleteV2LoggingLevel
-    -- * Request Lenses
-    , dvllTargetType
-    , dvllTargetName
-
-    -- * Destructuring the Response
-    , deleteV2LoggingLevelResponse
-    , DeleteV2LoggingLevelResponse
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'deleteV2LoggingLevel' smart constructor.
-data DeleteV2LoggingLevel = DeleteV2LoggingLevel'
-  { _dvllTargetType :: !LogTargetType
-  , _dvllTargetName :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeleteV2LoggingLevel' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dvllTargetType' - The type of resource for which you are configuring logging. Must be @THING_Group@ .
---
--- * 'dvllTargetName' - The name of the resource for which you are configuring logging.
-deleteV2LoggingLevel
-    :: LogTargetType -- ^ 'dvllTargetType'
-    -> Text -- ^ 'dvllTargetName'
-    -> DeleteV2LoggingLevel
-deleteV2LoggingLevel pTargetType_ pTargetName_ =
-  DeleteV2LoggingLevel'
-    {_dvllTargetType = pTargetType_, _dvllTargetName = pTargetName_}
-
-
--- | The type of resource for which you are configuring logging. Must be @THING_Group@ .
-dvllTargetType :: Lens' DeleteV2LoggingLevel LogTargetType
-dvllTargetType = lens _dvllTargetType (\ s a -> s{_dvllTargetType = a})
-
--- | The name of the resource for which you are configuring logging.
-dvllTargetName :: Lens' DeleteV2LoggingLevel Text
-dvllTargetName = lens _dvllTargetName (\ s a -> s{_dvllTargetName = a})
-
-instance AWSRequest DeleteV2LoggingLevel where
-        type Rs DeleteV2LoggingLevel =
-             DeleteV2LoggingLevelResponse
-        request = delete ioT
-        response = receiveNull DeleteV2LoggingLevelResponse'
-
-instance Hashable DeleteV2LoggingLevel where
-
-instance NFData DeleteV2LoggingLevel where
-
-instance ToHeaders DeleteV2LoggingLevel where
-        toHeaders = const mempty
-
-instance ToPath DeleteV2LoggingLevel where
-        toPath = const "/v2LoggingLevel"
-
-instance ToQuery DeleteV2LoggingLevel where
-        toQuery DeleteV2LoggingLevel'{..}
-          = mconcat
-              ["targetType" =: _dvllTargetType,
-               "targetName" =: _dvllTargetName]
-
--- | /See:/ 'deleteV2LoggingLevelResponse' smart constructor.
-data DeleteV2LoggingLevelResponse =
-  DeleteV2LoggingLevelResponse'
-  deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeleteV2LoggingLevelResponse' with the minimum fields required to make a request.
---
-deleteV2LoggingLevelResponse
-    :: DeleteV2LoggingLevelResponse
-deleteV2LoggingLevelResponse = DeleteV2LoggingLevelResponse'
-
-
-instance NFData DeleteV2LoggingLevelResponse where
diff --git a/gen/Network/AWS/IoT/DeprecateThingType.hs b/gen/Network/AWS/IoT/DeprecateThingType.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DeprecateThingType.hs
+++ /dev/null
@@ -1,138 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DeprecateThingType
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Deprecates a thing type. You can not associate new things with deprecated thing type.
---
---
-module Network.AWS.IoT.DeprecateThingType
-    (
-    -- * Creating a Request
-      deprecateThingType
-    , DeprecateThingType
-    -- * Request Lenses
-    , depUndoDeprecate
-    , depThingTypeName
-
-    -- * Destructuring the Response
-    , deprecateThingTypeResponse
-    , DeprecateThingTypeResponse
-    -- * Response Lenses
-    , deprsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the DeprecateThingType operation.
---
---
---
--- /See:/ 'deprecateThingType' smart constructor.
-data DeprecateThingType = DeprecateThingType'
-  { _depUndoDeprecate :: !(Maybe Bool)
-  , _depThingTypeName :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeprecateThingType' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'depUndoDeprecate' - Whether to undeprecate a deprecated thing type. If __true__ , the thing type will not be deprecated anymore and you can associate it with things.
---
--- * 'depThingTypeName' - The name of the thing type to deprecate.
-deprecateThingType
-    :: Text -- ^ 'depThingTypeName'
-    -> DeprecateThingType
-deprecateThingType pThingTypeName_ =
-  DeprecateThingType'
-    {_depUndoDeprecate = Nothing, _depThingTypeName = pThingTypeName_}
-
-
--- | Whether to undeprecate a deprecated thing type. If __true__ , the thing type will not be deprecated anymore and you can associate it with things.
-depUndoDeprecate :: Lens' DeprecateThingType (Maybe Bool)
-depUndoDeprecate = lens _depUndoDeprecate (\ s a -> s{_depUndoDeprecate = a})
-
--- | The name of the thing type to deprecate.
-depThingTypeName :: Lens' DeprecateThingType Text
-depThingTypeName = lens _depThingTypeName (\ s a -> s{_depThingTypeName = a})
-
-instance AWSRequest DeprecateThingType where
-        type Rs DeprecateThingType =
-             DeprecateThingTypeResponse
-        request = postJSON ioT
-        response
-          = receiveEmpty
-              (\ s h x ->
-                 DeprecateThingTypeResponse' <$> (pure (fromEnum s)))
-
-instance Hashable DeprecateThingType where
-
-instance NFData DeprecateThingType where
-
-instance ToHeaders DeprecateThingType where
-        toHeaders = const mempty
-
-instance ToJSON DeprecateThingType where
-        toJSON DeprecateThingType'{..}
-          = object
-              (catMaybes
-                 [("undoDeprecate" .=) <$> _depUndoDeprecate])
-
-instance ToPath DeprecateThingType where
-        toPath DeprecateThingType'{..}
-          = mconcat
-              ["/thing-types/", toBS _depThingTypeName,
-               "/deprecate"]
-
-instance ToQuery DeprecateThingType where
-        toQuery = const mempty
-
--- | The output for the DeprecateThingType operation.
---
---
---
--- /See:/ 'deprecateThingTypeResponse' smart constructor.
-newtype DeprecateThingTypeResponse = DeprecateThingTypeResponse'
-  { _deprsResponseStatus :: Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DeprecateThingTypeResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'deprsResponseStatus' - -- | The response status code.
-deprecateThingTypeResponse
-    :: Int -- ^ 'deprsResponseStatus'
-    -> DeprecateThingTypeResponse
-deprecateThingTypeResponse pResponseStatus_ =
-  DeprecateThingTypeResponse' {_deprsResponseStatus = pResponseStatus_}
-
-
--- | -- | The response status code.
-deprsResponseStatus :: Lens' DeprecateThingTypeResponse Int
-deprsResponseStatus = lens _deprsResponseStatus (\ s a -> s{_deprsResponseStatus = a})
-
-instance NFData DeprecateThingTypeResponse where
diff --git a/gen/Network/AWS/IoT/DescribeAuthorizer.hs b/gen/Network/AWS/IoT/DescribeAuthorizer.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DescribeAuthorizer.hs
+++ /dev/null
@@ -1,126 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DescribeAuthorizer
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Describes an authorizer.
---
---
-module Network.AWS.IoT.DescribeAuthorizer
-    (
-    -- * Creating a Request
-      describeAuthorizer
-    , DescribeAuthorizer
-    -- * Request Lenses
-    , daAuthorizerName
-
-    -- * Destructuring the Response
-    , describeAuthorizerResponse
-    , DescribeAuthorizerResponse
-    -- * Response Lenses
-    , darsAuthorizerDescription
-    , darsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'describeAuthorizer' smart constructor.
-newtype DescribeAuthorizer = DescribeAuthorizer'
-  { _daAuthorizerName :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeAuthorizer' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'daAuthorizerName' - The name of the authorizer to describe.
-describeAuthorizer
-    :: Text -- ^ 'daAuthorizerName'
-    -> DescribeAuthorizer
-describeAuthorizer pAuthorizerName_ =
-  DescribeAuthorizer' {_daAuthorizerName = pAuthorizerName_}
-
-
--- | The name of the authorizer to describe.
-daAuthorizerName :: Lens' DescribeAuthorizer Text
-daAuthorizerName = lens _daAuthorizerName (\ s a -> s{_daAuthorizerName = a})
-
-instance AWSRequest DescribeAuthorizer where
-        type Rs DescribeAuthorizer =
-             DescribeAuthorizerResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 DescribeAuthorizerResponse' <$>
-                   (x .?> "authorizerDescription") <*>
-                     (pure (fromEnum s)))
-
-instance Hashable DescribeAuthorizer where
-
-instance NFData DescribeAuthorizer where
-
-instance ToHeaders DescribeAuthorizer where
-        toHeaders = const mempty
-
-instance ToPath DescribeAuthorizer where
-        toPath DescribeAuthorizer'{..}
-          = mconcat ["/authorizer/", toBS _daAuthorizerName]
-
-instance ToQuery DescribeAuthorizer where
-        toQuery = const mempty
-
--- | /See:/ 'describeAuthorizerResponse' smart constructor.
-data DescribeAuthorizerResponse = DescribeAuthorizerResponse'
-  { _darsAuthorizerDescription :: !(Maybe AuthorizerDescription)
-  , _darsResponseStatus        :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeAuthorizerResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'darsAuthorizerDescription' - The authorizer description.
---
--- * 'darsResponseStatus' - -- | The response status code.
-describeAuthorizerResponse
-    :: Int -- ^ 'darsResponseStatus'
-    -> DescribeAuthorizerResponse
-describeAuthorizerResponse pResponseStatus_ =
-  DescribeAuthorizerResponse'
-    { _darsAuthorizerDescription = Nothing
-    , _darsResponseStatus = pResponseStatus_
-    }
-
-
--- | The authorizer description.
-darsAuthorizerDescription :: Lens' DescribeAuthorizerResponse (Maybe AuthorizerDescription)
-darsAuthorizerDescription = lens _darsAuthorizerDescription (\ s a -> s{_darsAuthorizerDescription = a})
-
--- | -- | The response status code.
-darsResponseStatus :: Lens' DescribeAuthorizerResponse Int
-darsResponseStatus = lens _darsResponseStatus (\ s a -> s{_darsResponseStatus = a})
-
-instance NFData DescribeAuthorizerResponse where
diff --git a/gen/Network/AWS/IoT/DescribeCACertificate.hs b/gen/Network/AWS/IoT/DescribeCACertificate.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DescribeCACertificate.hs
+++ /dev/null
@@ -1,144 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DescribeCACertificate
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Describes a registered CA certificate.
---
---
-module Network.AWS.IoT.DescribeCACertificate
-    (
-    -- * Creating a Request
-      describeCACertificate
-    , DescribeCACertificate
-    -- * Request Lenses
-    , dCertificateId
-
-    -- * Destructuring the Response
-    , describeCACertificateResponse
-    , DescribeCACertificateResponse
-    -- * Response Lenses
-    , dcaccrsCertificateDescription
-    , dcaccrsRegistrationConfig
-    , dcaccrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the DescribeCACertificate operation.
---
---
---
--- /See:/ 'describeCACertificate' smart constructor.
-newtype DescribeCACertificate = DescribeCACertificate'
-  { _dCertificateId :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeCACertificate' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dCertificateId' - The CA certificate identifier.
-describeCACertificate
-    :: Text -- ^ 'dCertificateId'
-    -> DescribeCACertificate
-describeCACertificate pCertificateId_ =
-  DescribeCACertificate' {_dCertificateId = pCertificateId_}
-
-
--- | The CA certificate identifier.
-dCertificateId :: Lens' DescribeCACertificate Text
-dCertificateId = lens _dCertificateId (\ s a -> s{_dCertificateId = a})
-
-instance AWSRequest DescribeCACertificate where
-        type Rs DescribeCACertificate =
-             DescribeCACertificateResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 DescribeCACertificateResponse' <$>
-                   (x .?> "certificateDescription") <*>
-                     (x .?> "registrationConfig")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable DescribeCACertificate where
-
-instance NFData DescribeCACertificate where
-
-instance ToHeaders DescribeCACertificate where
-        toHeaders = const mempty
-
-instance ToPath DescribeCACertificate where
-        toPath DescribeCACertificate'{..}
-          = mconcat ["/cacertificate/", toBS _dCertificateId]
-
-instance ToQuery DescribeCACertificate where
-        toQuery = const mempty
-
--- | The output from the DescribeCACertificate operation.
---
---
---
--- /See:/ 'describeCACertificateResponse' smart constructor.
-data DescribeCACertificateResponse = DescribeCACertificateResponse'
-  { _dcaccrsCertificateDescription :: !(Maybe CACertificateDescription)
-  , _dcaccrsRegistrationConfig     :: !(Maybe RegistrationConfig)
-  , _dcaccrsResponseStatus         :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeCACertificateResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dcaccrsCertificateDescription' - The CA certificate description.
---
--- * 'dcaccrsRegistrationConfig' - Information about the registration configuration.
---
--- * 'dcaccrsResponseStatus' - -- | The response status code.
-describeCACertificateResponse
-    :: Int -- ^ 'dcaccrsResponseStatus'
-    -> DescribeCACertificateResponse
-describeCACertificateResponse pResponseStatus_ =
-  DescribeCACertificateResponse'
-    { _dcaccrsCertificateDescription = Nothing
-    , _dcaccrsRegistrationConfig = Nothing
-    , _dcaccrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The CA certificate description.
-dcaccrsCertificateDescription :: Lens' DescribeCACertificateResponse (Maybe CACertificateDescription)
-dcaccrsCertificateDescription = lens _dcaccrsCertificateDescription (\ s a -> s{_dcaccrsCertificateDescription = a})
-
--- | Information about the registration configuration.
-dcaccrsRegistrationConfig :: Lens' DescribeCACertificateResponse (Maybe RegistrationConfig)
-dcaccrsRegistrationConfig = lens _dcaccrsRegistrationConfig (\ s a -> s{_dcaccrsRegistrationConfig = a})
-
--- | -- | The response status code.
-dcaccrsResponseStatus :: Lens' DescribeCACertificateResponse Int
-dcaccrsResponseStatus = lens _dcaccrsResponseStatus (\ s a -> s{_dcaccrsResponseStatus = a})
-
-instance NFData DescribeCACertificateResponse where
diff --git a/gen/Network/AWS/IoT/DescribeCertificate.hs b/gen/Network/AWS/IoT/DescribeCertificate.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DescribeCertificate.hs
+++ /dev/null
@@ -1,134 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DescribeCertificate
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Gets information about the specified certificate.
---
---
-module Network.AWS.IoT.DescribeCertificate
-    (
-    -- * Creating a Request
-      describeCertificate
-    , DescribeCertificate
-    -- * Request Lenses
-    , desCertificateId
-
-    -- * Destructuring the Response
-    , describeCertificateResponse
-    , DescribeCertificateResponse
-    -- * Response Lenses
-    , dcrsCertificateDescription
-    , dcrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the DescribeCertificate operation.
---
---
---
--- /See:/ 'describeCertificate' smart constructor.
-newtype DescribeCertificate = DescribeCertificate'
-  { _desCertificateId :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeCertificate' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'desCertificateId' - The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.)
-describeCertificate
-    :: Text -- ^ 'desCertificateId'
-    -> DescribeCertificate
-describeCertificate pCertificateId_ =
-  DescribeCertificate' {_desCertificateId = pCertificateId_}
-
-
--- | The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.)
-desCertificateId :: Lens' DescribeCertificate Text
-desCertificateId = lens _desCertificateId (\ s a -> s{_desCertificateId = a})
-
-instance AWSRequest DescribeCertificate where
-        type Rs DescribeCertificate =
-             DescribeCertificateResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 DescribeCertificateResponse' <$>
-                   (x .?> "certificateDescription") <*>
-                     (pure (fromEnum s)))
-
-instance Hashable DescribeCertificate where
-
-instance NFData DescribeCertificate where
-
-instance ToHeaders DescribeCertificate where
-        toHeaders = const mempty
-
-instance ToPath DescribeCertificate where
-        toPath DescribeCertificate'{..}
-          = mconcat ["/certificates/", toBS _desCertificateId]
-
-instance ToQuery DescribeCertificate where
-        toQuery = const mempty
-
--- | The output of the DescribeCertificate operation.
---
---
---
--- /See:/ 'describeCertificateResponse' smart constructor.
-data DescribeCertificateResponse = DescribeCertificateResponse'
-  { _dcrsCertificateDescription :: !(Maybe CertificateDescription)
-  , _dcrsResponseStatus         :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeCertificateResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dcrsCertificateDescription' - The description of the certificate.
---
--- * 'dcrsResponseStatus' - -- | The response status code.
-describeCertificateResponse
-    :: Int -- ^ 'dcrsResponseStatus'
-    -> DescribeCertificateResponse
-describeCertificateResponse pResponseStatus_ =
-  DescribeCertificateResponse'
-    { _dcrsCertificateDescription = Nothing
-    , _dcrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The description of the certificate.
-dcrsCertificateDescription :: Lens' DescribeCertificateResponse (Maybe CertificateDescription)
-dcrsCertificateDescription = lens _dcrsCertificateDescription (\ s a -> s{_dcrsCertificateDescription = a})
-
--- | -- | The response status code.
-dcrsResponseStatus :: Lens' DescribeCertificateResponse Int
-dcrsResponseStatus = lens _dcrsResponseStatus (\ s a -> s{_dcrsResponseStatus = a})
-
-instance NFData DescribeCertificateResponse where
diff --git a/gen/Network/AWS/IoT/DescribeDefaultAuthorizer.hs b/gen/Network/AWS/IoT/DescribeDefaultAuthorizer.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DescribeDefaultAuthorizer.hs
+++ /dev/null
@@ -1,115 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DescribeDefaultAuthorizer
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Describes the default authorizer.
---
---
-module Network.AWS.IoT.DescribeDefaultAuthorizer
-    (
-    -- * Creating a Request
-      describeDefaultAuthorizer
-    , DescribeDefaultAuthorizer
-
-    -- * Destructuring the Response
-    , describeDefaultAuthorizerResponse
-    , DescribeDefaultAuthorizerResponse
-    -- * Response Lenses
-    , ddarsAuthorizerDescription
-    , ddarsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'describeDefaultAuthorizer' smart constructor.
-data DescribeDefaultAuthorizer =
-  DescribeDefaultAuthorizer'
-  deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeDefaultAuthorizer' with the minimum fields required to make a request.
---
-describeDefaultAuthorizer
-    :: DescribeDefaultAuthorizer
-describeDefaultAuthorizer = DescribeDefaultAuthorizer'
-
-
-instance AWSRequest DescribeDefaultAuthorizer where
-        type Rs DescribeDefaultAuthorizer =
-             DescribeDefaultAuthorizerResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 DescribeDefaultAuthorizerResponse' <$>
-                   (x .?> "authorizerDescription") <*>
-                     (pure (fromEnum s)))
-
-instance Hashable DescribeDefaultAuthorizer where
-
-instance NFData DescribeDefaultAuthorizer where
-
-instance ToHeaders DescribeDefaultAuthorizer where
-        toHeaders = const mempty
-
-instance ToPath DescribeDefaultAuthorizer where
-        toPath = const "/default-authorizer"
-
-instance ToQuery DescribeDefaultAuthorizer where
-        toQuery = const mempty
-
--- | /See:/ 'describeDefaultAuthorizerResponse' smart constructor.
-data DescribeDefaultAuthorizerResponse = DescribeDefaultAuthorizerResponse'
-  { _ddarsAuthorizerDescription :: !(Maybe AuthorizerDescription)
-  , _ddarsResponseStatus        :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeDefaultAuthorizerResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ddarsAuthorizerDescription' - The default authorizer's description.
---
--- * 'ddarsResponseStatus' - -- | The response status code.
-describeDefaultAuthorizerResponse
-    :: Int -- ^ 'ddarsResponseStatus'
-    -> DescribeDefaultAuthorizerResponse
-describeDefaultAuthorizerResponse pResponseStatus_ =
-  DescribeDefaultAuthorizerResponse'
-    { _ddarsAuthorizerDescription = Nothing
-    , _ddarsResponseStatus = pResponseStatus_
-    }
-
-
--- | The default authorizer's description.
-ddarsAuthorizerDescription :: Lens' DescribeDefaultAuthorizerResponse (Maybe AuthorizerDescription)
-ddarsAuthorizerDescription = lens _ddarsAuthorizerDescription (\ s a -> s{_ddarsAuthorizerDescription = a})
-
--- | -- | The response status code.
-ddarsResponseStatus :: Lens' DescribeDefaultAuthorizerResponse Int
-ddarsResponseStatus = lens _ddarsResponseStatus (\ s a -> s{_ddarsResponseStatus = a})
-
-instance NFData DescribeDefaultAuthorizerResponse
-         where
diff --git a/gen/Network/AWS/IoT/DescribeEndpoint.hs b/gen/Network/AWS/IoT/DescribeEndpoint.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DescribeEndpoint.hs
+++ /dev/null
@@ -1,128 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DescribeEndpoint
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Returns a unique endpoint specific to the AWS account making the call.
---
---
-module Network.AWS.IoT.DescribeEndpoint
-    (
-    -- * Creating a Request
-      describeEndpoint
-    , DescribeEndpoint
-    -- * Request Lenses
-    , deEndpointType
-
-    -- * Destructuring the Response
-    , describeEndpointResponse
-    , DescribeEndpointResponse
-    -- * Response Lenses
-    , dersEndpointAddress
-    , dersResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the DescribeEndpoint operation.
---
---
---
--- /See:/ 'describeEndpoint' smart constructor.
-newtype DescribeEndpoint = DescribeEndpoint'
-  { _deEndpointType :: Maybe Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeEndpoint' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'deEndpointType' - The endpoint type.
-describeEndpoint
-    :: DescribeEndpoint
-describeEndpoint = DescribeEndpoint' {_deEndpointType = Nothing}
-
-
--- | The endpoint type.
-deEndpointType :: Lens' DescribeEndpoint (Maybe Text)
-deEndpointType = lens _deEndpointType (\ s a -> s{_deEndpointType = a})
-
-instance AWSRequest DescribeEndpoint where
-        type Rs DescribeEndpoint = DescribeEndpointResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 DescribeEndpointResponse' <$>
-                   (x .?> "endpointAddress") <*> (pure (fromEnum s)))
-
-instance Hashable DescribeEndpoint where
-
-instance NFData DescribeEndpoint where
-
-instance ToHeaders DescribeEndpoint where
-        toHeaders = const mempty
-
-instance ToPath DescribeEndpoint where
-        toPath = const "/endpoint"
-
-instance ToQuery DescribeEndpoint where
-        toQuery DescribeEndpoint'{..}
-          = mconcat ["endpointType" =: _deEndpointType]
-
--- | The output from the DescribeEndpoint operation.
---
---
---
--- /See:/ 'describeEndpointResponse' smart constructor.
-data DescribeEndpointResponse = DescribeEndpointResponse'
-  { _dersEndpointAddress :: !(Maybe Text)
-  , _dersResponseStatus  :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeEndpointResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dersEndpointAddress' - The endpoint. The format of the endpoint is as follows: /identifier/ .iot./region/ .amazonaws.com.
---
--- * 'dersResponseStatus' - -- | The response status code.
-describeEndpointResponse
-    :: Int -- ^ 'dersResponseStatus'
-    -> DescribeEndpointResponse
-describeEndpointResponse pResponseStatus_ =
-  DescribeEndpointResponse'
-    {_dersEndpointAddress = Nothing, _dersResponseStatus = pResponseStatus_}
-
-
--- | The endpoint. The format of the endpoint is as follows: /identifier/ .iot./region/ .amazonaws.com.
-dersEndpointAddress :: Lens' DescribeEndpointResponse (Maybe Text)
-dersEndpointAddress = lens _dersEndpointAddress (\ s a -> s{_dersEndpointAddress = a})
-
--- | -- | The response status code.
-dersResponseStatus :: Lens' DescribeEndpointResponse Int
-dersResponseStatus = lens _dersResponseStatus (\ s a -> s{_dersResponseStatus = a})
-
-instance NFData DescribeEndpointResponse where
diff --git a/gen/Network/AWS/IoT/DescribeEventConfigurations.hs b/gen/Network/AWS/IoT/DescribeEventConfigurations.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DescribeEventConfigurations.hs
+++ /dev/null
@@ -1,135 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DescribeEventConfigurations
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Describes event configurations.
---
---
-module Network.AWS.IoT.DescribeEventConfigurations
-    (
-    -- * Creating a Request
-      describeEventConfigurations
-    , DescribeEventConfigurations
-
-    -- * Destructuring the Response
-    , describeEventConfigurationsResponse
-    , DescribeEventConfigurationsResponse
-    -- * Response Lenses
-    , decrsLastModifiedDate
-    , decrsEventConfigurations
-    , decrsCreationDate
-    , decrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'describeEventConfigurations' smart constructor.
-data DescribeEventConfigurations =
-  DescribeEventConfigurations'
-  deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeEventConfigurations' with the minimum fields required to make a request.
---
-describeEventConfigurations
-    :: DescribeEventConfigurations
-describeEventConfigurations = DescribeEventConfigurations'
-
-
-instance AWSRequest DescribeEventConfigurations where
-        type Rs DescribeEventConfigurations =
-             DescribeEventConfigurationsResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 DescribeEventConfigurationsResponse' <$>
-                   (x .?> "lastModifiedDate") <*>
-                     (x .?> "eventConfigurations" .!@ mempty)
-                     <*> (x .?> "creationDate")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable DescribeEventConfigurations where
-
-instance NFData DescribeEventConfigurations where
-
-instance ToHeaders DescribeEventConfigurations where
-        toHeaders = const mempty
-
-instance ToPath DescribeEventConfigurations where
-        toPath = const "/event-configurations"
-
-instance ToQuery DescribeEventConfigurations where
-        toQuery = const mempty
-
--- | /See:/ 'describeEventConfigurationsResponse' smart constructor.
-data DescribeEventConfigurationsResponse = DescribeEventConfigurationsResponse'
-  { _decrsLastModifiedDate    :: !(Maybe POSIX)
-  , _decrsEventConfigurations :: !(Maybe (Map EventType Configuration))
-  , _decrsCreationDate        :: !(Maybe POSIX)
-  , _decrsResponseStatus      :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeEventConfigurationsResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'decrsLastModifiedDate' - The date the event configurations were last modified.
---
--- * 'decrsEventConfigurations' - The event configurations.
---
--- * 'decrsCreationDate' - The creation date of the event configuration.
---
--- * 'decrsResponseStatus' - -- | The response status code.
-describeEventConfigurationsResponse
-    :: Int -- ^ 'decrsResponseStatus'
-    -> DescribeEventConfigurationsResponse
-describeEventConfigurationsResponse pResponseStatus_ =
-  DescribeEventConfigurationsResponse'
-    { _decrsLastModifiedDate = Nothing
-    , _decrsEventConfigurations = Nothing
-    , _decrsCreationDate = Nothing
-    , _decrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The date the event configurations were last modified.
-decrsLastModifiedDate :: Lens' DescribeEventConfigurationsResponse (Maybe UTCTime)
-decrsLastModifiedDate = lens _decrsLastModifiedDate (\ s a -> s{_decrsLastModifiedDate = a}) . mapping _Time
-
--- | The event configurations.
-decrsEventConfigurations :: Lens' DescribeEventConfigurationsResponse (HashMap EventType Configuration)
-decrsEventConfigurations = lens _decrsEventConfigurations (\ s a -> s{_decrsEventConfigurations = a}) . _Default . _Map
-
--- | The creation date of the event configuration.
-decrsCreationDate :: Lens' DescribeEventConfigurationsResponse (Maybe UTCTime)
-decrsCreationDate = lens _decrsCreationDate (\ s a -> s{_decrsCreationDate = a}) . mapping _Time
-
--- | -- | The response status code.
-decrsResponseStatus :: Lens' DescribeEventConfigurationsResponse Int
-decrsResponseStatus = lens _decrsResponseStatus (\ s a -> s{_decrsResponseStatus = a})
-
-instance NFData DescribeEventConfigurationsResponse
-         where
diff --git a/gen/Network/AWS/IoT/DescribeIndex.hs b/gen/Network/AWS/IoT/DescribeIndex.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DescribeIndex.hs
+++ /dev/null
@@ -1,143 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DescribeIndex
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Describes a search index.
---
---
-module Network.AWS.IoT.DescribeIndex
-    (
-    -- * Creating a Request
-      describeIndex
-    , DescribeIndex
-    -- * Request Lenses
-    , diIndexName
-
-    -- * Destructuring the Response
-    , describeIndexResponse
-    , DescribeIndexResponse
-    -- * Response Lenses
-    , dirsIndexStatus
-    , dirsSchema
-    , dirsIndexName
-    , dirsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'describeIndex' smart constructor.
-newtype DescribeIndex = DescribeIndex'
-  { _diIndexName :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeIndex' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'diIndexName' - The index name.
-describeIndex
-    :: Text -- ^ 'diIndexName'
-    -> DescribeIndex
-describeIndex pIndexName_ = DescribeIndex' {_diIndexName = pIndexName_}
-
-
--- | The index name.
-diIndexName :: Lens' DescribeIndex Text
-diIndexName = lens _diIndexName (\ s a -> s{_diIndexName = a})
-
-instance AWSRequest DescribeIndex where
-        type Rs DescribeIndex = DescribeIndexResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 DescribeIndexResponse' <$>
-                   (x .?> "indexStatus") <*> (x .?> "schema") <*>
-                     (x .?> "indexName")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable DescribeIndex where
-
-instance NFData DescribeIndex where
-
-instance ToHeaders DescribeIndex where
-        toHeaders = const mempty
-
-instance ToPath DescribeIndex where
-        toPath DescribeIndex'{..}
-          = mconcat ["/indices/", toBS _diIndexName]
-
-instance ToQuery DescribeIndex where
-        toQuery = const mempty
-
--- | /See:/ 'describeIndexResponse' smart constructor.
-data DescribeIndexResponse = DescribeIndexResponse'
-  { _dirsIndexStatus    :: !(Maybe IndexStatus)
-  , _dirsSchema         :: !(Maybe Text)
-  , _dirsIndexName      :: !(Maybe Text)
-  , _dirsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeIndexResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dirsIndexStatus' - The index status.
---
--- * 'dirsSchema' - Contains a value that specifies the type of indexing performed. Valid values are:     * REGISTRY – Your thing index will contain only registry data.     * REGISTRY_AND_SHADOW - Your thing index will contain registry and shadow data.
---
--- * 'dirsIndexName' - The index name.
---
--- * 'dirsResponseStatus' - -- | The response status code.
-describeIndexResponse
-    :: Int -- ^ 'dirsResponseStatus'
-    -> DescribeIndexResponse
-describeIndexResponse pResponseStatus_ =
-  DescribeIndexResponse'
-    { _dirsIndexStatus = Nothing
-    , _dirsSchema = Nothing
-    , _dirsIndexName = Nothing
-    , _dirsResponseStatus = pResponseStatus_
-    }
-
-
--- | The index status.
-dirsIndexStatus :: Lens' DescribeIndexResponse (Maybe IndexStatus)
-dirsIndexStatus = lens _dirsIndexStatus (\ s a -> s{_dirsIndexStatus = a})
-
--- | Contains a value that specifies the type of indexing performed. Valid values are:     * REGISTRY – Your thing index will contain only registry data.     * REGISTRY_AND_SHADOW - Your thing index will contain registry and shadow data.
-dirsSchema :: Lens' DescribeIndexResponse (Maybe Text)
-dirsSchema = lens _dirsSchema (\ s a -> s{_dirsSchema = a})
-
--- | The index name.
-dirsIndexName :: Lens' DescribeIndexResponse (Maybe Text)
-dirsIndexName = lens _dirsIndexName (\ s a -> s{_dirsIndexName = a})
-
--- | -- | The response status code.
-dirsResponseStatus :: Lens' DescribeIndexResponse Int
-dirsResponseStatus = lens _dirsResponseStatus (\ s a -> s{_dirsResponseStatus = a})
-
-instance NFData DescribeIndexResponse where
diff --git a/gen/Network/AWS/IoT/DescribeJob.hs b/gen/Network/AWS/IoT/DescribeJob.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DescribeJob.hs
+++ /dev/null
@@ -1,133 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DescribeJob
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Describes a job.
---
---
-module Network.AWS.IoT.DescribeJob
-    (
-    -- * Creating a Request
-      describeJob
-    , DescribeJob
-    -- * Request Lenses
-    , djJobId
-
-    -- * Destructuring the Response
-    , describeJobResponse
-    , DescribeJobResponse
-    -- * Response Lenses
-    , djrsDocumentSource
-    , djrsJob
-    , djrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'describeJob' smart constructor.
-newtype DescribeJob = DescribeJob'
-  { _djJobId :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeJob' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'djJobId' - The unique identifier you assigned to this job when it was created.
-describeJob
-    :: Text -- ^ 'djJobId'
-    -> DescribeJob
-describeJob pJobId_ = DescribeJob' {_djJobId = pJobId_}
-
-
--- | The unique identifier you assigned to this job when it was created.
-djJobId :: Lens' DescribeJob Text
-djJobId = lens _djJobId (\ s a -> s{_djJobId = a})
-
-instance AWSRequest DescribeJob where
-        type Rs DescribeJob = DescribeJobResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 DescribeJobResponse' <$>
-                   (x .?> "documentSource") <*> (x .?> "job") <*>
-                     (pure (fromEnum s)))
-
-instance Hashable DescribeJob where
-
-instance NFData DescribeJob where
-
-instance ToHeaders DescribeJob where
-        toHeaders = const mempty
-
-instance ToPath DescribeJob where
-        toPath DescribeJob'{..}
-          = mconcat ["/jobs/", toBS _djJobId]
-
-instance ToQuery DescribeJob where
-        toQuery = const mempty
-
--- | /See:/ 'describeJobResponse' smart constructor.
-data DescribeJobResponse = DescribeJobResponse'
-  { _djrsDocumentSource :: !(Maybe Text)
-  , _djrsJob            :: !(Maybe Job)
-  , _djrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeJobResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'djrsDocumentSource' - An S3 link to the job document.
---
--- * 'djrsJob' - Information about the job.
---
--- * 'djrsResponseStatus' - -- | The response status code.
-describeJobResponse
-    :: Int -- ^ 'djrsResponseStatus'
-    -> DescribeJobResponse
-describeJobResponse pResponseStatus_ =
-  DescribeJobResponse'
-    { _djrsDocumentSource = Nothing
-    , _djrsJob = Nothing
-    , _djrsResponseStatus = pResponseStatus_
-    }
-
-
--- | An S3 link to the job document.
-djrsDocumentSource :: Lens' DescribeJobResponse (Maybe Text)
-djrsDocumentSource = lens _djrsDocumentSource (\ s a -> s{_djrsDocumentSource = a})
-
--- | Information about the job.
-djrsJob :: Lens' DescribeJobResponse (Maybe Job)
-djrsJob = lens _djrsJob (\ s a -> s{_djrsJob = a})
-
--- | -- | The response status code.
-djrsResponseStatus :: Lens' DescribeJobResponse Int
-djrsResponseStatus = lens _djrsResponseStatus (\ s a -> s{_djrsResponseStatus = a})
-
-instance NFData DescribeJobResponse where
diff --git a/gen/Network/AWS/IoT/DescribeJobExecution.hs b/gen/Network/AWS/IoT/DescribeJobExecution.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DescribeJobExecution.hs
+++ /dev/null
@@ -1,147 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DescribeJobExecution
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Describes a job execution.
---
---
-module Network.AWS.IoT.DescribeJobExecution
-    (
-    -- * Creating a Request
-      describeJobExecution
-    , DescribeJobExecution
-    -- * Request Lenses
-    , djeExecutionNumber
-    , djeJobId
-    , djeThingName
-
-    -- * Destructuring the Response
-    , describeJobExecutionResponse
-    , DescribeJobExecutionResponse
-    -- * Response Lenses
-    , djersExecution
-    , djersResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'describeJobExecution' smart constructor.
-data DescribeJobExecution = DescribeJobExecution'
-  { _djeExecutionNumber :: !(Maybe Integer)
-  , _djeJobId           :: !Text
-  , _djeThingName       :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeJobExecution' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'djeExecutionNumber' - A string (consisting of the digits "0" through "9" which is used to specify a particular job execution on a particular device.
---
--- * 'djeJobId' - The unique identifier you assigned to this job when it was created.
---
--- * 'djeThingName' - The name of the thing on which the job execution is running.
-describeJobExecution
-    :: Text -- ^ 'djeJobId'
-    -> Text -- ^ 'djeThingName'
-    -> DescribeJobExecution
-describeJobExecution pJobId_ pThingName_ =
-  DescribeJobExecution'
-    { _djeExecutionNumber = Nothing
-    , _djeJobId = pJobId_
-    , _djeThingName = pThingName_
-    }
-
-
--- | A string (consisting of the digits "0" through "9" which is used to specify a particular job execution on a particular device.
-djeExecutionNumber :: Lens' DescribeJobExecution (Maybe Integer)
-djeExecutionNumber = lens _djeExecutionNumber (\ s a -> s{_djeExecutionNumber = a})
-
--- | The unique identifier you assigned to this job when it was created.
-djeJobId :: Lens' DescribeJobExecution Text
-djeJobId = lens _djeJobId (\ s a -> s{_djeJobId = a})
-
--- | The name of the thing on which the job execution is running.
-djeThingName :: Lens' DescribeJobExecution Text
-djeThingName = lens _djeThingName (\ s a -> s{_djeThingName = a})
-
-instance AWSRequest DescribeJobExecution where
-        type Rs DescribeJobExecution =
-             DescribeJobExecutionResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 DescribeJobExecutionResponse' <$>
-                   (x .?> "execution") <*> (pure (fromEnum s)))
-
-instance Hashable DescribeJobExecution where
-
-instance NFData DescribeJobExecution where
-
-instance ToHeaders DescribeJobExecution where
-        toHeaders = const mempty
-
-instance ToPath DescribeJobExecution where
-        toPath DescribeJobExecution'{..}
-          = mconcat
-              ["/things/", toBS _djeThingName, "/jobs/",
-               toBS _djeJobId]
-
-instance ToQuery DescribeJobExecution where
-        toQuery DescribeJobExecution'{..}
-          = mconcat ["executionNumber" =: _djeExecutionNumber]
-
--- | /See:/ 'describeJobExecutionResponse' smart constructor.
-data DescribeJobExecutionResponse = DescribeJobExecutionResponse'
-  { _djersExecution      :: !(Maybe JobExecution)
-  , _djersResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeJobExecutionResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'djersExecution' - Information about the job execution.
---
--- * 'djersResponseStatus' - -- | The response status code.
-describeJobExecutionResponse
-    :: Int -- ^ 'djersResponseStatus'
-    -> DescribeJobExecutionResponse
-describeJobExecutionResponse pResponseStatus_ =
-  DescribeJobExecutionResponse'
-    {_djersExecution = Nothing, _djersResponseStatus = pResponseStatus_}
-
-
--- | Information about the job execution.
-djersExecution :: Lens' DescribeJobExecutionResponse (Maybe JobExecution)
-djersExecution = lens _djersExecution (\ s a -> s{_djersExecution = a})
-
--- | -- | The response status code.
-djersResponseStatus :: Lens' DescribeJobExecutionResponse Int
-djersResponseStatus = lens _djersResponseStatus (\ s a -> s{_djersResponseStatus = a})
-
-instance NFData DescribeJobExecutionResponse where
diff --git a/gen/Network/AWS/IoT/DescribeRoleAlias.hs b/gen/Network/AWS/IoT/DescribeRoleAlias.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DescribeRoleAlias.hs
+++ /dev/null
@@ -1,124 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DescribeRoleAlias
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Describes a role alias.
---
---
-module Network.AWS.IoT.DescribeRoleAlias
-    (
-    -- * Creating a Request
-      describeRoleAlias
-    , DescribeRoleAlias
-    -- * Request Lenses
-    , draRoleAlias
-
-    -- * Destructuring the Response
-    , describeRoleAliasResponse
-    , DescribeRoleAliasResponse
-    -- * Response Lenses
-    , drarsRoleAliasDescription
-    , drarsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'describeRoleAlias' smart constructor.
-newtype DescribeRoleAlias = DescribeRoleAlias'
-  { _draRoleAlias :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeRoleAlias' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'draRoleAlias' - The role alias to describe.
-describeRoleAlias
-    :: Text -- ^ 'draRoleAlias'
-    -> DescribeRoleAlias
-describeRoleAlias pRoleAlias_ = DescribeRoleAlias' {_draRoleAlias = pRoleAlias_}
-
-
--- | The role alias to describe.
-draRoleAlias :: Lens' DescribeRoleAlias Text
-draRoleAlias = lens _draRoleAlias (\ s a -> s{_draRoleAlias = a})
-
-instance AWSRequest DescribeRoleAlias where
-        type Rs DescribeRoleAlias = DescribeRoleAliasResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 DescribeRoleAliasResponse' <$>
-                   (x .?> "roleAliasDescription") <*>
-                     (pure (fromEnum s)))
-
-instance Hashable DescribeRoleAlias where
-
-instance NFData DescribeRoleAlias where
-
-instance ToHeaders DescribeRoleAlias where
-        toHeaders = const mempty
-
-instance ToPath DescribeRoleAlias where
-        toPath DescribeRoleAlias'{..}
-          = mconcat ["/role-aliases/", toBS _draRoleAlias]
-
-instance ToQuery DescribeRoleAlias where
-        toQuery = const mempty
-
--- | /See:/ 'describeRoleAliasResponse' smart constructor.
-data DescribeRoleAliasResponse = DescribeRoleAliasResponse'
-  { _drarsRoleAliasDescription :: !(Maybe RoleAliasDescription)
-  , _drarsResponseStatus       :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeRoleAliasResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'drarsRoleAliasDescription' - The role alias description.
---
--- * 'drarsResponseStatus' - -- | The response status code.
-describeRoleAliasResponse
-    :: Int -- ^ 'drarsResponseStatus'
-    -> DescribeRoleAliasResponse
-describeRoleAliasResponse pResponseStatus_ =
-  DescribeRoleAliasResponse'
-    { _drarsRoleAliasDescription = Nothing
-    , _drarsResponseStatus = pResponseStatus_
-    }
-
-
--- | The role alias description.
-drarsRoleAliasDescription :: Lens' DescribeRoleAliasResponse (Maybe RoleAliasDescription)
-drarsRoleAliasDescription = lens _drarsRoleAliasDescription (\ s a -> s{_drarsRoleAliasDescription = a})
-
--- | -- | The response status code.
-drarsResponseStatus :: Lens' DescribeRoleAliasResponse Int
-drarsResponseStatus = lens _drarsResponseStatus (\ s a -> s{_drarsResponseStatus = a})
-
-instance NFData DescribeRoleAliasResponse where
diff --git a/gen/Network/AWS/IoT/DescribeStream.hs b/gen/Network/AWS/IoT/DescribeStream.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DescribeStream.hs
+++ /dev/null
@@ -1,121 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DescribeStream
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Gets information about a stream.
---
---
-module Network.AWS.IoT.DescribeStream
-    (
-    -- * Creating a Request
-      describeStream
-    , DescribeStream
-    -- * Request Lenses
-    , dStreamId
-
-    -- * Destructuring the Response
-    , describeStreamResponse
-    , DescribeStreamResponse
-    -- * Response Lenses
-    , dssrsStreamInfo
-    , dssrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'describeStream' smart constructor.
-newtype DescribeStream = DescribeStream'
-  { _dStreamId :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeStream' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dStreamId' - The stream ID.
-describeStream
-    :: Text -- ^ 'dStreamId'
-    -> DescribeStream
-describeStream pStreamId_ = DescribeStream' {_dStreamId = pStreamId_}
-
-
--- | The stream ID.
-dStreamId :: Lens' DescribeStream Text
-dStreamId = lens _dStreamId (\ s a -> s{_dStreamId = a})
-
-instance AWSRequest DescribeStream where
-        type Rs DescribeStream = DescribeStreamResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 DescribeStreamResponse' <$>
-                   (x .?> "streamInfo") <*> (pure (fromEnum s)))
-
-instance Hashable DescribeStream where
-
-instance NFData DescribeStream where
-
-instance ToHeaders DescribeStream where
-        toHeaders = const mempty
-
-instance ToPath DescribeStream where
-        toPath DescribeStream'{..}
-          = mconcat ["/streams/", toBS _dStreamId]
-
-instance ToQuery DescribeStream where
-        toQuery = const mempty
-
--- | /See:/ 'describeStreamResponse' smart constructor.
-data DescribeStreamResponse = DescribeStreamResponse'
-  { _dssrsStreamInfo     :: !(Maybe StreamInfo)
-  , _dssrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeStreamResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dssrsStreamInfo' - Information about the stream.
---
--- * 'dssrsResponseStatus' - -- | The response status code.
-describeStreamResponse
-    :: Int -- ^ 'dssrsResponseStatus'
-    -> DescribeStreamResponse
-describeStreamResponse pResponseStatus_ =
-  DescribeStreamResponse'
-    {_dssrsStreamInfo = Nothing, _dssrsResponseStatus = pResponseStatus_}
-
-
--- | Information about the stream.
-dssrsStreamInfo :: Lens' DescribeStreamResponse (Maybe StreamInfo)
-dssrsStreamInfo = lens _dssrsStreamInfo (\ s a -> s{_dssrsStreamInfo = a})
-
--- | -- | The response status code.
-dssrsResponseStatus :: Lens' DescribeStreamResponse Int
-dssrsResponseStatus = lens _dssrsResponseStatus (\ s a -> s{_dssrsResponseStatus = a})
-
-instance NFData DescribeStreamResponse where
diff --git a/gen/Network/AWS/IoT/DescribeThing.hs b/gen/Network/AWS/IoT/DescribeThing.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DescribeThing.hs
+++ /dev/null
@@ -1,191 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DescribeThing
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Gets information about the specified thing.
---
---
-module Network.AWS.IoT.DescribeThing
-    (
-    -- * Creating a Request
-      describeThing
-    , DescribeThing
-    -- * Request Lenses
-    , dThingName
-
-    -- * Destructuring the Response
-    , describeThingResponse
-    , DescribeThingResponse
-    -- * Response Lenses
-    , dtrsDefaultClientId
-    , dtrsThingTypeName
-    , dtrsThingARN
-    , dtrsAttributes
-    , dtrsVersion
-    , dtrsThingName
-    , dtrsThingId
-    , dtrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the DescribeThing operation.
---
---
---
--- /See:/ 'describeThing' smart constructor.
-newtype DescribeThing = DescribeThing'
-  { _dThingName :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeThing' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dThingName' - The name of the thing.
-describeThing
-    :: Text -- ^ 'dThingName'
-    -> DescribeThing
-describeThing pThingName_ = DescribeThing' {_dThingName = pThingName_}
-
-
--- | The name of the thing.
-dThingName :: Lens' DescribeThing Text
-dThingName = lens _dThingName (\ s a -> s{_dThingName = a})
-
-instance AWSRequest DescribeThing where
-        type Rs DescribeThing = DescribeThingResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 DescribeThingResponse' <$>
-                   (x .?> "defaultClientId") <*> (x .?> "thingTypeName")
-                     <*> (x .?> "thingArn")
-                     <*> (x .?> "attributes" .!@ mempty)
-                     <*> (x .?> "version")
-                     <*> (x .?> "thingName")
-                     <*> (x .?> "thingId")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable DescribeThing where
-
-instance NFData DescribeThing where
-
-instance ToHeaders DescribeThing where
-        toHeaders = const mempty
-
-instance ToPath DescribeThing where
-        toPath DescribeThing'{..}
-          = mconcat ["/things/", toBS _dThingName]
-
-instance ToQuery DescribeThing where
-        toQuery = const mempty
-
--- | The output from the DescribeThing operation.
---
---
---
--- /See:/ 'describeThingResponse' smart constructor.
-data DescribeThingResponse = DescribeThingResponse'
-  { _dtrsDefaultClientId :: !(Maybe Text)
-  , _dtrsThingTypeName   :: !(Maybe Text)
-  , _dtrsThingARN        :: !(Maybe Text)
-  , _dtrsAttributes      :: !(Maybe (Map Text Text))
-  , _dtrsVersion         :: !(Maybe Integer)
-  , _dtrsThingName       :: !(Maybe Text)
-  , _dtrsThingId         :: !(Maybe Text)
-  , _dtrsResponseStatus  :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeThingResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dtrsDefaultClientId' - The default client ID.
---
--- * 'dtrsThingTypeName' - The thing type name.
---
--- * 'dtrsThingARN' - The ARN of the thing to describe.
---
--- * 'dtrsAttributes' - The thing attributes.
---
--- * 'dtrsVersion' - The current version of the thing record in the registry.
---
--- * 'dtrsThingName' - The name of the thing.
---
--- * 'dtrsThingId' - The ID of the thing to describe.
---
--- * 'dtrsResponseStatus' - -- | The response status code.
-describeThingResponse
-    :: Int -- ^ 'dtrsResponseStatus'
-    -> DescribeThingResponse
-describeThingResponse pResponseStatus_ =
-  DescribeThingResponse'
-    { _dtrsDefaultClientId = Nothing
-    , _dtrsThingTypeName = Nothing
-    , _dtrsThingARN = Nothing
-    , _dtrsAttributes = Nothing
-    , _dtrsVersion = Nothing
-    , _dtrsThingName = Nothing
-    , _dtrsThingId = Nothing
-    , _dtrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The default client ID.
-dtrsDefaultClientId :: Lens' DescribeThingResponse (Maybe Text)
-dtrsDefaultClientId = lens _dtrsDefaultClientId (\ s a -> s{_dtrsDefaultClientId = a})
-
--- | The thing type name.
-dtrsThingTypeName :: Lens' DescribeThingResponse (Maybe Text)
-dtrsThingTypeName = lens _dtrsThingTypeName (\ s a -> s{_dtrsThingTypeName = a})
-
--- | The ARN of the thing to describe.
-dtrsThingARN :: Lens' DescribeThingResponse (Maybe Text)
-dtrsThingARN = lens _dtrsThingARN (\ s a -> s{_dtrsThingARN = a})
-
--- | The thing attributes.
-dtrsAttributes :: Lens' DescribeThingResponse (HashMap Text Text)
-dtrsAttributes = lens _dtrsAttributes (\ s a -> s{_dtrsAttributes = a}) . _Default . _Map
-
--- | The current version of the thing record in the registry.
-dtrsVersion :: Lens' DescribeThingResponse (Maybe Integer)
-dtrsVersion = lens _dtrsVersion (\ s a -> s{_dtrsVersion = a})
-
--- | The name of the thing.
-dtrsThingName :: Lens' DescribeThingResponse (Maybe Text)
-dtrsThingName = lens _dtrsThingName (\ s a -> s{_dtrsThingName = a})
-
--- | The ID of the thing to describe.
-dtrsThingId :: Lens' DescribeThingResponse (Maybe Text)
-dtrsThingId = lens _dtrsThingId (\ s a -> s{_dtrsThingId = a})
-
--- | -- | The response status code.
-dtrsResponseStatus :: Lens' DescribeThingResponse Int
-dtrsResponseStatus = lens _dtrsResponseStatus (\ s a -> s{_dtrsResponseStatus = a})
-
-instance NFData DescribeThingResponse where
diff --git a/gen/Network/AWS/IoT/DescribeThingGroup.hs b/gen/Network/AWS/IoT/DescribeThingGroup.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DescribeThingGroup.hs
+++ /dev/null
@@ -1,175 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DescribeThingGroup
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Describe a thing group.
---
---
-module Network.AWS.IoT.DescribeThingGroup
-    (
-    -- * Creating a Request
-      describeThingGroup
-    , DescribeThingGroup
-    -- * Request Lenses
-    , dtgThingGroupName
-
-    -- * Destructuring the Response
-    , describeThingGroupResponse
-    , DescribeThingGroupResponse
-    -- * Response Lenses
-    , dtgrsThingGroupARN
-    , dtgrsThingGroupId
-    , dtgrsThingGroupMetadata
-    , dtgrsThingGroupName
-    , dtgrsVersion
-    , dtgrsThingGroupProperties
-    , dtgrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'describeThingGroup' smart constructor.
-newtype DescribeThingGroup = DescribeThingGroup'
-  { _dtgThingGroupName :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeThingGroup' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dtgThingGroupName' - The name of the thing group.
-describeThingGroup
-    :: Text -- ^ 'dtgThingGroupName'
-    -> DescribeThingGroup
-describeThingGroup pThingGroupName_ =
-  DescribeThingGroup' {_dtgThingGroupName = pThingGroupName_}
-
-
--- | The name of the thing group.
-dtgThingGroupName :: Lens' DescribeThingGroup Text
-dtgThingGroupName = lens _dtgThingGroupName (\ s a -> s{_dtgThingGroupName = a})
-
-instance AWSRequest DescribeThingGroup where
-        type Rs DescribeThingGroup =
-             DescribeThingGroupResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 DescribeThingGroupResponse' <$>
-                   (x .?> "thingGroupArn") <*> (x .?> "thingGroupId")
-                     <*> (x .?> "thingGroupMetadata")
-                     <*> (x .?> "thingGroupName")
-                     <*> (x .?> "version")
-                     <*> (x .?> "thingGroupProperties")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable DescribeThingGroup where
-
-instance NFData DescribeThingGroup where
-
-instance ToHeaders DescribeThingGroup where
-        toHeaders = const mempty
-
-instance ToPath DescribeThingGroup where
-        toPath DescribeThingGroup'{..}
-          = mconcat ["/thing-groups/", toBS _dtgThingGroupName]
-
-instance ToQuery DescribeThingGroup where
-        toQuery = const mempty
-
--- | /See:/ 'describeThingGroupResponse' smart constructor.
-data DescribeThingGroupResponse = DescribeThingGroupResponse'
-  { _dtgrsThingGroupARN        :: !(Maybe Text)
-  , _dtgrsThingGroupId         :: !(Maybe Text)
-  , _dtgrsThingGroupMetadata   :: !(Maybe ThingGroupMetadata)
-  , _dtgrsThingGroupName       :: !(Maybe Text)
-  , _dtgrsVersion              :: !(Maybe Integer)
-  , _dtgrsThingGroupProperties :: !(Maybe ThingGroupProperties)
-  , _dtgrsResponseStatus       :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeThingGroupResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dtgrsThingGroupARN' - The thing group ARN.
---
--- * 'dtgrsThingGroupId' - The thing group ID.
---
--- * 'dtgrsThingGroupMetadata' - Thing group metadata.
---
--- * 'dtgrsThingGroupName' - The name of the thing group.
---
--- * 'dtgrsVersion' - The version of the thing group.
---
--- * 'dtgrsThingGroupProperties' - The thing group properties.
---
--- * 'dtgrsResponseStatus' - -- | The response status code.
-describeThingGroupResponse
-    :: Int -- ^ 'dtgrsResponseStatus'
-    -> DescribeThingGroupResponse
-describeThingGroupResponse pResponseStatus_ =
-  DescribeThingGroupResponse'
-    { _dtgrsThingGroupARN = Nothing
-    , _dtgrsThingGroupId = Nothing
-    , _dtgrsThingGroupMetadata = Nothing
-    , _dtgrsThingGroupName = Nothing
-    , _dtgrsVersion = Nothing
-    , _dtgrsThingGroupProperties = Nothing
-    , _dtgrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The thing group ARN.
-dtgrsThingGroupARN :: Lens' DescribeThingGroupResponse (Maybe Text)
-dtgrsThingGroupARN = lens _dtgrsThingGroupARN (\ s a -> s{_dtgrsThingGroupARN = a})
-
--- | The thing group ID.
-dtgrsThingGroupId :: Lens' DescribeThingGroupResponse (Maybe Text)
-dtgrsThingGroupId = lens _dtgrsThingGroupId (\ s a -> s{_dtgrsThingGroupId = a})
-
--- | Thing group metadata.
-dtgrsThingGroupMetadata :: Lens' DescribeThingGroupResponse (Maybe ThingGroupMetadata)
-dtgrsThingGroupMetadata = lens _dtgrsThingGroupMetadata (\ s a -> s{_dtgrsThingGroupMetadata = a})
-
--- | The name of the thing group.
-dtgrsThingGroupName :: Lens' DescribeThingGroupResponse (Maybe Text)
-dtgrsThingGroupName = lens _dtgrsThingGroupName (\ s a -> s{_dtgrsThingGroupName = a})
-
--- | The version of the thing group.
-dtgrsVersion :: Lens' DescribeThingGroupResponse (Maybe Integer)
-dtgrsVersion = lens _dtgrsVersion (\ s a -> s{_dtgrsVersion = a})
-
--- | The thing group properties.
-dtgrsThingGroupProperties :: Lens' DescribeThingGroupResponse (Maybe ThingGroupProperties)
-dtgrsThingGroupProperties = lens _dtgrsThingGroupProperties (\ s a -> s{_dtgrsThingGroupProperties = a})
-
--- | -- | The response status code.
-dtgrsResponseStatus :: Lens' DescribeThingGroupResponse Int
-dtgrsResponseStatus = lens _dtgrsResponseStatus (\ s a -> s{_dtgrsResponseStatus = a})
-
-instance NFData DescribeThingGroupResponse where
diff --git a/gen/Network/AWS/IoT/DescribeThingRegistrationTask.hs b/gen/Network/AWS/IoT/DescribeThingRegistrationTask.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DescribeThingRegistrationTask.hs
+++ /dev/null
@@ -1,239 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DescribeThingRegistrationTask
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Describes a bulk thing provisioning task.
---
---
-module Network.AWS.IoT.DescribeThingRegistrationTask
-    (
-    -- * Creating a Request
-      describeThingRegistrationTask
-    , DescribeThingRegistrationTask
-    -- * Request Lenses
-    , dtrtTaskId
-
-    -- * Destructuring the Response
-    , describeThingRegistrationTaskResponse
-    , DescribeThingRegistrationTaskResponse
-    -- * Response Lenses
-    , dtrtrsStatus
-    , dtrtrsLastModifiedDate
-    , dtrtrsInputFileKey
-    , dtrtrsTaskId
-    , dtrtrsCreationDate
-    , dtrtrsPercentageProgress
-    , dtrtrsTemplateBody
-    , dtrtrsSuccessCount
-    , dtrtrsMessage
-    , dtrtrsFailureCount
-    , dtrtrsInputFileBucket
-    , dtrtrsRoleARN
-    , dtrtrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'describeThingRegistrationTask' smart constructor.
-newtype DescribeThingRegistrationTask = DescribeThingRegistrationTask'
-  { _dtrtTaskId :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeThingRegistrationTask' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dtrtTaskId' - The task ID.
-describeThingRegistrationTask
-    :: Text -- ^ 'dtrtTaskId'
-    -> DescribeThingRegistrationTask
-describeThingRegistrationTask pTaskId_ =
-  DescribeThingRegistrationTask' {_dtrtTaskId = pTaskId_}
-
-
--- | The task ID.
-dtrtTaskId :: Lens' DescribeThingRegistrationTask Text
-dtrtTaskId = lens _dtrtTaskId (\ s a -> s{_dtrtTaskId = a})
-
-instance AWSRequest DescribeThingRegistrationTask
-         where
-        type Rs DescribeThingRegistrationTask =
-             DescribeThingRegistrationTaskResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 DescribeThingRegistrationTaskResponse' <$>
-                   (x .?> "status") <*> (x .?> "lastModifiedDate") <*>
-                     (x .?> "inputFileKey")
-                     <*> (x .?> "taskId")
-                     <*> (x .?> "creationDate")
-                     <*> (x .?> "percentageProgress")
-                     <*> (x .?> "templateBody")
-                     <*> (x .?> "successCount")
-                     <*> (x .?> "message")
-                     <*> (x .?> "failureCount")
-                     <*> (x .?> "inputFileBucket")
-                     <*> (x .?> "roleArn")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable DescribeThingRegistrationTask where
-
-instance NFData DescribeThingRegistrationTask where
-
-instance ToHeaders DescribeThingRegistrationTask
-         where
-        toHeaders = const mempty
-
-instance ToPath DescribeThingRegistrationTask where
-        toPath DescribeThingRegistrationTask'{..}
-          = mconcat
-              ["/thing-registration-tasks/", toBS _dtrtTaskId]
-
-instance ToQuery DescribeThingRegistrationTask where
-        toQuery = const mempty
-
--- | /See:/ 'describeThingRegistrationTaskResponse' smart constructor.
-data DescribeThingRegistrationTaskResponse = DescribeThingRegistrationTaskResponse'
-  { _dtrtrsStatus             :: !(Maybe TaskStatus)
-  , _dtrtrsLastModifiedDate   :: !(Maybe POSIX)
-  , _dtrtrsInputFileKey       :: !(Maybe Text)
-  , _dtrtrsTaskId             :: !(Maybe Text)
-  , _dtrtrsCreationDate       :: !(Maybe POSIX)
-  , _dtrtrsPercentageProgress :: !(Maybe Nat)
-  , _dtrtrsTemplateBody       :: !(Maybe Text)
-  , _dtrtrsSuccessCount       :: !(Maybe Int)
-  , _dtrtrsMessage            :: !(Maybe Text)
-  , _dtrtrsFailureCount       :: !(Maybe Int)
-  , _dtrtrsInputFileBucket    :: !(Maybe Text)
-  , _dtrtrsRoleARN            :: !(Maybe Text)
-  , _dtrtrsResponseStatus     :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeThingRegistrationTaskResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dtrtrsStatus' - The status of the bulk thing provisioning task.
---
--- * 'dtrtrsLastModifiedDate' - The date when the task was last modified.
---
--- * 'dtrtrsInputFileKey' - The input file key.
---
--- * 'dtrtrsTaskId' - The task ID.
---
--- * 'dtrtrsCreationDate' - The task creation date.
---
--- * 'dtrtrsPercentageProgress' - The progress of the bulk provisioning task expressed as a percentage.
---
--- * 'dtrtrsTemplateBody' - The task's template.
---
--- * 'dtrtrsSuccessCount' - The number of things successfully provisioned.
---
--- * 'dtrtrsMessage' - The message.
---
--- * 'dtrtrsFailureCount' - The number of things that failed to be provisioned.
---
--- * 'dtrtrsInputFileBucket' - The S3 bucket that contains the input file.
---
--- * 'dtrtrsRoleARN' - The role ARN that grants access to the input file bucket.
---
--- * 'dtrtrsResponseStatus' - -- | The response status code.
-describeThingRegistrationTaskResponse
-    :: Int -- ^ 'dtrtrsResponseStatus'
-    -> DescribeThingRegistrationTaskResponse
-describeThingRegistrationTaskResponse pResponseStatus_ =
-  DescribeThingRegistrationTaskResponse'
-    { _dtrtrsStatus = Nothing
-    , _dtrtrsLastModifiedDate = Nothing
-    , _dtrtrsInputFileKey = Nothing
-    , _dtrtrsTaskId = Nothing
-    , _dtrtrsCreationDate = Nothing
-    , _dtrtrsPercentageProgress = Nothing
-    , _dtrtrsTemplateBody = Nothing
-    , _dtrtrsSuccessCount = Nothing
-    , _dtrtrsMessage = Nothing
-    , _dtrtrsFailureCount = Nothing
-    , _dtrtrsInputFileBucket = Nothing
-    , _dtrtrsRoleARN = Nothing
-    , _dtrtrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The status of the bulk thing provisioning task.
-dtrtrsStatus :: Lens' DescribeThingRegistrationTaskResponse (Maybe TaskStatus)
-dtrtrsStatus = lens _dtrtrsStatus (\ s a -> s{_dtrtrsStatus = a})
-
--- | The date when the task was last modified.
-dtrtrsLastModifiedDate :: Lens' DescribeThingRegistrationTaskResponse (Maybe UTCTime)
-dtrtrsLastModifiedDate = lens _dtrtrsLastModifiedDate (\ s a -> s{_dtrtrsLastModifiedDate = a}) . mapping _Time
-
--- | The input file key.
-dtrtrsInputFileKey :: Lens' DescribeThingRegistrationTaskResponse (Maybe Text)
-dtrtrsInputFileKey = lens _dtrtrsInputFileKey (\ s a -> s{_dtrtrsInputFileKey = a})
-
--- | The task ID.
-dtrtrsTaskId :: Lens' DescribeThingRegistrationTaskResponse (Maybe Text)
-dtrtrsTaskId = lens _dtrtrsTaskId (\ s a -> s{_dtrtrsTaskId = a})
-
--- | The task creation date.
-dtrtrsCreationDate :: Lens' DescribeThingRegistrationTaskResponse (Maybe UTCTime)
-dtrtrsCreationDate = lens _dtrtrsCreationDate (\ s a -> s{_dtrtrsCreationDate = a}) . mapping _Time
-
--- | The progress of the bulk provisioning task expressed as a percentage.
-dtrtrsPercentageProgress :: Lens' DescribeThingRegistrationTaskResponse (Maybe Natural)
-dtrtrsPercentageProgress = lens _dtrtrsPercentageProgress (\ s a -> s{_dtrtrsPercentageProgress = a}) . mapping _Nat
-
--- | The task's template.
-dtrtrsTemplateBody :: Lens' DescribeThingRegistrationTaskResponse (Maybe Text)
-dtrtrsTemplateBody = lens _dtrtrsTemplateBody (\ s a -> s{_dtrtrsTemplateBody = a})
-
--- | The number of things successfully provisioned.
-dtrtrsSuccessCount :: Lens' DescribeThingRegistrationTaskResponse (Maybe Int)
-dtrtrsSuccessCount = lens _dtrtrsSuccessCount (\ s a -> s{_dtrtrsSuccessCount = a})
-
--- | The message.
-dtrtrsMessage :: Lens' DescribeThingRegistrationTaskResponse (Maybe Text)
-dtrtrsMessage = lens _dtrtrsMessage (\ s a -> s{_dtrtrsMessage = a})
-
--- | The number of things that failed to be provisioned.
-dtrtrsFailureCount :: Lens' DescribeThingRegistrationTaskResponse (Maybe Int)
-dtrtrsFailureCount = lens _dtrtrsFailureCount (\ s a -> s{_dtrtrsFailureCount = a})
-
--- | The S3 bucket that contains the input file.
-dtrtrsInputFileBucket :: Lens' DescribeThingRegistrationTaskResponse (Maybe Text)
-dtrtrsInputFileBucket = lens _dtrtrsInputFileBucket (\ s a -> s{_dtrtrsInputFileBucket = a})
-
--- | The role ARN that grants access to the input file bucket.
-dtrtrsRoleARN :: Lens' DescribeThingRegistrationTaskResponse (Maybe Text)
-dtrtrsRoleARN = lens _dtrtrsRoleARN (\ s a -> s{_dtrtrsRoleARN = a})
-
--- | -- | The response status code.
-dtrtrsResponseStatus :: Lens' DescribeThingRegistrationTaskResponse Int
-dtrtrsResponseStatus = lens _dtrtrsResponseStatus (\ s a -> s{_dtrtrsResponseStatus = a})
-
-instance NFData DescribeThingRegistrationTaskResponse
-         where
diff --git a/gen/Network/AWS/IoT/DescribeThingType.hs b/gen/Network/AWS/IoT/DescribeThingType.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DescribeThingType.hs
+++ /dev/null
@@ -1,173 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DescribeThingType
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Gets information about the specified thing type.
---
---
-module Network.AWS.IoT.DescribeThingType
-    (
-    -- * Creating a Request
-      describeThingType
-    , DescribeThingType
-    -- * Request Lenses
-    , dThingTypeName
-
-    -- * Destructuring the Response
-    , describeThingTypeResponse
-    , DescribeThingTypeResponse
-    -- * Response Lenses
-    , desrsThingTypeProperties
-    , desrsThingTypeName
-    , desrsThingTypeId
-    , desrsThingTypeMetadata
-    , desrsThingTypeARN
-    , desrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the DescribeThingType operation.
---
---
---
--- /See:/ 'describeThingType' smart constructor.
-newtype DescribeThingType = DescribeThingType'
-  { _dThingTypeName :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeThingType' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dThingTypeName' - The name of the thing type.
-describeThingType
-    :: Text -- ^ 'dThingTypeName'
-    -> DescribeThingType
-describeThingType pThingTypeName_ =
-  DescribeThingType' {_dThingTypeName = pThingTypeName_}
-
-
--- | The name of the thing type.
-dThingTypeName :: Lens' DescribeThingType Text
-dThingTypeName = lens _dThingTypeName (\ s a -> s{_dThingTypeName = a})
-
-instance AWSRequest DescribeThingType where
-        type Rs DescribeThingType = DescribeThingTypeResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 DescribeThingTypeResponse' <$>
-                   (x .?> "thingTypeProperties") <*>
-                     (x .?> "thingTypeName")
-                     <*> (x .?> "thingTypeId")
-                     <*> (x .?> "thingTypeMetadata")
-                     <*> (x .?> "thingTypeArn")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable DescribeThingType where
-
-instance NFData DescribeThingType where
-
-instance ToHeaders DescribeThingType where
-        toHeaders = const mempty
-
-instance ToPath DescribeThingType where
-        toPath DescribeThingType'{..}
-          = mconcat ["/thing-types/", toBS _dThingTypeName]
-
-instance ToQuery DescribeThingType where
-        toQuery = const mempty
-
--- | The output for the DescribeThingType operation.
---
---
---
--- /See:/ 'describeThingTypeResponse' smart constructor.
-data DescribeThingTypeResponse = DescribeThingTypeResponse'
-  { _desrsThingTypeProperties :: !(Maybe ThingTypeProperties)
-  , _desrsThingTypeName       :: !(Maybe Text)
-  , _desrsThingTypeId         :: !(Maybe Text)
-  , _desrsThingTypeMetadata   :: !(Maybe ThingTypeMetadata)
-  , _desrsThingTypeARN        :: !(Maybe Text)
-  , _desrsResponseStatus      :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DescribeThingTypeResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'desrsThingTypeProperties' - The ThingTypeProperties contains information about the thing type including description, and a list of searchable thing attribute names.
---
--- * 'desrsThingTypeName' - The name of the thing type.
---
--- * 'desrsThingTypeId' - The thing type ID.
---
--- * 'desrsThingTypeMetadata' - The ThingTypeMetadata contains additional information about the thing type including: creation date and time, a value indicating whether the thing type is deprecated, and a date and time when it was deprecated.
---
--- * 'desrsThingTypeARN' - The thing type ARN.
---
--- * 'desrsResponseStatus' - -- | The response status code.
-describeThingTypeResponse
-    :: Int -- ^ 'desrsResponseStatus'
-    -> DescribeThingTypeResponse
-describeThingTypeResponse pResponseStatus_ =
-  DescribeThingTypeResponse'
-    { _desrsThingTypeProperties = Nothing
-    , _desrsThingTypeName = Nothing
-    , _desrsThingTypeId = Nothing
-    , _desrsThingTypeMetadata = Nothing
-    , _desrsThingTypeARN = Nothing
-    , _desrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The ThingTypeProperties contains information about the thing type including description, and a list of searchable thing attribute names.
-desrsThingTypeProperties :: Lens' DescribeThingTypeResponse (Maybe ThingTypeProperties)
-desrsThingTypeProperties = lens _desrsThingTypeProperties (\ s a -> s{_desrsThingTypeProperties = a})
-
--- | The name of the thing type.
-desrsThingTypeName :: Lens' DescribeThingTypeResponse (Maybe Text)
-desrsThingTypeName = lens _desrsThingTypeName (\ s a -> s{_desrsThingTypeName = a})
-
--- | The thing type ID.
-desrsThingTypeId :: Lens' DescribeThingTypeResponse (Maybe Text)
-desrsThingTypeId = lens _desrsThingTypeId (\ s a -> s{_desrsThingTypeId = a})
-
--- | The ThingTypeMetadata contains additional information about the thing type including: creation date and time, a value indicating whether the thing type is deprecated, and a date and time when it was deprecated.
-desrsThingTypeMetadata :: Lens' DescribeThingTypeResponse (Maybe ThingTypeMetadata)
-desrsThingTypeMetadata = lens _desrsThingTypeMetadata (\ s a -> s{_desrsThingTypeMetadata = a})
-
--- | The thing type ARN.
-desrsThingTypeARN :: Lens' DescribeThingTypeResponse (Maybe Text)
-desrsThingTypeARN = lens _desrsThingTypeARN (\ s a -> s{_desrsThingTypeARN = a})
-
--- | -- | The response status code.
-desrsResponseStatus :: Lens' DescribeThingTypeResponse Int
-desrsResponseStatus = lens _desrsResponseStatus (\ s a -> s{_desrsResponseStatus = a})
-
-instance NFData DescribeThingTypeResponse where
diff --git a/gen/Network/AWS/IoT/DetachPolicy.hs b/gen/Network/AWS/IoT/DetachPolicy.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DetachPolicy.hs
+++ /dev/null
@@ -1,111 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DetachPolicy
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Detaches a policy from the specified target.
---
---
-module Network.AWS.IoT.DetachPolicy
-    (
-    -- * Creating a Request
-      detachPolicy
-    , DetachPolicy
-    -- * Request Lenses
-    , dPolicyName
-    , dTarget
-
-    -- * Destructuring the Response
-    , detachPolicyResponse
-    , DetachPolicyResponse
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'detachPolicy' smart constructor.
-data DetachPolicy = DetachPolicy'
-  { _dPolicyName :: !Text
-  , _dTarget     :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DetachPolicy' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dPolicyName' - The policy to detach.
---
--- * 'dTarget' - The target from which the policy will be detached.
-detachPolicy
-    :: Text -- ^ 'dPolicyName'
-    -> Text -- ^ 'dTarget'
-    -> DetachPolicy
-detachPolicy pPolicyName_ pTarget_ =
-  DetachPolicy' {_dPolicyName = pPolicyName_, _dTarget = pTarget_}
-
-
--- | The policy to detach.
-dPolicyName :: Lens' DetachPolicy Text
-dPolicyName = lens _dPolicyName (\ s a -> s{_dPolicyName = a})
-
--- | The target from which the policy will be detached.
-dTarget :: Lens' DetachPolicy Text
-dTarget = lens _dTarget (\ s a -> s{_dTarget = a})
-
-instance AWSRequest DetachPolicy where
-        type Rs DetachPolicy = DetachPolicyResponse
-        request = postJSON ioT
-        response = receiveNull DetachPolicyResponse'
-
-instance Hashable DetachPolicy where
-
-instance NFData DetachPolicy where
-
-instance ToHeaders DetachPolicy where
-        toHeaders = const mempty
-
-instance ToJSON DetachPolicy where
-        toJSON DetachPolicy'{..}
-          = object (catMaybes [Just ("target" .= _dTarget)])
-
-instance ToPath DetachPolicy where
-        toPath DetachPolicy'{..}
-          = mconcat ["/target-policies/", toBS _dPolicyName]
-
-instance ToQuery DetachPolicy where
-        toQuery = const mempty
-
--- | /See:/ 'detachPolicyResponse' smart constructor.
-data DetachPolicyResponse =
-  DetachPolicyResponse'
-  deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DetachPolicyResponse' with the minimum fields required to make a request.
---
-detachPolicyResponse
-    :: DetachPolicyResponse
-detachPolicyResponse = DetachPolicyResponse'
-
-
-instance NFData DetachPolicyResponse where
diff --git a/gen/Network/AWS/IoT/DetachThingPrincipal.hs b/gen/Network/AWS/IoT/DetachThingPrincipal.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DetachThingPrincipal.hs
+++ /dev/null
@@ -1,134 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DetachThingPrincipal
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Detaches the specified principal from the specified thing.
---
---
-module Network.AWS.IoT.DetachThingPrincipal
-    (
-    -- * Creating a Request
-      detachThingPrincipal
-    , DetachThingPrincipal
-    -- * Request Lenses
-    , dtpThingName
-    , dtpPrincipal
-
-    -- * Destructuring the Response
-    , detachThingPrincipalResponse
-    , DetachThingPrincipalResponse
-    -- * Response Lenses
-    , dtprsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the DetachThingPrincipal operation.
---
---
---
--- /See:/ 'detachThingPrincipal' smart constructor.
-data DetachThingPrincipal = DetachThingPrincipal'
-  { _dtpThingName :: !Text
-  , _dtpPrincipal :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DetachThingPrincipal' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dtpThingName' - The name of the thing.
---
--- * 'dtpPrincipal' - If the principal is a certificate, this value must be ARN of the certificate. If the principal is an Amazon Cognito identity, this value must be the ID of the Amazon Cognito identity.
-detachThingPrincipal
-    :: Text -- ^ 'dtpThingName'
-    -> Text -- ^ 'dtpPrincipal'
-    -> DetachThingPrincipal
-detachThingPrincipal pThingName_ pPrincipal_ =
-  DetachThingPrincipal'
-    {_dtpThingName = pThingName_, _dtpPrincipal = pPrincipal_}
-
-
--- | The name of the thing.
-dtpThingName :: Lens' DetachThingPrincipal Text
-dtpThingName = lens _dtpThingName (\ s a -> s{_dtpThingName = a})
-
--- | If the principal is a certificate, this value must be ARN of the certificate. If the principal is an Amazon Cognito identity, this value must be the ID of the Amazon Cognito identity.
-dtpPrincipal :: Lens' DetachThingPrincipal Text
-dtpPrincipal = lens _dtpPrincipal (\ s a -> s{_dtpPrincipal = a})
-
-instance AWSRequest DetachThingPrincipal where
-        type Rs DetachThingPrincipal =
-             DetachThingPrincipalResponse
-        request = delete ioT
-        response
-          = receiveEmpty
-              (\ s h x ->
-                 DetachThingPrincipalResponse' <$>
-                   (pure (fromEnum s)))
-
-instance Hashable DetachThingPrincipal where
-
-instance NFData DetachThingPrincipal where
-
-instance ToHeaders DetachThingPrincipal where
-        toHeaders DetachThingPrincipal'{..}
-          = mconcat ["x-amzn-principal" =# _dtpPrincipal]
-
-instance ToPath DetachThingPrincipal where
-        toPath DetachThingPrincipal'{..}
-          = mconcat
-              ["/things/", toBS _dtpThingName, "/principals"]
-
-instance ToQuery DetachThingPrincipal where
-        toQuery = const mempty
-
--- | The output from the DetachThingPrincipal operation.
---
---
---
--- /See:/ 'detachThingPrincipalResponse' smart constructor.
-newtype DetachThingPrincipalResponse = DetachThingPrincipalResponse'
-  { _dtprsResponseStatus :: Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DetachThingPrincipalResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dtprsResponseStatus' - -- | The response status code.
-detachThingPrincipalResponse
-    :: Int -- ^ 'dtprsResponseStatus'
-    -> DetachThingPrincipalResponse
-detachThingPrincipalResponse pResponseStatus_ =
-  DetachThingPrincipalResponse' {_dtprsResponseStatus = pResponseStatus_}
-
-
--- | -- | The response status code.
-dtprsResponseStatus :: Lens' DetachThingPrincipalResponse Int
-dtprsResponseStatus = lens _dtprsResponseStatus (\ s a -> s{_dtprsResponseStatus = a})
-
-instance NFData DetachThingPrincipalResponse where
diff --git a/gen/Network/AWS/IoT/DisableTopicRule.hs b/gen/Network/AWS/IoT/DisableTopicRule.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/DisableTopicRule.hs
+++ /dev/null
@@ -1,104 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.DisableTopicRule
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Disables the rule.
---
---
-module Network.AWS.IoT.DisableTopicRule
-    (
-    -- * Creating a Request
-      disableTopicRule
-    , DisableTopicRule
-    -- * Request Lenses
-    , dtrRuleName
-
-    -- * Destructuring the Response
-    , disableTopicRuleResponse
-    , DisableTopicRuleResponse
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the DisableTopicRuleRequest operation.
---
---
---
--- /See:/ 'disableTopicRule' smart constructor.
-newtype DisableTopicRule = DisableTopicRule'
-  { _dtrRuleName :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DisableTopicRule' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dtrRuleName' - The name of the rule to disable.
-disableTopicRule
-    :: Text -- ^ 'dtrRuleName'
-    -> DisableTopicRule
-disableTopicRule pRuleName_ = DisableTopicRule' {_dtrRuleName = pRuleName_}
-
-
--- | The name of the rule to disable.
-dtrRuleName :: Lens' DisableTopicRule Text
-dtrRuleName = lens _dtrRuleName (\ s a -> s{_dtrRuleName = a})
-
-instance AWSRequest DisableTopicRule where
-        type Rs DisableTopicRule = DisableTopicRuleResponse
-        request = postJSON ioT
-        response = receiveNull DisableTopicRuleResponse'
-
-instance Hashable DisableTopicRule where
-
-instance NFData DisableTopicRule where
-
-instance ToHeaders DisableTopicRule where
-        toHeaders = const mempty
-
-instance ToJSON DisableTopicRule where
-        toJSON = const (Object mempty)
-
-instance ToPath DisableTopicRule where
-        toPath DisableTopicRule'{..}
-          = mconcat ["/rules/", toBS _dtrRuleName, "/disable"]
-
-instance ToQuery DisableTopicRule where
-        toQuery = const mempty
-
--- | /See:/ 'disableTopicRuleResponse' smart constructor.
-data DisableTopicRuleResponse =
-  DisableTopicRuleResponse'
-  deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DisableTopicRuleResponse' with the minimum fields required to make a request.
---
-disableTopicRuleResponse
-    :: DisableTopicRuleResponse
-disableTopicRuleResponse = DisableTopicRuleResponse'
-
-
-instance NFData DisableTopicRuleResponse where
diff --git a/gen/Network/AWS/IoT/EnableTopicRule.hs b/gen/Network/AWS/IoT/EnableTopicRule.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/EnableTopicRule.hs
+++ /dev/null
@@ -1,104 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.EnableTopicRule
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Enables the rule.
---
---
-module Network.AWS.IoT.EnableTopicRule
-    (
-    -- * Creating a Request
-      enableTopicRule
-    , EnableTopicRule
-    -- * Request Lenses
-    , etrRuleName
-
-    -- * Destructuring the Response
-    , enableTopicRuleResponse
-    , EnableTopicRuleResponse
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the EnableTopicRuleRequest operation.
---
---
---
--- /See:/ 'enableTopicRule' smart constructor.
-newtype EnableTopicRule = EnableTopicRule'
-  { _etrRuleName :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'EnableTopicRule' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'etrRuleName' - The name of the topic rule to enable.
-enableTopicRule
-    :: Text -- ^ 'etrRuleName'
-    -> EnableTopicRule
-enableTopicRule pRuleName_ = EnableTopicRule' {_etrRuleName = pRuleName_}
-
-
--- | The name of the topic rule to enable.
-etrRuleName :: Lens' EnableTopicRule Text
-etrRuleName = lens _etrRuleName (\ s a -> s{_etrRuleName = a})
-
-instance AWSRequest EnableTopicRule where
-        type Rs EnableTopicRule = EnableTopicRuleResponse
-        request = postJSON ioT
-        response = receiveNull EnableTopicRuleResponse'
-
-instance Hashable EnableTopicRule where
-
-instance NFData EnableTopicRule where
-
-instance ToHeaders EnableTopicRule where
-        toHeaders = const mempty
-
-instance ToJSON EnableTopicRule where
-        toJSON = const (Object mempty)
-
-instance ToPath EnableTopicRule where
-        toPath EnableTopicRule'{..}
-          = mconcat ["/rules/", toBS _etrRuleName, "/enable"]
-
-instance ToQuery EnableTopicRule where
-        toQuery = const mempty
-
--- | /See:/ 'enableTopicRuleResponse' smart constructor.
-data EnableTopicRuleResponse =
-  EnableTopicRuleResponse'
-  deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'EnableTopicRuleResponse' with the minimum fields required to make a request.
---
-enableTopicRuleResponse
-    :: EnableTopicRuleResponse
-enableTopicRuleResponse = EnableTopicRuleResponse'
-
-
-instance NFData EnableTopicRuleResponse where
diff --git a/gen/Network/AWS/IoT/GetEffectivePolicies.hs b/gen/Network/AWS/IoT/GetEffectivePolicies.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/GetEffectivePolicies.hs
+++ /dev/null
@@ -1,151 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.GetEffectivePolicies
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Gets effective policies.
---
---
-module Network.AWS.IoT.GetEffectivePolicies
-    (
-    -- * Creating a Request
-      getEffectivePolicies
-    , GetEffectivePolicies
-    -- * Request Lenses
-    , gepPrincipal
-    , gepCognitoIdentityPoolId
-    , gepThingName
-
-    -- * Destructuring the Response
-    , getEffectivePoliciesResponse
-    , GetEffectivePoliciesResponse
-    -- * Response Lenses
-    , geprsEffectivePolicies
-    , geprsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'getEffectivePolicies' smart constructor.
-data GetEffectivePolicies = GetEffectivePolicies'
-  { _gepPrincipal             :: !(Maybe Text)
-  , _gepCognitoIdentityPoolId :: !(Maybe Text)
-  , _gepThingName             :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'GetEffectivePolicies' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'gepPrincipal' - The principal.
---
--- * 'gepCognitoIdentityPoolId' - The Cognito identity pool ID.
---
--- * 'gepThingName' - The thing name.
-getEffectivePolicies
-    :: GetEffectivePolicies
-getEffectivePolicies =
-  GetEffectivePolicies'
-    { _gepPrincipal = Nothing
-    , _gepCognitoIdentityPoolId = Nothing
-    , _gepThingName = Nothing
-    }
-
-
--- | The principal.
-gepPrincipal :: Lens' GetEffectivePolicies (Maybe Text)
-gepPrincipal = lens _gepPrincipal (\ s a -> s{_gepPrincipal = a})
-
--- | The Cognito identity pool ID.
-gepCognitoIdentityPoolId :: Lens' GetEffectivePolicies (Maybe Text)
-gepCognitoIdentityPoolId = lens _gepCognitoIdentityPoolId (\ s a -> s{_gepCognitoIdentityPoolId = a})
-
--- | The thing name.
-gepThingName :: Lens' GetEffectivePolicies (Maybe Text)
-gepThingName = lens _gepThingName (\ s a -> s{_gepThingName = a})
-
-instance AWSRequest GetEffectivePolicies where
-        type Rs GetEffectivePolicies =
-             GetEffectivePoliciesResponse
-        request = postJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 GetEffectivePoliciesResponse' <$>
-                   (x .?> "effectivePolicies" .!@ mempty) <*>
-                     (pure (fromEnum s)))
-
-instance Hashable GetEffectivePolicies where
-
-instance NFData GetEffectivePolicies where
-
-instance ToHeaders GetEffectivePolicies where
-        toHeaders = const mempty
-
-instance ToJSON GetEffectivePolicies where
-        toJSON GetEffectivePolicies'{..}
-          = object
-              (catMaybes
-                 [("principal" .=) <$> _gepPrincipal,
-                  ("cognitoIdentityPoolId" .=) <$>
-                    _gepCognitoIdentityPoolId])
-
-instance ToPath GetEffectivePolicies where
-        toPath = const "/effective-policies"
-
-instance ToQuery GetEffectivePolicies where
-        toQuery GetEffectivePolicies'{..}
-          = mconcat ["thingName" =: _gepThingName]
-
--- | /See:/ 'getEffectivePoliciesResponse' smart constructor.
-data GetEffectivePoliciesResponse = GetEffectivePoliciesResponse'
-  { _geprsEffectivePolicies :: !(Maybe [EffectivePolicy])
-  , _geprsResponseStatus    :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'GetEffectivePoliciesResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'geprsEffectivePolicies' - The effective policies.
---
--- * 'geprsResponseStatus' - -- | The response status code.
-getEffectivePoliciesResponse
-    :: Int -- ^ 'geprsResponseStatus'
-    -> GetEffectivePoliciesResponse
-getEffectivePoliciesResponse pResponseStatus_ =
-  GetEffectivePoliciesResponse'
-    {_geprsEffectivePolicies = Nothing, _geprsResponseStatus = pResponseStatus_}
-
-
--- | The effective policies.
-geprsEffectivePolicies :: Lens' GetEffectivePoliciesResponse [EffectivePolicy]
-geprsEffectivePolicies = lens _geprsEffectivePolicies (\ s a -> s{_geprsEffectivePolicies = a}) . _Default . _Coerce
-
--- | -- | The response status code.
-geprsResponseStatus :: Lens' GetEffectivePoliciesResponse Int
-geprsResponseStatus = lens _geprsResponseStatus (\ s a -> s{_geprsResponseStatus = a})
-
-instance NFData GetEffectivePoliciesResponse where
diff --git a/gen/Network/AWS/IoT/GetIndexingConfiguration.hs b/gen/Network/AWS/IoT/GetIndexingConfiguration.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/GetIndexingConfiguration.hs
+++ /dev/null
@@ -1,115 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.GetIndexingConfiguration
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Gets the search configuration.
---
---
-module Network.AWS.IoT.GetIndexingConfiguration
-    (
-    -- * Creating a Request
-      getIndexingConfiguration
-    , GetIndexingConfiguration
-
-    -- * Destructuring the Response
-    , getIndexingConfigurationResponse
-    , GetIndexingConfigurationResponse
-    -- * Response Lenses
-    , gicrsThingIndexingConfiguration
-    , gicrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'getIndexingConfiguration' smart constructor.
-data GetIndexingConfiguration =
-  GetIndexingConfiguration'
-  deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'GetIndexingConfiguration' with the minimum fields required to make a request.
---
-getIndexingConfiguration
-    :: GetIndexingConfiguration
-getIndexingConfiguration = GetIndexingConfiguration'
-
-
-instance AWSRequest GetIndexingConfiguration where
-        type Rs GetIndexingConfiguration =
-             GetIndexingConfigurationResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 GetIndexingConfigurationResponse' <$>
-                   (x .?> "thingIndexingConfiguration") <*>
-                     (pure (fromEnum s)))
-
-instance Hashable GetIndexingConfiguration where
-
-instance NFData GetIndexingConfiguration where
-
-instance ToHeaders GetIndexingConfiguration where
-        toHeaders = const mempty
-
-instance ToPath GetIndexingConfiguration where
-        toPath = const "/indexing/config"
-
-instance ToQuery GetIndexingConfiguration where
-        toQuery = const mempty
-
--- | /See:/ 'getIndexingConfigurationResponse' smart constructor.
-data GetIndexingConfigurationResponse = GetIndexingConfigurationResponse'
-  { _gicrsThingIndexingConfiguration :: !(Maybe ThingIndexingConfiguration)
-  , _gicrsResponseStatus             :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'GetIndexingConfigurationResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'gicrsThingIndexingConfiguration' - Thing indexing configuration.
---
--- * 'gicrsResponseStatus' - -- | The response status code.
-getIndexingConfigurationResponse
-    :: Int -- ^ 'gicrsResponseStatus'
-    -> GetIndexingConfigurationResponse
-getIndexingConfigurationResponse pResponseStatus_ =
-  GetIndexingConfigurationResponse'
-    { _gicrsThingIndexingConfiguration = Nothing
-    , _gicrsResponseStatus = pResponseStatus_
-    }
-
-
--- | Thing indexing configuration.
-gicrsThingIndexingConfiguration :: Lens' GetIndexingConfigurationResponse (Maybe ThingIndexingConfiguration)
-gicrsThingIndexingConfiguration = lens _gicrsThingIndexingConfiguration (\ s a -> s{_gicrsThingIndexingConfiguration = a})
-
--- | -- | The response status code.
-gicrsResponseStatus :: Lens' GetIndexingConfigurationResponse Int
-gicrsResponseStatus = lens _gicrsResponseStatus (\ s a -> s{_gicrsResponseStatus = a})
-
-instance NFData GetIndexingConfigurationResponse
-         where
diff --git a/gen/Network/AWS/IoT/GetJobDocument.hs b/gen/Network/AWS/IoT/GetJobDocument.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/GetJobDocument.hs
+++ /dev/null
@@ -1,121 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.GetJobDocument
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Gets a job document.
---
---
-module Network.AWS.IoT.GetJobDocument
-    (
-    -- * Creating a Request
-      getJobDocument
-    , GetJobDocument
-    -- * Request Lenses
-    , gjdJobId
-
-    -- * Destructuring the Response
-    , getJobDocumentResponse
-    , GetJobDocumentResponse
-    -- * Response Lenses
-    , gjdrsDocument
-    , gjdrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'getJobDocument' smart constructor.
-newtype GetJobDocument = GetJobDocument'
-  { _gjdJobId :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'GetJobDocument' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'gjdJobId' - The unique identifier you assigned to this job when it was created.
-getJobDocument
-    :: Text -- ^ 'gjdJobId'
-    -> GetJobDocument
-getJobDocument pJobId_ = GetJobDocument' {_gjdJobId = pJobId_}
-
-
--- | The unique identifier you assigned to this job when it was created.
-gjdJobId :: Lens' GetJobDocument Text
-gjdJobId = lens _gjdJobId (\ s a -> s{_gjdJobId = a})
-
-instance AWSRequest GetJobDocument where
-        type Rs GetJobDocument = GetJobDocumentResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 GetJobDocumentResponse' <$>
-                   (x .?> "document") <*> (pure (fromEnum s)))
-
-instance Hashable GetJobDocument where
-
-instance NFData GetJobDocument where
-
-instance ToHeaders GetJobDocument where
-        toHeaders = const mempty
-
-instance ToPath GetJobDocument where
-        toPath GetJobDocument'{..}
-          = mconcat ["/jobs/", toBS _gjdJobId, "/job-document"]
-
-instance ToQuery GetJobDocument where
-        toQuery = const mempty
-
--- | /See:/ 'getJobDocumentResponse' smart constructor.
-data GetJobDocumentResponse = GetJobDocumentResponse'
-  { _gjdrsDocument       :: !(Maybe Text)
-  , _gjdrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'GetJobDocumentResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'gjdrsDocument' - The job document content.
---
--- * 'gjdrsResponseStatus' - -- | The response status code.
-getJobDocumentResponse
-    :: Int -- ^ 'gjdrsResponseStatus'
-    -> GetJobDocumentResponse
-getJobDocumentResponse pResponseStatus_ =
-  GetJobDocumentResponse'
-    {_gjdrsDocument = Nothing, _gjdrsResponseStatus = pResponseStatus_}
-
-
--- | The job document content.
-gjdrsDocument :: Lens' GetJobDocumentResponse (Maybe Text)
-gjdrsDocument = lens _gjdrsDocument (\ s a -> s{_gjdrsDocument = a})
-
--- | -- | The response status code.
-gjdrsResponseStatus :: Lens' GetJobDocumentResponse Int
-gjdrsResponseStatus = lens _gjdrsResponseStatus (\ s a -> s{_gjdrsResponseStatus = a})
-
-instance NFData GetJobDocumentResponse where
diff --git a/gen/Network/AWS/IoT/GetLoggingOptions.hs b/gen/Network/AWS/IoT/GetLoggingOptions.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/GetLoggingOptions.hs
+++ /dev/null
@@ -1,130 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.GetLoggingOptions
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Gets the logging options.
---
---
-module Network.AWS.IoT.GetLoggingOptions
-    (
-    -- * Creating a Request
-      getLoggingOptions
-    , GetLoggingOptions
-
-    -- * Destructuring the Response
-    , getLoggingOptionsResponse
-    , GetLoggingOptionsResponse
-    -- * Response Lenses
-    , glorsLogLevel
-    , glorsRoleARN
-    , glorsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the GetLoggingOptions operation.
---
---
---
--- /See:/ 'getLoggingOptions' smart constructor.
-data GetLoggingOptions =
-  GetLoggingOptions'
-  deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'GetLoggingOptions' with the minimum fields required to make a request.
---
-getLoggingOptions
-    :: GetLoggingOptions
-getLoggingOptions = GetLoggingOptions'
-
-
-instance AWSRequest GetLoggingOptions where
-        type Rs GetLoggingOptions = GetLoggingOptionsResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 GetLoggingOptionsResponse' <$>
-                   (x .?> "logLevel") <*> (x .?> "roleArn") <*>
-                     (pure (fromEnum s)))
-
-instance Hashable GetLoggingOptions where
-
-instance NFData GetLoggingOptions where
-
-instance ToHeaders GetLoggingOptions where
-        toHeaders = const mempty
-
-instance ToPath GetLoggingOptions where
-        toPath = const "/loggingOptions"
-
-instance ToQuery GetLoggingOptions where
-        toQuery = const mempty
-
--- | The output from the GetLoggingOptions operation.
---
---
---
--- /See:/ 'getLoggingOptionsResponse' smart constructor.
-data GetLoggingOptionsResponse = GetLoggingOptionsResponse'
-  { _glorsLogLevel       :: !(Maybe LogLevel)
-  , _glorsRoleARN        :: !(Maybe Text)
-  , _glorsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'GetLoggingOptionsResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'glorsLogLevel' - The logging level.
---
--- * 'glorsRoleARN' - The ARN of the IAM role that grants access.
---
--- * 'glorsResponseStatus' - -- | The response status code.
-getLoggingOptionsResponse
-    :: Int -- ^ 'glorsResponseStatus'
-    -> GetLoggingOptionsResponse
-getLoggingOptionsResponse pResponseStatus_ =
-  GetLoggingOptionsResponse'
-    { _glorsLogLevel = Nothing
-    , _glorsRoleARN = Nothing
-    , _glorsResponseStatus = pResponseStatus_
-    }
-
-
--- | The logging level.
-glorsLogLevel :: Lens' GetLoggingOptionsResponse (Maybe LogLevel)
-glorsLogLevel = lens _glorsLogLevel (\ s a -> s{_glorsLogLevel = a})
-
--- | The ARN of the IAM role that grants access.
-glorsRoleARN :: Lens' GetLoggingOptionsResponse (Maybe Text)
-glorsRoleARN = lens _glorsRoleARN (\ s a -> s{_glorsRoleARN = a})
-
--- | -- | The response status code.
-glorsResponseStatus :: Lens' GetLoggingOptionsResponse Int
-glorsResponseStatus = lens _glorsResponseStatus (\ s a -> s{_glorsResponseStatus = a})
-
-instance NFData GetLoggingOptionsResponse where
diff --git a/gen/Network/AWS/IoT/GetOTAUpdate.hs b/gen/Network/AWS/IoT/GetOTAUpdate.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/GetOTAUpdate.hs
+++ /dev/null
@@ -1,121 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.GetOTAUpdate
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Gets an OTA update.
---
---
-module Network.AWS.IoT.GetOTAUpdate
-    (
-    -- * Creating a Request
-      getOTAUpdate
-    , GetOTAUpdate
-    -- * Request Lenses
-    , gotauOtaUpdateId
-
-    -- * Destructuring the Response
-    , getOTAUpdateResponse
-    , GetOTAUpdateResponse
-    -- * Response Lenses
-    , gotaursOtaUpdateInfo
-    , gotaursResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'getOTAUpdate' smart constructor.
-newtype GetOTAUpdate = GetOTAUpdate'
-  { _gotauOtaUpdateId :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'GetOTAUpdate' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'gotauOtaUpdateId' - The OTA update ID.
-getOTAUpdate
-    :: Text -- ^ 'gotauOtaUpdateId'
-    -> GetOTAUpdate
-getOTAUpdate pOtaUpdateId_ = GetOTAUpdate' {_gotauOtaUpdateId = pOtaUpdateId_}
-
-
--- | The OTA update ID.
-gotauOtaUpdateId :: Lens' GetOTAUpdate Text
-gotauOtaUpdateId = lens _gotauOtaUpdateId (\ s a -> s{_gotauOtaUpdateId = a})
-
-instance AWSRequest GetOTAUpdate where
-        type Rs GetOTAUpdate = GetOTAUpdateResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 GetOTAUpdateResponse' <$>
-                   (x .?> "otaUpdateInfo") <*> (pure (fromEnum s)))
-
-instance Hashable GetOTAUpdate where
-
-instance NFData GetOTAUpdate where
-
-instance ToHeaders GetOTAUpdate where
-        toHeaders = const mempty
-
-instance ToPath GetOTAUpdate where
-        toPath GetOTAUpdate'{..}
-          = mconcat ["/otaUpdates/", toBS _gotauOtaUpdateId]
-
-instance ToQuery GetOTAUpdate where
-        toQuery = const mempty
-
--- | /See:/ 'getOTAUpdateResponse' smart constructor.
-data GetOTAUpdateResponse = GetOTAUpdateResponse'
-  { _gotaursOtaUpdateInfo  :: !(Maybe OTAUpdateInfo)
-  , _gotaursResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'GetOTAUpdateResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'gotaursOtaUpdateInfo' - The OTA update info.
---
--- * 'gotaursResponseStatus' - -- | The response status code.
-getOTAUpdateResponse
-    :: Int -- ^ 'gotaursResponseStatus'
-    -> GetOTAUpdateResponse
-getOTAUpdateResponse pResponseStatus_ =
-  GetOTAUpdateResponse'
-    {_gotaursOtaUpdateInfo = Nothing, _gotaursResponseStatus = pResponseStatus_}
-
-
--- | The OTA update info.
-gotaursOtaUpdateInfo :: Lens' GetOTAUpdateResponse (Maybe OTAUpdateInfo)
-gotaursOtaUpdateInfo = lens _gotaursOtaUpdateInfo (\ s a -> s{_gotaursOtaUpdateInfo = a})
-
--- | -- | The response status code.
-gotaursResponseStatus :: Lens' GetOTAUpdateResponse Int
-gotaursResponseStatus = lens _gotaursResponseStatus (\ s a -> s{_gotaursResponseStatus = a})
-
-instance NFData GetOTAUpdateResponse where
diff --git a/gen/Network/AWS/IoT/GetPolicy.hs b/gen/Network/AWS/IoT/GetPolicy.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/GetPolicy.hs
+++ /dev/null
@@ -1,191 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.GetPolicy
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Gets information about the specified policy with the policy document of the default version.
---
---
-module Network.AWS.IoT.GetPolicy
-    (
-    -- * Creating a Request
-      getPolicy
-    , GetPolicy
-    -- * Request Lenses
-    , gpPolicyName
-
-    -- * Destructuring the Response
-    , getPolicyResponse
-    , GetPolicyResponse
-    -- * Response Lenses
-    , gprsLastModifiedDate
-    , gprsPolicyName
-    , gprsPolicyDocument
-    , gprsDefaultVersionId
-    , gprsPolicyARN
-    , gprsCreationDate
-    , gprsGenerationId
-    , gprsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the GetPolicy operation.
---
---
---
--- /See:/ 'getPolicy' smart constructor.
-newtype GetPolicy = GetPolicy'
-  { _gpPolicyName :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'GetPolicy' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'gpPolicyName' - The name of the policy.
-getPolicy
-    :: Text -- ^ 'gpPolicyName'
-    -> GetPolicy
-getPolicy pPolicyName_ = GetPolicy' {_gpPolicyName = pPolicyName_}
-
-
--- | The name of the policy.
-gpPolicyName :: Lens' GetPolicy Text
-gpPolicyName = lens _gpPolicyName (\ s a -> s{_gpPolicyName = a})
-
-instance AWSRequest GetPolicy where
-        type Rs GetPolicy = GetPolicyResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 GetPolicyResponse' <$>
-                   (x .?> "lastModifiedDate") <*> (x .?> "policyName")
-                     <*> (x .?> "policyDocument")
-                     <*> (x .?> "defaultVersionId")
-                     <*> (x .?> "policyArn")
-                     <*> (x .?> "creationDate")
-                     <*> (x .?> "generationId")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable GetPolicy where
-
-instance NFData GetPolicy where
-
-instance ToHeaders GetPolicy where
-        toHeaders = const mempty
-
-instance ToPath GetPolicy where
-        toPath GetPolicy'{..}
-          = mconcat ["/policies/", toBS _gpPolicyName]
-
-instance ToQuery GetPolicy where
-        toQuery = const mempty
-
--- | The output from the GetPolicy operation.
---
---
---
--- /See:/ 'getPolicyResponse' smart constructor.
-data GetPolicyResponse = GetPolicyResponse'
-  { _gprsLastModifiedDate :: !(Maybe POSIX)
-  , _gprsPolicyName       :: !(Maybe Text)
-  , _gprsPolicyDocument   :: !(Maybe Text)
-  , _gprsDefaultVersionId :: !(Maybe Text)
-  , _gprsPolicyARN        :: !(Maybe Text)
-  , _gprsCreationDate     :: !(Maybe POSIX)
-  , _gprsGenerationId     :: !(Maybe Text)
-  , _gprsResponseStatus   :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'GetPolicyResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'gprsLastModifiedDate' - The date the policy was last modified.
---
--- * 'gprsPolicyName' - The policy name.
---
--- * 'gprsPolicyDocument' - The JSON document that describes the policy.
---
--- * 'gprsDefaultVersionId' - The default policy version ID.
---
--- * 'gprsPolicyARN' - The policy ARN.
---
--- * 'gprsCreationDate' - The date the policy was created.
---
--- * 'gprsGenerationId' - The generation ID of the policy.
---
--- * 'gprsResponseStatus' - -- | The response status code.
-getPolicyResponse
-    :: Int -- ^ 'gprsResponseStatus'
-    -> GetPolicyResponse
-getPolicyResponse pResponseStatus_ =
-  GetPolicyResponse'
-    { _gprsLastModifiedDate = Nothing
-    , _gprsPolicyName = Nothing
-    , _gprsPolicyDocument = Nothing
-    , _gprsDefaultVersionId = Nothing
-    , _gprsPolicyARN = Nothing
-    , _gprsCreationDate = Nothing
-    , _gprsGenerationId = Nothing
-    , _gprsResponseStatus = pResponseStatus_
-    }
-
-
--- | The date the policy was last modified.
-gprsLastModifiedDate :: Lens' GetPolicyResponse (Maybe UTCTime)
-gprsLastModifiedDate = lens _gprsLastModifiedDate (\ s a -> s{_gprsLastModifiedDate = a}) . mapping _Time
-
--- | The policy name.
-gprsPolicyName :: Lens' GetPolicyResponse (Maybe Text)
-gprsPolicyName = lens _gprsPolicyName (\ s a -> s{_gprsPolicyName = a})
-
--- | The JSON document that describes the policy.
-gprsPolicyDocument :: Lens' GetPolicyResponse (Maybe Text)
-gprsPolicyDocument = lens _gprsPolicyDocument (\ s a -> s{_gprsPolicyDocument = a})
-
--- | The default policy version ID.
-gprsDefaultVersionId :: Lens' GetPolicyResponse (Maybe Text)
-gprsDefaultVersionId = lens _gprsDefaultVersionId (\ s a -> s{_gprsDefaultVersionId = a})
-
--- | The policy ARN.
-gprsPolicyARN :: Lens' GetPolicyResponse (Maybe Text)
-gprsPolicyARN = lens _gprsPolicyARN (\ s a -> s{_gprsPolicyARN = a})
-
--- | The date the policy was created.
-gprsCreationDate :: Lens' GetPolicyResponse (Maybe UTCTime)
-gprsCreationDate = lens _gprsCreationDate (\ s a -> s{_gprsCreationDate = a}) . mapping _Time
-
--- | The generation ID of the policy.
-gprsGenerationId :: Lens' GetPolicyResponse (Maybe Text)
-gprsGenerationId = lens _gprsGenerationId (\ s a -> s{_gprsGenerationId = a})
-
--- | -- | The response status code.
-gprsResponseStatus :: Lens' GetPolicyResponse Int
-gprsResponseStatus = lens _gprsResponseStatus (\ s a -> s{_gprsResponseStatus = a})
-
-instance NFData GetPolicyResponse where
diff --git a/gen/Network/AWS/IoT/GetPolicyVersion.hs b/gen/Network/AWS/IoT/GetPolicyVersion.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/GetPolicyVersion.hs
+++ /dev/null
@@ -1,214 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.GetPolicyVersion
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Gets information about the specified policy version.
---
---
-module Network.AWS.IoT.GetPolicyVersion
-    (
-    -- * Creating a Request
-      getPolicyVersion
-    , GetPolicyVersion
-    -- * Request Lenses
-    , gpvPolicyName
-    , gpvPolicyVersionId
-
-    -- * Destructuring the Response
-    , getPolicyVersionResponse
-    , GetPolicyVersionResponse
-    -- * Response Lenses
-    , gpvrsLastModifiedDate
-    , gpvrsPolicyName
-    , gpvrsPolicyDocument
-    , gpvrsPolicyVersionId
-    , gpvrsPolicyARN
-    , gpvrsCreationDate
-    , gpvrsGenerationId
-    , gpvrsIsDefaultVersion
-    , gpvrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the GetPolicyVersion operation.
---
---
---
--- /See:/ 'getPolicyVersion' smart constructor.
-data GetPolicyVersion = GetPolicyVersion'
-  { _gpvPolicyName      :: !Text
-  , _gpvPolicyVersionId :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'GetPolicyVersion' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'gpvPolicyName' - The name of the policy.
---
--- * 'gpvPolicyVersionId' - The policy version ID.
-getPolicyVersion
-    :: Text -- ^ 'gpvPolicyName'
-    -> Text -- ^ 'gpvPolicyVersionId'
-    -> GetPolicyVersion
-getPolicyVersion pPolicyName_ pPolicyVersionId_ =
-  GetPolicyVersion'
-    {_gpvPolicyName = pPolicyName_, _gpvPolicyVersionId = pPolicyVersionId_}
-
-
--- | The name of the policy.
-gpvPolicyName :: Lens' GetPolicyVersion Text
-gpvPolicyName = lens _gpvPolicyName (\ s a -> s{_gpvPolicyName = a})
-
--- | The policy version ID.
-gpvPolicyVersionId :: Lens' GetPolicyVersion Text
-gpvPolicyVersionId = lens _gpvPolicyVersionId (\ s a -> s{_gpvPolicyVersionId = a})
-
-instance AWSRequest GetPolicyVersion where
-        type Rs GetPolicyVersion = GetPolicyVersionResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 GetPolicyVersionResponse' <$>
-                   (x .?> "lastModifiedDate") <*> (x .?> "policyName")
-                     <*> (x .?> "policyDocument")
-                     <*> (x .?> "policyVersionId")
-                     <*> (x .?> "policyArn")
-                     <*> (x .?> "creationDate")
-                     <*> (x .?> "generationId")
-                     <*> (x .?> "isDefaultVersion")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable GetPolicyVersion where
-
-instance NFData GetPolicyVersion where
-
-instance ToHeaders GetPolicyVersion where
-        toHeaders = const mempty
-
-instance ToPath GetPolicyVersion where
-        toPath GetPolicyVersion'{..}
-          = mconcat
-              ["/policies/", toBS _gpvPolicyName, "/version/",
-               toBS _gpvPolicyVersionId]
-
-instance ToQuery GetPolicyVersion where
-        toQuery = const mempty
-
--- | The output from the GetPolicyVersion operation.
---
---
---
--- /See:/ 'getPolicyVersionResponse' smart constructor.
-data GetPolicyVersionResponse = GetPolicyVersionResponse'
-  { _gpvrsLastModifiedDate :: !(Maybe POSIX)
-  , _gpvrsPolicyName       :: !(Maybe Text)
-  , _gpvrsPolicyDocument   :: !(Maybe Text)
-  , _gpvrsPolicyVersionId  :: !(Maybe Text)
-  , _gpvrsPolicyARN        :: !(Maybe Text)
-  , _gpvrsCreationDate     :: !(Maybe POSIX)
-  , _gpvrsGenerationId     :: !(Maybe Text)
-  , _gpvrsIsDefaultVersion :: !(Maybe Bool)
-  , _gpvrsResponseStatus   :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'GetPolicyVersionResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'gpvrsLastModifiedDate' - The date the policy version was last modified.
---
--- * 'gpvrsPolicyName' - The policy name.
---
--- * 'gpvrsPolicyDocument' - The JSON document that describes the policy.
---
--- * 'gpvrsPolicyVersionId' - The policy version ID.
---
--- * 'gpvrsPolicyARN' - The policy ARN.
---
--- * 'gpvrsCreationDate' - The date the policy version was created.
---
--- * 'gpvrsGenerationId' - The generation ID of the policy version.
---
--- * 'gpvrsIsDefaultVersion' - Specifies whether the policy version is the default.
---
--- * 'gpvrsResponseStatus' - -- | The response status code.
-getPolicyVersionResponse
-    :: Int -- ^ 'gpvrsResponseStatus'
-    -> GetPolicyVersionResponse
-getPolicyVersionResponse pResponseStatus_ =
-  GetPolicyVersionResponse'
-    { _gpvrsLastModifiedDate = Nothing
-    , _gpvrsPolicyName = Nothing
-    , _gpvrsPolicyDocument = Nothing
-    , _gpvrsPolicyVersionId = Nothing
-    , _gpvrsPolicyARN = Nothing
-    , _gpvrsCreationDate = Nothing
-    , _gpvrsGenerationId = Nothing
-    , _gpvrsIsDefaultVersion = Nothing
-    , _gpvrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The date the policy version was last modified.
-gpvrsLastModifiedDate :: Lens' GetPolicyVersionResponse (Maybe UTCTime)
-gpvrsLastModifiedDate = lens _gpvrsLastModifiedDate (\ s a -> s{_gpvrsLastModifiedDate = a}) . mapping _Time
-
--- | The policy name.
-gpvrsPolicyName :: Lens' GetPolicyVersionResponse (Maybe Text)
-gpvrsPolicyName = lens _gpvrsPolicyName (\ s a -> s{_gpvrsPolicyName = a})
-
--- | The JSON document that describes the policy.
-gpvrsPolicyDocument :: Lens' GetPolicyVersionResponse (Maybe Text)
-gpvrsPolicyDocument = lens _gpvrsPolicyDocument (\ s a -> s{_gpvrsPolicyDocument = a})
-
--- | The policy version ID.
-gpvrsPolicyVersionId :: Lens' GetPolicyVersionResponse (Maybe Text)
-gpvrsPolicyVersionId = lens _gpvrsPolicyVersionId (\ s a -> s{_gpvrsPolicyVersionId = a})
-
--- | The policy ARN.
-gpvrsPolicyARN :: Lens' GetPolicyVersionResponse (Maybe Text)
-gpvrsPolicyARN = lens _gpvrsPolicyARN (\ s a -> s{_gpvrsPolicyARN = a})
-
--- | The date the policy version was created.
-gpvrsCreationDate :: Lens' GetPolicyVersionResponse (Maybe UTCTime)
-gpvrsCreationDate = lens _gpvrsCreationDate (\ s a -> s{_gpvrsCreationDate = a}) . mapping _Time
-
--- | The generation ID of the policy version.
-gpvrsGenerationId :: Lens' GetPolicyVersionResponse (Maybe Text)
-gpvrsGenerationId = lens _gpvrsGenerationId (\ s a -> s{_gpvrsGenerationId = a})
-
--- | Specifies whether the policy version is the default.
-gpvrsIsDefaultVersion :: Lens' GetPolicyVersionResponse (Maybe Bool)
-gpvrsIsDefaultVersion = lens _gpvrsIsDefaultVersion (\ s a -> s{_gpvrsIsDefaultVersion = a})
-
--- | -- | The response status code.
-gpvrsResponseStatus :: Lens' GetPolicyVersionResponse Int
-gpvrsResponseStatus = lens _gpvrsResponseStatus (\ s a -> s{_gpvrsResponseStatus = a})
-
-instance NFData GetPolicyVersionResponse where
diff --git a/gen/Network/AWS/IoT/GetRegistrationCode.hs b/gen/Network/AWS/IoT/GetRegistrationCode.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/GetRegistrationCode.hs
+++ /dev/null
@@ -1,119 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.GetRegistrationCode
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Gets a registration code used to register a CA certificate with AWS IoT.
---
---
-module Network.AWS.IoT.GetRegistrationCode
-    (
-    -- * Creating a Request
-      getRegistrationCode
-    , GetRegistrationCode
-
-    -- * Destructuring the Response
-    , getRegistrationCodeResponse
-    , GetRegistrationCodeResponse
-    -- * Response Lenses
-    , grcrsRegistrationCode
-    , grcrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input to the GetRegistrationCode operation.
---
---
---
--- /See:/ 'getRegistrationCode' smart constructor.
-data GetRegistrationCode =
-  GetRegistrationCode'
-  deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'GetRegistrationCode' with the minimum fields required to make a request.
---
-getRegistrationCode
-    :: GetRegistrationCode
-getRegistrationCode = GetRegistrationCode'
-
-
-instance AWSRequest GetRegistrationCode where
-        type Rs GetRegistrationCode =
-             GetRegistrationCodeResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 GetRegistrationCodeResponse' <$>
-                   (x .?> "registrationCode") <*> (pure (fromEnum s)))
-
-instance Hashable GetRegistrationCode where
-
-instance NFData GetRegistrationCode where
-
-instance ToHeaders GetRegistrationCode where
-        toHeaders = const mempty
-
-instance ToPath GetRegistrationCode where
-        toPath = const "/registrationcode"
-
-instance ToQuery GetRegistrationCode where
-        toQuery = const mempty
-
--- | The output from the GetRegistrationCode operation.
---
---
---
--- /See:/ 'getRegistrationCodeResponse' smart constructor.
-data GetRegistrationCodeResponse = GetRegistrationCodeResponse'
-  { _grcrsRegistrationCode :: !(Maybe Text)
-  , _grcrsResponseStatus   :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'GetRegistrationCodeResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'grcrsRegistrationCode' - The CA certificate registration code.
---
--- * 'grcrsResponseStatus' - -- | The response status code.
-getRegistrationCodeResponse
-    :: Int -- ^ 'grcrsResponseStatus'
-    -> GetRegistrationCodeResponse
-getRegistrationCodeResponse pResponseStatus_ =
-  GetRegistrationCodeResponse'
-    {_grcrsRegistrationCode = Nothing, _grcrsResponseStatus = pResponseStatus_}
-
-
--- | The CA certificate registration code.
-grcrsRegistrationCode :: Lens' GetRegistrationCodeResponse (Maybe Text)
-grcrsRegistrationCode = lens _grcrsRegistrationCode (\ s a -> s{_grcrsRegistrationCode = a})
-
--- | -- | The response status code.
-grcrsResponseStatus :: Lens' GetRegistrationCodeResponse Int
-grcrsResponseStatus = lens _grcrsResponseStatus (\ s a -> s{_grcrsResponseStatus = a})
-
-instance NFData GetRegistrationCodeResponse where
diff --git a/gen/Network/AWS/IoT/GetTopicRule.hs b/gen/Network/AWS/IoT/GetTopicRule.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/GetTopicRule.hs
+++ /dev/null
@@ -1,141 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.GetTopicRule
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Gets information about the rule.
---
---
-module Network.AWS.IoT.GetTopicRule
-    (
-    -- * Creating a Request
-      getTopicRule
-    , GetTopicRule
-    -- * Request Lenses
-    , gtrRuleName
-
-    -- * Destructuring the Response
-    , getTopicRuleResponse
-    , GetTopicRuleResponse
-    -- * Response Lenses
-    , gtrrsRule
-    , gtrrsRuleARN
-    , gtrrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the GetTopicRule operation.
---
---
---
--- /See:/ 'getTopicRule' smart constructor.
-newtype GetTopicRule = GetTopicRule'
-  { _gtrRuleName :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'GetTopicRule' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'gtrRuleName' - The name of the rule.
-getTopicRule
-    :: Text -- ^ 'gtrRuleName'
-    -> GetTopicRule
-getTopicRule pRuleName_ = GetTopicRule' {_gtrRuleName = pRuleName_}
-
-
--- | The name of the rule.
-gtrRuleName :: Lens' GetTopicRule Text
-gtrRuleName = lens _gtrRuleName (\ s a -> s{_gtrRuleName = a})
-
-instance AWSRequest GetTopicRule where
-        type Rs GetTopicRule = GetTopicRuleResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 GetTopicRuleResponse' <$>
-                   (x .?> "rule") <*> (x .?> "ruleArn") <*>
-                     (pure (fromEnum s)))
-
-instance Hashable GetTopicRule where
-
-instance NFData GetTopicRule where
-
-instance ToHeaders GetTopicRule where
-        toHeaders = const mempty
-
-instance ToPath GetTopicRule where
-        toPath GetTopicRule'{..}
-          = mconcat ["/rules/", toBS _gtrRuleName]
-
-instance ToQuery GetTopicRule where
-        toQuery = const mempty
-
--- | The output from the GetTopicRule operation.
---
---
---
--- /See:/ 'getTopicRuleResponse' smart constructor.
-data GetTopicRuleResponse = GetTopicRuleResponse'
-  { _gtrrsRule           :: !(Maybe TopicRule)
-  , _gtrrsRuleARN        :: !(Maybe Text)
-  , _gtrrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'GetTopicRuleResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'gtrrsRule' - The rule.
---
--- * 'gtrrsRuleARN' - The rule ARN.
---
--- * 'gtrrsResponseStatus' - -- | The response status code.
-getTopicRuleResponse
-    :: Int -- ^ 'gtrrsResponseStatus'
-    -> GetTopicRuleResponse
-getTopicRuleResponse pResponseStatus_ =
-  GetTopicRuleResponse'
-    { _gtrrsRule = Nothing
-    , _gtrrsRuleARN = Nothing
-    , _gtrrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The rule.
-gtrrsRule :: Lens' GetTopicRuleResponse (Maybe TopicRule)
-gtrrsRule = lens _gtrrsRule (\ s a -> s{_gtrrsRule = a})
-
--- | The rule ARN.
-gtrrsRuleARN :: Lens' GetTopicRuleResponse (Maybe Text)
-gtrrsRuleARN = lens _gtrrsRuleARN (\ s a -> s{_gtrrsRuleARN = a})
-
--- | -- | The response status code.
-gtrrsResponseStatus :: Lens' GetTopicRuleResponse Int
-gtrrsResponseStatus = lens _gtrrsResponseStatus (\ s a -> s{_gtrrsResponseStatus = a})
-
-instance NFData GetTopicRuleResponse where
diff --git a/gen/Network/AWS/IoT/GetV2LoggingOptions.hs b/gen/Network/AWS/IoT/GetV2LoggingOptions.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/GetV2LoggingOptions.hs
+++ /dev/null
@@ -1,134 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.GetV2LoggingOptions
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Gets the fine grained logging options.
---
---
-module Network.AWS.IoT.GetV2LoggingOptions
-    (
-    -- * Creating a Request
-      getV2LoggingOptions
-    , GetV2LoggingOptions
-
-    -- * Destructuring the Response
-    , getV2LoggingOptionsResponse
-    , GetV2LoggingOptionsResponse
-    -- * Response Lenses
-    , gvlorsDisableAllLogs
-    , gvlorsDefaultLogLevel
-    , gvlorsRoleARN
-    , gvlorsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'getV2LoggingOptions' smart constructor.
-data GetV2LoggingOptions =
-  GetV2LoggingOptions'
-  deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'GetV2LoggingOptions' with the minimum fields required to make a request.
---
-getV2LoggingOptions
-    :: GetV2LoggingOptions
-getV2LoggingOptions = GetV2LoggingOptions'
-
-
-instance AWSRequest GetV2LoggingOptions where
-        type Rs GetV2LoggingOptions =
-             GetV2LoggingOptionsResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 GetV2LoggingOptionsResponse' <$>
-                   (x .?> "disableAllLogs") <*>
-                     (x .?> "defaultLogLevel")
-                     <*> (x .?> "roleArn")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable GetV2LoggingOptions where
-
-instance NFData GetV2LoggingOptions where
-
-instance ToHeaders GetV2LoggingOptions where
-        toHeaders = const mempty
-
-instance ToPath GetV2LoggingOptions where
-        toPath = const "/v2LoggingOptions"
-
-instance ToQuery GetV2LoggingOptions where
-        toQuery = const mempty
-
--- | /See:/ 'getV2LoggingOptionsResponse' smart constructor.
-data GetV2LoggingOptionsResponse = GetV2LoggingOptionsResponse'
-  { _gvlorsDisableAllLogs  :: !(Maybe Bool)
-  , _gvlorsDefaultLogLevel :: !(Maybe LogLevel)
-  , _gvlorsRoleARN         :: !(Maybe Text)
-  , _gvlorsResponseStatus  :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'GetV2LoggingOptionsResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'gvlorsDisableAllLogs' - Disables all logs.
---
--- * 'gvlorsDefaultLogLevel' - The default log level.
---
--- * 'gvlorsRoleARN' - The IAM role ARN AWS IoT uses to write to your CloudWatch logs.
---
--- * 'gvlorsResponseStatus' - -- | The response status code.
-getV2LoggingOptionsResponse
-    :: Int -- ^ 'gvlorsResponseStatus'
-    -> GetV2LoggingOptionsResponse
-getV2LoggingOptionsResponse pResponseStatus_ =
-  GetV2LoggingOptionsResponse'
-    { _gvlorsDisableAllLogs = Nothing
-    , _gvlorsDefaultLogLevel = Nothing
-    , _gvlorsRoleARN = Nothing
-    , _gvlorsResponseStatus = pResponseStatus_
-    }
-
-
--- | Disables all logs.
-gvlorsDisableAllLogs :: Lens' GetV2LoggingOptionsResponse (Maybe Bool)
-gvlorsDisableAllLogs = lens _gvlorsDisableAllLogs (\ s a -> s{_gvlorsDisableAllLogs = a})
-
--- | The default log level.
-gvlorsDefaultLogLevel :: Lens' GetV2LoggingOptionsResponse (Maybe LogLevel)
-gvlorsDefaultLogLevel = lens _gvlorsDefaultLogLevel (\ s a -> s{_gvlorsDefaultLogLevel = a})
-
--- | The IAM role ARN AWS IoT uses to write to your CloudWatch logs.
-gvlorsRoleARN :: Lens' GetV2LoggingOptionsResponse (Maybe Text)
-gvlorsRoleARN = lens _gvlorsRoleARN (\ s a -> s{_gvlorsRoleARN = a})
-
--- | -- | The response status code.
-gvlorsResponseStatus :: Lens' GetV2LoggingOptionsResponse Int
-gvlorsResponseStatus = lens _gvlorsResponseStatus (\ s a -> s{_gvlorsResponseStatus = a})
-
-instance NFData GetV2LoggingOptionsResponse where
diff --git a/gen/Network/AWS/IoT/ListAttachedPolicies.hs b/gen/Network/AWS/IoT/ListAttachedPolicies.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ListAttachedPolicies.hs
+++ /dev/null
@@ -1,172 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ListAttachedPolicies
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Lists the policies attached to the specified thing group.
---
---
-module Network.AWS.IoT.ListAttachedPolicies
-    (
-    -- * Creating a Request
-      listAttachedPolicies
-    , ListAttachedPolicies
-    -- * Request Lenses
-    , lapMarker
-    , lapRecursive
-    , lapPageSize
-    , lapTarget
-
-    -- * Destructuring the Response
-    , listAttachedPoliciesResponse
-    , ListAttachedPoliciesResponse
-    -- * Response Lenses
-    , laprsNextMarker
-    , laprsPolicies
-    , laprsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'listAttachedPolicies' smart constructor.
-data ListAttachedPolicies = ListAttachedPolicies'
-  { _lapMarker    :: !(Maybe Text)
-  , _lapRecursive :: !(Maybe Bool)
-  , _lapPageSize  :: !(Maybe Nat)
-  , _lapTarget    :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListAttachedPolicies' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'lapMarker' - The token to retrieve the next set of results.
---
--- * 'lapRecursive' - When true, recursively list attached policies.
---
--- * 'lapPageSize' - The maximum number of results to be returned per request.
---
--- * 'lapTarget' - The group for which the policies will be listed.
-listAttachedPolicies
-    :: Text -- ^ 'lapTarget'
-    -> ListAttachedPolicies
-listAttachedPolicies pTarget_ =
-  ListAttachedPolicies'
-    { _lapMarker = Nothing
-    , _lapRecursive = Nothing
-    , _lapPageSize = Nothing
-    , _lapTarget = pTarget_
-    }
-
-
--- | The token to retrieve the next set of results.
-lapMarker :: Lens' ListAttachedPolicies (Maybe Text)
-lapMarker = lens _lapMarker (\ s a -> s{_lapMarker = a})
-
--- | When true, recursively list attached policies.
-lapRecursive :: Lens' ListAttachedPolicies (Maybe Bool)
-lapRecursive = lens _lapRecursive (\ s a -> s{_lapRecursive = a})
-
--- | The maximum number of results to be returned per request.
-lapPageSize :: Lens' ListAttachedPolicies (Maybe Natural)
-lapPageSize = lens _lapPageSize (\ s a -> s{_lapPageSize = a}) . mapping _Nat
-
--- | The group for which the policies will be listed.
-lapTarget :: Lens' ListAttachedPolicies Text
-lapTarget = lens _lapTarget (\ s a -> s{_lapTarget = a})
-
-instance AWSRequest ListAttachedPolicies where
-        type Rs ListAttachedPolicies =
-             ListAttachedPoliciesResponse
-        request = postJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 ListAttachedPoliciesResponse' <$>
-                   (x .?> "nextMarker") <*>
-                     (x .?> "policies" .!@ mempty)
-                     <*> (pure (fromEnum s)))
-
-instance Hashable ListAttachedPolicies where
-
-instance NFData ListAttachedPolicies where
-
-instance ToHeaders ListAttachedPolicies where
-        toHeaders = const mempty
-
-instance ToJSON ListAttachedPolicies where
-        toJSON = const (Object mempty)
-
-instance ToPath ListAttachedPolicies where
-        toPath ListAttachedPolicies'{..}
-          = mconcat ["/attached-policies/", toBS _lapTarget]
-
-instance ToQuery ListAttachedPolicies where
-        toQuery ListAttachedPolicies'{..}
-          = mconcat
-              ["marker" =: _lapMarker,
-               "recursive" =: _lapRecursive,
-               "pageSize" =: _lapPageSize]
-
--- | /See:/ 'listAttachedPoliciesResponse' smart constructor.
-data ListAttachedPoliciesResponse = ListAttachedPoliciesResponse'
-  { _laprsNextMarker     :: !(Maybe Text)
-  , _laprsPolicies       :: !(Maybe [Policy])
-  , _laprsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListAttachedPoliciesResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'laprsNextMarker' - The token to retrieve the next set of results, or ``null`` if there are no more results.
---
--- * 'laprsPolicies' - The policies.
---
--- * 'laprsResponseStatus' - -- | The response status code.
-listAttachedPoliciesResponse
-    :: Int -- ^ 'laprsResponseStatus'
-    -> ListAttachedPoliciesResponse
-listAttachedPoliciesResponse pResponseStatus_ =
-  ListAttachedPoliciesResponse'
-    { _laprsNextMarker = Nothing
-    , _laprsPolicies = Nothing
-    , _laprsResponseStatus = pResponseStatus_
-    }
-
-
--- | The token to retrieve the next set of results, or ``null`` if there are no more results.
-laprsNextMarker :: Lens' ListAttachedPoliciesResponse (Maybe Text)
-laprsNextMarker = lens _laprsNextMarker (\ s a -> s{_laprsNextMarker = a})
-
--- | The policies.
-laprsPolicies :: Lens' ListAttachedPoliciesResponse [Policy]
-laprsPolicies = lens _laprsPolicies (\ s a -> s{_laprsPolicies = a}) . _Default . _Coerce
-
--- | -- | The response status code.
-laprsResponseStatus :: Lens' ListAttachedPoliciesResponse Int
-laprsResponseStatus = lens _laprsResponseStatus (\ s a -> s{_laprsResponseStatus = a})
-
-instance NFData ListAttachedPoliciesResponse where
diff --git a/gen/Network/AWS/IoT/ListAuthorizers.hs b/gen/Network/AWS/IoT/ListAuthorizers.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ListAuthorizers.hs
+++ /dev/null
@@ -1,166 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ListAuthorizers
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Lists the authorizers registered in your account.
---
---
-module Network.AWS.IoT.ListAuthorizers
-    (
-    -- * Creating a Request
-      listAuthorizers
-    , ListAuthorizers
-    -- * Request Lenses
-    , laStatus
-    , laMarker
-    , laAscendingOrder
-    , laPageSize
-
-    -- * Destructuring the Response
-    , listAuthorizersResponse
-    , ListAuthorizersResponse
-    -- * Response Lenses
-    , larsAuthorizers
-    , larsNextMarker
-    , larsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'listAuthorizers' smart constructor.
-data ListAuthorizers = ListAuthorizers'
-  { _laStatus         :: !(Maybe AuthorizerStatus)
-  , _laMarker         :: !(Maybe Text)
-  , _laAscendingOrder :: !(Maybe Bool)
-  , _laPageSize       :: !(Maybe Nat)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListAuthorizers' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'laStatus' - The status of the list authorizers request.
---
--- * 'laMarker' - A marker used to get the next set of results.
---
--- * 'laAscendingOrder' - Return the list of authorizers in ascending alphabetical order.
---
--- * 'laPageSize' - The maximum number of results to return at one time.
-listAuthorizers
-    :: ListAuthorizers
-listAuthorizers =
-  ListAuthorizers'
-    { _laStatus = Nothing
-    , _laMarker = Nothing
-    , _laAscendingOrder = Nothing
-    , _laPageSize = Nothing
-    }
-
-
--- | The status of the list authorizers request.
-laStatus :: Lens' ListAuthorizers (Maybe AuthorizerStatus)
-laStatus = lens _laStatus (\ s a -> s{_laStatus = a})
-
--- | A marker used to get the next set of results.
-laMarker :: Lens' ListAuthorizers (Maybe Text)
-laMarker = lens _laMarker (\ s a -> s{_laMarker = a})
-
--- | Return the list of authorizers in ascending alphabetical order.
-laAscendingOrder :: Lens' ListAuthorizers (Maybe Bool)
-laAscendingOrder = lens _laAscendingOrder (\ s a -> s{_laAscendingOrder = a})
-
--- | The maximum number of results to return at one time.
-laPageSize :: Lens' ListAuthorizers (Maybe Natural)
-laPageSize = lens _laPageSize (\ s a -> s{_laPageSize = a}) . mapping _Nat
-
-instance AWSRequest ListAuthorizers where
-        type Rs ListAuthorizers = ListAuthorizersResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 ListAuthorizersResponse' <$>
-                   (x .?> "authorizers" .!@ mempty) <*>
-                     (x .?> "nextMarker")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable ListAuthorizers where
-
-instance NFData ListAuthorizers where
-
-instance ToHeaders ListAuthorizers where
-        toHeaders = const mempty
-
-instance ToPath ListAuthorizers where
-        toPath = const "/authorizers/"
-
-instance ToQuery ListAuthorizers where
-        toQuery ListAuthorizers'{..}
-          = mconcat
-              ["status" =: _laStatus, "marker" =: _laMarker,
-               "isAscendingOrder" =: _laAscendingOrder,
-               "pageSize" =: _laPageSize]
-
--- | /See:/ 'listAuthorizersResponse' smart constructor.
-data ListAuthorizersResponse = ListAuthorizersResponse'
-  { _larsAuthorizers    :: !(Maybe [AuthorizerSummary])
-  , _larsNextMarker     :: !(Maybe Text)
-  , _larsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListAuthorizersResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'larsAuthorizers' - The authorizers.
---
--- * 'larsNextMarker' - A marker used to get the next set of results.
---
--- * 'larsResponseStatus' - -- | The response status code.
-listAuthorizersResponse
-    :: Int -- ^ 'larsResponseStatus'
-    -> ListAuthorizersResponse
-listAuthorizersResponse pResponseStatus_ =
-  ListAuthorizersResponse'
-    { _larsAuthorizers = Nothing
-    , _larsNextMarker = Nothing
-    , _larsResponseStatus = pResponseStatus_
-    }
-
-
--- | The authorizers.
-larsAuthorizers :: Lens' ListAuthorizersResponse [AuthorizerSummary]
-larsAuthorizers = lens _larsAuthorizers (\ s a -> s{_larsAuthorizers = a}) . _Default . _Coerce
-
--- | A marker used to get the next set of results.
-larsNextMarker :: Lens' ListAuthorizersResponse (Maybe Text)
-larsNextMarker = lens _larsNextMarker (\ s a -> s{_larsNextMarker = a})
-
--- | -- | The response status code.
-larsResponseStatus :: Lens' ListAuthorizersResponse Int
-larsResponseStatus = lens _larsResponseStatus (\ s a -> s{_larsResponseStatus = a})
-
-instance NFData ListAuthorizersResponse where
diff --git a/gen/Network/AWS/IoT/ListCACertificates.hs b/gen/Network/AWS/IoT/ListCACertificates.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ListCACertificates.hs
+++ /dev/null
@@ -1,178 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ListCACertificates
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Lists the CA certificates registered for your AWS account.
---
---
--- The results are paginated with a default page size of 25. You can use the returned marker to retrieve additional results.
---
---
--- This operation returns paginated results.
-module Network.AWS.IoT.ListCACertificates
-    (
-    -- * Creating a Request
-      listCACertificates
-    , ListCACertificates
-    -- * Request Lenses
-    , lcacMarker
-    , lcacAscendingOrder
-    , lcacPageSize
-
-    -- * Destructuring the Response
-    , listCACertificatesResponse
-    , ListCACertificatesResponse
-    -- * Response Lenses
-    , lcacrsCertificates
-    , lcacrsNextMarker
-    , lcacrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Pager
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | Input for the ListCACertificates operation.
---
---
---
--- /See:/ 'listCACertificates' smart constructor.
-data ListCACertificates = ListCACertificates'
-  { _lcacMarker         :: !(Maybe Text)
-  , _lcacAscendingOrder :: !(Maybe Bool)
-  , _lcacPageSize       :: !(Maybe Nat)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListCACertificates' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'lcacMarker' - The marker for the next set of results.
---
--- * 'lcacAscendingOrder' - Determines the order of the results.
---
--- * 'lcacPageSize' - The result page size.
-listCACertificates
-    :: ListCACertificates
-listCACertificates =
-  ListCACertificates'
-    { _lcacMarker = Nothing
-    , _lcacAscendingOrder = Nothing
-    , _lcacPageSize = Nothing
-    }
-
-
--- | The marker for the next set of results.
-lcacMarker :: Lens' ListCACertificates (Maybe Text)
-lcacMarker = lens _lcacMarker (\ s a -> s{_lcacMarker = a})
-
--- | Determines the order of the results.
-lcacAscendingOrder :: Lens' ListCACertificates (Maybe Bool)
-lcacAscendingOrder = lens _lcacAscendingOrder (\ s a -> s{_lcacAscendingOrder = a})
-
--- | The result page size.
-lcacPageSize :: Lens' ListCACertificates (Maybe Natural)
-lcacPageSize = lens _lcacPageSize (\ s a -> s{_lcacPageSize = a}) . mapping _Nat
-
-instance AWSPager ListCACertificates where
-        page rq rs
-          | stop (rs ^. lcacrsNextMarker) = Nothing
-          | stop (rs ^. lcacrsCertificates) = Nothing
-          | otherwise =
-            Just $ rq & lcacMarker .~ rs ^. lcacrsNextMarker
-
-instance AWSRequest ListCACertificates where
-        type Rs ListCACertificates =
-             ListCACertificatesResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 ListCACertificatesResponse' <$>
-                   (x .?> "certificates" .!@ mempty) <*>
-                     (x .?> "nextMarker")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable ListCACertificates where
-
-instance NFData ListCACertificates where
-
-instance ToHeaders ListCACertificates where
-        toHeaders = const mempty
-
-instance ToPath ListCACertificates where
-        toPath = const "/cacertificates"
-
-instance ToQuery ListCACertificates where
-        toQuery ListCACertificates'{..}
-          = mconcat
-              ["marker" =: _lcacMarker,
-               "isAscendingOrder" =: _lcacAscendingOrder,
-               "pageSize" =: _lcacPageSize]
-
--- | The output from the ListCACertificates operation.
---
---
---
--- /See:/ 'listCACertificatesResponse' smart constructor.
-data ListCACertificatesResponse = ListCACertificatesResponse'
-  { _lcacrsCertificates   :: !(Maybe [CACertificate])
-  , _lcacrsNextMarker     :: !(Maybe Text)
-  , _lcacrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListCACertificatesResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'lcacrsCertificates' - The CA certificates registered in your AWS account.
---
--- * 'lcacrsNextMarker' - The current position within the list of CA certificates.
---
--- * 'lcacrsResponseStatus' - -- | The response status code.
-listCACertificatesResponse
-    :: Int -- ^ 'lcacrsResponseStatus'
-    -> ListCACertificatesResponse
-listCACertificatesResponse pResponseStatus_ =
-  ListCACertificatesResponse'
-    { _lcacrsCertificates = Nothing
-    , _lcacrsNextMarker = Nothing
-    , _lcacrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The CA certificates registered in your AWS account.
-lcacrsCertificates :: Lens' ListCACertificatesResponse [CACertificate]
-lcacrsCertificates = lens _lcacrsCertificates (\ s a -> s{_lcacrsCertificates = a}) . _Default . _Coerce
-
--- | The current position within the list of CA certificates.
-lcacrsNextMarker :: Lens' ListCACertificatesResponse (Maybe Text)
-lcacrsNextMarker = lens _lcacrsNextMarker (\ s a -> s{_lcacrsNextMarker = a})
-
--- | -- | The response status code.
-lcacrsResponseStatus :: Lens' ListCACertificatesResponse Int
-lcacrsResponseStatus = lens _lcacrsResponseStatus (\ s a -> s{_lcacrsResponseStatus = a})
-
-instance NFData ListCACertificatesResponse where
diff --git a/gen/Network/AWS/IoT/ListCertificates.hs b/gen/Network/AWS/IoT/ListCertificates.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ListCertificates.hs
+++ /dev/null
@@ -1,174 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ListCertificates
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Lists the certificates registered in your AWS account.
---
---
--- The results are paginated with a default page size of 25. You can use the returned marker to retrieve additional results.
---
---
--- This operation returns paginated results.
-module Network.AWS.IoT.ListCertificates
-    (
-    -- * Creating a Request
-      listCertificates
-    , ListCertificates
-    -- * Request Lenses
-    , lcMarker
-    , lcAscendingOrder
-    , lcPageSize
-
-    -- * Destructuring the Response
-    , listCertificatesResponse
-    , ListCertificatesResponse
-    -- * Response Lenses
-    , lcrsCertificates
-    , lcrsNextMarker
-    , lcrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Pager
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the ListCertificates operation.
---
---
---
--- /See:/ 'listCertificates' smart constructor.
-data ListCertificates = ListCertificates'
-  { _lcMarker         :: !(Maybe Text)
-  , _lcAscendingOrder :: !(Maybe Bool)
-  , _lcPageSize       :: !(Maybe Nat)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListCertificates' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'lcMarker' - The marker for the next set of results.
---
--- * 'lcAscendingOrder' - Specifies the order for results. If True, the results are returned in ascending order, based on the creation date.
---
--- * 'lcPageSize' - The result page size.
-listCertificates
-    :: ListCertificates
-listCertificates =
-  ListCertificates'
-    {_lcMarker = Nothing, _lcAscendingOrder = Nothing, _lcPageSize = Nothing}
-
-
--- | The marker for the next set of results.
-lcMarker :: Lens' ListCertificates (Maybe Text)
-lcMarker = lens _lcMarker (\ s a -> s{_lcMarker = a})
-
--- | Specifies the order for results. If True, the results are returned in ascending order, based on the creation date.
-lcAscendingOrder :: Lens' ListCertificates (Maybe Bool)
-lcAscendingOrder = lens _lcAscendingOrder (\ s a -> s{_lcAscendingOrder = a})
-
--- | The result page size.
-lcPageSize :: Lens' ListCertificates (Maybe Natural)
-lcPageSize = lens _lcPageSize (\ s a -> s{_lcPageSize = a}) . mapping _Nat
-
-instance AWSPager ListCertificates where
-        page rq rs
-          | stop (rs ^. lcrsNextMarker) = Nothing
-          | stop (rs ^. lcrsCertificates) = Nothing
-          | otherwise =
-            Just $ rq & lcMarker .~ rs ^. lcrsNextMarker
-
-instance AWSRequest ListCertificates where
-        type Rs ListCertificates = ListCertificatesResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 ListCertificatesResponse' <$>
-                   (x .?> "certificates" .!@ mempty) <*>
-                     (x .?> "nextMarker")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable ListCertificates where
-
-instance NFData ListCertificates where
-
-instance ToHeaders ListCertificates where
-        toHeaders = const mempty
-
-instance ToPath ListCertificates where
-        toPath = const "/certificates"
-
-instance ToQuery ListCertificates where
-        toQuery ListCertificates'{..}
-          = mconcat
-              ["marker" =: _lcMarker,
-               "isAscendingOrder" =: _lcAscendingOrder,
-               "pageSize" =: _lcPageSize]
-
--- | The output of the ListCertificates operation.
---
---
---
--- /See:/ 'listCertificatesResponse' smart constructor.
-data ListCertificatesResponse = ListCertificatesResponse'
-  { _lcrsCertificates   :: !(Maybe [Certificate])
-  , _lcrsNextMarker     :: !(Maybe Text)
-  , _lcrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListCertificatesResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'lcrsCertificates' - The descriptions of the certificates.
---
--- * 'lcrsNextMarker' - The marker for the next set of results, or null if there are no additional results.
---
--- * 'lcrsResponseStatus' - -- | The response status code.
-listCertificatesResponse
-    :: Int -- ^ 'lcrsResponseStatus'
-    -> ListCertificatesResponse
-listCertificatesResponse pResponseStatus_ =
-  ListCertificatesResponse'
-    { _lcrsCertificates = Nothing
-    , _lcrsNextMarker = Nothing
-    , _lcrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The descriptions of the certificates.
-lcrsCertificates :: Lens' ListCertificatesResponse [Certificate]
-lcrsCertificates = lens _lcrsCertificates (\ s a -> s{_lcrsCertificates = a}) . _Default . _Coerce
-
--- | The marker for the next set of results, or null if there are no additional results.
-lcrsNextMarker :: Lens' ListCertificatesResponse (Maybe Text)
-lcrsNextMarker = lens _lcrsNextMarker (\ s a -> s{_lcrsNextMarker = a})
-
--- | -- | The response status code.
-lcrsResponseStatus :: Lens' ListCertificatesResponse Int
-lcrsResponseStatus = lens _lcrsResponseStatus (\ s a -> s{_lcrsResponseStatus = a})
-
-instance NFData ListCertificatesResponse where
diff --git a/gen/Network/AWS/IoT/ListCertificatesByCA.hs b/gen/Network/AWS/IoT/ListCertificatesByCA.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ListCertificatesByCA.hs
+++ /dev/null
@@ -1,188 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ListCertificatesByCA
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- List the device certificates signed by the specified CA certificate.
---
---
---
--- This operation returns paginated results.
-module Network.AWS.IoT.ListCertificatesByCA
-    (
-    -- * Creating a Request
-      listCertificatesByCA
-    , ListCertificatesByCA
-    -- * Request Lenses
-    , lcbcaMarker
-    , lcbcaAscendingOrder
-    , lcbcaPageSize
-    , lcbcaCaCertificateId
-
-    -- * Destructuring the Response
-    , listCertificatesByCAResponse
-    , ListCertificatesByCAResponse
-    -- * Response Lenses
-    , lcbcarsCertificates
-    , lcbcarsNextMarker
-    , lcbcarsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Pager
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input to the ListCertificatesByCA operation.
---
---
---
--- /See:/ 'listCertificatesByCA' smart constructor.
-data ListCertificatesByCA = ListCertificatesByCA'
-  { _lcbcaMarker          :: !(Maybe Text)
-  , _lcbcaAscendingOrder  :: !(Maybe Bool)
-  , _lcbcaPageSize        :: !(Maybe Nat)
-  , _lcbcaCaCertificateId :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListCertificatesByCA' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'lcbcaMarker' - The marker for the next set of results.
---
--- * 'lcbcaAscendingOrder' - Specifies the order for results. If True, the results are returned in ascending order, based on the creation date.
---
--- * 'lcbcaPageSize' - The result page size.
---
--- * 'lcbcaCaCertificateId' - The ID of the CA certificate. This operation will list all registered device certificate that were signed by this CA certificate.
-listCertificatesByCA
-    :: Text -- ^ 'lcbcaCaCertificateId'
-    -> ListCertificatesByCA
-listCertificatesByCA pCaCertificateId_ =
-  ListCertificatesByCA'
-    { _lcbcaMarker = Nothing
-    , _lcbcaAscendingOrder = Nothing
-    , _lcbcaPageSize = Nothing
-    , _lcbcaCaCertificateId = pCaCertificateId_
-    }
-
-
--- | The marker for the next set of results.
-lcbcaMarker :: Lens' ListCertificatesByCA (Maybe Text)
-lcbcaMarker = lens _lcbcaMarker (\ s a -> s{_lcbcaMarker = a})
-
--- | Specifies the order for results. If True, the results are returned in ascending order, based on the creation date.
-lcbcaAscendingOrder :: Lens' ListCertificatesByCA (Maybe Bool)
-lcbcaAscendingOrder = lens _lcbcaAscendingOrder (\ s a -> s{_lcbcaAscendingOrder = a})
-
--- | The result page size.
-lcbcaPageSize :: Lens' ListCertificatesByCA (Maybe Natural)
-lcbcaPageSize = lens _lcbcaPageSize (\ s a -> s{_lcbcaPageSize = a}) . mapping _Nat
-
--- | The ID of the CA certificate. This operation will list all registered device certificate that were signed by this CA certificate.
-lcbcaCaCertificateId :: Lens' ListCertificatesByCA Text
-lcbcaCaCertificateId = lens _lcbcaCaCertificateId (\ s a -> s{_lcbcaCaCertificateId = a})
-
-instance AWSPager ListCertificatesByCA where
-        page rq rs
-          | stop (rs ^. lcbcarsNextMarker) = Nothing
-          | stop (rs ^. lcbcarsCertificates) = Nothing
-          | otherwise =
-            Just $ rq & lcbcaMarker .~ rs ^. lcbcarsNextMarker
-
-instance AWSRequest ListCertificatesByCA where
-        type Rs ListCertificatesByCA =
-             ListCertificatesByCAResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 ListCertificatesByCAResponse' <$>
-                   (x .?> "certificates" .!@ mempty) <*>
-                     (x .?> "nextMarker")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable ListCertificatesByCA where
-
-instance NFData ListCertificatesByCA where
-
-instance ToHeaders ListCertificatesByCA where
-        toHeaders = const mempty
-
-instance ToPath ListCertificatesByCA where
-        toPath ListCertificatesByCA'{..}
-          = mconcat
-              ["/certificates-by-ca/", toBS _lcbcaCaCertificateId]
-
-instance ToQuery ListCertificatesByCA where
-        toQuery ListCertificatesByCA'{..}
-          = mconcat
-              ["marker" =: _lcbcaMarker,
-               "isAscendingOrder" =: _lcbcaAscendingOrder,
-               "pageSize" =: _lcbcaPageSize]
-
--- | The output of the ListCertificatesByCA operation.
---
---
---
--- /See:/ 'listCertificatesByCAResponse' smart constructor.
-data ListCertificatesByCAResponse = ListCertificatesByCAResponse'
-  { _lcbcarsCertificates   :: !(Maybe [Certificate])
-  , _lcbcarsNextMarker     :: !(Maybe Text)
-  , _lcbcarsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListCertificatesByCAResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'lcbcarsCertificates' - The device certificates signed by the specified CA certificate.
---
--- * 'lcbcarsNextMarker' - The marker for the next set of results, or null if there are no additional results.
---
--- * 'lcbcarsResponseStatus' - -- | The response status code.
-listCertificatesByCAResponse
-    :: Int -- ^ 'lcbcarsResponseStatus'
-    -> ListCertificatesByCAResponse
-listCertificatesByCAResponse pResponseStatus_ =
-  ListCertificatesByCAResponse'
-    { _lcbcarsCertificates = Nothing
-    , _lcbcarsNextMarker = Nothing
-    , _lcbcarsResponseStatus = pResponseStatus_
-    }
-
-
--- | The device certificates signed by the specified CA certificate.
-lcbcarsCertificates :: Lens' ListCertificatesByCAResponse [Certificate]
-lcbcarsCertificates = lens _lcbcarsCertificates (\ s a -> s{_lcbcarsCertificates = a}) . _Default . _Coerce
-
--- | The marker for the next set of results, or null if there are no additional results.
-lcbcarsNextMarker :: Lens' ListCertificatesByCAResponse (Maybe Text)
-lcbcarsNextMarker = lens _lcbcarsNextMarker (\ s a -> s{_lcbcarsNextMarker = a})
-
--- | -- | The response status code.
-lcbcarsResponseStatus :: Lens' ListCertificatesByCAResponse Int
-lcbcarsResponseStatus = lens _lcbcarsResponseStatus (\ s a -> s{_lcbcarsResponseStatus = a})
-
-instance NFData ListCertificatesByCAResponse where
diff --git a/gen/Network/AWS/IoT/ListIndices.hs b/gen/Network/AWS/IoT/ListIndices.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ListIndices.hs
+++ /dev/null
@@ -1,143 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ListIndices
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Lists the search indices.
---
---
-module Network.AWS.IoT.ListIndices
-    (
-    -- * Creating a Request
-      listIndices
-    , ListIndices
-    -- * Request Lenses
-    , liNextToken
-    , liMaxResults
-
-    -- * Destructuring the Response
-    , listIndicesResponse
-    , ListIndicesResponse
-    -- * Response Lenses
-    , lirsNextToken
-    , lirsIndexNames
-    , lirsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'listIndices' smart constructor.
-data ListIndices = ListIndices'
-  { _liNextToken  :: !(Maybe Text)
-  , _liMaxResults :: !(Maybe Nat)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListIndices' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'liNextToken' - The token used to get the next set of results, or __null__ if there are no additional results.
---
--- * 'liMaxResults' - The maximum number of results to return at one time.
-listIndices
-    :: ListIndices
-listIndices = ListIndices' {_liNextToken = Nothing, _liMaxResults = Nothing}
-
-
--- | The token used to get the next set of results, or __null__ if there are no additional results.
-liNextToken :: Lens' ListIndices (Maybe Text)
-liNextToken = lens _liNextToken (\ s a -> s{_liNextToken = a})
-
--- | The maximum number of results to return at one time.
-liMaxResults :: Lens' ListIndices (Maybe Natural)
-liMaxResults = lens _liMaxResults (\ s a -> s{_liMaxResults = a}) . mapping _Nat
-
-instance AWSRequest ListIndices where
-        type Rs ListIndices = ListIndicesResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 ListIndicesResponse' <$>
-                   (x .?> "nextToken") <*>
-                     (x .?> "indexNames" .!@ mempty)
-                     <*> (pure (fromEnum s)))
-
-instance Hashable ListIndices where
-
-instance NFData ListIndices where
-
-instance ToHeaders ListIndices where
-        toHeaders = const mempty
-
-instance ToPath ListIndices where
-        toPath = const "/indices"
-
-instance ToQuery ListIndices where
-        toQuery ListIndices'{..}
-          = mconcat
-              ["nextToken" =: _liNextToken,
-               "maxResults" =: _liMaxResults]
-
--- | /See:/ 'listIndicesResponse' smart constructor.
-data ListIndicesResponse = ListIndicesResponse'
-  { _lirsNextToken      :: !(Maybe Text)
-  , _lirsIndexNames     :: !(Maybe [Text])
-  , _lirsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListIndicesResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'lirsNextToken' - The token used to get the next set of results, or __null__ if there are no additional results.
---
--- * 'lirsIndexNames' - The index names.
---
--- * 'lirsResponseStatus' - -- | The response status code.
-listIndicesResponse
-    :: Int -- ^ 'lirsResponseStatus'
-    -> ListIndicesResponse
-listIndicesResponse pResponseStatus_ =
-  ListIndicesResponse'
-    { _lirsNextToken = Nothing
-    , _lirsIndexNames = Nothing
-    , _lirsResponseStatus = pResponseStatus_
-    }
-
-
--- | The token used to get the next set of results, or __null__ if there are no additional results.
-lirsNextToken :: Lens' ListIndicesResponse (Maybe Text)
-lirsNextToken = lens _lirsNextToken (\ s a -> s{_lirsNextToken = a})
-
--- | The index names.
-lirsIndexNames :: Lens' ListIndicesResponse [Text]
-lirsIndexNames = lens _lirsIndexNames (\ s a -> s{_lirsIndexNames = a}) . _Default . _Coerce
-
--- | -- | The response status code.
-lirsResponseStatus :: Lens' ListIndicesResponse Int
-lirsResponseStatus = lens _lirsResponseStatus (\ s a -> s{_lirsResponseStatus = a})
-
-instance NFData ListIndicesResponse where
diff --git a/gen/Network/AWS/IoT/ListJobExecutionsForJob.hs b/gen/Network/AWS/IoT/ListJobExecutionsForJob.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ListJobExecutionsForJob.hs
+++ /dev/null
@@ -1,169 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ListJobExecutionsForJob
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Lists the job executions for a job.
---
---
-module Network.AWS.IoT.ListJobExecutionsForJob
-    (
-    -- * Creating a Request
-      listJobExecutionsForJob
-    , ListJobExecutionsForJob
-    -- * Request Lenses
-    , ljefjStatus
-    , ljefjNextToken
-    , ljefjMaxResults
-    , ljefjJobId
-
-    -- * Destructuring the Response
-    , listJobExecutionsForJobResponse
-    , ListJobExecutionsForJobResponse
-    -- * Response Lenses
-    , ljefjrsExecutionSummaries
-    , ljefjrsNextToken
-    , ljefjrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'listJobExecutionsForJob' smart constructor.
-data ListJobExecutionsForJob = ListJobExecutionsForJob'
-  { _ljefjStatus     :: !(Maybe JobExecutionStatus)
-  , _ljefjNextToken  :: !(Maybe Text)
-  , _ljefjMaxResults :: !(Maybe Nat)
-  , _ljefjJobId      :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListJobExecutionsForJob' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ljefjStatus' - The status of the job.
---
--- * 'ljefjNextToken' - The token to retrieve the next set of results.
---
--- * 'ljefjMaxResults' - The maximum number of results to be returned per request.
---
--- * 'ljefjJobId' - The unique identifier you assigned to this job when it was created.
-listJobExecutionsForJob
-    :: Text -- ^ 'ljefjJobId'
-    -> ListJobExecutionsForJob
-listJobExecutionsForJob pJobId_ =
-  ListJobExecutionsForJob'
-    { _ljefjStatus = Nothing
-    , _ljefjNextToken = Nothing
-    , _ljefjMaxResults = Nothing
-    , _ljefjJobId = pJobId_
-    }
-
-
--- | The status of the job.
-ljefjStatus :: Lens' ListJobExecutionsForJob (Maybe JobExecutionStatus)
-ljefjStatus = lens _ljefjStatus (\ s a -> s{_ljefjStatus = a})
-
--- | The token to retrieve the next set of results.
-ljefjNextToken :: Lens' ListJobExecutionsForJob (Maybe Text)
-ljefjNextToken = lens _ljefjNextToken (\ s a -> s{_ljefjNextToken = a})
-
--- | The maximum number of results to be returned per request.
-ljefjMaxResults :: Lens' ListJobExecutionsForJob (Maybe Natural)
-ljefjMaxResults = lens _ljefjMaxResults (\ s a -> s{_ljefjMaxResults = a}) . mapping _Nat
-
--- | The unique identifier you assigned to this job when it was created.
-ljefjJobId :: Lens' ListJobExecutionsForJob Text
-ljefjJobId = lens _ljefjJobId (\ s a -> s{_ljefjJobId = a})
-
-instance AWSRequest ListJobExecutionsForJob where
-        type Rs ListJobExecutionsForJob =
-             ListJobExecutionsForJobResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 ListJobExecutionsForJobResponse' <$>
-                   (x .?> "executionSummaries" .!@ mempty) <*>
-                     (x .?> "nextToken")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable ListJobExecutionsForJob where
-
-instance NFData ListJobExecutionsForJob where
-
-instance ToHeaders ListJobExecutionsForJob where
-        toHeaders = const mempty
-
-instance ToPath ListJobExecutionsForJob where
-        toPath ListJobExecutionsForJob'{..}
-          = mconcat ["/jobs/", toBS _ljefjJobId, "/things"]
-
-instance ToQuery ListJobExecutionsForJob where
-        toQuery ListJobExecutionsForJob'{..}
-          = mconcat
-              ["status" =: _ljefjStatus,
-               "nextToken" =: _ljefjNextToken,
-               "maxResults" =: _ljefjMaxResults]
-
--- | /See:/ 'listJobExecutionsForJobResponse' smart constructor.
-data ListJobExecutionsForJobResponse = ListJobExecutionsForJobResponse'
-  { _ljefjrsExecutionSummaries :: !(Maybe [JobExecutionSummaryForJob])
-  , _ljefjrsNextToken          :: !(Maybe Text)
-  , _ljefjrsResponseStatus     :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListJobExecutionsForJobResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ljefjrsExecutionSummaries' - A list of job execution summaries.
---
--- * 'ljefjrsNextToken' - The token for the next set of results, or __null__ if there are no additional results.
---
--- * 'ljefjrsResponseStatus' - -- | The response status code.
-listJobExecutionsForJobResponse
-    :: Int -- ^ 'ljefjrsResponseStatus'
-    -> ListJobExecutionsForJobResponse
-listJobExecutionsForJobResponse pResponseStatus_ =
-  ListJobExecutionsForJobResponse'
-    { _ljefjrsExecutionSummaries = Nothing
-    , _ljefjrsNextToken = Nothing
-    , _ljefjrsResponseStatus = pResponseStatus_
-    }
-
-
--- | A list of job execution summaries.
-ljefjrsExecutionSummaries :: Lens' ListJobExecutionsForJobResponse [JobExecutionSummaryForJob]
-ljefjrsExecutionSummaries = lens _ljefjrsExecutionSummaries (\ s a -> s{_ljefjrsExecutionSummaries = a}) . _Default . _Coerce
-
--- | The token for the next set of results, or __null__ if there are no additional results.
-ljefjrsNextToken :: Lens' ListJobExecutionsForJobResponse (Maybe Text)
-ljefjrsNextToken = lens _ljefjrsNextToken (\ s a -> s{_ljefjrsNextToken = a})
-
--- | -- | The response status code.
-ljefjrsResponseStatus :: Lens' ListJobExecutionsForJobResponse Int
-ljefjrsResponseStatus = lens _ljefjrsResponseStatus (\ s a -> s{_ljefjrsResponseStatus = a})
-
-instance NFData ListJobExecutionsForJobResponse where
diff --git a/gen/Network/AWS/IoT/ListJobExecutionsForThing.hs b/gen/Network/AWS/IoT/ListJobExecutionsForThing.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ListJobExecutionsForThing.hs
+++ /dev/null
@@ -1,170 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ListJobExecutionsForThing
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Lists the job executions for the specified thing.
---
---
-module Network.AWS.IoT.ListJobExecutionsForThing
-    (
-    -- * Creating a Request
-      listJobExecutionsForThing
-    , ListJobExecutionsForThing
-    -- * Request Lenses
-    , ljeftStatus
-    , ljeftNextToken
-    , ljeftMaxResults
-    , ljeftThingName
-
-    -- * Destructuring the Response
-    , listJobExecutionsForThingResponse
-    , ListJobExecutionsForThingResponse
-    -- * Response Lenses
-    , ljeftrsExecutionSummaries
-    , ljeftrsNextToken
-    , ljeftrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'listJobExecutionsForThing' smart constructor.
-data ListJobExecutionsForThing = ListJobExecutionsForThing'
-  { _ljeftStatus     :: !(Maybe JobExecutionStatus)
-  , _ljeftNextToken  :: !(Maybe Text)
-  , _ljeftMaxResults :: !(Maybe Nat)
-  , _ljeftThingName  :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListJobExecutionsForThing' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ljeftStatus' - An optional filter that lets you search for jobs that have the specified status.
---
--- * 'ljeftNextToken' - The token to retrieve the next set of results.
---
--- * 'ljeftMaxResults' - The maximum number of results to be returned per request.
---
--- * 'ljeftThingName' - The thing name.
-listJobExecutionsForThing
-    :: Text -- ^ 'ljeftThingName'
-    -> ListJobExecutionsForThing
-listJobExecutionsForThing pThingName_ =
-  ListJobExecutionsForThing'
-    { _ljeftStatus = Nothing
-    , _ljeftNextToken = Nothing
-    , _ljeftMaxResults = Nothing
-    , _ljeftThingName = pThingName_
-    }
-
-
--- | An optional filter that lets you search for jobs that have the specified status.
-ljeftStatus :: Lens' ListJobExecutionsForThing (Maybe JobExecutionStatus)
-ljeftStatus = lens _ljeftStatus (\ s a -> s{_ljeftStatus = a})
-
--- | The token to retrieve the next set of results.
-ljeftNextToken :: Lens' ListJobExecutionsForThing (Maybe Text)
-ljeftNextToken = lens _ljeftNextToken (\ s a -> s{_ljeftNextToken = a})
-
--- | The maximum number of results to be returned per request.
-ljeftMaxResults :: Lens' ListJobExecutionsForThing (Maybe Natural)
-ljeftMaxResults = lens _ljeftMaxResults (\ s a -> s{_ljeftMaxResults = a}) . mapping _Nat
-
--- | The thing name.
-ljeftThingName :: Lens' ListJobExecutionsForThing Text
-ljeftThingName = lens _ljeftThingName (\ s a -> s{_ljeftThingName = a})
-
-instance AWSRequest ListJobExecutionsForThing where
-        type Rs ListJobExecutionsForThing =
-             ListJobExecutionsForThingResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 ListJobExecutionsForThingResponse' <$>
-                   (x .?> "executionSummaries" .!@ mempty) <*>
-                     (x .?> "nextToken")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable ListJobExecutionsForThing where
-
-instance NFData ListJobExecutionsForThing where
-
-instance ToHeaders ListJobExecutionsForThing where
-        toHeaders = const mempty
-
-instance ToPath ListJobExecutionsForThing where
-        toPath ListJobExecutionsForThing'{..}
-          = mconcat ["/things/", toBS _ljeftThingName, "/jobs"]
-
-instance ToQuery ListJobExecutionsForThing where
-        toQuery ListJobExecutionsForThing'{..}
-          = mconcat
-              ["status" =: _ljeftStatus,
-               "nextToken" =: _ljeftNextToken,
-               "maxResults" =: _ljeftMaxResults]
-
--- | /See:/ 'listJobExecutionsForThingResponse' smart constructor.
-data ListJobExecutionsForThingResponse = ListJobExecutionsForThingResponse'
-  { _ljeftrsExecutionSummaries :: !(Maybe [JobExecutionSummaryForThing])
-  , _ljeftrsNextToken          :: !(Maybe Text)
-  , _ljeftrsResponseStatus     :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListJobExecutionsForThingResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ljeftrsExecutionSummaries' - A list of job execution summaries.
---
--- * 'ljeftrsNextToken' - The token for the next set of results, or __null__ if there are no additional results.
---
--- * 'ljeftrsResponseStatus' - -- | The response status code.
-listJobExecutionsForThingResponse
-    :: Int -- ^ 'ljeftrsResponseStatus'
-    -> ListJobExecutionsForThingResponse
-listJobExecutionsForThingResponse pResponseStatus_ =
-  ListJobExecutionsForThingResponse'
-    { _ljeftrsExecutionSummaries = Nothing
-    , _ljeftrsNextToken = Nothing
-    , _ljeftrsResponseStatus = pResponseStatus_
-    }
-
-
--- | A list of job execution summaries.
-ljeftrsExecutionSummaries :: Lens' ListJobExecutionsForThingResponse [JobExecutionSummaryForThing]
-ljeftrsExecutionSummaries = lens _ljeftrsExecutionSummaries (\ s a -> s{_ljeftrsExecutionSummaries = a}) . _Default . _Coerce
-
--- | The token for the next set of results, or __null__ if there are no additional results.
-ljeftrsNextToken :: Lens' ListJobExecutionsForThingResponse (Maybe Text)
-ljeftrsNextToken = lens _ljeftrsNextToken (\ s a -> s{_ljeftrsNextToken = a})
-
--- | -- | The response status code.
-ljeftrsResponseStatus :: Lens' ListJobExecutionsForThingResponse Int
-ljeftrsResponseStatus = lens _ljeftrsResponseStatus (\ s a -> s{_ljeftrsResponseStatus = a})
-
-instance NFData ListJobExecutionsForThingResponse
-         where
diff --git a/gen/Network/AWS/IoT/ListJobs.hs b/gen/Network/AWS/IoT/ListJobs.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ListJobs.hs
+++ /dev/null
@@ -1,186 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ListJobs
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Lists jobs.
---
---
-module Network.AWS.IoT.ListJobs
-    (
-    -- * Creating a Request
-      listJobs
-    , ListJobs
-    -- * Request Lenses
-    , ljStatus
-    , ljThingGroupId
-    , ljNextToken
-    , ljThingGroupName
-    , ljMaxResults
-    , ljTargetSelection
-
-    -- * Destructuring the Response
-    , listJobsResponse
-    , ListJobsResponse
-    -- * Response Lenses
-    , ljrsJobs
-    , ljrsNextToken
-    , ljrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'listJobs' smart constructor.
-data ListJobs = ListJobs'
-  { _ljStatus          :: !(Maybe JobStatus)
-  , _ljThingGroupId    :: !(Maybe Text)
-  , _ljNextToken       :: !(Maybe Text)
-  , _ljThingGroupName  :: !(Maybe Text)
-  , _ljMaxResults      :: !(Maybe Nat)
-  , _ljTargetSelection :: !(Maybe TargetSelection)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListJobs' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ljStatus' - An optional filter that lets you search for jobs that have the specified status.
---
--- * 'ljThingGroupId' - A filter that limits the returned jobs to those for the specified group.
---
--- * 'ljNextToken' - The token to retrieve the next set of results.
---
--- * 'ljThingGroupName' - A filter that limits the returned jobs to those for the specified group.
---
--- * 'ljMaxResults' - The maximum number of results to return per request.
---
--- * 'ljTargetSelection' - Specifies whether the job will continue to run (CONTINUOUS), or will be complete after all those things specified as targets have completed the job (SNAPSHOT). If continuous, the job may also be run on a thing when a change is detected in a target. For example, a job will run on a thing when the thing is added to a target group, even after the job was completed by all things originally in the group.
-listJobs
-    :: ListJobs
-listJobs =
-  ListJobs'
-    { _ljStatus = Nothing
-    , _ljThingGroupId = Nothing
-    , _ljNextToken = Nothing
-    , _ljThingGroupName = Nothing
-    , _ljMaxResults = Nothing
-    , _ljTargetSelection = Nothing
-    }
-
-
--- | An optional filter that lets you search for jobs that have the specified status.
-ljStatus :: Lens' ListJobs (Maybe JobStatus)
-ljStatus = lens _ljStatus (\ s a -> s{_ljStatus = a})
-
--- | A filter that limits the returned jobs to those for the specified group.
-ljThingGroupId :: Lens' ListJobs (Maybe Text)
-ljThingGroupId = lens _ljThingGroupId (\ s a -> s{_ljThingGroupId = a})
-
--- | The token to retrieve the next set of results.
-ljNextToken :: Lens' ListJobs (Maybe Text)
-ljNextToken = lens _ljNextToken (\ s a -> s{_ljNextToken = a})
-
--- | A filter that limits the returned jobs to those for the specified group.
-ljThingGroupName :: Lens' ListJobs (Maybe Text)
-ljThingGroupName = lens _ljThingGroupName (\ s a -> s{_ljThingGroupName = a})
-
--- | The maximum number of results to return per request.
-ljMaxResults :: Lens' ListJobs (Maybe Natural)
-ljMaxResults = lens _ljMaxResults (\ s a -> s{_ljMaxResults = a}) . mapping _Nat
-
--- | Specifies whether the job will continue to run (CONTINUOUS), or will be complete after all those things specified as targets have completed the job (SNAPSHOT). If continuous, the job may also be run on a thing when a change is detected in a target. For example, a job will run on a thing when the thing is added to a target group, even after the job was completed by all things originally in the group.
-ljTargetSelection :: Lens' ListJobs (Maybe TargetSelection)
-ljTargetSelection = lens _ljTargetSelection (\ s a -> s{_ljTargetSelection = a})
-
-instance AWSRequest ListJobs where
-        type Rs ListJobs = ListJobsResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 ListJobsResponse' <$>
-                   (x .?> "jobs" .!@ mempty) <*> (x .?> "nextToken") <*>
-                     (pure (fromEnum s)))
-
-instance Hashable ListJobs where
-
-instance NFData ListJobs where
-
-instance ToHeaders ListJobs where
-        toHeaders = const mempty
-
-instance ToPath ListJobs where
-        toPath = const "/jobs"
-
-instance ToQuery ListJobs where
-        toQuery ListJobs'{..}
-          = mconcat
-              ["status" =: _ljStatus,
-               "thingGroupId" =: _ljThingGroupId,
-               "nextToken" =: _ljNextToken,
-               "thingGroupName" =: _ljThingGroupName,
-               "maxResults" =: _ljMaxResults,
-               "targetSelection" =: _ljTargetSelection]
-
--- | /See:/ 'listJobsResponse' smart constructor.
-data ListJobsResponse = ListJobsResponse'
-  { _ljrsJobs           :: !(Maybe [JobSummary])
-  , _ljrsNextToken      :: !(Maybe Text)
-  , _ljrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListJobsResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ljrsJobs' - A list of jobs.
---
--- * 'ljrsNextToken' - The token for the next set of results, or __null__ if there are no additional results.
---
--- * 'ljrsResponseStatus' - -- | The response status code.
-listJobsResponse
-    :: Int -- ^ 'ljrsResponseStatus'
-    -> ListJobsResponse
-listJobsResponse pResponseStatus_ =
-  ListJobsResponse'
-    { _ljrsJobs = Nothing
-    , _ljrsNextToken = Nothing
-    , _ljrsResponseStatus = pResponseStatus_
-    }
-
-
--- | A list of jobs.
-ljrsJobs :: Lens' ListJobsResponse [JobSummary]
-ljrsJobs = lens _ljrsJobs (\ s a -> s{_ljrsJobs = a}) . _Default . _Coerce
-
--- | The token for the next set of results, or __null__ if there are no additional results.
-ljrsNextToken :: Lens' ListJobsResponse (Maybe Text)
-ljrsNextToken = lens _ljrsNextToken (\ s a -> s{_ljrsNextToken = a})
-
--- | -- | The response status code.
-ljrsResponseStatus :: Lens' ListJobsResponse Int
-ljrsResponseStatus = lens _ljrsResponseStatus (\ s a -> s{_ljrsResponseStatus = a})
-
-instance NFData ListJobsResponse where
diff --git a/gen/Network/AWS/IoT/ListOTAUpdates.hs b/gen/Network/AWS/IoT/ListOTAUpdates.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ListOTAUpdates.hs
+++ /dev/null
@@ -1,157 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ListOTAUpdates
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Lists OTA updates.
---
---
-module Network.AWS.IoT.ListOTAUpdates
-    (
-    -- * Creating a Request
-      listOTAUpdates
-    , ListOTAUpdates
-    -- * Request Lenses
-    , lotauNextToken
-    , lotauOtaUpdateStatus
-    , lotauMaxResults
-
-    -- * Destructuring the Response
-    , listOTAUpdatesResponse
-    , ListOTAUpdatesResponse
-    -- * Response Lenses
-    , lotaursNextToken
-    , lotaursOtaUpdates
-    , lotaursResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'listOTAUpdates' smart constructor.
-data ListOTAUpdates = ListOTAUpdates'
-  { _lotauNextToken       :: !(Maybe Text)
-  , _lotauOtaUpdateStatus :: !(Maybe OTAUpdateStatus)
-  , _lotauMaxResults      :: !(Maybe Nat)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListOTAUpdates' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'lotauNextToken' - A token used to retrieve the next set of results.
---
--- * 'lotauOtaUpdateStatus' - The OTA update job status.
---
--- * 'lotauMaxResults' - The maximum number of results to return at one time.
-listOTAUpdates
-    :: ListOTAUpdates
-listOTAUpdates =
-  ListOTAUpdates'
-    { _lotauNextToken = Nothing
-    , _lotauOtaUpdateStatus = Nothing
-    , _lotauMaxResults = Nothing
-    }
-
-
--- | A token used to retrieve the next set of results.
-lotauNextToken :: Lens' ListOTAUpdates (Maybe Text)
-lotauNextToken = lens _lotauNextToken (\ s a -> s{_lotauNextToken = a})
-
--- | The OTA update job status.
-lotauOtaUpdateStatus :: Lens' ListOTAUpdates (Maybe OTAUpdateStatus)
-lotauOtaUpdateStatus = lens _lotauOtaUpdateStatus (\ s a -> s{_lotauOtaUpdateStatus = a})
-
--- | The maximum number of results to return at one time.
-lotauMaxResults :: Lens' ListOTAUpdates (Maybe Natural)
-lotauMaxResults = lens _lotauMaxResults (\ s a -> s{_lotauMaxResults = a}) . mapping _Nat
-
-instance AWSRequest ListOTAUpdates where
-        type Rs ListOTAUpdates = ListOTAUpdatesResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 ListOTAUpdatesResponse' <$>
-                   (x .?> "nextToken") <*>
-                     (x .?> "otaUpdates" .!@ mempty)
-                     <*> (pure (fromEnum s)))
-
-instance Hashable ListOTAUpdates where
-
-instance NFData ListOTAUpdates where
-
-instance ToHeaders ListOTAUpdates where
-        toHeaders = const mempty
-
-instance ToPath ListOTAUpdates where
-        toPath = const "/otaUpdates"
-
-instance ToQuery ListOTAUpdates where
-        toQuery ListOTAUpdates'{..}
-          = mconcat
-              ["nextToken" =: _lotauNextToken,
-               "otaUpdateStatus" =: _lotauOtaUpdateStatus,
-               "maxResults" =: _lotauMaxResults]
-
--- | /See:/ 'listOTAUpdatesResponse' smart constructor.
-data ListOTAUpdatesResponse = ListOTAUpdatesResponse'
-  { _lotaursNextToken      :: !(Maybe Text)
-  , _lotaursOtaUpdates     :: !(Maybe [OTAUpdateSummary])
-  , _lotaursResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListOTAUpdatesResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'lotaursNextToken' - A token to use to get the next set of results.
---
--- * 'lotaursOtaUpdates' - A list of OTA update jobs.
---
--- * 'lotaursResponseStatus' - -- | The response status code.
-listOTAUpdatesResponse
-    :: Int -- ^ 'lotaursResponseStatus'
-    -> ListOTAUpdatesResponse
-listOTAUpdatesResponse pResponseStatus_ =
-  ListOTAUpdatesResponse'
-    { _lotaursNextToken = Nothing
-    , _lotaursOtaUpdates = Nothing
-    , _lotaursResponseStatus = pResponseStatus_
-    }
-
-
--- | A token to use to get the next set of results.
-lotaursNextToken :: Lens' ListOTAUpdatesResponse (Maybe Text)
-lotaursNextToken = lens _lotaursNextToken (\ s a -> s{_lotaursNextToken = a})
-
--- | A list of OTA update jobs.
-lotaursOtaUpdates :: Lens' ListOTAUpdatesResponse [OTAUpdateSummary]
-lotaursOtaUpdates = lens _lotaursOtaUpdates (\ s a -> s{_lotaursOtaUpdates = a}) . _Default . _Coerce
-
--- | -- | The response status code.
-lotaursResponseStatus :: Lens' ListOTAUpdatesResponse Int
-lotaursResponseStatus = lens _lotaursResponseStatus (\ s a -> s{_lotaursResponseStatus = a})
-
-instance NFData ListOTAUpdatesResponse where
diff --git a/gen/Network/AWS/IoT/ListOutgoingCertificates.hs b/gen/Network/AWS/IoT/ListOutgoingCertificates.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ListOutgoingCertificates.hs
+++ /dev/null
@@ -1,174 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ListOutgoingCertificates
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Lists certificates that are being transferred but not yet accepted.
---
---
---
--- This operation returns paginated results.
-module Network.AWS.IoT.ListOutgoingCertificates
-    (
-    -- * Creating a Request
-      listOutgoingCertificates
-    , ListOutgoingCertificates
-    -- * Request Lenses
-    , locMarker
-    , locAscendingOrder
-    , locPageSize
-
-    -- * Destructuring the Response
-    , listOutgoingCertificatesResponse
-    , ListOutgoingCertificatesResponse
-    -- * Response Lenses
-    , locrsNextMarker
-    , locrsOutgoingCertificates
-    , locrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Pager
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input to the ListOutgoingCertificates operation.
---
---
---
--- /See:/ 'listOutgoingCertificates' smart constructor.
-data ListOutgoingCertificates = ListOutgoingCertificates'
-  { _locMarker         :: !(Maybe Text)
-  , _locAscendingOrder :: !(Maybe Bool)
-  , _locPageSize       :: !(Maybe Nat)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListOutgoingCertificates' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'locMarker' - The marker for the next set of results.
---
--- * 'locAscendingOrder' - Specifies the order for results. If True, the results are returned in ascending order, based on the creation date.
---
--- * 'locPageSize' - The result page size.
-listOutgoingCertificates
-    :: ListOutgoingCertificates
-listOutgoingCertificates =
-  ListOutgoingCertificates'
-    {_locMarker = Nothing, _locAscendingOrder = Nothing, _locPageSize = Nothing}
-
-
--- | The marker for the next set of results.
-locMarker :: Lens' ListOutgoingCertificates (Maybe Text)
-locMarker = lens _locMarker (\ s a -> s{_locMarker = a})
-
--- | Specifies the order for results. If True, the results are returned in ascending order, based on the creation date.
-locAscendingOrder :: Lens' ListOutgoingCertificates (Maybe Bool)
-locAscendingOrder = lens _locAscendingOrder (\ s a -> s{_locAscendingOrder = a})
-
--- | The result page size.
-locPageSize :: Lens' ListOutgoingCertificates (Maybe Natural)
-locPageSize = lens _locPageSize (\ s a -> s{_locPageSize = a}) . mapping _Nat
-
-instance AWSPager ListOutgoingCertificates where
-        page rq rs
-          | stop (rs ^. locrsNextMarker) = Nothing
-          | stop (rs ^. locrsOutgoingCertificates) = Nothing
-          | otherwise =
-            Just $ rq & locMarker .~ rs ^. locrsNextMarker
-
-instance AWSRequest ListOutgoingCertificates where
-        type Rs ListOutgoingCertificates =
-             ListOutgoingCertificatesResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 ListOutgoingCertificatesResponse' <$>
-                   (x .?> "nextMarker") <*>
-                     (x .?> "outgoingCertificates" .!@ mempty)
-                     <*> (pure (fromEnum s)))
-
-instance Hashable ListOutgoingCertificates where
-
-instance NFData ListOutgoingCertificates where
-
-instance ToHeaders ListOutgoingCertificates where
-        toHeaders = const mempty
-
-instance ToPath ListOutgoingCertificates where
-        toPath = const "/certificates-out-going"
-
-instance ToQuery ListOutgoingCertificates where
-        toQuery ListOutgoingCertificates'{..}
-          = mconcat
-              ["marker" =: _locMarker,
-               "isAscendingOrder" =: _locAscendingOrder,
-               "pageSize" =: _locPageSize]
-
--- | The output from the ListOutgoingCertificates operation.
---
---
---
--- /See:/ 'listOutgoingCertificatesResponse' smart constructor.
-data ListOutgoingCertificatesResponse = ListOutgoingCertificatesResponse'
-  { _locrsNextMarker           :: !(Maybe Text)
-  , _locrsOutgoingCertificates :: !(Maybe [OutgoingCertificate])
-  , _locrsResponseStatus       :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListOutgoingCertificatesResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'locrsNextMarker' - The marker for the next set of results.
---
--- * 'locrsOutgoingCertificates' - The certificates that are being transferred but not yet accepted.
---
--- * 'locrsResponseStatus' - -- | The response status code.
-listOutgoingCertificatesResponse
-    :: Int -- ^ 'locrsResponseStatus'
-    -> ListOutgoingCertificatesResponse
-listOutgoingCertificatesResponse pResponseStatus_ =
-  ListOutgoingCertificatesResponse'
-    { _locrsNextMarker = Nothing
-    , _locrsOutgoingCertificates = Nothing
-    , _locrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The marker for the next set of results.
-locrsNextMarker :: Lens' ListOutgoingCertificatesResponse (Maybe Text)
-locrsNextMarker = lens _locrsNextMarker (\ s a -> s{_locrsNextMarker = a})
-
--- | The certificates that are being transferred but not yet accepted.
-locrsOutgoingCertificates :: Lens' ListOutgoingCertificatesResponse [OutgoingCertificate]
-locrsOutgoingCertificates = lens _locrsOutgoingCertificates (\ s a -> s{_locrsOutgoingCertificates = a}) . _Default . _Coerce
-
--- | -- | The response status code.
-locrsResponseStatus :: Lens' ListOutgoingCertificatesResponse Int
-locrsResponseStatus = lens _locrsResponseStatus (\ s a -> s{_locrsResponseStatus = a})
-
-instance NFData ListOutgoingCertificatesResponse
-         where
diff --git a/gen/Network/AWS/IoT/ListPolicies.hs b/gen/Network/AWS/IoT/ListPolicies.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ListPolicies.hs
+++ /dev/null
@@ -1,172 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ListPolicies
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Lists your policies.
---
---
---
--- This operation returns paginated results.
-module Network.AWS.IoT.ListPolicies
-    (
-    -- * Creating a Request
-      listPolicies
-    , ListPolicies
-    -- * Request Lenses
-    , lpMarker
-    , lpAscendingOrder
-    , lpPageSize
-
-    -- * Destructuring the Response
-    , listPoliciesResponse
-    , ListPoliciesResponse
-    -- * Response Lenses
-    , lprsNextMarker
-    , lprsPolicies
-    , lprsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Pager
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the ListPolicies operation.
---
---
---
--- /See:/ 'listPolicies' smart constructor.
-data ListPolicies = ListPolicies'
-  { _lpMarker         :: !(Maybe Text)
-  , _lpAscendingOrder :: !(Maybe Bool)
-  , _lpPageSize       :: !(Maybe Nat)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListPolicies' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'lpMarker' - The marker for the next set of results.
---
--- * 'lpAscendingOrder' - Specifies the order for results. If true, the results are returned in ascending creation order.
---
--- * 'lpPageSize' - The result page size.
-listPolicies
-    :: ListPolicies
-listPolicies =
-  ListPolicies'
-    {_lpMarker = Nothing, _lpAscendingOrder = Nothing, _lpPageSize = Nothing}
-
-
--- | The marker for the next set of results.
-lpMarker :: Lens' ListPolicies (Maybe Text)
-lpMarker = lens _lpMarker (\ s a -> s{_lpMarker = a})
-
--- | Specifies the order for results. If true, the results are returned in ascending creation order.
-lpAscendingOrder :: Lens' ListPolicies (Maybe Bool)
-lpAscendingOrder = lens _lpAscendingOrder (\ s a -> s{_lpAscendingOrder = a})
-
--- | The result page size.
-lpPageSize :: Lens' ListPolicies (Maybe Natural)
-lpPageSize = lens _lpPageSize (\ s a -> s{_lpPageSize = a}) . mapping _Nat
-
-instance AWSPager ListPolicies where
-        page rq rs
-          | stop (rs ^. lprsNextMarker) = Nothing
-          | stop (rs ^. lprsPolicies) = Nothing
-          | otherwise =
-            Just $ rq & lpMarker .~ rs ^. lprsNextMarker
-
-instance AWSRequest ListPolicies where
-        type Rs ListPolicies = ListPoliciesResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 ListPoliciesResponse' <$>
-                   (x .?> "nextMarker") <*>
-                     (x .?> "policies" .!@ mempty)
-                     <*> (pure (fromEnum s)))
-
-instance Hashable ListPolicies where
-
-instance NFData ListPolicies where
-
-instance ToHeaders ListPolicies where
-        toHeaders = const mempty
-
-instance ToPath ListPolicies where
-        toPath = const "/policies"
-
-instance ToQuery ListPolicies where
-        toQuery ListPolicies'{..}
-          = mconcat
-              ["marker" =: _lpMarker,
-               "isAscendingOrder" =: _lpAscendingOrder,
-               "pageSize" =: _lpPageSize]
-
--- | The output from the ListPolicies operation.
---
---
---
--- /See:/ 'listPoliciesResponse' smart constructor.
-data ListPoliciesResponse = ListPoliciesResponse'
-  { _lprsNextMarker     :: !(Maybe Text)
-  , _lprsPolicies       :: !(Maybe [Policy])
-  , _lprsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListPoliciesResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'lprsNextMarker' - The marker for the next set of results, or null if there are no additional results.
---
--- * 'lprsPolicies' - The descriptions of the policies.
---
--- * 'lprsResponseStatus' - -- | The response status code.
-listPoliciesResponse
-    :: Int -- ^ 'lprsResponseStatus'
-    -> ListPoliciesResponse
-listPoliciesResponse pResponseStatus_ =
-  ListPoliciesResponse'
-    { _lprsNextMarker = Nothing
-    , _lprsPolicies = Nothing
-    , _lprsResponseStatus = pResponseStatus_
-    }
-
-
--- | The marker for the next set of results, or null if there are no additional results.
-lprsNextMarker :: Lens' ListPoliciesResponse (Maybe Text)
-lprsNextMarker = lens _lprsNextMarker (\ s a -> s{_lprsNextMarker = a})
-
--- | The descriptions of the policies.
-lprsPolicies :: Lens' ListPoliciesResponse [Policy]
-lprsPolicies = lens _lprsPolicies (\ s a -> s{_lprsPolicies = a}) . _Default . _Coerce
-
--- | -- | The response status code.
-lprsResponseStatus :: Lens' ListPoliciesResponse Int
-lprsResponseStatus = lens _lprsResponseStatus (\ s a -> s{_lprsResponseStatus = a})
-
-instance NFData ListPoliciesResponse where
diff --git a/gen/Network/AWS/IoT/ListPolicyVersions.hs b/gen/Network/AWS/IoT/ListPolicyVersions.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ListPolicyVersions.hs
+++ /dev/null
@@ -1,133 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ListPolicyVersions
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Lists the versions of the specified policy and identifies the default version.
---
---
-module Network.AWS.IoT.ListPolicyVersions
-    (
-    -- * Creating a Request
-      listPolicyVersions
-    , ListPolicyVersions
-    -- * Request Lenses
-    , lpvPolicyName
-
-    -- * Destructuring the Response
-    , listPolicyVersionsResponse
-    , ListPolicyVersionsResponse
-    -- * Response Lenses
-    , lpvrsPolicyVersions
-    , lpvrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the ListPolicyVersions operation.
---
---
---
--- /See:/ 'listPolicyVersions' smart constructor.
-newtype ListPolicyVersions = ListPolicyVersions'
-  { _lpvPolicyName :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListPolicyVersions' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'lpvPolicyName' - The policy name.
-listPolicyVersions
-    :: Text -- ^ 'lpvPolicyName'
-    -> ListPolicyVersions
-listPolicyVersions pPolicyName_ =
-  ListPolicyVersions' {_lpvPolicyName = pPolicyName_}
-
-
--- | The policy name.
-lpvPolicyName :: Lens' ListPolicyVersions Text
-lpvPolicyName = lens _lpvPolicyName (\ s a -> s{_lpvPolicyName = a})
-
-instance AWSRequest ListPolicyVersions where
-        type Rs ListPolicyVersions =
-             ListPolicyVersionsResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 ListPolicyVersionsResponse' <$>
-                   (x .?> "policyVersions" .!@ mempty) <*>
-                     (pure (fromEnum s)))
-
-instance Hashable ListPolicyVersions where
-
-instance NFData ListPolicyVersions where
-
-instance ToHeaders ListPolicyVersions where
-        toHeaders = const mempty
-
-instance ToPath ListPolicyVersions where
-        toPath ListPolicyVersions'{..}
-          = mconcat
-              ["/policies/", toBS _lpvPolicyName, "/version"]
-
-instance ToQuery ListPolicyVersions where
-        toQuery = const mempty
-
--- | The output from the ListPolicyVersions operation.
---
---
---
--- /See:/ 'listPolicyVersionsResponse' smart constructor.
-data ListPolicyVersionsResponse = ListPolicyVersionsResponse'
-  { _lpvrsPolicyVersions :: !(Maybe [PolicyVersion])
-  , _lpvrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListPolicyVersionsResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'lpvrsPolicyVersions' - The policy versions.
---
--- * 'lpvrsResponseStatus' - -- | The response status code.
-listPolicyVersionsResponse
-    :: Int -- ^ 'lpvrsResponseStatus'
-    -> ListPolicyVersionsResponse
-listPolicyVersionsResponse pResponseStatus_ =
-  ListPolicyVersionsResponse'
-    {_lpvrsPolicyVersions = Nothing, _lpvrsResponseStatus = pResponseStatus_}
-
-
--- | The policy versions.
-lpvrsPolicyVersions :: Lens' ListPolicyVersionsResponse [PolicyVersion]
-lpvrsPolicyVersions = lens _lpvrsPolicyVersions (\ s a -> s{_lpvrsPolicyVersions = a}) . _Default . _Coerce
-
--- | -- | The response status code.
-lpvrsResponseStatus :: Lens' ListPolicyVersionsResponse Int
-lpvrsResponseStatus = lens _lpvrsResponseStatus (\ s a -> s{_lpvrsResponseStatus = a})
-
-instance NFData ListPolicyVersionsResponse where
diff --git a/gen/Network/AWS/IoT/ListPrincipalThings.hs b/gen/Network/AWS/IoT/ListPrincipalThings.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ListPrincipalThings.hs
+++ /dev/null
@@ -1,176 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ListPrincipalThings
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Lists the things associated with the specified principal.
---
---
---
--- This operation returns paginated results.
-module Network.AWS.IoT.ListPrincipalThings
-    (
-    -- * Creating a Request
-      listPrincipalThings
-    , ListPrincipalThings
-    -- * Request Lenses
-    , lptNextToken
-    , lptMaxResults
-    , lptPrincipal
-
-    -- * Destructuring the Response
-    , listPrincipalThingsResponse
-    , ListPrincipalThingsResponse
-    -- * Response Lenses
-    , lptrsNextToken
-    , lptrsThings
-    , lptrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Pager
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the ListPrincipalThings operation.
---
---
---
--- /See:/ 'listPrincipalThings' smart constructor.
-data ListPrincipalThings = ListPrincipalThings'
-  { _lptNextToken  :: !(Maybe Text)
-  , _lptMaxResults :: !(Maybe Nat)
-  , _lptPrincipal  :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListPrincipalThings' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'lptNextToken' - The token used to get the next set of results, or __null__ if there are no additional results.
---
--- * 'lptMaxResults' - The maximum number of results to return in this operation.
---
--- * 'lptPrincipal' - The principal.
-listPrincipalThings
-    :: Text -- ^ 'lptPrincipal'
-    -> ListPrincipalThings
-listPrincipalThings pPrincipal_ =
-  ListPrincipalThings'
-    { _lptNextToken = Nothing
-    , _lptMaxResults = Nothing
-    , _lptPrincipal = pPrincipal_
-    }
-
-
--- | The token used to get the next set of results, or __null__ if there are no additional results.
-lptNextToken :: Lens' ListPrincipalThings (Maybe Text)
-lptNextToken = lens _lptNextToken (\ s a -> s{_lptNextToken = a})
-
--- | The maximum number of results to return in this operation.
-lptMaxResults :: Lens' ListPrincipalThings (Maybe Natural)
-lptMaxResults = lens _lptMaxResults (\ s a -> s{_lptMaxResults = a}) . mapping _Nat
-
--- | The principal.
-lptPrincipal :: Lens' ListPrincipalThings Text
-lptPrincipal = lens _lptPrincipal (\ s a -> s{_lptPrincipal = a})
-
-instance AWSPager ListPrincipalThings where
-        page rq rs
-          | stop (rs ^. lptrsNextToken) = Nothing
-          | stop (rs ^. lptrsThings) = Nothing
-          | otherwise =
-            Just $ rq & lptNextToken .~ rs ^. lptrsNextToken
-
-instance AWSRequest ListPrincipalThings where
-        type Rs ListPrincipalThings =
-             ListPrincipalThingsResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 ListPrincipalThingsResponse' <$>
-                   (x .?> "nextToken") <*> (x .?> "things" .!@ mempty)
-                     <*> (pure (fromEnum s)))
-
-instance Hashable ListPrincipalThings where
-
-instance NFData ListPrincipalThings where
-
-instance ToHeaders ListPrincipalThings where
-        toHeaders ListPrincipalThings'{..}
-          = mconcat ["x-amzn-principal" =# _lptPrincipal]
-
-instance ToPath ListPrincipalThings where
-        toPath = const "/principals/things"
-
-instance ToQuery ListPrincipalThings where
-        toQuery ListPrincipalThings'{..}
-          = mconcat
-              ["nextToken" =: _lptNextToken,
-               "maxResults" =: _lptMaxResults]
-
--- | The output from the ListPrincipalThings operation.
---
---
---
--- /See:/ 'listPrincipalThingsResponse' smart constructor.
-data ListPrincipalThingsResponse = ListPrincipalThingsResponse'
-  { _lptrsNextToken      :: !(Maybe Text)
-  , _lptrsThings         :: !(Maybe [Text])
-  , _lptrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListPrincipalThingsResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'lptrsNextToken' - The token used to get the next set of results, or __null__ if there are no additional results.
---
--- * 'lptrsThings' - The things.
---
--- * 'lptrsResponseStatus' - -- | The response status code.
-listPrincipalThingsResponse
-    :: Int -- ^ 'lptrsResponseStatus'
-    -> ListPrincipalThingsResponse
-listPrincipalThingsResponse pResponseStatus_ =
-  ListPrincipalThingsResponse'
-    { _lptrsNextToken = Nothing
-    , _lptrsThings = Nothing
-    , _lptrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The token used to get the next set of results, or __null__ if there are no additional results.
-lptrsNextToken :: Lens' ListPrincipalThingsResponse (Maybe Text)
-lptrsNextToken = lens _lptrsNextToken (\ s a -> s{_lptrsNextToken = a})
-
--- | The things.
-lptrsThings :: Lens' ListPrincipalThingsResponse [Text]
-lptrsThings = lens _lptrsThings (\ s a -> s{_lptrsThings = a}) . _Default . _Coerce
-
--- | -- | The response status code.
-lptrsResponseStatus :: Lens' ListPrincipalThingsResponse Int
-lptrsResponseStatus = lens _lptrsResponseStatus (\ s a -> s{_lptrsResponseStatus = a})
-
-instance NFData ListPrincipalThingsResponse where
diff --git a/gen/Network/AWS/IoT/ListRoleAliases.hs b/gen/Network/AWS/IoT/ListRoleAliases.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ListRoleAliases.hs
+++ /dev/null
@@ -1,154 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ListRoleAliases
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Lists the role aliases registered in your account.
---
---
-module Network.AWS.IoT.ListRoleAliases
-    (
-    -- * Creating a Request
-      listRoleAliases
-    , ListRoleAliases
-    -- * Request Lenses
-    , lraMarker
-    , lraAscendingOrder
-    , lraPageSize
-
-    -- * Destructuring the Response
-    , listRoleAliasesResponse
-    , ListRoleAliasesResponse
-    -- * Response Lenses
-    , lrarsRoleAliases
-    , lrarsNextMarker
-    , lrarsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'listRoleAliases' smart constructor.
-data ListRoleAliases = ListRoleAliases'
-  { _lraMarker         :: !(Maybe Text)
-  , _lraAscendingOrder :: !(Maybe Bool)
-  , _lraPageSize       :: !(Maybe Nat)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListRoleAliases' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'lraMarker' - A marker used to get the next set of results.
---
--- * 'lraAscendingOrder' - Return the list of role aliases in ascending alphabetical order.
---
--- * 'lraPageSize' - The maximum number of results to return at one time.
-listRoleAliases
-    :: ListRoleAliases
-listRoleAliases =
-  ListRoleAliases'
-    {_lraMarker = Nothing, _lraAscendingOrder = Nothing, _lraPageSize = Nothing}
-
-
--- | A marker used to get the next set of results.
-lraMarker :: Lens' ListRoleAliases (Maybe Text)
-lraMarker = lens _lraMarker (\ s a -> s{_lraMarker = a})
-
--- | Return the list of role aliases in ascending alphabetical order.
-lraAscendingOrder :: Lens' ListRoleAliases (Maybe Bool)
-lraAscendingOrder = lens _lraAscendingOrder (\ s a -> s{_lraAscendingOrder = a})
-
--- | The maximum number of results to return at one time.
-lraPageSize :: Lens' ListRoleAliases (Maybe Natural)
-lraPageSize = lens _lraPageSize (\ s a -> s{_lraPageSize = a}) . mapping _Nat
-
-instance AWSRequest ListRoleAliases where
-        type Rs ListRoleAliases = ListRoleAliasesResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 ListRoleAliasesResponse' <$>
-                   (x .?> "roleAliases" .!@ mempty) <*>
-                     (x .?> "nextMarker")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable ListRoleAliases where
-
-instance NFData ListRoleAliases where
-
-instance ToHeaders ListRoleAliases where
-        toHeaders = const mempty
-
-instance ToPath ListRoleAliases where
-        toPath = const "/role-aliases"
-
-instance ToQuery ListRoleAliases where
-        toQuery ListRoleAliases'{..}
-          = mconcat
-              ["marker" =: _lraMarker,
-               "isAscendingOrder" =: _lraAscendingOrder,
-               "pageSize" =: _lraPageSize]
-
--- | /See:/ 'listRoleAliasesResponse' smart constructor.
-data ListRoleAliasesResponse = ListRoleAliasesResponse'
-  { _lrarsRoleAliases    :: !(Maybe [Text])
-  , _lrarsNextMarker     :: !(Maybe Text)
-  , _lrarsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListRoleAliasesResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'lrarsRoleAliases' - The role aliases.
---
--- * 'lrarsNextMarker' - A marker used to get the next set of results.
---
--- * 'lrarsResponseStatus' - -- | The response status code.
-listRoleAliasesResponse
-    :: Int -- ^ 'lrarsResponseStatus'
-    -> ListRoleAliasesResponse
-listRoleAliasesResponse pResponseStatus_ =
-  ListRoleAliasesResponse'
-    { _lrarsRoleAliases = Nothing
-    , _lrarsNextMarker = Nothing
-    , _lrarsResponseStatus = pResponseStatus_
-    }
-
-
--- | The role aliases.
-lrarsRoleAliases :: Lens' ListRoleAliasesResponse [Text]
-lrarsRoleAliases = lens _lrarsRoleAliases (\ s a -> s{_lrarsRoleAliases = a}) . _Default . _Coerce
-
--- | A marker used to get the next set of results.
-lrarsNextMarker :: Lens' ListRoleAliasesResponse (Maybe Text)
-lrarsNextMarker = lens _lrarsNextMarker (\ s a -> s{_lrarsNextMarker = a})
-
--- | -- | The response status code.
-lrarsResponseStatus :: Lens' ListRoleAliasesResponse Int
-lrarsResponseStatus = lens _lrarsResponseStatus (\ s a -> s{_lrarsResponseStatus = a})
-
-instance NFData ListRoleAliasesResponse where
diff --git a/gen/Network/AWS/IoT/ListStreams.hs b/gen/Network/AWS/IoT/ListStreams.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ListStreams.hs
+++ /dev/null
@@ -1,156 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ListStreams
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Lists all of the streams in your AWS account.
---
---
-module Network.AWS.IoT.ListStreams
-    (
-    -- * Creating a Request
-      listStreams
-    , ListStreams
-    -- * Request Lenses
-    , lsNextToken
-    , lsAscendingOrder
-    , lsMaxResults
-
-    -- * Destructuring the Response
-    , listStreamsResponse
-    , ListStreamsResponse
-    -- * Response Lenses
-    , lsrsNextToken
-    , lsrsStreams
-    , lsrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'listStreams' smart constructor.
-data ListStreams = ListStreams'
-  { _lsNextToken      :: !(Maybe Text)
-  , _lsAscendingOrder :: !(Maybe Bool)
-  , _lsMaxResults     :: !(Maybe Nat)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListStreams' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'lsNextToken' - A token used to get the next set of results.
---
--- * 'lsAscendingOrder' - Set to true to return the list of streams in ascending order.
---
--- * 'lsMaxResults' - The maximum number of results to return at a time.
-listStreams
-    :: ListStreams
-listStreams =
-  ListStreams'
-    { _lsNextToken = Nothing
-    , _lsAscendingOrder = Nothing
-    , _lsMaxResults = Nothing
-    }
-
-
--- | A token used to get the next set of results.
-lsNextToken :: Lens' ListStreams (Maybe Text)
-lsNextToken = lens _lsNextToken (\ s a -> s{_lsNextToken = a})
-
--- | Set to true to return the list of streams in ascending order.
-lsAscendingOrder :: Lens' ListStreams (Maybe Bool)
-lsAscendingOrder = lens _lsAscendingOrder (\ s a -> s{_lsAscendingOrder = a})
-
--- | The maximum number of results to return at a time.
-lsMaxResults :: Lens' ListStreams (Maybe Natural)
-lsMaxResults = lens _lsMaxResults (\ s a -> s{_lsMaxResults = a}) . mapping _Nat
-
-instance AWSRequest ListStreams where
-        type Rs ListStreams = ListStreamsResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 ListStreamsResponse' <$>
-                   (x .?> "nextToken") <*> (x .?> "streams" .!@ mempty)
-                     <*> (pure (fromEnum s)))
-
-instance Hashable ListStreams where
-
-instance NFData ListStreams where
-
-instance ToHeaders ListStreams where
-        toHeaders = const mempty
-
-instance ToPath ListStreams where
-        toPath = const "/streams"
-
-instance ToQuery ListStreams where
-        toQuery ListStreams'{..}
-          = mconcat
-              ["nextToken" =: _lsNextToken,
-               "isAscendingOrder" =: _lsAscendingOrder,
-               "maxResults" =: _lsMaxResults]
-
--- | /See:/ 'listStreamsResponse' smart constructor.
-data ListStreamsResponse = ListStreamsResponse'
-  { _lsrsNextToken      :: !(Maybe Text)
-  , _lsrsStreams        :: !(Maybe [StreamSummary])
-  , _lsrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListStreamsResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'lsrsNextToken' - A token used to get the next set of results.
---
--- * 'lsrsStreams' - A list of streams.
---
--- * 'lsrsResponseStatus' - -- | The response status code.
-listStreamsResponse
-    :: Int -- ^ 'lsrsResponseStatus'
-    -> ListStreamsResponse
-listStreamsResponse pResponseStatus_ =
-  ListStreamsResponse'
-    { _lsrsNextToken = Nothing
-    , _lsrsStreams = Nothing
-    , _lsrsResponseStatus = pResponseStatus_
-    }
-
-
--- | A token used to get the next set of results.
-lsrsNextToken :: Lens' ListStreamsResponse (Maybe Text)
-lsrsNextToken = lens _lsrsNextToken (\ s a -> s{_lsrsNextToken = a})
-
--- | A list of streams.
-lsrsStreams :: Lens' ListStreamsResponse [StreamSummary]
-lsrsStreams = lens _lsrsStreams (\ s a -> s{_lsrsStreams = a}) . _Default . _Coerce
-
--- | -- | The response status code.
-lsrsResponseStatus :: Lens' ListStreamsResponse Int
-lsrsResponseStatus = lens _lsrsResponseStatus (\ s a -> s{_lsrsResponseStatus = a})
-
-instance NFData ListStreamsResponse where
diff --git a/gen/Network/AWS/IoT/ListTargetsForPolicy.hs b/gen/Network/AWS/IoT/ListTargetsForPolicy.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ListTargetsForPolicy.hs
+++ /dev/null
@@ -1,161 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ListTargetsForPolicy
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- List targets for the specified policy.
---
---
-module Network.AWS.IoT.ListTargetsForPolicy
-    (
-    -- * Creating a Request
-      listTargetsForPolicy
-    , ListTargetsForPolicy
-    -- * Request Lenses
-    , ltfpMarker
-    , ltfpPageSize
-    , ltfpPolicyName
-
-    -- * Destructuring the Response
-    , listTargetsForPolicyResponse
-    , ListTargetsForPolicyResponse
-    -- * Response Lenses
-    , ltfprsTargets
-    , ltfprsNextMarker
-    , ltfprsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'listTargetsForPolicy' smart constructor.
-data ListTargetsForPolicy = ListTargetsForPolicy'
-  { _ltfpMarker     :: !(Maybe Text)
-  , _ltfpPageSize   :: !(Maybe Nat)
-  , _ltfpPolicyName :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListTargetsForPolicy' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ltfpMarker' - A marker used to get the next set of results.
---
--- * 'ltfpPageSize' - The maximum number of results to return at one time.
---
--- * 'ltfpPolicyName' - The policy name.
-listTargetsForPolicy
-    :: Text -- ^ 'ltfpPolicyName'
-    -> ListTargetsForPolicy
-listTargetsForPolicy pPolicyName_ =
-  ListTargetsForPolicy'
-    { _ltfpMarker = Nothing
-    , _ltfpPageSize = Nothing
-    , _ltfpPolicyName = pPolicyName_
-    }
-
-
--- | A marker used to get the next set of results.
-ltfpMarker :: Lens' ListTargetsForPolicy (Maybe Text)
-ltfpMarker = lens _ltfpMarker (\ s a -> s{_ltfpMarker = a})
-
--- | The maximum number of results to return at one time.
-ltfpPageSize :: Lens' ListTargetsForPolicy (Maybe Natural)
-ltfpPageSize = lens _ltfpPageSize (\ s a -> s{_ltfpPageSize = a}) . mapping _Nat
-
--- | The policy name.
-ltfpPolicyName :: Lens' ListTargetsForPolicy Text
-ltfpPolicyName = lens _ltfpPolicyName (\ s a -> s{_ltfpPolicyName = a})
-
-instance AWSRequest ListTargetsForPolicy where
-        type Rs ListTargetsForPolicy =
-             ListTargetsForPolicyResponse
-        request = postJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 ListTargetsForPolicyResponse' <$>
-                   (x .?> "targets" .!@ mempty) <*> (x .?> "nextMarker")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable ListTargetsForPolicy where
-
-instance NFData ListTargetsForPolicy where
-
-instance ToHeaders ListTargetsForPolicy where
-        toHeaders = const mempty
-
-instance ToJSON ListTargetsForPolicy where
-        toJSON = const (Object mempty)
-
-instance ToPath ListTargetsForPolicy where
-        toPath ListTargetsForPolicy'{..}
-          = mconcat ["/policy-targets/", toBS _ltfpPolicyName]
-
-instance ToQuery ListTargetsForPolicy where
-        toQuery ListTargetsForPolicy'{..}
-          = mconcat
-              ["marker" =: _ltfpMarker,
-               "pageSize" =: _ltfpPageSize]
-
--- | /See:/ 'listTargetsForPolicyResponse' smart constructor.
-data ListTargetsForPolicyResponse = ListTargetsForPolicyResponse'
-  { _ltfprsTargets        :: !(Maybe [Text])
-  , _ltfprsNextMarker     :: !(Maybe Text)
-  , _ltfprsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListTargetsForPolicyResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ltfprsTargets' - The policy targets.
---
--- * 'ltfprsNextMarker' - A marker used to get the next set of results.
---
--- * 'ltfprsResponseStatus' - -- | The response status code.
-listTargetsForPolicyResponse
-    :: Int -- ^ 'ltfprsResponseStatus'
-    -> ListTargetsForPolicyResponse
-listTargetsForPolicyResponse pResponseStatus_ =
-  ListTargetsForPolicyResponse'
-    { _ltfprsTargets = Nothing
-    , _ltfprsNextMarker = Nothing
-    , _ltfprsResponseStatus = pResponseStatus_
-    }
-
-
--- | The policy targets.
-ltfprsTargets :: Lens' ListTargetsForPolicyResponse [Text]
-ltfprsTargets = lens _ltfprsTargets (\ s a -> s{_ltfprsTargets = a}) . _Default . _Coerce
-
--- | A marker used to get the next set of results.
-ltfprsNextMarker :: Lens' ListTargetsForPolicyResponse (Maybe Text)
-ltfprsNextMarker = lens _ltfprsNextMarker (\ s a -> s{_ltfprsNextMarker = a})
-
--- | -- | The response status code.
-ltfprsResponseStatus :: Lens' ListTargetsForPolicyResponse Int
-ltfprsResponseStatus = lens _ltfprsResponseStatus (\ s a -> s{_ltfprsResponseStatus = a})
-
-instance NFData ListTargetsForPolicyResponse where
diff --git a/gen/Network/AWS/IoT/ListThingGroups.hs b/gen/Network/AWS/IoT/ListThingGroups.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ListThingGroups.hs
+++ /dev/null
@@ -1,177 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ListThingGroups
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- List the thing groups in your account.
---
---
-module Network.AWS.IoT.ListThingGroups
-    (
-    -- * Creating a Request
-      listThingGroups
-    , ListThingGroups
-    -- * Request Lenses
-    , ltgNamePrefixFilter
-    , ltgParentGroup
-    , ltgNextToken
-    , ltgRecursive
-    , ltgMaxResults
-
-    -- * Destructuring the Response
-    , listThingGroupsResponse
-    , ListThingGroupsResponse
-    -- * Response Lenses
-    , ltgrsThingGroups
-    , ltgrsNextToken
-    , ltgrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'listThingGroups' smart constructor.
-data ListThingGroups = ListThingGroups'
-  { _ltgNamePrefixFilter :: !(Maybe Text)
-  , _ltgParentGroup      :: !(Maybe Text)
-  , _ltgNextToken        :: !(Maybe Text)
-  , _ltgRecursive        :: !(Maybe Bool)
-  , _ltgMaxResults       :: !(Maybe Nat)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListThingGroups' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ltgNamePrefixFilter' - A filter that limits the results to those with the specified name prefix.
---
--- * 'ltgParentGroup' - A filter that limits the results to those with the specified parent group.
---
--- * 'ltgNextToken' - The token used to get the next set of results, or __null__ if there are no additional results.
---
--- * 'ltgRecursive' - If true, return child groups as well.
---
--- * 'ltgMaxResults' - The maximum number of results to return at one time.
-listThingGroups
-    :: ListThingGroups
-listThingGroups =
-  ListThingGroups'
-    { _ltgNamePrefixFilter = Nothing
-    , _ltgParentGroup = Nothing
-    , _ltgNextToken = Nothing
-    , _ltgRecursive = Nothing
-    , _ltgMaxResults = Nothing
-    }
-
-
--- | A filter that limits the results to those with the specified name prefix.
-ltgNamePrefixFilter :: Lens' ListThingGroups (Maybe Text)
-ltgNamePrefixFilter = lens _ltgNamePrefixFilter (\ s a -> s{_ltgNamePrefixFilter = a})
-
--- | A filter that limits the results to those with the specified parent group.
-ltgParentGroup :: Lens' ListThingGroups (Maybe Text)
-ltgParentGroup = lens _ltgParentGroup (\ s a -> s{_ltgParentGroup = a})
-
--- | The token used to get the next set of results, or __null__ if there are no additional results.
-ltgNextToken :: Lens' ListThingGroups (Maybe Text)
-ltgNextToken = lens _ltgNextToken (\ s a -> s{_ltgNextToken = a})
-
--- | If true, return child groups as well.
-ltgRecursive :: Lens' ListThingGroups (Maybe Bool)
-ltgRecursive = lens _ltgRecursive (\ s a -> s{_ltgRecursive = a})
-
--- | The maximum number of results to return at one time.
-ltgMaxResults :: Lens' ListThingGroups (Maybe Natural)
-ltgMaxResults = lens _ltgMaxResults (\ s a -> s{_ltgMaxResults = a}) . mapping _Nat
-
-instance AWSRequest ListThingGroups where
-        type Rs ListThingGroups = ListThingGroupsResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 ListThingGroupsResponse' <$>
-                   (x .?> "thingGroups" .!@ mempty) <*>
-                     (x .?> "nextToken")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable ListThingGroups where
-
-instance NFData ListThingGroups where
-
-instance ToHeaders ListThingGroups where
-        toHeaders = const mempty
-
-instance ToPath ListThingGroups where
-        toPath = const "/thing-groups"
-
-instance ToQuery ListThingGroups where
-        toQuery ListThingGroups'{..}
-          = mconcat
-              ["namePrefixFilter" =: _ltgNamePrefixFilter,
-               "parentGroup" =: _ltgParentGroup,
-               "nextToken" =: _ltgNextToken,
-               "recursive" =: _ltgRecursive,
-               "maxResults" =: _ltgMaxResults]
-
--- | /See:/ 'listThingGroupsResponse' smart constructor.
-data ListThingGroupsResponse = ListThingGroupsResponse'
-  { _ltgrsThingGroups    :: !(Maybe [GroupNameAndARN])
-  , _ltgrsNextToken      :: !(Maybe Text)
-  , _ltgrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListThingGroupsResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ltgrsThingGroups' - The thing groups.
---
--- * 'ltgrsNextToken' - The token used to get the next set of results, or __null__ if there are no additional results.
---
--- * 'ltgrsResponseStatus' - -- | The response status code.
-listThingGroupsResponse
-    :: Int -- ^ 'ltgrsResponseStatus'
-    -> ListThingGroupsResponse
-listThingGroupsResponse pResponseStatus_ =
-  ListThingGroupsResponse'
-    { _ltgrsThingGroups = Nothing
-    , _ltgrsNextToken = Nothing
-    , _ltgrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The thing groups.
-ltgrsThingGroups :: Lens' ListThingGroupsResponse [GroupNameAndARN]
-ltgrsThingGroups = lens _ltgrsThingGroups (\ s a -> s{_ltgrsThingGroups = a}) . _Default . _Coerce
-
--- | The token used to get the next set of results, or __null__ if there are no additional results.
-ltgrsNextToken :: Lens' ListThingGroupsResponse (Maybe Text)
-ltgrsNextToken = lens _ltgrsNextToken (\ s a -> s{_ltgrsNextToken = a})
-
--- | -- | The response status code.
-ltgrsResponseStatus :: Lens' ListThingGroupsResponse Int
-ltgrsResponseStatus = lens _ltgrsResponseStatus (\ s a -> s{_ltgrsResponseStatus = a})
-
-instance NFData ListThingGroupsResponse where
diff --git a/gen/Network/AWS/IoT/ListThingGroupsForThing.hs b/gen/Network/AWS/IoT/ListThingGroupsForThing.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ListThingGroupsForThing.hs
+++ /dev/null
@@ -1,160 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ListThingGroupsForThing
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- List the thing groups to which the specified thing belongs.
---
---
-module Network.AWS.IoT.ListThingGroupsForThing
-    (
-    -- * Creating a Request
-      listThingGroupsForThing
-    , ListThingGroupsForThing
-    -- * Request Lenses
-    , ltgftNextToken
-    , ltgftMaxResults
-    , ltgftThingName
-
-    -- * Destructuring the Response
-    , listThingGroupsForThingResponse
-    , ListThingGroupsForThingResponse
-    -- * Response Lenses
-    , ltgftrsThingGroups
-    , ltgftrsNextToken
-    , ltgftrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'listThingGroupsForThing' smart constructor.
-data ListThingGroupsForThing = ListThingGroupsForThing'
-  { _ltgftNextToken  :: !(Maybe Text)
-  , _ltgftMaxResults :: !(Maybe Nat)
-  , _ltgftThingName  :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListThingGroupsForThing' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ltgftNextToken' - The token used to get the next set of results, or __null__ if there are no additional results.
---
--- * 'ltgftMaxResults' - The maximum number of results to return at one time.
---
--- * 'ltgftThingName' - The thing name.
-listThingGroupsForThing
-    :: Text -- ^ 'ltgftThingName'
-    -> ListThingGroupsForThing
-listThingGroupsForThing pThingName_ =
-  ListThingGroupsForThing'
-    { _ltgftNextToken = Nothing
-    , _ltgftMaxResults = Nothing
-    , _ltgftThingName = pThingName_
-    }
-
-
--- | The token used to get the next set of results, or __null__ if there are no additional results.
-ltgftNextToken :: Lens' ListThingGroupsForThing (Maybe Text)
-ltgftNextToken = lens _ltgftNextToken (\ s a -> s{_ltgftNextToken = a})
-
--- | The maximum number of results to return at one time.
-ltgftMaxResults :: Lens' ListThingGroupsForThing (Maybe Natural)
-ltgftMaxResults = lens _ltgftMaxResults (\ s a -> s{_ltgftMaxResults = a}) . mapping _Nat
-
--- | The thing name.
-ltgftThingName :: Lens' ListThingGroupsForThing Text
-ltgftThingName = lens _ltgftThingName (\ s a -> s{_ltgftThingName = a})
-
-instance AWSRequest ListThingGroupsForThing where
-        type Rs ListThingGroupsForThing =
-             ListThingGroupsForThingResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 ListThingGroupsForThingResponse' <$>
-                   (x .?> "thingGroups" .!@ mempty) <*>
-                     (x .?> "nextToken")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable ListThingGroupsForThing where
-
-instance NFData ListThingGroupsForThing where
-
-instance ToHeaders ListThingGroupsForThing where
-        toHeaders = const mempty
-
-instance ToPath ListThingGroupsForThing where
-        toPath ListThingGroupsForThing'{..}
-          = mconcat
-              ["/things/", toBS _ltgftThingName, "/thing-groups"]
-
-instance ToQuery ListThingGroupsForThing where
-        toQuery ListThingGroupsForThing'{..}
-          = mconcat
-              ["nextToken" =: _ltgftNextToken,
-               "maxResults" =: _ltgftMaxResults]
-
--- | /See:/ 'listThingGroupsForThingResponse' smart constructor.
-data ListThingGroupsForThingResponse = ListThingGroupsForThingResponse'
-  { _ltgftrsThingGroups    :: !(Maybe [GroupNameAndARN])
-  , _ltgftrsNextToken      :: !(Maybe Text)
-  , _ltgftrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListThingGroupsForThingResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ltgftrsThingGroups' - The thing groups.
---
--- * 'ltgftrsNextToken' - The token used to get the next set of results, or __null__ if there are no additional results.
---
--- * 'ltgftrsResponseStatus' - -- | The response status code.
-listThingGroupsForThingResponse
-    :: Int -- ^ 'ltgftrsResponseStatus'
-    -> ListThingGroupsForThingResponse
-listThingGroupsForThingResponse pResponseStatus_ =
-  ListThingGroupsForThingResponse'
-    { _ltgftrsThingGroups = Nothing
-    , _ltgftrsNextToken = Nothing
-    , _ltgftrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The thing groups.
-ltgftrsThingGroups :: Lens' ListThingGroupsForThingResponse [GroupNameAndARN]
-ltgftrsThingGroups = lens _ltgftrsThingGroups (\ s a -> s{_ltgftrsThingGroups = a}) . _Default . _Coerce
-
--- | The token used to get the next set of results, or __null__ if there are no additional results.
-ltgftrsNextToken :: Lens' ListThingGroupsForThingResponse (Maybe Text)
-ltgftrsNextToken = lens _ltgftrsNextToken (\ s a -> s{_ltgftrsNextToken = a})
-
--- | -- | The response status code.
-ltgftrsResponseStatus :: Lens' ListThingGroupsForThingResponse Int
-ltgftrsResponseStatus = lens _ltgftrsResponseStatus (\ s a -> s{_ltgftrsResponseStatus = a})
-
-instance NFData ListThingGroupsForThingResponse where
diff --git a/gen/Network/AWS/IoT/ListThingPrincipals.hs b/gen/Network/AWS/IoT/ListThingPrincipals.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ListThingPrincipals.hs
+++ /dev/null
@@ -1,133 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ListThingPrincipals
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Lists the principals associated with the specified thing.
---
---
-module Network.AWS.IoT.ListThingPrincipals
-    (
-    -- * Creating a Request
-      listThingPrincipals
-    , ListThingPrincipals
-    -- * Request Lenses
-    , ltpThingName
-
-    -- * Destructuring the Response
-    , listThingPrincipalsResponse
-    , ListThingPrincipalsResponse
-    -- * Response Lenses
-    , ltprsPrincipals
-    , ltprsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the ListThingPrincipal operation.
---
---
---
--- /See:/ 'listThingPrincipals' smart constructor.
-newtype ListThingPrincipals = ListThingPrincipals'
-  { _ltpThingName :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListThingPrincipals' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ltpThingName' - The name of the thing.
-listThingPrincipals
-    :: Text -- ^ 'ltpThingName'
-    -> ListThingPrincipals
-listThingPrincipals pThingName_ =
-  ListThingPrincipals' {_ltpThingName = pThingName_}
-
-
--- | The name of the thing.
-ltpThingName :: Lens' ListThingPrincipals Text
-ltpThingName = lens _ltpThingName (\ s a -> s{_ltpThingName = a})
-
-instance AWSRequest ListThingPrincipals where
-        type Rs ListThingPrincipals =
-             ListThingPrincipalsResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 ListThingPrincipalsResponse' <$>
-                   (x .?> "principals" .!@ mempty) <*>
-                     (pure (fromEnum s)))
-
-instance Hashable ListThingPrincipals where
-
-instance NFData ListThingPrincipals where
-
-instance ToHeaders ListThingPrincipals where
-        toHeaders = const mempty
-
-instance ToPath ListThingPrincipals where
-        toPath ListThingPrincipals'{..}
-          = mconcat
-              ["/things/", toBS _ltpThingName, "/principals"]
-
-instance ToQuery ListThingPrincipals where
-        toQuery = const mempty
-
--- | The output from the ListThingPrincipals operation.
---
---
---
--- /See:/ 'listThingPrincipalsResponse' smart constructor.
-data ListThingPrincipalsResponse = ListThingPrincipalsResponse'
-  { _ltprsPrincipals     :: !(Maybe [Text])
-  , _ltprsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListThingPrincipalsResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ltprsPrincipals' - The principals associated with the thing.
---
--- * 'ltprsResponseStatus' - -- | The response status code.
-listThingPrincipalsResponse
-    :: Int -- ^ 'ltprsResponseStatus'
-    -> ListThingPrincipalsResponse
-listThingPrincipalsResponse pResponseStatus_ =
-  ListThingPrincipalsResponse'
-    {_ltprsPrincipals = Nothing, _ltprsResponseStatus = pResponseStatus_}
-
-
--- | The principals associated with the thing.
-ltprsPrincipals :: Lens' ListThingPrincipalsResponse [Text]
-ltprsPrincipals = lens _ltprsPrincipals (\ s a -> s{_ltprsPrincipals = a}) . _Default . _Coerce
-
--- | -- | The response status code.
-ltprsResponseStatus :: Lens' ListThingPrincipalsResponse Int
-ltprsResponseStatus = lens _ltprsResponseStatus (\ s a -> s{_ltprsResponseStatus = a})
-
-instance NFData ListThingPrincipalsResponse where
diff --git a/gen/Network/AWS/IoT/ListThingRegistrationTaskReports.hs b/gen/Network/AWS/IoT/ListThingRegistrationTaskReports.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ListThingRegistrationTaskReports.hs
+++ /dev/null
@@ -1,190 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ListThingRegistrationTaskReports
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Information about the thing registration tasks.
---
---
-module Network.AWS.IoT.ListThingRegistrationTaskReports
-    (
-    -- * Creating a Request
-      listThingRegistrationTaskReports
-    , ListThingRegistrationTaskReports
-    -- * Request Lenses
-    , ltrtrNextToken
-    , ltrtrMaxResults
-    , ltrtrTaskId
-    , ltrtrReportType
-
-    -- * Destructuring the Response
-    , listThingRegistrationTaskReportsResponse
-    , ListThingRegistrationTaskReportsResponse
-    -- * Response Lenses
-    , ltrtrrsResourceLinks
-    , ltrtrrsNextToken
-    , ltrtrrsReportType
-    , ltrtrrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'listThingRegistrationTaskReports' smart constructor.
-data ListThingRegistrationTaskReports = ListThingRegistrationTaskReports'
-  { _ltrtrNextToken  :: !(Maybe Text)
-  , _ltrtrMaxResults :: !(Maybe Nat)
-  , _ltrtrTaskId     :: !Text
-  , _ltrtrReportType :: !ReportType
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListThingRegistrationTaskReports' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ltrtrNextToken' - The token to retrieve the next set of results.
---
--- * 'ltrtrMaxResults' - The maximum number of results to return per request.
---
--- * 'ltrtrTaskId' - The id of the task.
---
--- * 'ltrtrReportType' - The type of task report.
-listThingRegistrationTaskReports
-    :: Text -- ^ 'ltrtrTaskId'
-    -> ReportType -- ^ 'ltrtrReportType'
-    -> ListThingRegistrationTaskReports
-listThingRegistrationTaskReports pTaskId_ pReportType_ =
-  ListThingRegistrationTaskReports'
-    { _ltrtrNextToken = Nothing
-    , _ltrtrMaxResults = Nothing
-    , _ltrtrTaskId = pTaskId_
-    , _ltrtrReportType = pReportType_
-    }
-
-
--- | The token to retrieve the next set of results.
-ltrtrNextToken :: Lens' ListThingRegistrationTaskReports (Maybe Text)
-ltrtrNextToken = lens _ltrtrNextToken (\ s a -> s{_ltrtrNextToken = a})
-
--- | The maximum number of results to return per request.
-ltrtrMaxResults :: Lens' ListThingRegistrationTaskReports (Maybe Natural)
-ltrtrMaxResults = lens _ltrtrMaxResults (\ s a -> s{_ltrtrMaxResults = a}) . mapping _Nat
-
--- | The id of the task.
-ltrtrTaskId :: Lens' ListThingRegistrationTaskReports Text
-ltrtrTaskId = lens _ltrtrTaskId (\ s a -> s{_ltrtrTaskId = a})
-
--- | The type of task report.
-ltrtrReportType :: Lens' ListThingRegistrationTaskReports ReportType
-ltrtrReportType = lens _ltrtrReportType (\ s a -> s{_ltrtrReportType = a})
-
-instance AWSRequest ListThingRegistrationTaskReports
-         where
-        type Rs ListThingRegistrationTaskReports =
-             ListThingRegistrationTaskReportsResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 ListThingRegistrationTaskReportsResponse' <$>
-                   (x .?> "resourceLinks" .!@ mempty) <*>
-                     (x .?> "nextToken")
-                     <*> (x .?> "reportType")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable ListThingRegistrationTaskReports
-         where
-
-instance NFData ListThingRegistrationTaskReports
-         where
-
-instance ToHeaders ListThingRegistrationTaskReports
-         where
-        toHeaders = const mempty
-
-instance ToPath ListThingRegistrationTaskReports
-         where
-        toPath ListThingRegistrationTaskReports'{..}
-          = mconcat
-              ["/thing-registration-tasks/", toBS _ltrtrTaskId,
-               "/reports"]
-
-instance ToQuery ListThingRegistrationTaskReports
-         where
-        toQuery ListThingRegistrationTaskReports'{..}
-          = mconcat
-              ["nextToken" =: _ltrtrNextToken,
-               "maxResults" =: _ltrtrMaxResults,
-               "reportType" =: _ltrtrReportType]
-
--- | /See:/ 'listThingRegistrationTaskReportsResponse' smart constructor.
-data ListThingRegistrationTaskReportsResponse = ListThingRegistrationTaskReportsResponse'
-  { _ltrtrrsResourceLinks  :: !(Maybe [Text])
-  , _ltrtrrsNextToken      :: !(Maybe Text)
-  , _ltrtrrsReportType     :: !(Maybe ReportType)
-  , _ltrtrrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListThingRegistrationTaskReportsResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ltrtrrsResourceLinks' - Links to the task resources.
---
--- * 'ltrtrrsNextToken' - The token to retrieve the next set of results.
---
--- * 'ltrtrrsReportType' - The type of task report.
---
--- * 'ltrtrrsResponseStatus' - -- | The response status code.
-listThingRegistrationTaskReportsResponse
-    :: Int -- ^ 'ltrtrrsResponseStatus'
-    -> ListThingRegistrationTaskReportsResponse
-listThingRegistrationTaskReportsResponse pResponseStatus_ =
-  ListThingRegistrationTaskReportsResponse'
-    { _ltrtrrsResourceLinks = Nothing
-    , _ltrtrrsNextToken = Nothing
-    , _ltrtrrsReportType = Nothing
-    , _ltrtrrsResponseStatus = pResponseStatus_
-    }
-
-
--- | Links to the task resources.
-ltrtrrsResourceLinks :: Lens' ListThingRegistrationTaskReportsResponse [Text]
-ltrtrrsResourceLinks = lens _ltrtrrsResourceLinks (\ s a -> s{_ltrtrrsResourceLinks = a}) . _Default . _Coerce
-
--- | The token to retrieve the next set of results.
-ltrtrrsNextToken :: Lens' ListThingRegistrationTaskReportsResponse (Maybe Text)
-ltrtrrsNextToken = lens _ltrtrrsNextToken (\ s a -> s{_ltrtrrsNextToken = a})
-
--- | The type of task report.
-ltrtrrsReportType :: Lens' ListThingRegistrationTaskReportsResponse (Maybe ReportType)
-ltrtrrsReportType = lens _ltrtrrsReportType (\ s a -> s{_ltrtrrsReportType = a})
-
--- | -- | The response status code.
-ltrtrrsResponseStatus :: Lens' ListThingRegistrationTaskReportsResponse Int
-ltrtrrsResponseStatus = lens _ltrtrrsResponseStatus (\ s a -> s{_ltrtrrsResponseStatus = a})
-
-instance NFData
-           ListThingRegistrationTaskReportsResponse
-         where
diff --git a/gen/Network/AWS/IoT/ListThingRegistrationTasks.hs b/gen/Network/AWS/IoT/ListThingRegistrationTasks.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ListThingRegistrationTasks.hs
+++ /dev/null
@@ -1,155 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ListThingRegistrationTasks
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- List bulk thing provisioning tasks.
---
---
-module Network.AWS.IoT.ListThingRegistrationTasks
-    (
-    -- * Creating a Request
-      listThingRegistrationTasks
-    , ListThingRegistrationTasks
-    -- * Request Lenses
-    , ltrtStatus
-    , ltrtNextToken
-    , ltrtMaxResults
-
-    -- * Destructuring the Response
-    , listThingRegistrationTasksResponse
-    , ListThingRegistrationTasksResponse
-    -- * Response Lenses
-    , ltrtrsNextToken
-    , ltrtrsTaskIds
-    , ltrtrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'listThingRegistrationTasks' smart constructor.
-data ListThingRegistrationTasks = ListThingRegistrationTasks'
-  { _ltrtStatus     :: !(Maybe TaskStatus)
-  , _ltrtNextToken  :: !(Maybe Text)
-  , _ltrtMaxResults :: !(Maybe Nat)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListThingRegistrationTasks' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ltrtStatus' - The status of the bulk thing provisioning task.
---
--- * 'ltrtNextToken' - The token used to get the next set of results, or __null__ if there are no additional results.
---
--- * 'ltrtMaxResults' - The maximum number of results to return at one time.
-listThingRegistrationTasks
-    :: ListThingRegistrationTasks
-listThingRegistrationTasks =
-  ListThingRegistrationTasks'
-    {_ltrtStatus = Nothing, _ltrtNextToken = Nothing, _ltrtMaxResults = Nothing}
-
-
--- | The status of the bulk thing provisioning task.
-ltrtStatus :: Lens' ListThingRegistrationTasks (Maybe TaskStatus)
-ltrtStatus = lens _ltrtStatus (\ s a -> s{_ltrtStatus = a})
-
--- | The token used to get the next set of results, or __null__ if there are no additional results.
-ltrtNextToken :: Lens' ListThingRegistrationTasks (Maybe Text)
-ltrtNextToken = lens _ltrtNextToken (\ s a -> s{_ltrtNextToken = a})
-
--- | The maximum number of results to return at one time.
-ltrtMaxResults :: Lens' ListThingRegistrationTasks (Maybe Natural)
-ltrtMaxResults = lens _ltrtMaxResults (\ s a -> s{_ltrtMaxResults = a}) . mapping _Nat
-
-instance AWSRequest ListThingRegistrationTasks where
-        type Rs ListThingRegistrationTasks =
-             ListThingRegistrationTasksResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 ListThingRegistrationTasksResponse' <$>
-                   (x .?> "nextToken") <*> (x .?> "taskIds" .!@ mempty)
-                     <*> (pure (fromEnum s)))
-
-instance Hashable ListThingRegistrationTasks where
-
-instance NFData ListThingRegistrationTasks where
-
-instance ToHeaders ListThingRegistrationTasks where
-        toHeaders = const mempty
-
-instance ToPath ListThingRegistrationTasks where
-        toPath = const "/thing-registration-tasks"
-
-instance ToQuery ListThingRegistrationTasks where
-        toQuery ListThingRegistrationTasks'{..}
-          = mconcat
-              ["status" =: _ltrtStatus,
-               "nextToken" =: _ltrtNextToken,
-               "maxResults" =: _ltrtMaxResults]
-
--- | /See:/ 'listThingRegistrationTasksResponse' smart constructor.
-data ListThingRegistrationTasksResponse = ListThingRegistrationTasksResponse'
-  { _ltrtrsNextToken      :: !(Maybe Text)
-  , _ltrtrsTaskIds        :: !(Maybe [Text])
-  , _ltrtrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListThingRegistrationTasksResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ltrtrsNextToken' - The token used to get the next set of results, or __null__ if there are no additional results.
---
--- * 'ltrtrsTaskIds' - A list of bulk thing provisioning task IDs.
---
--- * 'ltrtrsResponseStatus' - -- | The response status code.
-listThingRegistrationTasksResponse
-    :: Int -- ^ 'ltrtrsResponseStatus'
-    -> ListThingRegistrationTasksResponse
-listThingRegistrationTasksResponse pResponseStatus_ =
-  ListThingRegistrationTasksResponse'
-    { _ltrtrsNextToken = Nothing
-    , _ltrtrsTaskIds = Nothing
-    , _ltrtrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The token used to get the next set of results, or __null__ if there are no additional results.
-ltrtrsNextToken :: Lens' ListThingRegistrationTasksResponse (Maybe Text)
-ltrtrsNextToken = lens _ltrtrsNextToken (\ s a -> s{_ltrtrsNextToken = a})
-
--- | A list of bulk thing provisioning task IDs.
-ltrtrsTaskIds :: Lens' ListThingRegistrationTasksResponse [Text]
-ltrtrsTaskIds = lens _ltrtrsTaskIds (\ s a -> s{_ltrtrsTaskIds = a}) . _Default . _Coerce
-
--- | -- | The response status code.
-ltrtrsResponseStatus :: Lens' ListThingRegistrationTasksResponse Int
-ltrtrsResponseStatus = lens _ltrtrsResponseStatus (\ s a -> s{_ltrtrsResponseStatus = a})
-
-instance NFData ListThingRegistrationTasksResponse
-         where
diff --git a/gen/Network/AWS/IoT/ListThingTypes.hs b/gen/Network/AWS/IoT/ListThingTypes.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ListThingTypes.hs
+++ /dev/null
@@ -1,175 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ListThingTypes
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Lists the existing thing types.
---
---
---
--- This operation returns paginated results.
-module Network.AWS.IoT.ListThingTypes
-    (
-    -- * Creating a Request
-      listThingTypes
-    , ListThingTypes
-    -- * Request Lenses
-    , lttThingTypeName
-    , lttNextToken
-    , lttMaxResults
-
-    -- * Destructuring the Response
-    , listThingTypesResponse
-    , ListThingTypesResponse
-    -- * Response Lenses
-    , lttrsThingTypes
-    , lttrsNextToken
-    , lttrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Pager
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the ListThingTypes operation.
---
---
---
--- /See:/ 'listThingTypes' smart constructor.
-data ListThingTypes = ListThingTypes'
-  { _lttThingTypeName :: !(Maybe Text)
-  , _lttNextToken     :: !(Maybe Text)
-  , _lttMaxResults    :: !(Maybe Nat)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListThingTypes' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'lttThingTypeName' - The name of the thing type.
---
--- * 'lttNextToken' - The token for the next set of results, or __null__ if there are no additional results.
---
--- * 'lttMaxResults' - The maximum number of results to return in this operation.
-listThingTypes
-    :: ListThingTypes
-listThingTypes =
-  ListThingTypes'
-    { _lttThingTypeName = Nothing
-    , _lttNextToken = Nothing
-    , _lttMaxResults = Nothing
-    }
-
-
--- | The name of the thing type.
-lttThingTypeName :: Lens' ListThingTypes (Maybe Text)
-lttThingTypeName = lens _lttThingTypeName (\ s a -> s{_lttThingTypeName = a})
-
--- | The token for the next set of results, or __null__ if there are no additional results.
-lttNextToken :: Lens' ListThingTypes (Maybe Text)
-lttNextToken = lens _lttNextToken (\ s a -> s{_lttNextToken = a})
-
--- | The maximum number of results to return in this operation.
-lttMaxResults :: Lens' ListThingTypes (Maybe Natural)
-lttMaxResults = lens _lttMaxResults (\ s a -> s{_lttMaxResults = a}) . mapping _Nat
-
-instance AWSPager ListThingTypes where
-        page rq rs
-          | stop (rs ^. lttrsNextToken) = Nothing
-          | stop (rs ^. lttrsThingTypes) = Nothing
-          | otherwise =
-            Just $ rq & lttNextToken .~ rs ^. lttrsNextToken
-
-instance AWSRequest ListThingTypes where
-        type Rs ListThingTypes = ListThingTypesResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 ListThingTypesResponse' <$>
-                   (x .?> "thingTypes" .!@ mempty) <*>
-                     (x .?> "nextToken")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable ListThingTypes where
-
-instance NFData ListThingTypes where
-
-instance ToHeaders ListThingTypes where
-        toHeaders = const mempty
-
-instance ToPath ListThingTypes where
-        toPath = const "/thing-types"
-
-instance ToQuery ListThingTypes where
-        toQuery ListThingTypes'{..}
-          = mconcat
-              ["thingTypeName" =: _lttThingTypeName,
-               "nextToken" =: _lttNextToken,
-               "maxResults" =: _lttMaxResults]
-
--- | The output for the ListThingTypes operation.
---
---
---
--- /See:/ 'listThingTypesResponse' smart constructor.
-data ListThingTypesResponse = ListThingTypesResponse'
-  { _lttrsThingTypes     :: !(Maybe [ThingTypeDefinition])
-  , _lttrsNextToken      :: !(Maybe Text)
-  , _lttrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListThingTypesResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'lttrsThingTypes' - The thing types.
---
--- * 'lttrsNextToken' - The token for the next set of results, or __null__ if there are no additional results.
---
--- * 'lttrsResponseStatus' - -- | The response status code.
-listThingTypesResponse
-    :: Int -- ^ 'lttrsResponseStatus'
-    -> ListThingTypesResponse
-listThingTypesResponse pResponseStatus_ =
-  ListThingTypesResponse'
-    { _lttrsThingTypes = Nothing
-    , _lttrsNextToken = Nothing
-    , _lttrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The thing types.
-lttrsThingTypes :: Lens' ListThingTypesResponse [ThingTypeDefinition]
-lttrsThingTypes = lens _lttrsThingTypes (\ s a -> s{_lttrsThingTypes = a}) . _Default . _Coerce
-
--- | The token for the next set of results, or __null__ if there are no additional results.
-lttrsNextToken :: Lens' ListThingTypesResponse (Maybe Text)
-lttrsNextToken = lens _lttrsNextToken (\ s a -> s{_lttrsNextToken = a})
-
--- | -- | The response status code.
-lttrsResponseStatus :: Lens' ListThingTypesResponse Int
-lttrsResponseStatus = lens _lttrsResponseStatus (\ s a -> s{_lttrsResponseStatus = a})
-
-instance NFData ListThingTypesResponse where
diff --git a/gen/Network/AWS/IoT/ListThings.hs b/gen/Network/AWS/IoT/ListThings.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ListThings.hs
+++ /dev/null
@@ -1,194 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ListThings
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Lists your things. Use the __attributeName__ and __attributeValue__ parameters to filter your things. For example, calling @ListThings@ with attributeName=Color and attributeValue=Red retrieves all things in the registry that contain an attribute __Color__ with the value __Red__ .
---
---
---
--- This operation returns paginated results.
-module Network.AWS.IoT.ListThings
-    (
-    -- * Creating a Request
-      listThings
-    , ListThings
-    -- * Request Lenses
-    , ltAttributeValue
-    , ltThingTypeName
-    , ltNextToken
-    , ltAttributeName
-    , ltMaxResults
-
-    -- * Destructuring the Response
-    , listThingsResponse
-    , ListThingsResponse
-    -- * Response Lenses
-    , ltrsNextToken
-    , ltrsThings
-    , ltrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Pager
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the ListThings operation.
---
---
---
--- /See:/ 'listThings' smart constructor.
-data ListThings = ListThings'
-  { _ltAttributeValue :: !(Maybe Text)
-  , _ltThingTypeName  :: !(Maybe Text)
-  , _ltNextToken      :: !(Maybe Text)
-  , _ltAttributeName  :: !(Maybe Text)
-  , _ltMaxResults     :: !(Maybe Nat)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListThings' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ltAttributeValue' - The attribute value used to search for things.
---
--- * 'ltThingTypeName' - The name of the thing type used to search for things.
---
--- * 'ltNextToken' - The token used to get the next set of results, or __null__ if there are no additional results.
---
--- * 'ltAttributeName' - The attribute name used to search for things.
---
--- * 'ltMaxResults' - The maximum number of results to return in this operation.
-listThings
-    :: ListThings
-listThings =
-  ListThings'
-    { _ltAttributeValue = Nothing
-    , _ltThingTypeName = Nothing
-    , _ltNextToken = Nothing
-    , _ltAttributeName = Nothing
-    , _ltMaxResults = Nothing
-    }
-
-
--- | The attribute value used to search for things.
-ltAttributeValue :: Lens' ListThings (Maybe Text)
-ltAttributeValue = lens _ltAttributeValue (\ s a -> s{_ltAttributeValue = a})
-
--- | The name of the thing type used to search for things.
-ltThingTypeName :: Lens' ListThings (Maybe Text)
-ltThingTypeName = lens _ltThingTypeName (\ s a -> s{_ltThingTypeName = a})
-
--- | The token used to get the next set of results, or __null__ if there are no additional results.
-ltNextToken :: Lens' ListThings (Maybe Text)
-ltNextToken = lens _ltNextToken (\ s a -> s{_ltNextToken = a})
-
--- | The attribute name used to search for things.
-ltAttributeName :: Lens' ListThings (Maybe Text)
-ltAttributeName = lens _ltAttributeName (\ s a -> s{_ltAttributeName = a})
-
--- | The maximum number of results to return in this operation.
-ltMaxResults :: Lens' ListThings (Maybe Natural)
-ltMaxResults = lens _ltMaxResults (\ s a -> s{_ltMaxResults = a}) . mapping _Nat
-
-instance AWSPager ListThings where
-        page rq rs
-          | stop (rs ^. ltrsNextToken) = Nothing
-          | stop (rs ^. ltrsThings) = Nothing
-          | otherwise =
-            Just $ rq & ltNextToken .~ rs ^. ltrsNextToken
-
-instance AWSRequest ListThings where
-        type Rs ListThings = ListThingsResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 ListThingsResponse' <$>
-                   (x .?> "nextToken") <*> (x .?> "things" .!@ mempty)
-                     <*> (pure (fromEnum s)))
-
-instance Hashable ListThings where
-
-instance NFData ListThings where
-
-instance ToHeaders ListThings where
-        toHeaders = const mempty
-
-instance ToPath ListThings where
-        toPath = const "/things"
-
-instance ToQuery ListThings where
-        toQuery ListThings'{..}
-          = mconcat
-              ["attributeValue" =: _ltAttributeValue,
-               "thingTypeName" =: _ltThingTypeName,
-               "nextToken" =: _ltNextToken,
-               "attributeName" =: _ltAttributeName,
-               "maxResults" =: _ltMaxResults]
-
--- | The output from the ListThings operation.
---
---
---
--- /See:/ 'listThingsResponse' smart constructor.
-data ListThingsResponse = ListThingsResponse'
-  { _ltrsNextToken      :: !(Maybe Text)
-  , _ltrsThings         :: !(Maybe [ThingAttribute])
-  , _ltrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListThingsResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ltrsNextToken' - The token used to get the next set of results, or __null__ if there are no additional results.
---
--- * 'ltrsThings' - The things.
---
--- * 'ltrsResponseStatus' - -- | The response status code.
-listThingsResponse
-    :: Int -- ^ 'ltrsResponseStatus'
-    -> ListThingsResponse
-listThingsResponse pResponseStatus_ =
-  ListThingsResponse'
-    { _ltrsNextToken = Nothing
-    , _ltrsThings = Nothing
-    , _ltrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The token used to get the next set of results, or __null__ if there are no additional results.
-ltrsNextToken :: Lens' ListThingsResponse (Maybe Text)
-ltrsNextToken = lens _ltrsNextToken (\ s a -> s{_ltrsNextToken = a})
-
--- | The things.
-ltrsThings :: Lens' ListThingsResponse [ThingAttribute]
-ltrsThings = lens _ltrsThings (\ s a -> s{_ltrsThings = a}) . _Default . _Coerce
-
--- | -- | The response status code.
-ltrsResponseStatus :: Lens' ListThingsResponse Int
-ltrsResponseStatus = lens _ltrsResponseStatus (\ s a -> s{_ltrsResponseStatus = a})
-
-instance NFData ListThingsResponse where
diff --git a/gen/Network/AWS/IoT/ListThingsInThingGroup.hs b/gen/Network/AWS/IoT/ListThingsInThingGroup.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ListThingsInThingGroup.hs
+++ /dev/null
@@ -1,170 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ListThingsInThingGroup
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Lists the things in the specified group.
---
---
-module Network.AWS.IoT.ListThingsInThingGroup
-    (
-    -- * Creating a Request
-      listThingsInThingGroup
-    , ListThingsInThingGroup
-    -- * Request Lenses
-    , ltitgNextToken
-    , ltitgRecursive
-    , ltitgMaxResults
-    , ltitgThingGroupName
-
-    -- * Destructuring the Response
-    , listThingsInThingGroupResponse
-    , ListThingsInThingGroupResponse
-    -- * Response Lenses
-    , ltitgrsNextToken
-    , ltitgrsThings
-    , ltitgrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'listThingsInThingGroup' smart constructor.
-data ListThingsInThingGroup = ListThingsInThingGroup'
-  { _ltitgNextToken      :: !(Maybe Text)
-  , _ltitgRecursive      :: !(Maybe Bool)
-  , _ltitgMaxResults     :: !(Maybe Nat)
-  , _ltitgThingGroupName :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListThingsInThingGroup' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ltitgNextToken' - The token used to get the next set of results, or __null__ if there are no additional results.
---
--- * 'ltitgRecursive' - When true, list things in this thing group and in all child groups as well.
---
--- * 'ltitgMaxResults' - The maximum number of results to return at one time.
---
--- * 'ltitgThingGroupName' - The thing group name.
-listThingsInThingGroup
-    :: Text -- ^ 'ltitgThingGroupName'
-    -> ListThingsInThingGroup
-listThingsInThingGroup pThingGroupName_ =
-  ListThingsInThingGroup'
-    { _ltitgNextToken = Nothing
-    , _ltitgRecursive = Nothing
-    , _ltitgMaxResults = Nothing
-    , _ltitgThingGroupName = pThingGroupName_
-    }
-
-
--- | The token used to get the next set of results, or __null__ if there are no additional results.
-ltitgNextToken :: Lens' ListThingsInThingGroup (Maybe Text)
-ltitgNextToken = lens _ltitgNextToken (\ s a -> s{_ltitgNextToken = a})
-
--- | When true, list things in this thing group and in all child groups as well.
-ltitgRecursive :: Lens' ListThingsInThingGroup (Maybe Bool)
-ltitgRecursive = lens _ltitgRecursive (\ s a -> s{_ltitgRecursive = a})
-
--- | The maximum number of results to return at one time.
-ltitgMaxResults :: Lens' ListThingsInThingGroup (Maybe Natural)
-ltitgMaxResults = lens _ltitgMaxResults (\ s a -> s{_ltitgMaxResults = a}) . mapping _Nat
-
--- | The thing group name.
-ltitgThingGroupName :: Lens' ListThingsInThingGroup Text
-ltitgThingGroupName = lens _ltitgThingGroupName (\ s a -> s{_ltitgThingGroupName = a})
-
-instance AWSRequest ListThingsInThingGroup where
-        type Rs ListThingsInThingGroup =
-             ListThingsInThingGroupResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 ListThingsInThingGroupResponse' <$>
-                   (x .?> "nextToken") <*> (x .?> "things" .!@ mempty)
-                     <*> (pure (fromEnum s)))
-
-instance Hashable ListThingsInThingGroup where
-
-instance NFData ListThingsInThingGroup where
-
-instance ToHeaders ListThingsInThingGroup where
-        toHeaders = const mempty
-
-instance ToPath ListThingsInThingGroup where
-        toPath ListThingsInThingGroup'{..}
-          = mconcat
-              ["/thing-groups/", toBS _ltitgThingGroupName,
-               "/things"]
-
-instance ToQuery ListThingsInThingGroup where
-        toQuery ListThingsInThingGroup'{..}
-          = mconcat
-              ["nextToken" =: _ltitgNextToken,
-               "recursive" =: _ltitgRecursive,
-               "maxResults" =: _ltitgMaxResults]
-
--- | /See:/ 'listThingsInThingGroupResponse' smart constructor.
-data ListThingsInThingGroupResponse = ListThingsInThingGroupResponse'
-  { _ltitgrsNextToken      :: !(Maybe Text)
-  , _ltitgrsThings         :: !(Maybe [Text])
-  , _ltitgrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListThingsInThingGroupResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ltitgrsNextToken' - The token used to get the next set of results, or __null__ if there are no additional results.
---
--- * 'ltitgrsThings' - The things in the specified thing group.
---
--- * 'ltitgrsResponseStatus' - -- | The response status code.
-listThingsInThingGroupResponse
-    :: Int -- ^ 'ltitgrsResponseStatus'
-    -> ListThingsInThingGroupResponse
-listThingsInThingGroupResponse pResponseStatus_ =
-  ListThingsInThingGroupResponse'
-    { _ltitgrsNextToken = Nothing
-    , _ltitgrsThings = Nothing
-    , _ltitgrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The token used to get the next set of results, or __null__ if there are no additional results.
-ltitgrsNextToken :: Lens' ListThingsInThingGroupResponse (Maybe Text)
-ltitgrsNextToken = lens _ltitgrsNextToken (\ s a -> s{_ltitgrsNextToken = a})
-
--- | The things in the specified thing group.
-ltitgrsThings :: Lens' ListThingsInThingGroupResponse [Text]
-ltitgrsThings = lens _ltitgrsThings (\ s a -> s{_ltitgrsThings = a}) . _Default . _Coerce
-
--- | -- | The response status code.
-ltitgrsResponseStatus :: Lens' ListThingsInThingGroupResponse Int
-ltitgrsResponseStatus = lens _ltitgrsResponseStatus (\ s a -> s{_ltitgrsResponseStatus = a})
-
-instance NFData ListThingsInThingGroupResponse where
diff --git a/gen/Network/AWS/IoT/ListTopicRules.hs b/gen/Network/AWS/IoT/ListTopicRules.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ListTopicRules.hs
+++ /dev/null
@@ -1,183 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ListTopicRules
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Lists the rules for the specific topic.
---
---
---
--- This operation returns paginated results.
-module Network.AWS.IoT.ListTopicRules
-    (
-    -- * Creating a Request
-      listTopicRules
-    , ListTopicRules
-    -- * Request Lenses
-    , ltrRuleDisabled
-    , ltrTopic
-    , ltrNextToken
-    , ltrMaxResults
-
-    -- * Destructuring the Response
-    , listTopicRulesResponse
-    , ListTopicRulesResponse
-    -- * Response Lenses
-    , ltrrsRules
-    , ltrrsNextToken
-    , ltrrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Pager
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the ListTopicRules operation.
---
---
---
--- /See:/ 'listTopicRules' smart constructor.
-data ListTopicRules = ListTopicRules'
-  { _ltrRuleDisabled :: !(Maybe Bool)
-  , _ltrTopic        :: !(Maybe Text)
-  , _ltrNextToken    :: !(Maybe Text)
-  , _ltrMaxResults   :: !(Maybe Nat)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListTopicRules' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ltrRuleDisabled' - Specifies whether the rule is disabled.
---
--- * 'ltrTopic' - The topic.
---
--- * 'ltrNextToken' - A token used to retrieve the next value.
---
--- * 'ltrMaxResults' - The maximum number of results to return.
-listTopicRules
-    :: ListTopicRules
-listTopicRules =
-  ListTopicRules'
-    { _ltrRuleDisabled = Nothing
-    , _ltrTopic = Nothing
-    , _ltrNextToken = Nothing
-    , _ltrMaxResults = Nothing
-    }
-
-
--- | Specifies whether the rule is disabled.
-ltrRuleDisabled :: Lens' ListTopicRules (Maybe Bool)
-ltrRuleDisabled = lens _ltrRuleDisabled (\ s a -> s{_ltrRuleDisabled = a})
-
--- | The topic.
-ltrTopic :: Lens' ListTopicRules (Maybe Text)
-ltrTopic = lens _ltrTopic (\ s a -> s{_ltrTopic = a})
-
--- | A token used to retrieve the next value.
-ltrNextToken :: Lens' ListTopicRules (Maybe Text)
-ltrNextToken = lens _ltrNextToken (\ s a -> s{_ltrNextToken = a})
-
--- | The maximum number of results to return.
-ltrMaxResults :: Lens' ListTopicRules (Maybe Natural)
-ltrMaxResults = lens _ltrMaxResults (\ s a -> s{_ltrMaxResults = a}) . mapping _Nat
-
-instance AWSPager ListTopicRules where
-        page rq rs
-          | stop (rs ^. ltrrsNextToken) = Nothing
-          | stop (rs ^. ltrrsRules) = Nothing
-          | otherwise =
-            Just $ rq & ltrNextToken .~ rs ^. ltrrsNextToken
-
-instance AWSRequest ListTopicRules where
-        type Rs ListTopicRules = ListTopicRulesResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 ListTopicRulesResponse' <$>
-                   (x .?> "rules" .!@ mempty) <*> (x .?> "nextToken")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable ListTopicRules where
-
-instance NFData ListTopicRules where
-
-instance ToHeaders ListTopicRules where
-        toHeaders = const mempty
-
-instance ToPath ListTopicRules where
-        toPath = const "/rules"
-
-instance ToQuery ListTopicRules where
-        toQuery ListTopicRules'{..}
-          = mconcat
-              ["ruleDisabled" =: _ltrRuleDisabled,
-               "topic" =: _ltrTopic, "nextToken" =: _ltrNextToken,
-               "maxResults" =: _ltrMaxResults]
-
--- | The output from the ListTopicRules operation.
---
---
---
--- /See:/ 'listTopicRulesResponse' smart constructor.
-data ListTopicRulesResponse = ListTopicRulesResponse'
-  { _ltrrsRules          :: !(Maybe [TopicRuleListItem])
-  , _ltrrsNextToken      :: !(Maybe Text)
-  , _ltrrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListTopicRulesResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ltrrsRules' - The rules.
---
--- * 'ltrrsNextToken' - A token used to retrieve the next value.
---
--- * 'ltrrsResponseStatus' - -- | The response status code.
-listTopicRulesResponse
-    :: Int -- ^ 'ltrrsResponseStatus'
-    -> ListTopicRulesResponse
-listTopicRulesResponse pResponseStatus_ =
-  ListTopicRulesResponse'
-    { _ltrrsRules = Nothing
-    , _ltrrsNextToken = Nothing
-    , _ltrrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The rules.
-ltrrsRules :: Lens' ListTopicRulesResponse [TopicRuleListItem]
-ltrrsRules = lens _ltrrsRules (\ s a -> s{_ltrrsRules = a}) . _Default . _Coerce
-
--- | A token used to retrieve the next value.
-ltrrsNextToken :: Lens' ListTopicRulesResponse (Maybe Text)
-ltrrsNextToken = lens _ltrrsNextToken (\ s a -> s{_ltrrsNextToken = a})
-
--- | -- | The response status code.
-ltrrsResponseStatus :: Lens' ListTopicRulesResponse Int
-ltrrsResponseStatus = lens _ltrrsResponseStatus (\ s a -> s{_ltrrsResponseStatus = a})
-
-instance NFData ListTopicRulesResponse where
diff --git a/gen/Network/AWS/IoT/ListV2LoggingLevels.hs b/gen/Network/AWS/IoT/ListV2LoggingLevels.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ListV2LoggingLevels.hs
+++ /dev/null
@@ -1,158 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ListV2LoggingLevels
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Lists logging levels.
---
---
-module Network.AWS.IoT.ListV2LoggingLevels
-    (
-    -- * Creating a Request
-      listV2LoggingLevels
-    , ListV2LoggingLevels
-    -- * Request Lenses
-    , lvllTargetType
-    , lvllNextToken
-    , lvllMaxResults
-
-    -- * Destructuring the Response
-    , listV2LoggingLevelsResponse
-    , ListV2LoggingLevelsResponse
-    -- * Response Lenses
-    , lvllrsLogTargetConfigurations
-    , lvllrsNextToken
-    , lvllrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'listV2LoggingLevels' smart constructor.
-data ListV2LoggingLevels = ListV2LoggingLevels'
-  { _lvllTargetType :: !(Maybe LogTargetType)
-  , _lvllNextToken  :: !(Maybe Text)
-  , _lvllMaxResults :: !(Maybe Nat)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListV2LoggingLevels' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'lvllTargetType' - The type of resource for which you are configuring logging. Must be @THING_Group@ .
---
--- * 'lvllNextToken' - The token used to get the next set of results, or __null__ if there are no additional results.
---
--- * 'lvllMaxResults' - The maximum number of results to return at one time.
-listV2LoggingLevels
-    :: ListV2LoggingLevels
-listV2LoggingLevels =
-  ListV2LoggingLevels'
-    { _lvllTargetType = Nothing
-    , _lvllNextToken = Nothing
-    , _lvllMaxResults = Nothing
-    }
-
-
--- | The type of resource for which you are configuring logging. Must be @THING_Group@ .
-lvllTargetType :: Lens' ListV2LoggingLevels (Maybe LogTargetType)
-lvllTargetType = lens _lvllTargetType (\ s a -> s{_lvllTargetType = a})
-
--- | The token used to get the next set of results, or __null__ if there are no additional results.
-lvllNextToken :: Lens' ListV2LoggingLevels (Maybe Text)
-lvllNextToken = lens _lvllNextToken (\ s a -> s{_lvllNextToken = a})
-
--- | The maximum number of results to return at one time.
-lvllMaxResults :: Lens' ListV2LoggingLevels (Maybe Natural)
-lvllMaxResults = lens _lvllMaxResults (\ s a -> s{_lvllMaxResults = a}) . mapping _Nat
-
-instance AWSRequest ListV2LoggingLevels where
-        type Rs ListV2LoggingLevels =
-             ListV2LoggingLevelsResponse
-        request = get ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 ListV2LoggingLevelsResponse' <$>
-                   (x .?> "logTargetConfigurations" .!@ mempty) <*>
-                     (x .?> "nextToken")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable ListV2LoggingLevels where
-
-instance NFData ListV2LoggingLevels where
-
-instance ToHeaders ListV2LoggingLevels where
-        toHeaders = const mempty
-
-instance ToPath ListV2LoggingLevels where
-        toPath = const "/v2LoggingLevel"
-
-instance ToQuery ListV2LoggingLevels where
-        toQuery ListV2LoggingLevels'{..}
-          = mconcat
-              ["targetType" =: _lvllTargetType,
-               "nextToken" =: _lvllNextToken,
-               "maxResults" =: _lvllMaxResults]
-
--- | /See:/ 'listV2LoggingLevelsResponse' smart constructor.
-data ListV2LoggingLevelsResponse = ListV2LoggingLevelsResponse'
-  { _lvllrsLogTargetConfigurations :: !(Maybe [LogTargetConfiguration])
-  , _lvllrsNextToken               :: !(Maybe Text)
-  , _lvllrsResponseStatus          :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ListV2LoggingLevelsResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'lvllrsLogTargetConfigurations' - The logging configuration for a target.
---
--- * 'lvllrsNextToken' - The token used to get the next set of results, or __null__ if there are no additional results.
---
--- * 'lvllrsResponseStatus' - -- | The response status code.
-listV2LoggingLevelsResponse
-    :: Int -- ^ 'lvllrsResponseStatus'
-    -> ListV2LoggingLevelsResponse
-listV2LoggingLevelsResponse pResponseStatus_ =
-  ListV2LoggingLevelsResponse'
-    { _lvllrsLogTargetConfigurations = Nothing
-    , _lvllrsNextToken = Nothing
-    , _lvllrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The logging configuration for a target.
-lvllrsLogTargetConfigurations :: Lens' ListV2LoggingLevelsResponse [LogTargetConfiguration]
-lvllrsLogTargetConfigurations = lens _lvllrsLogTargetConfigurations (\ s a -> s{_lvllrsLogTargetConfigurations = a}) . _Default . _Coerce
-
--- | The token used to get the next set of results, or __null__ if there are no additional results.
-lvllrsNextToken :: Lens' ListV2LoggingLevelsResponse (Maybe Text)
-lvllrsNextToken = lens _lvllrsNextToken (\ s a -> s{_lvllrsNextToken = a})
-
--- | -- | The response status code.
-lvllrsResponseStatus :: Lens' ListV2LoggingLevelsResponse Int
-lvllrsResponseStatus = lens _lvllrsResponseStatus (\ s a -> s{_lvllrsResponseStatus = a})
-
-instance NFData ListV2LoggingLevelsResponse where
diff --git a/gen/Network/AWS/IoT/RegisterCACertificate.hs b/gen/Network/AWS/IoT/RegisterCACertificate.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/RegisterCACertificate.hs
+++ /dev/null
@@ -1,196 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.RegisterCACertificate
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Registers a CA certificate with AWS IoT. This CA certificate can then be used to sign device certificates, which can be then registered with AWS IoT. You can register up to 10 CA certificates per AWS account that have the same subject field. This enables you to have up to 10 certificate authorities sign your device certificates. If you have more than one CA certificate registered, make sure you pass the CA certificate when you register your device certificates with the RegisterCertificate API.
---
---
-module Network.AWS.IoT.RegisterCACertificate
-    (
-    -- * Creating a Request
-      registerCACertificate
-    , RegisterCACertificate
-    -- * Request Lenses
-    , rcacSetAsActive
-    , rcacAllowAutoRegistration
-    , rcacRegistrationConfig
-    , rcacCaCertificate
-    , rcacVerificationCertificate
-
-    -- * Destructuring the Response
-    , registerCACertificateResponse
-    , RegisterCACertificateResponse
-    -- * Response Lenses
-    , rcacrsCertificateARN
-    , rcacrsCertificateId
-    , rcacrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input to the RegisterCACertificate operation.
---
---
---
--- /See:/ 'registerCACertificate' smart constructor.
-data RegisterCACertificate = RegisterCACertificate'
-  { _rcacSetAsActive             :: !(Maybe Bool)
-  , _rcacAllowAutoRegistration   :: !(Maybe Bool)
-  , _rcacRegistrationConfig      :: !(Maybe RegistrationConfig)
-  , _rcacCaCertificate           :: !Text
-  , _rcacVerificationCertificate :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'RegisterCACertificate' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'rcacSetAsActive' - A boolean value that specifies if the CA certificate is set to active.
---
--- * 'rcacAllowAutoRegistration' - Allows this CA certificate to be used for auto registration of device certificates.
---
--- * 'rcacRegistrationConfig' - Information about the registration configuration.
---
--- * 'rcacCaCertificate' - The CA certificate.
---
--- * 'rcacVerificationCertificate' - The private key verification certificate.
-registerCACertificate
-    :: Text -- ^ 'rcacCaCertificate'
-    -> Text -- ^ 'rcacVerificationCertificate'
-    -> RegisterCACertificate
-registerCACertificate pCaCertificate_ pVerificationCertificate_ =
-  RegisterCACertificate'
-    { _rcacSetAsActive = Nothing
-    , _rcacAllowAutoRegistration = Nothing
-    , _rcacRegistrationConfig = Nothing
-    , _rcacCaCertificate = pCaCertificate_
-    , _rcacVerificationCertificate = pVerificationCertificate_
-    }
-
-
--- | A boolean value that specifies if the CA certificate is set to active.
-rcacSetAsActive :: Lens' RegisterCACertificate (Maybe Bool)
-rcacSetAsActive = lens _rcacSetAsActive (\ s a -> s{_rcacSetAsActive = a})
-
--- | Allows this CA certificate to be used for auto registration of device certificates.
-rcacAllowAutoRegistration :: Lens' RegisterCACertificate (Maybe Bool)
-rcacAllowAutoRegistration = lens _rcacAllowAutoRegistration (\ s a -> s{_rcacAllowAutoRegistration = a})
-
--- | Information about the registration configuration.
-rcacRegistrationConfig :: Lens' RegisterCACertificate (Maybe RegistrationConfig)
-rcacRegistrationConfig = lens _rcacRegistrationConfig (\ s a -> s{_rcacRegistrationConfig = a})
-
--- | The CA certificate.
-rcacCaCertificate :: Lens' RegisterCACertificate Text
-rcacCaCertificate = lens _rcacCaCertificate (\ s a -> s{_rcacCaCertificate = a})
-
--- | The private key verification certificate.
-rcacVerificationCertificate :: Lens' RegisterCACertificate Text
-rcacVerificationCertificate = lens _rcacVerificationCertificate (\ s a -> s{_rcacVerificationCertificate = a})
-
-instance AWSRequest RegisterCACertificate where
-        type Rs RegisterCACertificate =
-             RegisterCACertificateResponse
-        request = postJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 RegisterCACertificateResponse' <$>
-                   (x .?> "certificateArn") <*> (x .?> "certificateId")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable RegisterCACertificate where
-
-instance NFData RegisterCACertificate where
-
-instance ToHeaders RegisterCACertificate where
-        toHeaders = const mempty
-
-instance ToJSON RegisterCACertificate where
-        toJSON RegisterCACertificate'{..}
-          = object
-              (catMaybes
-                 [("registrationConfig" .=) <$>
-                    _rcacRegistrationConfig,
-                  Just ("caCertificate" .= _rcacCaCertificate),
-                  Just
-                    ("verificationCertificate" .=
-                       _rcacVerificationCertificate)])
-
-instance ToPath RegisterCACertificate where
-        toPath = const "/cacertificate"
-
-instance ToQuery RegisterCACertificate where
-        toQuery RegisterCACertificate'{..}
-          = mconcat
-              ["setAsActive" =: _rcacSetAsActive,
-               "allowAutoRegistration" =:
-                 _rcacAllowAutoRegistration]
-
--- | The output from the RegisterCACertificateResponse operation.
---
---
---
--- /See:/ 'registerCACertificateResponse' smart constructor.
-data RegisterCACertificateResponse = RegisterCACertificateResponse'
-  { _rcacrsCertificateARN :: !(Maybe Text)
-  , _rcacrsCertificateId  :: !(Maybe Text)
-  , _rcacrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'RegisterCACertificateResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'rcacrsCertificateARN' - The CA certificate ARN.
---
--- * 'rcacrsCertificateId' - The CA certificate identifier.
---
--- * 'rcacrsResponseStatus' - -- | The response status code.
-registerCACertificateResponse
-    :: Int -- ^ 'rcacrsResponseStatus'
-    -> RegisterCACertificateResponse
-registerCACertificateResponse pResponseStatus_ =
-  RegisterCACertificateResponse'
-    { _rcacrsCertificateARN = Nothing
-    , _rcacrsCertificateId = Nothing
-    , _rcacrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The CA certificate ARN.
-rcacrsCertificateARN :: Lens' RegisterCACertificateResponse (Maybe Text)
-rcacrsCertificateARN = lens _rcacrsCertificateARN (\ s a -> s{_rcacrsCertificateARN = a})
-
--- | The CA certificate identifier.
-rcacrsCertificateId :: Lens' RegisterCACertificateResponse (Maybe Text)
-rcacrsCertificateId = lens _rcacrsCertificateId (\ s a -> s{_rcacrsCertificateId = a})
-
--- | -- | The response status code.
-rcacrsResponseStatus :: Lens' RegisterCACertificateResponse Int
-rcacrsResponseStatus = lens _rcacrsResponseStatus (\ s a -> s{_rcacrsResponseStatus = a})
-
-instance NFData RegisterCACertificateResponse where
diff --git a/gen/Network/AWS/IoT/RegisterCertificate.hs b/gen/Network/AWS/IoT/RegisterCertificate.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/RegisterCertificate.hs
+++ /dev/null
@@ -1,180 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.RegisterCertificate
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Registers a device certificate with AWS IoT. If you have more than one CA certificate that has the same subject field, you must specify the CA certificate that was used to sign the device certificate being registered.
---
---
-module Network.AWS.IoT.RegisterCertificate
-    (
-    -- * Creating a Request
-      registerCertificate
-    , RegisterCertificate
-    -- * Request Lenses
-    , rcStatus
-    , rcCaCertificatePem
-    , rcSetAsActive
-    , rcCertificatePem
-
-    -- * Destructuring the Response
-    , registerCertificateResponse
-    , RegisterCertificateResponse
-    -- * Response Lenses
-    , rcrsCertificateARN
-    , rcrsCertificateId
-    , rcrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input to the RegisterCertificate operation.
---
---
---
--- /See:/ 'registerCertificate' smart constructor.
-data RegisterCertificate = RegisterCertificate'
-  { _rcStatus           :: !(Maybe CertificateStatus)
-  , _rcCaCertificatePem :: !(Maybe Text)
-  , _rcSetAsActive      :: !(Maybe Bool)
-  , _rcCertificatePem   :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'RegisterCertificate' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'rcStatus' - The status of the register certificate request.
---
--- * 'rcCaCertificatePem' - The CA certificate used to sign the device certificate being registered.
---
--- * 'rcSetAsActive' - A boolean value that specifies if the CA certificate is set to active.
---
--- * 'rcCertificatePem' - The certificate data, in PEM format.
-registerCertificate
-    :: Text -- ^ 'rcCertificatePem'
-    -> RegisterCertificate
-registerCertificate pCertificatePem_ =
-  RegisterCertificate'
-    { _rcStatus = Nothing
-    , _rcCaCertificatePem = Nothing
-    , _rcSetAsActive = Nothing
-    , _rcCertificatePem = pCertificatePem_
-    }
-
-
--- | The status of the register certificate request.
-rcStatus :: Lens' RegisterCertificate (Maybe CertificateStatus)
-rcStatus = lens _rcStatus (\ s a -> s{_rcStatus = a})
-
--- | The CA certificate used to sign the device certificate being registered.
-rcCaCertificatePem :: Lens' RegisterCertificate (Maybe Text)
-rcCaCertificatePem = lens _rcCaCertificatePem (\ s a -> s{_rcCaCertificatePem = a})
-
--- | A boolean value that specifies if the CA certificate is set to active.
-rcSetAsActive :: Lens' RegisterCertificate (Maybe Bool)
-rcSetAsActive = lens _rcSetAsActive (\ s a -> s{_rcSetAsActive = a})
-
--- | The certificate data, in PEM format.
-rcCertificatePem :: Lens' RegisterCertificate Text
-rcCertificatePem = lens _rcCertificatePem (\ s a -> s{_rcCertificatePem = a})
-
-instance AWSRequest RegisterCertificate where
-        type Rs RegisterCertificate =
-             RegisterCertificateResponse
-        request = postJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 RegisterCertificateResponse' <$>
-                   (x .?> "certificateArn") <*> (x .?> "certificateId")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable RegisterCertificate where
-
-instance NFData RegisterCertificate where
-
-instance ToHeaders RegisterCertificate where
-        toHeaders = const mempty
-
-instance ToJSON RegisterCertificate where
-        toJSON RegisterCertificate'{..}
-          = object
-              (catMaybes
-                 [("status" .=) <$> _rcStatus,
-                  ("caCertificatePem" .=) <$> _rcCaCertificatePem,
-                  Just ("certificatePem" .= _rcCertificatePem)])
-
-instance ToPath RegisterCertificate where
-        toPath = const "/certificate/register"
-
-instance ToQuery RegisterCertificate where
-        toQuery RegisterCertificate'{..}
-          = mconcat ["setAsActive" =: _rcSetAsActive]
-
--- | The output from the RegisterCertificate operation.
---
---
---
--- /See:/ 'registerCertificateResponse' smart constructor.
-data RegisterCertificateResponse = RegisterCertificateResponse'
-  { _rcrsCertificateARN :: !(Maybe Text)
-  , _rcrsCertificateId  :: !(Maybe Text)
-  , _rcrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'RegisterCertificateResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'rcrsCertificateARN' - The certificate ARN.
---
--- * 'rcrsCertificateId' - The certificate identifier.
---
--- * 'rcrsResponseStatus' - -- | The response status code.
-registerCertificateResponse
-    :: Int -- ^ 'rcrsResponseStatus'
-    -> RegisterCertificateResponse
-registerCertificateResponse pResponseStatus_ =
-  RegisterCertificateResponse'
-    { _rcrsCertificateARN = Nothing
-    , _rcrsCertificateId = Nothing
-    , _rcrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The certificate ARN.
-rcrsCertificateARN :: Lens' RegisterCertificateResponse (Maybe Text)
-rcrsCertificateARN = lens _rcrsCertificateARN (\ s a -> s{_rcrsCertificateARN = a})
-
--- | The certificate identifier.
-rcrsCertificateId :: Lens' RegisterCertificateResponse (Maybe Text)
-rcrsCertificateId = lens _rcrsCertificateId (\ s a -> s{_rcrsCertificateId = a})
-
--- | -- | The response status code.
-rcrsResponseStatus :: Lens' RegisterCertificateResponse Int
-rcrsResponseStatus = lens _rcrsResponseStatus (\ s a -> s{_rcrsResponseStatus = a})
-
-instance NFData RegisterCertificateResponse where
diff --git a/gen/Network/AWS/IoT/RegisterThing.hs b/gen/Network/AWS/IoT/RegisterThing.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/RegisterThing.hs
+++ /dev/null
@@ -1,149 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.RegisterThing
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Provisions a thing.
---
---
-module Network.AWS.IoT.RegisterThing
-    (
-    -- * Creating a Request
-      registerThing
-    , RegisterThing
-    -- * Request Lenses
-    , rtParameters
-    , rtTemplateBody
-
-    -- * Destructuring the Response
-    , registerThingResponse
-    , RegisterThingResponse
-    -- * Response Lenses
-    , rtrsCertificatePem
-    , rtrsResourceARNs
-    , rtrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'registerThing' smart constructor.
-data RegisterThing = RegisterThing'
-  { _rtParameters   :: !(Maybe (Map Text Text))
-  , _rtTemplateBody :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'RegisterThing' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'rtParameters' - The parameters for provisioning a thing. See <http://docs.aws.amazon.com/iot/latest/developerguide/programmatic-provisioning.html Programmatic Provisioning> for more information.
---
--- * 'rtTemplateBody' - The provisioning template. See <http://docs.aws.amazon.com/iot/latest/developerguide/programmatic-provisioning.html Programmatic Provisioning> for more information.
-registerThing
-    :: Text -- ^ 'rtTemplateBody'
-    -> RegisterThing
-registerThing pTemplateBody_ =
-  RegisterThing' {_rtParameters = Nothing, _rtTemplateBody = pTemplateBody_}
-
-
--- | The parameters for provisioning a thing. See <http://docs.aws.amazon.com/iot/latest/developerguide/programmatic-provisioning.html Programmatic Provisioning> for more information.
-rtParameters :: Lens' RegisterThing (HashMap Text Text)
-rtParameters = lens _rtParameters (\ s a -> s{_rtParameters = a}) . _Default . _Map
-
--- | The provisioning template. See <http://docs.aws.amazon.com/iot/latest/developerguide/programmatic-provisioning.html Programmatic Provisioning> for more information.
-rtTemplateBody :: Lens' RegisterThing Text
-rtTemplateBody = lens _rtTemplateBody (\ s a -> s{_rtTemplateBody = a})
-
-instance AWSRequest RegisterThing where
-        type Rs RegisterThing = RegisterThingResponse
-        request = postJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 RegisterThingResponse' <$>
-                   (x .?> "certificatePem") <*>
-                     (x .?> "resourceArns" .!@ mempty)
-                     <*> (pure (fromEnum s)))
-
-instance Hashable RegisterThing where
-
-instance NFData RegisterThing where
-
-instance ToHeaders RegisterThing where
-        toHeaders = const mempty
-
-instance ToJSON RegisterThing where
-        toJSON RegisterThing'{..}
-          = object
-              (catMaybes
-                 [("parameters" .=) <$> _rtParameters,
-                  Just ("templateBody" .= _rtTemplateBody)])
-
-instance ToPath RegisterThing where
-        toPath = const "/things"
-
-instance ToQuery RegisterThing where
-        toQuery = const mempty
-
--- | /See:/ 'registerThingResponse' smart constructor.
-data RegisterThingResponse = RegisterThingResponse'
-  { _rtrsCertificatePem :: !(Maybe Text)
-  , _rtrsResourceARNs   :: !(Maybe (Map Text Text))
-  , _rtrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'RegisterThingResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'rtrsCertificatePem' - Undocumented member.
---
--- * 'rtrsResourceARNs' - ARNs for the generated resources.
---
--- * 'rtrsResponseStatus' - -- | The response status code.
-registerThingResponse
-    :: Int -- ^ 'rtrsResponseStatus'
-    -> RegisterThingResponse
-registerThingResponse pResponseStatus_ =
-  RegisterThingResponse'
-    { _rtrsCertificatePem = Nothing
-    , _rtrsResourceARNs = Nothing
-    , _rtrsResponseStatus = pResponseStatus_
-    }
-
-
--- | Undocumented member.
-rtrsCertificatePem :: Lens' RegisterThingResponse (Maybe Text)
-rtrsCertificatePem = lens _rtrsCertificatePem (\ s a -> s{_rtrsCertificatePem = a})
-
--- | ARNs for the generated resources.
-rtrsResourceARNs :: Lens' RegisterThingResponse (HashMap Text Text)
-rtrsResourceARNs = lens _rtrsResourceARNs (\ s a -> s{_rtrsResourceARNs = a}) . _Default . _Map
-
--- | -- | The response status code.
-rtrsResponseStatus :: Lens' RegisterThingResponse Int
-rtrsResponseStatus = lens _rtrsResponseStatus (\ s a -> s{_rtrsResponseStatus = a})
-
-instance NFData RegisterThingResponse where
diff --git a/gen/Network/AWS/IoT/RejectCertificateTransfer.hs b/gen/Network/AWS/IoT/RejectCertificateTransfer.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/RejectCertificateTransfer.hs
+++ /dev/null
@@ -1,126 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.RejectCertificateTransfer
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Rejects a pending certificate transfer. After AWS IoT rejects a certificate transfer, the certificate status changes from __PENDING_TRANSFER__ to __INACTIVE__ .
---
---
--- To check for pending certificate transfers, call 'ListCertificates' to enumerate your certificates.
---
--- This operation can only be called by the transfer destination. After it is called, the certificate will be returned to the source's account in the INACTIVE state.
---
-module Network.AWS.IoT.RejectCertificateTransfer
-    (
-    -- * Creating a Request
-      rejectCertificateTransfer
-    , RejectCertificateTransfer
-    -- * Request Lenses
-    , rctRejectReason
-    , rctCertificateId
-
-    -- * Destructuring the Response
-    , rejectCertificateTransferResponse
-    , RejectCertificateTransferResponse
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the RejectCertificateTransfer operation.
---
---
---
--- /See:/ 'rejectCertificateTransfer' smart constructor.
-data RejectCertificateTransfer = RejectCertificateTransfer'
-  { _rctRejectReason  :: !(Maybe Text)
-  , _rctCertificateId :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'RejectCertificateTransfer' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'rctRejectReason' - The reason the certificate transfer was rejected.
---
--- * 'rctCertificateId' - The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.)
-rejectCertificateTransfer
-    :: Text -- ^ 'rctCertificateId'
-    -> RejectCertificateTransfer
-rejectCertificateTransfer pCertificateId_ =
-  RejectCertificateTransfer'
-    {_rctRejectReason = Nothing, _rctCertificateId = pCertificateId_}
-
-
--- | The reason the certificate transfer was rejected.
-rctRejectReason :: Lens' RejectCertificateTransfer (Maybe Text)
-rctRejectReason = lens _rctRejectReason (\ s a -> s{_rctRejectReason = a})
-
--- | The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.)
-rctCertificateId :: Lens' RejectCertificateTransfer Text
-rctCertificateId = lens _rctCertificateId (\ s a -> s{_rctCertificateId = a})
-
-instance AWSRequest RejectCertificateTransfer where
-        type Rs RejectCertificateTransfer =
-             RejectCertificateTransferResponse
-        request = patchJSON ioT
-        response
-          = receiveNull RejectCertificateTransferResponse'
-
-instance Hashable RejectCertificateTransfer where
-
-instance NFData RejectCertificateTransfer where
-
-instance ToHeaders RejectCertificateTransfer where
-        toHeaders = const mempty
-
-instance ToJSON RejectCertificateTransfer where
-        toJSON RejectCertificateTransfer'{..}
-          = object
-              (catMaybes
-                 [("rejectReason" .=) <$> _rctRejectReason])
-
-instance ToPath RejectCertificateTransfer where
-        toPath RejectCertificateTransfer'{..}
-          = mconcat
-              ["/reject-certificate-transfer/",
-               toBS _rctCertificateId]
-
-instance ToQuery RejectCertificateTransfer where
-        toQuery = const mempty
-
--- | /See:/ 'rejectCertificateTransferResponse' smart constructor.
-data RejectCertificateTransferResponse =
-  RejectCertificateTransferResponse'
-  deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'RejectCertificateTransferResponse' with the minimum fields required to make a request.
---
-rejectCertificateTransferResponse
-    :: RejectCertificateTransferResponse
-rejectCertificateTransferResponse = RejectCertificateTransferResponse'
-
-
-instance NFData RejectCertificateTransferResponse
-         where
diff --git a/gen/Network/AWS/IoT/RemoveThingFromThingGroup.hs b/gen/Network/AWS/IoT/RemoveThingFromThingGroup.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/RemoveThingFromThingGroup.hs
+++ /dev/null
@@ -1,152 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.RemoveThingFromThingGroup
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Remove the specified thing from the specified group.
---
---
-module Network.AWS.IoT.RemoveThingFromThingGroup
-    (
-    -- * Creating a Request
-      removeThingFromThingGroup
-    , RemoveThingFromThingGroup
-    -- * Request Lenses
-    , rtftgThingGroupARN
-    , rtftgThingARN
-    , rtftgThingGroupName
-    , rtftgThingName
-
-    -- * Destructuring the Response
-    , removeThingFromThingGroupResponse
-    , RemoveThingFromThingGroupResponse
-    -- * Response Lenses
-    , rtftgrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'removeThingFromThingGroup' smart constructor.
-data RemoveThingFromThingGroup = RemoveThingFromThingGroup'
-  { _rtftgThingGroupARN  :: !(Maybe Text)
-  , _rtftgThingARN       :: !(Maybe Text)
-  , _rtftgThingGroupName :: !(Maybe Text)
-  , _rtftgThingName      :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'RemoveThingFromThingGroup' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'rtftgThingGroupARN' - The group ARN.
---
--- * 'rtftgThingARN' - The ARN of the thing to remove from the group.
---
--- * 'rtftgThingGroupName' - The group name.
---
--- * 'rtftgThingName' - The name of the thing to remove from the group.
-removeThingFromThingGroup
-    :: RemoveThingFromThingGroup
-removeThingFromThingGroup =
-  RemoveThingFromThingGroup'
-    { _rtftgThingGroupARN = Nothing
-    , _rtftgThingARN = Nothing
-    , _rtftgThingGroupName = Nothing
-    , _rtftgThingName = Nothing
-    }
-
-
--- | The group ARN.
-rtftgThingGroupARN :: Lens' RemoveThingFromThingGroup (Maybe Text)
-rtftgThingGroupARN = lens _rtftgThingGroupARN (\ s a -> s{_rtftgThingGroupARN = a})
-
--- | The ARN of the thing to remove from the group.
-rtftgThingARN :: Lens' RemoveThingFromThingGroup (Maybe Text)
-rtftgThingARN = lens _rtftgThingARN (\ s a -> s{_rtftgThingARN = a})
-
--- | The group name.
-rtftgThingGroupName :: Lens' RemoveThingFromThingGroup (Maybe Text)
-rtftgThingGroupName = lens _rtftgThingGroupName (\ s a -> s{_rtftgThingGroupName = a})
-
--- | The name of the thing to remove from the group.
-rtftgThingName :: Lens' RemoveThingFromThingGroup (Maybe Text)
-rtftgThingName = lens _rtftgThingName (\ s a -> s{_rtftgThingName = a})
-
-instance AWSRequest RemoveThingFromThingGroup where
-        type Rs RemoveThingFromThingGroup =
-             RemoveThingFromThingGroupResponse
-        request = putJSON ioT
-        response
-          = receiveEmpty
-              (\ s h x ->
-                 RemoveThingFromThingGroupResponse' <$>
-                   (pure (fromEnum s)))
-
-instance Hashable RemoveThingFromThingGroup where
-
-instance NFData RemoveThingFromThingGroup where
-
-instance ToHeaders RemoveThingFromThingGroup where
-        toHeaders = const mempty
-
-instance ToJSON RemoveThingFromThingGroup where
-        toJSON RemoveThingFromThingGroup'{..}
-          = object
-              (catMaybes
-                 [("thingGroupArn" .=) <$> _rtftgThingGroupARN,
-                  ("thingArn" .=) <$> _rtftgThingARN,
-                  ("thingGroupName" .=) <$> _rtftgThingGroupName,
-                  ("thingName" .=) <$> _rtftgThingName])
-
-instance ToPath RemoveThingFromThingGroup where
-        toPath
-          = const "/thing-groups/removeThingFromThingGroup"
-
-instance ToQuery RemoveThingFromThingGroup where
-        toQuery = const mempty
-
--- | /See:/ 'removeThingFromThingGroupResponse' smart constructor.
-newtype RemoveThingFromThingGroupResponse = RemoveThingFromThingGroupResponse'
-  { _rtftgrsResponseStatus :: Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'RemoveThingFromThingGroupResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'rtftgrsResponseStatus' - -- | The response status code.
-removeThingFromThingGroupResponse
-    :: Int -- ^ 'rtftgrsResponseStatus'
-    -> RemoveThingFromThingGroupResponse
-removeThingFromThingGroupResponse pResponseStatus_ =
-  RemoveThingFromThingGroupResponse' {_rtftgrsResponseStatus = pResponseStatus_}
-
-
--- | -- | The response status code.
-rtftgrsResponseStatus :: Lens' RemoveThingFromThingGroupResponse Int
-rtftgrsResponseStatus = lens _rtftgrsResponseStatus (\ s a -> s{_rtftgrsResponseStatus = a})
-
-instance NFData RemoveThingFromThingGroupResponse
-         where
diff --git a/gen/Network/AWS/IoT/ReplaceTopicRule.hs b/gen/Network/AWS/IoT/ReplaceTopicRule.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/ReplaceTopicRule.hs
+++ /dev/null
@@ -1,118 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.ReplaceTopicRule
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Replaces the rule. You must specify all parameters for the new rule. Creating rules is an administrator-level action. Any user who has permission to create rules will be able to access data processed by the rule.
---
---
-module Network.AWS.IoT.ReplaceTopicRule
-    (
-    -- * Creating a Request
-      replaceTopicRule
-    , ReplaceTopicRule
-    -- * Request Lenses
-    , rtrRuleName
-    , rtrTopicRulePayload
-
-    -- * Destructuring the Response
-    , replaceTopicRuleResponse
-    , ReplaceTopicRuleResponse
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the ReplaceTopicRule operation.
---
---
---
--- /See:/ 'replaceTopicRule' smart constructor.
-data ReplaceTopicRule = ReplaceTopicRule'
-  { _rtrRuleName         :: !Text
-  , _rtrTopicRulePayload :: !TopicRulePayload
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ReplaceTopicRule' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'rtrRuleName' - The name of the rule.
---
--- * 'rtrTopicRulePayload' - The rule payload.
-replaceTopicRule
-    :: Text -- ^ 'rtrRuleName'
-    -> TopicRulePayload -- ^ 'rtrTopicRulePayload'
-    -> ReplaceTopicRule
-replaceTopicRule pRuleName_ pTopicRulePayload_ =
-  ReplaceTopicRule'
-    {_rtrRuleName = pRuleName_, _rtrTopicRulePayload = pTopicRulePayload_}
-
-
--- | The name of the rule.
-rtrRuleName :: Lens' ReplaceTopicRule Text
-rtrRuleName = lens _rtrRuleName (\ s a -> s{_rtrRuleName = a})
-
--- | The rule payload.
-rtrTopicRulePayload :: Lens' ReplaceTopicRule TopicRulePayload
-rtrTopicRulePayload = lens _rtrTopicRulePayload (\ s a -> s{_rtrTopicRulePayload = a})
-
-instance AWSRequest ReplaceTopicRule where
-        type Rs ReplaceTopicRule = ReplaceTopicRuleResponse
-        request = patchJSON ioT
-        response = receiveNull ReplaceTopicRuleResponse'
-
-instance Hashable ReplaceTopicRule where
-
-instance NFData ReplaceTopicRule where
-
-instance ToHeaders ReplaceTopicRule where
-        toHeaders = const mempty
-
-instance ToJSON ReplaceTopicRule where
-        toJSON ReplaceTopicRule'{..}
-          = object
-              (catMaybes
-                 [Just ("topicRulePayload" .= _rtrTopicRulePayload)])
-
-instance ToPath ReplaceTopicRule where
-        toPath ReplaceTopicRule'{..}
-          = mconcat ["/rules/", toBS _rtrRuleName]
-
-instance ToQuery ReplaceTopicRule where
-        toQuery = const mempty
-
--- | /See:/ 'replaceTopicRuleResponse' smart constructor.
-data ReplaceTopicRuleResponse =
-  ReplaceTopicRuleResponse'
-  deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ReplaceTopicRuleResponse' with the minimum fields required to make a request.
---
-replaceTopicRuleResponse
-    :: ReplaceTopicRuleResponse
-replaceTopicRuleResponse = ReplaceTopicRuleResponse'
-
-
-instance NFData ReplaceTopicRuleResponse where
diff --git a/gen/Network/AWS/IoT/SearchIndex.hs b/gen/Network/AWS/IoT/SearchIndex.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/SearchIndex.hs
+++ /dev/null
@@ -1,181 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.SearchIndex
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- The query search index.
---
---
-module Network.AWS.IoT.SearchIndex
-    (
-    -- * Creating a Request
-      searchIndex
-    , SearchIndex
-    -- * Request Lenses
-    , siQueryVersion
-    , siNextToken
-    , siMaxResults
-    , siIndexName
-    , siQueryString
-
-    -- * Destructuring the Response
-    , searchIndexResponse
-    , SearchIndexResponse
-    -- * Response Lenses
-    , sirsNextToken
-    , sirsThings
-    , sirsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'searchIndex' smart constructor.
-data SearchIndex = SearchIndex'
-  { _siQueryVersion :: !(Maybe Text)
-  , _siNextToken    :: !(Maybe Text)
-  , _siMaxResults   :: !(Maybe Nat)
-  , _siIndexName    :: !(Maybe Text)
-  , _siQueryString  :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'SearchIndex' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'siQueryVersion' - The query version.
---
--- * 'siNextToken' - The token used to get the next set of results, or __null__ if there are no additional results.
---
--- * 'siMaxResults' - The maximum number of results to return at one time.
---
--- * 'siIndexName' - The search index name.
---
--- * 'siQueryString' - The search query string.
-searchIndex
-    :: Text -- ^ 'siQueryString'
-    -> SearchIndex
-searchIndex pQueryString_ =
-  SearchIndex'
-    { _siQueryVersion = Nothing
-    , _siNextToken = Nothing
-    , _siMaxResults = Nothing
-    , _siIndexName = Nothing
-    , _siQueryString = pQueryString_
-    }
-
-
--- | The query version.
-siQueryVersion :: Lens' SearchIndex (Maybe Text)
-siQueryVersion = lens _siQueryVersion (\ s a -> s{_siQueryVersion = a})
-
--- | The token used to get the next set of results, or __null__ if there are no additional results.
-siNextToken :: Lens' SearchIndex (Maybe Text)
-siNextToken = lens _siNextToken (\ s a -> s{_siNextToken = a})
-
--- | The maximum number of results to return at one time.
-siMaxResults :: Lens' SearchIndex (Maybe Natural)
-siMaxResults = lens _siMaxResults (\ s a -> s{_siMaxResults = a}) . mapping _Nat
-
--- | The search index name.
-siIndexName :: Lens' SearchIndex (Maybe Text)
-siIndexName = lens _siIndexName (\ s a -> s{_siIndexName = a})
-
--- | The search query string.
-siQueryString :: Lens' SearchIndex Text
-siQueryString = lens _siQueryString (\ s a -> s{_siQueryString = a})
-
-instance AWSRequest SearchIndex where
-        type Rs SearchIndex = SearchIndexResponse
-        request = postJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 SearchIndexResponse' <$>
-                   (x .?> "nextToken") <*> (x .?> "things" .!@ mempty)
-                     <*> (pure (fromEnum s)))
-
-instance Hashable SearchIndex where
-
-instance NFData SearchIndex where
-
-instance ToHeaders SearchIndex where
-        toHeaders = const mempty
-
-instance ToJSON SearchIndex where
-        toJSON SearchIndex'{..}
-          = object
-              (catMaybes
-                 [("queryVersion" .=) <$> _siQueryVersion,
-                  ("nextToken" .=) <$> _siNextToken,
-                  ("maxResults" .=) <$> _siMaxResults,
-                  ("indexName" .=) <$> _siIndexName,
-                  Just ("queryString" .= _siQueryString)])
-
-instance ToPath SearchIndex where
-        toPath = const "/indices/search"
-
-instance ToQuery SearchIndex where
-        toQuery = const mempty
-
--- | /See:/ 'searchIndexResponse' smart constructor.
-data SearchIndexResponse = SearchIndexResponse'
-  { _sirsNextToken      :: !(Maybe Text)
-  , _sirsThings         :: !(Maybe [ThingDocument])
-  , _sirsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'SearchIndexResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'sirsNextToken' - The token used to get the next set of results, or __null__ if there are no additional results.
---
--- * 'sirsThings' - The things that match the search query.
---
--- * 'sirsResponseStatus' - -- | The response status code.
-searchIndexResponse
-    :: Int -- ^ 'sirsResponseStatus'
-    -> SearchIndexResponse
-searchIndexResponse pResponseStatus_ =
-  SearchIndexResponse'
-    { _sirsNextToken = Nothing
-    , _sirsThings = Nothing
-    , _sirsResponseStatus = pResponseStatus_
-    }
-
-
--- | The token used to get the next set of results, or __null__ if there are no additional results.
-sirsNextToken :: Lens' SearchIndexResponse (Maybe Text)
-sirsNextToken = lens _sirsNextToken (\ s a -> s{_sirsNextToken = a})
-
--- | The things that match the search query.
-sirsThings :: Lens' SearchIndexResponse [ThingDocument]
-sirsThings = lens _sirsThings (\ s a -> s{_sirsThings = a}) . _Default . _Coerce
-
--- | -- | The response status code.
-sirsResponseStatus :: Lens' SearchIndexResponse Int
-sirsResponseStatus = lens _sirsResponseStatus (\ s a -> s{_sirsResponseStatus = a})
-
-instance NFData SearchIndexResponse where
diff --git a/gen/Network/AWS/IoT/SetDefaultAuthorizer.hs b/gen/Network/AWS/IoT/SetDefaultAuthorizer.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/SetDefaultAuthorizer.hs
+++ /dev/null
@@ -1,140 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.SetDefaultAuthorizer
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Sets the default authorizer. This will be used if a websocket connection is made without specifying an authorizer.
---
---
-module Network.AWS.IoT.SetDefaultAuthorizer
-    (
-    -- * Creating a Request
-      setDefaultAuthorizer
-    , SetDefaultAuthorizer
-    -- * Request Lenses
-    , sdaAuthorizerName
-
-    -- * Destructuring the Response
-    , setDefaultAuthorizerResponse
-    , SetDefaultAuthorizerResponse
-    -- * Response Lenses
-    , sdarsAuthorizerName
-    , sdarsAuthorizerARN
-    , sdarsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'setDefaultAuthorizer' smart constructor.
-newtype SetDefaultAuthorizer = SetDefaultAuthorizer'
-  { _sdaAuthorizerName :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'SetDefaultAuthorizer' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'sdaAuthorizerName' - The authorizer name.
-setDefaultAuthorizer
-    :: Text -- ^ 'sdaAuthorizerName'
-    -> SetDefaultAuthorizer
-setDefaultAuthorizer pAuthorizerName_ =
-  SetDefaultAuthorizer' {_sdaAuthorizerName = pAuthorizerName_}
-
-
--- | The authorizer name.
-sdaAuthorizerName :: Lens' SetDefaultAuthorizer Text
-sdaAuthorizerName = lens _sdaAuthorizerName (\ s a -> s{_sdaAuthorizerName = a})
-
-instance AWSRequest SetDefaultAuthorizer where
-        type Rs SetDefaultAuthorizer =
-             SetDefaultAuthorizerResponse
-        request = postJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 SetDefaultAuthorizerResponse' <$>
-                   (x .?> "authorizerName") <*> (x .?> "authorizerArn")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable SetDefaultAuthorizer where
-
-instance NFData SetDefaultAuthorizer where
-
-instance ToHeaders SetDefaultAuthorizer where
-        toHeaders = const mempty
-
-instance ToJSON SetDefaultAuthorizer where
-        toJSON SetDefaultAuthorizer'{..}
-          = object
-              (catMaybes
-                 [Just ("authorizerName" .= _sdaAuthorizerName)])
-
-instance ToPath SetDefaultAuthorizer where
-        toPath = const "/default-authorizer"
-
-instance ToQuery SetDefaultAuthorizer where
-        toQuery = const mempty
-
--- | /See:/ 'setDefaultAuthorizerResponse' smart constructor.
-data SetDefaultAuthorizerResponse = SetDefaultAuthorizerResponse'
-  { _sdarsAuthorizerName :: !(Maybe Text)
-  , _sdarsAuthorizerARN  :: !(Maybe Text)
-  , _sdarsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'SetDefaultAuthorizerResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'sdarsAuthorizerName' - The authorizer name.
---
--- * 'sdarsAuthorizerARN' - The authorizer ARN.
---
--- * 'sdarsResponseStatus' - -- | The response status code.
-setDefaultAuthorizerResponse
-    :: Int -- ^ 'sdarsResponseStatus'
-    -> SetDefaultAuthorizerResponse
-setDefaultAuthorizerResponse pResponseStatus_ =
-  SetDefaultAuthorizerResponse'
-    { _sdarsAuthorizerName = Nothing
-    , _sdarsAuthorizerARN = Nothing
-    , _sdarsResponseStatus = pResponseStatus_
-    }
-
-
--- | The authorizer name.
-sdarsAuthorizerName :: Lens' SetDefaultAuthorizerResponse (Maybe Text)
-sdarsAuthorizerName = lens _sdarsAuthorizerName (\ s a -> s{_sdarsAuthorizerName = a})
-
--- | The authorizer ARN.
-sdarsAuthorizerARN :: Lens' SetDefaultAuthorizerResponse (Maybe Text)
-sdarsAuthorizerARN = lens _sdarsAuthorizerARN (\ s a -> s{_sdarsAuthorizerARN = a})
-
--- | -- | The response status code.
-sdarsResponseStatus :: Lens' SetDefaultAuthorizerResponse Int
-sdarsResponseStatus = lens _sdarsResponseStatus (\ s a -> s{_sdarsResponseStatus = a})
-
-instance NFData SetDefaultAuthorizerResponse where
diff --git a/gen/Network/AWS/IoT/SetDefaultPolicyVersion.hs b/gen/Network/AWS/IoT/SetDefaultPolicyVersion.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/SetDefaultPolicyVersion.hs
+++ /dev/null
@@ -1,119 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.SetDefaultPolicyVersion
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Sets the specified version of the specified policy as the policy's default (operative) version. This action affects all certificates to which the policy is attached. To list the principals the policy is attached to, use the ListPrincipalPolicy API.
---
---
-module Network.AWS.IoT.SetDefaultPolicyVersion
-    (
-    -- * Creating a Request
-      setDefaultPolicyVersion
-    , SetDefaultPolicyVersion
-    -- * Request Lenses
-    , sdpvPolicyName
-    , sdpvPolicyVersionId
-
-    -- * Destructuring the Response
-    , setDefaultPolicyVersionResponse
-    , SetDefaultPolicyVersionResponse
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the SetDefaultPolicyVersion operation.
---
---
---
--- /See:/ 'setDefaultPolicyVersion' smart constructor.
-data SetDefaultPolicyVersion = SetDefaultPolicyVersion'
-  { _sdpvPolicyName      :: !Text
-  , _sdpvPolicyVersionId :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'SetDefaultPolicyVersion' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'sdpvPolicyName' - The policy name.
---
--- * 'sdpvPolicyVersionId' - The policy version ID.
-setDefaultPolicyVersion
-    :: Text -- ^ 'sdpvPolicyName'
-    -> Text -- ^ 'sdpvPolicyVersionId'
-    -> SetDefaultPolicyVersion
-setDefaultPolicyVersion pPolicyName_ pPolicyVersionId_ =
-  SetDefaultPolicyVersion'
-    {_sdpvPolicyName = pPolicyName_, _sdpvPolicyVersionId = pPolicyVersionId_}
-
-
--- | The policy name.
-sdpvPolicyName :: Lens' SetDefaultPolicyVersion Text
-sdpvPolicyName = lens _sdpvPolicyName (\ s a -> s{_sdpvPolicyName = a})
-
--- | The policy version ID.
-sdpvPolicyVersionId :: Lens' SetDefaultPolicyVersion Text
-sdpvPolicyVersionId = lens _sdpvPolicyVersionId (\ s a -> s{_sdpvPolicyVersionId = a})
-
-instance AWSRequest SetDefaultPolicyVersion where
-        type Rs SetDefaultPolicyVersion =
-             SetDefaultPolicyVersionResponse
-        request = patchJSON ioT
-        response
-          = receiveNull SetDefaultPolicyVersionResponse'
-
-instance Hashable SetDefaultPolicyVersion where
-
-instance NFData SetDefaultPolicyVersion where
-
-instance ToHeaders SetDefaultPolicyVersion where
-        toHeaders = const mempty
-
-instance ToJSON SetDefaultPolicyVersion where
-        toJSON = const (Object mempty)
-
-instance ToPath SetDefaultPolicyVersion where
-        toPath SetDefaultPolicyVersion'{..}
-          = mconcat
-              ["/policies/", toBS _sdpvPolicyName, "/version/",
-               toBS _sdpvPolicyVersionId]
-
-instance ToQuery SetDefaultPolicyVersion where
-        toQuery = const mempty
-
--- | /See:/ 'setDefaultPolicyVersionResponse' smart constructor.
-data SetDefaultPolicyVersionResponse =
-  SetDefaultPolicyVersionResponse'
-  deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'SetDefaultPolicyVersionResponse' with the minimum fields required to make a request.
---
-setDefaultPolicyVersionResponse
-    :: SetDefaultPolicyVersionResponse
-setDefaultPolicyVersionResponse = SetDefaultPolicyVersionResponse'
-
-
-instance NFData SetDefaultPolicyVersionResponse where
diff --git a/gen/Network/AWS/IoT/SetLoggingOptions.hs b/gen/Network/AWS/IoT/SetLoggingOptions.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/SetLoggingOptions.hs
+++ /dev/null
@@ -1,109 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.SetLoggingOptions
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Sets the logging options.
---
---
-module Network.AWS.IoT.SetLoggingOptions
-    (
-    -- * Creating a Request
-      setLoggingOptions
-    , SetLoggingOptions
-    -- * Request Lenses
-    , sloLoggingOptionsPayload
-
-    -- * Destructuring the Response
-    , setLoggingOptionsResponse
-    , SetLoggingOptionsResponse
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the SetLoggingOptions operation.
---
---
---
--- /See:/ 'setLoggingOptions' smart constructor.
-newtype SetLoggingOptions = SetLoggingOptions'
-  { _sloLoggingOptionsPayload :: LoggingOptionsPayload
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'SetLoggingOptions' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'sloLoggingOptionsPayload' - The logging options payload.
-setLoggingOptions
-    :: LoggingOptionsPayload -- ^ 'sloLoggingOptionsPayload'
-    -> SetLoggingOptions
-setLoggingOptions pLoggingOptionsPayload_ =
-  SetLoggingOptions' {_sloLoggingOptionsPayload = pLoggingOptionsPayload_}
-
-
--- | The logging options payload.
-sloLoggingOptionsPayload :: Lens' SetLoggingOptions LoggingOptionsPayload
-sloLoggingOptionsPayload = lens _sloLoggingOptionsPayload (\ s a -> s{_sloLoggingOptionsPayload = a})
-
-instance AWSRequest SetLoggingOptions where
-        type Rs SetLoggingOptions = SetLoggingOptionsResponse
-        request = postJSON ioT
-        response = receiveNull SetLoggingOptionsResponse'
-
-instance Hashable SetLoggingOptions where
-
-instance NFData SetLoggingOptions where
-
-instance ToHeaders SetLoggingOptions where
-        toHeaders = const mempty
-
-instance ToJSON SetLoggingOptions where
-        toJSON SetLoggingOptions'{..}
-          = object
-              (catMaybes
-                 [Just
-                    ("loggingOptionsPayload" .=
-                       _sloLoggingOptionsPayload)])
-
-instance ToPath SetLoggingOptions where
-        toPath = const "/loggingOptions"
-
-instance ToQuery SetLoggingOptions where
-        toQuery = const mempty
-
--- | /See:/ 'setLoggingOptionsResponse' smart constructor.
-data SetLoggingOptionsResponse =
-  SetLoggingOptionsResponse'
-  deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'SetLoggingOptionsResponse' with the minimum fields required to make a request.
---
-setLoggingOptionsResponse
-    :: SetLoggingOptionsResponse
-setLoggingOptionsResponse = SetLoggingOptionsResponse'
-
-
-instance NFData SetLoggingOptionsResponse where
diff --git a/gen/Network/AWS/IoT/SetV2LoggingLevel.hs b/gen/Network/AWS/IoT/SetV2LoggingLevel.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/SetV2LoggingLevel.hs
+++ /dev/null
@@ -1,113 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.SetV2LoggingLevel
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Sets the logging level.
---
---
-module Network.AWS.IoT.SetV2LoggingLevel
-    (
-    -- * Creating a Request
-      setV2LoggingLevel
-    , SetV2LoggingLevel
-    -- * Request Lenses
-    , svllLogTarget
-    , svllLogLevel
-
-    -- * Destructuring the Response
-    , setV2LoggingLevelResponse
-    , SetV2LoggingLevelResponse
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'setV2LoggingLevel' smart constructor.
-data SetV2LoggingLevel = SetV2LoggingLevel'
-  { _svllLogTarget :: !LogTarget
-  , _svllLogLevel  :: !LogLevel
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'SetV2LoggingLevel' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'svllLogTarget' - The log target.
---
--- * 'svllLogLevel' - The log level.
-setV2LoggingLevel
-    :: LogTarget -- ^ 'svllLogTarget'
-    -> LogLevel -- ^ 'svllLogLevel'
-    -> SetV2LoggingLevel
-setV2LoggingLevel pLogTarget_ pLogLevel_ =
-  SetV2LoggingLevel' {_svllLogTarget = pLogTarget_, _svllLogLevel = pLogLevel_}
-
-
--- | The log target.
-svllLogTarget :: Lens' SetV2LoggingLevel LogTarget
-svllLogTarget = lens _svllLogTarget (\ s a -> s{_svllLogTarget = a})
-
--- | The log level.
-svllLogLevel :: Lens' SetV2LoggingLevel LogLevel
-svllLogLevel = lens _svllLogLevel (\ s a -> s{_svllLogLevel = a})
-
-instance AWSRequest SetV2LoggingLevel where
-        type Rs SetV2LoggingLevel = SetV2LoggingLevelResponse
-        request = postJSON ioT
-        response = receiveNull SetV2LoggingLevelResponse'
-
-instance Hashable SetV2LoggingLevel where
-
-instance NFData SetV2LoggingLevel where
-
-instance ToHeaders SetV2LoggingLevel where
-        toHeaders = const mempty
-
-instance ToJSON SetV2LoggingLevel where
-        toJSON SetV2LoggingLevel'{..}
-          = object
-              (catMaybes
-                 [Just ("logTarget" .= _svllLogTarget),
-                  Just ("logLevel" .= _svllLogLevel)])
-
-instance ToPath SetV2LoggingLevel where
-        toPath = const "/v2LoggingLevel"
-
-instance ToQuery SetV2LoggingLevel where
-        toQuery = const mempty
-
--- | /See:/ 'setV2LoggingLevelResponse' smart constructor.
-data SetV2LoggingLevelResponse =
-  SetV2LoggingLevelResponse'
-  deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'SetV2LoggingLevelResponse' with the minimum fields required to make a request.
---
-setV2LoggingLevelResponse
-    :: SetV2LoggingLevelResponse
-setV2LoggingLevelResponse = SetV2LoggingLevelResponse'
-
-
-instance NFData SetV2LoggingLevelResponse where
diff --git a/gen/Network/AWS/IoT/SetV2LoggingOptions.hs b/gen/Network/AWS/IoT/SetV2LoggingOptions.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/SetV2LoggingOptions.hs
+++ /dev/null
@@ -1,125 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.SetV2LoggingOptions
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Sets the logging options for the V2 logging service.
---
---
-module Network.AWS.IoT.SetV2LoggingOptions
-    (
-    -- * Creating a Request
-      setV2LoggingOptions
-    , SetV2LoggingOptions
-    -- * Request Lenses
-    , svloDisableAllLogs
-    , svloDefaultLogLevel
-    , svloRoleARN
-
-    -- * Destructuring the Response
-    , setV2LoggingOptionsResponse
-    , SetV2LoggingOptionsResponse
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'setV2LoggingOptions' smart constructor.
-data SetV2LoggingOptions = SetV2LoggingOptions'
-  { _svloDisableAllLogs  :: !(Maybe Bool)
-  , _svloDefaultLogLevel :: !(Maybe LogLevel)
-  , _svloRoleARN         :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'SetV2LoggingOptions' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'svloDisableAllLogs' - Set to true to disable all logs, otherwise set to false.
---
--- * 'svloDefaultLogLevel' - The default logging level.
---
--- * 'svloRoleARN' - The role ARN that allows IoT to write to Cloudwatch logs.
-setV2LoggingOptions
-    :: SetV2LoggingOptions
-setV2LoggingOptions =
-  SetV2LoggingOptions'
-    { _svloDisableAllLogs = Nothing
-    , _svloDefaultLogLevel = Nothing
-    , _svloRoleARN = Nothing
-    }
-
-
--- | Set to true to disable all logs, otherwise set to false.
-svloDisableAllLogs :: Lens' SetV2LoggingOptions (Maybe Bool)
-svloDisableAllLogs = lens _svloDisableAllLogs (\ s a -> s{_svloDisableAllLogs = a})
-
--- | The default logging level.
-svloDefaultLogLevel :: Lens' SetV2LoggingOptions (Maybe LogLevel)
-svloDefaultLogLevel = lens _svloDefaultLogLevel (\ s a -> s{_svloDefaultLogLevel = a})
-
--- | The role ARN that allows IoT to write to Cloudwatch logs.
-svloRoleARN :: Lens' SetV2LoggingOptions (Maybe Text)
-svloRoleARN = lens _svloRoleARN (\ s a -> s{_svloRoleARN = a})
-
-instance AWSRequest SetV2LoggingOptions where
-        type Rs SetV2LoggingOptions =
-             SetV2LoggingOptionsResponse
-        request = postJSON ioT
-        response = receiveNull SetV2LoggingOptionsResponse'
-
-instance Hashable SetV2LoggingOptions where
-
-instance NFData SetV2LoggingOptions where
-
-instance ToHeaders SetV2LoggingOptions where
-        toHeaders = const mempty
-
-instance ToJSON SetV2LoggingOptions where
-        toJSON SetV2LoggingOptions'{..}
-          = object
-              (catMaybes
-                 [("disableAllLogs" .=) <$> _svloDisableAllLogs,
-                  ("defaultLogLevel" .=) <$> _svloDefaultLogLevel,
-                  ("roleArn" .=) <$> _svloRoleARN])
-
-instance ToPath SetV2LoggingOptions where
-        toPath = const "/v2LoggingOptions"
-
-instance ToQuery SetV2LoggingOptions where
-        toQuery = const mempty
-
--- | /See:/ 'setV2LoggingOptionsResponse' smart constructor.
-data SetV2LoggingOptionsResponse =
-  SetV2LoggingOptionsResponse'
-  deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'SetV2LoggingOptionsResponse' with the minimum fields required to make a request.
---
-setV2LoggingOptionsResponse
-    :: SetV2LoggingOptionsResponse
-setV2LoggingOptionsResponse = SetV2LoggingOptionsResponse'
-
-
-instance NFData SetV2LoggingOptionsResponse where
diff --git a/gen/Network/AWS/IoT/StartThingRegistrationTask.hs b/gen/Network/AWS/IoT/StartThingRegistrationTask.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/StartThingRegistrationTask.hs
+++ /dev/null
@@ -1,164 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.StartThingRegistrationTask
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Creates a bulk thing provisioning task.
---
---
-module Network.AWS.IoT.StartThingRegistrationTask
-    (
-    -- * Creating a Request
-      startThingRegistrationTask
-    , StartThingRegistrationTask
-    -- * Request Lenses
-    , strtTemplateBody
-    , strtInputFileBucket
-    , strtInputFileKey
-    , strtRoleARN
-
-    -- * Destructuring the Response
-    , startThingRegistrationTaskResponse
-    , StartThingRegistrationTaskResponse
-    -- * Response Lenses
-    , strtrsTaskId
-    , strtrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'startThingRegistrationTask' smart constructor.
-data StartThingRegistrationTask = StartThingRegistrationTask'
-  { _strtTemplateBody    :: !Text
-  , _strtInputFileBucket :: !Text
-  , _strtInputFileKey    :: !Text
-  , _strtRoleARN         :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'StartThingRegistrationTask' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'strtTemplateBody' - The provisioning template.
---
--- * 'strtInputFileBucket' - The S3 bucket that contains the input file.
---
--- * 'strtInputFileKey' - The name of input file within the S3 bucket. This file contains a newline delimited JSON file. Each line contains the parameter values to provision one device (thing).
---
--- * 'strtRoleARN' - The IAM role ARN that grants permission the input file.
-startThingRegistrationTask
-    :: Text -- ^ 'strtTemplateBody'
-    -> Text -- ^ 'strtInputFileBucket'
-    -> Text -- ^ 'strtInputFileKey'
-    -> Text -- ^ 'strtRoleARN'
-    -> StartThingRegistrationTask
-startThingRegistrationTask pTemplateBody_ pInputFileBucket_ pInputFileKey_ pRoleARN_ =
-  StartThingRegistrationTask'
-    { _strtTemplateBody = pTemplateBody_
-    , _strtInputFileBucket = pInputFileBucket_
-    , _strtInputFileKey = pInputFileKey_
-    , _strtRoleARN = pRoleARN_
-    }
-
-
--- | The provisioning template.
-strtTemplateBody :: Lens' StartThingRegistrationTask Text
-strtTemplateBody = lens _strtTemplateBody (\ s a -> s{_strtTemplateBody = a})
-
--- | The S3 bucket that contains the input file.
-strtInputFileBucket :: Lens' StartThingRegistrationTask Text
-strtInputFileBucket = lens _strtInputFileBucket (\ s a -> s{_strtInputFileBucket = a})
-
--- | The name of input file within the S3 bucket. This file contains a newline delimited JSON file. Each line contains the parameter values to provision one device (thing).
-strtInputFileKey :: Lens' StartThingRegistrationTask Text
-strtInputFileKey = lens _strtInputFileKey (\ s a -> s{_strtInputFileKey = a})
-
--- | The IAM role ARN that grants permission the input file.
-strtRoleARN :: Lens' StartThingRegistrationTask Text
-strtRoleARN = lens _strtRoleARN (\ s a -> s{_strtRoleARN = a})
-
-instance AWSRequest StartThingRegistrationTask where
-        type Rs StartThingRegistrationTask =
-             StartThingRegistrationTaskResponse
-        request = postJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 StartThingRegistrationTaskResponse' <$>
-                   (x .?> "taskId") <*> (pure (fromEnum s)))
-
-instance Hashable StartThingRegistrationTask where
-
-instance NFData StartThingRegistrationTask where
-
-instance ToHeaders StartThingRegistrationTask where
-        toHeaders = const mempty
-
-instance ToJSON StartThingRegistrationTask where
-        toJSON StartThingRegistrationTask'{..}
-          = object
-              (catMaybes
-                 [Just ("templateBody" .= _strtTemplateBody),
-                  Just ("inputFileBucket" .= _strtInputFileBucket),
-                  Just ("inputFileKey" .= _strtInputFileKey),
-                  Just ("roleArn" .= _strtRoleARN)])
-
-instance ToPath StartThingRegistrationTask where
-        toPath = const "/thing-registration-tasks"
-
-instance ToQuery StartThingRegistrationTask where
-        toQuery = const mempty
-
--- | /See:/ 'startThingRegistrationTaskResponse' smart constructor.
-data StartThingRegistrationTaskResponse = StartThingRegistrationTaskResponse'
-  { _strtrsTaskId         :: !(Maybe Text)
-  , _strtrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'StartThingRegistrationTaskResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'strtrsTaskId' - The bulk thing provisioning task ID.
---
--- * 'strtrsResponseStatus' - -- | The response status code.
-startThingRegistrationTaskResponse
-    :: Int -- ^ 'strtrsResponseStatus'
-    -> StartThingRegistrationTaskResponse
-startThingRegistrationTaskResponse pResponseStatus_ =
-  StartThingRegistrationTaskResponse'
-    {_strtrsTaskId = Nothing, _strtrsResponseStatus = pResponseStatus_}
-
-
--- | The bulk thing provisioning task ID.
-strtrsTaskId :: Lens' StartThingRegistrationTaskResponse (Maybe Text)
-strtrsTaskId = lens _strtrsTaskId (\ s a -> s{_strtrsTaskId = a})
-
--- | -- | The response status code.
-strtrsResponseStatus :: Lens' StartThingRegistrationTaskResponse Int
-strtrsResponseStatus = lens _strtrsResponseStatus (\ s a -> s{_strtrsResponseStatus = a})
-
-instance NFData StartThingRegistrationTaskResponse
-         where
diff --git a/gen/Network/AWS/IoT/StopThingRegistrationTask.hs b/gen/Network/AWS/IoT/StopThingRegistrationTask.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/StopThingRegistrationTask.hs
+++ /dev/null
@@ -1,120 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.StopThingRegistrationTask
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Cancels a bulk thing provisioning task.
---
---
-module Network.AWS.IoT.StopThingRegistrationTask
-    (
-    -- * Creating a Request
-      stopThingRegistrationTask
-    , StopThingRegistrationTask
-    -- * Request Lenses
-    , strtTaskId
-
-    -- * Destructuring the Response
-    , stopThingRegistrationTaskResponse
-    , StopThingRegistrationTaskResponse
-    -- * Response Lenses
-    , srsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'stopThingRegistrationTask' smart constructor.
-newtype StopThingRegistrationTask = StopThingRegistrationTask'
-  { _strtTaskId :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'StopThingRegistrationTask' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'strtTaskId' - The bulk thing provisioning task ID.
-stopThingRegistrationTask
-    :: Text -- ^ 'strtTaskId'
-    -> StopThingRegistrationTask
-stopThingRegistrationTask pTaskId_ =
-  StopThingRegistrationTask' {_strtTaskId = pTaskId_}
-
-
--- | The bulk thing provisioning task ID.
-strtTaskId :: Lens' StopThingRegistrationTask Text
-strtTaskId = lens _strtTaskId (\ s a -> s{_strtTaskId = a})
-
-instance AWSRequest StopThingRegistrationTask where
-        type Rs StopThingRegistrationTask =
-             StopThingRegistrationTaskResponse
-        request = putJSON ioT
-        response
-          = receiveEmpty
-              (\ s h x ->
-                 StopThingRegistrationTaskResponse' <$>
-                   (pure (fromEnum s)))
-
-instance Hashable StopThingRegistrationTask where
-
-instance NFData StopThingRegistrationTask where
-
-instance ToHeaders StopThingRegistrationTask where
-        toHeaders = const mempty
-
-instance ToJSON StopThingRegistrationTask where
-        toJSON = const (Object mempty)
-
-instance ToPath StopThingRegistrationTask where
-        toPath StopThingRegistrationTask'{..}
-          = mconcat
-              ["/thing-registration-tasks/", toBS _strtTaskId,
-               "/cancel"]
-
-instance ToQuery StopThingRegistrationTask where
-        toQuery = const mempty
-
--- | /See:/ 'stopThingRegistrationTaskResponse' smart constructor.
-newtype StopThingRegistrationTaskResponse = StopThingRegistrationTaskResponse'
-  { _srsResponseStatus :: Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'StopThingRegistrationTaskResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'srsResponseStatus' - -- | The response status code.
-stopThingRegistrationTaskResponse
-    :: Int -- ^ 'srsResponseStatus'
-    -> StopThingRegistrationTaskResponse
-stopThingRegistrationTaskResponse pResponseStatus_ =
-  StopThingRegistrationTaskResponse' {_srsResponseStatus = pResponseStatus_}
-
-
--- | -- | The response status code.
-srsResponseStatus :: Lens' StopThingRegistrationTaskResponse Int
-srsResponseStatus = lens _srsResponseStatus (\ s a -> s{_srsResponseStatus = a})
-
-instance NFData StopThingRegistrationTaskResponse
-         where
diff --git a/gen/Network/AWS/IoT/TestAuthorization.hs b/gen/Network/AWS/IoT/TestAuthorization.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/TestAuthorization.hs
+++ /dev/null
@@ -1,181 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.TestAuthorization
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Test custom authorization.
---
---
-module Network.AWS.IoT.TestAuthorization
-    (
-    -- * Creating a Request
-      testAuthorization
-    , TestAuthorization
-    -- * Request Lenses
-    , taClientId
-    , taPolicyNamesToAdd
-    , taPrincipal
-    , taCognitoIdentityPoolId
-    , taPolicyNamesToSkip
-    , taAuthInfos
-
-    -- * Destructuring the Response
-    , testAuthorizationResponse
-    , TestAuthorizationResponse
-    -- * Response Lenses
-    , tarsAuthResults
-    , tarsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'testAuthorization' smart constructor.
-data TestAuthorization = TestAuthorization'
-  { _taClientId              :: !(Maybe Text)
-  , _taPolicyNamesToAdd      :: !(Maybe [Text])
-  , _taPrincipal             :: !(Maybe Text)
-  , _taCognitoIdentityPoolId :: !(Maybe Text)
-  , _taPolicyNamesToSkip     :: !(Maybe [Text])
-  , _taAuthInfos             :: !(List1 AuthInfo)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'TestAuthorization' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'taClientId' - The MQTT client ID.
---
--- * 'taPolicyNamesToAdd' - When testing custom authorization, the policies specified here are treated as if they are attached to the principal being authorized.
---
--- * 'taPrincipal' - The principal.
---
--- * 'taCognitoIdentityPoolId' - The Cognito identity pool ID.
---
--- * 'taPolicyNamesToSkip' - When testing custom authorization, the policies specified here are treated as if they are not attached to the principal being authorized.
---
--- * 'taAuthInfos' - A list of authorization info objects. Simulating authorization will create a response for each @authInfo@ object in the list.
-testAuthorization
-    :: NonEmpty AuthInfo -- ^ 'taAuthInfos'
-    -> TestAuthorization
-testAuthorization pAuthInfos_ =
-  TestAuthorization'
-    { _taClientId = Nothing
-    , _taPolicyNamesToAdd = Nothing
-    , _taPrincipal = Nothing
-    , _taCognitoIdentityPoolId = Nothing
-    , _taPolicyNamesToSkip = Nothing
-    , _taAuthInfos = _List1 # pAuthInfos_
-    }
-
-
--- | The MQTT client ID.
-taClientId :: Lens' TestAuthorization (Maybe Text)
-taClientId = lens _taClientId (\ s a -> s{_taClientId = a})
-
--- | When testing custom authorization, the policies specified here are treated as if they are attached to the principal being authorized.
-taPolicyNamesToAdd :: Lens' TestAuthorization [Text]
-taPolicyNamesToAdd = lens _taPolicyNamesToAdd (\ s a -> s{_taPolicyNamesToAdd = a}) . _Default . _Coerce
-
--- | The principal.
-taPrincipal :: Lens' TestAuthorization (Maybe Text)
-taPrincipal = lens _taPrincipal (\ s a -> s{_taPrincipal = a})
-
--- | The Cognito identity pool ID.
-taCognitoIdentityPoolId :: Lens' TestAuthorization (Maybe Text)
-taCognitoIdentityPoolId = lens _taCognitoIdentityPoolId (\ s a -> s{_taCognitoIdentityPoolId = a})
-
--- | When testing custom authorization, the policies specified here are treated as if they are not attached to the principal being authorized.
-taPolicyNamesToSkip :: Lens' TestAuthorization [Text]
-taPolicyNamesToSkip = lens _taPolicyNamesToSkip (\ s a -> s{_taPolicyNamesToSkip = a}) . _Default . _Coerce
-
--- | A list of authorization info objects. Simulating authorization will create a response for each @authInfo@ object in the list.
-taAuthInfos :: Lens' TestAuthorization (NonEmpty AuthInfo)
-taAuthInfos = lens _taAuthInfos (\ s a -> s{_taAuthInfos = a}) . _List1
-
-instance AWSRequest TestAuthorization where
-        type Rs TestAuthorization = TestAuthorizationResponse
-        request = postJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 TestAuthorizationResponse' <$>
-                   (x .?> "authResults" .!@ mempty) <*>
-                     (pure (fromEnum s)))
-
-instance Hashable TestAuthorization where
-
-instance NFData TestAuthorization where
-
-instance ToHeaders TestAuthorization where
-        toHeaders = const mempty
-
-instance ToJSON TestAuthorization where
-        toJSON TestAuthorization'{..}
-          = object
-              (catMaybes
-                 [("policyNamesToAdd" .=) <$> _taPolicyNamesToAdd,
-                  ("principal" .=) <$> _taPrincipal,
-                  ("cognitoIdentityPoolId" .=) <$>
-                    _taCognitoIdentityPoolId,
-                  ("policyNamesToSkip" .=) <$> _taPolicyNamesToSkip,
-                  Just ("authInfos" .= _taAuthInfos)])
-
-instance ToPath TestAuthorization where
-        toPath = const "/test-authorization"
-
-instance ToQuery TestAuthorization where
-        toQuery TestAuthorization'{..}
-          = mconcat ["clientId" =: _taClientId]
-
--- | /See:/ 'testAuthorizationResponse' smart constructor.
-data TestAuthorizationResponse = TestAuthorizationResponse'
-  { _tarsAuthResults    :: !(Maybe [AuthResult])
-  , _tarsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'TestAuthorizationResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'tarsAuthResults' - The authentication results.
---
--- * 'tarsResponseStatus' - -- | The response status code.
-testAuthorizationResponse
-    :: Int -- ^ 'tarsResponseStatus'
-    -> TestAuthorizationResponse
-testAuthorizationResponse pResponseStatus_ =
-  TestAuthorizationResponse'
-    {_tarsAuthResults = Nothing, _tarsResponseStatus = pResponseStatus_}
-
-
--- | The authentication results.
-tarsAuthResults :: Lens' TestAuthorizationResponse [AuthResult]
-tarsAuthResults = lens _tarsAuthResults (\ s a -> s{_tarsAuthResults = a}) . _Default . _Coerce
-
--- | -- | The response status code.
-tarsResponseStatus :: Lens' TestAuthorizationResponse Int
-tarsResponseStatus = lens _tarsResponseStatus (\ s a -> s{_tarsResponseStatus = a})
-
-instance NFData TestAuthorizationResponse where
diff --git a/gen/Network/AWS/IoT/TestInvokeAuthorizer.hs b/gen/Network/AWS/IoT/TestInvokeAuthorizer.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/TestInvokeAuthorizer.hs
+++ /dev/null
@@ -1,196 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.TestInvokeAuthorizer
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Invoke the specified custom authorizer for testing purposes.
---
---
-module Network.AWS.IoT.TestInvokeAuthorizer
-    (
-    -- * Creating a Request
-      testInvokeAuthorizer
-    , TestInvokeAuthorizer
-    -- * Request Lenses
-    , tiaAuthorizerName
-    , tiaToken
-    , tiaTokenSignature
-
-    -- * Destructuring the Response
-    , testInvokeAuthorizerResponse
-    , TestInvokeAuthorizerResponse
-    -- * Response Lenses
-    , tiarsPolicyDocuments
-    , tiarsPrincipalId
-    , tiarsDisconnectAfterInSeconds
-    , tiarsIsAuthenticated
-    , tiarsRefreshAfterInSeconds
-    , tiarsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'testInvokeAuthorizer' smart constructor.
-data TestInvokeAuthorizer = TestInvokeAuthorizer'
-  { _tiaAuthorizerName :: !Text
-  , _tiaToken          :: !Text
-  , _tiaTokenSignature :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'TestInvokeAuthorizer' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'tiaAuthorizerName' - The custom authorizer name.
---
--- * 'tiaToken' - The token returned by your custom authentication service.
---
--- * 'tiaTokenSignature' - The signature made with the token and your custom authentication service's private key.
-testInvokeAuthorizer
-    :: Text -- ^ 'tiaAuthorizerName'
-    -> Text -- ^ 'tiaToken'
-    -> Text -- ^ 'tiaTokenSignature'
-    -> TestInvokeAuthorizer
-testInvokeAuthorizer pAuthorizerName_ pToken_ pTokenSignature_ =
-  TestInvokeAuthorizer'
-    { _tiaAuthorizerName = pAuthorizerName_
-    , _tiaToken = pToken_
-    , _tiaTokenSignature = pTokenSignature_
-    }
-
-
--- | The custom authorizer name.
-tiaAuthorizerName :: Lens' TestInvokeAuthorizer Text
-tiaAuthorizerName = lens _tiaAuthorizerName (\ s a -> s{_tiaAuthorizerName = a})
-
--- | The token returned by your custom authentication service.
-tiaToken :: Lens' TestInvokeAuthorizer Text
-tiaToken = lens _tiaToken (\ s a -> s{_tiaToken = a})
-
--- | The signature made with the token and your custom authentication service's private key.
-tiaTokenSignature :: Lens' TestInvokeAuthorizer Text
-tiaTokenSignature = lens _tiaTokenSignature (\ s a -> s{_tiaTokenSignature = a})
-
-instance AWSRequest TestInvokeAuthorizer where
-        type Rs TestInvokeAuthorizer =
-             TestInvokeAuthorizerResponse
-        request = postJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 TestInvokeAuthorizerResponse' <$>
-                   (x .?> "policyDocuments" .!@ mempty) <*>
-                     (x .?> "principalId")
-                     <*> (x .?> "disconnectAfterInSeconds")
-                     <*> (x .?> "isAuthenticated")
-                     <*> (x .?> "refreshAfterInSeconds")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable TestInvokeAuthorizer where
-
-instance NFData TestInvokeAuthorizer where
-
-instance ToHeaders TestInvokeAuthorizer where
-        toHeaders = const mempty
-
-instance ToJSON TestInvokeAuthorizer where
-        toJSON TestInvokeAuthorizer'{..}
-          = object
-              (catMaybes
-                 [Just ("token" .= _tiaToken),
-                  Just ("tokenSignature" .= _tiaTokenSignature)])
-
-instance ToPath TestInvokeAuthorizer where
-        toPath TestInvokeAuthorizer'{..}
-          = mconcat
-              ["/authorizer/", toBS _tiaAuthorizerName, "/test"]
-
-instance ToQuery TestInvokeAuthorizer where
-        toQuery = const mempty
-
--- | /See:/ 'testInvokeAuthorizerResponse' smart constructor.
-data TestInvokeAuthorizerResponse = TestInvokeAuthorizerResponse'
-  { _tiarsPolicyDocuments          :: !(Maybe [Text])
-  , _tiarsPrincipalId              :: !(Maybe Text)
-  , _tiarsDisconnectAfterInSeconds :: !(Maybe Int)
-  , _tiarsIsAuthenticated          :: !(Maybe Bool)
-  , _tiarsRefreshAfterInSeconds    :: !(Maybe Int)
-  , _tiarsResponseStatus           :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'TestInvokeAuthorizerResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'tiarsPolicyDocuments' - IAM policy documents.
---
--- * 'tiarsPrincipalId' - The principal ID.
---
--- * 'tiarsDisconnectAfterInSeconds' - The number of seconds after which the connection is terminated.
---
--- * 'tiarsIsAuthenticated' - True if the token is authenticated, otherwise false.
---
--- * 'tiarsRefreshAfterInSeconds' - The number of seconds after which the temporary credentials are refreshed.
---
--- * 'tiarsResponseStatus' - -- | The response status code.
-testInvokeAuthorizerResponse
-    :: Int -- ^ 'tiarsResponseStatus'
-    -> TestInvokeAuthorizerResponse
-testInvokeAuthorizerResponse pResponseStatus_ =
-  TestInvokeAuthorizerResponse'
-    { _tiarsPolicyDocuments = Nothing
-    , _tiarsPrincipalId = Nothing
-    , _tiarsDisconnectAfterInSeconds = Nothing
-    , _tiarsIsAuthenticated = Nothing
-    , _tiarsRefreshAfterInSeconds = Nothing
-    , _tiarsResponseStatus = pResponseStatus_
-    }
-
-
--- | IAM policy documents.
-tiarsPolicyDocuments :: Lens' TestInvokeAuthorizerResponse [Text]
-tiarsPolicyDocuments = lens _tiarsPolicyDocuments (\ s a -> s{_tiarsPolicyDocuments = a}) . _Default . _Coerce
-
--- | The principal ID.
-tiarsPrincipalId :: Lens' TestInvokeAuthorizerResponse (Maybe Text)
-tiarsPrincipalId = lens _tiarsPrincipalId (\ s a -> s{_tiarsPrincipalId = a})
-
--- | The number of seconds after which the connection is terminated.
-tiarsDisconnectAfterInSeconds :: Lens' TestInvokeAuthorizerResponse (Maybe Int)
-tiarsDisconnectAfterInSeconds = lens _tiarsDisconnectAfterInSeconds (\ s a -> s{_tiarsDisconnectAfterInSeconds = a})
-
--- | True if the token is authenticated, otherwise false.
-tiarsIsAuthenticated :: Lens' TestInvokeAuthorizerResponse (Maybe Bool)
-tiarsIsAuthenticated = lens _tiarsIsAuthenticated (\ s a -> s{_tiarsIsAuthenticated = a})
-
--- | The number of seconds after which the temporary credentials are refreshed.
-tiarsRefreshAfterInSeconds :: Lens' TestInvokeAuthorizerResponse (Maybe Int)
-tiarsRefreshAfterInSeconds = lens _tiarsRefreshAfterInSeconds (\ s a -> s{_tiarsRefreshAfterInSeconds = a})
-
--- | -- | The response status code.
-tiarsResponseStatus :: Lens' TestInvokeAuthorizerResponse Int
-tiarsResponseStatus = lens _tiarsResponseStatus (\ s a -> s{_tiarsResponseStatus = a})
-
-instance NFData TestInvokeAuthorizerResponse where
diff --git a/gen/Network/AWS/IoT/TransferCertificate.hs b/gen/Network/AWS/IoT/TransferCertificate.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/TransferCertificate.hs
+++ /dev/null
@@ -1,171 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.TransferCertificate
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Transfers the specified certificate to the specified AWS account.
---
---
--- You can cancel the transfer until it is acknowledged by the recipient.
---
--- No notification is sent to the transfer destination's account. It is up to the caller to notify the transfer target.
---
--- The certificate being transferred must not be in the ACTIVE state. You can use the UpdateCertificate API to deactivate it.
---
--- The certificate must not have any policies attached to it. You can use the DetachPrincipalPolicy API to detach them.
---
-module Network.AWS.IoT.TransferCertificate
-    (
-    -- * Creating a Request
-      transferCertificate
-    , TransferCertificate
-    -- * Request Lenses
-    , tcTransferMessage
-    , tcCertificateId
-    , tcTargetAWSAccount
-
-    -- * Destructuring the Response
-    , transferCertificateResponse
-    , TransferCertificateResponse
-    -- * Response Lenses
-    , tcrsTransferredCertificateARN
-    , tcrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the TransferCertificate operation.
---
---
---
--- /See:/ 'transferCertificate' smart constructor.
-data TransferCertificate = TransferCertificate'
-  { _tcTransferMessage  :: !(Maybe Text)
-  , _tcCertificateId    :: !Text
-  , _tcTargetAWSAccount :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'TransferCertificate' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'tcTransferMessage' - The transfer message.
---
--- * 'tcCertificateId' - The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.)
---
--- * 'tcTargetAWSAccount' - The AWS account.
-transferCertificate
-    :: Text -- ^ 'tcCertificateId'
-    -> Text -- ^ 'tcTargetAWSAccount'
-    -> TransferCertificate
-transferCertificate pCertificateId_ pTargetAWSAccount_ =
-  TransferCertificate'
-    { _tcTransferMessage = Nothing
-    , _tcCertificateId = pCertificateId_
-    , _tcTargetAWSAccount = pTargetAWSAccount_
-    }
-
-
--- | The transfer message.
-tcTransferMessage :: Lens' TransferCertificate (Maybe Text)
-tcTransferMessage = lens _tcTransferMessage (\ s a -> s{_tcTransferMessage = a})
-
--- | The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.)
-tcCertificateId :: Lens' TransferCertificate Text
-tcCertificateId = lens _tcCertificateId (\ s a -> s{_tcCertificateId = a})
-
--- | The AWS account.
-tcTargetAWSAccount :: Lens' TransferCertificate Text
-tcTargetAWSAccount = lens _tcTargetAWSAccount (\ s a -> s{_tcTargetAWSAccount = a})
-
-instance AWSRequest TransferCertificate where
-        type Rs TransferCertificate =
-             TransferCertificateResponse
-        request = patchJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 TransferCertificateResponse' <$>
-                   (x .?> "transferredCertificateArn") <*>
-                     (pure (fromEnum s)))
-
-instance Hashable TransferCertificate where
-
-instance NFData TransferCertificate where
-
-instance ToHeaders TransferCertificate where
-        toHeaders = const mempty
-
-instance ToJSON TransferCertificate where
-        toJSON TransferCertificate'{..}
-          = object
-              (catMaybes
-                 [("transferMessage" .=) <$> _tcTransferMessage])
-
-instance ToPath TransferCertificate where
-        toPath TransferCertificate'{..}
-          = mconcat
-              ["/transfer-certificate/", toBS _tcCertificateId]
-
-instance ToQuery TransferCertificate where
-        toQuery TransferCertificate'{..}
-          = mconcat ["targetAwsAccount" =: _tcTargetAWSAccount]
-
--- | The output from the TransferCertificate operation.
---
---
---
--- /See:/ 'transferCertificateResponse' smart constructor.
-data TransferCertificateResponse = TransferCertificateResponse'
-  { _tcrsTransferredCertificateARN :: !(Maybe Text)
-  , _tcrsResponseStatus            :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'TransferCertificateResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'tcrsTransferredCertificateARN' - The ARN of the certificate.
---
--- * 'tcrsResponseStatus' - -- | The response status code.
-transferCertificateResponse
-    :: Int -- ^ 'tcrsResponseStatus'
-    -> TransferCertificateResponse
-transferCertificateResponse pResponseStatus_ =
-  TransferCertificateResponse'
-    { _tcrsTransferredCertificateARN = Nothing
-    , _tcrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The ARN of the certificate.
-tcrsTransferredCertificateARN :: Lens' TransferCertificateResponse (Maybe Text)
-tcrsTransferredCertificateARN = lens _tcrsTransferredCertificateARN (\ s a -> s{_tcrsTransferredCertificateARN = a})
-
--- | -- | The response status code.
-tcrsResponseStatus :: Lens' TransferCertificateResponse Int
-tcrsResponseStatus = lens _tcrsResponseStatus (\ s a -> s{_tcrsResponseStatus = a})
-
-instance NFData TransferCertificateResponse where
diff --git a/gen/Network/AWS/IoT/Types.hs b/gen/Network/AWS/IoT/Types.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/Types.hs
+++ /dev/null
@@ -1,968 +0,0 @@
-{-# LANGUAGE OverloadedStrings #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.Types
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
-module Network.AWS.IoT.Types
-    (
-    -- * Service Configuration
-      ioT
-
-    -- * Errors
-    , _CertificateConflictException
-    , _SqlParseException
-    , _IndexNotReadyException
-    , _InvalidRequestException
-    , _TransferConflictException
-    , _CertificateStateException
-    , _InvalidResponseException
-    , _RegistrationCodeValidationException
-    , _MalformedPolicyException
-    , _DeleteConflictException
-    , _ResourceAlreadyExistsException
-    , _NotConfiguredException
-    , _CertificateValidationException
-    , _ResourceRegistrationFailureException
-    , _InvalidQueryException
-    , _TransferAlreadyCompletedException
-    , _ThrottlingException
-    , _ConflictingResourceUpdateException
-    , _InternalFailureException
-    , _VersionsLimitExceededException
-    , _ServiceUnavailableException
-    , _InternalException
-    , _VersionConflictException
-    , _UnauthorizedException
-    , _ResourceNotFoundException
-    , _LimitExceededException
-
-    -- * ActionType
-    , ActionType (..)
-
-    -- * AuthDecision
-    , AuthDecision (..)
-
-    -- * AuthorizerStatus
-    , AuthorizerStatus (..)
-
-    -- * AutoRegistrationStatus
-    , AutoRegistrationStatus (..)
-
-    -- * CACertificateStatus
-    , CACertificateStatus (..)
-
-    -- * CannedAccessControlList
-    , CannedAccessControlList (..)
-
-    -- * CertificateStatus
-    , CertificateStatus (..)
-
-    -- * DynamoKeyType
-    , DynamoKeyType (..)
-
-    -- * EventType
-    , EventType (..)
-
-    -- * IndexStatus
-    , IndexStatus (..)
-
-    -- * JobExecutionStatus
-    , JobExecutionStatus (..)
-
-    -- * JobStatus
-    , JobStatus (..)
-
-    -- * LogLevel
-    , LogLevel (..)
-
-    -- * LogTargetType
-    , LogTargetType (..)
-
-    -- * MessageFormat
-    , MessageFormat (..)
-
-    -- * OTAUpdateStatus
-    , OTAUpdateStatus (..)
-
-    -- * ReportType
-    , ReportType (..)
-
-    -- * TargetSelection
-    , TargetSelection (..)
-
-    -- * TaskStatus
-    , TaskStatus (..)
-
-    -- * ThingIndexingMode
-    , ThingIndexingMode (..)
-
-    -- * Action
-    , Action
-    , action
-    , aCloudwatchMetric
-    , aDynamoDBv2
-    , aCloudwatchAlarm
-    , aSns
-    , aDynamoDB
-    , aFirehose
-    , aIotAnalytics
-    , aLambda
-    , aSalesforce
-    , aKinesis
-    , aS3
-    , aElasticsearch
-    , aRepublish
-    , aSqs
-
-    -- * Allowed
-    , Allowed
-    , allowed
-    , aPolicies
-
-    -- * AttributePayload
-    , AttributePayload
-    , attributePayload
-    , apAttributes
-    , apMerge
-
-    -- * AuthInfo
-    , AuthInfo
-    , authInfo
-    , aiResources
-    , aiActionType
-
-    -- * AuthResult
-    , AuthResult
-    , authResult
-    , arDenied
-    , arAuthDecision
-    , arAllowed
-    , arMissingContextValues
-    , arAuthInfo
-
-    -- * AuthorizerDescription
-    , AuthorizerDescription
-    , authorizerDescription
-    , adStatus
-    , adLastModifiedDate
-    , adAuthorizerName
-    , adAuthorizerFunctionARN
-    , adAuthorizerARN
-    , adCreationDate
-    , adTokenSigningPublicKeys
-    , adTokenKeyName
-
-    -- * AuthorizerSummary
-    , AuthorizerSummary
-    , authorizerSummary
-    , asAuthorizerName
-    , asAuthorizerARN
-
-    -- * CACertificate
-    , CACertificate
-    , cACertificate
-    , cacStatus
-    , cacCertificateARN
-    , cacCertificateId
-    , cacCreationDate
-
-    -- * CACertificateDescription
-    , CACertificateDescription
-    , cACertificateDescription
-    , cacdStatus
-    , cacdOwnedBy
-    , cacdLastModifiedDate
-    , cacdCertificatePem
-    , cacdCertificateARN
-    , cacdCertificateId
-    , cacdAutoRegistrationStatus
-    , cacdCreationDate
-    , cacdGenerationId
-    , cacdCustomerVersion
-
-    -- * Certificate
-    , Certificate
-    , certificate
-    , cStatus
-    , cCertificateARN
-    , cCertificateId
-    , cCreationDate
-
-    -- * CertificateDescription
-    , CertificateDescription
-    , certificateDescription
-    , cdStatus
-    , cdOwnedBy
-    , cdLastModifiedDate
-    , cdCaCertificateId
-    , cdPreviousOwnedBy
-    , cdCertificatePem
-    , cdCertificateARN
-    , cdCertificateId
-    , cdCreationDate
-    , cdGenerationId
-    , cdTransferData
-    , cdCustomerVersion
-
-    -- * CloudwatchAlarmAction
-    , CloudwatchAlarmAction
-    , cloudwatchAlarmAction
-    , caaRoleARN
-    , caaAlarmName
-    , caaStateReason
-    , caaStateValue
-
-    -- * CloudwatchMetricAction
-    , CloudwatchMetricAction
-    , cloudwatchMetricAction
-    , cmaMetricTimestamp
-    , cmaRoleARN
-    , cmaMetricNamespace
-    , cmaMetricName
-    , cmaMetricValue
-    , cmaMetricUnit
-
-    -- * CodeSigning
-    , CodeSigning
-    , codeSigning
-    , csCustomCodeSigning
-    , csAwsSignerJobId
-
-    -- * CodeSigningCertificateChain
-    , CodeSigningCertificateChain
-    , codeSigningCertificateChain
-    , csccStream
-    , csccCertificateName
-    , csccInlineDocument
-
-    -- * CodeSigningSignature
-    , CodeSigningSignature
-    , codeSigningSignature
-    , cssStream
-    , cssInlineDocument
-
-    -- * Configuration
-    , Configuration
-    , configuration
-    , cEnabled
-
-    -- * CustomCodeSigning
-    , CustomCodeSigning
-    , customCodeSigning
-    , ccsSignature
-    , ccsHashAlgorithm
-    , ccsCertificateChain
-    , ccsSignatureAlgorithm
-
-    -- * Denied
-    , Denied
-    , denied
-    , dImplicitDeny
-    , dExplicitDeny
-
-    -- * DynamoDBAction
-    , DynamoDBAction
-    , dynamoDBAction
-    , ddbaHashKeyType
-    , ddbaOperation
-    , ddbaRangeKeyType
-    , ddbaPayloadField
-    , ddbaRangeKeyField
-    , ddbaRangeKeyValue
-    , ddbaTableName
-    , ddbaRoleARN
-    , ddbaHashKeyField
-    , ddbaHashKeyValue
-
-    -- * DynamoDBv2Action
-    , DynamoDBv2Action
-    , dynamoDBv2Action
-    , ddaPutItem
-    , ddaRoleARN
-
-    -- * EffectivePolicy
-    , EffectivePolicy
-    , effectivePolicy
-    , epPolicyName
-    , epPolicyDocument
-    , epPolicyARN
-
-    -- * ElasticsearchAction
-    , ElasticsearchAction
-    , elasticsearchAction
-    , eaRoleARN
-    , eaEndpoint
-    , eaIndex
-    , eaType
-    , eaId
-
-    -- * ErrorInfo
-    , ErrorInfo
-    , errorInfo
-    , eiCode
-    , eiMessage
-
-    -- * ExplicitDeny
-    , ExplicitDeny
-    , explicitDeny
-    , edPolicies
-
-    -- * FirehoseAction
-    , FirehoseAction
-    , firehoseAction
-    , faSeparator
-    , faRoleARN
-    , faDeliveryStreamName
-
-    -- * GroupNameAndARN
-    , GroupNameAndARN
-    , groupNameAndARN
-    , gnaaGroupARN
-    , gnaaGroupName
-
-    -- * ImplicitDeny
-    , ImplicitDeny
-    , implicitDeny
-    , idPolicies
-
-    -- * IotAnalyticsAction
-    , IotAnalyticsAction
-    , iotAnalyticsAction
-    , iaaChannelARN
-    , iaaChannelName
-    , iaaRoleARN
-
-    -- * Job
-    , Job
-    , job
-    , jobStatus
-    , jobJobExecutionsRolloutConfig
-    , jobJobId
-    , jobLastUpdatedAt
-    , jobJobARN
-    , jobCreatedAt
-    , jobDocumentParameters
-    , jobJobProcessDetails
-    , jobPresignedURLConfig
-    , jobTargets
-    , jobCompletedAt
-    , jobComment
-    , jobDescription
-    , jobTargetSelection
-
-    -- * JobExecution
-    , JobExecution
-    , jobExecution
-    , jeStatus
-    , jeJobId
-    , jeLastUpdatedAt
-    , jeQueuedAt
-    , jeStatusDetails
-    , jeThingARN
-    , jeExecutionNumber
-    , jeStartedAt
-
-    -- * JobExecutionStatusDetails
-    , JobExecutionStatusDetails
-    , jobExecutionStatusDetails
-    , jesdDetailsMap
-
-    -- * JobExecutionSummary
-    , JobExecutionSummary
-    , jobExecutionSummary
-    , jesStatus
-    , jesLastUpdatedAt
-    , jesQueuedAt
-    , jesExecutionNumber
-    , jesStartedAt
-
-    -- * JobExecutionSummaryForJob
-    , JobExecutionSummaryForJob
-    , jobExecutionSummaryForJob
-    , jesfjJobExecutionSummary
-    , jesfjThingARN
-
-    -- * JobExecutionSummaryForThing
-    , JobExecutionSummaryForThing
-    , jobExecutionSummaryForThing
-    , jesftJobId
-    , jesftJobExecutionSummary
-
-    -- * JobExecutionsRolloutConfig
-    , JobExecutionsRolloutConfig
-    , jobExecutionsRolloutConfig
-    , jercMaximumPerMinute
-
-    -- * JobProcessDetails
-    , JobProcessDetails
-    , jobProcessDetails
-    , jpdNumberOfRemovedThings
-    , jpdNumberOfQueuedThings
-    , jpdNumberOfFailedThings
-    , jpdNumberOfSucceededThings
-    , jpdNumberOfInProgressThings
-    , jpdNumberOfCanceledThings
-    , jpdNumberOfRejectedThings
-    , jpdProcessingTargets
-
-    -- * JobSummary
-    , JobSummary
-    , jobSummary
-    , jsStatus
-    , jsJobId
-    , jsLastUpdatedAt
-    , jsJobARN
-    , jsCreatedAt
-    , jsThingGroupId
-    , jsCompletedAt
-    , jsTargetSelection
-
-    -- * KeyPair
-    , KeyPair
-    , keyPair
-    , kpPrivateKey
-    , kpPublicKey
-
-    -- * KinesisAction
-    , KinesisAction
-    , kinesisAction
-    , kaPartitionKey
-    , kaRoleARN
-    , kaStreamName
-
-    -- * LambdaAction
-    , LambdaAction
-    , lambdaAction
-    , laFunctionARN
-
-    -- * LogTarget
-    , LogTarget
-    , logTarget
-    , ltTargetName
-    , ltTargetType
-
-    -- * LogTargetConfiguration
-    , LogTargetConfiguration
-    , logTargetConfiguration
-    , ltcLogLevel
-    , ltcLogTarget
-
-    -- * LoggingOptionsPayload
-    , LoggingOptionsPayload
-    , loggingOptionsPayload
-    , lopLogLevel
-    , lopRoleARN
-
-    -- * OTAUpdateFile
-    , OTAUpdateFile
-    , oTAUpdateFile
-    , otaufFileVersion
-    , otaufAttributes
-    , otaufFileSource
-    , otaufCodeSigning
-    , otaufFileName
-
-    -- * OTAUpdateInfo
-    , OTAUpdateInfo
-    , oTAUpdateInfo
-    , otauiLastModifiedDate
-    , otauiAwsIotJobId
-    , otauiOtaUpdateFiles
-    , otauiOtaUpdateStatus
-    , otauiTargets
-    , otauiAwsIotJobARN
-    , otauiCreationDate
-    , otauiAdditionalParameters
-    , otauiOtaUpdateId
-    , otauiErrorInfo
-    , otauiOtaUpdateARN
-    , otauiDescription
-    , otauiTargetSelection
-
-    -- * OTAUpdateSummary
-    , OTAUpdateSummary
-    , oTAUpdateSummary
-    , otausCreationDate
-    , otausOtaUpdateId
-    , otausOtaUpdateARN
-
-    -- * OutgoingCertificate
-    , OutgoingCertificate
-    , outgoingCertificate
-    , ocTransferDate
-    , ocCertificateARN
-    , ocCertificateId
-    , ocTransferredTo
-    , ocCreationDate
-    , ocTransferMessage
-
-    -- * Policy
-    , Policy
-    , policy
-    , pPolicyName
-    , pPolicyARN
-
-    -- * PolicyVersion
-    , PolicyVersion
-    , policyVersion
-    , pvVersionId
-    , pvCreateDate
-    , pvIsDefaultVersion
-
-    -- * PresignedURLConfig
-    , PresignedURLConfig
-    , presignedURLConfig
-    , pucExpiresInSec
-    , pucRoleARN
-
-    -- * PutItemInput
-    , PutItemInput
-    , putItemInput
-    , piiTableName
-
-    -- * RegistrationConfig
-    , RegistrationConfig
-    , registrationConfig
-    , rcTemplateBody
-    , rcRoleARN
-
-    -- * RepublishAction
-    , RepublishAction
-    , republishAction
-    , raRoleARN
-    , raTopic
-
-    -- * RoleAliasDescription
-    , RoleAliasDescription
-    , roleAliasDescription
-    , radRoleAliasARN
-    , radLastModifiedDate
-    , radRoleAlias
-    , radOwner
-    , radCreationDate
-    , radCredentialDurationSeconds
-    , radRoleARN
-
-    -- * S3Action
-    , S3Action
-    , s3Action
-    , sCannedACL
-    , sRoleARN
-    , sBucketName
-    , sKey
-
-    -- * S3Location
-    , S3Location
-    , s3Location
-    , slVersion
-    , slBucket
-    , slKey
-
-    -- * SNSAction
-    , SNSAction
-    , snsAction
-    , snsaMessageFormat
-    , snsaTargetARN
-    , snsaRoleARN
-
-    -- * SalesforceAction
-    , SalesforceAction
-    , salesforceAction
-    , saToken
-    , saUrl
-
-    -- * SqsAction
-    , SqsAction
-    , sqsAction
-    , saUseBase64
-    , saRoleARN
-    , saQueueURL
-
-    -- * Stream
-    , Stream
-    , stream
-    , sFileId
-    , sStreamId
-
-    -- * StreamFile
-    , StreamFile
-    , streamFile
-    , sfS3Location
-    , sfFileId
-
-    -- * StreamInfo
-    , StreamInfo
-    , streamInfo
-    , siLastUpdatedAt
-    , siCreatedAt
-    , siStreamVersion
-    , siStreamARN
-    , siFiles
-    , siDescription
-    , siStreamId
-    , siRoleARN
-
-    -- * StreamSummary
-    , StreamSummary
-    , streamSummary
-    , ssStreamVersion
-    , ssStreamARN
-    , ssDescription
-    , ssStreamId
-
-    -- * ThingAttribute
-    , ThingAttribute
-    , thingAttribute
-    , taThingTypeName
-    , taThingARN
-    , taAttributes
-    , taVersion
-    , taThingName
-
-    -- * ThingDocument
-    , ThingDocument
-    , thingDocument
-    , tdThingGroupNames
-    , tdThingTypeName
-    , tdShadow
-    , tdAttributes
-    , tdThingName
-    , tdThingId
-
-    -- * ThingGroupMetadata
-    , ThingGroupMetadata
-    , thingGroupMetadata
-    , tgmRootToParentThingGroups
-    , tgmParentGroupName
-    , tgmCreationDate
-
-    -- * ThingGroupProperties
-    , ThingGroupProperties
-    , thingGroupProperties
-    , tgpAttributePayload
-    , tgpThingGroupDescription
-
-    -- * ThingIndexingConfiguration
-    , ThingIndexingConfiguration
-    , thingIndexingConfiguration
-    , ticThingIndexingMode
-
-    -- * ThingTypeDefinition
-    , ThingTypeDefinition
-    , thingTypeDefinition
-    , ttdThingTypeProperties
-    , ttdThingTypeName
-    , ttdThingTypeMetadata
-    , ttdThingTypeARN
-
-    -- * ThingTypeMetadata
-    , ThingTypeMetadata
-    , thingTypeMetadata
-    , ttmDeprecationDate
-    , ttmCreationDate
-    , ttmDeprecated
-
-    -- * ThingTypeProperties
-    , ThingTypeProperties
-    , thingTypeProperties
-    , ttpSearchableAttributes
-    , ttpThingTypeDescription
-
-    -- * TopicRule
-    , TopicRule
-    , topicRule
-    , trCreatedAt
-    , trActions
-    , trAwsIotSqlVersion
-    , trErrorAction
-    , trRuleDisabled
-    , trRuleName
-    , trSql
-    , trDescription
-
-    -- * TopicRuleListItem
-    , TopicRuleListItem
-    , topicRuleListItem
-    , trliCreatedAt
-    , trliRuleDisabled
-    , trliRuleName
-    , trliRuleARN
-    , trliTopicPattern
-
-    -- * TopicRulePayload
-    , TopicRulePayload
-    , topicRulePayload
-    , trpAwsIotSqlVersion
-    , trpErrorAction
-    , trpRuleDisabled
-    , trpDescription
-    , trpSql
-    , trpActions
-
-    -- * TransferData
-    , TransferData
-    , transferData
-    , tdTransferDate
-    , tdAcceptDate
-    , tdTransferMessage
-    , tdRejectDate
-    , tdRejectReason
-    ) where
-
-import Network.AWS.IoT.Types.Product
-import Network.AWS.IoT.Types.Sum
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Sign.V4
-
--- | API version @2015-05-28@ of the Amazon IoT SDK configuration.
-ioT :: Service
-ioT =
-  Service
-    { _svcAbbrev = "IoT"
-    , _svcSigner = v4
-    , _svcPrefix = "iot"
-    , _svcVersion = "2015-05-28"
-    , _svcEndpoint = defaultEndpoint ioT
-    , _svcTimeout = Just 70
-    , _svcCheck = statusSuccess
-    , _svcError = parseJSONError "IoT"
-    , _svcRetry = retry
-    }
-  where
-    retry =
-      Exponential
-        { _retryBase = 5.0e-2
-        , _retryGrowth = 2
-        , _retryAttempts = 5
-        , _retryCheck = check
-        }
-    check e
-      | has (hasCode "ThrottledException" . hasStatus 400) e =
-        Just "throttled_exception"
-      | has (hasStatus 429) e = Just "too_many_requests"
-      | has (hasCode "ThrottlingException" . hasStatus 400) e =
-        Just "throttling_exception"
-      | has (hasCode "Throttling" . hasStatus 400) e = Just "throttling"
-      | has (hasStatus 504) e = Just "gateway_timeout"
-      | has (hasCode "RequestThrottledException" . hasStatus 400) e =
-        Just "request_throttled_exception"
-      | has (hasStatus 502) e = Just "bad_gateway"
-      | has (hasStatus 503) e = Just "service_unavailable"
-      | has (hasStatus 500) e = Just "general_server_error"
-      | has (hasStatus 509) e = Just "limit_exceeded"
-      | otherwise = Nothing
-
-
--- | Unable to verify the CA certificate used to sign the device certificate you are attempting to register. This is happens when you have registered more than one CA certificate that has the same subject field and public key.
---
---
-_CertificateConflictException :: AsError a => Getting (First ServiceError) a ServiceError
-_CertificateConflictException =
-  _MatchServiceError ioT "CertificateConflictException" . hasStatus 409
-
-
--- | The Rule-SQL expression can't be parsed correctly.
---
---
-_SqlParseException :: AsError a => Getting (First ServiceError) a ServiceError
-_SqlParseException = _MatchServiceError ioT "SqlParseException" . hasStatus 400
-
-
--- | The index is not ready.
---
---
-_IndexNotReadyException :: AsError a => Getting (First ServiceError) a ServiceError
-_IndexNotReadyException =
-  _MatchServiceError ioT "IndexNotReadyException" . hasStatus 400
-
-
--- | The request is not valid.
---
---
-_InvalidRequestException :: AsError a => Getting (First ServiceError) a ServiceError
-_InvalidRequestException =
-  _MatchServiceError ioT "InvalidRequestException" . hasStatus 400
-
-
--- | You can't transfer the certificate because authorization policies are still attached.
---
---
-_TransferConflictException :: AsError a => Getting (First ServiceError) a ServiceError
-_TransferConflictException =
-  _MatchServiceError ioT "TransferConflictException" . hasStatus 409
-
-
--- | The certificate operation is not allowed.
---
---
-_CertificateStateException :: AsError a => Getting (First ServiceError) a ServiceError
-_CertificateStateException =
-  _MatchServiceError ioT "CertificateStateException" . hasStatus 406
-
-
--- | The response is invalid.
---
---
-_InvalidResponseException :: AsError a => Getting (First ServiceError) a ServiceError
-_InvalidResponseException =
-  _MatchServiceError ioT "InvalidResponseException" . hasStatus 400
-
-
--- | The registration code is invalid.
---
---
-_RegistrationCodeValidationException :: AsError a => Getting (First ServiceError) a ServiceError
-_RegistrationCodeValidationException =
-  _MatchServiceError ioT "RegistrationCodeValidationException" . hasStatus 400
-
-
--- | The policy documentation is not valid.
---
---
-_MalformedPolicyException :: AsError a => Getting (First ServiceError) a ServiceError
-_MalformedPolicyException =
-  _MatchServiceError ioT "MalformedPolicyException" . hasStatus 400
-
-
--- | You can't delete the resource because it is attached to one or more resources.
---
---
-_DeleteConflictException :: AsError a => Getting (First ServiceError) a ServiceError
-_DeleteConflictException =
-  _MatchServiceError ioT "DeleteConflictException" . hasStatus 409
-
-
--- | The resource already exists.
---
---
-_ResourceAlreadyExistsException :: AsError a => Getting (First ServiceError) a ServiceError
-_ResourceAlreadyExistsException =
-  _MatchServiceError ioT "ResourceAlreadyExistsException" . hasStatus 409
-
-
--- | The resource is not configured.
---
---
-_NotConfiguredException :: AsError a => Getting (First ServiceError) a ServiceError
-_NotConfiguredException =
-  _MatchServiceError ioT "NotConfiguredException" . hasStatus 404
-
-
--- | The certificate is invalid.
---
---
-_CertificateValidationException :: AsError a => Getting (First ServiceError) a ServiceError
-_CertificateValidationException =
-  _MatchServiceError ioT "CertificateValidationException" . hasStatus 400
-
-
--- | The resource registration failed.
---
---
-_ResourceRegistrationFailureException :: AsError a => Getting (First ServiceError) a ServiceError
-_ResourceRegistrationFailureException =
-  _MatchServiceError ioT "ResourceRegistrationFailureException" . hasStatus 400
-
-
--- | The query is invalid.
---
---
-_InvalidQueryException :: AsError a => Getting (First ServiceError) a ServiceError
-_InvalidQueryException =
-  _MatchServiceError ioT "InvalidQueryException" . hasStatus 400
-
-
--- | You can't revert the certificate transfer because the transfer is already complete.
---
---
-_TransferAlreadyCompletedException :: AsError a => Getting (First ServiceError) a ServiceError
-_TransferAlreadyCompletedException =
-  _MatchServiceError ioT "TransferAlreadyCompletedException" . hasStatus 410
-
-
--- | The rate exceeds the limit.
---
---
-_ThrottlingException :: AsError a => Getting (First ServiceError) a ServiceError
-_ThrottlingException =
-  _MatchServiceError ioT "ThrottlingException" . hasStatus 429
-
-
--- | A conflicting resource update exception. This exception is thrown when two pending updates cause a conflict.
---
---
-_ConflictingResourceUpdateException :: AsError a => Getting (First ServiceError) a ServiceError
-_ConflictingResourceUpdateException =
-  _MatchServiceError ioT "ConflictingResourceUpdateException" . hasStatus 409
-
-
--- | An unexpected error has occurred.
---
---
-_InternalFailureException :: AsError a => Getting (First ServiceError) a ServiceError
-_InternalFailureException =
-  _MatchServiceError ioT "InternalFailureException" . hasStatus 500
-
-
--- | The number of policy versions exceeds the limit.
---
---
-_VersionsLimitExceededException :: AsError a => Getting (First ServiceError) a ServiceError
-_VersionsLimitExceededException =
-  _MatchServiceError ioT "VersionsLimitExceededException" . hasStatus 409
-
-
--- | The service is temporarily unavailable.
---
---
-_ServiceUnavailableException :: AsError a => Getting (First ServiceError) a ServiceError
-_ServiceUnavailableException =
-  _MatchServiceError ioT "ServiceUnavailableException" . hasStatus 503
-
-
--- | An unexpected error has occurred.
---
---
-_InternalException :: AsError a => Getting (First ServiceError) a ServiceError
-_InternalException = _MatchServiceError ioT "InternalException" . hasStatus 500
-
-
--- | An exception thrown when the version of a thing passed to a command is different than the version specified with the --version parameter.
---
---
-_VersionConflictException :: AsError a => Getting (First ServiceError) a ServiceError
-_VersionConflictException =
-  _MatchServiceError ioT "VersionConflictException" . hasStatus 409
-
-
--- | You are not authorized to perform this operation.
---
---
-_UnauthorizedException :: AsError a => Getting (First ServiceError) a ServiceError
-_UnauthorizedException =
-  _MatchServiceError ioT "UnauthorizedException" . hasStatus 401
-
-
--- | The specified resource does not exist.
---
---
-_ResourceNotFoundException :: AsError a => Getting (First ServiceError) a ServiceError
-_ResourceNotFoundException =
-  _MatchServiceError ioT "ResourceNotFoundException" . hasStatus 404
-
-
--- | The number of attached entities exceeds the limit.
---
---
-_LimitExceededException :: AsError a => Getting (First ServiceError) a ServiceError
-_LimitExceededException =
-  _MatchServiceError ioT "LimitExceededException" . hasStatus 410
-
diff --git a/gen/Network/AWS/IoT/Types/Product.hs b/gen/Network/AWS/IoT/Types/Product.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/Types/Product.hs
+++ /dev/null
@@ -1,5147 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.Types.Product
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
-module Network.AWS.IoT.Types.Product where
-
-import Network.AWS.IoT.Types.Sum
-import Network.AWS.Lens
-import Network.AWS.Prelude
-
--- | Describes the actions associated with a rule.
---
---
---
--- /See:/ 'action' smart constructor.
-data Action = Action'
-  { _aCloudwatchMetric :: !(Maybe CloudwatchMetricAction)
-  , _aDynamoDBv2       :: !(Maybe DynamoDBv2Action)
-  , _aCloudwatchAlarm  :: !(Maybe CloudwatchAlarmAction)
-  , _aSns              :: !(Maybe SNSAction)
-  , _aDynamoDB         :: !(Maybe DynamoDBAction)
-  , _aFirehose         :: !(Maybe FirehoseAction)
-  , _aIotAnalytics     :: !(Maybe IotAnalyticsAction)
-  , _aLambda           :: !(Maybe LambdaAction)
-  , _aSalesforce       :: !(Maybe SalesforceAction)
-  , _aKinesis          :: !(Maybe KinesisAction)
-  , _aS3               :: !(Maybe S3Action)
-  , _aElasticsearch    :: !(Maybe ElasticsearchAction)
-  , _aRepublish        :: !(Maybe RepublishAction)
-  , _aSqs              :: !(Maybe SqsAction)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'Action' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'aCloudwatchMetric' - Capture a CloudWatch metric.
---
--- * 'aDynamoDBv2' - Write to a DynamoDB table. This is a new version of the DynamoDB action. It allows you to write each attribute in an MQTT message payload into a separate DynamoDB column.
---
--- * 'aCloudwatchAlarm' - Change the state of a CloudWatch alarm.
---
--- * 'aSns' - Publish to an Amazon SNS topic.
---
--- * 'aDynamoDB' - Write to a DynamoDB table.
---
--- * 'aFirehose' - Write to an Amazon Kinesis Firehose stream.
---
--- * 'aIotAnalytics' - Sends message data to an AWS IoT Analytics channel.
---
--- * 'aLambda' - Invoke a Lambda function.
---
--- * 'aSalesforce' - Send a message to a Salesforce IoT Cloud Input Stream.
---
--- * 'aKinesis' - Write data to an Amazon Kinesis stream.
---
--- * 'aS3' - Write to an Amazon S3 bucket.
---
--- * 'aElasticsearch' - Write data to an Amazon Elasticsearch Service domain.
---
--- * 'aRepublish' - Publish to another MQTT topic.
---
--- * 'aSqs' - Publish to an Amazon SQS queue.
-action
-    :: Action
-action =
-  Action'
-    { _aCloudwatchMetric = Nothing
-    , _aDynamoDBv2 = Nothing
-    , _aCloudwatchAlarm = Nothing
-    , _aSns = Nothing
-    , _aDynamoDB = Nothing
-    , _aFirehose = Nothing
-    , _aIotAnalytics = Nothing
-    , _aLambda = Nothing
-    , _aSalesforce = Nothing
-    , _aKinesis = Nothing
-    , _aS3 = Nothing
-    , _aElasticsearch = Nothing
-    , _aRepublish = Nothing
-    , _aSqs = Nothing
-    }
-
-
--- | Capture a CloudWatch metric.
-aCloudwatchMetric :: Lens' Action (Maybe CloudwatchMetricAction)
-aCloudwatchMetric = lens _aCloudwatchMetric (\ s a -> s{_aCloudwatchMetric = a})
-
--- | Write to a DynamoDB table. This is a new version of the DynamoDB action. It allows you to write each attribute in an MQTT message payload into a separate DynamoDB column.
-aDynamoDBv2 :: Lens' Action (Maybe DynamoDBv2Action)
-aDynamoDBv2 = lens _aDynamoDBv2 (\ s a -> s{_aDynamoDBv2 = a})
-
--- | Change the state of a CloudWatch alarm.
-aCloudwatchAlarm :: Lens' Action (Maybe CloudwatchAlarmAction)
-aCloudwatchAlarm = lens _aCloudwatchAlarm (\ s a -> s{_aCloudwatchAlarm = a})
-
--- | Publish to an Amazon SNS topic.
-aSns :: Lens' Action (Maybe SNSAction)
-aSns = lens _aSns (\ s a -> s{_aSns = a})
-
--- | Write to a DynamoDB table.
-aDynamoDB :: Lens' Action (Maybe DynamoDBAction)
-aDynamoDB = lens _aDynamoDB (\ s a -> s{_aDynamoDB = a})
-
--- | Write to an Amazon Kinesis Firehose stream.
-aFirehose :: Lens' Action (Maybe FirehoseAction)
-aFirehose = lens _aFirehose (\ s a -> s{_aFirehose = a})
-
--- | Sends message data to an AWS IoT Analytics channel.
-aIotAnalytics :: Lens' Action (Maybe IotAnalyticsAction)
-aIotAnalytics = lens _aIotAnalytics (\ s a -> s{_aIotAnalytics = a})
-
--- | Invoke a Lambda function.
-aLambda :: Lens' Action (Maybe LambdaAction)
-aLambda = lens _aLambda (\ s a -> s{_aLambda = a})
-
--- | Send a message to a Salesforce IoT Cloud Input Stream.
-aSalesforce :: Lens' Action (Maybe SalesforceAction)
-aSalesforce = lens _aSalesforce (\ s a -> s{_aSalesforce = a})
-
--- | Write data to an Amazon Kinesis stream.
-aKinesis :: Lens' Action (Maybe KinesisAction)
-aKinesis = lens _aKinesis (\ s a -> s{_aKinesis = a})
-
--- | Write to an Amazon S3 bucket.
-aS3 :: Lens' Action (Maybe S3Action)
-aS3 = lens _aS3 (\ s a -> s{_aS3 = a})
-
--- | Write data to an Amazon Elasticsearch Service domain.
-aElasticsearch :: Lens' Action (Maybe ElasticsearchAction)
-aElasticsearch = lens _aElasticsearch (\ s a -> s{_aElasticsearch = a})
-
--- | Publish to another MQTT topic.
-aRepublish :: Lens' Action (Maybe RepublishAction)
-aRepublish = lens _aRepublish (\ s a -> s{_aRepublish = a})
-
--- | Publish to an Amazon SQS queue.
-aSqs :: Lens' Action (Maybe SqsAction)
-aSqs = lens _aSqs (\ s a -> s{_aSqs = a})
-
-instance FromJSON Action where
-        parseJSON
-          = withObject "Action"
-              (\ x ->
-                 Action' <$>
-                   (x .:? "cloudwatchMetric") <*> (x .:? "dynamoDBv2")
-                     <*> (x .:? "cloudwatchAlarm")
-                     <*> (x .:? "sns")
-                     <*> (x .:? "dynamoDB")
-                     <*> (x .:? "firehose")
-                     <*> (x .:? "iotAnalytics")
-                     <*> (x .:? "lambda")
-                     <*> (x .:? "salesforce")
-                     <*> (x .:? "kinesis")
-                     <*> (x .:? "s3")
-                     <*> (x .:? "elasticsearch")
-                     <*> (x .:? "republish")
-                     <*> (x .:? "sqs"))
-
-instance Hashable Action where
-
-instance NFData Action where
-
-instance ToJSON Action where
-        toJSON Action'{..}
-          = object
-              (catMaybes
-                 [("cloudwatchMetric" .=) <$> _aCloudwatchMetric,
-                  ("dynamoDBv2" .=) <$> _aDynamoDBv2,
-                  ("cloudwatchAlarm" .=) <$> _aCloudwatchAlarm,
-                  ("sns" .=) <$> _aSns, ("dynamoDB" .=) <$> _aDynamoDB,
-                  ("firehose" .=) <$> _aFirehose,
-                  ("iotAnalytics" .=) <$> _aIotAnalytics,
-                  ("lambda" .=) <$> _aLambda,
-                  ("salesforce" .=) <$> _aSalesforce,
-                  ("kinesis" .=) <$> _aKinesis, ("s3" .=) <$> _aS3,
-                  ("elasticsearch" .=) <$> _aElasticsearch,
-                  ("republish" .=) <$> _aRepublish,
-                  ("sqs" .=) <$> _aSqs])
-
--- | Contains information that allowed the authorization.
---
---
---
--- /See:/ 'allowed' smart constructor.
-newtype Allowed = Allowed'
-  { _aPolicies :: Maybe [Policy]
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'Allowed' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'aPolicies' - A list of policies that allowed the authentication.
-allowed
-    :: Allowed
-allowed = Allowed' {_aPolicies = Nothing}
-
-
--- | A list of policies that allowed the authentication.
-aPolicies :: Lens' Allowed [Policy]
-aPolicies = lens _aPolicies (\ s a -> s{_aPolicies = a}) . _Default . _Coerce
-
-instance FromJSON Allowed where
-        parseJSON
-          = withObject "Allowed"
-              (\ x -> Allowed' <$> (x .:? "policies" .!= mempty))
-
-instance Hashable Allowed where
-
-instance NFData Allowed where
-
--- | The attribute payload.
---
---
---
--- /See:/ 'attributePayload' smart constructor.
-data AttributePayload = AttributePayload'
-  { _apAttributes :: !(Maybe (Map Text Text))
-  , _apMerge      :: !(Maybe Bool)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'AttributePayload' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'apAttributes' - A JSON string containing up to three key-value pair in JSON format. For example: @{\"attributes\":{\"string1\":\"string2\"}}@
---
--- * 'apMerge' - Specifies whether the list of attributes provided in the @AttributePayload@ is merged with the attributes stored in the registry, instead of overwriting them. To remove an attribute, call @UpdateThing@ with an empty attribute value.
-attributePayload
-    :: AttributePayload
-attributePayload =
-  AttributePayload' {_apAttributes = Nothing, _apMerge = Nothing}
-
-
--- | A JSON string containing up to three key-value pair in JSON format. For example: @{\"attributes\":{\"string1\":\"string2\"}}@
-apAttributes :: Lens' AttributePayload (HashMap Text Text)
-apAttributes = lens _apAttributes (\ s a -> s{_apAttributes = a}) . _Default . _Map
-
--- | Specifies whether the list of attributes provided in the @AttributePayload@ is merged with the attributes stored in the registry, instead of overwriting them. To remove an attribute, call @UpdateThing@ with an empty attribute value.
-apMerge :: Lens' AttributePayload (Maybe Bool)
-apMerge = lens _apMerge (\ s a -> s{_apMerge = a})
-
-instance FromJSON AttributePayload where
-        parseJSON
-          = withObject "AttributePayload"
-              (\ x ->
-                 AttributePayload' <$>
-                   (x .:? "attributes" .!= mempty) <*> (x .:? "merge"))
-
-instance Hashable AttributePayload where
-
-instance NFData AttributePayload where
-
-instance ToJSON AttributePayload where
-        toJSON AttributePayload'{..}
-          = object
-              (catMaybes
-                 [("attributes" .=) <$> _apAttributes,
-                  ("merge" .=) <$> _apMerge])
-
--- | A collection of authorization information.
---
---
---
--- /See:/ 'authInfo' smart constructor.
-data AuthInfo = AuthInfo'
-  { _aiResources  :: !(Maybe [Text])
-  , _aiActionType :: !(Maybe ActionType)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'AuthInfo' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'aiResources' - The resources for which the principal is being authorized to perform the specified action.
---
--- * 'aiActionType' - The type of action for which the principal is being authorized.
-authInfo
-    :: AuthInfo
-authInfo = AuthInfo' {_aiResources = Nothing, _aiActionType = Nothing}
-
-
--- | The resources for which the principal is being authorized to perform the specified action.
-aiResources :: Lens' AuthInfo [Text]
-aiResources = lens _aiResources (\ s a -> s{_aiResources = a}) . _Default . _Coerce
-
--- | The type of action for which the principal is being authorized.
-aiActionType :: Lens' AuthInfo (Maybe ActionType)
-aiActionType = lens _aiActionType (\ s a -> s{_aiActionType = a})
-
-instance FromJSON AuthInfo where
-        parseJSON
-          = withObject "AuthInfo"
-              (\ x ->
-                 AuthInfo' <$>
-                   (x .:? "resources" .!= mempty) <*>
-                     (x .:? "actionType"))
-
-instance Hashable AuthInfo where
-
-instance NFData AuthInfo where
-
-instance ToJSON AuthInfo where
-        toJSON AuthInfo'{..}
-          = object
-              (catMaybes
-                 [("resources" .=) <$> _aiResources,
-                  ("actionType" .=) <$> _aiActionType])
-
--- | The authorizer result.
---
---
---
--- /See:/ 'authResult' smart constructor.
-data AuthResult = AuthResult'
-  { _arDenied               :: !(Maybe Denied)
-  , _arAuthDecision         :: !(Maybe AuthDecision)
-  , _arAllowed              :: !(Maybe Allowed)
-  , _arMissingContextValues :: !(Maybe [Text])
-  , _arAuthInfo             :: !(Maybe AuthInfo)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'AuthResult' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'arDenied' - The policies and statements that denied the specified action.
---
--- * 'arAuthDecision' - The final authorization decision of this scenario. Multiple statements are taken into account when determining the authorization decision. An explicit deny statement can override multiple allow statements.
---
--- * 'arAllowed' - The policies and statements that allowed the specified action.
---
--- * 'arMissingContextValues' - Contains any missing context values found while evaluating policy.
---
--- * 'arAuthInfo' - Authorization information.
-authResult
-    :: AuthResult
-authResult =
-  AuthResult'
-    { _arDenied = Nothing
-    , _arAuthDecision = Nothing
-    , _arAllowed = Nothing
-    , _arMissingContextValues = Nothing
-    , _arAuthInfo = Nothing
-    }
-
-
--- | The policies and statements that denied the specified action.
-arDenied :: Lens' AuthResult (Maybe Denied)
-arDenied = lens _arDenied (\ s a -> s{_arDenied = a})
-
--- | The final authorization decision of this scenario. Multiple statements are taken into account when determining the authorization decision. An explicit deny statement can override multiple allow statements.
-arAuthDecision :: Lens' AuthResult (Maybe AuthDecision)
-arAuthDecision = lens _arAuthDecision (\ s a -> s{_arAuthDecision = a})
-
--- | The policies and statements that allowed the specified action.
-arAllowed :: Lens' AuthResult (Maybe Allowed)
-arAllowed = lens _arAllowed (\ s a -> s{_arAllowed = a})
-
--- | Contains any missing context values found while evaluating policy.
-arMissingContextValues :: Lens' AuthResult [Text]
-arMissingContextValues = lens _arMissingContextValues (\ s a -> s{_arMissingContextValues = a}) . _Default . _Coerce
-
--- | Authorization information.
-arAuthInfo :: Lens' AuthResult (Maybe AuthInfo)
-arAuthInfo = lens _arAuthInfo (\ s a -> s{_arAuthInfo = a})
-
-instance FromJSON AuthResult where
-        parseJSON
-          = withObject "AuthResult"
-              (\ x ->
-                 AuthResult' <$>
-                   (x .:? "denied") <*> (x .:? "authDecision") <*>
-                     (x .:? "allowed")
-                     <*> (x .:? "missingContextValues" .!= mempty)
-                     <*> (x .:? "authInfo"))
-
-instance Hashable AuthResult where
-
-instance NFData AuthResult where
-
--- | The authorizer description.
---
---
---
--- /See:/ 'authorizerDescription' smart constructor.
-data AuthorizerDescription = AuthorizerDescription'
-  { _adStatus                 :: !(Maybe AuthorizerStatus)
-  , _adLastModifiedDate       :: !(Maybe POSIX)
-  , _adAuthorizerName         :: !(Maybe Text)
-  , _adAuthorizerFunctionARN  :: !(Maybe Text)
-  , _adAuthorizerARN          :: !(Maybe Text)
-  , _adCreationDate           :: !(Maybe POSIX)
-  , _adTokenSigningPublicKeys :: !(Maybe (Map Text Text))
-  , _adTokenKeyName           :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'AuthorizerDescription' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'adStatus' - The status of the authorizer.
---
--- * 'adLastModifiedDate' - The UNIX timestamp of when the authorizer was last updated.
---
--- * 'adAuthorizerName' - The authorizer name.
---
--- * 'adAuthorizerFunctionARN' - The authorizer's Lambda function ARN.
---
--- * 'adAuthorizerARN' - The authorizer ARN.
---
--- * 'adCreationDate' - The UNIX timestamp of when the authorizer was created.
---
--- * 'adTokenSigningPublicKeys' - The public keys used to validate the token signature returned by your custom authentication service.
---
--- * 'adTokenKeyName' - The key used to extract the token from the HTTP headers.
-authorizerDescription
-    :: AuthorizerDescription
-authorizerDescription =
-  AuthorizerDescription'
-    { _adStatus = Nothing
-    , _adLastModifiedDate = Nothing
-    , _adAuthorizerName = Nothing
-    , _adAuthorizerFunctionARN = Nothing
-    , _adAuthorizerARN = Nothing
-    , _adCreationDate = Nothing
-    , _adTokenSigningPublicKeys = Nothing
-    , _adTokenKeyName = Nothing
-    }
-
-
--- | The status of the authorizer.
-adStatus :: Lens' AuthorizerDescription (Maybe AuthorizerStatus)
-adStatus = lens _adStatus (\ s a -> s{_adStatus = a})
-
--- | The UNIX timestamp of when the authorizer was last updated.
-adLastModifiedDate :: Lens' AuthorizerDescription (Maybe UTCTime)
-adLastModifiedDate = lens _adLastModifiedDate (\ s a -> s{_adLastModifiedDate = a}) . mapping _Time
-
--- | The authorizer name.
-adAuthorizerName :: Lens' AuthorizerDescription (Maybe Text)
-adAuthorizerName = lens _adAuthorizerName (\ s a -> s{_adAuthorizerName = a})
-
--- | The authorizer's Lambda function ARN.
-adAuthorizerFunctionARN :: Lens' AuthorizerDescription (Maybe Text)
-adAuthorizerFunctionARN = lens _adAuthorizerFunctionARN (\ s a -> s{_adAuthorizerFunctionARN = a})
-
--- | The authorizer ARN.
-adAuthorizerARN :: Lens' AuthorizerDescription (Maybe Text)
-adAuthorizerARN = lens _adAuthorizerARN (\ s a -> s{_adAuthorizerARN = a})
-
--- | The UNIX timestamp of when the authorizer was created.
-adCreationDate :: Lens' AuthorizerDescription (Maybe UTCTime)
-adCreationDate = lens _adCreationDate (\ s a -> s{_adCreationDate = a}) . mapping _Time
-
--- | The public keys used to validate the token signature returned by your custom authentication service.
-adTokenSigningPublicKeys :: Lens' AuthorizerDescription (HashMap Text Text)
-adTokenSigningPublicKeys = lens _adTokenSigningPublicKeys (\ s a -> s{_adTokenSigningPublicKeys = a}) . _Default . _Map
-
--- | The key used to extract the token from the HTTP headers.
-adTokenKeyName :: Lens' AuthorizerDescription (Maybe Text)
-adTokenKeyName = lens _adTokenKeyName (\ s a -> s{_adTokenKeyName = a})
-
-instance FromJSON AuthorizerDescription where
-        parseJSON
-          = withObject "AuthorizerDescription"
-              (\ x ->
-                 AuthorizerDescription' <$>
-                   (x .:? "status") <*> (x .:? "lastModifiedDate") <*>
-                     (x .:? "authorizerName")
-                     <*> (x .:? "authorizerFunctionArn")
-                     <*> (x .:? "authorizerArn")
-                     <*> (x .:? "creationDate")
-                     <*> (x .:? "tokenSigningPublicKeys" .!= mempty)
-                     <*> (x .:? "tokenKeyName"))
-
-instance Hashable AuthorizerDescription where
-
-instance NFData AuthorizerDescription where
-
--- | The authorizer summary.
---
---
---
--- /See:/ 'authorizerSummary' smart constructor.
-data AuthorizerSummary = AuthorizerSummary'
-  { _asAuthorizerName :: !(Maybe Text)
-  , _asAuthorizerARN  :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'AuthorizerSummary' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'asAuthorizerName' - The authorizer name.
---
--- * 'asAuthorizerARN' - The authorizer ARN.
-authorizerSummary
-    :: AuthorizerSummary
-authorizerSummary =
-  AuthorizerSummary' {_asAuthorizerName = Nothing, _asAuthorizerARN = Nothing}
-
-
--- | The authorizer name.
-asAuthorizerName :: Lens' AuthorizerSummary (Maybe Text)
-asAuthorizerName = lens _asAuthorizerName (\ s a -> s{_asAuthorizerName = a})
-
--- | The authorizer ARN.
-asAuthorizerARN :: Lens' AuthorizerSummary (Maybe Text)
-asAuthorizerARN = lens _asAuthorizerARN (\ s a -> s{_asAuthorizerARN = a})
-
-instance FromJSON AuthorizerSummary where
-        parseJSON
-          = withObject "AuthorizerSummary"
-              (\ x ->
-                 AuthorizerSummary' <$>
-                   (x .:? "authorizerName") <*> (x .:? "authorizerArn"))
-
-instance Hashable AuthorizerSummary where
-
-instance NFData AuthorizerSummary where
-
--- | A CA certificate.
---
---
---
--- /See:/ 'cACertificate' smart constructor.
-data CACertificate = CACertificate'
-  { _cacStatus         :: !(Maybe CACertificateStatus)
-  , _cacCertificateARN :: !(Maybe Text)
-  , _cacCertificateId  :: !(Maybe Text)
-  , _cacCreationDate   :: !(Maybe POSIX)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CACertificate' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'cacStatus' - The status of the CA certificate. The status value REGISTER_INACTIVE is deprecated and should not be used.
---
--- * 'cacCertificateARN' - The ARN of the CA certificate.
---
--- * 'cacCertificateId' - The ID of the CA certificate.
---
--- * 'cacCreationDate' - The date the CA certificate was created.
-cACertificate
-    :: CACertificate
-cACertificate =
-  CACertificate'
-    { _cacStatus = Nothing
-    , _cacCertificateARN = Nothing
-    , _cacCertificateId = Nothing
-    , _cacCreationDate = Nothing
-    }
-
-
--- | The status of the CA certificate. The status value REGISTER_INACTIVE is deprecated and should not be used.
-cacStatus :: Lens' CACertificate (Maybe CACertificateStatus)
-cacStatus = lens _cacStatus (\ s a -> s{_cacStatus = a})
-
--- | The ARN of the CA certificate.
-cacCertificateARN :: Lens' CACertificate (Maybe Text)
-cacCertificateARN = lens _cacCertificateARN (\ s a -> s{_cacCertificateARN = a})
-
--- | The ID of the CA certificate.
-cacCertificateId :: Lens' CACertificate (Maybe Text)
-cacCertificateId = lens _cacCertificateId (\ s a -> s{_cacCertificateId = a})
-
--- | The date the CA certificate was created.
-cacCreationDate :: Lens' CACertificate (Maybe UTCTime)
-cacCreationDate = lens _cacCreationDate (\ s a -> s{_cacCreationDate = a}) . mapping _Time
-
-instance FromJSON CACertificate where
-        parseJSON
-          = withObject "CACertificate"
-              (\ x ->
-                 CACertificate' <$>
-                   (x .:? "status") <*> (x .:? "certificateArn") <*>
-                     (x .:? "certificateId")
-                     <*> (x .:? "creationDate"))
-
-instance Hashable CACertificate where
-
-instance NFData CACertificate where
-
--- | Describes a CA certificate.
---
---
---
--- /See:/ 'cACertificateDescription' smart constructor.
-data CACertificateDescription = CACertificateDescription'
-  { _cacdStatus                 :: !(Maybe CACertificateStatus)
-  , _cacdOwnedBy                :: !(Maybe Text)
-  , _cacdLastModifiedDate       :: !(Maybe POSIX)
-  , _cacdCertificatePem         :: !(Maybe Text)
-  , _cacdCertificateARN         :: !(Maybe Text)
-  , _cacdCertificateId          :: !(Maybe Text)
-  , _cacdAutoRegistrationStatus :: !(Maybe AutoRegistrationStatus)
-  , _cacdCreationDate           :: !(Maybe POSIX)
-  , _cacdGenerationId           :: !(Maybe Text)
-  , _cacdCustomerVersion        :: !(Maybe Nat)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CACertificateDescription' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'cacdStatus' - The status of a CA certificate.
---
--- * 'cacdOwnedBy' - The owner of the CA certificate.
---
--- * 'cacdLastModifiedDate' - The date the CA certificate was last modified.
---
--- * 'cacdCertificatePem' - The CA certificate data, in PEM format.
---
--- * 'cacdCertificateARN' - The CA certificate ARN.
---
--- * 'cacdCertificateId' - The CA certificate ID.
---
--- * 'cacdAutoRegistrationStatus' - Whether the CA certificate configured for auto registration of device certificates. Valid values are "ENABLE" and "DISABLE"
---
--- * 'cacdCreationDate' - The date the CA certificate was created.
---
--- * 'cacdGenerationId' - The generation ID of the CA certificate.
---
--- * 'cacdCustomerVersion' - The customer version of the CA certificate.
-cACertificateDescription
-    :: CACertificateDescription
-cACertificateDescription =
-  CACertificateDescription'
-    { _cacdStatus = Nothing
-    , _cacdOwnedBy = Nothing
-    , _cacdLastModifiedDate = Nothing
-    , _cacdCertificatePem = Nothing
-    , _cacdCertificateARN = Nothing
-    , _cacdCertificateId = Nothing
-    , _cacdAutoRegistrationStatus = Nothing
-    , _cacdCreationDate = Nothing
-    , _cacdGenerationId = Nothing
-    , _cacdCustomerVersion = Nothing
-    }
-
-
--- | The status of a CA certificate.
-cacdStatus :: Lens' CACertificateDescription (Maybe CACertificateStatus)
-cacdStatus = lens _cacdStatus (\ s a -> s{_cacdStatus = a})
-
--- | The owner of the CA certificate.
-cacdOwnedBy :: Lens' CACertificateDescription (Maybe Text)
-cacdOwnedBy = lens _cacdOwnedBy (\ s a -> s{_cacdOwnedBy = a})
-
--- | The date the CA certificate was last modified.
-cacdLastModifiedDate :: Lens' CACertificateDescription (Maybe UTCTime)
-cacdLastModifiedDate = lens _cacdLastModifiedDate (\ s a -> s{_cacdLastModifiedDate = a}) . mapping _Time
-
--- | The CA certificate data, in PEM format.
-cacdCertificatePem :: Lens' CACertificateDescription (Maybe Text)
-cacdCertificatePem = lens _cacdCertificatePem (\ s a -> s{_cacdCertificatePem = a})
-
--- | The CA certificate ARN.
-cacdCertificateARN :: Lens' CACertificateDescription (Maybe Text)
-cacdCertificateARN = lens _cacdCertificateARN (\ s a -> s{_cacdCertificateARN = a})
-
--- | The CA certificate ID.
-cacdCertificateId :: Lens' CACertificateDescription (Maybe Text)
-cacdCertificateId = lens _cacdCertificateId (\ s a -> s{_cacdCertificateId = a})
-
--- | Whether the CA certificate configured for auto registration of device certificates. Valid values are "ENABLE" and "DISABLE"
-cacdAutoRegistrationStatus :: Lens' CACertificateDescription (Maybe AutoRegistrationStatus)
-cacdAutoRegistrationStatus = lens _cacdAutoRegistrationStatus (\ s a -> s{_cacdAutoRegistrationStatus = a})
-
--- | The date the CA certificate was created.
-cacdCreationDate :: Lens' CACertificateDescription (Maybe UTCTime)
-cacdCreationDate = lens _cacdCreationDate (\ s a -> s{_cacdCreationDate = a}) . mapping _Time
-
--- | The generation ID of the CA certificate.
-cacdGenerationId :: Lens' CACertificateDescription (Maybe Text)
-cacdGenerationId = lens _cacdGenerationId (\ s a -> s{_cacdGenerationId = a})
-
--- | The customer version of the CA certificate.
-cacdCustomerVersion :: Lens' CACertificateDescription (Maybe Natural)
-cacdCustomerVersion = lens _cacdCustomerVersion (\ s a -> s{_cacdCustomerVersion = a}) . mapping _Nat
-
-instance FromJSON CACertificateDescription where
-        parseJSON
-          = withObject "CACertificateDescription"
-              (\ x ->
-                 CACertificateDescription' <$>
-                   (x .:? "status") <*> (x .:? "ownedBy") <*>
-                     (x .:? "lastModifiedDate")
-                     <*> (x .:? "certificatePem")
-                     <*> (x .:? "certificateArn")
-                     <*> (x .:? "certificateId")
-                     <*> (x .:? "autoRegistrationStatus")
-                     <*> (x .:? "creationDate")
-                     <*> (x .:? "generationId")
-                     <*> (x .:? "customerVersion"))
-
-instance Hashable CACertificateDescription where
-
-instance NFData CACertificateDescription where
-
--- | Information about a certificate.
---
---
---
--- /See:/ 'certificate' smart constructor.
-data Certificate = Certificate'
-  { _cStatus         :: !(Maybe CertificateStatus)
-  , _cCertificateARN :: !(Maybe Text)
-  , _cCertificateId  :: !(Maybe Text)
-  , _cCreationDate   :: !(Maybe POSIX)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'Certificate' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'cStatus' - The status of the certificate. The status value REGISTER_INACTIVE is deprecated and should not be used.
---
--- * 'cCertificateARN' - The ARN of the certificate.
---
--- * 'cCertificateId' - The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.)
---
--- * 'cCreationDate' - The date and time the certificate was created.
-certificate
-    :: Certificate
-certificate =
-  Certificate'
-    { _cStatus = Nothing
-    , _cCertificateARN = Nothing
-    , _cCertificateId = Nothing
-    , _cCreationDate = Nothing
-    }
-
-
--- | The status of the certificate. The status value REGISTER_INACTIVE is deprecated and should not be used.
-cStatus :: Lens' Certificate (Maybe CertificateStatus)
-cStatus = lens _cStatus (\ s a -> s{_cStatus = a})
-
--- | The ARN of the certificate.
-cCertificateARN :: Lens' Certificate (Maybe Text)
-cCertificateARN = lens _cCertificateARN (\ s a -> s{_cCertificateARN = a})
-
--- | The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.)
-cCertificateId :: Lens' Certificate (Maybe Text)
-cCertificateId = lens _cCertificateId (\ s a -> s{_cCertificateId = a})
-
--- | The date and time the certificate was created.
-cCreationDate :: Lens' Certificate (Maybe UTCTime)
-cCreationDate = lens _cCreationDate (\ s a -> s{_cCreationDate = a}) . mapping _Time
-
-instance FromJSON Certificate where
-        parseJSON
-          = withObject "Certificate"
-              (\ x ->
-                 Certificate' <$>
-                   (x .:? "status") <*> (x .:? "certificateArn") <*>
-                     (x .:? "certificateId")
-                     <*> (x .:? "creationDate"))
-
-instance Hashable Certificate where
-
-instance NFData Certificate where
-
--- | Describes a certificate.
---
---
---
--- /See:/ 'certificateDescription' smart constructor.
-data CertificateDescription = CertificateDescription'
-  { _cdStatus           :: !(Maybe CertificateStatus)
-  , _cdOwnedBy          :: !(Maybe Text)
-  , _cdLastModifiedDate :: !(Maybe POSIX)
-  , _cdCaCertificateId  :: !(Maybe Text)
-  , _cdPreviousOwnedBy  :: !(Maybe Text)
-  , _cdCertificatePem   :: !(Maybe Text)
-  , _cdCertificateARN   :: !(Maybe Text)
-  , _cdCertificateId    :: !(Maybe Text)
-  , _cdCreationDate     :: !(Maybe POSIX)
-  , _cdGenerationId     :: !(Maybe Text)
-  , _cdTransferData     :: !(Maybe TransferData)
-  , _cdCustomerVersion  :: !(Maybe Nat)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CertificateDescription' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'cdStatus' - The status of the certificate.
---
--- * 'cdOwnedBy' - The ID of the AWS account that owns the certificate.
---
--- * 'cdLastModifiedDate' - The date and time the certificate was last modified.
---
--- * 'cdCaCertificateId' - The certificate ID of the CA certificate used to sign this certificate.
---
--- * 'cdPreviousOwnedBy' - The ID of the AWS account of the previous owner of the certificate.
---
--- * 'cdCertificatePem' - The certificate data, in PEM format.
---
--- * 'cdCertificateARN' - The ARN of the certificate.
---
--- * 'cdCertificateId' - The ID of the certificate.
---
--- * 'cdCreationDate' - The date and time the certificate was created.
---
--- * 'cdGenerationId' - The generation ID of the certificate.
---
--- * 'cdTransferData' - The transfer data.
---
--- * 'cdCustomerVersion' - The customer version of the certificate.
-certificateDescription
-    :: CertificateDescription
-certificateDescription =
-  CertificateDescription'
-    { _cdStatus = Nothing
-    , _cdOwnedBy = Nothing
-    , _cdLastModifiedDate = Nothing
-    , _cdCaCertificateId = Nothing
-    , _cdPreviousOwnedBy = Nothing
-    , _cdCertificatePem = Nothing
-    , _cdCertificateARN = Nothing
-    , _cdCertificateId = Nothing
-    , _cdCreationDate = Nothing
-    , _cdGenerationId = Nothing
-    , _cdTransferData = Nothing
-    , _cdCustomerVersion = Nothing
-    }
-
-
--- | The status of the certificate.
-cdStatus :: Lens' CertificateDescription (Maybe CertificateStatus)
-cdStatus = lens _cdStatus (\ s a -> s{_cdStatus = a})
-
--- | The ID of the AWS account that owns the certificate.
-cdOwnedBy :: Lens' CertificateDescription (Maybe Text)
-cdOwnedBy = lens _cdOwnedBy (\ s a -> s{_cdOwnedBy = a})
-
--- | The date and time the certificate was last modified.
-cdLastModifiedDate :: Lens' CertificateDescription (Maybe UTCTime)
-cdLastModifiedDate = lens _cdLastModifiedDate (\ s a -> s{_cdLastModifiedDate = a}) . mapping _Time
-
--- | The certificate ID of the CA certificate used to sign this certificate.
-cdCaCertificateId :: Lens' CertificateDescription (Maybe Text)
-cdCaCertificateId = lens _cdCaCertificateId (\ s a -> s{_cdCaCertificateId = a})
-
--- | The ID of the AWS account of the previous owner of the certificate.
-cdPreviousOwnedBy :: Lens' CertificateDescription (Maybe Text)
-cdPreviousOwnedBy = lens _cdPreviousOwnedBy (\ s a -> s{_cdPreviousOwnedBy = a})
-
--- | The certificate data, in PEM format.
-cdCertificatePem :: Lens' CertificateDescription (Maybe Text)
-cdCertificatePem = lens _cdCertificatePem (\ s a -> s{_cdCertificatePem = a})
-
--- | The ARN of the certificate.
-cdCertificateARN :: Lens' CertificateDescription (Maybe Text)
-cdCertificateARN = lens _cdCertificateARN (\ s a -> s{_cdCertificateARN = a})
-
--- | The ID of the certificate.
-cdCertificateId :: Lens' CertificateDescription (Maybe Text)
-cdCertificateId = lens _cdCertificateId (\ s a -> s{_cdCertificateId = a})
-
--- | The date and time the certificate was created.
-cdCreationDate :: Lens' CertificateDescription (Maybe UTCTime)
-cdCreationDate = lens _cdCreationDate (\ s a -> s{_cdCreationDate = a}) . mapping _Time
-
--- | The generation ID of the certificate.
-cdGenerationId :: Lens' CertificateDescription (Maybe Text)
-cdGenerationId = lens _cdGenerationId (\ s a -> s{_cdGenerationId = a})
-
--- | The transfer data.
-cdTransferData :: Lens' CertificateDescription (Maybe TransferData)
-cdTransferData = lens _cdTransferData (\ s a -> s{_cdTransferData = a})
-
--- | The customer version of the certificate.
-cdCustomerVersion :: Lens' CertificateDescription (Maybe Natural)
-cdCustomerVersion = lens _cdCustomerVersion (\ s a -> s{_cdCustomerVersion = a}) . mapping _Nat
-
-instance FromJSON CertificateDescription where
-        parseJSON
-          = withObject "CertificateDescription"
-              (\ x ->
-                 CertificateDescription' <$>
-                   (x .:? "status") <*> (x .:? "ownedBy") <*>
-                     (x .:? "lastModifiedDate")
-                     <*> (x .:? "caCertificateId")
-                     <*> (x .:? "previousOwnedBy")
-                     <*> (x .:? "certificatePem")
-                     <*> (x .:? "certificateArn")
-                     <*> (x .:? "certificateId")
-                     <*> (x .:? "creationDate")
-                     <*> (x .:? "generationId")
-                     <*> (x .:? "transferData")
-                     <*> (x .:? "customerVersion"))
-
-instance Hashable CertificateDescription where
-
-instance NFData CertificateDescription where
-
--- | Describes an action that updates a CloudWatch alarm.
---
---
---
--- /See:/ 'cloudwatchAlarmAction' smart constructor.
-data CloudwatchAlarmAction = CloudwatchAlarmAction'
-  { _caaRoleARN     :: !Text
-  , _caaAlarmName   :: !Text
-  , _caaStateReason :: !Text
-  , _caaStateValue  :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CloudwatchAlarmAction' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'caaRoleARN' - The IAM role that allows access to the CloudWatch alarm.
---
--- * 'caaAlarmName' - The CloudWatch alarm name.
---
--- * 'caaStateReason' - The reason for the alarm change.
---
--- * 'caaStateValue' - The value of the alarm state. Acceptable values are: OK, ALARM, INSUFFICIENT_DATA.
-cloudwatchAlarmAction
-    :: Text -- ^ 'caaRoleARN'
-    -> Text -- ^ 'caaAlarmName'
-    -> Text -- ^ 'caaStateReason'
-    -> Text -- ^ 'caaStateValue'
-    -> CloudwatchAlarmAction
-cloudwatchAlarmAction pRoleARN_ pAlarmName_ pStateReason_ pStateValue_ =
-  CloudwatchAlarmAction'
-    { _caaRoleARN = pRoleARN_
-    , _caaAlarmName = pAlarmName_
-    , _caaStateReason = pStateReason_
-    , _caaStateValue = pStateValue_
-    }
-
-
--- | The IAM role that allows access to the CloudWatch alarm.
-caaRoleARN :: Lens' CloudwatchAlarmAction Text
-caaRoleARN = lens _caaRoleARN (\ s a -> s{_caaRoleARN = a})
-
--- | The CloudWatch alarm name.
-caaAlarmName :: Lens' CloudwatchAlarmAction Text
-caaAlarmName = lens _caaAlarmName (\ s a -> s{_caaAlarmName = a})
-
--- | The reason for the alarm change.
-caaStateReason :: Lens' CloudwatchAlarmAction Text
-caaStateReason = lens _caaStateReason (\ s a -> s{_caaStateReason = a})
-
--- | The value of the alarm state. Acceptable values are: OK, ALARM, INSUFFICIENT_DATA.
-caaStateValue :: Lens' CloudwatchAlarmAction Text
-caaStateValue = lens _caaStateValue (\ s a -> s{_caaStateValue = a})
-
-instance FromJSON CloudwatchAlarmAction where
-        parseJSON
-          = withObject "CloudwatchAlarmAction"
-              (\ x ->
-                 CloudwatchAlarmAction' <$>
-                   (x .: "roleArn") <*> (x .: "alarmName") <*>
-                     (x .: "stateReason")
-                     <*> (x .: "stateValue"))
-
-instance Hashable CloudwatchAlarmAction where
-
-instance NFData CloudwatchAlarmAction where
-
-instance ToJSON CloudwatchAlarmAction where
-        toJSON CloudwatchAlarmAction'{..}
-          = object
-              (catMaybes
-                 [Just ("roleArn" .= _caaRoleARN),
-                  Just ("alarmName" .= _caaAlarmName),
-                  Just ("stateReason" .= _caaStateReason),
-                  Just ("stateValue" .= _caaStateValue)])
-
--- | Describes an action that captures a CloudWatch metric.
---
---
---
--- /See:/ 'cloudwatchMetricAction' smart constructor.
-data CloudwatchMetricAction = CloudwatchMetricAction'
-  { _cmaMetricTimestamp :: !(Maybe Text)
-  , _cmaRoleARN         :: !Text
-  , _cmaMetricNamespace :: !Text
-  , _cmaMetricName      :: !Text
-  , _cmaMetricValue     :: !Text
-  , _cmaMetricUnit      :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CloudwatchMetricAction' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'cmaMetricTimestamp' - An optional <http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#about_timestamp Unix timestamp> .
---
--- * 'cmaRoleARN' - The IAM role that allows access to the CloudWatch metric.
---
--- * 'cmaMetricNamespace' - The CloudWatch metric namespace name.
---
--- * 'cmaMetricName' - The CloudWatch metric name.
---
--- * 'cmaMetricValue' - The CloudWatch metric value.
---
--- * 'cmaMetricUnit' - The <http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#Unit metric unit> supported by CloudWatch.
-cloudwatchMetricAction
-    :: Text -- ^ 'cmaRoleARN'
-    -> Text -- ^ 'cmaMetricNamespace'
-    -> Text -- ^ 'cmaMetricName'
-    -> Text -- ^ 'cmaMetricValue'
-    -> Text -- ^ 'cmaMetricUnit'
-    -> CloudwatchMetricAction
-cloudwatchMetricAction pRoleARN_ pMetricNamespace_ pMetricName_ pMetricValue_ pMetricUnit_ =
-  CloudwatchMetricAction'
-    { _cmaMetricTimestamp = Nothing
-    , _cmaRoleARN = pRoleARN_
-    , _cmaMetricNamespace = pMetricNamespace_
-    , _cmaMetricName = pMetricName_
-    , _cmaMetricValue = pMetricValue_
-    , _cmaMetricUnit = pMetricUnit_
-    }
-
-
--- | An optional <http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#about_timestamp Unix timestamp> .
-cmaMetricTimestamp :: Lens' CloudwatchMetricAction (Maybe Text)
-cmaMetricTimestamp = lens _cmaMetricTimestamp (\ s a -> s{_cmaMetricTimestamp = a})
-
--- | The IAM role that allows access to the CloudWatch metric.
-cmaRoleARN :: Lens' CloudwatchMetricAction Text
-cmaRoleARN = lens _cmaRoleARN (\ s a -> s{_cmaRoleARN = a})
-
--- | The CloudWatch metric namespace name.
-cmaMetricNamespace :: Lens' CloudwatchMetricAction Text
-cmaMetricNamespace = lens _cmaMetricNamespace (\ s a -> s{_cmaMetricNamespace = a})
-
--- | The CloudWatch metric name.
-cmaMetricName :: Lens' CloudwatchMetricAction Text
-cmaMetricName = lens _cmaMetricName (\ s a -> s{_cmaMetricName = a})
-
--- | The CloudWatch metric value.
-cmaMetricValue :: Lens' CloudwatchMetricAction Text
-cmaMetricValue = lens _cmaMetricValue (\ s a -> s{_cmaMetricValue = a})
-
--- | The <http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#Unit metric unit> supported by CloudWatch.
-cmaMetricUnit :: Lens' CloudwatchMetricAction Text
-cmaMetricUnit = lens _cmaMetricUnit (\ s a -> s{_cmaMetricUnit = a})
-
-instance FromJSON CloudwatchMetricAction where
-        parseJSON
-          = withObject "CloudwatchMetricAction"
-              (\ x ->
-                 CloudwatchMetricAction' <$>
-                   (x .:? "metricTimestamp") <*> (x .: "roleArn") <*>
-                     (x .: "metricNamespace")
-                     <*> (x .: "metricName")
-                     <*> (x .: "metricValue")
-                     <*> (x .: "metricUnit"))
-
-instance Hashable CloudwatchMetricAction where
-
-instance NFData CloudwatchMetricAction where
-
-instance ToJSON CloudwatchMetricAction where
-        toJSON CloudwatchMetricAction'{..}
-          = object
-              (catMaybes
-                 [("metricTimestamp" .=) <$> _cmaMetricTimestamp,
-                  Just ("roleArn" .= _cmaRoleARN),
-                  Just ("metricNamespace" .= _cmaMetricNamespace),
-                  Just ("metricName" .= _cmaMetricName),
-                  Just ("metricValue" .= _cmaMetricValue),
-                  Just ("metricUnit" .= _cmaMetricUnit)])
-
--- | Describes the method to use when code signing a file.
---
---
---
--- /See:/ 'codeSigning' smart constructor.
-data CodeSigning = CodeSigning'
-  { _csCustomCodeSigning :: !(Maybe CustomCodeSigning)
-  , _csAwsSignerJobId    :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CodeSigning' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'csCustomCodeSigning' - A custom method for code signing a file.
---
--- * 'csAwsSignerJobId' - The ID of the AWSSignerJob which was created to sign the file.
-codeSigning
-    :: CodeSigning
-codeSigning =
-  CodeSigning' {_csCustomCodeSigning = Nothing, _csAwsSignerJobId = Nothing}
-
-
--- | A custom method for code signing a file.
-csCustomCodeSigning :: Lens' CodeSigning (Maybe CustomCodeSigning)
-csCustomCodeSigning = lens _csCustomCodeSigning (\ s a -> s{_csCustomCodeSigning = a})
-
--- | The ID of the AWSSignerJob which was created to sign the file.
-csAwsSignerJobId :: Lens' CodeSigning (Maybe Text)
-csAwsSignerJobId = lens _csAwsSignerJobId (\ s a -> s{_csAwsSignerJobId = a})
-
-instance FromJSON CodeSigning where
-        parseJSON
-          = withObject "CodeSigning"
-              (\ x ->
-                 CodeSigning' <$>
-                   (x .:? "customCodeSigning") <*>
-                     (x .:? "awsSignerJobId"))
-
-instance Hashable CodeSigning where
-
-instance NFData CodeSigning where
-
-instance ToJSON CodeSigning where
-        toJSON CodeSigning'{..}
-          = object
-              (catMaybes
-                 [("customCodeSigning" .=) <$> _csCustomCodeSigning,
-                  ("awsSignerJobId" .=) <$> _csAwsSignerJobId])
-
--- | Describes the certificate chain being used when code signing a file.
---
---
---
--- /See:/ 'codeSigningCertificateChain' smart constructor.
-data CodeSigningCertificateChain = CodeSigningCertificateChain'
-  { _csccStream          :: !(Maybe Stream)
-  , _csccCertificateName :: !(Maybe Text)
-  , _csccInlineDocument  :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CodeSigningCertificateChain' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'csccStream' - A stream of the certificate chain files.
---
--- * 'csccCertificateName' - The name of the certificate.
---
--- * 'csccInlineDocument' - A base64 encoded binary representation of the code signing certificate chain.
-codeSigningCertificateChain
-    :: CodeSigningCertificateChain
-codeSigningCertificateChain =
-  CodeSigningCertificateChain'
-    { _csccStream = Nothing
-    , _csccCertificateName = Nothing
-    , _csccInlineDocument = Nothing
-    }
-
-
--- | A stream of the certificate chain files.
-csccStream :: Lens' CodeSigningCertificateChain (Maybe Stream)
-csccStream = lens _csccStream (\ s a -> s{_csccStream = a})
-
--- | The name of the certificate.
-csccCertificateName :: Lens' CodeSigningCertificateChain (Maybe Text)
-csccCertificateName = lens _csccCertificateName (\ s a -> s{_csccCertificateName = a})
-
--- | A base64 encoded binary representation of the code signing certificate chain.
-csccInlineDocument :: Lens' CodeSigningCertificateChain (Maybe Text)
-csccInlineDocument = lens _csccInlineDocument (\ s a -> s{_csccInlineDocument = a})
-
-instance FromJSON CodeSigningCertificateChain where
-        parseJSON
-          = withObject "CodeSigningCertificateChain"
-              (\ x ->
-                 CodeSigningCertificateChain' <$>
-                   (x .:? "stream") <*> (x .:? "certificateName") <*>
-                     (x .:? "inlineDocument"))
-
-instance Hashable CodeSigningCertificateChain where
-
-instance NFData CodeSigningCertificateChain where
-
-instance ToJSON CodeSigningCertificateChain where
-        toJSON CodeSigningCertificateChain'{..}
-          = object
-              (catMaybes
-                 [("stream" .=) <$> _csccStream,
-                  ("certificateName" .=) <$> _csccCertificateName,
-                  ("inlineDocument" .=) <$> _csccInlineDocument])
-
--- | Describes the signature for a file.
---
---
---
--- /See:/ 'codeSigningSignature' smart constructor.
-data CodeSigningSignature = CodeSigningSignature'
-  { _cssStream         :: !(Maybe Stream)
-  , _cssInlineDocument :: !(Maybe Base64)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CodeSigningSignature' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'cssStream' - A stream of the code signing signature.
---
--- * 'cssInlineDocument' - A base64 encoded binary representation of the code signing signature.-- /Note:/ This 'Lens' automatically encodes and decodes Base64 data. The underlying isomorphism will encode to Base64 representation during serialisation, and decode from Base64 representation during deserialisation. This 'Lens' accepts and returns only raw unencoded data.
-codeSigningSignature
-    :: CodeSigningSignature
-codeSigningSignature =
-  CodeSigningSignature' {_cssStream = Nothing, _cssInlineDocument = Nothing}
-
-
--- | A stream of the code signing signature.
-cssStream :: Lens' CodeSigningSignature (Maybe Stream)
-cssStream = lens _cssStream (\ s a -> s{_cssStream = a})
-
--- | A base64 encoded binary representation of the code signing signature.-- /Note:/ This 'Lens' automatically encodes and decodes Base64 data. The underlying isomorphism will encode to Base64 representation during serialisation, and decode from Base64 representation during deserialisation. This 'Lens' accepts and returns only raw unencoded data.
-cssInlineDocument :: Lens' CodeSigningSignature (Maybe ByteString)
-cssInlineDocument = lens _cssInlineDocument (\ s a -> s{_cssInlineDocument = a}) . mapping _Base64
-
-instance FromJSON CodeSigningSignature where
-        parseJSON
-          = withObject "CodeSigningSignature"
-              (\ x ->
-                 CodeSigningSignature' <$>
-                   (x .:? "stream") <*> (x .:? "inlineDocument"))
-
-instance Hashable CodeSigningSignature where
-
-instance NFData CodeSigningSignature where
-
-instance ToJSON CodeSigningSignature where
-        toJSON CodeSigningSignature'{..}
-          = object
-              (catMaybes
-                 [("stream" .=) <$> _cssStream,
-                  ("inlineDocument" .=) <$> _cssInlineDocument])
-
--- | Configuration.
---
---
---
--- /See:/ 'configuration' smart constructor.
-newtype Configuration = Configuration'
-  { _cEnabled :: Maybe Bool
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'Configuration' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'cEnabled' - True to enable the configuration.
-configuration
-    :: Configuration
-configuration = Configuration' {_cEnabled = Nothing}
-
-
--- | True to enable the configuration.
-cEnabled :: Lens' Configuration (Maybe Bool)
-cEnabled = lens _cEnabled (\ s a -> s{_cEnabled = a})
-
-instance FromJSON Configuration where
-        parseJSON
-          = withObject "Configuration"
-              (\ x -> Configuration' <$> (x .:? "Enabled"))
-
-instance Hashable Configuration where
-
-instance NFData Configuration where
-
-instance ToJSON Configuration where
-        toJSON Configuration'{..}
-          = object (catMaybes [("Enabled" .=) <$> _cEnabled])
-
--- | Describes a custom method used to code sign a file.
---
---
---
--- /See:/ 'customCodeSigning' smart constructor.
-data CustomCodeSigning = CustomCodeSigning'
-  { _ccsSignature          :: !(Maybe CodeSigningSignature)
-  , _ccsHashAlgorithm      :: !(Maybe Text)
-  , _ccsCertificateChain   :: !(Maybe CodeSigningCertificateChain)
-  , _ccsSignatureAlgorithm :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'CustomCodeSigning' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ccsSignature' - The signature for the file.
---
--- * 'ccsHashAlgorithm' - The hash algorithm used to code sign the file.
---
--- * 'ccsCertificateChain' - The certificate chain.
---
--- * 'ccsSignatureAlgorithm' - The signature algorithm used to code sign the file.
-customCodeSigning
-    :: CustomCodeSigning
-customCodeSigning =
-  CustomCodeSigning'
-    { _ccsSignature = Nothing
-    , _ccsHashAlgorithm = Nothing
-    , _ccsCertificateChain = Nothing
-    , _ccsSignatureAlgorithm = Nothing
-    }
-
-
--- | The signature for the file.
-ccsSignature :: Lens' CustomCodeSigning (Maybe CodeSigningSignature)
-ccsSignature = lens _ccsSignature (\ s a -> s{_ccsSignature = a})
-
--- | The hash algorithm used to code sign the file.
-ccsHashAlgorithm :: Lens' CustomCodeSigning (Maybe Text)
-ccsHashAlgorithm = lens _ccsHashAlgorithm (\ s a -> s{_ccsHashAlgorithm = a})
-
--- | The certificate chain.
-ccsCertificateChain :: Lens' CustomCodeSigning (Maybe CodeSigningCertificateChain)
-ccsCertificateChain = lens _ccsCertificateChain (\ s a -> s{_ccsCertificateChain = a})
-
--- | The signature algorithm used to code sign the file.
-ccsSignatureAlgorithm :: Lens' CustomCodeSigning (Maybe Text)
-ccsSignatureAlgorithm = lens _ccsSignatureAlgorithm (\ s a -> s{_ccsSignatureAlgorithm = a})
-
-instance FromJSON CustomCodeSigning where
-        parseJSON
-          = withObject "CustomCodeSigning"
-              (\ x ->
-                 CustomCodeSigning' <$>
-                   (x .:? "signature") <*> (x .:? "hashAlgorithm") <*>
-                     (x .:? "certificateChain")
-                     <*> (x .:? "signatureAlgorithm"))
-
-instance Hashable CustomCodeSigning where
-
-instance NFData CustomCodeSigning where
-
-instance ToJSON CustomCodeSigning where
-        toJSON CustomCodeSigning'{..}
-          = object
-              (catMaybes
-                 [("signature" .=) <$> _ccsSignature,
-                  ("hashAlgorithm" .=) <$> _ccsHashAlgorithm,
-                  ("certificateChain" .=) <$> _ccsCertificateChain,
-                  ("signatureAlgorithm" .=) <$>
-                    _ccsSignatureAlgorithm])
-
--- | Contains information that denied the authorization.
---
---
---
--- /See:/ 'denied' smart constructor.
-data Denied = Denied'
-  { _dImplicitDeny :: !(Maybe ImplicitDeny)
-  , _dExplicitDeny :: !(Maybe ExplicitDeny)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'Denied' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'dImplicitDeny' - Information that implicitly denies the authorization. When a policy doesn't explicitly deny or allow an action on a resource it is considered an implicit deny.
---
--- * 'dExplicitDeny' - Information that explicitly denies the authorization.
-denied
-    :: Denied
-denied = Denied' {_dImplicitDeny = Nothing, _dExplicitDeny = Nothing}
-
-
--- | Information that implicitly denies the authorization. When a policy doesn't explicitly deny or allow an action on a resource it is considered an implicit deny.
-dImplicitDeny :: Lens' Denied (Maybe ImplicitDeny)
-dImplicitDeny = lens _dImplicitDeny (\ s a -> s{_dImplicitDeny = a})
-
--- | Information that explicitly denies the authorization.
-dExplicitDeny :: Lens' Denied (Maybe ExplicitDeny)
-dExplicitDeny = lens _dExplicitDeny (\ s a -> s{_dExplicitDeny = a})
-
-instance FromJSON Denied where
-        parseJSON
-          = withObject "Denied"
-              (\ x ->
-                 Denied' <$>
-                   (x .:? "implicitDeny") <*> (x .:? "explicitDeny"))
-
-instance Hashable Denied where
-
-instance NFData Denied where
-
--- | Describes an action to write to a DynamoDB table.
---
---
--- The @tableName@ , @hashKeyField@ , and @rangeKeyField@ values must match the values used when you created the table.
---
--- The @hashKeyValue@ and @rangeKeyvalue@ fields use a substitution template syntax. These templates provide data at runtime. The syntax is as follows: ${/sql-expression/ }.
---
--- You can specify any valid expression in a WHERE or SELECT clause, including JSON properties, comparisons, calculations, and functions. For example, the following field uses the third level of the topic:
---
--- @"hashKeyValue": "${topic(3)}"@
---
--- The following field uses the timestamp:
---
--- @"rangeKeyValue": "${timestamp()}"@
---
---
--- /See:/ 'dynamoDBAction' smart constructor.
-data DynamoDBAction = DynamoDBAction'
-  { _ddbaHashKeyType   :: !(Maybe DynamoKeyType)
-  , _ddbaOperation     :: !(Maybe Text)
-  , _ddbaRangeKeyType  :: !(Maybe DynamoKeyType)
-  , _ddbaPayloadField  :: !(Maybe Text)
-  , _ddbaRangeKeyField :: !(Maybe Text)
-  , _ddbaRangeKeyValue :: !(Maybe Text)
-  , _ddbaTableName     :: !Text
-  , _ddbaRoleARN       :: !Text
-  , _ddbaHashKeyField  :: !Text
-  , _ddbaHashKeyValue  :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DynamoDBAction' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ddbaHashKeyType' - The hash key type. Valid values are "STRING" or "NUMBER"
---
--- * 'ddbaOperation' - The type of operation to be performed. This follows the substitution template, so it can be @> {operation}@ , but the substitution must result in one of the following: @INSERT@ , @UPDATE@ , or @DELETE@ .
---
--- * 'ddbaRangeKeyType' - The range key type. Valid values are "STRING" or "NUMBER"
---
--- * 'ddbaPayloadField' - The action payload. This name can be customized.
---
--- * 'ddbaRangeKeyField' - The range key name.
---
--- * 'ddbaRangeKeyValue' - The range key value.
---
--- * 'ddbaTableName' - The name of the DynamoDB table.
---
--- * 'ddbaRoleARN' - The ARN of the IAM role that grants access to the DynamoDB table.
---
--- * 'ddbaHashKeyField' - The hash key name.
---
--- * 'ddbaHashKeyValue' - The hash key value.
-dynamoDBAction
-    :: Text -- ^ 'ddbaTableName'
-    -> Text -- ^ 'ddbaRoleARN'
-    -> Text -- ^ 'ddbaHashKeyField'
-    -> Text -- ^ 'ddbaHashKeyValue'
-    -> DynamoDBAction
-dynamoDBAction pTableName_ pRoleARN_ pHashKeyField_ pHashKeyValue_ =
-  DynamoDBAction'
-    { _ddbaHashKeyType = Nothing
-    , _ddbaOperation = Nothing
-    , _ddbaRangeKeyType = Nothing
-    , _ddbaPayloadField = Nothing
-    , _ddbaRangeKeyField = Nothing
-    , _ddbaRangeKeyValue = Nothing
-    , _ddbaTableName = pTableName_
-    , _ddbaRoleARN = pRoleARN_
-    , _ddbaHashKeyField = pHashKeyField_
-    , _ddbaHashKeyValue = pHashKeyValue_
-    }
-
-
--- | The hash key type. Valid values are "STRING" or "NUMBER"
-ddbaHashKeyType :: Lens' DynamoDBAction (Maybe DynamoKeyType)
-ddbaHashKeyType = lens _ddbaHashKeyType (\ s a -> s{_ddbaHashKeyType = a})
-
--- | The type of operation to be performed. This follows the substitution template, so it can be @> {operation}@ , but the substitution must result in one of the following: @INSERT@ , @UPDATE@ , or @DELETE@ .
-ddbaOperation :: Lens' DynamoDBAction (Maybe Text)
-ddbaOperation = lens _ddbaOperation (\ s a -> s{_ddbaOperation = a})
-
--- | The range key type. Valid values are "STRING" or "NUMBER"
-ddbaRangeKeyType :: Lens' DynamoDBAction (Maybe DynamoKeyType)
-ddbaRangeKeyType = lens _ddbaRangeKeyType (\ s a -> s{_ddbaRangeKeyType = a})
-
--- | The action payload. This name can be customized.
-ddbaPayloadField :: Lens' DynamoDBAction (Maybe Text)
-ddbaPayloadField = lens _ddbaPayloadField (\ s a -> s{_ddbaPayloadField = a})
-
--- | The range key name.
-ddbaRangeKeyField :: Lens' DynamoDBAction (Maybe Text)
-ddbaRangeKeyField = lens _ddbaRangeKeyField (\ s a -> s{_ddbaRangeKeyField = a})
-
--- | The range key value.
-ddbaRangeKeyValue :: Lens' DynamoDBAction (Maybe Text)
-ddbaRangeKeyValue = lens _ddbaRangeKeyValue (\ s a -> s{_ddbaRangeKeyValue = a})
-
--- | The name of the DynamoDB table.
-ddbaTableName :: Lens' DynamoDBAction Text
-ddbaTableName = lens _ddbaTableName (\ s a -> s{_ddbaTableName = a})
-
--- | The ARN of the IAM role that grants access to the DynamoDB table.
-ddbaRoleARN :: Lens' DynamoDBAction Text
-ddbaRoleARN = lens _ddbaRoleARN (\ s a -> s{_ddbaRoleARN = a})
-
--- | The hash key name.
-ddbaHashKeyField :: Lens' DynamoDBAction Text
-ddbaHashKeyField = lens _ddbaHashKeyField (\ s a -> s{_ddbaHashKeyField = a})
-
--- | The hash key value.
-ddbaHashKeyValue :: Lens' DynamoDBAction Text
-ddbaHashKeyValue = lens _ddbaHashKeyValue (\ s a -> s{_ddbaHashKeyValue = a})
-
-instance FromJSON DynamoDBAction where
-        parseJSON
-          = withObject "DynamoDBAction"
-              (\ x ->
-                 DynamoDBAction' <$>
-                   (x .:? "hashKeyType") <*> (x .:? "operation") <*>
-                     (x .:? "rangeKeyType")
-                     <*> (x .:? "payloadField")
-                     <*> (x .:? "rangeKeyField")
-                     <*> (x .:? "rangeKeyValue")
-                     <*> (x .: "tableName")
-                     <*> (x .: "roleArn")
-                     <*> (x .: "hashKeyField")
-                     <*> (x .: "hashKeyValue"))
-
-instance Hashable DynamoDBAction where
-
-instance NFData DynamoDBAction where
-
-instance ToJSON DynamoDBAction where
-        toJSON DynamoDBAction'{..}
-          = object
-              (catMaybes
-                 [("hashKeyType" .=) <$> _ddbaHashKeyType,
-                  ("operation" .=) <$> _ddbaOperation,
-                  ("rangeKeyType" .=) <$> _ddbaRangeKeyType,
-                  ("payloadField" .=) <$> _ddbaPayloadField,
-                  ("rangeKeyField" .=) <$> _ddbaRangeKeyField,
-                  ("rangeKeyValue" .=) <$> _ddbaRangeKeyValue,
-                  Just ("tableName" .= _ddbaTableName),
-                  Just ("roleArn" .= _ddbaRoleARN),
-                  Just ("hashKeyField" .= _ddbaHashKeyField),
-                  Just ("hashKeyValue" .= _ddbaHashKeyValue)])
-
--- | Describes an action to write to a DynamoDB table.
---
---
--- This DynamoDB action writes each attribute in the message payload into it's own column in the DynamoDB table.
---
---
--- /See:/ 'dynamoDBv2Action' smart constructor.
-data DynamoDBv2Action = DynamoDBv2Action'
-  { _ddaPutItem :: !(Maybe PutItemInput)
-  , _ddaRoleARN :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'DynamoDBv2Action' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ddaPutItem' - Specifies the DynamoDB table to which the message data will be written. For example: @{ "dynamoDBv2": { "roleArn": "aws:iam:12341251:my-role" "putItem": { "tableName": "my-table" } } }@  Each attribute in the message payload will be written to a separate column in the DynamoDB database.
---
--- * 'ddaRoleARN' - The ARN of the IAM role that grants access to the DynamoDB table.
-dynamoDBv2Action
-    :: DynamoDBv2Action
-dynamoDBv2Action =
-  DynamoDBv2Action' {_ddaPutItem = Nothing, _ddaRoleARN = Nothing}
-
-
--- | Specifies the DynamoDB table to which the message data will be written. For example: @{ "dynamoDBv2": { "roleArn": "aws:iam:12341251:my-role" "putItem": { "tableName": "my-table" } } }@  Each attribute in the message payload will be written to a separate column in the DynamoDB database.
-ddaPutItem :: Lens' DynamoDBv2Action (Maybe PutItemInput)
-ddaPutItem = lens _ddaPutItem (\ s a -> s{_ddaPutItem = a})
-
--- | The ARN of the IAM role that grants access to the DynamoDB table.
-ddaRoleARN :: Lens' DynamoDBv2Action (Maybe Text)
-ddaRoleARN = lens _ddaRoleARN (\ s a -> s{_ddaRoleARN = a})
-
-instance FromJSON DynamoDBv2Action where
-        parseJSON
-          = withObject "DynamoDBv2Action"
-              (\ x ->
-                 DynamoDBv2Action' <$>
-                   (x .:? "putItem") <*> (x .:? "roleArn"))
-
-instance Hashable DynamoDBv2Action where
-
-instance NFData DynamoDBv2Action where
-
-instance ToJSON DynamoDBv2Action where
-        toJSON DynamoDBv2Action'{..}
-          = object
-              (catMaybes
-                 [("putItem" .=) <$> _ddaPutItem,
-                  ("roleArn" .=) <$> _ddaRoleARN])
-
--- | The policy that has the effect on the authorization results.
---
---
---
--- /See:/ 'effectivePolicy' smart constructor.
-data EffectivePolicy = EffectivePolicy'
-  { _epPolicyName     :: !(Maybe Text)
-  , _epPolicyDocument :: !(Maybe Text)
-  , _epPolicyARN      :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'EffectivePolicy' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'epPolicyName' - The policy name.
---
--- * 'epPolicyDocument' - The IAM policy document.
---
--- * 'epPolicyARN' - The policy ARN.
-effectivePolicy
-    :: EffectivePolicy
-effectivePolicy =
-  EffectivePolicy'
-    { _epPolicyName = Nothing
-    , _epPolicyDocument = Nothing
-    , _epPolicyARN = Nothing
-    }
-
-
--- | The policy name.
-epPolicyName :: Lens' EffectivePolicy (Maybe Text)
-epPolicyName = lens _epPolicyName (\ s a -> s{_epPolicyName = a})
-
--- | The IAM policy document.
-epPolicyDocument :: Lens' EffectivePolicy (Maybe Text)
-epPolicyDocument = lens _epPolicyDocument (\ s a -> s{_epPolicyDocument = a})
-
--- | The policy ARN.
-epPolicyARN :: Lens' EffectivePolicy (Maybe Text)
-epPolicyARN = lens _epPolicyARN (\ s a -> s{_epPolicyARN = a})
-
-instance FromJSON EffectivePolicy where
-        parseJSON
-          = withObject "EffectivePolicy"
-              (\ x ->
-                 EffectivePolicy' <$>
-                   (x .:? "policyName") <*> (x .:? "policyDocument") <*>
-                     (x .:? "policyArn"))
-
-instance Hashable EffectivePolicy where
-
-instance NFData EffectivePolicy where
-
--- | Describes an action that writes data to an Amazon Elasticsearch Service domain.
---
---
---
--- /See:/ 'elasticsearchAction' smart constructor.
-data ElasticsearchAction = ElasticsearchAction'
-  { _eaRoleARN  :: !Text
-  , _eaEndpoint :: !Text
-  , _eaIndex    :: !Text
-  , _eaType     :: !Text
-  , _eaId       :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ElasticsearchAction' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'eaRoleARN' - The IAM role ARN that has access to Elasticsearch.
---
--- * 'eaEndpoint' - The endpoint of your Elasticsearch domain.
---
--- * 'eaIndex' - The Elasticsearch index where you want to store your data.
---
--- * 'eaType' - The type of document you are storing.
---
--- * 'eaId' - The unique identifier for the document you are storing.
-elasticsearchAction
-    :: Text -- ^ 'eaRoleARN'
-    -> Text -- ^ 'eaEndpoint'
-    -> Text -- ^ 'eaIndex'
-    -> Text -- ^ 'eaType'
-    -> Text -- ^ 'eaId'
-    -> ElasticsearchAction
-elasticsearchAction pRoleARN_ pEndpoint_ pIndex_ pType_ pId_ =
-  ElasticsearchAction'
-    { _eaRoleARN = pRoleARN_
-    , _eaEndpoint = pEndpoint_
-    , _eaIndex = pIndex_
-    , _eaType = pType_
-    , _eaId = pId_
-    }
-
-
--- | The IAM role ARN that has access to Elasticsearch.
-eaRoleARN :: Lens' ElasticsearchAction Text
-eaRoleARN = lens _eaRoleARN (\ s a -> s{_eaRoleARN = a})
-
--- | The endpoint of your Elasticsearch domain.
-eaEndpoint :: Lens' ElasticsearchAction Text
-eaEndpoint = lens _eaEndpoint (\ s a -> s{_eaEndpoint = a})
-
--- | The Elasticsearch index where you want to store your data.
-eaIndex :: Lens' ElasticsearchAction Text
-eaIndex = lens _eaIndex (\ s a -> s{_eaIndex = a})
-
--- | The type of document you are storing.
-eaType :: Lens' ElasticsearchAction Text
-eaType = lens _eaType (\ s a -> s{_eaType = a})
-
--- | The unique identifier for the document you are storing.
-eaId :: Lens' ElasticsearchAction Text
-eaId = lens _eaId (\ s a -> s{_eaId = a})
-
-instance FromJSON ElasticsearchAction where
-        parseJSON
-          = withObject "ElasticsearchAction"
-              (\ x ->
-                 ElasticsearchAction' <$>
-                   (x .: "roleArn") <*> (x .: "endpoint") <*>
-                     (x .: "index")
-                     <*> (x .: "type")
-                     <*> (x .: "id"))
-
-instance Hashable ElasticsearchAction where
-
-instance NFData ElasticsearchAction where
-
-instance ToJSON ElasticsearchAction where
-        toJSON ElasticsearchAction'{..}
-          = object
-              (catMaybes
-                 [Just ("roleArn" .= _eaRoleARN),
-                  Just ("endpoint" .= _eaEndpoint),
-                  Just ("index" .= _eaIndex), Just ("type" .= _eaType),
-                  Just ("id" .= _eaId)])
-
--- | Error information.
---
---
---
--- /See:/ 'errorInfo' smart constructor.
-data ErrorInfo = ErrorInfo'
-  { _eiCode    :: !(Maybe Text)
-  , _eiMessage :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ErrorInfo' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'eiCode' - The error code.
---
--- * 'eiMessage' - The error message.
-errorInfo
-    :: ErrorInfo
-errorInfo = ErrorInfo' {_eiCode = Nothing, _eiMessage = Nothing}
-
-
--- | The error code.
-eiCode :: Lens' ErrorInfo (Maybe Text)
-eiCode = lens _eiCode (\ s a -> s{_eiCode = a})
-
--- | The error message.
-eiMessage :: Lens' ErrorInfo (Maybe Text)
-eiMessage = lens _eiMessage (\ s a -> s{_eiMessage = a})
-
-instance FromJSON ErrorInfo where
-        parseJSON
-          = withObject "ErrorInfo"
-              (\ x ->
-                 ErrorInfo' <$> (x .:? "code") <*> (x .:? "message"))
-
-instance Hashable ErrorInfo where
-
-instance NFData ErrorInfo where
-
--- | Information that explicitly denies authorization.
---
---
---
--- /See:/ 'explicitDeny' smart constructor.
-newtype ExplicitDeny = ExplicitDeny'
-  { _edPolicies :: Maybe [Policy]
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ExplicitDeny' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'edPolicies' - The policies that denied the authorization.
-explicitDeny
-    :: ExplicitDeny
-explicitDeny = ExplicitDeny' {_edPolicies = Nothing}
-
-
--- | The policies that denied the authorization.
-edPolicies :: Lens' ExplicitDeny [Policy]
-edPolicies = lens _edPolicies (\ s a -> s{_edPolicies = a}) . _Default . _Coerce
-
-instance FromJSON ExplicitDeny where
-        parseJSON
-          = withObject "ExplicitDeny"
-              (\ x ->
-                 ExplicitDeny' <$> (x .:? "policies" .!= mempty))
-
-instance Hashable ExplicitDeny where
-
-instance NFData ExplicitDeny where
-
--- | Describes an action that writes data to an Amazon Kinesis Firehose stream.
---
---
---
--- /See:/ 'firehoseAction' smart constructor.
-data FirehoseAction = FirehoseAction'
-  { _faSeparator          :: !(Maybe Text)
-  , _faRoleARN            :: !Text
-  , _faDeliveryStreamName :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'FirehoseAction' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'faSeparator' - A character separator that will be used to separate records written to the Firehose stream. Valid values are: '\n' (newline), '\t' (tab), '\r\n' (Windows newline), ',' (comma).
---
--- * 'faRoleARN' - The IAM role that grants access to the Amazon Kinesis Firehose stream.
---
--- * 'faDeliveryStreamName' - The delivery stream name.
-firehoseAction
-    :: Text -- ^ 'faRoleARN'
-    -> Text -- ^ 'faDeliveryStreamName'
-    -> FirehoseAction
-firehoseAction pRoleARN_ pDeliveryStreamName_ =
-  FirehoseAction'
-    { _faSeparator = Nothing
-    , _faRoleARN = pRoleARN_
-    , _faDeliveryStreamName = pDeliveryStreamName_
-    }
-
-
--- | A character separator that will be used to separate records written to the Firehose stream. Valid values are: '\n' (newline), '\t' (tab), '\r\n' (Windows newline), ',' (comma).
-faSeparator :: Lens' FirehoseAction (Maybe Text)
-faSeparator = lens _faSeparator (\ s a -> s{_faSeparator = a})
-
--- | The IAM role that grants access to the Amazon Kinesis Firehose stream.
-faRoleARN :: Lens' FirehoseAction Text
-faRoleARN = lens _faRoleARN (\ s a -> s{_faRoleARN = a})
-
--- | The delivery stream name.
-faDeliveryStreamName :: Lens' FirehoseAction Text
-faDeliveryStreamName = lens _faDeliveryStreamName (\ s a -> s{_faDeliveryStreamName = a})
-
-instance FromJSON FirehoseAction where
-        parseJSON
-          = withObject "FirehoseAction"
-              (\ x ->
-                 FirehoseAction' <$>
-                   (x .:? "separator") <*> (x .: "roleArn") <*>
-                     (x .: "deliveryStreamName"))
-
-instance Hashable FirehoseAction where
-
-instance NFData FirehoseAction where
-
-instance ToJSON FirehoseAction where
-        toJSON FirehoseAction'{..}
-          = object
-              (catMaybes
-                 [("separator" .=) <$> _faSeparator,
-                  Just ("roleArn" .= _faRoleARN),
-                  Just
-                    ("deliveryStreamName" .= _faDeliveryStreamName)])
-
--- | The name and ARN of a group.
---
---
---
--- /See:/ 'groupNameAndARN' smart constructor.
-data GroupNameAndARN = GroupNameAndARN'
-  { _gnaaGroupARN  :: !(Maybe Text)
-  , _gnaaGroupName :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'GroupNameAndARN' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'gnaaGroupARN' - The group ARN.
---
--- * 'gnaaGroupName' - The group name.
-groupNameAndARN
-    :: GroupNameAndARN
-groupNameAndARN =
-  GroupNameAndARN' {_gnaaGroupARN = Nothing, _gnaaGroupName = Nothing}
-
-
--- | The group ARN.
-gnaaGroupARN :: Lens' GroupNameAndARN (Maybe Text)
-gnaaGroupARN = lens _gnaaGroupARN (\ s a -> s{_gnaaGroupARN = a})
-
--- | The group name.
-gnaaGroupName :: Lens' GroupNameAndARN (Maybe Text)
-gnaaGroupName = lens _gnaaGroupName (\ s a -> s{_gnaaGroupName = a})
-
-instance FromJSON GroupNameAndARN where
-        parseJSON
-          = withObject "GroupNameAndARN"
-              (\ x ->
-                 GroupNameAndARN' <$>
-                   (x .:? "groupArn") <*> (x .:? "groupName"))
-
-instance Hashable GroupNameAndARN where
-
-instance NFData GroupNameAndARN where
-
--- | Information that implicitly denies authorization. When policy doesn't explicitly deny or allow an action on a resource it is considered an implicit deny.
---
---
---
--- /See:/ 'implicitDeny' smart constructor.
-newtype ImplicitDeny = ImplicitDeny'
-  { _idPolicies :: Maybe [Policy]
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ImplicitDeny' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'idPolicies' - Policies that don't contain a matching allow or deny statement for the specified action on the specified resource.
-implicitDeny
-    :: ImplicitDeny
-implicitDeny = ImplicitDeny' {_idPolicies = Nothing}
-
-
--- | Policies that don't contain a matching allow or deny statement for the specified action on the specified resource.
-idPolicies :: Lens' ImplicitDeny [Policy]
-idPolicies = lens _idPolicies (\ s a -> s{_idPolicies = a}) . _Default . _Coerce
-
-instance FromJSON ImplicitDeny where
-        parseJSON
-          = withObject "ImplicitDeny"
-              (\ x ->
-                 ImplicitDeny' <$> (x .:? "policies" .!= mempty))
-
-instance Hashable ImplicitDeny where
-
-instance NFData ImplicitDeny where
-
--- | Sends message data to an AWS IoT Analytics channel.
---
---
---
--- /See:/ 'iotAnalyticsAction' smart constructor.
-data IotAnalyticsAction = IotAnalyticsAction'
-  { _iaaChannelARN  :: !(Maybe Text)
-  , _iaaChannelName :: !(Maybe Text)
-  , _iaaRoleARN     :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'IotAnalyticsAction' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'iaaChannelARN' - (deprecated) The ARN of the IoT Analytics channel to which message data will be sent.
---
--- * 'iaaChannelName' - The name of the IoT Analytics channel to which message data will be sent.
---
--- * 'iaaRoleARN' - The ARN of the role which has a policy that grants IoT permission to send message data via IoT Analytics (iotanalytics:BatchPutMessage).
-iotAnalyticsAction
-    :: IotAnalyticsAction
-iotAnalyticsAction =
-  IotAnalyticsAction'
-    {_iaaChannelARN = Nothing, _iaaChannelName = Nothing, _iaaRoleARN = Nothing}
-
-
--- | (deprecated) The ARN of the IoT Analytics channel to which message data will be sent.
-iaaChannelARN :: Lens' IotAnalyticsAction (Maybe Text)
-iaaChannelARN = lens _iaaChannelARN (\ s a -> s{_iaaChannelARN = a})
-
--- | The name of the IoT Analytics channel to which message data will be sent.
-iaaChannelName :: Lens' IotAnalyticsAction (Maybe Text)
-iaaChannelName = lens _iaaChannelName (\ s a -> s{_iaaChannelName = a})
-
--- | The ARN of the role which has a policy that grants IoT permission to send message data via IoT Analytics (iotanalytics:BatchPutMessage).
-iaaRoleARN :: Lens' IotAnalyticsAction (Maybe Text)
-iaaRoleARN = lens _iaaRoleARN (\ s a -> s{_iaaRoleARN = a})
-
-instance FromJSON IotAnalyticsAction where
-        parseJSON
-          = withObject "IotAnalyticsAction"
-              (\ x ->
-                 IotAnalyticsAction' <$>
-                   (x .:? "channelArn") <*> (x .:? "channelName") <*>
-                     (x .:? "roleArn"))
-
-instance Hashable IotAnalyticsAction where
-
-instance NFData IotAnalyticsAction where
-
-instance ToJSON IotAnalyticsAction where
-        toJSON IotAnalyticsAction'{..}
-          = object
-              (catMaybes
-                 [("channelArn" .=) <$> _iaaChannelARN,
-                  ("channelName" .=) <$> _iaaChannelName,
-                  ("roleArn" .=) <$> _iaaRoleARN])
-
--- | The @Job@ object contains details about a job.
---
---
---
--- /See:/ 'job' smart constructor.
-data Job = Job'
-  { _jobStatus                     :: !(Maybe JobStatus)
-  , _jobJobExecutionsRolloutConfig :: !(Maybe JobExecutionsRolloutConfig)
-  , _jobJobId                      :: !(Maybe Text)
-  , _jobLastUpdatedAt              :: !(Maybe POSIX)
-  , _jobJobARN                     :: !(Maybe Text)
-  , _jobCreatedAt                  :: !(Maybe POSIX)
-  , _jobDocumentParameters         :: !(Maybe (Map Text Text))
-  , _jobJobProcessDetails          :: !(Maybe JobProcessDetails)
-  , _jobPresignedURLConfig         :: !(Maybe PresignedURLConfig)
-  , _jobTargets                    :: !(Maybe (List1 Text))
-  , _jobCompletedAt                :: !(Maybe POSIX)
-  , _jobComment                    :: !(Maybe Text)
-  , _jobDescription                :: !(Maybe Text)
-  , _jobTargetSelection            :: !(Maybe TargetSelection)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'Job' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'jobStatus' - The status of the job, one of @IN_PROGRESS@ , @CANCELED@ , or @COMPLETED@ .
---
--- * 'jobJobExecutionsRolloutConfig' - Allows you to create a staged rollout of a job.
---
--- * 'jobJobId' - The unique identifier you assigned to this job when it was created.
---
--- * 'jobLastUpdatedAt' - The time, in milliseconds since the epoch, when the job was last updated.
---
--- * 'jobJobARN' - An ARN identifying the job with format "arn:aws:iot:region:account:job/jobId".
---
--- * 'jobCreatedAt' - The time, in milliseconds since the epoch, when the job was created.
---
--- * 'jobDocumentParameters' - The parameters specified for the job document.
---
--- * 'jobJobProcessDetails' - Details about the job process.
---
--- * 'jobPresignedURLConfig' - Configuration for pre-signed S3 URLs.
---
--- * 'jobTargets' - A list of IoT things and thing groups to which the job should be sent.
---
--- * 'jobCompletedAt' - The time, in milliseconds since the epoch, when the job was completed.
---
--- * 'jobComment' - If the job was updated, describes the reason for the update.
---
--- * 'jobDescription' - A short text description of the job.
---
--- * 'jobTargetSelection' - Specifies whether the job will continue to run (CONTINUOUS), or will be complete after all those things specified as targets have completed the job (SNAPSHOT). If continuous, the job may also be run on a thing when a change is detected in a target. For example, a job will run on a device when the thing representing the device is added to a target group, even after the job was completed by all things originally in the group.
-job
-    :: Job
-job =
-  Job'
-    { _jobStatus = Nothing
-    , _jobJobExecutionsRolloutConfig = Nothing
-    , _jobJobId = Nothing
-    , _jobLastUpdatedAt = Nothing
-    , _jobJobARN = Nothing
-    , _jobCreatedAt = Nothing
-    , _jobDocumentParameters = Nothing
-    , _jobJobProcessDetails = Nothing
-    , _jobPresignedURLConfig = Nothing
-    , _jobTargets = Nothing
-    , _jobCompletedAt = Nothing
-    , _jobComment = Nothing
-    , _jobDescription = Nothing
-    , _jobTargetSelection = Nothing
-    }
-
-
--- | The status of the job, one of @IN_PROGRESS@ , @CANCELED@ , or @COMPLETED@ .
-jobStatus :: Lens' Job (Maybe JobStatus)
-jobStatus = lens _jobStatus (\ s a -> s{_jobStatus = a})
-
--- | Allows you to create a staged rollout of a job.
-jobJobExecutionsRolloutConfig :: Lens' Job (Maybe JobExecutionsRolloutConfig)
-jobJobExecutionsRolloutConfig = lens _jobJobExecutionsRolloutConfig (\ s a -> s{_jobJobExecutionsRolloutConfig = a})
-
--- | The unique identifier you assigned to this job when it was created.
-jobJobId :: Lens' Job (Maybe Text)
-jobJobId = lens _jobJobId (\ s a -> s{_jobJobId = a})
-
--- | The time, in milliseconds since the epoch, when the job was last updated.
-jobLastUpdatedAt :: Lens' Job (Maybe UTCTime)
-jobLastUpdatedAt = lens _jobLastUpdatedAt (\ s a -> s{_jobLastUpdatedAt = a}) . mapping _Time
-
--- | An ARN identifying the job with format "arn:aws:iot:region:account:job/jobId".
-jobJobARN :: Lens' Job (Maybe Text)
-jobJobARN = lens _jobJobARN (\ s a -> s{_jobJobARN = a})
-
--- | The time, in milliseconds since the epoch, when the job was created.
-jobCreatedAt :: Lens' Job (Maybe UTCTime)
-jobCreatedAt = lens _jobCreatedAt (\ s a -> s{_jobCreatedAt = a}) . mapping _Time
-
--- | The parameters specified for the job document.
-jobDocumentParameters :: Lens' Job (HashMap Text Text)
-jobDocumentParameters = lens _jobDocumentParameters (\ s a -> s{_jobDocumentParameters = a}) . _Default . _Map
-
--- | Details about the job process.
-jobJobProcessDetails :: Lens' Job (Maybe JobProcessDetails)
-jobJobProcessDetails = lens _jobJobProcessDetails (\ s a -> s{_jobJobProcessDetails = a})
-
--- | Configuration for pre-signed S3 URLs.
-jobPresignedURLConfig :: Lens' Job (Maybe PresignedURLConfig)
-jobPresignedURLConfig = lens _jobPresignedURLConfig (\ s a -> s{_jobPresignedURLConfig = a})
-
--- | A list of IoT things and thing groups to which the job should be sent.
-jobTargets :: Lens' Job (Maybe (NonEmpty Text))
-jobTargets = lens _jobTargets (\ s a -> s{_jobTargets = a}) . mapping _List1
-
--- | The time, in milliseconds since the epoch, when the job was completed.
-jobCompletedAt :: Lens' Job (Maybe UTCTime)
-jobCompletedAt = lens _jobCompletedAt (\ s a -> s{_jobCompletedAt = a}) . mapping _Time
-
--- | If the job was updated, describes the reason for the update.
-jobComment :: Lens' Job (Maybe Text)
-jobComment = lens _jobComment (\ s a -> s{_jobComment = a})
-
--- | A short text description of the job.
-jobDescription :: Lens' Job (Maybe Text)
-jobDescription = lens _jobDescription (\ s a -> s{_jobDescription = a})
-
--- | Specifies whether the job will continue to run (CONTINUOUS), or will be complete after all those things specified as targets have completed the job (SNAPSHOT). If continuous, the job may also be run on a thing when a change is detected in a target. For example, a job will run on a device when the thing representing the device is added to a target group, even after the job was completed by all things originally in the group.
-jobTargetSelection :: Lens' Job (Maybe TargetSelection)
-jobTargetSelection = lens _jobTargetSelection (\ s a -> s{_jobTargetSelection = a})
-
-instance FromJSON Job where
-        parseJSON
-          = withObject "Job"
-              (\ x ->
-                 Job' <$>
-                   (x .:? "status") <*>
-                     (x .:? "jobExecutionsRolloutConfig")
-                     <*> (x .:? "jobId")
-                     <*> (x .:? "lastUpdatedAt")
-                     <*> (x .:? "jobArn")
-                     <*> (x .:? "createdAt")
-                     <*> (x .:? "documentParameters" .!= mempty)
-                     <*> (x .:? "jobProcessDetails")
-                     <*> (x .:? "presignedUrlConfig")
-                     <*> (x .:? "targets")
-                     <*> (x .:? "completedAt")
-                     <*> (x .:? "comment")
-                     <*> (x .:? "description")
-                     <*> (x .:? "targetSelection"))
-
-instance Hashable Job where
-
-instance NFData Job where
-
--- | The job execution object represents the execution of a job on a particular device.
---
---
---
--- /See:/ 'jobExecution' smart constructor.
-data JobExecution = JobExecution'
-  { _jeStatus          :: !(Maybe JobExecutionStatus)
-  , _jeJobId           :: !(Maybe Text)
-  , _jeLastUpdatedAt   :: !(Maybe POSIX)
-  , _jeQueuedAt        :: !(Maybe POSIX)
-  , _jeStatusDetails   :: !(Maybe JobExecutionStatusDetails)
-  , _jeThingARN        :: !(Maybe Text)
-  , _jeExecutionNumber :: !(Maybe Integer)
-  , _jeStartedAt       :: !(Maybe POSIX)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'JobExecution' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'jeStatus' - The status of the job execution (IN_PROGRESS, QUEUED, FAILED, SUCCESS, CANCELED, or REJECTED).
---
--- * 'jeJobId' - The unique identifier you assigned to the job when it was created.
---
--- * 'jeLastUpdatedAt' - The time, in milliseconds since the epoch, when the job execution was last updated.
---
--- * 'jeQueuedAt' - The time, in milliseconds since the epoch, when the job execution was queued.
---
--- * 'jeStatusDetails' - A collection of name/value pairs that describe the status of the job execution.
---
--- * 'jeThingARN' - The ARN of the thing on which the job execution is running.
---
--- * 'jeExecutionNumber' - A string (consisting of the digits "0" through "9") which identifies this particular job execution on this particular device. It can be used in commands which return or update job execution information.
---
--- * 'jeStartedAt' - The time, in milliseconds since the epoch, when the job execution started.
-jobExecution
-    :: JobExecution
-jobExecution =
-  JobExecution'
-    { _jeStatus = Nothing
-    , _jeJobId = Nothing
-    , _jeLastUpdatedAt = Nothing
-    , _jeQueuedAt = Nothing
-    , _jeStatusDetails = Nothing
-    , _jeThingARN = Nothing
-    , _jeExecutionNumber = Nothing
-    , _jeStartedAt = Nothing
-    }
-
-
--- | The status of the job execution (IN_PROGRESS, QUEUED, FAILED, SUCCESS, CANCELED, or REJECTED).
-jeStatus :: Lens' JobExecution (Maybe JobExecutionStatus)
-jeStatus = lens _jeStatus (\ s a -> s{_jeStatus = a})
-
--- | The unique identifier you assigned to the job when it was created.
-jeJobId :: Lens' JobExecution (Maybe Text)
-jeJobId = lens _jeJobId (\ s a -> s{_jeJobId = a})
-
--- | The time, in milliseconds since the epoch, when the job execution was last updated.
-jeLastUpdatedAt :: Lens' JobExecution (Maybe UTCTime)
-jeLastUpdatedAt = lens _jeLastUpdatedAt (\ s a -> s{_jeLastUpdatedAt = a}) . mapping _Time
-
--- | The time, in milliseconds since the epoch, when the job execution was queued.
-jeQueuedAt :: Lens' JobExecution (Maybe UTCTime)
-jeQueuedAt = lens _jeQueuedAt (\ s a -> s{_jeQueuedAt = a}) . mapping _Time
-
--- | A collection of name/value pairs that describe the status of the job execution.
-jeStatusDetails :: Lens' JobExecution (Maybe JobExecutionStatusDetails)
-jeStatusDetails = lens _jeStatusDetails (\ s a -> s{_jeStatusDetails = a})
-
--- | The ARN of the thing on which the job execution is running.
-jeThingARN :: Lens' JobExecution (Maybe Text)
-jeThingARN = lens _jeThingARN (\ s a -> s{_jeThingARN = a})
-
--- | A string (consisting of the digits "0" through "9") which identifies this particular job execution on this particular device. It can be used in commands which return or update job execution information.
-jeExecutionNumber :: Lens' JobExecution (Maybe Integer)
-jeExecutionNumber = lens _jeExecutionNumber (\ s a -> s{_jeExecutionNumber = a})
-
--- | The time, in milliseconds since the epoch, when the job execution started.
-jeStartedAt :: Lens' JobExecution (Maybe UTCTime)
-jeStartedAt = lens _jeStartedAt (\ s a -> s{_jeStartedAt = a}) . mapping _Time
-
-instance FromJSON JobExecution where
-        parseJSON
-          = withObject "JobExecution"
-              (\ x ->
-                 JobExecution' <$>
-                   (x .:? "status") <*> (x .:? "jobId") <*>
-                     (x .:? "lastUpdatedAt")
-                     <*> (x .:? "queuedAt")
-                     <*> (x .:? "statusDetails")
-                     <*> (x .:? "thingArn")
-                     <*> (x .:? "executionNumber")
-                     <*> (x .:? "startedAt"))
-
-instance Hashable JobExecution where
-
-instance NFData JobExecution where
-
--- | Details of the job execution status.
---
---
---
--- /See:/ 'jobExecutionStatusDetails' smart constructor.
-newtype JobExecutionStatusDetails = JobExecutionStatusDetails'
-  { _jesdDetailsMap :: Maybe (Map Text Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'JobExecutionStatusDetails' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'jesdDetailsMap' - The job execution status.
-jobExecutionStatusDetails
-    :: JobExecutionStatusDetails
-jobExecutionStatusDetails =
-  JobExecutionStatusDetails' {_jesdDetailsMap = Nothing}
-
-
--- | The job execution status.
-jesdDetailsMap :: Lens' JobExecutionStatusDetails (HashMap Text Text)
-jesdDetailsMap = lens _jesdDetailsMap (\ s a -> s{_jesdDetailsMap = a}) . _Default . _Map
-
-instance FromJSON JobExecutionStatusDetails where
-        parseJSON
-          = withObject "JobExecutionStatusDetails"
-              (\ x ->
-                 JobExecutionStatusDetails' <$>
-                   (x .:? "detailsMap" .!= mempty))
-
-instance Hashable JobExecutionStatusDetails where
-
-instance NFData JobExecutionStatusDetails where
-
--- | The job execution summary.
---
---
---
--- /See:/ 'jobExecutionSummary' smart constructor.
-data JobExecutionSummary = JobExecutionSummary'
-  { _jesStatus          :: !(Maybe JobExecutionStatus)
-  , _jesLastUpdatedAt   :: !(Maybe POSIX)
-  , _jesQueuedAt        :: !(Maybe POSIX)
-  , _jesExecutionNumber :: !(Maybe Integer)
-  , _jesStartedAt       :: !(Maybe POSIX)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'JobExecutionSummary' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'jesStatus' - The status of the job execution.
---
--- * 'jesLastUpdatedAt' - The time, in milliseconds since the epoch, when the job execution was last updated.
---
--- * 'jesQueuedAt' - The time, in milliseconds since the epoch, when the job execution was queued.
---
--- * 'jesExecutionNumber' - A string (consisting of the digits "0" through "9") which identifies this particular job execution on this particular device. It can be used later in commands which return or update job execution information.
---
--- * 'jesStartedAt' - The time, in milliseconds since the epoch, when the job execution started.
-jobExecutionSummary
-    :: JobExecutionSummary
-jobExecutionSummary =
-  JobExecutionSummary'
-    { _jesStatus = Nothing
-    , _jesLastUpdatedAt = Nothing
-    , _jesQueuedAt = Nothing
-    , _jesExecutionNumber = Nothing
-    , _jesStartedAt = Nothing
-    }
-
-
--- | The status of the job execution.
-jesStatus :: Lens' JobExecutionSummary (Maybe JobExecutionStatus)
-jesStatus = lens _jesStatus (\ s a -> s{_jesStatus = a})
-
--- | The time, in milliseconds since the epoch, when the job execution was last updated.
-jesLastUpdatedAt :: Lens' JobExecutionSummary (Maybe UTCTime)
-jesLastUpdatedAt = lens _jesLastUpdatedAt (\ s a -> s{_jesLastUpdatedAt = a}) . mapping _Time
-
--- | The time, in milliseconds since the epoch, when the job execution was queued.
-jesQueuedAt :: Lens' JobExecutionSummary (Maybe UTCTime)
-jesQueuedAt = lens _jesQueuedAt (\ s a -> s{_jesQueuedAt = a}) . mapping _Time
-
--- | A string (consisting of the digits "0" through "9") which identifies this particular job execution on this particular device. It can be used later in commands which return or update job execution information.
-jesExecutionNumber :: Lens' JobExecutionSummary (Maybe Integer)
-jesExecutionNumber = lens _jesExecutionNumber (\ s a -> s{_jesExecutionNumber = a})
-
--- | The time, in milliseconds since the epoch, when the job execution started.
-jesStartedAt :: Lens' JobExecutionSummary (Maybe UTCTime)
-jesStartedAt = lens _jesStartedAt (\ s a -> s{_jesStartedAt = a}) . mapping _Time
-
-instance FromJSON JobExecutionSummary where
-        parseJSON
-          = withObject "JobExecutionSummary"
-              (\ x ->
-                 JobExecutionSummary' <$>
-                   (x .:? "status") <*> (x .:? "lastUpdatedAt") <*>
-                     (x .:? "queuedAt")
-                     <*> (x .:? "executionNumber")
-                     <*> (x .:? "startedAt"))
-
-instance Hashable JobExecutionSummary where
-
-instance NFData JobExecutionSummary where
-
--- | Contains a summary of information about job executions for a specific job.
---
---
---
--- /See:/ 'jobExecutionSummaryForJob' smart constructor.
-data JobExecutionSummaryForJob = JobExecutionSummaryForJob'
-  { _jesfjJobExecutionSummary :: !(Maybe JobExecutionSummary)
-  , _jesfjThingARN            :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'JobExecutionSummaryForJob' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'jesfjJobExecutionSummary' - Contains a subset of information about a job execution.
---
--- * 'jesfjThingARN' - The ARN of the thing on which the job execution is running.
-jobExecutionSummaryForJob
-    :: JobExecutionSummaryForJob
-jobExecutionSummaryForJob =
-  JobExecutionSummaryForJob'
-    {_jesfjJobExecutionSummary = Nothing, _jesfjThingARN = Nothing}
-
-
--- | Contains a subset of information about a job execution.
-jesfjJobExecutionSummary :: Lens' JobExecutionSummaryForJob (Maybe JobExecutionSummary)
-jesfjJobExecutionSummary = lens _jesfjJobExecutionSummary (\ s a -> s{_jesfjJobExecutionSummary = a})
-
--- | The ARN of the thing on which the job execution is running.
-jesfjThingARN :: Lens' JobExecutionSummaryForJob (Maybe Text)
-jesfjThingARN = lens _jesfjThingARN (\ s a -> s{_jesfjThingARN = a})
-
-instance FromJSON JobExecutionSummaryForJob where
-        parseJSON
-          = withObject "JobExecutionSummaryForJob"
-              (\ x ->
-                 JobExecutionSummaryForJob' <$>
-                   (x .:? "jobExecutionSummary") <*> (x .:? "thingArn"))
-
-instance Hashable JobExecutionSummaryForJob where
-
-instance NFData JobExecutionSummaryForJob where
-
--- | The job execution summary for a thing.
---
---
---
--- /See:/ 'jobExecutionSummaryForThing' smart constructor.
-data JobExecutionSummaryForThing = JobExecutionSummaryForThing'
-  { _jesftJobId               :: !(Maybe Text)
-  , _jesftJobExecutionSummary :: !(Maybe JobExecutionSummary)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'JobExecutionSummaryForThing' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'jesftJobId' - The unique identifier you assigned to this job when it was created.
---
--- * 'jesftJobExecutionSummary' - Contains a subset of information about a job execution.
-jobExecutionSummaryForThing
-    :: JobExecutionSummaryForThing
-jobExecutionSummaryForThing =
-  JobExecutionSummaryForThing'
-    {_jesftJobId = Nothing, _jesftJobExecutionSummary = Nothing}
-
-
--- | The unique identifier you assigned to this job when it was created.
-jesftJobId :: Lens' JobExecutionSummaryForThing (Maybe Text)
-jesftJobId = lens _jesftJobId (\ s a -> s{_jesftJobId = a})
-
--- | Contains a subset of information about a job execution.
-jesftJobExecutionSummary :: Lens' JobExecutionSummaryForThing (Maybe JobExecutionSummary)
-jesftJobExecutionSummary = lens _jesftJobExecutionSummary (\ s a -> s{_jesftJobExecutionSummary = a})
-
-instance FromJSON JobExecutionSummaryForThing where
-        parseJSON
-          = withObject "JobExecutionSummaryForThing"
-              (\ x ->
-                 JobExecutionSummaryForThing' <$>
-                   (x .:? "jobId") <*> (x .:? "jobExecutionSummary"))
-
-instance Hashable JobExecutionSummaryForThing where
-
-instance NFData JobExecutionSummaryForThing where
-
--- | Allows you to create a staged rollout of a job.
---
---
---
--- /See:/ 'jobExecutionsRolloutConfig' smart constructor.
-newtype JobExecutionsRolloutConfig = JobExecutionsRolloutConfig'
-  { _jercMaximumPerMinute :: Maybe Nat
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'JobExecutionsRolloutConfig' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'jercMaximumPerMinute' - The maximum number of things that will be notified of a pending job, per minute. This parameter allows you to create a staged rollout.
-jobExecutionsRolloutConfig
-    :: JobExecutionsRolloutConfig
-jobExecutionsRolloutConfig =
-  JobExecutionsRolloutConfig' {_jercMaximumPerMinute = Nothing}
-
-
--- | The maximum number of things that will be notified of a pending job, per minute. This parameter allows you to create a staged rollout.
-jercMaximumPerMinute :: Lens' JobExecutionsRolloutConfig (Maybe Natural)
-jercMaximumPerMinute = lens _jercMaximumPerMinute (\ s a -> s{_jercMaximumPerMinute = a}) . mapping _Nat
-
-instance FromJSON JobExecutionsRolloutConfig where
-        parseJSON
-          = withObject "JobExecutionsRolloutConfig"
-              (\ x ->
-                 JobExecutionsRolloutConfig' <$>
-                   (x .:? "maximumPerMinute"))
-
-instance Hashable JobExecutionsRolloutConfig where
-
-instance NFData JobExecutionsRolloutConfig where
-
-instance ToJSON JobExecutionsRolloutConfig where
-        toJSON JobExecutionsRolloutConfig'{..}
-          = object
-              (catMaybes
-                 [("maximumPerMinute" .=) <$> _jercMaximumPerMinute])
-
--- | The job process details.
---
---
---
--- /See:/ 'jobProcessDetails' smart constructor.
-data JobProcessDetails = JobProcessDetails'
-  { _jpdNumberOfRemovedThings    :: !(Maybe Int)
-  , _jpdNumberOfQueuedThings     :: !(Maybe Int)
-  , _jpdNumberOfFailedThings     :: !(Maybe Int)
-  , _jpdNumberOfSucceededThings  :: !(Maybe Int)
-  , _jpdNumberOfInProgressThings :: !(Maybe Int)
-  , _jpdNumberOfCanceledThings   :: !(Maybe Int)
-  , _jpdNumberOfRejectedThings   :: !(Maybe Int)
-  , _jpdProcessingTargets        :: !(Maybe [Text])
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'JobProcessDetails' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'jpdNumberOfRemovedThings' - The number of things that are no longer scheduled to execute the job because they have been deleted or have been removed from the group that was a target of the job.
---
--- * 'jpdNumberOfQueuedThings' - The number of things that are awaiting execution of the job.
---
--- * 'jpdNumberOfFailedThings' - The number of things that failed executing the job.
---
--- * 'jpdNumberOfSucceededThings' - The number of things which successfully completed the job.
---
--- * 'jpdNumberOfInProgressThings' - The number of things currently executing the job.
---
--- * 'jpdNumberOfCanceledThings' - The number of things that cancelled the job.
---
--- * 'jpdNumberOfRejectedThings' - The number of things that rejected the job.
---
--- * 'jpdProcessingTargets' - The devices on which the job is executing.
-jobProcessDetails
-    :: JobProcessDetails
-jobProcessDetails =
-  JobProcessDetails'
-    { _jpdNumberOfRemovedThings = Nothing
-    , _jpdNumberOfQueuedThings = Nothing
-    , _jpdNumberOfFailedThings = Nothing
-    , _jpdNumberOfSucceededThings = Nothing
-    , _jpdNumberOfInProgressThings = Nothing
-    , _jpdNumberOfCanceledThings = Nothing
-    , _jpdNumberOfRejectedThings = Nothing
-    , _jpdProcessingTargets = Nothing
-    }
-
-
--- | The number of things that are no longer scheduled to execute the job because they have been deleted or have been removed from the group that was a target of the job.
-jpdNumberOfRemovedThings :: Lens' JobProcessDetails (Maybe Int)
-jpdNumberOfRemovedThings = lens _jpdNumberOfRemovedThings (\ s a -> s{_jpdNumberOfRemovedThings = a})
-
--- | The number of things that are awaiting execution of the job.
-jpdNumberOfQueuedThings :: Lens' JobProcessDetails (Maybe Int)
-jpdNumberOfQueuedThings = lens _jpdNumberOfQueuedThings (\ s a -> s{_jpdNumberOfQueuedThings = a})
-
--- | The number of things that failed executing the job.
-jpdNumberOfFailedThings :: Lens' JobProcessDetails (Maybe Int)
-jpdNumberOfFailedThings = lens _jpdNumberOfFailedThings (\ s a -> s{_jpdNumberOfFailedThings = a})
-
--- | The number of things which successfully completed the job.
-jpdNumberOfSucceededThings :: Lens' JobProcessDetails (Maybe Int)
-jpdNumberOfSucceededThings = lens _jpdNumberOfSucceededThings (\ s a -> s{_jpdNumberOfSucceededThings = a})
-
--- | The number of things currently executing the job.
-jpdNumberOfInProgressThings :: Lens' JobProcessDetails (Maybe Int)
-jpdNumberOfInProgressThings = lens _jpdNumberOfInProgressThings (\ s a -> s{_jpdNumberOfInProgressThings = a})
-
--- | The number of things that cancelled the job.
-jpdNumberOfCanceledThings :: Lens' JobProcessDetails (Maybe Int)
-jpdNumberOfCanceledThings = lens _jpdNumberOfCanceledThings (\ s a -> s{_jpdNumberOfCanceledThings = a})
-
--- | The number of things that rejected the job.
-jpdNumberOfRejectedThings :: Lens' JobProcessDetails (Maybe Int)
-jpdNumberOfRejectedThings = lens _jpdNumberOfRejectedThings (\ s a -> s{_jpdNumberOfRejectedThings = a})
-
--- | The devices on which the job is executing.
-jpdProcessingTargets :: Lens' JobProcessDetails [Text]
-jpdProcessingTargets = lens _jpdProcessingTargets (\ s a -> s{_jpdProcessingTargets = a}) . _Default . _Coerce
-
-instance FromJSON JobProcessDetails where
-        parseJSON
-          = withObject "JobProcessDetails"
-              (\ x ->
-                 JobProcessDetails' <$>
-                   (x .:? "numberOfRemovedThings") <*>
-                     (x .:? "numberOfQueuedThings")
-                     <*> (x .:? "numberOfFailedThings")
-                     <*> (x .:? "numberOfSucceededThings")
-                     <*> (x .:? "numberOfInProgressThings")
-                     <*> (x .:? "numberOfCanceledThings")
-                     <*> (x .:? "numberOfRejectedThings")
-                     <*> (x .:? "processingTargets" .!= mempty))
-
-instance Hashable JobProcessDetails where
-
-instance NFData JobProcessDetails where
-
--- | The job summary.
---
---
---
--- /See:/ 'jobSummary' smart constructor.
-data JobSummary = JobSummary'
-  { _jsStatus          :: !(Maybe JobStatus)
-  , _jsJobId           :: !(Maybe Text)
-  , _jsLastUpdatedAt   :: !(Maybe POSIX)
-  , _jsJobARN          :: !(Maybe Text)
-  , _jsCreatedAt       :: !(Maybe POSIX)
-  , _jsThingGroupId    :: !(Maybe Text)
-  , _jsCompletedAt     :: !(Maybe POSIX)
-  , _jsTargetSelection :: !(Maybe TargetSelection)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'JobSummary' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'jsStatus' - The job summary status.
---
--- * 'jsJobId' - The unique identifier you assigned to this job when it was created.
---
--- * 'jsLastUpdatedAt' - The time, in milliseconds since the epoch, when the job was last updated.
---
--- * 'jsJobARN' - The job ARN.
---
--- * 'jsCreatedAt' - The time, in milliseconds since the epoch, when the job was created.
---
--- * 'jsThingGroupId' - The ID of the thing group.
---
--- * 'jsCompletedAt' - The time, in milliseconds since the epoch, when the job completed.
---
--- * 'jsTargetSelection' - Specifies whether the job will continue to run (CONTINUOUS), or will be complete after all those things specified as targets have completed the job (SNAPSHOT). If continuous, the job may also be run on a thing when a change is detected in a target. For example, a job will run on a thing when the thing is added to a target group, even after the job was completed by all things originally in the group.
-jobSummary
-    :: JobSummary
-jobSummary =
-  JobSummary'
-    { _jsStatus = Nothing
-    , _jsJobId = Nothing
-    , _jsLastUpdatedAt = Nothing
-    , _jsJobARN = Nothing
-    , _jsCreatedAt = Nothing
-    , _jsThingGroupId = Nothing
-    , _jsCompletedAt = Nothing
-    , _jsTargetSelection = Nothing
-    }
-
-
--- | The job summary status.
-jsStatus :: Lens' JobSummary (Maybe JobStatus)
-jsStatus = lens _jsStatus (\ s a -> s{_jsStatus = a})
-
--- | The unique identifier you assigned to this job when it was created.
-jsJobId :: Lens' JobSummary (Maybe Text)
-jsJobId = lens _jsJobId (\ s a -> s{_jsJobId = a})
-
--- | The time, in milliseconds since the epoch, when the job was last updated.
-jsLastUpdatedAt :: Lens' JobSummary (Maybe UTCTime)
-jsLastUpdatedAt = lens _jsLastUpdatedAt (\ s a -> s{_jsLastUpdatedAt = a}) . mapping _Time
-
--- | The job ARN.
-jsJobARN :: Lens' JobSummary (Maybe Text)
-jsJobARN = lens _jsJobARN (\ s a -> s{_jsJobARN = a})
-
--- | The time, in milliseconds since the epoch, when the job was created.
-jsCreatedAt :: Lens' JobSummary (Maybe UTCTime)
-jsCreatedAt = lens _jsCreatedAt (\ s a -> s{_jsCreatedAt = a}) . mapping _Time
-
--- | The ID of the thing group.
-jsThingGroupId :: Lens' JobSummary (Maybe Text)
-jsThingGroupId = lens _jsThingGroupId (\ s a -> s{_jsThingGroupId = a})
-
--- | The time, in milliseconds since the epoch, when the job completed.
-jsCompletedAt :: Lens' JobSummary (Maybe UTCTime)
-jsCompletedAt = lens _jsCompletedAt (\ s a -> s{_jsCompletedAt = a}) . mapping _Time
-
--- | Specifies whether the job will continue to run (CONTINUOUS), or will be complete after all those things specified as targets have completed the job (SNAPSHOT). If continuous, the job may also be run on a thing when a change is detected in a target. For example, a job will run on a thing when the thing is added to a target group, even after the job was completed by all things originally in the group.
-jsTargetSelection :: Lens' JobSummary (Maybe TargetSelection)
-jsTargetSelection = lens _jsTargetSelection (\ s a -> s{_jsTargetSelection = a})
-
-instance FromJSON JobSummary where
-        parseJSON
-          = withObject "JobSummary"
-              (\ x ->
-                 JobSummary' <$>
-                   (x .:? "status") <*> (x .:? "jobId") <*>
-                     (x .:? "lastUpdatedAt")
-                     <*> (x .:? "jobArn")
-                     <*> (x .:? "createdAt")
-                     <*> (x .:? "thingGroupId")
-                     <*> (x .:? "completedAt")
-                     <*> (x .:? "targetSelection"))
-
-instance Hashable JobSummary where
-
-instance NFData JobSummary where
-
--- | Describes a key pair.
---
---
---
--- /See:/ 'keyPair' smart constructor.
-data KeyPair = KeyPair'
-  { _kpPrivateKey :: !(Maybe (Sensitive Text))
-  , _kpPublicKey  :: !(Maybe Text)
-  } deriving (Eq, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'KeyPair' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'kpPrivateKey' - The private key.
---
--- * 'kpPublicKey' - The public key.
-keyPair
-    :: KeyPair
-keyPair = KeyPair' {_kpPrivateKey = Nothing, _kpPublicKey = Nothing}
-
-
--- | The private key.
-kpPrivateKey :: Lens' KeyPair (Maybe Text)
-kpPrivateKey = lens _kpPrivateKey (\ s a -> s{_kpPrivateKey = a}) . mapping _Sensitive
-
--- | The public key.
-kpPublicKey :: Lens' KeyPair (Maybe Text)
-kpPublicKey = lens _kpPublicKey (\ s a -> s{_kpPublicKey = a})
-
-instance FromJSON KeyPair where
-        parseJSON
-          = withObject "KeyPair"
-              (\ x ->
-                 KeyPair' <$>
-                   (x .:? "PrivateKey") <*> (x .:? "PublicKey"))
-
-instance Hashable KeyPair where
-
-instance NFData KeyPair where
-
--- | Describes an action to write data to an Amazon Kinesis stream.
---
---
---
--- /See:/ 'kinesisAction' smart constructor.
-data KinesisAction = KinesisAction'
-  { _kaPartitionKey :: !(Maybe Text)
-  , _kaRoleARN      :: !Text
-  , _kaStreamName   :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'KinesisAction' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'kaPartitionKey' - The partition key.
---
--- * 'kaRoleARN' - The ARN of the IAM role that grants access to the Amazon Kinesis stream.
---
--- * 'kaStreamName' - The name of the Amazon Kinesis stream.
-kinesisAction
-    :: Text -- ^ 'kaRoleARN'
-    -> Text -- ^ 'kaStreamName'
-    -> KinesisAction
-kinesisAction pRoleARN_ pStreamName_ =
-  KinesisAction'
-    { _kaPartitionKey = Nothing
-    , _kaRoleARN = pRoleARN_
-    , _kaStreamName = pStreamName_
-    }
-
-
--- | The partition key.
-kaPartitionKey :: Lens' KinesisAction (Maybe Text)
-kaPartitionKey = lens _kaPartitionKey (\ s a -> s{_kaPartitionKey = a})
-
--- | The ARN of the IAM role that grants access to the Amazon Kinesis stream.
-kaRoleARN :: Lens' KinesisAction Text
-kaRoleARN = lens _kaRoleARN (\ s a -> s{_kaRoleARN = a})
-
--- | The name of the Amazon Kinesis stream.
-kaStreamName :: Lens' KinesisAction Text
-kaStreamName = lens _kaStreamName (\ s a -> s{_kaStreamName = a})
-
-instance FromJSON KinesisAction where
-        parseJSON
-          = withObject "KinesisAction"
-              (\ x ->
-                 KinesisAction' <$>
-                   (x .:? "partitionKey") <*> (x .: "roleArn") <*>
-                     (x .: "streamName"))
-
-instance Hashable KinesisAction where
-
-instance NFData KinesisAction where
-
-instance ToJSON KinesisAction where
-        toJSON KinesisAction'{..}
-          = object
-              (catMaybes
-                 [("partitionKey" .=) <$> _kaPartitionKey,
-                  Just ("roleArn" .= _kaRoleARN),
-                  Just ("streamName" .= _kaStreamName)])
-
--- | Describes an action to invoke a Lambda function.
---
---
---
--- /See:/ 'lambdaAction' smart constructor.
-newtype LambdaAction = LambdaAction'
-  { _laFunctionARN :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'LambdaAction' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'laFunctionARN' - The ARN of the Lambda function.
-lambdaAction
-    :: Text -- ^ 'laFunctionARN'
-    -> LambdaAction
-lambdaAction pFunctionARN_ = LambdaAction' {_laFunctionARN = pFunctionARN_}
-
-
--- | The ARN of the Lambda function.
-laFunctionARN :: Lens' LambdaAction Text
-laFunctionARN = lens _laFunctionARN (\ s a -> s{_laFunctionARN = a})
-
-instance FromJSON LambdaAction where
-        parseJSON
-          = withObject "LambdaAction"
-              (\ x -> LambdaAction' <$> (x .: "functionArn"))
-
-instance Hashable LambdaAction where
-
-instance NFData LambdaAction where
-
-instance ToJSON LambdaAction where
-        toJSON LambdaAction'{..}
-          = object
-              (catMaybes [Just ("functionArn" .= _laFunctionARN)])
-
--- | A log target.
---
---
---
--- /See:/ 'logTarget' smart constructor.
-data LogTarget = LogTarget'
-  { _ltTargetName :: !(Maybe Text)
-  , _ltTargetType :: !LogTargetType
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'LogTarget' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ltTargetName' - The target name.
---
--- * 'ltTargetType' - The target type.
-logTarget
-    :: LogTargetType -- ^ 'ltTargetType'
-    -> LogTarget
-logTarget pTargetType_ =
-  LogTarget' {_ltTargetName = Nothing, _ltTargetType = pTargetType_}
-
-
--- | The target name.
-ltTargetName :: Lens' LogTarget (Maybe Text)
-ltTargetName = lens _ltTargetName (\ s a -> s{_ltTargetName = a})
-
--- | The target type.
-ltTargetType :: Lens' LogTarget LogTargetType
-ltTargetType = lens _ltTargetType (\ s a -> s{_ltTargetType = a})
-
-instance FromJSON LogTarget where
-        parseJSON
-          = withObject "LogTarget"
-              (\ x ->
-                 LogTarget' <$>
-                   (x .:? "targetName") <*> (x .: "targetType"))
-
-instance Hashable LogTarget where
-
-instance NFData LogTarget where
-
-instance ToJSON LogTarget where
-        toJSON LogTarget'{..}
-          = object
-              (catMaybes
-                 [("targetName" .=) <$> _ltTargetName,
-                  Just ("targetType" .= _ltTargetType)])
-
--- | The target configuration.
---
---
---
--- /See:/ 'logTargetConfiguration' smart constructor.
-data LogTargetConfiguration = LogTargetConfiguration'
-  { _ltcLogLevel  :: !(Maybe LogLevel)
-  , _ltcLogTarget :: !(Maybe LogTarget)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'LogTargetConfiguration' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ltcLogLevel' - The logging level.
---
--- * 'ltcLogTarget' - A log target
-logTargetConfiguration
-    :: LogTargetConfiguration
-logTargetConfiguration =
-  LogTargetConfiguration' {_ltcLogLevel = Nothing, _ltcLogTarget = Nothing}
-
-
--- | The logging level.
-ltcLogLevel :: Lens' LogTargetConfiguration (Maybe LogLevel)
-ltcLogLevel = lens _ltcLogLevel (\ s a -> s{_ltcLogLevel = a})
-
--- | A log target
-ltcLogTarget :: Lens' LogTargetConfiguration (Maybe LogTarget)
-ltcLogTarget = lens _ltcLogTarget (\ s a -> s{_ltcLogTarget = a})
-
-instance FromJSON LogTargetConfiguration where
-        parseJSON
-          = withObject "LogTargetConfiguration"
-              (\ x ->
-                 LogTargetConfiguration' <$>
-                   (x .:? "logLevel") <*> (x .:? "logTarget"))
-
-instance Hashable LogTargetConfiguration where
-
-instance NFData LogTargetConfiguration where
-
--- | Describes the logging options payload.
---
---
---
--- /See:/ 'loggingOptionsPayload' smart constructor.
-data LoggingOptionsPayload = LoggingOptionsPayload'
-  { _lopLogLevel :: !(Maybe LogLevel)
-  , _lopRoleARN  :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'LoggingOptionsPayload' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'lopLogLevel' - The log level.
---
--- * 'lopRoleARN' - The ARN of the IAM role that grants access.
-loggingOptionsPayload
-    :: Text -- ^ 'lopRoleARN'
-    -> LoggingOptionsPayload
-loggingOptionsPayload pRoleARN_ =
-  LoggingOptionsPayload' {_lopLogLevel = Nothing, _lopRoleARN = pRoleARN_}
-
-
--- | The log level.
-lopLogLevel :: Lens' LoggingOptionsPayload (Maybe LogLevel)
-lopLogLevel = lens _lopLogLevel (\ s a -> s{_lopLogLevel = a})
-
--- | The ARN of the IAM role that grants access.
-lopRoleARN :: Lens' LoggingOptionsPayload Text
-lopRoleARN = lens _lopRoleARN (\ s a -> s{_lopRoleARN = a})
-
-instance Hashable LoggingOptionsPayload where
-
-instance NFData LoggingOptionsPayload where
-
-instance ToJSON LoggingOptionsPayload where
-        toJSON LoggingOptionsPayload'{..}
-          = object
-              (catMaybes
-                 [("logLevel" .=) <$> _lopLogLevel,
-                  Just ("roleArn" .= _lopRoleARN)])
-
--- | Describes a file to be associated with an OTA update.
---
---
---
--- /See:/ 'oTAUpdateFile' smart constructor.
-data OTAUpdateFile = OTAUpdateFile'
-  { _otaufFileVersion :: !(Maybe Text)
-  , _otaufAttributes  :: !(Maybe (Map Text Text))
-  , _otaufFileSource  :: !(Maybe Stream)
-  , _otaufCodeSigning :: !(Maybe CodeSigning)
-  , _otaufFileName    :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'OTAUpdateFile' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'otaufFileVersion' - The file version.
---
--- * 'otaufAttributes' - A list of name/attribute pairs.
---
--- * 'otaufFileSource' - The source of the file.
---
--- * 'otaufCodeSigning' - The code signing method of the file.
---
--- * 'otaufFileName' - The name of the file.
-oTAUpdateFile
-    :: OTAUpdateFile
-oTAUpdateFile =
-  OTAUpdateFile'
-    { _otaufFileVersion = Nothing
-    , _otaufAttributes = Nothing
-    , _otaufFileSource = Nothing
-    , _otaufCodeSigning = Nothing
-    , _otaufFileName = Nothing
-    }
-
-
--- | The file version.
-otaufFileVersion :: Lens' OTAUpdateFile (Maybe Text)
-otaufFileVersion = lens _otaufFileVersion (\ s a -> s{_otaufFileVersion = a})
-
--- | A list of name/attribute pairs.
-otaufAttributes :: Lens' OTAUpdateFile (HashMap Text Text)
-otaufAttributes = lens _otaufAttributes (\ s a -> s{_otaufAttributes = a}) . _Default . _Map
-
--- | The source of the file.
-otaufFileSource :: Lens' OTAUpdateFile (Maybe Stream)
-otaufFileSource = lens _otaufFileSource (\ s a -> s{_otaufFileSource = a})
-
--- | The code signing method of the file.
-otaufCodeSigning :: Lens' OTAUpdateFile (Maybe CodeSigning)
-otaufCodeSigning = lens _otaufCodeSigning (\ s a -> s{_otaufCodeSigning = a})
-
--- | The name of the file.
-otaufFileName :: Lens' OTAUpdateFile (Maybe Text)
-otaufFileName = lens _otaufFileName (\ s a -> s{_otaufFileName = a})
-
-instance FromJSON OTAUpdateFile where
-        parseJSON
-          = withObject "OTAUpdateFile"
-              (\ x ->
-                 OTAUpdateFile' <$>
-                   (x .:? "fileVersion") <*>
-                     (x .:? "attributes" .!= mempty)
-                     <*> (x .:? "fileSource")
-                     <*> (x .:? "codeSigning")
-                     <*> (x .:? "fileName"))
-
-instance Hashable OTAUpdateFile where
-
-instance NFData OTAUpdateFile where
-
-instance ToJSON OTAUpdateFile where
-        toJSON OTAUpdateFile'{..}
-          = object
-              (catMaybes
-                 [("fileVersion" .=) <$> _otaufFileVersion,
-                  ("attributes" .=) <$> _otaufAttributes,
-                  ("fileSource" .=) <$> _otaufFileSource,
-                  ("codeSigning" .=) <$> _otaufCodeSigning,
-                  ("fileName" .=) <$> _otaufFileName])
-
--- | Information about an OTA update.
---
---
---
--- /See:/ 'oTAUpdateInfo' smart constructor.
-data OTAUpdateInfo = OTAUpdateInfo'
-  { _otauiLastModifiedDate     :: !(Maybe POSIX)
-  , _otauiAwsIotJobId          :: !(Maybe Text)
-  , _otauiOtaUpdateFiles       :: !(Maybe (List1 OTAUpdateFile))
-  , _otauiOtaUpdateStatus      :: !(Maybe OTAUpdateStatus)
-  , _otauiTargets              :: !(Maybe (List1 Text))
-  , _otauiAwsIotJobARN         :: !(Maybe Text)
-  , _otauiCreationDate         :: !(Maybe POSIX)
-  , _otauiAdditionalParameters :: !(Maybe (Map Text Text))
-  , _otauiOtaUpdateId          :: !(Maybe Text)
-  , _otauiErrorInfo            :: !(Maybe ErrorInfo)
-  , _otauiOtaUpdateARN         :: !(Maybe Text)
-  , _otauiDescription          :: !(Maybe Text)
-  , _otauiTargetSelection      :: !(Maybe TargetSelection)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'OTAUpdateInfo' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'otauiLastModifiedDate' - The date when the OTA update was last updated.
---
--- * 'otauiAwsIotJobId' - The AWS IoT job ID associated with the OTA update.
---
--- * 'otauiOtaUpdateFiles' - A list of files associated with the OTA update.
---
--- * 'otauiOtaUpdateStatus' - The status of the OTA update.
---
--- * 'otauiTargets' - The targets of the OTA update.
---
--- * 'otauiAwsIotJobARN' - The AWS IoT job ARN associated with the OTA update.
---
--- * 'otauiCreationDate' - The date when the OTA update was created.
---
--- * 'otauiAdditionalParameters' - A collection of name/value pairs
---
--- * 'otauiOtaUpdateId' - The OTA update ID.
---
--- * 'otauiErrorInfo' - Error information associated with the OTA update.
---
--- * 'otauiOtaUpdateARN' - The OTA update ARN.
---
--- * 'otauiDescription' - A description of the OTA update.
---
--- * 'otauiTargetSelection' - Specifies whether the OTA update will continue to run (CONTINUOUS), or will be complete after all those things specified as targets have completed the OTA update (SNAPSHOT). If continuous, the OTA update may also be run on a thing when a change is detected in a target. For example, an OTA update will run on a thing when the thing is added to a target group, even after the OTA update was completed by all things originally in the group.
-oTAUpdateInfo
-    :: OTAUpdateInfo
-oTAUpdateInfo =
-  OTAUpdateInfo'
-    { _otauiLastModifiedDate = Nothing
-    , _otauiAwsIotJobId = Nothing
-    , _otauiOtaUpdateFiles = Nothing
-    , _otauiOtaUpdateStatus = Nothing
-    , _otauiTargets = Nothing
-    , _otauiAwsIotJobARN = Nothing
-    , _otauiCreationDate = Nothing
-    , _otauiAdditionalParameters = Nothing
-    , _otauiOtaUpdateId = Nothing
-    , _otauiErrorInfo = Nothing
-    , _otauiOtaUpdateARN = Nothing
-    , _otauiDescription = Nothing
-    , _otauiTargetSelection = Nothing
-    }
-
-
--- | The date when the OTA update was last updated.
-otauiLastModifiedDate :: Lens' OTAUpdateInfo (Maybe UTCTime)
-otauiLastModifiedDate = lens _otauiLastModifiedDate (\ s a -> s{_otauiLastModifiedDate = a}) . mapping _Time
-
--- | The AWS IoT job ID associated with the OTA update.
-otauiAwsIotJobId :: Lens' OTAUpdateInfo (Maybe Text)
-otauiAwsIotJobId = lens _otauiAwsIotJobId (\ s a -> s{_otauiAwsIotJobId = a})
-
--- | A list of files associated with the OTA update.
-otauiOtaUpdateFiles :: Lens' OTAUpdateInfo (Maybe (NonEmpty OTAUpdateFile))
-otauiOtaUpdateFiles = lens _otauiOtaUpdateFiles (\ s a -> s{_otauiOtaUpdateFiles = a}) . mapping _List1
-
--- | The status of the OTA update.
-otauiOtaUpdateStatus :: Lens' OTAUpdateInfo (Maybe OTAUpdateStatus)
-otauiOtaUpdateStatus = lens _otauiOtaUpdateStatus (\ s a -> s{_otauiOtaUpdateStatus = a})
-
--- | The targets of the OTA update.
-otauiTargets :: Lens' OTAUpdateInfo (Maybe (NonEmpty Text))
-otauiTargets = lens _otauiTargets (\ s a -> s{_otauiTargets = a}) . mapping _List1
-
--- | The AWS IoT job ARN associated with the OTA update.
-otauiAwsIotJobARN :: Lens' OTAUpdateInfo (Maybe Text)
-otauiAwsIotJobARN = lens _otauiAwsIotJobARN (\ s a -> s{_otauiAwsIotJobARN = a})
-
--- | The date when the OTA update was created.
-otauiCreationDate :: Lens' OTAUpdateInfo (Maybe UTCTime)
-otauiCreationDate = lens _otauiCreationDate (\ s a -> s{_otauiCreationDate = a}) . mapping _Time
-
--- | A collection of name/value pairs
-otauiAdditionalParameters :: Lens' OTAUpdateInfo (HashMap Text Text)
-otauiAdditionalParameters = lens _otauiAdditionalParameters (\ s a -> s{_otauiAdditionalParameters = a}) . _Default . _Map
-
--- | The OTA update ID.
-otauiOtaUpdateId :: Lens' OTAUpdateInfo (Maybe Text)
-otauiOtaUpdateId = lens _otauiOtaUpdateId (\ s a -> s{_otauiOtaUpdateId = a})
-
--- | Error information associated with the OTA update.
-otauiErrorInfo :: Lens' OTAUpdateInfo (Maybe ErrorInfo)
-otauiErrorInfo = lens _otauiErrorInfo (\ s a -> s{_otauiErrorInfo = a})
-
--- | The OTA update ARN.
-otauiOtaUpdateARN :: Lens' OTAUpdateInfo (Maybe Text)
-otauiOtaUpdateARN = lens _otauiOtaUpdateARN (\ s a -> s{_otauiOtaUpdateARN = a})
-
--- | A description of the OTA update.
-otauiDescription :: Lens' OTAUpdateInfo (Maybe Text)
-otauiDescription = lens _otauiDescription (\ s a -> s{_otauiDescription = a})
-
--- | Specifies whether the OTA update will continue to run (CONTINUOUS), or will be complete after all those things specified as targets have completed the OTA update (SNAPSHOT). If continuous, the OTA update may also be run on a thing when a change is detected in a target. For example, an OTA update will run on a thing when the thing is added to a target group, even after the OTA update was completed by all things originally in the group.
-otauiTargetSelection :: Lens' OTAUpdateInfo (Maybe TargetSelection)
-otauiTargetSelection = lens _otauiTargetSelection (\ s a -> s{_otauiTargetSelection = a})
-
-instance FromJSON OTAUpdateInfo where
-        parseJSON
-          = withObject "OTAUpdateInfo"
-              (\ x ->
-                 OTAUpdateInfo' <$>
-                   (x .:? "lastModifiedDate") <*> (x .:? "awsIotJobId")
-                     <*> (x .:? "otaUpdateFiles")
-                     <*> (x .:? "otaUpdateStatus")
-                     <*> (x .:? "targets")
-                     <*> (x .:? "awsIotJobArn")
-                     <*> (x .:? "creationDate")
-                     <*> (x .:? "additionalParameters" .!= mempty)
-                     <*> (x .:? "otaUpdateId")
-                     <*> (x .:? "errorInfo")
-                     <*> (x .:? "otaUpdateArn")
-                     <*> (x .:? "description")
-                     <*> (x .:? "targetSelection"))
-
-instance Hashable OTAUpdateInfo where
-
-instance NFData OTAUpdateInfo where
-
--- | An OTA update summary.
---
---
---
--- /See:/ 'oTAUpdateSummary' smart constructor.
-data OTAUpdateSummary = OTAUpdateSummary'
-  { _otausCreationDate :: !(Maybe POSIX)
-  , _otausOtaUpdateId  :: !(Maybe Text)
-  , _otausOtaUpdateARN :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'OTAUpdateSummary' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'otausCreationDate' - The date when the OTA update was created.
---
--- * 'otausOtaUpdateId' - The OTA update ID.
---
--- * 'otausOtaUpdateARN' - The OTA update ARN.
-oTAUpdateSummary
-    :: OTAUpdateSummary
-oTAUpdateSummary =
-  OTAUpdateSummary'
-    { _otausCreationDate = Nothing
-    , _otausOtaUpdateId = Nothing
-    , _otausOtaUpdateARN = Nothing
-    }
-
-
--- | The date when the OTA update was created.
-otausCreationDate :: Lens' OTAUpdateSummary (Maybe UTCTime)
-otausCreationDate = lens _otausCreationDate (\ s a -> s{_otausCreationDate = a}) . mapping _Time
-
--- | The OTA update ID.
-otausOtaUpdateId :: Lens' OTAUpdateSummary (Maybe Text)
-otausOtaUpdateId = lens _otausOtaUpdateId (\ s a -> s{_otausOtaUpdateId = a})
-
--- | The OTA update ARN.
-otausOtaUpdateARN :: Lens' OTAUpdateSummary (Maybe Text)
-otausOtaUpdateARN = lens _otausOtaUpdateARN (\ s a -> s{_otausOtaUpdateARN = a})
-
-instance FromJSON OTAUpdateSummary where
-        parseJSON
-          = withObject "OTAUpdateSummary"
-              (\ x ->
-                 OTAUpdateSummary' <$>
-                   (x .:? "creationDate") <*> (x .:? "otaUpdateId") <*>
-                     (x .:? "otaUpdateArn"))
-
-instance Hashable OTAUpdateSummary where
-
-instance NFData OTAUpdateSummary where
-
--- | A certificate that has been transferred but not yet accepted.
---
---
---
--- /See:/ 'outgoingCertificate' smart constructor.
-data OutgoingCertificate = OutgoingCertificate'
-  { _ocTransferDate    :: !(Maybe POSIX)
-  , _ocCertificateARN  :: !(Maybe Text)
-  , _ocCertificateId   :: !(Maybe Text)
-  , _ocTransferredTo   :: !(Maybe Text)
-  , _ocCreationDate    :: !(Maybe POSIX)
-  , _ocTransferMessage :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'OutgoingCertificate' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ocTransferDate' - The date the transfer was initiated.
---
--- * 'ocCertificateARN' - The certificate ARN.
---
--- * 'ocCertificateId' - The certificate ID.
---
--- * 'ocTransferredTo' - The AWS account to which the transfer was made.
---
--- * 'ocCreationDate' - The certificate creation date.
---
--- * 'ocTransferMessage' - The transfer message.
-outgoingCertificate
-    :: OutgoingCertificate
-outgoingCertificate =
-  OutgoingCertificate'
-    { _ocTransferDate = Nothing
-    , _ocCertificateARN = Nothing
-    , _ocCertificateId = Nothing
-    , _ocTransferredTo = Nothing
-    , _ocCreationDate = Nothing
-    , _ocTransferMessage = Nothing
-    }
-
-
--- | The date the transfer was initiated.
-ocTransferDate :: Lens' OutgoingCertificate (Maybe UTCTime)
-ocTransferDate = lens _ocTransferDate (\ s a -> s{_ocTransferDate = a}) . mapping _Time
-
--- | The certificate ARN.
-ocCertificateARN :: Lens' OutgoingCertificate (Maybe Text)
-ocCertificateARN = lens _ocCertificateARN (\ s a -> s{_ocCertificateARN = a})
-
--- | The certificate ID.
-ocCertificateId :: Lens' OutgoingCertificate (Maybe Text)
-ocCertificateId = lens _ocCertificateId (\ s a -> s{_ocCertificateId = a})
-
--- | The AWS account to which the transfer was made.
-ocTransferredTo :: Lens' OutgoingCertificate (Maybe Text)
-ocTransferredTo = lens _ocTransferredTo (\ s a -> s{_ocTransferredTo = a})
-
--- | The certificate creation date.
-ocCreationDate :: Lens' OutgoingCertificate (Maybe UTCTime)
-ocCreationDate = lens _ocCreationDate (\ s a -> s{_ocCreationDate = a}) . mapping _Time
-
--- | The transfer message.
-ocTransferMessage :: Lens' OutgoingCertificate (Maybe Text)
-ocTransferMessage = lens _ocTransferMessage (\ s a -> s{_ocTransferMessage = a})
-
-instance FromJSON OutgoingCertificate where
-        parseJSON
-          = withObject "OutgoingCertificate"
-              (\ x ->
-                 OutgoingCertificate' <$>
-                   (x .:? "transferDate") <*> (x .:? "certificateArn")
-                     <*> (x .:? "certificateId")
-                     <*> (x .:? "transferredTo")
-                     <*> (x .:? "creationDate")
-                     <*> (x .:? "transferMessage"))
-
-instance Hashable OutgoingCertificate where
-
-instance NFData OutgoingCertificate where
-
--- | Describes an AWS IoT policy.
---
---
---
--- /See:/ 'policy' smart constructor.
-data Policy = Policy'
-  { _pPolicyName :: !(Maybe Text)
-  , _pPolicyARN  :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'Policy' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'pPolicyName' - The policy name.
---
--- * 'pPolicyARN' - The policy ARN.
-policy
-    :: Policy
-policy = Policy' {_pPolicyName = Nothing, _pPolicyARN = Nothing}
-
-
--- | The policy name.
-pPolicyName :: Lens' Policy (Maybe Text)
-pPolicyName = lens _pPolicyName (\ s a -> s{_pPolicyName = a})
-
--- | The policy ARN.
-pPolicyARN :: Lens' Policy (Maybe Text)
-pPolicyARN = lens _pPolicyARN (\ s a -> s{_pPolicyARN = a})
-
-instance FromJSON Policy where
-        parseJSON
-          = withObject "Policy"
-              (\ x ->
-                 Policy' <$>
-                   (x .:? "policyName") <*> (x .:? "policyArn"))
-
-instance Hashable Policy where
-
-instance NFData Policy where
-
--- | Describes a policy version.
---
---
---
--- /See:/ 'policyVersion' smart constructor.
-data PolicyVersion = PolicyVersion'
-  { _pvVersionId        :: !(Maybe Text)
-  , _pvCreateDate       :: !(Maybe POSIX)
-  , _pvIsDefaultVersion :: !(Maybe Bool)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'PolicyVersion' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'pvVersionId' - The policy version ID.
---
--- * 'pvCreateDate' - The date and time the policy was created.
---
--- * 'pvIsDefaultVersion' - Specifies whether the policy version is the default.
-policyVersion
-    :: PolicyVersion
-policyVersion =
-  PolicyVersion'
-    { _pvVersionId = Nothing
-    , _pvCreateDate = Nothing
-    , _pvIsDefaultVersion = Nothing
-    }
-
-
--- | The policy version ID.
-pvVersionId :: Lens' PolicyVersion (Maybe Text)
-pvVersionId = lens _pvVersionId (\ s a -> s{_pvVersionId = a})
-
--- | The date and time the policy was created.
-pvCreateDate :: Lens' PolicyVersion (Maybe UTCTime)
-pvCreateDate = lens _pvCreateDate (\ s a -> s{_pvCreateDate = a}) . mapping _Time
-
--- | Specifies whether the policy version is the default.
-pvIsDefaultVersion :: Lens' PolicyVersion (Maybe Bool)
-pvIsDefaultVersion = lens _pvIsDefaultVersion (\ s a -> s{_pvIsDefaultVersion = a})
-
-instance FromJSON PolicyVersion where
-        parseJSON
-          = withObject "PolicyVersion"
-              (\ x ->
-                 PolicyVersion' <$>
-                   (x .:? "versionId") <*> (x .:? "createDate") <*>
-                     (x .:? "isDefaultVersion"))
-
-instance Hashable PolicyVersion where
-
-instance NFData PolicyVersion where
-
--- | Configuration for pre-signed S3 URLs.
---
---
---
--- /See:/ 'presignedURLConfig' smart constructor.
-data PresignedURLConfig = PresignedURLConfig'
-  { _pucExpiresInSec :: !(Maybe Nat)
-  , _pucRoleARN      :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'PresignedURLConfig' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'pucExpiresInSec' - How long (in seconds) pre-signed URLs are valid. Valid values are 60 - 3600, the default value is 3600 seconds. Pre-signed URLs are generated when Jobs receives an MQTT request for the job document.
---
--- * 'pucRoleARN' - The ARN of an IAM role that grants grants permission to download files from the S3 bucket where the job data/updates are stored. The role must also grant permission for IoT to download the files.
-presignedURLConfig
-    :: PresignedURLConfig
-presignedURLConfig =
-  PresignedURLConfig' {_pucExpiresInSec = Nothing, _pucRoleARN = Nothing}
-
-
--- | How long (in seconds) pre-signed URLs are valid. Valid values are 60 - 3600, the default value is 3600 seconds. Pre-signed URLs are generated when Jobs receives an MQTT request for the job document.
-pucExpiresInSec :: Lens' PresignedURLConfig (Maybe Natural)
-pucExpiresInSec = lens _pucExpiresInSec (\ s a -> s{_pucExpiresInSec = a}) . mapping _Nat
-
--- | The ARN of an IAM role that grants grants permission to download files from the S3 bucket where the job data/updates are stored. The role must also grant permission for IoT to download the files.
-pucRoleARN :: Lens' PresignedURLConfig (Maybe Text)
-pucRoleARN = lens _pucRoleARN (\ s a -> s{_pucRoleARN = a})
-
-instance FromJSON PresignedURLConfig where
-        parseJSON
-          = withObject "PresignedURLConfig"
-              (\ x ->
-                 PresignedURLConfig' <$>
-                   (x .:? "expiresInSec") <*> (x .:? "roleArn"))
-
-instance Hashable PresignedURLConfig where
-
-instance NFData PresignedURLConfig where
-
-instance ToJSON PresignedURLConfig where
-        toJSON PresignedURLConfig'{..}
-          = object
-              (catMaybes
-                 [("expiresInSec" .=) <$> _pucExpiresInSec,
-                  ("roleArn" .=) <$> _pucRoleARN])
-
--- | The input for the DynamoActionVS action that specifies the DynamoDB table to which the message data will be written.
---
---
---
--- /See:/ 'putItemInput' smart constructor.
-newtype PutItemInput = PutItemInput'
-  { _piiTableName :: Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'PutItemInput' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'piiTableName' - The table where the message data will be written
-putItemInput
-    :: Text -- ^ 'piiTableName'
-    -> PutItemInput
-putItemInput pTableName_ = PutItemInput' {_piiTableName = pTableName_}
-
-
--- | The table where the message data will be written
-piiTableName :: Lens' PutItemInput Text
-piiTableName = lens _piiTableName (\ s a -> s{_piiTableName = a})
-
-instance FromJSON PutItemInput where
-        parseJSON
-          = withObject "PutItemInput"
-              (\ x -> PutItemInput' <$> (x .: "tableName"))
-
-instance Hashable PutItemInput where
-
-instance NFData PutItemInput where
-
-instance ToJSON PutItemInput where
-        toJSON PutItemInput'{..}
-          = object
-              (catMaybes [Just ("tableName" .= _piiTableName)])
-
--- | The registration configuration.
---
---
---
--- /See:/ 'registrationConfig' smart constructor.
-data RegistrationConfig = RegistrationConfig'
-  { _rcTemplateBody :: !(Maybe Text)
-  , _rcRoleARN      :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'RegistrationConfig' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'rcTemplateBody' - The template body.
---
--- * 'rcRoleARN' - The ARN of the role.
-registrationConfig
-    :: RegistrationConfig
-registrationConfig =
-  RegistrationConfig' {_rcTemplateBody = Nothing, _rcRoleARN = Nothing}
-
-
--- | The template body.
-rcTemplateBody :: Lens' RegistrationConfig (Maybe Text)
-rcTemplateBody = lens _rcTemplateBody (\ s a -> s{_rcTemplateBody = a})
-
--- | The ARN of the role.
-rcRoleARN :: Lens' RegistrationConfig (Maybe Text)
-rcRoleARN = lens _rcRoleARN (\ s a -> s{_rcRoleARN = a})
-
-instance FromJSON RegistrationConfig where
-        parseJSON
-          = withObject "RegistrationConfig"
-              (\ x ->
-                 RegistrationConfig' <$>
-                   (x .:? "templateBody") <*> (x .:? "roleArn"))
-
-instance Hashable RegistrationConfig where
-
-instance NFData RegistrationConfig where
-
-instance ToJSON RegistrationConfig where
-        toJSON RegistrationConfig'{..}
-          = object
-              (catMaybes
-                 [("templateBody" .=) <$> _rcTemplateBody,
-                  ("roleArn" .=) <$> _rcRoleARN])
-
--- | Describes an action to republish to another topic.
---
---
---
--- /See:/ 'republishAction' smart constructor.
-data RepublishAction = RepublishAction'
-  { _raRoleARN :: !Text
-  , _raTopic   :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'RepublishAction' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'raRoleARN' - The ARN of the IAM role that grants access.
---
--- * 'raTopic' - The name of the MQTT topic.
-republishAction
-    :: Text -- ^ 'raRoleARN'
-    -> Text -- ^ 'raTopic'
-    -> RepublishAction
-republishAction pRoleARN_ pTopic_ =
-  RepublishAction' {_raRoleARN = pRoleARN_, _raTopic = pTopic_}
-
-
--- | The ARN of the IAM role that grants access.
-raRoleARN :: Lens' RepublishAction Text
-raRoleARN = lens _raRoleARN (\ s a -> s{_raRoleARN = a})
-
--- | The name of the MQTT topic.
-raTopic :: Lens' RepublishAction Text
-raTopic = lens _raTopic (\ s a -> s{_raTopic = a})
-
-instance FromJSON RepublishAction where
-        parseJSON
-          = withObject "RepublishAction"
-              (\ x ->
-                 RepublishAction' <$>
-                   (x .: "roleArn") <*> (x .: "topic"))
-
-instance Hashable RepublishAction where
-
-instance NFData RepublishAction where
-
-instance ToJSON RepublishAction where
-        toJSON RepublishAction'{..}
-          = object
-              (catMaybes
-                 [Just ("roleArn" .= _raRoleARN),
-                  Just ("topic" .= _raTopic)])
-
--- | Role alias description.
---
---
---
--- /See:/ 'roleAliasDescription' smart constructor.
-data RoleAliasDescription = RoleAliasDescription'
-  { _radRoleAliasARN              :: !(Maybe Text)
-  , _radLastModifiedDate          :: !(Maybe POSIX)
-  , _radRoleAlias                 :: !(Maybe Text)
-  , _radOwner                     :: !(Maybe Text)
-  , _radCreationDate              :: !(Maybe POSIX)
-  , _radCredentialDurationSeconds :: !(Maybe Nat)
-  , _radRoleARN                   :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'RoleAliasDescription' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'radRoleAliasARN' - The ARN of the role alias.
---
--- * 'radLastModifiedDate' - The UNIX timestamp of when the role alias was last modified.
---
--- * 'radRoleAlias' - The role alias.
---
--- * 'radOwner' - The role alias owner.
---
--- * 'radCreationDate' - The UNIX timestamp of when the role alias was created.
---
--- * 'radCredentialDurationSeconds' - The number of seconds for which the credential is valid.
---
--- * 'radRoleARN' - The role ARN.
-roleAliasDescription
-    :: RoleAliasDescription
-roleAliasDescription =
-  RoleAliasDescription'
-    { _radRoleAliasARN = Nothing
-    , _radLastModifiedDate = Nothing
-    , _radRoleAlias = Nothing
-    , _radOwner = Nothing
-    , _radCreationDate = Nothing
-    , _radCredentialDurationSeconds = Nothing
-    , _radRoleARN = Nothing
-    }
-
-
--- | The ARN of the role alias.
-radRoleAliasARN :: Lens' RoleAliasDescription (Maybe Text)
-radRoleAliasARN = lens _radRoleAliasARN (\ s a -> s{_radRoleAliasARN = a})
-
--- | The UNIX timestamp of when the role alias was last modified.
-radLastModifiedDate :: Lens' RoleAliasDescription (Maybe UTCTime)
-radLastModifiedDate = lens _radLastModifiedDate (\ s a -> s{_radLastModifiedDate = a}) . mapping _Time
-
--- | The role alias.
-radRoleAlias :: Lens' RoleAliasDescription (Maybe Text)
-radRoleAlias = lens _radRoleAlias (\ s a -> s{_radRoleAlias = a})
-
--- | The role alias owner.
-radOwner :: Lens' RoleAliasDescription (Maybe Text)
-radOwner = lens _radOwner (\ s a -> s{_radOwner = a})
-
--- | The UNIX timestamp of when the role alias was created.
-radCreationDate :: Lens' RoleAliasDescription (Maybe UTCTime)
-radCreationDate = lens _radCreationDate (\ s a -> s{_radCreationDate = a}) . mapping _Time
-
--- | The number of seconds for which the credential is valid.
-radCredentialDurationSeconds :: Lens' RoleAliasDescription (Maybe Natural)
-radCredentialDurationSeconds = lens _radCredentialDurationSeconds (\ s a -> s{_radCredentialDurationSeconds = a}) . mapping _Nat
-
--- | The role ARN.
-radRoleARN :: Lens' RoleAliasDescription (Maybe Text)
-radRoleARN = lens _radRoleARN (\ s a -> s{_radRoleARN = a})
-
-instance FromJSON RoleAliasDescription where
-        parseJSON
-          = withObject "RoleAliasDescription"
-              (\ x ->
-                 RoleAliasDescription' <$>
-                   (x .:? "roleAliasArn") <*> (x .:? "lastModifiedDate")
-                     <*> (x .:? "roleAlias")
-                     <*> (x .:? "owner")
-                     <*> (x .:? "creationDate")
-                     <*> (x .:? "credentialDurationSeconds")
-                     <*> (x .:? "roleArn"))
-
-instance Hashable RoleAliasDescription where
-
-instance NFData RoleAliasDescription where
-
--- | Describes an action to write data to an Amazon S3 bucket.
---
---
---
--- /See:/ 's3Action' smart constructor.
-data S3Action = S3Action'
-  { _sCannedACL  :: !(Maybe CannedAccessControlList)
-  , _sRoleARN    :: !Text
-  , _sBucketName :: !Text
-  , _sKey        :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'S3Action' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'sCannedACL' - The Amazon S3 canned ACL that controls access to the object identified by the object key. For more information, see <http://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl S3 canned ACLs> .
---
--- * 'sRoleARN' - The ARN of the IAM role that grants access.
---
--- * 'sBucketName' - The Amazon S3 bucket.
---
--- * 'sKey' - The object key.
-s3Action
-    :: Text -- ^ 'sRoleARN'
-    -> Text -- ^ 'sBucketName'
-    -> Text -- ^ 'sKey'
-    -> S3Action
-s3Action pRoleARN_ pBucketName_ pKey_ =
-  S3Action'
-    { _sCannedACL = Nothing
-    , _sRoleARN = pRoleARN_
-    , _sBucketName = pBucketName_
-    , _sKey = pKey_
-    }
-
-
--- | The Amazon S3 canned ACL that controls access to the object identified by the object key. For more information, see <http://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl S3 canned ACLs> .
-sCannedACL :: Lens' S3Action (Maybe CannedAccessControlList)
-sCannedACL = lens _sCannedACL (\ s a -> s{_sCannedACL = a})
-
--- | The ARN of the IAM role that grants access.
-sRoleARN :: Lens' S3Action Text
-sRoleARN = lens _sRoleARN (\ s a -> s{_sRoleARN = a})
-
--- | The Amazon S3 bucket.
-sBucketName :: Lens' S3Action Text
-sBucketName = lens _sBucketName (\ s a -> s{_sBucketName = a})
-
--- | The object key.
-sKey :: Lens' S3Action Text
-sKey = lens _sKey (\ s a -> s{_sKey = a})
-
-instance FromJSON S3Action where
-        parseJSON
-          = withObject "S3Action"
-              (\ x ->
-                 S3Action' <$>
-                   (x .:? "cannedAcl") <*> (x .: "roleArn") <*>
-                     (x .: "bucketName")
-                     <*> (x .: "key"))
-
-instance Hashable S3Action where
-
-instance NFData S3Action where
-
-instance ToJSON S3Action where
-        toJSON S3Action'{..}
-          = object
-              (catMaybes
-                 [("cannedAcl" .=) <$> _sCannedACL,
-                  Just ("roleArn" .= _sRoleARN),
-                  Just ("bucketName" .= _sBucketName),
-                  Just ("key" .= _sKey)])
-
--- | The location in S3 the contains the files to stream.
---
---
---
--- /See:/ 's3Location' smart constructor.
-data S3Location = S3Location'
-  { _slVersion :: !(Maybe Text)
-  , _slBucket  :: !Text
-  , _slKey     :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'S3Location' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'slVersion' - The file version.
---
--- * 'slBucket' - The S3 bucket that contains the file to stream.
---
--- * 'slKey' - The name of the file within the S3 bucket to stream.
-s3Location
-    :: Text -- ^ 'slBucket'
-    -> Text -- ^ 'slKey'
-    -> S3Location
-s3Location pBucket_ pKey_ =
-  S3Location' {_slVersion = Nothing, _slBucket = pBucket_, _slKey = pKey_}
-
-
--- | The file version.
-slVersion :: Lens' S3Location (Maybe Text)
-slVersion = lens _slVersion (\ s a -> s{_slVersion = a})
-
--- | The S3 bucket that contains the file to stream.
-slBucket :: Lens' S3Location Text
-slBucket = lens _slBucket (\ s a -> s{_slBucket = a})
-
--- | The name of the file within the S3 bucket to stream.
-slKey :: Lens' S3Location Text
-slKey = lens _slKey (\ s a -> s{_slKey = a})
-
-instance FromJSON S3Location where
-        parseJSON
-          = withObject "S3Location"
-              (\ x ->
-                 S3Location' <$>
-                   (x .:? "version") <*> (x .: "bucket") <*>
-                     (x .: "key"))
-
-instance Hashable S3Location where
-
-instance NFData S3Location where
-
-instance ToJSON S3Location where
-        toJSON S3Location'{..}
-          = object
-              (catMaybes
-                 [("version" .=) <$> _slVersion,
-                  Just ("bucket" .= _slBucket),
-                  Just ("key" .= _slKey)])
-
--- | Describes an action to publish to an Amazon SNS topic.
---
---
---
--- /See:/ 'snsAction' smart constructor.
-data SNSAction = SNSAction'
-  { _snsaMessageFormat :: !(Maybe MessageFormat)
-  , _snsaTargetARN     :: !Text
-  , _snsaRoleARN       :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'SNSAction' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'snsaMessageFormat' - The message format of the message to publish. Optional. Accepted values are "JSON" and "RAW". The default value of the attribute is "RAW". SNS uses this setting to determine if the payload should be parsed and relevant platform-specific bits of the payload should be extracted. To read more about SNS message formats, see <http://docs.aws.amazon.com/sns/latest/dg/json-formats.html http://docs.aws.amazon.com/sns/latest/dg/json-formats.html> refer to their official documentation.
---
--- * 'snsaTargetARN' - The ARN of the SNS topic.
---
--- * 'snsaRoleARN' - The ARN of the IAM role that grants access.
-snsAction
-    :: Text -- ^ 'snsaTargetARN'
-    -> Text -- ^ 'snsaRoleARN'
-    -> SNSAction
-snsAction pTargetARN_ pRoleARN_ =
-  SNSAction'
-    { _snsaMessageFormat = Nothing
-    , _snsaTargetARN = pTargetARN_
-    , _snsaRoleARN = pRoleARN_
-    }
-
-
--- | The message format of the message to publish. Optional. Accepted values are "JSON" and "RAW". The default value of the attribute is "RAW". SNS uses this setting to determine if the payload should be parsed and relevant platform-specific bits of the payload should be extracted. To read more about SNS message formats, see <http://docs.aws.amazon.com/sns/latest/dg/json-formats.html http://docs.aws.amazon.com/sns/latest/dg/json-formats.html> refer to their official documentation.
-snsaMessageFormat :: Lens' SNSAction (Maybe MessageFormat)
-snsaMessageFormat = lens _snsaMessageFormat (\ s a -> s{_snsaMessageFormat = a})
-
--- | The ARN of the SNS topic.
-snsaTargetARN :: Lens' SNSAction Text
-snsaTargetARN = lens _snsaTargetARN (\ s a -> s{_snsaTargetARN = a})
-
--- | The ARN of the IAM role that grants access.
-snsaRoleARN :: Lens' SNSAction Text
-snsaRoleARN = lens _snsaRoleARN (\ s a -> s{_snsaRoleARN = a})
-
-instance FromJSON SNSAction where
-        parseJSON
-          = withObject "SNSAction"
-              (\ x ->
-                 SNSAction' <$>
-                   (x .:? "messageFormat") <*> (x .: "targetArn") <*>
-                     (x .: "roleArn"))
-
-instance Hashable SNSAction where
-
-instance NFData SNSAction where
-
-instance ToJSON SNSAction where
-        toJSON SNSAction'{..}
-          = object
-              (catMaybes
-                 [("messageFormat" .=) <$> _snsaMessageFormat,
-                  Just ("targetArn" .= _snsaTargetARN),
-                  Just ("roleArn" .= _snsaRoleARN)])
-
--- | Describes an action to write a message to a Salesforce IoT Cloud Input Stream.
---
---
---
--- /See:/ 'salesforceAction' smart constructor.
-data SalesforceAction = SalesforceAction'
-  { _saToken :: !Text
-  , _saUrl   :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'SalesforceAction' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'saToken' - The token used to authenticate access to the Salesforce IoT Cloud Input Stream. The token is available from the Salesforce IoT Cloud platform after creation of the Input Stream.
---
--- * 'saUrl' - The URL exposed by the Salesforce IoT Cloud Input Stream. The URL is available from the Salesforce IoT Cloud platform after creation of the Input Stream.
-salesforceAction
-    :: Text -- ^ 'saToken'
-    -> Text -- ^ 'saUrl'
-    -> SalesforceAction
-salesforceAction pToken_ pUrl_ =
-  SalesforceAction' {_saToken = pToken_, _saUrl = pUrl_}
-
-
--- | The token used to authenticate access to the Salesforce IoT Cloud Input Stream. The token is available from the Salesforce IoT Cloud platform after creation of the Input Stream.
-saToken :: Lens' SalesforceAction Text
-saToken = lens _saToken (\ s a -> s{_saToken = a})
-
--- | The URL exposed by the Salesforce IoT Cloud Input Stream. The URL is available from the Salesforce IoT Cloud platform after creation of the Input Stream.
-saUrl :: Lens' SalesforceAction Text
-saUrl = lens _saUrl (\ s a -> s{_saUrl = a})
-
-instance FromJSON SalesforceAction where
-        parseJSON
-          = withObject "SalesforceAction"
-              (\ x ->
-                 SalesforceAction' <$>
-                   (x .: "token") <*> (x .: "url"))
-
-instance Hashable SalesforceAction where
-
-instance NFData SalesforceAction where
-
-instance ToJSON SalesforceAction where
-        toJSON SalesforceAction'{..}
-          = object
-              (catMaybes
-                 [Just ("token" .= _saToken), Just ("url" .= _saUrl)])
-
--- | Describes an action to publish data to an Amazon SQS queue.
---
---
---
--- /See:/ 'sqsAction' smart constructor.
-data SqsAction = SqsAction'
-  { _saUseBase64 :: !(Maybe Bool)
-  , _saRoleARN   :: !Text
-  , _saQueueURL  :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'SqsAction' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'saUseBase64' - Specifies whether to use Base64 encoding.
---
--- * 'saRoleARN' - The ARN of the IAM role that grants access.
---
--- * 'saQueueURL' - The URL of the Amazon SQS queue.
-sqsAction
-    :: Text -- ^ 'saRoleARN'
-    -> Text -- ^ 'saQueueURL'
-    -> SqsAction
-sqsAction pRoleARN_ pQueueURL_ =
-  SqsAction'
-    {_saUseBase64 = Nothing, _saRoleARN = pRoleARN_, _saQueueURL = pQueueURL_}
-
-
--- | Specifies whether to use Base64 encoding.
-saUseBase64 :: Lens' SqsAction (Maybe Bool)
-saUseBase64 = lens _saUseBase64 (\ s a -> s{_saUseBase64 = a})
-
--- | The ARN of the IAM role that grants access.
-saRoleARN :: Lens' SqsAction Text
-saRoleARN = lens _saRoleARN (\ s a -> s{_saRoleARN = a})
-
--- | The URL of the Amazon SQS queue.
-saQueueURL :: Lens' SqsAction Text
-saQueueURL = lens _saQueueURL (\ s a -> s{_saQueueURL = a})
-
-instance FromJSON SqsAction where
-        parseJSON
-          = withObject "SqsAction"
-              (\ x ->
-                 SqsAction' <$>
-                   (x .:? "useBase64") <*> (x .: "roleArn") <*>
-                     (x .: "queueUrl"))
-
-instance Hashable SqsAction where
-
-instance NFData SqsAction where
-
-instance ToJSON SqsAction where
-        toJSON SqsAction'{..}
-          = object
-              (catMaybes
-                 [("useBase64" .=) <$> _saUseBase64,
-                  Just ("roleArn" .= _saRoleARN),
-                  Just ("queueUrl" .= _saQueueURL)])
-
--- | Describes a group of files that can be streamed.
---
---
---
--- /See:/ 'stream' smart constructor.
-data Stream = Stream'
-  { _sFileId   :: !(Maybe Nat)
-  , _sStreamId :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'Stream' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'sFileId' - The ID of a file associated with a stream.
---
--- * 'sStreamId' - The stream ID.
-stream
-    :: Stream
-stream = Stream' {_sFileId = Nothing, _sStreamId = Nothing}
-
-
--- | The ID of a file associated with a stream.
-sFileId :: Lens' Stream (Maybe Natural)
-sFileId = lens _sFileId (\ s a -> s{_sFileId = a}) . mapping _Nat
-
--- | The stream ID.
-sStreamId :: Lens' Stream (Maybe Text)
-sStreamId = lens _sStreamId (\ s a -> s{_sStreamId = a})
-
-instance FromJSON Stream where
-        parseJSON
-          = withObject "Stream"
-              (\ x ->
-                 Stream' <$> (x .:? "fileId") <*> (x .:? "streamId"))
-
-instance Hashable Stream where
-
-instance NFData Stream where
-
-instance ToJSON Stream where
-        toJSON Stream'{..}
-          = object
-              (catMaybes
-                 [("fileId" .=) <$> _sFileId,
-                  ("streamId" .=) <$> _sStreamId])
-
--- | Represents a file to stream.
---
---
---
--- /See:/ 'streamFile' smart constructor.
-data StreamFile = StreamFile'
-  { _sfS3Location :: !(Maybe S3Location)
-  , _sfFileId     :: !(Maybe Nat)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'StreamFile' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'sfS3Location' - The location of the file in S3.
---
--- * 'sfFileId' - The file ID.
-streamFile
-    :: StreamFile
-streamFile = StreamFile' {_sfS3Location = Nothing, _sfFileId = Nothing}
-
-
--- | The location of the file in S3.
-sfS3Location :: Lens' StreamFile (Maybe S3Location)
-sfS3Location = lens _sfS3Location (\ s a -> s{_sfS3Location = a})
-
--- | The file ID.
-sfFileId :: Lens' StreamFile (Maybe Natural)
-sfFileId = lens _sfFileId (\ s a -> s{_sfFileId = a}) . mapping _Nat
-
-instance FromJSON StreamFile where
-        parseJSON
-          = withObject "StreamFile"
-              (\ x ->
-                 StreamFile' <$>
-                   (x .:? "s3Location") <*> (x .:? "fileId"))
-
-instance Hashable StreamFile where
-
-instance NFData StreamFile where
-
-instance ToJSON StreamFile where
-        toJSON StreamFile'{..}
-          = object
-              (catMaybes
-                 [("s3Location" .=) <$> _sfS3Location,
-                  ("fileId" .=) <$> _sfFileId])
-
--- | Information about a stream.
---
---
---
--- /See:/ 'streamInfo' smart constructor.
-data StreamInfo = StreamInfo'
-  { _siLastUpdatedAt :: !(Maybe POSIX)
-  , _siCreatedAt     :: !(Maybe POSIX)
-  , _siStreamVersion :: !(Maybe Nat)
-  , _siStreamARN     :: !(Maybe Text)
-  , _siFiles         :: !(Maybe (List1 StreamFile))
-  , _siDescription   :: !(Maybe Text)
-  , _siStreamId      :: !(Maybe Text)
-  , _siRoleARN       :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'StreamInfo' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'siLastUpdatedAt' - The date when the stream was last updated.
---
--- * 'siCreatedAt' - The date when the stream was created.
---
--- * 'siStreamVersion' - The stream version.
---
--- * 'siStreamARN' - The stream ARN.
---
--- * 'siFiles' - The files to stream.
---
--- * 'siDescription' - The description of the stream.
---
--- * 'siStreamId' - The stream ID.
---
--- * 'siRoleARN' - An IAM role AWS IoT assumes to access your S3 files.
-streamInfo
-    :: StreamInfo
-streamInfo =
-  StreamInfo'
-    { _siLastUpdatedAt = Nothing
-    , _siCreatedAt = Nothing
-    , _siStreamVersion = Nothing
-    , _siStreamARN = Nothing
-    , _siFiles = Nothing
-    , _siDescription = Nothing
-    , _siStreamId = Nothing
-    , _siRoleARN = Nothing
-    }
-
-
--- | The date when the stream was last updated.
-siLastUpdatedAt :: Lens' StreamInfo (Maybe UTCTime)
-siLastUpdatedAt = lens _siLastUpdatedAt (\ s a -> s{_siLastUpdatedAt = a}) . mapping _Time
-
--- | The date when the stream was created.
-siCreatedAt :: Lens' StreamInfo (Maybe UTCTime)
-siCreatedAt = lens _siCreatedAt (\ s a -> s{_siCreatedAt = a}) . mapping _Time
-
--- | The stream version.
-siStreamVersion :: Lens' StreamInfo (Maybe Natural)
-siStreamVersion = lens _siStreamVersion (\ s a -> s{_siStreamVersion = a}) . mapping _Nat
-
--- | The stream ARN.
-siStreamARN :: Lens' StreamInfo (Maybe Text)
-siStreamARN = lens _siStreamARN (\ s a -> s{_siStreamARN = a})
-
--- | The files to stream.
-siFiles :: Lens' StreamInfo (Maybe (NonEmpty StreamFile))
-siFiles = lens _siFiles (\ s a -> s{_siFiles = a}) . mapping _List1
-
--- | The description of the stream.
-siDescription :: Lens' StreamInfo (Maybe Text)
-siDescription = lens _siDescription (\ s a -> s{_siDescription = a})
-
--- | The stream ID.
-siStreamId :: Lens' StreamInfo (Maybe Text)
-siStreamId = lens _siStreamId (\ s a -> s{_siStreamId = a})
-
--- | An IAM role AWS IoT assumes to access your S3 files.
-siRoleARN :: Lens' StreamInfo (Maybe Text)
-siRoleARN = lens _siRoleARN (\ s a -> s{_siRoleARN = a})
-
-instance FromJSON StreamInfo where
-        parseJSON
-          = withObject "StreamInfo"
-              (\ x ->
-                 StreamInfo' <$>
-                   (x .:? "lastUpdatedAt") <*> (x .:? "createdAt") <*>
-                     (x .:? "streamVersion")
-                     <*> (x .:? "streamArn")
-                     <*> (x .:? "files")
-                     <*> (x .:? "description")
-                     <*> (x .:? "streamId")
-                     <*> (x .:? "roleArn"))
-
-instance Hashable StreamInfo where
-
-instance NFData StreamInfo where
-
--- | A summary of a stream.
---
---
---
--- /See:/ 'streamSummary' smart constructor.
-data StreamSummary = StreamSummary'
-  { _ssStreamVersion :: !(Maybe Nat)
-  , _ssStreamARN     :: !(Maybe Text)
-  , _ssDescription   :: !(Maybe Text)
-  , _ssStreamId      :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'StreamSummary' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ssStreamVersion' - The stream version.
---
--- * 'ssStreamARN' - The stream ARN.
---
--- * 'ssDescription' - A description of the stream.
---
--- * 'ssStreamId' - The stream ID.
-streamSummary
-    :: StreamSummary
-streamSummary =
-  StreamSummary'
-    { _ssStreamVersion = Nothing
-    , _ssStreamARN = Nothing
-    , _ssDescription = Nothing
-    , _ssStreamId = Nothing
-    }
-
-
--- | The stream version.
-ssStreamVersion :: Lens' StreamSummary (Maybe Natural)
-ssStreamVersion = lens _ssStreamVersion (\ s a -> s{_ssStreamVersion = a}) . mapping _Nat
-
--- | The stream ARN.
-ssStreamARN :: Lens' StreamSummary (Maybe Text)
-ssStreamARN = lens _ssStreamARN (\ s a -> s{_ssStreamARN = a})
-
--- | A description of the stream.
-ssDescription :: Lens' StreamSummary (Maybe Text)
-ssDescription = lens _ssDescription (\ s a -> s{_ssDescription = a})
-
--- | The stream ID.
-ssStreamId :: Lens' StreamSummary (Maybe Text)
-ssStreamId = lens _ssStreamId (\ s a -> s{_ssStreamId = a})
-
-instance FromJSON StreamSummary where
-        parseJSON
-          = withObject "StreamSummary"
-              (\ x ->
-                 StreamSummary' <$>
-                   (x .:? "streamVersion") <*> (x .:? "streamArn") <*>
-                     (x .:? "description")
-                     <*> (x .:? "streamId"))
-
-instance Hashable StreamSummary where
-
-instance NFData StreamSummary where
-
--- | The properties of the thing, including thing name, thing type name, and a list of thing attributes.
---
---
---
--- /See:/ 'thingAttribute' smart constructor.
-data ThingAttribute = ThingAttribute'
-  { _taThingTypeName :: !(Maybe Text)
-  , _taThingARN      :: !(Maybe Text)
-  , _taAttributes    :: !(Maybe (Map Text Text))
-  , _taVersion       :: !(Maybe Integer)
-  , _taThingName     :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ThingAttribute' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'taThingTypeName' - The name of the thing type, if the thing has been associated with a type.
---
--- * 'taThingARN' - The thing ARN.
---
--- * 'taAttributes' - A list of thing attributes which are name-value pairs.
---
--- * 'taVersion' - The version of the thing record in the registry.
---
--- * 'taThingName' - The name of the thing.
-thingAttribute
-    :: ThingAttribute
-thingAttribute =
-  ThingAttribute'
-    { _taThingTypeName = Nothing
-    , _taThingARN = Nothing
-    , _taAttributes = Nothing
-    , _taVersion = Nothing
-    , _taThingName = Nothing
-    }
-
-
--- | The name of the thing type, if the thing has been associated with a type.
-taThingTypeName :: Lens' ThingAttribute (Maybe Text)
-taThingTypeName = lens _taThingTypeName (\ s a -> s{_taThingTypeName = a})
-
--- | The thing ARN.
-taThingARN :: Lens' ThingAttribute (Maybe Text)
-taThingARN = lens _taThingARN (\ s a -> s{_taThingARN = a})
-
--- | A list of thing attributes which are name-value pairs.
-taAttributes :: Lens' ThingAttribute (HashMap Text Text)
-taAttributes = lens _taAttributes (\ s a -> s{_taAttributes = a}) . _Default . _Map
-
--- | The version of the thing record in the registry.
-taVersion :: Lens' ThingAttribute (Maybe Integer)
-taVersion = lens _taVersion (\ s a -> s{_taVersion = a})
-
--- | The name of the thing.
-taThingName :: Lens' ThingAttribute (Maybe Text)
-taThingName = lens _taThingName (\ s a -> s{_taThingName = a})
-
-instance FromJSON ThingAttribute where
-        parseJSON
-          = withObject "ThingAttribute"
-              (\ x ->
-                 ThingAttribute' <$>
-                   (x .:? "thingTypeName") <*> (x .:? "thingArn") <*>
-                     (x .:? "attributes" .!= mempty)
-                     <*> (x .:? "version")
-                     <*> (x .:? "thingName"))
-
-instance Hashable ThingAttribute where
-
-instance NFData ThingAttribute where
-
--- | The thing search index document.
---
---
---
--- /See:/ 'thingDocument' smart constructor.
-data ThingDocument = ThingDocument'
-  { _tdThingGroupNames :: !(Maybe [Text])
-  , _tdThingTypeName   :: !(Maybe Text)
-  , _tdShadow          :: !(Maybe Text)
-  , _tdAttributes      :: !(Maybe (Map Text Text))
-  , _tdThingName       :: !(Maybe Text)
-  , _tdThingId         :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ThingDocument' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'tdThingGroupNames' - Thing group names.
---
--- * 'tdThingTypeName' - The thing type name.
---
--- * 'tdShadow' - The shadow.
---
--- * 'tdAttributes' - The attributes.
---
--- * 'tdThingName' - The thing name.
---
--- * 'tdThingId' - The thing ID.
-thingDocument
-    :: ThingDocument
-thingDocument =
-  ThingDocument'
-    { _tdThingGroupNames = Nothing
-    , _tdThingTypeName = Nothing
-    , _tdShadow = Nothing
-    , _tdAttributes = Nothing
-    , _tdThingName = Nothing
-    , _tdThingId = Nothing
-    }
-
-
--- | Thing group names.
-tdThingGroupNames :: Lens' ThingDocument [Text]
-tdThingGroupNames = lens _tdThingGroupNames (\ s a -> s{_tdThingGroupNames = a}) . _Default . _Coerce
-
--- | The thing type name.
-tdThingTypeName :: Lens' ThingDocument (Maybe Text)
-tdThingTypeName = lens _tdThingTypeName (\ s a -> s{_tdThingTypeName = a})
-
--- | The shadow.
-tdShadow :: Lens' ThingDocument (Maybe Text)
-tdShadow = lens _tdShadow (\ s a -> s{_tdShadow = a})
-
--- | The attributes.
-tdAttributes :: Lens' ThingDocument (HashMap Text Text)
-tdAttributes = lens _tdAttributes (\ s a -> s{_tdAttributes = a}) . _Default . _Map
-
--- | The thing name.
-tdThingName :: Lens' ThingDocument (Maybe Text)
-tdThingName = lens _tdThingName (\ s a -> s{_tdThingName = a})
-
--- | The thing ID.
-tdThingId :: Lens' ThingDocument (Maybe Text)
-tdThingId = lens _tdThingId (\ s a -> s{_tdThingId = a})
-
-instance FromJSON ThingDocument where
-        parseJSON
-          = withObject "ThingDocument"
-              (\ x ->
-                 ThingDocument' <$>
-                   (x .:? "thingGroupNames" .!= mempty) <*>
-                     (x .:? "thingTypeName")
-                     <*> (x .:? "shadow")
-                     <*> (x .:? "attributes" .!= mempty)
-                     <*> (x .:? "thingName")
-                     <*> (x .:? "thingId"))
-
-instance Hashable ThingDocument where
-
-instance NFData ThingDocument where
-
--- | Thing group metadata.
---
---
---
--- /See:/ 'thingGroupMetadata' smart constructor.
-data ThingGroupMetadata = ThingGroupMetadata'
-  { _tgmRootToParentThingGroups :: !(Maybe [GroupNameAndARN])
-  , _tgmParentGroupName         :: !(Maybe Text)
-  , _tgmCreationDate            :: !(Maybe POSIX)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ThingGroupMetadata' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'tgmRootToParentThingGroups' - The root parent thing group.
---
--- * 'tgmParentGroupName' - The parent thing group name.
---
--- * 'tgmCreationDate' - The UNIX timestamp of when the thing group was created.
-thingGroupMetadata
-    :: ThingGroupMetadata
-thingGroupMetadata =
-  ThingGroupMetadata'
-    { _tgmRootToParentThingGroups = Nothing
-    , _tgmParentGroupName = Nothing
-    , _tgmCreationDate = Nothing
-    }
-
-
--- | The root parent thing group.
-tgmRootToParentThingGroups :: Lens' ThingGroupMetadata [GroupNameAndARN]
-tgmRootToParentThingGroups = lens _tgmRootToParentThingGroups (\ s a -> s{_tgmRootToParentThingGroups = a}) . _Default . _Coerce
-
--- | The parent thing group name.
-tgmParentGroupName :: Lens' ThingGroupMetadata (Maybe Text)
-tgmParentGroupName = lens _tgmParentGroupName (\ s a -> s{_tgmParentGroupName = a})
-
--- | The UNIX timestamp of when the thing group was created.
-tgmCreationDate :: Lens' ThingGroupMetadata (Maybe UTCTime)
-tgmCreationDate = lens _tgmCreationDate (\ s a -> s{_tgmCreationDate = a}) . mapping _Time
-
-instance FromJSON ThingGroupMetadata where
-        parseJSON
-          = withObject "ThingGroupMetadata"
-              (\ x ->
-                 ThingGroupMetadata' <$>
-                   (x .:? "rootToParentThingGroups" .!= mempty) <*>
-                     (x .:? "parentGroupName")
-                     <*> (x .:? "creationDate"))
-
-instance Hashable ThingGroupMetadata where
-
-instance NFData ThingGroupMetadata where
-
--- | Thing group properties.
---
---
---
--- /See:/ 'thingGroupProperties' smart constructor.
-data ThingGroupProperties = ThingGroupProperties'
-  { _tgpAttributePayload      :: !(Maybe AttributePayload)
-  , _tgpThingGroupDescription :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ThingGroupProperties' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'tgpAttributePayload' - The thing group attributes in JSON format.
---
--- * 'tgpThingGroupDescription' - The thing group description.
-thingGroupProperties
-    :: ThingGroupProperties
-thingGroupProperties =
-  ThingGroupProperties'
-    {_tgpAttributePayload = Nothing, _tgpThingGroupDescription = Nothing}
-
-
--- | The thing group attributes in JSON format.
-tgpAttributePayload :: Lens' ThingGroupProperties (Maybe AttributePayload)
-tgpAttributePayload = lens _tgpAttributePayload (\ s a -> s{_tgpAttributePayload = a})
-
--- | The thing group description.
-tgpThingGroupDescription :: Lens' ThingGroupProperties (Maybe Text)
-tgpThingGroupDescription = lens _tgpThingGroupDescription (\ s a -> s{_tgpThingGroupDescription = a})
-
-instance FromJSON ThingGroupProperties where
-        parseJSON
-          = withObject "ThingGroupProperties"
-              (\ x ->
-                 ThingGroupProperties' <$>
-                   (x .:? "attributePayload") <*>
-                     (x .:? "thingGroupDescription"))
-
-instance Hashable ThingGroupProperties where
-
-instance NFData ThingGroupProperties where
-
-instance ToJSON ThingGroupProperties where
-        toJSON ThingGroupProperties'{..}
-          = object
-              (catMaybes
-                 [("attributePayload" .=) <$> _tgpAttributePayload,
-                  ("thingGroupDescription" .=) <$>
-                    _tgpThingGroupDescription])
-
--- | Thing indexing configuration.
---
---
---
--- /See:/ 'thingIndexingConfiguration' smart constructor.
-newtype ThingIndexingConfiguration = ThingIndexingConfiguration'
-  { _ticThingIndexingMode :: Maybe ThingIndexingMode
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ThingIndexingConfiguration' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ticThingIndexingMode' - Thing indexing mode. Valid values are:      * REGISTRY – Your thing index will contain only registry data.     * REGISTRY_AND_SHADOW - Your thing index will contain registry and shadow data.     * OFF - Thing indexing is disabled.
-thingIndexingConfiguration
-    :: ThingIndexingConfiguration
-thingIndexingConfiguration =
-  ThingIndexingConfiguration' {_ticThingIndexingMode = Nothing}
-
-
--- | Thing indexing mode. Valid values are:      * REGISTRY – Your thing index will contain only registry data.     * REGISTRY_AND_SHADOW - Your thing index will contain registry and shadow data.     * OFF - Thing indexing is disabled.
-ticThingIndexingMode :: Lens' ThingIndexingConfiguration (Maybe ThingIndexingMode)
-ticThingIndexingMode = lens _ticThingIndexingMode (\ s a -> s{_ticThingIndexingMode = a})
-
-instance FromJSON ThingIndexingConfiguration where
-        parseJSON
-          = withObject "ThingIndexingConfiguration"
-              (\ x ->
-                 ThingIndexingConfiguration' <$>
-                   (x .:? "thingIndexingMode"))
-
-instance Hashable ThingIndexingConfiguration where
-
-instance NFData ThingIndexingConfiguration where
-
-instance ToJSON ThingIndexingConfiguration where
-        toJSON ThingIndexingConfiguration'{..}
-          = object
-              (catMaybes
-                 [("thingIndexingMode" .=) <$> _ticThingIndexingMode])
-
--- | The definition of the thing type, including thing type name and description.
---
---
---
--- /See:/ 'thingTypeDefinition' smart constructor.
-data ThingTypeDefinition = ThingTypeDefinition'
-  { _ttdThingTypeProperties :: !(Maybe ThingTypeProperties)
-  , _ttdThingTypeName       :: !(Maybe Text)
-  , _ttdThingTypeMetadata   :: !(Maybe ThingTypeMetadata)
-  , _ttdThingTypeARN        :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ThingTypeDefinition' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ttdThingTypeProperties' - The ThingTypeProperties for the thing type.
---
--- * 'ttdThingTypeName' - The name of the thing type.
---
--- * 'ttdThingTypeMetadata' - The ThingTypeMetadata contains additional information about the thing type including: creation date and time, a value indicating whether the thing type is deprecated, and a date and time when it was deprecated.
---
--- * 'ttdThingTypeARN' - The thing type ARN.
-thingTypeDefinition
-    :: ThingTypeDefinition
-thingTypeDefinition =
-  ThingTypeDefinition'
-    { _ttdThingTypeProperties = Nothing
-    , _ttdThingTypeName = Nothing
-    , _ttdThingTypeMetadata = Nothing
-    , _ttdThingTypeARN = Nothing
-    }
-
-
--- | The ThingTypeProperties for the thing type.
-ttdThingTypeProperties :: Lens' ThingTypeDefinition (Maybe ThingTypeProperties)
-ttdThingTypeProperties = lens _ttdThingTypeProperties (\ s a -> s{_ttdThingTypeProperties = a})
-
--- | The name of the thing type.
-ttdThingTypeName :: Lens' ThingTypeDefinition (Maybe Text)
-ttdThingTypeName = lens _ttdThingTypeName (\ s a -> s{_ttdThingTypeName = a})
-
--- | The ThingTypeMetadata contains additional information about the thing type including: creation date and time, a value indicating whether the thing type is deprecated, and a date and time when it was deprecated.
-ttdThingTypeMetadata :: Lens' ThingTypeDefinition (Maybe ThingTypeMetadata)
-ttdThingTypeMetadata = lens _ttdThingTypeMetadata (\ s a -> s{_ttdThingTypeMetadata = a})
-
--- | The thing type ARN.
-ttdThingTypeARN :: Lens' ThingTypeDefinition (Maybe Text)
-ttdThingTypeARN = lens _ttdThingTypeARN (\ s a -> s{_ttdThingTypeARN = a})
-
-instance FromJSON ThingTypeDefinition where
-        parseJSON
-          = withObject "ThingTypeDefinition"
-              (\ x ->
-                 ThingTypeDefinition' <$>
-                   (x .:? "thingTypeProperties") <*>
-                     (x .:? "thingTypeName")
-                     <*> (x .:? "thingTypeMetadata")
-                     <*> (x .:? "thingTypeArn"))
-
-instance Hashable ThingTypeDefinition where
-
-instance NFData ThingTypeDefinition where
-
--- | The ThingTypeMetadata contains additional information about the thing type including: creation date and time, a value indicating whether the thing type is deprecated, and a date and time when time was deprecated.
---
---
---
--- /See:/ 'thingTypeMetadata' smart constructor.
-data ThingTypeMetadata = ThingTypeMetadata'
-  { _ttmDeprecationDate :: !(Maybe POSIX)
-  , _ttmCreationDate    :: !(Maybe POSIX)
-  , _ttmDeprecated      :: !(Maybe Bool)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ThingTypeMetadata' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ttmDeprecationDate' - The date and time when the thing type was deprecated.
---
--- * 'ttmCreationDate' - The date and time when the thing type was created.
---
--- * 'ttmDeprecated' - Whether the thing type is deprecated. If __true__ , no new things could be associated with this type.
-thingTypeMetadata
-    :: ThingTypeMetadata
-thingTypeMetadata =
-  ThingTypeMetadata'
-    { _ttmDeprecationDate = Nothing
-    , _ttmCreationDate = Nothing
-    , _ttmDeprecated = Nothing
-    }
-
-
--- | The date and time when the thing type was deprecated.
-ttmDeprecationDate :: Lens' ThingTypeMetadata (Maybe UTCTime)
-ttmDeprecationDate = lens _ttmDeprecationDate (\ s a -> s{_ttmDeprecationDate = a}) . mapping _Time
-
--- | The date and time when the thing type was created.
-ttmCreationDate :: Lens' ThingTypeMetadata (Maybe UTCTime)
-ttmCreationDate = lens _ttmCreationDate (\ s a -> s{_ttmCreationDate = a}) . mapping _Time
-
--- | Whether the thing type is deprecated. If __true__ , no new things could be associated with this type.
-ttmDeprecated :: Lens' ThingTypeMetadata (Maybe Bool)
-ttmDeprecated = lens _ttmDeprecated (\ s a -> s{_ttmDeprecated = a})
-
-instance FromJSON ThingTypeMetadata where
-        parseJSON
-          = withObject "ThingTypeMetadata"
-              (\ x ->
-                 ThingTypeMetadata' <$>
-                   (x .:? "deprecationDate") <*> (x .:? "creationDate")
-                     <*> (x .:? "deprecated"))
-
-instance Hashable ThingTypeMetadata where
-
-instance NFData ThingTypeMetadata where
-
--- | The ThingTypeProperties contains information about the thing type including: a thing type description, and a list of searchable thing attribute names.
---
---
---
--- /See:/ 'thingTypeProperties' smart constructor.
-data ThingTypeProperties = ThingTypeProperties'
-  { _ttpSearchableAttributes :: !(Maybe [Text])
-  , _ttpThingTypeDescription :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'ThingTypeProperties' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ttpSearchableAttributes' - A list of searchable thing attribute names.
---
--- * 'ttpThingTypeDescription' - The description of the thing type.
-thingTypeProperties
-    :: ThingTypeProperties
-thingTypeProperties =
-  ThingTypeProperties'
-    {_ttpSearchableAttributes = Nothing, _ttpThingTypeDescription = Nothing}
-
-
--- | A list of searchable thing attribute names.
-ttpSearchableAttributes :: Lens' ThingTypeProperties [Text]
-ttpSearchableAttributes = lens _ttpSearchableAttributes (\ s a -> s{_ttpSearchableAttributes = a}) . _Default . _Coerce
-
--- | The description of the thing type.
-ttpThingTypeDescription :: Lens' ThingTypeProperties (Maybe Text)
-ttpThingTypeDescription = lens _ttpThingTypeDescription (\ s a -> s{_ttpThingTypeDescription = a})
-
-instance FromJSON ThingTypeProperties where
-        parseJSON
-          = withObject "ThingTypeProperties"
-              (\ x ->
-                 ThingTypeProperties' <$>
-                   (x .:? "searchableAttributes" .!= mempty) <*>
-                     (x .:? "thingTypeDescription"))
-
-instance Hashable ThingTypeProperties where
-
-instance NFData ThingTypeProperties where
-
-instance ToJSON ThingTypeProperties where
-        toJSON ThingTypeProperties'{..}
-          = object
-              (catMaybes
-                 [("searchableAttributes" .=) <$>
-                    _ttpSearchableAttributes,
-                  ("thingTypeDescription" .=) <$>
-                    _ttpThingTypeDescription])
-
--- | Describes a rule.
---
---
---
--- /See:/ 'topicRule' smart constructor.
-data TopicRule = TopicRule'
-  { _trCreatedAt        :: !(Maybe POSIX)
-  , _trActions          :: !(Maybe [Action])
-  , _trAwsIotSqlVersion :: !(Maybe Text)
-  , _trErrorAction      :: !(Maybe Action)
-  , _trRuleDisabled     :: !(Maybe Bool)
-  , _trRuleName         :: !(Maybe Text)
-  , _trSql              :: !(Maybe Text)
-  , _trDescription      :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'TopicRule' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'trCreatedAt' - The date and time the rule was created.
---
--- * 'trActions' - The actions associated with the rule.
---
--- * 'trAwsIotSqlVersion' - The version of the SQL rules engine to use when evaluating the rule.
---
--- * 'trErrorAction' - The action to perform when an error occurs.
---
--- * 'trRuleDisabled' - Specifies whether the rule is disabled.
---
--- * 'trRuleName' - The name of the rule.
---
--- * 'trSql' - The SQL statement used to query the topic. When using a SQL query with multiple lines, be sure to escape the newline characters.
---
--- * 'trDescription' - The description of the rule.
-topicRule
-    :: TopicRule
-topicRule =
-  TopicRule'
-    { _trCreatedAt = Nothing
-    , _trActions = Nothing
-    , _trAwsIotSqlVersion = Nothing
-    , _trErrorAction = Nothing
-    , _trRuleDisabled = Nothing
-    , _trRuleName = Nothing
-    , _trSql = Nothing
-    , _trDescription = Nothing
-    }
-
-
--- | The date and time the rule was created.
-trCreatedAt :: Lens' TopicRule (Maybe UTCTime)
-trCreatedAt = lens _trCreatedAt (\ s a -> s{_trCreatedAt = a}) . mapping _Time
-
--- | The actions associated with the rule.
-trActions :: Lens' TopicRule [Action]
-trActions = lens _trActions (\ s a -> s{_trActions = a}) . _Default . _Coerce
-
--- | The version of the SQL rules engine to use when evaluating the rule.
-trAwsIotSqlVersion :: Lens' TopicRule (Maybe Text)
-trAwsIotSqlVersion = lens _trAwsIotSqlVersion (\ s a -> s{_trAwsIotSqlVersion = a})
-
--- | The action to perform when an error occurs.
-trErrorAction :: Lens' TopicRule (Maybe Action)
-trErrorAction = lens _trErrorAction (\ s a -> s{_trErrorAction = a})
-
--- | Specifies whether the rule is disabled.
-trRuleDisabled :: Lens' TopicRule (Maybe Bool)
-trRuleDisabled = lens _trRuleDisabled (\ s a -> s{_trRuleDisabled = a})
-
--- | The name of the rule.
-trRuleName :: Lens' TopicRule (Maybe Text)
-trRuleName = lens _trRuleName (\ s a -> s{_trRuleName = a})
-
--- | The SQL statement used to query the topic. When using a SQL query with multiple lines, be sure to escape the newline characters.
-trSql :: Lens' TopicRule (Maybe Text)
-trSql = lens _trSql (\ s a -> s{_trSql = a})
-
--- | The description of the rule.
-trDescription :: Lens' TopicRule (Maybe Text)
-trDescription = lens _trDescription (\ s a -> s{_trDescription = a})
-
-instance FromJSON TopicRule where
-        parseJSON
-          = withObject "TopicRule"
-              (\ x ->
-                 TopicRule' <$>
-                   (x .:? "createdAt") <*> (x .:? "actions" .!= mempty)
-                     <*> (x .:? "awsIotSqlVersion")
-                     <*> (x .:? "errorAction")
-                     <*> (x .:? "ruleDisabled")
-                     <*> (x .:? "ruleName")
-                     <*> (x .:? "sql")
-                     <*> (x .:? "description"))
-
-instance Hashable TopicRule where
-
-instance NFData TopicRule where
-
--- | Describes a rule.
---
---
---
--- /See:/ 'topicRuleListItem' smart constructor.
-data TopicRuleListItem = TopicRuleListItem'
-  { _trliCreatedAt    :: !(Maybe POSIX)
-  , _trliRuleDisabled :: !(Maybe Bool)
-  , _trliRuleName     :: !(Maybe Text)
-  , _trliRuleARN      :: !(Maybe Text)
-  , _trliTopicPattern :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'TopicRuleListItem' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'trliCreatedAt' - The date and time the rule was created.
---
--- * 'trliRuleDisabled' - Specifies whether the rule is disabled.
---
--- * 'trliRuleName' - The name of the rule.
---
--- * 'trliRuleARN' - The rule ARN.
---
--- * 'trliTopicPattern' - The pattern for the topic names that apply.
-topicRuleListItem
-    :: TopicRuleListItem
-topicRuleListItem =
-  TopicRuleListItem'
-    { _trliCreatedAt = Nothing
-    , _trliRuleDisabled = Nothing
-    , _trliRuleName = Nothing
-    , _trliRuleARN = Nothing
-    , _trliTopicPattern = Nothing
-    }
-
-
--- | The date and time the rule was created.
-trliCreatedAt :: Lens' TopicRuleListItem (Maybe UTCTime)
-trliCreatedAt = lens _trliCreatedAt (\ s a -> s{_trliCreatedAt = a}) . mapping _Time
-
--- | Specifies whether the rule is disabled.
-trliRuleDisabled :: Lens' TopicRuleListItem (Maybe Bool)
-trliRuleDisabled = lens _trliRuleDisabled (\ s a -> s{_trliRuleDisabled = a})
-
--- | The name of the rule.
-trliRuleName :: Lens' TopicRuleListItem (Maybe Text)
-trliRuleName = lens _trliRuleName (\ s a -> s{_trliRuleName = a})
-
--- | The rule ARN.
-trliRuleARN :: Lens' TopicRuleListItem (Maybe Text)
-trliRuleARN = lens _trliRuleARN (\ s a -> s{_trliRuleARN = a})
-
--- | The pattern for the topic names that apply.
-trliTopicPattern :: Lens' TopicRuleListItem (Maybe Text)
-trliTopicPattern = lens _trliTopicPattern (\ s a -> s{_trliTopicPattern = a})
-
-instance FromJSON TopicRuleListItem where
-        parseJSON
-          = withObject "TopicRuleListItem"
-              (\ x ->
-                 TopicRuleListItem' <$>
-                   (x .:? "createdAt") <*> (x .:? "ruleDisabled") <*>
-                     (x .:? "ruleName")
-                     <*> (x .:? "ruleArn")
-                     <*> (x .:? "topicPattern"))
-
-instance Hashable TopicRuleListItem where
-
-instance NFData TopicRuleListItem where
-
--- | Describes a rule.
---
---
---
--- /See:/ 'topicRulePayload' smart constructor.
-data TopicRulePayload = TopicRulePayload'
-  { _trpAwsIotSqlVersion :: !(Maybe Text)
-  , _trpErrorAction      :: !(Maybe Action)
-  , _trpRuleDisabled     :: !(Maybe Bool)
-  , _trpDescription      :: !(Maybe Text)
-  , _trpSql              :: !Text
-  , _trpActions          :: ![Action]
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'TopicRulePayload' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'trpAwsIotSqlVersion' - The version of the SQL rules engine to use when evaluating the rule.
---
--- * 'trpErrorAction' - The action to take when an error occurs.
---
--- * 'trpRuleDisabled' - Specifies whether the rule is disabled.
---
--- * 'trpDescription' - The description of the rule.
---
--- * 'trpSql' - The SQL statement used to query the topic. For more information, see <http://docs.aws.amazon.com/iot/latest/developerguide/iot-rules.html#aws-iot-sql-reference AWS IoT SQL Reference> in the /AWS IoT Developer Guide/ .
---
--- * 'trpActions' - The actions associated with the rule.
-topicRulePayload
-    :: Text -- ^ 'trpSql'
-    -> TopicRulePayload
-topicRulePayload pSql_ =
-  TopicRulePayload'
-    { _trpAwsIotSqlVersion = Nothing
-    , _trpErrorAction = Nothing
-    , _trpRuleDisabled = Nothing
-    , _trpDescription = Nothing
-    , _trpSql = pSql_
-    , _trpActions = mempty
-    }
-
-
--- | The version of the SQL rules engine to use when evaluating the rule.
-trpAwsIotSqlVersion :: Lens' TopicRulePayload (Maybe Text)
-trpAwsIotSqlVersion = lens _trpAwsIotSqlVersion (\ s a -> s{_trpAwsIotSqlVersion = a})
-
--- | The action to take when an error occurs.
-trpErrorAction :: Lens' TopicRulePayload (Maybe Action)
-trpErrorAction = lens _trpErrorAction (\ s a -> s{_trpErrorAction = a})
-
--- | Specifies whether the rule is disabled.
-trpRuleDisabled :: Lens' TopicRulePayload (Maybe Bool)
-trpRuleDisabled = lens _trpRuleDisabled (\ s a -> s{_trpRuleDisabled = a})
-
--- | The description of the rule.
-trpDescription :: Lens' TopicRulePayload (Maybe Text)
-trpDescription = lens _trpDescription (\ s a -> s{_trpDescription = a})
-
--- | The SQL statement used to query the topic. For more information, see <http://docs.aws.amazon.com/iot/latest/developerguide/iot-rules.html#aws-iot-sql-reference AWS IoT SQL Reference> in the /AWS IoT Developer Guide/ .
-trpSql :: Lens' TopicRulePayload Text
-trpSql = lens _trpSql (\ s a -> s{_trpSql = a})
-
--- | The actions associated with the rule.
-trpActions :: Lens' TopicRulePayload [Action]
-trpActions = lens _trpActions (\ s a -> s{_trpActions = a}) . _Coerce
-
-instance Hashable TopicRulePayload where
-
-instance NFData TopicRulePayload where
-
-instance ToJSON TopicRulePayload where
-        toJSON TopicRulePayload'{..}
-          = object
-              (catMaybes
-                 [("awsIotSqlVersion" .=) <$> _trpAwsIotSqlVersion,
-                  ("errorAction" .=) <$> _trpErrorAction,
-                  ("ruleDisabled" .=) <$> _trpRuleDisabled,
-                  ("description" .=) <$> _trpDescription,
-                  Just ("sql" .= _trpSql),
-                  Just ("actions" .= _trpActions)])
-
--- | Data used to transfer a certificate to an AWS account.
---
---
---
--- /See:/ 'transferData' smart constructor.
-data TransferData = TransferData'
-  { _tdTransferDate    :: !(Maybe POSIX)
-  , _tdAcceptDate      :: !(Maybe POSIX)
-  , _tdTransferMessage :: !(Maybe Text)
-  , _tdRejectDate      :: !(Maybe POSIX)
-  , _tdRejectReason    :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'TransferData' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'tdTransferDate' - The date the transfer took place.
---
--- * 'tdAcceptDate' - The date the transfer was accepted.
---
--- * 'tdTransferMessage' - The transfer message.
---
--- * 'tdRejectDate' - The date the transfer was rejected.
---
--- * 'tdRejectReason' - The reason why the transfer was rejected.
-transferData
-    :: TransferData
-transferData =
-  TransferData'
-    { _tdTransferDate = Nothing
-    , _tdAcceptDate = Nothing
-    , _tdTransferMessage = Nothing
-    , _tdRejectDate = Nothing
-    , _tdRejectReason = Nothing
-    }
-
-
--- | The date the transfer took place.
-tdTransferDate :: Lens' TransferData (Maybe UTCTime)
-tdTransferDate = lens _tdTransferDate (\ s a -> s{_tdTransferDate = a}) . mapping _Time
-
--- | The date the transfer was accepted.
-tdAcceptDate :: Lens' TransferData (Maybe UTCTime)
-tdAcceptDate = lens _tdAcceptDate (\ s a -> s{_tdAcceptDate = a}) . mapping _Time
-
--- | The transfer message.
-tdTransferMessage :: Lens' TransferData (Maybe Text)
-tdTransferMessage = lens _tdTransferMessage (\ s a -> s{_tdTransferMessage = a})
-
--- | The date the transfer was rejected.
-tdRejectDate :: Lens' TransferData (Maybe UTCTime)
-tdRejectDate = lens _tdRejectDate (\ s a -> s{_tdRejectDate = a}) . mapping _Time
-
--- | The reason why the transfer was rejected.
-tdRejectReason :: Lens' TransferData (Maybe Text)
-tdRejectReason = lens _tdRejectReason (\ s a -> s{_tdRejectReason = a})
-
-instance FromJSON TransferData where
-        parseJSON
-          = withObject "TransferData"
-              (\ x ->
-                 TransferData' <$>
-                   (x .:? "transferDate") <*> (x .:? "acceptDate") <*>
-                     (x .:? "transferMessage")
-                     <*> (x .:? "rejectDate")
-                     <*> (x .:? "rejectReason"))
-
-instance Hashable TransferData where
-
-instance NFData TransferData where
diff --git a/gen/Network/AWS/IoT/Types/Sum.hs b/gen/Network/AWS/IoT/Types/Sum.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/Types/Sum.hs
+++ /dev/null
@@ -1,719 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE LambdaCase         #-}
-{-# LANGUAGE OverloadedStrings  #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.Types.Sum
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
-module Network.AWS.IoT.Types.Sum where
-
-import Network.AWS.Prelude
-
-data ActionType
-  = Connect
-  | Publish
-  | Receive
-  | Subscribe
-  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)
-
-
-instance FromText ActionType where
-    parser = takeLowerText >>= \case
-        "connect" -> pure Connect
-        "publish" -> pure Publish
-        "receive" -> pure Receive
-        "subscribe" -> pure Subscribe
-        e -> fromTextError $ "Failure parsing ActionType from value: '" <> e
-           <> "'. Accepted values: connect, publish, receive, subscribe"
-
-instance ToText ActionType where
-    toText = \case
-        Connect -> "CONNECT"
-        Publish -> "PUBLISH"
-        Receive -> "RECEIVE"
-        Subscribe -> "SUBSCRIBE"
-
-instance Hashable     ActionType
-instance NFData       ActionType
-instance ToByteString ActionType
-instance ToQuery      ActionType
-instance ToHeader     ActionType
-
-instance ToJSON ActionType where
-    toJSON = toJSONText
-
-instance FromJSON ActionType where
-    parseJSON = parseJSONText "ActionType"
-
-data AuthDecision
-  = Allowed
-  | ExplicitDeny
-  | ImplicitDeny
-  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)
-
-
-instance FromText AuthDecision where
-    parser = takeLowerText >>= \case
-        "allowed" -> pure Allowed
-        "explicit_deny" -> pure ExplicitDeny
-        "implicit_deny" -> pure ImplicitDeny
-        e -> fromTextError $ "Failure parsing AuthDecision from value: '" <> e
-           <> "'. Accepted values: allowed, explicit_deny, implicit_deny"
-
-instance ToText AuthDecision where
-    toText = \case
-        Allowed -> "ALLOWED"
-        ExplicitDeny -> "EXPLICIT_DENY"
-        ImplicitDeny -> "IMPLICIT_DENY"
-
-instance Hashable     AuthDecision
-instance NFData       AuthDecision
-instance ToByteString AuthDecision
-instance ToQuery      AuthDecision
-instance ToHeader     AuthDecision
-
-instance FromJSON AuthDecision where
-    parseJSON = parseJSONText "AuthDecision"
-
-data AuthorizerStatus
-  = Active
-  | Inactive
-  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)
-
-
-instance FromText AuthorizerStatus where
-    parser = takeLowerText >>= \case
-        "active" -> pure Active
-        "inactive" -> pure Inactive
-        e -> fromTextError $ "Failure parsing AuthorizerStatus from value: '" <> e
-           <> "'. Accepted values: active, inactive"
-
-instance ToText AuthorizerStatus where
-    toText = \case
-        Active -> "ACTIVE"
-        Inactive -> "INACTIVE"
-
-instance Hashable     AuthorizerStatus
-instance NFData       AuthorizerStatus
-instance ToByteString AuthorizerStatus
-instance ToQuery      AuthorizerStatus
-instance ToHeader     AuthorizerStatus
-
-instance ToJSON AuthorizerStatus where
-    toJSON = toJSONText
-
-instance FromJSON AuthorizerStatus where
-    parseJSON = parseJSONText "AuthorizerStatus"
-
-data AutoRegistrationStatus
-  = Disable
-  | Enable
-  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)
-
-
-instance FromText AutoRegistrationStatus where
-    parser = takeLowerText >>= \case
-        "disable" -> pure Disable
-        "enable" -> pure Enable
-        e -> fromTextError $ "Failure parsing AutoRegistrationStatus from value: '" <> e
-           <> "'. Accepted values: disable, enable"
-
-instance ToText AutoRegistrationStatus where
-    toText = \case
-        Disable -> "DISABLE"
-        Enable -> "ENABLE"
-
-instance Hashable     AutoRegistrationStatus
-instance NFData       AutoRegistrationStatus
-instance ToByteString AutoRegistrationStatus
-instance ToQuery      AutoRegistrationStatus
-instance ToHeader     AutoRegistrationStatus
-
-instance ToJSON AutoRegistrationStatus where
-    toJSON = toJSONText
-
-instance FromJSON AutoRegistrationStatus where
-    parseJSON = parseJSONText "AutoRegistrationStatus"
-
-data CACertificateStatus
-  = CACSActive
-  | CACSInactive
-  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)
-
-
-instance FromText CACertificateStatus where
-    parser = takeLowerText >>= \case
-        "active" -> pure CACSActive
-        "inactive" -> pure CACSInactive
-        e -> fromTextError $ "Failure parsing CACertificateStatus from value: '" <> e
-           <> "'. Accepted values: active, inactive"
-
-instance ToText CACertificateStatus where
-    toText = \case
-        CACSActive -> "ACTIVE"
-        CACSInactive -> "INACTIVE"
-
-instance Hashable     CACertificateStatus
-instance NFData       CACertificateStatus
-instance ToByteString CACertificateStatus
-instance ToQuery      CACertificateStatus
-instance ToHeader     CACertificateStatus
-
-instance ToJSON CACertificateStatus where
-    toJSON = toJSONText
-
-instance FromJSON CACertificateStatus where
-    parseJSON = parseJSONText "CACertificateStatus"
-
-data CannedAccessControlList
-  = AWSExecRead
-  | AuthenticatedRead
-  | BucketOwnerFullControl
-  | BucketOwnerRead
-  | LogDeliveryWrite
-  | Private
-  | PublicRead
-  | PublicReadWrite
-  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)
-
-
-instance FromText CannedAccessControlList where
-    parser = takeLowerText >>= \case
-        "aws-exec-read" -> pure AWSExecRead
-        "authenticated-read" -> pure AuthenticatedRead
-        "bucket-owner-full-control" -> pure BucketOwnerFullControl
-        "bucket-owner-read" -> pure BucketOwnerRead
-        "log-delivery-write" -> pure LogDeliveryWrite
-        "private" -> pure Private
-        "public-read" -> pure PublicRead
-        "public-read-write" -> pure PublicReadWrite
-        e -> fromTextError $ "Failure parsing CannedAccessControlList from value: '" <> e
-           <> "'. Accepted values: aws-exec-read, authenticated-read, bucket-owner-full-control, bucket-owner-read, log-delivery-write, private, public-read, public-read-write"
-
-instance ToText CannedAccessControlList where
-    toText = \case
-        AWSExecRead -> "aws-exec-read"
-        AuthenticatedRead -> "authenticated-read"
-        BucketOwnerFullControl -> "bucket-owner-full-control"
-        BucketOwnerRead -> "bucket-owner-read"
-        LogDeliveryWrite -> "log-delivery-write"
-        Private -> "private"
-        PublicRead -> "public-read"
-        PublicReadWrite -> "public-read-write"
-
-instance Hashable     CannedAccessControlList
-instance NFData       CannedAccessControlList
-instance ToByteString CannedAccessControlList
-instance ToQuery      CannedAccessControlList
-instance ToHeader     CannedAccessControlList
-
-instance ToJSON CannedAccessControlList where
-    toJSON = toJSONText
-
-instance FromJSON CannedAccessControlList where
-    parseJSON = parseJSONText "CannedAccessControlList"
-
-data CertificateStatus
-  = CSActive
-  | CSInactive
-  | CSPendingActivation
-  | CSPendingTransfer
-  | CSRegisterInactive
-  | CSRevoked
-  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)
-
-
-instance FromText CertificateStatus where
-    parser = takeLowerText >>= \case
-        "active" -> pure CSActive
-        "inactive" -> pure CSInactive
-        "pending_activation" -> pure CSPendingActivation
-        "pending_transfer" -> pure CSPendingTransfer
-        "register_inactive" -> pure CSRegisterInactive
-        "revoked" -> pure CSRevoked
-        e -> fromTextError $ "Failure parsing CertificateStatus from value: '" <> e
-           <> "'. Accepted values: active, inactive, pending_activation, pending_transfer, register_inactive, revoked"
-
-instance ToText CertificateStatus where
-    toText = \case
-        CSActive -> "ACTIVE"
-        CSInactive -> "INACTIVE"
-        CSPendingActivation -> "PENDING_ACTIVATION"
-        CSPendingTransfer -> "PENDING_TRANSFER"
-        CSRegisterInactive -> "REGISTER_INACTIVE"
-        CSRevoked -> "REVOKED"
-
-instance Hashable     CertificateStatus
-instance NFData       CertificateStatus
-instance ToByteString CertificateStatus
-instance ToQuery      CertificateStatus
-instance ToHeader     CertificateStatus
-
-instance ToJSON CertificateStatus where
-    toJSON = toJSONText
-
-instance FromJSON CertificateStatus where
-    parseJSON = parseJSONText "CertificateStatus"
-
-data DynamoKeyType
-  = Number
-  | String
-  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)
-
-
-instance FromText DynamoKeyType where
-    parser = takeLowerText >>= \case
-        "number" -> pure Number
-        "string" -> pure String
-        e -> fromTextError $ "Failure parsing DynamoKeyType from value: '" <> e
-           <> "'. Accepted values: number, string"
-
-instance ToText DynamoKeyType where
-    toText = \case
-        Number -> "NUMBER"
-        String -> "STRING"
-
-instance Hashable     DynamoKeyType
-instance NFData       DynamoKeyType
-instance ToByteString DynamoKeyType
-instance ToQuery      DynamoKeyType
-instance ToHeader     DynamoKeyType
-
-instance ToJSON DynamoKeyType where
-    toJSON = toJSONText
-
-instance FromJSON DynamoKeyType where
-    parseJSON = parseJSONText "DynamoKeyType"
-
-data EventType
-  = Job
-  | JobExecution
-  | Thing
-  | ThingGroup
-  | ThingGroupHierarchy
-  | ThingGroupMembership
-  | ThingType
-  | ThingTypeAssociation
-  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)
-
-
-instance FromText EventType where
-    parser = takeLowerText >>= \case
-        "job" -> pure Job
-        "job_execution" -> pure JobExecution
-        "thing" -> pure Thing
-        "thing_group" -> pure ThingGroup
-        "thing_group_hierarchy" -> pure ThingGroupHierarchy
-        "thing_group_membership" -> pure ThingGroupMembership
-        "thing_type" -> pure ThingType
-        "thing_type_association" -> pure ThingTypeAssociation
-        e -> fromTextError $ "Failure parsing EventType from value: '" <> e
-           <> "'. Accepted values: job, job_execution, thing, thing_group, thing_group_hierarchy, thing_group_membership, thing_type, thing_type_association"
-
-instance ToText EventType where
-    toText = \case
-        Job -> "JOB"
-        JobExecution -> "JOB_EXECUTION"
-        Thing -> "THING"
-        ThingGroup -> "THING_GROUP"
-        ThingGroupHierarchy -> "THING_GROUP_HIERARCHY"
-        ThingGroupMembership -> "THING_GROUP_MEMBERSHIP"
-        ThingType -> "THING_TYPE"
-        ThingTypeAssociation -> "THING_TYPE_ASSOCIATION"
-
-instance Hashable     EventType
-instance NFData       EventType
-instance ToByteString EventType
-instance ToQuery      EventType
-instance ToHeader     EventType
-
-instance ToJSON EventType where
-    toJSON = toJSONText
-
-instance FromJSON EventType where
-    parseJSON = parseJSONText "EventType"
-
-data IndexStatus
-  = ISActive
-  | ISBuilding
-  | ISRebuilding
-  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)
-
-
-instance FromText IndexStatus where
-    parser = takeLowerText >>= \case
-        "active" -> pure ISActive
-        "building" -> pure ISBuilding
-        "rebuilding" -> pure ISRebuilding
-        e -> fromTextError $ "Failure parsing IndexStatus from value: '" <> e
-           <> "'. Accepted values: active, building, rebuilding"
-
-instance ToText IndexStatus where
-    toText = \case
-        ISActive -> "ACTIVE"
-        ISBuilding -> "BUILDING"
-        ISRebuilding -> "REBUILDING"
-
-instance Hashable     IndexStatus
-instance NFData       IndexStatus
-instance ToByteString IndexStatus
-instance ToQuery      IndexStatus
-instance ToHeader     IndexStatus
-
-instance FromJSON IndexStatus where
-    parseJSON = parseJSONText "IndexStatus"
-
-data JobExecutionStatus
-  = Canceled
-  | Failed
-  | InProgress
-  | Queued
-  | Rejected
-  | Removed
-  | Succeeded
-  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)
-
-
-instance FromText JobExecutionStatus where
-    parser = takeLowerText >>= \case
-        "canceled" -> pure Canceled
-        "failed" -> pure Failed
-        "in_progress" -> pure InProgress
-        "queued" -> pure Queued
-        "rejected" -> pure Rejected
-        "removed" -> pure Removed
-        "succeeded" -> pure Succeeded
-        e -> fromTextError $ "Failure parsing JobExecutionStatus from value: '" <> e
-           <> "'. Accepted values: canceled, failed, in_progress, queued, rejected, removed, succeeded"
-
-instance ToText JobExecutionStatus where
-    toText = \case
-        Canceled -> "CANCELED"
-        Failed -> "FAILED"
-        InProgress -> "IN_PROGRESS"
-        Queued -> "QUEUED"
-        Rejected -> "REJECTED"
-        Removed -> "REMOVED"
-        Succeeded -> "SUCCEEDED"
-
-instance Hashable     JobExecutionStatus
-instance NFData       JobExecutionStatus
-instance ToByteString JobExecutionStatus
-instance ToQuery      JobExecutionStatus
-instance ToHeader     JobExecutionStatus
-
-instance ToJSON JobExecutionStatus where
-    toJSON = toJSONText
-
-instance FromJSON JobExecutionStatus where
-    parseJSON = parseJSONText "JobExecutionStatus"
-
-data JobStatus
-  = JSCanceled
-  | JSCompleted
-  | JSInProgress
-  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)
-
-
-instance FromText JobStatus where
-    parser = takeLowerText >>= \case
-        "canceled" -> pure JSCanceled
-        "completed" -> pure JSCompleted
-        "in_progress" -> pure JSInProgress
-        e -> fromTextError $ "Failure parsing JobStatus from value: '" <> e
-           <> "'. Accepted values: canceled, completed, in_progress"
-
-instance ToText JobStatus where
-    toText = \case
-        JSCanceled -> "CANCELED"
-        JSCompleted -> "COMPLETED"
-        JSInProgress -> "IN_PROGRESS"
-
-instance Hashable     JobStatus
-instance NFData       JobStatus
-instance ToByteString JobStatus
-instance ToQuery      JobStatus
-instance ToHeader     JobStatus
-
-instance ToJSON JobStatus where
-    toJSON = toJSONText
-
-instance FromJSON JobStatus where
-    parseJSON = parseJSONText "JobStatus"
-
-data LogLevel
-  = Debug
-  | Disabled
-  | Error'
-  | Info
-  | Warn
-  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)
-
-
-instance FromText LogLevel where
-    parser = takeLowerText >>= \case
-        "debug" -> pure Debug
-        "disabled" -> pure Disabled
-        "error" -> pure Error'
-        "info" -> pure Info
-        "warn" -> pure Warn
-        e -> fromTextError $ "Failure parsing LogLevel from value: '" <> e
-           <> "'. Accepted values: debug, disabled, error, info, warn"
-
-instance ToText LogLevel where
-    toText = \case
-        Debug -> "DEBUG"
-        Disabled -> "DISABLED"
-        Error' -> "ERROR"
-        Info -> "INFO"
-        Warn -> "WARN"
-
-instance Hashable     LogLevel
-instance NFData       LogLevel
-instance ToByteString LogLevel
-instance ToQuery      LogLevel
-instance ToHeader     LogLevel
-
-instance ToJSON LogLevel where
-    toJSON = toJSONText
-
-instance FromJSON LogLevel where
-    parseJSON = parseJSONText "LogLevel"
-
-data LogTargetType
-  = LTTDefault
-  | LTTThingGroup
-  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)
-
-
-instance FromText LogTargetType where
-    parser = takeLowerText >>= \case
-        "default" -> pure LTTDefault
-        "thing_group" -> pure LTTThingGroup
-        e -> fromTextError $ "Failure parsing LogTargetType from value: '" <> e
-           <> "'. Accepted values: default, thing_group"
-
-instance ToText LogTargetType where
-    toText = \case
-        LTTDefault -> "DEFAULT"
-        LTTThingGroup -> "THING_GROUP"
-
-instance Hashable     LogTargetType
-instance NFData       LogTargetType
-instance ToByteString LogTargetType
-instance ToQuery      LogTargetType
-instance ToHeader     LogTargetType
-
-instance ToJSON LogTargetType where
-    toJSON = toJSONText
-
-instance FromJSON LogTargetType where
-    parseJSON = parseJSONText "LogTargetType"
-
-data MessageFormat
-  = JSON
-  | Raw
-  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)
-
-
-instance FromText MessageFormat where
-    parser = takeLowerText >>= \case
-        "json" -> pure JSON
-        "raw" -> pure Raw
-        e -> fromTextError $ "Failure parsing MessageFormat from value: '" <> e
-           <> "'. Accepted values: json, raw"
-
-instance ToText MessageFormat where
-    toText = \case
-        JSON -> "JSON"
-        Raw -> "RAW"
-
-instance Hashable     MessageFormat
-instance NFData       MessageFormat
-instance ToByteString MessageFormat
-instance ToQuery      MessageFormat
-instance ToHeader     MessageFormat
-
-instance ToJSON MessageFormat where
-    toJSON = toJSONText
-
-instance FromJSON MessageFormat where
-    parseJSON = parseJSONText "MessageFormat"
-
-data OTAUpdateStatus
-  = CreateComplete
-  | CreateFailed
-  | CreateInProgress
-  | CreatePending
-  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)
-
-
-instance FromText OTAUpdateStatus where
-    parser = takeLowerText >>= \case
-        "create_complete" -> pure CreateComplete
-        "create_failed" -> pure CreateFailed
-        "create_in_progress" -> pure CreateInProgress
-        "create_pending" -> pure CreatePending
-        e -> fromTextError $ "Failure parsing OTAUpdateStatus from value: '" <> e
-           <> "'. Accepted values: create_complete, create_failed, create_in_progress, create_pending"
-
-instance ToText OTAUpdateStatus where
-    toText = \case
-        CreateComplete -> "CREATE_COMPLETE"
-        CreateFailed -> "CREATE_FAILED"
-        CreateInProgress -> "CREATE_IN_PROGRESS"
-        CreatePending -> "CREATE_PENDING"
-
-instance Hashable     OTAUpdateStatus
-instance NFData       OTAUpdateStatus
-instance ToByteString OTAUpdateStatus
-instance ToQuery      OTAUpdateStatus
-instance ToHeader     OTAUpdateStatus
-
-instance ToJSON OTAUpdateStatus where
-    toJSON = toJSONText
-
-instance FromJSON OTAUpdateStatus where
-    parseJSON = parseJSONText "OTAUpdateStatus"
-
-data ReportType
-  = Errors
-  | Results
-  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)
-
-
-instance FromText ReportType where
-    parser = takeLowerText >>= \case
-        "errors" -> pure Errors
-        "results" -> pure Results
-        e -> fromTextError $ "Failure parsing ReportType from value: '" <> e
-           <> "'. Accepted values: errors, results"
-
-instance ToText ReportType where
-    toText = \case
-        Errors -> "ERRORS"
-        Results -> "RESULTS"
-
-instance Hashable     ReportType
-instance NFData       ReportType
-instance ToByteString ReportType
-instance ToQuery      ReportType
-instance ToHeader     ReportType
-
-instance ToJSON ReportType where
-    toJSON = toJSONText
-
-instance FromJSON ReportType where
-    parseJSON = parseJSONText "ReportType"
-
-data TargetSelection
-  = Continuous
-  | Snapshot
-  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)
-
-
-instance FromText TargetSelection where
-    parser = takeLowerText >>= \case
-        "continuous" -> pure Continuous
-        "snapshot" -> pure Snapshot
-        e -> fromTextError $ "Failure parsing TargetSelection from value: '" <> e
-           <> "'. Accepted values: continuous, snapshot"
-
-instance ToText TargetSelection where
-    toText = \case
-        Continuous -> "CONTINUOUS"
-        Snapshot -> "SNAPSHOT"
-
-instance Hashable     TargetSelection
-instance NFData       TargetSelection
-instance ToByteString TargetSelection
-instance ToQuery      TargetSelection
-instance ToHeader     TargetSelection
-
-instance ToJSON TargetSelection where
-    toJSON = toJSONText
-
-instance FromJSON TargetSelection where
-    parseJSON = parseJSONText "TargetSelection"
-
-data TaskStatus
-  = TSCancelled
-  | TSCancelling
-  | TSCompleted
-  | TSFailed
-  | TSInProgress
-  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)
-
-
-instance FromText TaskStatus where
-    parser = takeLowerText >>= \case
-        "cancelled" -> pure TSCancelled
-        "cancelling" -> pure TSCancelling
-        "completed" -> pure TSCompleted
-        "failed" -> pure TSFailed
-        "inprogress" -> pure TSInProgress
-        e -> fromTextError $ "Failure parsing TaskStatus from value: '" <> e
-           <> "'. Accepted values: cancelled, cancelling, completed, failed, inprogress"
-
-instance ToText TaskStatus where
-    toText = \case
-        TSCancelled -> "Cancelled"
-        TSCancelling -> "Cancelling"
-        TSCompleted -> "Completed"
-        TSFailed -> "Failed"
-        TSInProgress -> "InProgress"
-
-instance Hashable     TaskStatus
-instance NFData       TaskStatus
-instance ToByteString TaskStatus
-instance ToQuery      TaskStatus
-instance ToHeader     TaskStatus
-
-instance ToJSON TaskStatus where
-    toJSON = toJSONText
-
-instance FromJSON TaskStatus where
-    parseJSON = parseJSONText "TaskStatus"
-
-data ThingIndexingMode
-  = Off
-  | Registry
-  | RegistryAndShadow
-  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)
-
-
-instance FromText ThingIndexingMode where
-    parser = takeLowerText >>= \case
-        "off" -> pure Off
-        "registry" -> pure Registry
-        "registry_and_shadow" -> pure RegistryAndShadow
-        e -> fromTextError $ "Failure parsing ThingIndexingMode from value: '" <> e
-           <> "'. Accepted values: off, registry, registry_and_shadow"
-
-instance ToText ThingIndexingMode where
-    toText = \case
-        Off -> "OFF"
-        Registry -> "REGISTRY"
-        RegistryAndShadow -> "REGISTRY_AND_SHADOW"
-
-instance Hashable     ThingIndexingMode
-instance NFData       ThingIndexingMode
-instance ToByteString ThingIndexingMode
-instance ToQuery      ThingIndexingMode
-instance ToHeader     ThingIndexingMode
-
-instance ToJSON ThingIndexingMode where
-    toJSON = toJSONText
-
-instance FromJSON ThingIndexingMode where
-    parseJSON = parseJSONText "ThingIndexingMode"
diff --git a/gen/Network/AWS/IoT/UpdateAuthorizer.hs b/gen/Network/AWS/IoT/UpdateAuthorizer.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/UpdateAuthorizer.hs
+++ /dev/null
@@ -1,183 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.UpdateAuthorizer
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Updates an authorizer.
---
---
-module Network.AWS.IoT.UpdateAuthorizer
-    (
-    -- * Creating a Request
-      updateAuthorizer
-    , UpdateAuthorizer
-    -- * Request Lenses
-    , uaStatus
-    , uaAuthorizerFunctionARN
-    , uaTokenSigningPublicKeys
-    , uaTokenKeyName
-    , uaAuthorizerName
-
-    -- * Destructuring the Response
-    , updateAuthorizerResponse
-    , UpdateAuthorizerResponse
-    -- * Response Lenses
-    , uarsAuthorizerName
-    , uarsAuthorizerARN
-    , uarsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'updateAuthorizer' smart constructor.
-data UpdateAuthorizer = UpdateAuthorizer'
-  { _uaStatus                 :: !(Maybe AuthorizerStatus)
-  , _uaAuthorizerFunctionARN  :: !(Maybe Text)
-  , _uaTokenSigningPublicKeys :: !(Maybe (Map Text Text))
-  , _uaTokenKeyName           :: !(Maybe Text)
-  , _uaAuthorizerName         :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'UpdateAuthorizer' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'uaStatus' - The status of the update authorizer request.
---
--- * 'uaAuthorizerFunctionARN' - The ARN of the authorizer's Lambda function.
---
--- * 'uaTokenSigningPublicKeys' - The public keys used to verify the token signature.
---
--- * 'uaTokenKeyName' - The key used to extract the token from the HTTP headers.
---
--- * 'uaAuthorizerName' - The authorizer name.
-updateAuthorizer
-    :: Text -- ^ 'uaAuthorizerName'
-    -> UpdateAuthorizer
-updateAuthorizer pAuthorizerName_ =
-  UpdateAuthorizer'
-    { _uaStatus = Nothing
-    , _uaAuthorizerFunctionARN = Nothing
-    , _uaTokenSigningPublicKeys = Nothing
-    , _uaTokenKeyName = Nothing
-    , _uaAuthorizerName = pAuthorizerName_
-    }
-
-
--- | The status of the update authorizer request.
-uaStatus :: Lens' UpdateAuthorizer (Maybe AuthorizerStatus)
-uaStatus = lens _uaStatus (\ s a -> s{_uaStatus = a})
-
--- | The ARN of the authorizer's Lambda function.
-uaAuthorizerFunctionARN :: Lens' UpdateAuthorizer (Maybe Text)
-uaAuthorizerFunctionARN = lens _uaAuthorizerFunctionARN (\ s a -> s{_uaAuthorizerFunctionARN = a})
-
--- | The public keys used to verify the token signature.
-uaTokenSigningPublicKeys :: Lens' UpdateAuthorizer (HashMap Text Text)
-uaTokenSigningPublicKeys = lens _uaTokenSigningPublicKeys (\ s a -> s{_uaTokenSigningPublicKeys = a}) . _Default . _Map
-
--- | The key used to extract the token from the HTTP headers.
-uaTokenKeyName :: Lens' UpdateAuthorizer (Maybe Text)
-uaTokenKeyName = lens _uaTokenKeyName (\ s a -> s{_uaTokenKeyName = a})
-
--- | The authorizer name.
-uaAuthorizerName :: Lens' UpdateAuthorizer Text
-uaAuthorizerName = lens _uaAuthorizerName (\ s a -> s{_uaAuthorizerName = a})
-
-instance AWSRequest UpdateAuthorizer where
-        type Rs UpdateAuthorizer = UpdateAuthorizerResponse
-        request = putJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 UpdateAuthorizerResponse' <$>
-                   (x .?> "authorizerName") <*> (x .?> "authorizerArn")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable UpdateAuthorizer where
-
-instance NFData UpdateAuthorizer where
-
-instance ToHeaders UpdateAuthorizer where
-        toHeaders = const mempty
-
-instance ToJSON UpdateAuthorizer where
-        toJSON UpdateAuthorizer'{..}
-          = object
-              (catMaybes
-                 [("status" .=) <$> _uaStatus,
-                  ("authorizerFunctionArn" .=) <$>
-                    _uaAuthorizerFunctionARN,
-                  ("tokenSigningPublicKeys" .=) <$>
-                    _uaTokenSigningPublicKeys,
-                  ("tokenKeyName" .=) <$> _uaTokenKeyName])
-
-instance ToPath UpdateAuthorizer where
-        toPath UpdateAuthorizer'{..}
-          = mconcat ["/authorizer/", toBS _uaAuthorizerName]
-
-instance ToQuery UpdateAuthorizer where
-        toQuery = const mempty
-
--- | /See:/ 'updateAuthorizerResponse' smart constructor.
-data UpdateAuthorizerResponse = UpdateAuthorizerResponse'
-  { _uarsAuthorizerName :: !(Maybe Text)
-  , _uarsAuthorizerARN  :: !(Maybe Text)
-  , _uarsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'UpdateAuthorizerResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'uarsAuthorizerName' - The authorizer name.
---
--- * 'uarsAuthorizerARN' - The authorizer ARN.
---
--- * 'uarsResponseStatus' - -- | The response status code.
-updateAuthorizerResponse
-    :: Int -- ^ 'uarsResponseStatus'
-    -> UpdateAuthorizerResponse
-updateAuthorizerResponse pResponseStatus_ =
-  UpdateAuthorizerResponse'
-    { _uarsAuthorizerName = Nothing
-    , _uarsAuthorizerARN = Nothing
-    , _uarsResponseStatus = pResponseStatus_
-    }
-
-
--- | The authorizer name.
-uarsAuthorizerName :: Lens' UpdateAuthorizerResponse (Maybe Text)
-uarsAuthorizerName = lens _uarsAuthorizerName (\ s a -> s{_uarsAuthorizerName = a})
-
--- | The authorizer ARN.
-uarsAuthorizerARN :: Lens' UpdateAuthorizerResponse (Maybe Text)
-uarsAuthorizerARN = lens _uarsAuthorizerARN (\ s a -> s{_uarsAuthorizerARN = a})
-
--- | -- | The response status code.
-uarsResponseStatus :: Lens' UpdateAuthorizerResponse Int
-uarsResponseStatus = lens _uarsResponseStatus (\ s a -> s{_uarsResponseStatus = a})
-
-instance NFData UpdateAuthorizerResponse where
diff --git a/gen/Network/AWS/IoT/UpdateCACertificate.hs b/gen/Network/AWS/IoT/UpdateCACertificate.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/UpdateCACertificate.hs
+++ /dev/null
@@ -1,155 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.UpdateCACertificate
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Updates a registered CA certificate.
---
---
-module Network.AWS.IoT.UpdateCACertificate
-    (
-    -- * Creating a Request
-      updateCACertificate
-    , UpdateCACertificate
-    -- * Request Lenses
-    , ucacRemoveAutoRegistration
-    , ucacNewStatus
-    , ucacRegistrationConfig
-    , ucacNewAutoRegistrationStatus
-    , ucacCertificateId
-
-    -- * Destructuring the Response
-    , updateCACertificateResponse
-    , UpdateCACertificateResponse
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input to the UpdateCACertificate operation.
---
---
---
--- /See:/ 'updateCACertificate' smart constructor.
-data UpdateCACertificate = UpdateCACertificate'
-  { _ucacRemoveAutoRegistration    :: !(Maybe Bool)
-  , _ucacNewStatus                 :: !(Maybe CACertificateStatus)
-  , _ucacRegistrationConfig        :: !(Maybe RegistrationConfig)
-  , _ucacNewAutoRegistrationStatus :: !(Maybe AutoRegistrationStatus)
-  , _ucacCertificateId             :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'UpdateCACertificate' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ucacRemoveAutoRegistration' - If true, remove auto registration.
---
--- * 'ucacNewStatus' - The updated status of the CA certificate. __Note:__ The status value REGISTER_INACTIVE is deprecated and should not be used.
---
--- * 'ucacRegistrationConfig' - Information about the registration configuration.
---
--- * 'ucacNewAutoRegistrationStatus' - The new value for the auto registration status. Valid values are: "ENABLE" or "DISABLE".
---
--- * 'ucacCertificateId' - The CA certificate identifier.
-updateCACertificate
-    :: Text -- ^ 'ucacCertificateId'
-    -> UpdateCACertificate
-updateCACertificate pCertificateId_ =
-  UpdateCACertificate'
-    { _ucacRemoveAutoRegistration = Nothing
-    , _ucacNewStatus = Nothing
-    , _ucacRegistrationConfig = Nothing
-    , _ucacNewAutoRegistrationStatus = Nothing
-    , _ucacCertificateId = pCertificateId_
-    }
-
-
--- | If true, remove auto registration.
-ucacRemoveAutoRegistration :: Lens' UpdateCACertificate (Maybe Bool)
-ucacRemoveAutoRegistration = lens _ucacRemoveAutoRegistration (\ s a -> s{_ucacRemoveAutoRegistration = a})
-
--- | The updated status of the CA certificate. __Note:__ The status value REGISTER_INACTIVE is deprecated and should not be used.
-ucacNewStatus :: Lens' UpdateCACertificate (Maybe CACertificateStatus)
-ucacNewStatus = lens _ucacNewStatus (\ s a -> s{_ucacNewStatus = a})
-
--- | Information about the registration configuration.
-ucacRegistrationConfig :: Lens' UpdateCACertificate (Maybe RegistrationConfig)
-ucacRegistrationConfig = lens _ucacRegistrationConfig (\ s a -> s{_ucacRegistrationConfig = a})
-
--- | The new value for the auto registration status. Valid values are: "ENABLE" or "DISABLE".
-ucacNewAutoRegistrationStatus :: Lens' UpdateCACertificate (Maybe AutoRegistrationStatus)
-ucacNewAutoRegistrationStatus = lens _ucacNewAutoRegistrationStatus (\ s a -> s{_ucacNewAutoRegistrationStatus = a})
-
--- | The CA certificate identifier.
-ucacCertificateId :: Lens' UpdateCACertificate Text
-ucacCertificateId = lens _ucacCertificateId (\ s a -> s{_ucacCertificateId = a})
-
-instance AWSRequest UpdateCACertificate where
-        type Rs UpdateCACertificate =
-             UpdateCACertificateResponse
-        request = putJSON ioT
-        response = receiveNull UpdateCACertificateResponse'
-
-instance Hashable UpdateCACertificate where
-
-instance NFData UpdateCACertificate where
-
-instance ToHeaders UpdateCACertificate where
-        toHeaders = const mempty
-
-instance ToJSON UpdateCACertificate where
-        toJSON UpdateCACertificate'{..}
-          = object
-              (catMaybes
-                 [("removeAutoRegistration" .=) <$>
-                    _ucacRemoveAutoRegistration,
-                  ("registrationConfig" .=) <$>
-                    _ucacRegistrationConfig])
-
-instance ToPath UpdateCACertificate where
-        toPath UpdateCACertificate'{..}
-          = mconcat
-              ["/cacertificate/", toBS _ucacCertificateId]
-
-instance ToQuery UpdateCACertificate where
-        toQuery UpdateCACertificate'{..}
-          = mconcat
-              ["newStatus" =: _ucacNewStatus,
-               "newAutoRegistrationStatus" =:
-                 _ucacNewAutoRegistrationStatus]
-
--- | /See:/ 'updateCACertificateResponse' smart constructor.
-data UpdateCACertificateResponse =
-  UpdateCACertificateResponse'
-  deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'UpdateCACertificateResponse' with the minimum fields required to make a request.
---
-updateCACertificateResponse
-    :: UpdateCACertificateResponse
-updateCACertificateResponse = UpdateCACertificateResponse'
-
-
-instance NFData UpdateCACertificateResponse where
diff --git a/gen/Network/AWS/IoT/UpdateCertificate.hs b/gen/Network/AWS/IoT/UpdateCertificate.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/UpdateCertificate.hs
+++ /dev/null
@@ -1,120 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.UpdateCertificate
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Updates the status of the specified certificate. This operation is idempotent.
---
---
--- Moving a certificate from the ACTIVE state (including REVOKED) will not disconnect currently connected devices, but these devices will be unable to reconnect.
---
--- The ACTIVE state is required to authenticate devices connecting to AWS IoT using a certificate.
---
-module Network.AWS.IoT.UpdateCertificate
-    (
-    -- * Creating a Request
-      updateCertificate
-    , UpdateCertificate
-    -- * Request Lenses
-    , ucCertificateId
-    , ucNewStatus
-
-    -- * Destructuring the Response
-    , updateCertificateResponse
-    , UpdateCertificateResponse
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the UpdateCertificate operation.
---
---
---
--- /See:/ 'updateCertificate' smart constructor.
-data UpdateCertificate = UpdateCertificate'
-  { _ucCertificateId :: !Text
-  , _ucNewStatus     :: !CertificateStatus
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'UpdateCertificate' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'ucCertificateId' - The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.)
---
--- * 'ucNewStatus' - The new status. __Note:__ Setting the status to PENDING_TRANSFER will result in an exception being thrown. PENDING_TRANSFER is a status used internally by AWS IoT. It is not intended for developer use. __Note:__ The status value REGISTER_INACTIVE is deprecated and should not be used.
-updateCertificate
-    :: Text -- ^ 'ucCertificateId'
-    -> CertificateStatus -- ^ 'ucNewStatus'
-    -> UpdateCertificate
-updateCertificate pCertificateId_ pNewStatus_ =
-  UpdateCertificate'
-    {_ucCertificateId = pCertificateId_, _ucNewStatus = pNewStatus_}
-
-
--- | The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.)
-ucCertificateId :: Lens' UpdateCertificate Text
-ucCertificateId = lens _ucCertificateId (\ s a -> s{_ucCertificateId = a})
-
--- | The new status. __Note:__ Setting the status to PENDING_TRANSFER will result in an exception being thrown. PENDING_TRANSFER is a status used internally by AWS IoT. It is not intended for developer use. __Note:__ The status value REGISTER_INACTIVE is deprecated and should not be used.
-ucNewStatus :: Lens' UpdateCertificate CertificateStatus
-ucNewStatus = lens _ucNewStatus (\ s a -> s{_ucNewStatus = a})
-
-instance AWSRequest UpdateCertificate where
-        type Rs UpdateCertificate = UpdateCertificateResponse
-        request = putJSON ioT
-        response = receiveNull UpdateCertificateResponse'
-
-instance Hashable UpdateCertificate where
-
-instance NFData UpdateCertificate where
-
-instance ToHeaders UpdateCertificate where
-        toHeaders = const mempty
-
-instance ToJSON UpdateCertificate where
-        toJSON = const (Object mempty)
-
-instance ToPath UpdateCertificate where
-        toPath UpdateCertificate'{..}
-          = mconcat ["/certificates/", toBS _ucCertificateId]
-
-instance ToQuery UpdateCertificate where
-        toQuery UpdateCertificate'{..}
-          = mconcat ["newStatus" =: _ucNewStatus]
-
--- | /See:/ 'updateCertificateResponse' smart constructor.
-data UpdateCertificateResponse =
-  UpdateCertificateResponse'
-  deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'UpdateCertificateResponse' with the minimum fields required to make a request.
---
-updateCertificateResponse
-    :: UpdateCertificateResponse
-updateCertificateResponse = UpdateCertificateResponse'
-
-
-instance NFData UpdateCertificateResponse where
diff --git a/gen/Network/AWS/IoT/UpdateEventConfigurations.hs b/gen/Network/AWS/IoT/UpdateEventConfigurations.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/UpdateEventConfigurations.hs
+++ /dev/null
@@ -1,120 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.UpdateEventConfigurations
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Updates the event configurations.
---
---
-module Network.AWS.IoT.UpdateEventConfigurations
-    (
-    -- * Creating a Request
-      updateEventConfigurations
-    , UpdateEventConfigurations
-    -- * Request Lenses
-    , uecEventConfigurations
-
-    -- * Destructuring the Response
-    , updateEventConfigurationsResponse
-    , UpdateEventConfigurationsResponse
-    -- * Response Lenses
-    , uecrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'updateEventConfigurations' smart constructor.
-newtype UpdateEventConfigurations = UpdateEventConfigurations'
-  { _uecEventConfigurations :: Maybe (Map EventType Configuration)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'UpdateEventConfigurations' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'uecEventConfigurations' - The new event configuration values.
-updateEventConfigurations
-    :: UpdateEventConfigurations
-updateEventConfigurations =
-  UpdateEventConfigurations' {_uecEventConfigurations = Nothing}
-
-
--- | The new event configuration values.
-uecEventConfigurations :: Lens' UpdateEventConfigurations (HashMap EventType Configuration)
-uecEventConfigurations = lens _uecEventConfigurations (\ s a -> s{_uecEventConfigurations = a}) . _Default . _Map
-
-instance AWSRequest UpdateEventConfigurations where
-        type Rs UpdateEventConfigurations =
-             UpdateEventConfigurationsResponse
-        request = patchJSON ioT
-        response
-          = receiveEmpty
-              (\ s h x ->
-                 UpdateEventConfigurationsResponse' <$>
-                   (pure (fromEnum s)))
-
-instance Hashable UpdateEventConfigurations where
-
-instance NFData UpdateEventConfigurations where
-
-instance ToHeaders UpdateEventConfigurations where
-        toHeaders = const mempty
-
-instance ToJSON UpdateEventConfigurations where
-        toJSON UpdateEventConfigurations'{..}
-          = object
-              (catMaybes
-                 [("eventConfigurations" .=) <$>
-                    _uecEventConfigurations])
-
-instance ToPath UpdateEventConfigurations where
-        toPath = const "/event-configurations"
-
-instance ToQuery UpdateEventConfigurations where
-        toQuery = const mempty
-
--- | /See:/ 'updateEventConfigurationsResponse' smart constructor.
-newtype UpdateEventConfigurationsResponse = UpdateEventConfigurationsResponse'
-  { _uecrsResponseStatus :: Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'UpdateEventConfigurationsResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'uecrsResponseStatus' - -- | The response status code.
-updateEventConfigurationsResponse
-    :: Int -- ^ 'uecrsResponseStatus'
-    -> UpdateEventConfigurationsResponse
-updateEventConfigurationsResponse pResponseStatus_ =
-  UpdateEventConfigurationsResponse' {_uecrsResponseStatus = pResponseStatus_}
-
-
--- | -- | The response status code.
-uecrsResponseStatus :: Lens' UpdateEventConfigurationsResponse Int
-uecrsResponseStatus = lens _uecrsResponseStatus (\ s a -> s{_uecrsResponseStatus = a})
-
-instance NFData UpdateEventConfigurationsResponse
-         where
diff --git a/gen/Network/AWS/IoT/UpdateIndexingConfiguration.hs b/gen/Network/AWS/IoT/UpdateIndexingConfiguration.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/UpdateIndexingConfiguration.hs
+++ /dev/null
@@ -1,120 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.UpdateIndexingConfiguration
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Updates the search configuration.
---
---
-module Network.AWS.IoT.UpdateIndexingConfiguration
-    (
-    -- * Creating a Request
-      updateIndexingConfiguration
-    , UpdateIndexingConfiguration
-    -- * Request Lenses
-    , uicThingIndexingConfiguration
-
-    -- * Destructuring the Response
-    , updateIndexingConfigurationResponse
-    , UpdateIndexingConfigurationResponse
-    -- * Response Lenses
-    , uicrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'updateIndexingConfiguration' smart constructor.
-newtype UpdateIndexingConfiguration = UpdateIndexingConfiguration'
-  { _uicThingIndexingConfiguration :: Maybe ThingIndexingConfiguration
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'UpdateIndexingConfiguration' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'uicThingIndexingConfiguration' - Thing indexing configuration.
-updateIndexingConfiguration
-    :: UpdateIndexingConfiguration
-updateIndexingConfiguration =
-  UpdateIndexingConfiguration' {_uicThingIndexingConfiguration = Nothing}
-
-
--- | Thing indexing configuration.
-uicThingIndexingConfiguration :: Lens' UpdateIndexingConfiguration (Maybe ThingIndexingConfiguration)
-uicThingIndexingConfiguration = lens _uicThingIndexingConfiguration (\ s a -> s{_uicThingIndexingConfiguration = a})
-
-instance AWSRequest UpdateIndexingConfiguration where
-        type Rs UpdateIndexingConfiguration =
-             UpdateIndexingConfigurationResponse
-        request = postJSON ioT
-        response
-          = receiveEmpty
-              (\ s h x ->
-                 UpdateIndexingConfigurationResponse' <$>
-                   (pure (fromEnum s)))
-
-instance Hashable UpdateIndexingConfiguration where
-
-instance NFData UpdateIndexingConfiguration where
-
-instance ToHeaders UpdateIndexingConfiguration where
-        toHeaders = const mempty
-
-instance ToJSON UpdateIndexingConfiguration where
-        toJSON UpdateIndexingConfiguration'{..}
-          = object
-              (catMaybes
-                 [("thingIndexingConfiguration" .=) <$>
-                    _uicThingIndexingConfiguration])
-
-instance ToPath UpdateIndexingConfiguration where
-        toPath = const "/indexing/config"
-
-instance ToQuery UpdateIndexingConfiguration where
-        toQuery = const mempty
-
--- | /See:/ 'updateIndexingConfigurationResponse' smart constructor.
-newtype UpdateIndexingConfigurationResponse = UpdateIndexingConfigurationResponse'
-  { _uicrsResponseStatus :: Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'UpdateIndexingConfigurationResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'uicrsResponseStatus' - -- | The response status code.
-updateIndexingConfigurationResponse
-    :: Int -- ^ 'uicrsResponseStatus'
-    -> UpdateIndexingConfigurationResponse
-updateIndexingConfigurationResponse pResponseStatus_ =
-  UpdateIndexingConfigurationResponse' {_uicrsResponseStatus = pResponseStatus_}
-
-
--- | -- | The response status code.
-uicrsResponseStatus :: Lens' UpdateIndexingConfigurationResponse Int
-uicrsResponseStatus = lens _uicrsResponseStatus (\ s a -> s{_uicrsResponseStatus = a})
-
-instance NFData UpdateIndexingConfigurationResponse
-         where
diff --git a/gen/Network/AWS/IoT/UpdateRoleAlias.hs b/gen/Network/AWS/IoT/UpdateRoleAlias.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/UpdateRoleAlias.hs
+++ /dev/null
@@ -1,162 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.UpdateRoleAlias
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Updates a role alias.
---
---
-module Network.AWS.IoT.UpdateRoleAlias
-    (
-    -- * Creating a Request
-      updateRoleAlias
-    , UpdateRoleAlias
-    -- * Request Lenses
-    , uraCredentialDurationSeconds
-    , uraRoleARN
-    , uraRoleAlias
-
-    -- * Destructuring the Response
-    , updateRoleAliasResponse
-    , UpdateRoleAliasResponse
-    -- * Response Lenses
-    , urarsRoleAliasARN
-    , urarsRoleAlias
-    , urarsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'updateRoleAlias' smart constructor.
-data UpdateRoleAlias = UpdateRoleAlias'
-  { _uraCredentialDurationSeconds :: !(Maybe Nat)
-  , _uraRoleARN                   :: !(Maybe Text)
-  , _uraRoleAlias                 :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'UpdateRoleAlias' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'uraCredentialDurationSeconds' - The number of seconds the credential will be valid.
---
--- * 'uraRoleARN' - The role ARN.
---
--- * 'uraRoleAlias' - The role alias to update.
-updateRoleAlias
-    :: Text -- ^ 'uraRoleAlias'
-    -> UpdateRoleAlias
-updateRoleAlias pRoleAlias_ =
-  UpdateRoleAlias'
-    { _uraCredentialDurationSeconds = Nothing
-    , _uraRoleARN = Nothing
-    , _uraRoleAlias = pRoleAlias_
-    }
-
-
--- | The number of seconds the credential will be valid.
-uraCredentialDurationSeconds :: Lens' UpdateRoleAlias (Maybe Natural)
-uraCredentialDurationSeconds = lens _uraCredentialDurationSeconds (\ s a -> s{_uraCredentialDurationSeconds = a}) . mapping _Nat
-
--- | The role ARN.
-uraRoleARN :: Lens' UpdateRoleAlias (Maybe Text)
-uraRoleARN = lens _uraRoleARN (\ s a -> s{_uraRoleARN = a})
-
--- | The role alias to update.
-uraRoleAlias :: Lens' UpdateRoleAlias Text
-uraRoleAlias = lens _uraRoleAlias (\ s a -> s{_uraRoleAlias = a})
-
-instance AWSRequest UpdateRoleAlias where
-        type Rs UpdateRoleAlias = UpdateRoleAliasResponse
-        request = putJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 UpdateRoleAliasResponse' <$>
-                   (x .?> "roleAliasArn") <*> (x .?> "roleAlias") <*>
-                     (pure (fromEnum s)))
-
-instance Hashable UpdateRoleAlias where
-
-instance NFData UpdateRoleAlias where
-
-instance ToHeaders UpdateRoleAlias where
-        toHeaders = const mempty
-
-instance ToJSON UpdateRoleAlias where
-        toJSON UpdateRoleAlias'{..}
-          = object
-              (catMaybes
-                 [("credentialDurationSeconds" .=) <$>
-                    _uraCredentialDurationSeconds,
-                  ("roleArn" .=) <$> _uraRoleARN])
-
-instance ToPath UpdateRoleAlias where
-        toPath UpdateRoleAlias'{..}
-          = mconcat ["/role-aliases/", toBS _uraRoleAlias]
-
-instance ToQuery UpdateRoleAlias where
-        toQuery = const mempty
-
--- | /See:/ 'updateRoleAliasResponse' smart constructor.
-data UpdateRoleAliasResponse = UpdateRoleAliasResponse'
-  { _urarsRoleAliasARN   :: !(Maybe Text)
-  , _urarsRoleAlias      :: !(Maybe Text)
-  , _urarsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'UpdateRoleAliasResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'urarsRoleAliasARN' - The role alias ARN.
---
--- * 'urarsRoleAlias' - The role alias.
---
--- * 'urarsResponseStatus' - -- | The response status code.
-updateRoleAliasResponse
-    :: Int -- ^ 'urarsResponseStatus'
-    -> UpdateRoleAliasResponse
-updateRoleAliasResponse pResponseStatus_ =
-  UpdateRoleAliasResponse'
-    { _urarsRoleAliasARN = Nothing
-    , _urarsRoleAlias = Nothing
-    , _urarsResponseStatus = pResponseStatus_
-    }
-
-
--- | The role alias ARN.
-urarsRoleAliasARN :: Lens' UpdateRoleAliasResponse (Maybe Text)
-urarsRoleAliasARN = lens _urarsRoleAliasARN (\ s a -> s{_urarsRoleAliasARN = a})
-
--- | The role alias.
-urarsRoleAlias :: Lens' UpdateRoleAliasResponse (Maybe Text)
-urarsRoleAlias = lens _urarsRoleAlias (\ s a -> s{_urarsRoleAlias = a})
-
--- | -- | The response status code.
-urarsResponseStatus :: Lens' UpdateRoleAliasResponse Int
-urarsResponseStatus = lens _urarsResponseStatus (\ s a -> s{_urarsResponseStatus = a})
-
-instance NFData UpdateRoleAliasResponse where
diff --git a/gen/Network/AWS/IoT/UpdateStream.hs b/gen/Network/AWS/IoT/UpdateStream.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/UpdateStream.hs
+++ /dev/null
@@ -1,191 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.UpdateStream
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Updates an existing stream. The stream version will be incremented by one.
---
---
-module Network.AWS.IoT.UpdateStream
-    (
-    -- * Creating a Request
-      updateStream
-    , UpdateStream
-    -- * Request Lenses
-    , usFiles
-    , usDescription
-    , usRoleARN
-    , usStreamId
-
-    -- * Destructuring the Response
-    , updateStreamResponse
-    , UpdateStreamResponse
-    -- * Response Lenses
-    , usrsStreamVersion
-    , usrsStreamARN
-    , usrsDescription
-    , usrsStreamId
-    , usrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'updateStream' smart constructor.
-data UpdateStream = UpdateStream'
-  { _usFiles       :: !(Maybe (List1 StreamFile))
-  , _usDescription :: !(Maybe Text)
-  , _usRoleARN     :: !(Maybe Text)
-  , _usStreamId    :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'UpdateStream' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'usFiles' - The files associated with the stream.
---
--- * 'usDescription' - The description of the stream.
---
--- * 'usRoleARN' - An IAM role that allows the IoT service principal assumes to access your S3 files.
---
--- * 'usStreamId' - The stream ID.
-updateStream
-    :: Text -- ^ 'usStreamId'
-    -> UpdateStream
-updateStream pStreamId_ =
-  UpdateStream'
-    { _usFiles = Nothing
-    , _usDescription = Nothing
-    , _usRoleARN = Nothing
-    , _usStreamId = pStreamId_
-    }
-
-
--- | The files associated with the stream.
-usFiles :: Lens' UpdateStream (Maybe (NonEmpty StreamFile))
-usFiles = lens _usFiles (\ s a -> s{_usFiles = a}) . mapping _List1
-
--- | The description of the stream.
-usDescription :: Lens' UpdateStream (Maybe Text)
-usDescription = lens _usDescription (\ s a -> s{_usDescription = a})
-
--- | An IAM role that allows the IoT service principal assumes to access your S3 files.
-usRoleARN :: Lens' UpdateStream (Maybe Text)
-usRoleARN = lens _usRoleARN (\ s a -> s{_usRoleARN = a})
-
--- | The stream ID.
-usStreamId :: Lens' UpdateStream Text
-usStreamId = lens _usStreamId (\ s a -> s{_usStreamId = a})
-
-instance AWSRequest UpdateStream where
-        type Rs UpdateStream = UpdateStreamResponse
-        request = putJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 UpdateStreamResponse' <$>
-                   (x .?> "streamVersion") <*> (x .?> "streamArn") <*>
-                     (x .?> "description")
-                     <*> (x .?> "streamId")
-                     <*> (pure (fromEnum s)))
-
-instance Hashable UpdateStream where
-
-instance NFData UpdateStream where
-
-instance ToHeaders UpdateStream where
-        toHeaders = const mempty
-
-instance ToJSON UpdateStream where
-        toJSON UpdateStream'{..}
-          = object
-              (catMaybes
-                 [("files" .=) <$> _usFiles,
-                  ("description" .=) <$> _usDescription,
-                  ("roleArn" .=) <$> _usRoleARN])
-
-instance ToPath UpdateStream where
-        toPath UpdateStream'{..}
-          = mconcat ["/streams/", toBS _usStreamId]
-
-instance ToQuery UpdateStream where
-        toQuery = const mempty
-
--- | /See:/ 'updateStreamResponse' smart constructor.
-data UpdateStreamResponse = UpdateStreamResponse'
-  { _usrsStreamVersion  :: !(Maybe Nat)
-  , _usrsStreamARN      :: !(Maybe Text)
-  , _usrsDescription    :: !(Maybe Text)
-  , _usrsStreamId       :: !(Maybe Text)
-  , _usrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'UpdateStreamResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'usrsStreamVersion' - The stream version.
---
--- * 'usrsStreamARN' - The stream ARN.
---
--- * 'usrsDescription' - A description of the stream.
---
--- * 'usrsStreamId' - The stream ID.
---
--- * 'usrsResponseStatus' - -- | The response status code.
-updateStreamResponse
-    :: Int -- ^ 'usrsResponseStatus'
-    -> UpdateStreamResponse
-updateStreamResponse pResponseStatus_ =
-  UpdateStreamResponse'
-    { _usrsStreamVersion = Nothing
-    , _usrsStreamARN = Nothing
-    , _usrsDescription = Nothing
-    , _usrsStreamId = Nothing
-    , _usrsResponseStatus = pResponseStatus_
-    }
-
-
--- | The stream version.
-usrsStreamVersion :: Lens' UpdateStreamResponse (Maybe Natural)
-usrsStreamVersion = lens _usrsStreamVersion (\ s a -> s{_usrsStreamVersion = a}) . mapping _Nat
-
--- | The stream ARN.
-usrsStreamARN :: Lens' UpdateStreamResponse (Maybe Text)
-usrsStreamARN = lens _usrsStreamARN (\ s a -> s{_usrsStreamARN = a})
-
--- | A description of the stream.
-usrsDescription :: Lens' UpdateStreamResponse (Maybe Text)
-usrsDescription = lens _usrsDescription (\ s a -> s{_usrsDescription = a})
-
--- | The stream ID.
-usrsStreamId :: Lens' UpdateStreamResponse (Maybe Text)
-usrsStreamId = lens _usrsStreamId (\ s a -> s{_usrsStreamId = a})
-
--- | -- | The response status code.
-usrsResponseStatus :: Lens' UpdateStreamResponse Int
-usrsResponseStatus = lens _usrsResponseStatus (\ s a -> s{_usrsResponseStatus = a})
-
-instance NFData UpdateStreamResponse where
diff --git a/gen/Network/AWS/IoT/UpdateThing.hs b/gen/Network/AWS/IoT/UpdateThing.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/UpdateThing.hs
+++ /dev/null
@@ -1,167 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.UpdateThing
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Updates the data for a thing.
---
---
-module Network.AWS.IoT.UpdateThing
-    (
-    -- * Creating a Request
-      updateThing
-    , UpdateThing
-    -- * Request Lenses
-    , utRemoveThingType
-    , utThingTypeName
-    , utExpectedVersion
-    , utAttributePayload
-    , utThingName
-
-    -- * Destructuring the Response
-    , updateThingResponse
-    , UpdateThingResponse
-    -- * Response Lenses
-    , utrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | The input for the UpdateThing operation.
---
---
---
--- /See:/ 'updateThing' smart constructor.
-data UpdateThing = UpdateThing'
-  { _utRemoveThingType  :: !(Maybe Bool)
-  , _utThingTypeName    :: !(Maybe Text)
-  , _utExpectedVersion  :: !(Maybe Integer)
-  , _utAttributePayload :: !(Maybe AttributePayload)
-  , _utThingName        :: !Text
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'UpdateThing' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'utRemoveThingType' - Remove a thing type association. If __true__ , the association is removed.
---
--- * 'utThingTypeName' - The name of the thing type.
---
--- * 'utExpectedVersion' - The expected version of the thing record in the registry. If the version of the record in the registry does not match the expected version specified in the request, the @UpdateThing@ request is rejected with a @VersionConflictException@ .
---
--- * 'utAttributePayload' - A list of thing attributes, a JSON string containing name-value pairs. For example: @{\"attributes\":{\"name1\":\"value2\"}}@  This data is used to add new attributes or update existing attributes.
---
--- * 'utThingName' - The name of the thing to update.
-updateThing
-    :: Text -- ^ 'utThingName'
-    -> UpdateThing
-updateThing pThingName_ =
-  UpdateThing'
-    { _utRemoveThingType = Nothing
-    , _utThingTypeName = Nothing
-    , _utExpectedVersion = Nothing
-    , _utAttributePayload = Nothing
-    , _utThingName = pThingName_
-    }
-
-
--- | Remove a thing type association. If __true__ , the association is removed.
-utRemoveThingType :: Lens' UpdateThing (Maybe Bool)
-utRemoveThingType = lens _utRemoveThingType (\ s a -> s{_utRemoveThingType = a})
-
--- | The name of the thing type.
-utThingTypeName :: Lens' UpdateThing (Maybe Text)
-utThingTypeName = lens _utThingTypeName (\ s a -> s{_utThingTypeName = a})
-
--- | The expected version of the thing record in the registry. If the version of the record in the registry does not match the expected version specified in the request, the @UpdateThing@ request is rejected with a @VersionConflictException@ .
-utExpectedVersion :: Lens' UpdateThing (Maybe Integer)
-utExpectedVersion = lens _utExpectedVersion (\ s a -> s{_utExpectedVersion = a})
-
--- | A list of thing attributes, a JSON string containing name-value pairs. For example: @{\"attributes\":{\"name1\":\"value2\"}}@  This data is used to add new attributes or update existing attributes.
-utAttributePayload :: Lens' UpdateThing (Maybe AttributePayload)
-utAttributePayload = lens _utAttributePayload (\ s a -> s{_utAttributePayload = a})
-
--- | The name of the thing to update.
-utThingName :: Lens' UpdateThing Text
-utThingName = lens _utThingName (\ s a -> s{_utThingName = a})
-
-instance AWSRequest UpdateThing where
-        type Rs UpdateThing = UpdateThingResponse
-        request = patchJSON ioT
-        response
-          = receiveEmpty
-              (\ s h x ->
-                 UpdateThingResponse' <$> (pure (fromEnum s)))
-
-instance Hashable UpdateThing where
-
-instance NFData UpdateThing where
-
-instance ToHeaders UpdateThing where
-        toHeaders = const mempty
-
-instance ToJSON UpdateThing where
-        toJSON UpdateThing'{..}
-          = object
-              (catMaybes
-                 [("removeThingType" .=) <$> _utRemoveThingType,
-                  ("thingTypeName" .=) <$> _utThingTypeName,
-                  ("expectedVersion" .=) <$> _utExpectedVersion,
-                  ("attributePayload" .=) <$> _utAttributePayload])
-
-instance ToPath UpdateThing where
-        toPath UpdateThing'{..}
-          = mconcat ["/things/", toBS _utThingName]
-
-instance ToQuery UpdateThing where
-        toQuery = const mempty
-
--- | The output from the UpdateThing operation.
---
---
---
--- /See:/ 'updateThingResponse' smart constructor.
-newtype UpdateThingResponse = UpdateThingResponse'
-  { _utrsResponseStatus :: Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'UpdateThingResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'utrsResponseStatus' - -- | The response status code.
-updateThingResponse
-    :: Int -- ^ 'utrsResponseStatus'
-    -> UpdateThingResponse
-updateThingResponse pResponseStatus_ =
-  UpdateThingResponse' {_utrsResponseStatus = pResponseStatus_}
-
-
--- | -- | The response status code.
-utrsResponseStatus :: Lens' UpdateThingResponse Int
-utrsResponseStatus = lens _utrsResponseStatus (\ s a -> s{_utrsResponseStatus = a})
-
-instance NFData UpdateThingResponse where
diff --git a/gen/Network/AWS/IoT/UpdateThingGroup.hs b/gen/Network/AWS/IoT/UpdateThingGroup.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/UpdateThingGroup.hs
+++ /dev/null
@@ -1,152 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.UpdateThingGroup
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Update a thing group.
---
---
-module Network.AWS.IoT.UpdateThingGroup
-    (
-    -- * Creating a Request
-      updateThingGroup
-    , UpdateThingGroup
-    -- * Request Lenses
-    , utgExpectedVersion
-    , utgThingGroupName
-    , utgThingGroupProperties
-
-    -- * Destructuring the Response
-    , updateThingGroupResponse
-    , UpdateThingGroupResponse
-    -- * Response Lenses
-    , utgrsVersion
-    , utgrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'updateThingGroup' smart constructor.
-data UpdateThingGroup = UpdateThingGroup'
-  { _utgExpectedVersion      :: !(Maybe Integer)
-  , _utgThingGroupName       :: !Text
-  , _utgThingGroupProperties :: !ThingGroupProperties
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'UpdateThingGroup' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'utgExpectedVersion' - The expected version of the thing group. If this does not match the version of the thing group being updated, the update will fail.
---
--- * 'utgThingGroupName' - The thing group to update.
---
--- * 'utgThingGroupProperties' - The thing group properties.
-updateThingGroup
-    :: Text -- ^ 'utgThingGroupName'
-    -> ThingGroupProperties -- ^ 'utgThingGroupProperties'
-    -> UpdateThingGroup
-updateThingGroup pThingGroupName_ pThingGroupProperties_ =
-  UpdateThingGroup'
-    { _utgExpectedVersion = Nothing
-    , _utgThingGroupName = pThingGroupName_
-    , _utgThingGroupProperties = pThingGroupProperties_
-    }
-
-
--- | The expected version of the thing group. If this does not match the version of the thing group being updated, the update will fail.
-utgExpectedVersion :: Lens' UpdateThingGroup (Maybe Integer)
-utgExpectedVersion = lens _utgExpectedVersion (\ s a -> s{_utgExpectedVersion = a})
-
--- | The thing group to update.
-utgThingGroupName :: Lens' UpdateThingGroup Text
-utgThingGroupName = lens _utgThingGroupName (\ s a -> s{_utgThingGroupName = a})
-
--- | The thing group properties.
-utgThingGroupProperties :: Lens' UpdateThingGroup ThingGroupProperties
-utgThingGroupProperties = lens _utgThingGroupProperties (\ s a -> s{_utgThingGroupProperties = a})
-
-instance AWSRequest UpdateThingGroup where
-        type Rs UpdateThingGroup = UpdateThingGroupResponse
-        request = patchJSON ioT
-        response
-          = receiveJSON
-              (\ s h x ->
-                 UpdateThingGroupResponse' <$>
-                   (x .?> "version") <*> (pure (fromEnum s)))
-
-instance Hashable UpdateThingGroup where
-
-instance NFData UpdateThingGroup where
-
-instance ToHeaders UpdateThingGroup where
-        toHeaders = const mempty
-
-instance ToJSON UpdateThingGroup where
-        toJSON UpdateThingGroup'{..}
-          = object
-              (catMaybes
-                 [("expectedVersion" .=) <$> _utgExpectedVersion,
-                  Just
-                    ("thingGroupProperties" .=
-                       _utgThingGroupProperties)])
-
-instance ToPath UpdateThingGroup where
-        toPath UpdateThingGroup'{..}
-          = mconcat ["/thing-groups/", toBS _utgThingGroupName]
-
-instance ToQuery UpdateThingGroup where
-        toQuery = const mempty
-
--- | /See:/ 'updateThingGroupResponse' smart constructor.
-data UpdateThingGroupResponse = UpdateThingGroupResponse'
-  { _utgrsVersion        :: !(Maybe Integer)
-  , _utgrsResponseStatus :: !Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'UpdateThingGroupResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'utgrsVersion' - The version of the updated thing group.
---
--- * 'utgrsResponseStatus' - -- | The response status code.
-updateThingGroupResponse
-    :: Int -- ^ 'utgrsResponseStatus'
-    -> UpdateThingGroupResponse
-updateThingGroupResponse pResponseStatus_ =
-  UpdateThingGroupResponse'
-    {_utgrsVersion = Nothing, _utgrsResponseStatus = pResponseStatus_}
-
-
--- | The version of the updated thing group.
-utgrsVersion :: Lens' UpdateThingGroupResponse (Maybe Integer)
-utgrsVersion = lens _utgrsVersion (\ s a -> s{_utgrsVersion = a})
-
--- | -- | The response status code.
-utgrsResponseStatus :: Lens' UpdateThingGroupResponse Int
-utgrsResponseStatus = lens _utgrsResponseStatus (\ s a -> s{_utgrsResponseStatus = a})
-
-instance NFData UpdateThingGroupResponse where
diff --git a/gen/Network/AWS/IoT/UpdateThingGroupsForThing.hs b/gen/Network/AWS/IoT/UpdateThingGroupsForThing.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/UpdateThingGroupsForThing.hs
+++ /dev/null
@@ -1,143 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-{-# LANGUAGE DeriveGeneric      #-}
-{-# LANGUAGE OverloadedStrings  #-}
-{-# LANGUAGE RecordWildCards    #-}
-{-# LANGUAGE TypeFamilies       #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
-{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.UpdateThingGroupsForThing
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
--- Updates the groups to which the thing belongs.
---
---
-module Network.AWS.IoT.UpdateThingGroupsForThing
-    (
-    -- * Creating a Request
-      updateThingGroupsForThing
-    , UpdateThingGroupsForThing
-    -- * Request Lenses
-    , utgftThingGroupsToAdd
-    , utgftThingGroupsToRemove
-    , utgftThingName
-
-    -- * Destructuring the Response
-    , updateThingGroupsForThingResponse
-    , UpdateThingGroupsForThingResponse
-    -- * Response Lenses
-    , utgftrsResponseStatus
-    ) where
-
-import Network.AWS.IoT.Types
-import Network.AWS.IoT.Types.Product
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Request
-import Network.AWS.Response
-
--- | /See:/ 'updateThingGroupsForThing' smart constructor.
-data UpdateThingGroupsForThing = UpdateThingGroupsForThing'
-  { _utgftThingGroupsToAdd    :: !(Maybe [Text])
-  , _utgftThingGroupsToRemove :: !(Maybe [Text])
-  , _utgftThingName           :: !(Maybe Text)
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'UpdateThingGroupsForThing' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'utgftThingGroupsToAdd' - The groups to which the thing will be added.
---
--- * 'utgftThingGroupsToRemove' - The groups from which the thing will be removed.
---
--- * 'utgftThingName' - The thing whose group memberships will be updated.
-updateThingGroupsForThing
-    :: UpdateThingGroupsForThing
-updateThingGroupsForThing =
-  UpdateThingGroupsForThing'
-    { _utgftThingGroupsToAdd = Nothing
-    , _utgftThingGroupsToRemove = Nothing
-    , _utgftThingName = Nothing
-    }
-
-
--- | The groups to which the thing will be added.
-utgftThingGroupsToAdd :: Lens' UpdateThingGroupsForThing [Text]
-utgftThingGroupsToAdd = lens _utgftThingGroupsToAdd (\ s a -> s{_utgftThingGroupsToAdd = a}) . _Default . _Coerce
-
--- | The groups from which the thing will be removed.
-utgftThingGroupsToRemove :: Lens' UpdateThingGroupsForThing [Text]
-utgftThingGroupsToRemove = lens _utgftThingGroupsToRemove (\ s a -> s{_utgftThingGroupsToRemove = a}) . _Default . _Coerce
-
--- | The thing whose group memberships will be updated.
-utgftThingName :: Lens' UpdateThingGroupsForThing (Maybe Text)
-utgftThingName = lens _utgftThingName (\ s a -> s{_utgftThingName = a})
-
-instance AWSRequest UpdateThingGroupsForThing where
-        type Rs UpdateThingGroupsForThing =
-             UpdateThingGroupsForThingResponse
-        request = putJSON ioT
-        response
-          = receiveEmpty
-              (\ s h x ->
-                 UpdateThingGroupsForThingResponse' <$>
-                   (pure (fromEnum s)))
-
-instance Hashable UpdateThingGroupsForThing where
-
-instance NFData UpdateThingGroupsForThing where
-
-instance ToHeaders UpdateThingGroupsForThing where
-        toHeaders = const mempty
-
-instance ToJSON UpdateThingGroupsForThing where
-        toJSON UpdateThingGroupsForThing'{..}
-          = object
-              (catMaybes
-                 [("thingGroupsToAdd" .=) <$> _utgftThingGroupsToAdd,
-                  ("thingGroupsToRemove" .=) <$>
-                    _utgftThingGroupsToRemove,
-                  ("thingName" .=) <$> _utgftThingName])
-
-instance ToPath UpdateThingGroupsForThing where
-        toPath
-          = const "/thing-groups/updateThingGroupsForThing"
-
-instance ToQuery UpdateThingGroupsForThing where
-        toQuery = const mempty
-
--- | /See:/ 'updateThingGroupsForThingResponse' smart constructor.
-newtype UpdateThingGroupsForThingResponse = UpdateThingGroupsForThingResponse'
-  { _utgftrsResponseStatus :: Int
-  } deriving (Eq, Read, Show, Data, Typeable, Generic)
-
-
--- | Creates a value of 'UpdateThingGroupsForThingResponse' with the minimum fields required to make a request.
---
--- Use one of the following lenses to modify other fields as desired:
---
--- * 'utgftrsResponseStatus' - -- | The response status code.
-updateThingGroupsForThingResponse
-    :: Int -- ^ 'utgftrsResponseStatus'
-    -> UpdateThingGroupsForThingResponse
-updateThingGroupsForThingResponse pResponseStatus_ =
-  UpdateThingGroupsForThingResponse' {_utgftrsResponseStatus = pResponseStatus_}
-
-
--- | -- | The response status code.
-utgftrsResponseStatus :: Lens' UpdateThingGroupsForThingResponse Int
-utgftrsResponseStatus = lens _utgftrsResponseStatus (\ s a -> s{_utgftrsResponseStatus = a})
-
-instance NFData UpdateThingGroupsForThingResponse
-         where
diff --git a/gen/Network/AWS/IoT/Waiters.hs b/gen/Network/AWS/IoT/Waiters.hs
deleted file mode 100644
--- a/gen/Network/AWS/IoT/Waiters.hs
+++ /dev/null
@@ -1,21 +0,0 @@
-{-# LANGUAGE OverloadedStrings #-}
-{-# LANGUAGE TypeFamilies      #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Network.AWS.IoT.Waiters
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
-module Network.AWS.IoT.Waiters where
-
-import Network.AWS.IoT.Types
-import Network.AWS.Lens
-import Network.AWS.Prelude
-import Network.AWS.Waiter
diff --git a/test/Main.hs b/test/Main.hs
--- a/test/Main.hs
+++ b/test/Main.hs
@@ -2,20 +2,22 @@
 
 -- |
 -- Module      : Main
--- Copyright   : (c) 2013-2018 Brendan Hay
+-- Copyright   : (c) 2013-2023 Brendan Hay
 -- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
+-- Maintainer  : Brendan Hay
 -- Stability   : auto-generated
 -- Portability : non-portable (GHC extensions)
---
 module Main (main) where
 
+import Test.Amazonka.IoT
+import Test.Amazonka.IoT.Internal
 import Test.Tasty
-import Test.AWS.IoT
-import Test.AWS.IoT.Internal
 
 main :: IO ()
-main = defaultMain $ testGroup "IoT"
-    [ testGroup "tests"    tests
-    , testGroup "fixtures" fixtures
-    ]
+main =
+  defaultMain $
+    testGroup
+      "IoT"
+      [ testGroup "tests" tests,
+        testGroup "fixtures" fixtures
+      ]
diff --git a/test/Test/AWS/Gen/IoT.hs b/test/Test/AWS/Gen/IoT.hs
deleted file mode 100644
--- a/test/Test/AWS/Gen/IoT.hs
+++ /dev/null
@@ -1,2181 +0,0 @@
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-{-# OPTIONS_GHC -fno-warn-orphans        #-}
-
--- Derived from AWS service descriptions, licensed under Apache 2.0.
-
--- |
--- Module      : Test.AWS.Gen.IoT
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : Mozilla Public License, v. 2.0.
--- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
--- Stability   : auto-generated
--- Portability : non-portable (GHC extensions)
---
-module Test.AWS.Gen.IoT where
-
-import Data.Proxy
-import Network.AWS.IoT
-import Test.AWS.Fixture
-import Test.AWS.IoT.Internal
-import Test.AWS.Prelude
-import Test.Tasty
-
--- Auto-generated: the actual test selection needs to be manually placed into
--- the top-level so that real test data can be incrementally added.
---
--- This commented snippet is what the entire set should look like:
-
--- fixtures :: TestTree
--- fixtures =
---     [ testGroup "request"
---         [ requestListPolicies $
---             listPolicies
---
---         , requestCreatePolicy $
---             createPolicy
---
---         , requestRegisterCertificate $
---             registerCertificate
---
---         , requestListThingPrincipals $
---             listThingPrincipals
---
---         , requestDescribeRoleAlias $
---             describeRoleAlias
---
---         , requestCreateOTAUpdate $
---             createOTAUpdate
---
---         , requestDescribeDefaultAuthorizer $
---             describeDefaultAuthorizer
---
---         , requestListThingRegistrationTaskReports $
---             listThingRegistrationTaskReports
---
---         , requestListPrincipalThings $
---             listPrincipalThings
---
---         , requestRemoveThingFromThingGroup $
---             removeThingFromThingGroup
---
---         , requestDescribeEventConfigurations $
---             describeEventConfigurations
---
---         , requestListThingGroups $
---             listThingGroups
---
---         , requestDescribeThingRegistrationTask $
---             describeThingRegistrationTask
---
---         , requestGetLoggingOptions $
---             getLoggingOptions
---
---         , requestGetOTAUpdate $
---             getOTAUpdate
---
---         , requestGetEffectivePolicies $
---             getEffectivePolicies
---
---         , requestListThingTypes $
---             listThingTypes
---
---         , requestSetV2LoggingOptions $
---             setV2LoggingOptions
---
---         , requestListThingGroupsForThing $
---             listThingGroupsForThing
---
---         , requestCreateCertificateFromCSR $
---             createCertificateFromCSR
---
---         , requestDeleteThing $
---             deleteThing
---
---         , requestUpdateThing $
---             updateThing
---
---         , requestStartThingRegistrationTask $
---             startThingRegistrationTask
---
---         , requestListAuthorizers $
---             listAuthorizers
---
---         , requestListJobExecutionsForJob $
---             listJobExecutionsForJob
---
---         , requestSearchIndex $
---             searchIndex
---
---         , requestCreateThingType $
---             createThingType
---
---         , requestDeleteV2LoggingLevel $
---             deleteV2LoggingLevel
---
---         , requestSetDefaultAuthorizer $
---             setDefaultAuthorizer
---
---         , requestDescribeJobExecution $
---             describeJobExecution
---
---         , requestCancelCertificateTransfer $
---             cancelCertificateTransfer
---
---         , requestGetIndexingConfiguration $
---             getIndexingConfiguration
---
---         , requestDeleteRoleAlias $
---             deleteRoleAlias
---
---         , requestUpdateRoleAlias $
---             updateRoleAlias
---
---         , requestDeletePolicyVersion $
---             deletePolicyVersion
---
---         , requestDisableTopicRule $
---             disableTopicRule
---
---         , requestCreateTopicRule $
---             createTopicRule
---
---         , requestCreateJob $
---             createJob
---
---         , requestDescribeIndex $
---             describeIndex
---
---         , requestAssociateTargetsWithJob $
---             associateTargetsWithJob
---
---         , requestListAttachedPolicies $
---             listAttachedPolicies
---
---         , requestCreatePolicyVersion $
---             createPolicyVersion
---
---         , requestListCACertificates $
---             listCACertificates
---
---         , requestDeleteTopicRule $
---             deleteTopicRule
---
---         , requestGetJobDocument $
---             getJobDocument
---
---         , requestCreateRoleAlias $
---             createRoleAlias
---
---         , requestDeleteCACertificate $
---             deleteCACertificate
---
---         , requestUpdateCACertificate $
---             updateCACertificate
---
---         , requestListTopicRules $
---             listTopicRules
---
---         , requestTransferCertificate $
---             transferCertificate
---
---         , requestListJobs $
---             listJobs
---
---         , requestListRoleAliases $
---             listRoleAliases
---
---         , requestDescribeThingGroup $
---             describeThingGroup
---
---         , requestGetTopicRule $
---             getTopicRule
---
---         , requestDescribeThing $
---             describeThing
---
---         , requestDeletePolicy $
---             deletePolicy
---
---         , requestListThingsInThingGroup $
---             listThingsInThingGroup
---
---         , requestListCertificates $
---             listCertificates
---
---         , requestDescribeAuthorizer $
---             describeAuthorizer
---
---         , requestGetPolicyVersion $
---             getPolicyVersion
---
---         , requestDeleteCertificate $
---             deleteCertificate
---
---         , requestUpdateCertificate $
---             updateCertificate
---
---         , requestUpdateIndexingConfiguration $
---             updateIndexingConfiguration
---
---         , requestTestInvokeAuthorizer $
---             testInvokeAuthorizer
---
---         , requestCreateThingGroup $
---             createThingGroup
---
---         , requestDetachPolicy $
---             detachPolicy
---
---         , requestDescribeJob $
---             describeJob
---
---         , requestDeleteThingGroup $
---             deleteThingGroup
---
---         , requestUpdateThingGroup $
---             updateThingGroup
---
---         , requestListOTAUpdates $
---             listOTAUpdates
---
---         , requestDeleteOTAUpdate $
---             deleteOTAUpdate
---
---         , requestListOutgoingCertificates $
---             listOutgoingCertificates
---
---         , requestDescribeCACertificate $
---             describeCACertificate
---
---         , requestGetRegistrationCode $
---             getRegistrationCode
---
---         , requestDeleteThingType $
---             deleteThingType
---
---         , requestAddThingToThingGroup $
---             addThingToThingGroup
---
---         , requestListCertificatesByCA $
---             listCertificatesByCA
---
---         , requestAttachThingPrincipal $
---             attachThingPrincipal
---
---         , requestListThings $
---             listThings
---
---         , requestRegisterThing $
---             registerThing
---
---         , requestDeleteRegistrationCode $
---             deleteRegistrationCode
---
---         , requestUpdateStream $
---             updateStream
---
---         , requestDeleteStream $
---             deleteStream
---
---         , requestListStreams $
---             listStreams
---
---         , requestCreateAuthorizer $
---             createAuthorizer
---
---         , requestTestAuthorization $
---             testAuthorization
---
---         , requestListIndices $
---             listIndices
---
---         , requestUpdateAuthorizer $
---             updateAuthorizer
---
---         , requestDeleteAuthorizer $
---             deleteAuthorizer
---
---         , requestCreateThing $
---             createThing
---
---         , requestCreateStream $
---             createStream
---
---         , requestListV2LoggingLevels $
---             listV2LoggingLevels
---
---         , requestStopThingRegistrationTask $
---             stopThingRegistrationTask
---
---         , requestDescribeCertificate $
---             describeCertificate
---
---         , requestListTargetsForPolicy $
---             listTargetsForPolicy
---
---         , requestClearDefaultAuthorizer $
---             clearDefaultAuthorizer
---
---         , requestReplaceTopicRule $
---             replaceTopicRule
---
---         , requestSetDefaultPolicyVersion $
---             setDefaultPolicyVersion
---
---         , requestListPolicyVersions $
---             listPolicyVersions
---
---         , requestSetV2LoggingLevel $
---             setV2LoggingLevel
---
---         , requestListJobExecutionsForThing $
---             listJobExecutionsForThing
---
---         , requestAttachPolicy $
---             attachPolicy
---
---         , requestCreateKeysAndCertificate $
---             createKeysAndCertificate
---
---         , requestUpdateThingGroupsForThing $
---             updateThingGroupsForThing
---
---         , requestEnableTopicRule $
---             enableTopicRule
---
---         , requestAcceptCertificateTransfer $
---             acceptCertificateTransfer
---
---         , requestGetPolicy $
---             getPolicy
---
---         , requestDescribeEndpoint $
---             describeEndpoint
---
---         , requestUpdateEventConfigurations $
---             updateEventConfigurations
---
---         , requestRegisterCACertificate $
---             registerCACertificate
---
---         , requestSetLoggingOptions $
---             setLoggingOptions
---
---         , requestDescribeThingType $
---             describeThingType
---
---         , requestGetV2LoggingOptions $
---             getV2LoggingOptions
---
---         , requestListThingRegistrationTasks $
---             listThingRegistrationTasks
---
---         , requestRejectCertificateTransfer $
---             rejectCertificateTransfer
---
---         , requestDescribeStream $
---             describeStream
---
---         , requestDetachThingPrincipal $
---             detachThingPrincipal
---
---         , requestCancelJob $
---             cancelJob
---
---         , requestDeprecateThingType $
---             deprecateThingType
---
---           ]
-
---     , testGroup "response"
---         [ responseListPolicies $
---             listPoliciesResponse
---
---         , responseCreatePolicy $
---             createPolicyResponse
---
---         , responseRegisterCertificate $
---             registerCertificateResponse
---
---         , responseListThingPrincipals $
---             listThingPrincipalsResponse
---
---         , responseDescribeRoleAlias $
---             describeRoleAliasResponse
---
---         , responseCreateOTAUpdate $
---             createOTAUpdateResponse
---
---         , responseDescribeDefaultAuthorizer $
---             describeDefaultAuthorizerResponse
---
---         , responseListThingRegistrationTaskReports $
---             listThingRegistrationTaskReportsResponse
---
---         , responseListPrincipalThings $
---             listPrincipalThingsResponse
---
---         , responseRemoveThingFromThingGroup $
---             removeThingFromThingGroupResponse
---
---         , responseDescribeEventConfigurations $
---             describeEventConfigurationsResponse
---
---         , responseListThingGroups $
---             listThingGroupsResponse
---
---         , responseDescribeThingRegistrationTask $
---             describeThingRegistrationTaskResponse
---
---         , responseGetLoggingOptions $
---             getLoggingOptionsResponse
---
---         , responseGetOTAUpdate $
---             getOTAUpdateResponse
---
---         , responseGetEffectivePolicies $
---             getEffectivePoliciesResponse
---
---         , responseListThingTypes $
---             listThingTypesResponse
---
---         , responseSetV2LoggingOptions $
---             setV2LoggingOptionsResponse
---
---         , responseListThingGroupsForThing $
---             listThingGroupsForThingResponse
---
---         , responseCreateCertificateFromCSR $
---             createCertificateFromCSRResponse
---
---         , responseDeleteThing $
---             deleteThingResponse
---
---         , responseUpdateThing $
---             updateThingResponse
---
---         , responseStartThingRegistrationTask $
---             startThingRegistrationTaskResponse
---
---         , responseListAuthorizers $
---             listAuthorizersResponse
---
---         , responseListJobExecutionsForJob $
---             listJobExecutionsForJobResponse
---
---         , responseSearchIndex $
---             searchIndexResponse
---
---         , responseCreateThingType $
---             createThingTypeResponse
---
---         , responseDeleteV2LoggingLevel $
---             deleteV2LoggingLevelResponse
---
---         , responseSetDefaultAuthorizer $
---             setDefaultAuthorizerResponse
---
---         , responseDescribeJobExecution $
---             describeJobExecutionResponse
---
---         , responseCancelCertificateTransfer $
---             cancelCertificateTransferResponse
---
---         , responseGetIndexingConfiguration $
---             getIndexingConfigurationResponse
---
---         , responseDeleteRoleAlias $
---             deleteRoleAliasResponse
---
---         , responseUpdateRoleAlias $
---             updateRoleAliasResponse
---
---         , responseDeletePolicyVersion $
---             deletePolicyVersionResponse
---
---         , responseDisableTopicRule $
---             disableTopicRuleResponse
---
---         , responseCreateTopicRule $
---             createTopicRuleResponse
---
---         , responseCreateJob $
---             createJobResponse
---
---         , responseDescribeIndex $
---             describeIndexResponse
---
---         , responseAssociateTargetsWithJob $
---             associateTargetsWithJobResponse
---
---         , responseListAttachedPolicies $
---             listAttachedPoliciesResponse
---
---         , responseCreatePolicyVersion $
---             createPolicyVersionResponse
---
---         , responseListCACertificates $
---             listCACertificatesResponse
---
---         , responseDeleteTopicRule $
---             deleteTopicRuleResponse
---
---         , responseGetJobDocument $
---             getJobDocumentResponse
---
---         , responseCreateRoleAlias $
---             createRoleAliasResponse
---
---         , responseDeleteCACertificate $
---             deleteCACertificateResponse
---
---         , responseUpdateCACertificate $
---             updateCACertificateResponse
---
---         , responseListTopicRules $
---             listTopicRulesResponse
---
---         , responseTransferCertificate $
---             transferCertificateResponse
---
---         , responseListJobs $
---             listJobsResponse
---
---         , responseListRoleAliases $
---             listRoleAliasesResponse
---
---         , responseDescribeThingGroup $
---             describeThingGroupResponse
---
---         , responseGetTopicRule $
---             getTopicRuleResponse
---
---         , responseDescribeThing $
---             describeThingResponse
---
---         , responseDeletePolicy $
---             deletePolicyResponse
---
---         , responseListThingsInThingGroup $
---             listThingsInThingGroupResponse
---
---         , responseListCertificates $
---             listCertificatesResponse
---
---         , responseDescribeAuthorizer $
---             describeAuthorizerResponse
---
---         , responseGetPolicyVersion $
---             getPolicyVersionResponse
---
---         , responseDeleteCertificate $
---             deleteCertificateResponse
---
---         , responseUpdateCertificate $
---             updateCertificateResponse
---
---         , responseUpdateIndexingConfiguration $
---             updateIndexingConfigurationResponse
---
---         , responseTestInvokeAuthorizer $
---             testInvokeAuthorizerResponse
---
---         , responseCreateThingGroup $
---             createThingGroupResponse
---
---         , responseDetachPolicy $
---             detachPolicyResponse
---
---         , responseDescribeJob $
---             describeJobResponse
---
---         , responseDeleteThingGroup $
---             deleteThingGroupResponse
---
---         , responseUpdateThingGroup $
---             updateThingGroupResponse
---
---         , responseListOTAUpdates $
---             listOTAUpdatesResponse
---
---         , responseDeleteOTAUpdate $
---             deleteOTAUpdateResponse
---
---         , responseListOutgoingCertificates $
---             listOutgoingCertificatesResponse
---
---         , responseDescribeCACertificate $
---             describeCACertificateResponse
---
---         , responseGetRegistrationCode $
---             getRegistrationCodeResponse
---
---         , responseDeleteThingType $
---             deleteThingTypeResponse
---
---         , responseAddThingToThingGroup $
---             addThingToThingGroupResponse
---
---         , responseListCertificatesByCA $
---             listCertificatesByCAResponse
---
---         , responseAttachThingPrincipal $
---             attachThingPrincipalResponse
---
---         , responseListThings $
---             listThingsResponse
---
---         , responseRegisterThing $
---             registerThingResponse
---
---         , responseDeleteRegistrationCode $
---             deleteRegistrationCodeResponse
---
---         , responseUpdateStream $
---             updateStreamResponse
---
---         , responseDeleteStream $
---             deleteStreamResponse
---
---         , responseListStreams $
---             listStreamsResponse
---
---         , responseCreateAuthorizer $
---             createAuthorizerResponse
---
---         , responseTestAuthorization $
---             testAuthorizationResponse
---
---         , responseListIndices $
---             listIndicesResponse
---
---         , responseUpdateAuthorizer $
---             updateAuthorizerResponse
---
---         , responseDeleteAuthorizer $
---             deleteAuthorizerResponse
---
---         , responseCreateThing $
---             createThingResponse
---
---         , responseCreateStream $
---             createStreamResponse
---
---         , responseListV2LoggingLevels $
---             listV2LoggingLevelsResponse
---
---         , responseStopThingRegistrationTask $
---             stopThingRegistrationTaskResponse
---
---         , responseDescribeCertificate $
---             describeCertificateResponse
---
---         , responseListTargetsForPolicy $
---             listTargetsForPolicyResponse
---
---         , responseClearDefaultAuthorizer $
---             clearDefaultAuthorizerResponse
---
---         , responseReplaceTopicRule $
---             replaceTopicRuleResponse
---
---         , responseSetDefaultPolicyVersion $
---             setDefaultPolicyVersionResponse
---
---         , responseListPolicyVersions $
---             listPolicyVersionsResponse
---
---         , responseSetV2LoggingLevel $
---             setV2LoggingLevelResponse
---
---         , responseListJobExecutionsForThing $
---             listJobExecutionsForThingResponse
---
---         , responseAttachPolicy $
---             attachPolicyResponse
---
---         , responseCreateKeysAndCertificate $
---             createKeysAndCertificateResponse
---
---         , responseUpdateThingGroupsForThing $
---             updateThingGroupsForThingResponse
---
---         , responseEnableTopicRule $
---             enableTopicRuleResponse
---
---         , responseAcceptCertificateTransfer $
---             acceptCertificateTransferResponse
---
---         , responseGetPolicy $
---             getPolicyResponse
---
---         , responseDescribeEndpoint $
---             describeEndpointResponse
---
---         , responseUpdateEventConfigurations $
---             updateEventConfigurationsResponse
---
---         , responseRegisterCACertificate $
---             registerCACertificateResponse
---
---         , responseSetLoggingOptions $
---             setLoggingOptionsResponse
---
---         , responseDescribeThingType $
---             describeThingTypeResponse
---
---         , responseGetV2LoggingOptions $
---             getV2LoggingOptionsResponse
---
---         , responseListThingRegistrationTasks $
---             listThingRegistrationTasksResponse
---
---         , responseRejectCertificateTransfer $
---             rejectCertificateTransferResponse
---
---         , responseDescribeStream $
---             describeStreamResponse
---
---         , responseDetachThingPrincipal $
---             detachThingPrincipalResponse
---
---         , responseCancelJob $
---             cancelJobResponse
---
---         , responseDeprecateThingType $
---             deprecateThingTypeResponse
---
---           ]
---     ]
-
--- Requests
-
-requestListPolicies :: ListPolicies -> TestTree
-requestListPolicies = req
-    "ListPolicies"
-    "fixture/ListPolicies.yaml"
-
-requestCreatePolicy :: CreatePolicy -> TestTree
-requestCreatePolicy = req
-    "CreatePolicy"
-    "fixture/CreatePolicy.yaml"
-
-requestRegisterCertificate :: RegisterCertificate -> TestTree
-requestRegisterCertificate = req
-    "RegisterCertificate"
-    "fixture/RegisterCertificate.yaml"
-
-requestListThingPrincipals :: ListThingPrincipals -> TestTree
-requestListThingPrincipals = req
-    "ListThingPrincipals"
-    "fixture/ListThingPrincipals.yaml"
-
-requestDescribeRoleAlias :: DescribeRoleAlias -> TestTree
-requestDescribeRoleAlias = req
-    "DescribeRoleAlias"
-    "fixture/DescribeRoleAlias.yaml"
-
-requestCreateOTAUpdate :: CreateOTAUpdate -> TestTree
-requestCreateOTAUpdate = req
-    "CreateOTAUpdate"
-    "fixture/CreateOTAUpdate.yaml"
-
-requestDescribeDefaultAuthorizer :: DescribeDefaultAuthorizer -> TestTree
-requestDescribeDefaultAuthorizer = req
-    "DescribeDefaultAuthorizer"
-    "fixture/DescribeDefaultAuthorizer.yaml"
-
-requestListThingRegistrationTaskReports :: ListThingRegistrationTaskReports -> TestTree
-requestListThingRegistrationTaskReports = req
-    "ListThingRegistrationTaskReports"
-    "fixture/ListThingRegistrationTaskReports.yaml"
-
-requestListPrincipalThings :: ListPrincipalThings -> TestTree
-requestListPrincipalThings = req
-    "ListPrincipalThings"
-    "fixture/ListPrincipalThings.yaml"
-
-requestRemoveThingFromThingGroup :: RemoveThingFromThingGroup -> TestTree
-requestRemoveThingFromThingGroup = req
-    "RemoveThingFromThingGroup"
-    "fixture/RemoveThingFromThingGroup.yaml"
-
-requestDescribeEventConfigurations :: DescribeEventConfigurations -> TestTree
-requestDescribeEventConfigurations = req
-    "DescribeEventConfigurations"
-    "fixture/DescribeEventConfigurations.yaml"
-
-requestListThingGroups :: ListThingGroups -> TestTree
-requestListThingGroups = req
-    "ListThingGroups"
-    "fixture/ListThingGroups.yaml"
-
-requestDescribeThingRegistrationTask :: DescribeThingRegistrationTask -> TestTree
-requestDescribeThingRegistrationTask = req
-    "DescribeThingRegistrationTask"
-    "fixture/DescribeThingRegistrationTask.yaml"
-
-requestGetLoggingOptions :: GetLoggingOptions -> TestTree
-requestGetLoggingOptions = req
-    "GetLoggingOptions"
-    "fixture/GetLoggingOptions.yaml"
-
-requestGetOTAUpdate :: GetOTAUpdate -> TestTree
-requestGetOTAUpdate = req
-    "GetOTAUpdate"
-    "fixture/GetOTAUpdate.yaml"
-
-requestGetEffectivePolicies :: GetEffectivePolicies -> TestTree
-requestGetEffectivePolicies = req
-    "GetEffectivePolicies"
-    "fixture/GetEffectivePolicies.yaml"
-
-requestListThingTypes :: ListThingTypes -> TestTree
-requestListThingTypes = req
-    "ListThingTypes"
-    "fixture/ListThingTypes.yaml"
-
-requestSetV2LoggingOptions :: SetV2LoggingOptions -> TestTree
-requestSetV2LoggingOptions = req
-    "SetV2LoggingOptions"
-    "fixture/SetV2LoggingOptions.yaml"
-
-requestListThingGroupsForThing :: ListThingGroupsForThing -> TestTree
-requestListThingGroupsForThing = req
-    "ListThingGroupsForThing"
-    "fixture/ListThingGroupsForThing.yaml"
-
-requestCreateCertificateFromCSR :: CreateCertificateFromCSR -> TestTree
-requestCreateCertificateFromCSR = req
-    "CreateCertificateFromCSR"
-    "fixture/CreateCertificateFromCSR.yaml"
-
-requestDeleteThing :: DeleteThing -> TestTree
-requestDeleteThing = req
-    "DeleteThing"
-    "fixture/DeleteThing.yaml"
-
-requestUpdateThing :: UpdateThing -> TestTree
-requestUpdateThing = req
-    "UpdateThing"
-    "fixture/UpdateThing.yaml"
-
-requestStartThingRegistrationTask :: StartThingRegistrationTask -> TestTree
-requestStartThingRegistrationTask = req
-    "StartThingRegistrationTask"
-    "fixture/StartThingRegistrationTask.yaml"
-
-requestListAuthorizers :: ListAuthorizers -> TestTree
-requestListAuthorizers = req
-    "ListAuthorizers"
-    "fixture/ListAuthorizers.yaml"
-
-requestListJobExecutionsForJob :: ListJobExecutionsForJob -> TestTree
-requestListJobExecutionsForJob = req
-    "ListJobExecutionsForJob"
-    "fixture/ListJobExecutionsForJob.yaml"
-
-requestSearchIndex :: SearchIndex -> TestTree
-requestSearchIndex = req
-    "SearchIndex"
-    "fixture/SearchIndex.yaml"
-
-requestCreateThingType :: CreateThingType -> TestTree
-requestCreateThingType = req
-    "CreateThingType"
-    "fixture/CreateThingType.yaml"
-
-requestDeleteV2LoggingLevel :: DeleteV2LoggingLevel -> TestTree
-requestDeleteV2LoggingLevel = req
-    "DeleteV2LoggingLevel"
-    "fixture/DeleteV2LoggingLevel.yaml"
-
-requestSetDefaultAuthorizer :: SetDefaultAuthorizer -> TestTree
-requestSetDefaultAuthorizer = req
-    "SetDefaultAuthorizer"
-    "fixture/SetDefaultAuthorizer.yaml"
-
-requestDescribeJobExecution :: DescribeJobExecution -> TestTree
-requestDescribeJobExecution = req
-    "DescribeJobExecution"
-    "fixture/DescribeJobExecution.yaml"
-
-requestCancelCertificateTransfer :: CancelCertificateTransfer -> TestTree
-requestCancelCertificateTransfer = req
-    "CancelCertificateTransfer"
-    "fixture/CancelCertificateTransfer.yaml"
-
-requestGetIndexingConfiguration :: GetIndexingConfiguration -> TestTree
-requestGetIndexingConfiguration = req
-    "GetIndexingConfiguration"
-    "fixture/GetIndexingConfiguration.yaml"
-
-requestDeleteRoleAlias :: DeleteRoleAlias -> TestTree
-requestDeleteRoleAlias = req
-    "DeleteRoleAlias"
-    "fixture/DeleteRoleAlias.yaml"
-
-requestUpdateRoleAlias :: UpdateRoleAlias -> TestTree
-requestUpdateRoleAlias = req
-    "UpdateRoleAlias"
-    "fixture/UpdateRoleAlias.yaml"
-
-requestDeletePolicyVersion :: DeletePolicyVersion -> TestTree
-requestDeletePolicyVersion = req
-    "DeletePolicyVersion"
-    "fixture/DeletePolicyVersion.yaml"
-
-requestDisableTopicRule :: DisableTopicRule -> TestTree
-requestDisableTopicRule = req
-    "DisableTopicRule"
-    "fixture/DisableTopicRule.yaml"
-
-requestCreateTopicRule :: CreateTopicRule -> TestTree
-requestCreateTopicRule = req
-    "CreateTopicRule"
-    "fixture/CreateTopicRule.yaml"
-
-requestCreateJob :: CreateJob -> TestTree
-requestCreateJob = req
-    "CreateJob"
-    "fixture/CreateJob.yaml"
-
-requestDescribeIndex :: DescribeIndex -> TestTree
-requestDescribeIndex = req
-    "DescribeIndex"
-    "fixture/DescribeIndex.yaml"
-
-requestAssociateTargetsWithJob :: AssociateTargetsWithJob -> TestTree
-requestAssociateTargetsWithJob = req
-    "AssociateTargetsWithJob"
-    "fixture/AssociateTargetsWithJob.yaml"
-
-requestListAttachedPolicies :: ListAttachedPolicies -> TestTree
-requestListAttachedPolicies = req
-    "ListAttachedPolicies"
-    "fixture/ListAttachedPolicies.yaml"
-
-requestCreatePolicyVersion :: CreatePolicyVersion -> TestTree
-requestCreatePolicyVersion = req
-    "CreatePolicyVersion"
-    "fixture/CreatePolicyVersion.yaml"
-
-requestListCACertificates :: ListCACertificates -> TestTree
-requestListCACertificates = req
-    "ListCACertificates"
-    "fixture/ListCACertificates.yaml"
-
-requestDeleteTopicRule :: DeleteTopicRule -> TestTree
-requestDeleteTopicRule = req
-    "DeleteTopicRule"
-    "fixture/DeleteTopicRule.yaml"
-
-requestGetJobDocument :: GetJobDocument -> TestTree
-requestGetJobDocument = req
-    "GetJobDocument"
-    "fixture/GetJobDocument.yaml"
-
-requestCreateRoleAlias :: CreateRoleAlias -> TestTree
-requestCreateRoleAlias = req
-    "CreateRoleAlias"
-    "fixture/CreateRoleAlias.yaml"
-
-requestDeleteCACertificate :: DeleteCACertificate -> TestTree
-requestDeleteCACertificate = req
-    "DeleteCACertificate"
-    "fixture/DeleteCACertificate.yaml"
-
-requestUpdateCACertificate :: UpdateCACertificate -> TestTree
-requestUpdateCACertificate = req
-    "UpdateCACertificate"
-    "fixture/UpdateCACertificate.yaml"
-
-requestListTopicRules :: ListTopicRules -> TestTree
-requestListTopicRules = req
-    "ListTopicRules"
-    "fixture/ListTopicRules.yaml"
-
-requestTransferCertificate :: TransferCertificate -> TestTree
-requestTransferCertificate = req
-    "TransferCertificate"
-    "fixture/TransferCertificate.yaml"
-
-requestListJobs :: ListJobs -> TestTree
-requestListJobs = req
-    "ListJobs"
-    "fixture/ListJobs.yaml"
-
-requestListRoleAliases :: ListRoleAliases -> TestTree
-requestListRoleAliases = req
-    "ListRoleAliases"
-    "fixture/ListRoleAliases.yaml"
-
-requestDescribeThingGroup :: DescribeThingGroup -> TestTree
-requestDescribeThingGroup = req
-    "DescribeThingGroup"
-    "fixture/DescribeThingGroup.yaml"
-
-requestGetTopicRule :: GetTopicRule -> TestTree
-requestGetTopicRule = req
-    "GetTopicRule"
-    "fixture/GetTopicRule.yaml"
-
-requestDescribeThing :: DescribeThing -> TestTree
-requestDescribeThing = req
-    "DescribeThing"
-    "fixture/DescribeThing.yaml"
-
-requestDeletePolicy :: DeletePolicy -> TestTree
-requestDeletePolicy = req
-    "DeletePolicy"
-    "fixture/DeletePolicy.yaml"
-
-requestListThingsInThingGroup :: ListThingsInThingGroup -> TestTree
-requestListThingsInThingGroup = req
-    "ListThingsInThingGroup"
-    "fixture/ListThingsInThingGroup.yaml"
-
-requestListCertificates :: ListCertificates -> TestTree
-requestListCertificates = req
-    "ListCertificates"
-    "fixture/ListCertificates.yaml"
-
-requestDescribeAuthorizer :: DescribeAuthorizer -> TestTree
-requestDescribeAuthorizer = req
-    "DescribeAuthorizer"
-    "fixture/DescribeAuthorizer.yaml"
-
-requestGetPolicyVersion :: GetPolicyVersion -> TestTree
-requestGetPolicyVersion = req
-    "GetPolicyVersion"
-    "fixture/GetPolicyVersion.yaml"
-
-requestDeleteCertificate :: DeleteCertificate -> TestTree
-requestDeleteCertificate = req
-    "DeleteCertificate"
-    "fixture/DeleteCertificate.yaml"
-
-requestUpdateCertificate :: UpdateCertificate -> TestTree
-requestUpdateCertificate = req
-    "UpdateCertificate"
-    "fixture/UpdateCertificate.yaml"
-
-requestUpdateIndexingConfiguration :: UpdateIndexingConfiguration -> TestTree
-requestUpdateIndexingConfiguration = req
-    "UpdateIndexingConfiguration"
-    "fixture/UpdateIndexingConfiguration.yaml"
-
-requestTestInvokeAuthorizer :: TestInvokeAuthorizer -> TestTree
-requestTestInvokeAuthorizer = req
-    "TestInvokeAuthorizer"
-    "fixture/TestInvokeAuthorizer.yaml"
-
-requestCreateThingGroup :: CreateThingGroup -> TestTree
-requestCreateThingGroup = req
-    "CreateThingGroup"
-    "fixture/CreateThingGroup.yaml"
-
-requestDetachPolicy :: DetachPolicy -> TestTree
-requestDetachPolicy = req
-    "DetachPolicy"
-    "fixture/DetachPolicy.yaml"
-
-requestDescribeJob :: DescribeJob -> TestTree
-requestDescribeJob = req
-    "DescribeJob"
-    "fixture/DescribeJob.yaml"
-
-requestDeleteThingGroup :: DeleteThingGroup -> TestTree
-requestDeleteThingGroup = req
-    "DeleteThingGroup"
-    "fixture/DeleteThingGroup.yaml"
-
-requestUpdateThingGroup :: UpdateThingGroup -> TestTree
-requestUpdateThingGroup = req
-    "UpdateThingGroup"
-    "fixture/UpdateThingGroup.yaml"
-
-requestListOTAUpdates :: ListOTAUpdates -> TestTree
-requestListOTAUpdates = req
-    "ListOTAUpdates"
-    "fixture/ListOTAUpdates.yaml"
-
-requestDeleteOTAUpdate :: DeleteOTAUpdate -> TestTree
-requestDeleteOTAUpdate = req
-    "DeleteOTAUpdate"
-    "fixture/DeleteOTAUpdate.yaml"
-
-requestListOutgoingCertificates :: ListOutgoingCertificates -> TestTree
-requestListOutgoingCertificates = req
-    "ListOutgoingCertificates"
-    "fixture/ListOutgoingCertificates.yaml"
-
-requestDescribeCACertificate :: DescribeCACertificate -> TestTree
-requestDescribeCACertificate = req
-    "DescribeCACertificate"
-    "fixture/DescribeCACertificate.yaml"
-
-requestGetRegistrationCode :: GetRegistrationCode -> TestTree
-requestGetRegistrationCode = req
-    "GetRegistrationCode"
-    "fixture/GetRegistrationCode.yaml"
-
-requestDeleteThingType :: DeleteThingType -> TestTree
-requestDeleteThingType = req
-    "DeleteThingType"
-    "fixture/DeleteThingType.yaml"
-
-requestAddThingToThingGroup :: AddThingToThingGroup -> TestTree
-requestAddThingToThingGroup = req
-    "AddThingToThingGroup"
-    "fixture/AddThingToThingGroup.yaml"
-
-requestListCertificatesByCA :: ListCertificatesByCA -> TestTree
-requestListCertificatesByCA = req
-    "ListCertificatesByCA"
-    "fixture/ListCertificatesByCA.yaml"
-
-requestAttachThingPrincipal :: AttachThingPrincipal -> TestTree
-requestAttachThingPrincipal = req
-    "AttachThingPrincipal"
-    "fixture/AttachThingPrincipal.yaml"
-
-requestListThings :: ListThings -> TestTree
-requestListThings = req
-    "ListThings"
-    "fixture/ListThings.yaml"
-
-requestRegisterThing :: RegisterThing -> TestTree
-requestRegisterThing = req
-    "RegisterThing"
-    "fixture/RegisterThing.yaml"
-
-requestDeleteRegistrationCode :: DeleteRegistrationCode -> TestTree
-requestDeleteRegistrationCode = req
-    "DeleteRegistrationCode"
-    "fixture/DeleteRegistrationCode.yaml"
-
-requestUpdateStream :: UpdateStream -> TestTree
-requestUpdateStream = req
-    "UpdateStream"
-    "fixture/UpdateStream.yaml"
-
-requestDeleteStream :: DeleteStream -> TestTree
-requestDeleteStream = req
-    "DeleteStream"
-    "fixture/DeleteStream.yaml"
-
-requestListStreams :: ListStreams -> TestTree
-requestListStreams = req
-    "ListStreams"
-    "fixture/ListStreams.yaml"
-
-requestCreateAuthorizer :: CreateAuthorizer -> TestTree
-requestCreateAuthorizer = req
-    "CreateAuthorizer"
-    "fixture/CreateAuthorizer.yaml"
-
-requestTestAuthorization :: TestAuthorization -> TestTree
-requestTestAuthorization = req
-    "TestAuthorization"
-    "fixture/TestAuthorization.yaml"
-
-requestListIndices :: ListIndices -> TestTree
-requestListIndices = req
-    "ListIndices"
-    "fixture/ListIndices.yaml"
-
-requestUpdateAuthorizer :: UpdateAuthorizer -> TestTree
-requestUpdateAuthorizer = req
-    "UpdateAuthorizer"
-    "fixture/UpdateAuthorizer.yaml"
-
-requestDeleteAuthorizer :: DeleteAuthorizer -> TestTree
-requestDeleteAuthorizer = req
-    "DeleteAuthorizer"
-    "fixture/DeleteAuthorizer.yaml"
-
-requestCreateThing :: CreateThing -> TestTree
-requestCreateThing = req
-    "CreateThing"
-    "fixture/CreateThing.yaml"
-
-requestCreateStream :: CreateStream -> TestTree
-requestCreateStream = req
-    "CreateStream"
-    "fixture/CreateStream.yaml"
-
-requestListV2LoggingLevels :: ListV2LoggingLevels -> TestTree
-requestListV2LoggingLevels = req
-    "ListV2LoggingLevels"
-    "fixture/ListV2LoggingLevels.yaml"
-
-requestStopThingRegistrationTask :: StopThingRegistrationTask -> TestTree
-requestStopThingRegistrationTask = req
-    "StopThingRegistrationTask"
-    "fixture/StopThingRegistrationTask.yaml"
-
-requestDescribeCertificate :: DescribeCertificate -> TestTree
-requestDescribeCertificate = req
-    "DescribeCertificate"
-    "fixture/DescribeCertificate.yaml"
-
-requestListTargetsForPolicy :: ListTargetsForPolicy -> TestTree
-requestListTargetsForPolicy = req
-    "ListTargetsForPolicy"
-    "fixture/ListTargetsForPolicy.yaml"
-
-requestClearDefaultAuthorizer :: ClearDefaultAuthorizer -> TestTree
-requestClearDefaultAuthorizer = req
-    "ClearDefaultAuthorizer"
-    "fixture/ClearDefaultAuthorizer.yaml"
-
-requestReplaceTopicRule :: ReplaceTopicRule -> TestTree
-requestReplaceTopicRule = req
-    "ReplaceTopicRule"
-    "fixture/ReplaceTopicRule.yaml"
-
-requestSetDefaultPolicyVersion :: SetDefaultPolicyVersion -> TestTree
-requestSetDefaultPolicyVersion = req
-    "SetDefaultPolicyVersion"
-    "fixture/SetDefaultPolicyVersion.yaml"
-
-requestListPolicyVersions :: ListPolicyVersions -> TestTree
-requestListPolicyVersions = req
-    "ListPolicyVersions"
-    "fixture/ListPolicyVersions.yaml"
-
-requestSetV2LoggingLevel :: SetV2LoggingLevel -> TestTree
-requestSetV2LoggingLevel = req
-    "SetV2LoggingLevel"
-    "fixture/SetV2LoggingLevel.yaml"
-
-requestListJobExecutionsForThing :: ListJobExecutionsForThing -> TestTree
-requestListJobExecutionsForThing = req
-    "ListJobExecutionsForThing"
-    "fixture/ListJobExecutionsForThing.yaml"
-
-requestAttachPolicy :: AttachPolicy -> TestTree
-requestAttachPolicy = req
-    "AttachPolicy"
-    "fixture/AttachPolicy.yaml"
-
-requestCreateKeysAndCertificate :: CreateKeysAndCertificate -> TestTree
-requestCreateKeysAndCertificate = req
-    "CreateKeysAndCertificate"
-    "fixture/CreateKeysAndCertificate.yaml"
-
-requestUpdateThingGroupsForThing :: UpdateThingGroupsForThing -> TestTree
-requestUpdateThingGroupsForThing = req
-    "UpdateThingGroupsForThing"
-    "fixture/UpdateThingGroupsForThing.yaml"
-
-requestEnableTopicRule :: EnableTopicRule -> TestTree
-requestEnableTopicRule = req
-    "EnableTopicRule"
-    "fixture/EnableTopicRule.yaml"
-
-requestAcceptCertificateTransfer :: AcceptCertificateTransfer -> TestTree
-requestAcceptCertificateTransfer = req
-    "AcceptCertificateTransfer"
-    "fixture/AcceptCertificateTransfer.yaml"
-
-requestGetPolicy :: GetPolicy -> TestTree
-requestGetPolicy = req
-    "GetPolicy"
-    "fixture/GetPolicy.yaml"
-
-requestDescribeEndpoint :: DescribeEndpoint -> TestTree
-requestDescribeEndpoint = req
-    "DescribeEndpoint"
-    "fixture/DescribeEndpoint.yaml"
-
-requestUpdateEventConfigurations :: UpdateEventConfigurations -> TestTree
-requestUpdateEventConfigurations = req
-    "UpdateEventConfigurations"
-    "fixture/UpdateEventConfigurations.yaml"
-
-requestRegisterCACertificate :: RegisterCACertificate -> TestTree
-requestRegisterCACertificate = req
-    "RegisterCACertificate"
-    "fixture/RegisterCACertificate.yaml"
-
-requestSetLoggingOptions :: SetLoggingOptions -> TestTree
-requestSetLoggingOptions = req
-    "SetLoggingOptions"
-    "fixture/SetLoggingOptions.yaml"
-
-requestDescribeThingType :: DescribeThingType -> TestTree
-requestDescribeThingType = req
-    "DescribeThingType"
-    "fixture/DescribeThingType.yaml"
-
-requestGetV2LoggingOptions :: GetV2LoggingOptions -> TestTree
-requestGetV2LoggingOptions = req
-    "GetV2LoggingOptions"
-    "fixture/GetV2LoggingOptions.yaml"
-
-requestListThingRegistrationTasks :: ListThingRegistrationTasks -> TestTree
-requestListThingRegistrationTasks = req
-    "ListThingRegistrationTasks"
-    "fixture/ListThingRegistrationTasks.yaml"
-
-requestRejectCertificateTransfer :: RejectCertificateTransfer -> TestTree
-requestRejectCertificateTransfer = req
-    "RejectCertificateTransfer"
-    "fixture/RejectCertificateTransfer.yaml"
-
-requestDescribeStream :: DescribeStream -> TestTree
-requestDescribeStream = req
-    "DescribeStream"
-    "fixture/DescribeStream.yaml"
-
-requestDetachThingPrincipal :: DetachThingPrincipal -> TestTree
-requestDetachThingPrincipal = req
-    "DetachThingPrincipal"
-    "fixture/DetachThingPrincipal.yaml"
-
-requestCancelJob :: CancelJob -> TestTree
-requestCancelJob = req
-    "CancelJob"
-    "fixture/CancelJob.yaml"
-
-requestDeprecateThingType :: DeprecateThingType -> TestTree
-requestDeprecateThingType = req
-    "DeprecateThingType"
-    "fixture/DeprecateThingType.yaml"
-
--- Responses
-
-responseListPolicies :: ListPoliciesResponse -> TestTree
-responseListPolicies = res
-    "ListPoliciesResponse"
-    "fixture/ListPoliciesResponse.proto"
-    ioT
-    (Proxy :: Proxy ListPolicies)
-
-responseCreatePolicy :: CreatePolicyResponse -> TestTree
-responseCreatePolicy = res
-    "CreatePolicyResponse"
-    "fixture/CreatePolicyResponse.proto"
-    ioT
-    (Proxy :: Proxy CreatePolicy)
-
-responseRegisterCertificate :: RegisterCertificateResponse -> TestTree
-responseRegisterCertificate = res
-    "RegisterCertificateResponse"
-    "fixture/RegisterCertificateResponse.proto"
-    ioT
-    (Proxy :: Proxy RegisterCertificate)
-
-responseListThingPrincipals :: ListThingPrincipalsResponse -> TestTree
-responseListThingPrincipals = res
-    "ListThingPrincipalsResponse"
-    "fixture/ListThingPrincipalsResponse.proto"
-    ioT
-    (Proxy :: Proxy ListThingPrincipals)
-
-responseDescribeRoleAlias :: DescribeRoleAliasResponse -> TestTree
-responseDescribeRoleAlias = res
-    "DescribeRoleAliasResponse"
-    "fixture/DescribeRoleAliasResponse.proto"
-    ioT
-    (Proxy :: Proxy DescribeRoleAlias)
-
-responseCreateOTAUpdate :: CreateOTAUpdateResponse -> TestTree
-responseCreateOTAUpdate = res
-    "CreateOTAUpdateResponse"
-    "fixture/CreateOTAUpdateResponse.proto"
-    ioT
-    (Proxy :: Proxy CreateOTAUpdate)
-
-responseDescribeDefaultAuthorizer :: DescribeDefaultAuthorizerResponse -> TestTree
-responseDescribeDefaultAuthorizer = res
-    "DescribeDefaultAuthorizerResponse"
-    "fixture/DescribeDefaultAuthorizerResponse.proto"
-    ioT
-    (Proxy :: Proxy DescribeDefaultAuthorizer)
-
-responseListThingRegistrationTaskReports :: ListThingRegistrationTaskReportsResponse -> TestTree
-responseListThingRegistrationTaskReports = res
-    "ListThingRegistrationTaskReportsResponse"
-    "fixture/ListThingRegistrationTaskReportsResponse.proto"
-    ioT
-    (Proxy :: Proxy ListThingRegistrationTaskReports)
-
-responseListPrincipalThings :: ListPrincipalThingsResponse -> TestTree
-responseListPrincipalThings = res
-    "ListPrincipalThingsResponse"
-    "fixture/ListPrincipalThingsResponse.proto"
-    ioT
-    (Proxy :: Proxy ListPrincipalThings)
-
-responseRemoveThingFromThingGroup :: RemoveThingFromThingGroupResponse -> TestTree
-responseRemoveThingFromThingGroup = res
-    "RemoveThingFromThingGroupResponse"
-    "fixture/RemoveThingFromThingGroupResponse.proto"
-    ioT
-    (Proxy :: Proxy RemoveThingFromThingGroup)
-
-responseDescribeEventConfigurations :: DescribeEventConfigurationsResponse -> TestTree
-responseDescribeEventConfigurations = res
-    "DescribeEventConfigurationsResponse"
-    "fixture/DescribeEventConfigurationsResponse.proto"
-    ioT
-    (Proxy :: Proxy DescribeEventConfigurations)
-
-responseListThingGroups :: ListThingGroupsResponse -> TestTree
-responseListThingGroups = res
-    "ListThingGroupsResponse"
-    "fixture/ListThingGroupsResponse.proto"
-    ioT
-    (Proxy :: Proxy ListThingGroups)
-
-responseDescribeThingRegistrationTask :: DescribeThingRegistrationTaskResponse -> TestTree
-responseDescribeThingRegistrationTask = res
-    "DescribeThingRegistrationTaskResponse"
-    "fixture/DescribeThingRegistrationTaskResponse.proto"
-    ioT
-    (Proxy :: Proxy DescribeThingRegistrationTask)
-
-responseGetLoggingOptions :: GetLoggingOptionsResponse -> TestTree
-responseGetLoggingOptions = res
-    "GetLoggingOptionsResponse"
-    "fixture/GetLoggingOptionsResponse.proto"
-    ioT
-    (Proxy :: Proxy GetLoggingOptions)
-
-responseGetOTAUpdate :: GetOTAUpdateResponse -> TestTree
-responseGetOTAUpdate = res
-    "GetOTAUpdateResponse"
-    "fixture/GetOTAUpdateResponse.proto"
-    ioT
-    (Proxy :: Proxy GetOTAUpdate)
-
-responseGetEffectivePolicies :: GetEffectivePoliciesResponse -> TestTree
-responseGetEffectivePolicies = res
-    "GetEffectivePoliciesResponse"
-    "fixture/GetEffectivePoliciesResponse.proto"
-    ioT
-    (Proxy :: Proxy GetEffectivePolicies)
-
-responseListThingTypes :: ListThingTypesResponse -> TestTree
-responseListThingTypes = res
-    "ListThingTypesResponse"
-    "fixture/ListThingTypesResponse.proto"
-    ioT
-    (Proxy :: Proxy ListThingTypes)
-
-responseSetV2LoggingOptions :: SetV2LoggingOptionsResponse -> TestTree
-responseSetV2LoggingOptions = res
-    "SetV2LoggingOptionsResponse"
-    "fixture/SetV2LoggingOptionsResponse.proto"
-    ioT
-    (Proxy :: Proxy SetV2LoggingOptions)
-
-responseListThingGroupsForThing :: ListThingGroupsForThingResponse -> TestTree
-responseListThingGroupsForThing = res
-    "ListThingGroupsForThingResponse"
-    "fixture/ListThingGroupsForThingResponse.proto"
-    ioT
-    (Proxy :: Proxy ListThingGroupsForThing)
-
-responseCreateCertificateFromCSR :: CreateCertificateFromCSRResponse -> TestTree
-responseCreateCertificateFromCSR = res
-    "CreateCertificateFromCSRResponse"
-    "fixture/CreateCertificateFromCSRResponse.proto"
-    ioT
-    (Proxy :: Proxy CreateCertificateFromCSR)
-
-responseDeleteThing :: DeleteThingResponse -> TestTree
-responseDeleteThing = res
-    "DeleteThingResponse"
-    "fixture/DeleteThingResponse.proto"
-    ioT
-    (Proxy :: Proxy DeleteThing)
-
-responseUpdateThing :: UpdateThingResponse -> TestTree
-responseUpdateThing = res
-    "UpdateThingResponse"
-    "fixture/UpdateThingResponse.proto"
-    ioT
-    (Proxy :: Proxy UpdateThing)
-
-responseStartThingRegistrationTask :: StartThingRegistrationTaskResponse -> TestTree
-responseStartThingRegistrationTask = res
-    "StartThingRegistrationTaskResponse"
-    "fixture/StartThingRegistrationTaskResponse.proto"
-    ioT
-    (Proxy :: Proxy StartThingRegistrationTask)
-
-responseListAuthorizers :: ListAuthorizersResponse -> TestTree
-responseListAuthorizers = res
-    "ListAuthorizersResponse"
-    "fixture/ListAuthorizersResponse.proto"
-    ioT
-    (Proxy :: Proxy ListAuthorizers)
-
-responseListJobExecutionsForJob :: ListJobExecutionsForJobResponse -> TestTree
-responseListJobExecutionsForJob = res
-    "ListJobExecutionsForJobResponse"
-    "fixture/ListJobExecutionsForJobResponse.proto"
-    ioT
-    (Proxy :: Proxy ListJobExecutionsForJob)
-
-responseSearchIndex :: SearchIndexResponse -> TestTree
-responseSearchIndex = res
-    "SearchIndexResponse"
-    "fixture/SearchIndexResponse.proto"
-    ioT
-    (Proxy :: Proxy SearchIndex)
-
-responseCreateThingType :: CreateThingTypeResponse -> TestTree
-responseCreateThingType = res
-    "CreateThingTypeResponse"
-    "fixture/CreateThingTypeResponse.proto"
-    ioT
-    (Proxy :: Proxy CreateThingType)
-
-responseDeleteV2LoggingLevel :: DeleteV2LoggingLevelResponse -> TestTree
-responseDeleteV2LoggingLevel = res
-    "DeleteV2LoggingLevelResponse"
-    "fixture/DeleteV2LoggingLevelResponse.proto"
-    ioT
-    (Proxy :: Proxy DeleteV2LoggingLevel)
-
-responseSetDefaultAuthorizer :: SetDefaultAuthorizerResponse -> TestTree
-responseSetDefaultAuthorizer = res
-    "SetDefaultAuthorizerResponse"
-    "fixture/SetDefaultAuthorizerResponse.proto"
-    ioT
-    (Proxy :: Proxy SetDefaultAuthorizer)
-
-responseDescribeJobExecution :: DescribeJobExecutionResponse -> TestTree
-responseDescribeJobExecution = res
-    "DescribeJobExecutionResponse"
-    "fixture/DescribeJobExecutionResponse.proto"
-    ioT
-    (Proxy :: Proxy DescribeJobExecution)
-
-responseCancelCertificateTransfer :: CancelCertificateTransferResponse -> TestTree
-responseCancelCertificateTransfer = res
-    "CancelCertificateTransferResponse"
-    "fixture/CancelCertificateTransferResponse.proto"
-    ioT
-    (Proxy :: Proxy CancelCertificateTransfer)
-
-responseGetIndexingConfiguration :: GetIndexingConfigurationResponse -> TestTree
-responseGetIndexingConfiguration = res
-    "GetIndexingConfigurationResponse"
-    "fixture/GetIndexingConfigurationResponse.proto"
-    ioT
-    (Proxy :: Proxy GetIndexingConfiguration)
-
-responseDeleteRoleAlias :: DeleteRoleAliasResponse -> TestTree
-responseDeleteRoleAlias = res
-    "DeleteRoleAliasResponse"
-    "fixture/DeleteRoleAliasResponse.proto"
-    ioT
-    (Proxy :: Proxy DeleteRoleAlias)
-
-responseUpdateRoleAlias :: UpdateRoleAliasResponse -> TestTree
-responseUpdateRoleAlias = res
-    "UpdateRoleAliasResponse"
-    "fixture/UpdateRoleAliasResponse.proto"
-    ioT
-    (Proxy :: Proxy UpdateRoleAlias)
-
-responseDeletePolicyVersion :: DeletePolicyVersionResponse -> TestTree
-responseDeletePolicyVersion = res
-    "DeletePolicyVersionResponse"
-    "fixture/DeletePolicyVersionResponse.proto"
-    ioT
-    (Proxy :: Proxy DeletePolicyVersion)
-
-responseDisableTopicRule :: DisableTopicRuleResponse -> TestTree
-responseDisableTopicRule = res
-    "DisableTopicRuleResponse"
-    "fixture/DisableTopicRuleResponse.proto"
-    ioT
-    (Proxy :: Proxy DisableTopicRule)
-
-responseCreateTopicRule :: CreateTopicRuleResponse -> TestTree
-responseCreateTopicRule = res
-    "CreateTopicRuleResponse"
-    "fixture/CreateTopicRuleResponse.proto"
-    ioT
-    (Proxy :: Proxy CreateTopicRule)
-
-responseCreateJob :: CreateJobResponse -> TestTree
-responseCreateJob = res
-    "CreateJobResponse"
-    "fixture/CreateJobResponse.proto"
-    ioT
-    (Proxy :: Proxy CreateJob)
-
-responseDescribeIndex :: DescribeIndexResponse -> TestTree
-responseDescribeIndex = res
-    "DescribeIndexResponse"
-    "fixture/DescribeIndexResponse.proto"
-    ioT
-    (Proxy :: Proxy DescribeIndex)
-
-responseAssociateTargetsWithJob :: AssociateTargetsWithJobResponse -> TestTree
-responseAssociateTargetsWithJob = res
-    "AssociateTargetsWithJobResponse"
-    "fixture/AssociateTargetsWithJobResponse.proto"
-    ioT
-    (Proxy :: Proxy AssociateTargetsWithJob)
-
-responseListAttachedPolicies :: ListAttachedPoliciesResponse -> TestTree
-responseListAttachedPolicies = res
-    "ListAttachedPoliciesResponse"
-    "fixture/ListAttachedPoliciesResponse.proto"
-    ioT
-    (Proxy :: Proxy ListAttachedPolicies)
-
-responseCreatePolicyVersion :: CreatePolicyVersionResponse -> TestTree
-responseCreatePolicyVersion = res
-    "CreatePolicyVersionResponse"
-    "fixture/CreatePolicyVersionResponse.proto"
-    ioT
-    (Proxy :: Proxy CreatePolicyVersion)
-
-responseListCACertificates :: ListCACertificatesResponse -> TestTree
-responseListCACertificates = res
-    "ListCACertificatesResponse"
-    "fixture/ListCACertificatesResponse.proto"
-    ioT
-    (Proxy :: Proxy ListCACertificates)
-
-responseDeleteTopicRule :: DeleteTopicRuleResponse -> TestTree
-responseDeleteTopicRule = res
-    "DeleteTopicRuleResponse"
-    "fixture/DeleteTopicRuleResponse.proto"
-    ioT
-    (Proxy :: Proxy DeleteTopicRule)
-
-responseGetJobDocument :: GetJobDocumentResponse -> TestTree
-responseGetJobDocument = res
-    "GetJobDocumentResponse"
-    "fixture/GetJobDocumentResponse.proto"
-    ioT
-    (Proxy :: Proxy GetJobDocument)
-
-responseCreateRoleAlias :: CreateRoleAliasResponse -> TestTree
-responseCreateRoleAlias = res
-    "CreateRoleAliasResponse"
-    "fixture/CreateRoleAliasResponse.proto"
-    ioT
-    (Proxy :: Proxy CreateRoleAlias)
-
-responseDeleteCACertificate :: DeleteCACertificateResponse -> TestTree
-responseDeleteCACertificate = res
-    "DeleteCACertificateResponse"
-    "fixture/DeleteCACertificateResponse.proto"
-    ioT
-    (Proxy :: Proxy DeleteCACertificate)
-
-responseUpdateCACertificate :: UpdateCACertificateResponse -> TestTree
-responseUpdateCACertificate = res
-    "UpdateCACertificateResponse"
-    "fixture/UpdateCACertificateResponse.proto"
-    ioT
-    (Proxy :: Proxy UpdateCACertificate)
-
-responseListTopicRules :: ListTopicRulesResponse -> TestTree
-responseListTopicRules = res
-    "ListTopicRulesResponse"
-    "fixture/ListTopicRulesResponse.proto"
-    ioT
-    (Proxy :: Proxy ListTopicRules)
-
-responseTransferCertificate :: TransferCertificateResponse -> TestTree
-responseTransferCertificate = res
-    "TransferCertificateResponse"
-    "fixture/TransferCertificateResponse.proto"
-    ioT
-    (Proxy :: Proxy TransferCertificate)
-
-responseListJobs :: ListJobsResponse -> TestTree
-responseListJobs = res
-    "ListJobsResponse"
-    "fixture/ListJobsResponse.proto"
-    ioT
-    (Proxy :: Proxy ListJobs)
-
-responseListRoleAliases :: ListRoleAliasesResponse -> TestTree
-responseListRoleAliases = res
-    "ListRoleAliasesResponse"
-    "fixture/ListRoleAliasesResponse.proto"
-    ioT
-    (Proxy :: Proxy ListRoleAliases)
-
-responseDescribeThingGroup :: DescribeThingGroupResponse -> TestTree
-responseDescribeThingGroup = res
-    "DescribeThingGroupResponse"
-    "fixture/DescribeThingGroupResponse.proto"
-    ioT
-    (Proxy :: Proxy DescribeThingGroup)
-
-responseGetTopicRule :: GetTopicRuleResponse -> TestTree
-responseGetTopicRule = res
-    "GetTopicRuleResponse"
-    "fixture/GetTopicRuleResponse.proto"
-    ioT
-    (Proxy :: Proxy GetTopicRule)
-
-responseDescribeThing :: DescribeThingResponse -> TestTree
-responseDescribeThing = res
-    "DescribeThingResponse"
-    "fixture/DescribeThingResponse.proto"
-    ioT
-    (Proxy :: Proxy DescribeThing)
-
-responseDeletePolicy :: DeletePolicyResponse -> TestTree
-responseDeletePolicy = res
-    "DeletePolicyResponse"
-    "fixture/DeletePolicyResponse.proto"
-    ioT
-    (Proxy :: Proxy DeletePolicy)
-
-responseListThingsInThingGroup :: ListThingsInThingGroupResponse -> TestTree
-responseListThingsInThingGroup = res
-    "ListThingsInThingGroupResponse"
-    "fixture/ListThingsInThingGroupResponse.proto"
-    ioT
-    (Proxy :: Proxy ListThingsInThingGroup)
-
-responseListCertificates :: ListCertificatesResponse -> TestTree
-responseListCertificates = res
-    "ListCertificatesResponse"
-    "fixture/ListCertificatesResponse.proto"
-    ioT
-    (Proxy :: Proxy ListCertificates)
-
-responseDescribeAuthorizer :: DescribeAuthorizerResponse -> TestTree
-responseDescribeAuthorizer = res
-    "DescribeAuthorizerResponse"
-    "fixture/DescribeAuthorizerResponse.proto"
-    ioT
-    (Proxy :: Proxy DescribeAuthorizer)
-
-responseGetPolicyVersion :: GetPolicyVersionResponse -> TestTree
-responseGetPolicyVersion = res
-    "GetPolicyVersionResponse"
-    "fixture/GetPolicyVersionResponse.proto"
-    ioT
-    (Proxy :: Proxy GetPolicyVersion)
-
-responseDeleteCertificate :: DeleteCertificateResponse -> TestTree
-responseDeleteCertificate = res
-    "DeleteCertificateResponse"
-    "fixture/DeleteCertificateResponse.proto"
-    ioT
-    (Proxy :: Proxy DeleteCertificate)
-
-responseUpdateCertificate :: UpdateCertificateResponse -> TestTree
-responseUpdateCertificate = res
-    "UpdateCertificateResponse"
-    "fixture/UpdateCertificateResponse.proto"
-    ioT
-    (Proxy :: Proxy UpdateCertificate)
-
-responseUpdateIndexingConfiguration :: UpdateIndexingConfigurationResponse -> TestTree
-responseUpdateIndexingConfiguration = res
-    "UpdateIndexingConfigurationResponse"
-    "fixture/UpdateIndexingConfigurationResponse.proto"
-    ioT
-    (Proxy :: Proxy UpdateIndexingConfiguration)
-
-responseTestInvokeAuthorizer :: TestInvokeAuthorizerResponse -> TestTree
-responseTestInvokeAuthorizer = res
-    "TestInvokeAuthorizerResponse"
-    "fixture/TestInvokeAuthorizerResponse.proto"
-    ioT
-    (Proxy :: Proxy TestInvokeAuthorizer)
-
-responseCreateThingGroup :: CreateThingGroupResponse -> TestTree
-responseCreateThingGroup = res
-    "CreateThingGroupResponse"
-    "fixture/CreateThingGroupResponse.proto"
-    ioT
-    (Proxy :: Proxy CreateThingGroup)
-
-responseDetachPolicy :: DetachPolicyResponse -> TestTree
-responseDetachPolicy = res
-    "DetachPolicyResponse"
-    "fixture/DetachPolicyResponse.proto"
-    ioT
-    (Proxy :: Proxy DetachPolicy)
-
-responseDescribeJob :: DescribeJobResponse -> TestTree
-responseDescribeJob = res
-    "DescribeJobResponse"
-    "fixture/DescribeJobResponse.proto"
-    ioT
-    (Proxy :: Proxy DescribeJob)
-
-responseDeleteThingGroup :: DeleteThingGroupResponse -> TestTree
-responseDeleteThingGroup = res
-    "DeleteThingGroupResponse"
-    "fixture/DeleteThingGroupResponse.proto"
-    ioT
-    (Proxy :: Proxy DeleteThingGroup)
-
-responseUpdateThingGroup :: UpdateThingGroupResponse -> TestTree
-responseUpdateThingGroup = res
-    "UpdateThingGroupResponse"
-    "fixture/UpdateThingGroupResponse.proto"
-    ioT
-    (Proxy :: Proxy UpdateThingGroup)
-
-responseListOTAUpdates :: ListOTAUpdatesResponse -> TestTree
-responseListOTAUpdates = res
-    "ListOTAUpdatesResponse"
-    "fixture/ListOTAUpdatesResponse.proto"
-    ioT
-    (Proxy :: Proxy ListOTAUpdates)
-
-responseDeleteOTAUpdate :: DeleteOTAUpdateResponse -> TestTree
-responseDeleteOTAUpdate = res
-    "DeleteOTAUpdateResponse"
-    "fixture/DeleteOTAUpdateResponse.proto"
-    ioT
-    (Proxy :: Proxy DeleteOTAUpdate)
-
-responseListOutgoingCertificates :: ListOutgoingCertificatesResponse -> TestTree
-responseListOutgoingCertificates = res
-    "ListOutgoingCertificatesResponse"
-    "fixture/ListOutgoingCertificatesResponse.proto"
-    ioT
-    (Proxy :: Proxy ListOutgoingCertificates)
-
-responseDescribeCACertificate :: DescribeCACertificateResponse -> TestTree
-responseDescribeCACertificate = res
-    "DescribeCACertificateResponse"
-    "fixture/DescribeCACertificateResponse.proto"
-    ioT
-    (Proxy :: Proxy DescribeCACertificate)
-
-responseGetRegistrationCode :: GetRegistrationCodeResponse -> TestTree
-responseGetRegistrationCode = res
-    "GetRegistrationCodeResponse"
-    "fixture/GetRegistrationCodeResponse.proto"
-    ioT
-    (Proxy :: Proxy GetRegistrationCode)
-
-responseDeleteThingType :: DeleteThingTypeResponse -> TestTree
-responseDeleteThingType = res
-    "DeleteThingTypeResponse"
-    "fixture/DeleteThingTypeResponse.proto"
-    ioT
-    (Proxy :: Proxy DeleteThingType)
-
-responseAddThingToThingGroup :: AddThingToThingGroupResponse -> TestTree
-responseAddThingToThingGroup = res
-    "AddThingToThingGroupResponse"
-    "fixture/AddThingToThingGroupResponse.proto"
-    ioT
-    (Proxy :: Proxy AddThingToThingGroup)
-
-responseListCertificatesByCA :: ListCertificatesByCAResponse -> TestTree
-responseListCertificatesByCA = res
-    "ListCertificatesByCAResponse"
-    "fixture/ListCertificatesByCAResponse.proto"
-    ioT
-    (Proxy :: Proxy ListCertificatesByCA)
-
-responseAttachThingPrincipal :: AttachThingPrincipalResponse -> TestTree
-responseAttachThingPrincipal = res
-    "AttachThingPrincipalResponse"
-    "fixture/AttachThingPrincipalResponse.proto"
-    ioT
-    (Proxy :: Proxy AttachThingPrincipal)
-
-responseListThings :: ListThingsResponse -> TestTree
-responseListThings = res
-    "ListThingsResponse"
-    "fixture/ListThingsResponse.proto"
-    ioT
-    (Proxy :: Proxy ListThings)
-
-responseRegisterThing :: RegisterThingResponse -> TestTree
-responseRegisterThing = res
-    "RegisterThingResponse"
-    "fixture/RegisterThingResponse.proto"
-    ioT
-    (Proxy :: Proxy RegisterThing)
-
-responseDeleteRegistrationCode :: DeleteRegistrationCodeResponse -> TestTree
-responseDeleteRegistrationCode = res
-    "DeleteRegistrationCodeResponse"
-    "fixture/DeleteRegistrationCodeResponse.proto"
-    ioT
-    (Proxy :: Proxy DeleteRegistrationCode)
-
-responseUpdateStream :: UpdateStreamResponse -> TestTree
-responseUpdateStream = res
-    "UpdateStreamResponse"
-    "fixture/UpdateStreamResponse.proto"
-    ioT
-    (Proxy :: Proxy UpdateStream)
-
-responseDeleteStream :: DeleteStreamResponse -> TestTree
-responseDeleteStream = res
-    "DeleteStreamResponse"
-    "fixture/DeleteStreamResponse.proto"
-    ioT
-    (Proxy :: Proxy DeleteStream)
-
-responseListStreams :: ListStreamsResponse -> TestTree
-responseListStreams = res
-    "ListStreamsResponse"
-    "fixture/ListStreamsResponse.proto"
-    ioT
-    (Proxy :: Proxy ListStreams)
-
-responseCreateAuthorizer :: CreateAuthorizerResponse -> TestTree
-responseCreateAuthorizer = res
-    "CreateAuthorizerResponse"
-    "fixture/CreateAuthorizerResponse.proto"
-    ioT
-    (Proxy :: Proxy CreateAuthorizer)
-
-responseTestAuthorization :: TestAuthorizationResponse -> TestTree
-responseTestAuthorization = res
-    "TestAuthorizationResponse"
-    "fixture/TestAuthorizationResponse.proto"
-    ioT
-    (Proxy :: Proxy TestAuthorization)
-
-responseListIndices :: ListIndicesResponse -> TestTree
-responseListIndices = res
-    "ListIndicesResponse"
-    "fixture/ListIndicesResponse.proto"
-    ioT
-    (Proxy :: Proxy ListIndices)
-
-responseUpdateAuthorizer :: UpdateAuthorizerResponse -> TestTree
-responseUpdateAuthorizer = res
-    "UpdateAuthorizerResponse"
-    "fixture/UpdateAuthorizerResponse.proto"
-    ioT
-    (Proxy :: Proxy UpdateAuthorizer)
-
-responseDeleteAuthorizer :: DeleteAuthorizerResponse -> TestTree
-responseDeleteAuthorizer = res
-    "DeleteAuthorizerResponse"
-    "fixture/DeleteAuthorizerResponse.proto"
-    ioT
-    (Proxy :: Proxy DeleteAuthorizer)
-
-responseCreateThing :: CreateThingResponse -> TestTree
-responseCreateThing = res
-    "CreateThingResponse"
-    "fixture/CreateThingResponse.proto"
-    ioT
-    (Proxy :: Proxy CreateThing)
-
-responseCreateStream :: CreateStreamResponse -> TestTree
-responseCreateStream = res
-    "CreateStreamResponse"
-    "fixture/CreateStreamResponse.proto"
-    ioT
-    (Proxy :: Proxy CreateStream)
-
-responseListV2LoggingLevels :: ListV2LoggingLevelsResponse -> TestTree
-responseListV2LoggingLevels = res
-    "ListV2LoggingLevelsResponse"
-    "fixture/ListV2LoggingLevelsResponse.proto"
-    ioT
-    (Proxy :: Proxy ListV2LoggingLevels)
-
-responseStopThingRegistrationTask :: StopThingRegistrationTaskResponse -> TestTree
-responseStopThingRegistrationTask = res
-    "StopThingRegistrationTaskResponse"
-    "fixture/StopThingRegistrationTaskResponse.proto"
-    ioT
-    (Proxy :: Proxy StopThingRegistrationTask)
-
-responseDescribeCertificate :: DescribeCertificateResponse -> TestTree
-responseDescribeCertificate = res
-    "DescribeCertificateResponse"
-    "fixture/DescribeCertificateResponse.proto"
-    ioT
-    (Proxy :: Proxy DescribeCertificate)
-
-responseListTargetsForPolicy :: ListTargetsForPolicyResponse -> TestTree
-responseListTargetsForPolicy = res
-    "ListTargetsForPolicyResponse"
-    "fixture/ListTargetsForPolicyResponse.proto"
-    ioT
-    (Proxy :: Proxy ListTargetsForPolicy)
-
-responseClearDefaultAuthorizer :: ClearDefaultAuthorizerResponse -> TestTree
-responseClearDefaultAuthorizer = res
-    "ClearDefaultAuthorizerResponse"
-    "fixture/ClearDefaultAuthorizerResponse.proto"
-    ioT
-    (Proxy :: Proxy ClearDefaultAuthorizer)
-
-responseReplaceTopicRule :: ReplaceTopicRuleResponse -> TestTree
-responseReplaceTopicRule = res
-    "ReplaceTopicRuleResponse"
-    "fixture/ReplaceTopicRuleResponse.proto"
-    ioT
-    (Proxy :: Proxy ReplaceTopicRule)
-
-responseSetDefaultPolicyVersion :: SetDefaultPolicyVersionResponse -> TestTree
-responseSetDefaultPolicyVersion = res
-    "SetDefaultPolicyVersionResponse"
-    "fixture/SetDefaultPolicyVersionResponse.proto"
-    ioT
-    (Proxy :: Proxy SetDefaultPolicyVersion)
-
-responseListPolicyVersions :: ListPolicyVersionsResponse -> TestTree
-responseListPolicyVersions = res
-    "ListPolicyVersionsResponse"
-    "fixture/ListPolicyVersionsResponse.proto"
-    ioT
-    (Proxy :: Proxy ListPolicyVersions)
-
-responseSetV2LoggingLevel :: SetV2LoggingLevelResponse -> TestTree
-responseSetV2LoggingLevel = res
-    "SetV2LoggingLevelResponse"
-    "fixture/SetV2LoggingLevelResponse.proto"
-    ioT
-    (Proxy :: Proxy SetV2LoggingLevel)
-
-responseListJobExecutionsForThing :: ListJobExecutionsForThingResponse -> TestTree
-responseListJobExecutionsForThing = res
-    "ListJobExecutionsForThingResponse"
-    "fixture/ListJobExecutionsForThingResponse.proto"
-    ioT
-    (Proxy :: Proxy ListJobExecutionsForThing)
-
-responseAttachPolicy :: AttachPolicyResponse -> TestTree
-responseAttachPolicy = res
-    "AttachPolicyResponse"
-    "fixture/AttachPolicyResponse.proto"
-    ioT
-    (Proxy :: Proxy AttachPolicy)
-
-responseCreateKeysAndCertificate :: CreateKeysAndCertificateResponse -> TestTree
-responseCreateKeysAndCertificate = res
-    "CreateKeysAndCertificateResponse"
-    "fixture/CreateKeysAndCertificateResponse.proto"
-    ioT
-    (Proxy :: Proxy CreateKeysAndCertificate)
-
-responseUpdateThingGroupsForThing :: UpdateThingGroupsForThingResponse -> TestTree
-responseUpdateThingGroupsForThing = res
-    "UpdateThingGroupsForThingResponse"
-    "fixture/UpdateThingGroupsForThingResponse.proto"
-    ioT
-    (Proxy :: Proxy UpdateThingGroupsForThing)
-
-responseEnableTopicRule :: EnableTopicRuleResponse -> TestTree
-responseEnableTopicRule = res
-    "EnableTopicRuleResponse"
-    "fixture/EnableTopicRuleResponse.proto"
-    ioT
-    (Proxy :: Proxy EnableTopicRule)
-
-responseAcceptCertificateTransfer :: AcceptCertificateTransferResponse -> TestTree
-responseAcceptCertificateTransfer = res
-    "AcceptCertificateTransferResponse"
-    "fixture/AcceptCertificateTransferResponse.proto"
-    ioT
-    (Proxy :: Proxy AcceptCertificateTransfer)
-
-responseGetPolicy :: GetPolicyResponse -> TestTree
-responseGetPolicy = res
-    "GetPolicyResponse"
-    "fixture/GetPolicyResponse.proto"
-    ioT
-    (Proxy :: Proxy GetPolicy)
-
-responseDescribeEndpoint :: DescribeEndpointResponse -> TestTree
-responseDescribeEndpoint = res
-    "DescribeEndpointResponse"
-    "fixture/DescribeEndpointResponse.proto"
-    ioT
-    (Proxy :: Proxy DescribeEndpoint)
-
-responseUpdateEventConfigurations :: UpdateEventConfigurationsResponse -> TestTree
-responseUpdateEventConfigurations = res
-    "UpdateEventConfigurationsResponse"
-    "fixture/UpdateEventConfigurationsResponse.proto"
-    ioT
-    (Proxy :: Proxy UpdateEventConfigurations)
-
-responseRegisterCACertificate :: RegisterCACertificateResponse -> TestTree
-responseRegisterCACertificate = res
-    "RegisterCACertificateResponse"
-    "fixture/RegisterCACertificateResponse.proto"
-    ioT
-    (Proxy :: Proxy RegisterCACertificate)
-
-responseSetLoggingOptions :: SetLoggingOptionsResponse -> TestTree
-responseSetLoggingOptions = res
-    "SetLoggingOptionsResponse"
-    "fixture/SetLoggingOptionsResponse.proto"
-    ioT
-    (Proxy :: Proxy SetLoggingOptions)
-
-responseDescribeThingType :: DescribeThingTypeResponse -> TestTree
-responseDescribeThingType = res
-    "DescribeThingTypeResponse"
-    "fixture/DescribeThingTypeResponse.proto"
-    ioT
-    (Proxy :: Proxy DescribeThingType)
-
-responseGetV2LoggingOptions :: GetV2LoggingOptionsResponse -> TestTree
-responseGetV2LoggingOptions = res
-    "GetV2LoggingOptionsResponse"
-    "fixture/GetV2LoggingOptionsResponse.proto"
-    ioT
-    (Proxy :: Proxy GetV2LoggingOptions)
-
-responseListThingRegistrationTasks :: ListThingRegistrationTasksResponse -> TestTree
-responseListThingRegistrationTasks = res
-    "ListThingRegistrationTasksResponse"
-    "fixture/ListThingRegistrationTasksResponse.proto"
-    ioT
-    (Proxy :: Proxy ListThingRegistrationTasks)
-
-responseRejectCertificateTransfer :: RejectCertificateTransferResponse -> TestTree
-responseRejectCertificateTransfer = res
-    "RejectCertificateTransferResponse"
-    "fixture/RejectCertificateTransferResponse.proto"
-    ioT
-    (Proxy :: Proxy RejectCertificateTransfer)
-
-responseDescribeStream :: DescribeStreamResponse -> TestTree
-responseDescribeStream = res
-    "DescribeStreamResponse"
-    "fixture/DescribeStreamResponse.proto"
-    ioT
-    (Proxy :: Proxy DescribeStream)
-
-responseDetachThingPrincipal :: DetachThingPrincipalResponse -> TestTree
-responseDetachThingPrincipal = res
-    "DetachThingPrincipalResponse"
-    "fixture/DetachThingPrincipalResponse.proto"
-    ioT
-    (Proxy :: Proxy DetachThingPrincipal)
-
-responseCancelJob :: CancelJobResponse -> TestTree
-responseCancelJob = res
-    "CancelJobResponse"
-    "fixture/CancelJobResponse.proto"
-    ioT
-    (Proxy :: Proxy CancelJob)
-
-responseDeprecateThingType :: DeprecateThingTypeResponse -> TestTree
-responseDeprecateThingType = res
-    "DeprecateThingTypeResponse"
-    "fixture/DeprecateThingTypeResponse.proto"
-    ioT
-    (Proxy :: Proxy DeprecateThingType)
diff --git a/test/Test/AWS/IoT.hs b/test/Test/AWS/IoT.hs
deleted file mode 100644
--- a/test/Test/AWS/IoT.hs
+++ /dev/null
@@ -1,26 +0,0 @@
-{-# LANGUAGE OverloadedStrings #-}
-
--- Module      : Test.AWS.IoT
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : This Source Code Form is subject to the terms of
---               the Mozilla Public License, v. 2.0.
---               A copy of the MPL can be found in the LICENSE file or
---               you can obtain it at http://mozilla.org/MPL/2.0/.
--- Maintainer  : Brendan Hay <brendan.g.hay@gmail.com>
--- Stability   : experimental
--- Portability : non-portable (GHC extensions)
-
-module Test.AWS.IoT
-    ( tests
-    , fixtures
-    ) where
-
-import           Network.AWS.IoT
-import           Test.AWS.Gen.IoT
-import           Test.Tasty
-
-tests :: [TestTree]
-tests = []
-
-fixtures :: [TestTree]
-fixtures = []
diff --git a/test/Test/AWS/IoT/Internal.hs b/test/Test/AWS/IoT/Internal.hs
deleted file mode 100644
--- a/test/Test/AWS/IoT/Internal.hs
+++ /dev/null
@@ -1,17 +0,0 @@
-{-# LANGUAGE OverloadedStrings #-}
-
-{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-
--- Module      : Test.AWS.IoT.Internal
--- Copyright   : (c) 2013-2018 Brendan Hay
--- License     : This Source Code Form is subject to the terms of
---               the Mozilla Public License, v. 2.0.
---               A copy of the MPL can be found in the LICENSE file or
---               you can obtain it at http://mozilla.org/MPL/2.0/.
--- Maintainer  : Brendan Hay <brendan.g.hay@gmail.com>
--- Stability   : experimental
--- Portability : non-portable (GHC extensions)
-
-module Test.AWS.IoT.Internal where
-
-import           Test.AWS.Prelude
diff --git a/test/Test/Amazonka/Gen/IoT.hs b/test/Test/Amazonka/Gen/IoT.hs
new file mode 100644
--- /dev/null
+++ b/test/Test/Amazonka/Gen/IoT.hs
@@ -0,0 +1,4718 @@
+{-# OPTIONS_GHC -fno-warn-orphans #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Test.Amazonka.Gen.IoT
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Test.Amazonka.Gen.IoT where
+
+import Amazonka.IoT
+import qualified Data.Proxy as Proxy
+import Test.Amazonka.Fixture
+import Test.Amazonka.IoT.Internal
+import Test.Amazonka.Prelude
+import Test.Tasty
+
+-- Auto-generated: the actual test selection needs to be manually placed into
+-- the top-level so that real test data can be incrementally added.
+--
+-- This commented snippet is what the entire set should look like:
+
+-- fixtures :: TestTree
+-- fixtures =
+--     [ testGroup "request"
+--         [ requestAcceptCertificateTransfer $
+--             newAcceptCertificateTransfer
+--
+--         , requestAddThingToBillingGroup $
+--             newAddThingToBillingGroup
+--
+--         , requestAddThingToThingGroup $
+--             newAddThingToThingGroup
+--
+--         , requestAssociateTargetsWithJob $
+--             newAssociateTargetsWithJob
+--
+--         , requestAttachPolicy $
+--             newAttachPolicy
+--
+--         , requestAttachSecurityProfile $
+--             newAttachSecurityProfile
+--
+--         , requestAttachThingPrincipal $
+--             newAttachThingPrincipal
+--
+--         , requestCancelAuditMitigationActionsTask $
+--             newCancelAuditMitigationActionsTask
+--
+--         , requestCancelAuditTask $
+--             newCancelAuditTask
+--
+--         , requestCancelCertificateTransfer $
+--             newCancelCertificateTransfer
+--
+--         , requestCancelDetectMitigationActionsTask $
+--             newCancelDetectMitigationActionsTask
+--
+--         , requestCancelJob $
+--             newCancelJob
+--
+--         , requestCancelJobExecution $
+--             newCancelJobExecution
+--
+--         , requestClearDefaultAuthorizer $
+--             newClearDefaultAuthorizer
+--
+--         , requestConfirmTopicRuleDestination $
+--             newConfirmTopicRuleDestination
+--
+--         , requestCreateAuditSuppression $
+--             newCreateAuditSuppression
+--
+--         , requestCreateAuthorizer $
+--             newCreateAuthorizer
+--
+--         , requestCreateBillingGroup $
+--             newCreateBillingGroup
+--
+--         , requestCreateCertificateFromCsr $
+--             newCreateCertificateFromCsr
+--
+--         , requestCreateCustomMetric $
+--             newCreateCustomMetric
+--
+--         , requestCreateDimension $
+--             newCreateDimension
+--
+--         , requestCreateDomainConfiguration $
+--             newCreateDomainConfiguration
+--
+--         , requestCreateDynamicThingGroup $
+--             newCreateDynamicThingGroup
+--
+--         , requestCreateFleetMetric $
+--             newCreateFleetMetric
+--
+--         , requestCreateJob $
+--             newCreateJob
+--
+--         , requestCreateJobTemplate $
+--             newCreateJobTemplate
+--
+--         , requestCreateKeysAndCertificate $
+--             newCreateKeysAndCertificate
+--
+--         , requestCreateMitigationAction $
+--             newCreateMitigationAction
+--
+--         , requestCreateOTAUpdate $
+--             newCreateOTAUpdate
+--
+--         , requestCreatePolicy $
+--             newCreatePolicy
+--
+--         , requestCreatePolicyVersion $
+--             newCreatePolicyVersion
+--
+--         , requestCreateProvisioningClaim $
+--             newCreateProvisioningClaim
+--
+--         , requestCreateProvisioningTemplate $
+--             newCreateProvisioningTemplate
+--
+--         , requestCreateProvisioningTemplateVersion $
+--             newCreateProvisioningTemplateVersion
+--
+--         , requestCreateRoleAlias $
+--             newCreateRoleAlias
+--
+--         , requestCreateScheduledAudit $
+--             newCreateScheduledAudit
+--
+--         , requestCreateSecurityProfile $
+--             newCreateSecurityProfile
+--
+--         , requestCreateStream $
+--             newCreateStream
+--
+--         , requestCreateThing $
+--             newCreateThing
+--
+--         , requestCreateThingGroup $
+--             newCreateThingGroup
+--
+--         , requestCreateThingType $
+--             newCreateThingType
+--
+--         , requestCreateTopicRule $
+--             newCreateTopicRule
+--
+--         , requestCreateTopicRuleDestination $
+--             newCreateTopicRuleDestination
+--
+--         , requestDeleteAccountAuditConfiguration $
+--             newDeleteAccountAuditConfiguration
+--
+--         , requestDeleteAuditSuppression $
+--             newDeleteAuditSuppression
+--
+--         , requestDeleteAuthorizer $
+--             newDeleteAuthorizer
+--
+--         , requestDeleteBillingGroup $
+--             newDeleteBillingGroup
+--
+--         , requestDeleteCACertificate $
+--             newDeleteCACertificate
+--
+--         , requestDeleteCertificate $
+--             newDeleteCertificate
+--
+--         , requestDeleteCustomMetric $
+--             newDeleteCustomMetric
+--
+--         , requestDeleteDimension $
+--             newDeleteDimension
+--
+--         , requestDeleteDomainConfiguration $
+--             newDeleteDomainConfiguration
+--
+--         , requestDeleteDynamicThingGroup $
+--             newDeleteDynamicThingGroup
+--
+--         , requestDeleteFleetMetric $
+--             newDeleteFleetMetric
+--
+--         , requestDeleteJob $
+--             newDeleteJob
+--
+--         , requestDeleteJobExecution $
+--             newDeleteJobExecution
+--
+--         , requestDeleteJobTemplate $
+--             newDeleteJobTemplate
+--
+--         , requestDeleteMitigationAction $
+--             newDeleteMitigationAction
+--
+--         , requestDeleteOTAUpdate $
+--             newDeleteOTAUpdate
+--
+--         , requestDeletePolicy $
+--             newDeletePolicy
+--
+--         , requestDeletePolicyVersion $
+--             newDeletePolicyVersion
+--
+--         , requestDeleteProvisioningTemplate $
+--             newDeleteProvisioningTemplate
+--
+--         , requestDeleteProvisioningTemplateVersion $
+--             newDeleteProvisioningTemplateVersion
+--
+--         , requestDeleteRegistrationCode $
+--             newDeleteRegistrationCode
+--
+--         , requestDeleteRoleAlias $
+--             newDeleteRoleAlias
+--
+--         , requestDeleteScheduledAudit $
+--             newDeleteScheduledAudit
+--
+--         , requestDeleteSecurityProfile $
+--             newDeleteSecurityProfile
+--
+--         , requestDeleteStream $
+--             newDeleteStream
+--
+--         , requestDeleteThing $
+--             newDeleteThing
+--
+--         , requestDeleteThingGroup $
+--             newDeleteThingGroup
+--
+--         , requestDeleteThingType $
+--             newDeleteThingType
+--
+--         , requestDeleteTopicRule $
+--             newDeleteTopicRule
+--
+--         , requestDeleteTopicRuleDestination $
+--             newDeleteTopicRuleDestination
+--
+--         , requestDeleteV2LoggingLevel $
+--             newDeleteV2LoggingLevel
+--
+--         , requestDeprecateThingType $
+--             newDeprecateThingType
+--
+--         , requestDescribeAccountAuditConfiguration $
+--             newDescribeAccountAuditConfiguration
+--
+--         , requestDescribeAuditFinding $
+--             newDescribeAuditFinding
+--
+--         , requestDescribeAuditMitigationActionsTask $
+--             newDescribeAuditMitigationActionsTask
+--
+--         , requestDescribeAuditSuppression $
+--             newDescribeAuditSuppression
+--
+--         , requestDescribeAuditTask $
+--             newDescribeAuditTask
+--
+--         , requestDescribeAuthorizer $
+--             newDescribeAuthorizer
+--
+--         , requestDescribeBillingGroup $
+--             newDescribeBillingGroup
+--
+--         , requestDescribeCACertificate $
+--             newDescribeCACertificate
+--
+--         , requestDescribeCertificate $
+--             newDescribeCertificate
+--
+--         , requestDescribeCustomMetric $
+--             newDescribeCustomMetric
+--
+--         , requestDescribeDefaultAuthorizer $
+--             newDescribeDefaultAuthorizer
+--
+--         , requestDescribeDetectMitigationActionsTask $
+--             newDescribeDetectMitigationActionsTask
+--
+--         , requestDescribeDimension $
+--             newDescribeDimension
+--
+--         , requestDescribeDomainConfiguration $
+--             newDescribeDomainConfiguration
+--
+--         , requestDescribeEndpoint $
+--             newDescribeEndpoint
+--
+--         , requestDescribeEventConfigurations $
+--             newDescribeEventConfigurations
+--
+--         , requestDescribeFleetMetric $
+--             newDescribeFleetMetric
+--
+--         , requestDescribeIndex $
+--             newDescribeIndex
+--
+--         , requestDescribeJob $
+--             newDescribeJob
+--
+--         , requestDescribeJobExecution $
+--             newDescribeJobExecution
+--
+--         , requestDescribeJobTemplate $
+--             newDescribeJobTemplate
+--
+--         , requestDescribeManagedJobTemplate $
+--             newDescribeManagedJobTemplate
+--
+--         , requestDescribeMitigationAction $
+--             newDescribeMitigationAction
+--
+--         , requestDescribeProvisioningTemplate $
+--             newDescribeProvisioningTemplate
+--
+--         , requestDescribeProvisioningTemplateVersion $
+--             newDescribeProvisioningTemplateVersion
+--
+--         , requestDescribeRoleAlias $
+--             newDescribeRoleAlias
+--
+--         , requestDescribeScheduledAudit $
+--             newDescribeScheduledAudit
+--
+--         , requestDescribeSecurityProfile $
+--             newDescribeSecurityProfile
+--
+--         , requestDescribeStream $
+--             newDescribeStream
+--
+--         , requestDescribeThing $
+--             newDescribeThing
+--
+--         , requestDescribeThingGroup $
+--             newDescribeThingGroup
+--
+--         , requestDescribeThingRegistrationTask $
+--             newDescribeThingRegistrationTask
+--
+--         , requestDescribeThingType $
+--             newDescribeThingType
+--
+--         , requestDetachPolicy $
+--             newDetachPolicy
+--
+--         , requestDetachSecurityProfile $
+--             newDetachSecurityProfile
+--
+--         , requestDetachThingPrincipal $
+--             newDetachThingPrincipal
+--
+--         , requestDisableTopicRule $
+--             newDisableTopicRule
+--
+--         , requestEnableTopicRule $
+--             newEnableTopicRule
+--
+--         , requestGetBehaviorModelTrainingSummaries $
+--             newGetBehaviorModelTrainingSummaries
+--
+--         , requestGetBucketsAggregation $
+--             newGetBucketsAggregation
+--
+--         , requestGetCardinality $
+--             newGetCardinality
+--
+--         , requestGetEffectivePolicies $
+--             newGetEffectivePolicies
+--
+--         , requestGetIndexingConfiguration $
+--             newGetIndexingConfiguration
+--
+--         , requestGetJobDocument $
+--             newGetJobDocument
+--
+--         , requestGetLoggingOptions $
+--             newGetLoggingOptions
+--
+--         , requestGetOTAUpdate $
+--             newGetOTAUpdate
+--
+--         , requestGetPercentiles $
+--             newGetPercentiles
+--
+--         , requestGetPolicy $
+--             newGetPolicy
+--
+--         , requestGetPolicyVersion $
+--             newGetPolicyVersion
+--
+--         , requestGetRegistrationCode $
+--             newGetRegistrationCode
+--
+--         , requestGetStatistics $
+--             newGetStatistics
+--
+--         , requestGetTopicRule $
+--             newGetTopicRule
+--
+--         , requestGetTopicRuleDestination $
+--             newGetTopicRuleDestination
+--
+--         , requestGetV2LoggingOptions $
+--             newGetV2LoggingOptions
+--
+--         , requestListActiveViolations $
+--             newListActiveViolations
+--
+--         , requestListAttachedPolicies $
+--             newListAttachedPolicies
+--
+--         , requestListAuditFindings $
+--             newListAuditFindings
+--
+--         , requestListAuditMitigationActionsExecutions $
+--             newListAuditMitigationActionsExecutions
+--
+--         , requestListAuditMitigationActionsTasks $
+--             newListAuditMitigationActionsTasks
+--
+--         , requestListAuditSuppressions $
+--             newListAuditSuppressions
+--
+--         , requestListAuditTasks $
+--             newListAuditTasks
+--
+--         , requestListAuthorizers $
+--             newListAuthorizers
+--
+--         , requestListBillingGroups $
+--             newListBillingGroups
+--
+--         , requestListCACertificates $
+--             newListCACertificates
+--
+--         , requestListCertificates $
+--             newListCertificates
+--
+--         , requestListCertificatesByCA $
+--             newListCertificatesByCA
+--
+--         , requestListCustomMetrics $
+--             newListCustomMetrics
+--
+--         , requestListDetectMitigationActionsExecutions $
+--             newListDetectMitigationActionsExecutions
+--
+--         , requestListDetectMitigationActionsTasks $
+--             newListDetectMitigationActionsTasks
+--
+--         , requestListDimensions $
+--             newListDimensions
+--
+--         , requestListDomainConfigurations $
+--             newListDomainConfigurations
+--
+--         , requestListFleetMetrics $
+--             newListFleetMetrics
+--
+--         , requestListIndices $
+--             newListIndices
+--
+--         , requestListJobExecutionsForJob $
+--             newListJobExecutionsForJob
+--
+--         , requestListJobExecutionsForThing $
+--             newListJobExecutionsForThing
+--
+--         , requestListJobTemplates $
+--             newListJobTemplates
+--
+--         , requestListJobs $
+--             newListJobs
+--
+--         , requestListManagedJobTemplates $
+--             newListManagedJobTemplates
+--
+--         , requestListMetricValues $
+--             newListMetricValues
+--
+--         , requestListMitigationActions $
+--             newListMitigationActions
+--
+--         , requestListOTAUpdates $
+--             newListOTAUpdates
+--
+--         , requestListOutgoingCertificates $
+--             newListOutgoingCertificates
+--
+--         , requestListPolicies $
+--             newListPolicies
+--
+--         , requestListPolicyVersions $
+--             newListPolicyVersions
+--
+--         , requestListPrincipalThings $
+--             newListPrincipalThings
+--
+--         , requestListProvisioningTemplateVersions $
+--             newListProvisioningTemplateVersions
+--
+--         , requestListProvisioningTemplates $
+--             newListProvisioningTemplates
+--
+--         , requestListRelatedResourcesForAuditFinding $
+--             newListRelatedResourcesForAuditFinding
+--
+--         , requestListRoleAliases $
+--             newListRoleAliases
+--
+--         , requestListScheduledAudits $
+--             newListScheduledAudits
+--
+--         , requestListSecurityProfiles $
+--             newListSecurityProfiles
+--
+--         , requestListSecurityProfilesForTarget $
+--             newListSecurityProfilesForTarget
+--
+--         , requestListStreams $
+--             newListStreams
+--
+--         , requestListTagsForResource $
+--             newListTagsForResource
+--
+--         , requestListTargetsForPolicy $
+--             newListTargetsForPolicy
+--
+--         , requestListTargetsForSecurityProfile $
+--             newListTargetsForSecurityProfile
+--
+--         , requestListThingGroups $
+--             newListThingGroups
+--
+--         , requestListThingGroupsForThing $
+--             newListThingGroupsForThing
+--
+--         , requestListThingPrincipals $
+--             newListThingPrincipals
+--
+--         , requestListThingRegistrationTaskReports $
+--             newListThingRegistrationTaskReports
+--
+--         , requestListThingRegistrationTasks $
+--             newListThingRegistrationTasks
+--
+--         , requestListThingTypes $
+--             newListThingTypes
+--
+--         , requestListThings $
+--             newListThings
+--
+--         , requestListThingsInBillingGroup $
+--             newListThingsInBillingGroup
+--
+--         , requestListThingsInThingGroup $
+--             newListThingsInThingGroup
+--
+--         , requestListTopicRuleDestinations $
+--             newListTopicRuleDestinations
+--
+--         , requestListTopicRules $
+--             newListTopicRules
+--
+--         , requestListV2LoggingLevels $
+--             newListV2LoggingLevels
+--
+--         , requestListViolationEvents $
+--             newListViolationEvents
+--
+--         , requestPutVerificationStateOnViolation $
+--             newPutVerificationStateOnViolation
+--
+--         , requestRegisterCACertificate $
+--             newRegisterCACertificate
+--
+--         , requestRegisterCertificate $
+--             newRegisterCertificate
+--
+--         , requestRegisterCertificateWithoutCA $
+--             newRegisterCertificateWithoutCA
+--
+--         , requestRegisterThing $
+--             newRegisterThing
+--
+--         , requestRejectCertificateTransfer $
+--             newRejectCertificateTransfer
+--
+--         , requestRemoveThingFromBillingGroup $
+--             newRemoveThingFromBillingGroup
+--
+--         , requestRemoveThingFromThingGroup $
+--             newRemoveThingFromThingGroup
+--
+--         , requestReplaceTopicRule $
+--             newReplaceTopicRule
+--
+--         , requestSearchIndex $
+--             newSearchIndex
+--
+--         , requestSetDefaultAuthorizer $
+--             newSetDefaultAuthorizer
+--
+--         , requestSetDefaultPolicyVersion $
+--             newSetDefaultPolicyVersion
+--
+--         , requestSetLoggingOptions $
+--             newSetLoggingOptions
+--
+--         , requestSetV2LoggingLevel $
+--             newSetV2LoggingLevel
+--
+--         , requestSetV2LoggingOptions $
+--             newSetV2LoggingOptions
+--
+--         , requestStartAuditMitigationActionsTask $
+--             newStartAuditMitigationActionsTask
+--
+--         , requestStartDetectMitigationActionsTask $
+--             newStartDetectMitigationActionsTask
+--
+--         , requestStartOnDemandAuditTask $
+--             newStartOnDemandAuditTask
+--
+--         , requestStartThingRegistrationTask $
+--             newStartThingRegistrationTask
+--
+--         , requestStopThingRegistrationTask $
+--             newStopThingRegistrationTask
+--
+--         , requestTagResource $
+--             newTagResource
+--
+--         , requestTestAuthorization $
+--             newTestAuthorization
+--
+--         , requestTestInvokeAuthorizer $
+--             newTestInvokeAuthorizer
+--
+--         , requestTransferCertificate $
+--             newTransferCertificate
+--
+--         , requestUntagResource $
+--             newUntagResource
+--
+--         , requestUpdateAccountAuditConfiguration $
+--             newUpdateAccountAuditConfiguration
+--
+--         , requestUpdateAuditSuppression $
+--             newUpdateAuditSuppression
+--
+--         , requestUpdateAuthorizer $
+--             newUpdateAuthorizer
+--
+--         , requestUpdateBillingGroup $
+--             newUpdateBillingGroup
+--
+--         , requestUpdateCACertificate $
+--             newUpdateCACertificate
+--
+--         , requestUpdateCertificate $
+--             newUpdateCertificate
+--
+--         , requestUpdateCustomMetric $
+--             newUpdateCustomMetric
+--
+--         , requestUpdateDimension $
+--             newUpdateDimension
+--
+--         , requestUpdateDomainConfiguration $
+--             newUpdateDomainConfiguration
+--
+--         , requestUpdateDynamicThingGroup $
+--             newUpdateDynamicThingGroup
+--
+--         , requestUpdateEventConfigurations $
+--             newUpdateEventConfigurations
+--
+--         , requestUpdateFleetMetric $
+--             newUpdateFleetMetric
+--
+--         , requestUpdateIndexingConfiguration $
+--             newUpdateIndexingConfiguration
+--
+--         , requestUpdateJob $
+--             newUpdateJob
+--
+--         , requestUpdateMitigationAction $
+--             newUpdateMitigationAction
+--
+--         , requestUpdateProvisioningTemplate $
+--             newUpdateProvisioningTemplate
+--
+--         , requestUpdateRoleAlias $
+--             newUpdateRoleAlias
+--
+--         , requestUpdateScheduledAudit $
+--             newUpdateScheduledAudit
+--
+--         , requestUpdateSecurityProfile $
+--             newUpdateSecurityProfile
+--
+--         , requestUpdateStream $
+--             newUpdateStream
+--
+--         , requestUpdateThing $
+--             newUpdateThing
+--
+--         , requestUpdateThingGroup $
+--             newUpdateThingGroup
+--
+--         , requestUpdateThingGroupsForThing $
+--             newUpdateThingGroupsForThing
+--
+--         , requestUpdateTopicRuleDestination $
+--             newUpdateTopicRuleDestination
+--
+--         , requestValidateSecurityProfileBehaviors $
+--             newValidateSecurityProfileBehaviors
+--
+--           ]
+
+--     , testGroup "response"
+--         [ responseAcceptCertificateTransfer $
+--             newAcceptCertificateTransferResponse
+--
+--         , responseAddThingToBillingGroup $
+--             newAddThingToBillingGroupResponse
+--
+--         , responseAddThingToThingGroup $
+--             newAddThingToThingGroupResponse
+--
+--         , responseAssociateTargetsWithJob $
+--             newAssociateTargetsWithJobResponse
+--
+--         , responseAttachPolicy $
+--             newAttachPolicyResponse
+--
+--         , responseAttachSecurityProfile $
+--             newAttachSecurityProfileResponse
+--
+--         , responseAttachThingPrincipal $
+--             newAttachThingPrincipalResponse
+--
+--         , responseCancelAuditMitigationActionsTask $
+--             newCancelAuditMitigationActionsTaskResponse
+--
+--         , responseCancelAuditTask $
+--             newCancelAuditTaskResponse
+--
+--         , responseCancelCertificateTransfer $
+--             newCancelCertificateTransferResponse
+--
+--         , responseCancelDetectMitigationActionsTask $
+--             newCancelDetectMitigationActionsTaskResponse
+--
+--         , responseCancelJob $
+--             newCancelJobResponse
+--
+--         , responseCancelJobExecution $
+--             newCancelJobExecutionResponse
+--
+--         , responseClearDefaultAuthorizer $
+--             newClearDefaultAuthorizerResponse
+--
+--         , responseConfirmTopicRuleDestination $
+--             newConfirmTopicRuleDestinationResponse
+--
+--         , responseCreateAuditSuppression $
+--             newCreateAuditSuppressionResponse
+--
+--         , responseCreateAuthorizer $
+--             newCreateAuthorizerResponse
+--
+--         , responseCreateBillingGroup $
+--             newCreateBillingGroupResponse
+--
+--         , responseCreateCertificateFromCsr $
+--             newCreateCertificateFromCsrResponse
+--
+--         , responseCreateCustomMetric $
+--             newCreateCustomMetricResponse
+--
+--         , responseCreateDimension $
+--             newCreateDimensionResponse
+--
+--         , responseCreateDomainConfiguration $
+--             newCreateDomainConfigurationResponse
+--
+--         , responseCreateDynamicThingGroup $
+--             newCreateDynamicThingGroupResponse
+--
+--         , responseCreateFleetMetric $
+--             newCreateFleetMetricResponse
+--
+--         , responseCreateJob $
+--             newCreateJobResponse
+--
+--         , responseCreateJobTemplate $
+--             newCreateJobTemplateResponse
+--
+--         , responseCreateKeysAndCertificate $
+--             newCreateKeysAndCertificateResponse
+--
+--         , responseCreateMitigationAction $
+--             newCreateMitigationActionResponse
+--
+--         , responseCreateOTAUpdate $
+--             newCreateOTAUpdateResponse
+--
+--         , responseCreatePolicy $
+--             newCreatePolicyResponse
+--
+--         , responseCreatePolicyVersion $
+--             newCreatePolicyVersionResponse
+--
+--         , responseCreateProvisioningClaim $
+--             newCreateProvisioningClaimResponse
+--
+--         , responseCreateProvisioningTemplate $
+--             newCreateProvisioningTemplateResponse
+--
+--         , responseCreateProvisioningTemplateVersion $
+--             newCreateProvisioningTemplateVersionResponse
+--
+--         , responseCreateRoleAlias $
+--             newCreateRoleAliasResponse
+--
+--         , responseCreateScheduledAudit $
+--             newCreateScheduledAuditResponse
+--
+--         , responseCreateSecurityProfile $
+--             newCreateSecurityProfileResponse
+--
+--         , responseCreateStream $
+--             newCreateStreamResponse
+--
+--         , responseCreateThing $
+--             newCreateThingResponse
+--
+--         , responseCreateThingGroup $
+--             newCreateThingGroupResponse
+--
+--         , responseCreateThingType $
+--             newCreateThingTypeResponse
+--
+--         , responseCreateTopicRule $
+--             newCreateTopicRuleResponse
+--
+--         , responseCreateTopicRuleDestination $
+--             newCreateTopicRuleDestinationResponse
+--
+--         , responseDeleteAccountAuditConfiguration $
+--             newDeleteAccountAuditConfigurationResponse
+--
+--         , responseDeleteAuditSuppression $
+--             newDeleteAuditSuppressionResponse
+--
+--         , responseDeleteAuthorizer $
+--             newDeleteAuthorizerResponse
+--
+--         , responseDeleteBillingGroup $
+--             newDeleteBillingGroupResponse
+--
+--         , responseDeleteCACertificate $
+--             newDeleteCACertificateResponse
+--
+--         , responseDeleteCertificate $
+--             newDeleteCertificateResponse
+--
+--         , responseDeleteCustomMetric $
+--             newDeleteCustomMetricResponse
+--
+--         , responseDeleteDimension $
+--             newDeleteDimensionResponse
+--
+--         , responseDeleteDomainConfiguration $
+--             newDeleteDomainConfigurationResponse
+--
+--         , responseDeleteDynamicThingGroup $
+--             newDeleteDynamicThingGroupResponse
+--
+--         , responseDeleteFleetMetric $
+--             newDeleteFleetMetricResponse
+--
+--         , responseDeleteJob $
+--             newDeleteJobResponse
+--
+--         , responseDeleteJobExecution $
+--             newDeleteJobExecutionResponse
+--
+--         , responseDeleteJobTemplate $
+--             newDeleteJobTemplateResponse
+--
+--         , responseDeleteMitigationAction $
+--             newDeleteMitigationActionResponse
+--
+--         , responseDeleteOTAUpdate $
+--             newDeleteOTAUpdateResponse
+--
+--         , responseDeletePolicy $
+--             newDeletePolicyResponse
+--
+--         , responseDeletePolicyVersion $
+--             newDeletePolicyVersionResponse
+--
+--         , responseDeleteProvisioningTemplate $
+--             newDeleteProvisioningTemplateResponse
+--
+--         , responseDeleteProvisioningTemplateVersion $
+--             newDeleteProvisioningTemplateVersionResponse
+--
+--         , responseDeleteRegistrationCode $
+--             newDeleteRegistrationCodeResponse
+--
+--         , responseDeleteRoleAlias $
+--             newDeleteRoleAliasResponse
+--
+--         , responseDeleteScheduledAudit $
+--             newDeleteScheduledAuditResponse
+--
+--         , responseDeleteSecurityProfile $
+--             newDeleteSecurityProfileResponse
+--
+--         , responseDeleteStream $
+--             newDeleteStreamResponse
+--
+--         , responseDeleteThing $
+--             newDeleteThingResponse
+--
+--         , responseDeleteThingGroup $
+--             newDeleteThingGroupResponse
+--
+--         , responseDeleteThingType $
+--             newDeleteThingTypeResponse
+--
+--         , responseDeleteTopicRule $
+--             newDeleteTopicRuleResponse
+--
+--         , responseDeleteTopicRuleDestination $
+--             newDeleteTopicRuleDestinationResponse
+--
+--         , responseDeleteV2LoggingLevel $
+--             newDeleteV2LoggingLevelResponse
+--
+--         , responseDeprecateThingType $
+--             newDeprecateThingTypeResponse
+--
+--         , responseDescribeAccountAuditConfiguration $
+--             newDescribeAccountAuditConfigurationResponse
+--
+--         , responseDescribeAuditFinding $
+--             newDescribeAuditFindingResponse
+--
+--         , responseDescribeAuditMitigationActionsTask $
+--             newDescribeAuditMitigationActionsTaskResponse
+--
+--         , responseDescribeAuditSuppression $
+--             newDescribeAuditSuppressionResponse
+--
+--         , responseDescribeAuditTask $
+--             newDescribeAuditTaskResponse
+--
+--         , responseDescribeAuthorizer $
+--             newDescribeAuthorizerResponse
+--
+--         , responseDescribeBillingGroup $
+--             newDescribeBillingGroupResponse
+--
+--         , responseDescribeCACertificate $
+--             newDescribeCACertificateResponse
+--
+--         , responseDescribeCertificate $
+--             newDescribeCertificateResponse
+--
+--         , responseDescribeCustomMetric $
+--             newDescribeCustomMetricResponse
+--
+--         , responseDescribeDefaultAuthorizer $
+--             newDescribeDefaultAuthorizerResponse
+--
+--         , responseDescribeDetectMitigationActionsTask $
+--             newDescribeDetectMitigationActionsTaskResponse
+--
+--         , responseDescribeDimension $
+--             newDescribeDimensionResponse
+--
+--         , responseDescribeDomainConfiguration $
+--             newDescribeDomainConfigurationResponse
+--
+--         , responseDescribeEndpoint $
+--             newDescribeEndpointResponse
+--
+--         , responseDescribeEventConfigurations $
+--             newDescribeEventConfigurationsResponse
+--
+--         , responseDescribeFleetMetric $
+--             newDescribeFleetMetricResponse
+--
+--         , responseDescribeIndex $
+--             newDescribeIndexResponse
+--
+--         , responseDescribeJob $
+--             newDescribeJobResponse
+--
+--         , responseDescribeJobExecution $
+--             newDescribeJobExecutionResponse
+--
+--         , responseDescribeJobTemplate $
+--             newDescribeJobTemplateResponse
+--
+--         , responseDescribeManagedJobTemplate $
+--             newDescribeManagedJobTemplateResponse
+--
+--         , responseDescribeMitigationAction $
+--             newDescribeMitigationActionResponse
+--
+--         , responseDescribeProvisioningTemplate $
+--             newDescribeProvisioningTemplateResponse
+--
+--         , responseDescribeProvisioningTemplateVersion $
+--             newDescribeProvisioningTemplateVersionResponse
+--
+--         , responseDescribeRoleAlias $
+--             newDescribeRoleAliasResponse
+--
+--         , responseDescribeScheduledAudit $
+--             newDescribeScheduledAuditResponse
+--
+--         , responseDescribeSecurityProfile $
+--             newDescribeSecurityProfileResponse
+--
+--         , responseDescribeStream $
+--             newDescribeStreamResponse
+--
+--         , responseDescribeThing $
+--             newDescribeThingResponse
+--
+--         , responseDescribeThingGroup $
+--             newDescribeThingGroupResponse
+--
+--         , responseDescribeThingRegistrationTask $
+--             newDescribeThingRegistrationTaskResponse
+--
+--         , responseDescribeThingType $
+--             newDescribeThingTypeResponse
+--
+--         , responseDetachPolicy $
+--             newDetachPolicyResponse
+--
+--         , responseDetachSecurityProfile $
+--             newDetachSecurityProfileResponse
+--
+--         , responseDetachThingPrincipal $
+--             newDetachThingPrincipalResponse
+--
+--         , responseDisableTopicRule $
+--             newDisableTopicRuleResponse
+--
+--         , responseEnableTopicRule $
+--             newEnableTopicRuleResponse
+--
+--         , responseGetBehaviorModelTrainingSummaries $
+--             newGetBehaviorModelTrainingSummariesResponse
+--
+--         , responseGetBucketsAggregation $
+--             newGetBucketsAggregationResponse
+--
+--         , responseGetCardinality $
+--             newGetCardinalityResponse
+--
+--         , responseGetEffectivePolicies $
+--             newGetEffectivePoliciesResponse
+--
+--         , responseGetIndexingConfiguration $
+--             newGetIndexingConfigurationResponse
+--
+--         , responseGetJobDocument $
+--             newGetJobDocumentResponse
+--
+--         , responseGetLoggingOptions $
+--             newGetLoggingOptionsResponse
+--
+--         , responseGetOTAUpdate $
+--             newGetOTAUpdateResponse
+--
+--         , responseGetPercentiles $
+--             newGetPercentilesResponse
+--
+--         , responseGetPolicy $
+--             newGetPolicyResponse
+--
+--         , responseGetPolicyVersion $
+--             newGetPolicyVersionResponse
+--
+--         , responseGetRegistrationCode $
+--             newGetRegistrationCodeResponse
+--
+--         , responseGetStatistics $
+--             newGetStatisticsResponse
+--
+--         , responseGetTopicRule $
+--             newGetTopicRuleResponse
+--
+--         , responseGetTopicRuleDestination $
+--             newGetTopicRuleDestinationResponse
+--
+--         , responseGetV2LoggingOptions $
+--             newGetV2LoggingOptionsResponse
+--
+--         , responseListActiveViolations $
+--             newListActiveViolationsResponse
+--
+--         , responseListAttachedPolicies $
+--             newListAttachedPoliciesResponse
+--
+--         , responseListAuditFindings $
+--             newListAuditFindingsResponse
+--
+--         , responseListAuditMitigationActionsExecutions $
+--             newListAuditMitigationActionsExecutionsResponse
+--
+--         , responseListAuditMitigationActionsTasks $
+--             newListAuditMitigationActionsTasksResponse
+--
+--         , responseListAuditSuppressions $
+--             newListAuditSuppressionsResponse
+--
+--         , responseListAuditTasks $
+--             newListAuditTasksResponse
+--
+--         , responseListAuthorizers $
+--             newListAuthorizersResponse
+--
+--         , responseListBillingGroups $
+--             newListBillingGroupsResponse
+--
+--         , responseListCACertificates $
+--             newListCACertificatesResponse
+--
+--         , responseListCertificates $
+--             newListCertificatesResponse
+--
+--         , responseListCertificatesByCA $
+--             newListCertificatesByCAResponse
+--
+--         , responseListCustomMetrics $
+--             newListCustomMetricsResponse
+--
+--         , responseListDetectMitigationActionsExecutions $
+--             newListDetectMitigationActionsExecutionsResponse
+--
+--         , responseListDetectMitigationActionsTasks $
+--             newListDetectMitigationActionsTasksResponse
+--
+--         , responseListDimensions $
+--             newListDimensionsResponse
+--
+--         , responseListDomainConfigurations $
+--             newListDomainConfigurationsResponse
+--
+--         , responseListFleetMetrics $
+--             newListFleetMetricsResponse
+--
+--         , responseListIndices $
+--             newListIndicesResponse
+--
+--         , responseListJobExecutionsForJob $
+--             newListJobExecutionsForJobResponse
+--
+--         , responseListJobExecutionsForThing $
+--             newListJobExecutionsForThingResponse
+--
+--         , responseListJobTemplates $
+--             newListJobTemplatesResponse
+--
+--         , responseListJobs $
+--             newListJobsResponse
+--
+--         , responseListManagedJobTemplates $
+--             newListManagedJobTemplatesResponse
+--
+--         , responseListMetricValues $
+--             newListMetricValuesResponse
+--
+--         , responseListMitigationActions $
+--             newListMitigationActionsResponse
+--
+--         , responseListOTAUpdates $
+--             newListOTAUpdatesResponse
+--
+--         , responseListOutgoingCertificates $
+--             newListOutgoingCertificatesResponse
+--
+--         , responseListPolicies $
+--             newListPoliciesResponse
+--
+--         , responseListPolicyVersions $
+--             newListPolicyVersionsResponse
+--
+--         , responseListPrincipalThings $
+--             newListPrincipalThingsResponse
+--
+--         , responseListProvisioningTemplateVersions $
+--             newListProvisioningTemplateVersionsResponse
+--
+--         , responseListProvisioningTemplates $
+--             newListProvisioningTemplatesResponse
+--
+--         , responseListRelatedResourcesForAuditFinding $
+--             newListRelatedResourcesForAuditFindingResponse
+--
+--         , responseListRoleAliases $
+--             newListRoleAliasesResponse
+--
+--         , responseListScheduledAudits $
+--             newListScheduledAuditsResponse
+--
+--         , responseListSecurityProfiles $
+--             newListSecurityProfilesResponse
+--
+--         , responseListSecurityProfilesForTarget $
+--             newListSecurityProfilesForTargetResponse
+--
+--         , responseListStreams $
+--             newListStreamsResponse
+--
+--         , responseListTagsForResource $
+--             newListTagsForResourceResponse
+--
+--         , responseListTargetsForPolicy $
+--             newListTargetsForPolicyResponse
+--
+--         , responseListTargetsForSecurityProfile $
+--             newListTargetsForSecurityProfileResponse
+--
+--         , responseListThingGroups $
+--             newListThingGroupsResponse
+--
+--         , responseListThingGroupsForThing $
+--             newListThingGroupsForThingResponse
+--
+--         , responseListThingPrincipals $
+--             newListThingPrincipalsResponse
+--
+--         , responseListThingRegistrationTaskReports $
+--             newListThingRegistrationTaskReportsResponse
+--
+--         , responseListThingRegistrationTasks $
+--             newListThingRegistrationTasksResponse
+--
+--         , responseListThingTypes $
+--             newListThingTypesResponse
+--
+--         , responseListThings $
+--             newListThingsResponse
+--
+--         , responseListThingsInBillingGroup $
+--             newListThingsInBillingGroupResponse
+--
+--         , responseListThingsInThingGroup $
+--             newListThingsInThingGroupResponse
+--
+--         , responseListTopicRuleDestinations $
+--             newListTopicRuleDestinationsResponse
+--
+--         , responseListTopicRules $
+--             newListTopicRulesResponse
+--
+--         , responseListV2LoggingLevels $
+--             newListV2LoggingLevelsResponse
+--
+--         , responseListViolationEvents $
+--             newListViolationEventsResponse
+--
+--         , responsePutVerificationStateOnViolation $
+--             newPutVerificationStateOnViolationResponse
+--
+--         , responseRegisterCACertificate $
+--             newRegisterCACertificateResponse
+--
+--         , responseRegisterCertificate $
+--             newRegisterCertificateResponse
+--
+--         , responseRegisterCertificateWithoutCA $
+--             newRegisterCertificateWithoutCAResponse
+--
+--         , responseRegisterThing $
+--             newRegisterThingResponse
+--
+--         , responseRejectCertificateTransfer $
+--             newRejectCertificateTransferResponse
+--
+--         , responseRemoveThingFromBillingGroup $
+--             newRemoveThingFromBillingGroupResponse
+--
+--         , responseRemoveThingFromThingGroup $
+--             newRemoveThingFromThingGroupResponse
+--
+--         , responseReplaceTopicRule $
+--             newReplaceTopicRuleResponse
+--
+--         , responseSearchIndex $
+--             newSearchIndexResponse
+--
+--         , responseSetDefaultAuthorizer $
+--             newSetDefaultAuthorizerResponse
+--
+--         , responseSetDefaultPolicyVersion $
+--             newSetDefaultPolicyVersionResponse
+--
+--         , responseSetLoggingOptions $
+--             newSetLoggingOptionsResponse
+--
+--         , responseSetV2LoggingLevel $
+--             newSetV2LoggingLevelResponse
+--
+--         , responseSetV2LoggingOptions $
+--             newSetV2LoggingOptionsResponse
+--
+--         , responseStartAuditMitigationActionsTask $
+--             newStartAuditMitigationActionsTaskResponse
+--
+--         , responseStartDetectMitigationActionsTask $
+--             newStartDetectMitigationActionsTaskResponse
+--
+--         , responseStartOnDemandAuditTask $
+--             newStartOnDemandAuditTaskResponse
+--
+--         , responseStartThingRegistrationTask $
+--             newStartThingRegistrationTaskResponse
+--
+--         , responseStopThingRegistrationTask $
+--             newStopThingRegistrationTaskResponse
+--
+--         , responseTagResource $
+--             newTagResourceResponse
+--
+--         , responseTestAuthorization $
+--             newTestAuthorizationResponse
+--
+--         , responseTestInvokeAuthorizer $
+--             newTestInvokeAuthorizerResponse
+--
+--         , responseTransferCertificate $
+--             newTransferCertificateResponse
+--
+--         , responseUntagResource $
+--             newUntagResourceResponse
+--
+--         , responseUpdateAccountAuditConfiguration $
+--             newUpdateAccountAuditConfigurationResponse
+--
+--         , responseUpdateAuditSuppression $
+--             newUpdateAuditSuppressionResponse
+--
+--         , responseUpdateAuthorizer $
+--             newUpdateAuthorizerResponse
+--
+--         , responseUpdateBillingGroup $
+--             newUpdateBillingGroupResponse
+--
+--         , responseUpdateCACertificate $
+--             newUpdateCACertificateResponse
+--
+--         , responseUpdateCertificate $
+--             newUpdateCertificateResponse
+--
+--         , responseUpdateCustomMetric $
+--             newUpdateCustomMetricResponse
+--
+--         , responseUpdateDimension $
+--             newUpdateDimensionResponse
+--
+--         , responseUpdateDomainConfiguration $
+--             newUpdateDomainConfigurationResponse
+--
+--         , responseUpdateDynamicThingGroup $
+--             newUpdateDynamicThingGroupResponse
+--
+--         , responseUpdateEventConfigurations $
+--             newUpdateEventConfigurationsResponse
+--
+--         , responseUpdateFleetMetric $
+--             newUpdateFleetMetricResponse
+--
+--         , responseUpdateIndexingConfiguration $
+--             newUpdateIndexingConfigurationResponse
+--
+--         , responseUpdateJob $
+--             newUpdateJobResponse
+--
+--         , responseUpdateMitigationAction $
+--             newUpdateMitigationActionResponse
+--
+--         , responseUpdateProvisioningTemplate $
+--             newUpdateProvisioningTemplateResponse
+--
+--         , responseUpdateRoleAlias $
+--             newUpdateRoleAliasResponse
+--
+--         , responseUpdateScheduledAudit $
+--             newUpdateScheduledAuditResponse
+--
+--         , responseUpdateSecurityProfile $
+--             newUpdateSecurityProfileResponse
+--
+--         , responseUpdateStream $
+--             newUpdateStreamResponse
+--
+--         , responseUpdateThing $
+--             newUpdateThingResponse
+--
+--         , responseUpdateThingGroup $
+--             newUpdateThingGroupResponse
+--
+--         , responseUpdateThingGroupsForThing $
+--             newUpdateThingGroupsForThingResponse
+--
+--         , responseUpdateTopicRuleDestination $
+--             newUpdateTopicRuleDestinationResponse
+--
+--         , responseValidateSecurityProfileBehaviors $
+--             newValidateSecurityProfileBehaviorsResponse
+--
+--           ]
+--     ]
+
+-- Requests
+
+requestAcceptCertificateTransfer :: AcceptCertificateTransfer -> TestTree
+requestAcceptCertificateTransfer =
+  req
+    "AcceptCertificateTransfer"
+    "fixture/AcceptCertificateTransfer.yaml"
+
+requestAddThingToBillingGroup :: AddThingToBillingGroup -> TestTree
+requestAddThingToBillingGroup =
+  req
+    "AddThingToBillingGroup"
+    "fixture/AddThingToBillingGroup.yaml"
+
+requestAddThingToThingGroup :: AddThingToThingGroup -> TestTree
+requestAddThingToThingGroup =
+  req
+    "AddThingToThingGroup"
+    "fixture/AddThingToThingGroup.yaml"
+
+requestAssociateTargetsWithJob :: AssociateTargetsWithJob -> TestTree
+requestAssociateTargetsWithJob =
+  req
+    "AssociateTargetsWithJob"
+    "fixture/AssociateTargetsWithJob.yaml"
+
+requestAttachPolicy :: AttachPolicy -> TestTree
+requestAttachPolicy =
+  req
+    "AttachPolicy"
+    "fixture/AttachPolicy.yaml"
+
+requestAttachSecurityProfile :: AttachSecurityProfile -> TestTree
+requestAttachSecurityProfile =
+  req
+    "AttachSecurityProfile"
+    "fixture/AttachSecurityProfile.yaml"
+
+requestAttachThingPrincipal :: AttachThingPrincipal -> TestTree
+requestAttachThingPrincipal =
+  req
+    "AttachThingPrincipal"
+    "fixture/AttachThingPrincipal.yaml"
+
+requestCancelAuditMitigationActionsTask :: CancelAuditMitigationActionsTask -> TestTree
+requestCancelAuditMitigationActionsTask =
+  req
+    "CancelAuditMitigationActionsTask"
+    "fixture/CancelAuditMitigationActionsTask.yaml"
+
+requestCancelAuditTask :: CancelAuditTask -> TestTree
+requestCancelAuditTask =
+  req
+    "CancelAuditTask"
+    "fixture/CancelAuditTask.yaml"
+
+requestCancelCertificateTransfer :: CancelCertificateTransfer -> TestTree
+requestCancelCertificateTransfer =
+  req
+    "CancelCertificateTransfer"
+    "fixture/CancelCertificateTransfer.yaml"
+
+requestCancelDetectMitigationActionsTask :: CancelDetectMitigationActionsTask -> TestTree
+requestCancelDetectMitigationActionsTask =
+  req
+    "CancelDetectMitigationActionsTask"
+    "fixture/CancelDetectMitigationActionsTask.yaml"
+
+requestCancelJob :: CancelJob -> TestTree
+requestCancelJob =
+  req
+    "CancelJob"
+    "fixture/CancelJob.yaml"
+
+requestCancelJobExecution :: CancelJobExecution -> TestTree
+requestCancelJobExecution =
+  req
+    "CancelJobExecution"
+    "fixture/CancelJobExecution.yaml"
+
+requestClearDefaultAuthorizer :: ClearDefaultAuthorizer -> TestTree
+requestClearDefaultAuthorizer =
+  req
+    "ClearDefaultAuthorizer"
+    "fixture/ClearDefaultAuthorizer.yaml"
+
+requestConfirmTopicRuleDestination :: ConfirmTopicRuleDestination -> TestTree
+requestConfirmTopicRuleDestination =
+  req
+    "ConfirmTopicRuleDestination"
+    "fixture/ConfirmTopicRuleDestination.yaml"
+
+requestCreateAuditSuppression :: CreateAuditSuppression -> TestTree
+requestCreateAuditSuppression =
+  req
+    "CreateAuditSuppression"
+    "fixture/CreateAuditSuppression.yaml"
+
+requestCreateAuthorizer :: CreateAuthorizer -> TestTree
+requestCreateAuthorizer =
+  req
+    "CreateAuthorizer"
+    "fixture/CreateAuthorizer.yaml"
+
+requestCreateBillingGroup :: CreateBillingGroup -> TestTree
+requestCreateBillingGroup =
+  req
+    "CreateBillingGroup"
+    "fixture/CreateBillingGroup.yaml"
+
+requestCreateCertificateFromCsr :: CreateCertificateFromCsr -> TestTree
+requestCreateCertificateFromCsr =
+  req
+    "CreateCertificateFromCsr"
+    "fixture/CreateCertificateFromCsr.yaml"
+
+requestCreateCustomMetric :: CreateCustomMetric -> TestTree
+requestCreateCustomMetric =
+  req
+    "CreateCustomMetric"
+    "fixture/CreateCustomMetric.yaml"
+
+requestCreateDimension :: CreateDimension -> TestTree
+requestCreateDimension =
+  req
+    "CreateDimension"
+    "fixture/CreateDimension.yaml"
+
+requestCreateDomainConfiguration :: CreateDomainConfiguration -> TestTree
+requestCreateDomainConfiguration =
+  req
+    "CreateDomainConfiguration"
+    "fixture/CreateDomainConfiguration.yaml"
+
+requestCreateDynamicThingGroup :: CreateDynamicThingGroup -> TestTree
+requestCreateDynamicThingGroup =
+  req
+    "CreateDynamicThingGroup"
+    "fixture/CreateDynamicThingGroup.yaml"
+
+requestCreateFleetMetric :: CreateFleetMetric -> TestTree
+requestCreateFleetMetric =
+  req
+    "CreateFleetMetric"
+    "fixture/CreateFleetMetric.yaml"
+
+requestCreateJob :: CreateJob -> TestTree
+requestCreateJob =
+  req
+    "CreateJob"
+    "fixture/CreateJob.yaml"
+
+requestCreateJobTemplate :: CreateJobTemplate -> TestTree
+requestCreateJobTemplate =
+  req
+    "CreateJobTemplate"
+    "fixture/CreateJobTemplate.yaml"
+
+requestCreateKeysAndCertificate :: CreateKeysAndCertificate -> TestTree
+requestCreateKeysAndCertificate =
+  req
+    "CreateKeysAndCertificate"
+    "fixture/CreateKeysAndCertificate.yaml"
+
+requestCreateMitigationAction :: CreateMitigationAction -> TestTree
+requestCreateMitigationAction =
+  req
+    "CreateMitigationAction"
+    "fixture/CreateMitigationAction.yaml"
+
+requestCreateOTAUpdate :: CreateOTAUpdate -> TestTree
+requestCreateOTAUpdate =
+  req
+    "CreateOTAUpdate"
+    "fixture/CreateOTAUpdate.yaml"
+
+requestCreatePolicy :: CreatePolicy -> TestTree
+requestCreatePolicy =
+  req
+    "CreatePolicy"
+    "fixture/CreatePolicy.yaml"
+
+requestCreatePolicyVersion :: CreatePolicyVersion -> TestTree
+requestCreatePolicyVersion =
+  req
+    "CreatePolicyVersion"
+    "fixture/CreatePolicyVersion.yaml"
+
+requestCreateProvisioningClaim :: CreateProvisioningClaim -> TestTree
+requestCreateProvisioningClaim =
+  req
+    "CreateProvisioningClaim"
+    "fixture/CreateProvisioningClaim.yaml"
+
+requestCreateProvisioningTemplate :: CreateProvisioningTemplate -> TestTree
+requestCreateProvisioningTemplate =
+  req
+    "CreateProvisioningTemplate"
+    "fixture/CreateProvisioningTemplate.yaml"
+
+requestCreateProvisioningTemplateVersion :: CreateProvisioningTemplateVersion -> TestTree
+requestCreateProvisioningTemplateVersion =
+  req
+    "CreateProvisioningTemplateVersion"
+    "fixture/CreateProvisioningTemplateVersion.yaml"
+
+requestCreateRoleAlias :: CreateRoleAlias -> TestTree
+requestCreateRoleAlias =
+  req
+    "CreateRoleAlias"
+    "fixture/CreateRoleAlias.yaml"
+
+requestCreateScheduledAudit :: CreateScheduledAudit -> TestTree
+requestCreateScheduledAudit =
+  req
+    "CreateScheduledAudit"
+    "fixture/CreateScheduledAudit.yaml"
+
+requestCreateSecurityProfile :: CreateSecurityProfile -> TestTree
+requestCreateSecurityProfile =
+  req
+    "CreateSecurityProfile"
+    "fixture/CreateSecurityProfile.yaml"
+
+requestCreateStream :: CreateStream -> TestTree
+requestCreateStream =
+  req
+    "CreateStream"
+    "fixture/CreateStream.yaml"
+
+requestCreateThing :: CreateThing -> TestTree
+requestCreateThing =
+  req
+    "CreateThing"
+    "fixture/CreateThing.yaml"
+
+requestCreateThingGroup :: CreateThingGroup -> TestTree
+requestCreateThingGroup =
+  req
+    "CreateThingGroup"
+    "fixture/CreateThingGroup.yaml"
+
+requestCreateThingType :: CreateThingType -> TestTree
+requestCreateThingType =
+  req
+    "CreateThingType"
+    "fixture/CreateThingType.yaml"
+
+requestCreateTopicRule :: CreateTopicRule -> TestTree
+requestCreateTopicRule =
+  req
+    "CreateTopicRule"
+    "fixture/CreateTopicRule.yaml"
+
+requestCreateTopicRuleDestination :: CreateTopicRuleDestination -> TestTree
+requestCreateTopicRuleDestination =
+  req
+    "CreateTopicRuleDestination"
+    "fixture/CreateTopicRuleDestination.yaml"
+
+requestDeleteAccountAuditConfiguration :: DeleteAccountAuditConfiguration -> TestTree
+requestDeleteAccountAuditConfiguration =
+  req
+    "DeleteAccountAuditConfiguration"
+    "fixture/DeleteAccountAuditConfiguration.yaml"
+
+requestDeleteAuditSuppression :: DeleteAuditSuppression -> TestTree
+requestDeleteAuditSuppression =
+  req
+    "DeleteAuditSuppression"
+    "fixture/DeleteAuditSuppression.yaml"
+
+requestDeleteAuthorizer :: DeleteAuthorizer -> TestTree
+requestDeleteAuthorizer =
+  req
+    "DeleteAuthorizer"
+    "fixture/DeleteAuthorizer.yaml"
+
+requestDeleteBillingGroup :: DeleteBillingGroup -> TestTree
+requestDeleteBillingGroup =
+  req
+    "DeleteBillingGroup"
+    "fixture/DeleteBillingGroup.yaml"
+
+requestDeleteCACertificate :: DeleteCACertificate -> TestTree
+requestDeleteCACertificate =
+  req
+    "DeleteCACertificate"
+    "fixture/DeleteCACertificate.yaml"
+
+requestDeleteCertificate :: DeleteCertificate -> TestTree
+requestDeleteCertificate =
+  req
+    "DeleteCertificate"
+    "fixture/DeleteCertificate.yaml"
+
+requestDeleteCustomMetric :: DeleteCustomMetric -> TestTree
+requestDeleteCustomMetric =
+  req
+    "DeleteCustomMetric"
+    "fixture/DeleteCustomMetric.yaml"
+
+requestDeleteDimension :: DeleteDimension -> TestTree
+requestDeleteDimension =
+  req
+    "DeleteDimension"
+    "fixture/DeleteDimension.yaml"
+
+requestDeleteDomainConfiguration :: DeleteDomainConfiguration -> TestTree
+requestDeleteDomainConfiguration =
+  req
+    "DeleteDomainConfiguration"
+    "fixture/DeleteDomainConfiguration.yaml"
+
+requestDeleteDynamicThingGroup :: DeleteDynamicThingGroup -> TestTree
+requestDeleteDynamicThingGroup =
+  req
+    "DeleteDynamicThingGroup"
+    "fixture/DeleteDynamicThingGroup.yaml"
+
+requestDeleteFleetMetric :: DeleteFleetMetric -> TestTree
+requestDeleteFleetMetric =
+  req
+    "DeleteFleetMetric"
+    "fixture/DeleteFleetMetric.yaml"
+
+requestDeleteJob :: DeleteJob -> TestTree
+requestDeleteJob =
+  req
+    "DeleteJob"
+    "fixture/DeleteJob.yaml"
+
+requestDeleteJobExecution :: DeleteJobExecution -> TestTree
+requestDeleteJobExecution =
+  req
+    "DeleteJobExecution"
+    "fixture/DeleteJobExecution.yaml"
+
+requestDeleteJobTemplate :: DeleteJobTemplate -> TestTree
+requestDeleteJobTemplate =
+  req
+    "DeleteJobTemplate"
+    "fixture/DeleteJobTemplate.yaml"
+
+requestDeleteMitigationAction :: DeleteMitigationAction -> TestTree
+requestDeleteMitigationAction =
+  req
+    "DeleteMitigationAction"
+    "fixture/DeleteMitigationAction.yaml"
+
+requestDeleteOTAUpdate :: DeleteOTAUpdate -> TestTree
+requestDeleteOTAUpdate =
+  req
+    "DeleteOTAUpdate"
+    "fixture/DeleteOTAUpdate.yaml"
+
+requestDeletePolicy :: DeletePolicy -> TestTree
+requestDeletePolicy =
+  req
+    "DeletePolicy"
+    "fixture/DeletePolicy.yaml"
+
+requestDeletePolicyVersion :: DeletePolicyVersion -> TestTree
+requestDeletePolicyVersion =
+  req
+    "DeletePolicyVersion"
+    "fixture/DeletePolicyVersion.yaml"
+
+requestDeleteProvisioningTemplate :: DeleteProvisioningTemplate -> TestTree
+requestDeleteProvisioningTemplate =
+  req
+    "DeleteProvisioningTemplate"
+    "fixture/DeleteProvisioningTemplate.yaml"
+
+requestDeleteProvisioningTemplateVersion :: DeleteProvisioningTemplateVersion -> TestTree
+requestDeleteProvisioningTemplateVersion =
+  req
+    "DeleteProvisioningTemplateVersion"
+    "fixture/DeleteProvisioningTemplateVersion.yaml"
+
+requestDeleteRegistrationCode :: DeleteRegistrationCode -> TestTree
+requestDeleteRegistrationCode =
+  req
+    "DeleteRegistrationCode"
+    "fixture/DeleteRegistrationCode.yaml"
+
+requestDeleteRoleAlias :: DeleteRoleAlias -> TestTree
+requestDeleteRoleAlias =
+  req
+    "DeleteRoleAlias"
+    "fixture/DeleteRoleAlias.yaml"
+
+requestDeleteScheduledAudit :: DeleteScheduledAudit -> TestTree
+requestDeleteScheduledAudit =
+  req
+    "DeleteScheduledAudit"
+    "fixture/DeleteScheduledAudit.yaml"
+
+requestDeleteSecurityProfile :: DeleteSecurityProfile -> TestTree
+requestDeleteSecurityProfile =
+  req
+    "DeleteSecurityProfile"
+    "fixture/DeleteSecurityProfile.yaml"
+
+requestDeleteStream :: DeleteStream -> TestTree
+requestDeleteStream =
+  req
+    "DeleteStream"
+    "fixture/DeleteStream.yaml"
+
+requestDeleteThing :: DeleteThing -> TestTree
+requestDeleteThing =
+  req
+    "DeleteThing"
+    "fixture/DeleteThing.yaml"
+
+requestDeleteThingGroup :: DeleteThingGroup -> TestTree
+requestDeleteThingGroup =
+  req
+    "DeleteThingGroup"
+    "fixture/DeleteThingGroup.yaml"
+
+requestDeleteThingType :: DeleteThingType -> TestTree
+requestDeleteThingType =
+  req
+    "DeleteThingType"
+    "fixture/DeleteThingType.yaml"
+
+requestDeleteTopicRule :: DeleteTopicRule -> TestTree
+requestDeleteTopicRule =
+  req
+    "DeleteTopicRule"
+    "fixture/DeleteTopicRule.yaml"
+
+requestDeleteTopicRuleDestination :: DeleteTopicRuleDestination -> TestTree
+requestDeleteTopicRuleDestination =
+  req
+    "DeleteTopicRuleDestination"
+    "fixture/DeleteTopicRuleDestination.yaml"
+
+requestDeleteV2LoggingLevel :: DeleteV2LoggingLevel -> TestTree
+requestDeleteV2LoggingLevel =
+  req
+    "DeleteV2LoggingLevel"
+    "fixture/DeleteV2LoggingLevel.yaml"
+
+requestDeprecateThingType :: DeprecateThingType -> TestTree
+requestDeprecateThingType =
+  req
+    "DeprecateThingType"
+    "fixture/DeprecateThingType.yaml"
+
+requestDescribeAccountAuditConfiguration :: DescribeAccountAuditConfiguration -> TestTree
+requestDescribeAccountAuditConfiguration =
+  req
+    "DescribeAccountAuditConfiguration"
+    "fixture/DescribeAccountAuditConfiguration.yaml"
+
+requestDescribeAuditFinding :: DescribeAuditFinding -> TestTree
+requestDescribeAuditFinding =
+  req
+    "DescribeAuditFinding"
+    "fixture/DescribeAuditFinding.yaml"
+
+requestDescribeAuditMitigationActionsTask :: DescribeAuditMitigationActionsTask -> TestTree
+requestDescribeAuditMitigationActionsTask =
+  req
+    "DescribeAuditMitigationActionsTask"
+    "fixture/DescribeAuditMitigationActionsTask.yaml"
+
+requestDescribeAuditSuppression :: DescribeAuditSuppression -> TestTree
+requestDescribeAuditSuppression =
+  req
+    "DescribeAuditSuppression"
+    "fixture/DescribeAuditSuppression.yaml"
+
+requestDescribeAuditTask :: DescribeAuditTask -> TestTree
+requestDescribeAuditTask =
+  req
+    "DescribeAuditTask"
+    "fixture/DescribeAuditTask.yaml"
+
+requestDescribeAuthorizer :: DescribeAuthorizer -> TestTree
+requestDescribeAuthorizer =
+  req
+    "DescribeAuthorizer"
+    "fixture/DescribeAuthorizer.yaml"
+
+requestDescribeBillingGroup :: DescribeBillingGroup -> TestTree
+requestDescribeBillingGroup =
+  req
+    "DescribeBillingGroup"
+    "fixture/DescribeBillingGroup.yaml"
+
+requestDescribeCACertificate :: DescribeCACertificate -> TestTree
+requestDescribeCACertificate =
+  req
+    "DescribeCACertificate"
+    "fixture/DescribeCACertificate.yaml"
+
+requestDescribeCertificate :: DescribeCertificate -> TestTree
+requestDescribeCertificate =
+  req
+    "DescribeCertificate"
+    "fixture/DescribeCertificate.yaml"
+
+requestDescribeCustomMetric :: DescribeCustomMetric -> TestTree
+requestDescribeCustomMetric =
+  req
+    "DescribeCustomMetric"
+    "fixture/DescribeCustomMetric.yaml"
+
+requestDescribeDefaultAuthorizer :: DescribeDefaultAuthorizer -> TestTree
+requestDescribeDefaultAuthorizer =
+  req
+    "DescribeDefaultAuthorizer"
+    "fixture/DescribeDefaultAuthorizer.yaml"
+
+requestDescribeDetectMitigationActionsTask :: DescribeDetectMitigationActionsTask -> TestTree
+requestDescribeDetectMitigationActionsTask =
+  req
+    "DescribeDetectMitigationActionsTask"
+    "fixture/DescribeDetectMitigationActionsTask.yaml"
+
+requestDescribeDimension :: DescribeDimension -> TestTree
+requestDescribeDimension =
+  req
+    "DescribeDimension"
+    "fixture/DescribeDimension.yaml"
+
+requestDescribeDomainConfiguration :: DescribeDomainConfiguration -> TestTree
+requestDescribeDomainConfiguration =
+  req
+    "DescribeDomainConfiguration"
+    "fixture/DescribeDomainConfiguration.yaml"
+
+requestDescribeEndpoint :: DescribeEndpoint -> TestTree
+requestDescribeEndpoint =
+  req
+    "DescribeEndpoint"
+    "fixture/DescribeEndpoint.yaml"
+
+requestDescribeEventConfigurations :: DescribeEventConfigurations -> TestTree
+requestDescribeEventConfigurations =
+  req
+    "DescribeEventConfigurations"
+    "fixture/DescribeEventConfigurations.yaml"
+
+requestDescribeFleetMetric :: DescribeFleetMetric -> TestTree
+requestDescribeFleetMetric =
+  req
+    "DescribeFleetMetric"
+    "fixture/DescribeFleetMetric.yaml"
+
+requestDescribeIndex :: DescribeIndex -> TestTree
+requestDescribeIndex =
+  req
+    "DescribeIndex"
+    "fixture/DescribeIndex.yaml"
+
+requestDescribeJob :: DescribeJob -> TestTree
+requestDescribeJob =
+  req
+    "DescribeJob"
+    "fixture/DescribeJob.yaml"
+
+requestDescribeJobExecution :: DescribeJobExecution -> TestTree
+requestDescribeJobExecution =
+  req
+    "DescribeJobExecution"
+    "fixture/DescribeJobExecution.yaml"
+
+requestDescribeJobTemplate :: DescribeJobTemplate -> TestTree
+requestDescribeJobTemplate =
+  req
+    "DescribeJobTemplate"
+    "fixture/DescribeJobTemplate.yaml"
+
+requestDescribeManagedJobTemplate :: DescribeManagedJobTemplate -> TestTree
+requestDescribeManagedJobTemplate =
+  req
+    "DescribeManagedJobTemplate"
+    "fixture/DescribeManagedJobTemplate.yaml"
+
+requestDescribeMitigationAction :: DescribeMitigationAction -> TestTree
+requestDescribeMitigationAction =
+  req
+    "DescribeMitigationAction"
+    "fixture/DescribeMitigationAction.yaml"
+
+requestDescribeProvisioningTemplate :: DescribeProvisioningTemplate -> TestTree
+requestDescribeProvisioningTemplate =
+  req
+    "DescribeProvisioningTemplate"
+    "fixture/DescribeProvisioningTemplate.yaml"
+
+requestDescribeProvisioningTemplateVersion :: DescribeProvisioningTemplateVersion -> TestTree
+requestDescribeProvisioningTemplateVersion =
+  req
+    "DescribeProvisioningTemplateVersion"
+    "fixture/DescribeProvisioningTemplateVersion.yaml"
+
+requestDescribeRoleAlias :: DescribeRoleAlias -> TestTree
+requestDescribeRoleAlias =
+  req
+    "DescribeRoleAlias"
+    "fixture/DescribeRoleAlias.yaml"
+
+requestDescribeScheduledAudit :: DescribeScheduledAudit -> TestTree
+requestDescribeScheduledAudit =
+  req
+    "DescribeScheduledAudit"
+    "fixture/DescribeScheduledAudit.yaml"
+
+requestDescribeSecurityProfile :: DescribeSecurityProfile -> TestTree
+requestDescribeSecurityProfile =
+  req
+    "DescribeSecurityProfile"
+    "fixture/DescribeSecurityProfile.yaml"
+
+requestDescribeStream :: DescribeStream -> TestTree
+requestDescribeStream =
+  req
+    "DescribeStream"
+    "fixture/DescribeStream.yaml"
+
+requestDescribeThing :: DescribeThing -> TestTree
+requestDescribeThing =
+  req
+    "DescribeThing"
+    "fixture/DescribeThing.yaml"
+
+requestDescribeThingGroup :: DescribeThingGroup -> TestTree
+requestDescribeThingGroup =
+  req
+    "DescribeThingGroup"
+    "fixture/DescribeThingGroup.yaml"
+
+requestDescribeThingRegistrationTask :: DescribeThingRegistrationTask -> TestTree
+requestDescribeThingRegistrationTask =
+  req
+    "DescribeThingRegistrationTask"
+    "fixture/DescribeThingRegistrationTask.yaml"
+
+requestDescribeThingType :: DescribeThingType -> TestTree
+requestDescribeThingType =
+  req
+    "DescribeThingType"
+    "fixture/DescribeThingType.yaml"
+
+requestDetachPolicy :: DetachPolicy -> TestTree
+requestDetachPolicy =
+  req
+    "DetachPolicy"
+    "fixture/DetachPolicy.yaml"
+
+requestDetachSecurityProfile :: DetachSecurityProfile -> TestTree
+requestDetachSecurityProfile =
+  req
+    "DetachSecurityProfile"
+    "fixture/DetachSecurityProfile.yaml"
+
+requestDetachThingPrincipal :: DetachThingPrincipal -> TestTree
+requestDetachThingPrincipal =
+  req
+    "DetachThingPrincipal"
+    "fixture/DetachThingPrincipal.yaml"
+
+requestDisableTopicRule :: DisableTopicRule -> TestTree
+requestDisableTopicRule =
+  req
+    "DisableTopicRule"
+    "fixture/DisableTopicRule.yaml"
+
+requestEnableTopicRule :: EnableTopicRule -> TestTree
+requestEnableTopicRule =
+  req
+    "EnableTopicRule"
+    "fixture/EnableTopicRule.yaml"
+
+requestGetBehaviorModelTrainingSummaries :: GetBehaviorModelTrainingSummaries -> TestTree
+requestGetBehaviorModelTrainingSummaries =
+  req
+    "GetBehaviorModelTrainingSummaries"
+    "fixture/GetBehaviorModelTrainingSummaries.yaml"
+
+requestGetBucketsAggregation :: GetBucketsAggregation -> TestTree
+requestGetBucketsAggregation =
+  req
+    "GetBucketsAggregation"
+    "fixture/GetBucketsAggregation.yaml"
+
+requestGetCardinality :: GetCardinality -> TestTree
+requestGetCardinality =
+  req
+    "GetCardinality"
+    "fixture/GetCardinality.yaml"
+
+requestGetEffectivePolicies :: GetEffectivePolicies -> TestTree
+requestGetEffectivePolicies =
+  req
+    "GetEffectivePolicies"
+    "fixture/GetEffectivePolicies.yaml"
+
+requestGetIndexingConfiguration :: GetIndexingConfiguration -> TestTree
+requestGetIndexingConfiguration =
+  req
+    "GetIndexingConfiguration"
+    "fixture/GetIndexingConfiguration.yaml"
+
+requestGetJobDocument :: GetJobDocument -> TestTree
+requestGetJobDocument =
+  req
+    "GetJobDocument"
+    "fixture/GetJobDocument.yaml"
+
+requestGetLoggingOptions :: GetLoggingOptions -> TestTree
+requestGetLoggingOptions =
+  req
+    "GetLoggingOptions"
+    "fixture/GetLoggingOptions.yaml"
+
+requestGetOTAUpdate :: GetOTAUpdate -> TestTree
+requestGetOTAUpdate =
+  req
+    "GetOTAUpdate"
+    "fixture/GetOTAUpdate.yaml"
+
+requestGetPercentiles :: GetPercentiles -> TestTree
+requestGetPercentiles =
+  req
+    "GetPercentiles"
+    "fixture/GetPercentiles.yaml"
+
+requestGetPolicy :: GetPolicy -> TestTree
+requestGetPolicy =
+  req
+    "GetPolicy"
+    "fixture/GetPolicy.yaml"
+
+requestGetPolicyVersion :: GetPolicyVersion -> TestTree
+requestGetPolicyVersion =
+  req
+    "GetPolicyVersion"
+    "fixture/GetPolicyVersion.yaml"
+
+requestGetRegistrationCode :: GetRegistrationCode -> TestTree
+requestGetRegistrationCode =
+  req
+    "GetRegistrationCode"
+    "fixture/GetRegistrationCode.yaml"
+
+requestGetStatistics :: GetStatistics -> TestTree
+requestGetStatistics =
+  req
+    "GetStatistics"
+    "fixture/GetStatistics.yaml"
+
+requestGetTopicRule :: GetTopicRule -> TestTree
+requestGetTopicRule =
+  req
+    "GetTopicRule"
+    "fixture/GetTopicRule.yaml"
+
+requestGetTopicRuleDestination :: GetTopicRuleDestination -> TestTree
+requestGetTopicRuleDestination =
+  req
+    "GetTopicRuleDestination"
+    "fixture/GetTopicRuleDestination.yaml"
+
+requestGetV2LoggingOptions :: GetV2LoggingOptions -> TestTree
+requestGetV2LoggingOptions =
+  req
+    "GetV2LoggingOptions"
+    "fixture/GetV2LoggingOptions.yaml"
+
+requestListActiveViolations :: ListActiveViolations -> TestTree
+requestListActiveViolations =
+  req
+    "ListActiveViolations"
+    "fixture/ListActiveViolations.yaml"
+
+requestListAttachedPolicies :: ListAttachedPolicies -> TestTree
+requestListAttachedPolicies =
+  req
+    "ListAttachedPolicies"
+    "fixture/ListAttachedPolicies.yaml"
+
+requestListAuditFindings :: ListAuditFindings -> TestTree
+requestListAuditFindings =
+  req
+    "ListAuditFindings"
+    "fixture/ListAuditFindings.yaml"
+
+requestListAuditMitigationActionsExecutions :: ListAuditMitigationActionsExecutions -> TestTree
+requestListAuditMitigationActionsExecutions =
+  req
+    "ListAuditMitigationActionsExecutions"
+    "fixture/ListAuditMitigationActionsExecutions.yaml"
+
+requestListAuditMitigationActionsTasks :: ListAuditMitigationActionsTasks -> TestTree
+requestListAuditMitigationActionsTasks =
+  req
+    "ListAuditMitigationActionsTasks"
+    "fixture/ListAuditMitigationActionsTasks.yaml"
+
+requestListAuditSuppressions :: ListAuditSuppressions -> TestTree
+requestListAuditSuppressions =
+  req
+    "ListAuditSuppressions"
+    "fixture/ListAuditSuppressions.yaml"
+
+requestListAuditTasks :: ListAuditTasks -> TestTree
+requestListAuditTasks =
+  req
+    "ListAuditTasks"
+    "fixture/ListAuditTasks.yaml"
+
+requestListAuthorizers :: ListAuthorizers -> TestTree
+requestListAuthorizers =
+  req
+    "ListAuthorizers"
+    "fixture/ListAuthorizers.yaml"
+
+requestListBillingGroups :: ListBillingGroups -> TestTree
+requestListBillingGroups =
+  req
+    "ListBillingGroups"
+    "fixture/ListBillingGroups.yaml"
+
+requestListCACertificates :: ListCACertificates -> TestTree
+requestListCACertificates =
+  req
+    "ListCACertificates"
+    "fixture/ListCACertificates.yaml"
+
+requestListCertificates :: ListCertificates -> TestTree
+requestListCertificates =
+  req
+    "ListCertificates"
+    "fixture/ListCertificates.yaml"
+
+requestListCertificatesByCA :: ListCertificatesByCA -> TestTree
+requestListCertificatesByCA =
+  req
+    "ListCertificatesByCA"
+    "fixture/ListCertificatesByCA.yaml"
+
+requestListCustomMetrics :: ListCustomMetrics -> TestTree
+requestListCustomMetrics =
+  req
+    "ListCustomMetrics"
+    "fixture/ListCustomMetrics.yaml"
+
+requestListDetectMitigationActionsExecutions :: ListDetectMitigationActionsExecutions -> TestTree
+requestListDetectMitigationActionsExecutions =
+  req
+    "ListDetectMitigationActionsExecutions"
+    "fixture/ListDetectMitigationActionsExecutions.yaml"
+
+requestListDetectMitigationActionsTasks :: ListDetectMitigationActionsTasks -> TestTree
+requestListDetectMitigationActionsTasks =
+  req
+    "ListDetectMitigationActionsTasks"
+    "fixture/ListDetectMitigationActionsTasks.yaml"
+
+requestListDimensions :: ListDimensions -> TestTree
+requestListDimensions =
+  req
+    "ListDimensions"
+    "fixture/ListDimensions.yaml"
+
+requestListDomainConfigurations :: ListDomainConfigurations -> TestTree
+requestListDomainConfigurations =
+  req
+    "ListDomainConfigurations"
+    "fixture/ListDomainConfigurations.yaml"
+
+requestListFleetMetrics :: ListFleetMetrics -> TestTree
+requestListFleetMetrics =
+  req
+    "ListFleetMetrics"
+    "fixture/ListFleetMetrics.yaml"
+
+requestListIndices :: ListIndices -> TestTree
+requestListIndices =
+  req
+    "ListIndices"
+    "fixture/ListIndices.yaml"
+
+requestListJobExecutionsForJob :: ListJobExecutionsForJob -> TestTree
+requestListJobExecutionsForJob =
+  req
+    "ListJobExecutionsForJob"
+    "fixture/ListJobExecutionsForJob.yaml"
+
+requestListJobExecutionsForThing :: ListJobExecutionsForThing -> TestTree
+requestListJobExecutionsForThing =
+  req
+    "ListJobExecutionsForThing"
+    "fixture/ListJobExecutionsForThing.yaml"
+
+requestListJobTemplates :: ListJobTemplates -> TestTree
+requestListJobTemplates =
+  req
+    "ListJobTemplates"
+    "fixture/ListJobTemplates.yaml"
+
+requestListJobs :: ListJobs -> TestTree
+requestListJobs =
+  req
+    "ListJobs"
+    "fixture/ListJobs.yaml"
+
+requestListManagedJobTemplates :: ListManagedJobTemplates -> TestTree
+requestListManagedJobTemplates =
+  req
+    "ListManagedJobTemplates"
+    "fixture/ListManagedJobTemplates.yaml"
+
+requestListMetricValues :: ListMetricValues -> TestTree
+requestListMetricValues =
+  req
+    "ListMetricValues"
+    "fixture/ListMetricValues.yaml"
+
+requestListMitigationActions :: ListMitigationActions -> TestTree
+requestListMitigationActions =
+  req
+    "ListMitigationActions"
+    "fixture/ListMitigationActions.yaml"
+
+requestListOTAUpdates :: ListOTAUpdates -> TestTree
+requestListOTAUpdates =
+  req
+    "ListOTAUpdates"
+    "fixture/ListOTAUpdates.yaml"
+
+requestListOutgoingCertificates :: ListOutgoingCertificates -> TestTree
+requestListOutgoingCertificates =
+  req
+    "ListOutgoingCertificates"
+    "fixture/ListOutgoingCertificates.yaml"
+
+requestListPolicies :: ListPolicies -> TestTree
+requestListPolicies =
+  req
+    "ListPolicies"
+    "fixture/ListPolicies.yaml"
+
+requestListPolicyVersions :: ListPolicyVersions -> TestTree
+requestListPolicyVersions =
+  req
+    "ListPolicyVersions"
+    "fixture/ListPolicyVersions.yaml"
+
+requestListPrincipalThings :: ListPrincipalThings -> TestTree
+requestListPrincipalThings =
+  req
+    "ListPrincipalThings"
+    "fixture/ListPrincipalThings.yaml"
+
+requestListProvisioningTemplateVersions :: ListProvisioningTemplateVersions -> TestTree
+requestListProvisioningTemplateVersions =
+  req
+    "ListProvisioningTemplateVersions"
+    "fixture/ListProvisioningTemplateVersions.yaml"
+
+requestListProvisioningTemplates :: ListProvisioningTemplates -> TestTree
+requestListProvisioningTemplates =
+  req
+    "ListProvisioningTemplates"
+    "fixture/ListProvisioningTemplates.yaml"
+
+requestListRelatedResourcesForAuditFinding :: ListRelatedResourcesForAuditFinding -> TestTree
+requestListRelatedResourcesForAuditFinding =
+  req
+    "ListRelatedResourcesForAuditFinding"
+    "fixture/ListRelatedResourcesForAuditFinding.yaml"
+
+requestListRoleAliases :: ListRoleAliases -> TestTree
+requestListRoleAliases =
+  req
+    "ListRoleAliases"
+    "fixture/ListRoleAliases.yaml"
+
+requestListScheduledAudits :: ListScheduledAudits -> TestTree
+requestListScheduledAudits =
+  req
+    "ListScheduledAudits"
+    "fixture/ListScheduledAudits.yaml"
+
+requestListSecurityProfiles :: ListSecurityProfiles -> TestTree
+requestListSecurityProfiles =
+  req
+    "ListSecurityProfiles"
+    "fixture/ListSecurityProfiles.yaml"
+
+requestListSecurityProfilesForTarget :: ListSecurityProfilesForTarget -> TestTree
+requestListSecurityProfilesForTarget =
+  req
+    "ListSecurityProfilesForTarget"
+    "fixture/ListSecurityProfilesForTarget.yaml"
+
+requestListStreams :: ListStreams -> TestTree
+requestListStreams =
+  req
+    "ListStreams"
+    "fixture/ListStreams.yaml"
+
+requestListTagsForResource :: ListTagsForResource -> TestTree
+requestListTagsForResource =
+  req
+    "ListTagsForResource"
+    "fixture/ListTagsForResource.yaml"
+
+requestListTargetsForPolicy :: ListTargetsForPolicy -> TestTree
+requestListTargetsForPolicy =
+  req
+    "ListTargetsForPolicy"
+    "fixture/ListTargetsForPolicy.yaml"
+
+requestListTargetsForSecurityProfile :: ListTargetsForSecurityProfile -> TestTree
+requestListTargetsForSecurityProfile =
+  req
+    "ListTargetsForSecurityProfile"
+    "fixture/ListTargetsForSecurityProfile.yaml"
+
+requestListThingGroups :: ListThingGroups -> TestTree
+requestListThingGroups =
+  req
+    "ListThingGroups"
+    "fixture/ListThingGroups.yaml"
+
+requestListThingGroupsForThing :: ListThingGroupsForThing -> TestTree
+requestListThingGroupsForThing =
+  req
+    "ListThingGroupsForThing"
+    "fixture/ListThingGroupsForThing.yaml"
+
+requestListThingPrincipals :: ListThingPrincipals -> TestTree
+requestListThingPrincipals =
+  req
+    "ListThingPrincipals"
+    "fixture/ListThingPrincipals.yaml"
+
+requestListThingRegistrationTaskReports :: ListThingRegistrationTaskReports -> TestTree
+requestListThingRegistrationTaskReports =
+  req
+    "ListThingRegistrationTaskReports"
+    "fixture/ListThingRegistrationTaskReports.yaml"
+
+requestListThingRegistrationTasks :: ListThingRegistrationTasks -> TestTree
+requestListThingRegistrationTasks =
+  req
+    "ListThingRegistrationTasks"
+    "fixture/ListThingRegistrationTasks.yaml"
+
+requestListThingTypes :: ListThingTypes -> TestTree
+requestListThingTypes =
+  req
+    "ListThingTypes"
+    "fixture/ListThingTypes.yaml"
+
+requestListThings :: ListThings -> TestTree
+requestListThings =
+  req
+    "ListThings"
+    "fixture/ListThings.yaml"
+
+requestListThingsInBillingGroup :: ListThingsInBillingGroup -> TestTree
+requestListThingsInBillingGroup =
+  req
+    "ListThingsInBillingGroup"
+    "fixture/ListThingsInBillingGroup.yaml"
+
+requestListThingsInThingGroup :: ListThingsInThingGroup -> TestTree
+requestListThingsInThingGroup =
+  req
+    "ListThingsInThingGroup"
+    "fixture/ListThingsInThingGroup.yaml"
+
+requestListTopicRuleDestinations :: ListTopicRuleDestinations -> TestTree
+requestListTopicRuleDestinations =
+  req
+    "ListTopicRuleDestinations"
+    "fixture/ListTopicRuleDestinations.yaml"
+
+requestListTopicRules :: ListTopicRules -> TestTree
+requestListTopicRules =
+  req
+    "ListTopicRules"
+    "fixture/ListTopicRules.yaml"
+
+requestListV2LoggingLevels :: ListV2LoggingLevels -> TestTree
+requestListV2LoggingLevels =
+  req
+    "ListV2LoggingLevels"
+    "fixture/ListV2LoggingLevels.yaml"
+
+requestListViolationEvents :: ListViolationEvents -> TestTree
+requestListViolationEvents =
+  req
+    "ListViolationEvents"
+    "fixture/ListViolationEvents.yaml"
+
+requestPutVerificationStateOnViolation :: PutVerificationStateOnViolation -> TestTree
+requestPutVerificationStateOnViolation =
+  req
+    "PutVerificationStateOnViolation"
+    "fixture/PutVerificationStateOnViolation.yaml"
+
+requestRegisterCACertificate :: RegisterCACertificate -> TestTree
+requestRegisterCACertificate =
+  req
+    "RegisterCACertificate"
+    "fixture/RegisterCACertificate.yaml"
+
+requestRegisterCertificate :: RegisterCertificate -> TestTree
+requestRegisterCertificate =
+  req
+    "RegisterCertificate"
+    "fixture/RegisterCertificate.yaml"
+
+requestRegisterCertificateWithoutCA :: RegisterCertificateWithoutCA -> TestTree
+requestRegisterCertificateWithoutCA =
+  req
+    "RegisterCertificateWithoutCA"
+    "fixture/RegisterCertificateWithoutCA.yaml"
+
+requestRegisterThing :: RegisterThing -> TestTree
+requestRegisterThing =
+  req
+    "RegisterThing"
+    "fixture/RegisterThing.yaml"
+
+requestRejectCertificateTransfer :: RejectCertificateTransfer -> TestTree
+requestRejectCertificateTransfer =
+  req
+    "RejectCertificateTransfer"
+    "fixture/RejectCertificateTransfer.yaml"
+
+requestRemoveThingFromBillingGroup :: RemoveThingFromBillingGroup -> TestTree
+requestRemoveThingFromBillingGroup =
+  req
+    "RemoveThingFromBillingGroup"
+    "fixture/RemoveThingFromBillingGroup.yaml"
+
+requestRemoveThingFromThingGroup :: RemoveThingFromThingGroup -> TestTree
+requestRemoveThingFromThingGroup =
+  req
+    "RemoveThingFromThingGroup"
+    "fixture/RemoveThingFromThingGroup.yaml"
+
+requestReplaceTopicRule :: ReplaceTopicRule -> TestTree
+requestReplaceTopicRule =
+  req
+    "ReplaceTopicRule"
+    "fixture/ReplaceTopicRule.yaml"
+
+requestSearchIndex :: SearchIndex -> TestTree
+requestSearchIndex =
+  req
+    "SearchIndex"
+    "fixture/SearchIndex.yaml"
+
+requestSetDefaultAuthorizer :: SetDefaultAuthorizer -> TestTree
+requestSetDefaultAuthorizer =
+  req
+    "SetDefaultAuthorizer"
+    "fixture/SetDefaultAuthorizer.yaml"
+
+requestSetDefaultPolicyVersion :: SetDefaultPolicyVersion -> TestTree
+requestSetDefaultPolicyVersion =
+  req
+    "SetDefaultPolicyVersion"
+    "fixture/SetDefaultPolicyVersion.yaml"
+
+requestSetLoggingOptions :: SetLoggingOptions -> TestTree
+requestSetLoggingOptions =
+  req
+    "SetLoggingOptions"
+    "fixture/SetLoggingOptions.yaml"
+
+requestSetV2LoggingLevel :: SetV2LoggingLevel -> TestTree
+requestSetV2LoggingLevel =
+  req
+    "SetV2LoggingLevel"
+    "fixture/SetV2LoggingLevel.yaml"
+
+requestSetV2LoggingOptions :: SetV2LoggingOptions -> TestTree
+requestSetV2LoggingOptions =
+  req
+    "SetV2LoggingOptions"
+    "fixture/SetV2LoggingOptions.yaml"
+
+requestStartAuditMitigationActionsTask :: StartAuditMitigationActionsTask -> TestTree
+requestStartAuditMitigationActionsTask =
+  req
+    "StartAuditMitigationActionsTask"
+    "fixture/StartAuditMitigationActionsTask.yaml"
+
+requestStartDetectMitigationActionsTask :: StartDetectMitigationActionsTask -> TestTree
+requestStartDetectMitigationActionsTask =
+  req
+    "StartDetectMitigationActionsTask"
+    "fixture/StartDetectMitigationActionsTask.yaml"
+
+requestStartOnDemandAuditTask :: StartOnDemandAuditTask -> TestTree
+requestStartOnDemandAuditTask =
+  req
+    "StartOnDemandAuditTask"
+    "fixture/StartOnDemandAuditTask.yaml"
+
+requestStartThingRegistrationTask :: StartThingRegistrationTask -> TestTree
+requestStartThingRegistrationTask =
+  req
+    "StartThingRegistrationTask"
+    "fixture/StartThingRegistrationTask.yaml"
+
+requestStopThingRegistrationTask :: StopThingRegistrationTask -> TestTree
+requestStopThingRegistrationTask =
+  req
+    "StopThingRegistrationTask"
+    "fixture/StopThingRegistrationTask.yaml"
+
+requestTagResource :: TagResource -> TestTree
+requestTagResource =
+  req
+    "TagResource"
+    "fixture/TagResource.yaml"
+
+requestTestAuthorization :: TestAuthorization -> TestTree
+requestTestAuthorization =
+  req
+    "TestAuthorization"
+    "fixture/TestAuthorization.yaml"
+
+requestTestInvokeAuthorizer :: TestInvokeAuthorizer -> TestTree
+requestTestInvokeAuthorizer =
+  req
+    "TestInvokeAuthorizer"
+    "fixture/TestInvokeAuthorizer.yaml"
+
+requestTransferCertificate :: TransferCertificate -> TestTree
+requestTransferCertificate =
+  req
+    "TransferCertificate"
+    "fixture/TransferCertificate.yaml"
+
+requestUntagResource :: UntagResource -> TestTree
+requestUntagResource =
+  req
+    "UntagResource"
+    "fixture/UntagResource.yaml"
+
+requestUpdateAccountAuditConfiguration :: UpdateAccountAuditConfiguration -> TestTree
+requestUpdateAccountAuditConfiguration =
+  req
+    "UpdateAccountAuditConfiguration"
+    "fixture/UpdateAccountAuditConfiguration.yaml"
+
+requestUpdateAuditSuppression :: UpdateAuditSuppression -> TestTree
+requestUpdateAuditSuppression =
+  req
+    "UpdateAuditSuppression"
+    "fixture/UpdateAuditSuppression.yaml"
+
+requestUpdateAuthorizer :: UpdateAuthorizer -> TestTree
+requestUpdateAuthorizer =
+  req
+    "UpdateAuthorizer"
+    "fixture/UpdateAuthorizer.yaml"
+
+requestUpdateBillingGroup :: UpdateBillingGroup -> TestTree
+requestUpdateBillingGroup =
+  req
+    "UpdateBillingGroup"
+    "fixture/UpdateBillingGroup.yaml"
+
+requestUpdateCACertificate :: UpdateCACertificate -> TestTree
+requestUpdateCACertificate =
+  req
+    "UpdateCACertificate"
+    "fixture/UpdateCACertificate.yaml"
+
+requestUpdateCertificate :: UpdateCertificate -> TestTree
+requestUpdateCertificate =
+  req
+    "UpdateCertificate"
+    "fixture/UpdateCertificate.yaml"
+
+requestUpdateCustomMetric :: UpdateCustomMetric -> TestTree
+requestUpdateCustomMetric =
+  req
+    "UpdateCustomMetric"
+    "fixture/UpdateCustomMetric.yaml"
+
+requestUpdateDimension :: UpdateDimension -> TestTree
+requestUpdateDimension =
+  req
+    "UpdateDimension"
+    "fixture/UpdateDimension.yaml"
+
+requestUpdateDomainConfiguration :: UpdateDomainConfiguration -> TestTree
+requestUpdateDomainConfiguration =
+  req
+    "UpdateDomainConfiguration"
+    "fixture/UpdateDomainConfiguration.yaml"
+
+requestUpdateDynamicThingGroup :: UpdateDynamicThingGroup -> TestTree
+requestUpdateDynamicThingGroup =
+  req
+    "UpdateDynamicThingGroup"
+    "fixture/UpdateDynamicThingGroup.yaml"
+
+requestUpdateEventConfigurations :: UpdateEventConfigurations -> TestTree
+requestUpdateEventConfigurations =
+  req
+    "UpdateEventConfigurations"
+    "fixture/UpdateEventConfigurations.yaml"
+
+requestUpdateFleetMetric :: UpdateFleetMetric -> TestTree
+requestUpdateFleetMetric =
+  req
+    "UpdateFleetMetric"
+    "fixture/UpdateFleetMetric.yaml"
+
+requestUpdateIndexingConfiguration :: UpdateIndexingConfiguration -> TestTree
+requestUpdateIndexingConfiguration =
+  req
+    "UpdateIndexingConfiguration"
+    "fixture/UpdateIndexingConfiguration.yaml"
+
+requestUpdateJob :: UpdateJob -> TestTree
+requestUpdateJob =
+  req
+    "UpdateJob"
+    "fixture/UpdateJob.yaml"
+
+requestUpdateMitigationAction :: UpdateMitigationAction -> TestTree
+requestUpdateMitigationAction =
+  req
+    "UpdateMitigationAction"
+    "fixture/UpdateMitigationAction.yaml"
+
+requestUpdateProvisioningTemplate :: UpdateProvisioningTemplate -> TestTree
+requestUpdateProvisioningTemplate =
+  req
+    "UpdateProvisioningTemplate"
+    "fixture/UpdateProvisioningTemplate.yaml"
+
+requestUpdateRoleAlias :: UpdateRoleAlias -> TestTree
+requestUpdateRoleAlias =
+  req
+    "UpdateRoleAlias"
+    "fixture/UpdateRoleAlias.yaml"
+
+requestUpdateScheduledAudit :: UpdateScheduledAudit -> TestTree
+requestUpdateScheduledAudit =
+  req
+    "UpdateScheduledAudit"
+    "fixture/UpdateScheduledAudit.yaml"
+
+requestUpdateSecurityProfile :: UpdateSecurityProfile -> TestTree
+requestUpdateSecurityProfile =
+  req
+    "UpdateSecurityProfile"
+    "fixture/UpdateSecurityProfile.yaml"
+
+requestUpdateStream :: UpdateStream -> TestTree
+requestUpdateStream =
+  req
+    "UpdateStream"
+    "fixture/UpdateStream.yaml"
+
+requestUpdateThing :: UpdateThing -> TestTree
+requestUpdateThing =
+  req
+    "UpdateThing"
+    "fixture/UpdateThing.yaml"
+
+requestUpdateThingGroup :: UpdateThingGroup -> TestTree
+requestUpdateThingGroup =
+  req
+    "UpdateThingGroup"
+    "fixture/UpdateThingGroup.yaml"
+
+requestUpdateThingGroupsForThing :: UpdateThingGroupsForThing -> TestTree
+requestUpdateThingGroupsForThing =
+  req
+    "UpdateThingGroupsForThing"
+    "fixture/UpdateThingGroupsForThing.yaml"
+
+requestUpdateTopicRuleDestination :: UpdateTopicRuleDestination -> TestTree
+requestUpdateTopicRuleDestination =
+  req
+    "UpdateTopicRuleDestination"
+    "fixture/UpdateTopicRuleDestination.yaml"
+
+requestValidateSecurityProfileBehaviors :: ValidateSecurityProfileBehaviors -> TestTree
+requestValidateSecurityProfileBehaviors =
+  req
+    "ValidateSecurityProfileBehaviors"
+    "fixture/ValidateSecurityProfileBehaviors.yaml"
+
+-- Responses
+
+responseAcceptCertificateTransfer :: AcceptCertificateTransferResponse -> TestTree
+responseAcceptCertificateTransfer =
+  res
+    "AcceptCertificateTransferResponse"
+    "fixture/AcceptCertificateTransferResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy AcceptCertificateTransfer)
+
+responseAddThingToBillingGroup :: AddThingToBillingGroupResponse -> TestTree
+responseAddThingToBillingGroup =
+  res
+    "AddThingToBillingGroupResponse"
+    "fixture/AddThingToBillingGroupResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy AddThingToBillingGroup)
+
+responseAddThingToThingGroup :: AddThingToThingGroupResponse -> TestTree
+responseAddThingToThingGroup =
+  res
+    "AddThingToThingGroupResponse"
+    "fixture/AddThingToThingGroupResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy AddThingToThingGroup)
+
+responseAssociateTargetsWithJob :: AssociateTargetsWithJobResponse -> TestTree
+responseAssociateTargetsWithJob =
+  res
+    "AssociateTargetsWithJobResponse"
+    "fixture/AssociateTargetsWithJobResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy AssociateTargetsWithJob)
+
+responseAttachPolicy :: AttachPolicyResponse -> TestTree
+responseAttachPolicy =
+  res
+    "AttachPolicyResponse"
+    "fixture/AttachPolicyResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy AttachPolicy)
+
+responseAttachSecurityProfile :: AttachSecurityProfileResponse -> TestTree
+responseAttachSecurityProfile =
+  res
+    "AttachSecurityProfileResponse"
+    "fixture/AttachSecurityProfileResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy AttachSecurityProfile)
+
+responseAttachThingPrincipal :: AttachThingPrincipalResponse -> TestTree
+responseAttachThingPrincipal =
+  res
+    "AttachThingPrincipalResponse"
+    "fixture/AttachThingPrincipalResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy AttachThingPrincipal)
+
+responseCancelAuditMitigationActionsTask :: CancelAuditMitigationActionsTaskResponse -> TestTree
+responseCancelAuditMitigationActionsTask =
+  res
+    "CancelAuditMitigationActionsTaskResponse"
+    "fixture/CancelAuditMitigationActionsTaskResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CancelAuditMitigationActionsTask)
+
+responseCancelAuditTask :: CancelAuditTaskResponse -> TestTree
+responseCancelAuditTask =
+  res
+    "CancelAuditTaskResponse"
+    "fixture/CancelAuditTaskResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CancelAuditTask)
+
+responseCancelCertificateTransfer :: CancelCertificateTransferResponse -> TestTree
+responseCancelCertificateTransfer =
+  res
+    "CancelCertificateTransferResponse"
+    "fixture/CancelCertificateTransferResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CancelCertificateTransfer)
+
+responseCancelDetectMitigationActionsTask :: CancelDetectMitigationActionsTaskResponse -> TestTree
+responseCancelDetectMitigationActionsTask =
+  res
+    "CancelDetectMitigationActionsTaskResponse"
+    "fixture/CancelDetectMitigationActionsTaskResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CancelDetectMitigationActionsTask)
+
+responseCancelJob :: CancelJobResponse -> TestTree
+responseCancelJob =
+  res
+    "CancelJobResponse"
+    "fixture/CancelJobResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CancelJob)
+
+responseCancelJobExecution :: CancelJobExecutionResponse -> TestTree
+responseCancelJobExecution =
+  res
+    "CancelJobExecutionResponse"
+    "fixture/CancelJobExecutionResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CancelJobExecution)
+
+responseClearDefaultAuthorizer :: ClearDefaultAuthorizerResponse -> TestTree
+responseClearDefaultAuthorizer =
+  res
+    "ClearDefaultAuthorizerResponse"
+    "fixture/ClearDefaultAuthorizerResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ClearDefaultAuthorizer)
+
+responseConfirmTopicRuleDestination :: ConfirmTopicRuleDestinationResponse -> TestTree
+responseConfirmTopicRuleDestination =
+  res
+    "ConfirmTopicRuleDestinationResponse"
+    "fixture/ConfirmTopicRuleDestinationResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ConfirmTopicRuleDestination)
+
+responseCreateAuditSuppression :: CreateAuditSuppressionResponse -> TestTree
+responseCreateAuditSuppression =
+  res
+    "CreateAuditSuppressionResponse"
+    "fixture/CreateAuditSuppressionResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateAuditSuppression)
+
+responseCreateAuthorizer :: CreateAuthorizerResponse -> TestTree
+responseCreateAuthorizer =
+  res
+    "CreateAuthorizerResponse"
+    "fixture/CreateAuthorizerResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateAuthorizer)
+
+responseCreateBillingGroup :: CreateBillingGroupResponse -> TestTree
+responseCreateBillingGroup =
+  res
+    "CreateBillingGroupResponse"
+    "fixture/CreateBillingGroupResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateBillingGroup)
+
+responseCreateCertificateFromCsr :: CreateCertificateFromCsrResponse -> TestTree
+responseCreateCertificateFromCsr =
+  res
+    "CreateCertificateFromCsrResponse"
+    "fixture/CreateCertificateFromCsrResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateCertificateFromCsr)
+
+responseCreateCustomMetric :: CreateCustomMetricResponse -> TestTree
+responseCreateCustomMetric =
+  res
+    "CreateCustomMetricResponse"
+    "fixture/CreateCustomMetricResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateCustomMetric)
+
+responseCreateDimension :: CreateDimensionResponse -> TestTree
+responseCreateDimension =
+  res
+    "CreateDimensionResponse"
+    "fixture/CreateDimensionResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateDimension)
+
+responseCreateDomainConfiguration :: CreateDomainConfigurationResponse -> TestTree
+responseCreateDomainConfiguration =
+  res
+    "CreateDomainConfigurationResponse"
+    "fixture/CreateDomainConfigurationResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateDomainConfiguration)
+
+responseCreateDynamicThingGroup :: CreateDynamicThingGroupResponse -> TestTree
+responseCreateDynamicThingGroup =
+  res
+    "CreateDynamicThingGroupResponse"
+    "fixture/CreateDynamicThingGroupResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateDynamicThingGroup)
+
+responseCreateFleetMetric :: CreateFleetMetricResponse -> TestTree
+responseCreateFleetMetric =
+  res
+    "CreateFleetMetricResponse"
+    "fixture/CreateFleetMetricResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateFleetMetric)
+
+responseCreateJob :: CreateJobResponse -> TestTree
+responseCreateJob =
+  res
+    "CreateJobResponse"
+    "fixture/CreateJobResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateJob)
+
+responseCreateJobTemplate :: CreateJobTemplateResponse -> TestTree
+responseCreateJobTemplate =
+  res
+    "CreateJobTemplateResponse"
+    "fixture/CreateJobTemplateResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateJobTemplate)
+
+responseCreateKeysAndCertificate :: CreateKeysAndCertificateResponse -> TestTree
+responseCreateKeysAndCertificate =
+  res
+    "CreateKeysAndCertificateResponse"
+    "fixture/CreateKeysAndCertificateResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateKeysAndCertificate)
+
+responseCreateMitigationAction :: CreateMitigationActionResponse -> TestTree
+responseCreateMitigationAction =
+  res
+    "CreateMitigationActionResponse"
+    "fixture/CreateMitigationActionResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateMitigationAction)
+
+responseCreateOTAUpdate :: CreateOTAUpdateResponse -> TestTree
+responseCreateOTAUpdate =
+  res
+    "CreateOTAUpdateResponse"
+    "fixture/CreateOTAUpdateResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateOTAUpdate)
+
+responseCreatePolicy :: CreatePolicyResponse -> TestTree
+responseCreatePolicy =
+  res
+    "CreatePolicyResponse"
+    "fixture/CreatePolicyResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreatePolicy)
+
+responseCreatePolicyVersion :: CreatePolicyVersionResponse -> TestTree
+responseCreatePolicyVersion =
+  res
+    "CreatePolicyVersionResponse"
+    "fixture/CreatePolicyVersionResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreatePolicyVersion)
+
+responseCreateProvisioningClaim :: CreateProvisioningClaimResponse -> TestTree
+responseCreateProvisioningClaim =
+  res
+    "CreateProvisioningClaimResponse"
+    "fixture/CreateProvisioningClaimResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateProvisioningClaim)
+
+responseCreateProvisioningTemplate :: CreateProvisioningTemplateResponse -> TestTree
+responseCreateProvisioningTemplate =
+  res
+    "CreateProvisioningTemplateResponse"
+    "fixture/CreateProvisioningTemplateResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateProvisioningTemplate)
+
+responseCreateProvisioningTemplateVersion :: CreateProvisioningTemplateVersionResponse -> TestTree
+responseCreateProvisioningTemplateVersion =
+  res
+    "CreateProvisioningTemplateVersionResponse"
+    "fixture/CreateProvisioningTemplateVersionResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateProvisioningTemplateVersion)
+
+responseCreateRoleAlias :: CreateRoleAliasResponse -> TestTree
+responseCreateRoleAlias =
+  res
+    "CreateRoleAliasResponse"
+    "fixture/CreateRoleAliasResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateRoleAlias)
+
+responseCreateScheduledAudit :: CreateScheduledAuditResponse -> TestTree
+responseCreateScheduledAudit =
+  res
+    "CreateScheduledAuditResponse"
+    "fixture/CreateScheduledAuditResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateScheduledAudit)
+
+responseCreateSecurityProfile :: CreateSecurityProfileResponse -> TestTree
+responseCreateSecurityProfile =
+  res
+    "CreateSecurityProfileResponse"
+    "fixture/CreateSecurityProfileResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateSecurityProfile)
+
+responseCreateStream :: CreateStreamResponse -> TestTree
+responseCreateStream =
+  res
+    "CreateStreamResponse"
+    "fixture/CreateStreamResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateStream)
+
+responseCreateThing :: CreateThingResponse -> TestTree
+responseCreateThing =
+  res
+    "CreateThingResponse"
+    "fixture/CreateThingResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateThing)
+
+responseCreateThingGroup :: CreateThingGroupResponse -> TestTree
+responseCreateThingGroup =
+  res
+    "CreateThingGroupResponse"
+    "fixture/CreateThingGroupResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateThingGroup)
+
+responseCreateThingType :: CreateThingTypeResponse -> TestTree
+responseCreateThingType =
+  res
+    "CreateThingTypeResponse"
+    "fixture/CreateThingTypeResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateThingType)
+
+responseCreateTopicRule :: CreateTopicRuleResponse -> TestTree
+responseCreateTopicRule =
+  res
+    "CreateTopicRuleResponse"
+    "fixture/CreateTopicRuleResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateTopicRule)
+
+responseCreateTopicRuleDestination :: CreateTopicRuleDestinationResponse -> TestTree
+responseCreateTopicRuleDestination =
+  res
+    "CreateTopicRuleDestinationResponse"
+    "fixture/CreateTopicRuleDestinationResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateTopicRuleDestination)
+
+responseDeleteAccountAuditConfiguration :: DeleteAccountAuditConfigurationResponse -> TestTree
+responseDeleteAccountAuditConfiguration =
+  res
+    "DeleteAccountAuditConfigurationResponse"
+    "fixture/DeleteAccountAuditConfigurationResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteAccountAuditConfiguration)
+
+responseDeleteAuditSuppression :: DeleteAuditSuppressionResponse -> TestTree
+responseDeleteAuditSuppression =
+  res
+    "DeleteAuditSuppressionResponse"
+    "fixture/DeleteAuditSuppressionResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteAuditSuppression)
+
+responseDeleteAuthorizer :: DeleteAuthorizerResponse -> TestTree
+responseDeleteAuthorizer =
+  res
+    "DeleteAuthorizerResponse"
+    "fixture/DeleteAuthorizerResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteAuthorizer)
+
+responseDeleteBillingGroup :: DeleteBillingGroupResponse -> TestTree
+responseDeleteBillingGroup =
+  res
+    "DeleteBillingGroupResponse"
+    "fixture/DeleteBillingGroupResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteBillingGroup)
+
+responseDeleteCACertificate :: DeleteCACertificateResponse -> TestTree
+responseDeleteCACertificate =
+  res
+    "DeleteCACertificateResponse"
+    "fixture/DeleteCACertificateResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteCACertificate)
+
+responseDeleteCertificate :: DeleteCertificateResponse -> TestTree
+responseDeleteCertificate =
+  res
+    "DeleteCertificateResponse"
+    "fixture/DeleteCertificateResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteCertificate)
+
+responseDeleteCustomMetric :: DeleteCustomMetricResponse -> TestTree
+responseDeleteCustomMetric =
+  res
+    "DeleteCustomMetricResponse"
+    "fixture/DeleteCustomMetricResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteCustomMetric)
+
+responseDeleteDimension :: DeleteDimensionResponse -> TestTree
+responseDeleteDimension =
+  res
+    "DeleteDimensionResponse"
+    "fixture/DeleteDimensionResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteDimension)
+
+responseDeleteDomainConfiguration :: DeleteDomainConfigurationResponse -> TestTree
+responseDeleteDomainConfiguration =
+  res
+    "DeleteDomainConfigurationResponse"
+    "fixture/DeleteDomainConfigurationResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteDomainConfiguration)
+
+responseDeleteDynamicThingGroup :: DeleteDynamicThingGroupResponse -> TestTree
+responseDeleteDynamicThingGroup =
+  res
+    "DeleteDynamicThingGroupResponse"
+    "fixture/DeleteDynamicThingGroupResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteDynamicThingGroup)
+
+responseDeleteFleetMetric :: DeleteFleetMetricResponse -> TestTree
+responseDeleteFleetMetric =
+  res
+    "DeleteFleetMetricResponse"
+    "fixture/DeleteFleetMetricResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteFleetMetric)
+
+responseDeleteJob :: DeleteJobResponse -> TestTree
+responseDeleteJob =
+  res
+    "DeleteJobResponse"
+    "fixture/DeleteJobResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteJob)
+
+responseDeleteJobExecution :: DeleteJobExecutionResponse -> TestTree
+responseDeleteJobExecution =
+  res
+    "DeleteJobExecutionResponse"
+    "fixture/DeleteJobExecutionResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteJobExecution)
+
+responseDeleteJobTemplate :: DeleteJobTemplateResponse -> TestTree
+responseDeleteJobTemplate =
+  res
+    "DeleteJobTemplateResponse"
+    "fixture/DeleteJobTemplateResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteJobTemplate)
+
+responseDeleteMitigationAction :: DeleteMitigationActionResponse -> TestTree
+responseDeleteMitigationAction =
+  res
+    "DeleteMitigationActionResponse"
+    "fixture/DeleteMitigationActionResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteMitigationAction)
+
+responseDeleteOTAUpdate :: DeleteOTAUpdateResponse -> TestTree
+responseDeleteOTAUpdate =
+  res
+    "DeleteOTAUpdateResponse"
+    "fixture/DeleteOTAUpdateResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteOTAUpdate)
+
+responseDeletePolicy :: DeletePolicyResponse -> TestTree
+responseDeletePolicy =
+  res
+    "DeletePolicyResponse"
+    "fixture/DeletePolicyResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeletePolicy)
+
+responseDeletePolicyVersion :: DeletePolicyVersionResponse -> TestTree
+responseDeletePolicyVersion =
+  res
+    "DeletePolicyVersionResponse"
+    "fixture/DeletePolicyVersionResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeletePolicyVersion)
+
+responseDeleteProvisioningTemplate :: DeleteProvisioningTemplateResponse -> TestTree
+responseDeleteProvisioningTemplate =
+  res
+    "DeleteProvisioningTemplateResponse"
+    "fixture/DeleteProvisioningTemplateResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteProvisioningTemplate)
+
+responseDeleteProvisioningTemplateVersion :: DeleteProvisioningTemplateVersionResponse -> TestTree
+responseDeleteProvisioningTemplateVersion =
+  res
+    "DeleteProvisioningTemplateVersionResponse"
+    "fixture/DeleteProvisioningTemplateVersionResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteProvisioningTemplateVersion)
+
+responseDeleteRegistrationCode :: DeleteRegistrationCodeResponse -> TestTree
+responseDeleteRegistrationCode =
+  res
+    "DeleteRegistrationCodeResponse"
+    "fixture/DeleteRegistrationCodeResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteRegistrationCode)
+
+responseDeleteRoleAlias :: DeleteRoleAliasResponse -> TestTree
+responseDeleteRoleAlias =
+  res
+    "DeleteRoleAliasResponse"
+    "fixture/DeleteRoleAliasResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteRoleAlias)
+
+responseDeleteScheduledAudit :: DeleteScheduledAuditResponse -> TestTree
+responseDeleteScheduledAudit =
+  res
+    "DeleteScheduledAuditResponse"
+    "fixture/DeleteScheduledAuditResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteScheduledAudit)
+
+responseDeleteSecurityProfile :: DeleteSecurityProfileResponse -> TestTree
+responseDeleteSecurityProfile =
+  res
+    "DeleteSecurityProfileResponse"
+    "fixture/DeleteSecurityProfileResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteSecurityProfile)
+
+responseDeleteStream :: DeleteStreamResponse -> TestTree
+responseDeleteStream =
+  res
+    "DeleteStreamResponse"
+    "fixture/DeleteStreamResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteStream)
+
+responseDeleteThing :: DeleteThingResponse -> TestTree
+responseDeleteThing =
+  res
+    "DeleteThingResponse"
+    "fixture/DeleteThingResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteThing)
+
+responseDeleteThingGroup :: DeleteThingGroupResponse -> TestTree
+responseDeleteThingGroup =
+  res
+    "DeleteThingGroupResponse"
+    "fixture/DeleteThingGroupResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteThingGroup)
+
+responseDeleteThingType :: DeleteThingTypeResponse -> TestTree
+responseDeleteThingType =
+  res
+    "DeleteThingTypeResponse"
+    "fixture/DeleteThingTypeResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteThingType)
+
+responseDeleteTopicRule :: DeleteTopicRuleResponse -> TestTree
+responseDeleteTopicRule =
+  res
+    "DeleteTopicRuleResponse"
+    "fixture/DeleteTopicRuleResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteTopicRule)
+
+responseDeleteTopicRuleDestination :: DeleteTopicRuleDestinationResponse -> TestTree
+responseDeleteTopicRuleDestination =
+  res
+    "DeleteTopicRuleDestinationResponse"
+    "fixture/DeleteTopicRuleDestinationResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteTopicRuleDestination)
+
+responseDeleteV2LoggingLevel :: DeleteV2LoggingLevelResponse -> TestTree
+responseDeleteV2LoggingLevel =
+  res
+    "DeleteV2LoggingLevelResponse"
+    "fixture/DeleteV2LoggingLevelResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteV2LoggingLevel)
+
+responseDeprecateThingType :: DeprecateThingTypeResponse -> TestTree
+responseDeprecateThingType =
+  res
+    "DeprecateThingTypeResponse"
+    "fixture/DeprecateThingTypeResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeprecateThingType)
+
+responseDescribeAccountAuditConfiguration :: DescribeAccountAuditConfigurationResponse -> TestTree
+responseDescribeAccountAuditConfiguration =
+  res
+    "DescribeAccountAuditConfigurationResponse"
+    "fixture/DescribeAccountAuditConfigurationResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeAccountAuditConfiguration)
+
+responseDescribeAuditFinding :: DescribeAuditFindingResponse -> TestTree
+responseDescribeAuditFinding =
+  res
+    "DescribeAuditFindingResponse"
+    "fixture/DescribeAuditFindingResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeAuditFinding)
+
+responseDescribeAuditMitigationActionsTask :: DescribeAuditMitigationActionsTaskResponse -> TestTree
+responseDescribeAuditMitigationActionsTask =
+  res
+    "DescribeAuditMitigationActionsTaskResponse"
+    "fixture/DescribeAuditMitigationActionsTaskResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeAuditMitigationActionsTask)
+
+responseDescribeAuditSuppression :: DescribeAuditSuppressionResponse -> TestTree
+responseDescribeAuditSuppression =
+  res
+    "DescribeAuditSuppressionResponse"
+    "fixture/DescribeAuditSuppressionResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeAuditSuppression)
+
+responseDescribeAuditTask :: DescribeAuditTaskResponse -> TestTree
+responseDescribeAuditTask =
+  res
+    "DescribeAuditTaskResponse"
+    "fixture/DescribeAuditTaskResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeAuditTask)
+
+responseDescribeAuthorizer :: DescribeAuthorizerResponse -> TestTree
+responseDescribeAuthorizer =
+  res
+    "DescribeAuthorizerResponse"
+    "fixture/DescribeAuthorizerResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeAuthorizer)
+
+responseDescribeBillingGroup :: DescribeBillingGroupResponse -> TestTree
+responseDescribeBillingGroup =
+  res
+    "DescribeBillingGroupResponse"
+    "fixture/DescribeBillingGroupResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeBillingGroup)
+
+responseDescribeCACertificate :: DescribeCACertificateResponse -> TestTree
+responseDescribeCACertificate =
+  res
+    "DescribeCACertificateResponse"
+    "fixture/DescribeCACertificateResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeCACertificate)
+
+responseDescribeCertificate :: DescribeCertificateResponse -> TestTree
+responseDescribeCertificate =
+  res
+    "DescribeCertificateResponse"
+    "fixture/DescribeCertificateResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeCertificate)
+
+responseDescribeCustomMetric :: DescribeCustomMetricResponse -> TestTree
+responseDescribeCustomMetric =
+  res
+    "DescribeCustomMetricResponse"
+    "fixture/DescribeCustomMetricResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeCustomMetric)
+
+responseDescribeDefaultAuthorizer :: DescribeDefaultAuthorizerResponse -> TestTree
+responseDescribeDefaultAuthorizer =
+  res
+    "DescribeDefaultAuthorizerResponse"
+    "fixture/DescribeDefaultAuthorizerResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeDefaultAuthorizer)
+
+responseDescribeDetectMitigationActionsTask :: DescribeDetectMitigationActionsTaskResponse -> TestTree
+responseDescribeDetectMitigationActionsTask =
+  res
+    "DescribeDetectMitigationActionsTaskResponse"
+    "fixture/DescribeDetectMitigationActionsTaskResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeDetectMitigationActionsTask)
+
+responseDescribeDimension :: DescribeDimensionResponse -> TestTree
+responseDescribeDimension =
+  res
+    "DescribeDimensionResponse"
+    "fixture/DescribeDimensionResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeDimension)
+
+responseDescribeDomainConfiguration :: DescribeDomainConfigurationResponse -> TestTree
+responseDescribeDomainConfiguration =
+  res
+    "DescribeDomainConfigurationResponse"
+    "fixture/DescribeDomainConfigurationResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeDomainConfiguration)
+
+responseDescribeEndpoint :: DescribeEndpointResponse -> TestTree
+responseDescribeEndpoint =
+  res
+    "DescribeEndpointResponse"
+    "fixture/DescribeEndpointResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeEndpoint)
+
+responseDescribeEventConfigurations :: DescribeEventConfigurationsResponse -> TestTree
+responseDescribeEventConfigurations =
+  res
+    "DescribeEventConfigurationsResponse"
+    "fixture/DescribeEventConfigurationsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeEventConfigurations)
+
+responseDescribeFleetMetric :: DescribeFleetMetricResponse -> TestTree
+responseDescribeFleetMetric =
+  res
+    "DescribeFleetMetricResponse"
+    "fixture/DescribeFleetMetricResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeFleetMetric)
+
+responseDescribeIndex :: DescribeIndexResponse -> TestTree
+responseDescribeIndex =
+  res
+    "DescribeIndexResponse"
+    "fixture/DescribeIndexResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeIndex)
+
+responseDescribeJob :: DescribeJobResponse -> TestTree
+responseDescribeJob =
+  res
+    "DescribeJobResponse"
+    "fixture/DescribeJobResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeJob)
+
+responseDescribeJobExecution :: DescribeJobExecutionResponse -> TestTree
+responseDescribeJobExecution =
+  res
+    "DescribeJobExecutionResponse"
+    "fixture/DescribeJobExecutionResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeJobExecution)
+
+responseDescribeJobTemplate :: DescribeJobTemplateResponse -> TestTree
+responseDescribeJobTemplate =
+  res
+    "DescribeJobTemplateResponse"
+    "fixture/DescribeJobTemplateResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeJobTemplate)
+
+responseDescribeManagedJobTemplate :: DescribeManagedJobTemplateResponse -> TestTree
+responseDescribeManagedJobTemplate =
+  res
+    "DescribeManagedJobTemplateResponse"
+    "fixture/DescribeManagedJobTemplateResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeManagedJobTemplate)
+
+responseDescribeMitigationAction :: DescribeMitigationActionResponse -> TestTree
+responseDescribeMitigationAction =
+  res
+    "DescribeMitigationActionResponse"
+    "fixture/DescribeMitigationActionResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeMitigationAction)
+
+responseDescribeProvisioningTemplate :: DescribeProvisioningTemplateResponse -> TestTree
+responseDescribeProvisioningTemplate =
+  res
+    "DescribeProvisioningTemplateResponse"
+    "fixture/DescribeProvisioningTemplateResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeProvisioningTemplate)
+
+responseDescribeProvisioningTemplateVersion :: DescribeProvisioningTemplateVersionResponse -> TestTree
+responseDescribeProvisioningTemplateVersion =
+  res
+    "DescribeProvisioningTemplateVersionResponse"
+    "fixture/DescribeProvisioningTemplateVersionResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeProvisioningTemplateVersion)
+
+responseDescribeRoleAlias :: DescribeRoleAliasResponse -> TestTree
+responseDescribeRoleAlias =
+  res
+    "DescribeRoleAliasResponse"
+    "fixture/DescribeRoleAliasResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeRoleAlias)
+
+responseDescribeScheduledAudit :: DescribeScheduledAuditResponse -> TestTree
+responseDescribeScheduledAudit =
+  res
+    "DescribeScheduledAuditResponse"
+    "fixture/DescribeScheduledAuditResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeScheduledAudit)
+
+responseDescribeSecurityProfile :: DescribeSecurityProfileResponse -> TestTree
+responseDescribeSecurityProfile =
+  res
+    "DescribeSecurityProfileResponse"
+    "fixture/DescribeSecurityProfileResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeSecurityProfile)
+
+responseDescribeStream :: DescribeStreamResponse -> TestTree
+responseDescribeStream =
+  res
+    "DescribeStreamResponse"
+    "fixture/DescribeStreamResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeStream)
+
+responseDescribeThing :: DescribeThingResponse -> TestTree
+responseDescribeThing =
+  res
+    "DescribeThingResponse"
+    "fixture/DescribeThingResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeThing)
+
+responseDescribeThingGroup :: DescribeThingGroupResponse -> TestTree
+responseDescribeThingGroup =
+  res
+    "DescribeThingGroupResponse"
+    "fixture/DescribeThingGroupResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeThingGroup)
+
+responseDescribeThingRegistrationTask :: DescribeThingRegistrationTaskResponse -> TestTree
+responseDescribeThingRegistrationTask =
+  res
+    "DescribeThingRegistrationTaskResponse"
+    "fixture/DescribeThingRegistrationTaskResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeThingRegistrationTask)
+
+responseDescribeThingType :: DescribeThingTypeResponse -> TestTree
+responseDescribeThingType =
+  res
+    "DescribeThingTypeResponse"
+    "fixture/DescribeThingTypeResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeThingType)
+
+responseDetachPolicy :: DetachPolicyResponse -> TestTree
+responseDetachPolicy =
+  res
+    "DetachPolicyResponse"
+    "fixture/DetachPolicyResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DetachPolicy)
+
+responseDetachSecurityProfile :: DetachSecurityProfileResponse -> TestTree
+responseDetachSecurityProfile =
+  res
+    "DetachSecurityProfileResponse"
+    "fixture/DetachSecurityProfileResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DetachSecurityProfile)
+
+responseDetachThingPrincipal :: DetachThingPrincipalResponse -> TestTree
+responseDetachThingPrincipal =
+  res
+    "DetachThingPrincipalResponse"
+    "fixture/DetachThingPrincipalResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DetachThingPrincipal)
+
+responseDisableTopicRule :: DisableTopicRuleResponse -> TestTree
+responseDisableTopicRule =
+  res
+    "DisableTopicRuleResponse"
+    "fixture/DisableTopicRuleResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DisableTopicRule)
+
+responseEnableTopicRule :: EnableTopicRuleResponse -> TestTree
+responseEnableTopicRule =
+  res
+    "EnableTopicRuleResponse"
+    "fixture/EnableTopicRuleResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy EnableTopicRule)
+
+responseGetBehaviorModelTrainingSummaries :: GetBehaviorModelTrainingSummariesResponse -> TestTree
+responseGetBehaviorModelTrainingSummaries =
+  res
+    "GetBehaviorModelTrainingSummariesResponse"
+    "fixture/GetBehaviorModelTrainingSummariesResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetBehaviorModelTrainingSummaries)
+
+responseGetBucketsAggregation :: GetBucketsAggregationResponse -> TestTree
+responseGetBucketsAggregation =
+  res
+    "GetBucketsAggregationResponse"
+    "fixture/GetBucketsAggregationResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetBucketsAggregation)
+
+responseGetCardinality :: GetCardinalityResponse -> TestTree
+responseGetCardinality =
+  res
+    "GetCardinalityResponse"
+    "fixture/GetCardinalityResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetCardinality)
+
+responseGetEffectivePolicies :: GetEffectivePoliciesResponse -> TestTree
+responseGetEffectivePolicies =
+  res
+    "GetEffectivePoliciesResponse"
+    "fixture/GetEffectivePoliciesResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetEffectivePolicies)
+
+responseGetIndexingConfiguration :: GetIndexingConfigurationResponse -> TestTree
+responseGetIndexingConfiguration =
+  res
+    "GetIndexingConfigurationResponse"
+    "fixture/GetIndexingConfigurationResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetIndexingConfiguration)
+
+responseGetJobDocument :: GetJobDocumentResponse -> TestTree
+responseGetJobDocument =
+  res
+    "GetJobDocumentResponse"
+    "fixture/GetJobDocumentResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetJobDocument)
+
+responseGetLoggingOptions :: GetLoggingOptionsResponse -> TestTree
+responseGetLoggingOptions =
+  res
+    "GetLoggingOptionsResponse"
+    "fixture/GetLoggingOptionsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetLoggingOptions)
+
+responseGetOTAUpdate :: GetOTAUpdateResponse -> TestTree
+responseGetOTAUpdate =
+  res
+    "GetOTAUpdateResponse"
+    "fixture/GetOTAUpdateResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetOTAUpdate)
+
+responseGetPercentiles :: GetPercentilesResponse -> TestTree
+responseGetPercentiles =
+  res
+    "GetPercentilesResponse"
+    "fixture/GetPercentilesResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetPercentiles)
+
+responseGetPolicy :: GetPolicyResponse -> TestTree
+responseGetPolicy =
+  res
+    "GetPolicyResponse"
+    "fixture/GetPolicyResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetPolicy)
+
+responseGetPolicyVersion :: GetPolicyVersionResponse -> TestTree
+responseGetPolicyVersion =
+  res
+    "GetPolicyVersionResponse"
+    "fixture/GetPolicyVersionResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetPolicyVersion)
+
+responseGetRegistrationCode :: GetRegistrationCodeResponse -> TestTree
+responseGetRegistrationCode =
+  res
+    "GetRegistrationCodeResponse"
+    "fixture/GetRegistrationCodeResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetRegistrationCode)
+
+responseGetStatistics :: GetStatisticsResponse -> TestTree
+responseGetStatistics =
+  res
+    "GetStatisticsResponse"
+    "fixture/GetStatisticsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetStatistics)
+
+responseGetTopicRule :: GetTopicRuleResponse -> TestTree
+responseGetTopicRule =
+  res
+    "GetTopicRuleResponse"
+    "fixture/GetTopicRuleResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetTopicRule)
+
+responseGetTopicRuleDestination :: GetTopicRuleDestinationResponse -> TestTree
+responseGetTopicRuleDestination =
+  res
+    "GetTopicRuleDestinationResponse"
+    "fixture/GetTopicRuleDestinationResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetTopicRuleDestination)
+
+responseGetV2LoggingOptions :: GetV2LoggingOptionsResponse -> TestTree
+responseGetV2LoggingOptions =
+  res
+    "GetV2LoggingOptionsResponse"
+    "fixture/GetV2LoggingOptionsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetV2LoggingOptions)
+
+responseListActiveViolations :: ListActiveViolationsResponse -> TestTree
+responseListActiveViolations =
+  res
+    "ListActiveViolationsResponse"
+    "fixture/ListActiveViolationsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListActiveViolations)
+
+responseListAttachedPolicies :: ListAttachedPoliciesResponse -> TestTree
+responseListAttachedPolicies =
+  res
+    "ListAttachedPoliciesResponse"
+    "fixture/ListAttachedPoliciesResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListAttachedPolicies)
+
+responseListAuditFindings :: ListAuditFindingsResponse -> TestTree
+responseListAuditFindings =
+  res
+    "ListAuditFindingsResponse"
+    "fixture/ListAuditFindingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListAuditFindings)
+
+responseListAuditMitigationActionsExecutions :: ListAuditMitigationActionsExecutionsResponse -> TestTree
+responseListAuditMitigationActionsExecutions =
+  res
+    "ListAuditMitigationActionsExecutionsResponse"
+    "fixture/ListAuditMitigationActionsExecutionsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListAuditMitigationActionsExecutions)
+
+responseListAuditMitigationActionsTasks :: ListAuditMitigationActionsTasksResponse -> TestTree
+responseListAuditMitigationActionsTasks =
+  res
+    "ListAuditMitigationActionsTasksResponse"
+    "fixture/ListAuditMitigationActionsTasksResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListAuditMitigationActionsTasks)
+
+responseListAuditSuppressions :: ListAuditSuppressionsResponse -> TestTree
+responseListAuditSuppressions =
+  res
+    "ListAuditSuppressionsResponse"
+    "fixture/ListAuditSuppressionsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListAuditSuppressions)
+
+responseListAuditTasks :: ListAuditTasksResponse -> TestTree
+responseListAuditTasks =
+  res
+    "ListAuditTasksResponse"
+    "fixture/ListAuditTasksResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListAuditTasks)
+
+responseListAuthorizers :: ListAuthorizersResponse -> TestTree
+responseListAuthorizers =
+  res
+    "ListAuthorizersResponse"
+    "fixture/ListAuthorizersResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListAuthorizers)
+
+responseListBillingGroups :: ListBillingGroupsResponse -> TestTree
+responseListBillingGroups =
+  res
+    "ListBillingGroupsResponse"
+    "fixture/ListBillingGroupsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListBillingGroups)
+
+responseListCACertificates :: ListCACertificatesResponse -> TestTree
+responseListCACertificates =
+  res
+    "ListCACertificatesResponse"
+    "fixture/ListCACertificatesResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListCACertificates)
+
+responseListCertificates :: ListCertificatesResponse -> TestTree
+responseListCertificates =
+  res
+    "ListCertificatesResponse"
+    "fixture/ListCertificatesResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListCertificates)
+
+responseListCertificatesByCA :: ListCertificatesByCAResponse -> TestTree
+responseListCertificatesByCA =
+  res
+    "ListCertificatesByCAResponse"
+    "fixture/ListCertificatesByCAResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListCertificatesByCA)
+
+responseListCustomMetrics :: ListCustomMetricsResponse -> TestTree
+responseListCustomMetrics =
+  res
+    "ListCustomMetricsResponse"
+    "fixture/ListCustomMetricsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListCustomMetrics)
+
+responseListDetectMitigationActionsExecutions :: ListDetectMitigationActionsExecutionsResponse -> TestTree
+responseListDetectMitigationActionsExecutions =
+  res
+    "ListDetectMitigationActionsExecutionsResponse"
+    "fixture/ListDetectMitigationActionsExecutionsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListDetectMitigationActionsExecutions)
+
+responseListDetectMitigationActionsTasks :: ListDetectMitigationActionsTasksResponse -> TestTree
+responseListDetectMitigationActionsTasks =
+  res
+    "ListDetectMitigationActionsTasksResponse"
+    "fixture/ListDetectMitigationActionsTasksResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListDetectMitigationActionsTasks)
+
+responseListDimensions :: ListDimensionsResponse -> TestTree
+responseListDimensions =
+  res
+    "ListDimensionsResponse"
+    "fixture/ListDimensionsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListDimensions)
+
+responseListDomainConfigurations :: ListDomainConfigurationsResponse -> TestTree
+responseListDomainConfigurations =
+  res
+    "ListDomainConfigurationsResponse"
+    "fixture/ListDomainConfigurationsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListDomainConfigurations)
+
+responseListFleetMetrics :: ListFleetMetricsResponse -> TestTree
+responseListFleetMetrics =
+  res
+    "ListFleetMetricsResponse"
+    "fixture/ListFleetMetricsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListFleetMetrics)
+
+responseListIndices :: ListIndicesResponse -> TestTree
+responseListIndices =
+  res
+    "ListIndicesResponse"
+    "fixture/ListIndicesResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListIndices)
+
+responseListJobExecutionsForJob :: ListJobExecutionsForJobResponse -> TestTree
+responseListJobExecutionsForJob =
+  res
+    "ListJobExecutionsForJobResponse"
+    "fixture/ListJobExecutionsForJobResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListJobExecutionsForJob)
+
+responseListJobExecutionsForThing :: ListJobExecutionsForThingResponse -> TestTree
+responseListJobExecutionsForThing =
+  res
+    "ListJobExecutionsForThingResponse"
+    "fixture/ListJobExecutionsForThingResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListJobExecutionsForThing)
+
+responseListJobTemplates :: ListJobTemplatesResponse -> TestTree
+responseListJobTemplates =
+  res
+    "ListJobTemplatesResponse"
+    "fixture/ListJobTemplatesResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListJobTemplates)
+
+responseListJobs :: ListJobsResponse -> TestTree
+responseListJobs =
+  res
+    "ListJobsResponse"
+    "fixture/ListJobsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListJobs)
+
+responseListManagedJobTemplates :: ListManagedJobTemplatesResponse -> TestTree
+responseListManagedJobTemplates =
+  res
+    "ListManagedJobTemplatesResponse"
+    "fixture/ListManagedJobTemplatesResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListManagedJobTemplates)
+
+responseListMetricValues :: ListMetricValuesResponse -> TestTree
+responseListMetricValues =
+  res
+    "ListMetricValuesResponse"
+    "fixture/ListMetricValuesResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListMetricValues)
+
+responseListMitigationActions :: ListMitigationActionsResponse -> TestTree
+responseListMitigationActions =
+  res
+    "ListMitigationActionsResponse"
+    "fixture/ListMitigationActionsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListMitigationActions)
+
+responseListOTAUpdates :: ListOTAUpdatesResponse -> TestTree
+responseListOTAUpdates =
+  res
+    "ListOTAUpdatesResponse"
+    "fixture/ListOTAUpdatesResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListOTAUpdates)
+
+responseListOutgoingCertificates :: ListOutgoingCertificatesResponse -> TestTree
+responseListOutgoingCertificates =
+  res
+    "ListOutgoingCertificatesResponse"
+    "fixture/ListOutgoingCertificatesResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListOutgoingCertificates)
+
+responseListPolicies :: ListPoliciesResponse -> TestTree
+responseListPolicies =
+  res
+    "ListPoliciesResponse"
+    "fixture/ListPoliciesResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListPolicies)
+
+responseListPolicyVersions :: ListPolicyVersionsResponse -> TestTree
+responseListPolicyVersions =
+  res
+    "ListPolicyVersionsResponse"
+    "fixture/ListPolicyVersionsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListPolicyVersions)
+
+responseListPrincipalThings :: ListPrincipalThingsResponse -> TestTree
+responseListPrincipalThings =
+  res
+    "ListPrincipalThingsResponse"
+    "fixture/ListPrincipalThingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListPrincipalThings)
+
+responseListProvisioningTemplateVersions :: ListProvisioningTemplateVersionsResponse -> TestTree
+responseListProvisioningTemplateVersions =
+  res
+    "ListProvisioningTemplateVersionsResponse"
+    "fixture/ListProvisioningTemplateVersionsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListProvisioningTemplateVersions)
+
+responseListProvisioningTemplates :: ListProvisioningTemplatesResponse -> TestTree
+responseListProvisioningTemplates =
+  res
+    "ListProvisioningTemplatesResponse"
+    "fixture/ListProvisioningTemplatesResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListProvisioningTemplates)
+
+responseListRelatedResourcesForAuditFinding :: ListRelatedResourcesForAuditFindingResponse -> TestTree
+responseListRelatedResourcesForAuditFinding =
+  res
+    "ListRelatedResourcesForAuditFindingResponse"
+    "fixture/ListRelatedResourcesForAuditFindingResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListRelatedResourcesForAuditFinding)
+
+responseListRoleAliases :: ListRoleAliasesResponse -> TestTree
+responseListRoleAliases =
+  res
+    "ListRoleAliasesResponse"
+    "fixture/ListRoleAliasesResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListRoleAliases)
+
+responseListScheduledAudits :: ListScheduledAuditsResponse -> TestTree
+responseListScheduledAudits =
+  res
+    "ListScheduledAuditsResponse"
+    "fixture/ListScheduledAuditsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListScheduledAudits)
+
+responseListSecurityProfiles :: ListSecurityProfilesResponse -> TestTree
+responseListSecurityProfiles =
+  res
+    "ListSecurityProfilesResponse"
+    "fixture/ListSecurityProfilesResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListSecurityProfiles)
+
+responseListSecurityProfilesForTarget :: ListSecurityProfilesForTargetResponse -> TestTree
+responseListSecurityProfilesForTarget =
+  res
+    "ListSecurityProfilesForTargetResponse"
+    "fixture/ListSecurityProfilesForTargetResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListSecurityProfilesForTarget)
+
+responseListStreams :: ListStreamsResponse -> TestTree
+responseListStreams =
+  res
+    "ListStreamsResponse"
+    "fixture/ListStreamsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListStreams)
+
+responseListTagsForResource :: ListTagsForResourceResponse -> TestTree
+responseListTagsForResource =
+  res
+    "ListTagsForResourceResponse"
+    "fixture/ListTagsForResourceResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListTagsForResource)
+
+responseListTargetsForPolicy :: ListTargetsForPolicyResponse -> TestTree
+responseListTargetsForPolicy =
+  res
+    "ListTargetsForPolicyResponse"
+    "fixture/ListTargetsForPolicyResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListTargetsForPolicy)
+
+responseListTargetsForSecurityProfile :: ListTargetsForSecurityProfileResponse -> TestTree
+responseListTargetsForSecurityProfile =
+  res
+    "ListTargetsForSecurityProfileResponse"
+    "fixture/ListTargetsForSecurityProfileResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListTargetsForSecurityProfile)
+
+responseListThingGroups :: ListThingGroupsResponse -> TestTree
+responseListThingGroups =
+  res
+    "ListThingGroupsResponse"
+    "fixture/ListThingGroupsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListThingGroups)
+
+responseListThingGroupsForThing :: ListThingGroupsForThingResponse -> TestTree
+responseListThingGroupsForThing =
+  res
+    "ListThingGroupsForThingResponse"
+    "fixture/ListThingGroupsForThingResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListThingGroupsForThing)
+
+responseListThingPrincipals :: ListThingPrincipalsResponse -> TestTree
+responseListThingPrincipals =
+  res
+    "ListThingPrincipalsResponse"
+    "fixture/ListThingPrincipalsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListThingPrincipals)
+
+responseListThingRegistrationTaskReports :: ListThingRegistrationTaskReportsResponse -> TestTree
+responseListThingRegistrationTaskReports =
+  res
+    "ListThingRegistrationTaskReportsResponse"
+    "fixture/ListThingRegistrationTaskReportsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListThingRegistrationTaskReports)
+
+responseListThingRegistrationTasks :: ListThingRegistrationTasksResponse -> TestTree
+responseListThingRegistrationTasks =
+  res
+    "ListThingRegistrationTasksResponse"
+    "fixture/ListThingRegistrationTasksResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListThingRegistrationTasks)
+
+responseListThingTypes :: ListThingTypesResponse -> TestTree
+responseListThingTypes =
+  res
+    "ListThingTypesResponse"
+    "fixture/ListThingTypesResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListThingTypes)
+
+responseListThings :: ListThingsResponse -> TestTree
+responseListThings =
+  res
+    "ListThingsResponse"
+    "fixture/ListThingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListThings)
+
+responseListThingsInBillingGroup :: ListThingsInBillingGroupResponse -> TestTree
+responseListThingsInBillingGroup =
+  res
+    "ListThingsInBillingGroupResponse"
+    "fixture/ListThingsInBillingGroupResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListThingsInBillingGroup)
+
+responseListThingsInThingGroup :: ListThingsInThingGroupResponse -> TestTree
+responseListThingsInThingGroup =
+  res
+    "ListThingsInThingGroupResponse"
+    "fixture/ListThingsInThingGroupResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListThingsInThingGroup)
+
+responseListTopicRuleDestinations :: ListTopicRuleDestinationsResponse -> TestTree
+responseListTopicRuleDestinations =
+  res
+    "ListTopicRuleDestinationsResponse"
+    "fixture/ListTopicRuleDestinationsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListTopicRuleDestinations)
+
+responseListTopicRules :: ListTopicRulesResponse -> TestTree
+responseListTopicRules =
+  res
+    "ListTopicRulesResponse"
+    "fixture/ListTopicRulesResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListTopicRules)
+
+responseListV2LoggingLevels :: ListV2LoggingLevelsResponse -> TestTree
+responseListV2LoggingLevels =
+  res
+    "ListV2LoggingLevelsResponse"
+    "fixture/ListV2LoggingLevelsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListV2LoggingLevels)
+
+responseListViolationEvents :: ListViolationEventsResponse -> TestTree
+responseListViolationEvents =
+  res
+    "ListViolationEventsResponse"
+    "fixture/ListViolationEventsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListViolationEvents)
+
+responsePutVerificationStateOnViolation :: PutVerificationStateOnViolationResponse -> TestTree
+responsePutVerificationStateOnViolation =
+  res
+    "PutVerificationStateOnViolationResponse"
+    "fixture/PutVerificationStateOnViolationResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy PutVerificationStateOnViolation)
+
+responseRegisterCACertificate :: RegisterCACertificateResponse -> TestTree
+responseRegisterCACertificate =
+  res
+    "RegisterCACertificateResponse"
+    "fixture/RegisterCACertificateResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy RegisterCACertificate)
+
+responseRegisterCertificate :: RegisterCertificateResponse -> TestTree
+responseRegisterCertificate =
+  res
+    "RegisterCertificateResponse"
+    "fixture/RegisterCertificateResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy RegisterCertificate)
+
+responseRegisterCertificateWithoutCA :: RegisterCertificateWithoutCAResponse -> TestTree
+responseRegisterCertificateWithoutCA =
+  res
+    "RegisterCertificateWithoutCAResponse"
+    "fixture/RegisterCertificateWithoutCAResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy RegisterCertificateWithoutCA)
+
+responseRegisterThing :: RegisterThingResponse -> TestTree
+responseRegisterThing =
+  res
+    "RegisterThingResponse"
+    "fixture/RegisterThingResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy RegisterThing)
+
+responseRejectCertificateTransfer :: RejectCertificateTransferResponse -> TestTree
+responseRejectCertificateTransfer =
+  res
+    "RejectCertificateTransferResponse"
+    "fixture/RejectCertificateTransferResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy RejectCertificateTransfer)
+
+responseRemoveThingFromBillingGroup :: RemoveThingFromBillingGroupResponse -> TestTree
+responseRemoveThingFromBillingGroup =
+  res
+    "RemoveThingFromBillingGroupResponse"
+    "fixture/RemoveThingFromBillingGroupResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy RemoveThingFromBillingGroup)
+
+responseRemoveThingFromThingGroup :: RemoveThingFromThingGroupResponse -> TestTree
+responseRemoveThingFromThingGroup =
+  res
+    "RemoveThingFromThingGroupResponse"
+    "fixture/RemoveThingFromThingGroupResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy RemoveThingFromThingGroup)
+
+responseReplaceTopicRule :: ReplaceTopicRuleResponse -> TestTree
+responseReplaceTopicRule =
+  res
+    "ReplaceTopicRuleResponse"
+    "fixture/ReplaceTopicRuleResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ReplaceTopicRule)
+
+responseSearchIndex :: SearchIndexResponse -> TestTree
+responseSearchIndex =
+  res
+    "SearchIndexResponse"
+    "fixture/SearchIndexResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy SearchIndex)
+
+responseSetDefaultAuthorizer :: SetDefaultAuthorizerResponse -> TestTree
+responseSetDefaultAuthorizer =
+  res
+    "SetDefaultAuthorizerResponse"
+    "fixture/SetDefaultAuthorizerResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy SetDefaultAuthorizer)
+
+responseSetDefaultPolicyVersion :: SetDefaultPolicyVersionResponse -> TestTree
+responseSetDefaultPolicyVersion =
+  res
+    "SetDefaultPolicyVersionResponse"
+    "fixture/SetDefaultPolicyVersionResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy SetDefaultPolicyVersion)
+
+responseSetLoggingOptions :: SetLoggingOptionsResponse -> TestTree
+responseSetLoggingOptions =
+  res
+    "SetLoggingOptionsResponse"
+    "fixture/SetLoggingOptionsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy SetLoggingOptions)
+
+responseSetV2LoggingLevel :: SetV2LoggingLevelResponse -> TestTree
+responseSetV2LoggingLevel =
+  res
+    "SetV2LoggingLevelResponse"
+    "fixture/SetV2LoggingLevelResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy SetV2LoggingLevel)
+
+responseSetV2LoggingOptions :: SetV2LoggingOptionsResponse -> TestTree
+responseSetV2LoggingOptions =
+  res
+    "SetV2LoggingOptionsResponse"
+    "fixture/SetV2LoggingOptionsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy SetV2LoggingOptions)
+
+responseStartAuditMitigationActionsTask :: StartAuditMitigationActionsTaskResponse -> TestTree
+responseStartAuditMitigationActionsTask =
+  res
+    "StartAuditMitigationActionsTaskResponse"
+    "fixture/StartAuditMitigationActionsTaskResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy StartAuditMitigationActionsTask)
+
+responseStartDetectMitigationActionsTask :: StartDetectMitigationActionsTaskResponse -> TestTree
+responseStartDetectMitigationActionsTask =
+  res
+    "StartDetectMitigationActionsTaskResponse"
+    "fixture/StartDetectMitigationActionsTaskResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy StartDetectMitigationActionsTask)
+
+responseStartOnDemandAuditTask :: StartOnDemandAuditTaskResponse -> TestTree
+responseStartOnDemandAuditTask =
+  res
+    "StartOnDemandAuditTaskResponse"
+    "fixture/StartOnDemandAuditTaskResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy StartOnDemandAuditTask)
+
+responseStartThingRegistrationTask :: StartThingRegistrationTaskResponse -> TestTree
+responseStartThingRegistrationTask =
+  res
+    "StartThingRegistrationTaskResponse"
+    "fixture/StartThingRegistrationTaskResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy StartThingRegistrationTask)
+
+responseStopThingRegistrationTask :: StopThingRegistrationTaskResponse -> TestTree
+responseStopThingRegistrationTask =
+  res
+    "StopThingRegistrationTaskResponse"
+    "fixture/StopThingRegistrationTaskResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy StopThingRegistrationTask)
+
+responseTagResource :: TagResourceResponse -> TestTree
+responseTagResource =
+  res
+    "TagResourceResponse"
+    "fixture/TagResourceResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy TagResource)
+
+responseTestAuthorization :: TestAuthorizationResponse -> TestTree
+responseTestAuthorization =
+  res
+    "TestAuthorizationResponse"
+    "fixture/TestAuthorizationResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy TestAuthorization)
+
+responseTestInvokeAuthorizer :: TestInvokeAuthorizerResponse -> TestTree
+responseTestInvokeAuthorizer =
+  res
+    "TestInvokeAuthorizerResponse"
+    "fixture/TestInvokeAuthorizerResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy TestInvokeAuthorizer)
+
+responseTransferCertificate :: TransferCertificateResponse -> TestTree
+responseTransferCertificate =
+  res
+    "TransferCertificateResponse"
+    "fixture/TransferCertificateResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy TransferCertificate)
+
+responseUntagResource :: UntagResourceResponse -> TestTree
+responseUntagResource =
+  res
+    "UntagResourceResponse"
+    "fixture/UntagResourceResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UntagResource)
+
+responseUpdateAccountAuditConfiguration :: UpdateAccountAuditConfigurationResponse -> TestTree
+responseUpdateAccountAuditConfiguration =
+  res
+    "UpdateAccountAuditConfigurationResponse"
+    "fixture/UpdateAccountAuditConfigurationResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateAccountAuditConfiguration)
+
+responseUpdateAuditSuppression :: UpdateAuditSuppressionResponse -> TestTree
+responseUpdateAuditSuppression =
+  res
+    "UpdateAuditSuppressionResponse"
+    "fixture/UpdateAuditSuppressionResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateAuditSuppression)
+
+responseUpdateAuthorizer :: UpdateAuthorizerResponse -> TestTree
+responseUpdateAuthorizer =
+  res
+    "UpdateAuthorizerResponse"
+    "fixture/UpdateAuthorizerResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateAuthorizer)
+
+responseUpdateBillingGroup :: UpdateBillingGroupResponse -> TestTree
+responseUpdateBillingGroup =
+  res
+    "UpdateBillingGroupResponse"
+    "fixture/UpdateBillingGroupResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateBillingGroup)
+
+responseUpdateCACertificate :: UpdateCACertificateResponse -> TestTree
+responseUpdateCACertificate =
+  res
+    "UpdateCACertificateResponse"
+    "fixture/UpdateCACertificateResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateCACertificate)
+
+responseUpdateCertificate :: UpdateCertificateResponse -> TestTree
+responseUpdateCertificate =
+  res
+    "UpdateCertificateResponse"
+    "fixture/UpdateCertificateResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateCertificate)
+
+responseUpdateCustomMetric :: UpdateCustomMetricResponse -> TestTree
+responseUpdateCustomMetric =
+  res
+    "UpdateCustomMetricResponse"
+    "fixture/UpdateCustomMetricResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateCustomMetric)
+
+responseUpdateDimension :: UpdateDimensionResponse -> TestTree
+responseUpdateDimension =
+  res
+    "UpdateDimensionResponse"
+    "fixture/UpdateDimensionResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateDimension)
+
+responseUpdateDomainConfiguration :: UpdateDomainConfigurationResponse -> TestTree
+responseUpdateDomainConfiguration =
+  res
+    "UpdateDomainConfigurationResponse"
+    "fixture/UpdateDomainConfigurationResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateDomainConfiguration)
+
+responseUpdateDynamicThingGroup :: UpdateDynamicThingGroupResponse -> TestTree
+responseUpdateDynamicThingGroup =
+  res
+    "UpdateDynamicThingGroupResponse"
+    "fixture/UpdateDynamicThingGroupResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateDynamicThingGroup)
+
+responseUpdateEventConfigurations :: UpdateEventConfigurationsResponse -> TestTree
+responseUpdateEventConfigurations =
+  res
+    "UpdateEventConfigurationsResponse"
+    "fixture/UpdateEventConfigurationsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateEventConfigurations)
+
+responseUpdateFleetMetric :: UpdateFleetMetricResponse -> TestTree
+responseUpdateFleetMetric =
+  res
+    "UpdateFleetMetricResponse"
+    "fixture/UpdateFleetMetricResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateFleetMetric)
+
+responseUpdateIndexingConfiguration :: UpdateIndexingConfigurationResponse -> TestTree
+responseUpdateIndexingConfiguration =
+  res
+    "UpdateIndexingConfigurationResponse"
+    "fixture/UpdateIndexingConfigurationResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateIndexingConfiguration)
+
+responseUpdateJob :: UpdateJobResponse -> TestTree
+responseUpdateJob =
+  res
+    "UpdateJobResponse"
+    "fixture/UpdateJobResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateJob)
+
+responseUpdateMitigationAction :: UpdateMitigationActionResponse -> TestTree
+responseUpdateMitigationAction =
+  res
+    "UpdateMitigationActionResponse"
+    "fixture/UpdateMitigationActionResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateMitigationAction)
+
+responseUpdateProvisioningTemplate :: UpdateProvisioningTemplateResponse -> TestTree
+responseUpdateProvisioningTemplate =
+  res
+    "UpdateProvisioningTemplateResponse"
+    "fixture/UpdateProvisioningTemplateResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateProvisioningTemplate)
+
+responseUpdateRoleAlias :: UpdateRoleAliasResponse -> TestTree
+responseUpdateRoleAlias =
+  res
+    "UpdateRoleAliasResponse"
+    "fixture/UpdateRoleAliasResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateRoleAlias)
+
+responseUpdateScheduledAudit :: UpdateScheduledAuditResponse -> TestTree
+responseUpdateScheduledAudit =
+  res
+    "UpdateScheduledAuditResponse"
+    "fixture/UpdateScheduledAuditResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateScheduledAudit)
+
+responseUpdateSecurityProfile :: UpdateSecurityProfileResponse -> TestTree
+responseUpdateSecurityProfile =
+  res
+    "UpdateSecurityProfileResponse"
+    "fixture/UpdateSecurityProfileResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateSecurityProfile)
+
+responseUpdateStream :: UpdateStreamResponse -> TestTree
+responseUpdateStream =
+  res
+    "UpdateStreamResponse"
+    "fixture/UpdateStreamResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateStream)
+
+responseUpdateThing :: UpdateThingResponse -> TestTree
+responseUpdateThing =
+  res
+    "UpdateThingResponse"
+    "fixture/UpdateThingResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateThing)
+
+responseUpdateThingGroup :: UpdateThingGroupResponse -> TestTree
+responseUpdateThingGroup =
+  res
+    "UpdateThingGroupResponse"
+    "fixture/UpdateThingGroupResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateThingGroup)
+
+responseUpdateThingGroupsForThing :: UpdateThingGroupsForThingResponse -> TestTree
+responseUpdateThingGroupsForThing =
+  res
+    "UpdateThingGroupsForThingResponse"
+    "fixture/UpdateThingGroupsForThingResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateThingGroupsForThing)
+
+responseUpdateTopicRuleDestination :: UpdateTopicRuleDestinationResponse -> TestTree
+responseUpdateTopicRuleDestination =
+  res
+    "UpdateTopicRuleDestinationResponse"
+    "fixture/UpdateTopicRuleDestinationResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateTopicRuleDestination)
+
+responseValidateSecurityProfileBehaviors :: ValidateSecurityProfileBehaviorsResponse -> TestTree
+responseValidateSecurityProfileBehaviors =
+  res
+    "ValidateSecurityProfileBehaviorsResponse"
+    "fixture/ValidateSecurityProfileBehaviorsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ValidateSecurityProfileBehaviors)
diff --git a/test/Test/Amazonka/IoT.hs b/test/Test/Amazonka/IoT.hs
new file mode 100644
--- /dev/null
+++ b/test/Test/Amazonka/IoT.hs
@@ -0,0 +1,20 @@
+-- |
+-- Module      : Test.Amazonka.IoT
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Test.Amazonka.IoT
+  ( tests,
+    fixtures,
+  )
+where
+
+import Test.Tasty (TestTree)
+
+tests :: [TestTree]
+tests = []
+
+fixtures :: [TestTree]
+fixtures = []
diff --git a/test/Test/Amazonka/IoT/Internal.hs b/test/Test/Amazonka/IoT/Internal.hs
new file mode 100644
--- /dev/null
+++ b/test/Test/Amazonka/IoT/Internal.hs
@@ -0,0 +1,8 @@
+-- |
+-- Module      : Test.Amazonka.IoT.Internal
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Test.Amazonka.IoT.Internal where
