diff --git a/LICENSE b/LICENSE
new file mode 100644
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,367 @@
+Mozilla Public License Version 2.0
+==================================
+
+1. Definitions
+--------------
+
+1.1. "Contributor"
+    means each individual or legal entity that creates, contributes to
+    the creation of, or owns Covered Software.
+
+1.2. "Contributor Version"
+    means the combination of the Contributions of others (if any) used
+    by a Contributor and that particular Contributor's Contribution.
+
+1.3. "Contribution"
+    means Covered Software of a particular Contributor.
+
+1.4. "Covered Software"
+    means Source Code Form to which the initial Contributor has attached
+    the notice in Exhibit A, the Executable Form of such Source Code
+    Form, and Modifications of such Source Code Form, in each case
+    including portions thereof.
+
+1.5. "Incompatible With Secondary Licenses"
+    means
+
+    (a) that the initial Contributor has attached the notice described
+        in Exhibit B to the Covered Software; or
+
+    (b) that the Covered Software was made available under the terms of
+        version 1.1 or earlier of the License, but not also under the
+        terms of a Secondary License.
+
+1.6. "Executable Form"
+    means any form of the work other than Source Code Form.
+
+1.7. "Larger Work"
+    means a work that combines Covered Software with other material, in
+    a separate file or files, that is not Covered Software.
+
+1.8. "License"
+    means this document.
+
+1.9. "Licensable"
+    means having the right to grant, to the maximum extent possible,
+    whether at the time of the initial grant or subsequently, any and
+    all of the rights conveyed by this License.
+
+1.10. "Modifications"
+    means any of the following:
+
+    (a) any file in Source Code Form that results from an addition to,
+        deletion from, or modification of the contents of Covered
+        Software; or
+
+    (b) any new file in Source Code Form that contains any Covered
+        Software.
+
+1.11. "Patent Claims" of a Contributor
+    means any patent claim(s), including without limitation, method,
+    process, and apparatus claims, in any patent Licensable by such
+    Contributor that would be infringed, but for the grant of the
+    License, by the making, using, selling, offering for sale, having
+    made, import, or transfer of either its Contributions or its
+    Contributor Version.
+
+1.12. "Secondary License"
+    means either the GNU General Public License, Version 2.0, the GNU
+    Lesser General Public License, Version 2.1, the GNU Affero General
+    Public License, Version 3.0, or any later versions of those
+    licenses.
+
+1.13. "Source Code Form"
+    means the form of the work preferred for making modifications.
+
+1.14. "You" (or "Your")
+    means an individual or a legal entity exercising rights under this
+    License. For legal entities, "You" includes any entity that
+    controls, is controlled by, or is under common control with You. For
+    purposes of this definition, "control" means (a) the power, direct
+    or indirect, to cause the direction or management of such entity,
+    whether by contract or otherwise, or (b) ownership of more than
+    fifty percent (50%) of the outstanding shares or beneficial
+    ownership of such entity.
+
+2. License Grants and Conditions
+--------------------------------
+
+2.1. Grants
+
+Each Contributor hereby grants You a world-wide, royalty-free,
+non-exclusive license:
+
+(a) under intellectual property rights (other than patent or trademark)
+    Licensable by such Contributor to use, reproduce, make available,
+    modify, display, perform, distribute, and otherwise exploit its
+    Contributions, either on an unmodified basis, with Modifications, or
+    as part of a Larger Work; and
+
+(b) under Patent Claims of such Contributor to make, use, sell, offer
+    for sale, have made, import, and otherwise transfer either its
+    Contributions or its Contributor Version.
+
+2.2. Effective Date
+
+The licenses granted in Section 2.1 with respect to any Contribution
+become effective for each Contribution on the date the Contributor first
+distributes such Contribution.
+
+2.3. Limitations on Grant Scope
+
+The licenses granted in this Section 2 are the only rights granted under
+this License. No additional rights or licenses will be implied from the
+distribution or licensing of Covered Software under this License.
+Notwithstanding Section 2.1(b) above, no patent license is granted by a
+Contributor:
+
+(a) for any code that a Contributor has removed from Covered Software;
+    or
+
+(b) for infringements caused by: (i) Your and any other third party's
+    modifications of Covered Software, or (ii) the combination of its
+    Contributions with other software (except as part of its Contributor
+    Version); or
+
+(c) under Patent Claims infringed by Covered Software in the absence of
+    its Contributions.
+
+This License does not grant any rights in the trademarks, service marks,
+or logos of any Contributor (except as may be necessary to comply with
+the notice requirements in Section 3.4).
+
+2.4. Subsequent Licenses
+
+No Contributor makes additional grants as a result of Your choice to
+distribute the Covered Software under a subsequent version of this
+License (see Section 10.2) or under the terms of a Secondary License (if
+permitted under the terms of Section 3.3).
+
+2.5. Representation
+
+Each Contributor represents that the Contributor believes its
+Contributions are its original creation(s) or it has sufficient rights
+to grant the rights to its Contributions conveyed by this License.
+
+2.6. Fair Use
+
+This License is not intended to limit any rights You have under
+applicable copyright doctrines of fair use, fair dealing, or other
+equivalents.
+
+2.7. Conditions
+
+Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted
+in Section 2.1.
+
+3. Responsibilities
+-------------------
+
+3.1. Distribution of Source Form
+
+All distribution of Covered Software in Source Code Form, including any
+Modifications that You create or to which You contribute, must be under
+the terms of this License. You must inform recipients that the Source
+Code Form of the Covered Software is governed by the terms of this
+License, and how they can obtain a copy of this License. You may not
+attempt to alter or restrict the recipients' rights in the Source Code
+Form.
+
+3.2. Distribution of Executable Form
+
+If You distribute Covered Software in Executable Form then:
+
+(a) such Covered Software must also be made available in Source Code
+    Form, as described in Section 3.1, and You must inform recipients of
+    the Executable Form how they can obtain a copy of such Source Code
+    Form by reasonable means in a timely manner, at a charge no more
+    than the cost of distribution to the recipient; and
+
+(b) You may distribute such Executable Form under the terms of this
+    License, or sublicense it under different terms, provided that the
+    license for the Executable Form does not attempt to limit or alter
+    the recipients' rights in the Source Code Form under this License.
+
+3.3. Distribution of a Larger Work
+
+You may create and distribute a Larger Work under terms of Your choice,
+provided that You also comply with the requirements of this License for
+the Covered Software. If the Larger Work is a combination of Covered
+Software with a work governed by one or more Secondary Licenses, and the
+Covered Software is not Incompatible With Secondary Licenses, this
+License permits You to additionally distribute such Covered Software
+under the terms of such Secondary License(s), so that the recipient of
+the Larger Work may, at their option, further distribute the Covered
+Software under the terms of either this License or such Secondary
+License(s).
+
+3.4. Notices
+
+You may not remove or alter the substance of any license notices
+(including copyright notices, patent notices, disclaimers of warranty,
+or limitations of liability) contained within the Source Code Form of
+the Covered Software, except that You may alter any license notices to
+the extent required to remedy known factual inaccuracies.
+
+3.5. Application of Additional Terms
+
+You may choose to offer, and to charge a fee for, warranty, support,
+indemnity or liability obligations to one or more recipients of Covered
+Software. However, You may do so only on Your own behalf, and not on
+behalf of any Contributor. You must make it absolutely clear that any
+such warranty, support, indemnity, or liability obligation is offered by
+You alone, and You hereby agree to indemnify every Contributor for any
+liability incurred by such Contributor as a result of warranty, support,
+indemnity or liability terms You offer. You may include additional
+disclaimers of warranty and limitations of liability specific to any
+jurisdiction.
+
+4. Inability to Comply Due to Statute or Regulation
+---------------------------------------------------
+
+If it is impossible for You to comply with any of the terms of this
+License with respect to some or all of the Covered Software due to
+statute, judicial order, or regulation then You must: (a) comply with
+the terms of this License to the maximum extent possible; and (b)
+describe the limitations and the code they affect. Such description must
+be placed in a text file included with all distributions of the Covered
+Software under this License. Except to the extent prohibited by statute
+or regulation, such description must be sufficiently detailed for a
+recipient of ordinary skill to be able to understand it.
+
+5. Termination
+--------------
+
+5.1. The rights granted under this License will terminate automatically
+if You fail to comply with any of its terms. However, if You become
+compliant, then the rights granted under this License from a particular
+Contributor are reinstated (a) provisionally, unless and until such
+Contributor explicitly and finally terminates Your grants, and (b) on an
+ongoing basis, if such Contributor fails to notify You of the
+non-compliance by some reasonable means prior to 60 days after You have
+come back into compliance. Moreover, Your grants from a particular
+Contributor are reinstated on an ongoing basis if such Contributor
+notifies You of the non-compliance by some reasonable means, this is the
+first time You have received notice of non-compliance with this License
+from such Contributor, and You become compliant prior to 30 days after
+Your receipt of the notice.
+
+5.2. If You initiate litigation against any entity by asserting a patent
+infringement claim (excluding declaratory judgment actions,
+counter-claims, and cross-claims) alleging that a Contributor Version
+directly or indirectly infringes any patent, then the rights granted to
+You by any and all Contributors for the Covered Software under Section
+2.1 of this License shall terminate.
+
+5.3. In the event of termination under Sections 5.1 or 5.2 above, all
+end user license agreements (excluding distributors and resellers) which
+have been validly granted by You or Your distributors under this License
+prior to termination shall survive termination.
+
+************************************************************************
+*                                                                      *
+*  6. Disclaimer of Warranty                                           *
+*  -------------------------                                           *
+*                                                                      *
+*  Covered Software is provided under this License on an "as is"       *
+*  basis, without warranty of any kind, either expressed, implied, or  *
+*  statutory, including, without limitation, warranties that the       *
+*  Covered Software is free of defects, merchantable, fit for a        *
+*  particular purpose or non-infringing. The entire risk as to the     *
+*  quality and performance of the Covered Software is with You.        *
+*  Should any Covered Software prove defective in any respect, You     *
+*  (not any Contributor) assume the cost of any necessary servicing,   *
+*  repair, or correction. This disclaimer of warranty constitutes an   *
+*  essential part of this License. No use of any Covered Software is   *
+*  authorized under this License except under this disclaimer.         *
+*                                                                      *
+************************************************************************
+
+************************************************************************
+*                                                                      *
+*  7. Limitation of Liability                                          *
+*  --------------------------                                          *
+*                                                                      *
+*  Under no circumstances and under no legal theory, whether tort      *
+*  (including negligence), contract, or otherwise, shall any           *
+*  Contributor, or anyone who distributes Covered Software as          *
+*  permitted above, be liable to You for any direct, indirect,         *
+*  special, incidental, or consequential damages of any character      *
+*  including, without limitation, damages for lost profits, loss of    *
+*  goodwill, work stoppage, computer failure or malfunction, or any    *
+*  and all other commercial damages or losses, even if such party      *
+*  shall have been informed of the possibility of such damages. This   *
+*  limitation of liability shall not apply to liability for death or   *
+*  personal injury resulting from such party's negligence to the       *
+*  extent applicable law prohibits such limitation. Some               *
+*  jurisdictions do not allow the exclusion or limitation of           *
+*  incidental or consequential damages, so this exclusion and          *
+*  limitation may not apply to You.                                    *
+*                                                                      *
+************************************************************************
+
+8. Litigation
+-------------
+
+Any litigation relating to this License may be brought only in the
+courts of a jurisdiction where the defendant maintains its principal
+place of business and such litigation shall be governed by laws of that
+jurisdiction, without reference to its conflict-of-law provisions.
+Nothing in this Section shall prevent a party's ability to bring
+cross-claims or counter-claims.
+
+9. Miscellaneous
+----------------
+
+This License represents the complete agreement concerning the subject
+matter hereof. If any provision of this License is held to be
+unenforceable, such provision shall be reformed only to the extent
+necessary to make it enforceable. Any law or regulation which provides
+that the language of a contract shall be construed against the drafter
+shall not be used to construe this License against a Contributor.
+
+10. Versions of the License
+---------------------------
+
+10.1. New Versions
+
+Mozilla Foundation is the license steward. Except as provided in Section
+10.3, no one other than the license steward has the right to modify or
+publish new versions of this License. Each version will be given a
+distinguishing version number.
+
+10.2. Effect of New Versions
+
+You may distribute the Covered Software under the terms of the version
+of the License under which You originally received the Covered Software,
+or under the terms of any subsequent version published by the license
+steward.
+
+10.3. Modified Versions
+
+If you create software not governed by this License, and you want to
+create a new license for such software, you may create and use a
+modified version of this License if you rename the license and remove
+any references to the name of the license steward (except to note that
+such modified license differs from this License).
+
+10.4. Distributing Source Code Form that is Incompatible With Secondary
+Licenses
+
+If You choose to distribute Source Code Form that is Incompatible With
+Secondary Licenses under the terms of this version of the License, the
+notice described in Exhibit B of this License must be attached.
+
+Exhibit A - Source Code Form License Notice
+-------------------------------------------
+
+  This Source Code Form is subject to the terms of the Mozilla Public
+  License, v. 2.0. If a copy of the MPL was not distributed with this
+  file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+If it is not possible or desirable to put the notice in a particular
+file, then You may include the notice in a location (such as a LICENSE
+file in a relevant directory) where a recipient would be likely to look
+for such a notice.
+
+You may add additional accurate notices of copyright ownership.
diff --git a/README.md b/README.md
new file mode 100644
--- /dev/null
+++ b/README.md
@@ -0,0 +1,44 @@
+# Amazon Security Lake SDK
+
+* [Version](#version)
+* [Description](#description)
+* [Contribute](#contribute)
+* [Licence](#licence)
+
+
+## Version
+ 
+`2.0` - Derived from API version @2018-05-10@ of the AWS service descriptions, licensed under Apache 2.0.
+
+## Description
+
+Documentation is available via [Hackage](http://hackage.haskell.org/package/amazonka-securitylake)
+and the [AWS API Reference](https://aws.amazon.com/documentation/).
+
+The types from this library are intended to be used with [amazonka](http://hackage.haskell.org/package/amazonka),
+which provides mechanisms for specifying AuthN/AuthZ information, sending requests,
+and receiving responses.
+
+Lenses are used for constructing and manipulating types,
+due to the depth of nesting of AWS types and transparency regarding
+de/serialisation into more palatable Haskell values.
+The provided lenses should be compatible with any of the major lens libraries
+[lens](http://hackage.haskell.org/package/lens) or [lens-family-core](http://hackage.haskell.org/package/lens-family-core).
+
+See [Amazonka.SecurityLake](http://hackage.haskell.org/package/amazonka-securitylake/docs/Amazonka-SecurityLake.html)
+or [the AWS documentation](https://aws.amazon.com/documentation/) to get started.
+
+
+## Contribute
+
+For any problems, comments, or feedback please create an issue [here on GitHub](https://github.com/brendanhay/amazonka/issues).
+
+> _Note:_ this library is an auto-generated Haskell package. Please see `amazonka-gen` for more information.
+
+
+## Licence
+
+`amazonka-securitylake` is released under the [Mozilla Public License Version 2.0](http://www.mozilla.org/MPL/).
+
+Parts of the code are derived from AWS service descriptions, licensed under Apache 2.0.
+Source files subject to this contain an additional licensing clause in their header.
diff --git a/amazonka-securitylake.cabal b/amazonka-securitylake.cabal
new file mode 100644
--- /dev/null
+++ b/amazonka-securitylake.cabal
@@ -0,0 +1,136 @@
+cabal-version:      2.2
+name:               amazonka-securitylake
+version:            2.0
+synopsis:           Amazon Security Lake SDK.
+homepage:           https://github.com/brendanhay/amazonka
+bug-reports:        https://github.com/brendanhay/amazonka/issues
+license:            MPL-2.0
+license-file:       LICENSE
+author:             Brendan Hay
+maintainer:
+  Brendan Hay <brendan.g.hay+amazonka@gmail.com>, Jack Kelly <jack@jackkelly.name>
+
+copyright:          Copyright (c) 2013-2023 Brendan Hay
+category:           AWS
+build-type:         Simple
+extra-source-files:
+  fixture/*.proto
+  fixture/*.yaml
+  README.md
+  src/.gitkeep
+
+description:
+  Derived from API version @2018-05-10@ of the AWS service descriptions, licensed under Apache 2.0.
+  .
+  The types from this library are intended to be used with <http://hackage.haskell.org/package/amazonka amazonka>,
+  which provides mechanisms for specifying AuthN/AuthZ information, sending requests, and receiving responses.
+  .
+  It is recommended to use generic lenses or optics from packages such as <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify optional fields and deconstruct responses.
+  .
+  Generated lenses can be found in "Amazonka.SecurityLake.Lens" and are
+  suitable for use with a lens package such as <http://hackage.haskell.org/package/lens lens> or <http://hackage.haskell.org/package/lens-family-core lens-family-core>.
+  .
+  See "Amazonka.SecurityLake" and the <https://aws.amazon.com/documentation/ AWS documentation> to get started.
+
+source-repository head
+  type:     git
+  location: git://github.com/brendanhay/amazonka.git
+  subdir:   amazonka-securitylake
+
+library
+  default-language: Haskell2010
+  hs-source-dirs:   src gen
+  ghc-options:
+    -Wall -fwarn-incomplete-uni-patterns
+    -fwarn-incomplete-record-updates -funbox-strict-fields
+
+  exposed-modules:
+    Amazonka.SecurityLake
+    Amazonka.SecurityLake.CreateAwsLogSource
+    Amazonka.SecurityLake.CreateCustomLogSource
+    Amazonka.SecurityLake.CreateDatalake
+    Amazonka.SecurityLake.CreateDatalakeAutoEnable
+    Amazonka.SecurityLake.CreateDatalakeDelegatedAdmin
+    Amazonka.SecurityLake.CreateDatalakeExceptionsSubscription
+    Amazonka.SecurityLake.CreateSubscriber
+    Amazonka.SecurityLake.CreateSubscriptionNotificationConfiguration
+    Amazonka.SecurityLake.DeleteAwsLogSource
+    Amazonka.SecurityLake.DeleteCustomLogSource
+    Amazonka.SecurityLake.DeleteDatalake
+    Amazonka.SecurityLake.DeleteDatalakeAutoEnable
+    Amazonka.SecurityLake.DeleteDatalakeDelegatedAdmin
+    Amazonka.SecurityLake.DeleteDatalakeExceptionsSubscription
+    Amazonka.SecurityLake.DeleteSubscriber
+    Amazonka.SecurityLake.DeleteSubscriptionNotificationConfiguration
+    Amazonka.SecurityLake.GetDatalake
+    Amazonka.SecurityLake.GetDatalakeAutoEnable
+    Amazonka.SecurityLake.GetDatalakeExceptionsExpiry
+    Amazonka.SecurityLake.GetDatalakeExceptionsSubscription
+    Amazonka.SecurityLake.GetDatalakeStatus
+    Amazonka.SecurityLake.GetSubscriber
+    Amazonka.SecurityLake.Lens
+    Amazonka.SecurityLake.ListDatalakeExceptions
+    Amazonka.SecurityLake.ListLogSources
+    Amazonka.SecurityLake.ListSubscribers
+    Amazonka.SecurityLake.Types
+    Amazonka.SecurityLake.Types.AccessType
+    Amazonka.SecurityLake.Types.AccountSources
+    Amazonka.SecurityLake.Types.AutoEnableNewRegionConfiguration
+    Amazonka.SecurityLake.Types.AwsLogSourceType
+    Amazonka.SecurityLake.Types.Dimension
+    Amazonka.SecurityLake.Types.EndpointProtocol
+    Amazonka.SecurityLake.Types.Failures
+    Amazonka.SecurityLake.Types.FailuresResponse
+    Amazonka.SecurityLake.Types.HttpsMethod
+    Amazonka.SecurityLake.Types.LakeConfigurationRequest
+    Amazonka.SecurityLake.Types.LakeConfigurationResponse
+    Amazonka.SecurityLake.Types.LogsStatus
+    Amazonka.SecurityLake.Types.OcsfEventClass
+    Amazonka.SecurityLake.Types.ProtocolAndNotificationEndpoint
+    Amazonka.SecurityLake.Types.Region
+    Amazonka.SecurityLake.Types.RetentionSetting
+    Amazonka.SecurityLake.Types.SettingsStatus
+    Amazonka.SecurityLake.Types.SourceStatus
+    Amazonka.SecurityLake.Types.SourceType
+    Amazonka.SecurityLake.Types.StorageClass
+    Amazonka.SecurityLake.Types.SubscriberResource
+    Amazonka.SecurityLake.Types.SubscriptionProtocolType
+    Amazonka.SecurityLake.Types.SubscriptionStatus
+    Amazonka.SecurityLake.UpdateDatalake
+    Amazonka.SecurityLake.UpdateDatalakeExceptionsExpiry
+    Amazonka.SecurityLake.UpdateDatalakeExceptionsSubscription
+    Amazonka.SecurityLake.UpdateSubscriber
+    Amazonka.SecurityLake.UpdateSubscriptionNotificationConfiguration
+    Amazonka.SecurityLake.Waiters
+
+  build-depends:
+    , amazonka-core  >=2.0  && <2.1
+    , base           >=4.12 && <5
+
+test-suite amazonka-securitylake-test
+  type:             exitcode-stdio-1.0
+  default-language: Haskell2010
+  hs-source-dirs:   test
+  main-is:          Main.hs
+  ghc-options:      -Wall -threaded
+
+  -- This section is encoded by the template and any modules added by
+  -- hand outside these namespaces will not correctly be added to the
+  -- distribution package.
+  other-modules:
+    Test.Amazonka.Gen.SecurityLake
+    Test.Amazonka.SecurityLake
+    Test.Amazonka.SecurityLake.Internal
+
+  build-depends:
+    , amazonka-core          >=2.0 && <2.1
+    , amazonka-securitylake
+    , amazonka-test          >=2.0 && <2.1
+    , base
+    , bytestring
+    , case-insensitive
+    , tasty
+    , tasty-hunit
+    , text
+    , time
+    , unordered-containers
diff --git a/fixture/CreateAwsLogSource.yaml b/fixture/CreateAwsLogSource.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateAwsLogSource.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateAwsLogSourceResponse.proto b/fixture/CreateAwsLogSourceResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateAwsLogSourceResponse.proto
diff --git a/fixture/CreateCustomLogSource.yaml b/fixture/CreateCustomLogSource.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateCustomLogSource.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateCustomLogSourceResponse.proto b/fixture/CreateCustomLogSourceResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateCustomLogSourceResponse.proto
diff --git a/fixture/CreateDatalake.yaml b/fixture/CreateDatalake.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateDatalake.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateDatalakeAutoEnable.yaml b/fixture/CreateDatalakeAutoEnable.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateDatalakeAutoEnable.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateDatalakeAutoEnableResponse.proto b/fixture/CreateDatalakeAutoEnableResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateDatalakeAutoEnableResponse.proto
diff --git a/fixture/CreateDatalakeDelegatedAdmin.yaml b/fixture/CreateDatalakeDelegatedAdmin.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateDatalakeDelegatedAdmin.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateDatalakeDelegatedAdminResponse.proto b/fixture/CreateDatalakeDelegatedAdminResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateDatalakeDelegatedAdminResponse.proto
diff --git a/fixture/CreateDatalakeExceptionsSubscription.yaml b/fixture/CreateDatalakeExceptionsSubscription.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateDatalakeExceptionsSubscription.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateDatalakeExceptionsSubscriptionResponse.proto b/fixture/CreateDatalakeExceptionsSubscriptionResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateDatalakeExceptionsSubscriptionResponse.proto
diff --git a/fixture/CreateDatalakeResponse.proto b/fixture/CreateDatalakeResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateDatalakeResponse.proto
diff --git a/fixture/CreateSubscriber.yaml b/fixture/CreateSubscriber.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateSubscriber.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateSubscriberResponse.proto b/fixture/CreateSubscriberResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateSubscriberResponse.proto
diff --git a/fixture/CreateSubscriptionNotificationConfiguration.yaml b/fixture/CreateSubscriptionNotificationConfiguration.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateSubscriptionNotificationConfiguration.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateSubscriptionNotificationConfigurationResponse.proto b/fixture/CreateSubscriptionNotificationConfigurationResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateSubscriptionNotificationConfigurationResponse.proto
diff --git a/fixture/DeleteAwsLogSource.yaml b/fixture/DeleteAwsLogSource.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteAwsLogSource.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteAwsLogSourceResponse.proto b/fixture/DeleteAwsLogSourceResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteAwsLogSourceResponse.proto
diff --git a/fixture/DeleteCustomLogSource.yaml b/fixture/DeleteCustomLogSource.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteCustomLogSource.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteCustomLogSourceResponse.proto b/fixture/DeleteCustomLogSourceResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteCustomLogSourceResponse.proto
diff --git a/fixture/DeleteDatalake.yaml b/fixture/DeleteDatalake.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteDatalake.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteDatalakeAutoEnable.yaml b/fixture/DeleteDatalakeAutoEnable.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteDatalakeAutoEnable.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteDatalakeAutoEnableResponse.proto b/fixture/DeleteDatalakeAutoEnableResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteDatalakeAutoEnableResponse.proto
diff --git a/fixture/DeleteDatalakeDelegatedAdmin.yaml b/fixture/DeleteDatalakeDelegatedAdmin.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteDatalakeDelegatedAdmin.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteDatalakeDelegatedAdminResponse.proto b/fixture/DeleteDatalakeDelegatedAdminResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteDatalakeDelegatedAdminResponse.proto
diff --git a/fixture/DeleteDatalakeExceptionsSubscription.yaml b/fixture/DeleteDatalakeExceptionsSubscription.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteDatalakeExceptionsSubscription.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteDatalakeExceptionsSubscriptionResponse.proto b/fixture/DeleteDatalakeExceptionsSubscriptionResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteDatalakeExceptionsSubscriptionResponse.proto
diff --git a/fixture/DeleteDatalakeResponse.proto b/fixture/DeleteDatalakeResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteDatalakeResponse.proto
diff --git a/fixture/DeleteSubscriber.yaml b/fixture/DeleteSubscriber.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteSubscriber.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteSubscriberResponse.proto b/fixture/DeleteSubscriberResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteSubscriberResponse.proto
diff --git a/fixture/DeleteSubscriptionNotificationConfiguration.yaml b/fixture/DeleteSubscriptionNotificationConfiguration.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteSubscriptionNotificationConfiguration.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteSubscriptionNotificationConfigurationResponse.proto b/fixture/DeleteSubscriptionNotificationConfigurationResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteSubscriptionNotificationConfigurationResponse.proto
diff --git a/fixture/GetDatalake.yaml b/fixture/GetDatalake.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/GetDatalake.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/GetDatalakeAutoEnable.yaml b/fixture/GetDatalakeAutoEnable.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/GetDatalakeAutoEnable.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/GetDatalakeAutoEnableResponse.proto b/fixture/GetDatalakeAutoEnableResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/GetDatalakeAutoEnableResponse.proto
diff --git a/fixture/GetDatalakeExceptionsExpiry.yaml b/fixture/GetDatalakeExceptionsExpiry.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/GetDatalakeExceptionsExpiry.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/GetDatalakeExceptionsExpiryResponse.proto b/fixture/GetDatalakeExceptionsExpiryResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/GetDatalakeExceptionsExpiryResponse.proto
diff --git a/fixture/GetDatalakeExceptionsSubscription.yaml b/fixture/GetDatalakeExceptionsSubscription.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/GetDatalakeExceptionsSubscription.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/GetDatalakeExceptionsSubscriptionResponse.proto b/fixture/GetDatalakeExceptionsSubscriptionResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/GetDatalakeExceptionsSubscriptionResponse.proto
diff --git a/fixture/GetDatalakeResponse.proto b/fixture/GetDatalakeResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/GetDatalakeResponse.proto
diff --git a/fixture/GetDatalakeStatus.yaml b/fixture/GetDatalakeStatus.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/GetDatalakeStatus.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/GetDatalakeStatusResponse.proto b/fixture/GetDatalakeStatusResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/GetDatalakeStatusResponse.proto
diff --git a/fixture/GetSubscriber.yaml b/fixture/GetSubscriber.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/GetSubscriber.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/GetSubscriberResponse.proto b/fixture/GetSubscriberResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/GetSubscriberResponse.proto
diff --git a/fixture/ListDatalakeExceptions.yaml b/fixture/ListDatalakeExceptions.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListDatalakeExceptions.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListDatalakeExceptionsResponse.proto b/fixture/ListDatalakeExceptionsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListDatalakeExceptionsResponse.proto
diff --git a/fixture/ListLogSources.yaml b/fixture/ListLogSources.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListLogSources.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListLogSourcesResponse.proto b/fixture/ListLogSourcesResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListLogSourcesResponse.proto
diff --git a/fixture/ListSubscribers.yaml b/fixture/ListSubscribers.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListSubscribers.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListSubscribersResponse.proto b/fixture/ListSubscribersResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListSubscribersResponse.proto
diff --git a/fixture/UpdateDatalake.yaml b/fixture/UpdateDatalake.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateDatalake.yaml
@@ -0,0 +1,10 @@
+---
+method: PUT
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateDatalakeExceptionsExpiry.yaml b/fixture/UpdateDatalakeExceptionsExpiry.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateDatalakeExceptionsExpiry.yaml
@@ -0,0 +1,10 @@
+---
+method: PUT
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateDatalakeExceptionsExpiryResponse.proto b/fixture/UpdateDatalakeExceptionsExpiryResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateDatalakeExceptionsExpiryResponse.proto
diff --git a/fixture/UpdateDatalakeExceptionsSubscription.yaml b/fixture/UpdateDatalakeExceptionsSubscription.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateDatalakeExceptionsSubscription.yaml
@@ -0,0 +1,10 @@
+---
+method: PUT
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateDatalakeExceptionsSubscriptionResponse.proto b/fixture/UpdateDatalakeExceptionsSubscriptionResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateDatalakeExceptionsSubscriptionResponse.proto
diff --git a/fixture/UpdateDatalakeResponse.proto b/fixture/UpdateDatalakeResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateDatalakeResponse.proto
diff --git a/fixture/UpdateSubscriber.yaml b/fixture/UpdateSubscriber.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateSubscriber.yaml
@@ -0,0 +1,10 @@
+---
+method: PUT
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateSubscriberResponse.proto b/fixture/UpdateSubscriberResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateSubscriberResponse.proto
diff --git a/fixture/UpdateSubscriptionNotificationConfiguration.yaml b/fixture/UpdateSubscriptionNotificationConfiguration.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateSubscriptionNotificationConfiguration.yaml
@@ -0,0 +1,10 @@
+---
+method: PUT
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/securitylake/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  securitylake.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateSubscriptionNotificationConfigurationResponse.proto b/fixture/UpdateSubscriptionNotificationConfigurationResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateSubscriptionNotificationConfigurationResponse.proto
diff --git a/gen/Amazonka/SecurityLake.hs b/gen/Amazonka/SecurityLake.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake.hs
@@ -0,0 +1,440 @@
+{-# OPTIONS_GHC -fno-warn-duplicate-exports #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- |
+-- Module      : Amazonka.SecurityLake
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Derived from API version @2018-05-10@ of the AWS service descriptions, licensed under Apache 2.0.
+--
+-- Amazon Security Lake is in preview release. Your use of the Security
+-- Lake preview is subject to Section 2 of the
+-- <http://aws.amazon.com/service-terms/ Amazon Web Services Service Terms>(\"Betas
+-- and Previews\").
+--
+-- Amazon Security Lake is a fully managed security data lake service. You
+-- can use Security Lake to automatically centralize security data from
+-- cloud, on-premises, and custom sources into a data lake that\'s stored
+-- in your Amazon Web Servicesaccount. Amazon Web Services Organizations is
+-- an account management service that lets you consolidate multiple Amazon
+-- Web Services accounts into an organization that you create and centrally
+-- manage. With Organizations, you can create member accounts and invite
+-- existing accounts to join your organization. Security Lake helps you
+-- analyze security data for a more complete understanding of your security
+-- posture across the entire organization. It can also help you improve the
+-- protection of your workloads, applications, and data.
+--
+-- The data lake is backed by Amazon Simple Storage Service (Amazon S3)
+-- buckets, and you retain ownership over your data.
+--
+-- Amazon Security Lake integrates with CloudTrail, a service that provides
+-- a record of actions taken by a user, role, or an Amazon Web Services
+-- service in Security Lake CloudTrail captures API calls for Security Lake
+-- as events. The calls captured include calls from the Security Lake
+-- console and code calls to the Security Lake API operations. If you
+-- create a trail, you can enable continuous delivery of CloudTrail events
+-- to an Amazon S3 bucket, including events for Security Lake. If you
+-- don\'t configure a trail, you can still view the most recent events in
+-- the CloudTrail console in Event history. Using the information collected
+-- by CloudTrail you can determine the request that was made to Security
+-- Lake, the IP address from which the request was made, who made the
+-- request, when it was made, and additional details. To learn more about
+-- Security Lake information in CloudTrail, see the
+-- <https://docs.aws.amazon.com/security-lake/latest/userguide/securitylake-cloudtrail.html Amazon Security Lake User Guide>.
+--
+-- Security Lake automates the collection of security-related log and event
+-- data from integrated Amazon Web Services and third-party services. It
+-- also helps you manage the lifecycle of data with customizable retention
+-- and replication settings. Security Lake converts ingested data into
+-- Apache Parquet format and a standard open-source schema called the Open
+-- Cybersecurity Schema Framework (OCSF).
+--
+-- Other Amazon Web Services and third-party services can subscribe to the
+-- data that\'s stored in Security Lake for incident response and security
+-- data analytics.
+module Amazonka.SecurityLake
+  ( -- * Service Configuration
+    defaultService,
+
+    -- * Errors
+    -- $errors
+
+    -- ** AccessDeniedException
+    _AccessDeniedException,
+
+    -- ** AccountNotFoundException
+    _AccountNotFoundException,
+
+    -- ** BucketNotFoundException
+    _BucketNotFoundException,
+
+    -- ** ConcurrentModificationException
+    _ConcurrentModificationException,
+
+    -- ** ConflictException
+    _ConflictException,
+
+    -- ** ConflictSourceNamesException
+    _ConflictSourceNamesException,
+
+    -- ** ConflictSubscriptionException
+    _ConflictSubscriptionException,
+
+    -- ** EventBridgeException
+    _EventBridgeException,
+
+    -- ** InternalServerException
+    _InternalServerException,
+
+    -- ** InvalidInputException
+    _InvalidInputException,
+
+    -- ** ResourceNotFoundException
+    _ResourceNotFoundException,
+
+    -- ** S3Exception
+    _S3Exception,
+
+    -- ** ServiceQuotaExceededException
+    _ServiceQuotaExceededException,
+
+    -- ** ThrottlingException
+    _ThrottlingException,
+
+    -- ** ValidationException
+    _ValidationException,
+
+    -- * Waiters
+    -- $waiters
+
+    -- * Operations
+    -- $operations
+
+    -- ** CreateAwsLogSource
+    CreateAwsLogSource (CreateAwsLogSource'),
+    newCreateAwsLogSource,
+    CreateAwsLogSourceResponse (CreateAwsLogSourceResponse'),
+    newCreateAwsLogSourceResponse,
+
+    -- ** CreateCustomLogSource
+    CreateCustomLogSource (CreateCustomLogSource'),
+    newCreateCustomLogSource,
+    CreateCustomLogSourceResponse (CreateCustomLogSourceResponse'),
+    newCreateCustomLogSourceResponse,
+
+    -- ** CreateDatalake
+    CreateDatalake (CreateDatalake'),
+    newCreateDatalake,
+    CreateDatalakeResponse (CreateDatalakeResponse'),
+    newCreateDatalakeResponse,
+
+    -- ** CreateDatalakeAutoEnable
+    CreateDatalakeAutoEnable (CreateDatalakeAutoEnable'),
+    newCreateDatalakeAutoEnable,
+    CreateDatalakeAutoEnableResponse (CreateDatalakeAutoEnableResponse'),
+    newCreateDatalakeAutoEnableResponse,
+
+    -- ** CreateDatalakeDelegatedAdmin
+    CreateDatalakeDelegatedAdmin (CreateDatalakeDelegatedAdmin'),
+    newCreateDatalakeDelegatedAdmin,
+    CreateDatalakeDelegatedAdminResponse (CreateDatalakeDelegatedAdminResponse'),
+    newCreateDatalakeDelegatedAdminResponse,
+
+    -- ** CreateDatalakeExceptionsSubscription
+    CreateDatalakeExceptionsSubscription (CreateDatalakeExceptionsSubscription'),
+    newCreateDatalakeExceptionsSubscription,
+    CreateDatalakeExceptionsSubscriptionResponse (CreateDatalakeExceptionsSubscriptionResponse'),
+    newCreateDatalakeExceptionsSubscriptionResponse,
+
+    -- ** CreateSubscriber
+    CreateSubscriber (CreateSubscriber'),
+    newCreateSubscriber,
+    CreateSubscriberResponse (CreateSubscriberResponse'),
+    newCreateSubscriberResponse,
+
+    -- ** CreateSubscriptionNotificationConfiguration
+    CreateSubscriptionNotificationConfiguration (CreateSubscriptionNotificationConfiguration'),
+    newCreateSubscriptionNotificationConfiguration,
+    CreateSubscriptionNotificationConfigurationResponse (CreateSubscriptionNotificationConfigurationResponse'),
+    newCreateSubscriptionNotificationConfigurationResponse,
+
+    -- ** DeleteAwsLogSource
+    DeleteAwsLogSource (DeleteAwsLogSource'),
+    newDeleteAwsLogSource,
+    DeleteAwsLogSourceResponse (DeleteAwsLogSourceResponse'),
+    newDeleteAwsLogSourceResponse,
+
+    -- ** DeleteCustomLogSource
+    DeleteCustomLogSource (DeleteCustomLogSource'),
+    newDeleteCustomLogSource,
+    DeleteCustomLogSourceResponse (DeleteCustomLogSourceResponse'),
+    newDeleteCustomLogSourceResponse,
+
+    -- ** DeleteDatalake
+    DeleteDatalake (DeleteDatalake'),
+    newDeleteDatalake,
+    DeleteDatalakeResponse (DeleteDatalakeResponse'),
+    newDeleteDatalakeResponse,
+
+    -- ** DeleteDatalakeAutoEnable
+    DeleteDatalakeAutoEnable (DeleteDatalakeAutoEnable'),
+    newDeleteDatalakeAutoEnable,
+    DeleteDatalakeAutoEnableResponse (DeleteDatalakeAutoEnableResponse'),
+    newDeleteDatalakeAutoEnableResponse,
+
+    -- ** DeleteDatalakeDelegatedAdmin
+    DeleteDatalakeDelegatedAdmin (DeleteDatalakeDelegatedAdmin'),
+    newDeleteDatalakeDelegatedAdmin,
+    DeleteDatalakeDelegatedAdminResponse (DeleteDatalakeDelegatedAdminResponse'),
+    newDeleteDatalakeDelegatedAdminResponse,
+
+    -- ** DeleteDatalakeExceptionsSubscription
+    DeleteDatalakeExceptionsSubscription (DeleteDatalakeExceptionsSubscription'),
+    newDeleteDatalakeExceptionsSubscription,
+    DeleteDatalakeExceptionsSubscriptionResponse (DeleteDatalakeExceptionsSubscriptionResponse'),
+    newDeleteDatalakeExceptionsSubscriptionResponse,
+
+    -- ** DeleteSubscriber
+    DeleteSubscriber (DeleteSubscriber'),
+    newDeleteSubscriber,
+    DeleteSubscriberResponse (DeleteSubscriberResponse'),
+    newDeleteSubscriberResponse,
+
+    -- ** DeleteSubscriptionNotificationConfiguration
+    DeleteSubscriptionNotificationConfiguration (DeleteSubscriptionNotificationConfiguration'),
+    newDeleteSubscriptionNotificationConfiguration,
+    DeleteSubscriptionNotificationConfigurationResponse (DeleteSubscriptionNotificationConfigurationResponse'),
+    newDeleteSubscriptionNotificationConfigurationResponse,
+
+    -- ** GetDatalake
+    GetDatalake (GetDatalake'),
+    newGetDatalake,
+    GetDatalakeResponse (GetDatalakeResponse'),
+    newGetDatalakeResponse,
+
+    -- ** GetDatalakeAutoEnable
+    GetDatalakeAutoEnable (GetDatalakeAutoEnable'),
+    newGetDatalakeAutoEnable,
+    GetDatalakeAutoEnableResponse (GetDatalakeAutoEnableResponse'),
+    newGetDatalakeAutoEnableResponse,
+
+    -- ** GetDatalakeExceptionsExpiry
+    GetDatalakeExceptionsExpiry (GetDatalakeExceptionsExpiry'),
+    newGetDatalakeExceptionsExpiry,
+    GetDatalakeExceptionsExpiryResponse (GetDatalakeExceptionsExpiryResponse'),
+    newGetDatalakeExceptionsExpiryResponse,
+
+    -- ** GetDatalakeExceptionsSubscription
+    GetDatalakeExceptionsSubscription (GetDatalakeExceptionsSubscription'),
+    newGetDatalakeExceptionsSubscription,
+    GetDatalakeExceptionsSubscriptionResponse (GetDatalakeExceptionsSubscriptionResponse'),
+    newGetDatalakeExceptionsSubscriptionResponse,
+
+    -- ** GetDatalakeStatus (Paginated)
+    GetDatalakeStatus (GetDatalakeStatus'),
+    newGetDatalakeStatus,
+    GetDatalakeStatusResponse (GetDatalakeStatusResponse'),
+    newGetDatalakeStatusResponse,
+
+    -- ** GetSubscriber
+    GetSubscriber (GetSubscriber'),
+    newGetSubscriber,
+    GetSubscriberResponse (GetSubscriberResponse'),
+    newGetSubscriberResponse,
+
+    -- ** ListDatalakeExceptions (Paginated)
+    ListDatalakeExceptions (ListDatalakeExceptions'),
+    newListDatalakeExceptions,
+    ListDatalakeExceptionsResponse (ListDatalakeExceptionsResponse'),
+    newListDatalakeExceptionsResponse,
+
+    -- ** ListLogSources (Paginated)
+    ListLogSources (ListLogSources'),
+    newListLogSources,
+    ListLogSourcesResponse (ListLogSourcesResponse'),
+    newListLogSourcesResponse,
+
+    -- ** ListSubscribers (Paginated)
+    ListSubscribers (ListSubscribers'),
+    newListSubscribers,
+    ListSubscribersResponse (ListSubscribersResponse'),
+    newListSubscribersResponse,
+
+    -- ** UpdateDatalake
+    UpdateDatalake (UpdateDatalake'),
+    newUpdateDatalake,
+    UpdateDatalakeResponse (UpdateDatalakeResponse'),
+    newUpdateDatalakeResponse,
+
+    -- ** UpdateDatalakeExceptionsExpiry
+    UpdateDatalakeExceptionsExpiry (UpdateDatalakeExceptionsExpiry'),
+    newUpdateDatalakeExceptionsExpiry,
+    UpdateDatalakeExceptionsExpiryResponse (UpdateDatalakeExceptionsExpiryResponse'),
+    newUpdateDatalakeExceptionsExpiryResponse,
+
+    -- ** UpdateDatalakeExceptionsSubscription
+    UpdateDatalakeExceptionsSubscription (UpdateDatalakeExceptionsSubscription'),
+    newUpdateDatalakeExceptionsSubscription,
+    UpdateDatalakeExceptionsSubscriptionResponse (UpdateDatalakeExceptionsSubscriptionResponse'),
+    newUpdateDatalakeExceptionsSubscriptionResponse,
+
+    -- ** UpdateSubscriber
+    UpdateSubscriber (UpdateSubscriber'),
+    newUpdateSubscriber,
+    UpdateSubscriberResponse (UpdateSubscriberResponse'),
+    newUpdateSubscriberResponse,
+
+    -- ** UpdateSubscriptionNotificationConfiguration
+    UpdateSubscriptionNotificationConfiguration (UpdateSubscriptionNotificationConfiguration'),
+    newUpdateSubscriptionNotificationConfiguration,
+    UpdateSubscriptionNotificationConfigurationResponse (UpdateSubscriptionNotificationConfigurationResponse'),
+    newUpdateSubscriptionNotificationConfigurationResponse,
+
+    -- * Types
+
+    -- ** AccessType
+    AccessType (..),
+
+    -- ** AwsLogSourceType
+    AwsLogSourceType (..),
+
+    -- ** Dimension
+    Dimension (..),
+
+    -- ** EndpointProtocol
+    EndpointProtocol (..),
+
+    -- ** HttpsMethod
+    HttpsMethod (..),
+
+    -- ** OcsfEventClass
+    OcsfEventClass (..),
+
+    -- ** Region
+    Region (..),
+
+    -- ** SettingsStatus
+    SettingsStatus (..),
+
+    -- ** SourceStatus
+    SourceStatus (..),
+
+    -- ** StorageClass
+    StorageClass (..),
+
+    -- ** SubscriptionProtocolType
+    SubscriptionProtocolType (..),
+
+    -- ** SubscriptionStatus
+    SubscriptionStatus (..),
+
+    -- ** AccountSources
+    AccountSources (AccountSources'),
+    newAccountSources,
+
+    -- ** AutoEnableNewRegionConfiguration
+    AutoEnableNewRegionConfiguration (AutoEnableNewRegionConfiguration'),
+    newAutoEnableNewRegionConfiguration,
+
+    -- ** Failures
+    Failures (Failures'),
+    newFailures,
+
+    -- ** FailuresResponse
+    FailuresResponse (FailuresResponse'),
+    newFailuresResponse,
+
+    -- ** LakeConfigurationRequest
+    LakeConfigurationRequest (LakeConfigurationRequest'),
+    newLakeConfigurationRequest,
+
+    -- ** LakeConfigurationResponse
+    LakeConfigurationResponse (LakeConfigurationResponse'),
+    newLakeConfigurationResponse,
+
+    -- ** LogsStatus
+    LogsStatus (LogsStatus'),
+    newLogsStatus,
+
+    -- ** ProtocolAndNotificationEndpoint
+    ProtocolAndNotificationEndpoint (ProtocolAndNotificationEndpoint'),
+    newProtocolAndNotificationEndpoint,
+
+    -- ** RetentionSetting
+    RetentionSetting (RetentionSetting'),
+    newRetentionSetting,
+
+    -- ** SourceType
+    SourceType (SourceType'),
+    newSourceType,
+
+    -- ** SubscriberResource
+    SubscriberResource (SubscriberResource'),
+    newSubscriberResource,
+  )
+where
+
+import Amazonka.SecurityLake.CreateAwsLogSource
+import Amazonka.SecurityLake.CreateCustomLogSource
+import Amazonka.SecurityLake.CreateDatalake
+import Amazonka.SecurityLake.CreateDatalakeAutoEnable
+import Amazonka.SecurityLake.CreateDatalakeDelegatedAdmin
+import Amazonka.SecurityLake.CreateDatalakeExceptionsSubscription
+import Amazonka.SecurityLake.CreateSubscriber
+import Amazonka.SecurityLake.CreateSubscriptionNotificationConfiguration
+import Amazonka.SecurityLake.DeleteAwsLogSource
+import Amazonka.SecurityLake.DeleteCustomLogSource
+import Amazonka.SecurityLake.DeleteDatalake
+import Amazonka.SecurityLake.DeleteDatalakeAutoEnable
+import Amazonka.SecurityLake.DeleteDatalakeDelegatedAdmin
+import Amazonka.SecurityLake.DeleteDatalakeExceptionsSubscription
+import Amazonka.SecurityLake.DeleteSubscriber
+import Amazonka.SecurityLake.DeleteSubscriptionNotificationConfiguration
+import Amazonka.SecurityLake.GetDatalake
+import Amazonka.SecurityLake.GetDatalakeAutoEnable
+import Amazonka.SecurityLake.GetDatalakeExceptionsExpiry
+import Amazonka.SecurityLake.GetDatalakeExceptionsSubscription
+import Amazonka.SecurityLake.GetDatalakeStatus
+import Amazonka.SecurityLake.GetSubscriber
+import Amazonka.SecurityLake.Lens
+import Amazonka.SecurityLake.ListDatalakeExceptions
+import Amazonka.SecurityLake.ListLogSources
+import Amazonka.SecurityLake.ListSubscribers
+import Amazonka.SecurityLake.Types
+import Amazonka.SecurityLake.UpdateDatalake
+import Amazonka.SecurityLake.UpdateDatalakeExceptionsExpiry
+import Amazonka.SecurityLake.UpdateDatalakeExceptionsSubscription
+import Amazonka.SecurityLake.UpdateSubscriber
+import Amazonka.SecurityLake.UpdateSubscriptionNotificationConfiguration
+import Amazonka.SecurityLake.Waiters
+
+-- $errors
+-- Error matchers are designed for use with the functions provided by
+-- <http://hackage.haskell.org/package/lens/docs/Control-Exception-Lens.html Control.Exception.Lens>.
+-- This allows catching (and rethrowing) service specific errors returned
+-- by 'SecurityLake'.
+
+-- $operations
+-- Some AWS operations return results that are incomplete and require subsequent
+-- requests in order to obtain the entire result set. The process of sending
+-- subsequent requests to continue where a previous request left off is called
+-- pagination. For example, the 'ListObjects' operation of Amazon S3 returns up to
+-- 1000 objects at a time, and you must send subsequent requests with the
+-- appropriate Marker in order to retrieve the next page of results.
+--
+-- Operations that have an 'AWSPager' instance can transparently perform subsequent
+-- requests, correctly setting Markers and other request facets to iterate through
+-- the entire result set of a truncated API operation. Operations which support
+-- this have an additional note in the documentation.
+--
+-- Many operations have the ability to filter results on the server side. See the
+-- individual operation parameters for details.
+
+-- $waiters
+-- Waiters poll by repeatedly sending a request until some remote success condition
+-- configured by the 'Wait' specification is fulfilled. The 'Wait' specification
+-- determines how many attempts should be made, in addition to delay and retry strategies.
diff --git a/gen/Amazonka/SecurityLake/CreateAwsLogSource.hs b/gen/Amazonka/SecurityLake/CreateAwsLogSource.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/CreateAwsLogSource.hs
@@ -0,0 +1,261 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.CreateAwsLogSource
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Adds a natively supported Amazon Web Service as an Amazon Security Lake
+-- source. Enables source types for member accounts in required Amazon Web
+-- Services Regions, based on the parameters you specify. You can choose
+-- any source type in any Region for either accounts that are part of a
+-- trusted organization or standalone accounts. At least one of the three
+-- dimensions is a mandatory input to this API. However, you can supply any
+-- combination of the three dimensions to this API.
+--
+-- By default, a dimension refers to the entire set. When you don\'t
+-- provide a dimension, Security Lake assumes that the missing dimension
+-- refers to the entire set. This is overridden when you supply any one of
+-- the inputs. For instance, when you do not specify members, the API
+-- enables all Security Lake member accounts for all sources. Similarly,
+-- when you do not specify Regions, Security Lake is enabled for all the
+-- Regions where Security Lake is available as a service.
+--
+-- You can use this API only to enable natively supported Amazon Web
+-- Services as a source. Use @CreateCustomLogSource@ to enable data
+-- collection from a custom source.
+module Amazonka.SecurityLake.CreateAwsLogSource
+  ( -- * Creating a Request
+    CreateAwsLogSource (..),
+    newCreateAwsLogSource,
+
+    -- * Request Lenses
+    createAwsLogSource_enableAllDimensions,
+    createAwsLogSource_enableSingleDimension,
+    createAwsLogSource_enableTwoDimensions,
+    createAwsLogSource_inputOrder,
+
+    -- * Destructuring the Response
+    CreateAwsLogSourceResponse (..),
+    newCreateAwsLogSourceResponse,
+
+    -- * Response Lenses
+    createAwsLogSourceResponse_failed,
+    createAwsLogSourceResponse_processing,
+    createAwsLogSourceResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newCreateAwsLogSource' smart constructor.
+data CreateAwsLogSource = CreateAwsLogSource'
+  { -- | Enables data collection from specific Amazon Web Services sources in all
+    -- specific accounts and specific Regions.
+    enableAllDimensions :: Prelude.Maybe (Prelude.HashMap Prelude.Text (Prelude.HashMap Prelude.Text [Prelude.Text])),
+    -- | Enables data collection from all Amazon Web Services sources in specific
+    -- accounts or Regions.
+    enableSingleDimension :: Prelude.Maybe [Prelude.Text],
+    -- | Enables data collection from specific Amazon Web Services sources in
+    -- specific accounts or Regions.
+    enableTwoDimensions :: Prelude.Maybe (Prelude.HashMap Prelude.Text [Prelude.Text]),
+    -- | Specifies the input order to enable dimensions in Security Lake, namely
+    -- Region, source type, and member account.
+    inputOrder :: [Dimension]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateAwsLogSource' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'enableAllDimensions', 'createAwsLogSource_enableAllDimensions' - Enables data collection from specific Amazon Web Services sources in all
+-- specific accounts and specific Regions.
+--
+-- 'enableSingleDimension', 'createAwsLogSource_enableSingleDimension' - Enables data collection from all Amazon Web Services sources in specific
+-- accounts or Regions.
+--
+-- 'enableTwoDimensions', 'createAwsLogSource_enableTwoDimensions' - Enables data collection from specific Amazon Web Services sources in
+-- specific accounts or Regions.
+--
+-- 'inputOrder', 'createAwsLogSource_inputOrder' - Specifies the input order to enable dimensions in Security Lake, namely
+-- Region, source type, and member account.
+newCreateAwsLogSource ::
+  CreateAwsLogSource
+newCreateAwsLogSource =
+  CreateAwsLogSource'
+    { enableAllDimensions =
+        Prelude.Nothing,
+      enableSingleDimension = Prelude.Nothing,
+      enableTwoDimensions = Prelude.Nothing,
+      inputOrder = Prelude.mempty
+    }
+
+-- | Enables data collection from specific Amazon Web Services sources in all
+-- specific accounts and specific Regions.
+createAwsLogSource_enableAllDimensions :: Lens.Lens' CreateAwsLogSource (Prelude.Maybe (Prelude.HashMap Prelude.Text (Prelude.HashMap Prelude.Text [Prelude.Text])))
+createAwsLogSource_enableAllDimensions = Lens.lens (\CreateAwsLogSource' {enableAllDimensions} -> enableAllDimensions) (\s@CreateAwsLogSource' {} a -> s {enableAllDimensions = a} :: CreateAwsLogSource) Prelude.. Lens.mapping Lens.coerced
+
+-- | Enables data collection from all Amazon Web Services sources in specific
+-- accounts or Regions.
+createAwsLogSource_enableSingleDimension :: Lens.Lens' CreateAwsLogSource (Prelude.Maybe [Prelude.Text])
+createAwsLogSource_enableSingleDimension = Lens.lens (\CreateAwsLogSource' {enableSingleDimension} -> enableSingleDimension) (\s@CreateAwsLogSource' {} a -> s {enableSingleDimension = a} :: CreateAwsLogSource) Prelude.. Lens.mapping Lens.coerced
+
+-- | Enables data collection from specific Amazon Web Services sources in
+-- specific accounts or Regions.
+createAwsLogSource_enableTwoDimensions :: Lens.Lens' CreateAwsLogSource (Prelude.Maybe (Prelude.HashMap Prelude.Text [Prelude.Text]))
+createAwsLogSource_enableTwoDimensions = Lens.lens (\CreateAwsLogSource' {enableTwoDimensions} -> enableTwoDimensions) (\s@CreateAwsLogSource' {} a -> s {enableTwoDimensions = a} :: CreateAwsLogSource) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies the input order to enable dimensions in Security Lake, namely
+-- Region, source type, and member account.
+createAwsLogSource_inputOrder :: Lens.Lens' CreateAwsLogSource [Dimension]
+createAwsLogSource_inputOrder = Lens.lens (\CreateAwsLogSource' {inputOrder} -> inputOrder) (\s@CreateAwsLogSource' {} a -> s {inputOrder = a} :: CreateAwsLogSource) Prelude.. Lens.coerced
+
+instance Core.AWSRequest CreateAwsLogSource where
+  type
+    AWSResponse CreateAwsLogSource =
+      CreateAwsLogSourceResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateAwsLogSourceResponse'
+            Prelude.<$> (x Data..?> "failed" Core..!@ Prelude.mempty)
+            Prelude.<*> (x Data..?> "processing" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreateAwsLogSource where
+  hashWithSalt _salt CreateAwsLogSource' {..} =
+    _salt
+      `Prelude.hashWithSalt` enableAllDimensions
+      `Prelude.hashWithSalt` enableSingleDimension
+      `Prelude.hashWithSalt` enableTwoDimensions
+      `Prelude.hashWithSalt` inputOrder
+
+instance Prelude.NFData CreateAwsLogSource where
+  rnf CreateAwsLogSource' {..} =
+    Prelude.rnf enableAllDimensions
+      `Prelude.seq` Prelude.rnf enableSingleDimension
+      `Prelude.seq` Prelude.rnf enableTwoDimensions
+      `Prelude.seq` Prelude.rnf inputOrder
+
+instance Data.ToHeaders CreateAwsLogSource where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON CreateAwsLogSource where
+  toJSON CreateAwsLogSource' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("enableAllDimensions" Data..=)
+              Prelude.<$> enableAllDimensions,
+            ("enableSingleDimension" Data..=)
+              Prelude.<$> enableSingleDimension,
+            ("enableTwoDimensions" Data..=)
+              Prelude.<$> enableTwoDimensions,
+            Prelude.Just ("inputOrder" Data..= inputOrder)
+          ]
+      )
+
+instance Data.ToPath CreateAwsLogSource where
+  toPath = Prelude.const "/v1/logsources/aws"
+
+instance Data.ToQuery CreateAwsLogSource where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateAwsLogSourceResponse' smart constructor.
+data CreateAwsLogSourceResponse = CreateAwsLogSourceResponse'
+  { -- | Lists all accounts in which enabling a natively supported Amazon Web
+    -- Service as a Security Lake source failed. The failure occurred as these
+    -- accounts are not part of an organization.
+    failed :: Prelude.Maybe [Prelude.Text],
+    -- | Lists the accounts that are in the process of enabling a natively
+    -- supported Amazon Web Service as a Security Lake source.
+    processing :: Prelude.Maybe [Prelude.Text],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateAwsLogSourceResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'failed', 'createAwsLogSourceResponse_failed' - Lists all accounts in which enabling a natively supported Amazon Web
+-- Service as a Security Lake source failed. The failure occurred as these
+-- accounts are not part of an organization.
+--
+-- 'processing', 'createAwsLogSourceResponse_processing' - Lists the accounts that are in the process of enabling a natively
+-- supported Amazon Web Service as a Security Lake source.
+--
+-- 'httpStatus', 'createAwsLogSourceResponse_httpStatus' - The response's http status code.
+newCreateAwsLogSourceResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateAwsLogSourceResponse
+newCreateAwsLogSourceResponse pHttpStatus_ =
+  CreateAwsLogSourceResponse'
+    { failed =
+        Prelude.Nothing,
+      processing = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | Lists all accounts in which enabling a natively supported Amazon Web
+-- Service as a Security Lake source failed. The failure occurred as these
+-- accounts are not part of an organization.
+createAwsLogSourceResponse_failed :: Lens.Lens' CreateAwsLogSourceResponse (Prelude.Maybe [Prelude.Text])
+createAwsLogSourceResponse_failed = Lens.lens (\CreateAwsLogSourceResponse' {failed} -> failed) (\s@CreateAwsLogSourceResponse' {} a -> s {failed = a} :: CreateAwsLogSourceResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | Lists the accounts that are in the process of enabling a natively
+-- supported Amazon Web Service as a Security Lake source.
+createAwsLogSourceResponse_processing :: Lens.Lens' CreateAwsLogSourceResponse (Prelude.Maybe [Prelude.Text])
+createAwsLogSourceResponse_processing = Lens.lens (\CreateAwsLogSourceResponse' {processing} -> processing) (\s@CreateAwsLogSourceResponse' {} a -> s {processing = a} :: CreateAwsLogSourceResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+createAwsLogSourceResponse_httpStatus :: Lens.Lens' CreateAwsLogSourceResponse Prelude.Int
+createAwsLogSourceResponse_httpStatus = Lens.lens (\CreateAwsLogSourceResponse' {httpStatus} -> httpStatus) (\s@CreateAwsLogSourceResponse' {} a -> s {httpStatus = a} :: CreateAwsLogSourceResponse)
+
+instance Prelude.NFData CreateAwsLogSourceResponse where
+  rnf CreateAwsLogSourceResponse' {..} =
+    Prelude.rnf failed
+      `Prelude.seq` Prelude.rnf processing
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/SecurityLake/CreateCustomLogSource.hs b/gen/Amazonka/SecurityLake/CreateCustomLogSource.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/CreateCustomLogSource.hs
@@ -0,0 +1,346 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.CreateCustomLogSource
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Adds a third-party custom source in Amazon Security Lake, from the
+-- Amazon Web Services Region where you want to create a custom source.
+-- Security Lake can collect logs and events from third-party custom
+-- sources. After creating the appropriate IAM role to invoke Glue crawler,
+-- use this API to add a custom source name in Security Lake. This
+-- operation creates a partition in the Amazon S3 bucket for Security Lake
+-- as the target location for log files from the custom source in addition
+-- to an associated Glue table and an Glue crawler.
+module Amazonka.SecurityLake.CreateCustomLogSource
+  ( -- * Creating a Request
+    CreateCustomLogSource (..),
+    newCreateCustomLogSource,
+
+    -- * Request Lenses
+    createCustomLogSource_customSourceName,
+    createCustomLogSource_eventClass,
+    createCustomLogSource_glueInvocationRoleArn,
+    createCustomLogSource_logProviderAccountId,
+
+    -- * Destructuring the Response
+    CreateCustomLogSourceResponse (..),
+    newCreateCustomLogSourceResponse,
+
+    -- * Response Lenses
+    createCustomLogSourceResponse_httpStatus,
+    createCustomLogSourceResponse_customDataLocation,
+    createCustomLogSourceResponse_glueCrawlerName,
+    createCustomLogSourceResponse_glueDatabaseName,
+    createCustomLogSourceResponse_glueTableName,
+    createCustomLogSourceResponse_logProviderAccessRoleArn,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newCreateCustomLogSource' smart constructor.
+data CreateCustomLogSource = CreateCustomLogSource'
+  { -- | The name for a third-party custom source. This must be a Regionally
+    -- unique value.
+    customSourceName :: Prelude.Text,
+    -- | The Open Cybersecurity Schema Framework (OCSF) event class which
+    -- describes the type of data that the custom source will send to Security
+    -- Lake.
+    eventClass :: OcsfEventClass,
+    -- | The Amazon Resource Name (ARN) of the Identity and Access Management
+    -- (IAM) role to be used by the Glue crawler. The recommended IAM policies
+    -- are:
+    --
+    -- -   The managed policy @AWSGlueServiceRole@
+    --
+    -- -   A custom policy granting access to your Amazon S3 Data Lake
+    glueInvocationRoleArn :: Prelude.Text,
+    -- | The Amazon Web Services account ID of the custom source that will write
+    -- logs and events into the Amazon S3 Data Lake.
+    logProviderAccountId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateCustomLogSource' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'customSourceName', 'createCustomLogSource_customSourceName' - The name for a third-party custom source. This must be a Regionally
+-- unique value.
+--
+-- 'eventClass', 'createCustomLogSource_eventClass' - The Open Cybersecurity Schema Framework (OCSF) event class which
+-- describes the type of data that the custom source will send to Security
+-- Lake.
+--
+-- 'glueInvocationRoleArn', 'createCustomLogSource_glueInvocationRoleArn' - The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role to be used by the Glue crawler. The recommended IAM policies
+-- are:
+--
+-- -   The managed policy @AWSGlueServiceRole@
+--
+-- -   A custom policy granting access to your Amazon S3 Data Lake
+--
+-- 'logProviderAccountId', 'createCustomLogSource_logProviderAccountId' - The Amazon Web Services account ID of the custom source that will write
+-- logs and events into the Amazon S3 Data Lake.
+newCreateCustomLogSource ::
+  -- | 'customSourceName'
+  Prelude.Text ->
+  -- | 'eventClass'
+  OcsfEventClass ->
+  -- | 'glueInvocationRoleArn'
+  Prelude.Text ->
+  -- | 'logProviderAccountId'
+  Prelude.Text ->
+  CreateCustomLogSource
+newCreateCustomLogSource
+  pCustomSourceName_
+  pEventClass_
+  pGlueInvocationRoleArn_
+  pLogProviderAccountId_ =
+    CreateCustomLogSource'
+      { customSourceName =
+          pCustomSourceName_,
+        eventClass = pEventClass_,
+        glueInvocationRoleArn = pGlueInvocationRoleArn_,
+        logProviderAccountId = pLogProviderAccountId_
+      }
+
+-- | The name for a third-party custom source. This must be a Regionally
+-- unique value.
+createCustomLogSource_customSourceName :: Lens.Lens' CreateCustomLogSource Prelude.Text
+createCustomLogSource_customSourceName = Lens.lens (\CreateCustomLogSource' {customSourceName} -> customSourceName) (\s@CreateCustomLogSource' {} a -> s {customSourceName = a} :: CreateCustomLogSource)
+
+-- | The Open Cybersecurity Schema Framework (OCSF) event class which
+-- describes the type of data that the custom source will send to Security
+-- Lake.
+createCustomLogSource_eventClass :: Lens.Lens' CreateCustomLogSource OcsfEventClass
+createCustomLogSource_eventClass = Lens.lens (\CreateCustomLogSource' {eventClass} -> eventClass) (\s@CreateCustomLogSource' {} a -> s {eventClass = a} :: CreateCustomLogSource)
+
+-- | The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role to be used by the Glue crawler. The recommended IAM policies
+-- are:
+--
+-- -   The managed policy @AWSGlueServiceRole@
+--
+-- -   A custom policy granting access to your Amazon S3 Data Lake
+createCustomLogSource_glueInvocationRoleArn :: Lens.Lens' CreateCustomLogSource Prelude.Text
+createCustomLogSource_glueInvocationRoleArn = Lens.lens (\CreateCustomLogSource' {glueInvocationRoleArn} -> glueInvocationRoleArn) (\s@CreateCustomLogSource' {} a -> s {glueInvocationRoleArn = a} :: CreateCustomLogSource)
+
+-- | The Amazon Web Services account ID of the custom source that will write
+-- logs and events into the Amazon S3 Data Lake.
+createCustomLogSource_logProviderAccountId :: Lens.Lens' CreateCustomLogSource Prelude.Text
+createCustomLogSource_logProviderAccountId = Lens.lens (\CreateCustomLogSource' {logProviderAccountId} -> logProviderAccountId) (\s@CreateCustomLogSource' {} a -> s {logProviderAccountId = a} :: CreateCustomLogSource)
+
+instance Core.AWSRequest CreateCustomLogSource where
+  type
+    AWSResponse CreateCustomLogSource =
+      CreateCustomLogSourceResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateCustomLogSourceResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "customDataLocation")
+            Prelude.<*> (x Data..:> "glueCrawlerName")
+            Prelude.<*> (x Data..:> "glueDatabaseName")
+            Prelude.<*> (x Data..:> "glueTableName")
+            Prelude.<*> (x Data..:> "logProviderAccessRoleArn")
+      )
+
+instance Prelude.Hashable CreateCustomLogSource where
+  hashWithSalt _salt CreateCustomLogSource' {..} =
+    _salt
+      `Prelude.hashWithSalt` customSourceName
+      `Prelude.hashWithSalt` eventClass
+      `Prelude.hashWithSalt` glueInvocationRoleArn
+      `Prelude.hashWithSalt` logProviderAccountId
+
+instance Prelude.NFData CreateCustomLogSource where
+  rnf CreateCustomLogSource' {..} =
+    Prelude.rnf customSourceName
+      `Prelude.seq` Prelude.rnf eventClass
+      `Prelude.seq` Prelude.rnf glueInvocationRoleArn
+      `Prelude.seq` Prelude.rnf logProviderAccountId
+
+instance Data.ToHeaders CreateCustomLogSource where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON CreateCustomLogSource where
+  toJSON CreateCustomLogSource' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just
+              ("customSourceName" Data..= customSourceName),
+            Prelude.Just ("eventClass" Data..= eventClass),
+            Prelude.Just
+              ( "glueInvocationRoleArn"
+                  Data..= glueInvocationRoleArn
+              ),
+            Prelude.Just
+              ( "logProviderAccountId"
+                  Data..= logProviderAccountId
+              )
+          ]
+      )
+
+instance Data.ToPath CreateCustomLogSource where
+  toPath = Prelude.const "/v1/logsources/custom"
+
+instance Data.ToQuery CreateCustomLogSource where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateCustomLogSourceResponse' smart constructor.
+data CreateCustomLogSourceResponse = CreateCustomLogSourceResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The location of the partition in the Amazon S3 bucket for Security Lake.
+    customDataLocation :: Prelude.Text,
+    -- | The name of the Glue crawler.
+    glueCrawlerName :: Prelude.Text,
+    -- | The Glue database where results are written, such as:
+    -- @arn:aws:daylight:us-east-1::database\/sometable\/*@.
+    glueDatabaseName :: Prelude.Text,
+    -- | The table name of the Glue crawler.
+    glueTableName :: Prelude.Text,
+    -- | The ARN of the IAM role to be used by the entity putting logs into your
+    -- custom source partition. Security Lake will apply the correct access
+    -- policies to this role, but you must first manually create the trust
+    -- policy for this role. The IAM role name must start with the text
+    -- \'Security Lake\'. The IAM role must trust the @logProviderAccountId@ to
+    -- assume the role.
+    logProviderAccessRoleArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateCustomLogSourceResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'createCustomLogSourceResponse_httpStatus' - The response's http status code.
+--
+-- 'customDataLocation', 'createCustomLogSourceResponse_customDataLocation' - The location of the partition in the Amazon S3 bucket for Security Lake.
+--
+-- 'glueCrawlerName', 'createCustomLogSourceResponse_glueCrawlerName' - The name of the Glue crawler.
+--
+-- 'glueDatabaseName', 'createCustomLogSourceResponse_glueDatabaseName' - The Glue database where results are written, such as:
+-- @arn:aws:daylight:us-east-1::database\/sometable\/*@.
+--
+-- 'glueTableName', 'createCustomLogSourceResponse_glueTableName' - The table name of the Glue crawler.
+--
+-- 'logProviderAccessRoleArn', 'createCustomLogSourceResponse_logProviderAccessRoleArn' - The ARN of the IAM role to be used by the entity putting logs into your
+-- custom source partition. Security Lake will apply the correct access
+-- policies to this role, but you must first manually create the trust
+-- policy for this role. The IAM role name must start with the text
+-- \'Security Lake\'. The IAM role must trust the @logProviderAccountId@ to
+-- assume the role.
+newCreateCustomLogSourceResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'customDataLocation'
+  Prelude.Text ->
+  -- | 'glueCrawlerName'
+  Prelude.Text ->
+  -- | 'glueDatabaseName'
+  Prelude.Text ->
+  -- | 'glueTableName'
+  Prelude.Text ->
+  -- | 'logProviderAccessRoleArn'
+  Prelude.Text ->
+  CreateCustomLogSourceResponse
+newCreateCustomLogSourceResponse
+  pHttpStatus_
+  pCustomDataLocation_
+  pGlueCrawlerName_
+  pGlueDatabaseName_
+  pGlueTableName_
+  pLogProviderAccessRoleArn_ =
+    CreateCustomLogSourceResponse'
+      { httpStatus =
+          pHttpStatus_,
+        customDataLocation = pCustomDataLocation_,
+        glueCrawlerName = pGlueCrawlerName_,
+        glueDatabaseName = pGlueDatabaseName_,
+        glueTableName = pGlueTableName_,
+        logProviderAccessRoleArn =
+          pLogProviderAccessRoleArn_
+      }
+
+-- | The response's http status code.
+createCustomLogSourceResponse_httpStatus :: Lens.Lens' CreateCustomLogSourceResponse Prelude.Int
+createCustomLogSourceResponse_httpStatus = Lens.lens (\CreateCustomLogSourceResponse' {httpStatus} -> httpStatus) (\s@CreateCustomLogSourceResponse' {} a -> s {httpStatus = a} :: CreateCustomLogSourceResponse)
+
+-- | The location of the partition in the Amazon S3 bucket for Security Lake.
+createCustomLogSourceResponse_customDataLocation :: Lens.Lens' CreateCustomLogSourceResponse Prelude.Text
+createCustomLogSourceResponse_customDataLocation = Lens.lens (\CreateCustomLogSourceResponse' {customDataLocation} -> customDataLocation) (\s@CreateCustomLogSourceResponse' {} a -> s {customDataLocation = a} :: CreateCustomLogSourceResponse)
+
+-- | The name of the Glue crawler.
+createCustomLogSourceResponse_glueCrawlerName :: Lens.Lens' CreateCustomLogSourceResponse Prelude.Text
+createCustomLogSourceResponse_glueCrawlerName = Lens.lens (\CreateCustomLogSourceResponse' {glueCrawlerName} -> glueCrawlerName) (\s@CreateCustomLogSourceResponse' {} a -> s {glueCrawlerName = a} :: CreateCustomLogSourceResponse)
+
+-- | The Glue database where results are written, such as:
+-- @arn:aws:daylight:us-east-1::database\/sometable\/*@.
+createCustomLogSourceResponse_glueDatabaseName :: Lens.Lens' CreateCustomLogSourceResponse Prelude.Text
+createCustomLogSourceResponse_glueDatabaseName = Lens.lens (\CreateCustomLogSourceResponse' {glueDatabaseName} -> glueDatabaseName) (\s@CreateCustomLogSourceResponse' {} a -> s {glueDatabaseName = a} :: CreateCustomLogSourceResponse)
+
+-- | The table name of the Glue crawler.
+createCustomLogSourceResponse_glueTableName :: Lens.Lens' CreateCustomLogSourceResponse Prelude.Text
+createCustomLogSourceResponse_glueTableName = Lens.lens (\CreateCustomLogSourceResponse' {glueTableName} -> glueTableName) (\s@CreateCustomLogSourceResponse' {} a -> s {glueTableName = a} :: CreateCustomLogSourceResponse)
+
+-- | The ARN of the IAM role to be used by the entity putting logs into your
+-- custom source partition. Security Lake will apply the correct access
+-- policies to this role, but you must first manually create the trust
+-- policy for this role. The IAM role name must start with the text
+-- \'Security Lake\'. The IAM role must trust the @logProviderAccountId@ to
+-- assume the role.
+createCustomLogSourceResponse_logProviderAccessRoleArn :: Lens.Lens' CreateCustomLogSourceResponse Prelude.Text
+createCustomLogSourceResponse_logProviderAccessRoleArn = Lens.lens (\CreateCustomLogSourceResponse' {logProviderAccessRoleArn} -> logProviderAccessRoleArn) (\s@CreateCustomLogSourceResponse' {} a -> s {logProviderAccessRoleArn = a} :: CreateCustomLogSourceResponse)
+
+instance Prelude.NFData CreateCustomLogSourceResponse where
+  rnf CreateCustomLogSourceResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf customDataLocation
+      `Prelude.seq` Prelude.rnf glueCrawlerName
+      `Prelude.seq` Prelude.rnf glueDatabaseName
+      `Prelude.seq` Prelude.rnf glueTableName
+      `Prelude.seq` Prelude.rnf logProviderAccessRoleArn
diff --git a/gen/Amazonka/SecurityLake/CreateDatalake.hs b/gen/Amazonka/SecurityLake/CreateDatalake.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/CreateDatalake.hs
@@ -0,0 +1,237 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.CreateDatalake
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Initializes an Amazon Security Lake instance with the provided (or
+-- default) configuration. You can enable Security Lake in Amazon Web
+-- Services Regions with customized settings before enabling log collection
+-- in Regions. You can either use the @enableAll@ parameter to specify all
+-- Regions or specify the Regions where you want to enable Security Lake.
+-- To specify particular Regions, use the @Regions@ parameter and then
+-- configure these Regions using the @configurations@ parameter. If you
+-- have already enabled Security Lake in a Region when you call this
+-- command, the command will update the Region if you provide new
+-- configuration parameters. If you have not already enabled Security Lake
+-- in the Region when you call this API, it will set up the data lake in
+-- the Region with the specified configurations.
+--
+-- When you enable Security Lake, it starts ingesting security data after
+-- the @CreateAwsLogSource@ call. This includes ingesting security data
+-- from sources, storing data, and making data accessible to subscribers.
+-- Security Lake also enables all the existing settings and resources that
+-- it stores or maintains for your Amazon Web Services account in the
+-- current Region, including security log and event data. For more
+-- information, see the
+-- <https://docs.aws.amazon.com/security-lake/latest/userguide/what-is-security-lake.html Amazon Security Lake User Guide>.
+module Amazonka.SecurityLake.CreateDatalake
+  ( -- * Creating a Request
+    CreateDatalake (..),
+    newCreateDatalake,
+
+    -- * Request Lenses
+    createDatalake_configurations,
+    createDatalake_enableAll,
+    createDatalake_metaStoreManagerRoleArn,
+    createDatalake_regions,
+
+    -- * Destructuring the Response
+    CreateDatalakeResponse (..),
+    newCreateDatalakeResponse,
+
+    -- * Response Lenses
+    createDatalakeResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newCreateDatalake' smart constructor.
+data CreateDatalake = CreateDatalake'
+  { -- | Specify the Region or Regions that will contribute data to the rollup
+    -- region.
+    configurations :: Prelude.Maybe (Prelude.HashMap Region LakeConfigurationRequest),
+    -- | Enable Security Lake in all Regions.
+    enableAll :: Prelude.Maybe Prelude.Bool,
+    -- | The Amazon Resource Name (ARN) used to create and update the Glue table.
+    -- This table contains partitions generated by the ingestion and
+    -- normalization of Amazon Web Services log sources and custom sources.
+    metaStoreManagerRoleArn :: Prelude.Maybe Prelude.Text,
+    -- | Enable Security Lake in the specified Regions. To enable Security Lake
+    -- in specific Amazon Web Services Regions, such as us-east-1 or
+    -- ap-northeast-3, provide the Region codes. For a list of Region codes,
+    -- see
+    -- <https://docs.aws.amazon.com/general/latest/gr/securitylake.html Amazon Security Lake endpoints>
+    -- in the Amazon Web Services General Reference.
+    regions :: Prelude.Maybe [Region]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateDatalake' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'configurations', 'createDatalake_configurations' - Specify the Region or Regions that will contribute data to the rollup
+-- region.
+--
+-- 'enableAll', 'createDatalake_enableAll' - Enable Security Lake in all Regions.
+--
+-- 'metaStoreManagerRoleArn', 'createDatalake_metaStoreManagerRoleArn' - The Amazon Resource Name (ARN) used to create and update the Glue table.
+-- This table contains partitions generated by the ingestion and
+-- normalization of Amazon Web Services log sources and custom sources.
+--
+-- 'regions', 'createDatalake_regions' - Enable Security Lake in the specified Regions. To enable Security Lake
+-- in specific Amazon Web Services Regions, such as us-east-1 or
+-- ap-northeast-3, provide the Region codes. For a list of Region codes,
+-- see
+-- <https://docs.aws.amazon.com/general/latest/gr/securitylake.html Amazon Security Lake endpoints>
+-- in the Amazon Web Services General Reference.
+newCreateDatalake ::
+  CreateDatalake
+newCreateDatalake =
+  CreateDatalake'
+    { configurations = Prelude.Nothing,
+      enableAll = Prelude.Nothing,
+      metaStoreManagerRoleArn = Prelude.Nothing,
+      regions = Prelude.Nothing
+    }
+
+-- | Specify the Region or Regions that will contribute data to the rollup
+-- region.
+createDatalake_configurations :: Lens.Lens' CreateDatalake (Prelude.Maybe (Prelude.HashMap Region LakeConfigurationRequest))
+createDatalake_configurations = Lens.lens (\CreateDatalake' {configurations} -> configurations) (\s@CreateDatalake' {} a -> s {configurations = a} :: CreateDatalake) Prelude.. Lens.mapping Lens.coerced
+
+-- | Enable Security Lake in all Regions.
+createDatalake_enableAll :: Lens.Lens' CreateDatalake (Prelude.Maybe Prelude.Bool)
+createDatalake_enableAll = Lens.lens (\CreateDatalake' {enableAll} -> enableAll) (\s@CreateDatalake' {} a -> s {enableAll = a} :: CreateDatalake)
+
+-- | The Amazon Resource Name (ARN) used to create and update the Glue table.
+-- This table contains partitions generated by the ingestion and
+-- normalization of Amazon Web Services log sources and custom sources.
+createDatalake_metaStoreManagerRoleArn :: Lens.Lens' CreateDatalake (Prelude.Maybe Prelude.Text)
+createDatalake_metaStoreManagerRoleArn = Lens.lens (\CreateDatalake' {metaStoreManagerRoleArn} -> metaStoreManagerRoleArn) (\s@CreateDatalake' {} a -> s {metaStoreManagerRoleArn = a} :: CreateDatalake)
+
+-- | Enable Security Lake in the specified Regions. To enable Security Lake
+-- in specific Amazon Web Services Regions, such as us-east-1 or
+-- ap-northeast-3, provide the Region codes. For a list of Region codes,
+-- see
+-- <https://docs.aws.amazon.com/general/latest/gr/securitylake.html Amazon Security Lake endpoints>
+-- in the Amazon Web Services General Reference.
+createDatalake_regions :: Lens.Lens' CreateDatalake (Prelude.Maybe [Region])
+createDatalake_regions = Lens.lens (\CreateDatalake' {regions} -> regions) (\s@CreateDatalake' {} a -> s {regions = a} :: CreateDatalake) Prelude.. Lens.mapping Lens.coerced
+
+instance Core.AWSRequest CreateDatalake where
+  type
+    AWSResponse CreateDatalake =
+      CreateDatalakeResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          CreateDatalakeResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreateDatalake where
+  hashWithSalt _salt CreateDatalake' {..} =
+    _salt
+      `Prelude.hashWithSalt` configurations
+      `Prelude.hashWithSalt` enableAll
+      `Prelude.hashWithSalt` metaStoreManagerRoleArn
+      `Prelude.hashWithSalt` regions
+
+instance Prelude.NFData CreateDatalake where
+  rnf CreateDatalake' {..} =
+    Prelude.rnf configurations
+      `Prelude.seq` Prelude.rnf enableAll
+      `Prelude.seq` Prelude.rnf metaStoreManagerRoleArn
+      `Prelude.seq` Prelude.rnf regions
+
+instance Data.ToHeaders CreateDatalake where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON CreateDatalake where
+  toJSON CreateDatalake' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("configurations" Data..=)
+              Prelude.<$> configurations,
+            ("enableAll" Data..=) Prelude.<$> enableAll,
+            ("metaStoreManagerRoleArn" Data..=)
+              Prelude.<$> metaStoreManagerRoleArn,
+            ("regions" Data..=) Prelude.<$> regions
+          ]
+      )
+
+instance Data.ToPath CreateDatalake where
+  toPath = Prelude.const "/v1/datalake"
+
+instance Data.ToQuery CreateDatalake where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateDatalakeResponse' smart constructor.
+data CreateDatalakeResponse = CreateDatalakeResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateDatalakeResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'createDatalakeResponse_httpStatus' - The response's http status code.
+newCreateDatalakeResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateDatalakeResponse
+newCreateDatalakeResponse pHttpStatus_ =
+  CreateDatalakeResponse' {httpStatus = pHttpStatus_}
+
+-- | The response's http status code.
+createDatalakeResponse_httpStatus :: Lens.Lens' CreateDatalakeResponse Prelude.Int
+createDatalakeResponse_httpStatus = Lens.lens (\CreateDatalakeResponse' {httpStatus} -> httpStatus) (\s@CreateDatalakeResponse' {} a -> s {httpStatus = a} :: CreateDatalakeResponse)
+
+instance Prelude.NFData CreateDatalakeResponse where
+  rnf CreateDatalakeResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/SecurityLake/CreateDatalakeAutoEnable.hs b/gen/Amazonka/SecurityLake/CreateDatalakeAutoEnable.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/CreateDatalakeAutoEnable.hs
@@ -0,0 +1,167 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.CreateDatalakeAutoEnable
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Automatically enables Amazon Security Lake for new member accounts in
+-- your organization. Security Lake is not automatically enabled for any
+-- existing member accounts in your organization.
+module Amazonka.SecurityLake.CreateDatalakeAutoEnable
+  ( -- * Creating a Request
+    CreateDatalakeAutoEnable (..),
+    newCreateDatalakeAutoEnable,
+
+    -- * Request Lenses
+    createDatalakeAutoEnable_configurationForNewAccounts,
+
+    -- * Destructuring the Response
+    CreateDatalakeAutoEnableResponse (..),
+    newCreateDatalakeAutoEnableResponse,
+
+    -- * Response Lenses
+    createDatalakeAutoEnableResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newCreateDatalakeAutoEnable' smart constructor.
+data CreateDatalakeAutoEnable = CreateDatalakeAutoEnable'
+  { -- | Enable Security Lake with the specified configuration settings to begin
+    -- collecting security data for new accounts in your organization.
+    configurationForNewAccounts :: [AutoEnableNewRegionConfiguration]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateDatalakeAutoEnable' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'configurationForNewAccounts', 'createDatalakeAutoEnable_configurationForNewAccounts' - Enable Security Lake with the specified configuration settings to begin
+-- collecting security data for new accounts in your organization.
+newCreateDatalakeAutoEnable ::
+  CreateDatalakeAutoEnable
+newCreateDatalakeAutoEnable =
+  CreateDatalakeAutoEnable'
+    { configurationForNewAccounts =
+        Prelude.mempty
+    }
+
+-- | Enable Security Lake with the specified configuration settings to begin
+-- collecting security data for new accounts in your organization.
+createDatalakeAutoEnable_configurationForNewAccounts :: Lens.Lens' CreateDatalakeAutoEnable [AutoEnableNewRegionConfiguration]
+createDatalakeAutoEnable_configurationForNewAccounts = Lens.lens (\CreateDatalakeAutoEnable' {configurationForNewAccounts} -> configurationForNewAccounts) (\s@CreateDatalakeAutoEnable' {} a -> s {configurationForNewAccounts = a} :: CreateDatalakeAutoEnable) Prelude.. Lens.coerced
+
+instance Core.AWSRequest CreateDatalakeAutoEnable where
+  type
+    AWSResponse CreateDatalakeAutoEnable =
+      CreateDatalakeAutoEnableResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          CreateDatalakeAutoEnableResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable CreateDatalakeAutoEnable where
+  hashWithSalt _salt CreateDatalakeAutoEnable' {..} =
+    _salt
+      `Prelude.hashWithSalt` configurationForNewAccounts
+
+instance Prelude.NFData CreateDatalakeAutoEnable where
+  rnf CreateDatalakeAutoEnable' {..} =
+    Prelude.rnf configurationForNewAccounts
+
+instance Data.ToHeaders CreateDatalakeAutoEnable where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON CreateDatalakeAutoEnable where
+  toJSON CreateDatalakeAutoEnable' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just
+              ( "configurationForNewAccounts"
+                  Data..= configurationForNewAccounts
+              )
+          ]
+      )
+
+instance Data.ToPath CreateDatalakeAutoEnable where
+  toPath = Prelude.const "/v1/datalake/autoenable"
+
+instance Data.ToQuery CreateDatalakeAutoEnable where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateDatalakeAutoEnableResponse' smart constructor.
+data CreateDatalakeAutoEnableResponse = CreateDatalakeAutoEnableResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateDatalakeAutoEnableResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'createDatalakeAutoEnableResponse_httpStatus' - The response's http status code.
+newCreateDatalakeAutoEnableResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateDatalakeAutoEnableResponse
+newCreateDatalakeAutoEnableResponse pHttpStatus_ =
+  CreateDatalakeAutoEnableResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+createDatalakeAutoEnableResponse_httpStatus :: Lens.Lens' CreateDatalakeAutoEnableResponse Prelude.Int
+createDatalakeAutoEnableResponse_httpStatus = Lens.lens (\CreateDatalakeAutoEnableResponse' {httpStatus} -> httpStatus) (\s@CreateDatalakeAutoEnableResponse' {} a -> s {httpStatus = a} :: CreateDatalakeAutoEnableResponse)
+
+instance
+  Prelude.NFData
+    CreateDatalakeAutoEnableResponse
+  where
+  rnf CreateDatalakeAutoEnableResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/SecurityLake/CreateDatalakeDelegatedAdmin.hs b/gen/Amazonka/SecurityLake/CreateDatalakeDelegatedAdmin.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/CreateDatalakeDelegatedAdmin.hs
@@ -0,0 +1,165 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.CreateDatalakeDelegatedAdmin
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Designates the Amazon Security Lake delegated administrator account for
+-- the organization. This API can only be called by the organization
+-- management account. The organization management account cannot be the
+-- delegated administrator account.
+module Amazonka.SecurityLake.CreateDatalakeDelegatedAdmin
+  ( -- * Creating a Request
+    CreateDatalakeDelegatedAdmin (..),
+    newCreateDatalakeDelegatedAdmin,
+
+    -- * Request Lenses
+    createDatalakeDelegatedAdmin_account,
+
+    -- * Destructuring the Response
+    CreateDatalakeDelegatedAdminResponse (..),
+    newCreateDatalakeDelegatedAdminResponse,
+
+    -- * Response Lenses
+    createDatalakeDelegatedAdminResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newCreateDatalakeDelegatedAdmin' smart constructor.
+data CreateDatalakeDelegatedAdmin = CreateDatalakeDelegatedAdmin'
+  { -- | The Amazon Web Services account ID of the Security Lake delegated
+    -- administrator.
+    account :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateDatalakeDelegatedAdmin' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'account', 'createDatalakeDelegatedAdmin_account' - The Amazon Web Services account ID of the Security Lake delegated
+-- administrator.
+newCreateDatalakeDelegatedAdmin ::
+  -- | 'account'
+  Prelude.Text ->
+  CreateDatalakeDelegatedAdmin
+newCreateDatalakeDelegatedAdmin pAccount_ =
+  CreateDatalakeDelegatedAdmin' {account = pAccount_}
+
+-- | The Amazon Web Services account ID of the Security Lake delegated
+-- administrator.
+createDatalakeDelegatedAdmin_account :: Lens.Lens' CreateDatalakeDelegatedAdmin Prelude.Text
+createDatalakeDelegatedAdmin_account = Lens.lens (\CreateDatalakeDelegatedAdmin' {account} -> account) (\s@CreateDatalakeDelegatedAdmin' {} a -> s {account = a} :: CreateDatalakeDelegatedAdmin)
+
+instance Core.AWSRequest CreateDatalakeDelegatedAdmin where
+  type
+    AWSResponse CreateDatalakeDelegatedAdmin =
+      CreateDatalakeDelegatedAdminResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          CreateDatalakeDelegatedAdminResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    CreateDatalakeDelegatedAdmin
+  where
+  hashWithSalt _salt CreateDatalakeDelegatedAdmin' {..} =
+    _salt `Prelude.hashWithSalt` account
+
+instance Prelude.NFData CreateDatalakeDelegatedAdmin where
+  rnf CreateDatalakeDelegatedAdmin' {..} =
+    Prelude.rnf account
+
+instance Data.ToHeaders CreateDatalakeDelegatedAdmin where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON CreateDatalakeDelegatedAdmin where
+  toJSON CreateDatalakeDelegatedAdmin' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [Prelude.Just ("account" Data..= account)]
+      )
+
+instance Data.ToPath CreateDatalakeDelegatedAdmin where
+  toPath = Prelude.const "/v1/datalake/delegate"
+
+instance Data.ToQuery CreateDatalakeDelegatedAdmin where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateDatalakeDelegatedAdminResponse' smart constructor.
+data CreateDatalakeDelegatedAdminResponse = CreateDatalakeDelegatedAdminResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateDatalakeDelegatedAdminResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'createDatalakeDelegatedAdminResponse_httpStatus' - The response's http status code.
+newCreateDatalakeDelegatedAdminResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateDatalakeDelegatedAdminResponse
+newCreateDatalakeDelegatedAdminResponse pHttpStatus_ =
+  CreateDatalakeDelegatedAdminResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+createDatalakeDelegatedAdminResponse_httpStatus :: Lens.Lens' CreateDatalakeDelegatedAdminResponse Prelude.Int
+createDatalakeDelegatedAdminResponse_httpStatus = Lens.lens (\CreateDatalakeDelegatedAdminResponse' {httpStatus} -> httpStatus) (\s@CreateDatalakeDelegatedAdminResponse' {} a -> s {httpStatus = a} :: CreateDatalakeDelegatedAdminResponse)
+
+instance
+  Prelude.NFData
+    CreateDatalakeDelegatedAdminResponse
+  where
+  rnf CreateDatalakeDelegatedAdminResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/SecurityLake/CreateDatalakeExceptionsSubscription.hs b/gen/Amazonka/SecurityLake/CreateDatalakeExceptionsSubscription.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/CreateDatalakeExceptionsSubscription.hs
@@ -0,0 +1,215 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.CreateDatalakeExceptionsSubscription
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates the specified notification subscription in Amazon Security Lake
+-- for the organization you specify.
+module Amazonka.SecurityLake.CreateDatalakeExceptionsSubscription
+  ( -- * Creating a Request
+    CreateDatalakeExceptionsSubscription (..),
+    newCreateDatalakeExceptionsSubscription,
+
+    -- * Request Lenses
+    createDatalakeExceptionsSubscription_notificationEndpoint,
+    createDatalakeExceptionsSubscription_subscriptionProtocol,
+
+    -- * Destructuring the Response
+    CreateDatalakeExceptionsSubscriptionResponse (..),
+    newCreateDatalakeExceptionsSubscriptionResponse,
+
+    -- * Response Lenses
+    createDatalakeExceptionsSubscriptionResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newCreateDatalakeExceptionsSubscription' smart constructor.
+data CreateDatalakeExceptionsSubscription = CreateDatalakeExceptionsSubscription'
+  { -- | The Amazon Web Services account where you want to receive exception
+    -- notifications.
+    notificationEndpoint :: Prelude.Text,
+    -- | The subscription protocol to which exception notifications are posted.
+    subscriptionProtocol :: SubscriptionProtocolType
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateDatalakeExceptionsSubscription' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'notificationEndpoint', 'createDatalakeExceptionsSubscription_notificationEndpoint' - The Amazon Web Services account where you want to receive exception
+-- notifications.
+--
+-- 'subscriptionProtocol', 'createDatalakeExceptionsSubscription_subscriptionProtocol' - The subscription protocol to which exception notifications are posted.
+newCreateDatalakeExceptionsSubscription ::
+  -- | 'notificationEndpoint'
+  Prelude.Text ->
+  -- | 'subscriptionProtocol'
+  SubscriptionProtocolType ->
+  CreateDatalakeExceptionsSubscription
+newCreateDatalakeExceptionsSubscription
+  pNotificationEndpoint_
+  pSubscriptionProtocol_ =
+    CreateDatalakeExceptionsSubscription'
+      { notificationEndpoint =
+          pNotificationEndpoint_,
+        subscriptionProtocol =
+          pSubscriptionProtocol_
+      }
+
+-- | The Amazon Web Services account where you want to receive exception
+-- notifications.
+createDatalakeExceptionsSubscription_notificationEndpoint :: Lens.Lens' CreateDatalakeExceptionsSubscription Prelude.Text
+createDatalakeExceptionsSubscription_notificationEndpoint = Lens.lens (\CreateDatalakeExceptionsSubscription' {notificationEndpoint} -> notificationEndpoint) (\s@CreateDatalakeExceptionsSubscription' {} a -> s {notificationEndpoint = a} :: CreateDatalakeExceptionsSubscription)
+
+-- | The subscription protocol to which exception notifications are posted.
+createDatalakeExceptionsSubscription_subscriptionProtocol :: Lens.Lens' CreateDatalakeExceptionsSubscription SubscriptionProtocolType
+createDatalakeExceptionsSubscription_subscriptionProtocol = Lens.lens (\CreateDatalakeExceptionsSubscription' {subscriptionProtocol} -> subscriptionProtocol) (\s@CreateDatalakeExceptionsSubscription' {} a -> s {subscriptionProtocol = a} :: CreateDatalakeExceptionsSubscription)
+
+instance
+  Core.AWSRequest
+    CreateDatalakeExceptionsSubscription
+  where
+  type
+    AWSResponse CreateDatalakeExceptionsSubscription =
+      CreateDatalakeExceptionsSubscriptionResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          CreateDatalakeExceptionsSubscriptionResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    CreateDatalakeExceptionsSubscription
+  where
+  hashWithSalt
+    _salt
+    CreateDatalakeExceptionsSubscription' {..} =
+      _salt
+        `Prelude.hashWithSalt` notificationEndpoint
+        `Prelude.hashWithSalt` subscriptionProtocol
+
+instance
+  Prelude.NFData
+    CreateDatalakeExceptionsSubscription
+  where
+  rnf CreateDatalakeExceptionsSubscription' {..} =
+    Prelude.rnf notificationEndpoint
+      `Prelude.seq` Prelude.rnf subscriptionProtocol
+
+instance
+  Data.ToHeaders
+    CreateDatalakeExceptionsSubscription
+  where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance
+  Data.ToJSON
+    CreateDatalakeExceptionsSubscription
+  where
+  toJSON CreateDatalakeExceptionsSubscription' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just
+              ( "notificationEndpoint"
+                  Data..= notificationEndpoint
+              ),
+            Prelude.Just
+              ( "subscriptionProtocol"
+                  Data..= subscriptionProtocol
+              )
+          ]
+      )
+
+instance
+  Data.ToPath
+    CreateDatalakeExceptionsSubscription
+  where
+  toPath =
+    Prelude.const
+      "/v1/datalake/exceptions/subscription"
+
+instance
+  Data.ToQuery
+    CreateDatalakeExceptionsSubscription
+  where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateDatalakeExceptionsSubscriptionResponse' smart constructor.
+data CreateDatalakeExceptionsSubscriptionResponse = CreateDatalakeExceptionsSubscriptionResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateDatalakeExceptionsSubscriptionResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'createDatalakeExceptionsSubscriptionResponse_httpStatus' - The response's http status code.
+newCreateDatalakeExceptionsSubscriptionResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateDatalakeExceptionsSubscriptionResponse
+newCreateDatalakeExceptionsSubscriptionResponse
+  pHttpStatus_ =
+    CreateDatalakeExceptionsSubscriptionResponse'
+      { httpStatus =
+          pHttpStatus_
+      }
+
+-- | The response's http status code.
+createDatalakeExceptionsSubscriptionResponse_httpStatus :: Lens.Lens' CreateDatalakeExceptionsSubscriptionResponse Prelude.Int
+createDatalakeExceptionsSubscriptionResponse_httpStatus = Lens.lens (\CreateDatalakeExceptionsSubscriptionResponse' {httpStatus} -> httpStatus) (\s@CreateDatalakeExceptionsSubscriptionResponse' {} a -> s {httpStatus = a} :: CreateDatalakeExceptionsSubscriptionResponse)
+
+instance
+  Prelude.NFData
+    CreateDatalakeExceptionsSubscriptionResponse
+  where
+  rnf CreateDatalakeExceptionsSubscriptionResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/SecurityLake/CreateSubscriber.hs b/gen/Amazonka/SecurityLake/CreateSubscriber.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/CreateSubscriber.hs
@@ -0,0 +1,312 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.CreateSubscriber
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a subscription permission for accounts that are already enabled
+-- in Amazon Security Lake. You can create a subscriber with access to data
+-- in the current Amazon Web Services Region.
+module Amazonka.SecurityLake.CreateSubscriber
+  ( -- * Creating a Request
+    CreateSubscriber (..),
+    newCreateSubscriber,
+
+    -- * Request Lenses
+    createSubscriber_accessTypes,
+    createSubscriber_subscriberDescription,
+    createSubscriber_accountId,
+    createSubscriber_externalId,
+    createSubscriber_sourceTypes,
+    createSubscriber_subscriberName,
+
+    -- * Destructuring the Response
+    CreateSubscriberResponse (..),
+    newCreateSubscriberResponse,
+
+    -- * Response Lenses
+    createSubscriberResponse_roleArn,
+    createSubscriberResponse_s3BucketArn,
+    createSubscriberResponse_snsArn,
+    createSubscriberResponse_httpStatus,
+    createSubscriberResponse_subscriptionId,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newCreateSubscriber' smart constructor.
+data CreateSubscriber = CreateSubscriber'
+  { -- | The Amazon S3 or Lake Formation access type.
+    accessTypes :: Prelude.Maybe [AccessType],
+    -- | The description for your subscriber account in Security Lake.
+    subscriberDescription :: Prelude.Maybe Prelude.Text,
+    -- | The Amazon Web Services account ID used to access your data.
+    accountId :: Prelude.Text,
+    -- | The external ID of the subscriber. This lets the user that is assuming
+    -- the role assert the circumstances in which they are operating. It also
+    -- provides a way for the account owner to permit the role to be assumed
+    -- only under specific circumstances.
+    externalId :: Prelude.Text,
+    -- | The supported Amazon Web Services from which logs and events are
+    -- collected. Security Lake supports log and event collection for natively
+    -- supported Amazon Web Services.
+    sourceTypes :: [SourceType],
+    -- | The name of your Security Lake subscriber account.
+    subscriberName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateSubscriber' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'accessTypes', 'createSubscriber_accessTypes' - The Amazon S3 or Lake Formation access type.
+--
+-- 'subscriberDescription', 'createSubscriber_subscriberDescription' - The description for your subscriber account in Security Lake.
+--
+-- 'accountId', 'createSubscriber_accountId' - The Amazon Web Services account ID used to access your data.
+--
+-- 'externalId', 'createSubscriber_externalId' - The external ID of the subscriber. This lets the user that is assuming
+-- the role assert the circumstances in which they are operating. It also
+-- provides a way for the account owner to permit the role to be assumed
+-- only under specific circumstances.
+--
+-- 'sourceTypes', 'createSubscriber_sourceTypes' - The supported Amazon Web Services from which logs and events are
+-- collected. Security Lake supports log and event collection for natively
+-- supported Amazon Web Services.
+--
+-- 'subscriberName', 'createSubscriber_subscriberName' - The name of your Security Lake subscriber account.
+newCreateSubscriber ::
+  -- | 'accountId'
+  Prelude.Text ->
+  -- | 'externalId'
+  Prelude.Text ->
+  -- | 'subscriberName'
+  Prelude.Text ->
+  CreateSubscriber
+newCreateSubscriber
+  pAccountId_
+  pExternalId_
+  pSubscriberName_ =
+    CreateSubscriber'
+      { accessTypes = Prelude.Nothing,
+        subscriberDescription = Prelude.Nothing,
+        accountId = pAccountId_,
+        externalId = pExternalId_,
+        sourceTypes = Prelude.mempty,
+        subscriberName = pSubscriberName_
+      }
+
+-- | The Amazon S3 or Lake Formation access type.
+createSubscriber_accessTypes :: Lens.Lens' CreateSubscriber (Prelude.Maybe [AccessType])
+createSubscriber_accessTypes = Lens.lens (\CreateSubscriber' {accessTypes} -> accessTypes) (\s@CreateSubscriber' {} a -> s {accessTypes = a} :: CreateSubscriber) Prelude.. Lens.mapping Lens.coerced
+
+-- | The description for your subscriber account in Security Lake.
+createSubscriber_subscriberDescription :: Lens.Lens' CreateSubscriber (Prelude.Maybe Prelude.Text)
+createSubscriber_subscriberDescription = Lens.lens (\CreateSubscriber' {subscriberDescription} -> subscriberDescription) (\s@CreateSubscriber' {} a -> s {subscriberDescription = a} :: CreateSubscriber)
+
+-- | The Amazon Web Services account ID used to access your data.
+createSubscriber_accountId :: Lens.Lens' CreateSubscriber Prelude.Text
+createSubscriber_accountId = Lens.lens (\CreateSubscriber' {accountId} -> accountId) (\s@CreateSubscriber' {} a -> s {accountId = a} :: CreateSubscriber)
+
+-- | The external ID of the subscriber. This lets the user that is assuming
+-- the role assert the circumstances in which they are operating. It also
+-- provides a way for the account owner to permit the role to be assumed
+-- only under specific circumstances.
+createSubscriber_externalId :: Lens.Lens' CreateSubscriber Prelude.Text
+createSubscriber_externalId = Lens.lens (\CreateSubscriber' {externalId} -> externalId) (\s@CreateSubscriber' {} a -> s {externalId = a} :: CreateSubscriber)
+
+-- | The supported Amazon Web Services from which logs and events are
+-- collected. Security Lake supports log and event collection for natively
+-- supported Amazon Web Services.
+createSubscriber_sourceTypes :: Lens.Lens' CreateSubscriber [SourceType]
+createSubscriber_sourceTypes = Lens.lens (\CreateSubscriber' {sourceTypes} -> sourceTypes) (\s@CreateSubscriber' {} a -> s {sourceTypes = a} :: CreateSubscriber) Prelude.. Lens.coerced
+
+-- | The name of your Security Lake subscriber account.
+createSubscriber_subscriberName :: Lens.Lens' CreateSubscriber Prelude.Text
+createSubscriber_subscriberName = Lens.lens (\CreateSubscriber' {subscriberName} -> subscriberName) (\s@CreateSubscriber' {} a -> s {subscriberName = a} :: CreateSubscriber)
+
+instance Core.AWSRequest CreateSubscriber where
+  type
+    AWSResponse CreateSubscriber =
+      CreateSubscriberResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateSubscriberResponse'
+            Prelude.<$> (x Data..?> "roleArn")
+            Prelude.<*> (x Data..?> "s3BucketArn")
+            Prelude.<*> (x Data..?> "snsArn")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "subscriptionId")
+      )
+
+instance Prelude.Hashable CreateSubscriber where
+  hashWithSalt _salt CreateSubscriber' {..} =
+    _salt
+      `Prelude.hashWithSalt` accessTypes
+      `Prelude.hashWithSalt` subscriberDescription
+      `Prelude.hashWithSalt` accountId
+      `Prelude.hashWithSalt` externalId
+      `Prelude.hashWithSalt` sourceTypes
+      `Prelude.hashWithSalt` subscriberName
+
+instance Prelude.NFData CreateSubscriber where
+  rnf CreateSubscriber' {..} =
+    Prelude.rnf accessTypes
+      `Prelude.seq` Prelude.rnf subscriberDescription
+      `Prelude.seq` Prelude.rnf accountId
+      `Prelude.seq` Prelude.rnf externalId
+      `Prelude.seq` Prelude.rnf sourceTypes
+      `Prelude.seq` Prelude.rnf subscriberName
+
+instance Data.ToHeaders CreateSubscriber where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON CreateSubscriber where
+  toJSON CreateSubscriber' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("accessTypes" Data..=) Prelude.<$> accessTypes,
+            ("subscriberDescription" Data..=)
+              Prelude.<$> subscriberDescription,
+            Prelude.Just ("accountId" Data..= accountId),
+            Prelude.Just ("externalId" Data..= externalId),
+            Prelude.Just ("sourceTypes" Data..= sourceTypes),
+            Prelude.Just
+              ("subscriberName" Data..= subscriberName)
+          ]
+      )
+
+instance Data.ToPath CreateSubscriber where
+  toPath = Prelude.const "/v1/subscribers"
+
+instance Data.ToQuery CreateSubscriber where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateSubscriberResponse' smart constructor.
+data CreateSubscriberResponse = CreateSubscriberResponse'
+  { -- | The Amazon Resource Name (ARN) created by you to provide to the
+    -- subscriber. For more information about ARNs and how to use them in
+    -- policies, see
+    -- <https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html IAM identifiers in the Identity and Access Management (IAM) User Guide>.
+    -- .
+    roleArn :: Prelude.Maybe Prelude.Text,
+    -- | The ARN for the Amazon S3 bucket.
+    s3BucketArn :: Prelude.Maybe Prelude.Text,
+    -- | The ARN for the Amazon Simple Notification Service.
+    snsArn :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The @subscriptionId@ created by the @CreateSubscriber@ API call.
+    subscriptionId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateSubscriberResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'roleArn', 'createSubscriberResponse_roleArn' - The Amazon Resource Name (ARN) created by you to provide to the
+-- subscriber. For more information about ARNs and how to use them in
+-- policies, see
+-- <https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html IAM identifiers in the Identity and Access Management (IAM) User Guide>.
+-- .
+--
+-- 's3BucketArn', 'createSubscriberResponse_s3BucketArn' - The ARN for the Amazon S3 bucket.
+--
+-- 'snsArn', 'createSubscriberResponse_snsArn' - The ARN for the Amazon Simple Notification Service.
+--
+-- 'httpStatus', 'createSubscriberResponse_httpStatus' - The response's http status code.
+--
+-- 'subscriptionId', 'createSubscriberResponse_subscriptionId' - The @subscriptionId@ created by the @CreateSubscriber@ API call.
+newCreateSubscriberResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'subscriptionId'
+  Prelude.Text ->
+  CreateSubscriberResponse
+newCreateSubscriberResponse
+  pHttpStatus_
+  pSubscriptionId_ =
+    CreateSubscriberResponse'
+      { roleArn =
+          Prelude.Nothing,
+        s3BucketArn = Prelude.Nothing,
+        snsArn = Prelude.Nothing,
+        httpStatus = pHttpStatus_,
+        subscriptionId = pSubscriptionId_
+      }
+
+-- | The Amazon Resource Name (ARN) created by you to provide to the
+-- subscriber. For more information about ARNs and how to use them in
+-- policies, see
+-- <https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html IAM identifiers in the Identity and Access Management (IAM) User Guide>.
+-- .
+createSubscriberResponse_roleArn :: Lens.Lens' CreateSubscriberResponse (Prelude.Maybe Prelude.Text)
+createSubscriberResponse_roleArn = Lens.lens (\CreateSubscriberResponse' {roleArn} -> roleArn) (\s@CreateSubscriberResponse' {} a -> s {roleArn = a} :: CreateSubscriberResponse)
+
+-- | The ARN for the Amazon S3 bucket.
+createSubscriberResponse_s3BucketArn :: Lens.Lens' CreateSubscriberResponse (Prelude.Maybe Prelude.Text)
+createSubscriberResponse_s3BucketArn = Lens.lens (\CreateSubscriberResponse' {s3BucketArn} -> s3BucketArn) (\s@CreateSubscriberResponse' {} a -> s {s3BucketArn = a} :: CreateSubscriberResponse)
+
+-- | The ARN for the Amazon Simple Notification Service.
+createSubscriberResponse_snsArn :: Lens.Lens' CreateSubscriberResponse (Prelude.Maybe Prelude.Text)
+createSubscriberResponse_snsArn = Lens.lens (\CreateSubscriberResponse' {snsArn} -> snsArn) (\s@CreateSubscriberResponse' {} a -> s {snsArn = a} :: CreateSubscriberResponse)
+
+-- | The response's http status code.
+createSubscriberResponse_httpStatus :: Lens.Lens' CreateSubscriberResponse Prelude.Int
+createSubscriberResponse_httpStatus = Lens.lens (\CreateSubscriberResponse' {httpStatus} -> httpStatus) (\s@CreateSubscriberResponse' {} a -> s {httpStatus = a} :: CreateSubscriberResponse)
+
+-- | The @subscriptionId@ created by the @CreateSubscriber@ API call.
+createSubscriberResponse_subscriptionId :: Lens.Lens' CreateSubscriberResponse Prelude.Text
+createSubscriberResponse_subscriptionId = Lens.lens (\CreateSubscriberResponse' {subscriptionId} -> subscriptionId) (\s@CreateSubscriberResponse' {} a -> s {subscriptionId = a} :: CreateSubscriberResponse)
+
+instance Prelude.NFData CreateSubscriberResponse where
+  rnf CreateSubscriberResponse' {..} =
+    Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf s3BucketArn
+      `Prelude.seq` Prelude.rnf snsArn
+      `Prelude.seq` Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf subscriptionId
diff --git a/gen/Amazonka/SecurityLake/CreateSubscriptionNotificationConfiguration.hs b/gen/Amazonka/SecurityLake/CreateSubscriptionNotificationConfiguration.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/CreateSubscriptionNotificationConfiguration.hs
@@ -0,0 +1,298 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.CreateSubscriptionNotificationConfiguration
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Notifies the subscriber when new data is written to the data lake for
+-- the sources that the subscriber consumes in Security Lake.
+module Amazonka.SecurityLake.CreateSubscriptionNotificationConfiguration
+  ( -- * Creating a Request
+    CreateSubscriptionNotificationConfiguration (..),
+    newCreateSubscriptionNotificationConfiguration,
+
+    -- * Request Lenses
+    createSubscriptionNotificationConfiguration_createSqs,
+    createSubscriptionNotificationConfiguration_httpsApiKeyName,
+    createSubscriptionNotificationConfiguration_httpsApiKeyValue,
+    createSubscriptionNotificationConfiguration_httpsMethod,
+    createSubscriptionNotificationConfiguration_roleArn,
+    createSubscriptionNotificationConfiguration_subscriptionEndpoint,
+    createSubscriptionNotificationConfiguration_subscriptionId,
+
+    -- * Destructuring the Response
+    CreateSubscriptionNotificationConfigurationResponse (..),
+    newCreateSubscriptionNotificationConfigurationResponse,
+
+    -- * Response Lenses
+    createSubscriptionNotificationConfigurationResponse_queueArn,
+    createSubscriptionNotificationConfigurationResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newCreateSubscriptionNotificationConfiguration' smart constructor.
+data CreateSubscriptionNotificationConfiguration = CreateSubscriptionNotificationConfiguration'
+  { -- | Create an Amazon Simple Queue Service queue.
+    createSqs :: Prelude.Maybe Prelude.Bool,
+    -- | The key name for the notification subscription.
+    httpsApiKeyName :: Prelude.Maybe Prelude.Text,
+    -- | The key value for the notification subscription.
+    httpsApiKeyValue :: Prelude.Maybe Prelude.Text,
+    -- | The HTTPS method used for the notification subscription.
+    httpsMethod :: Prelude.Maybe HttpsMethod,
+    -- | The Amazon Resource Name (ARN) of the EventBridge API destinations IAM
+    -- role that you created.
+    roleArn :: Prelude.Maybe Prelude.Text,
+    -- | The subscription endpoint in Security Lake. If you prefer notification
+    -- with an HTTPs endpoint, populate this field.
+    subscriptionEndpoint :: Prelude.Maybe Prelude.Text,
+    -- | The subscription ID for the notification subscription\/
+    subscriptionId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateSubscriptionNotificationConfiguration' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'createSqs', 'createSubscriptionNotificationConfiguration_createSqs' - Create an Amazon Simple Queue Service queue.
+--
+-- 'httpsApiKeyName', 'createSubscriptionNotificationConfiguration_httpsApiKeyName' - The key name for the notification subscription.
+--
+-- 'httpsApiKeyValue', 'createSubscriptionNotificationConfiguration_httpsApiKeyValue' - The key value for the notification subscription.
+--
+-- 'httpsMethod', 'createSubscriptionNotificationConfiguration_httpsMethod' - The HTTPS method used for the notification subscription.
+--
+-- 'roleArn', 'createSubscriptionNotificationConfiguration_roleArn' - The Amazon Resource Name (ARN) of the EventBridge API destinations IAM
+-- role that you created.
+--
+-- 'subscriptionEndpoint', 'createSubscriptionNotificationConfiguration_subscriptionEndpoint' - The subscription endpoint in Security Lake. If you prefer notification
+-- with an HTTPs endpoint, populate this field.
+--
+-- 'subscriptionId', 'createSubscriptionNotificationConfiguration_subscriptionId' - The subscription ID for the notification subscription\/
+newCreateSubscriptionNotificationConfiguration ::
+  -- | 'subscriptionId'
+  Prelude.Text ->
+  CreateSubscriptionNotificationConfiguration
+newCreateSubscriptionNotificationConfiguration
+  pSubscriptionId_ =
+    CreateSubscriptionNotificationConfiguration'
+      { createSqs =
+          Prelude.Nothing,
+        httpsApiKeyName =
+          Prelude.Nothing,
+        httpsApiKeyValue =
+          Prelude.Nothing,
+        httpsMethod = Prelude.Nothing,
+        roleArn = Prelude.Nothing,
+        subscriptionEndpoint =
+          Prelude.Nothing,
+        subscriptionId =
+          pSubscriptionId_
+      }
+
+-- | Create an Amazon Simple Queue Service queue.
+createSubscriptionNotificationConfiguration_createSqs :: Lens.Lens' CreateSubscriptionNotificationConfiguration (Prelude.Maybe Prelude.Bool)
+createSubscriptionNotificationConfiguration_createSqs = Lens.lens (\CreateSubscriptionNotificationConfiguration' {createSqs} -> createSqs) (\s@CreateSubscriptionNotificationConfiguration' {} a -> s {createSqs = a} :: CreateSubscriptionNotificationConfiguration)
+
+-- | The key name for the notification subscription.
+createSubscriptionNotificationConfiguration_httpsApiKeyName :: Lens.Lens' CreateSubscriptionNotificationConfiguration (Prelude.Maybe Prelude.Text)
+createSubscriptionNotificationConfiguration_httpsApiKeyName = Lens.lens (\CreateSubscriptionNotificationConfiguration' {httpsApiKeyName} -> httpsApiKeyName) (\s@CreateSubscriptionNotificationConfiguration' {} a -> s {httpsApiKeyName = a} :: CreateSubscriptionNotificationConfiguration)
+
+-- | The key value for the notification subscription.
+createSubscriptionNotificationConfiguration_httpsApiKeyValue :: Lens.Lens' CreateSubscriptionNotificationConfiguration (Prelude.Maybe Prelude.Text)
+createSubscriptionNotificationConfiguration_httpsApiKeyValue = Lens.lens (\CreateSubscriptionNotificationConfiguration' {httpsApiKeyValue} -> httpsApiKeyValue) (\s@CreateSubscriptionNotificationConfiguration' {} a -> s {httpsApiKeyValue = a} :: CreateSubscriptionNotificationConfiguration)
+
+-- | The HTTPS method used for the notification subscription.
+createSubscriptionNotificationConfiguration_httpsMethod :: Lens.Lens' CreateSubscriptionNotificationConfiguration (Prelude.Maybe HttpsMethod)
+createSubscriptionNotificationConfiguration_httpsMethod = Lens.lens (\CreateSubscriptionNotificationConfiguration' {httpsMethod} -> httpsMethod) (\s@CreateSubscriptionNotificationConfiguration' {} a -> s {httpsMethod = a} :: CreateSubscriptionNotificationConfiguration)
+
+-- | The Amazon Resource Name (ARN) of the EventBridge API destinations IAM
+-- role that you created.
+createSubscriptionNotificationConfiguration_roleArn :: Lens.Lens' CreateSubscriptionNotificationConfiguration (Prelude.Maybe Prelude.Text)
+createSubscriptionNotificationConfiguration_roleArn = Lens.lens (\CreateSubscriptionNotificationConfiguration' {roleArn} -> roleArn) (\s@CreateSubscriptionNotificationConfiguration' {} a -> s {roleArn = a} :: CreateSubscriptionNotificationConfiguration)
+
+-- | The subscription endpoint in Security Lake. If you prefer notification
+-- with an HTTPs endpoint, populate this field.
+createSubscriptionNotificationConfiguration_subscriptionEndpoint :: Lens.Lens' CreateSubscriptionNotificationConfiguration (Prelude.Maybe Prelude.Text)
+createSubscriptionNotificationConfiguration_subscriptionEndpoint = Lens.lens (\CreateSubscriptionNotificationConfiguration' {subscriptionEndpoint} -> subscriptionEndpoint) (\s@CreateSubscriptionNotificationConfiguration' {} a -> s {subscriptionEndpoint = a} :: CreateSubscriptionNotificationConfiguration)
+
+-- | The subscription ID for the notification subscription\/
+createSubscriptionNotificationConfiguration_subscriptionId :: Lens.Lens' CreateSubscriptionNotificationConfiguration Prelude.Text
+createSubscriptionNotificationConfiguration_subscriptionId = Lens.lens (\CreateSubscriptionNotificationConfiguration' {subscriptionId} -> subscriptionId) (\s@CreateSubscriptionNotificationConfiguration' {} a -> s {subscriptionId = a} :: CreateSubscriptionNotificationConfiguration)
+
+instance
+  Core.AWSRequest
+    CreateSubscriptionNotificationConfiguration
+  where
+  type
+    AWSResponse
+      CreateSubscriptionNotificationConfiguration =
+      CreateSubscriptionNotificationConfigurationResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateSubscriptionNotificationConfigurationResponse'
+            Prelude.<$> (x Data..?> "queueArn")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    CreateSubscriptionNotificationConfiguration
+  where
+  hashWithSalt
+    _salt
+    CreateSubscriptionNotificationConfiguration' {..} =
+      _salt
+        `Prelude.hashWithSalt` createSqs
+        `Prelude.hashWithSalt` httpsApiKeyName
+        `Prelude.hashWithSalt` httpsApiKeyValue
+        `Prelude.hashWithSalt` httpsMethod
+        `Prelude.hashWithSalt` roleArn
+        `Prelude.hashWithSalt` subscriptionEndpoint
+        `Prelude.hashWithSalt` subscriptionId
+
+instance
+  Prelude.NFData
+    CreateSubscriptionNotificationConfiguration
+  where
+  rnf CreateSubscriptionNotificationConfiguration' {..} =
+    Prelude.rnf createSqs
+      `Prelude.seq` Prelude.rnf httpsApiKeyName
+      `Prelude.seq` Prelude.rnf httpsApiKeyValue
+      `Prelude.seq` Prelude.rnf httpsMethod
+      `Prelude.seq` Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf subscriptionEndpoint
+      `Prelude.seq` Prelude.rnf subscriptionId
+
+instance
+  Data.ToHeaders
+    CreateSubscriptionNotificationConfiguration
+  where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance
+  Data.ToJSON
+    CreateSubscriptionNotificationConfiguration
+  where
+  toJSON
+    CreateSubscriptionNotificationConfiguration' {..} =
+      Data.object
+        ( Prelude.catMaybes
+            [ ("createSqs" Data..=) Prelude.<$> createSqs,
+              ("httpsApiKeyName" Data..=)
+                Prelude.<$> httpsApiKeyName,
+              ("httpsApiKeyValue" Data..=)
+                Prelude.<$> httpsApiKeyValue,
+              ("httpsMethod" Data..=) Prelude.<$> httpsMethod,
+              ("roleArn" Data..=) Prelude.<$> roleArn,
+              ("subscriptionEndpoint" Data..=)
+                Prelude.<$> subscriptionEndpoint
+            ]
+        )
+
+instance
+  Data.ToPath
+    CreateSubscriptionNotificationConfiguration
+  where
+  toPath
+    CreateSubscriptionNotificationConfiguration' {..} =
+      Prelude.mconcat
+        [ "/subscription-notifications/",
+          Data.toBS subscriptionId
+        ]
+
+instance
+  Data.ToQuery
+    CreateSubscriptionNotificationConfiguration
+  where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateSubscriptionNotificationConfigurationResponse' smart constructor.
+data CreateSubscriptionNotificationConfigurationResponse = CreateSubscriptionNotificationConfigurationResponse'
+  { -- | Returns the Amazon Resource Name (ARN) of the queue.
+    queueArn :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateSubscriptionNotificationConfigurationResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'queueArn', 'createSubscriptionNotificationConfigurationResponse_queueArn' - Returns the Amazon Resource Name (ARN) of the queue.
+--
+-- 'httpStatus', 'createSubscriptionNotificationConfigurationResponse_httpStatus' - The response's http status code.
+newCreateSubscriptionNotificationConfigurationResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  CreateSubscriptionNotificationConfigurationResponse
+newCreateSubscriptionNotificationConfigurationResponse
+  pHttpStatus_ =
+    CreateSubscriptionNotificationConfigurationResponse'
+      { queueArn =
+          Prelude.Nothing,
+        httpStatus =
+          pHttpStatus_
+      }
+
+-- | Returns the Amazon Resource Name (ARN) of the queue.
+createSubscriptionNotificationConfigurationResponse_queueArn :: Lens.Lens' CreateSubscriptionNotificationConfigurationResponse (Prelude.Maybe Prelude.Text)
+createSubscriptionNotificationConfigurationResponse_queueArn = Lens.lens (\CreateSubscriptionNotificationConfigurationResponse' {queueArn} -> queueArn) (\s@CreateSubscriptionNotificationConfigurationResponse' {} a -> s {queueArn = a} :: CreateSubscriptionNotificationConfigurationResponse)
+
+-- | The response's http status code.
+createSubscriptionNotificationConfigurationResponse_httpStatus :: Lens.Lens' CreateSubscriptionNotificationConfigurationResponse Prelude.Int
+createSubscriptionNotificationConfigurationResponse_httpStatus = Lens.lens (\CreateSubscriptionNotificationConfigurationResponse' {httpStatus} -> httpStatus) (\s@CreateSubscriptionNotificationConfigurationResponse' {} a -> s {httpStatus = a} :: CreateSubscriptionNotificationConfigurationResponse)
+
+instance
+  Prelude.NFData
+    CreateSubscriptionNotificationConfigurationResponse
+  where
+  rnf
+    CreateSubscriptionNotificationConfigurationResponse' {..} =
+      Prelude.rnf queueArn
+        `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/SecurityLake/DeleteAwsLogSource.hs b/gen/Amazonka/SecurityLake/DeleteAwsLogSource.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/DeleteAwsLogSource.hs
@@ -0,0 +1,262 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.DeleteAwsLogSource
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Removes a natively supported Amazon Web Service as an Amazon Security
+-- Lake source. When you remove the source, Security Lake stops collecting
+-- data from that source, and subscribers can no longer consume new data
+-- from the source. Subscribers can still consume data that Security Lake
+-- collected from the source before disablement.
+--
+-- You can choose any source type in any Amazon Web Services Region for
+-- either accounts that are part of a trusted organization or standalone
+-- accounts. At least one of the three dimensions is a mandatory input to
+-- this API. However, you can supply any combination of the three
+-- dimensions to this API.
+--
+-- By default, a dimension refers to the entire set. This is overridden
+-- when you supply any one of the inputs. For instance, when you do not
+-- specify members, the API disables all Security Lake member accounts for
+-- sources. Similarly, when you do not specify Regions, Security Lake is
+-- disabled for all the Regions where Security Lake is available as a
+-- service.
+--
+-- When you don\'t provide a dimension, Security Lake assumes that the
+-- missing dimension refers to the entire set. For example, if you don\'t
+-- provide specific accounts, the API applies to the entire set of accounts
+-- in your organization.
+module Amazonka.SecurityLake.DeleteAwsLogSource
+  ( -- * Creating a Request
+    DeleteAwsLogSource (..),
+    newDeleteAwsLogSource,
+
+    -- * Request Lenses
+    deleteAwsLogSource_disableAllDimensions,
+    deleteAwsLogSource_disableSingleDimension,
+    deleteAwsLogSource_disableTwoDimensions,
+    deleteAwsLogSource_inputOrder,
+
+    -- * Destructuring the Response
+    DeleteAwsLogSourceResponse (..),
+    newDeleteAwsLogSourceResponse,
+
+    -- * Response Lenses
+    deleteAwsLogSourceResponse_failed,
+    deleteAwsLogSourceResponse_processing,
+    deleteAwsLogSourceResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newDeleteAwsLogSource' smart constructor.
+data DeleteAwsLogSource = DeleteAwsLogSource'
+  { -- | Removes the specific Amazon Web Services sources from specific accounts
+    -- and specific Regions.
+    disableAllDimensions :: Prelude.Maybe (Prelude.HashMap Prelude.Text (Prelude.HashMap Prelude.Text [Prelude.Text])),
+    -- | Removes all Amazon Web Services sources from specific accounts or
+    -- Regions.
+    disableSingleDimension :: Prelude.Maybe [Prelude.Text],
+    -- | Remove a specific Amazon Web Services source from specific accounts or
+    -- Regions.
+    disableTwoDimensions :: Prelude.Maybe (Prelude.HashMap Prelude.Text [Prelude.Text]),
+    -- | This is a mandatory input. Specify the input order to disable dimensions
+    -- in Security Lake, namely Region (Amazon Web Services Region code, source
+    -- type, and member (account ID of a specific Amazon Web Services account).
+    inputOrder :: [Dimension]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteAwsLogSource' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'disableAllDimensions', 'deleteAwsLogSource_disableAllDimensions' - Removes the specific Amazon Web Services sources from specific accounts
+-- and specific Regions.
+--
+-- 'disableSingleDimension', 'deleteAwsLogSource_disableSingleDimension' - Removes all Amazon Web Services sources from specific accounts or
+-- Regions.
+--
+-- 'disableTwoDimensions', 'deleteAwsLogSource_disableTwoDimensions' - Remove a specific Amazon Web Services source from specific accounts or
+-- Regions.
+--
+-- 'inputOrder', 'deleteAwsLogSource_inputOrder' - This is a mandatory input. Specify the input order to disable dimensions
+-- in Security Lake, namely Region (Amazon Web Services Region code, source
+-- type, and member (account ID of a specific Amazon Web Services account).
+newDeleteAwsLogSource ::
+  DeleteAwsLogSource
+newDeleteAwsLogSource =
+  DeleteAwsLogSource'
+    { disableAllDimensions =
+        Prelude.Nothing,
+      disableSingleDimension = Prelude.Nothing,
+      disableTwoDimensions = Prelude.Nothing,
+      inputOrder = Prelude.mempty
+    }
+
+-- | Removes the specific Amazon Web Services sources from specific accounts
+-- and specific Regions.
+deleteAwsLogSource_disableAllDimensions :: Lens.Lens' DeleteAwsLogSource (Prelude.Maybe (Prelude.HashMap Prelude.Text (Prelude.HashMap Prelude.Text [Prelude.Text])))
+deleteAwsLogSource_disableAllDimensions = Lens.lens (\DeleteAwsLogSource' {disableAllDimensions} -> disableAllDimensions) (\s@DeleteAwsLogSource' {} a -> s {disableAllDimensions = a} :: DeleteAwsLogSource) Prelude.. Lens.mapping Lens.coerced
+
+-- | Removes all Amazon Web Services sources from specific accounts or
+-- Regions.
+deleteAwsLogSource_disableSingleDimension :: Lens.Lens' DeleteAwsLogSource (Prelude.Maybe [Prelude.Text])
+deleteAwsLogSource_disableSingleDimension = Lens.lens (\DeleteAwsLogSource' {disableSingleDimension} -> disableSingleDimension) (\s@DeleteAwsLogSource' {} a -> s {disableSingleDimension = a} :: DeleteAwsLogSource) Prelude.. Lens.mapping Lens.coerced
+
+-- | Remove a specific Amazon Web Services source from specific accounts or
+-- Regions.
+deleteAwsLogSource_disableTwoDimensions :: Lens.Lens' DeleteAwsLogSource (Prelude.Maybe (Prelude.HashMap Prelude.Text [Prelude.Text]))
+deleteAwsLogSource_disableTwoDimensions = Lens.lens (\DeleteAwsLogSource' {disableTwoDimensions} -> disableTwoDimensions) (\s@DeleteAwsLogSource' {} a -> s {disableTwoDimensions = a} :: DeleteAwsLogSource) Prelude.. Lens.mapping Lens.coerced
+
+-- | This is a mandatory input. Specify the input order to disable dimensions
+-- in Security Lake, namely Region (Amazon Web Services Region code, source
+-- type, and member (account ID of a specific Amazon Web Services account).
+deleteAwsLogSource_inputOrder :: Lens.Lens' DeleteAwsLogSource [Dimension]
+deleteAwsLogSource_inputOrder = Lens.lens (\DeleteAwsLogSource' {inputOrder} -> inputOrder) (\s@DeleteAwsLogSource' {} a -> s {inputOrder = a} :: DeleteAwsLogSource) Prelude.. Lens.coerced
+
+instance Core.AWSRequest DeleteAwsLogSource where
+  type
+    AWSResponse DeleteAwsLogSource =
+      DeleteAwsLogSourceResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DeleteAwsLogSourceResponse'
+            Prelude.<$> (x Data..?> "failed" Core..!@ Prelude.mempty)
+            Prelude.<*> (x Data..?> "processing" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteAwsLogSource where
+  hashWithSalt _salt DeleteAwsLogSource' {..} =
+    _salt
+      `Prelude.hashWithSalt` disableAllDimensions
+      `Prelude.hashWithSalt` disableSingleDimension
+      `Prelude.hashWithSalt` disableTwoDimensions
+      `Prelude.hashWithSalt` inputOrder
+
+instance Prelude.NFData DeleteAwsLogSource where
+  rnf DeleteAwsLogSource' {..} =
+    Prelude.rnf disableAllDimensions
+      `Prelude.seq` Prelude.rnf disableSingleDimension
+      `Prelude.seq` Prelude.rnf disableTwoDimensions
+      `Prelude.seq` Prelude.rnf inputOrder
+
+instance Data.ToHeaders DeleteAwsLogSource where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON DeleteAwsLogSource where
+  toJSON DeleteAwsLogSource' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("disableAllDimensions" Data..=)
+              Prelude.<$> disableAllDimensions,
+            ("disableSingleDimension" Data..=)
+              Prelude.<$> disableSingleDimension,
+            ("disableTwoDimensions" Data..=)
+              Prelude.<$> disableTwoDimensions,
+            Prelude.Just ("inputOrder" Data..= inputOrder)
+          ]
+      )
+
+instance Data.ToPath DeleteAwsLogSource where
+  toPath = Prelude.const "/v1/logsources/aws/delete"
+
+instance Data.ToQuery DeleteAwsLogSource where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteAwsLogSourceResponse' smart constructor.
+data DeleteAwsLogSourceResponse = DeleteAwsLogSourceResponse'
+  { -- | Deletion of the Amazon Web Services sources failed as the account is not
+    -- a part of the organization.
+    failed :: Prelude.Maybe [Prelude.Text],
+    -- | Deletion of the Amazon Web Services sources is in progress.
+    processing :: Prelude.Maybe [Prelude.Text],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteAwsLogSourceResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'failed', 'deleteAwsLogSourceResponse_failed' - Deletion of the Amazon Web Services sources failed as the account is not
+-- a part of the organization.
+--
+-- 'processing', 'deleteAwsLogSourceResponse_processing' - Deletion of the Amazon Web Services sources is in progress.
+--
+-- 'httpStatus', 'deleteAwsLogSourceResponse_httpStatus' - The response's http status code.
+newDeleteAwsLogSourceResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteAwsLogSourceResponse
+newDeleteAwsLogSourceResponse pHttpStatus_ =
+  DeleteAwsLogSourceResponse'
+    { failed =
+        Prelude.Nothing,
+      processing = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | Deletion of the Amazon Web Services sources failed as the account is not
+-- a part of the organization.
+deleteAwsLogSourceResponse_failed :: Lens.Lens' DeleteAwsLogSourceResponse (Prelude.Maybe [Prelude.Text])
+deleteAwsLogSourceResponse_failed = Lens.lens (\DeleteAwsLogSourceResponse' {failed} -> failed) (\s@DeleteAwsLogSourceResponse' {} a -> s {failed = a} :: DeleteAwsLogSourceResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | Deletion of the Amazon Web Services sources is in progress.
+deleteAwsLogSourceResponse_processing :: Lens.Lens' DeleteAwsLogSourceResponse (Prelude.Maybe [Prelude.Text])
+deleteAwsLogSourceResponse_processing = Lens.lens (\DeleteAwsLogSourceResponse' {processing} -> processing) (\s@DeleteAwsLogSourceResponse' {} a -> s {processing = a} :: DeleteAwsLogSourceResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+deleteAwsLogSourceResponse_httpStatus :: Lens.Lens' DeleteAwsLogSourceResponse Prelude.Int
+deleteAwsLogSourceResponse_httpStatus = Lens.lens (\DeleteAwsLogSourceResponse' {httpStatus} -> httpStatus) (\s@DeleteAwsLogSourceResponse' {} a -> s {httpStatus = a} :: DeleteAwsLogSourceResponse)
+
+instance Prelude.NFData DeleteAwsLogSourceResponse where
+  rnf DeleteAwsLogSourceResponse' {..} =
+    Prelude.rnf failed
+      `Prelude.seq` Prelude.rnf processing
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/SecurityLake/DeleteCustomLogSource.hs b/gen/Amazonka/SecurityLake/DeleteCustomLogSource.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/DeleteCustomLogSource.hs
@@ -0,0 +1,167 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.DeleteCustomLogSource
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Removes a custom log source from Amazon Security Lake.
+module Amazonka.SecurityLake.DeleteCustomLogSource
+  ( -- * Creating a Request
+    DeleteCustomLogSource (..),
+    newDeleteCustomLogSource,
+
+    -- * Request Lenses
+    deleteCustomLogSource_customSourceName,
+
+    -- * Destructuring the Response
+    DeleteCustomLogSourceResponse (..),
+    newDeleteCustomLogSourceResponse,
+
+    -- * Response Lenses
+    deleteCustomLogSourceResponse_httpStatus,
+    deleteCustomLogSourceResponse_customDataLocation,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newDeleteCustomLogSource' smart constructor.
+data DeleteCustomLogSource = DeleteCustomLogSource'
+  { -- | The custom source name for the custom log source.
+    customSourceName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteCustomLogSource' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'customSourceName', 'deleteCustomLogSource_customSourceName' - The custom source name for the custom log source.
+newDeleteCustomLogSource ::
+  -- | 'customSourceName'
+  Prelude.Text ->
+  DeleteCustomLogSource
+newDeleteCustomLogSource pCustomSourceName_ =
+  DeleteCustomLogSource'
+    { customSourceName =
+        pCustomSourceName_
+    }
+
+-- | The custom source name for the custom log source.
+deleteCustomLogSource_customSourceName :: Lens.Lens' DeleteCustomLogSource Prelude.Text
+deleteCustomLogSource_customSourceName = Lens.lens (\DeleteCustomLogSource' {customSourceName} -> customSourceName) (\s@DeleteCustomLogSource' {} a -> s {customSourceName = a} :: DeleteCustomLogSource)
+
+instance Core.AWSRequest DeleteCustomLogSource where
+  type
+    AWSResponse DeleteCustomLogSource =
+      DeleteCustomLogSourceResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DeleteCustomLogSourceResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "customDataLocation")
+      )
+
+instance Prelude.Hashable DeleteCustomLogSource where
+  hashWithSalt _salt DeleteCustomLogSource' {..} =
+    _salt `Prelude.hashWithSalt` customSourceName
+
+instance Prelude.NFData DeleteCustomLogSource where
+  rnf DeleteCustomLogSource' {..} =
+    Prelude.rnf customSourceName
+
+instance Data.ToHeaders DeleteCustomLogSource where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath DeleteCustomLogSource where
+  toPath = Prelude.const "/v1/logsources/custom"
+
+instance Data.ToQuery DeleteCustomLogSource where
+  toQuery DeleteCustomLogSource' {..} =
+    Prelude.mconcat
+      ["customSourceName" Data.=: customSourceName]
+
+-- | /See:/ 'newDeleteCustomLogSourceResponse' smart constructor.
+data DeleteCustomLogSourceResponse = DeleteCustomLogSourceResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The location of the partition in the Amazon S3 bucket for Security Lake.
+    customDataLocation :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteCustomLogSourceResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteCustomLogSourceResponse_httpStatus' - The response's http status code.
+--
+-- 'customDataLocation', 'deleteCustomLogSourceResponse_customDataLocation' - The location of the partition in the Amazon S3 bucket for Security Lake.
+newDeleteCustomLogSourceResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'customDataLocation'
+  Prelude.Text ->
+  DeleteCustomLogSourceResponse
+newDeleteCustomLogSourceResponse
+  pHttpStatus_
+  pCustomDataLocation_ =
+    DeleteCustomLogSourceResponse'
+      { httpStatus =
+          pHttpStatus_,
+        customDataLocation = pCustomDataLocation_
+      }
+
+-- | The response's http status code.
+deleteCustomLogSourceResponse_httpStatus :: Lens.Lens' DeleteCustomLogSourceResponse Prelude.Int
+deleteCustomLogSourceResponse_httpStatus = Lens.lens (\DeleteCustomLogSourceResponse' {httpStatus} -> httpStatus) (\s@DeleteCustomLogSourceResponse' {} a -> s {httpStatus = a} :: DeleteCustomLogSourceResponse)
+
+-- | The location of the partition in the Amazon S3 bucket for Security Lake.
+deleteCustomLogSourceResponse_customDataLocation :: Lens.Lens' DeleteCustomLogSourceResponse Prelude.Text
+deleteCustomLogSourceResponse_customDataLocation = Lens.lens (\DeleteCustomLogSourceResponse' {customDataLocation} -> customDataLocation) (\s@DeleteCustomLogSourceResponse' {} a -> s {customDataLocation = a} :: DeleteCustomLogSourceResponse)
+
+instance Prelude.NFData DeleteCustomLogSourceResponse where
+  rnf DeleteCustomLogSourceResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf customDataLocation
diff --git a/gen/Amazonka/SecurityLake/DeleteDatalake.hs b/gen/Amazonka/SecurityLake/DeleteDatalake.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/DeleteDatalake.hs
@@ -0,0 +1,137 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.DeleteDatalake
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- When you delete Amazon Security Lake from your account, Security Lake is
+-- disabled in all Amazon Web Services Regions. Also, this API
+-- automatically takes steps to remove the account from Security Lake .
+--
+-- This operation disables security data collection from sources, deletes
+-- data stored, and stops making data accessible to subscribers. Security
+-- Lake also deletes all the existing settings and resources that it stores
+-- or maintains for your Amazon Web Services account in the current Region,
+-- including security log and event data. The @DeleteDatalake@ operation
+-- does not delete the Amazon S3 bucket, which is owned by your Amazon Web
+-- Services account. For more information, see the
+-- <https://docs.aws.amazon.com/security-lake/latest/userguide/disable-security-lake.html Amazon Security Lake User Guide>.
+module Amazonka.SecurityLake.DeleteDatalake
+  ( -- * Creating a Request
+    DeleteDatalake (..),
+    newDeleteDatalake,
+
+    -- * Destructuring the Response
+    DeleteDatalakeResponse (..),
+    newDeleteDatalakeResponse,
+
+    -- * Response Lenses
+    deleteDatalakeResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newDeleteDatalake' smart constructor.
+data DeleteDatalake = DeleteDatalake'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteDatalake' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newDeleteDatalake ::
+  DeleteDatalake
+newDeleteDatalake = DeleteDatalake'
+
+instance Core.AWSRequest DeleteDatalake where
+  type
+    AWSResponse DeleteDatalake =
+      DeleteDatalakeResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteDatalakeResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteDatalake where
+  hashWithSalt _salt _ =
+    _salt `Prelude.hashWithSalt` ()
+
+instance Prelude.NFData DeleteDatalake where
+  rnf _ = ()
+
+instance Data.ToHeaders DeleteDatalake where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath DeleteDatalake where
+  toPath = Prelude.const "/v1/datalake"
+
+instance Data.ToQuery DeleteDatalake where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteDatalakeResponse' smart constructor.
+data DeleteDatalakeResponse = DeleteDatalakeResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteDatalakeResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteDatalakeResponse_httpStatus' - The response's http status code.
+newDeleteDatalakeResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteDatalakeResponse
+newDeleteDatalakeResponse pHttpStatus_ =
+  DeleteDatalakeResponse' {httpStatus = pHttpStatus_}
+
+-- | The response's http status code.
+deleteDatalakeResponse_httpStatus :: Lens.Lens' DeleteDatalakeResponse Prelude.Int
+deleteDatalakeResponse_httpStatus = Lens.lens (\DeleteDatalakeResponse' {httpStatus} -> httpStatus) (\s@DeleteDatalakeResponse' {} a -> s {httpStatus = a} :: DeleteDatalakeResponse)
+
+instance Prelude.NFData DeleteDatalakeResponse where
+  rnf DeleteDatalakeResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/SecurityLake/DeleteDatalakeAutoEnable.hs b/gen/Amazonka/SecurityLake/DeleteDatalakeAutoEnable.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/DeleteDatalakeAutoEnable.hs
@@ -0,0 +1,178 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.DeleteDatalakeAutoEnable
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Automatically deletes Amazon Security Lake to stop collecting security
+-- data. When you delete Amazon Security Lake from your account, Security
+-- Lake is disabled in all Regions. Also, this API automatically takes
+-- steps to remove the account from Security Lake .
+--
+-- This operation disables security data collection from sources, deletes
+-- data stored, and stops making data accessible to subscribers. Security
+-- Lake also deletes all the existing settings and resources that it stores
+-- or maintains for your Amazon Web Services account in the current Region,
+-- including security log and event data. The @DeleteDatalake@ operation
+-- does not delete the Amazon S3 bucket, which is owned by your Amazon Web
+-- Services account. For more information, see the
+-- <https://docs.aws.amazon.com/security-lake/latest/userguide/disable-security-lake.html Amazon Security Lake User Guide>.
+module Amazonka.SecurityLake.DeleteDatalakeAutoEnable
+  ( -- * Creating a Request
+    DeleteDatalakeAutoEnable (..),
+    newDeleteDatalakeAutoEnable,
+
+    -- * Request Lenses
+    deleteDatalakeAutoEnable_removeFromConfigurationForNewAccounts,
+
+    -- * Destructuring the Response
+    DeleteDatalakeAutoEnableResponse (..),
+    newDeleteDatalakeAutoEnableResponse,
+
+    -- * Response Lenses
+    deleteDatalakeAutoEnableResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newDeleteDatalakeAutoEnable' smart constructor.
+data DeleteDatalakeAutoEnable = DeleteDatalakeAutoEnable'
+  { -- | Delete Amazon Security Lake with the specified configuration settings to
+    -- stop ingesting security data for new accounts in Security Lake.
+    removeFromConfigurationForNewAccounts :: [AutoEnableNewRegionConfiguration]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteDatalakeAutoEnable' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'removeFromConfigurationForNewAccounts', 'deleteDatalakeAutoEnable_removeFromConfigurationForNewAccounts' - Delete Amazon Security Lake with the specified configuration settings to
+-- stop ingesting security data for new accounts in Security Lake.
+newDeleteDatalakeAutoEnable ::
+  DeleteDatalakeAutoEnable
+newDeleteDatalakeAutoEnable =
+  DeleteDatalakeAutoEnable'
+    { removeFromConfigurationForNewAccounts =
+        Prelude.mempty
+    }
+
+-- | Delete Amazon Security Lake with the specified configuration settings to
+-- stop ingesting security data for new accounts in Security Lake.
+deleteDatalakeAutoEnable_removeFromConfigurationForNewAccounts :: Lens.Lens' DeleteDatalakeAutoEnable [AutoEnableNewRegionConfiguration]
+deleteDatalakeAutoEnable_removeFromConfigurationForNewAccounts = Lens.lens (\DeleteDatalakeAutoEnable' {removeFromConfigurationForNewAccounts} -> removeFromConfigurationForNewAccounts) (\s@DeleteDatalakeAutoEnable' {} a -> s {removeFromConfigurationForNewAccounts = a} :: DeleteDatalakeAutoEnable) Prelude.. Lens.coerced
+
+instance Core.AWSRequest DeleteDatalakeAutoEnable where
+  type
+    AWSResponse DeleteDatalakeAutoEnable =
+      DeleteDatalakeAutoEnableResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteDatalakeAutoEnableResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteDatalakeAutoEnable where
+  hashWithSalt _salt DeleteDatalakeAutoEnable' {..} =
+    _salt
+      `Prelude.hashWithSalt` removeFromConfigurationForNewAccounts
+
+instance Prelude.NFData DeleteDatalakeAutoEnable where
+  rnf DeleteDatalakeAutoEnable' {..} =
+    Prelude.rnf removeFromConfigurationForNewAccounts
+
+instance Data.ToHeaders DeleteDatalakeAutoEnable where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON DeleteDatalakeAutoEnable where
+  toJSON DeleteDatalakeAutoEnable' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just
+              ( "removeFromConfigurationForNewAccounts"
+                  Data..= removeFromConfigurationForNewAccounts
+              )
+          ]
+      )
+
+instance Data.ToPath DeleteDatalakeAutoEnable where
+  toPath =
+    Prelude.const "/v1/datalake/autoenable/delete"
+
+instance Data.ToQuery DeleteDatalakeAutoEnable where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteDatalakeAutoEnableResponse' smart constructor.
+data DeleteDatalakeAutoEnableResponse = DeleteDatalakeAutoEnableResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteDatalakeAutoEnableResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteDatalakeAutoEnableResponse_httpStatus' - The response's http status code.
+newDeleteDatalakeAutoEnableResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteDatalakeAutoEnableResponse
+newDeleteDatalakeAutoEnableResponse pHttpStatus_ =
+  DeleteDatalakeAutoEnableResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+deleteDatalakeAutoEnableResponse_httpStatus :: Lens.Lens' DeleteDatalakeAutoEnableResponse Prelude.Int
+deleteDatalakeAutoEnableResponse_httpStatus = Lens.lens (\DeleteDatalakeAutoEnableResponse' {httpStatus} -> httpStatus) (\s@DeleteDatalakeAutoEnableResponse' {} a -> s {httpStatus = a} :: DeleteDatalakeAutoEnableResponse)
+
+instance
+  Prelude.NFData
+    DeleteDatalakeAutoEnableResponse
+  where
+  rnf DeleteDatalakeAutoEnableResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/SecurityLake/DeleteDatalakeDelegatedAdmin.hs b/gen/Amazonka/SecurityLake/DeleteDatalakeDelegatedAdmin.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/DeleteDatalakeDelegatedAdmin.hs
@@ -0,0 +1,157 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.DeleteDatalakeDelegatedAdmin
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes the Amazon Security Lake delegated administrator account for the
+-- organization. This API can only be called by the organization management
+-- account. The organization management account cannot be the delegated
+-- administrator account.
+module Amazonka.SecurityLake.DeleteDatalakeDelegatedAdmin
+  ( -- * Creating a Request
+    DeleteDatalakeDelegatedAdmin (..),
+    newDeleteDatalakeDelegatedAdmin,
+
+    -- * Request Lenses
+    deleteDatalakeDelegatedAdmin_account,
+
+    -- * Destructuring the Response
+    DeleteDatalakeDelegatedAdminResponse (..),
+    newDeleteDatalakeDelegatedAdminResponse,
+
+    -- * Response Lenses
+    deleteDatalakeDelegatedAdminResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newDeleteDatalakeDelegatedAdmin' smart constructor.
+data DeleteDatalakeDelegatedAdmin = DeleteDatalakeDelegatedAdmin'
+  { -- | The account ID the Security Lake delegated administrator.
+    account :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteDatalakeDelegatedAdmin' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'account', 'deleteDatalakeDelegatedAdmin_account' - The account ID the Security Lake delegated administrator.
+newDeleteDatalakeDelegatedAdmin ::
+  -- | 'account'
+  Prelude.Text ->
+  DeleteDatalakeDelegatedAdmin
+newDeleteDatalakeDelegatedAdmin pAccount_ =
+  DeleteDatalakeDelegatedAdmin' {account = pAccount_}
+
+-- | The account ID the Security Lake delegated administrator.
+deleteDatalakeDelegatedAdmin_account :: Lens.Lens' DeleteDatalakeDelegatedAdmin Prelude.Text
+deleteDatalakeDelegatedAdmin_account = Lens.lens (\DeleteDatalakeDelegatedAdmin' {account} -> account) (\s@DeleteDatalakeDelegatedAdmin' {} a -> s {account = a} :: DeleteDatalakeDelegatedAdmin)
+
+instance Core.AWSRequest DeleteDatalakeDelegatedAdmin where
+  type
+    AWSResponse DeleteDatalakeDelegatedAdmin =
+      DeleteDatalakeDelegatedAdminResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteDatalakeDelegatedAdminResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    DeleteDatalakeDelegatedAdmin
+  where
+  hashWithSalt _salt DeleteDatalakeDelegatedAdmin' {..} =
+    _salt `Prelude.hashWithSalt` account
+
+instance Prelude.NFData DeleteDatalakeDelegatedAdmin where
+  rnf DeleteDatalakeDelegatedAdmin' {..} =
+    Prelude.rnf account
+
+instance Data.ToHeaders DeleteDatalakeDelegatedAdmin where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath DeleteDatalakeDelegatedAdmin where
+  toPath DeleteDatalakeDelegatedAdmin' {..} =
+    Prelude.mconcat
+      ["/v1/datalake/delegate/", Data.toBS account]
+
+instance Data.ToQuery DeleteDatalakeDelegatedAdmin where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteDatalakeDelegatedAdminResponse' smart constructor.
+data DeleteDatalakeDelegatedAdminResponse = DeleteDatalakeDelegatedAdminResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteDatalakeDelegatedAdminResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteDatalakeDelegatedAdminResponse_httpStatus' - The response's http status code.
+newDeleteDatalakeDelegatedAdminResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteDatalakeDelegatedAdminResponse
+newDeleteDatalakeDelegatedAdminResponse pHttpStatus_ =
+  DeleteDatalakeDelegatedAdminResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+deleteDatalakeDelegatedAdminResponse_httpStatus :: Lens.Lens' DeleteDatalakeDelegatedAdminResponse Prelude.Int
+deleteDatalakeDelegatedAdminResponse_httpStatus = Lens.lens (\DeleteDatalakeDelegatedAdminResponse' {httpStatus} -> httpStatus) (\s@DeleteDatalakeDelegatedAdminResponse' {} a -> s {httpStatus = a} :: DeleteDatalakeDelegatedAdminResponse)
+
+instance
+  Prelude.NFData
+    DeleteDatalakeDelegatedAdminResponse
+  where
+  rnf DeleteDatalakeDelegatedAdminResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/SecurityLake/DeleteDatalakeExceptionsSubscription.hs b/gen/Amazonka/SecurityLake/DeleteDatalakeExceptionsSubscription.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/DeleteDatalakeExceptionsSubscription.hs
@@ -0,0 +1,173 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.DeleteDatalakeExceptionsSubscription
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes the specified notification subscription in Amazon Security Lake
+-- for the organization you specify.
+module Amazonka.SecurityLake.DeleteDatalakeExceptionsSubscription
+  ( -- * Creating a Request
+    DeleteDatalakeExceptionsSubscription (..),
+    newDeleteDatalakeExceptionsSubscription,
+
+    -- * Destructuring the Response
+    DeleteDatalakeExceptionsSubscriptionResponse (..),
+    newDeleteDatalakeExceptionsSubscriptionResponse,
+
+    -- * Response Lenses
+    deleteDatalakeExceptionsSubscriptionResponse_httpStatus,
+    deleteDatalakeExceptionsSubscriptionResponse_status,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newDeleteDatalakeExceptionsSubscription' smart constructor.
+data DeleteDatalakeExceptionsSubscription = DeleteDatalakeExceptionsSubscription'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteDatalakeExceptionsSubscription' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newDeleteDatalakeExceptionsSubscription ::
+  DeleteDatalakeExceptionsSubscription
+newDeleteDatalakeExceptionsSubscription =
+  DeleteDatalakeExceptionsSubscription'
+
+instance
+  Core.AWSRequest
+    DeleteDatalakeExceptionsSubscription
+  where
+  type
+    AWSResponse DeleteDatalakeExceptionsSubscription =
+      DeleteDatalakeExceptionsSubscriptionResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DeleteDatalakeExceptionsSubscriptionResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "status")
+      )
+
+instance
+  Prelude.Hashable
+    DeleteDatalakeExceptionsSubscription
+  where
+  hashWithSalt _salt _ =
+    _salt `Prelude.hashWithSalt` ()
+
+instance
+  Prelude.NFData
+    DeleteDatalakeExceptionsSubscription
+  where
+  rnf _ = ()
+
+instance
+  Data.ToHeaders
+    DeleteDatalakeExceptionsSubscription
+  where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance
+  Data.ToPath
+    DeleteDatalakeExceptionsSubscription
+  where
+  toPath =
+    Prelude.const
+      "/v1/datalake/exceptions/subscription"
+
+instance
+  Data.ToQuery
+    DeleteDatalakeExceptionsSubscription
+  where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteDatalakeExceptionsSubscriptionResponse' smart constructor.
+data DeleteDatalakeExceptionsSubscriptionResponse = DeleteDatalakeExceptionsSubscriptionResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | Retrieves the status of the delete Security Lake operation for an
+    -- account.
+    status :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteDatalakeExceptionsSubscriptionResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteDatalakeExceptionsSubscriptionResponse_httpStatus' - The response's http status code.
+--
+-- 'status', 'deleteDatalakeExceptionsSubscriptionResponse_status' - Retrieves the status of the delete Security Lake operation for an
+-- account.
+newDeleteDatalakeExceptionsSubscriptionResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'status'
+  Prelude.Text ->
+  DeleteDatalakeExceptionsSubscriptionResponse
+newDeleteDatalakeExceptionsSubscriptionResponse
+  pHttpStatus_
+  pStatus_ =
+    DeleteDatalakeExceptionsSubscriptionResponse'
+      { httpStatus =
+          pHttpStatus_,
+        status = pStatus_
+      }
+
+-- | The response's http status code.
+deleteDatalakeExceptionsSubscriptionResponse_httpStatus :: Lens.Lens' DeleteDatalakeExceptionsSubscriptionResponse Prelude.Int
+deleteDatalakeExceptionsSubscriptionResponse_httpStatus = Lens.lens (\DeleteDatalakeExceptionsSubscriptionResponse' {httpStatus} -> httpStatus) (\s@DeleteDatalakeExceptionsSubscriptionResponse' {} a -> s {httpStatus = a} :: DeleteDatalakeExceptionsSubscriptionResponse)
+
+-- | Retrieves the status of the delete Security Lake operation for an
+-- account.
+deleteDatalakeExceptionsSubscriptionResponse_status :: Lens.Lens' DeleteDatalakeExceptionsSubscriptionResponse Prelude.Text
+deleteDatalakeExceptionsSubscriptionResponse_status = Lens.lens (\DeleteDatalakeExceptionsSubscriptionResponse' {status} -> status) (\s@DeleteDatalakeExceptionsSubscriptionResponse' {} a -> s {status = a} :: DeleteDatalakeExceptionsSubscriptionResponse)
+
+instance
+  Prelude.NFData
+    DeleteDatalakeExceptionsSubscriptionResponse
+  where
+  rnf DeleteDatalakeExceptionsSubscriptionResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf status
diff --git a/gen/Amazonka/SecurityLake/DeleteSubscriber.hs b/gen/Amazonka/SecurityLake/DeleteSubscriber.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/DeleteSubscriber.hs
@@ -0,0 +1,151 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.DeleteSubscriber
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes the subscription permission for accounts that are already
+-- enabled in Amazon Security Lake. You can delete a subscriber and remove
+-- access to data in the current Amazon Web Services Region.
+module Amazonka.SecurityLake.DeleteSubscriber
+  ( -- * Creating a Request
+    DeleteSubscriber (..),
+    newDeleteSubscriber,
+
+    -- * Request Lenses
+    deleteSubscriber_id,
+
+    -- * Destructuring the Response
+    DeleteSubscriberResponse (..),
+    newDeleteSubscriberResponse,
+
+    -- * Response Lenses
+    deleteSubscriberResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newDeleteSubscriber' smart constructor.
+data DeleteSubscriber = DeleteSubscriber'
+  { -- | A value created by Security Lake that uniquely identifies your
+    -- @DeleteSubscriber@ API request.
+    id :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteSubscriber' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'id', 'deleteSubscriber_id' - A value created by Security Lake that uniquely identifies your
+-- @DeleteSubscriber@ API request.
+newDeleteSubscriber ::
+  -- | 'id'
+  Prelude.Text ->
+  DeleteSubscriber
+newDeleteSubscriber pId_ =
+  DeleteSubscriber' {id = pId_}
+
+-- | A value created by Security Lake that uniquely identifies your
+-- @DeleteSubscriber@ API request.
+deleteSubscriber_id :: Lens.Lens' DeleteSubscriber Prelude.Text
+deleteSubscriber_id = Lens.lens (\DeleteSubscriber' {id} -> id) (\s@DeleteSubscriber' {} a -> s {id = a} :: DeleteSubscriber)
+
+instance Core.AWSRequest DeleteSubscriber where
+  type
+    AWSResponse DeleteSubscriber =
+      DeleteSubscriberResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteSubscriberResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteSubscriber where
+  hashWithSalt _salt DeleteSubscriber' {..} =
+    _salt `Prelude.hashWithSalt` id
+
+instance Prelude.NFData DeleteSubscriber where
+  rnf DeleteSubscriber' {..} = Prelude.rnf id
+
+instance Data.ToHeaders DeleteSubscriber where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath DeleteSubscriber where
+  toPath = Prelude.const "/v1/subscribers"
+
+instance Data.ToQuery DeleteSubscriber where
+  toQuery DeleteSubscriber' {..} =
+    Prelude.mconcat ["id" Data.=: id]
+
+-- | /See:/ 'newDeleteSubscriberResponse' smart constructor.
+data DeleteSubscriberResponse = DeleteSubscriberResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteSubscriberResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteSubscriberResponse_httpStatus' - The response's http status code.
+newDeleteSubscriberResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteSubscriberResponse
+newDeleteSubscriberResponse pHttpStatus_ =
+  DeleteSubscriberResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+deleteSubscriberResponse_httpStatus :: Lens.Lens' DeleteSubscriberResponse Prelude.Int
+deleteSubscriberResponse_httpStatus = Lens.lens (\DeleteSubscriberResponse' {httpStatus} -> httpStatus) (\s@DeleteSubscriberResponse' {} a -> s {httpStatus = a} :: DeleteSubscriberResponse)
+
+instance Prelude.NFData DeleteSubscriberResponse where
+  rnf DeleteSubscriberResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/SecurityLake/DeleteSubscriptionNotificationConfiguration.hs b/gen/Amazonka/SecurityLake/DeleteSubscriptionNotificationConfiguration.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/DeleteSubscriptionNotificationConfiguration.hs
@@ -0,0 +1,182 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.DeleteSubscriptionNotificationConfiguration
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes the specified notification subscription in Amazon Security Lake
+-- for the organization you specify.
+module Amazonka.SecurityLake.DeleteSubscriptionNotificationConfiguration
+  ( -- * Creating a Request
+    DeleteSubscriptionNotificationConfiguration (..),
+    newDeleteSubscriptionNotificationConfiguration,
+
+    -- * Request Lenses
+    deleteSubscriptionNotificationConfiguration_subscriptionId,
+
+    -- * Destructuring the Response
+    DeleteSubscriptionNotificationConfigurationResponse (..),
+    newDeleteSubscriptionNotificationConfigurationResponse,
+
+    -- * Response Lenses
+    deleteSubscriptionNotificationConfigurationResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newDeleteSubscriptionNotificationConfiguration' smart constructor.
+data DeleteSubscriptionNotificationConfiguration = DeleteSubscriptionNotificationConfiguration'
+  { -- | The ID of the Security Lake subscriber account.
+    subscriptionId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteSubscriptionNotificationConfiguration' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'subscriptionId', 'deleteSubscriptionNotificationConfiguration_subscriptionId' - The ID of the Security Lake subscriber account.
+newDeleteSubscriptionNotificationConfiguration ::
+  -- | 'subscriptionId'
+  Prelude.Text ->
+  DeleteSubscriptionNotificationConfiguration
+newDeleteSubscriptionNotificationConfiguration
+  pSubscriptionId_ =
+    DeleteSubscriptionNotificationConfiguration'
+      { subscriptionId =
+          pSubscriptionId_
+      }
+
+-- | The ID of the Security Lake subscriber account.
+deleteSubscriptionNotificationConfiguration_subscriptionId :: Lens.Lens' DeleteSubscriptionNotificationConfiguration Prelude.Text
+deleteSubscriptionNotificationConfiguration_subscriptionId = Lens.lens (\DeleteSubscriptionNotificationConfiguration' {subscriptionId} -> subscriptionId) (\s@DeleteSubscriptionNotificationConfiguration' {} a -> s {subscriptionId = a} :: DeleteSubscriptionNotificationConfiguration)
+
+instance
+  Core.AWSRequest
+    DeleteSubscriptionNotificationConfiguration
+  where
+  type
+    AWSResponse
+      DeleteSubscriptionNotificationConfiguration =
+      DeleteSubscriptionNotificationConfigurationResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteSubscriptionNotificationConfigurationResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    DeleteSubscriptionNotificationConfiguration
+  where
+  hashWithSalt
+    _salt
+    DeleteSubscriptionNotificationConfiguration' {..} =
+      _salt `Prelude.hashWithSalt` subscriptionId
+
+instance
+  Prelude.NFData
+    DeleteSubscriptionNotificationConfiguration
+  where
+  rnf DeleteSubscriptionNotificationConfiguration' {..} =
+    Prelude.rnf subscriptionId
+
+instance
+  Data.ToHeaders
+    DeleteSubscriptionNotificationConfiguration
+  where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance
+  Data.ToPath
+    DeleteSubscriptionNotificationConfiguration
+  where
+  toPath
+    DeleteSubscriptionNotificationConfiguration' {..} =
+      Prelude.mconcat
+        [ "/subscription-notifications/",
+          Data.toBS subscriptionId
+        ]
+
+instance
+  Data.ToQuery
+    DeleteSubscriptionNotificationConfiguration
+  where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteSubscriptionNotificationConfigurationResponse' smart constructor.
+data DeleteSubscriptionNotificationConfigurationResponse = DeleteSubscriptionNotificationConfigurationResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteSubscriptionNotificationConfigurationResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteSubscriptionNotificationConfigurationResponse_httpStatus' - The response's http status code.
+newDeleteSubscriptionNotificationConfigurationResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteSubscriptionNotificationConfigurationResponse
+newDeleteSubscriptionNotificationConfigurationResponse
+  pHttpStatus_ =
+    DeleteSubscriptionNotificationConfigurationResponse'
+      { httpStatus =
+          pHttpStatus_
+      }
+
+-- | The response's http status code.
+deleteSubscriptionNotificationConfigurationResponse_httpStatus :: Lens.Lens' DeleteSubscriptionNotificationConfigurationResponse Prelude.Int
+deleteSubscriptionNotificationConfigurationResponse_httpStatus = Lens.lens (\DeleteSubscriptionNotificationConfigurationResponse' {httpStatus} -> httpStatus) (\s@DeleteSubscriptionNotificationConfigurationResponse' {} a -> s {httpStatus = a} :: DeleteSubscriptionNotificationConfigurationResponse)
+
+instance
+  Prelude.NFData
+    DeleteSubscriptionNotificationConfigurationResponse
+  where
+  rnf
+    DeleteSubscriptionNotificationConfigurationResponse' {..} =
+      Prelude.rnf httpStatus
diff --git a/gen/Amazonka/SecurityLake/GetDatalake.hs b/gen/Amazonka/SecurityLake/GetDatalake.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/GetDatalake.hs
@@ -0,0 +1,144 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.GetDatalake
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Retrieves the Amazon Security Lake configuration object for the
+-- specified Amazon Web Services account ID. You can use the @GetDatalake@
+-- API to know whether Security Lake is enabled for the current Region.
+-- This API does not take input parameters.
+module Amazonka.SecurityLake.GetDatalake
+  ( -- * Creating a Request
+    GetDatalake (..),
+    newGetDatalake,
+
+    -- * Destructuring the Response
+    GetDatalakeResponse (..),
+    newGetDatalakeResponse,
+
+    -- * Response Lenses
+    getDatalakeResponse_httpStatus,
+    getDatalakeResponse_configurations,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newGetDatalake' smart constructor.
+data GetDatalake = GetDatalake'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetDatalake' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newGetDatalake ::
+  GetDatalake
+newGetDatalake = GetDatalake'
+
+instance Core.AWSRequest GetDatalake where
+  type AWSResponse GetDatalake = GetDatalakeResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetDatalakeResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> ( x
+                            Data..?> "configurations"
+                            Core..!@ Prelude.mempty
+                        )
+      )
+
+instance Prelude.Hashable GetDatalake where
+  hashWithSalt _salt _ =
+    _salt `Prelude.hashWithSalt` ()
+
+instance Prelude.NFData GetDatalake where
+  rnf _ = ()
+
+instance Data.ToHeaders GetDatalake where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath GetDatalake where
+  toPath = Prelude.const "/v1/datalake"
+
+instance Data.ToQuery GetDatalake where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newGetDatalakeResponse' smart constructor.
+data GetDatalakeResponse = GetDatalakeResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | Retrieves the Security Lake configuration object.
+    configurations :: Prelude.HashMap Region LakeConfigurationResponse
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetDatalakeResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'getDatalakeResponse_httpStatus' - The response's http status code.
+--
+-- 'configurations', 'getDatalakeResponse_configurations' - Retrieves the Security Lake configuration object.
+newGetDatalakeResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  GetDatalakeResponse
+newGetDatalakeResponse pHttpStatus_ =
+  GetDatalakeResponse'
+    { httpStatus = pHttpStatus_,
+      configurations = Prelude.mempty
+    }
+
+-- | The response's http status code.
+getDatalakeResponse_httpStatus :: Lens.Lens' GetDatalakeResponse Prelude.Int
+getDatalakeResponse_httpStatus = Lens.lens (\GetDatalakeResponse' {httpStatus} -> httpStatus) (\s@GetDatalakeResponse' {} a -> s {httpStatus = a} :: GetDatalakeResponse)
+
+-- | Retrieves the Security Lake configuration object.
+getDatalakeResponse_configurations :: Lens.Lens' GetDatalakeResponse (Prelude.HashMap Region LakeConfigurationResponse)
+getDatalakeResponse_configurations = Lens.lens (\GetDatalakeResponse' {configurations} -> configurations) (\s@GetDatalakeResponse' {} a -> s {configurations = a} :: GetDatalakeResponse) Prelude.. Lens.coerced
+
+instance Prelude.NFData GetDatalakeResponse where
+  rnf GetDatalakeResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf configurations
diff --git a/gen/Amazonka/SecurityLake/GetDatalakeAutoEnable.hs b/gen/Amazonka/SecurityLake/GetDatalakeAutoEnable.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/GetDatalakeAutoEnable.hs
@@ -0,0 +1,146 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.GetDatalakeAutoEnable
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Retrieves the configuration that will be automatically set up for
+-- accounts added to the organization after the organization has onboarded
+-- to Amazon Security Lake. This API does not take input parameters.
+module Amazonka.SecurityLake.GetDatalakeAutoEnable
+  ( -- * Creating a Request
+    GetDatalakeAutoEnable (..),
+    newGetDatalakeAutoEnable,
+
+    -- * Destructuring the Response
+    GetDatalakeAutoEnableResponse (..),
+    newGetDatalakeAutoEnableResponse,
+
+    -- * Response Lenses
+    getDatalakeAutoEnableResponse_httpStatus,
+    getDatalakeAutoEnableResponse_autoEnableNewAccounts,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newGetDatalakeAutoEnable' smart constructor.
+data GetDatalakeAutoEnable = GetDatalakeAutoEnable'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetDatalakeAutoEnable' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newGetDatalakeAutoEnable ::
+  GetDatalakeAutoEnable
+newGetDatalakeAutoEnable = GetDatalakeAutoEnable'
+
+instance Core.AWSRequest GetDatalakeAutoEnable where
+  type
+    AWSResponse GetDatalakeAutoEnable =
+      GetDatalakeAutoEnableResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetDatalakeAutoEnableResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> ( x
+                            Data..?> "autoEnableNewAccounts"
+                            Core..!@ Prelude.mempty
+                        )
+      )
+
+instance Prelude.Hashable GetDatalakeAutoEnable where
+  hashWithSalt _salt _ =
+    _salt `Prelude.hashWithSalt` ()
+
+instance Prelude.NFData GetDatalakeAutoEnable where
+  rnf _ = ()
+
+instance Data.ToHeaders GetDatalakeAutoEnable where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath GetDatalakeAutoEnable where
+  toPath = Prelude.const "/v1/datalake/autoenable"
+
+instance Data.ToQuery GetDatalakeAutoEnable where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newGetDatalakeAutoEnableResponse' smart constructor.
+data GetDatalakeAutoEnableResponse = GetDatalakeAutoEnableResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The configuration for new accounts.
+    autoEnableNewAccounts :: [AutoEnableNewRegionConfiguration]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetDatalakeAutoEnableResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'getDatalakeAutoEnableResponse_httpStatus' - The response's http status code.
+--
+-- 'autoEnableNewAccounts', 'getDatalakeAutoEnableResponse_autoEnableNewAccounts' - The configuration for new accounts.
+newGetDatalakeAutoEnableResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  GetDatalakeAutoEnableResponse
+newGetDatalakeAutoEnableResponse pHttpStatus_ =
+  GetDatalakeAutoEnableResponse'
+    { httpStatus =
+        pHttpStatus_,
+      autoEnableNewAccounts = Prelude.mempty
+    }
+
+-- | The response's http status code.
+getDatalakeAutoEnableResponse_httpStatus :: Lens.Lens' GetDatalakeAutoEnableResponse Prelude.Int
+getDatalakeAutoEnableResponse_httpStatus = Lens.lens (\GetDatalakeAutoEnableResponse' {httpStatus} -> httpStatus) (\s@GetDatalakeAutoEnableResponse' {} a -> s {httpStatus = a} :: GetDatalakeAutoEnableResponse)
+
+-- | The configuration for new accounts.
+getDatalakeAutoEnableResponse_autoEnableNewAccounts :: Lens.Lens' GetDatalakeAutoEnableResponse [AutoEnableNewRegionConfiguration]
+getDatalakeAutoEnableResponse_autoEnableNewAccounts = Lens.lens (\GetDatalakeAutoEnableResponse' {autoEnableNewAccounts} -> autoEnableNewAccounts) (\s@GetDatalakeAutoEnableResponse' {} a -> s {autoEnableNewAccounts = a} :: GetDatalakeAutoEnableResponse) Prelude.. Lens.coerced
+
+instance Prelude.NFData GetDatalakeAutoEnableResponse where
+  rnf GetDatalakeAutoEnableResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf autoEnableNewAccounts
diff --git a/gen/Amazonka/SecurityLake/GetDatalakeExceptionsExpiry.hs b/gen/Amazonka/SecurityLake/GetDatalakeExceptionsExpiry.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/GetDatalakeExceptionsExpiry.hs
@@ -0,0 +1,154 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.GetDatalakeExceptionsExpiry
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Retrieves the expiration period and time-to-live (TTL) for which the
+-- exception message will remain. Exceptions are stored by default, for 2
+-- weeks from when a record was created in Amazon Security Lake. This API
+-- does not take input parameters.
+module Amazonka.SecurityLake.GetDatalakeExceptionsExpiry
+  ( -- * Creating a Request
+    GetDatalakeExceptionsExpiry (..),
+    newGetDatalakeExceptionsExpiry,
+
+    -- * Destructuring the Response
+    GetDatalakeExceptionsExpiryResponse (..),
+    newGetDatalakeExceptionsExpiryResponse,
+
+    -- * Response Lenses
+    getDatalakeExceptionsExpiryResponse_httpStatus,
+    getDatalakeExceptionsExpiryResponse_exceptionMessageExpiry,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newGetDatalakeExceptionsExpiry' smart constructor.
+data GetDatalakeExceptionsExpiry = GetDatalakeExceptionsExpiry'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetDatalakeExceptionsExpiry' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newGetDatalakeExceptionsExpiry ::
+  GetDatalakeExceptionsExpiry
+newGetDatalakeExceptionsExpiry =
+  GetDatalakeExceptionsExpiry'
+
+instance Core.AWSRequest GetDatalakeExceptionsExpiry where
+  type
+    AWSResponse GetDatalakeExceptionsExpiry =
+      GetDatalakeExceptionsExpiryResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetDatalakeExceptionsExpiryResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "exceptionMessageExpiry")
+      )
+
+instance Prelude.Hashable GetDatalakeExceptionsExpiry where
+  hashWithSalt _salt _ =
+    _salt `Prelude.hashWithSalt` ()
+
+instance Prelude.NFData GetDatalakeExceptionsExpiry where
+  rnf _ = ()
+
+instance Data.ToHeaders GetDatalakeExceptionsExpiry where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath GetDatalakeExceptionsExpiry where
+  toPath =
+    Prelude.const "/v1/datalake/exceptions/expiry"
+
+instance Data.ToQuery GetDatalakeExceptionsExpiry where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newGetDatalakeExceptionsExpiryResponse' smart constructor.
+data GetDatalakeExceptionsExpiryResponse = GetDatalakeExceptionsExpiryResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The expiration period and time-to-live (TTL).
+    exceptionMessageExpiry :: Prelude.Integer
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetDatalakeExceptionsExpiryResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'getDatalakeExceptionsExpiryResponse_httpStatus' - The response's http status code.
+--
+-- 'exceptionMessageExpiry', 'getDatalakeExceptionsExpiryResponse_exceptionMessageExpiry' - The expiration period and time-to-live (TTL).
+newGetDatalakeExceptionsExpiryResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'exceptionMessageExpiry'
+  Prelude.Integer ->
+  GetDatalakeExceptionsExpiryResponse
+newGetDatalakeExceptionsExpiryResponse
+  pHttpStatus_
+  pExceptionMessageExpiry_ =
+    GetDatalakeExceptionsExpiryResponse'
+      { httpStatus =
+          pHttpStatus_,
+        exceptionMessageExpiry =
+          pExceptionMessageExpiry_
+      }
+
+-- | The response's http status code.
+getDatalakeExceptionsExpiryResponse_httpStatus :: Lens.Lens' GetDatalakeExceptionsExpiryResponse Prelude.Int
+getDatalakeExceptionsExpiryResponse_httpStatus = Lens.lens (\GetDatalakeExceptionsExpiryResponse' {httpStatus} -> httpStatus) (\s@GetDatalakeExceptionsExpiryResponse' {} a -> s {httpStatus = a} :: GetDatalakeExceptionsExpiryResponse)
+
+-- | The expiration period and time-to-live (TTL).
+getDatalakeExceptionsExpiryResponse_exceptionMessageExpiry :: Lens.Lens' GetDatalakeExceptionsExpiryResponse Prelude.Integer
+getDatalakeExceptionsExpiryResponse_exceptionMessageExpiry = Lens.lens (\GetDatalakeExceptionsExpiryResponse' {exceptionMessageExpiry} -> exceptionMessageExpiry) (\s@GetDatalakeExceptionsExpiryResponse' {} a -> s {exceptionMessageExpiry = a} :: GetDatalakeExceptionsExpiryResponse)
+
+instance
+  Prelude.NFData
+    GetDatalakeExceptionsExpiryResponse
+  where
+  rnf GetDatalakeExceptionsExpiryResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf exceptionMessageExpiry
diff --git a/gen/Amazonka/SecurityLake/GetDatalakeExceptionsSubscription.hs b/gen/Amazonka/SecurityLake/GetDatalakeExceptionsSubscription.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/GetDatalakeExceptionsSubscription.hs
@@ -0,0 +1,171 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.GetDatalakeExceptionsSubscription
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Retrieves the details of exception notifications for the account in
+-- Amazon Security Lake.
+module Amazonka.SecurityLake.GetDatalakeExceptionsSubscription
+  ( -- * Creating a Request
+    GetDatalakeExceptionsSubscription (..),
+    newGetDatalakeExceptionsSubscription,
+
+    -- * Destructuring the Response
+    GetDatalakeExceptionsSubscriptionResponse (..),
+    newGetDatalakeExceptionsSubscriptionResponse,
+
+    -- * Response Lenses
+    getDatalakeExceptionsSubscriptionResponse_httpStatus,
+    getDatalakeExceptionsSubscriptionResponse_protocolAndNotificationEndpoint,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newGetDatalakeExceptionsSubscription' smart constructor.
+data GetDatalakeExceptionsSubscription = GetDatalakeExceptionsSubscription'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetDatalakeExceptionsSubscription' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newGetDatalakeExceptionsSubscription ::
+  GetDatalakeExceptionsSubscription
+newGetDatalakeExceptionsSubscription =
+  GetDatalakeExceptionsSubscription'
+
+instance
+  Core.AWSRequest
+    GetDatalakeExceptionsSubscription
+  where
+  type
+    AWSResponse GetDatalakeExceptionsSubscription =
+      GetDatalakeExceptionsSubscriptionResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetDatalakeExceptionsSubscriptionResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "protocolAndNotificationEndpoint")
+      )
+
+instance
+  Prelude.Hashable
+    GetDatalakeExceptionsSubscription
+  where
+  hashWithSalt _salt _ =
+    _salt `Prelude.hashWithSalt` ()
+
+instance
+  Prelude.NFData
+    GetDatalakeExceptionsSubscription
+  where
+  rnf _ = ()
+
+instance
+  Data.ToHeaders
+    GetDatalakeExceptionsSubscription
+  where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance
+  Data.ToPath
+    GetDatalakeExceptionsSubscription
+  where
+  toPath =
+    Prelude.const
+      "/v1/datalake/exceptions/subscription"
+
+instance
+  Data.ToQuery
+    GetDatalakeExceptionsSubscription
+  where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newGetDatalakeExceptionsSubscriptionResponse' smart constructor.
+data GetDatalakeExceptionsSubscriptionResponse = GetDatalakeExceptionsSubscriptionResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | Retrieves the exception notification subscription information.
+    protocolAndNotificationEndpoint :: ProtocolAndNotificationEndpoint
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetDatalakeExceptionsSubscriptionResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'getDatalakeExceptionsSubscriptionResponse_httpStatus' - The response's http status code.
+--
+-- 'protocolAndNotificationEndpoint', 'getDatalakeExceptionsSubscriptionResponse_protocolAndNotificationEndpoint' - Retrieves the exception notification subscription information.
+newGetDatalakeExceptionsSubscriptionResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'protocolAndNotificationEndpoint'
+  ProtocolAndNotificationEndpoint ->
+  GetDatalakeExceptionsSubscriptionResponse
+newGetDatalakeExceptionsSubscriptionResponse
+  pHttpStatus_
+  pProtocolAndNotificationEndpoint_ =
+    GetDatalakeExceptionsSubscriptionResponse'
+      { httpStatus =
+          pHttpStatus_,
+        protocolAndNotificationEndpoint =
+          pProtocolAndNotificationEndpoint_
+      }
+
+-- | The response's http status code.
+getDatalakeExceptionsSubscriptionResponse_httpStatus :: Lens.Lens' GetDatalakeExceptionsSubscriptionResponse Prelude.Int
+getDatalakeExceptionsSubscriptionResponse_httpStatus = Lens.lens (\GetDatalakeExceptionsSubscriptionResponse' {httpStatus} -> httpStatus) (\s@GetDatalakeExceptionsSubscriptionResponse' {} a -> s {httpStatus = a} :: GetDatalakeExceptionsSubscriptionResponse)
+
+-- | Retrieves the exception notification subscription information.
+getDatalakeExceptionsSubscriptionResponse_protocolAndNotificationEndpoint :: Lens.Lens' GetDatalakeExceptionsSubscriptionResponse ProtocolAndNotificationEndpoint
+getDatalakeExceptionsSubscriptionResponse_protocolAndNotificationEndpoint = Lens.lens (\GetDatalakeExceptionsSubscriptionResponse' {protocolAndNotificationEndpoint} -> protocolAndNotificationEndpoint) (\s@GetDatalakeExceptionsSubscriptionResponse' {} a -> s {protocolAndNotificationEndpoint = a} :: GetDatalakeExceptionsSubscriptionResponse)
+
+instance
+  Prelude.NFData
+    GetDatalakeExceptionsSubscriptionResponse
+  where
+  rnf GetDatalakeExceptionsSubscriptionResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf protocolAndNotificationEndpoint
diff --git a/gen/Amazonka/SecurityLake/GetDatalakeStatus.hs b/gen/Amazonka/SecurityLake/GetDatalakeStatus.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/GetDatalakeStatus.hs
@@ -0,0 +1,282 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.GetDatalakeStatus
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Retrieves a snapshot of the current Region, including whether Amazon
+-- Security Lake is enabled for those accounts and which sources Security
+-- Lake is collecting data from.
+--
+-- This operation returns paginated results.
+module Amazonka.SecurityLake.GetDatalakeStatus
+  ( -- * Creating a Request
+    GetDatalakeStatus (..),
+    newGetDatalakeStatus,
+
+    -- * Request Lenses
+    getDatalakeStatus_accountSet,
+    getDatalakeStatus_maxAccountResults,
+    getDatalakeStatus_nextToken,
+
+    -- * Destructuring the Response
+    GetDatalakeStatusResponse (..),
+    newGetDatalakeStatusResponse,
+
+    -- * Response Lenses
+    getDatalakeStatusResponse_nextToken,
+    getDatalakeStatusResponse_httpStatus,
+    getDatalakeStatusResponse_accountSourcesList,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newGetDatalakeStatus' smart constructor.
+data GetDatalakeStatus = GetDatalakeStatus'
+  { -- | The Amazon Web Services account ID for which a static snapshot of the
+    -- current Amazon Web Services Region, including enabled accounts and log
+    -- sources, is retrieved.
+    accountSet :: Prelude.Maybe [Prelude.Text],
+    -- | The maximum limit of accounts for which the static snapshot of the
+    -- current Region, including enabled accounts and log sources, is
+    -- retrieved.
+    maxAccountResults :: Prelude.Maybe Prelude.Int,
+    -- | Lists if there are more results available. The value of nextToken is a
+    -- unique pagination token for each page. Repeat the call using the
+    -- returned token to retrieve the next page. Keep all other arguments
+    -- unchanged.
+    --
+    -- Each pagination token expires after 24 hours. Using an expired
+    -- pagination token will return an HTTP 400 InvalidToken error.
+    nextToken :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetDatalakeStatus' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'accountSet', 'getDatalakeStatus_accountSet' - The Amazon Web Services account ID for which a static snapshot of the
+-- current Amazon Web Services Region, including enabled accounts and log
+-- sources, is retrieved.
+--
+-- 'maxAccountResults', 'getDatalakeStatus_maxAccountResults' - The maximum limit of accounts for which the static snapshot of the
+-- current Region, including enabled accounts and log sources, is
+-- retrieved.
+--
+-- 'nextToken', 'getDatalakeStatus_nextToken' - Lists if there are more results available. The value of nextToken is a
+-- unique pagination token for each page. Repeat the call using the
+-- returned token to retrieve the next page. Keep all other arguments
+-- unchanged.
+--
+-- Each pagination token expires after 24 hours. Using an expired
+-- pagination token will return an HTTP 400 InvalidToken error.
+newGetDatalakeStatus ::
+  GetDatalakeStatus
+newGetDatalakeStatus =
+  GetDatalakeStatus'
+    { accountSet = Prelude.Nothing,
+      maxAccountResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing
+    }
+
+-- | The Amazon Web Services account ID for which a static snapshot of the
+-- current Amazon Web Services Region, including enabled accounts and log
+-- sources, is retrieved.
+getDatalakeStatus_accountSet :: Lens.Lens' GetDatalakeStatus (Prelude.Maybe [Prelude.Text])
+getDatalakeStatus_accountSet = Lens.lens (\GetDatalakeStatus' {accountSet} -> accountSet) (\s@GetDatalakeStatus' {} a -> s {accountSet = a} :: GetDatalakeStatus) Prelude.. Lens.mapping Lens.coerced
+
+-- | The maximum limit of accounts for which the static snapshot of the
+-- current Region, including enabled accounts and log sources, is
+-- retrieved.
+getDatalakeStatus_maxAccountResults :: Lens.Lens' GetDatalakeStatus (Prelude.Maybe Prelude.Int)
+getDatalakeStatus_maxAccountResults = Lens.lens (\GetDatalakeStatus' {maxAccountResults} -> maxAccountResults) (\s@GetDatalakeStatus' {} a -> s {maxAccountResults = a} :: GetDatalakeStatus)
+
+-- | Lists if there are more results available. The value of nextToken is a
+-- unique pagination token for each page. Repeat the call using the
+-- returned token to retrieve the next page. Keep all other arguments
+-- unchanged.
+--
+-- Each pagination token expires after 24 hours. Using an expired
+-- pagination token will return an HTTP 400 InvalidToken error.
+getDatalakeStatus_nextToken :: Lens.Lens' GetDatalakeStatus (Prelude.Maybe Prelude.Text)
+getDatalakeStatus_nextToken = Lens.lens (\GetDatalakeStatus' {nextToken} -> nextToken) (\s@GetDatalakeStatus' {} a -> s {nextToken = a} :: GetDatalakeStatus)
+
+instance Core.AWSPager GetDatalakeStatus where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? getDatalakeStatusResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^. getDatalakeStatusResponse_accountSourcesList
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& getDatalakeStatus_nextToken
+          Lens..~ rs
+          Lens.^? getDatalakeStatusResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest GetDatalakeStatus where
+  type
+    AWSResponse GetDatalakeStatus =
+      GetDatalakeStatusResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetDatalakeStatusResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> ( x
+                            Data..?> "accountSourcesList"
+                            Core..!@ Prelude.mempty
+                        )
+      )
+
+instance Prelude.Hashable GetDatalakeStatus where
+  hashWithSalt _salt GetDatalakeStatus' {..} =
+    _salt
+      `Prelude.hashWithSalt` accountSet
+      `Prelude.hashWithSalt` maxAccountResults
+      `Prelude.hashWithSalt` nextToken
+
+instance Prelude.NFData GetDatalakeStatus where
+  rnf GetDatalakeStatus' {..} =
+    Prelude.rnf accountSet
+      `Prelude.seq` Prelude.rnf maxAccountResults
+      `Prelude.seq` Prelude.rnf nextToken
+
+instance Data.ToHeaders GetDatalakeStatus where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON GetDatalakeStatus where
+  toJSON GetDatalakeStatus' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("accountSet" Data..=) Prelude.<$> accountSet,
+            ("maxAccountResults" Data..=)
+              Prelude.<$> maxAccountResults,
+            ("nextToken" Data..=) Prelude.<$> nextToken
+          ]
+      )
+
+instance Data.ToPath GetDatalakeStatus where
+  toPath = Prelude.const "/v1/datalake/status"
+
+instance Data.ToQuery GetDatalakeStatus where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newGetDatalakeStatusResponse' smart constructor.
+data GetDatalakeStatusResponse = GetDatalakeStatusResponse'
+  { -- | Lists if there are more results available. The value of nextToken is a
+    -- unique pagination token for each page. Repeat the call using the
+    -- returned token to retrieve the next page. Keep all other arguments
+    -- unchanged.
+    --
+    -- Each pagination token expires after 24 hours. Using an expired
+    -- pagination token will return an HTTP 400 InvalidToken error.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The list of enabled accounts and enabled sources.
+    accountSourcesList :: [AccountSources]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetDatalakeStatusResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'getDatalakeStatusResponse_nextToken' - Lists if there are more results available. The value of nextToken is a
+-- unique pagination token for each page. Repeat the call using the
+-- returned token to retrieve the next page. Keep all other arguments
+-- unchanged.
+--
+-- Each pagination token expires after 24 hours. Using an expired
+-- pagination token will return an HTTP 400 InvalidToken error.
+--
+-- 'httpStatus', 'getDatalakeStatusResponse_httpStatus' - The response's http status code.
+--
+-- 'accountSourcesList', 'getDatalakeStatusResponse_accountSourcesList' - The list of enabled accounts and enabled sources.
+newGetDatalakeStatusResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  GetDatalakeStatusResponse
+newGetDatalakeStatusResponse pHttpStatus_ =
+  GetDatalakeStatusResponse'
+    { nextToken =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_,
+      accountSourcesList = Prelude.mempty
+    }
+
+-- | Lists if there are more results available. The value of nextToken is a
+-- unique pagination token for each page. Repeat the call using the
+-- returned token to retrieve the next page. Keep all other arguments
+-- unchanged.
+--
+-- Each pagination token expires after 24 hours. Using an expired
+-- pagination token will return an HTTP 400 InvalidToken error.
+getDatalakeStatusResponse_nextToken :: Lens.Lens' GetDatalakeStatusResponse (Prelude.Maybe Prelude.Text)
+getDatalakeStatusResponse_nextToken = Lens.lens (\GetDatalakeStatusResponse' {nextToken} -> nextToken) (\s@GetDatalakeStatusResponse' {} a -> s {nextToken = a} :: GetDatalakeStatusResponse)
+
+-- | The response's http status code.
+getDatalakeStatusResponse_httpStatus :: Lens.Lens' GetDatalakeStatusResponse Prelude.Int
+getDatalakeStatusResponse_httpStatus = Lens.lens (\GetDatalakeStatusResponse' {httpStatus} -> httpStatus) (\s@GetDatalakeStatusResponse' {} a -> s {httpStatus = a} :: GetDatalakeStatusResponse)
+
+-- | The list of enabled accounts and enabled sources.
+getDatalakeStatusResponse_accountSourcesList :: Lens.Lens' GetDatalakeStatusResponse [AccountSources]
+getDatalakeStatusResponse_accountSourcesList = Lens.lens (\GetDatalakeStatusResponse' {accountSourcesList} -> accountSourcesList) (\s@GetDatalakeStatusResponse' {} a -> s {accountSourcesList = a} :: GetDatalakeStatusResponse) Prelude.. Lens.coerced
+
+instance Prelude.NFData GetDatalakeStatusResponse where
+  rnf GetDatalakeStatusResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf accountSourcesList
diff --git a/gen/Amazonka/SecurityLake/GetSubscriber.hs b/gen/Amazonka/SecurityLake/GetSubscriber.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/GetSubscriber.hs
@@ -0,0 +1,161 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.GetSubscriber
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Retrieves the subscription information for the specified subscription
+-- ID. You can get information about a specific subscriber.
+module Amazonka.SecurityLake.GetSubscriber
+  ( -- * Creating a Request
+    GetSubscriber (..),
+    newGetSubscriber,
+
+    -- * Request Lenses
+    getSubscriber_id,
+
+    -- * Destructuring the Response
+    GetSubscriberResponse (..),
+    newGetSubscriberResponse,
+
+    -- * Response Lenses
+    getSubscriberResponse_subscriber,
+    getSubscriberResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newGetSubscriber' smart constructor.
+data GetSubscriber = GetSubscriber'
+  { -- | A value created by Amazon Security Lake that uniquely identifies your
+    -- @GetSubscriber@ API request.
+    id :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetSubscriber' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'id', 'getSubscriber_id' - A value created by Amazon Security Lake that uniquely identifies your
+-- @GetSubscriber@ API request.
+newGetSubscriber ::
+  -- | 'id'
+  Prelude.Text ->
+  GetSubscriber
+newGetSubscriber pId_ = GetSubscriber' {id = pId_}
+
+-- | A value created by Amazon Security Lake that uniquely identifies your
+-- @GetSubscriber@ API request.
+getSubscriber_id :: Lens.Lens' GetSubscriber Prelude.Text
+getSubscriber_id = Lens.lens (\GetSubscriber' {id} -> id) (\s@GetSubscriber' {} a -> s {id = a} :: GetSubscriber)
+
+instance Core.AWSRequest GetSubscriber where
+  type
+    AWSResponse GetSubscriber =
+      GetSubscriberResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetSubscriberResponse'
+            Prelude.<$> (x Data..?> "subscriber")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable GetSubscriber where
+  hashWithSalt _salt GetSubscriber' {..} =
+    _salt `Prelude.hashWithSalt` id
+
+instance Prelude.NFData GetSubscriber where
+  rnf GetSubscriber' {..} = Prelude.rnf id
+
+instance Data.ToHeaders GetSubscriber where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath GetSubscriber where
+  toPath GetSubscriber' {..} =
+    Prelude.mconcat ["/v1/subscribers/", Data.toBS id]
+
+instance Data.ToQuery GetSubscriber where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newGetSubscriberResponse' smart constructor.
+data GetSubscriberResponse = GetSubscriberResponse'
+  { -- | The subscription information for the specified subscription ID.
+    subscriber :: Prelude.Maybe SubscriberResource,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetSubscriberResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'subscriber', 'getSubscriberResponse_subscriber' - The subscription information for the specified subscription ID.
+--
+-- 'httpStatus', 'getSubscriberResponse_httpStatus' - The response's http status code.
+newGetSubscriberResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  GetSubscriberResponse
+newGetSubscriberResponse pHttpStatus_ =
+  GetSubscriberResponse'
+    { subscriber =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The subscription information for the specified subscription ID.
+getSubscriberResponse_subscriber :: Lens.Lens' GetSubscriberResponse (Prelude.Maybe SubscriberResource)
+getSubscriberResponse_subscriber = Lens.lens (\GetSubscriberResponse' {subscriber} -> subscriber) (\s@GetSubscriberResponse' {} a -> s {subscriber = a} :: GetSubscriberResponse)
+
+-- | The response's http status code.
+getSubscriberResponse_httpStatus :: Lens.Lens' GetSubscriberResponse Prelude.Int
+getSubscriberResponse_httpStatus = Lens.lens (\GetSubscriberResponse' {httpStatus} -> httpStatus) (\s@GetSubscriberResponse' {} a -> s {httpStatus = a} :: GetSubscriberResponse)
+
+instance Prelude.NFData GetSubscriberResponse where
+  rnf GetSubscriberResponse' {..} =
+    Prelude.rnf subscriber
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/SecurityLake/Lens.hs b/gen/Amazonka/SecurityLake/Lens.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/Lens.hs
@@ -0,0 +1,319 @@
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-duplicate-exports #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.Lens
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.SecurityLake.Lens
+  ( -- * Operations
+
+    -- ** CreateAwsLogSource
+    createAwsLogSource_enableAllDimensions,
+    createAwsLogSource_enableSingleDimension,
+    createAwsLogSource_enableTwoDimensions,
+    createAwsLogSource_inputOrder,
+    createAwsLogSourceResponse_failed,
+    createAwsLogSourceResponse_processing,
+    createAwsLogSourceResponse_httpStatus,
+
+    -- ** CreateCustomLogSource
+    createCustomLogSource_customSourceName,
+    createCustomLogSource_eventClass,
+    createCustomLogSource_glueInvocationRoleArn,
+    createCustomLogSource_logProviderAccountId,
+    createCustomLogSourceResponse_httpStatus,
+    createCustomLogSourceResponse_customDataLocation,
+    createCustomLogSourceResponse_glueCrawlerName,
+    createCustomLogSourceResponse_glueDatabaseName,
+    createCustomLogSourceResponse_glueTableName,
+    createCustomLogSourceResponse_logProviderAccessRoleArn,
+
+    -- ** CreateDatalake
+    createDatalake_configurations,
+    createDatalake_enableAll,
+    createDatalake_metaStoreManagerRoleArn,
+    createDatalake_regions,
+    createDatalakeResponse_httpStatus,
+
+    -- ** CreateDatalakeAutoEnable
+    createDatalakeAutoEnable_configurationForNewAccounts,
+    createDatalakeAutoEnableResponse_httpStatus,
+
+    -- ** CreateDatalakeDelegatedAdmin
+    createDatalakeDelegatedAdmin_account,
+    createDatalakeDelegatedAdminResponse_httpStatus,
+
+    -- ** CreateDatalakeExceptionsSubscription
+    createDatalakeExceptionsSubscription_notificationEndpoint,
+    createDatalakeExceptionsSubscription_subscriptionProtocol,
+    createDatalakeExceptionsSubscriptionResponse_httpStatus,
+
+    -- ** CreateSubscriber
+    createSubscriber_accessTypes,
+    createSubscriber_subscriberDescription,
+    createSubscriber_accountId,
+    createSubscriber_externalId,
+    createSubscriber_sourceTypes,
+    createSubscriber_subscriberName,
+    createSubscriberResponse_roleArn,
+    createSubscriberResponse_s3BucketArn,
+    createSubscriberResponse_snsArn,
+    createSubscriberResponse_httpStatus,
+    createSubscriberResponse_subscriptionId,
+
+    -- ** CreateSubscriptionNotificationConfiguration
+    createSubscriptionNotificationConfiguration_createSqs,
+    createSubscriptionNotificationConfiguration_httpsApiKeyName,
+    createSubscriptionNotificationConfiguration_httpsApiKeyValue,
+    createSubscriptionNotificationConfiguration_httpsMethod,
+    createSubscriptionNotificationConfiguration_roleArn,
+    createSubscriptionNotificationConfiguration_subscriptionEndpoint,
+    createSubscriptionNotificationConfiguration_subscriptionId,
+    createSubscriptionNotificationConfigurationResponse_queueArn,
+    createSubscriptionNotificationConfigurationResponse_httpStatus,
+
+    -- ** DeleteAwsLogSource
+    deleteAwsLogSource_disableAllDimensions,
+    deleteAwsLogSource_disableSingleDimension,
+    deleteAwsLogSource_disableTwoDimensions,
+    deleteAwsLogSource_inputOrder,
+    deleteAwsLogSourceResponse_failed,
+    deleteAwsLogSourceResponse_processing,
+    deleteAwsLogSourceResponse_httpStatus,
+
+    -- ** DeleteCustomLogSource
+    deleteCustomLogSource_customSourceName,
+    deleteCustomLogSourceResponse_httpStatus,
+    deleteCustomLogSourceResponse_customDataLocation,
+
+    -- ** DeleteDatalake
+    deleteDatalakeResponse_httpStatus,
+
+    -- ** DeleteDatalakeAutoEnable
+    deleteDatalakeAutoEnable_removeFromConfigurationForNewAccounts,
+    deleteDatalakeAutoEnableResponse_httpStatus,
+
+    -- ** DeleteDatalakeDelegatedAdmin
+    deleteDatalakeDelegatedAdmin_account,
+    deleteDatalakeDelegatedAdminResponse_httpStatus,
+
+    -- ** DeleteDatalakeExceptionsSubscription
+    deleteDatalakeExceptionsSubscriptionResponse_httpStatus,
+    deleteDatalakeExceptionsSubscriptionResponse_status,
+
+    -- ** DeleteSubscriber
+    deleteSubscriber_id,
+    deleteSubscriberResponse_httpStatus,
+
+    -- ** DeleteSubscriptionNotificationConfiguration
+    deleteSubscriptionNotificationConfiguration_subscriptionId,
+    deleteSubscriptionNotificationConfigurationResponse_httpStatus,
+
+    -- ** GetDatalake
+    getDatalakeResponse_httpStatus,
+    getDatalakeResponse_configurations,
+
+    -- ** GetDatalakeAutoEnable
+    getDatalakeAutoEnableResponse_httpStatus,
+    getDatalakeAutoEnableResponse_autoEnableNewAccounts,
+
+    -- ** GetDatalakeExceptionsExpiry
+    getDatalakeExceptionsExpiryResponse_httpStatus,
+    getDatalakeExceptionsExpiryResponse_exceptionMessageExpiry,
+
+    -- ** GetDatalakeExceptionsSubscription
+    getDatalakeExceptionsSubscriptionResponse_httpStatus,
+    getDatalakeExceptionsSubscriptionResponse_protocolAndNotificationEndpoint,
+
+    -- ** GetDatalakeStatus
+    getDatalakeStatus_accountSet,
+    getDatalakeStatus_maxAccountResults,
+    getDatalakeStatus_nextToken,
+    getDatalakeStatusResponse_nextToken,
+    getDatalakeStatusResponse_httpStatus,
+    getDatalakeStatusResponse_accountSourcesList,
+
+    -- ** GetSubscriber
+    getSubscriber_id,
+    getSubscriberResponse_subscriber,
+    getSubscriberResponse_httpStatus,
+
+    -- ** ListDatalakeExceptions
+    listDatalakeExceptions_maxFailures,
+    listDatalakeExceptions_nextToken,
+    listDatalakeExceptions_regionSet,
+    listDatalakeExceptionsResponse_nextToken,
+    listDatalakeExceptionsResponse_httpStatus,
+    listDatalakeExceptionsResponse_nonRetryableFailures,
+
+    -- ** ListLogSources
+    listLogSources_inputOrder,
+    listLogSources_listAllDimensions,
+    listLogSources_listSingleDimension,
+    listLogSources_listTwoDimensions,
+    listLogSources_maxResults,
+    listLogSources_nextToken,
+    listLogSourcesResponse_nextToken,
+    listLogSourcesResponse_httpStatus,
+    listLogSourcesResponse_regionSourceTypesAccountsList,
+
+    -- ** ListSubscribers
+    listSubscribers_maxResults,
+    listSubscribers_nextToken,
+    listSubscribersResponse_nextToken,
+    listSubscribersResponse_httpStatus,
+    listSubscribersResponse_subscribers,
+
+    -- ** UpdateDatalake
+    updateDatalake_configurations,
+    updateDatalakeResponse_httpStatus,
+
+    -- ** UpdateDatalakeExceptionsExpiry
+    updateDatalakeExceptionsExpiry_exceptionMessageExpiry,
+    updateDatalakeExceptionsExpiryResponse_httpStatus,
+
+    -- ** UpdateDatalakeExceptionsSubscription
+    updateDatalakeExceptionsSubscription_notificationEndpoint,
+    updateDatalakeExceptionsSubscription_subscriptionProtocol,
+    updateDatalakeExceptionsSubscriptionResponse_httpStatus,
+
+    -- ** UpdateSubscriber
+    updateSubscriber_externalId,
+    updateSubscriber_subscriberDescription,
+    updateSubscriber_subscriberName,
+    updateSubscriber_id,
+    updateSubscriber_sourceTypes,
+    updateSubscriberResponse_subscriber,
+    updateSubscriberResponse_httpStatus,
+
+    -- ** UpdateSubscriptionNotificationConfiguration
+    updateSubscriptionNotificationConfiguration_createSqs,
+    updateSubscriptionNotificationConfiguration_httpsApiKeyName,
+    updateSubscriptionNotificationConfiguration_httpsApiKeyValue,
+    updateSubscriptionNotificationConfiguration_httpsMethod,
+    updateSubscriptionNotificationConfiguration_roleArn,
+    updateSubscriptionNotificationConfiguration_subscriptionEndpoint,
+    updateSubscriptionNotificationConfiguration_subscriptionId,
+    updateSubscriptionNotificationConfigurationResponse_queueArn,
+    updateSubscriptionNotificationConfigurationResponse_httpStatus,
+
+    -- * Types
+
+    -- ** AccountSources
+    accountSources_eventClass,
+    accountSources_logsStatus,
+    accountSources_account,
+    accountSources_sourceType,
+
+    -- ** AutoEnableNewRegionConfiguration
+    autoEnableNewRegionConfiguration_region,
+    autoEnableNewRegionConfiguration_sources,
+
+    -- ** Failures
+    failures_exceptionMessage,
+    failures_remediation,
+    failures_timestamp,
+
+    -- ** FailuresResponse
+    failuresResponse_failures,
+    failuresResponse_region,
+
+    -- ** LakeConfigurationRequest
+    lakeConfigurationRequest_encryptionKey,
+    lakeConfigurationRequest_replicationDestinationRegions,
+    lakeConfigurationRequest_replicationRoleArn,
+    lakeConfigurationRequest_retentionSettings,
+    lakeConfigurationRequest_tagsMap,
+
+    -- ** LakeConfigurationResponse
+    lakeConfigurationResponse_encryptionKey,
+    lakeConfigurationResponse_replicationDestinationRegions,
+    lakeConfigurationResponse_replicationRoleArn,
+    lakeConfigurationResponse_retentionSettings,
+    lakeConfigurationResponse_s3BucketArn,
+    lakeConfigurationResponse_status,
+    lakeConfigurationResponse_tagsMap,
+
+    -- ** LogsStatus
+    logsStatus_healthStatus,
+    logsStatus_pathToLogs,
+
+    -- ** ProtocolAndNotificationEndpoint
+    protocolAndNotificationEndpoint_endpoint,
+    protocolAndNotificationEndpoint_protocol,
+
+    -- ** RetentionSetting
+    retentionSetting_retentionPeriod,
+    retentionSetting_storageClass,
+
+    -- ** SourceType
+    sourceType_awsSourceType,
+    sourceType_customSourceType,
+
+    -- ** SubscriberResource
+    subscriberResource_accessTypes,
+    subscriberResource_createdAt,
+    subscriberResource_externalId,
+    subscriberResource_roleArn,
+    subscriberResource_s3BucketArn,
+    subscriberResource_snsArn,
+    subscriberResource_subscriberDescription,
+    subscriberResource_subscriberName,
+    subscriberResource_subscriptionEndpoint,
+    subscriberResource_subscriptionProtocol,
+    subscriberResource_subscriptionStatus,
+    subscriberResource_updatedAt,
+    subscriberResource_accountId,
+    subscriberResource_sourceTypes,
+    subscriberResource_subscriptionId,
+  )
+where
+
+import Amazonka.SecurityLake.CreateAwsLogSource
+import Amazonka.SecurityLake.CreateCustomLogSource
+import Amazonka.SecurityLake.CreateDatalake
+import Amazonka.SecurityLake.CreateDatalakeAutoEnable
+import Amazonka.SecurityLake.CreateDatalakeDelegatedAdmin
+import Amazonka.SecurityLake.CreateDatalakeExceptionsSubscription
+import Amazonka.SecurityLake.CreateSubscriber
+import Amazonka.SecurityLake.CreateSubscriptionNotificationConfiguration
+import Amazonka.SecurityLake.DeleteAwsLogSource
+import Amazonka.SecurityLake.DeleteCustomLogSource
+import Amazonka.SecurityLake.DeleteDatalake
+import Amazonka.SecurityLake.DeleteDatalakeAutoEnable
+import Amazonka.SecurityLake.DeleteDatalakeDelegatedAdmin
+import Amazonka.SecurityLake.DeleteDatalakeExceptionsSubscription
+import Amazonka.SecurityLake.DeleteSubscriber
+import Amazonka.SecurityLake.DeleteSubscriptionNotificationConfiguration
+import Amazonka.SecurityLake.GetDatalake
+import Amazonka.SecurityLake.GetDatalakeAutoEnable
+import Amazonka.SecurityLake.GetDatalakeExceptionsExpiry
+import Amazonka.SecurityLake.GetDatalakeExceptionsSubscription
+import Amazonka.SecurityLake.GetDatalakeStatus
+import Amazonka.SecurityLake.GetSubscriber
+import Amazonka.SecurityLake.ListDatalakeExceptions
+import Amazonka.SecurityLake.ListLogSources
+import Amazonka.SecurityLake.ListSubscribers
+import Amazonka.SecurityLake.Types.AccountSources
+import Amazonka.SecurityLake.Types.AutoEnableNewRegionConfiguration
+import Amazonka.SecurityLake.Types.Failures
+import Amazonka.SecurityLake.Types.FailuresResponse
+import Amazonka.SecurityLake.Types.LakeConfigurationRequest
+import Amazonka.SecurityLake.Types.LakeConfigurationResponse
+import Amazonka.SecurityLake.Types.LogsStatus
+import Amazonka.SecurityLake.Types.ProtocolAndNotificationEndpoint
+import Amazonka.SecurityLake.Types.RetentionSetting
+import Amazonka.SecurityLake.Types.SourceType
+import Amazonka.SecurityLake.Types.SubscriberResource
+import Amazonka.SecurityLake.UpdateDatalake
+import Amazonka.SecurityLake.UpdateDatalakeExceptionsExpiry
+import Amazonka.SecurityLake.UpdateDatalakeExceptionsSubscription
+import Amazonka.SecurityLake.UpdateSubscriber
+import Amazonka.SecurityLake.UpdateSubscriptionNotificationConfiguration
diff --git a/gen/Amazonka/SecurityLake/ListDatalakeExceptions.hs b/gen/Amazonka/SecurityLake/ListDatalakeExceptions.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/ListDatalakeExceptions.hs
@@ -0,0 +1,275 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.ListDatalakeExceptions
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the Amazon Security Lake exceptions that you can use to find the
+-- source of problems and fix them.
+--
+-- This operation returns paginated results.
+module Amazonka.SecurityLake.ListDatalakeExceptions
+  ( -- * Creating a Request
+    ListDatalakeExceptions (..),
+    newListDatalakeExceptions,
+
+    -- * Request Lenses
+    listDatalakeExceptions_maxFailures,
+    listDatalakeExceptions_nextToken,
+    listDatalakeExceptions_regionSet,
+
+    -- * Destructuring the Response
+    ListDatalakeExceptionsResponse (..),
+    newListDatalakeExceptionsResponse,
+
+    -- * Response Lenses
+    listDatalakeExceptionsResponse_nextToken,
+    listDatalakeExceptionsResponse_httpStatus,
+    listDatalakeExceptionsResponse_nonRetryableFailures,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newListDatalakeExceptions' smart constructor.
+data ListDatalakeExceptions = ListDatalakeExceptions'
+  { -- | List the maximum number of failures in Security Lake.
+    maxFailures :: Prelude.Maybe Prelude.Int,
+    -- | List if there are more results available. The value of nextToken is a
+    -- unique pagination token for each page. Repeat the call using the
+    -- returned token to retrieve the next page. Keep all other arguments
+    -- unchanged.
+    --
+    -- Each pagination token expires after 24 hours. Using an expired
+    -- pagination token will return an HTTP 400 InvalidToken error.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | List the Amazon Web Services Regions from which exceptions are
+    -- retrieved.
+    regionSet :: Prelude.Maybe [Region]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListDatalakeExceptions' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxFailures', 'listDatalakeExceptions_maxFailures' - List the maximum number of failures in Security Lake.
+--
+-- 'nextToken', 'listDatalakeExceptions_nextToken' - List if there are more results available. The value of nextToken is a
+-- unique pagination token for each page. Repeat the call using the
+-- returned token to retrieve the next page. Keep all other arguments
+-- unchanged.
+--
+-- Each pagination token expires after 24 hours. Using an expired
+-- pagination token will return an HTTP 400 InvalidToken error.
+--
+-- 'regionSet', 'listDatalakeExceptions_regionSet' - List the Amazon Web Services Regions from which exceptions are
+-- retrieved.
+newListDatalakeExceptions ::
+  ListDatalakeExceptions
+newListDatalakeExceptions =
+  ListDatalakeExceptions'
+    { maxFailures =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      regionSet = Prelude.Nothing
+    }
+
+-- | List the maximum number of failures in Security Lake.
+listDatalakeExceptions_maxFailures :: Lens.Lens' ListDatalakeExceptions (Prelude.Maybe Prelude.Int)
+listDatalakeExceptions_maxFailures = Lens.lens (\ListDatalakeExceptions' {maxFailures} -> maxFailures) (\s@ListDatalakeExceptions' {} a -> s {maxFailures = a} :: ListDatalakeExceptions)
+
+-- | List if there are more results available. The value of nextToken is a
+-- unique pagination token for each page. Repeat the call using the
+-- returned token to retrieve the next page. Keep all other arguments
+-- unchanged.
+--
+-- Each pagination token expires after 24 hours. Using an expired
+-- pagination token will return an HTTP 400 InvalidToken error.
+listDatalakeExceptions_nextToken :: Lens.Lens' ListDatalakeExceptions (Prelude.Maybe Prelude.Text)
+listDatalakeExceptions_nextToken = Lens.lens (\ListDatalakeExceptions' {nextToken} -> nextToken) (\s@ListDatalakeExceptions' {} a -> s {nextToken = a} :: ListDatalakeExceptions)
+
+-- | List the Amazon Web Services Regions from which exceptions are
+-- retrieved.
+listDatalakeExceptions_regionSet :: Lens.Lens' ListDatalakeExceptions (Prelude.Maybe [Region])
+listDatalakeExceptions_regionSet = Lens.lens (\ListDatalakeExceptions' {regionSet} -> regionSet) (\s@ListDatalakeExceptions' {} a -> s {regionSet = a} :: ListDatalakeExceptions) Prelude.. Lens.mapping Lens.coerced
+
+instance Core.AWSPager ListDatalakeExceptions where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listDatalakeExceptionsResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^. listDatalakeExceptionsResponse_nonRetryableFailures
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listDatalakeExceptions_nextToken
+          Lens..~ rs
+          Lens.^? listDatalakeExceptionsResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListDatalakeExceptions where
+  type
+    AWSResponse ListDatalakeExceptions =
+      ListDatalakeExceptionsResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListDatalakeExceptionsResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> ( x
+                            Data..?> "nonRetryableFailures"
+                            Core..!@ Prelude.mempty
+                        )
+      )
+
+instance Prelude.Hashable ListDatalakeExceptions where
+  hashWithSalt _salt ListDatalakeExceptions' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxFailures
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` regionSet
+
+instance Prelude.NFData ListDatalakeExceptions where
+  rnf ListDatalakeExceptions' {..} =
+    Prelude.rnf maxFailures
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf regionSet
+
+instance Data.ToHeaders ListDatalakeExceptions where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON ListDatalakeExceptions where
+  toJSON ListDatalakeExceptions' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("maxFailures" Data..=) Prelude.<$> maxFailures,
+            ("nextToken" Data..=) Prelude.<$> nextToken,
+            ("regionSet" Data..=) Prelude.<$> regionSet
+          ]
+      )
+
+instance Data.ToPath ListDatalakeExceptions where
+  toPath = Prelude.const "/v1/datalake/exceptions"
+
+instance Data.ToQuery ListDatalakeExceptions where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newListDatalakeExceptionsResponse' smart constructor.
+data ListDatalakeExceptionsResponse = ListDatalakeExceptionsResponse'
+  { -- | List if there are more results available. The value of nextToken is a
+    -- unique pagination token for each page. Repeat the call using the
+    -- returned token to retrieve the next page. Keep all other arguments
+    -- unchanged.
+    --
+    -- Each pagination token expires after 24 hours. Using an expired
+    -- pagination token will return an HTTP 400 InvalidToken error.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | Lists the failures that cannot be retried in the current Region.
+    nonRetryableFailures :: [FailuresResponse]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListDatalakeExceptionsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listDatalakeExceptionsResponse_nextToken' - List if there are more results available. The value of nextToken is a
+-- unique pagination token for each page. Repeat the call using the
+-- returned token to retrieve the next page. Keep all other arguments
+-- unchanged.
+--
+-- Each pagination token expires after 24 hours. Using an expired
+-- pagination token will return an HTTP 400 InvalidToken error.
+--
+-- 'httpStatus', 'listDatalakeExceptionsResponse_httpStatus' - The response's http status code.
+--
+-- 'nonRetryableFailures', 'listDatalakeExceptionsResponse_nonRetryableFailures' - Lists the failures that cannot be retried in the current Region.
+newListDatalakeExceptionsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListDatalakeExceptionsResponse
+newListDatalakeExceptionsResponse pHttpStatus_ =
+  ListDatalakeExceptionsResponse'
+    { nextToken =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_,
+      nonRetryableFailures = Prelude.mempty
+    }
+
+-- | List if there are more results available. The value of nextToken is a
+-- unique pagination token for each page. Repeat the call using the
+-- returned token to retrieve the next page. Keep all other arguments
+-- unchanged.
+--
+-- Each pagination token expires after 24 hours. Using an expired
+-- pagination token will return an HTTP 400 InvalidToken error.
+listDatalakeExceptionsResponse_nextToken :: Lens.Lens' ListDatalakeExceptionsResponse (Prelude.Maybe Prelude.Text)
+listDatalakeExceptionsResponse_nextToken = Lens.lens (\ListDatalakeExceptionsResponse' {nextToken} -> nextToken) (\s@ListDatalakeExceptionsResponse' {} a -> s {nextToken = a} :: ListDatalakeExceptionsResponse)
+
+-- | The response's http status code.
+listDatalakeExceptionsResponse_httpStatus :: Lens.Lens' ListDatalakeExceptionsResponse Prelude.Int
+listDatalakeExceptionsResponse_httpStatus = Lens.lens (\ListDatalakeExceptionsResponse' {httpStatus} -> httpStatus) (\s@ListDatalakeExceptionsResponse' {} a -> s {httpStatus = a} :: ListDatalakeExceptionsResponse)
+
+-- | Lists the failures that cannot be retried in the current Region.
+listDatalakeExceptionsResponse_nonRetryableFailures :: Lens.Lens' ListDatalakeExceptionsResponse [FailuresResponse]
+listDatalakeExceptionsResponse_nonRetryableFailures = Lens.lens (\ListDatalakeExceptionsResponse' {nonRetryableFailures} -> nonRetryableFailures) (\s@ListDatalakeExceptionsResponse' {} a -> s {nonRetryableFailures = a} :: ListDatalakeExceptionsResponse) Prelude.. Lens.coerced
+
+instance
+  Prelude.NFData
+    ListDatalakeExceptionsResponse
+  where
+  rnf ListDatalakeExceptionsResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf nonRetryableFailures
diff --git a/gen/Amazonka/SecurityLake/ListLogSources.hs b/gen/Amazonka/SecurityLake/ListLogSources.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/ListLogSources.hs
@@ -0,0 +1,297 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.ListLogSources
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Retrieves the log sources in the current Amazon Web Services Region.
+--
+-- This operation returns paginated results.
+module Amazonka.SecurityLake.ListLogSources
+  ( -- * Creating a Request
+    ListLogSources (..),
+    newListLogSources,
+
+    -- * Request Lenses
+    listLogSources_inputOrder,
+    listLogSources_listAllDimensions,
+    listLogSources_listSingleDimension,
+    listLogSources_listTwoDimensions,
+    listLogSources_maxResults,
+    listLogSources_nextToken,
+
+    -- * Destructuring the Response
+    ListLogSourcesResponse (..),
+    newListLogSourcesResponse,
+
+    -- * Response Lenses
+    listLogSourcesResponse_nextToken,
+    listLogSourcesResponse_httpStatus,
+    listLogSourcesResponse_regionSourceTypesAccountsList,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newListLogSources' smart constructor.
+data ListLogSources = ListLogSources'
+  { -- | Lists the log sources in input order, namely Region, source type, and
+    -- member account.
+    inputOrder :: Prelude.Maybe [Dimension],
+    -- | List the view of log sources for enabled Amazon Security Lake accounts
+    -- for specific Amazon Web Services sources from specific accounts and
+    -- specific Regions.
+    listAllDimensions :: Prelude.Maybe (Prelude.HashMap Prelude.Text (Prelude.HashMap Prelude.Text [Prelude.Text])),
+    -- | List the view of log sources for enabled Security Lake accounts for all
+    -- Amazon Web Services sources from specific accounts or specific Regions.
+    listSingleDimension :: Prelude.Maybe [Prelude.Text],
+    -- | Lists the view of log sources for enabled Security Lake accounts for
+    -- specific Amazon Web Services sources from specific accounts or specific
+    -- Regions.
+    listTwoDimensions :: Prelude.Maybe (Prelude.HashMap Prelude.Text [Prelude.Text]),
+    -- | The maximum number of accounts for which the log sources are displayed.
+    maxResults :: Prelude.Maybe Prelude.Int,
+    -- | If nextToken is returned, there are more results available. You can
+    -- repeat the call using the returned token to retrieve the next page.
+    nextToken :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListLogSources' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'inputOrder', 'listLogSources_inputOrder' - Lists the log sources in input order, namely Region, source type, and
+-- member account.
+--
+-- 'listAllDimensions', 'listLogSources_listAllDimensions' - List the view of log sources for enabled Amazon Security Lake accounts
+-- for specific Amazon Web Services sources from specific accounts and
+-- specific Regions.
+--
+-- 'listSingleDimension', 'listLogSources_listSingleDimension' - List the view of log sources for enabled Security Lake accounts for all
+-- Amazon Web Services sources from specific accounts or specific Regions.
+--
+-- 'listTwoDimensions', 'listLogSources_listTwoDimensions' - Lists the view of log sources for enabled Security Lake accounts for
+-- specific Amazon Web Services sources from specific accounts or specific
+-- Regions.
+--
+-- 'maxResults', 'listLogSources_maxResults' - The maximum number of accounts for which the log sources are displayed.
+--
+-- 'nextToken', 'listLogSources_nextToken' - If nextToken is returned, there are more results available. You can
+-- repeat the call using the returned token to retrieve the next page.
+newListLogSources ::
+  ListLogSources
+newListLogSources =
+  ListLogSources'
+    { inputOrder = Prelude.Nothing,
+      listAllDimensions = Prelude.Nothing,
+      listSingleDimension = Prelude.Nothing,
+      listTwoDimensions = Prelude.Nothing,
+      maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing
+    }
+
+-- | Lists the log sources in input order, namely Region, source type, and
+-- member account.
+listLogSources_inputOrder :: Lens.Lens' ListLogSources (Prelude.Maybe [Dimension])
+listLogSources_inputOrder = Lens.lens (\ListLogSources' {inputOrder} -> inputOrder) (\s@ListLogSources' {} a -> s {inputOrder = a} :: ListLogSources) Prelude.. Lens.mapping Lens.coerced
+
+-- | List the view of log sources for enabled Amazon Security Lake accounts
+-- for specific Amazon Web Services sources from specific accounts and
+-- specific Regions.
+listLogSources_listAllDimensions :: Lens.Lens' ListLogSources (Prelude.Maybe (Prelude.HashMap Prelude.Text (Prelude.HashMap Prelude.Text [Prelude.Text])))
+listLogSources_listAllDimensions = Lens.lens (\ListLogSources' {listAllDimensions} -> listAllDimensions) (\s@ListLogSources' {} a -> s {listAllDimensions = a} :: ListLogSources) Prelude.. Lens.mapping Lens.coerced
+
+-- | List the view of log sources for enabled Security Lake accounts for all
+-- Amazon Web Services sources from specific accounts or specific Regions.
+listLogSources_listSingleDimension :: Lens.Lens' ListLogSources (Prelude.Maybe [Prelude.Text])
+listLogSources_listSingleDimension = Lens.lens (\ListLogSources' {listSingleDimension} -> listSingleDimension) (\s@ListLogSources' {} a -> s {listSingleDimension = a} :: ListLogSources) Prelude.. Lens.mapping Lens.coerced
+
+-- | Lists the view of log sources for enabled Security Lake accounts for
+-- specific Amazon Web Services sources from specific accounts or specific
+-- Regions.
+listLogSources_listTwoDimensions :: Lens.Lens' ListLogSources (Prelude.Maybe (Prelude.HashMap Prelude.Text [Prelude.Text]))
+listLogSources_listTwoDimensions = Lens.lens (\ListLogSources' {listTwoDimensions} -> listTwoDimensions) (\s@ListLogSources' {} a -> s {listTwoDimensions = a} :: ListLogSources) Prelude.. Lens.mapping Lens.coerced
+
+-- | The maximum number of accounts for which the log sources are displayed.
+listLogSources_maxResults :: Lens.Lens' ListLogSources (Prelude.Maybe Prelude.Int)
+listLogSources_maxResults = Lens.lens (\ListLogSources' {maxResults} -> maxResults) (\s@ListLogSources' {} a -> s {maxResults = a} :: ListLogSources)
+
+-- | If nextToken is returned, there are more results available. You can
+-- repeat the call using the returned token to retrieve the next page.
+listLogSources_nextToken :: Lens.Lens' ListLogSources (Prelude.Maybe Prelude.Text)
+listLogSources_nextToken = Lens.lens (\ListLogSources' {nextToken} -> nextToken) (\s@ListLogSources' {} a -> s {nextToken = a} :: ListLogSources)
+
+instance Core.AWSPager ListLogSources where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listLogSourcesResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^. listLogSourcesResponse_regionSourceTypesAccountsList
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listLogSources_nextToken
+          Lens..~ rs
+          Lens.^? listLogSourcesResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListLogSources where
+  type
+    AWSResponse ListLogSources =
+      ListLogSourcesResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListLogSourcesResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> ( x
+                            Data..?> "regionSourceTypesAccountsList"
+                            Core..!@ Prelude.mempty
+                        )
+      )
+
+instance Prelude.Hashable ListLogSources where
+  hashWithSalt _salt ListLogSources' {..} =
+    _salt
+      `Prelude.hashWithSalt` inputOrder
+      `Prelude.hashWithSalt` listAllDimensions
+      `Prelude.hashWithSalt` listSingleDimension
+      `Prelude.hashWithSalt` listTwoDimensions
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+
+instance Prelude.NFData ListLogSources where
+  rnf ListLogSources' {..} =
+    Prelude.rnf inputOrder
+      `Prelude.seq` Prelude.rnf listAllDimensions
+      `Prelude.seq` Prelude.rnf listSingleDimension
+      `Prelude.seq` Prelude.rnf listTwoDimensions
+      `Prelude.seq` Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+
+instance Data.ToHeaders ListLogSources where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON ListLogSources where
+  toJSON ListLogSources' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("inputOrder" Data..=) Prelude.<$> inputOrder,
+            ("listAllDimensions" Data..=)
+              Prelude.<$> listAllDimensions,
+            ("listSingleDimension" Data..=)
+              Prelude.<$> listSingleDimension,
+            ("listTwoDimensions" Data..=)
+              Prelude.<$> listTwoDimensions,
+            ("maxResults" Data..=) Prelude.<$> maxResults,
+            ("nextToken" Data..=) Prelude.<$> nextToken
+          ]
+      )
+
+instance Data.ToPath ListLogSources where
+  toPath = Prelude.const "/v1/logsources/list"
+
+instance Data.ToQuery ListLogSources where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newListLogSourcesResponse' smart constructor.
+data ListLogSourcesResponse = ListLogSourcesResponse'
+  { -- | If nextToken is returned, there are more results available. You can
+    -- repeat the call using the returned token to retrieve the next page.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | Lists the log sources by Regions for enabled Security Lake accounts.
+    regionSourceTypesAccountsList :: [Prelude.HashMap Prelude.Text (Prelude.HashMap Prelude.Text [Prelude.Text])]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListLogSourcesResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listLogSourcesResponse_nextToken' - If nextToken is returned, there are more results available. You can
+-- repeat the call using the returned token to retrieve the next page.
+--
+-- 'httpStatus', 'listLogSourcesResponse_httpStatus' - The response's http status code.
+--
+-- 'regionSourceTypesAccountsList', 'listLogSourcesResponse_regionSourceTypesAccountsList' - Lists the log sources by Regions for enabled Security Lake accounts.
+newListLogSourcesResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListLogSourcesResponse
+newListLogSourcesResponse pHttpStatus_ =
+  ListLogSourcesResponse'
+    { nextToken =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_,
+      regionSourceTypesAccountsList = Prelude.mempty
+    }
+
+-- | If nextToken is returned, there are more results available. You can
+-- repeat the call using the returned token to retrieve the next page.
+listLogSourcesResponse_nextToken :: Lens.Lens' ListLogSourcesResponse (Prelude.Maybe Prelude.Text)
+listLogSourcesResponse_nextToken = Lens.lens (\ListLogSourcesResponse' {nextToken} -> nextToken) (\s@ListLogSourcesResponse' {} a -> s {nextToken = a} :: ListLogSourcesResponse)
+
+-- | The response's http status code.
+listLogSourcesResponse_httpStatus :: Lens.Lens' ListLogSourcesResponse Prelude.Int
+listLogSourcesResponse_httpStatus = Lens.lens (\ListLogSourcesResponse' {httpStatus} -> httpStatus) (\s@ListLogSourcesResponse' {} a -> s {httpStatus = a} :: ListLogSourcesResponse)
+
+-- | Lists the log sources by Regions for enabled Security Lake accounts.
+listLogSourcesResponse_regionSourceTypesAccountsList :: Lens.Lens' ListLogSourcesResponse [Prelude.HashMap Prelude.Text (Prelude.HashMap Prelude.Text [Prelude.Text])]
+listLogSourcesResponse_regionSourceTypesAccountsList = Lens.lens (\ListLogSourcesResponse' {regionSourceTypesAccountsList} -> regionSourceTypesAccountsList) (\s@ListLogSourcesResponse' {} a -> s {regionSourceTypesAccountsList = a} :: ListLogSourcesResponse) Prelude.. Lens.coerced
+
+instance Prelude.NFData ListLogSourcesResponse where
+  rnf ListLogSourcesResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf regionSourceTypesAccountsList
diff --git a/gen/Amazonka/SecurityLake/ListSubscribers.hs b/gen/Amazonka/SecurityLake/ListSubscribers.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/ListSubscribers.hs
@@ -0,0 +1,216 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.ListSubscribers
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- List all subscribers for the specific Amazon Security Lake account ID.
+-- You can retrieve a list of subscriptions associated with a specific
+-- organization or Amazon Web Services account.
+--
+-- This operation returns paginated results.
+module Amazonka.SecurityLake.ListSubscribers
+  ( -- * Creating a Request
+    ListSubscribers (..),
+    newListSubscribers,
+
+    -- * Request Lenses
+    listSubscribers_maxResults,
+    listSubscribers_nextToken,
+
+    -- * Destructuring the Response
+    ListSubscribersResponse (..),
+    newListSubscribersResponse,
+
+    -- * Response Lenses
+    listSubscribersResponse_nextToken,
+    listSubscribersResponse_httpStatus,
+    listSubscribersResponse_subscribers,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newListSubscribers' smart constructor.
+data ListSubscribers = ListSubscribers'
+  { -- | The maximum number of accounts for which the configuration is displayed.
+    maxResults :: Prelude.Maybe Prelude.Int,
+    -- | If nextToken is returned, there are more results available. You can
+    -- repeat the call using the returned token to retrieve the next page.
+    nextToken :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListSubscribers' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listSubscribers_maxResults' - The maximum number of accounts for which the configuration is displayed.
+--
+-- 'nextToken', 'listSubscribers_nextToken' - If nextToken is returned, there are more results available. You can
+-- repeat the call using the returned token to retrieve the next page.
+newListSubscribers ::
+  ListSubscribers
+newListSubscribers =
+  ListSubscribers'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing
+    }
+
+-- | The maximum number of accounts for which the configuration is displayed.
+listSubscribers_maxResults :: Lens.Lens' ListSubscribers (Prelude.Maybe Prelude.Int)
+listSubscribers_maxResults = Lens.lens (\ListSubscribers' {maxResults} -> maxResults) (\s@ListSubscribers' {} a -> s {maxResults = a} :: ListSubscribers)
+
+-- | If nextToken is returned, there are more results available. You can
+-- repeat the call using the returned token to retrieve the next page.
+listSubscribers_nextToken :: Lens.Lens' ListSubscribers (Prelude.Maybe Prelude.Text)
+listSubscribers_nextToken = Lens.lens (\ListSubscribers' {nextToken} -> nextToken) (\s@ListSubscribers' {} a -> s {nextToken = a} :: ListSubscribers)
+
+instance Core.AWSPager ListSubscribers where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listSubscribersResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        (rs Lens.^. listSubscribersResponse_subscribers) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listSubscribers_nextToken
+          Lens..~ rs
+          Lens.^? listSubscribersResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListSubscribers where
+  type
+    AWSResponse ListSubscribers =
+      ListSubscribersResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListSubscribersResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..?> "subscribers" Core..!@ Prelude.mempty)
+      )
+
+instance Prelude.Hashable ListSubscribers where
+  hashWithSalt _salt ListSubscribers' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+
+instance Prelude.NFData ListSubscribers where
+  rnf ListSubscribers' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+
+instance Data.ToHeaders ListSubscribers where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath ListSubscribers where
+  toPath = Prelude.const "/v1/subscribers"
+
+instance Data.ToQuery ListSubscribers where
+  toQuery ListSubscribers' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken
+      ]
+
+-- | /See:/ 'newListSubscribersResponse' smart constructor.
+data ListSubscribersResponse = ListSubscribersResponse'
+  { -- | If nextToken is returned, there are more results available. You can
+    -- repeat the call using the returned token to retrieve the next page.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The subscribers available for the specified Security Lake account ID.
+    subscribers :: [SubscriberResource]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListSubscribersResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listSubscribersResponse_nextToken' - If nextToken is returned, there are more results available. You can
+-- repeat the call using the returned token to retrieve the next page.
+--
+-- 'httpStatus', 'listSubscribersResponse_httpStatus' - The response's http status code.
+--
+-- 'subscribers', 'listSubscribersResponse_subscribers' - The subscribers available for the specified Security Lake account ID.
+newListSubscribersResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListSubscribersResponse
+newListSubscribersResponse pHttpStatus_ =
+  ListSubscribersResponse'
+    { nextToken =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_,
+      subscribers = Prelude.mempty
+    }
+
+-- | If nextToken is returned, there are more results available. You can
+-- repeat the call using the returned token to retrieve the next page.
+listSubscribersResponse_nextToken :: Lens.Lens' ListSubscribersResponse (Prelude.Maybe Prelude.Text)
+listSubscribersResponse_nextToken = Lens.lens (\ListSubscribersResponse' {nextToken} -> nextToken) (\s@ListSubscribersResponse' {} a -> s {nextToken = a} :: ListSubscribersResponse)
+
+-- | The response's http status code.
+listSubscribersResponse_httpStatus :: Lens.Lens' ListSubscribersResponse Prelude.Int
+listSubscribersResponse_httpStatus = Lens.lens (\ListSubscribersResponse' {httpStatus} -> httpStatus) (\s@ListSubscribersResponse' {} a -> s {httpStatus = a} :: ListSubscribersResponse)
+
+-- | The subscribers available for the specified Security Lake account ID.
+listSubscribersResponse_subscribers :: Lens.Lens' ListSubscribersResponse [SubscriberResource]
+listSubscribersResponse_subscribers = Lens.lens (\ListSubscribersResponse' {subscribers} -> subscribers) (\s@ListSubscribersResponse' {} a -> s {subscribers = a} :: ListSubscribersResponse) Prelude.. Lens.coerced
+
+instance Prelude.NFData ListSubscribersResponse where
+  rnf ListSubscribersResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf subscribers
diff --git a/gen/Amazonka/SecurityLake/Types.hs b/gen/Amazonka/SecurityLake/Types.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/Types.hs
@@ -0,0 +1,402 @@
+{-# LANGUAGE DisambiguateRecordFields #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.Types
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.SecurityLake.Types
+  ( -- * Service Configuration
+    defaultService,
+
+    -- * Errors
+    _AccessDeniedException,
+    _AccountNotFoundException,
+    _BucketNotFoundException,
+    _ConcurrentModificationException,
+    _ConflictException,
+    _ConflictSourceNamesException,
+    _ConflictSubscriptionException,
+    _EventBridgeException,
+    _InternalServerException,
+    _InvalidInputException,
+    _ResourceNotFoundException,
+    _S3Exception,
+    _ServiceQuotaExceededException,
+    _ThrottlingException,
+    _ValidationException,
+
+    -- * AccessType
+    AccessType (..),
+
+    -- * AwsLogSourceType
+    AwsLogSourceType (..),
+
+    -- * Dimension
+    Dimension (..),
+
+    -- * EndpointProtocol
+    EndpointProtocol (..),
+
+    -- * HttpsMethod
+    HttpsMethod (..),
+
+    -- * OcsfEventClass
+    OcsfEventClass (..),
+
+    -- * Region
+    Region (..),
+
+    -- * SettingsStatus
+    SettingsStatus (..),
+
+    -- * SourceStatus
+    SourceStatus (..),
+
+    -- * StorageClass
+    StorageClass (..),
+
+    -- * SubscriptionProtocolType
+    SubscriptionProtocolType (..),
+
+    -- * SubscriptionStatus
+    SubscriptionStatus (..),
+
+    -- * AccountSources
+    AccountSources (..),
+    newAccountSources,
+    accountSources_eventClass,
+    accountSources_logsStatus,
+    accountSources_account,
+    accountSources_sourceType,
+
+    -- * AutoEnableNewRegionConfiguration
+    AutoEnableNewRegionConfiguration (..),
+    newAutoEnableNewRegionConfiguration,
+    autoEnableNewRegionConfiguration_region,
+    autoEnableNewRegionConfiguration_sources,
+
+    -- * Failures
+    Failures (..),
+    newFailures,
+    failures_exceptionMessage,
+    failures_remediation,
+    failures_timestamp,
+
+    -- * FailuresResponse
+    FailuresResponse (..),
+    newFailuresResponse,
+    failuresResponse_failures,
+    failuresResponse_region,
+
+    -- * LakeConfigurationRequest
+    LakeConfigurationRequest (..),
+    newLakeConfigurationRequest,
+    lakeConfigurationRequest_encryptionKey,
+    lakeConfigurationRequest_replicationDestinationRegions,
+    lakeConfigurationRequest_replicationRoleArn,
+    lakeConfigurationRequest_retentionSettings,
+    lakeConfigurationRequest_tagsMap,
+
+    -- * LakeConfigurationResponse
+    LakeConfigurationResponse (..),
+    newLakeConfigurationResponse,
+    lakeConfigurationResponse_encryptionKey,
+    lakeConfigurationResponse_replicationDestinationRegions,
+    lakeConfigurationResponse_replicationRoleArn,
+    lakeConfigurationResponse_retentionSettings,
+    lakeConfigurationResponse_s3BucketArn,
+    lakeConfigurationResponse_status,
+    lakeConfigurationResponse_tagsMap,
+
+    -- * LogsStatus
+    LogsStatus (..),
+    newLogsStatus,
+    logsStatus_healthStatus,
+    logsStatus_pathToLogs,
+
+    -- * ProtocolAndNotificationEndpoint
+    ProtocolAndNotificationEndpoint (..),
+    newProtocolAndNotificationEndpoint,
+    protocolAndNotificationEndpoint_endpoint,
+    protocolAndNotificationEndpoint_protocol,
+
+    -- * RetentionSetting
+    RetentionSetting (..),
+    newRetentionSetting,
+    retentionSetting_retentionPeriod,
+    retentionSetting_storageClass,
+
+    -- * SourceType
+    SourceType (..),
+    newSourceType,
+    sourceType_awsSourceType,
+    sourceType_customSourceType,
+
+    -- * SubscriberResource
+    SubscriberResource (..),
+    newSubscriberResource,
+    subscriberResource_accessTypes,
+    subscriberResource_createdAt,
+    subscriberResource_externalId,
+    subscriberResource_roleArn,
+    subscriberResource_s3BucketArn,
+    subscriberResource_snsArn,
+    subscriberResource_subscriberDescription,
+    subscriberResource_subscriberName,
+    subscriberResource_subscriptionEndpoint,
+    subscriberResource_subscriptionProtocol,
+    subscriberResource_subscriptionStatus,
+    subscriberResource_updatedAt,
+    subscriberResource_accountId,
+    subscriberResource_sourceTypes,
+    subscriberResource_subscriptionId,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.SecurityLake.Types.AccessType
+import Amazonka.SecurityLake.Types.AccountSources
+import Amazonka.SecurityLake.Types.AutoEnableNewRegionConfiguration
+import Amazonka.SecurityLake.Types.AwsLogSourceType
+import Amazonka.SecurityLake.Types.Dimension
+import Amazonka.SecurityLake.Types.EndpointProtocol
+import Amazonka.SecurityLake.Types.Failures
+import Amazonka.SecurityLake.Types.FailuresResponse
+import Amazonka.SecurityLake.Types.HttpsMethod
+import Amazonka.SecurityLake.Types.LakeConfigurationRequest
+import Amazonka.SecurityLake.Types.LakeConfigurationResponse
+import Amazonka.SecurityLake.Types.LogsStatus
+import Amazonka.SecurityLake.Types.OcsfEventClass
+import Amazonka.SecurityLake.Types.ProtocolAndNotificationEndpoint
+import Amazonka.SecurityLake.Types.Region
+import Amazonka.SecurityLake.Types.RetentionSetting
+import Amazonka.SecurityLake.Types.SettingsStatus
+import Amazonka.SecurityLake.Types.SourceStatus
+import Amazonka.SecurityLake.Types.SourceType
+import Amazonka.SecurityLake.Types.StorageClass
+import Amazonka.SecurityLake.Types.SubscriberResource
+import Amazonka.SecurityLake.Types.SubscriptionProtocolType
+import Amazonka.SecurityLake.Types.SubscriptionStatus
+import qualified Amazonka.Sign.V4 as Sign
+
+-- | API version @2018-05-10@ of the Amazon Security Lake SDK configuration.
+defaultService :: Core.Service
+defaultService =
+  Core.Service
+    { Core.abbrev = "SecurityLake",
+      Core.signer = Sign.v4,
+      Core.endpointPrefix = "securitylake",
+      Core.signingName = "securitylake",
+      Core.version = "2018-05-10",
+      Core.s3AddressingStyle = Core.S3AddressingStyleAuto,
+      Core.endpoint = Core.defaultEndpoint defaultService,
+      Core.timeout = Prelude.Just 70,
+      Core.check = Core.statusSuccess,
+      Core.error = Core.parseJSONError "SecurityLake",
+      Core.retry = retry
+    }
+  where
+    retry =
+      Core.Exponential
+        { Core.base = 5.0e-2,
+          Core.growth = 2,
+          Core.attempts = 5,
+          Core.check = check
+        }
+    check e
+      | Lens.has (Core.hasStatus 502) e =
+          Prelude.Just "bad_gateway"
+      | Lens.has (Core.hasStatus 504) e =
+          Prelude.Just "gateway_timeout"
+      | Lens.has (Core.hasStatus 500) e =
+          Prelude.Just "general_server_error"
+      | Lens.has (Core.hasStatus 509) e =
+          Prelude.Just "limit_exceeded"
+      | Lens.has
+          ( Core.hasCode "RequestThrottledException"
+              Prelude.. Core.hasStatus 400
+          )
+          e =
+          Prelude.Just "request_throttled_exception"
+      | Lens.has (Core.hasStatus 503) e =
+          Prelude.Just "service_unavailable"
+      | Lens.has
+          ( Core.hasCode "ThrottledException"
+              Prelude.. Core.hasStatus 400
+          )
+          e =
+          Prelude.Just "throttled_exception"
+      | Lens.has
+          ( Core.hasCode "Throttling"
+              Prelude.. Core.hasStatus 400
+          )
+          e =
+          Prelude.Just "throttling"
+      | Lens.has
+          ( Core.hasCode "ThrottlingException"
+              Prelude.. Core.hasStatus 400
+          )
+          e =
+          Prelude.Just "throttling_exception"
+      | Lens.has
+          ( Core.hasCode
+              "ProvisionedThroughputExceededException"
+              Prelude.. Core.hasStatus 400
+          )
+          e =
+          Prelude.Just "throughput_exceeded"
+      | Lens.has (Core.hasStatus 429) e =
+          Prelude.Just "too_many_requests"
+      | Prelude.otherwise = Prelude.Nothing
+
+-- | You do not have sufficient access to perform this action. Access denied
+-- errors appear when Amazon Security Lake explicitly or implicitly denies
+-- an authorization request. An explicit denial occurs when a policy
+-- contains a Deny statement for the specific Amazon Web Services action.
+-- An implicit denial occurs when there is no applicable Deny statement and
+-- also no applicable Allow statement.
+_AccessDeniedException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_AccessDeniedException =
+  Core._MatchServiceError
+    defaultService
+    "AccessDeniedException"
+    Prelude.. Core.hasStatus 403
+
+-- | Amazon Security Lake cannot find an Amazon Web Services account with the
+-- accountID that you specified, or the account whose credentials you used
+-- to make this request isn\'t a member of an organization.
+_AccountNotFoundException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_AccountNotFoundException =
+  Core._MatchServiceError
+    defaultService
+    "AccountNotFoundException"
+    Prelude.. Core.hasStatus 403
+
+-- | Amazon Security Lake generally returns 404 errors if the requested
+-- object is missing from the bucket.
+_BucketNotFoundException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_BucketNotFoundException =
+  Core._MatchServiceError
+    defaultService
+    "BucketNotFoundException"
+    Prelude.. Core.hasStatus 409
+
+-- | More than one process tried to modify a resource at the same time.
+_ConcurrentModificationException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_ConcurrentModificationException =
+  Core._MatchServiceError
+    defaultService
+    "ConcurrentModificationException"
+    Prelude.. Core.hasStatus 409
+
+-- | Occurs when a conflict with a previous successful write is detected.
+-- This generally occurs when the previous write did not have time to
+-- propagate to the host serving the current request. A retry (with
+-- appropriate backoff logic) is the recommended response to this
+-- exception.
+_ConflictException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_ConflictException =
+  Core._MatchServiceError
+    defaultService
+    "ConflictException"
+    Prelude.. Core.hasStatus 409
+
+-- | There was a conflict when you attempted to modify a Security Lake source
+-- name.
+_ConflictSourceNamesException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_ConflictSourceNamesException =
+  Core._MatchServiceError
+    defaultService
+    "ConflictSourceNamesException"
+    Prelude.. Core.hasStatus 400
+
+-- | A conflicting subscription exception operation is in progress.
+_ConflictSubscriptionException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_ConflictSubscriptionException =
+  Core._MatchServiceError
+    defaultService
+    "ConflictSubscriptionException"
+    Prelude.. Core.hasStatus 400
+
+-- | Represents an error interacting with the Amazon EventBridge service.
+_EventBridgeException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_EventBridgeException =
+  Core._MatchServiceError
+    defaultService
+    "EventBridgeException"
+    Prelude.. Core.hasStatus 400
+
+-- | Internal service exceptions are sometimes caused by transient issues.
+-- Before you start troubleshooting, perform the operation again.
+_InternalServerException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_InternalServerException =
+  Core._MatchServiceError
+    defaultService
+    "InternalServerException"
+    Prelude.. Core.hasStatus 500
+
+-- | The request was rejected because a value that\'s not valid or is out of
+-- range was supplied for an input parameter.
+_InvalidInputException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_InvalidInputException =
+  Core._MatchServiceError
+    defaultService
+    "InvalidInputException"
+    Prelude.. Core.hasStatus 400
+
+-- | The resource could not be found.
+_ResourceNotFoundException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_ResourceNotFoundException =
+  Core._MatchServiceError
+    defaultService
+    "ResourceNotFoundException"
+    Prelude.. Core.hasStatus 404
+
+-- | Provides an extension of the AmazonServiceException for errors reported
+-- by Amazon S3 while processing a request. In particular, this class
+-- provides access to the Amazon S3 extended request ID. If Amazon S3 is
+-- incorrectly handling a request and you need to contact Amazon, this
+-- extended request ID may provide useful debugging information.
+_S3Exception :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_S3Exception =
+  Core._MatchServiceError
+    defaultService
+    "S3Exception"
+    Prelude.. Core.hasStatus 400
+
+-- | You have exceeded your service quota. To perform the requested action,
+-- remove some of the relevant resources, or use Service Quotas to request
+-- a service quota increase.
+_ServiceQuotaExceededException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_ServiceQuotaExceededException =
+  Core._MatchServiceError
+    defaultService
+    "ServiceQuotaExceededException"
+    Prelude.. Core.hasStatus 402
+
+-- | The limit on the number of requests per second was exceeded.
+_ThrottlingException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_ThrottlingException =
+  Core._MatchServiceError
+    defaultService
+    "ThrottlingException"
+    Prelude.. Core.hasStatus 429
+
+-- | Your signing certificate could not be validated.
+_ValidationException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_ValidationException =
+  Core._MatchServiceError
+    defaultService
+    "ValidationException"
+    Prelude.. Core.hasStatus 400
diff --git a/gen/Amazonka/SecurityLake/Types/AccessType.hs b/gen/Amazonka/SecurityLake/Types/AccessType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/Types/AccessType.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.Types.AccessType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.SecurityLake.Types.AccessType
+  ( AccessType
+      ( ..,
+        AccessType_LAKEFORMATION,
+        AccessType_S3
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype AccessType = AccessType'
+  { fromAccessType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern AccessType_LAKEFORMATION :: AccessType
+pattern AccessType_LAKEFORMATION = AccessType' "LAKEFORMATION"
+
+pattern AccessType_S3 :: AccessType
+pattern AccessType_S3 = AccessType' "S3"
+
+{-# COMPLETE
+  AccessType_LAKEFORMATION,
+  AccessType_S3,
+  AccessType'
+  #-}
diff --git a/gen/Amazonka/SecurityLake/Types/AccountSources.hs b/gen/Amazonka/SecurityLake/Types/AccountSources.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/Types/AccountSources.hs
@@ -0,0 +1,123 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.Types.AccountSources
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.SecurityLake.Types.AccountSources where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.SecurityLake.Types.LogsStatus
+import Amazonka.SecurityLake.Types.OcsfEventClass
+
+-- | Amazon Security Lake collects logs and events from supported Amazon Web
+-- Services and custom sources. For the list of supported Amazon Web
+-- Services, see the
+-- <https://docs.aws.amazon.com/security-lake/latest/userguide/internal-sources.html Amazon Security Lake User Guide>.
+--
+-- /See:/ 'newAccountSources' smart constructor.
+data AccountSources = AccountSources'
+  { -- | Initializes a new instance of the Event class.
+    eventClass :: Prelude.Maybe OcsfEventClass,
+    -- | The log status for the Security Lake account.
+    logsStatus :: Prelude.Maybe [LogsStatus],
+    -- | The ID of the Security Lake account for which logs are collected.
+    account :: Prelude.Text,
+    -- | The supported Amazon Web Services from which logs and events are
+    -- collected. Amazon Security Lake supports log and event collection for
+    -- natively supported Amazon Web Services.
+    sourceType :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AccountSources' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'eventClass', 'accountSources_eventClass' - Initializes a new instance of the Event class.
+--
+-- 'logsStatus', 'accountSources_logsStatus' - The log status for the Security Lake account.
+--
+-- 'account', 'accountSources_account' - The ID of the Security Lake account for which logs are collected.
+--
+-- 'sourceType', 'accountSources_sourceType' - The supported Amazon Web Services from which logs and events are
+-- collected. Amazon Security Lake supports log and event collection for
+-- natively supported Amazon Web Services.
+newAccountSources ::
+  -- | 'account'
+  Prelude.Text ->
+  -- | 'sourceType'
+  Prelude.Text ->
+  AccountSources
+newAccountSources pAccount_ pSourceType_ =
+  AccountSources'
+    { eventClass = Prelude.Nothing,
+      logsStatus = Prelude.Nothing,
+      account = pAccount_,
+      sourceType = pSourceType_
+    }
+
+-- | Initializes a new instance of the Event class.
+accountSources_eventClass :: Lens.Lens' AccountSources (Prelude.Maybe OcsfEventClass)
+accountSources_eventClass = Lens.lens (\AccountSources' {eventClass} -> eventClass) (\s@AccountSources' {} a -> s {eventClass = a} :: AccountSources)
+
+-- | The log status for the Security Lake account.
+accountSources_logsStatus :: Lens.Lens' AccountSources (Prelude.Maybe [LogsStatus])
+accountSources_logsStatus = Lens.lens (\AccountSources' {logsStatus} -> logsStatus) (\s@AccountSources' {} a -> s {logsStatus = a} :: AccountSources) Prelude.. Lens.mapping Lens.coerced
+
+-- | The ID of the Security Lake account for which logs are collected.
+accountSources_account :: Lens.Lens' AccountSources Prelude.Text
+accountSources_account = Lens.lens (\AccountSources' {account} -> account) (\s@AccountSources' {} a -> s {account = a} :: AccountSources)
+
+-- | The supported Amazon Web Services from which logs and events are
+-- collected. Amazon Security Lake supports log and event collection for
+-- natively supported Amazon Web Services.
+accountSources_sourceType :: Lens.Lens' AccountSources Prelude.Text
+accountSources_sourceType = Lens.lens (\AccountSources' {sourceType} -> sourceType) (\s@AccountSources' {} a -> s {sourceType = a} :: AccountSources)
+
+instance Data.FromJSON AccountSources where
+  parseJSON =
+    Data.withObject
+      "AccountSources"
+      ( \x ->
+          AccountSources'
+            Prelude.<$> (x Data..:? "eventClass")
+            Prelude.<*> (x Data..:? "logsStatus" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..: "account")
+            Prelude.<*> (x Data..: "sourceType")
+      )
+
+instance Prelude.Hashable AccountSources where
+  hashWithSalt _salt AccountSources' {..} =
+    _salt
+      `Prelude.hashWithSalt` eventClass
+      `Prelude.hashWithSalt` logsStatus
+      `Prelude.hashWithSalt` account
+      `Prelude.hashWithSalt` sourceType
+
+instance Prelude.NFData AccountSources where
+  rnf AccountSources' {..} =
+    Prelude.rnf eventClass
+      `Prelude.seq` Prelude.rnf logsStatus
+      `Prelude.seq` Prelude.rnf account
+      `Prelude.seq` Prelude.rnf sourceType
diff --git a/gen/Amazonka/SecurityLake/Types/AutoEnableNewRegionConfiguration.hs b/gen/Amazonka/SecurityLake/Types/AutoEnableNewRegionConfiguration.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/Types/AutoEnableNewRegionConfiguration.hs
@@ -0,0 +1,116 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.Types.AutoEnableNewRegionConfiguration
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.SecurityLake.Types.AutoEnableNewRegionConfiguration where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.SecurityLake.Types.AwsLogSourceType
+import Amazonka.SecurityLake.Types.Region
+
+-- | Automatically enable new organization accounts as member accounts from
+-- an Amazon Security Lake administrator account.
+--
+-- /See:/ 'newAutoEnableNewRegionConfiguration' smart constructor.
+data AutoEnableNewRegionConfiguration = AutoEnableNewRegionConfiguration'
+  { -- | The Amazon Web Services Regions where Security Lake is automatically
+    -- enabled.
+    region :: Region,
+    -- | The Amazon Web Services sources that are automatically enabled in
+    -- Security Lake.
+    sources :: [AwsLogSourceType]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AutoEnableNewRegionConfiguration' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'region', 'autoEnableNewRegionConfiguration_region' - The Amazon Web Services Regions where Security Lake is automatically
+-- enabled.
+--
+-- 'sources', 'autoEnableNewRegionConfiguration_sources' - The Amazon Web Services sources that are automatically enabled in
+-- Security Lake.
+newAutoEnableNewRegionConfiguration ::
+  -- | 'region'
+  Region ->
+  AutoEnableNewRegionConfiguration
+newAutoEnableNewRegionConfiguration pRegion_ =
+  AutoEnableNewRegionConfiguration'
+    { region =
+        pRegion_,
+      sources = Prelude.mempty
+    }
+
+-- | The Amazon Web Services Regions where Security Lake is automatically
+-- enabled.
+autoEnableNewRegionConfiguration_region :: Lens.Lens' AutoEnableNewRegionConfiguration Region
+autoEnableNewRegionConfiguration_region = Lens.lens (\AutoEnableNewRegionConfiguration' {region} -> region) (\s@AutoEnableNewRegionConfiguration' {} a -> s {region = a} :: AutoEnableNewRegionConfiguration)
+
+-- | The Amazon Web Services sources that are automatically enabled in
+-- Security Lake.
+autoEnableNewRegionConfiguration_sources :: Lens.Lens' AutoEnableNewRegionConfiguration [AwsLogSourceType]
+autoEnableNewRegionConfiguration_sources = Lens.lens (\AutoEnableNewRegionConfiguration' {sources} -> sources) (\s@AutoEnableNewRegionConfiguration' {} a -> s {sources = a} :: AutoEnableNewRegionConfiguration) Prelude.. Lens.coerced
+
+instance
+  Data.FromJSON
+    AutoEnableNewRegionConfiguration
+  where
+  parseJSON =
+    Data.withObject
+      "AutoEnableNewRegionConfiguration"
+      ( \x ->
+          AutoEnableNewRegionConfiguration'
+            Prelude.<$> (x Data..: "region")
+            Prelude.<*> (x Data..:? "sources" Data..!= Prelude.mempty)
+      )
+
+instance
+  Prelude.Hashable
+    AutoEnableNewRegionConfiguration
+  where
+  hashWithSalt
+    _salt
+    AutoEnableNewRegionConfiguration' {..} =
+      _salt
+        `Prelude.hashWithSalt` region
+        `Prelude.hashWithSalt` sources
+
+instance
+  Prelude.NFData
+    AutoEnableNewRegionConfiguration
+  where
+  rnf AutoEnableNewRegionConfiguration' {..} =
+    Prelude.rnf region
+      `Prelude.seq` Prelude.rnf sources
+
+instance Data.ToJSON AutoEnableNewRegionConfiguration where
+  toJSON AutoEnableNewRegionConfiguration' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("region" Data..= region),
+            Prelude.Just ("sources" Data..= sources)
+          ]
+      )
diff --git a/gen/Amazonka/SecurityLake/Types/AwsLogSourceType.hs b/gen/Amazonka/SecurityLake/Types/AwsLogSourceType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/Types/AwsLogSourceType.hs
@@ -0,0 +1,81 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.Types.AwsLogSourceType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.SecurityLake.Types.AwsLogSourceType
+  ( AwsLogSourceType
+      ( ..,
+        AwsLogSourceType_CLOUD_TRAIL,
+        AwsLogSourceType_ROUTE53,
+        AwsLogSourceType_SH_FINDINGS,
+        AwsLogSourceType_VPC_FLOW
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype AwsLogSourceType = AwsLogSourceType'
+  { fromAwsLogSourceType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern AwsLogSourceType_CLOUD_TRAIL :: AwsLogSourceType
+pattern AwsLogSourceType_CLOUD_TRAIL = AwsLogSourceType' "CLOUD_TRAIL"
+
+pattern AwsLogSourceType_ROUTE53 :: AwsLogSourceType
+pattern AwsLogSourceType_ROUTE53 = AwsLogSourceType' "ROUTE53"
+
+pattern AwsLogSourceType_SH_FINDINGS :: AwsLogSourceType
+pattern AwsLogSourceType_SH_FINDINGS = AwsLogSourceType' "SH_FINDINGS"
+
+pattern AwsLogSourceType_VPC_FLOW :: AwsLogSourceType
+pattern AwsLogSourceType_VPC_FLOW = AwsLogSourceType' "VPC_FLOW"
+
+{-# COMPLETE
+  AwsLogSourceType_CLOUD_TRAIL,
+  AwsLogSourceType_ROUTE53,
+  AwsLogSourceType_SH_FINDINGS,
+  AwsLogSourceType_VPC_FLOW,
+  AwsLogSourceType'
+  #-}
diff --git a/gen/Amazonka/SecurityLake/Types/Dimension.hs b/gen/Amazonka/SecurityLake/Types/Dimension.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/Types/Dimension.hs
@@ -0,0 +1,76 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.Types.Dimension
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.SecurityLake.Types.Dimension
+  ( Dimension
+      ( ..,
+        Dimension_MEMBER,
+        Dimension_REGION,
+        Dimension_SOURCE_TYPE
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype Dimension = Dimension'
+  { fromDimension ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern Dimension_MEMBER :: Dimension
+pattern Dimension_MEMBER = Dimension' "MEMBER"
+
+pattern Dimension_REGION :: Dimension
+pattern Dimension_REGION = Dimension' "REGION"
+
+pattern Dimension_SOURCE_TYPE :: Dimension
+pattern Dimension_SOURCE_TYPE = Dimension' "SOURCE_TYPE"
+
+{-# COMPLETE
+  Dimension_MEMBER,
+  Dimension_REGION,
+  Dimension_SOURCE_TYPE,
+  Dimension'
+  #-}
diff --git a/gen/Amazonka/SecurityLake/Types/EndpointProtocol.hs b/gen/Amazonka/SecurityLake/Types/EndpointProtocol.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/Types/EndpointProtocol.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.Types.EndpointProtocol
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.SecurityLake.Types.EndpointProtocol
+  ( EndpointProtocol
+      ( ..,
+        EndpointProtocol_HTTPS,
+        EndpointProtocol_SQS
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype EndpointProtocol = EndpointProtocol'
+  { fromEndpointProtocol ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern EndpointProtocol_HTTPS :: EndpointProtocol
+pattern EndpointProtocol_HTTPS = EndpointProtocol' "HTTPS"
+
+pattern EndpointProtocol_SQS :: EndpointProtocol
+pattern EndpointProtocol_SQS = EndpointProtocol' "SQS"
+
+{-# COMPLETE
+  EndpointProtocol_HTTPS,
+  EndpointProtocol_SQS,
+  EndpointProtocol'
+  #-}
diff --git a/gen/Amazonka/SecurityLake/Types/Failures.hs b/gen/Amazonka/SecurityLake/Types/Failures.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/Types/Failures.hs
@@ -0,0 +1,108 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.Types.Failures
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.SecurityLake.Types.Failures where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | List of all failures.
+--
+-- /See:/ 'newFailures' smart constructor.
+data Failures = Failures'
+  { -- | List of all exception messages.
+    exceptionMessage :: Prelude.Text,
+    -- | List of all remediation steps for failures.
+    remediation :: Prelude.Text,
+    -- | This error can occur if you configure the wrong timestamp format, or if
+    -- the subset of entries used for validation had errors or missing values.
+    timestamp :: Data.ISO8601
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'Failures' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'exceptionMessage', 'failures_exceptionMessage' - List of all exception messages.
+--
+-- 'remediation', 'failures_remediation' - List of all remediation steps for failures.
+--
+-- 'timestamp', 'failures_timestamp' - This error can occur if you configure the wrong timestamp format, or if
+-- the subset of entries used for validation had errors or missing values.
+newFailures ::
+  -- | 'exceptionMessage'
+  Prelude.Text ->
+  -- | 'remediation'
+  Prelude.Text ->
+  -- | 'timestamp'
+  Prelude.UTCTime ->
+  Failures
+newFailures
+  pExceptionMessage_
+  pRemediation_
+  pTimestamp_ =
+    Failures'
+      { exceptionMessage = pExceptionMessage_,
+        remediation = pRemediation_,
+        timestamp = Data._Time Lens.# pTimestamp_
+      }
+
+-- | List of all exception messages.
+failures_exceptionMessage :: Lens.Lens' Failures Prelude.Text
+failures_exceptionMessage = Lens.lens (\Failures' {exceptionMessage} -> exceptionMessage) (\s@Failures' {} a -> s {exceptionMessage = a} :: Failures)
+
+-- | List of all remediation steps for failures.
+failures_remediation :: Lens.Lens' Failures Prelude.Text
+failures_remediation = Lens.lens (\Failures' {remediation} -> remediation) (\s@Failures' {} a -> s {remediation = a} :: Failures)
+
+-- | This error can occur if you configure the wrong timestamp format, or if
+-- the subset of entries used for validation had errors or missing values.
+failures_timestamp :: Lens.Lens' Failures Prelude.UTCTime
+failures_timestamp = Lens.lens (\Failures' {timestamp} -> timestamp) (\s@Failures' {} a -> s {timestamp = a} :: Failures) Prelude.. Data._Time
+
+instance Data.FromJSON Failures where
+  parseJSON =
+    Data.withObject
+      "Failures"
+      ( \x ->
+          Failures'
+            Prelude.<$> (x Data..: "exceptionMessage")
+            Prelude.<*> (x Data..: "remediation")
+            Prelude.<*> (x Data..: "timestamp")
+      )
+
+instance Prelude.Hashable Failures where
+  hashWithSalt _salt Failures' {..} =
+    _salt
+      `Prelude.hashWithSalt` exceptionMessage
+      `Prelude.hashWithSalt` remediation
+      `Prelude.hashWithSalt` timestamp
+
+instance Prelude.NFData Failures where
+  rnf Failures' {..} =
+    Prelude.rnf exceptionMessage
+      `Prelude.seq` Prelude.rnf remediation
+      `Prelude.seq` Prelude.rnf timestamp
diff --git a/gen/Amazonka/SecurityLake/Types/FailuresResponse.hs b/gen/Amazonka/SecurityLake/Types/FailuresResponse.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/Types/FailuresResponse.hs
@@ -0,0 +1,86 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.Types.FailuresResponse
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.SecurityLake.Types.FailuresResponse where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.SecurityLake.Types.Failures
+
+-- | Response element for actions that make changes, namely create, update,
+-- or delete actions.
+--
+-- /See:/ 'newFailuresResponse' smart constructor.
+data FailuresResponse = FailuresResponse'
+  { -- | List of all failures.
+    failures :: Prelude.Maybe [Failures],
+    -- | List of Amazon Web Services Regions where the failure occurred.
+    region :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'FailuresResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'failures', 'failuresResponse_failures' - List of all failures.
+--
+-- 'region', 'failuresResponse_region' - List of Amazon Web Services Regions where the failure occurred.
+newFailuresResponse ::
+  FailuresResponse
+newFailuresResponse =
+  FailuresResponse'
+    { failures = Prelude.Nothing,
+      region = Prelude.Nothing
+    }
+
+-- | List of all failures.
+failuresResponse_failures :: Lens.Lens' FailuresResponse (Prelude.Maybe [Failures])
+failuresResponse_failures = Lens.lens (\FailuresResponse' {failures} -> failures) (\s@FailuresResponse' {} a -> s {failures = a} :: FailuresResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | List of Amazon Web Services Regions where the failure occurred.
+failuresResponse_region :: Lens.Lens' FailuresResponse (Prelude.Maybe Prelude.Text)
+failuresResponse_region = Lens.lens (\FailuresResponse' {region} -> region) (\s@FailuresResponse' {} a -> s {region = a} :: FailuresResponse)
+
+instance Data.FromJSON FailuresResponse where
+  parseJSON =
+    Data.withObject
+      "FailuresResponse"
+      ( \x ->
+          FailuresResponse'
+            Prelude.<$> (x Data..:? "failures" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..:? "region")
+      )
+
+instance Prelude.Hashable FailuresResponse where
+  hashWithSalt _salt FailuresResponse' {..} =
+    _salt
+      `Prelude.hashWithSalt` failures
+      `Prelude.hashWithSalt` region
+
+instance Prelude.NFData FailuresResponse where
+  rnf FailuresResponse' {..} =
+    Prelude.rnf failures
+      `Prelude.seq` Prelude.rnf region
diff --git a/gen/Amazonka/SecurityLake/Types/HttpsMethod.hs b/gen/Amazonka/SecurityLake/Types/HttpsMethod.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/Types/HttpsMethod.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.Types.HttpsMethod
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.SecurityLake.Types.HttpsMethod
+  ( HttpsMethod
+      ( ..,
+        HttpsMethod_POST,
+        HttpsMethod_PUT
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype HttpsMethod = HttpsMethod'
+  { fromHttpsMethod ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern HttpsMethod_POST :: HttpsMethod
+pattern HttpsMethod_POST = HttpsMethod' "POST"
+
+pattern HttpsMethod_PUT :: HttpsMethod
+pattern HttpsMethod_PUT = HttpsMethod' "PUT"
+
+{-# COMPLETE
+  HttpsMethod_POST,
+  HttpsMethod_PUT,
+  HttpsMethod'
+  #-}
diff --git a/gen/Amazonka/SecurityLake/Types/LakeConfigurationRequest.hs b/gen/Amazonka/SecurityLake/Types/LakeConfigurationRequest.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/Types/LakeConfigurationRequest.hs
@@ -0,0 +1,167 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.Types.LakeConfigurationRequest
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.SecurityLake.Types.LakeConfigurationRequest where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.SecurityLake.Types.Region
+import Amazonka.SecurityLake.Types.RetentionSetting
+
+-- | Provides details of Amazon Security Lake configuration object.
+--
+-- /See:/ 'newLakeConfigurationRequest' smart constructor.
+data LakeConfigurationRequest = LakeConfigurationRequest'
+  { -- | The type of encryption key used by Amazon Security Lake to encrypt the
+    -- Security Lake configuration object.
+    encryptionKey :: Prelude.Maybe Prelude.Text,
+    -- | Replication enables automatic, asynchronous copying of objects across
+    -- Amazon S3 buckets. Amazon S3 buckets that are configured for object
+    -- replication can be owned by the same Amazon Web Services account or by
+    -- different accounts. You can replicate objects to a single destination
+    -- bucket or to multiple destination buckets. The destination buckets can
+    -- be in different Amazon Web Services Regions or within the same Region as
+    -- the source bucket.
+    --
+    -- Set up one or more rollup Regions by providing the Region or Regions
+    -- that should contribute to the central rollup Region.
+    replicationDestinationRegions :: Prelude.Maybe [Region],
+    -- | Replication settings for the Amazon S3 buckets. This parameter uses the
+    -- Identity and Access Management (IAM) role you created that is managed by
+    -- Security Lake, to ensure the replication setting is correct.
+    replicationRoleArn :: Prelude.Maybe Prelude.Text,
+    -- | Retention settings for the destination Amazon S3 buckets.
+    retentionSettings :: Prelude.Maybe [RetentionSetting],
+    -- | A tag is a label that you assign to an Amazon Web Services resource.
+    -- Each tag consists of a key and an optional value, both of which you
+    -- define.
+    tagsMap :: Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text)
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'LakeConfigurationRequest' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'encryptionKey', 'lakeConfigurationRequest_encryptionKey' - The type of encryption key used by Amazon Security Lake to encrypt the
+-- Security Lake configuration object.
+--
+-- 'replicationDestinationRegions', 'lakeConfigurationRequest_replicationDestinationRegions' - Replication enables automatic, asynchronous copying of objects across
+-- Amazon S3 buckets. Amazon S3 buckets that are configured for object
+-- replication can be owned by the same Amazon Web Services account or by
+-- different accounts. You can replicate objects to a single destination
+-- bucket or to multiple destination buckets. The destination buckets can
+-- be in different Amazon Web Services Regions or within the same Region as
+-- the source bucket.
+--
+-- Set up one or more rollup Regions by providing the Region or Regions
+-- that should contribute to the central rollup Region.
+--
+-- 'replicationRoleArn', 'lakeConfigurationRequest_replicationRoleArn' - Replication settings for the Amazon S3 buckets. This parameter uses the
+-- Identity and Access Management (IAM) role you created that is managed by
+-- Security Lake, to ensure the replication setting is correct.
+--
+-- 'retentionSettings', 'lakeConfigurationRequest_retentionSettings' - Retention settings for the destination Amazon S3 buckets.
+--
+-- 'tagsMap', 'lakeConfigurationRequest_tagsMap' - A tag is a label that you assign to an Amazon Web Services resource.
+-- Each tag consists of a key and an optional value, both of which you
+-- define.
+newLakeConfigurationRequest ::
+  LakeConfigurationRequest
+newLakeConfigurationRequest =
+  LakeConfigurationRequest'
+    { encryptionKey =
+        Prelude.Nothing,
+      replicationDestinationRegions = Prelude.Nothing,
+      replicationRoleArn = Prelude.Nothing,
+      retentionSettings = Prelude.Nothing,
+      tagsMap = Prelude.Nothing
+    }
+
+-- | The type of encryption key used by Amazon Security Lake to encrypt the
+-- Security Lake configuration object.
+lakeConfigurationRequest_encryptionKey :: Lens.Lens' LakeConfigurationRequest (Prelude.Maybe Prelude.Text)
+lakeConfigurationRequest_encryptionKey = Lens.lens (\LakeConfigurationRequest' {encryptionKey} -> encryptionKey) (\s@LakeConfigurationRequest' {} a -> s {encryptionKey = a} :: LakeConfigurationRequest)
+
+-- | Replication enables automatic, asynchronous copying of objects across
+-- Amazon S3 buckets. Amazon S3 buckets that are configured for object
+-- replication can be owned by the same Amazon Web Services account or by
+-- different accounts. You can replicate objects to a single destination
+-- bucket or to multiple destination buckets. The destination buckets can
+-- be in different Amazon Web Services Regions or within the same Region as
+-- the source bucket.
+--
+-- Set up one or more rollup Regions by providing the Region or Regions
+-- that should contribute to the central rollup Region.
+lakeConfigurationRequest_replicationDestinationRegions :: Lens.Lens' LakeConfigurationRequest (Prelude.Maybe [Region])
+lakeConfigurationRequest_replicationDestinationRegions = Lens.lens (\LakeConfigurationRequest' {replicationDestinationRegions} -> replicationDestinationRegions) (\s@LakeConfigurationRequest' {} a -> s {replicationDestinationRegions = a} :: LakeConfigurationRequest) Prelude.. Lens.mapping Lens.coerced
+
+-- | Replication settings for the Amazon S3 buckets. This parameter uses the
+-- Identity and Access Management (IAM) role you created that is managed by
+-- Security Lake, to ensure the replication setting is correct.
+lakeConfigurationRequest_replicationRoleArn :: Lens.Lens' LakeConfigurationRequest (Prelude.Maybe Prelude.Text)
+lakeConfigurationRequest_replicationRoleArn = Lens.lens (\LakeConfigurationRequest' {replicationRoleArn} -> replicationRoleArn) (\s@LakeConfigurationRequest' {} a -> s {replicationRoleArn = a} :: LakeConfigurationRequest)
+
+-- | Retention settings for the destination Amazon S3 buckets.
+lakeConfigurationRequest_retentionSettings :: Lens.Lens' LakeConfigurationRequest (Prelude.Maybe [RetentionSetting])
+lakeConfigurationRequest_retentionSettings = Lens.lens (\LakeConfigurationRequest' {retentionSettings} -> retentionSettings) (\s@LakeConfigurationRequest' {} a -> s {retentionSettings = a} :: LakeConfigurationRequest) Prelude.. Lens.mapping Lens.coerced
+
+-- | A tag is a label that you assign to an Amazon Web Services resource.
+-- Each tag consists of a key and an optional value, both of which you
+-- define.
+lakeConfigurationRequest_tagsMap :: Lens.Lens' LakeConfigurationRequest (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
+lakeConfigurationRequest_tagsMap = Lens.lens (\LakeConfigurationRequest' {tagsMap} -> tagsMap) (\s@LakeConfigurationRequest' {} a -> s {tagsMap = a} :: LakeConfigurationRequest) Prelude.. Lens.mapping Lens.coerced
+
+instance Prelude.Hashable LakeConfigurationRequest where
+  hashWithSalt _salt LakeConfigurationRequest' {..} =
+    _salt
+      `Prelude.hashWithSalt` encryptionKey
+      `Prelude.hashWithSalt` replicationDestinationRegions
+      `Prelude.hashWithSalt` replicationRoleArn
+      `Prelude.hashWithSalt` retentionSettings
+      `Prelude.hashWithSalt` tagsMap
+
+instance Prelude.NFData LakeConfigurationRequest where
+  rnf LakeConfigurationRequest' {..} =
+    Prelude.rnf encryptionKey
+      `Prelude.seq` Prelude.rnf replicationDestinationRegions
+      `Prelude.seq` Prelude.rnf replicationRoleArn
+      `Prelude.seq` Prelude.rnf retentionSettings
+      `Prelude.seq` Prelude.rnf tagsMap
+
+instance Data.ToJSON LakeConfigurationRequest where
+  toJSON LakeConfigurationRequest' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("encryptionKey" Data..=) Prelude.<$> encryptionKey,
+            ("replicationDestinationRegions" Data..=)
+              Prelude.<$> replicationDestinationRegions,
+            ("replicationRoleArn" Data..=)
+              Prelude.<$> replicationRoleArn,
+            ("retentionSettings" Data..=)
+              Prelude.<$> retentionSettings,
+            ("tagsMap" Data..=) Prelude.<$> tagsMap
+          ]
+      )
diff --git a/gen/Amazonka/SecurityLake/Types/LakeConfigurationResponse.hs b/gen/Amazonka/SecurityLake/Types/LakeConfigurationResponse.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/Types/LakeConfigurationResponse.hs
@@ -0,0 +1,211 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.Types.LakeConfigurationResponse
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.SecurityLake.Types.LakeConfigurationResponse where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.SecurityLake.Types.Region
+import Amazonka.SecurityLake.Types.RetentionSetting
+import Amazonka.SecurityLake.Types.SettingsStatus
+
+-- | Provides details of Amazon Security Lake lake configuration object.
+--
+-- /See:/ 'newLakeConfigurationResponse' smart constructor.
+data LakeConfigurationResponse = LakeConfigurationResponse'
+  { -- | The type of encryption key used by secure the Security Lake
+    -- configuration object.
+    encryptionKey :: Prelude.Maybe Prelude.Text,
+    -- | Replication enables automatic, asynchronous copying of objects across
+    -- Amazon S3 buckets. Amazon S3 buckets that are configured for object
+    -- replication can be owned by the same Amazon Web Services account or by
+    -- different accounts. You can replicate objects to a single destination
+    -- bucket or to multiple destination buckets. The destination buckets can
+    -- be in different Amazon Web Services Regions or within the same Region as
+    -- the source bucket.
+    --
+    -- Set up one or more rollup Regions by providing the Region or Regions
+    -- that should contribute to the central rollup Region.
+    replicationDestinationRegions :: Prelude.Maybe [Region],
+    -- | Replication settings for the Amazon S3 buckets. This parameter uses the
+    -- IAM role you created that is managed by Security Lake, to ensure the
+    -- replication setting is correct.
+    replicationRoleArn :: Prelude.Maybe Prelude.Text,
+    -- | Retention settings for the destination Amazon S3 buckets.
+    retentionSettings :: Prelude.Maybe [RetentionSetting],
+    -- | Amazon Resource Names (ARNs) uniquely identify Amazon Web Services
+    -- resources. Security Lake requires an ARN when you need to specify a
+    -- resource unambiguously across all of Amazon Web Services, such as in IAM
+    -- policies, Amazon Relational Database Service (Amazon RDS) tags, and API
+    -- calls.
+    s3BucketArn :: Prelude.Maybe Prelude.Text,
+    -- | Retrieves the status of the configuration operation for an account in
+    -- Amazon Security Lake.
+    status :: Prelude.Maybe SettingsStatus,
+    -- | A tag is a label that you assign to an Amazon Web Services resource.
+    -- Each tag consists of a key and an optional value, both of which you
+    -- define.
+    tagsMap :: Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text)
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'LakeConfigurationResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'encryptionKey', 'lakeConfigurationResponse_encryptionKey' - The type of encryption key used by secure the Security Lake
+-- configuration object.
+--
+-- 'replicationDestinationRegions', 'lakeConfigurationResponse_replicationDestinationRegions' - Replication enables automatic, asynchronous copying of objects across
+-- Amazon S3 buckets. Amazon S3 buckets that are configured for object
+-- replication can be owned by the same Amazon Web Services account or by
+-- different accounts. You can replicate objects to a single destination
+-- bucket or to multiple destination buckets. The destination buckets can
+-- be in different Amazon Web Services Regions or within the same Region as
+-- the source bucket.
+--
+-- Set up one or more rollup Regions by providing the Region or Regions
+-- that should contribute to the central rollup Region.
+--
+-- 'replicationRoleArn', 'lakeConfigurationResponse_replicationRoleArn' - Replication settings for the Amazon S3 buckets. This parameter uses the
+-- IAM role you created that is managed by Security Lake, to ensure the
+-- replication setting is correct.
+--
+-- 'retentionSettings', 'lakeConfigurationResponse_retentionSettings' - Retention settings for the destination Amazon S3 buckets.
+--
+-- 's3BucketArn', 'lakeConfigurationResponse_s3BucketArn' - Amazon Resource Names (ARNs) uniquely identify Amazon Web Services
+-- resources. Security Lake requires an ARN when you need to specify a
+-- resource unambiguously across all of Amazon Web Services, such as in IAM
+-- policies, Amazon Relational Database Service (Amazon RDS) tags, and API
+-- calls.
+--
+-- 'status', 'lakeConfigurationResponse_status' - Retrieves the status of the configuration operation for an account in
+-- Amazon Security Lake.
+--
+-- 'tagsMap', 'lakeConfigurationResponse_tagsMap' - A tag is a label that you assign to an Amazon Web Services resource.
+-- Each tag consists of a key and an optional value, both of which you
+-- define.
+newLakeConfigurationResponse ::
+  LakeConfigurationResponse
+newLakeConfigurationResponse =
+  LakeConfigurationResponse'
+    { encryptionKey =
+        Prelude.Nothing,
+      replicationDestinationRegions = Prelude.Nothing,
+      replicationRoleArn = Prelude.Nothing,
+      retentionSettings = Prelude.Nothing,
+      s3BucketArn = Prelude.Nothing,
+      status = Prelude.Nothing,
+      tagsMap = Prelude.Nothing
+    }
+
+-- | The type of encryption key used by secure the Security Lake
+-- configuration object.
+lakeConfigurationResponse_encryptionKey :: Lens.Lens' LakeConfigurationResponse (Prelude.Maybe Prelude.Text)
+lakeConfigurationResponse_encryptionKey = Lens.lens (\LakeConfigurationResponse' {encryptionKey} -> encryptionKey) (\s@LakeConfigurationResponse' {} a -> s {encryptionKey = a} :: LakeConfigurationResponse)
+
+-- | Replication enables automatic, asynchronous copying of objects across
+-- Amazon S3 buckets. Amazon S3 buckets that are configured for object
+-- replication can be owned by the same Amazon Web Services account or by
+-- different accounts. You can replicate objects to a single destination
+-- bucket or to multiple destination buckets. The destination buckets can
+-- be in different Amazon Web Services Regions or within the same Region as
+-- the source bucket.
+--
+-- Set up one or more rollup Regions by providing the Region or Regions
+-- that should contribute to the central rollup Region.
+lakeConfigurationResponse_replicationDestinationRegions :: Lens.Lens' LakeConfigurationResponse (Prelude.Maybe [Region])
+lakeConfigurationResponse_replicationDestinationRegions = Lens.lens (\LakeConfigurationResponse' {replicationDestinationRegions} -> replicationDestinationRegions) (\s@LakeConfigurationResponse' {} a -> s {replicationDestinationRegions = a} :: LakeConfigurationResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | Replication settings for the Amazon S3 buckets. This parameter uses the
+-- IAM role you created that is managed by Security Lake, to ensure the
+-- replication setting is correct.
+lakeConfigurationResponse_replicationRoleArn :: Lens.Lens' LakeConfigurationResponse (Prelude.Maybe Prelude.Text)
+lakeConfigurationResponse_replicationRoleArn = Lens.lens (\LakeConfigurationResponse' {replicationRoleArn} -> replicationRoleArn) (\s@LakeConfigurationResponse' {} a -> s {replicationRoleArn = a} :: LakeConfigurationResponse)
+
+-- | Retention settings for the destination Amazon S3 buckets.
+lakeConfigurationResponse_retentionSettings :: Lens.Lens' LakeConfigurationResponse (Prelude.Maybe [RetentionSetting])
+lakeConfigurationResponse_retentionSettings = Lens.lens (\LakeConfigurationResponse' {retentionSettings} -> retentionSettings) (\s@LakeConfigurationResponse' {} a -> s {retentionSettings = a} :: LakeConfigurationResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | Amazon Resource Names (ARNs) uniquely identify Amazon Web Services
+-- resources. Security Lake requires an ARN when you need to specify a
+-- resource unambiguously across all of Amazon Web Services, such as in IAM
+-- policies, Amazon Relational Database Service (Amazon RDS) tags, and API
+-- calls.
+lakeConfigurationResponse_s3BucketArn :: Lens.Lens' LakeConfigurationResponse (Prelude.Maybe Prelude.Text)
+lakeConfigurationResponse_s3BucketArn = Lens.lens (\LakeConfigurationResponse' {s3BucketArn} -> s3BucketArn) (\s@LakeConfigurationResponse' {} a -> s {s3BucketArn = a} :: LakeConfigurationResponse)
+
+-- | Retrieves the status of the configuration operation for an account in
+-- Amazon Security Lake.
+lakeConfigurationResponse_status :: Lens.Lens' LakeConfigurationResponse (Prelude.Maybe SettingsStatus)
+lakeConfigurationResponse_status = Lens.lens (\LakeConfigurationResponse' {status} -> status) (\s@LakeConfigurationResponse' {} a -> s {status = a} :: LakeConfigurationResponse)
+
+-- | A tag is a label that you assign to an Amazon Web Services resource.
+-- Each tag consists of a key and an optional value, both of which you
+-- define.
+lakeConfigurationResponse_tagsMap :: Lens.Lens' LakeConfigurationResponse (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
+lakeConfigurationResponse_tagsMap = Lens.lens (\LakeConfigurationResponse' {tagsMap} -> tagsMap) (\s@LakeConfigurationResponse' {} a -> s {tagsMap = a} :: LakeConfigurationResponse) Prelude.. Lens.mapping Lens.coerced
+
+instance Data.FromJSON LakeConfigurationResponse where
+  parseJSON =
+    Data.withObject
+      "LakeConfigurationResponse"
+      ( \x ->
+          LakeConfigurationResponse'
+            Prelude.<$> (x Data..:? "encryptionKey")
+            Prelude.<*> ( x
+                            Data..:? "replicationDestinationRegions"
+                            Data..!= Prelude.mempty
+                        )
+            Prelude.<*> (x Data..:? "replicationRoleArn")
+            Prelude.<*> ( x
+                            Data..:? "retentionSettings"
+                            Data..!= Prelude.mempty
+                        )
+            Prelude.<*> (x Data..:? "s3BucketArn")
+            Prelude.<*> (x Data..:? "status")
+            Prelude.<*> (x Data..:? "tagsMap" Data..!= Prelude.mempty)
+      )
+
+instance Prelude.Hashable LakeConfigurationResponse where
+  hashWithSalt _salt LakeConfigurationResponse' {..} =
+    _salt
+      `Prelude.hashWithSalt` encryptionKey
+      `Prelude.hashWithSalt` replicationDestinationRegions
+      `Prelude.hashWithSalt` replicationRoleArn
+      `Prelude.hashWithSalt` retentionSettings
+      `Prelude.hashWithSalt` s3BucketArn
+      `Prelude.hashWithSalt` status
+      `Prelude.hashWithSalt` tagsMap
+
+instance Prelude.NFData LakeConfigurationResponse where
+  rnf LakeConfigurationResponse' {..} =
+    Prelude.rnf encryptionKey
+      `Prelude.seq` Prelude.rnf replicationDestinationRegions
+      `Prelude.seq` Prelude.rnf replicationRoleArn
+      `Prelude.seq` Prelude.rnf retentionSettings
+      `Prelude.seq` Prelude.rnf s3BucketArn
+      `Prelude.seq` Prelude.rnf status
+      `Prelude.seq` Prelude.rnf tagsMap
diff --git a/gen/Amazonka/SecurityLake/Types/LogsStatus.hs b/gen/Amazonka/SecurityLake/Types/LogsStatus.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/Types/LogsStatus.hs
@@ -0,0 +1,92 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.Types.LogsStatus
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.SecurityLake.Types.LogsStatus where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.SecurityLake.Types.SourceStatus
+
+-- | Retrieves the Logs status for the Amazon Security Lake account.
+--
+-- /See:/ 'newLogsStatus' smart constructor.
+data LogsStatus = LogsStatus'
+  { -- | The health status of services, including error codes and patterns.
+    healthStatus :: SourceStatus,
+    -- | Defines path the stored logs are available which has information on your
+    -- systems, applications, and services.
+    pathToLogs :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'LogsStatus' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'healthStatus', 'logsStatus_healthStatus' - The health status of services, including error codes and patterns.
+--
+-- 'pathToLogs', 'logsStatus_pathToLogs' - Defines path the stored logs are available which has information on your
+-- systems, applications, and services.
+newLogsStatus ::
+  -- | 'healthStatus'
+  SourceStatus ->
+  -- | 'pathToLogs'
+  Prelude.Text ->
+  LogsStatus
+newLogsStatus pHealthStatus_ pPathToLogs_ =
+  LogsStatus'
+    { healthStatus = pHealthStatus_,
+      pathToLogs = pPathToLogs_
+    }
+
+-- | The health status of services, including error codes and patterns.
+logsStatus_healthStatus :: Lens.Lens' LogsStatus SourceStatus
+logsStatus_healthStatus = Lens.lens (\LogsStatus' {healthStatus} -> healthStatus) (\s@LogsStatus' {} a -> s {healthStatus = a} :: LogsStatus)
+
+-- | Defines path the stored logs are available which has information on your
+-- systems, applications, and services.
+logsStatus_pathToLogs :: Lens.Lens' LogsStatus Prelude.Text
+logsStatus_pathToLogs = Lens.lens (\LogsStatus' {pathToLogs} -> pathToLogs) (\s@LogsStatus' {} a -> s {pathToLogs = a} :: LogsStatus)
+
+instance Data.FromJSON LogsStatus where
+  parseJSON =
+    Data.withObject
+      "LogsStatus"
+      ( \x ->
+          LogsStatus'
+            Prelude.<$> (x Data..: "healthStatus")
+            Prelude.<*> (x Data..: "pathToLogs")
+      )
+
+instance Prelude.Hashable LogsStatus where
+  hashWithSalt _salt LogsStatus' {..} =
+    _salt
+      `Prelude.hashWithSalt` healthStatus
+      `Prelude.hashWithSalt` pathToLogs
+
+instance Prelude.NFData LogsStatus where
+  rnf LogsStatus' {..} =
+    Prelude.rnf healthStatus
+      `Prelude.seq` Prelude.rnf pathToLogs
diff --git a/gen/Amazonka/SecurityLake/Types/OcsfEventClass.hs b/gen/Amazonka/SecurityLake/Types/OcsfEventClass.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/Types/OcsfEventClass.hs
@@ -0,0 +1,226 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.Types.OcsfEventClass
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.SecurityLake.Types.OcsfEventClass
+  ( OcsfEventClass
+      ( ..,
+        OcsfEventClass_ACCESS_ACTIVITY,
+        OcsfEventClass_ACCOUNT_CHANGE,
+        OcsfEventClass_AUTHENTICATION,
+        OcsfEventClass_AUTHORIZATION,
+        OcsfEventClass_CLOUD_API,
+        OcsfEventClass_CLOUD_STORAGE,
+        OcsfEventClass_CONFIG_STATE,
+        OcsfEventClass_CONTAINER_LIFECYCLE,
+        OcsfEventClass_DATABASE_LIFECYCLE,
+        OcsfEventClass_DHCP_ACTIVITY,
+        OcsfEventClass_DNS_ACTIVITY,
+        OcsfEventClass_ENTITY_MANAGEMENT_AUDIT,
+        OcsfEventClass_FILE_ACTIVITY,
+        OcsfEventClass_FTP_ACTIVITY,
+        OcsfEventClass_HTTP_ACTIVITY,
+        OcsfEventClass_INVENTORY_INFO,
+        OcsfEventClass_KERNEL_ACTIVITY,
+        OcsfEventClass_KERNEL_EXTENSION,
+        OcsfEventClass_MEMORY_ACTIVITY,
+        OcsfEventClass_MODULE_ACTIVITY,
+        OcsfEventClass_NETWORK_ACTIVITY,
+        OcsfEventClass_PROCESS_ACTIVITY,
+        OcsfEventClass_RDP_ACTIVITY,
+        OcsfEventClass_REGISTRY_KEY_ACTIVITY,
+        OcsfEventClass_REGISTRY_VALUE_ACTIVITY,
+        OcsfEventClass_RESOURCE_ACTIVITY,
+        OcsfEventClass_RFB_ACTIVITY,
+        OcsfEventClass_SCHEDULED_JOB_ACTIVITY,
+        OcsfEventClass_SECURITY_FINDING,
+        OcsfEventClass_SMB_ACTIVITY,
+        OcsfEventClass_SMTP_ACTIVITY,
+        OcsfEventClass_SSH_ACTIVITY,
+        OcsfEventClass_VIRTUAL_MACHINE_ACTIVITY
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype OcsfEventClass = OcsfEventClass'
+  { fromOcsfEventClass ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern OcsfEventClass_ACCESS_ACTIVITY :: OcsfEventClass
+pattern OcsfEventClass_ACCESS_ACTIVITY = OcsfEventClass' "ACCESS_ACTIVITY"
+
+pattern OcsfEventClass_ACCOUNT_CHANGE :: OcsfEventClass
+pattern OcsfEventClass_ACCOUNT_CHANGE = OcsfEventClass' "ACCOUNT_CHANGE"
+
+pattern OcsfEventClass_AUTHENTICATION :: OcsfEventClass
+pattern OcsfEventClass_AUTHENTICATION = OcsfEventClass' "AUTHENTICATION"
+
+pattern OcsfEventClass_AUTHORIZATION :: OcsfEventClass
+pattern OcsfEventClass_AUTHORIZATION = OcsfEventClass' "AUTHORIZATION"
+
+pattern OcsfEventClass_CLOUD_API :: OcsfEventClass
+pattern OcsfEventClass_CLOUD_API = OcsfEventClass' "CLOUD_API"
+
+pattern OcsfEventClass_CLOUD_STORAGE :: OcsfEventClass
+pattern OcsfEventClass_CLOUD_STORAGE = OcsfEventClass' "CLOUD_STORAGE"
+
+pattern OcsfEventClass_CONFIG_STATE :: OcsfEventClass
+pattern OcsfEventClass_CONFIG_STATE = OcsfEventClass' "CONFIG_STATE"
+
+pattern OcsfEventClass_CONTAINER_LIFECYCLE :: OcsfEventClass
+pattern OcsfEventClass_CONTAINER_LIFECYCLE = OcsfEventClass' "CONTAINER_LIFECYCLE"
+
+pattern OcsfEventClass_DATABASE_LIFECYCLE :: OcsfEventClass
+pattern OcsfEventClass_DATABASE_LIFECYCLE = OcsfEventClass' "DATABASE_LIFECYCLE"
+
+pattern OcsfEventClass_DHCP_ACTIVITY :: OcsfEventClass
+pattern OcsfEventClass_DHCP_ACTIVITY = OcsfEventClass' "DHCP_ACTIVITY"
+
+pattern OcsfEventClass_DNS_ACTIVITY :: OcsfEventClass
+pattern OcsfEventClass_DNS_ACTIVITY = OcsfEventClass' "DNS_ACTIVITY"
+
+pattern OcsfEventClass_ENTITY_MANAGEMENT_AUDIT :: OcsfEventClass
+pattern OcsfEventClass_ENTITY_MANAGEMENT_AUDIT = OcsfEventClass' "ENTITY_MANAGEMENT_AUDIT"
+
+pattern OcsfEventClass_FILE_ACTIVITY :: OcsfEventClass
+pattern OcsfEventClass_FILE_ACTIVITY = OcsfEventClass' "FILE_ACTIVITY"
+
+pattern OcsfEventClass_FTP_ACTIVITY :: OcsfEventClass
+pattern OcsfEventClass_FTP_ACTIVITY = OcsfEventClass' "FTP_ACTIVITY"
+
+pattern OcsfEventClass_HTTP_ACTIVITY :: OcsfEventClass
+pattern OcsfEventClass_HTTP_ACTIVITY = OcsfEventClass' "HTTP_ACTIVITY"
+
+pattern OcsfEventClass_INVENTORY_INFO :: OcsfEventClass
+pattern OcsfEventClass_INVENTORY_INFO = OcsfEventClass' "INVENTORY_INFO"
+
+pattern OcsfEventClass_KERNEL_ACTIVITY :: OcsfEventClass
+pattern OcsfEventClass_KERNEL_ACTIVITY = OcsfEventClass' "KERNEL_ACTIVITY"
+
+pattern OcsfEventClass_KERNEL_EXTENSION :: OcsfEventClass
+pattern OcsfEventClass_KERNEL_EXTENSION = OcsfEventClass' "KERNEL_EXTENSION"
+
+pattern OcsfEventClass_MEMORY_ACTIVITY :: OcsfEventClass
+pattern OcsfEventClass_MEMORY_ACTIVITY = OcsfEventClass' "MEMORY_ACTIVITY"
+
+pattern OcsfEventClass_MODULE_ACTIVITY :: OcsfEventClass
+pattern OcsfEventClass_MODULE_ACTIVITY = OcsfEventClass' "MODULE_ACTIVITY"
+
+pattern OcsfEventClass_NETWORK_ACTIVITY :: OcsfEventClass
+pattern OcsfEventClass_NETWORK_ACTIVITY = OcsfEventClass' "NETWORK_ACTIVITY"
+
+pattern OcsfEventClass_PROCESS_ACTIVITY :: OcsfEventClass
+pattern OcsfEventClass_PROCESS_ACTIVITY = OcsfEventClass' "PROCESS_ACTIVITY"
+
+pattern OcsfEventClass_RDP_ACTIVITY :: OcsfEventClass
+pattern OcsfEventClass_RDP_ACTIVITY = OcsfEventClass' "RDP_ACTIVITY"
+
+pattern OcsfEventClass_REGISTRY_KEY_ACTIVITY :: OcsfEventClass
+pattern OcsfEventClass_REGISTRY_KEY_ACTIVITY = OcsfEventClass' "REGISTRY_KEY_ACTIVITY"
+
+pattern OcsfEventClass_REGISTRY_VALUE_ACTIVITY :: OcsfEventClass
+pattern OcsfEventClass_REGISTRY_VALUE_ACTIVITY = OcsfEventClass' "REGISTRY_VALUE_ACTIVITY"
+
+pattern OcsfEventClass_RESOURCE_ACTIVITY :: OcsfEventClass
+pattern OcsfEventClass_RESOURCE_ACTIVITY = OcsfEventClass' "RESOURCE_ACTIVITY"
+
+pattern OcsfEventClass_RFB_ACTIVITY :: OcsfEventClass
+pattern OcsfEventClass_RFB_ACTIVITY = OcsfEventClass' "RFB_ACTIVITY"
+
+pattern OcsfEventClass_SCHEDULED_JOB_ACTIVITY :: OcsfEventClass
+pattern OcsfEventClass_SCHEDULED_JOB_ACTIVITY = OcsfEventClass' "SCHEDULED_JOB_ACTIVITY"
+
+pattern OcsfEventClass_SECURITY_FINDING :: OcsfEventClass
+pattern OcsfEventClass_SECURITY_FINDING = OcsfEventClass' "SECURITY_FINDING"
+
+pattern OcsfEventClass_SMB_ACTIVITY :: OcsfEventClass
+pattern OcsfEventClass_SMB_ACTIVITY = OcsfEventClass' "SMB_ACTIVITY"
+
+pattern OcsfEventClass_SMTP_ACTIVITY :: OcsfEventClass
+pattern OcsfEventClass_SMTP_ACTIVITY = OcsfEventClass' "SMTP_ACTIVITY"
+
+pattern OcsfEventClass_SSH_ACTIVITY :: OcsfEventClass
+pattern OcsfEventClass_SSH_ACTIVITY = OcsfEventClass' "SSH_ACTIVITY"
+
+pattern OcsfEventClass_VIRTUAL_MACHINE_ACTIVITY :: OcsfEventClass
+pattern OcsfEventClass_VIRTUAL_MACHINE_ACTIVITY = OcsfEventClass' "VIRTUAL_MACHINE_ACTIVITY"
+
+{-# COMPLETE
+  OcsfEventClass_ACCESS_ACTIVITY,
+  OcsfEventClass_ACCOUNT_CHANGE,
+  OcsfEventClass_AUTHENTICATION,
+  OcsfEventClass_AUTHORIZATION,
+  OcsfEventClass_CLOUD_API,
+  OcsfEventClass_CLOUD_STORAGE,
+  OcsfEventClass_CONFIG_STATE,
+  OcsfEventClass_CONTAINER_LIFECYCLE,
+  OcsfEventClass_DATABASE_LIFECYCLE,
+  OcsfEventClass_DHCP_ACTIVITY,
+  OcsfEventClass_DNS_ACTIVITY,
+  OcsfEventClass_ENTITY_MANAGEMENT_AUDIT,
+  OcsfEventClass_FILE_ACTIVITY,
+  OcsfEventClass_FTP_ACTIVITY,
+  OcsfEventClass_HTTP_ACTIVITY,
+  OcsfEventClass_INVENTORY_INFO,
+  OcsfEventClass_KERNEL_ACTIVITY,
+  OcsfEventClass_KERNEL_EXTENSION,
+  OcsfEventClass_MEMORY_ACTIVITY,
+  OcsfEventClass_MODULE_ACTIVITY,
+  OcsfEventClass_NETWORK_ACTIVITY,
+  OcsfEventClass_PROCESS_ACTIVITY,
+  OcsfEventClass_RDP_ACTIVITY,
+  OcsfEventClass_REGISTRY_KEY_ACTIVITY,
+  OcsfEventClass_REGISTRY_VALUE_ACTIVITY,
+  OcsfEventClass_RESOURCE_ACTIVITY,
+  OcsfEventClass_RFB_ACTIVITY,
+  OcsfEventClass_SCHEDULED_JOB_ACTIVITY,
+  OcsfEventClass_SECURITY_FINDING,
+  OcsfEventClass_SMB_ACTIVITY,
+  OcsfEventClass_SMTP_ACTIVITY,
+  OcsfEventClass_SSH_ACTIVITY,
+  OcsfEventClass_VIRTUAL_MACHINE_ACTIVITY,
+  OcsfEventClass'
+  #-}
diff --git a/gen/Amazonka/SecurityLake/Types/ProtocolAndNotificationEndpoint.hs b/gen/Amazonka/SecurityLake/Types/ProtocolAndNotificationEndpoint.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/Types/ProtocolAndNotificationEndpoint.hs
@@ -0,0 +1,97 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.Types.ProtocolAndNotificationEndpoint
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.SecurityLake.Types.ProtocolAndNotificationEndpoint where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Protocol used in Amazon Security Lake that dictates how notifications
+-- are posted at the endpoint.
+--
+-- /See:/ 'newProtocolAndNotificationEndpoint' smart constructor.
+data ProtocolAndNotificationEndpoint = ProtocolAndNotificationEndpoint'
+  { -- | The account that is subscribed to receive exception notifications.
+    endpoint :: Prelude.Maybe Prelude.Text,
+    -- | The protocol to which notification messages are posted.
+    protocol :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ProtocolAndNotificationEndpoint' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'endpoint', 'protocolAndNotificationEndpoint_endpoint' - The account that is subscribed to receive exception notifications.
+--
+-- 'protocol', 'protocolAndNotificationEndpoint_protocol' - The protocol to which notification messages are posted.
+newProtocolAndNotificationEndpoint ::
+  ProtocolAndNotificationEndpoint
+newProtocolAndNotificationEndpoint =
+  ProtocolAndNotificationEndpoint'
+    { endpoint =
+        Prelude.Nothing,
+      protocol = Prelude.Nothing
+    }
+
+-- | The account that is subscribed to receive exception notifications.
+protocolAndNotificationEndpoint_endpoint :: Lens.Lens' ProtocolAndNotificationEndpoint (Prelude.Maybe Prelude.Text)
+protocolAndNotificationEndpoint_endpoint = Lens.lens (\ProtocolAndNotificationEndpoint' {endpoint} -> endpoint) (\s@ProtocolAndNotificationEndpoint' {} a -> s {endpoint = a} :: ProtocolAndNotificationEndpoint)
+
+-- | The protocol to which notification messages are posted.
+protocolAndNotificationEndpoint_protocol :: Lens.Lens' ProtocolAndNotificationEndpoint (Prelude.Maybe Prelude.Text)
+protocolAndNotificationEndpoint_protocol = Lens.lens (\ProtocolAndNotificationEndpoint' {protocol} -> protocol) (\s@ProtocolAndNotificationEndpoint' {} a -> s {protocol = a} :: ProtocolAndNotificationEndpoint)
+
+instance
+  Data.FromJSON
+    ProtocolAndNotificationEndpoint
+  where
+  parseJSON =
+    Data.withObject
+      "ProtocolAndNotificationEndpoint"
+      ( \x ->
+          ProtocolAndNotificationEndpoint'
+            Prelude.<$> (x Data..:? "endpoint")
+            Prelude.<*> (x Data..:? "protocol")
+      )
+
+instance
+  Prelude.Hashable
+    ProtocolAndNotificationEndpoint
+  where
+  hashWithSalt
+    _salt
+    ProtocolAndNotificationEndpoint' {..} =
+      _salt
+        `Prelude.hashWithSalt` endpoint
+        `Prelude.hashWithSalt` protocol
+
+instance
+  Prelude.NFData
+    ProtocolAndNotificationEndpoint
+  where
+  rnf ProtocolAndNotificationEndpoint' {..} =
+    Prelude.rnf endpoint
+      `Prelude.seq` Prelude.rnf protocol
diff --git a/gen/Amazonka/SecurityLake/Types/Region.hs b/gen/Amazonka/SecurityLake/Types/Region.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/Types/Region.hs
@@ -0,0 +1,93 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.Types.Region
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.SecurityLake.Types.Region
+  ( Region
+      ( ..,
+        Region_Ap_northeast_1,
+        Region_Ap_southeast_2,
+        Region_Eu_central_1,
+        Region_Eu_west_1,
+        Region_Us_east_1,
+        Region_Us_east_2,
+        Region_Us_west_2
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype Region = Region' {fromRegion :: Data.Text}
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern Region_Ap_northeast_1 :: Region
+pattern Region_Ap_northeast_1 = Region' "ap-northeast-1"
+
+pattern Region_Ap_southeast_2 :: Region
+pattern Region_Ap_southeast_2 = Region' "ap-southeast-2"
+
+pattern Region_Eu_central_1 :: Region
+pattern Region_Eu_central_1 = Region' "eu-central-1"
+
+pattern Region_Eu_west_1 :: Region
+pattern Region_Eu_west_1 = Region' "eu-west-1"
+
+pattern Region_Us_east_1 :: Region
+pattern Region_Us_east_1 = Region' "us-east-1"
+
+pattern Region_Us_east_2 :: Region
+pattern Region_Us_east_2 = Region' "us-east-2"
+
+pattern Region_Us_west_2 :: Region
+pattern Region_Us_west_2 = Region' "us-west-2"
+
+{-# COMPLETE
+  Region_Ap_northeast_1,
+  Region_Ap_southeast_2,
+  Region_Eu_central_1,
+  Region_Eu_west_1,
+  Region_Us_east_1,
+  Region_Us_east_2,
+  Region_Us_west_2,
+  Region'
+  #-}
diff --git a/gen/Amazonka/SecurityLake/Types/RetentionSetting.hs b/gen/Amazonka/SecurityLake/Types/RetentionSetting.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/Types/RetentionSetting.hs
@@ -0,0 +1,106 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.Types.RetentionSetting
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.SecurityLake.Types.RetentionSetting where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.SecurityLake.Types.StorageClass
+
+-- | Retention settings for the destination Amazon S3 buckets in Amazon
+-- Security Lake.
+--
+-- /See:/ 'newRetentionSetting' smart constructor.
+data RetentionSetting = RetentionSetting'
+  { -- | The retention period specifies a fixed period of time during which the
+    -- Security Lake object remains locked. You can specify the retention
+    -- period in days for one or more sources.
+    retentionPeriod :: Prelude.Maybe Prelude.Natural,
+    -- | The range of storage classes that you can choose from based on the data
+    -- access, resiliency, and cost requirements of your workloads.
+    storageClass :: Prelude.Maybe StorageClass
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'RetentionSetting' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'retentionPeriod', 'retentionSetting_retentionPeriod' - The retention period specifies a fixed period of time during which the
+-- Security Lake object remains locked. You can specify the retention
+-- period in days for one or more sources.
+--
+-- 'storageClass', 'retentionSetting_storageClass' - The range of storage classes that you can choose from based on the data
+-- access, resiliency, and cost requirements of your workloads.
+newRetentionSetting ::
+  RetentionSetting
+newRetentionSetting =
+  RetentionSetting'
+    { retentionPeriod =
+        Prelude.Nothing,
+      storageClass = Prelude.Nothing
+    }
+
+-- | The retention period specifies a fixed period of time during which the
+-- Security Lake object remains locked. You can specify the retention
+-- period in days for one or more sources.
+retentionSetting_retentionPeriod :: Lens.Lens' RetentionSetting (Prelude.Maybe Prelude.Natural)
+retentionSetting_retentionPeriod = Lens.lens (\RetentionSetting' {retentionPeriod} -> retentionPeriod) (\s@RetentionSetting' {} a -> s {retentionPeriod = a} :: RetentionSetting)
+
+-- | The range of storage classes that you can choose from based on the data
+-- access, resiliency, and cost requirements of your workloads.
+retentionSetting_storageClass :: Lens.Lens' RetentionSetting (Prelude.Maybe StorageClass)
+retentionSetting_storageClass = Lens.lens (\RetentionSetting' {storageClass} -> storageClass) (\s@RetentionSetting' {} a -> s {storageClass = a} :: RetentionSetting)
+
+instance Data.FromJSON RetentionSetting where
+  parseJSON =
+    Data.withObject
+      "RetentionSetting"
+      ( \x ->
+          RetentionSetting'
+            Prelude.<$> (x Data..:? "retentionPeriod")
+            Prelude.<*> (x Data..:? "storageClass")
+      )
+
+instance Prelude.Hashable RetentionSetting where
+  hashWithSalt _salt RetentionSetting' {..} =
+    _salt
+      `Prelude.hashWithSalt` retentionPeriod
+      `Prelude.hashWithSalt` storageClass
+
+instance Prelude.NFData RetentionSetting where
+  rnf RetentionSetting' {..} =
+    Prelude.rnf retentionPeriod
+      `Prelude.seq` Prelude.rnf storageClass
+
+instance Data.ToJSON RetentionSetting where
+  toJSON RetentionSetting' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("retentionPeriod" Data..=)
+              Prelude.<$> retentionPeriod,
+            ("storageClass" Data..=) Prelude.<$> storageClass
+          ]
+      )
diff --git a/gen/Amazonka/SecurityLake/Types/SettingsStatus.hs b/gen/Amazonka/SecurityLake/Types/SettingsStatus.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/Types/SettingsStatus.hs
@@ -0,0 +1,81 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.Types.SettingsStatus
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.SecurityLake.Types.SettingsStatus
+  ( SettingsStatus
+      ( ..,
+        SettingsStatus_COMPLETED,
+        SettingsStatus_FAILED,
+        SettingsStatus_INITIALIZED,
+        SettingsStatus_PENDING
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype SettingsStatus = SettingsStatus'
+  { fromSettingsStatus ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern SettingsStatus_COMPLETED :: SettingsStatus
+pattern SettingsStatus_COMPLETED = SettingsStatus' "COMPLETED"
+
+pattern SettingsStatus_FAILED :: SettingsStatus
+pattern SettingsStatus_FAILED = SettingsStatus' "FAILED"
+
+pattern SettingsStatus_INITIALIZED :: SettingsStatus
+pattern SettingsStatus_INITIALIZED = SettingsStatus' "INITIALIZED"
+
+pattern SettingsStatus_PENDING :: SettingsStatus
+pattern SettingsStatus_PENDING = SettingsStatus' "PENDING"
+
+{-# COMPLETE
+  SettingsStatus_COMPLETED,
+  SettingsStatus_FAILED,
+  SettingsStatus_INITIALIZED,
+  SettingsStatus_PENDING,
+  SettingsStatus'
+  #-}
diff --git a/gen/Amazonka/SecurityLake/Types/SourceStatus.hs b/gen/Amazonka/SecurityLake/Types/SourceStatus.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/Types/SourceStatus.hs
@@ -0,0 +1,76 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.Types.SourceStatus
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.SecurityLake.Types.SourceStatus
+  ( SourceStatus
+      ( ..,
+        SourceStatus_ACTIVE,
+        SourceStatus_DEACTIVATED,
+        SourceStatus_PENDING
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype SourceStatus = SourceStatus'
+  { fromSourceStatus ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern SourceStatus_ACTIVE :: SourceStatus
+pattern SourceStatus_ACTIVE = SourceStatus' "ACTIVE"
+
+pattern SourceStatus_DEACTIVATED :: SourceStatus
+pattern SourceStatus_DEACTIVATED = SourceStatus' "DEACTIVATED"
+
+pattern SourceStatus_PENDING :: SourceStatus
+pattern SourceStatus_PENDING = SourceStatus' "PENDING"
+
+{-# COMPLETE
+  SourceStatus_ACTIVE,
+  SourceStatus_DEACTIVATED,
+  SourceStatus_PENDING,
+  SourceStatus'
+  #-}
diff --git a/gen/Amazonka/SecurityLake/Types/SourceType.hs b/gen/Amazonka/SecurityLake/Types/SourceType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/Types/SourceType.hs
@@ -0,0 +1,104 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.Types.SourceType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.SecurityLake.Types.SourceType where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.SecurityLake.Types.AwsLogSourceType
+
+-- | The supported source types from which logs and events are collected in
+-- Amazon Security Lake. For the list of supported Amazon Web Services, see
+-- the
+-- <https://docs.aws.amazon.com/security-lake/latest/userguide/internal-sources.html Amazon Security Lake User Guide>.
+--
+-- /See:/ 'newSourceType' smart constructor.
+data SourceType = SourceType'
+  { -- | Amazon Security Lake supports log and event collection for natively
+    -- supported Amazon Web Services.
+    awsSourceType :: Prelude.Maybe AwsLogSourceType,
+    -- | Amazon Security Lake supports custom source types. For a detailed list,
+    -- see the Amazon Security Lake User Guide.
+    customSourceType :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'SourceType' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'awsSourceType', 'sourceType_awsSourceType' - Amazon Security Lake supports log and event collection for natively
+-- supported Amazon Web Services.
+--
+-- 'customSourceType', 'sourceType_customSourceType' - Amazon Security Lake supports custom source types. For a detailed list,
+-- see the Amazon Security Lake User Guide.
+newSourceType ::
+  SourceType
+newSourceType =
+  SourceType'
+    { awsSourceType = Prelude.Nothing,
+      customSourceType = Prelude.Nothing
+    }
+
+-- | Amazon Security Lake supports log and event collection for natively
+-- supported Amazon Web Services.
+sourceType_awsSourceType :: Lens.Lens' SourceType (Prelude.Maybe AwsLogSourceType)
+sourceType_awsSourceType = Lens.lens (\SourceType' {awsSourceType} -> awsSourceType) (\s@SourceType' {} a -> s {awsSourceType = a} :: SourceType)
+
+-- | Amazon Security Lake supports custom source types. For a detailed list,
+-- see the Amazon Security Lake User Guide.
+sourceType_customSourceType :: Lens.Lens' SourceType (Prelude.Maybe Prelude.Text)
+sourceType_customSourceType = Lens.lens (\SourceType' {customSourceType} -> customSourceType) (\s@SourceType' {} a -> s {customSourceType = a} :: SourceType)
+
+instance Data.FromJSON SourceType where
+  parseJSON =
+    Data.withObject
+      "SourceType"
+      ( \x ->
+          SourceType'
+            Prelude.<$> (x Data..:? "awsSourceType")
+            Prelude.<*> (x Data..:? "customSourceType")
+      )
+
+instance Prelude.Hashable SourceType where
+  hashWithSalt _salt SourceType' {..} =
+    _salt
+      `Prelude.hashWithSalt` awsSourceType
+      `Prelude.hashWithSalt` customSourceType
+
+instance Prelude.NFData SourceType where
+  rnf SourceType' {..} =
+    Prelude.rnf awsSourceType
+      `Prelude.seq` Prelude.rnf customSourceType
+
+instance Data.ToJSON SourceType where
+  toJSON SourceType' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("awsSourceType" Data..=) Prelude.<$> awsSourceType,
+            ("customSourceType" Data..=)
+              Prelude.<$> customSourceType
+          ]
+      )
diff --git a/gen/Amazonka/SecurityLake/Types/StorageClass.hs b/gen/Amazonka/SecurityLake/Types/StorageClass.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/Types/StorageClass.hs
@@ -0,0 +1,96 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.Types.StorageClass
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.SecurityLake.Types.StorageClass
+  ( StorageClass
+      ( ..,
+        StorageClass_DEEP_ARCHIVE,
+        StorageClass_EXPIRE,
+        StorageClass_GLACIER,
+        StorageClass_GLACIER_IR,
+        StorageClass_INTELLIGENT_TIERING,
+        StorageClass_ONEZONE_IA,
+        StorageClass_STANDARD_IA
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype StorageClass = StorageClass'
+  { fromStorageClass ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern StorageClass_DEEP_ARCHIVE :: StorageClass
+pattern StorageClass_DEEP_ARCHIVE = StorageClass' "DEEP_ARCHIVE"
+
+pattern StorageClass_EXPIRE :: StorageClass
+pattern StorageClass_EXPIRE = StorageClass' "EXPIRE"
+
+pattern StorageClass_GLACIER :: StorageClass
+pattern StorageClass_GLACIER = StorageClass' "GLACIER"
+
+pattern StorageClass_GLACIER_IR :: StorageClass
+pattern StorageClass_GLACIER_IR = StorageClass' "GLACIER_IR"
+
+pattern StorageClass_INTELLIGENT_TIERING :: StorageClass
+pattern StorageClass_INTELLIGENT_TIERING = StorageClass' "INTELLIGENT_TIERING"
+
+pattern StorageClass_ONEZONE_IA :: StorageClass
+pattern StorageClass_ONEZONE_IA = StorageClass' "ONEZONE_IA"
+
+pattern StorageClass_STANDARD_IA :: StorageClass
+pattern StorageClass_STANDARD_IA = StorageClass' "STANDARD_IA"
+
+{-# COMPLETE
+  StorageClass_DEEP_ARCHIVE,
+  StorageClass_EXPIRE,
+  StorageClass_GLACIER,
+  StorageClass_GLACIER_IR,
+  StorageClass_INTELLIGENT_TIERING,
+  StorageClass_ONEZONE_IA,
+  StorageClass_STANDARD_IA,
+  StorageClass'
+  #-}
diff --git a/gen/Amazonka/SecurityLake/Types/SubscriberResource.hs b/gen/Amazonka/SecurityLake/Types/SubscriberResource.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/Types/SubscriberResource.hs
@@ -0,0 +1,292 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.Types.SubscriberResource
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.SecurityLake.Types.SubscriberResource where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.SecurityLake.Types.AccessType
+import Amazonka.SecurityLake.Types.EndpointProtocol
+import Amazonka.SecurityLake.Types.SourceType
+import Amazonka.SecurityLake.Types.SubscriptionStatus
+
+-- | Provides details about the Amazon Security Lake account subscription.
+-- Subscribers are notified of new objects for a source as the data is
+-- written to your Amazon S3 bucket for Security Lake.
+--
+-- /See:/ 'newSubscriberResource' smart constructor.
+data SubscriberResource = SubscriberResource'
+  { -- | You can choose to notify subscribers of new objects with an Amazon
+    -- Simple Queue Service (Amazon SQS) queue or through messaging to an HTTPS
+    -- endpoint provided by the subscriber.
+    --
+    -- Subscribers can consume data by directly querying Lake Formation tables
+    -- in your Amazon S3 bucket through services like Amazon Athena. This
+    -- subscription type is defined as @LAKEFORMATION@.
+    accessTypes :: Prelude.Maybe [AccessType],
+    -- | The date and time when the subscription was created.
+    createdAt :: Prelude.Maybe Data.ISO8601,
+    -- | The external ID of the subscriber. The external ID lets the user that is
+    -- assuming the role assert the circumstances in which they are operating.
+    -- It also provides a way for the account owner to permit the role to be
+    -- assumed only under specific circumstances.
+    externalId :: Prelude.Maybe Prelude.Text,
+    -- | The Amazon Resource Name (ARN) specifying the role of the subscriber.
+    roleArn :: Prelude.Maybe Prelude.Text,
+    -- | The ARN for the Amazon S3 bucket.
+    s3BucketArn :: Prelude.Maybe Prelude.Text,
+    -- | The ARN for the Amazon Simple Notification Service.
+    snsArn :: Prelude.Maybe Prelude.Text,
+    -- | The subscriber descriptions for a subscriber account. The description
+    -- for a subscriber includes @subscriberName@, @accountID@, @externalID@,
+    -- and @subscriptionId@.
+    subscriberDescription :: Prelude.Maybe Prelude.Text,
+    -- | The name of your Amazon Security Lake subscriber account.
+    subscriberName :: Prelude.Maybe Prelude.Text,
+    -- | The subscription endpoint to which exception messages are posted.
+    subscriptionEndpoint :: Prelude.Maybe Prelude.Text,
+    -- | The subscription protocol to which exception messages are posted.
+    subscriptionProtocol :: Prelude.Maybe EndpointProtocol,
+    -- | The subscription status of the Amazon Security Lake subscriber account.
+    subscriptionStatus :: Prelude.Maybe SubscriptionStatus,
+    -- | The date and time when the subscription was created.
+    updatedAt :: Prelude.Maybe Data.ISO8601,
+    -- | The Amazon Web Services account ID you are using to create your Amazon
+    -- Security Lake account.
+    accountId :: Prelude.Text,
+    -- | Amazon Security Lake supports log and event collection for natively
+    -- supported Amazon Web Services. For more information, see the Amazon
+    -- Security Lake User Guide.
+    sourceTypes :: [SourceType],
+    -- | The subscription ID of the Amazon Security Lake subscriber account.
+    subscriptionId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'SubscriberResource' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'accessTypes', 'subscriberResource_accessTypes' - You can choose to notify subscribers of new objects with an Amazon
+-- Simple Queue Service (Amazon SQS) queue or through messaging to an HTTPS
+-- endpoint provided by the subscriber.
+--
+-- Subscribers can consume data by directly querying Lake Formation tables
+-- in your Amazon S3 bucket through services like Amazon Athena. This
+-- subscription type is defined as @LAKEFORMATION@.
+--
+-- 'createdAt', 'subscriberResource_createdAt' - The date and time when the subscription was created.
+--
+-- 'externalId', 'subscriberResource_externalId' - The external ID of the subscriber. The external ID lets the user that is
+-- assuming the role assert the circumstances in which they are operating.
+-- It also provides a way for the account owner to permit the role to be
+-- assumed only under specific circumstances.
+--
+-- 'roleArn', 'subscriberResource_roleArn' - The Amazon Resource Name (ARN) specifying the role of the subscriber.
+--
+-- 's3BucketArn', 'subscriberResource_s3BucketArn' - The ARN for the Amazon S3 bucket.
+--
+-- 'snsArn', 'subscriberResource_snsArn' - The ARN for the Amazon Simple Notification Service.
+--
+-- 'subscriberDescription', 'subscriberResource_subscriberDescription' - The subscriber descriptions for a subscriber account. The description
+-- for a subscriber includes @subscriberName@, @accountID@, @externalID@,
+-- and @subscriptionId@.
+--
+-- 'subscriberName', 'subscriberResource_subscriberName' - The name of your Amazon Security Lake subscriber account.
+--
+-- 'subscriptionEndpoint', 'subscriberResource_subscriptionEndpoint' - The subscription endpoint to which exception messages are posted.
+--
+-- 'subscriptionProtocol', 'subscriberResource_subscriptionProtocol' - The subscription protocol to which exception messages are posted.
+--
+-- 'subscriptionStatus', 'subscriberResource_subscriptionStatus' - The subscription status of the Amazon Security Lake subscriber account.
+--
+-- 'updatedAt', 'subscriberResource_updatedAt' - The date and time when the subscription was created.
+--
+-- 'accountId', 'subscriberResource_accountId' - The Amazon Web Services account ID you are using to create your Amazon
+-- Security Lake account.
+--
+-- 'sourceTypes', 'subscriberResource_sourceTypes' - Amazon Security Lake supports log and event collection for natively
+-- supported Amazon Web Services. For more information, see the Amazon
+-- Security Lake User Guide.
+--
+-- 'subscriptionId', 'subscriberResource_subscriptionId' - The subscription ID of the Amazon Security Lake subscriber account.
+newSubscriberResource ::
+  -- | 'accountId'
+  Prelude.Text ->
+  -- | 'subscriptionId'
+  Prelude.Text ->
+  SubscriberResource
+newSubscriberResource pAccountId_ pSubscriptionId_ =
+  SubscriberResource'
+    { accessTypes = Prelude.Nothing,
+      createdAt = Prelude.Nothing,
+      externalId = Prelude.Nothing,
+      roleArn = Prelude.Nothing,
+      s3BucketArn = Prelude.Nothing,
+      snsArn = Prelude.Nothing,
+      subscriberDescription = Prelude.Nothing,
+      subscriberName = Prelude.Nothing,
+      subscriptionEndpoint = Prelude.Nothing,
+      subscriptionProtocol = Prelude.Nothing,
+      subscriptionStatus = Prelude.Nothing,
+      updatedAt = Prelude.Nothing,
+      accountId = pAccountId_,
+      sourceTypes = Prelude.mempty,
+      subscriptionId = pSubscriptionId_
+    }
+
+-- | You can choose to notify subscribers of new objects with an Amazon
+-- Simple Queue Service (Amazon SQS) queue or through messaging to an HTTPS
+-- endpoint provided by the subscriber.
+--
+-- Subscribers can consume data by directly querying Lake Formation tables
+-- in your Amazon S3 bucket through services like Amazon Athena. This
+-- subscription type is defined as @LAKEFORMATION@.
+subscriberResource_accessTypes :: Lens.Lens' SubscriberResource (Prelude.Maybe [AccessType])
+subscriberResource_accessTypes = Lens.lens (\SubscriberResource' {accessTypes} -> accessTypes) (\s@SubscriberResource' {} a -> s {accessTypes = a} :: SubscriberResource) Prelude.. Lens.mapping Lens.coerced
+
+-- | The date and time when the subscription was created.
+subscriberResource_createdAt :: Lens.Lens' SubscriberResource (Prelude.Maybe Prelude.UTCTime)
+subscriberResource_createdAt = Lens.lens (\SubscriberResource' {createdAt} -> createdAt) (\s@SubscriberResource' {} a -> s {createdAt = a} :: SubscriberResource) Prelude.. Lens.mapping Data._Time
+
+-- | The external ID of the subscriber. The external ID lets the user that is
+-- assuming the role assert the circumstances in which they are operating.
+-- It also provides a way for the account owner to permit the role to be
+-- assumed only under specific circumstances.
+subscriberResource_externalId :: Lens.Lens' SubscriberResource (Prelude.Maybe Prelude.Text)
+subscriberResource_externalId = Lens.lens (\SubscriberResource' {externalId} -> externalId) (\s@SubscriberResource' {} a -> s {externalId = a} :: SubscriberResource)
+
+-- | The Amazon Resource Name (ARN) specifying the role of the subscriber.
+subscriberResource_roleArn :: Lens.Lens' SubscriberResource (Prelude.Maybe Prelude.Text)
+subscriberResource_roleArn = Lens.lens (\SubscriberResource' {roleArn} -> roleArn) (\s@SubscriberResource' {} a -> s {roleArn = a} :: SubscriberResource)
+
+-- | The ARN for the Amazon S3 bucket.
+subscriberResource_s3BucketArn :: Lens.Lens' SubscriberResource (Prelude.Maybe Prelude.Text)
+subscriberResource_s3BucketArn = Lens.lens (\SubscriberResource' {s3BucketArn} -> s3BucketArn) (\s@SubscriberResource' {} a -> s {s3BucketArn = a} :: SubscriberResource)
+
+-- | The ARN for the Amazon Simple Notification Service.
+subscriberResource_snsArn :: Lens.Lens' SubscriberResource (Prelude.Maybe Prelude.Text)
+subscriberResource_snsArn = Lens.lens (\SubscriberResource' {snsArn} -> snsArn) (\s@SubscriberResource' {} a -> s {snsArn = a} :: SubscriberResource)
+
+-- | The subscriber descriptions for a subscriber account. The description
+-- for a subscriber includes @subscriberName@, @accountID@, @externalID@,
+-- and @subscriptionId@.
+subscriberResource_subscriberDescription :: Lens.Lens' SubscriberResource (Prelude.Maybe Prelude.Text)
+subscriberResource_subscriberDescription = Lens.lens (\SubscriberResource' {subscriberDescription} -> subscriberDescription) (\s@SubscriberResource' {} a -> s {subscriberDescription = a} :: SubscriberResource)
+
+-- | The name of your Amazon Security Lake subscriber account.
+subscriberResource_subscriberName :: Lens.Lens' SubscriberResource (Prelude.Maybe Prelude.Text)
+subscriberResource_subscriberName = Lens.lens (\SubscriberResource' {subscriberName} -> subscriberName) (\s@SubscriberResource' {} a -> s {subscriberName = a} :: SubscriberResource)
+
+-- | The subscription endpoint to which exception messages are posted.
+subscriberResource_subscriptionEndpoint :: Lens.Lens' SubscriberResource (Prelude.Maybe Prelude.Text)
+subscriberResource_subscriptionEndpoint = Lens.lens (\SubscriberResource' {subscriptionEndpoint} -> subscriptionEndpoint) (\s@SubscriberResource' {} a -> s {subscriptionEndpoint = a} :: SubscriberResource)
+
+-- | The subscription protocol to which exception messages are posted.
+subscriberResource_subscriptionProtocol :: Lens.Lens' SubscriberResource (Prelude.Maybe EndpointProtocol)
+subscriberResource_subscriptionProtocol = Lens.lens (\SubscriberResource' {subscriptionProtocol} -> subscriptionProtocol) (\s@SubscriberResource' {} a -> s {subscriptionProtocol = a} :: SubscriberResource)
+
+-- | The subscription status of the Amazon Security Lake subscriber account.
+subscriberResource_subscriptionStatus :: Lens.Lens' SubscriberResource (Prelude.Maybe SubscriptionStatus)
+subscriberResource_subscriptionStatus = Lens.lens (\SubscriberResource' {subscriptionStatus} -> subscriptionStatus) (\s@SubscriberResource' {} a -> s {subscriptionStatus = a} :: SubscriberResource)
+
+-- | The date and time when the subscription was created.
+subscriberResource_updatedAt :: Lens.Lens' SubscriberResource (Prelude.Maybe Prelude.UTCTime)
+subscriberResource_updatedAt = Lens.lens (\SubscriberResource' {updatedAt} -> updatedAt) (\s@SubscriberResource' {} a -> s {updatedAt = a} :: SubscriberResource) Prelude.. Lens.mapping Data._Time
+
+-- | The Amazon Web Services account ID you are using to create your Amazon
+-- Security Lake account.
+subscriberResource_accountId :: Lens.Lens' SubscriberResource Prelude.Text
+subscriberResource_accountId = Lens.lens (\SubscriberResource' {accountId} -> accountId) (\s@SubscriberResource' {} a -> s {accountId = a} :: SubscriberResource)
+
+-- | Amazon Security Lake supports log and event collection for natively
+-- supported Amazon Web Services. For more information, see the Amazon
+-- Security Lake User Guide.
+subscriberResource_sourceTypes :: Lens.Lens' SubscriberResource [SourceType]
+subscriberResource_sourceTypes = Lens.lens (\SubscriberResource' {sourceTypes} -> sourceTypes) (\s@SubscriberResource' {} a -> s {sourceTypes = a} :: SubscriberResource) Prelude.. Lens.coerced
+
+-- | The subscription ID of the Amazon Security Lake subscriber account.
+subscriberResource_subscriptionId :: Lens.Lens' SubscriberResource Prelude.Text
+subscriberResource_subscriptionId = Lens.lens (\SubscriberResource' {subscriptionId} -> subscriptionId) (\s@SubscriberResource' {} a -> s {subscriptionId = a} :: SubscriberResource)
+
+instance Data.FromJSON SubscriberResource where
+  parseJSON =
+    Data.withObject
+      "SubscriberResource"
+      ( \x ->
+          SubscriberResource'
+            Prelude.<$> (x Data..:? "accessTypes" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..:? "createdAt")
+            Prelude.<*> (x Data..:? "externalId")
+            Prelude.<*> (x Data..:? "roleArn")
+            Prelude.<*> (x Data..:? "s3BucketArn")
+            Prelude.<*> (x Data..:? "snsArn")
+            Prelude.<*> (x Data..:? "subscriberDescription")
+            Prelude.<*> (x Data..:? "subscriberName")
+            Prelude.<*> (x Data..:? "subscriptionEndpoint")
+            Prelude.<*> (x Data..:? "subscriptionProtocol")
+            Prelude.<*> (x Data..:? "subscriptionStatus")
+            Prelude.<*> (x Data..:? "updatedAt")
+            Prelude.<*> (x Data..: "accountId")
+            Prelude.<*> (x Data..:? "sourceTypes" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..: "subscriptionId")
+      )
+
+instance Prelude.Hashable SubscriberResource where
+  hashWithSalt _salt SubscriberResource' {..} =
+    _salt
+      `Prelude.hashWithSalt` accessTypes
+      `Prelude.hashWithSalt` createdAt
+      `Prelude.hashWithSalt` externalId
+      `Prelude.hashWithSalt` roleArn
+      `Prelude.hashWithSalt` s3BucketArn
+      `Prelude.hashWithSalt` snsArn
+      `Prelude.hashWithSalt` subscriberDescription
+      `Prelude.hashWithSalt` subscriberName
+      `Prelude.hashWithSalt` subscriptionEndpoint
+      `Prelude.hashWithSalt` subscriptionProtocol
+      `Prelude.hashWithSalt` subscriptionStatus
+      `Prelude.hashWithSalt` updatedAt
+      `Prelude.hashWithSalt` accountId
+      `Prelude.hashWithSalt` sourceTypes
+      `Prelude.hashWithSalt` subscriptionId
+
+instance Prelude.NFData SubscriberResource where
+  rnf SubscriberResource' {..} =
+    Prelude.rnf accessTypes
+      `Prelude.seq` Prelude.rnf createdAt
+      `Prelude.seq` Prelude.rnf externalId
+      `Prelude.seq` Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf s3BucketArn
+      `Prelude.seq` Prelude.rnf snsArn
+      `Prelude.seq` Prelude.rnf subscriberDescription
+      `Prelude.seq` Prelude.rnf subscriberName
+      `Prelude.seq` Prelude.rnf subscriptionEndpoint
+      `Prelude.seq` Prelude.rnf subscriptionProtocol
+      `Prelude.seq` Prelude.rnf subscriptionStatus
+      `Prelude.seq` Prelude.rnf updatedAt
+      `Prelude.seq` Prelude.rnf accountId
+      `Prelude.seq` Prelude.rnf sourceTypes
+      `Prelude.seq` Prelude.rnf subscriptionId
diff --git a/gen/Amazonka/SecurityLake/Types/SubscriptionProtocolType.hs b/gen/Amazonka/SecurityLake/Types/SubscriptionProtocolType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/Types/SubscriptionProtocolType.hs
@@ -0,0 +1,106 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.Types.SubscriptionProtocolType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.SecurityLake.Types.SubscriptionProtocolType
+  ( SubscriptionProtocolType
+      ( ..,
+        SubscriptionProtocolType_APP,
+        SubscriptionProtocolType_EMAIL,
+        SubscriptionProtocolType_EMAIL_JSON,
+        SubscriptionProtocolType_FIREHOSE,
+        SubscriptionProtocolType_HTTP,
+        SubscriptionProtocolType_HTTPS,
+        SubscriptionProtocolType_LAMBDA,
+        SubscriptionProtocolType_SMS,
+        SubscriptionProtocolType_SQS
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype SubscriptionProtocolType = SubscriptionProtocolType'
+  { fromSubscriptionProtocolType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern SubscriptionProtocolType_APP :: SubscriptionProtocolType
+pattern SubscriptionProtocolType_APP = SubscriptionProtocolType' "APP"
+
+pattern SubscriptionProtocolType_EMAIL :: SubscriptionProtocolType
+pattern SubscriptionProtocolType_EMAIL = SubscriptionProtocolType' "EMAIL"
+
+pattern SubscriptionProtocolType_EMAIL_JSON :: SubscriptionProtocolType
+pattern SubscriptionProtocolType_EMAIL_JSON = SubscriptionProtocolType' "EMAIL_JSON"
+
+pattern SubscriptionProtocolType_FIREHOSE :: SubscriptionProtocolType
+pattern SubscriptionProtocolType_FIREHOSE = SubscriptionProtocolType' "FIREHOSE"
+
+pattern SubscriptionProtocolType_HTTP :: SubscriptionProtocolType
+pattern SubscriptionProtocolType_HTTP = SubscriptionProtocolType' "HTTP"
+
+pattern SubscriptionProtocolType_HTTPS :: SubscriptionProtocolType
+pattern SubscriptionProtocolType_HTTPS = SubscriptionProtocolType' "HTTPS"
+
+pattern SubscriptionProtocolType_LAMBDA :: SubscriptionProtocolType
+pattern SubscriptionProtocolType_LAMBDA = SubscriptionProtocolType' "LAMBDA"
+
+pattern SubscriptionProtocolType_SMS :: SubscriptionProtocolType
+pattern SubscriptionProtocolType_SMS = SubscriptionProtocolType' "SMS"
+
+pattern SubscriptionProtocolType_SQS :: SubscriptionProtocolType
+pattern SubscriptionProtocolType_SQS = SubscriptionProtocolType' "SQS"
+
+{-# COMPLETE
+  SubscriptionProtocolType_APP,
+  SubscriptionProtocolType_EMAIL,
+  SubscriptionProtocolType_EMAIL_JSON,
+  SubscriptionProtocolType_FIREHOSE,
+  SubscriptionProtocolType_HTTP,
+  SubscriptionProtocolType_HTTPS,
+  SubscriptionProtocolType_LAMBDA,
+  SubscriptionProtocolType_SMS,
+  SubscriptionProtocolType_SQS,
+  SubscriptionProtocolType'
+  #-}
diff --git a/gen/Amazonka/SecurityLake/Types/SubscriptionStatus.hs b/gen/Amazonka/SecurityLake/Types/SubscriptionStatus.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/Types/SubscriptionStatus.hs
@@ -0,0 +1,81 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.Types.SubscriptionStatus
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.SecurityLake.Types.SubscriptionStatus
+  ( SubscriptionStatus
+      ( ..,
+        SubscriptionStatus_ACTIVE,
+        SubscriptionStatus_DEACTIVATED,
+        SubscriptionStatus_PENDING,
+        SubscriptionStatus_READY
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype SubscriptionStatus = SubscriptionStatus'
+  { fromSubscriptionStatus ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern SubscriptionStatus_ACTIVE :: SubscriptionStatus
+pattern SubscriptionStatus_ACTIVE = SubscriptionStatus' "ACTIVE"
+
+pattern SubscriptionStatus_DEACTIVATED :: SubscriptionStatus
+pattern SubscriptionStatus_DEACTIVATED = SubscriptionStatus' "DEACTIVATED"
+
+pattern SubscriptionStatus_PENDING :: SubscriptionStatus
+pattern SubscriptionStatus_PENDING = SubscriptionStatus' "PENDING"
+
+pattern SubscriptionStatus_READY :: SubscriptionStatus
+pattern SubscriptionStatus_READY = SubscriptionStatus' "READY"
+
+{-# COMPLETE
+  SubscriptionStatus_ACTIVE,
+  SubscriptionStatus_DEACTIVATED,
+  SubscriptionStatus_PENDING,
+  SubscriptionStatus_READY,
+  SubscriptionStatus'
+  #-}
diff --git a/gen/Amazonka/SecurityLake/UpdateDatalake.hs b/gen/Amazonka/SecurityLake/UpdateDatalake.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/UpdateDatalake.hs
@@ -0,0 +1,154 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.UpdateDatalake
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Specifies where to store your security data and for how long. You can
+-- add a rollup Region to consolidate data from multiple Amazon Web
+-- Services Regions.
+module Amazonka.SecurityLake.UpdateDatalake
+  ( -- * Creating a Request
+    UpdateDatalake (..),
+    newUpdateDatalake,
+
+    -- * Request Lenses
+    updateDatalake_configurations,
+
+    -- * Destructuring the Response
+    UpdateDatalakeResponse (..),
+    newUpdateDatalakeResponse,
+
+    -- * Response Lenses
+    updateDatalakeResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newUpdateDatalake' smart constructor.
+data UpdateDatalake = UpdateDatalake'
+  { -- | Specify the Region or Regions that will contribute data to the rollup
+    -- region.
+    configurations :: Prelude.HashMap Region LakeConfigurationRequest
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateDatalake' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'configurations', 'updateDatalake_configurations' - Specify the Region or Regions that will contribute data to the rollup
+-- region.
+newUpdateDatalake ::
+  UpdateDatalake
+newUpdateDatalake =
+  UpdateDatalake' {configurations = Prelude.mempty}
+
+-- | Specify the Region or Regions that will contribute data to the rollup
+-- region.
+updateDatalake_configurations :: Lens.Lens' UpdateDatalake (Prelude.HashMap Region LakeConfigurationRequest)
+updateDatalake_configurations = Lens.lens (\UpdateDatalake' {configurations} -> configurations) (\s@UpdateDatalake' {} a -> s {configurations = a} :: UpdateDatalake) Prelude.. Lens.coerced
+
+instance Core.AWSRequest UpdateDatalake where
+  type
+    AWSResponse UpdateDatalake =
+      UpdateDatalakeResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          UpdateDatalakeResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable UpdateDatalake where
+  hashWithSalt _salt UpdateDatalake' {..} =
+    _salt `Prelude.hashWithSalt` configurations
+
+instance Prelude.NFData UpdateDatalake where
+  rnf UpdateDatalake' {..} = Prelude.rnf configurations
+
+instance Data.ToHeaders UpdateDatalake where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON UpdateDatalake where
+  toJSON UpdateDatalake' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just
+              ("configurations" Data..= configurations)
+          ]
+      )
+
+instance Data.ToPath UpdateDatalake where
+  toPath = Prelude.const "/v1/datalake"
+
+instance Data.ToQuery UpdateDatalake where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateDatalakeResponse' smart constructor.
+data UpdateDatalakeResponse = UpdateDatalakeResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateDatalakeResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'updateDatalakeResponse_httpStatus' - The response's http status code.
+newUpdateDatalakeResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  UpdateDatalakeResponse
+newUpdateDatalakeResponse pHttpStatus_ =
+  UpdateDatalakeResponse' {httpStatus = pHttpStatus_}
+
+-- | The response's http status code.
+updateDatalakeResponse_httpStatus :: Lens.Lens' UpdateDatalakeResponse Prelude.Int
+updateDatalakeResponse_httpStatus = Lens.lens (\UpdateDatalakeResponse' {httpStatus} -> httpStatus) (\s@UpdateDatalakeResponse' {} a -> s {httpStatus = a} :: UpdateDatalakeResponse)
+
+instance Prelude.NFData UpdateDatalakeResponse where
+  rnf UpdateDatalakeResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/SecurityLake/UpdateDatalakeExceptionsExpiry.hs b/gen/Amazonka/SecurityLake/UpdateDatalakeExceptionsExpiry.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/UpdateDatalakeExceptionsExpiry.hs
@@ -0,0 +1,183 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.UpdateDatalakeExceptionsExpiry
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Update the expiration period for the exception message to your preferred
+-- time, and control the time-to-live (TTL) for the exception message to
+-- remain. Exceptions are stored by default for 2 weeks from when a record
+-- was created in Amazon Security Lake.
+module Amazonka.SecurityLake.UpdateDatalakeExceptionsExpiry
+  ( -- * Creating a Request
+    UpdateDatalakeExceptionsExpiry (..),
+    newUpdateDatalakeExceptionsExpiry,
+
+    -- * Request Lenses
+    updateDatalakeExceptionsExpiry_exceptionMessageExpiry,
+
+    -- * Destructuring the Response
+    UpdateDatalakeExceptionsExpiryResponse (..),
+    newUpdateDatalakeExceptionsExpiryResponse,
+
+    -- * Response Lenses
+    updateDatalakeExceptionsExpiryResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newUpdateDatalakeExceptionsExpiry' smart constructor.
+data UpdateDatalakeExceptionsExpiry = UpdateDatalakeExceptionsExpiry'
+  { -- | The time-to-live (TTL) for the exception message to remain.
+    exceptionMessageExpiry :: Prelude.Natural
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateDatalakeExceptionsExpiry' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'exceptionMessageExpiry', 'updateDatalakeExceptionsExpiry_exceptionMessageExpiry' - The time-to-live (TTL) for the exception message to remain.
+newUpdateDatalakeExceptionsExpiry ::
+  -- | 'exceptionMessageExpiry'
+  Prelude.Natural ->
+  UpdateDatalakeExceptionsExpiry
+newUpdateDatalakeExceptionsExpiry
+  pExceptionMessageExpiry_ =
+    UpdateDatalakeExceptionsExpiry'
+      { exceptionMessageExpiry =
+          pExceptionMessageExpiry_
+      }
+
+-- | The time-to-live (TTL) for the exception message to remain.
+updateDatalakeExceptionsExpiry_exceptionMessageExpiry :: Lens.Lens' UpdateDatalakeExceptionsExpiry Prelude.Natural
+updateDatalakeExceptionsExpiry_exceptionMessageExpiry = Lens.lens (\UpdateDatalakeExceptionsExpiry' {exceptionMessageExpiry} -> exceptionMessageExpiry) (\s@UpdateDatalakeExceptionsExpiry' {} a -> s {exceptionMessageExpiry = a} :: UpdateDatalakeExceptionsExpiry)
+
+instance
+  Core.AWSRequest
+    UpdateDatalakeExceptionsExpiry
+  where
+  type
+    AWSResponse UpdateDatalakeExceptionsExpiry =
+      UpdateDatalakeExceptionsExpiryResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          UpdateDatalakeExceptionsExpiryResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    UpdateDatalakeExceptionsExpiry
+  where
+  hashWithSalt
+    _salt
+    UpdateDatalakeExceptionsExpiry' {..} =
+      _salt `Prelude.hashWithSalt` exceptionMessageExpiry
+
+instance
+  Prelude.NFData
+    UpdateDatalakeExceptionsExpiry
+  where
+  rnf UpdateDatalakeExceptionsExpiry' {..} =
+    Prelude.rnf exceptionMessageExpiry
+
+instance
+  Data.ToHeaders
+    UpdateDatalakeExceptionsExpiry
+  where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON UpdateDatalakeExceptionsExpiry where
+  toJSON UpdateDatalakeExceptionsExpiry' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just
+              ( "exceptionMessageExpiry"
+                  Data..= exceptionMessageExpiry
+              )
+          ]
+      )
+
+instance Data.ToPath UpdateDatalakeExceptionsExpiry where
+  toPath =
+    Prelude.const "/v1/datalake/exceptions/expiry"
+
+instance Data.ToQuery UpdateDatalakeExceptionsExpiry where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateDatalakeExceptionsExpiryResponse' smart constructor.
+data UpdateDatalakeExceptionsExpiryResponse = UpdateDatalakeExceptionsExpiryResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateDatalakeExceptionsExpiryResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'updateDatalakeExceptionsExpiryResponse_httpStatus' - The response's http status code.
+newUpdateDatalakeExceptionsExpiryResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  UpdateDatalakeExceptionsExpiryResponse
+newUpdateDatalakeExceptionsExpiryResponse
+  pHttpStatus_ =
+    UpdateDatalakeExceptionsExpiryResponse'
+      { httpStatus =
+          pHttpStatus_
+      }
+
+-- | The response's http status code.
+updateDatalakeExceptionsExpiryResponse_httpStatus :: Lens.Lens' UpdateDatalakeExceptionsExpiryResponse Prelude.Int
+updateDatalakeExceptionsExpiryResponse_httpStatus = Lens.lens (\UpdateDatalakeExceptionsExpiryResponse' {httpStatus} -> httpStatus) (\s@UpdateDatalakeExceptionsExpiryResponse' {} a -> s {httpStatus = a} :: UpdateDatalakeExceptionsExpiryResponse)
+
+instance
+  Prelude.NFData
+    UpdateDatalakeExceptionsExpiryResponse
+  where
+  rnf UpdateDatalakeExceptionsExpiryResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/SecurityLake/UpdateDatalakeExceptionsSubscription.hs b/gen/Amazonka/SecurityLake/UpdateDatalakeExceptionsSubscription.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/UpdateDatalakeExceptionsSubscription.hs
@@ -0,0 +1,212 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.UpdateDatalakeExceptionsSubscription
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates the specified notification subscription in Amazon Security Lake
+-- for the organization you specify.
+module Amazonka.SecurityLake.UpdateDatalakeExceptionsSubscription
+  ( -- * Creating a Request
+    UpdateDatalakeExceptionsSubscription (..),
+    newUpdateDatalakeExceptionsSubscription,
+
+    -- * Request Lenses
+    updateDatalakeExceptionsSubscription_notificationEndpoint,
+    updateDatalakeExceptionsSubscription_subscriptionProtocol,
+
+    -- * Destructuring the Response
+    UpdateDatalakeExceptionsSubscriptionResponse (..),
+    newUpdateDatalakeExceptionsSubscriptionResponse,
+
+    -- * Response Lenses
+    updateDatalakeExceptionsSubscriptionResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newUpdateDatalakeExceptionsSubscription' smart constructor.
+data UpdateDatalakeExceptionsSubscription = UpdateDatalakeExceptionsSubscription'
+  { -- | The account that is subscribed to receive exception notifications.
+    notificationEndpoint :: Prelude.Text,
+    -- | The subscription protocol to which exception messages are posted.
+    subscriptionProtocol :: SubscriptionProtocolType
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateDatalakeExceptionsSubscription' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'notificationEndpoint', 'updateDatalakeExceptionsSubscription_notificationEndpoint' - The account that is subscribed to receive exception notifications.
+--
+-- 'subscriptionProtocol', 'updateDatalakeExceptionsSubscription_subscriptionProtocol' - The subscription protocol to which exception messages are posted.
+newUpdateDatalakeExceptionsSubscription ::
+  -- | 'notificationEndpoint'
+  Prelude.Text ->
+  -- | 'subscriptionProtocol'
+  SubscriptionProtocolType ->
+  UpdateDatalakeExceptionsSubscription
+newUpdateDatalakeExceptionsSubscription
+  pNotificationEndpoint_
+  pSubscriptionProtocol_ =
+    UpdateDatalakeExceptionsSubscription'
+      { notificationEndpoint =
+          pNotificationEndpoint_,
+        subscriptionProtocol =
+          pSubscriptionProtocol_
+      }
+
+-- | The account that is subscribed to receive exception notifications.
+updateDatalakeExceptionsSubscription_notificationEndpoint :: Lens.Lens' UpdateDatalakeExceptionsSubscription Prelude.Text
+updateDatalakeExceptionsSubscription_notificationEndpoint = Lens.lens (\UpdateDatalakeExceptionsSubscription' {notificationEndpoint} -> notificationEndpoint) (\s@UpdateDatalakeExceptionsSubscription' {} a -> s {notificationEndpoint = a} :: UpdateDatalakeExceptionsSubscription)
+
+-- | The subscription protocol to which exception messages are posted.
+updateDatalakeExceptionsSubscription_subscriptionProtocol :: Lens.Lens' UpdateDatalakeExceptionsSubscription SubscriptionProtocolType
+updateDatalakeExceptionsSubscription_subscriptionProtocol = Lens.lens (\UpdateDatalakeExceptionsSubscription' {subscriptionProtocol} -> subscriptionProtocol) (\s@UpdateDatalakeExceptionsSubscription' {} a -> s {subscriptionProtocol = a} :: UpdateDatalakeExceptionsSubscription)
+
+instance
+  Core.AWSRequest
+    UpdateDatalakeExceptionsSubscription
+  where
+  type
+    AWSResponse UpdateDatalakeExceptionsSubscription =
+      UpdateDatalakeExceptionsSubscriptionResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          UpdateDatalakeExceptionsSubscriptionResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    UpdateDatalakeExceptionsSubscription
+  where
+  hashWithSalt
+    _salt
+    UpdateDatalakeExceptionsSubscription' {..} =
+      _salt
+        `Prelude.hashWithSalt` notificationEndpoint
+        `Prelude.hashWithSalt` subscriptionProtocol
+
+instance
+  Prelude.NFData
+    UpdateDatalakeExceptionsSubscription
+  where
+  rnf UpdateDatalakeExceptionsSubscription' {..} =
+    Prelude.rnf notificationEndpoint
+      `Prelude.seq` Prelude.rnf subscriptionProtocol
+
+instance
+  Data.ToHeaders
+    UpdateDatalakeExceptionsSubscription
+  where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance
+  Data.ToJSON
+    UpdateDatalakeExceptionsSubscription
+  where
+  toJSON UpdateDatalakeExceptionsSubscription' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just
+              ( "notificationEndpoint"
+                  Data..= notificationEndpoint
+              ),
+            Prelude.Just
+              ( "subscriptionProtocol"
+                  Data..= subscriptionProtocol
+              )
+          ]
+      )
+
+instance
+  Data.ToPath
+    UpdateDatalakeExceptionsSubscription
+  where
+  toPath =
+    Prelude.const
+      "/v1/datalake/exceptions/subscription"
+
+instance
+  Data.ToQuery
+    UpdateDatalakeExceptionsSubscription
+  where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateDatalakeExceptionsSubscriptionResponse' smart constructor.
+data UpdateDatalakeExceptionsSubscriptionResponse = UpdateDatalakeExceptionsSubscriptionResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateDatalakeExceptionsSubscriptionResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'updateDatalakeExceptionsSubscriptionResponse_httpStatus' - The response's http status code.
+newUpdateDatalakeExceptionsSubscriptionResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  UpdateDatalakeExceptionsSubscriptionResponse
+newUpdateDatalakeExceptionsSubscriptionResponse
+  pHttpStatus_ =
+    UpdateDatalakeExceptionsSubscriptionResponse'
+      { httpStatus =
+          pHttpStatus_
+      }
+
+-- | The response's http status code.
+updateDatalakeExceptionsSubscriptionResponse_httpStatus :: Lens.Lens' UpdateDatalakeExceptionsSubscriptionResponse Prelude.Int
+updateDatalakeExceptionsSubscriptionResponse_httpStatus = Lens.lens (\UpdateDatalakeExceptionsSubscriptionResponse' {httpStatus} -> httpStatus) (\s@UpdateDatalakeExceptionsSubscriptionResponse' {} a -> s {httpStatus = a} :: UpdateDatalakeExceptionsSubscriptionResponse)
+
+instance
+  Prelude.NFData
+    UpdateDatalakeExceptionsSubscriptionResponse
+  where
+  rnf UpdateDatalakeExceptionsSubscriptionResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/SecurityLake/UpdateSubscriber.hs b/gen/Amazonka/SecurityLake/UpdateSubscriber.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/UpdateSubscriber.hs
@@ -0,0 +1,234 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.UpdateSubscriber
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates an existing subscription for the given Amazon Security Lake
+-- account ID. You can update a subscriber by changing the sources that the
+-- subscriber consumes data from.
+module Amazonka.SecurityLake.UpdateSubscriber
+  ( -- * Creating a Request
+    UpdateSubscriber (..),
+    newUpdateSubscriber,
+
+    -- * Request Lenses
+    updateSubscriber_externalId,
+    updateSubscriber_subscriberDescription,
+    updateSubscriber_subscriberName,
+    updateSubscriber_id,
+    updateSubscriber_sourceTypes,
+
+    -- * Destructuring the Response
+    UpdateSubscriberResponse (..),
+    newUpdateSubscriberResponse,
+
+    -- * Response Lenses
+    updateSubscriberResponse_subscriber,
+    updateSubscriberResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newUpdateSubscriber' smart constructor.
+data UpdateSubscriber = UpdateSubscriber'
+  { -- | The external ID of the Security Lake account.
+    externalId :: Prelude.Maybe Prelude.Text,
+    -- | The description of the Security Lake account subscriber.
+    subscriberDescription :: Prelude.Maybe Prelude.Text,
+    -- | The name of the Security Lake account subscriber.
+    subscriberName :: Prelude.Maybe Prelude.Text,
+    -- | A value created by Security Lake that uniquely identifies your
+    -- subscription.
+    id :: Prelude.Text,
+    -- | The supported Amazon Web Services from which logs and events are
+    -- collected. For the list of supported Amazon Web Services, see the
+    -- <https://docs.aws.amazon.com/security-lake/latest/userguide/internal-sources.html Amazon Security Lake User Guide>.
+    sourceTypes :: [SourceType]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateSubscriber' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'externalId', 'updateSubscriber_externalId' - The external ID of the Security Lake account.
+--
+-- 'subscriberDescription', 'updateSubscriber_subscriberDescription' - The description of the Security Lake account subscriber.
+--
+-- 'subscriberName', 'updateSubscriber_subscriberName' - The name of the Security Lake account subscriber.
+--
+-- 'id', 'updateSubscriber_id' - A value created by Security Lake that uniquely identifies your
+-- subscription.
+--
+-- 'sourceTypes', 'updateSubscriber_sourceTypes' - The supported Amazon Web Services from which logs and events are
+-- collected. For the list of supported Amazon Web Services, see the
+-- <https://docs.aws.amazon.com/security-lake/latest/userguide/internal-sources.html Amazon Security Lake User Guide>.
+newUpdateSubscriber ::
+  -- | 'id'
+  Prelude.Text ->
+  UpdateSubscriber
+newUpdateSubscriber pId_ =
+  UpdateSubscriber'
+    { externalId = Prelude.Nothing,
+      subscriberDescription = Prelude.Nothing,
+      subscriberName = Prelude.Nothing,
+      id = pId_,
+      sourceTypes = Prelude.mempty
+    }
+
+-- | The external ID of the Security Lake account.
+updateSubscriber_externalId :: Lens.Lens' UpdateSubscriber (Prelude.Maybe Prelude.Text)
+updateSubscriber_externalId = Lens.lens (\UpdateSubscriber' {externalId} -> externalId) (\s@UpdateSubscriber' {} a -> s {externalId = a} :: UpdateSubscriber)
+
+-- | The description of the Security Lake account subscriber.
+updateSubscriber_subscriberDescription :: Lens.Lens' UpdateSubscriber (Prelude.Maybe Prelude.Text)
+updateSubscriber_subscriberDescription = Lens.lens (\UpdateSubscriber' {subscriberDescription} -> subscriberDescription) (\s@UpdateSubscriber' {} a -> s {subscriberDescription = a} :: UpdateSubscriber)
+
+-- | The name of the Security Lake account subscriber.
+updateSubscriber_subscriberName :: Lens.Lens' UpdateSubscriber (Prelude.Maybe Prelude.Text)
+updateSubscriber_subscriberName = Lens.lens (\UpdateSubscriber' {subscriberName} -> subscriberName) (\s@UpdateSubscriber' {} a -> s {subscriberName = a} :: UpdateSubscriber)
+
+-- | A value created by Security Lake that uniquely identifies your
+-- subscription.
+updateSubscriber_id :: Lens.Lens' UpdateSubscriber Prelude.Text
+updateSubscriber_id = Lens.lens (\UpdateSubscriber' {id} -> id) (\s@UpdateSubscriber' {} a -> s {id = a} :: UpdateSubscriber)
+
+-- | The supported Amazon Web Services from which logs and events are
+-- collected. For the list of supported Amazon Web Services, see the
+-- <https://docs.aws.amazon.com/security-lake/latest/userguide/internal-sources.html Amazon Security Lake User Guide>.
+updateSubscriber_sourceTypes :: Lens.Lens' UpdateSubscriber [SourceType]
+updateSubscriber_sourceTypes = Lens.lens (\UpdateSubscriber' {sourceTypes} -> sourceTypes) (\s@UpdateSubscriber' {} a -> s {sourceTypes = a} :: UpdateSubscriber) Prelude.. Lens.coerced
+
+instance Core.AWSRequest UpdateSubscriber where
+  type
+    AWSResponse UpdateSubscriber =
+      UpdateSubscriberResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdateSubscriberResponse'
+            Prelude.<$> (x Data..?> "subscriber")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable UpdateSubscriber where
+  hashWithSalt _salt UpdateSubscriber' {..} =
+    _salt
+      `Prelude.hashWithSalt` externalId
+      `Prelude.hashWithSalt` subscriberDescription
+      `Prelude.hashWithSalt` subscriberName
+      `Prelude.hashWithSalt` id
+      `Prelude.hashWithSalt` sourceTypes
+
+instance Prelude.NFData UpdateSubscriber where
+  rnf UpdateSubscriber' {..} =
+    Prelude.rnf externalId
+      `Prelude.seq` Prelude.rnf subscriberDescription
+      `Prelude.seq` Prelude.rnf subscriberName
+      `Prelude.seq` Prelude.rnf id
+      `Prelude.seq` Prelude.rnf sourceTypes
+
+instance Data.ToHeaders UpdateSubscriber where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON UpdateSubscriber where
+  toJSON UpdateSubscriber' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("externalId" Data..=) Prelude.<$> externalId,
+            ("subscriberDescription" Data..=)
+              Prelude.<$> subscriberDescription,
+            ("subscriberName" Data..=)
+              Prelude.<$> subscriberName,
+            Prelude.Just ("sourceTypes" Data..= sourceTypes)
+          ]
+      )
+
+instance Data.ToPath UpdateSubscriber where
+  toPath UpdateSubscriber' {..} =
+    Prelude.mconcat ["/v1/subscribers/", Data.toBS id]
+
+instance Data.ToQuery UpdateSubscriber where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateSubscriberResponse' smart constructor.
+data UpdateSubscriberResponse = UpdateSubscriberResponse'
+  { -- | The account of the subscriber.
+    subscriber :: Prelude.Maybe SubscriberResource,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateSubscriberResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'subscriber', 'updateSubscriberResponse_subscriber' - The account of the subscriber.
+--
+-- 'httpStatus', 'updateSubscriberResponse_httpStatus' - The response's http status code.
+newUpdateSubscriberResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  UpdateSubscriberResponse
+newUpdateSubscriberResponse pHttpStatus_ =
+  UpdateSubscriberResponse'
+    { subscriber =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The account of the subscriber.
+updateSubscriberResponse_subscriber :: Lens.Lens' UpdateSubscriberResponse (Prelude.Maybe SubscriberResource)
+updateSubscriberResponse_subscriber = Lens.lens (\UpdateSubscriberResponse' {subscriber} -> subscriber) (\s@UpdateSubscriberResponse' {} a -> s {subscriber = a} :: UpdateSubscriberResponse)
+
+-- | The response's http status code.
+updateSubscriberResponse_httpStatus :: Lens.Lens' UpdateSubscriberResponse Prelude.Int
+updateSubscriberResponse_httpStatus = Lens.lens (\UpdateSubscriberResponse' {httpStatus} -> httpStatus) (\s@UpdateSubscriberResponse' {} a -> s {httpStatus = a} :: UpdateSubscriberResponse)
+
+instance Prelude.NFData UpdateSubscriberResponse where
+  rnf UpdateSubscriberResponse' {..} =
+    Prelude.rnf subscriber
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/SecurityLake/UpdateSubscriptionNotificationConfiguration.hs b/gen/Amazonka/SecurityLake/UpdateSubscriptionNotificationConfiguration.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/UpdateSubscriptionNotificationConfiguration.hs
@@ -0,0 +1,298 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.UpdateSubscriptionNotificationConfiguration
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a new subscription notification or adds the existing
+-- subscription notification setting for the specified subscription ID.
+module Amazonka.SecurityLake.UpdateSubscriptionNotificationConfiguration
+  ( -- * Creating a Request
+    UpdateSubscriptionNotificationConfiguration (..),
+    newUpdateSubscriptionNotificationConfiguration,
+
+    -- * Request Lenses
+    updateSubscriptionNotificationConfiguration_createSqs,
+    updateSubscriptionNotificationConfiguration_httpsApiKeyName,
+    updateSubscriptionNotificationConfiguration_httpsApiKeyValue,
+    updateSubscriptionNotificationConfiguration_httpsMethod,
+    updateSubscriptionNotificationConfiguration_roleArn,
+    updateSubscriptionNotificationConfiguration_subscriptionEndpoint,
+    updateSubscriptionNotificationConfiguration_subscriptionId,
+
+    -- * Destructuring the Response
+    UpdateSubscriptionNotificationConfigurationResponse (..),
+    newUpdateSubscriptionNotificationConfigurationResponse,
+
+    -- * Response Lenses
+    updateSubscriptionNotificationConfigurationResponse_queueArn,
+    updateSubscriptionNotificationConfigurationResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.SecurityLake.Types
+
+-- | /See:/ 'newUpdateSubscriptionNotificationConfiguration' smart constructor.
+data UpdateSubscriptionNotificationConfiguration = UpdateSubscriptionNotificationConfiguration'
+  { -- | Create a new subscription notification for the specified subscription ID
+    -- in Amazon Security Lake.
+    createSqs :: Prelude.Maybe Prelude.Bool,
+    -- | The key name for the subscription notification.
+    httpsApiKeyName :: Prelude.Maybe Prelude.Text,
+    -- | The key value for the subscription notification.
+    httpsApiKeyValue :: Prelude.Maybe Prelude.Text,
+    -- | The HTTPS method used for the subscription notification.
+    httpsMethod :: Prelude.Maybe HttpsMethod,
+    -- | The Amazon Resource Name (ARN) specifying the role of the subscriber.
+    roleArn :: Prelude.Maybe Prelude.Text,
+    -- | The subscription endpoint in Security Lake.
+    subscriptionEndpoint :: Prelude.Maybe Prelude.Text,
+    -- | The subscription ID for which the subscription notification is
+    -- specified.
+    subscriptionId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateSubscriptionNotificationConfiguration' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'createSqs', 'updateSubscriptionNotificationConfiguration_createSqs' - Create a new subscription notification for the specified subscription ID
+-- in Amazon Security Lake.
+--
+-- 'httpsApiKeyName', 'updateSubscriptionNotificationConfiguration_httpsApiKeyName' - The key name for the subscription notification.
+--
+-- 'httpsApiKeyValue', 'updateSubscriptionNotificationConfiguration_httpsApiKeyValue' - The key value for the subscription notification.
+--
+-- 'httpsMethod', 'updateSubscriptionNotificationConfiguration_httpsMethod' - The HTTPS method used for the subscription notification.
+--
+-- 'roleArn', 'updateSubscriptionNotificationConfiguration_roleArn' - The Amazon Resource Name (ARN) specifying the role of the subscriber.
+--
+-- 'subscriptionEndpoint', 'updateSubscriptionNotificationConfiguration_subscriptionEndpoint' - The subscription endpoint in Security Lake.
+--
+-- 'subscriptionId', 'updateSubscriptionNotificationConfiguration_subscriptionId' - The subscription ID for which the subscription notification is
+-- specified.
+newUpdateSubscriptionNotificationConfiguration ::
+  -- | 'subscriptionId'
+  Prelude.Text ->
+  UpdateSubscriptionNotificationConfiguration
+newUpdateSubscriptionNotificationConfiguration
+  pSubscriptionId_ =
+    UpdateSubscriptionNotificationConfiguration'
+      { createSqs =
+          Prelude.Nothing,
+        httpsApiKeyName =
+          Prelude.Nothing,
+        httpsApiKeyValue =
+          Prelude.Nothing,
+        httpsMethod = Prelude.Nothing,
+        roleArn = Prelude.Nothing,
+        subscriptionEndpoint =
+          Prelude.Nothing,
+        subscriptionId =
+          pSubscriptionId_
+      }
+
+-- | Create a new subscription notification for the specified subscription ID
+-- in Amazon Security Lake.
+updateSubscriptionNotificationConfiguration_createSqs :: Lens.Lens' UpdateSubscriptionNotificationConfiguration (Prelude.Maybe Prelude.Bool)
+updateSubscriptionNotificationConfiguration_createSqs = Lens.lens (\UpdateSubscriptionNotificationConfiguration' {createSqs} -> createSqs) (\s@UpdateSubscriptionNotificationConfiguration' {} a -> s {createSqs = a} :: UpdateSubscriptionNotificationConfiguration)
+
+-- | The key name for the subscription notification.
+updateSubscriptionNotificationConfiguration_httpsApiKeyName :: Lens.Lens' UpdateSubscriptionNotificationConfiguration (Prelude.Maybe Prelude.Text)
+updateSubscriptionNotificationConfiguration_httpsApiKeyName = Lens.lens (\UpdateSubscriptionNotificationConfiguration' {httpsApiKeyName} -> httpsApiKeyName) (\s@UpdateSubscriptionNotificationConfiguration' {} a -> s {httpsApiKeyName = a} :: UpdateSubscriptionNotificationConfiguration)
+
+-- | The key value for the subscription notification.
+updateSubscriptionNotificationConfiguration_httpsApiKeyValue :: Lens.Lens' UpdateSubscriptionNotificationConfiguration (Prelude.Maybe Prelude.Text)
+updateSubscriptionNotificationConfiguration_httpsApiKeyValue = Lens.lens (\UpdateSubscriptionNotificationConfiguration' {httpsApiKeyValue} -> httpsApiKeyValue) (\s@UpdateSubscriptionNotificationConfiguration' {} a -> s {httpsApiKeyValue = a} :: UpdateSubscriptionNotificationConfiguration)
+
+-- | The HTTPS method used for the subscription notification.
+updateSubscriptionNotificationConfiguration_httpsMethod :: Lens.Lens' UpdateSubscriptionNotificationConfiguration (Prelude.Maybe HttpsMethod)
+updateSubscriptionNotificationConfiguration_httpsMethod = Lens.lens (\UpdateSubscriptionNotificationConfiguration' {httpsMethod} -> httpsMethod) (\s@UpdateSubscriptionNotificationConfiguration' {} a -> s {httpsMethod = a} :: UpdateSubscriptionNotificationConfiguration)
+
+-- | The Amazon Resource Name (ARN) specifying the role of the subscriber.
+updateSubscriptionNotificationConfiguration_roleArn :: Lens.Lens' UpdateSubscriptionNotificationConfiguration (Prelude.Maybe Prelude.Text)
+updateSubscriptionNotificationConfiguration_roleArn = Lens.lens (\UpdateSubscriptionNotificationConfiguration' {roleArn} -> roleArn) (\s@UpdateSubscriptionNotificationConfiguration' {} a -> s {roleArn = a} :: UpdateSubscriptionNotificationConfiguration)
+
+-- | The subscription endpoint in Security Lake.
+updateSubscriptionNotificationConfiguration_subscriptionEndpoint :: Lens.Lens' UpdateSubscriptionNotificationConfiguration (Prelude.Maybe Prelude.Text)
+updateSubscriptionNotificationConfiguration_subscriptionEndpoint = Lens.lens (\UpdateSubscriptionNotificationConfiguration' {subscriptionEndpoint} -> subscriptionEndpoint) (\s@UpdateSubscriptionNotificationConfiguration' {} a -> s {subscriptionEndpoint = a} :: UpdateSubscriptionNotificationConfiguration)
+
+-- | The subscription ID for which the subscription notification is
+-- specified.
+updateSubscriptionNotificationConfiguration_subscriptionId :: Lens.Lens' UpdateSubscriptionNotificationConfiguration Prelude.Text
+updateSubscriptionNotificationConfiguration_subscriptionId = Lens.lens (\UpdateSubscriptionNotificationConfiguration' {subscriptionId} -> subscriptionId) (\s@UpdateSubscriptionNotificationConfiguration' {} a -> s {subscriptionId = a} :: UpdateSubscriptionNotificationConfiguration)
+
+instance
+  Core.AWSRequest
+    UpdateSubscriptionNotificationConfiguration
+  where
+  type
+    AWSResponse
+      UpdateSubscriptionNotificationConfiguration =
+      UpdateSubscriptionNotificationConfigurationResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdateSubscriptionNotificationConfigurationResponse'
+            Prelude.<$> (x Data..?> "queueArn")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    UpdateSubscriptionNotificationConfiguration
+  where
+  hashWithSalt
+    _salt
+    UpdateSubscriptionNotificationConfiguration' {..} =
+      _salt
+        `Prelude.hashWithSalt` createSqs
+        `Prelude.hashWithSalt` httpsApiKeyName
+        `Prelude.hashWithSalt` httpsApiKeyValue
+        `Prelude.hashWithSalt` httpsMethod
+        `Prelude.hashWithSalt` roleArn
+        `Prelude.hashWithSalt` subscriptionEndpoint
+        `Prelude.hashWithSalt` subscriptionId
+
+instance
+  Prelude.NFData
+    UpdateSubscriptionNotificationConfiguration
+  where
+  rnf UpdateSubscriptionNotificationConfiguration' {..} =
+    Prelude.rnf createSqs
+      `Prelude.seq` Prelude.rnf httpsApiKeyName
+      `Prelude.seq` Prelude.rnf httpsApiKeyValue
+      `Prelude.seq` Prelude.rnf httpsMethod
+      `Prelude.seq` Prelude.rnf roleArn
+      `Prelude.seq` Prelude.rnf subscriptionEndpoint
+      `Prelude.seq` Prelude.rnf subscriptionId
+
+instance
+  Data.ToHeaders
+    UpdateSubscriptionNotificationConfiguration
+  where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance
+  Data.ToJSON
+    UpdateSubscriptionNotificationConfiguration
+  where
+  toJSON
+    UpdateSubscriptionNotificationConfiguration' {..} =
+      Data.object
+        ( Prelude.catMaybes
+            [ ("createSqs" Data..=) Prelude.<$> createSqs,
+              ("httpsApiKeyName" Data..=)
+                Prelude.<$> httpsApiKeyName,
+              ("httpsApiKeyValue" Data..=)
+                Prelude.<$> httpsApiKeyValue,
+              ("httpsMethod" Data..=) Prelude.<$> httpsMethod,
+              ("roleArn" Data..=) Prelude.<$> roleArn,
+              ("subscriptionEndpoint" Data..=)
+                Prelude.<$> subscriptionEndpoint
+            ]
+        )
+
+instance
+  Data.ToPath
+    UpdateSubscriptionNotificationConfiguration
+  where
+  toPath
+    UpdateSubscriptionNotificationConfiguration' {..} =
+      Prelude.mconcat
+        [ "/subscription-notifications/",
+          Data.toBS subscriptionId
+        ]
+
+instance
+  Data.ToQuery
+    UpdateSubscriptionNotificationConfiguration
+  where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateSubscriptionNotificationConfigurationResponse' smart constructor.
+data UpdateSubscriptionNotificationConfigurationResponse = UpdateSubscriptionNotificationConfigurationResponse'
+  { -- | Returns the ARN of the queue.
+    queueArn :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateSubscriptionNotificationConfigurationResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'queueArn', 'updateSubscriptionNotificationConfigurationResponse_queueArn' - Returns the ARN of the queue.
+--
+-- 'httpStatus', 'updateSubscriptionNotificationConfigurationResponse_httpStatus' - The response's http status code.
+newUpdateSubscriptionNotificationConfigurationResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  UpdateSubscriptionNotificationConfigurationResponse
+newUpdateSubscriptionNotificationConfigurationResponse
+  pHttpStatus_ =
+    UpdateSubscriptionNotificationConfigurationResponse'
+      { queueArn =
+          Prelude.Nothing,
+        httpStatus =
+          pHttpStatus_
+      }
+
+-- | Returns the ARN of the queue.
+updateSubscriptionNotificationConfigurationResponse_queueArn :: Lens.Lens' UpdateSubscriptionNotificationConfigurationResponse (Prelude.Maybe Prelude.Text)
+updateSubscriptionNotificationConfigurationResponse_queueArn = Lens.lens (\UpdateSubscriptionNotificationConfigurationResponse' {queueArn} -> queueArn) (\s@UpdateSubscriptionNotificationConfigurationResponse' {} a -> s {queueArn = a} :: UpdateSubscriptionNotificationConfigurationResponse)
+
+-- | The response's http status code.
+updateSubscriptionNotificationConfigurationResponse_httpStatus :: Lens.Lens' UpdateSubscriptionNotificationConfigurationResponse Prelude.Int
+updateSubscriptionNotificationConfigurationResponse_httpStatus = Lens.lens (\UpdateSubscriptionNotificationConfigurationResponse' {httpStatus} -> httpStatus) (\s@UpdateSubscriptionNotificationConfigurationResponse' {} a -> s {httpStatus = a} :: UpdateSubscriptionNotificationConfigurationResponse)
+
+instance
+  Prelude.NFData
+    UpdateSubscriptionNotificationConfigurationResponse
+  where
+  rnf
+    UpdateSubscriptionNotificationConfigurationResponse' {..} =
+      Prelude.rnf queueArn
+        `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/SecurityLake/Waiters.hs b/gen/Amazonka/SecurityLake/Waiters.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/SecurityLake/Waiters.hs
@@ -0,0 +1,24 @@
+{-# LANGUAGE DisambiguateRecordFields #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.SecurityLake.Waiters
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.SecurityLake.Waiters where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.SecurityLake.Lens
+import Amazonka.SecurityLake.Types
diff --git a/src/.gitkeep b/src/.gitkeep
new file mode 100644
--- /dev/null
+++ b/src/.gitkeep
diff --git a/test/Main.hs b/test/Main.hs
new file mode 100644
--- /dev/null
+++ b/test/Main.hs
@@ -0,0 +1,23 @@
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- |
+-- Module      : Main
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Main (main) where
+
+import Test.Amazonka.SecurityLake
+import Test.Amazonka.SecurityLake.Internal
+import Test.Tasty
+
+main :: IO ()
+main =
+  defaultMain $
+    testGroup
+      "SecurityLake"
+      [ testGroup "tests" tests,
+        testGroup "fixtures" fixtures
+      ]
diff --git a/test/Test/Amazonka/Gen/SecurityLake.hs b/test/Test/Amazonka/Gen/SecurityLake.hs
new file mode 100644
--- /dev/null
+++ b/test/Test/Amazonka/Gen/SecurityLake.hs
@@ -0,0 +1,638 @@
+{-# OPTIONS_GHC -fno-warn-orphans #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Test.Amazonka.Gen.SecurityLake
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Test.Amazonka.Gen.SecurityLake where
+
+import Amazonka.SecurityLake
+import qualified Data.Proxy as Proxy
+import Test.Amazonka.Fixture
+import Test.Amazonka.Prelude
+import Test.Amazonka.SecurityLake.Internal
+import Test.Tasty
+
+-- Auto-generated: the actual test selection needs to be manually placed into
+-- the top-level so that real test data can be incrementally added.
+--
+-- This commented snippet is what the entire set should look like:
+
+-- fixtures :: TestTree
+-- fixtures =
+--     [ testGroup "request"
+--         [ requestCreateAwsLogSource $
+--             newCreateAwsLogSource
+--
+--         , requestCreateCustomLogSource $
+--             newCreateCustomLogSource
+--
+--         , requestCreateDatalake $
+--             newCreateDatalake
+--
+--         , requestCreateDatalakeAutoEnable $
+--             newCreateDatalakeAutoEnable
+--
+--         , requestCreateDatalakeDelegatedAdmin $
+--             newCreateDatalakeDelegatedAdmin
+--
+--         , requestCreateDatalakeExceptionsSubscription $
+--             newCreateDatalakeExceptionsSubscription
+--
+--         , requestCreateSubscriber $
+--             newCreateSubscriber
+--
+--         , requestCreateSubscriptionNotificationConfiguration $
+--             newCreateSubscriptionNotificationConfiguration
+--
+--         , requestDeleteAwsLogSource $
+--             newDeleteAwsLogSource
+--
+--         , requestDeleteCustomLogSource $
+--             newDeleteCustomLogSource
+--
+--         , requestDeleteDatalake $
+--             newDeleteDatalake
+--
+--         , requestDeleteDatalakeAutoEnable $
+--             newDeleteDatalakeAutoEnable
+--
+--         , requestDeleteDatalakeDelegatedAdmin $
+--             newDeleteDatalakeDelegatedAdmin
+--
+--         , requestDeleteDatalakeExceptionsSubscription $
+--             newDeleteDatalakeExceptionsSubscription
+--
+--         , requestDeleteSubscriber $
+--             newDeleteSubscriber
+--
+--         , requestDeleteSubscriptionNotificationConfiguration $
+--             newDeleteSubscriptionNotificationConfiguration
+--
+--         , requestGetDatalake $
+--             newGetDatalake
+--
+--         , requestGetDatalakeAutoEnable $
+--             newGetDatalakeAutoEnable
+--
+--         , requestGetDatalakeExceptionsExpiry $
+--             newGetDatalakeExceptionsExpiry
+--
+--         , requestGetDatalakeExceptionsSubscription $
+--             newGetDatalakeExceptionsSubscription
+--
+--         , requestGetDatalakeStatus $
+--             newGetDatalakeStatus
+--
+--         , requestGetSubscriber $
+--             newGetSubscriber
+--
+--         , requestListDatalakeExceptions $
+--             newListDatalakeExceptions
+--
+--         , requestListLogSources $
+--             newListLogSources
+--
+--         , requestListSubscribers $
+--             newListSubscribers
+--
+--         , requestUpdateDatalake $
+--             newUpdateDatalake
+--
+--         , requestUpdateDatalakeExceptionsExpiry $
+--             newUpdateDatalakeExceptionsExpiry
+--
+--         , requestUpdateDatalakeExceptionsSubscription $
+--             newUpdateDatalakeExceptionsSubscription
+--
+--         , requestUpdateSubscriber $
+--             newUpdateSubscriber
+--
+--         , requestUpdateSubscriptionNotificationConfiguration $
+--             newUpdateSubscriptionNotificationConfiguration
+--
+--           ]
+
+--     , testGroup "response"
+--         [ responseCreateAwsLogSource $
+--             newCreateAwsLogSourceResponse
+--
+--         , responseCreateCustomLogSource $
+--             newCreateCustomLogSourceResponse
+--
+--         , responseCreateDatalake $
+--             newCreateDatalakeResponse
+--
+--         , responseCreateDatalakeAutoEnable $
+--             newCreateDatalakeAutoEnableResponse
+--
+--         , responseCreateDatalakeDelegatedAdmin $
+--             newCreateDatalakeDelegatedAdminResponse
+--
+--         , responseCreateDatalakeExceptionsSubscription $
+--             newCreateDatalakeExceptionsSubscriptionResponse
+--
+--         , responseCreateSubscriber $
+--             newCreateSubscriberResponse
+--
+--         , responseCreateSubscriptionNotificationConfiguration $
+--             newCreateSubscriptionNotificationConfigurationResponse
+--
+--         , responseDeleteAwsLogSource $
+--             newDeleteAwsLogSourceResponse
+--
+--         , responseDeleteCustomLogSource $
+--             newDeleteCustomLogSourceResponse
+--
+--         , responseDeleteDatalake $
+--             newDeleteDatalakeResponse
+--
+--         , responseDeleteDatalakeAutoEnable $
+--             newDeleteDatalakeAutoEnableResponse
+--
+--         , responseDeleteDatalakeDelegatedAdmin $
+--             newDeleteDatalakeDelegatedAdminResponse
+--
+--         , responseDeleteDatalakeExceptionsSubscription $
+--             newDeleteDatalakeExceptionsSubscriptionResponse
+--
+--         , responseDeleteSubscriber $
+--             newDeleteSubscriberResponse
+--
+--         , responseDeleteSubscriptionNotificationConfiguration $
+--             newDeleteSubscriptionNotificationConfigurationResponse
+--
+--         , responseGetDatalake $
+--             newGetDatalakeResponse
+--
+--         , responseGetDatalakeAutoEnable $
+--             newGetDatalakeAutoEnableResponse
+--
+--         , responseGetDatalakeExceptionsExpiry $
+--             newGetDatalakeExceptionsExpiryResponse
+--
+--         , responseGetDatalakeExceptionsSubscription $
+--             newGetDatalakeExceptionsSubscriptionResponse
+--
+--         , responseGetDatalakeStatus $
+--             newGetDatalakeStatusResponse
+--
+--         , responseGetSubscriber $
+--             newGetSubscriberResponse
+--
+--         , responseListDatalakeExceptions $
+--             newListDatalakeExceptionsResponse
+--
+--         , responseListLogSources $
+--             newListLogSourcesResponse
+--
+--         , responseListSubscribers $
+--             newListSubscribersResponse
+--
+--         , responseUpdateDatalake $
+--             newUpdateDatalakeResponse
+--
+--         , responseUpdateDatalakeExceptionsExpiry $
+--             newUpdateDatalakeExceptionsExpiryResponse
+--
+--         , responseUpdateDatalakeExceptionsSubscription $
+--             newUpdateDatalakeExceptionsSubscriptionResponse
+--
+--         , responseUpdateSubscriber $
+--             newUpdateSubscriberResponse
+--
+--         , responseUpdateSubscriptionNotificationConfiguration $
+--             newUpdateSubscriptionNotificationConfigurationResponse
+--
+--           ]
+--     ]
+
+-- Requests
+
+requestCreateAwsLogSource :: CreateAwsLogSource -> TestTree
+requestCreateAwsLogSource =
+  req
+    "CreateAwsLogSource"
+    "fixture/CreateAwsLogSource.yaml"
+
+requestCreateCustomLogSource :: CreateCustomLogSource -> TestTree
+requestCreateCustomLogSource =
+  req
+    "CreateCustomLogSource"
+    "fixture/CreateCustomLogSource.yaml"
+
+requestCreateDatalake :: CreateDatalake -> TestTree
+requestCreateDatalake =
+  req
+    "CreateDatalake"
+    "fixture/CreateDatalake.yaml"
+
+requestCreateDatalakeAutoEnable :: CreateDatalakeAutoEnable -> TestTree
+requestCreateDatalakeAutoEnable =
+  req
+    "CreateDatalakeAutoEnable"
+    "fixture/CreateDatalakeAutoEnable.yaml"
+
+requestCreateDatalakeDelegatedAdmin :: CreateDatalakeDelegatedAdmin -> TestTree
+requestCreateDatalakeDelegatedAdmin =
+  req
+    "CreateDatalakeDelegatedAdmin"
+    "fixture/CreateDatalakeDelegatedAdmin.yaml"
+
+requestCreateDatalakeExceptionsSubscription :: CreateDatalakeExceptionsSubscription -> TestTree
+requestCreateDatalakeExceptionsSubscription =
+  req
+    "CreateDatalakeExceptionsSubscription"
+    "fixture/CreateDatalakeExceptionsSubscription.yaml"
+
+requestCreateSubscriber :: CreateSubscriber -> TestTree
+requestCreateSubscriber =
+  req
+    "CreateSubscriber"
+    "fixture/CreateSubscriber.yaml"
+
+requestCreateSubscriptionNotificationConfiguration :: CreateSubscriptionNotificationConfiguration -> TestTree
+requestCreateSubscriptionNotificationConfiguration =
+  req
+    "CreateSubscriptionNotificationConfiguration"
+    "fixture/CreateSubscriptionNotificationConfiguration.yaml"
+
+requestDeleteAwsLogSource :: DeleteAwsLogSource -> TestTree
+requestDeleteAwsLogSource =
+  req
+    "DeleteAwsLogSource"
+    "fixture/DeleteAwsLogSource.yaml"
+
+requestDeleteCustomLogSource :: DeleteCustomLogSource -> TestTree
+requestDeleteCustomLogSource =
+  req
+    "DeleteCustomLogSource"
+    "fixture/DeleteCustomLogSource.yaml"
+
+requestDeleteDatalake :: DeleteDatalake -> TestTree
+requestDeleteDatalake =
+  req
+    "DeleteDatalake"
+    "fixture/DeleteDatalake.yaml"
+
+requestDeleteDatalakeAutoEnable :: DeleteDatalakeAutoEnable -> TestTree
+requestDeleteDatalakeAutoEnable =
+  req
+    "DeleteDatalakeAutoEnable"
+    "fixture/DeleteDatalakeAutoEnable.yaml"
+
+requestDeleteDatalakeDelegatedAdmin :: DeleteDatalakeDelegatedAdmin -> TestTree
+requestDeleteDatalakeDelegatedAdmin =
+  req
+    "DeleteDatalakeDelegatedAdmin"
+    "fixture/DeleteDatalakeDelegatedAdmin.yaml"
+
+requestDeleteDatalakeExceptionsSubscription :: DeleteDatalakeExceptionsSubscription -> TestTree
+requestDeleteDatalakeExceptionsSubscription =
+  req
+    "DeleteDatalakeExceptionsSubscription"
+    "fixture/DeleteDatalakeExceptionsSubscription.yaml"
+
+requestDeleteSubscriber :: DeleteSubscriber -> TestTree
+requestDeleteSubscriber =
+  req
+    "DeleteSubscriber"
+    "fixture/DeleteSubscriber.yaml"
+
+requestDeleteSubscriptionNotificationConfiguration :: DeleteSubscriptionNotificationConfiguration -> TestTree
+requestDeleteSubscriptionNotificationConfiguration =
+  req
+    "DeleteSubscriptionNotificationConfiguration"
+    "fixture/DeleteSubscriptionNotificationConfiguration.yaml"
+
+requestGetDatalake :: GetDatalake -> TestTree
+requestGetDatalake =
+  req
+    "GetDatalake"
+    "fixture/GetDatalake.yaml"
+
+requestGetDatalakeAutoEnable :: GetDatalakeAutoEnable -> TestTree
+requestGetDatalakeAutoEnable =
+  req
+    "GetDatalakeAutoEnable"
+    "fixture/GetDatalakeAutoEnable.yaml"
+
+requestGetDatalakeExceptionsExpiry :: GetDatalakeExceptionsExpiry -> TestTree
+requestGetDatalakeExceptionsExpiry =
+  req
+    "GetDatalakeExceptionsExpiry"
+    "fixture/GetDatalakeExceptionsExpiry.yaml"
+
+requestGetDatalakeExceptionsSubscription :: GetDatalakeExceptionsSubscription -> TestTree
+requestGetDatalakeExceptionsSubscription =
+  req
+    "GetDatalakeExceptionsSubscription"
+    "fixture/GetDatalakeExceptionsSubscription.yaml"
+
+requestGetDatalakeStatus :: GetDatalakeStatus -> TestTree
+requestGetDatalakeStatus =
+  req
+    "GetDatalakeStatus"
+    "fixture/GetDatalakeStatus.yaml"
+
+requestGetSubscriber :: GetSubscriber -> TestTree
+requestGetSubscriber =
+  req
+    "GetSubscriber"
+    "fixture/GetSubscriber.yaml"
+
+requestListDatalakeExceptions :: ListDatalakeExceptions -> TestTree
+requestListDatalakeExceptions =
+  req
+    "ListDatalakeExceptions"
+    "fixture/ListDatalakeExceptions.yaml"
+
+requestListLogSources :: ListLogSources -> TestTree
+requestListLogSources =
+  req
+    "ListLogSources"
+    "fixture/ListLogSources.yaml"
+
+requestListSubscribers :: ListSubscribers -> TestTree
+requestListSubscribers =
+  req
+    "ListSubscribers"
+    "fixture/ListSubscribers.yaml"
+
+requestUpdateDatalake :: UpdateDatalake -> TestTree
+requestUpdateDatalake =
+  req
+    "UpdateDatalake"
+    "fixture/UpdateDatalake.yaml"
+
+requestUpdateDatalakeExceptionsExpiry :: UpdateDatalakeExceptionsExpiry -> TestTree
+requestUpdateDatalakeExceptionsExpiry =
+  req
+    "UpdateDatalakeExceptionsExpiry"
+    "fixture/UpdateDatalakeExceptionsExpiry.yaml"
+
+requestUpdateDatalakeExceptionsSubscription :: UpdateDatalakeExceptionsSubscription -> TestTree
+requestUpdateDatalakeExceptionsSubscription =
+  req
+    "UpdateDatalakeExceptionsSubscription"
+    "fixture/UpdateDatalakeExceptionsSubscription.yaml"
+
+requestUpdateSubscriber :: UpdateSubscriber -> TestTree
+requestUpdateSubscriber =
+  req
+    "UpdateSubscriber"
+    "fixture/UpdateSubscriber.yaml"
+
+requestUpdateSubscriptionNotificationConfiguration :: UpdateSubscriptionNotificationConfiguration -> TestTree
+requestUpdateSubscriptionNotificationConfiguration =
+  req
+    "UpdateSubscriptionNotificationConfiguration"
+    "fixture/UpdateSubscriptionNotificationConfiguration.yaml"
+
+-- Responses
+
+responseCreateAwsLogSource :: CreateAwsLogSourceResponse -> TestTree
+responseCreateAwsLogSource =
+  res
+    "CreateAwsLogSourceResponse"
+    "fixture/CreateAwsLogSourceResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateAwsLogSource)
+
+responseCreateCustomLogSource :: CreateCustomLogSourceResponse -> TestTree
+responseCreateCustomLogSource =
+  res
+    "CreateCustomLogSourceResponse"
+    "fixture/CreateCustomLogSourceResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateCustomLogSource)
+
+responseCreateDatalake :: CreateDatalakeResponse -> TestTree
+responseCreateDatalake =
+  res
+    "CreateDatalakeResponse"
+    "fixture/CreateDatalakeResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateDatalake)
+
+responseCreateDatalakeAutoEnable :: CreateDatalakeAutoEnableResponse -> TestTree
+responseCreateDatalakeAutoEnable =
+  res
+    "CreateDatalakeAutoEnableResponse"
+    "fixture/CreateDatalakeAutoEnableResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateDatalakeAutoEnable)
+
+responseCreateDatalakeDelegatedAdmin :: CreateDatalakeDelegatedAdminResponse -> TestTree
+responseCreateDatalakeDelegatedAdmin =
+  res
+    "CreateDatalakeDelegatedAdminResponse"
+    "fixture/CreateDatalakeDelegatedAdminResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateDatalakeDelegatedAdmin)
+
+responseCreateDatalakeExceptionsSubscription :: CreateDatalakeExceptionsSubscriptionResponse -> TestTree
+responseCreateDatalakeExceptionsSubscription =
+  res
+    "CreateDatalakeExceptionsSubscriptionResponse"
+    "fixture/CreateDatalakeExceptionsSubscriptionResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateDatalakeExceptionsSubscription)
+
+responseCreateSubscriber :: CreateSubscriberResponse -> TestTree
+responseCreateSubscriber =
+  res
+    "CreateSubscriberResponse"
+    "fixture/CreateSubscriberResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateSubscriber)
+
+responseCreateSubscriptionNotificationConfiguration :: CreateSubscriptionNotificationConfigurationResponse -> TestTree
+responseCreateSubscriptionNotificationConfiguration =
+  res
+    "CreateSubscriptionNotificationConfigurationResponse"
+    "fixture/CreateSubscriptionNotificationConfigurationResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateSubscriptionNotificationConfiguration)
+
+responseDeleteAwsLogSource :: DeleteAwsLogSourceResponse -> TestTree
+responseDeleteAwsLogSource =
+  res
+    "DeleteAwsLogSourceResponse"
+    "fixture/DeleteAwsLogSourceResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteAwsLogSource)
+
+responseDeleteCustomLogSource :: DeleteCustomLogSourceResponse -> TestTree
+responseDeleteCustomLogSource =
+  res
+    "DeleteCustomLogSourceResponse"
+    "fixture/DeleteCustomLogSourceResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteCustomLogSource)
+
+responseDeleteDatalake :: DeleteDatalakeResponse -> TestTree
+responseDeleteDatalake =
+  res
+    "DeleteDatalakeResponse"
+    "fixture/DeleteDatalakeResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteDatalake)
+
+responseDeleteDatalakeAutoEnable :: DeleteDatalakeAutoEnableResponse -> TestTree
+responseDeleteDatalakeAutoEnable =
+  res
+    "DeleteDatalakeAutoEnableResponse"
+    "fixture/DeleteDatalakeAutoEnableResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteDatalakeAutoEnable)
+
+responseDeleteDatalakeDelegatedAdmin :: DeleteDatalakeDelegatedAdminResponse -> TestTree
+responseDeleteDatalakeDelegatedAdmin =
+  res
+    "DeleteDatalakeDelegatedAdminResponse"
+    "fixture/DeleteDatalakeDelegatedAdminResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteDatalakeDelegatedAdmin)
+
+responseDeleteDatalakeExceptionsSubscription :: DeleteDatalakeExceptionsSubscriptionResponse -> TestTree
+responseDeleteDatalakeExceptionsSubscription =
+  res
+    "DeleteDatalakeExceptionsSubscriptionResponse"
+    "fixture/DeleteDatalakeExceptionsSubscriptionResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteDatalakeExceptionsSubscription)
+
+responseDeleteSubscriber :: DeleteSubscriberResponse -> TestTree
+responseDeleteSubscriber =
+  res
+    "DeleteSubscriberResponse"
+    "fixture/DeleteSubscriberResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteSubscriber)
+
+responseDeleteSubscriptionNotificationConfiguration :: DeleteSubscriptionNotificationConfigurationResponse -> TestTree
+responseDeleteSubscriptionNotificationConfiguration =
+  res
+    "DeleteSubscriptionNotificationConfigurationResponse"
+    "fixture/DeleteSubscriptionNotificationConfigurationResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteSubscriptionNotificationConfiguration)
+
+responseGetDatalake :: GetDatalakeResponse -> TestTree
+responseGetDatalake =
+  res
+    "GetDatalakeResponse"
+    "fixture/GetDatalakeResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetDatalake)
+
+responseGetDatalakeAutoEnable :: GetDatalakeAutoEnableResponse -> TestTree
+responseGetDatalakeAutoEnable =
+  res
+    "GetDatalakeAutoEnableResponse"
+    "fixture/GetDatalakeAutoEnableResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetDatalakeAutoEnable)
+
+responseGetDatalakeExceptionsExpiry :: GetDatalakeExceptionsExpiryResponse -> TestTree
+responseGetDatalakeExceptionsExpiry =
+  res
+    "GetDatalakeExceptionsExpiryResponse"
+    "fixture/GetDatalakeExceptionsExpiryResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetDatalakeExceptionsExpiry)
+
+responseGetDatalakeExceptionsSubscription :: GetDatalakeExceptionsSubscriptionResponse -> TestTree
+responseGetDatalakeExceptionsSubscription =
+  res
+    "GetDatalakeExceptionsSubscriptionResponse"
+    "fixture/GetDatalakeExceptionsSubscriptionResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetDatalakeExceptionsSubscription)
+
+responseGetDatalakeStatus :: GetDatalakeStatusResponse -> TestTree
+responseGetDatalakeStatus =
+  res
+    "GetDatalakeStatusResponse"
+    "fixture/GetDatalakeStatusResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetDatalakeStatus)
+
+responseGetSubscriber :: GetSubscriberResponse -> TestTree
+responseGetSubscriber =
+  res
+    "GetSubscriberResponse"
+    "fixture/GetSubscriberResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetSubscriber)
+
+responseListDatalakeExceptions :: ListDatalakeExceptionsResponse -> TestTree
+responseListDatalakeExceptions =
+  res
+    "ListDatalakeExceptionsResponse"
+    "fixture/ListDatalakeExceptionsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListDatalakeExceptions)
+
+responseListLogSources :: ListLogSourcesResponse -> TestTree
+responseListLogSources =
+  res
+    "ListLogSourcesResponse"
+    "fixture/ListLogSourcesResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListLogSources)
+
+responseListSubscribers :: ListSubscribersResponse -> TestTree
+responseListSubscribers =
+  res
+    "ListSubscribersResponse"
+    "fixture/ListSubscribersResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListSubscribers)
+
+responseUpdateDatalake :: UpdateDatalakeResponse -> TestTree
+responseUpdateDatalake =
+  res
+    "UpdateDatalakeResponse"
+    "fixture/UpdateDatalakeResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateDatalake)
+
+responseUpdateDatalakeExceptionsExpiry :: UpdateDatalakeExceptionsExpiryResponse -> TestTree
+responseUpdateDatalakeExceptionsExpiry =
+  res
+    "UpdateDatalakeExceptionsExpiryResponse"
+    "fixture/UpdateDatalakeExceptionsExpiryResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateDatalakeExceptionsExpiry)
+
+responseUpdateDatalakeExceptionsSubscription :: UpdateDatalakeExceptionsSubscriptionResponse -> TestTree
+responseUpdateDatalakeExceptionsSubscription =
+  res
+    "UpdateDatalakeExceptionsSubscriptionResponse"
+    "fixture/UpdateDatalakeExceptionsSubscriptionResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateDatalakeExceptionsSubscription)
+
+responseUpdateSubscriber :: UpdateSubscriberResponse -> TestTree
+responseUpdateSubscriber =
+  res
+    "UpdateSubscriberResponse"
+    "fixture/UpdateSubscriberResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateSubscriber)
+
+responseUpdateSubscriptionNotificationConfiguration :: UpdateSubscriptionNotificationConfigurationResponse -> TestTree
+responseUpdateSubscriptionNotificationConfiguration =
+  res
+    "UpdateSubscriptionNotificationConfigurationResponse"
+    "fixture/UpdateSubscriptionNotificationConfigurationResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateSubscriptionNotificationConfiguration)
diff --git a/test/Test/Amazonka/SecurityLake.hs b/test/Test/Amazonka/SecurityLake.hs
new file mode 100644
--- /dev/null
+++ b/test/Test/Amazonka/SecurityLake.hs
@@ -0,0 +1,20 @@
+-- |
+-- Module      : Test.Amazonka.SecurityLake
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Test.Amazonka.SecurityLake
+  ( tests,
+    fixtures,
+  )
+where
+
+import Test.Tasty (TestTree)
+
+tests :: [TestTree]
+tests = []
+
+fixtures :: [TestTree]
+fixtures = []
diff --git a/test/Test/Amazonka/SecurityLake/Internal.hs b/test/Test/Amazonka/SecurityLake/Internal.hs
new file mode 100644
--- /dev/null
+++ b/test/Test/Amazonka/SecurityLake/Internal.hs
@@ -0,0 +1,8 @@
+-- |
+-- Module      : Test.Amazonka.SecurityLake.Internal
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Test.Amazonka.SecurityLake.Internal where
