diff --git a/LICENSE b/LICENSE
new file mode 100644
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,367 @@
+Mozilla Public License Version 2.0
+==================================
+
+1. Definitions
+--------------
+
+1.1. "Contributor"
+    means each individual or legal entity that creates, contributes to
+    the creation of, or owns Covered Software.
+
+1.2. "Contributor Version"
+    means the combination of the Contributions of others (if any) used
+    by a Contributor and that particular Contributor's Contribution.
+
+1.3. "Contribution"
+    means Covered Software of a particular Contributor.
+
+1.4. "Covered Software"
+    means Source Code Form to which the initial Contributor has attached
+    the notice in Exhibit A, the Executable Form of such Source Code
+    Form, and Modifications of such Source Code Form, in each case
+    including portions thereof.
+
+1.5. "Incompatible With Secondary Licenses"
+    means
+
+    (a) that the initial Contributor has attached the notice described
+        in Exhibit B to the Covered Software; or
+
+    (b) that the Covered Software was made available under the terms of
+        version 1.1 or earlier of the License, but not also under the
+        terms of a Secondary License.
+
+1.6. "Executable Form"
+    means any form of the work other than Source Code Form.
+
+1.7. "Larger Work"
+    means a work that combines Covered Software with other material, in
+    a separate file or files, that is not Covered Software.
+
+1.8. "License"
+    means this document.
+
+1.9. "Licensable"
+    means having the right to grant, to the maximum extent possible,
+    whether at the time of the initial grant or subsequently, any and
+    all of the rights conveyed by this License.
+
+1.10. "Modifications"
+    means any of the following:
+
+    (a) any file in Source Code Form that results from an addition to,
+        deletion from, or modification of the contents of Covered
+        Software; or
+
+    (b) any new file in Source Code Form that contains any Covered
+        Software.
+
+1.11. "Patent Claims" of a Contributor
+    means any patent claim(s), including without limitation, method,
+    process, and apparatus claims, in any patent Licensable by such
+    Contributor that would be infringed, but for the grant of the
+    License, by the making, using, selling, offering for sale, having
+    made, import, or transfer of either its Contributions or its
+    Contributor Version.
+
+1.12. "Secondary License"
+    means either the GNU General Public License, Version 2.0, the GNU
+    Lesser General Public License, Version 2.1, the GNU Affero General
+    Public License, Version 3.0, or any later versions of those
+    licenses.
+
+1.13. "Source Code Form"
+    means the form of the work preferred for making modifications.
+
+1.14. "You" (or "Your")
+    means an individual or a legal entity exercising rights under this
+    License. For legal entities, "You" includes any entity that
+    controls, is controlled by, or is under common control with You. For
+    purposes of this definition, "control" means (a) the power, direct
+    or indirect, to cause the direction or management of such entity,
+    whether by contract or otherwise, or (b) ownership of more than
+    fifty percent (50%) of the outstanding shares or beneficial
+    ownership of such entity.
+
+2. License Grants and Conditions
+--------------------------------
+
+2.1. Grants
+
+Each Contributor hereby grants You a world-wide, royalty-free,
+non-exclusive license:
+
+(a) under intellectual property rights (other than patent or trademark)
+    Licensable by such Contributor to use, reproduce, make available,
+    modify, display, perform, distribute, and otherwise exploit its
+    Contributions, either on an unmodified basis, with Modifications, or
+    as part of a Larger Work; and
+
+(b) under Patent Claims of such Contributor to make, use, sell, offer
+    for sale, have made, import, and otherwise transfer either its
+    Contributions or its Contributor Version.
+
+2.2. Effective Date
+
+The licenses granted in Section 2.1 with respect to any Contribution
+become effective for each Contribution on the date the Contributor first
+distributes such Contribution.
+
+2.3. Limitations on Grant Scope
+
+The licenses granted in this Section 2 are the only rights granted under
+this License. No additional rights or licenses will be implied from the
+distribution or licensing of Covered Software under this License.
+Notwithstanding Section 2.1(b) above, no patent license is granted by a
+Contributor:
+
+(a) for any code that a Contributor has removed from Covered Software;
+    or
+
+(b) for infringements caused by: (i) Your and any other third party's
+    modifications of Covered Software, or (ii) the combination of its
+    Contributions with other software (except as part of its Contributor
+    Version); or
+
+(c) under Patent Claims infringed by Covered Software in the absence of
+    its Contributions.
+
+This License does not grant any rights in the trademarks, service marks,
+or logos of any Contributor (except as may be necessary to comply with
+the notice requirements in Section 3.4).
+
+2.4. Subsequent Licenses
+
+No Contributor makes additional grants as a result of Your choice to
+distribute the Covered Software under a subsequent version of this
+License (see Section 10.2) or under the terms of a Secondary License (if
+permitted under the terms of Section 3.3).
+
+2.5. Representation
+
+Each Contributor represents that the Contributor believes its
+Contributions are its original creation(s) or it has sufficient rights
+to grant the rights to its Contributions conveyed by this License.
+
+2.6. Fair Use
+
+This License is not intended to limit any rights You have under
+applicable copyright doctrines of fair use, fair dealing, or other
+equivalents.
+
+2.7. Conditions
+
+Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted
+in Section 2.1.
+
+3. Responsibilities
+-------------------
+
+3.1. Distribution of Source Form
+
+All distribution of Covered Software in Source Code Form, including any
+Modifications that You create or to which You contribute, must be under
+the terms of this License. You must inform recipients that the Source
+Code Form of the Covered Software is governed by the terms of this
+License, and how they can obtain a copy of this License. You may not
+attempt to alter or restrict the recipients' rights in the Source Code
+Form.
+
+3.2. Distribution of Executable Form
+
+If You distribute Covered Software in Executable Form then:
+
+(a) such Covered Software must also be made available in Source Code
+    Form, as described in Section 3.1, and You must inform recipients of
+    the Executable Form how they can obtain a copy of such Source Code
+    Form by reasonable means in a timely manner, at a charge no more
+    than the cost of distribution to the recipient; and
+
+(b) You may distribute such Executable Form under the terms of this
+    License, or sublicense it under different terms, provided that the
+    license for the Executable Form does not attempt to limit or alter
+    the recipients' rights in the Source Code Form under this License.
+
+3.3. Distribution of a Larger Work
+
+You may create and distribute a Larger Work under terms of Your choice,
+provided that You also comply with the requirements of this License for
+the Covered Software. If the Larger Work is a combination of Covered
+Software with a work governed by one or more Secondary Licenses, and the
+Covered Software is not Incompatible With Secondary Licenses, this
+License permits You to additionally distribute such Covered Software
+under the terms of such Secondary License(s), so that the recipient of
+the Larger Work may, at their option, further distribute the Covered
+Software under the terms of either this License or such Secondary
+License(s).
+
+3.4. Notices
+
+You may not remove or alter the substance of any license notices
+(including copyright notices, patent notices, disclaimers of warranty,
+or limitations of liability) contained within the Source Code Form of
+the Covered Software, except that You may alter any license notices to
+the extent required to remedy known factual inaccuracies.
+
+3.5. Application of Additional Terms
+
+You may choose to offer, and to charge a fee for, warranty, support,
+indemnity or liability obligations to one or more recipients of Covered
+Software. However, You may do so only on Your own behalf, and not on
+behalf of any Contributor. You must make it absolutely clear that any
+such warranty, support, indemnity, or liability obligation is offered by
+You alone, and You hereby agree to indemnify every Contributor for any
+liability incurred by such Contributor as a result of warranty, support,
+indemnity or liability terms You offer. You may include additional
+disclaimers of warranty and limitations of liability specific to any
+jurisdiction.
+
+4. Inability to Comply Due to Statute or Regulation
+---------------------------------------------------
+
+If it is impossible for You to comply with any of the terms of this
+License with respect to some or all of the Covered Software due to
+statute, judicial order, or regulation then You must: (a) comply with
+the terms of this License to the maximum extent possible; and (b)
+describe the limitations and the code they affect. Such description must
+be placed in a text file included with all distributions of the Covered
+Software under this License. Except to the extent prohibited by statute
+or regulation, such description must be sufficiently detailed for a
+recipient of ordinary skill to be able to understand it.
+
+5. Termination
+--------------
+
+5.1. The rights granted under this License will terminate automatically
+if You fail to comply with any of its terms. However, if You become
+compliant, then the rights granted under this License from a particular
+Contributor are reinstated (a) provisionally, unless and until such
+Contributor explicitly and finally terminates Your grants, and (b) on an
+ongoing basis, if such Contributor fails to notify You of the
+non-compliance by some reasonable means prior to 60 days after You have
+come back into compliance. Moreover, Your grants from a particular
+Contributor are reinstated on an ongoing basis if such Contributor
+notifies You of the non-compliance by some reasonable means, this is the
+first time You have received notice of non-compliance with this License
+from such Contributor, and You become compliant prior to 30 days after
+Your receipt of the notice.
+
+5.2. If You initiate litigation against any entity by asserting a patent
+infringement claim (excluding declaratory judgment actions,
+counter-claims, and cross-claims) alleging that a Contributor Version
+directly or indirectly infringes any patent, then the rights granted to
+You by any and all Contributors for the Covered Software under Section
+2.1 of this License shall terminate.
+
+5.3. In the event of termination under Sections 5.1 or 5.2 above, all
+end user license agreements (excluding distributors and resellers) which
+have been validly granted by You or Your distributors under this License
+prior to termination shall survive termination.
+
+************************************************************************
+*                                                                      *
+*  6. Disclaimer of Warranty                                           *
+*  -------------------------                                           *
+*                                                                      *
+*  Covered Software is provided under this License on an "as is"       *
+*  basis, without warranty of any kind, either expressed, implied, or  *
+*  statutory, including, without limitation, warranties that the       *
+*  Covered Software is free of defects, merchantable, fit for a        *
+*  particular purpose or non-infringing. The entire risk as to the     *
+*  quality and performance of the Covered Software is with You.        *
+*  Should any Covered Software prove defective in any respect, You     *
+*  (not any Contributor) assume the cost of any necessary servicing,   *
+*  repair, or correction. This disclaimer of warranty constitutes an   *
+*  essential part of this License. No use of any Covered Software is   *
+*  authorized under this License except under this disclaimer.         *
+*                                                                      *
+************************************************************************
+
+************************************************************************
+*                                                                      *
+*  7. Limitation of Liability                                          *
+*  --------------------------                                          *
+*                                                                      *
+*  Under no circumstances and under no legal theory, whether tort      *
+*  (including negligence), contract, or otherwise, shall any           *
+*  Contributor, or anyone who distributes Covered Software as          *
+*  permitted above, be liable to You for any direct, indirect,         *
+*  special, incidental, or consequential damages of any character      *
+*  including, without limitation, damages for lost profits, loss of    *
+*  goodwill, work stoppage, computer failure or malfunction, or any    *
+*  and all other commercial damages or losses, even if such party      *
+*  shall have been informed of the possibility of such damages. This   *
+*  limitation of liability shall not apply to liability for death or   *
+*  personal injury resulting from such party's negligence to the       *
+*  extent applicable law prohibits such limitation. Some               *
+*  jurisdictions do not allow the exclusion or limitation of           *
+*  incidental or consequential damages, so this exclusion and          *
+*  limitation may not apply to You.                                    *
+*                                                                      *
+************************************************************************
+
+8. Litigation
+-------------
+
+Any litigation relating to this License may be brought only in the
+courts of a jurisdiction where the defendant maintains its principal
+place of business and such litigation shall be governed by laws of that
+jurisdiction, without reference to its conflict-of-law provisions.
+Nothing in this Section shall prevent a party's ability to bring
+cross-claims or counter-claims.
+
+9. Miscellaneous
+----------------
+
+This License represents the complete agreement concerning the subject
+matter hereof. If any provision of this License is held to be
+unenforceable, such provision shall be reformed only to the extent
+necessary to make it enforceable. Any law or regulation which provides
+that the language of a contract shall be construed against the drafter
+shall not be used to construe this License against a Contributor.
+
+10. Versions of the License
+---------------------------
+
+10.1. New Versions
+
+Mozilla Foundation is the license steward. Except as provided in Section
+10.3, no one other than the license steward has the right to modify or
+publish new versions of this License. Each version will be given a
+distinguishing version number.
+
+10.2. Effect of New Versions
+
+You may distribute the Covered Software under the terms of the version
+of the License under which You originally received the Covered Software,
+or under the terms of any subsequent version published by the license
+steward.
+
+10.3. Modified Versions
+
+If you create software not governed by this License, and you want to
+create a new license for such software, you may create and use a
+modified version of this License if you rename the license and remove
+any references to the name of the license steward (except to note that
+such modified license differs from this License).
+
+10.4. Distributing Source Code Form that is Incompatible With Secondary
+Licenses
+
+If You choose to distribute Source Code Form that is Incompatible With
+Secondary Licenses under the terms of this version of the License, the
+notice described in Exhibit B of this License must be attached.
+
+Exhibit A - Source Code Form License Notice
+-------------------------------------------
+
+  This Source Code Form is subject to the terms of the Mozilla Public
+  License, v. 2.0. If a copy of the MPL was not distributed with this
+  file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+If it is not possible or desirable to put the notice in a particular
+file, then You may include the notice in a location (such as a LICENSE
+file in a relevant directory) where a recipient would be likely to look
+for such a notice.
+
+You may add additional accurate notices of copyright ownership.
diff --git a/README.md b/README.md
new file mode 100644
--- /dev/null
+++ b/README.md
@@ -0,0 +1,44 @@
+# Amazon Transfer Family SDK
+
+* [Version](#version)
+* [Description](#description)
+* [Contribute](#contribute)
+* [Licence](#licence)
+
+
+## Version
+ 
+`2.0` - Derived from API version @2018-11-05@ of the AWS service descriptions, licensed under Apache 2.0.
+
+## Description
+
+Documentation is available via [Hackage](http://hackage.haskell.org/package/amazonka-transfer)
+and the [AWS API Reference](https://aws.amazon.com/documentation/).
+
+The types from this library are intended to be used with [amazonka](http://hackage.haskell.org/package/amazonka),
+which provides mechanisms for specifying AuthN/AuthZ information, sending requests,
+and receiving responses.
+
+Lenses are used for constructing and manipulating types,
+due to the depth of nesting of AWS types and transparency regarding
+de/serialisation into more palatable Haskell values.
+The provided lenses should be compatible with any of the major lens libraries
+[lens](http://hackage.haskell.org/package/lens) or [lens-family-core](http://hackage.haskell.org/package/lens-family-core).
+
+See [Amazonka.Transfer](http://hackage.haskell.org/package/amazonka-transfer/docs/Amazonka-Transfer.html)
+or [the AWS documentation](https://aws.amazon.com/documentation/) to get started.
+
+
+## Contribute
+
+For any problems, comments, or feedback please create an issue [here on GitHub](https://github.com/brendanhay/amazonka/issues).
+
+> _Note:_ this library is an auto-generated Haskell package. Please see `amazonka-gen` for more information.
+
+
+## Licence
+
+`amazonka-transfer` is released under the [Mozilla Public License Version 2.0](http://www.mozilla.org/MPL/).
+
+Parts of the code are derived from AWS service descriptions, licensed under Apache 2.0.
+Source files subject to this contain an additional licensing clause in their header.
diff --git a/amazonka-transfer.cabal b/amazonka-transfer.cabal
new file mode 100644
--- /dev/null
+++ b/amazonka-transfer.cabal
@@ -0,0 +1,215 @@
+cabal-version:      2.2
+name:               amazonka-transfer
+version:            2.0
+synopsis:           Amazon Transfer Family SDK.
+homepage:           https://github.com/brendanhay/amazonka
+bug-reports:        https://github.com/brendanhay/amazonka/issues
+license:            MPL-2.0
+license-file:       LICENSE
+author:             Brendan Hay
+maintainer:
+  Brendan Hay <brendan.g.hay+amazonka@gmail.com>, Jack Kelly <jack@jackkelly.name>
+
+copyright:          Copyright (c) 2013-2023 Brendan Hay
+category:           AWS
+build-type:         Simple
+extra-source-files:
+  fixture/*.proto
+  fixture/*.yaml
+  README.md
+  src/.gitkeep
+
+description:
+  Derived from API version @2018-11-05@ of the AWS service descriptions, licensed under Apache 2.0.
+  .
+  The types from this library are intended to be used with <http://hackage.haskell.org/package/amazonka amazonka>,
+  which provides mechanisms for specifying AuthN/AuthZ information, sending requests, and receiving responses.
+  .
+  It is recommended to use generic lenses or optics from packages such as <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify optional fields and deconstruct responses.
+  .
+  Generated lenses can be found in "Amazonka.Transfer.Lens" and are
+  suitable for use with a lens package such as <http://hackage.haskell.org/package/lens lens> or <http://hackage.haskell.org/package/lens-family-core lens-family-core>.
+  .
+  See "Amazonka.Transfer" and the <https://aws.amazon.com/documentation/ AWS documentation> to get started.
+
+source-repository head
+  type:     git
+  location: git://github.com/brendanhay/amazonka.git
+  subdir:   amazonka-transfer
+
+library
+  default-language: Haskell2010
+  hs-source-dirs:   src gen
+  ghc-options:
+    -Wall -fwarn-incomplete-uni-patterns
+    -fwarn-incomplete-record-updates -funbox-strict-fields
+
+  exposed-modules:
+    Amazonka.Transfer
+    Amazonka.Transfer.CreateAccess
+    Amazonka.Transfer.CreateAgreement
+    Amazonka.Transfer.CreateConnector
+    Amazonka.Transfer.CreateProfile
+    Amazonka.Transfer.CreateServer
+    Amazonka.Transfer.CreateUser
+    Amazonka.Transfer.CreateWorkflow
+    Amazonka.Transfer.DeleteAccess
+    Amazonka.Transfer.DeleteAgreement
+    Amazonka.Transfer.DeleteCertificate
+    Amazonka.Transfer.DeleteConnector
+    Amazonka.Transfer.DeleteHostKey
+    Amazonka.Transfer.DeleteProfile
+    Amazonka.Transfer.DeleteServer
+    Amazonka.Transfer.DeleteSshPublicKey
+    Amazonka.Transfer.DeleteUser
+    Amazonka.Transfer.DeleteWorkflow
+    Amazonka.Transfer.DescribeAccess
+    Amazonka.Transfer.DescribeAgreement
+    Amazonka.Transfer.DescribeCertificate
+    Amazonka.Transfer.DescribeConnector
+    Amazonka.Transfer.DescribeExecution
+    Amazonka.Transfer.DescribeHostKey
+    Amazonka.Transfer.DescribeProfile
+    Amazonka.Transfer.DescribeSecurityPolicy
+    Amazonka.Transfer.DescribeServer
+    Amazonka.Transfer.DescribeUser
+    Amazonka.Transfer.DescribeWorkflow
+    Amazonka.Transfer.ImportCertificate
+    Amazonka.Transfer.ImportHostKey
+    Amazonka.Transfer.ImportSshPublicKey
+    Amazonka.Transfer.Lens
+    Amazonka.Transfer.ListAccesses
+    Amazonka.Transfer.ListAgreements
+    Amazonka.Transfer.ListCertificates
+    Amazonka.Transfer.ListConnectors
+    Amazonka.Transfer.ListExecutions
+    Amazonka.Transfer.ListHostKeys
+    Amazonka.Transfer.ListProfiles
+    Amazonka.Transfer.ListSecurityPolicies
+    Amazonka.Transfer.ListServers
+    Amazonka.Transfer.ListTagsForResource
+    Amazonka.Transfer.ListUsers
+    Amazonka.Transfer.ListWorkflows
+    Amazonka.Transfer.SendWorkflowStepState
+    Amazonka.Transfer.StartFileTransfer
+    Amazonka.Transfer.StartServer
+    Amazonka.Transfer.StopServer
+    Amazonka.Transfer.TagResource
+    Amazonka.Transfer.TestIdentityProvider
+    Amazonka.Transfer.Types
+    Amazonka.Transfer.Types.AgreementStatusType
+    Amazonka.Transfer.Types.As2ConnectorConfig
+    Amazonka.Transfer.Types.As2Transport
+    Amazonka.Transfer.Types.CertificateStatusType
+    Amazonka.Transfer.Types.CertificateType
+    Amazonka.Transfer.Types.CertificateUsageType
+    Amazonka.Transfer.Types.CompressionEnum
+    Amazonka.Transfer.Types.CopyStepDetails
+    Amazonka.Transfer.Types.CustomStepDetails
+    Amazonka.Transfer.Types.CustomStepStatus
+    Amazonka.Transfer.Types.DecryptStepDetails
+    Amazonka.Transfer.Types.DeleteStepDetails
+    Amazonka.Transfer.Types.DescribedAccess
+    Amazonka.Transfer.Types.DescribedAgreement
+    Amazonka.Transfer.Types.DescribedCertificate
+    Amazonka.Transfer.Types.DescribedConnector
+    Amazonka.Transfer.Types.DescribedExecution
+    Amazonka.Transfer.Types.DescribedHostKey
+    Amazonka.Transfer.Types.DescribedProfile
+    Amazonka.Transfer.Types.DescribedSecurityPolicy
+    Amazonka.Transfer.Types.DescribedServer
+    Amazonka.Transfer.Types.DescribedUser
+    Amazonka.Transfer.Types.DescribedWorkflow
+    Amazonka.Transfer.Types.Domain
+    Amazonka.Transfer.Types.EfsFileLocation
+    Amazonka.Transfer.Types.EncryptionAlg
+    Amazonka.Transfer.Types.EncryptionType
+    Amazonka.Transfer.Types.EndpointDetails
+    Amazonka.Transfer.Types.EndpointType
+    Amazonka.Transfer.Types.ExecutionError
+    Amazonka.Transfer.Types.ExecutionErrorType
+    Amazonka.Transfer.Types.ExecutionResults
+    Amazonka.Transfer.Types.ExecutionStatus
+    Amazonka.Transfer.Types.ExecutionStepResult
+    Amazonka.Transfer.Types.FileLocation
+    Amazonka.Transfer.Types.HomeDirectoryMapEntry
+    Amazonka.Transfer.Types.HomeDirectoryType
+    Amazonka.Transfer.Types.IdentityProviderDetails
+    Amazonka.Transfer.Types.IdentityProviderType
+    Amazonka.Transfer.Types.InputFileLocation
+    Amazonka.Transfer.Types.ListedAccess
+    Amazonka.Transfer.Types.ListedAgreement
+    Amazonka.Transfer.Types.ListedCertificate
+    Amazonka.Transfer.Types.ListedConnector
+    Amazonka.Transfer.Types.ListedExecution
+    Amazonka.Transfer.Types.ListedHostKey
+    Amazonka.Transfer.Types.ListedProfile
+    Amazonka.Transfer.Types.ListedServer
+    Amazonka.Transfer.Types.ListedUser
+    Amazonka.Transfer.Types.ListedWorkflow
+    Amazonka.Transfer.Types.LoggingConfiguration
+    Amazonka.Transfer.Types.MdnResponse
+    Amazonka.Transfer.Types.MdnSigningAlg
+    Amazonka.Transfer.Types.OverwriteExisting
+    Amazonka.Transfer.Types.PosixProfile
+    Amazonka.Transfer.Types.ProfileType
+    Amazonka.Transfer.Types.Protocol
+    Amazonka.Transfer.Types.ProtocolDetails
+    Amazonka.Transfer.Types.S3FileLocation
+    Amazonka.Transfer.Types.S3InputFileLocation
+    Amazonka.Transfer.Types.S3Tag
+    Amazonka.Transfer.Types.ServiceMetadata
+    Amazonka.Transfer.Types.SetStatOption
+    Amazonka.Transfer.Types.SigningAlg
+    Amazonka.Transfer.Types.SshPublicKey
+    Amazonka.Transfer.Types.State
+    Amazonka.Transfer.Types.Tag
+    Amazonka.Transfer.Types.TagStepDetails
+    Amazonka.Transfer.Types.TlsSessionResumptionMode
+    Amazonka.Transfer.Types.UserDetails
+    Amazonka.Transfer.Types.WorkflowDetail
+    Amazonka.Transfer.Types.WorkflowDetails
+    Amazonka.Transfer.Types.WorkflowStep
+    Amazonka.Transfer.Types.WorkflowStepType
+    Amazonka.Transfer.UntagResource
+    Amazonka.Transfer.UpdateAccess
+    Amazonka.Transfer.UpdateAgreement
+    Amazonka.Transfer.UpdateCertificate
+    Amazonka.Transfer.UpdateConnector
+    Amazonka.Transfer.UpdateHostKey
+    Amazonka.Transfer.UpdateProfile
+    Amazonka.Transfer.UpdateServer
+    Amazonka.Transfer.UpdateUser
+    Amazonka.Transfer.Waiters
+
+  build-depends:
+    , amazonka-core  >=2.0  && <2.1
+    , base           >=4.12 && <5
+
+test-suite amazonka-transfer-test
+  type:             exitcode-stdio-1.0
+  default-language: Haskell2010
+  hs-source-dirs:   test
+  main-is:          Main.hs
+  ghc-options:      -Wall -threaded
+
+  -- This section is encoded by the template and any modules added by
+  -- hand outside these namespaces will not correctly be added to the
+  -- distribution package.
+  other-modules:
+    Test.Amazonka.Gen.Transfer
+    Test.Amazonka.Transfer
+    Test.Amazonka.Transfer.Internal
+
+  build-depends:
+    , amazonka-core         >=2.0 && <2.1
+    , amazonka-test         >=2.0 && <2.1
+    , amazonka-transfer
+    , base
+    , bytestring
+    , case-insensitive
+    , tasty
+    , tasty-hunit
+    , text
+    , time
+    , unordered-containers
diff --git a/fixture/CreateAccess.yaml b/fixture/CreateAccess.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateAccess.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateAccessResponse.proto b/fixture/CreateAccessResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateAccessResponse.proto
diff --git a/fixture/CreateAgreement.yaml b/fixture/CreateAgreement.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateAgreement.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateAgreementResponse.proto b/fixture/CreateAgreementResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateAgreementResponse.proto
diff --git a/fixture/CreateConnector.yaml b/fixture/CreateConnector.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateConnector.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateConnectorResponse.proto b/fixture/CreateConnectorResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateConnectorResponse.proto
diff --git a/fixture/CreateProfile.yaml b/fixture/CreateProfile.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateProfile.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateProfileResponse.proto b/fixture/CreateProfileResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateProfileResponse.proto
diff --git a/fixture/CreateServer.yaml b/fixture/CreateServer.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateServer.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateServerResponse.proto b/fixture/CreateServerResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateServerResponse.proto
diff --git a/fixture/CreateUser.yaml b/fixture/CreateUser.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateUser.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateUserResponse.proto b/fixture/CreateUserResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateUserResponse.proto
diff --git a/fixture/CreateWorkflow.yaml b/fixture/CreateWorkflow.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateWorkflow.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateWorkflowResponse.proto b/fixture/CreateWorkflowResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateWorkflowResponse.proto
diff --git a/fixture/DeleteAccess.yaml b/fixture/DeleteAccess.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteAccess.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteAccessResponse.proto b/fixture/DeleteAccessResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteAccessResponse.proto
diff --git a/fixture/DeleteAgreement.yaml b/fixture/DeleteAgreement.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteAgreement.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteAgreementResponse.proto b/fixture/DeleteAgreementResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteAgreementResponse.proto
diff --git a/fixture/DeleteCertificate.yaml b/fixture/DeleteCertificate.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteCertificate.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteCertificateResponse.proto b/fixture/DeleteCertificateResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteCertificateResponse.proto
diff --git a/fixture/DeleteConnector.yaml b/fixture/DeleteConnector.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteConnector.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteConnectorResponse.proto b/fixture/DeleteConnectorResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteConnectorResponse.proto
diff --git a/fixture/DeleteHostKey.yaml b/fixture/DeleteHostKey.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteHostKey.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteHostKeyResponse.proto b/fixture/DeleteHostKeyResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteHostKeyResponse.proto
diff --git a/fixture/DeleteProfile.yaml b/fixture/DeleteProfile.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteProfile.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteProfileResponse.proto b/fixture/DeleteProfileResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteProfileResponse.proto
diff --git a/fixture/DeleteServer.yaml b/fixture/DeleteServer.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteServer.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteServerResponse.proto b/fixture/DeleteServerResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteServerResponse.proto
diff --git a/fixture/DeleteSshPublicKey.yaml b/fixture/DeleteSshPublicKey.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteSshPublicKey.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteSshPublicKeyResponse.proto b/fixture/DeleteSshPublicKeyResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteSshPublicKeyResponse.proto
diff --git a/fixture/DeleteUser.yaml b/fixture/DeleteUser.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteUser.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteUserResponse.proto b/fixture/DeleteUserResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteUserResponse.proto
diff --git a/fixture/DeleteWorkflow.yaml b/fixture/DeleteWorkflow.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteWorkflow.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteWorkflowResponse.proto b/fixture/DeleteWorkflowResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteWorkflowResponse.proto
diff --git a/fixture/DescribeAccess.yaml b/fixture/DescribeAccess.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeAccess.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeAccessResponse.proto b/fixture/DescribeAccessResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeAccessResponse.proto
diff --git a/fixture/DescribeAgreement.yaml b/fixture/DescribeAgreement.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeAgreement.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeAgreementResponse.proto b/fixture/DescribeAgreementResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeAgreementResponse.proto
diff --git a/fixture/DescribeCertificate.yaml b/fixture/DescribeCertificate.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeCertificate.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeCertificateResponse.proto b/fixture/DescribeCertificateResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeCertificateResponse.proto
diff --git a/fixture/DescribeConnector.yaml b/fixture/DescribeConnector.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeConnector.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeConnectorResponse.proto b/fixture/DescribeConnectorResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeConnectorResponse.proto
diff --git a/fixture/DescribeExecution.yaml b/fixture/DescribeExecution.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeExecution.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeExecutionResponse.proto b/fixture/DescribeExecutionResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeExecutionResponse.proto
diff --git a/fixture/DescribeHostKey.yaml b/fixture/DescribeHostKey.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeHostKey.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeHostKeyResponse.proto b/fixture/DescribeHostKeyResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeHostKeyResponse.proto
diff --git a/fixture/DescribeProfile.yaml b/fixture/DescribeProfile.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeProfile.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeProfileResponse.proto b/fixture/DescribeProfileResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeProfileResponse.proto
diff --git a/fixture/DescribeSecurityPolicy.yaml b/fixture/DescribeSecurityPolicy.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeSecurityPolicy.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeSecurityPolicyResponse.proto b/fixture/DescribeSecurityPolicyResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeSecurityPolicyResponse.proto
diff --git a/fixture/DescribeServer.yaml b/fixture/DescribeServer.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeServer.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeServerResponse.proto b/fixture/DescribeServerResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeServerResponse.proto
diff --git a/fixture/DescribeUser.yaml b/fixture/DescribeUser.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeUser.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeUserResponse.proto b/fixture/DescribeUserResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeUserResponse.proto
diff --git a/fixture/DescribeWorkflow.yaml b/fixture/DescribeWorkflow.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeWorkflow.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DescribeWorkflowResponse.proto b/fixture/DescribeWorkflowResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DescribeWorkflowResponse.proto
diff --git a/fixture/ImportCertificate.yaml b/fixture/ImportCertificate.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ImportCertificate.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ImportCertificateResponse.proto b/fixture/ImportCertificateResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ImportCertificateResponse.proto
diff --git a/fixture/ImportHostKey.yaml b/fixture/ImportHostKey.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ImportHostKey.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ImportHostKeyResponse.proto b/fixture/ImportHostKeyResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ImportHostKeyResponse.proto
diff --git a/fixture/ImportSshPublicKey.yaml b/fixture/ImportSshPublicKey.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ImportSshPublicKey.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ImportSshPublicKeyResponse.proto b/fixture/ImportSshPublicKeyResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ImportSshPublicKeyResponse.proto
diff --git a/fixture/ListAccesses.yaml b/fixture/ListAccesses.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListAccesses.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListAccessesResponse.proto b/fixture/ListAccessesResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListAccessesResponse.proto
diff --git a/fixture/ListAgreements.yaml b/fixture/ListAgreements.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListAgreements.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListAgreementsResponse.proto b/fixture/ListAgreementsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListAgreementsResponse.proto
diff --git a/fixture/ListCertificates.yaml b/fixture/ListCertificates.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListCertificates.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListCertificatesResponse.proto b/fixture/ListCertificatesResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListCertificatesResponse.proto
diff --git a/fixture/ListConnectors.yaml b/fixture/ListConnectors.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListConnectors.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListConnectorsResponse.proto b/fixture/ListConnectorsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListConnectorsResponse.proto
diff --git a/fixture/ListExecutions.yaml b/fixture/ListExecutions.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListExecutions.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListExecutionsResponse.proto b/fixture/ListExecutionsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListExecutionsResponse.proto
diff --git a/fixture/ListHostKeys.yaml b/fixture/ListHostKeys.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListHostKeys.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListHostKeysResponse.proto b/fixture/ListHostKeysResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListHostKeysResponse.proto
diff --git a/fixture/ListProfiles.yaml b/fixture/ListProfiles.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListProfiles.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListProfilesResponse.proto b/fixture/ListProfilesResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListProfilesResponse.proto
diff --git a/fixture/ListSecurityPolicies.yaml b/fixture/ListSecurityPolicies.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListSecurityPolicies.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListSecurityPoliciesResponse.proto b/fixture/ListSecurityPoliciesResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListSecurityPoliciesResponse.proto
diff --git a/fixture/ListServers.yaml b/fixture/ListServers.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListServers.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListServersResponse.proto b/fixture/ListServersResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListServersResponse.proto
diff --git a/fixture/ListTagsForResource.yaml b/fixture/ListTagsForResource.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListTagsForResource.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListTagsForResourceResponse.proto b/fixture/ListTagsForResourceResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListTagsForResourceResponse.proto
diff --git a/fixture/ListUsers.yaml b/fixture/ListUsers.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListUsers.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListUsersResponse.proto b/fixture/ListUsersResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListUsersResponse.proto
diff --git a/fixture/ListWorkflows.yaml b/fixture/ListWorkflows.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListWorkflows.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListWorkflowsResponse.proto b/fixture/ListWorkflowsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListWorkflowsResponse.proto
diff --git a/fixture/SendWorkflowStepState.yaml b/fixture/SendWorkflowStepState.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/SendWorkflowStepState.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/SendWorkflowStepStateResponse.proto b/fixture/SendWorkflowStepStateResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/SendWorkflowStepStateResponse.proto
diff --git a/fixture/StartFileTransfer.yaml b/fixture/StartFileTransfer.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/StartFileTransfer.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/StartFileTransferResponse.proto b/fixture/StartFileTransferResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/StartFileTransferResponse.proto
diff --git a/fixture/StartServer.yaml b/fixture/StartServer.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/StartServer.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/StartServerResponse.proto b/fixture/StartServerResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/StartServerResponse.proto
diff --git a/fixture/StopServer.yaml b/fixture/StopServer.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/StopServer.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/StopServerResponse.proto b/fixture/StopServerResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/StopServerResponse.proto
diff --git a/fixture/TagResource.yaml b/fixture/TagResource.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/TagResource.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/TagResourceResponse.proto b/fixture/TagResourceResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/TagResourceResponse.proto
diff --git a/fixture/TestIdentityProvider.yaml b/fixture/TestIdentityProvider.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/TestIdentityProvider.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/TestIdentityProviderResponse.proto b/fixture/TestIdentityProviderResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/TestIdentityProviderResponse.proto
diff --git a/fixture/UntagResource.yaml b/fixture/UntagResource.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UntagResource.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UntagResourceResponse.proto b/fixture/UntagResourceResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UntagResourceResponse.proto
diff --git a/fixture/UpdateAccess.yaml b/fixture/UpdateAccess.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateAccess.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateAccessResponse.proto b/fixture/UpdateAccessResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateAccessResponse.proto
diff --git a/fixture/UpdateAgreement.yaml b/fixture/UpdateAgreement.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateAgreement.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateAgreementResponse.proto b/fixture/UpdateAgreementResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateAgreementResponse.proto
diff --git a/fixture/UpdateCertificate.yaml b/fixture/UpdateCertificate.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateCertificate.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateCertificateResponse.proto b/fixture/UpdateCertificateResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateCertificateResponse.proto
diff --git a/fixture/UpdateConnector.yaml b/fixture/UpdateConnector.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateConnector.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateConnectorResponse.proto b/fixture/UpdateConnectorResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateConnectorResponse.proto
diff --git a/fixture/UpdateHostKey.yaml b/fixture/UpdateHostKey.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateHostKey.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateHostKeyResponse.proto b/fixture/UpdateHostKeyResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateHostKeyResponse.proto
diff --git a/fixture/UpdateProfile.yaml b/fixture/UpdateProfile.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateProfile.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateProfileResponse.proto b/fixture/UpdateProfileResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateProfileResponse.proto
diff --git a/fixture/UpdateServer.yaml b/fixture/UpdateServer.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateServer.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateServerResponse.proto b/fixture/UpdateServerResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateServerResponse.proto
diff --git a/fixture/UpdateUser.yaml b/fixture/UpdateUser.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateUser.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/transfer/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  transfer.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateUserResponse.proto b/fixture/UpdateUserResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateUserResponse.proto
diff --git a/gen/Amazonka/Transfer.hs b/gen/Amazonka/Transfer.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer.hs
@@ -0,0 +1,783 @@
+{-# OPTIONS_GHC -fno-warn-duplicate-exports #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- |
+-- Module      : Amazonka.Transfer
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Derived from API version @2018-11-05@ of the AWS service descriptions, licensed under Apache 2.0.
+--
+-- Transfer Family is a fully managed service that enables the transfer of
+-- files over the File Transfer Protocol (FTP), File Transfer Protocol over
+-- SSL (FTPS), or Secure Shell (SSH) File Transfer Protocol (SFTP) directly
+-- into and out of Amazon Simple Storage Service (Amazon S3) or Amazon EFS.
+-- Additionally, you can use Applicability Statement 2 (AS2) to transfer
+-- files into and out of Amazon S3. Amazon Web Services helps you
+-- seamlessly migrate your file transfer workflows to Transfer Family by
+-- integrating with existing authentication systems, and providing DNS
+-- routing with Amazon Route 53 so nothing changes for your customers and
+-- partners, or their applications. With your data in Amazon S3, you can
+-- use it with Amazon Web Services for processing, analytics, machine
+-- learning, and archiving. Getting started with Transfer Family is easy
+-- since there is no infrastructure to buy and set up.
+module Amazonka.Transfer
+  ( -- * Service Configuration
+    defaultService,
+
+    -- * Errors
+    -- $errors
+
+    -- ** AccessDeniedException
+    _AccessDeniedException,
+
+    -- ** ConflictException
+    _ConflictException,
+
+    -- ** InternalServiceError
+    _InternalServiceError,
+
+    -- ** InvalidNextTokenException
+    _InvalidNextTokenException,
+
+    -- ** InvalidRequestException
+    _InvalidRequestException,
+
+    -- ** ResourceExistsException
+    _ResourceExistsException,
+
+    -- ** ResourceNotFoundException
+    _ResourceNotFoundException,
+
+    -- ** ServiceUnavailableException
+    _ServiceUnavailableException,
+
+    -- ** ThrottlingException
+    _ThrottlingException,
+
+    -- * Waiters
+    -- $waiters
+
+    -- ** ServerOffline
+    newServerOffline,
+
+    -- ** ServerOnline
+    newServerOnline,
+
+    -- * Operations
+    -- $operations
+
+    -- ** CreateAccess
+    CreateAccess (CreateAccess'),
+    newCreateAccess,
+    CreateAccessResponse (CreateAccessResponse'),
+    newCreateAccessResponse,
+
+    -- ** CreateAgreement
+    CreateAgreement (CreateAgreement'),
+    newCreateAgreement,
+    CreateAgreementResponse (CreateAgreementResponse'),
+    newCreateAgreementResponse,
+
+    -- ** CreateConnector
+    CreateConnector (CreateConnector'),
+    newCreateConnector,
+    CreateConnectorResponse (CreateConnectorResponse'),
+    newCreateConnectorResponse,
+
+    -- ** CreateProfile
+    CreateProfile (CreateProfile'),
+    newCreateProfile,
+    CreateProfileResponse (CreateProfileResponse'),
+    newCreateProfileResponse,
+
+    -- ** CreateServer
+    CreateServer (CreateServer'),
+    newCreateServer,
+    CreateServerResponse (CreateServerResponse'),
+    newCreateServerResponse,
+
+    -- ** CreateUser
+    CreateUser (CreateUser'),
+    newCreateUser,
+    CreateUserResponse (CreateUserResponse'),
+    newCreateUserResponse,
+
+    -- ** CreateWorkflow
+    CreateWorkflow (CreateWorkflow'),
+    newCreateWorkflow,
+    CreateWorkflowResponse (CreateWorkflowResponse'),
+    newCreateWorkflowResponse,
+
+    -- ** DeleteAccess
+    DeleteAccess (DeleteAccess'),
+    newDeleteAccess,
+    DeleteAccessResponse (DeleteAccessResponse'),
+    newDeleteAccessResponse,
+
+    -- ** DeleteAgreement
+    DeleteAgreement (DeleteAgreement'),
+    newDeleteAgreement,
+    DeleteAgreementResponse (DeleteAgreementResponse'),
+    newDeleteAgreementResponse,
+
+    -- ** DeleteCertificate
+    DeleteCertificate (DeleteCertificate'),
+    newDeleteCertificate,
+    DeleteCertificateResponse (DeleteCertificateResponse'),
+    newDeleteCertificateResponse,
+
+    -- ** DeleteConnector
+    DeleteConnector (DeleteConnector'),
+    newDeleteConnector,
+    DeleteConnectorResponse (DeleteConnectorResponse'),
+    newDeleteConnectorResponse,
+
+    -- ** DeleteHostKey
+    DeleteHostKey (DeleteHostKey'),
+    newDeleteHostKey,
+    DeleteHostKeyResponse (DeleteHostKeyResponse'),
+    newDeleteHostKeyResponse,
+
+    -- ** DeleteProfile
+    DeleteProfile (DeleteProfile'),
+    newDeleteProfile,
+    DeleteProfileResponse (DeleteProfileResponse'),
+    newDeleteProfileResponse,
+
+    -- ** DeleteServer
+    DeleteServer (DeleteServer'),
+    newDeleteServer,
+    DeleteServerResponse (DeleteServerResponse'),
+    newDeleteServerResponse,
+
+    -- ** DeleteSshPublicKey
+    DeleteSshPublicKey (DeleteSshPublicKey'),
+    newDeleteSshPublicKey,
+    DeleteSshPublicKeyResponse (DeleteSshPublicKeyResponse'),
+    newDeleteSshPublicKeyResponse,
+
+    -- ** DeleteUser
+    DeleteUser (DeleteUser'),
+    newDeleteUser,
+    DeleteUserResponse (DeleteUserResponse'),
+    newDeleteUserResponse,
+
+    -- ** DeleteWorkflow
+    DeleteWorkflow (DeleteWorkflow'),
+    newDeleteWorkflow,
+    DeleteWorkflowResponse (DeleteWorkflowResponse'),
+    newDeleteWorkflowResponse,
+
+    -- ** DescribeAccess
+    DescribeAccess (DescribeAccess'),
+    newDescribeAccess,
+    DescribeAccessResponse (DescribeAccessResponse'),
+    newDescribeAccessResponse,
+
+    -- ** DescribeAgreement
+    DescribeAgreement (DescribeAgreement'),
+    newDescribeAgreement,
+    DescribeAgreementResponse (DescribeAgreementResponse'),
+    newDescribeAgreementResponse,
+
+    -- ** DescribeCertificate
+    DescribeCertificate (DescribeCertificate'),
+    newDescribeCertificate,
+    DescribeCertificateResponse (DescribeCertificateResponse'),
+    newDescribeCertificateResponse,
+
+    -- ** DescribeConnector
+    DescribeConnector (DescribeConnector'),
+    newDescribeConnector,
+    DescribeConnectorResponse (DescribeConnectorResponse'),
+    newDescribeConnectorResponse,
+
+    -- ** DescribeExecution
+    DescribeExecution (DescribeExecution'),
+    newDescribeExecution,
+    DescribeExecutionResponse (DescribeExecutionResponse'),
+    newDescribeExecutionResponse,
+
+    -- ** DescribeHostKey
+    DescribeHostKey (DescribeHostKey'),
+    newDescribeHostKey,
+    DescribeHostKeyResponse (DescribeHostKeyResponse'),
+    newDescribeHostKeyResponse,
+
+    -- ** DescribeProfile
+    DescribeProfile (DescribeProfile'),
+    newDescribeProfile,
+    DescribeProfileResponse (DescribeProfileResponse'),
+    newDescribeProfileResponse,
+
+    -- ** DescribeSecurityPolicy
+    DescribeSecurityPolicy (DescribeSecurityPolicy'),
+    newDescribeSecurityPolicy,
+    DescribeSecurityPolicyResponse (DescribeSecurityPolicyResponse'),
+    newDescribeSecurityPolicyResponse,
+
+    -- ** DescribeServer
+    DescribeServer (DescribeServer'),
+    newDescribeServer,
+    DescribeServerResponse (DescribeServerResponse'),
+    newDescribeServerResponse,
+
+    -- ** DescribeUser
+    DescribeUser (DescribeUser'),
+    newDescribeUser,
+    DescribeUserResponse (DescribeUserResponse'),
+    newDescribeUserResponse,
+
+    -- ** DescribeWorkflow
+    DescribeWorkflow (DescribeWorkflow'),
+    newDescribeWorkflow,
+    DescribeWorkflowResponse (DescribeWorkflowResponse'),
+    newDescribeWorkflowResponse,
+
+    -- ** ImportCertificate
+    ImportCertificate (ImportCertificate'),
+    newImportCertificate,
+    ImportCertificateResponse (ImportCertificateResponse'),
+    newImportCertificateResponse,
+
+    -- ** ImportHostKey
+    ImportHostKey (ImportHostKey'),
+    newImportHostKey,
+    ImportHostKeyResponse (ImportHostKeyResponse'),
+    newImportHostKeyResponse,
+
+    -- ** ImportSshPublicKey
+    ImportSshPublicKey (ImportSshPublicKey'),
+    newImportSshPublicKey,
+    ImportSshPublicKeyResponse (ImportSshPublicKeyResponse'),
+    newImportSshPublicKeyResponse,
+
+    -- ** ListAccesses (Paginated)
+    ListAccesses (ListAccesses'),
+    newListAccesses,
+    ListAccessesResponse (ListAccessesResponse'),
+    newListAccessesResponse,
+
+    -- ** ListAgreements (Paginated)
+    ListAgreements (ListAgreements'),
+    newListAgreements,
+    ListAgreementsResponse (ListAgreementsResponse'),
+    newListAgreementsResponse,
+
+    -- ** ListCertificates (Paginated)
+    ListCertificates (ListCertificates'),
+    newListCertificates,
+    ListCertificatesResponse (ListCertificatesResponse'),
+    newListCertificatesResponse,
+
+    -- ** ListConnectors (Paginated)
+    ListConnectors (ListConnectors'),
+    newListConnectors,
+    ListConnectorsResponse (ListConnectorsResponse'),
+    newListConnectorsResponse,
+
+    -- ** ListExecutions (Paginated)
+    ListExecutions (ListExecutions'),
+    newListExecutions,
+    ListExecutionsResponse (ListExecutionsResponse'),
+    newListExecutionsResponse,
+
+    -- ** ListHostKeys
+    ListHostKeys (ListHostKeys'),
+    newListHostKeys,
+    ListHostKeysResponse (ListHostKeysResponse'),
+    newListHostKeysResponse,
+
+    -- ** ListProfiles (Paginated)
+    ListProfiles (ListProfiles'),
+    newListProfiles,
+    ListProfilesResponse (ListProfilesResponse'),
+    newListProfilesResponse,
+
+    -- ** ListSecurityPolicies (Paginated)
+    ListSecurityPolicies (ListSecurityPolicies'),
+    newListSecurityPolicies,
+    ListSecurityPoliciesResponse (ListSecurityPoliciesResponse'),
+    newListSecurityPoliciesResponse,
+
+    -- ** ListServers (Paginated)
+    ListServers (ListServers'),
+    newListServers,
+    ListServersResponse (ListServersResponse'),
+    newListServersResponse,
+
+    -- ** ListTagsForResource (Paginated)
+    ListTagsForResource (ListTagsForResource'),
+    newListTagsForResource,
+    ListTagsForResourceResponse (ListTagsForResourceResponse'),
+    newListTagsForResourceResponse,
+
+    -- ** ListUsers (Paginated)
+    ListUsers (ListUsers'),
+    newListUsers,
+    ListUsersResponse (ListUsersResponse'),
+    newListUsersResponse,
+
+    -- ** ListWorkflows (Paginated)
+    ListWorkflows (ListWorkflows'),
+    newListWorkflows,
+    ListWorkflowsResponse (ListWorkflowsResponse'),
+    newListWorkflowsResponse,
+
+    -- ** SendWorkflowStepState
+    SendWorkflowStepState (SendWorkflowStepState'),
+    newSendWorkflowStepState,
+    SendWorkflowStepStateResponse (SendWorkflowStepStateResponse'),
+    newSendWorkflowStepStateResponse,
+
+    -- ** StartFileTransfer
+    StartFileTransfer (StartFileTransfer'),
+    newStartFileTransfer,
+    StartFileTransferResponse (StartFileTransferResponse'),
+    newStartFileTransferResponse,
+
+    -- ** StartServer
+    StartServer (StartServer'),
+    newStartServer,
+    StartServerResponse (StartServerResponse'),
+    newStartServerResponse,
+
+    -- ** StopServer
+    StopServer (StopServer'),
+    newStopServer,
+    StopServerResponse (StopServerResponse'),
+    newStopServerResponse,
+
+    -- ** TagResource
+    TagResource (TagResource'),
+    newTagResource,
+    TagResourceResponse (TagResourceResponse'),
+    newTagResourceResponse,
+
+    -- ** TestIdentityProvider
+    TestIdentityProvider (TestIdentityProvider'),
+    newTestIdentityProvider,
+    TestIdentityProviderResponse (TestIdentityProviderResponse'),
+    newTestIdentityProviderResponse,
+
+    -- ** UntagResource
+    UntagResource (UntagResource'),
+    newUntagResource,
+    UntagResourceResponse (UntagResourceResponse'),
+    newUntagResourceResponse,
+
+    -- ** UpdateAccess
+    UpdateAccess (UpdateAccess'),
+    newUpdateAccess,
+    UpdateAccessResponse (UpdateAccessResponse'),
+    newUpdateAccessResponse,
+
+    -- ** UpdateAgreement
+    UpdateAgreement (UpdateAgreement'),
+    newUpdateAgreement,
+    UpdateAgreementResponse (UpdateAgreementResponse'),
+    newUpdateAgreementResponse,
+
+    -- ** UpdateCertificate
+    UpdateCertificate (UpdateCertificate'),
+    newUpdateCertificate,
+    UpdateCertificateResponse (UpdateCertificateResponse'),
+    newUpdateCertificateResponse,
+
+    -- ** UpdateConnector
+    UpdateConnector (UpdateConnector'),
+    newUpdateConnector,
+    UpdateConnectorResponse (UpdateConnectorResponse'),
+    newUpdateConnectorResponse,
+
+    -- ** UpdateHostKey
+    UpdateHostKey (UpdateHostKey'),
+    newUpdateHostKey,
+    UpdateHostKeyResponse (UpdateHostKeyResponse'),
+    newUpdateHostKeyResponse,
+
+    -- ** UpdateProfile
+    UpdateProfile (UpdateProfile'),
+    newUpdateProfile,
+    UpdateProfileResponse (UpdateProfileResponse'),
+    newUpdateProfileResponse,
+
+    -- ** UpdateServer
+    UpdateServer (UpdateServer'),
+    newUpdateServer,
+    UpdateServerResponse (UpdateServerResponse'),
+    newUpdateServerResponse,
+
+    -- ** UpdateUser
+    UpdateUser (UpdateUser'),
+    newUpdateUser,
+    UpdateUserResponse (UpdateUserResponse'),
+    newUpdateUserResponse,
+
+    -- * Types
+
+    -- ** AgreementStatusType
+    AgreementStatusType (..),
+
+    -- ** As2Transport
+    As2Transport (..),
+
+    -- ** CertificateStatusType
+    CertificateStatusType (..),
+
+    -- ** CertificateType
+    CertificateType (..),
+
+    -- ** CertificateUsageType
+    CertificateUsageType (..),
+
+    -- ** CompressionEnum
+    CompressionEnum (..),
+
+    -- ** CustomStepStatus
+    CustomStepStatus (..),
+
+    -- ** Domain
+    Domain (..),
+
+    -- ** EncryptionAlg
+    EncryptionAlg (..),
+
+    -- ** EncryptionType
+    EncryptionType (..),
+
+    -- ** EndpointType
+    EndpointType (..),
+
+    -- ** ExecutionErrorType
+    ExecutionErrorType (..),
+
+    -- ** ExecutionStatus
+    ExecutionStatus (..),
+
+    -- ** HomeDirectoryType
+    HomeDirectoryType (..),
+
+    -- ** IdentityProviderType
+    IdentityProviderType (..),
+
+    -- ** MdnResponse
+    MdnResponse (..),
+
+    -- ** MdnSigningAlg
+    MdnSigningAlg (..),
+
+    -- ** OverwriteExisting
+    OverwriteExisting (..),
+
+    -- ** ProfileType
+    ProfileType (..),
+
+    -- ** Protocol
+    Protocol (..),
+
+    -- ** SetStatOption
+    SetStatOption (..),
+
+    -- ** SigningAlg
+    SigningAlg (..),
+
+    -- ** State
+    State (..),
+
+    -- ** TlsSessionResumptionMode
+    TlsSessionResumptionMode (..),
+
+    -- ** WorkflowStepType
+    WorkflowStepType (..),
+
+    -- ** As2ConnectorConfig
+    As2ConnectorConfig (As2ConnectorConfig'),
+    newAs2ConnectorConfig,
+
+    -- ** CopyStepDetails
+    CopyStepDetails (CopyStepDetails'),
+    newCopyStepDetails,
+
+    -- ** CustomStepDetails
+    CustomStepDetails (CustomStepDetails'),
+    newCustomStepDetails,
+
+    -- ** DecryptStepDetails
+    DecryptStepDetails (DecryptStepDetails'),
+    newDecryptStepDetails,
+
+    -- ** DeleteStepDetails
+    DeleteStepDetails (DeleteStepDetails'),
+    newDeleteStepDetails,
+
+    -- ** DescribedAccess
+    DescribedAccess (DescribedAccess'),
+    newDescribedAccess,
+
+    -- ** DescribedAgreement
+    DescribedAgreement (DescribedAgreement'),
+    newDescribedAgreement,
+
+    -- ** DescribedCertificate
+    DescribedCertificate (DescribedCertificate'),
+    newDescribedCertificate,
+
+    -- ** DescribedConnector
+    DescribedConnector (DescribedConnector'),
+    newDescribedConnector,
+
+    -- ** DescribedExecution
+    DescribedExecution (DescribedExecution'),
+    newDescribedExecution,
+
+    -- ** DescribedHostKey
+    DescribedHostKey (DescribedHostKey'),
+    newDescribedHostKey,
+
+    -- ** DescribedProfile
+    DescribedProfile (DescribedProfile'),
+    newDescribedProfile,
+
+    -- ** DescribedSecurityPolicy
+    DescribedSecurityPolicy (DescribedSecurityPolicy'),
+    newDescribedSecurityPolicy,
+
+    -- ** DescribedServer
+    DescribedServer (DescribedServer'),
+    newDescribedServer,
+
+    -- ** DescribedUser
+    DescribedUser (DescribedUser'),
+    newDescribedUser,
+
+    -- ** DescribedWorkflow
+    DescribedWorkflow (DescribedWorkflow'),
+    newDescribedWorkflow,
+
+    -- ** EfsFileLocation
+    EfsFileLocation (EfsFileLocation'),
+    newEfsFileLocation,
+
+    -- ** EndpointDetails
+    EndpointDetails (EndpointDetails'),
+    newEndpointDetails,
+
+    -- ** ExecutionError
+    ExecutionError (ExecutionError'),
+    newExecutionError,
+
+    -- ** ExecutionResults
+    ExecutionResults (ExecutionResults'),
+    newExecutionResults,
+
+    -- ** ExecutionStepResult
+    ExecutionStepResult (ExecutionStepResult'),
+    newExecutionStepResult,
+
+    -- ** FileLocation
+    FileLocation (FileLocation'),
+    newFileLocation,
+
+    -- ** HomeDirectoryMapEntry
+    HomeDirectoryMapEntry (HomeDirectoryMapEntry'),
+    newHomeDirectoryMapEntry,
+
+    -- ** IdentityProviderDetails
+    IdentityProviderDetails (IdentityProviderDetails'),
+    newIdentityProviderDetails,
+
+    -- ** InputFileLocation
+    InputFileLocation (InputFileLocation'),
+    newInputFileLocation,
+
+    -- ** ListedAccess
+    ListedAccess (ListedAccess'),
+    newListedAccess,
+
+    -- ** ListedAgreement
+    ListedAgreement (ListedAgreement'),
+    newListedAgreement,
+
+    -- ** ListedCertificate
+    ListedCertificate (ListedCertificate'),
+    newListedCertificate,
+
+    -- ** ListedConnector
+    ListedConnector (ListedConnector'),
+    newListedConnector,
+
+    -- ** ListedExecution
+    ListedExecution (ListedExecution'),
+    newListedExecution,
+
+    -- ** ListedHostKey
+    ListedHostKey (ListedHostKey'),
+    newListedHostKey,
+
+    -- ** ListedProfile
+    ListedProfile (ListedProfile'),
+    newListedProfile,
+
+    -- ** ListedServer
+    ListedServer (ListedServer'),
+    newListedServer,
+
+    -- ** ListedUser
+    ListedUser (ListedUser'),
+    newListedUser,
+
+    -- ** ListedWorkflow
+    ListedWorkflow (ListedWorkflow'),
+    newListedWorkflow,
+
+    -- ** LoggingConfiguration
+    LoggingConfiguration (LoggingConfiguration'),
+    newLoggingConfiguration,
+
+    -- ** PosixProfile
+    PosixProfile (PosixProfile'),
+    newPosixProfile,
+
+    -- ** ProtocolDetails
+    ProtocolDetails (ProtocolDetails'),
+    newProtocolDetails,
+
+    -- ** S3FileLocation
+    S3FileLocation (S3FileLocation'),
+    newS3FileLocation,
+
+    -- ** S3InputFileLocation
+    S3InputFileLocation (S3InputFileLocation'),
+    newS3InputFileLocation,
+
+    -- ** S3Tag
+    S3Tag (S3Tag'),
+    newS3Tag,
+
+    -- ** ServiceMetadata
+    ServiceMetadata (ServiceMetadata'),
+    newServiceMetadata,
+
+    -- ** SshPublicKey
+    SshPublicKey (SshPublicKey'),
+    newSshPublicKey,
+
+    -- ** Tag
+    Tag (Tag'),
+    newTag,
+
+    -- ** TagStepDetails
+    TagStepDetails (TagStepDetails'),
+    newTagStepDetails,
+
+    -- ** UserDetails
+    UserDetails (UserDetails'),
+    newUserDetails,
+
+    -- ** WorkflowDetail
+    WorkflowDetail (WorkflowDetail'),
+    newWorkflowDetail,
+
+    -- ** WorkflowDetails
+    WorkflowDetails (WorkflowDetails'),
+    newWorkflowDetails,
+
+    -- ** WorkflowStep
+    WorkflowStep (WorkflowStep'),
+    newWorkflowStep,
+  )
+where
+
+import Amazonka.Transfer.CreateAccess
+import Amazonka.Transfer.CreateAgreement
+import Amazonka.Transfer.CreateConnector
+import Amazonka.Transfer.CreateProfile
+import Amazonka.Transfer.CreateServer
+import Amazonka.Transfer.CreateUser
+import Amazonka.Transfer.CreateWorkflow
+import Amazonka.Transfer.DeleteAccess
+import Amazonka.Transfer.DeleteAgreement
+import Amazonka.Transfer.DeleteCertificate
+import Amazonka.Transfer.DeleteConnector
+import Amazonka.Transfer.DeleteHostKey
+import Amazonka.Transfer.DeleteProfile
+import Amazonka.Transfer.DeleteServer
+import Amazonka.Transfer.DeleteSshPublicKey
+import Amazonka.Transfer.DeleteUser
+import Amazonka.Transfer.DeleteWorkflow
+import Amazonka.Transfer.DescribeAccess
+import Amazonka.Transfer.DescribeAgreement
+import Amazonka.Transfer.DescribeCertificate
+import Amazonka.Transfer.DescribeConnector
+import Amazonka.Transfer.DescribeExecution
+import Amazonka.Transfer.DescribeHostKey
+import Amazonka.Transfer.DescribeProfile
+import Amazonka.Transfer.DescribeSecurityPolicy
+import Amazonka.Transfer.DescribeServer
+import Amazonka.Transfer.DescribeUser
+import Amazonka.Transfer.DescribeWorkflow
+import Amazonka.Transfer.ImportCertificate
+import Amazonka.Transfer.ImportHostKey
+import Amazonka.Transfer.ImportSshPublicKey
+import Amazonka.Transfer.Lens
+import Amazonka.Transfer.ListAccesses
+import Amazonka.Transfer.ListAgreements
+import Amazonka.Transfer.ListCertificates
+import Amazonka.Transfer.ListConnectors
+import Amazonka.Transfer.ListExecutions
+import Amazonka.Transfer.ListHostKeys
+import Amazonka.Transfer.ListProfiles
+import Amazonka.Transfer.ListSecurityPolicies
+import Amazonka.Transfer.ListServers
+import Amazonka.Transfer.ListTagsForResource
+import Amazonka.Transfer.ListUsers
+import Amazonka.Transfer.ListWorkflows
+import Amazonka.Transfer.SendWorkflowStepState
+import Amazonka.Transfer.StartFileTransfer
+import Amazonka.Transfer.StartServer
+import Amazonka.Transfer.StopServer
+import Amazonka.Transfer.TagResource
+import Amazonka.Transfer.TestIdentityProvider
+import Amazonka.Transfer.Types
+import Amazonka.Transfer.UntagResource
+import Amazonka.Transfer.UpdateAccess
+import Amazonka.Transfer.UpdateAgreement
+import Amazonka.Transfer.UpdateCertificate
+import Amazonka.Transfer.UpdateConnector
+import Amazonka.Transfer.UpdateHostKey
+import Amazonka.Transfer.UpdateProfile
+import Amazonka.Transfer.UpdateServer
+import Amazonka.Transfer.UpdateUser
+import Amazonka.Transfer.Waiters
+
+-- $errors
+-- Error matchers are designed for use with the functions provided by
+-- <http://hackage.haskell.org/package/lens/docs/Control-Exception-Lens.html Control.Exception.Lens>.
+-- This allows catching (and rethrowing) service specific errors returned
+-- by 'Transfer'.
+
+-- $operations
+-- Some AWS operations return results that are incomplete and require subsequent
+-- requests in order to obtain the entire result set. The process of sending
+-- subsequent requests to continue where a previous request left off is called
+-- pagination. For example, the 'ListObjects' operation of Amazon S3 returns up to
+-- 1000 objects at a time, and you must send subsequent requests with the
+-- appropriate Marker in order to retrieve the next page of results.
+--
+-- Operations that have an 'AWSPager' instance can transparently perform subsequent
+-- requests, correctly setting Markers and other request facets to iterate through
+-- the entire result set of a truncated API operation. Operations which support
+-- this have an additional note in the documentation.
+--
+-- Many operations have the ability to filter results on the server side. See the
+-- individual operation parameters for details.
+
+-- $waiters
+-- Waiters poll by repeatedly sending a request until some remote success condition
+-- configured by the 'Wait' specification is fulfilled. The 'Wait' specification
+-- determines how many attempts should be made, in addition to delay and retry strategies.
diff --git a/gen/Amazonka/Transfer/CreateAccess.hs b/gen/Amazonka/Transfer/CreateAccess.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/CreateAccess.hs
@@ -0,0 +1,500 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.CreateAccess
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Used by administrators to choose which groups in the directory should
+-- have access to upload and download files over the enabled protocols
+-- using Transfer Family. For example, a Microsoft Active Directory might
+-- contain 50,000 users, but only a small fraction might need the ability
+-- to transfer files to the server. An administrator can use @CreateAccess@
+-- to limit the access to the correct set of users who need this ability.
+module Amazonka.Transfer.CreateAccess
+  ( -- * Creating a Request
+    CreateAccess (..),
+    newCreateAccess,
+
+    -- * Request Lenses
+    createAccess_homeDirectory,
+    createAccess_homeDirectoryMappings,
+    createAccess_homeDirectoryType,
+    createAccess_policy,
+    createAccess_posixProfile,
+    createAccess_role,
+    createAccess_serverId,
+    createAccess_externalId,
+
+    -- * Destructuring the Response
+    CreateAccessResponse (..),
+    newCreateAccessResponse,
+
+    -- * Response Lenses
+    createAccessResponse_httpStatus,
+    createAccessResponse_serverId,
+    createAccessResponse_externalId,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newCreateAccess' smart constructor.
+data CreateAccess = CreateAccess'
+  { -- | The landing directory (folder) for a user when they log in to the server
+    -- using the client.
+    --
+    -- A @HomeDirectory@ example is @\/bucket_name\/home\/mydirectory@.
+    homeDirectory :: Prelude.Maybe Prelude.Text,
+    -- | Logical directory mappings that specify what Amazon S3 or Amazon EFS
+    -- paths and keys should be visible to your user and how you want to make
+    -- them visible. You must specify the @Entry@ and @Target@ pair, where
+    -- @Entry@ shows how the path is made visible and @Target@ is the actual
+    -- Amazon S3 or Amazon EFS path. If you only specify a target, it is
+    -- displayed as is. You also must ensure that your Identity and Access
+    -- Management (IAM) role provides access to paths in @Target@. This value
+    -- can be set only when @HomeDirectoryType@ is set to /LOGICAL/.
+    --
+    -- The following is an @Entry@ and @Target@ pair example.
+    --
+    -- @[ { \"Entry\": \"\/directory1\", \"Target\": \"\/bucket_name\/home\/mydirectory\" } ]@
+    --
+    -- In most cases, you can use this value instead of the session policy to
+    -- lock down your user to the designated home directory (\"@chroot@\"). To
+    -- do this, you can set @Entry@ to @\/@ and set @Target@ to the
+    -- @HomeDirectory@ parameter value.
+    --
+    -- The following is an @Entry@ and @Target@ pair example for @chroot@.
+    --
+    -- @[ { \"Entry\": \"\/\", \"Target\": \"\/bucket_name\/home\/mydirectory\" } ]@
+    homeDirectoryMappings :: Prelude.Maybe (Prelude.NonEmpty HomeDirectoryMapEntry),
+    -- | The type of landing directory (folder) that you want your users\' home
+    -- directory to be when they log in to the server. If you set it to @PATH@,
+    -- the user will see the absolute Amazon S3 bucket or EFS paths as is in
+    -- their file transfer protocol clients. If you set it @LOGICAL@, you need
+    -- to provide mappings in the @HomeDirectoryMappings@ for how you want to
+    -- make Amazon S3 or Amazon EFS paths visible to your users.
+    homeDirectoryType :: Prelude.Maybe HomeDirectoryType,
+    -- | A session policy for your user so that you can use the same Identity and
+    -- Access Management (IAM) role across multiple users. This policy scopes
+    -- down a user\'s access to portions of their Amazon S3 bucket. Variables
+    -- that you can use inside this policy include @${Transfer:UserName}@,
+    -- @${Transfer:HomeDirectory}@, and @${Transfer:HomeBucket}@.
+    --
+    -- This policy applies only when the domain of @ServerId@ is Amazon S3.
+    -- Amazon EFS does not use session policies.
+    --
+    -- For session policies, Transfer Family stores the policy as a JSON blob,
+    -- instead of the Amazon Resource Name (ARN) of the policy. You save the
+    -- policy as a JSON blob and pass it in the @Policy@ argument.
+    --
+    -- For an example of a session policy, see
+    -- <https://docs.aws.amazon.com/transfer/latest/userguide/session-policy.html Example session policy>.
+    --
+    -- For more information, see
+    -- <https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html AssumeRole>
+    -- in the /Security Token Service API Reference/.
+    policy :: Prelude.Maybe Prelude.Text,
+    posixProfile :: Prelude.Maybe PosixProfile,
+    -- | The Amazon Resource Name (ARN) of the Identity and Access Management
+    -- (IAM) role that controls your users\' access to your Amazon S3 bucket or
+    -- Amazon EFS file system. The policies attached to this role determine the
+    -- level of access that you want to provide your users when transferring
+    -- files into and out of your Amazon S3 bucket or Amazon EFS file system.
+    -- The IAM role should also contain a trust relationship that allows the
+    -- server to access your resources when servicing your users\' transfer
+    -- requests.
+    role' :: Prelude.Text,
+    -- | A system-assigned unique identifier for a server instance. This is the
+    -- specific server that you added your user to.
+    serverId :: Prelude.Text,
+    -- | A unique identifier that is required to identify specific groups within
+    -- your directory. The users of the group that you associate have access to
+    -- your Amazon S3 or Amazon EFS resources over the enabled protocols using
+    -- Transfer Family. If you know the group name, you can view the SID values
+    -- by running the following command using Windows PowerShell.
+    --
+    -- @Get-ADGroup -Filter {samAccountName -like \"@/@YourGroupName@/@*\"} -Properties * | Select SamAccountName,ObjectSid@
+    --
+    -- In that command, replace /YourGroupName/ with the name of your Active
+    -- Directory group.
+    --
+    -- The regular expression used to validate this parameter is a string of
+    -- characters consisting of uppercase and lowercase alphanumeric characters
+    -- with no spaces. You can also include underscores or any of the following
+    -- characters: =,.\@:\/-
+    externalId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateAccess' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'homeDirectory', 'createAccess_homeDirectory' - The landing directory (folder) for a user when they log in to the server
+-- using the client.
+--
+-- A @HomeDirectory@ example is @\/bucket_name\/home\/mydirectory@.
+--
+-- 'homeDirectoryMappings', 'createAccess_homeDirectoryMappings' - Logical directory mappings that specify what Amazon S3 or Amazon EFS
+-- paths and keys should be visible to your user and how you want to make
+-- them visible. You must specify the @Entry@ and @Target@ pair, where
+-- @Entry@ shows how the path is made visible and @Target@ is the actual
+-- Amazon S3 or Amazon EFS path. If you only specify a target, it is
+-- displayed as is. You also must ensure that your Identity and Access
+-- Management (IAM) role provides access to paths in @Target@. This value
+-- can be set only when @HomeDirectoryType@ is set to /LOGICAL/.
+--
+-- The following is an @Entry@ and @Target@ pair example.
+--
+-- @[ { \"Entry\": \"\/directory1\", \"Target\": \"\/bucket_name\/home\/mydirectory\" } ]@
+--
+-- In most cases, you can use this value instead of the session policy to
+-- lock down your user to the designated home directory (\"@chroot@\"). To
+-- do this, you can set @Entry@ to @\/@ and set @Target@ to the
+-- @HomeDirectory@ parameter value.
+--
+-- The following is an @Entry@ and @Target@ pair example for @chroot@.
+--
+-- @[ { \"Entry\": \"\/\", \"Target\": \"\/bucket_name\/home\/mydirectory\" } ]@
+--
+-- 'homeDirectoryType', 'createAccess_homeDirectoryType' - The type of landing directory (folder) that you want your users\' home
+-- directory to be when they log in to the server. If you set it to @PATH@,
+-- the user will see the absolute Amazon S3 bucket or EFS paths as is in
+-- their file transfer protocol clients. If you set it @LOGICAL@, you need
+-- to provide mappings in the @HomeDirectoryMappings@ for how you want to
+-- make Amazon S3 or Amazon EFS paths visible to your users.
+--
+-- 'policy', 'createAccess_policy' - A session policy for your user so that you can use the same Identity and
+-- Access Management (IAM) role across multiple users. This policy scopes
+-- down a user\'s access to portions of their Amazon S3 bucket. Variables
+-- that you can use inside this policy include @${Transfer:UserName}@,
+-- @${Transfer:HomeDirectory}@, and @${Transfer:HomeBucket}@.
+--
+-- This policy applies only when the domain of @ServerId@ is Amazon S3.
+-- Amazon EFS does not use session policies.
+--
+-- For session policies, Transfer Family stores the policy as a JSON blob,
+-- instead of the Amazon Resource Name (ARN) of the policy. You save the
+-- policy as a JSON blob and pass it in the @Policy@ argument.
+--
+-- For an example of a session policy, see
+-- <https://docs.aws.amazon.com/transfer/latest/userguide/session-policy.html Example session policy>.
+--
+-- For more information, see
+-- <https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html AssumeRole>
+-- in the /Security Token Service API Reference/.
+--
+-- 'posixProfile', 'createAccess_posixProfile' - Undocumented member.
+--
+-- 'role'', 'createAccess_role' - The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that controls your users\' access to your Amazon S3 bucket or
+-- Amazon EFS file system. The policies attached to this role determine the
+-- level of access that you want to provide your users when transferring
+-- files into and out of your Amazon S3 bucket or Amazon EFS file system.
+-- The IAM role should also contain a trust relationship that allows the
+-- server to access your resources when servicing your users\' transfer
+-- requests.
+--
+-- 'serverId', 'createAccess_serverId' - A system-assigned unique identifier for a server instance. This is the
+-- specific server that you added your user to.
+--
+-- 'externalId', 'createAccess_externalId' - A unique identifier that is required to identify specific groups within
+-- your directory. The users of the group that you associate have access to
+-- your Amazon S3 or Amazon EFS resources over the enabled protocols using
+-- Transfer Family. If you know the group name, you can view the SID values
+-- by running the following command using Windows PowerShell.
+--
+-- @Get-ADGroup -Filter {samAccountName -like \"@/@YourGroupName@/@*\"} -Properties * | Select SamAccountName,ObjectSid@
+--
+-- In that command, replace /YourGroupName/ with the name of your Active
+-- Directory group.
+--
+-- The regular expression used to validate this parameter is a string of
+-- characters consisting of uppercase and lowercase alphanumeric characters
+-- with no spaces. You can also include underscores or any of the following
+-- characters: =,.\@:\/-
+newCreateAccess ::
+  -- | 'role''
+  Prelude.Text ->
+  -- | 'serverId'
+  Prelude.Text ->
+  -- | 'externalId'
+  Prelude.Text ->
+  CreateAccess
+newCreateAccess pRole_ pServerId_ pExternalId_ =
+  CreateAccess'
+    { homeDirectory = Prelude.Nothing,
+      homeDirectoryMappings = Prelude.Nothing,
+      homeDirectoryType = Prelude.Nothing,
+      policy = Prelude.Nothing,
+      posixProfile = Prelude.Nothing,
+      role' = pRole_,
+      serverId = pServerId_,
+      externalId = pExternalId_
+    }
+
+-- | The landing directory (folder) for a user when they log in to the server
+-- using the client.
+--
+-- A @HomeDirectory@ example is @\/bucket_name\/home\/mydirectory@.
+createAccess_homeDirectory :: Lens.Lens' CreateAccess (Prelude.Maybe Prelude.Text)
+createAccess_homeDirectory = Lens.lens (\CreateAccess' {homeDirectory} -> homeDirectory) (\s@CreateAccess' {} a -> s {homeDirectory = a} :: CreateAccess)
+
+-- | Logical directory mappings that specify what Amazon S3 or Amazon EFS
+-- paths and keys should be visible to your user and how you want to make
+-- them visible. You must specify the @Entry@ and @Target@ pair, where
+-- @Entry@ shows how the path is made visible and @Target@ is the actual
+-- Amazon S3 or Amazon EFS path. If you only specify a target, it is
+-- displayed as is. You also must ensure that your Identity and Access
+-- Management (IAM) role provides access to paths in @Target@. This value
+-- can be set only when @HomeDirectoryType@ is set to /LOGICAL/.
+--
+-- The following is an @Entry@ and @Target@ pair example.
+--
+-- @[ { \"Entry\": \"\/directory1\", \"Target\": \"\/bucket_name\/home\/mydirectory\" } ]@
+--
+-- In most cases, you can use this value instead of the session policy to
+-- lock down your user to the designated home directory (\"@chroot@\"). To
+-- do this, you can set @Entry@ to @\/@ and set @Target@ to the
+-- @HomeDirectory@ parameter value.
+--
+-- The following is an @Entry@ and @Target@ pair example for @chroot@.
+--
+-- @[ { \"Entry\": \"\/\", \"Target\": \"\/bucket_name\/home\/mydirectory\" } ]@
+createAccess_homeDirectoryMappings :: Lens.Lens' CreateAccess (Prelude.Maybe (Prelude.NonEmpty HomeDirectoryMapEntry))
+createAccess_homeDirectoryMappings = Lens.lens (\CreateAccess' {homeDirectoryMappings} -> homeDirectoryMappings) (\s@CreateAccess' {} a -> s {homeDirectoryMappings = a} :: CreateAccess) Prelude.. Lens.mapping Lens.coerced
+
+-- | The type of landing directory (folder) that you want your users\' home
+-- directory to be when they log in to the server. If you set it to @PATH@,
+-- the user will see the absolute Amazon S3 bucket or EFS paths as is in
+-- their file transfer protocol clients. If you set it @LOGICAL@, you need
+-- to provide mappings in the @HomeDirectoryMappings@ for how you want to
+-- make Amazon S3 or Amazon EFS paths visible to your users.
+createAccess_homeDirectoryType :: Lens.Lens' CreateAccess (Prelude.Maybe HomeDirectoryType)
+createAccess_homeDirectoryType = Lens.lens (\CreateAccess' {homeDirectoryType} -> homeDirectoryType) (\s@CreateAccess' {} a -> s {homeDirectoryType = a} :: CreateAccess)
+
+-- | A session policy for your user so that you can use the same Identity and
+-- Access Management (IAM) role across multiple users. This policy scopes
+-- down a user\'s access to portions of their Amazon S3 bucket. Variables
+-- that you can use inside this policy include @${Transfer:UserName}@,
+-- @${Transfer:HomeDirectory}@, and @${Transfer:HomeBucket}@.
+--
+-- This policy applies only when the domain of @ServerId@ is Amazon S3.
+-- Amazon EFS does not use session policies.
+--
+-- For session policies, Transfer Family stores the policy as a JSON blob,
+-- instead of the Amazon Resource Name (ARN) of the policy. You save the
+-- policy as a JSON blob and pass it in the @Policy@ argument.
+--
+-- For an example of a session policy, see
+-- <https://docs.aws.amazon.com/transfer/latest/userguide/session-policy.html Example session policy>.
+--
+-- For more information, see
+-- <https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html AssumeRole>
+-- in the /Security Token Service API Reference/.
+createAccess_policy :: Lens.Lens' CreateAccess (Prelude.Maybe Prelude.Text)
+createAccess_policy = Lens.lens (\CreateAccess' {policy} -> policy) (\s@CreateAccess' {} a -> s {policy = a} :: CreateAccess)
+
+-- | Undocumented member.
+createAccess_posixProfile :: Lens.Lens' CreateAccess (Prelude.Maybe PosixProfile)
+createAccess_posixProfile = Lens.lens (\CreateAccess' {posixProfile} -> posixProfile) (\s@CreateAccess' {} a -> s {posixProfile = a} :: CreateAccess)
+
+-- | The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that controls your users\' access to your Amazon S3 bucket or
+-- Amazon EFS file system. The policies attached to this role determine the
+-- level of access that you want to provide your users when transferring
+-- files into and out of your Amazon S3 bucket or Amazon EFS file system.
+-- The IAM role should also contain a trust relationship that allows the
+-- server to access your resources when servicing your users\' transfer
+-- requests.
+createAccess_role :: Lens.Lens' CreateAccess Prelude.Text
+createAccess_role = Lens.lens (\CreateAccess' {role'} -> role') (\s@CreateAccess' {} a -> s {role' = a} :: CreateAccess)
+
+-- | A system-assigned unique identifier for a server instance. This is the
+-- specific server that you added your user to.
+createAccess_serverId :: Lens.Lens' CreateAccess Prelude.Text
+createAccess_serverId = Lens.lens (\CreateAccess' {serverId} -> serverId) (\s@CreateAccess' {} a -> s {serverId = a} :: CreateAccess)
+
+-- | A unique identifier that is required to identify specific groups within
+-- your directory. The users of the group that you associate have access to
+-- your Amazon S3 or Amazon EFS resources over the enabled protocols using
+-- Transfer Family. If you know the group name, you can view the SID values
+-- by running the following command using Windows PowerShell.
+--
+-- @Get-ADGroup -Filter {samAccountName -like \"@/@YourGroupName@/@*\"} -Properties * | Select SamAccountName,ObjectSid@
+--
+-- In that command, replace /YourGroupName/ with the name of your Active
+-- Directory group.
+--
+-- The regular expression used to validate this parameter is a string of
+-- characters consisting of uppercase and lowercase alphanumeric characters
+-- with no spaces. You can also include underscores or any of the following
+-- characters: =,.\@:\/-
+createAccess_externalId :: Lens.Lens' CreateAccess Prelude.Text
+createAccess_externalId = Lens.lens (\CreateAccess' {externalId} -> externalId) (\s@CreateAccess' {} a -> s {externalId = a} :: CreateAccess)
+
+instance Core.AWSRequest CreateAccess where
+  type AWSResponse CreateAccess = CreateAccessResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateAccessResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "ServerId")
+            Prelude.<*> (x Data..:> "ExternalId")
+      )
+
+instance Prelude.Hashable CreateAccess where
+  hashWithSalt _salt CreateAccess' {..} =
+    _salt
+      `Prelude.hashWithSalt` homeDirectory
+      `Prelude.hashWithSalt` homeDirectoryMappings
+      `Prelude.hashWithSalt` homeDirectoryType
+      `Prelude.hashWithSalt` policy
+      `Prelude.hashWithSalt` posixProfile
+      `Prelude.hashWithSalt` role'
+      `Prelude.hashWithSalt` serverId
+      `Prelude.hashWithSalt` externalId
+
+instance Prelude.NFData CreateAccess where
+  rnf CreateAccess' {..} =
+    Prelude.rnf homeDirectory
+      `Prelude.seq` Prelude.rnf homeDirectoryMappings
+      `Prelude.seq` Prelude.rnf homeDirectoryType
+      `Prelude.seq` Prelude.rnf policy
+      `Prelude.seq` Prelude.rnf posixProfile
+      `Prelude.seq` Prelude.rnf role'
+      `Prelude.seq` Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf externalId
+
+instance Data.ToHeaders CreateAccess where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.CreateAccess" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON CreateAccess where
+  toJSON CreateAccess' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("HomeDirectory" Data..=) Prelude.<$> homeDirectory,
+            ("HomeDirectoryMappings" Data..=)
+              Prelude.<$> homeDirectoryMappings,
+            ("HomeDirectoryType" Data..=)
+              Prelude.<$> homeDirectoryType,
+            ("Policy" Data..=) Prelude.<$> policy,
+            ("PosixProfile" Data..=) Prelude.<$> posixProfile,
+            Prelude.Just ("Role" Data..= role'),
+            Prelude.Just ("ServerId" Data..= serverId),
+            Prelude.Just ("ExternalId" Data..= externalId)
+          ]
+      )
+
+instance Data.ToPath CreateAccess where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery CreateAccess where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateAccessResponse' smart constructor.
+data CreateAccessResponse = CreateAccessResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The identifier of the server that the user is attached to.
+    serverId :: Prelude.Text,
+    -- | The external identifier of the group whose users have access to your
+    -- Amazon S3 or Amazon EFS resources over the enabled protocols using
+    -- Transfer Family.
+    externalId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateAccessResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'createAccessResponse_httpStatus' - The response's http status code.
+--
+-- 'serverId', 'createAccessResponse_serverId' - The identifier of the server that the user is attached to.
+--
+-- 'externalId', 'createAccessResponse_externalId' - The external identifier of the group whose users have access to your
+-- Amazon S3 or Amazon EFS resources over the enabled protocols using
+-- Transfer Family.
+newCreateAccessResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'serverId'
+  Prelude.Text ->
+  -- | 'externalId'
+  Prelude.Text ->
+  CreateAccessResponse
+newCreateAccessResponse
+  pHttpStatus_
+  pServerId_
+  pExternalId_ =
+    CreateAccessResponse'
+      { httpStatus = pHttpStatus_,
+        serverId = pServerId_,
+        externalId = pExternalId_
+      }
+
+-- | The response's http status code.
+createAccessResponse_httpStatus :: Lens.Lens' CreateAccessResponse Prelude.Int
+createAccessResponse_httpStatus = Lens.lens (\CreateAccessResponse' {httpStatus} -> httpStatus) (\s@CreateAccessResponse' {} a -> s {httpStatus = a} :: CreateAccessResponse)
+
+-- | The identifier of the server that the user is attached to.
+createAccessResponse_serverId :: Lens.Lens' CreateAccessResponse Prelude.Text
+createAccessResponse_serverId = Lens.lens (\CreateAccessResponse' {serverId} -> serverId) (\s@CreateAccessResponse' {} a -> s {serverId = a} :: CreateAccessResponse)
+
+-- | The external identifier of the group whose users have access to your
+-- Amazon S3 or Amazon EFS resources over the enabled protocols using
+-- Transfer Family.
+createAccessResponse_externalId :: Lens.Lens' CreateAccessResponse Prelude.Text
+createAccessResponse_externalId = Lens.lens (\CreateAccessResponse' {externalId} -> externalId) (\s@CreateAccessResponse' {} a -> s {externalId = a} :: CreateAccessResponse)
+
+instance Prelude.NFData CreateAccessResponse where
+  rnf CreateAccessResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf externalId
diff --git a/gen/Amazonka/Transfer/CreateAgreement.hs b/gen/Amazonka/Transfer/CreateAgreement.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/CreateAgreement.hs
@@ -0,0 +1,342 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.CreateAgreement
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates an agreement. An agreement is a bilateral trading partner
+-- agreement, or partnership, between an Transfer Family server and an AS2
+-- process. The agreement defines the file and message transfer
+-- relationship between the server and the AS2 process. To define an
+-- agreement, Transfer Family combines a server, local profile, partner
+-- profile, certificate, and other attributes.
+--
+-- The partner is identified with the @PartnerProfileId@, and the AS2
+-- process is identified with the @LocalProfileId@.
+module Amazonka.Transfer.CreateAgreement
+  ( -- * Creating a Request
+    CreateAgreement (..),
+    newCreateAgreement,
+
+    -- * Request Lenses
+    createAgreement_description,
+    createAgreement_status,
+    createAgreement_tags,
+    createAgreement_serverId,
+    createAgreement_localProfileId,
+    createAgreement_partnerProfileId,
+    createAgreement_baseDirectory,
+    createAgreement_accessRole,
+
+    -- * Destructuring the Response
+    CreateAgreementResponse (..),
+    newCreateAgreementResponse,
+
+    -- * Response Lenses
+    createAgreementResponse_httpStatus,
+    createAgreementResponse_agreementId,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newCreateAgreement' smart constructor.
+data CreateAgreement = CreateAgreement'
+  { -- | A name or short description to identify the agreement.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | The status of the agreement. The agreement can be either @ACTIVE@ or
+    -- @INACTIVE@.
+    status :: Prelude.Maybe AgreementStatusType,
+    -- | Key-value pairs that can be used to group and search for agreements.
+    tags :: Prelude.Maybe (Prelude.NonEmpty Tag),
+    -- | A system-assigned unique identifier for a server instance. This is the
+    -- specific server that the agreement uses.
+    serverId :: Prelude.Text,
+    -- | A unique identifier for the AS2 local profile.
+    localProfileId :: Prelude.Text,
+    -- | A unique identifier for the partner profile used in the agreement.
+    partnerProfileId :: Prelude.Text,
+    -- | The landing directory (folder) for files transferred by using the AS2
+    -- protocol.
+    --
+    -- A @BaseDirectory@ example is
+    -- /DOC-EXAMPLE-BUCKET/\//home/\//mydirectory/.
+    baseDirectory :: Prelude.Text,
+    -- | With AS2, you can send files by calling @StartFileTransfer@ and
+    -- specifying the file paths in the request parameter, @SendFilePaths@. We
+    -- use the file’s parent directory (for example, for
+    -- @--send-file-paths \/bucket\/dir\/file.txt@, parent directory is
+    -- @\/bucket\/dir\/@) to temporarily store a processed AS2 message file,
+    -- store the MDN when we receive them from the partner, and write a final
+    -- JSON file containing relevant metadata of the transmission. So, the
+    -- @AccessRole@ needs to provide read and write access to the parent
+    -- directory of the file location used in the @StartFileTransfer@ request.
+    -- Additionally, you need to provide read and write access to the parent
+    -- directory of the files that you intend to send with @StartFileTransfer@.
+    accessRole :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateAgreement' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'description', 'createAgreement_description' - A name or short description to identify the agreement.
+--
+-- 'status', 'createAgreement_status' - The status of the agreement. The agreement can be either @ACTIVE@ or
+-- @INACTIVE@.
+--
+-- 'tags', 'createAgreement_tags' - Key-value pairs that can be used to group and search for agreements.
+--
+-- 'serverId', 'createAgreement_serverId' - A system-assigned unique identifier for a server instance. This is the
+-- specific server that the agreement uses.
+--
+-- 'localProfileId', 'createAgreement_localProfileId' - A unique identifier for the AS2 local profile.
+--
+-- 'partnerProfileId', 'createAgreement_partnerProfileId' - A unique identifier for the partner profile used in the agreement.
+--
+-- 'baseDirectory', 'createAgreement_baseDirectory' - The landing directory (folder) for files transferred by using the AS2
+-- protocol.
+--
+-- A @BaseDirectory@ example is
+-- /DOC-EXAMPLE-BUCKET/\//home/\//mydirectory/.
+--
+-- 'accessRole', 'createAgreement_accessRole' - With AS2, you can send files by calling @StartFileTransfer@ and
+-- specifying the file paths in the request parameter, @SendFilePaths@. We
+-- use the file’s parent directory (for example, for
+-- @--send-file-paths \/bucket\/dir\/file.txt@, parent directory is
+-- @\/bucket\/dir\/@) to temporarily store a processed AS2 message file,
+-- store the MDN when we receive them from the partner, and write a final
+-- JSON file containing relevant metadata of the transmission. So, the
+-- @AccessRole@ needs to provide read and write access to the parent
+-- directory of the file location used in the @StartFileTransfer@ request.
+-- Additionally, you need to provide read and write access to the parent
+-- directory of the files that you intend to send with @StartFileTransfer@.
+newCreateAgreement ::
+  -- | 'serverId'
+  Prelude.Text ->
+  -- | 'localProfileId'
+  Prelude.Text ->
+  -- | 'partnerProfileId'
+  Prelude.Text ->
+  -- | 'baseDirectory'
+  Prelude.Text ->
+  -- | 'accessRole'
+  Prelude.Text ->
+  CreateAgreement
+newCreateAgreement
+  pServerId_
+  pLocalProfileId_
+  pPartnerProfileId_
+  pBaseDirectory_
+  pAccessRole_ =
+    CreateAgreement'
+      { description = Prelude.Nothing,
+        status = Prelude.Nothing,
+        tags = Prelude.Nothing,
+        serverId = pServerId_,
+        localProfileId = pLocalProfileId_,
+        partnerProfileId = pPartnerProfileId_,
+        baseDirectory = pBaseDirectory_,
+        accessRole = pAccessRole_
+      }
+
+-- | A name or short description to identify the agreement.
+createAgreement_description :: Lens.Lens' CreateAgreement (Prelude.Maybe Prelude.Text)
+createAgreement_description = Lens.lens (\CreateAgreement' {description} -> description) (\s@CreateAgreement' {} a -> s {description = a} :: CreateAgreement)
+
+-- | The status of the agreement. The agreement can be either @ACTIVE@ or
+-- @INACTIVE@.
+createAgreement_status :: Lens.Lens' CreateAgreement (Prelude.Maybe AgreementStatusType)
+createAgreement_status = Lens.lens (\CreateAgreement' {status} -> status) (\s@CreateAgreement' {} a -> s {status = a} :: CreateAgreement)
+
+-- | Key-value pairs that can be used to group and search for agreements.
+createAgreement_tags :: Lens.Lens' CreateAgreement (Prelude.Maybe (Prelude.NonEmpty Tag))
+createAgreement_tags = Lens.lens (\CreateAgreement' {tags} -> tags) (\s@CreateAgreement' {} a -> s {tags = a} :: CreateAgreement) Prelude.. Lens.mapping Lens.coerced
+
+-- | A system-assigned unique identifier for a server instance. This is the
+-- specific server that the agreement uses.
+createAgreement_serverId :: Lens.Lens' CreateAgreement Prelude.Text
+createAgreement_serverId = Lens.lens (\CreateAgreement' {serverId} -> serverId) (\s@CreateAgreement' {} a -> s {serverId = a} :: CreateAgreement)
+
+-- | A unique identifier for the AS2 local profile.
+createAgreement_localProfileId :: Lens.Lens' CreateAgreement Prelude.Text
+createAgreement_localProfileId = Lens.lens (\CreateAgreement' {localProfileId} -> localProfileId) (\s@CreateAgreement' {} a -> s {localProfileId = a} :: CreateAgreement)
+
+-- | A unique identifier for the partner profile used in the agreement.
+createAgreement_partnerProfileId :: Lens.Lens' CreateAgreement Prelude.Text
+createAgreement_partnerProfileId = Lens.lens (\CreateAgreement' {partnerProfileId} -> partnerProfileId) (\s@CreateAgreement' {} a -> s {partnerProfileId = a} :: CreateAgreement)
+
+-- | The landing directory (folder) for files transferred by using the AS2
+-- protocol.
+--
+-- A @BaseDirectory@ example is
+-- /DOC-EXAMPLE-BUCKET/\//home/\//mydirectory/.
+createAgreement_baseDirectory :: Lens.Lens' CreateAgreement Prelude.Text
+createAgreement_baseDirectory = Lens.lens (\CreateAgreement' {baseDirectory} -> baseDirectory) (\s@CreateAgreement' {} a -> s {baseDirectory = a} :: CreateAgreement)
+
+-- | With AS2, you can send files by calling @StartFileTransfer@ and
+-- specifying the file paths in the request parameter, @SendFilePaths@. We
+-- use the file’s parent directory (for example, for
+-- @--send-file-paths \/bucket\/dir\/file.txt@, parent directory is
+-- @\/bucket\/dir\/@) to temporarily store a processed AS2 message file,
+-- store the MDN when we receive them from the partner, and write a final
+-- JSON file containing relevant metadata of the transmission. So, the
+-- @AccessRole@ needs to provide read and write access to the parent
+-- directory of the file location used in the @StartFileTransfer@ request.
+-- Additionally, you need to provide read and write access to the parent
+-- directory of the files that you intend to send with @StartFileTransfer@.
+createAgreement_accessRole :: Lens.Lens' CreateAgreement Prelude.Text
+createAgreement_accessRole = Lens.lens (\CreateAgreement' {accessRole} -> accessRole) (\s@CreateAgreement' {} a -> s {accessRole = a} :: CreateAgreement)
+
+instance Core.AWSRequest CreateAgreement where
+  type
+    AWSResponse CreateAgreement =
+      CreateAgreementResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateAgreementResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "AgreementId")
+      )
+
+instance Prelude.Hashable CreateAgreement where
+  hashWithSalt _salt CreateAgreement' {..} =
+    _salt
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` status
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` serverId
+      `Prelude.hashWithSalt` localProfileId
+      `Prelude.hashWithSalt` partnerProfileId
+      `Prelude.hashWithSalt` baseDirectory
+      `Prelude.hashWithSalt` accessRole
+
+instance Prelude.NFData CreateAgreement where
+  rnf CreateAgreement' {..} =
+    Prelude.rnf description
+      `Prelude.seq` Prelude.rnf status
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf localProfileId
+      `Prelude.seq` Prelude.rnf partnerProfileId
+      `Prelude.seq` Prelude.rnf baseDirectory
+      `Prelude.seq` Prelude.rnf accessRole
+
+instance Data.ToHeaders CreateAgreement where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.CreateAgreement" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON CreateAgreement where
+  toJSON CreateAgreement' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("Description" Data..=) Prelude.<$> description,
+            ("Status" Data..=) Prelude.<$> status,
+            ("Tags" Data..=) Prelude.<$> tags,
+            Prelude.Just ("ServerId" Data..= serverId),
+            Prelude.Just
+              ("LocalProfileId" Data..= localProfileId),
+            Prelude.Just
+              ("PartnerProfileId" Data..= partnerProfileId),
+            Prelude.Just ("BaseDirectory" Data..= baseDirectory),
+            Prelude.Just ("AccessRole" Data..= accessRole)
+          ]
+      )
+
+instance Data.ToPath CreateAgreement where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery CreateAgreement where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateAgreementResponse' smart constructor.
+data CreateAgreementResponse = CreateAgreementResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The unique identifier for the agreement. Use this ID for deleting, or
+    -- updating an agreement, as well as in any other API calls that require
+    -- that you specify the agreement ID.
+    agreementId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateAgreementResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'createAgreementResponse_httpStatus' - The response's http status code.
+--
+-- 'agreementId', 'createAgreementResponse_agreementId' - The unique identifier for the agreement. Use this ID for deleting, or
+-- updating an agreement, as well as in any other API calls that require
+-- that you specify the agreement ID.
+newCreateAgreementResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'agreementId'
+  Prelude.Text ->
+  CreateAgreementResponse
+newCreateAgreementResponse pHttpStatus_ pAgreementId_ =
+  CreateAgreementResponse'
+    { httpStatus = pHttpStatus_,
+      agreementId = pAgreementId_
+    }
+
+-- | The response's http status code.
+createAgreementResponse_httpStatus :: Lens.Lens' CreateAgreementResponse Prelude.Int
+createAgreementResponse_httpStatus = Lens.lens (\CreateAgreementResponse' {httpStatus} -> httpStatus) (\s@CreateAgreementResponse' {} a -> s {httpStatus = a} :: CreateAgreementResponse)
+
+-- | The unique identifier for the agreement. Use this ID for deleting, or
+-- updating an agreement, as well as in any other API calls that require
+-- that you specify the agreement ID.
+createAgreementResponse_agreementId :: Lens.Lens' CreateAgreementResponse Prelude.Text
+createAgreementResponse_agreementId = Lens.lens (\CreateAgreementResponse' {agreementId} -> agreementId) (\s@CreateAgreementResponse' {} a -> s {agreementId = a} :: CreateAgreementResponse)
+
+instance Prelude.NFData CreateAgreementResponse where
+  rnf CreateAgreementResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf agreementId
diff --git a/gen/Amazonka/Transfer/CreateConnector.hs b/gen/Amazonka/Transfer/CreateConnector.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/CreateConnector.hs
@@ -0,0 +1,279 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.CreateConnector
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates the connector, which captures the parameters for an outbound
+-- connection for the AS2 protocol. The connector is required for sending
+-- files to an externally hosted AS2 server. For more details about
+-- connectors, see
+-- <https://docs.aws.amazon.com/transfer/latest/userguide/create-b2b-server.html#configure-as2-connector Create AS2 connectors>.
+module Amazonka.Transfer.CreateConnector
+  ( -- * Creating a Request
+    CreateConnector (..),
+    newCreateConnector,
+
+    -- * Request Lenses
+    createConnector_loggingRole,
+    createConnector_tags,
+    createConnector_url,
+    createConnector_as2Config,
+    createConnector_accessRole,
+
+    -- * Destructuring the Response
+    CreateConnectorResponse (..),
+    newCreateConnectorResponse,
+
+    -- * Response Lenses
+    createConnectorResponse_httpStatus,
+    createConnectorResponse_connectorId,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newCreateConnector' smart constructor.
+data CreateConnector = CreateConnector'
+  { -- | The Amazon Resource Name (ARN) of the Identity and Access Management
+    -- (IAM) role that allows a connector to turn on CloudWatch logging for
+    -- Amazon S3 events. When set, you can view connector activity in your
+    -- CloudWatch logs.
+    loggingRole :: Prelude.Maybe Prelude.Text,
+    -- | Key-value pairs that can be used to group and search for connectors.
+    -- Tags are metadata attached to connectors for any purpose.
+    tags :: Prelude.Maybe (Prelude.NonEmpty Tag),
+    -- | The URL of the partner\'s AS2 endpoint.
+    url :: Prelude.Text,
+    -- | A structure that contains the parameters for a connector object.
+    as2Config :: As2ConnectorConfig,
+    -- | With AS2, you can send files by calling @StartFileTransfer@ and
+    -- specifying the file paths in the request parameter, @SendFilePaths@. We
+    -- use the file’s parent directory (for example, for
+    -- @--send-file-paths \/bucket\/dir\/file.txt@, parent directory is
+    -- @\/bucket\/dir\/@) to temporarily store a processed AS2 message file,
+    -- store the MDN when we receive them from the partner, and write a final
+    -- JSON file containing relevant metadata of the transmission. So, the
+    -- @AccessRole@ needs to provide read and write access to the parent
+    -- directory of the file location used in the @StartFileTransfer@ request.
+    -- Additionally, you need to provide read and write access to the parent
+    -- directory of the files that you intend to send with @StartFileTransfer@.
+    accessRole :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateConnector' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'loggingRole', 'createConnector_loggingRole' - The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that allows a connector to turn on CloudWatch logging for
+-- Amazon S3 events. When set, you can view connector activity in your
+-- CloudWatch logs.
+--
+-- 'tags', 'createConnector_tags' - Key-value pairs that can be used to group and search for connectors.
+-- Tags are metadata attached to connectors for any purpose.
+--
+-- 'url', 'createConnector_url' - The URL of the partner\'s AS2 endpoint.
+--
+-- 'as2Config', 'createConnector_as2Config' - A structure that contains the parameters for a connector object.
+--
+-- 'accessRole', 'createConnector_accessRole' - With AS2, you can send files by calling @StartFileTransfer@ and
+-- specifying the file paths in the request parameter, @SendFilePaths@. We
+-- use the file’s parent directory (for example, for
+-- @--send-file-paths \/bucket\/dir\/file.txt@, parent directory is
+-- @\/bucket\/dir\/@) to temporarily store a processed AS2 message file,
+-- store the MDN when we receive them from the partner, and write a final
+-- JSON file containing relevant metadata of the transmission. So, the
+-- @AccessRole@ needs to provide read and write access to the parent
+-- directory of the file location used in the @StartFileTransfer@ request.
+-- Additionally, you need to provide read and write access to the parent
+-- directory of the files that you intend to send with @StartFileTransfer@.
+newCreateConnector ::
+  -- | 'url'
+  Prelude.Text ->
+  -- | 'as2Config'
+  As2ConnectorConfig ->
+  -- | 'accessRole'
+  Prelude.Text ->
+  CreateConnector
+newCreateConnector pUrl_ pAs2Config_ pAccessRole_ =
+  CreateConnector'
+    { loggingRole = Prelude.Nothing,
+      tags = Prelude.Nothing,
+      url = pUrl_,
+      as2Config = pAs2Config_,
+      accessRole = pAccessRole_
+    }
+
+-- | The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that allows a connector to turn on CloudWatch logging for
+-- Amazon S3 events. When set, you can view connector activity in your
+-- CloudWatch logs.
+createConnector_loggingRole :: Lens.Lens' CreateConnector (Prelude.Maybe Prelude.Text)
+createConnector_loggingRole = Lens.lens (\CreateConnector' {loggingRole} -> loggingRole) (\s@CreateConnector' {} a -> s {loggingRole = a} :: CreateConnector)
+
+-- | Key-value pairs that can be used to group and search for connectors.
+-- Tags are metadata attached to connectors for any purpose.
+createConnector_tags :: Lens.Lens' CreateConnector (Prelude.Maybe (Prelude.NonEmpty Tag))
+createConnector_tags = Lens.lens (\CreateConnector' {tags} -> tags) (\s@CreateConnector' {} a -> s {tags = a} :: CreateConnector) Prelude.. Lens.mapping Lens.coerced
+
+-- | The URL of the partner\'s AS2 endpoint.
+createConnector_url :: Lens.Lens' CreateConnector Prelude.Text
+createConnector_url = Lens.lens (\CreateConnector' {url} -> url) (\s@CreateConnector' {} a -> s {url = a} :: CreateConnector)
+
+-- | A structure that contains the parameters for a connector object.
+createConnector_as2Config :: Lens.Lens' CreateConnector As2ConnectorConfig
+createConnector_as2Config = Lens.lens (\CreateConnector' {as2Config} -> as2Config) (\s@CreateConnector' {} a -> s {as2Config = a} :: CreateConnector)
+
+-- | With AS2, you can send files by calling @StartFileTransfer@ and
+-- specifying the file paths in the request parameter, @SendFilePaths@. We
+-- use the file’s parent directory (for example, for
+-- @--send-file-paths \/bucket\/dir\/file.txt@, parent directory is
+-- @\/bucket\/dir\/@) to temporarily store a processed AS2 message file,
+-- store the MDN when we receive them from the partner, and write a final
+-- JSON file containing relevant metadata of the transmission. So, the
+-- @AccessRole@ needs to provide read and write access to the parent
+-- directory of the file location used in the @StartFileTransfer@ request.
+-- Additionally, you need to provide read and write access to the parent
+-- directory of the files that you intend to send with @StartFileTransfer@.
+createConnector_accessRole :: Lens.Lens' CreateConnector Prelude.Text
+createConnector_accessRole = Lens.lens (\CreateConnector' {accessRole} -> accessRole) (\s@CreateConnector' {} a -> s {accessRole = a} :: CreateConnector)
+
+instance Core.AWSRequest CreateConnector where
+  type
+    AWSResponse CreateConnector =
+      CreateConnectorResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateConnectorResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "ConnectorId")
+      )
+
+instance Prelude.Hashable CreateConnector where
+  hashWithSalt _salt CreateConnector' {..} =
+    _salt
+      `Prelude.hashWithSalt` loggingRole
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` url
+      `Prelude.hashWithSalt` as2Config
+      `Prelude.hashWithSalt` accessRole
+
+instance Prelude.NFData CreateConnector where
+  rnf CreateConnector' {..} =
+    Prelude.rnf loggingRole
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf url
+      `Prelude.seq` Prelude.rnf as2Config
+      `Prelude.seq` Prelude.rnf accessRole
+
+instance Data.ToHeaders CreateConnector where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.CreateConnector" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON CreateConnector where
+  toJSON CreateConnector' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("LoggingRole" Data..=) Prelude.<$> loggingRole,
+            ("Tags" Data..=) Prelude.<$> tags,
+            Prelude.Just ("Url" Data..= url),
+            Prelude.Just ("As2Config" Data..= as2Config),
+            Prelude.Just ("AccessRole" Data..= accessRole)
+          ]
+      )
+
+instance Data.ToPath CreateConnector where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery CreateConnector where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateConnectorResponse' smart constructor.
+data CreateConnectorResponse = CreateConnectorResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The unique identifier for the connector, returned after the API call
+    -- succeeds.
+    connectorId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateConnectorResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'createConnectorResponse_httpStatus' - The response's http status code.
+--
+-- 'connectorId', 'createConnectorResponse_connectorId' - The unique identifier for the connector, returned after the API call
+-- succeeds.
+newCreateConnectorResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'connectorId'
+  Prelude.Text ->
+  CreateConnectorResponse
+newCreateConnectorResponse pHttpStatus_ pConnectorId_ =
+  CreateConnectorResponse'
+    { httpStatus = pHttpStatus_,
+      connectorId = pConnectorId_
+    }
+
+-- | The response's http status code.
+createConnectorResponse_httpStatus :: Lens.Lens' CreateConnectorResponse Prelude.Int
+createConnectorResponse_httpStatus = Lens.lens (\CreateConnectorResponse' {httpStatus} -> httpStatus) (\s@CreateConnectorResponse' {} a -> s {httpStatus = a} :: CreateConnectorResponse)
+
+-- | The unique identifier for the connector, returned after the API call
+-- succeeds.
+createConnectorResponse_connectorId :: Lens.Lens' CreateConnectorResponse Prelude.Text
+createConnectorResponse_connectorId = Lens.lens (\CreateConnectorResponse' {connectorId} -> connectorId) (\s@CreateConnectorResponse' {} a -> s {connectorId = a} :: CreateConnectorResponse)
+
+instance Prelude.NFData CreateConnectorResponse where
+  rnf CreateConnectorResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf connectorId
diff --git a/gen/Amazonka/Transfer/CreateProfile.hs b/gen/Amazonka/Transfer/CreateProfile.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/CreateProfile.hs
@@ -0,0 +1,258 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.CreateProfile
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates the local or partner profile to use for AS2 transfers.
+module Amazonka.Transfer.CreateProfile
+  ( -- * Creating a Request
+    CreateProfile (..),
+    newCreateProfile,
+
+    -- * Request Lenses
+    createProfile_certificateIds,
+    createProfile_tags,
+    createProfile_as2Id,
+    createProfile_profileType,
+
+    -- * Destructuring the Response
+    CreateProfileResponse (..),
+    newCreateProfileResponse,
+
+    -- * Response Lenses
+    createProfileResponse_httpStatus,
+    createProfileResponse_profileId,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newCreateProfile' smart constructor.
+data CreateProfile = CreateProfile'
+  { -- | An array of identifiers for the imported certificates. You use this
+    -- identifier for working with profiles and partner profiles.
+    certificateIds :: Prelude.Maybe [Prelude.Text],
+    -- | Key-value pairs that can be used to group and search for AS2 profiles.
+    tags :: Prelude.Maybe (Prelude.NonEmpty Tag),
+    -- | The @As2Id@ is the /AS2-name/, as defined in the
+    -- <https://datatracker.ietf.org/doc/html/rfc4130 RFC 4130>. For inbound
+    -- transfers, this is the @AS2-From@ header for the AS2 messages sent from
+    -- the partner. For outbound connectors, this is the @AS2-To@ header for
+    -- the AS2 messages sent to the partner using the @StartFileTransfer@ API
+    -- operation. This ID cannot include spaces.
+    as2Id :: Prelude.Text,
+    -- | Determines the type of profile to create:
+    --
+    -- -   Specify @LOCAL@ to create a local profile. A local profile
+    --     represents the AS2-enabled Transfer Family server organization or
+    --     party.
+    --
+    -- -   Specify @PARTNER@ to create a partner profile. A partner profile
+    --     represents a remote organization, external to Transfer Family.
+    profileType :: ProfileType
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateProfile' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificateIds', 'createProfile_certificateIds' - An array of identifiers for the imported certificates. You use this
+-- identifier for working with profiles and partner profiles.
+--
+-- 'tags', 'createProfile_tags' - Key-value pairs that can be used to group and search for AS2 profiles.
+--
+-- 'as2Id', 'createProfile_as2Id' - The @As2Id@ is the /AS2-name/, as defined in the
+-- <https://datatracker.ietf.org/doc/html/rfc4130 RFC 4130>. For inbound
+-- transfers, this is the @AS2-From@ header for the AS2 messages sent from
+-- the partner. For outbound connectors, this is the @AS2-To@ header for
+-- the AS2 messages sent to the partner using the @StartFileTransfer@ API
+-- operation. This ID cannot include spaces.
+--
+-- 'profileType', 'createProfile_profileType' - Determines the type of profile to create:
+--
+-- -   Specify @LOCAL@ to create a local profile. A local profile
+--     represents the AS2-enabled Transfer Family server organization or
+--     party.
+--
+-- -   Specify @PARTNER@ to create a partner profile. A partner profile
+--     represents a remote organization, external to Transfer Family.
+newCreateProfile ::
+  -- | 'as2Id'
+  Prelude.Text ->
+  -- | 'profileType'
+  ProfileType ->
+  CreateProfile
+newCreateProfile pAs2Id_ pProfileType_ =
+  CreateProfile'
+    { certificateIds = Prelude.Nothing,
+      tags = Prelude.Nothing,
+      as2Id = pAs2Id_,
+      profileType = pProfileType_
+    }
+
+-- | An array of identifiers for the imported certificates. You use this
+-- identifier for working with profiles and partner profiles.
+createProfile_certificateIds :: Lens.Lens' CreateProfile (Prelude.Maybe [Prelude.Text])
+createProfile_certificateIds = Lens.lens (\CreateProfile' {certificateIds} -> certificateIds) (\s@CreateProfile' {} a -> s {certificateIds = a} :: CreateProfile) Prelude.. Lens.mapping Lens.coerced
+
+-- | Key-value pairs that can be used to group and search for AS2 profiles.
+createProfile_tags :: Lens.Lens' CreateProfile (Prelude.Maybe (Prelude.NonEmpty Tag))
+createProfile_tags = Lens.lens (\CreateProfile' {tags} -> tags) (\s@CreateProfile' {} a -> s {tags = a} :: CreateProfile) Prelude.. Lens.mapping Lens.coerced
+
+-- | The @As2Id@ is the /AS2-name/, as defined in the
+-- <https://datatracker.ietf.org/doc/html/rfc4130 RFC 4130>. For inbound
+-- transfers, this is the @AS2-From@ header for the AS2 messages sent from
+-- the partner. For outbound connectors, this is the @AS2-To@ header for
+-- the AS2 messages sent to the partner using the @StartFileTransfer@ API
+-- operation. This ID cannot include spaces.
+createProfile_as2Id :: Lens.Lens' CreateProfile Prelude.Text
+createProfile_as2Id = Lens.lens (\CreateProfile' {as2Id} -> as2Id) (\s@CreateProfile' {} a -> s {as2Id = a} :: CreateProfile)
+
+-- | Determines the type of profile to create:
+--
+-- -   Specify @LOCAL@ to create a local profile. A local profile
+--     represents the AS2-enabled Transfer Family server organization or
+--     party.
+--
+-- -   Specify @PARTNER@ to create a partner profile. A partner profile
+--     represents a remote organization, external to Transfer Family.
+createProfile_profileType :: Lens.Lens' CreateProfile ProfileType
+createProfile_profileType = Lens.lens (\CreateProfile' {profileType} -> profileType) (\s@CreateProfile' {} a -> s {profileType = a} :: CreateProfile)
+
+instance Core.AWSRequest CreateProfile where
+  type
+    AWSResponse CreateProfile =
+      CreateProfileResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateProfileResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "ProfileId")
+      )
+
+instance Prelude.Hashable CreateProfile where
+  hashWithSalt _salt CreateProfile' {..} =
+    _salt
+      `Prelude.hashWithSalt` certificateIds
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` as2Id
+      `Prelude.hashWithSalt` profileType
+
+instance Prelude.NFData CreateProfile where
+  rnf CreateProfile' {..} =
+    Prelude.rnf certificateIds
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf as2Id
+      `Prelude.seq` Prelude.rnf profileType
+
+instance Data.ToHeaders CreateProfile where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.CreateProfile" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON CreateProfile where
+  toJSON CreateProfile' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("CertificateIds" Data..=)
+              Prelude.<$> certificateIds,
+            ("Tags" Data..=) Prelude.<$> tags,
+            Prelude.Just ("As2Id" Data..= as2Id),
+            Prelude.Just ("ProfileType" Data..= profileType)
+          ]
+      )
+
+instance Data.ToPath CreateProfile where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery CreateProfile where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateProfileResponse' smart constructor.
+data CreateProfileResponse = CreateProfileResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The unique identifier for the AS2 profile, returned after the API call
+    -- succeeds.
+    profileId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateProfileResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'createProfileResponse_httpStatus' - The response's http status code.
+--
+-- 'profileId', 'createProfileResponse_profileId' - The unique identifier for the AS2 profile, returned after the API call
+-- succeeds.
+newCreateProfileResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'profileId'
+  Prelude.Text ->
+  CreateProfileResponse
+newCreateProfileResponse pHttpStatus_ pProfileId_ =
+  CreateProfileResponse'
+    { httpStatus = pHttpStatus_,
+      profileId = pProfileId_
+    }
+
+-- | The response's http status code.
+createProfileResponse_httpStatus :: Lens.Lens' CreateProfileResponse Prelude.Int
+createProfileResponse_httpStatus = Lens.lens (\CreateProfileResponse' {httpStatus} -> httpStatus) (\s@CreateProfileResponse' {} a -> s {httpStatus = a} :: CreateProfileResponse)
+
+-- | The unique identifier for the AS2 profile, returned after the API call
+-- succeeds.
+createProfileResponse_profileId :: Lens.Lens' CreateProfileResponse Prelude.Text
+createProfileResponse_profileId = Lens.lens (\CreateProfileResponse' {profileId} -> profileId) (\s@CreateProfileResponse' {} a -> s {profileId = a} :: CreateProfileResponse)
+
+instance Prelude.NFData CreateProfileResponse where
+  rnf CreateProfileResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf profileId
diff --git a/gen/Amazonka/Transfer/CreateServer.hs b/gen/Amazonka/Transfer/CreateServer.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/CreateServer.hs
@@ -0,0 +1,916 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.CreateServer
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Instantiates an auto-scaling virtual server based on the selected file
+-- transfer protocol in Amazon Web Services. When you make updates to your
+-- file transfer protocol-enabled server or when you work with users, use
+-- the service-generated @ServerId@ property that is assigned to the newly
+-- created server.
+module Amazonka.Transfer.CreateServer
+  ( -- * Creating a Request
+    CreateServer (..),
+    newCreateServer,
+
+    -- * Request Lenses
+    createServer_certificate,
+    createServer_domain,
+    createServer_endpointDetails,
+    createServer_endpointType,
+    createServer_hostKey,
+    createServer_identityProviderDetails,
+    createServer_identityProviderType,
+    createServer_loggingRole,
+    createServer_postAuthenticationLoginBanner,
+    createServer_preAuthenticationLoginBanner,
+    createServer_protocolDetails,
+    createServer_protocols,
+    createServer_securityPolicyName,
+    createServer_tags,
+    createServer_workflowDetails,
+
+    -- * Destructuring the Response
+    CreateServerResponse (..),
+    newCreateServerResponse,
+
+    -- * Response Lenses
+    createServerResponse_httpStatus,
+    createServerResponse_serverId,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newCreateServer' smart constructor.
+data CreateServer = CreateServer'
+  { -- | The Amazon Resource Name (ARN) of the Certificate Manager (ACM)
+    -- certificate. Required when @Protocols@ is set to @FTPS@.
+    --
+    -- To request a new public certificate, see
+    -- <https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html Request a public certificate>
+    -- in the /Certificate Manager User Guide/.
+    --
+    -- To import an existing certificate into ACM, see
+    -- <https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html Importing certificates into ACM>
+    -- in the /Certificate Manager User Guide/.
+    --
+    -- To request a private certificate to use FTPS through private IP
+    -- addresses, see
+    -- <https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html Request a private certificate>
+    -- in the /Certificate Manager User Guide/.
+    --
+    -- Certificates with the following cryptographic algorithms and key sizes
+    -- are supported:
+    --
+    -- -   2048-bit RSA (RSA_2048)
+    --
+    -- -   4096-bit RSA (RSA_4096)
+    --
+    -- -   Elliptic Prime Curve 256 bit (EC_prime256v1)
+    --
+    -- -   Elliptic Prime Curve 384 bit (EC_secp384r1)
+    --
+    -- -   Elliptic Prime Curve 521 bit (EC_secp521r1)
+    --
+    -- The certificate must be a valid SSL\/TLS X.509 version 3 certificate
+    -- with FQDN or IP address specified and information about the issuer.
+    certificate :: Prelude.Maybe Prelude.Text,
+    -- | The domain of the storage system that is used for file transfers. There
+    -- are two domains available: Amazon Simple Storage Service (Amazon S3) and
+    -- Amazon Elastic File System (Amazon EFS). The default value is S3.
+    --
+    -- After the server is created, the domain cannot be changed.
+    domain :: Prelude.Maybe Domain,
+    -- | The virtual private cloud (VPC) endpoint settings that are configured
+    -- for your server. When you host your endpoint within your VPC, you can
+    -- make your endpoint accessible only to resources within your VPC, or you
+    -- can attach Elastic IP addresses and make your endpoint accessible to
+    -- clients over the internet. Your VPC\'s default security groups are
+    -- automatically assigned to your endpoint.
+    endpointDetails :: Prelude.Maybe EndpointDetails,
+    -- | The type of endpoint that you want your server to use. You can choose to
+    -- make your server\'s endpoint publicly accessible (PUBLIC) or host it
+    -- inside your VPC. With an endpoint that is hosted in a VPC, you can
+    -- restrict access to your server and resources only within your VPC or
+    -- choose to make it internet facing by attaching Elastic IP addresses
+    -- directly to it.
+    --
+    -- After May 19, 2021, you won\'t be able to create a server using
+    -- @EndpointType=VPC_ENDPOINT@ in your Amazon Web Services account if your
+    -- account hasn\'t already done so before May 19, 2021. If you have already
+    -- created servers with @EndpointType=VPC_ENDPOINT@ in your Amazon Web
+    -- Services account on or before May 19, 2021, you will not be affected.
+    -- After this date, use @EndpointType@=@VPC@.
+    --
+    -- For more information, see
+    -- https:\/\/docs.aws.amazon.com\/transfer\/latest\/userguide\/create-server-in-vpc.html#deprecate-vpc-endpoint.
+    --
+    -- It is recommended that you use @VPC@ as the @EndpointType@. With this
+    -- endpoint type, you have the option to directly associate up to three
+    -- Elastic IPv4 addresses (BYO IP included) with your server\'s endpoint
+    -- and use VPC security groups to restrict traffic by the client\'s public
+    -- IP address. This is not possible with @EndpointType@ set to
+    -- @VPC_ENDPOINT@.
+    endpointType :: Prelude.Maybe EndpointType,
+    -- | The RSA, ECDSA, or ED25519 private key to use for your SFTP-enabled
+    -- server. You can add multiple host keys, in case you want to rotate keys,
+    -- or have a set of active keys that use different algorithms.
+    --
+    -- Use the following command to generate an RSA 2048 bit key with no
+    -- passphrase:
+    --
+    -- @ssh-keygen -t rsa -b 2048 -N \"\" -m PEM -f my-new-server-key@.
+    --
+    -- Use a minimum value of 2048 for the @-b@ option. You can create a
+    -- stronger key by using 3072 or 4096.
+    --
+    -- Use the following command to generate an ECDSA 256 bit key with no
+    -- passphrase:
+    --
+    -- @ssh-keygen -t ecdsa -b 256 -N \"\" -m PEM -f my-new-server-key@.
+    --
+    -- Valid values for the @-b@ option for ECDSA are 256, 384, and 521.
+    --
+    -- Use the following command to generate an ED25519 key with no passphrase:
+    --
+    -- @ssh-keygen -t ed25519 -N \"\" -f my-new-server-key@.
+    --
+    -- For all of these commands, you can replace /my-new-server-key/ with a
+    -- string of your choice.
+    --
+    -- If you aren\'t planning to migrate existing users from an existing
+    -- SFTP-enabled server to a new server, don\'t update the host key.
+    -- Accidentally changing a server\'s host key can be disruptive.
+    --
+    -- For more information, see
+    -- <https://docs.aws.amazon.com/transfer/latest/userguide/edit-server-config.html#configuring-servers-change-host-key Update host keys for your SFTP-enabled server>
+    -- in the /Transfer Family User Guide/.
+    hostKey :: Prelude.Maybe (Data.Sensitive Prelude.Text),
+    -- | Required when @IdentityProviderType@ is set to @AWS_DIRECTORY_SERVICE@
+    -- or @API_GATEWAY@. Accepts an array containing all of the information
+    -- required to use a directory in @AWS_DIRECTORY_SERVICE@ or invoke a
+    -- customer-supplied authentication API, including the API Gateway URL. Not
+    -- required when @IdentityProviderType@ is set to @SERVICE_MANAGED@.
+    identityProviderDetails :: Prelude.Maybe IdentityProviderDetails,
+    -- | The mode of authentication for a server. The default value is
+    -- @SERVICE_MANAGED@, which allows you to store and access user credentials
+    -- within the Transfer Family service.
+    --
+    -- Use @AWS_DIRECTORY_SERVICE@ to provide access to Active Directory groups
+    -- in Directory Service for Microsoft Active Directory or Microsoft Active
+    -- Directory in your on-premises environment or in Amazon Web Services
+    -- using AD Connector. This option also requires you to provide a Directory
+    -- ID by using the @IdentityProviderDetails@ parameter.
+    --
+    -- Use the @API_GATEWAY@ value to integrate with an identity provider of
+    -- your choosing. The @API_GATEWAY@ setting requires you to provide an
+    -- Amazon API Gateway endpoint URL to call for authentication by using the
+    -- @IdentityProviderDetails@ parameter.
+    --
+    -- Use the @AWS_LAMBDA@ value to directly use an Lambda function as your
+    -- identity provider. If you choose this value, you must specify the ARN
+    -- for the Lambda function in the @Function@ parameter or the
+    -- @IdentityProviderDetails@ data type.
+    identityProviderType :: Prelude.Maybe IdentityProviderType,
+    -- | The Amazon Resource Name (ARN) of the Identity and Access Management
+    -- (IAM) role that allows a server to turn on Amazon CloudWatch logging for
+    -- Amazon S3 or Amazon EFSevents. When set, you can view user activity in
+    -- your CloudWatch logs.
+    loggingRole :: Prelude.Maybe Prelude.Text,
+    -- | Specifies a string to display when users connect to a server. This
+    -- string is displayed after the user authenticates.
+    --
+    -- The SFTP protocol does not support post-authentication display banners.
+    postAuthenticationLoginBanner :: Prelude.Maybe Prelude.Text,
+    -- | Specifies a string to display when users connect to a server. This
+    -- string is displayed before the user authenticates. For example, the
+    -- following banner displays details about using the system:
+    --
+    -- @This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.@
+    preAuthenticationLoginBanner :: Prelude.Maybe Prelude.Text,
+    -- | The protocol settings that are configured for your server.
+    --
+    -- -   To indicate passive mode (for FTP and FTPS protocols), use the
+    --     @PassiveIp@ parameter. Enter a single dotted-quad IPv4 address, such
+    --     as the external IP address of a firewall, router, or load balancer.
+    --
+    -- -   To ignore the error that is generated when the client attempts to
+    --     use the @SETSTAT@ command on a file that you are uploading to an
+    --     Amazon S3 bucket, use the @SetStatOption@ parameter. To have the
+    --     Transfer Family server ignore the @SETSTAT@ command and upload files
+    --     without needing to make any changes to your SFTP client, set the
+    --     value to @ENABLE_NO_OP@. If you set the @SetStatOption@ parameter to
+    --     @ENABLE_NO_OP@, Transfer Family generates a log entry to Amazon
+    --     CloudWatch Logs, so that you can determine when the client is making
+    --     a @SETSTAT@ call.
+    --
+    -- -   To determine whether your Transfer Family server resumes recent,
+    --     negotiated sessions through a unique session ID, use the
+    --     @TlsSessionResumptionMode@ parameter.
+    --
+    -- -   @As2Transports@ indicates the transport method for the AS2 messages.
+    --     Currently, only HTTP is supported.
+    protocolDetails :: Prelude.Maybe ProtocolDetails,
+    -- | Specifies the file transfer protocol or protocols over which your file
+    -- transfer protocol client can connect to your server\'s endpoint. The
+    -- available protocols are:
+    --
+    -- -   @SFTP@ (Secure Shell (SSH) File Transfer Protocol): File transfer
+    --     over SSH
+    --
+    -- -   @FTPS@ (File Transfer Protocol Secure): File transfer with TLS
+    --     encryption
+    --
+    -- -   @FTP@ (File Transfer Protocol): Unencrypted file transfer
+    --
+    -- -   @AS2@ (Applicability Statement 2): used for transporting structured
+    --     business-to-business data
+    --
+    -- -   If you select @FTPS@, you must choose a certificate stored in
+    --     Certificate Manager (ACM) which is used to identify your server when
+    --     clients connect to it over FTPS.
+    --
+    -- -   If @Protocol@ includes either @FTP@ or @FTPS@, then the
+    --     @EndpointType@ must be @VPC@ and the @IdentityProviderType@ must be
+    --     @AWS_DIRECTORY_SERVICE@ or @API_GATEWAY@.
+    --
+    -- -   If @Protocol@ includes @FTP@, then @AddressAllocationIds@ cannot be
+    --     associated.
+    --
+    -- -   If @Protocol@ is set only to @SFTP@, the @EndpointType@ can be set
+    --     to @PUBLIC@ and the @IdentityProviderType@ can be set to
+    --     @SERVICE_MANAGED@.
+    --
+    -- -   If @Protocol@ includes @AS2@, then the @EndpointType@ must be @VPC@,
+    --     and domain must be Amazon S3.
+    protocols :: Prelude.Maybe (Prelude.NonEmpty Protocol),
+    -- | Specifies the name of the security policy that is attached to the
+    -- server.
+    securityPolicyName :: Prelude.Maybe Prelude.Text,
+    -- | Key-value pairs that can be used to group and search for servers.
+    tags :: Prelude.Maybe (Prelude.NonEmpty Tag),
+    -- | Specifies the workflow ID for the workflow to assign and the execution
+    -- role that\'s used for executing the workflow.
+    --
+    -- In additon to a workflow to execute when a file is uploaded completely,
+    -- @WorkflowDeatails@ can also contain a workflow ID (and execution role)
+    -- for a workflow to execute on partial upload. A partial upload occurs
+    -- when a file is open when the session disconnects.
+    workflowDetails :: Prelude.Maybe WorkflowDetails
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateServer' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificate', 'createServer_certificate' - The Amazon Resource Name (ARN) of the Certificate Manager (ACM)
+-- certificate. Required when @Protocols@ is set to @FTPS@.
+--
+-- To request a new public certificate, see
+-- <https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html Request a public certificate>
+-- in the /Certificate Manager User Guide/.
+--
+-- To import an existing certificate into ACM, see
+-- <https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html Importing certificates into ACM>
+-- in the /Certificate Manager User Guide/.
+--
+-- To request a private certificate to use FTPS through private IP
+-- addresses, see
+-- <https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html Request a private certificate>
+-- in the /Certificate Manager User Guide/.
+--
+-- Certificates with the following cryptographic algorithms and key sizes
+-- are supported:
+--
+-- -   2048-bit RSA (RSA_2048)
+--
+-- -   4096-bit RSA (RSA_4096)
+--
+-- -   Elliptic Prime Curve 256 bit (EC_prime256v1)
+--
+-- -   Elliptic Prime Curve 384 bit (EC_secp384r1)
+--
+-- -   Elliptic Prime Curve 521 bit (EC_secp521r1)
+--
+-- The certificate must be a valid SSL\/TLS X.509 version 3 certificate
+-- with FQDN or IP address specified and information about the issuer.
+--
+-- 'domain', 'createServer_domain' - The domain of the storage system that is used for file transfers. There
+-- are two domains available: Amazon Simple Storage Service (Amazon S3) and
+-- Amazon Elastic File System (Amazon EFS). The default value is S3.
+--
+-- After the server is created, the domain cannot be changed.
+--
+-- 'endpointDetails', 'createServer_endpointDetails' - The virtual private cloud (VPC) endpoint settings that are configured
+-- for your server. When you host your endpoint within your VPC, you can
+-- make your endpoint accessible only to resources within your VPC, or you
+-- can attach Elastic IP addresses and make your endpoint accessible to
+-- clients over the internet. Your VPC\'s default security groups are
+-- automatically assigned to your endpoint.
+--
+-- 'endpointType', 'createServer_endpointType' - The type of endpoint that you want your server to use. You can choose to
+-- make your server\'s endpoint publicly accessible (PUBLIC) or host it
+-- inside your VPC. With an endpoint that is hosted in a VPC, you can
+-- restrict access to your server and resources only within your VPC or
+-- choose to make it internet facing by attaching Elastic IP addresses
+-- directly to it.
+--
+-- After May 19, 2021, you won\'t be able to create a server using
+-- @EndpointType=VPC_ENDPOINT@ in your Amazon Web Services account if your
+-- account hasn\'t already done so before May 19, 2021. If you have already
+-- created servers with @EndpointType=VPC_ENDPOINT@ in your Amazon Web
+-- Services account on or before May 19, 2021, you will not be affected.
+-- After this date, use @EndpointType@=@VPC@.
+--
+-- For more information, see
+-- https:\/\/docs.aws.amazon.com\/transfer\/latest\/userguide\/create-server-in-vpc.html#deprecate-vpc-endpoint.
+--
+-- It is recommended that you use @VPC@ as the @EndpointType@. With this
+-- endpoint type, you have the option to directly associate up to three
+-- Elastic IPv4 addresses (BYO IP included) with your server\'s endpoint
+-- and use VPC security groups to restrict traffic by the client\'s public
+-- IP address. This is not possible with @EndpointType@ set to
+-- @VPC_ENDPOINT@.
+--
+-- 'hostKey', 'createServer_hostKey' - The RSA, ECDSA, or ED25519 private key to use for your SFTP-enabled
+-- server. You can add multiple host keys, in case you want to rotate keys,
+-- or have a set of active keys that use different algorithms.
+--
+-- Use the following command to generate an RSA 2048 bit key with no
+-- passphrase:
+--
+-- @ssh-keygen -t rsa -b 2048 -N \"\" -m PEM -f my-new-server-key@.
+--
+-- Use a minimum value of 2048 for the @-b@ option. You can create a
+-- stronger key by using 3072 or 4096.
+--
+-- Use the following command to generate an ECDSA 256 bit key with no
+-- passphrase:
+--
+-- @ssh-keygen -t ecdsa -b 256 -N \"\" -m PEM -f my-new-server-key@.
+--
+-- Valid values for the @-b@ option for ECDSA are 256, 384, and 521.
+--
+-- Use the following command to generate an ED25519 key with no passphrase:
+--
+-- @ssh-keygen -t ed25519 -N \"\" -f my-new-server-key@.
+--
+-- For all of these commands, you can replace /my-new-server-key/ with a
+-- string of your choice.
+--
+-- If you aren\'t planning to migrate existing users from an existing
+-- SFTP-enabled server to a new server, don\'t update the host key.
+-- Accidentally changing a server\'s host key can be disruptive.
+--
+-- For more information, see
+-- <https://docs.aws.amazon.com/transfer/latest/userguide/edit-server-config.html#configuring-servers-change-host-key Update host keys for your SFTP-enabled server>
+-- in the /Transfer Family User Guide/.
+--
+-- 'identityProviderDetails', 'createServer_identityProviderDetails' - Required when @IdentityProviderType@ is set to @AWS_DIRECTORY_SERVICE@
+-- or @API_GATEWAY@. Accepts an array containing all of the information
+-- required to use a directory in @AWS_DIRECTORY_SERVICE@ or invoke a
+-- customer-supplied authentication API, including the API Gateway URL. Not
+-- required when @IdentityProviderType@ is set to @SERVICE_MANAGED@.
+--
+-- 'identityProviderType', 'createServer_identityProviderType' - The mode of authentication for a server. The default value is
+-- @SERVICE_MANAGED@, which allows you to store and access user credentials
+-- within the Transfer Family service.
+--
+-- Use @AWS_DIRECTORY_SERVICE@ to provide access to Active Directory groups
+-- in Directory Service for Microsoft Active Directory or Microsoft Active
+-- Directory in your on-premises environment or in Amazon Web Services
+-- using AD Connector. This option also requires you to provide a Directory
+-- ID by using the @IdentityProviderDetails@ parameter.
+--
+-- Use the @API_GATEWAY@ value to integrate with an identity provider of
+-- your choosing. The @API_GATEWAY@ setting requires you to provide an
+-- Amazon API Gateway endpoint URL to call for authentication by using the
+-- @IdentityProviderDetails@ parameter.
+--
+-- Use the @AWS_LAMBDA@ value to directly use an Lambda function as your
+-- identity provider. If you choose this value, you must specify the ARN
+-- for the Lambda function in the @Function@ parameter or the
+-- @IdentityProviderDetails@ data type.
+--
+-- 'loggingRole', 'createServer_loggingRole' - The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that allows a server to turn on Amazon CloudWatch logging for
+-- Amazon S3 or Amazon EFSevents. When set, you can view user activity in
+-- your CloudWatch logs.
+--
+-- 'postAuthenticationLoginBanner', 'createServer_postAuthenticationLoginBanner' - Specifies a string to display when users connect to a server. This
+-- string is displayed after the user authenticates.
+--
+-- The SFTP protocol does not support post-authentication display banners.
+--
+-- 'preAuthenticationLoginBanner', 'createServer_preAuthenticationLoginBanner' - Specifies a string to display when users connect to a server. This
+-- string is displayed before the user authenticates. For example, the
+-- following banner displays details about using the system:
+--
+-- @This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.@
+--
+-- 'protocolDetails', 'createServer_protocolDetails' - The protocol settings that are configured for your server.
+--
+-- -   To indicate passive mode (for FTP and FTPS protocols), use the
+--     @PassiveIp@ parameter. Enter a single dotted-quad IPv4 address, such
+--     as the external IP address of a firewall, router, or load balancer.
+--
+-- -   To ignore the error that is generated when the client attempts to
+--     use the @SETSTAT@ command on a file that you are uploading to an
+--     Amazon S3 bucket, use the @SetStatOption@ parameter. To have the
+--     Transfer Family server ignore the @SETSTAT@ command and upload files
+--     without needing to make any changes to your SFTP client, set the
+--     value to @ENABLE_NO_OP@. If you set the @SetStatOption@ parameter to
+--     @ENABLE_NO_OP@, Transfer Family generates a log entry to Amazon
+--     CloudWatch Logs, so that you can determine when the client is making
+--     a @SETSTAT@ call.
+--
+-- -   To determine whether your Transfer Family server resumes recent,
+--     negotiated sessions through a unique session ID, use the
+--     @TlsSessionResumptionMode@ parameter.
+--
+-- -   @As2Transports@ indicates the transport method for the AS2 messages.
+--     Currently, only HTTP is supported.
+--
+-- 'protocols', 'createServer_protocols' - Specifies the file transfer protocol or protocols over which your file
+-- transfer protocol client can connect to your server\'s endpoint. The
+-- available protocols are:
+--
+-- -   @SFTP@ (Secure Shell (SSH) File Transfer Protocol): File transfer
+--     over SSH
+--
+-- -   @FTPS@ (File Transfer Protocol Secure): File transfer with TLS
+--     encryption
+--
+-- -   @FTP@ (File Transfer Protocol): Unencrypted file transfer
+--
+-- -   @AS2@ (Applicability Statement 2): used for transporting structured
+--     business-to-business data
+--
+-- -   If you select @FTPS@, you must choose a certificate stored in
+--     Certificate Manager (ACM) which is used to identify your server when
+--     clients connect to it over FTPS.
+--
+-- -   If @Protocol@ includes either @FTP@ or @FTPS@, then the
+--     @EndpointType@ must be @VPC@ and the @IdentityProviderType@ must be
+--     @AWS_DIRECTORY_SERVICE@ or @API_GATEWAY@.
+--
+-- -   If @Protocol@ includes @FTP@, then @AddressAllocationIds@ cannot be
+--     associated.
+--
+-- -   If @Protocol@ is set only to @SFTP@, the @EndpointType@ can be set
+--     to @PUBLIC@ and the @IdentityProviderType@ can be set to
+--     @SERVICE_MANAGED@.
+--
+-- -   If @Protocol@ includes @AS2@, then the @EndpointType@ must be @VPC@,
+--     and domain must be Amazon S3.
+--
+-- 'securityPolicyName', 'createServer_securityPolicyName' - Specifies the name of the security policy that is attached to the
+-- server.
+--
+-- 'tags', 'createServer_tags' - Key-value pairs that can be used to group and search for servers.
+--
+-- 'workflowDetails', 'createServer_workflowDetails' - Specifies the workflow ID for the workflow to assign and the execution
+-- role that\'s used for executing the workflow.
+--
+-- In additon to a workflow to execute when a file is uploaded completely,
+-- @WorkflowDeatails@ can also contain a workflow ID (and execution role)
+-- for a workflow to execute on partial upload. A partial upload occurs
+-- when a file is open when the session disconnects.
+newCreateServer ::
+  CreateServer
+newCreateServer =
+  CreateServer'
+    { certificate = Prelude.Nothing,
+      domain = Prelude.Nothing,
+      endpointDetails = Prelude.Nothing,
+      endpointType = Prelude.Nothing,
+      hostKey = Prelude.Nothing,
+      identityProviderDetails = Prelude.Nothing,
+      identityProviderType = Prelude.Nothing,
+      loggingRole = Prelude.Nothing,
+      postAuthenticationLoginBanner = Prelude.Nothing,
+      preAuthenticationLoginBanner = Prelude.Nothing,
+      protocolDetails = Prelude.Nothing,
+      protocols = Prelude.Nothing,
+      securityPolicyName = Prelude.Nothing,
+      tags = Prelude.Nothing,
+      workflowDetails = Prelude.Nothing
+    }
+
+-- | The Amazon Resource Name (ARN) of the Certificate Manager (ACM)
+-- certificate. Required when @Protocols@ is set to @FTPS@.
+--
+-- To request a new public certificate, see
+-- <https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html Request a public certificate>
+-- in the /Certificate Manager User Guide/.
+--
+-- To import an existing certificate into ACM, see
+-- <https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html Importing certificates into ACM>
+-- in the /Certificate Manager User Guide/.
+--
+-- To request a private certificate to use FTPS through private IP
+-- addresses, see
+-- <https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html Request a private certificate>
+-- in the /Certificate Manager User Guide/.
+--
+-- Certificates with the following cryptographic algorithms and key sizes
+-- are supported:
+--
+-- -   2048-bit RSA (RSA_2048)
+--
+-- -   4096-bit RSA (RSA_4096)
+--
+-- -   Elliptic Prime Curve 256 bit (EC_prime256v1)
+--
+-- -   Elliptic Prime Curve 384 bit (EC_secp384r1)
+--
+-- -   Elliptic Prime Curve 521 bit (EC_secp521r1)
+--
+-- The certificate must be a valid SSL\/TLS X.509 version 3 certificate
+-- with FQDN or IP address specified and information about the issuer.
+createServer_certificate :: Lens.Lens' CreateServer (Prelude.Maybe Prelude.Text)
+createServer_certificate = Lens.lens (\CreateServer' {certificate} -> certificate) (\s@CreateServer' {} a -> s {certificate = a} :: CreateServer)
+
+-- | The domain of the storage system that is used for file transfers. There
+-- are two domains available: Amazon Simple Storage Service (Amazon S3) and
+-- Amazon Elastic File System (Amazon EFS). The default value is S3.
+--
+-- After the server is created, the domain cannot be changed.
+createServer_domain :: Lens.Lens' CreateServer (Prelude.Maybe Domain)
+createServer_domain = Lens.lens (\CreateServer' {domain} -> domain) (\s@CreateServer' {} a -> s {domain = a} :: CreateServer)
+
+-- | The virtual private cloud (VPC) endpoint settings that are configured
+-- for your server. When you host your endpoint within your VPC, you can
+-- make your endpoint accessible only to resources within your VPC, or you
+-- can attach Elastic IP addresses and make your endpoint accessible to
+-- clients over the internet. Your VPC\'s default security groups are
+-- automatically assigned to your endpoint.
+createServer_endpointDetails :: Lens.Lens' CreateServer (Prelude.Maybe EndpointDetails)
+createServer_endpointDetails = Lens.lens (\CreateServer' {endpointDetails} -> endpointDetails) (\s@CreateServer' {} a -> s {endpointDetails = a} :: CreateServer)
+
+-- | The type of endpoint that you want your server to use. You can choose to
+-- make your server\'s endpoint publicly accessible (PUBLIC) or host it
+-- inside your VPC. With an endpoint that is hosted in a VPC, you can
+-- restrict access to your server and resources only within your VPC or
+-- choose to make it internet facing by attaching Elastic IP addresses
+-- directly to it.
+--
+-- After May 19, 2021, you won\'t be able to create a server using
+-- @EndpointType=VPC_ENDPOINT@ in your Amazon Web Services account if your
+-- account hasn\'t already done so before May 19, 2021. If you have already
+-- created servers with @EndpointType=VPC_ENDPOINT@ in your Amazon Web
+-- Services account on or before May 19, 2021, you will not be affected.
+-- After this date, use @EndpointType@=@VPC@.
+--
+-- For more information, see
+-- https:\/\/docs.aws.amazon.com\/transfer\/latest\/userguide\/create-server-in-vpc.html#deprecate-vpc-endpoint.
+--
+-- It is recommended that you use @VPC@ as the @EndpointType@. With this
+-- endpoint type, you have the option to directly associate up to three
+-- Elastic IPv4 addresses (BYO IP included) with your server\'s endpoint
+-- and use VPC security groups to restrict traffic by the client\'s public
+-- IP address. This is not possible with @EndpointType@ set to
+-- @VPC_ENDPOINT@.
+createServer_endpointType :: Lens.Lens' CreateServer (Prelude.Maybe EndpointType)
+createServer_endpointType = Lens.lens (\CreateServer' {endpointType} -> endpointType) (\s@CreateServer' {} a -> s {endpointType = a} :: CreateServer)
+
+-- | The RSA, ECDSA, or ED25519 private key to use for your SFTP-enabled
+-- server. You can add multiple host keys, in case you want to rotate keys,
+-- or have a set of active keys that use different algorithms.
+--
+-- Use the following command to generate an RSA 2048 bit key with no
+-- passphrase:
+--
+-- @ssh-keygen -t rsa -b 2048 -N \"\" -m PEM -f my-new-server-key@.
+--
+-- Use a minimum value of 2048 for the @-b@ option. You can create a
+-- stronger key by using 3072 or 4096.
+--
+-- Use the following command to generate an ECDSA 256 bit key with no
+-- passphrase:
+--
+-- @ssh-keygen -t ecdsa -b 256 -N \"\" -m PEM -f my-new-server-key@.
+--
+-- Valid values for the @-b@ option for ECDSA are 256, 384, and 521.
+--
+-- Use the following command to generate an ED25519 key with no passphrase:
+--
+-- @ssh-keygen -t ed25519 -N \"\" -f my-new-server-key@.
+--
+-- For all of these commands, you can replace /my-new-server-key/ with a
+-- string of your choice.
+--
+-- If you aren\'t planning to migrate existing users from an existing
+-- SFTP-enabled server to a new server, don\'t update the host key.
+-- Accidentally changing a server\'s host key can be disruptive.
+--
+-- For more information, see
+-- <https://docs.aws.amazon.com/transfer/latest/userguide/edit-server-config.html#configuring-servers-change-host-key Update host keys for your SFTP-enabled server>
+-- in the /Transfer Family User Guide/.
+createServer_hostKey :: Lens.Lens' CreateServer (Prelude.Maybe Prelude.Text)
+createServer_hostKey = Lens.lens (\CreateServer' {hostKey} -> hostKey) (\s@CreateServer' {} a -> s {hostKey = a} :: CreateServer) Prelude.. Lens.mapping Data._Sensitive
+
+-- | Required when @IdentityProviderType@ is set to @AWS_DIRECTORY_SERVICE@
+-- or @API_GATEWAY@. Accepts an array containing all of the information
+-- required to use a directory in @AWS_DIRECTORY_SERVICE@ or invoke a
+-- customer-supplied authentication API, including the API Gateway URL. Not
+-- required when @IdentityProviderType@ is set to @SERVICE_MANAGED@.
+createServer_identityProviderDetails :: Lens.Lens' CreateServer (Prelude.Maybe IdentityProviderDetails)
+createServer_identityProviderDetails = Lens.lens (\CreateServer' {identityProviderDetails} -> identityProviderDetails) (\s@CreateServer' {} a -> s {identityProviderDetails = a} :: CreateServer)
+
+-- | The mode of authentication for a server. The default value is
+-- @SERVICE_MANAGED@, which allows you to store and access user credentials
+-- within the Transfer Family service.
+--
+-- Use @AWS_DIRECTORY_SERVICE@ to provide access to Active Directory groups
+-- in Directory Service for Microsoft Active Directory or Microsoft Active
+-- Directory in your on-premises environment or in Amazon Web Services
+-- using AD Connector. This option also requires you to provide a Directory
+-- ID by using the @IdentityProviderDetails@ parameter.
+--
+-- Use the @API_GATEWAY@ value to integrate with an identity provider of
+-- your choosing. The @API_GATEWAY@ setting requires you to provide an
+-- Amazon API Gateway endpoint URL to call for authentication by using the
+-- @IdentityProviderDetails@ parameter.
+--
+-- Use the @AWS_LAMBDA@ value to directly use an Lambda function as your
+-- identity provider. If you choose this value, you must specify the ARN
+-- for the Lambda function in the @Function@ parameter or the
+-- @IdentityProviderDetails@ data type.
+createServer_identityProviderType :: Lens.Lens' CreateServer (Prelude.Maybe IdentityProviderType)
+createServer_identityProviderType = Lens.lens (\CreateServer' {identityProviderType} -> identityProviderType) (\s@CreateServer' {} a -> s {identityProviderType = a} :: CreateServer)
+
+-- | The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that allows a server to turn on Amazon CloudWatch logging for
+-- Amazon S3 or Amazon EFSevents. When set, you can view user activity in
+-- your CloudWatch logs.
+createServer_loggingRole :: Lens.Lens' CreateServer (Prelude.Maybe Prelude.Text)
+createServer_loggingRole = Lens.lens (\CreateServer' {loggingRole} -> loggingRole) (\s@CreateServer' {} a -> s {loggingRole = a} :: CreateServer)
+
+-- | Specifies a string to display when users connect to a server. This
+-- string is displayed after the user authenticates.
+--
+-- The SFTP protocol does not support post-authentication display banners.
+createServer_postAuthenticationLoginBanner :: Lens.Lens' CreateServer (Prelude.Maybe Prelude.Text)
+createServer_postAuthenticationLoginBanner = Lens.lens (\CreateServer' {postAuthenticationLoginBanner} -> postAuthenticationLoginBanner) (\s@CreateServer' {} a -> s {postAuthenticationLoginBanner = a} :: CreateServer)
+
+-- | Specifies a string to display when users connect to a server. This
+-- string is displayed before the user authenticates. For example, the
+-- following banner displays details about using the system:
+--
+-- @This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.@
+createServer_preAuthenticationLoginBanner :: Lens.Lens' CreateServer (Prelude.Maybe Prelude.Text)
+createServer_preAuthenticationLoginBanner = Lens.lens (\CreateServer' {preAuthenticationLoginBanner} -> preAuthenticationLoginBanner) (\s@CreateServer' {} a -> s {preAuthenticationLoginBanner = a} :: CreateServer)
+
+-- | The protocol settings that are configured for your server.
+--
+-- -   To indicate passive mode (for FTP and FTPS protocols), use the
+--     @PassiveIp@ parameter. Enter a single dotted-quad IPv4 address, such
+--     as the external IP address of a firewall, router, or load balancer.
+--
+-- -   To ignore the error that is generated when the client attempts to
+--     use the @SETSTAT@ command on a file that you are uploading to an
+--     Amazon S3 bucket, use the @SetStatOption@ parameter. To have the
+--     Transfer Family server ignore the @SETSTAT@ command and upload files
+--     without needing to make any changes to your SFTP client, set the
+--     value to @ENABLE_NO_OP@. If you set the @SetStatOption@ parameter to
+--     @ENABLE_NO_OP@, Transfer Family generates a log entry to Amazon
+--     CloudWatch Logs, so that you can determine when the client is making
+--     a @SETSTAT@ call.
+--
+-- -   To determine whether your Transfer Family server resumes recent,
+--     negotiated sessions through a unique session ID, use the
+--     @TlsSessionResumptionMode@ parameter.
+--
+-- -   @As2Transports@ indicates the transport method for the AS2 messages.
+--     Currently, only HTTP is supported.
+createServer_protocolDetails :: Lens.Lens' CreateServer (Prelude.Maybe ProtocolDetails)
+createServer_protocolDetails = Lens.lens (\CreateServer' {protocolDetails} -> protocolDetails) (\s@CreateServer' {} a -> s {protocolDetails = a} :: CreateServer)
+
+-- | Specifies the file transfer protocol or protocols over which your file
+-- transfer protocol client can connect to your server\'s endpoint. The
+-- available protocols are:
+--
+-- -   @SFTP@ (Secure Shell (SSH) File Transfer Protocol): File transfer
+--     over SSH
+--
+-- -   @FTPS@ (File Transfer Protocol Secure): File transfer with TLS
+--     encryption
+--
+-- -   @FTP@ (File Transfer Protocol): Unencrypted file transfer
+--
+-- -   @AS2@ (Applicability Statement 2): used for transporting structured
+--     business-to-business data
+--
+-- -   If you select @FTPS@, you must choose a certificate stored in
+--     Certificate Manager (ACM) which is used to identify your server when
+--     clients connect to it over FTPS.
+--
+-- -   If @Protocol@ includes either @FTP@ or @FTPS@, then the
+--     @EndpointType@ must be @VPC@ and the @IdentityProviderType@ must be
+--     @AWS_DIRECTORY_SERVICE@ or @API_GATEWAY@.
+--
+-- -   If @Protocol@ includes @FTP@, then @AddressAllocationIds@ cannot be
+--     associated.
+--
+-- -   If @Protocol@ is set only to @SFTP@, the @EndpointType@ can be set
+--     to @PUBLIC@ and the @IdentityProviderType@ can be set to
+--     @SERVICE_MANAGED@.
+--
+-- -   If @Protocol@ includes @AS2@, then the @EndpointType@ must be @VPC@,
+--     and domain must be Amazon S3.
+createServer_protocols :: Lens.Lens' CreateServer (Prelude.Maybe (Prelude.NonEmpty Protocol))
+createServer_protocols = Lens.lens (\CreateServer' {protocols} -> protocols) (\s@CreateServer' {} a -> s {protocols = a} :: CreateServer) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies the name of the security policy that is attached to the
+-- server.
+createServer_securityPolicyName :: Lens.Lens' CreateServer (Prelude.Maybe Prelude.Text)
+createServer_securityPolicyName = Lens.lens (\CreateServer' {securityPolicyName} -> securityPolicyName) (\s@CreateServer' {} a -> s {securityPolicyName = a} :: CreateServer)
+
+-- | Key-value pairs that can be used to group and search for servers.
+createServer_tags :: Lens.Lens' CreateServer (Prelude.Maybe (Prelude.NonEmpty Tag))
+createServer_tags = Lens.lens (\CreateServer' {tags} -> tags) (\s@CreateServer' {} a -> s {tags = a} :: CreateServer) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies the workflow ID for the workflow to assign and the execution
+-- role that\'s used for executing the workflow.
+--
+-- In additon to a workflow to execute when a file is uploaded completely,
+-- @WorkflowDeatails@ can also contain a workflow ID (and execution role)
+-- for a workflow to execute on partial upload. A partial upload occurs
+-- when a file is open when the session disconnects.
+createServer_workflowDetails :: Lens.Lens' CreateServer (Prelude.Maybe WorkflowDetails)
+createServer_workflowDetails = Lens.lens (\CreateServer' {workflowDetails} -> workflowDetails) (\s@CreateServer' {} a -> s {workflowDetails = a} :: CreateServer)
+
+instance Core.AWSRequest CreateServer where
+  type AWSResponse CreateServer = CreateServerResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateServerResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "ServerId")
+      )
+
+instance Prelude.Hashable CreateServer where
+  hashWithSalt _salt CreateServer' {..} =
+    _salt
+      `Prelude.hashWithSalt` certificate
+      `Prelude.hashWithSalt` domain
+      `Prelude.hashWithSalt` endpointDetails
+      `Prelude.hashWithSalt` endpointType
+      `Prelude.hashWithSalt` hostKey
+      `Prelude.hashWithSalt` identityProviderDetails
+      `Prelude.hashWithSalt` identityProviderType
+      `Prelude.hashWithSalt` loggingRole
+      `Prelude.hashWithSalt` postAuthenticationLoginBanner
+      `Prelude.hashWithSalt` preAuthenticationLoginBanner
+      `Prelude.hashWithSalt` protocolDetails
+      `Prelude.hashWithSalt` protocols
+      `Prelude.hashWithSalt` securityPolicyName
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` workflowDetails
+
+instance Prelude.NFData CreateServer where
+  rnf CreateServer' {..} =
+    Prelude.rnf certificate
+      `Prelude.seq` Prelude.rnf domain
+      `Prelude.seq` Prelude.rnf endpointDetails
+      `Prelude.seq` Prelude.rnf endpointType
+      `Prelude.seq` Prelude.rnf hostKey
+      `Prelude.seq` Prelude.rnf identityProviderDetails
+      `Prelude.seq` Prelude.rnf identityProviderType
+      `Prelude.seq` Prelude.rnf loggingRole
+      `Prelude.seq` Prelude.rnf postAuthenticationLoginBanner
+      `Prelude.seq` Prelude.rnf preAuthenticationLoginBanner
+      `Prelude.seq` Prelude.rnf protocolDetails
+      `Prelude.seq` Prelude.rnf protocols
+      `Prelude.seq` Prelude.rnf securityPolicyName
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf workflowDetails
+
+instance Data.ToHeaders CreateServer where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.CreateServer" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON CreateServer where
+  toJSON CreateServer' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("Certificate" Data..=) Prelude.<$> certificate,
+            ("Domain" Data..=) Prelude.<$> domain,
+            ("EndpointDetails" Data..=)
+              Prelude.<$> endpointDetails,
+            ("EndpointType" Data..=) Prelude.<$> endpointType,
+            ("HostKey" Data..=) Prelude.<$> hostKey,
+            ("IdentityProviderDetails" Data..=)
+              Prelude.<$> identityProviderDetails,
+            ("IdentityProviderType" Data..=)
+              Prelude.<$> identityProviderType,
+            ("LoggingRole" Data..=) Prelude.<$> loggingRole,
+            ("PostAuthenticationLoginBanner" Data..=)
+              Prelude.<$> postAuthenticationLoginBanner,
+            ("PreAuthenticationLoginBanner" Data..=)
+              Prelude.<$> preAuthenticationLoginBanner,
+            ("ProtocolDetails" Data..=)
+              Prelude.<$> protocolDetails,
+            ("Protocols" Data..=) Prelude.<$> protocols,
+            ("SecurityPolicyName" Data..=)
+              Prelude.<$> securityPolicyName,
+            ("Tags" Data..=) Prelude.<$> tags,
+            ("WorkflowDetails" Data..=)
+              Prelude.<$> workflowDetails
+          ]
+      )
+
+instance Data.ToPath CreateServer where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery CreateServer where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateServerResponse' smart constructor.
+data CreateServerResponse = CreateServerResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The service-assigned identifier of the server that is created.
+    serverId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateServerResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'createServerResponse_httpStatus' - The response's http status code.
+--
+-- 'serverId', 'createServerResponse_serverId' - The service-assigned identifier of the server that is created.
+newCreateServerResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'serverId'
+  Prelude.Text ->
+  CreateServerResponse
+newCreateServerResponse pHttpStatus_ pServerId_ =
+  CreateServerResponse'
+    { httpStatus = pHttpStatus_,
+      serverId = pServerId_
+    }
+
+-- | The response's http status code.
+createServerResponse_httpStatus :: Lens.Lens' CreateServerResponse Prelude.Int
+createServerResponse_httpStatus = Lens.lens (\CreateServerResponse' {httpStatus} -> httpStatus) (\s@CreateServerResponse' {} a -> s {httpStatus = a} :: CreateServerResponse)
+
+-- | The service-assigned identifier of the server that is created.
+createServerResponse_serverId :: Lens.Lens' CreateServerResponse Prelude.Text
+createServerResponse_serverId = Lens.lens (\CreateServerResponse' {serverId} -> serverId) (\s@CreateServerResponse' {} a -> s {serverId = a} :: CreateServerResponse)
+
+instance Prelude.NFData CreateServerResponse where
+  rnf CreateServerResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf serverId
diff --git a/gen/Amazonka/Transfer/CreateUser.hs b/gen/Amazonka/Transfer/CreateUser.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/CreateUser.hs
@@ -0,0 +1,519 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.CreateUser
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a user and associates them with an existing file transfer
+-- protocol-enabled server. You can only create and associate users with
+-- servers that have the @IdentityProviderType@ set to @SERVICE_MANAGED@.
+-- Using parameters for @CreateUser@, you can specify the user name, set
+-- the home directory, store the user\'s public key, and assign the user\'s
+-- Identity and Access Management (IAM) role. You can also optionally add a
+-- session policy, and assign metadata with tags that can be used to group
+-- and search for users.
+module Amazonka.Transfer.CreateUser
+  ( -- * Creating a Request
+    CreateUser (..),
+    newCreateUser,
+
+    -- * Request Lenses
+    createUser_homeDirectory,
+    createUser_homeDirectoryMappings,
+    createUser_homeDirectoryType,
+    createUser_policy,
+    createUser_posixProfile,
+    createUser_sshPublicKeyBody,
+    createUser_tags,
+    createUser_role,
+    createUser_serverId,
+    createUser_userName,
+
+    -- * Destructuring the Response
+    CreateUserResponse (..),
+    newCreateUserResponse,
+
+    -- * Response Lenses
+    createUserResponse_httpStatus,
+    createUserResponse_serverId,
+    createUserResponse_userName,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newCreateUser' smart constructor.
+data CreateUser = CreateUser'
+  { -- | The landing directory (folder) for a user when they log in to the server
+    -- using the client.
+    --
+    -- A @HomeDirectory@ example is @\/bucket_name\/home\/mydirectory@.
+    homeDirectory :: Prelude.Maybe Prelude.Text,
+    -- | Logical directory mappings that specify what Amazon S3 or Amazon EFS
+    -- paths and keys should be visible to your user and how you want to make
+    -- them visible. You must specify the @Entry@ and @Target@ pair, where
+    -- @Entry@ shows how the path is made visible and @Target@ is the actual
+    -- Amazon S3 or Amazon EFS path. If you only specify a target, it is
+    -- displayed as is. You also must ensure that your Identity and Access
+    -- Management (IAM) role provides access to paths in @Target@. This value
+    -- can be set only when @HomeDirectoryType@ is set to /LOGICAL/.
+    --
+    -- The following is an @Entry@ and @Target@ pair example.
+    --
+    -- @[ { \"Entry\": \"\/directory1\", \"Target\": \"\/bucket_name\/home\/mydirectory\" } ]@
+    --
+    -- In most cases, you can use this value instead of the session policy to
+    -- lock your user down to the designated home directory (\"@chroot@\"). To
+    -- do this, you can set @Entry@ to @\/@ and set @Target@ to the
+    -- HomeDirectory parameter value.
+    --
+    -- The following is an @Entry@ and @Target@ pair example for @chroot@.
+    --
+    -- @[ { \"Entry\": \"\/\", \"Target\": \"\/bucket_name\/home\/mydirectory\" } ]@
+    homeDirectoryMappings :: Prelude.Maybe (Prelude.NonEmpty HomeDirectoryMapEntry),
+    -- | The type of landing directory (folder) that you want your users\' home
+    -- directory to be when they log in to the server. If you set it to @PATH@,
+    -- the user will see the absolute Amazon S3 bucket or EFS paths as is in
+    -- their file transfer protocol clients. If you set it @LOGICAL@, you need
+    -- to provide mappings in the @HomeDirectoryMappings@ for how you want to
+    -- make Amazon S3 or Amazon EFS paths visible to your users.
+    homeDirectoryType :: Prelude.Maybe HomeDirectoryType,
+    -- | A session policy for your user so that you can use the same Identity and
+    -- Access Management (IAM) role across multiple users. This policy scopes
+    -- down a user\'s access to portions of their Amazon S3 bucket. Variables
+    -- that you can use inside this policy include @${Transfer:UserName}@,
+    -- @${Transfer:HomeDirectory}@, and @${Transfer:HomeBucket}@.
+    --
+    -- This policy applies only when the domain of @ServerId@ is Amazon S3.
+    -- Amazon EFS does not use session policies.
+    --
+    -- For session policies, Transfer Family stores the policy as a JSON blob,
+    -- instead of the Amazon Resource Name (ARN) of the policy. You save the
+    -- policy as a JSON blob and pass it in the @Policy@ argument.
+    --
+    -- For an example of a session policy, see
+    -- <https://docs.aws.amazon.com/transfer/latest/userguide/session-policy.html Example session policy>.
+    --
+    -- For more information, see
+    -- <https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html AssumeRole>
+    -- in the /Amazon Web Services Security Token Service API Reference/.
+    policy :: Prelude.Maybe Prelude.Text,
+    -- | Specifies the full POSIX identity, including user ID (@Uid@), group ID
+    -- (@Gid@), and any secondary groups IDs (@SecondaryGids@), that controls
+    -- your users\' access to your Amazon EFS file systems. The POSIX
+    -- permissions that are set on files and directories in Amazon EFS
+    -- determine the level of access your users get when transferring files
+    -- into and out of your Amazon EFS file systems.
+    posixProfile :: Prelude.Maybe PosixProfile,
+    -- | The public portion of the Secure Shell (SSH) key used to authenticate
+    -- the user to the server.
+    --
+    -- Transfer Family accepts RSA, ECDSA, and ED25519 keys.
+    sshPublicKeyBody :: Prelude.Maybe Prelude.Text,
+    -- | Key-value pairs that can be used to group and search for users. Tags are
+    -- metadata attached to users for any purpose.
+    tags :: Prelude.Maybe (Prelude.NonEmpty Tag),
+    -- | The Amazon Resource Name (ARN) of the Identity and Access Management
+    -- (IAM) role that controls your users\' access to your Amazon S3 bucket or
+    -- Amazon EFS file system. The policies attached to this role determine the
+    -- level of access that you want to provide your users when transferring
+    -- files into and out of your Amazon S3 bucket or Amazon EFS file system.
+    -- The IAM role should also contain a trust relationship that allows the
+    -- server to access your resources when servicing your users\' transfer
+    -- requests.
+    role' :: Prelude.Text,
+    -- | A system-assigned unique identifier for a server instance. This is the
+    -- specific server that you added your user to.
+    serverId :: Prelude.Text,
+    -- | A unique string that identifies a user and is associated with a
+    -- @ServerId@. This user name must be a minimum of 3 and a maximum of 100
+    -- characters long. The following are valid characters: a-z, A-Z, 0-9,
+    -- underscore \'_\', hyphen \'-\', period \'.\', and at sign \'\@\'. The
+    -- user name can\'t start with a hyphen, period, or at sign.
+    userName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateUser' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'homeDirectory', 'createUser_homeDirectory' - The landing directory (folder) for a user when they log in to the server
+-- using the client.
+--
+-- A @HomeDirectory@ example is @\/bucket_name\/home\/mydirectory@.
+--
+-- 'homeDirectoryMappings', 'createUser_homeDirectoryMappings' - Logical directory mappings that specify what Amazon S3 or Amazon EFS
+-- paths and keys should be visible to your user and how you want to make
+-- them visible. You must specify the @Entry@ and @Target@ pair, where
+-- @Entry@ shows how the path is made visible and @Target@ is the actual
+-- Amazon S3 or Amazon EFS path. If you only specify a target, it is
+-- displayed as is. You also must ensure that your Identity and Access
+-- Management (IAM) role provides access to paths in @Target@. This value
+-- can be set only when @HomeDirectoryType@ is set to /LOGICAL/.
+--
+-- The following is an @Entry@ and @Target@ pair example.
+--
+-- @[ { \"Entry\": \"\/directory1\", \"Target\": \"\/bucket_name\/home\/mydirectory\" } ]@
+--
+-- In most cases, you can use this value instead of the session policy to
+-- lock your user down to the designated home directory (\"@chroot@\"). To
+-- do this, you can set @Entry@ to @\/@ and set @Target@ to the
+-- HomeDirectory parameter value.
+--
+-- The following is an @Entry@ and @Target@ pair example for @chroot@.
+--
+-- @[ { \"Entry\": \"\/\", \"Target\": \"\/bucket_name\/home\/mydirectory\" } ]@
+--
+-- 'homeDirectoryType', 'createUser_homeDirectoryType' - The type of landing directory (folder) that you want your users\' home
+-- directory to be when they log in to the server. If you set it to @PATH@,
+-- the user will see the absolute Amazon S3 bucket or EFS paths as is in
+-- their file transfer protocol clients. If you set it @LOGICAL@, you need
+-- to provide mappings in the @HomeDirectoryMappings@ for how you want to
+-- make Amazon S3 or Amazon EFS paths visible to your users.
+--
+-- 'policy', 'createUser_policy' - A session policy for your user so that you can use the same Identity and
+-- Access Management (IAM) role across multiple users. This policy scopes
+-- down a user\'s access to portions of their Amazon S3 bucket. Variables
+-- that you can use inside this policy include @${Transfer:UserName}@,
+-- @${Transfer:HomeDirectory}@, and @${Transfer:HomeBucket}@.
+--
+-- This policy applies only when the domain of @ServerId@ is Amazon S3.
+-- Amazon EFS does not use session policies.
+--
+-- For session policies, Transfer Family stores the policy as a JSON blob,
+-- instead of the Amazon Resource Name (ARN) of the policy. You save the
+-- policy as a JSON blob and pass it in the @Policy@ argument.
+--
+-- For an example of a session policy, see
+-- <https://docs.aws.amazon.com/transfer/latest/userguide/session-policy.html Example session policy>.
+--
+-- For more information, see
+-- <https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html AssumeRole>
+-- in the /Amazon Web Services Security Token Service API Reference/.
+--
+-- 'posixProfile', 'createUser_posixProfile' - Specifies the full POSIX identity, including user ID (@Uid@), group ID
+-- (@Gid@), and any secondary groups IDs (@SecondaryGids@), that controls
+-- your users\' access to your Amazon EFS file systems. The POSIX
+-- permissions that are set on files and directories in Amazon EFS
+-- determine the level of access your users get when transferring files
+-- into and out of your Amazon EFS file systems.
+--
+-- 'sshPublicKeyBody', 'createUser_sshPublicKeyBody' - The public portion of the Secure Shell (SSH) key used to authenticate
+-- the user to the server.
+--
+-- Transfer Family accepts RSA, ECDSA, and ED25519 keys.
+--
+-- 'tags', 'createUser_tags' - Key-value pairs that can be used to group and search for users. Tags are
+-- metadata attached to users for any purpose.
+--
+-- 'role'', 'createUser_role' - The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that controls your users\' access to your Amazon S3 bucket or
+-- Amazon EFS file system. The policies attached to this role determine the
+-- level of access that you want to provide your users when transferring
+-- files into and out of your Amazon S3 bucket or Amazon EFS file system.
+-- The IAM role should also contain a trust relationship that allows the
+-- server to access your resources when servicing your users\' transfer
+-- requests.
+--
+-- 'serverId', 'createUser_serverId' - A system-assigned unique identifier for a server instance. This is the
+-- specific server that you added your user to.
+--
+-- 'userName', 'createUser_userName' - A unique string that identifies a user and is associated with a
+-- @ServerId@. This user name must be a minimum of 3 and a maximum of 100
+-- characters long. The following are valid characters: a-z, A-Z, 0-9,
+-- underscore \'_\', hyphen \'-\', period \'.\', and at sign \'\@\'. The
+-- user name can\'t start with a hyphen, period, or at sign.
+newCreateUser ::
+  -- | 'role''
+  Prelude.Text ->
+  -- | 'serverId'
+  Prelude.Text ->
+  -- | 'userName'
+  Prelude.Text ->
+  CreateUser
+newCreateUser pRole_ pServerId_ pUserName_ =
+  CreateUser'
+    { homeDirectory = Prelude.Nothing,
+      homeDirectoryMappings = Prelude.Nothing,
+      homeDirectoryType = Prelude.Nothing,
+      policy = Prelude.Nothing,
+      posixProfile = Prelude.Nothing,
+      sshPublicKeyBody = Prelude.Nothing,
+      tags = Prelude.Nothing,
+      role' = pRole_,
+      serverId = pServerId_,
+      userName = pUserName_
+    }
+
+-- | The landing directory (folder) for a user when they log in to the server
+-- using the client.
+--
+-- A @HomeDirectory@ example is @\/bucket_name\/home\/mydirectory@.
+createUser_homeDirectory :: Lens.Lens' CreateUser (Prelude.Maybe Prelude.Text)
+createUser_homeDirectory = Lens.lens (\CreateUser' {homeDirectory} -> homeDirectory) (\s@CreateUser' {} a -> s {homeDirectory = a} :: CreateUser)
+
+-- | Logical directory mappings that specify what Amazon S3 or Amazon EFS
+-- paths and keys should be visible to your user and how you want to make
+-- them visible. You must specify the @Entry@ and @Target@ pair, where
+-- @Entry@ shows how the path is made visible and @Target@ is the actual
+-- Amazon S3 or Amazon EFS path. If you only specify a target, it is
+-- displayed as is. You also must ensure that your Identity and Access
+-- Management (IAM) role provides access to paths in @Target@. This value
+-- can be set only when @HomeDirectoryType@ is set to /LOGICAL/.
+--
+-- The following is an @Entry@ and @Target@ pair example.
+--
+-- @[ { \"Entry\": \"\/directory1\", \"Target\": \"\/bucket_name\/home\/mydirectory\" } ]@
+--
+-- In most cases, you can use this value instead of the session policy to
+-- lock your user down to the designated home directory (\"@chroot@\"). To
+-- do this, you can set @Entry@ to @\/@ and set @Target@ to the
+-- HomeDirectory parameter value.
+--
+-- The following is an @Entry@ and @Target@ pair example for @chroot@.
+--
+-- @[ { \"Entry\": \"\/\", \"Target\": \"\/bucket_name\/home\/mydirectory\" } ]@
+createUser_homeDirectoryMappings :: Lens.Lens' CreateUser (Prelude.Maybe (Prelude.NonEmpty HomeDirectoryMapEntry))
+createUser_homeDirectoryMappings = Lens.lens (\CreateUser' {homeDirectoryMappings} -> homeDirectoryMappings) (\s@CreateUser' {} a -> s {homeDirectoryMappings = a} :: CreateUser) Prelude.. Lens.mapping Lens.coerced
+
+-- | The type of landing directory (folder) that you want your users\' home
+-- directory to be when they log in to the server. If you set it to @PATH@,
+-- the user will see the absolute Amazon S3 bucket or EFS paths as is in
+-- their file transfer protocol clients. If you set it @LOGICAL@, you need
+-- to provide mappings in the @HomeDirectoryMappings@ for how you want to
+-- make Amazon S3 or Amazon EFS paths visible to your users.
+createUser_homeDirectoryType :: Lens.Lens' CreateUser (Prelude.Maybe HomeDirectoryType)
+createUser_homeDirectoryType = Lens.lens (\CreateUser' {homeDirectoryType} -> homeDirectoryType) (\s@CreateUser' {} a -> s {homeDirectoryType = a} :: CreateUser)
+
+-- | A session policy for your user so that you can use the same Identity and
+-- Access Management (IAM) role across multiple users. This policy scopes
+-- down a user\'s access to portions of their Amazon S3 bucket. Variables
+-- that you can use inside this policy include @${Transfer:UserName}@,
+-- @${Transfer:HomeDirectory}@, and @${Transfer:HomeBucket}@.
+--
+-- This policy applies only when the domain of @ServerId@ is Amazon S3.
+-- Amazon EFS does not use session policies.
+--
+-- For session policies, Transfer Family stores the policy as a JSON blob,
+-- instead of the Amazon Resource Name (ARN) of the policy. You save the
+-- policy as a JSON blob and pass it in the @Policy@ argument.
+--
+-- For an example of a session policy, see
+-- <https://docs.aws.amazon.com/transfer/latest/userguide/session-policy.html Example session policy>.
+--
+-- For more information, see
+-- <https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html AssumeRole>
+-- in the /Amazon Web Services Security Token Service API Reference/.
+createUser_policy :: Lens.Lens' CreateUser (Prelude.Maybe Prelude.Text)
+createUser_policy = Lens.lens (\CreateUser' {policy} -> policy) (\s@CreateUser' {} a -> s {policy = a} :: CreateUser)
+
+-- | Specifies the full POSIX identity, including user ID (@Uid@), group ID
+-- (@Gid@), and any secondary groups IDs (@SecondaryGids@), that controls
+-- your users\' access to your Amazon EFS file systems. The POSIX
+-- permissions that are set on files and directories in Amazon EFS
+-- determine the level of access your users get when transferring files
+-- into and out of your Amazon EFS file systems.
+createUser_posixProfile :: Lens.Lens' CreateUser (Prelude.Maybe PosixProfile)
+createUser_posixProfile = Lens.lens (\CreateUser' {posixProfile} -> posixProfile) (\s@CreateUser' {} a -> s {posixProfile = a} :: CreateUser)
+
+-- | The public portion of the Secure Shell (SSH) key used to authenticate
+-- the user to the server.
+--
+-- Transfer Family accepts RSA, ECDSA, and ED25519 keys.
+createUser_sshPublicKeyBody :: Lens.Lens' CreateUser (Prelude.Maybe Prelude.Text)
+createUser_sshPublicKeyBody = Lens.lens (\CreateUser' {sshPublicKeyBody} -> sshPublicKeyBody) (\s@CreateUser' {} a -> s {sshPublicKeyBody = a} :: CreateUser)
+
+-- | Key-value pairs that can be used to group and search for users. Tags are
+-- metadata attached to users for any purpose.
+createUser_tags :: Lens.Lens' CreateUser (Prelude.Maybe (Prelude.NonEmpty Tag))
+createUser_tags = Lens.lens (\CreateUser' {tags} -> tags) (\s@CreateUser' {} a -> s {tags = a} :: CreateUser) Prelude.. Lens.mapping Lens.coerced
+
+-- | The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that controls your users\' access to your Amazon S3 bucket or
+-- Amazon EFS file system. The policies attached to this role determine the
+-- level of access that you want to provide your users when transferring
+-- files into and out of your Amazon S3 bucket or Amazon EFS file system.
+-- The IAM role should also contain a trust relationship that allows the
+-- server to access your resources when servicing your users\' transfer
+-- requests.
+createUser_role :: Lens.Lens' CreateUser Prelude.Text
+createUser_role = Lens.lens (\CreateUser' {role'} -> role') (\s@CreateUser' {} a -> s {role' = a} :: CreateUser)
+
+-- | A system-assigned unique identifier for a server instance. This is the
+-- specific server that you added your user to.
+createUser_serverId :: Lens.Lens' CreateUser Prelude.Text
+createUser_serverId = Lens.lens (\CreateUser' {serverId} -> serverId) (\s@CreateUser' {} a -> s {serverId = a} :: CreateUser)
+
+-- | A unique string that identifies a user and is associated with a
+-- @ServerId@. This user name must be a minimum of 3 and a maximum of 100
+-- characters long. The following are valid characters: a-z, A-Z, 0-9,
+-- underscore \'_\', hyphen \'-\', period \'.\', and at sign \'\@\'. The
+-- user name can\'t start with a hyphen, period, or at sign.
+createUser_userName :: Lens.Lens' CreateUser Prelude.Text
+createUser_userName = Lens.lens (\CreateUser' {userName} -> userName) (\s@CreateUser' {} a -> s {userName = a} :: CreateUser)
+
+instance Core.AWSRequest CreateUser where
+  type AWSResponse CreateUser = CreateUserResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateUserResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "ServerId")
+            Prelude.<*> (x Data..:> "UserName")
+      )
+
+instance Prelude.Hashable CreateUser where
+  hashWithSalt _salt CreateUser' {..} =
+    _salt
+      `Prelude.hashWithSalt` homeDirectory
+      `Prelude.hashWithSalt` homeDirectoryMappings
+      `Prelude.hashWithSalt` homeDirectoryType
+      `Prelude.hashWithSalt` policy
+      `Prelude.hashWithSalt` posixProfile
+      `Prelude.hashWithSalt` sshPublicKeyBody
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` role'
+      `Prelude.hashWithSalt` serverId
+      `Prelude.hashWithSalt` userName
+
+instance Prelude.NFData CreateUser where
+  rnf CreateUser' {..} =
+    Prelude.rnf homeDirectory
+      `Prelude.seq` Prelude.rnf homeDirectoryMappings
+      `Prelude.seq` Prelude.rnf homeDirectoryType
+      `Prelude.seq` Prelude.rnf policy
+      `Prelude.seq` Prelude.rnf posixProfile
+      `Prelude.seq` Prelude.rnf sshPublicKeyBody
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf role'
+      `Prelude.seq` Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf userName
+
+instance Data.ToHeaders CreateUser where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ("TransferService.CreateUser" :: Prelude.ByteString),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON CreateUser where
+  toJSON CreateUser' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("HomeDirectory" Data..=) Prelude.<$> homeDirectory,
+            ("HomeDirectoryMappings" Data..=)
+              Prelude.<$> homeDirectoryMappings,
+            ("HomeDirectoryType" Data..=)
+              Prelude.<$> homeDirectoryType,
+            ("Policy" Data..=) Prelude.<$> policy,
+            ("PosixProfile" Data..=) Prelude.<$> posixProfile,
+            ("SshPublicKeyBody" Data..=)
+              Prelude.<$> sshPublicKeyBody,
+            ("Tags" Data..=) Prelude.<$> tags,
+            Prelude.Just ("Role" Data..= role'),
+            Prelude.Just ("ServerId" Data..= serverId),
+            Prelude.Just ("UserName" Data..= userName)
+          ]
+      )
+
+instance Data.ToPath CreateUser where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery CreateUser where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateUserResponse' smart constructor.
+data CreateUserResponse = CreateUserResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The identifier of the server that the user is attached to.
+    serverId :: Prelude.Text,
+    -- | A unique string that identifies a user account associated with a server.
+    userName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateUserResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'createUserResponse_httpStatus' - The response's http status code.
+--
+-- 'serverId', 'createUserResponse_serverId' - The identifier of the server that the user is attached to.
+--
+-- 'userName', 'createUserResponse_userName' - A unique string that identifies a user account associated with a server.
+newCreateUserResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'serverId'
+  Prelude.Text ->
+  -- | 'userName'
+  Prelude.Text ->
+  CreateUserResponse
+newCreateUserResponse
+  pHttpStatus_
+  pServerId_
+  pUserName_ =
+    CreateUserResponse'
+      { httpStatus = pHttpStatus_,
+        serverId = pServerId_,
+        userName = pUserName_
+      }
+
+-- | The response's http status code.
+createUserResponse_httpStatus :: Lens.Lens' CreateUserResponse Prelude.Int
+createUserResponse_httpStatus = Lens.lens (\CreateUserResponse' {httpStatus} -> httpStatus) (\s@CreateUserResponse' {} a -> s {httpStatus = a} :: CreateUserResponse)
+
+-- | The identifier of the server that the user is attached to.
+createUserResponse_serverId :: Lens.Lens' CreateUserResponse Prelude.Text
+createUserResponse_serverId = Lens.lens (\CreateUserResponse' {serverId} -> serverId) (\s@CreateUserResponse' {} a -> s {serverId = a} :: CreateUserResponse)
+
+-- | A unique string that identifies a user account associated with a server.
+createUserResponse_userName :: Lens.Lens' CreateUserResponse Prelude.Text
+createUserResponse_userName = Lens.lens (\CreateUserResponse' {userName} -> userName) (\s@CreateUserResponse' {} a -> s {userName = a} :: CreateUserResponse)
+
+instance Prelude.NFData CreateUserResponse where
+  rnf CreateUserResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf userName
diff --git a/gen/Amazonka/Transfer/CreateWorkflow.hs b/gen/Amazonka/Transfer/CreateWorkflow.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/CreateWorkflow.hs
@@ -0,0 +1,285 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.CreateWorkflow
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Allows you to create a workflow with specified steps and step details
+-- the workflow invokes after file transfer completes. After creating a
+-- workflow, you can associate the workflow created with any transfer
+-- servers by specifying the @workflow-details@ field in @CreateServer@ and
+-- @UpdateServer@ operations.
+module Amazonka.Transfer.CreateWorkflow
+  ( -- * Creating a Request
+    CreateWorkflow (..),
+    newCreateWorkflow,
+
+    -- * Request Lenses
+    createWorkflow_description,
+    createWorkflow_onExceptionSteps,
+    createWorkflow_tags,
+    createWorkflow_steps,
+
+    -- * Destructuring the Response
+    CreateWorkflowResponse (..),
+    newCreateWorkflowResponse,
+
+    -- * Response Lenses
+    createWorkflowResponse_httpStatus,
+    createWorkflowResponse_workflowId,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newCreateWorkflow' smart constructor.
+data CreateWorkflow = CreateWorkflow'
+  { -- | A textual description for the workflow.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | Specifies the steps (actions) to take if errors are encountered during
+    -- execution of the workflow.
+    --
+    -- For custom steps, the lambda function needs to send @FAILURE@ to the
+    -- call back API to kick off the exception steps. Additionally, if the
+    -- lambda does not send @SUCCESS@ before it times out, the exception steps
+    -- are executed.
+    onExceptionSteps :: Prelude.Maybe [WorkflowStep],
+    -- | Key-value pairs that can be used to group and search for workflows. Tags
+    -- are metadata attached to workflows for any purpose.
+    tags :: Prelude.Maybe (Prelude.NonEmpty Tag),
+    -- | Specifies the details for the steps that are in the specified workflow.
+    --
+    -- The @TYPE@ specifies which of the following actions is being taken for
+    -- this step.
+    --
+    -- -   /COPY/: Copy the file to another location.
+    --
+    -- -   /CUSTOM/: Perform a custom step with an Lambda function target.
+    --
+    -- -   /DELETE/: Delete the file.
+    --
+    -- -   /TAG/: Add a tag to the file.
+    --
+    -- Currently, copying and tagging are supported only on S3.
+    --
+    -- For file location, you specify either the S3 bucket and key, or the EFS
+    -- file system ID and path.
+    steps :: [WorkflowStep]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateWorkflow' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'description', 'createWorkflow_description' - A textual description for the workflow.
+--
+-- 'onExceptionSteps', 'createWorkflow_onExceptionSteps' - Specifies the steps (actions) to take if errors are encountered during
+-- execution of the workflow.
+--
+-- For custom steps, the lambda function needs to send @FAILURE@ to the
+-- call back API to kick off the exception steps. Additionally, if the
+-- lambda does not send @SUCCESS@ before it times out, the exception steps
+-- are executed.
+--
+-- 'tags', 'createWorkflow_tags' - Key-value pairs that can be used to group and search for workflows. Tags
+-- are metadata attached to workflows for any purpose.
+--
+-- 'steps', 'createWorkflow_steps' - Specifies the details for the steps that are in the specified workflow.
+--
+-- The @TYPE@ specifies which of the following actions is being taken for
+-- this step.
+--
+-- -   /COPY/: Copy the file to another location.
+--
+-- -   /CUSTOM/: Perform a custom step with an Lambda function target.
+--
+-- -   /DELETE/: Delete the file.
+--
+-- -   /TAG/: Add a tag to the file.
+--
+-- Currently, copying and tagging are supported only on S3.
+--
+-- For file location, you specify either the S3 bucket and key, or the EFS
+-- file system ID and path.
+newCreateWorkflow ::
+  CreateWorkflow
+newCreateWorkflow =
+  CreateWorkflow'
+    { description = Prelude.Nothing,
+      onExceptionSteps = Prelude.Nothing,
+      tags = Prelude.Nothing,
+      steps = Prelude.mempty
+    }
+
+-- | A textual description for the workflow.
+createWorkflow_description :: Lens.Lens' CreateWorkflow (Prelude.Maybe Prelude.Text)
+createWorkflow_description = Lens.lens (\CreateWorkflow' {description} -> description) (\s@CreateWorkflow' {} a -> s {description = a} :: CreateWorkflow)
+
+-- | Specifies the steps (actions) to take if errors are encountered during
+-- execution of the workflow.
+--
+-- For custom steps, the lambda function needs to send @FAILURE@ to the
+-- call back API to kick off the exception steps. Additionally, if the
+-- lambda does not send @SUCCESS@ before it times out, the exception steps
+-- are executed.
+createWorkflow_onExceptionSteps :: Lens.Lens' CreateWorkflow (Prelude.Maybe [WorkflowStep])
+createWorkflow_onExceptionSteps = Lens.lens (\CreateWorkflow' {onExceptionSteps} -> onExceptionSteps) (\s@CreateWorkflow' {} a -> s {onExceptionSteps = a} :: CreateWorkflow) Prelude.. Lens.mapping Lens.coerced
+
+-- | Key-value pairs that can be used to group and search for workflows. Tags
+-- are metadata attached to workflows for any purpose.
+createWorkflow_tags :: Lens.Lens' CreateWorkflow (Prelude.Maybe (Prelude.NonEmpty Tag))
+createWorkflow_tags = Lens.lens (\CreateWorkflow' {tags} -> tags) (\s@CreateWorkflow' {} a -> s {tags = a} :: CreateWorkflow) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies the details for the steps that are in the specified workflow.
+--
+-- The @TYPE@ specifies which of the following actions is being taken for
+-- this step.
+--
+-- -   /COPY/: Copy the file to another location.
+--
+-- -   /CUSTOM/: Perform a custom step with an Lambda function target.
+--
+-- -   /DELETE/: Delete the file.
+--
+-- -   /TAG/: Add a tag to the file.
+--
+-- Currently, copying and tagging are supported only on S3.
+--
+-- For file location, you specify either the S3 bucket and key, or the EFS
+-- file system ID and path.
+createWorkflow_steps :: Lens.Lens' CreateWorkflow [WorkflowStep]
+createWorkflow_steps = Lens.lens (\CreateWorkflow' {steps} -> steps) (\s@CreateWorkflow' {} a -> s {steps = a} :: CreateWorkflow) Prelude.. Lens.coerced
+
+instance Core.AWSRequest CreateWorkflow where
+  type
+    AWSResponse CreateWorkflow =
+      CreateWorkflowResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateWorkflowResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "WorkflowId")
+      )
+
+instance Prelude.Hashable CreateWorkflow where
+  hashWithSalt _salt CreateWorkflow' {..} =
+    _salt
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` onExceptionSteps
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` steps
+
+instance Prelude.NFData CreateWorkflow where
+  rnf CreateWorkflow' {..} =
+    Prelude.rnf description
+      `Prelude.seq` Prelude.rnf onExceptionSteps
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf steps
+
+instance Data.ToHeaders CreateWorkflow where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.CreateWorkflow" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON CreateWorkflow where
+  toJSON CreateWorkflow' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("Description" Data..=) Prelude.<$> description,
+            ("OnExceptionSteps" Data..=)
+              Prelude.<$> onExceptionSteps,
+            ("Tags" Data..=) Prelude.<$> tags,
+            Prelude.Just ("Steps" Data..= steps)
+          ]
+      )
+
+instance Data.ToPath CreateWorkflow where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery CreateWorkflow where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateWorkflowResponse' smart constructor.
+data CreateWorkflowResponse = CreateWorkflowResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | A unique identifier for the workflow.
+    workflowId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateWorkflowResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'createWorkflowResponse_httpStatus' - The response's http status code.
+--
+-- 'workflowId', 'createWorkflowResponse_workflowId' - A unique identifier for the workflow.
+newCreateWorkflowResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'workflowId'
+  Prelude.Text ->
+  CreateWorkflowResponse
+newCreateWorkflowResponse pHttpStatus_ pWorkflowId_ =
+  CreateWorkflowResponse'
+    { httpStatus = pHttpStatus_,
+      workflowId = pWorkflowId_
+    }
+
+-- | The response's http status code.
+createWorkflowResponse_httpStatus :: Lens.Lens' CreateWorkflowResponse Prelude.Int
+createWorkflowResponse_httpStatus = Lens.lens (\CreateWorkflowResponse' {httpStatus} -> httpStatus) (\s@CreateWorkflowResponse' {} a -> s {httpStatus = a} :: CreateWorkflowResponse)
+
+-- | A unique identifier for the workflow.
+createWorkflowResponse_workflowId :: Lens.Lens' CreateWorkflowResponse Prelude.Text
+createWorkflowResponse_workflowId = Lens.lens (\CreateWorkflowResponse' {workflowId} -> workflowId) (\s@CreateWorkflowResponse' {} a -> s {workflowId = a} :: CreateWorkflowResponse)
+
+instance Prelude.NFData CreateWorkflowResponse where
+  rnf CreateWorkflowResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf workflowId
diff --git a/gen/Amazonka/Transfer/DeleteAccess.hs b/gen/Amazonka/Transfer/DeleteAccess.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/DeleteAccess.hs
@@ -0,0 +1,195 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.DeleteAccess
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Allows you to delete the access specified in the @ServerID@ and
+-- @ExternalID@ parameters.
+module Amazonka.Transfer.DeleteAccess
+  ( -- * Creating a Request
+    DeleteAccess (..),
+    newDeleteAccess,
+
+    -- * Request Lenses
+    deleteAccess_serverId,
+    deleteAccess_externalId,
+
+    -- * Destructuring the Response
+    DeleteAccessResponse (..),
+    newDeleteAccessResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newDeleteAccess' smart constructor.
+data DeleteAccess = DeleteAccess'
+  { -- | A system-assigned unique identifier for a server that has this user
+    -- assigned.
+    serverId :: Prelude.Text,
+    -- | A unique identifier that is required to identify specific groups within
+    -- your directory. The users of the group that you associate have access to
+    -- your Amazon S3 or Amazon EFS resources over the enabled protocols using
+    -- Transfer Family. If you know the group name, you can view the SID values
+    -- by running the following command using Windows PowerShell.
+    --
+    -- @Get-ADGroup -Filter {samAccountName -like \"@/@YourGroupName@/@*\"} -Properties * | Select SamAccountName,ObjectSid@
+    --
+    -- In that command, replace /YourGroupName/ with the name of your Active
+    -- Directory group.
+    --
+    -- The regular expression used to validate this parameter is a string of
+    -- characters consisting of uppercase and lowercase alphanumeric characters
+    -- with no spaces. You can also include underscores or any of the following
+    -- characters: =,.\@:\/-
+    externalId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteAccess' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'serverId', 'deleteAccess_serverId' - A system-assigned unique identifier for a server that has this user
+-- assigned.
+--
+-- 'externalId', 'deleteAccess_externalId' - A unique identifier that is required to identify specific groups within
+-- your directory. The users of the group that you associate have access to
+-- your Amazon S3 or Amazon EFS resources over the enabled protocols using
+-- Transfer Family. If you know the group name, you can view the SID values
+-- by running the following command using Windows PowerShell.
+--
+-- @Get-ADGroup -Filter {samAccountName -like \"@/@YourGroupName@/@*\"} -Properties * | Select SamAccountName,ObjectSid@
+--
+-- In that command, replace /YourGroupName/ with the name of your Active
+-- Directory group.
+--
+-- The regular expression used to validate this parameter is a string of
+-- characters consisting of uppercase and lowercase alphanumeric characters
+-- with no spaces. You can also include underscores or any of the following
+-- characters: =,.\@:\/-
+newDeleteAccess ::
+  -- | 'serverId'
+  Prelude.Text ->
+  -- | 'externalId'
+  Prelude.Text ->
+  DeleteAccess
+newDeleteAccess pServerId_ pExternalId_ =
+  DeleteAccess'
+    { serverId = pServerId_,
+      externalId = pExternalId_
+    }
+
+-- | A system-assigned unique identifier for a server that has this user
+-- assigned.
+deleteAccess_serverId :: Lens.Lens' DeleteAccess Prelude.Text
+deleteAccess_serverId = Lens.lens (\DeleteAccess' {serverId} -> serverId) (\s@DeleteAccess' {} a -> s {serverId = a} :: DeleteAccess)
+
+-- | A unique identifier that is required to identify specific groups within
+-- your directory. The users of the group that you associate have access to
+-- your Amazon S3 or Amazon EFS resources over the enabled protocols using
+-- Transfer Family. If you know the group name, you can view the SID values
+-- by running the following command using Windows PowerShell.
+--
+-- @Get-ADGroup -Filter {samAccountName -like \"@/@YourGroupName@/@*\"} -Properties * | Select SamAccountName,ObjectSid@
+--
+-- In that command, replace /YourGroupName/ with the name of your Active
+-- Directory group.
+--
+-- The regular expression used to validate this parameter is a string of
+-- characters consisting of uppercase and lowercase alphanumeric characters
+-- with no spaces. You can also include underscores or any of the following
+-- characters: =,.\@:\/-
+deleteAccess_externalId :: Lens.Lens' DeleteAccess Prelude.Text
+deleteAccess_externalId = Lens.lens (\DeleteAccess' {externalId} -> externalId) (\s@DeleteAccess' {} a -> s {externalId = a} :: DeleteAccess)
+
+instance Core.AWSRequest DeleteAccess where
+  type AWSResponse DeleteAccess = DeleteAccessResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response = Response.receiveNull DeleteAccessResponse'
+
+instance Prelude.Hashable DeleteAccess where
+  hashWithSalt _salt DeleteAccess' {..} =
+    _salt
+      `Prelude.hashWithSalt` serverId
+      `Prelude.hashWithSalt` externalId
+
+instance Prelude.NFData DeleteAccess where
+  rnf DeleteAccess' {..} =
+    Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf externalId
+
+instance Data.ToHeaders DeleteAccess where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.DeleteAccess" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON DeleteAccess where
+  toJSON DeleteAccess' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("ServerId" Data..= serverId),
+            Prelude.Just ("ExternalId" Data..= externalId)
+          ]
+      )
+
+instance Data.ToPath DeleteAccess where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery DeleteAccess where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteAccessResponse' smart constructor.
+data DeleteAccessResponse = DeleteAccessResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteAccessResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newDeleteAccessResponse ::
+  DeleteAccessResponse
+newDeleteAccessResponse = DeleteAccessResponse'
+
+instance Prelude.NFData DeleteAccessResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/Transfer/DeleteAgreement.hs b/gen/Amazonka/Transfer/DeleteAgreement.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/DeleteAgreement.hs
@@ -0,0 +1,158 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.DeleteAgreement
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Delete the agreement that\'s specified in the provided @AgreementId@.
+module Amazonka.Transfer.DeleteAgreement
+  ( -- * Creating a Request
+    DeleteAgreement (..),
+    newDeleteAgreement,
+
+    -- * Request Lenses
+    deleteAgreement_agreementId,
+    deleteAgreement_serverId,
+
+    -- * Destructuring the Response
+    DeleteAgreementResponse (..),
+    newDeleteAgreementResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newDeleteAgreement' smart constructor.
+data DeleteAgreement = DeleteAgreement'
+  { -- | A unique identifier for the agreement. This identifier is returned when
+    -- you create an agreement.
+    agreementId :: Prelude.Text,
+    -- | The server identifier associated with the agreement that you are
+    -- deleting.
+    serverId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteAgreement' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'agreementId', 'deleteAgreement_agreementId' - A unique identifier for the agreement. This identifier is returned when
+-- you create an agreement.
+--
+-- 'serverId', 'deleteAgreement_serverId' - The server identifier associated with the agreement that you are
+-- deleting.
+newDeleteAgreement ::
+  -- | 'agreementId'
+  Prelude.Text ->
+  -- | 'serverId'
+  Prelude.Text ->
+  DeleteAgreement
+newDeleteAgreement pAgreementId_ pServerId_ =
+  DeleteAgreement'
+    { agreementId = pAgreementId_,
+      serverId = pServerId_
+    }
+
+-- | A unique identifier for the agreement. This identifier is returned when
+-- you create an agreement.
+deleteAgreement_agreementId :: Lens.Lens' DeleteAgreement Prelude.Text
+deleteAgreement_agreementId = Lens.lens (\DeleteAgreement' {agreementId} -> agreementId) (\s@DeleteAgreement' {} a -> s {agreementId = a} :: DeleteAgreement)
+
+-- | The server identifier associated with the agreement that you are
+-- deleting.
+deleteAgreement_serverId :: Lens.Lens' DeleteAgreement Prelude.Text
+deleteAgreement_serverId = Lens.lens (\DeleteAgreement' {serverId} -> serverId) (\s@DeleteAgreement' {} a -> s {serverId = a} :: DeleteAgreement)
+
+instance Core.AWSRequest DeleteAgreement where
+  type
+    AWSResponse DeleteAgreement =
+      DeleteAgreementResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveNull DeleteAgreementResponse'
+
+instance Prelude.Hashable DeleteAgreement where
+  hashWithSalt _salt DeleteAgreement' {..} =
+    _salt
+      `Prelude.hashWithSalt` agreementId
+      `Prelude.hashWithSalt` serverId
+
+instance Prelude.NFData DeleteAgreement where
+  rnf DeleteAgreement' {..} =
+    Prelude.rnf agreementId
+      `Prelude.seq` Prelude.rnf serverId
+
+instance Data.ToHeaders DeleteAgreement where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.DeleteAgreement" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON DeleteAgreement where
+  toJSON DeleteAgreement' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("AgreementId" Data..= agreementId),
+            Prelude.Just ("ServerId" Data..= serverId)
+          ]
+      )
+
+instance Data.ToPath DeleteAgreement where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery DeleteAgreement where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteAgreementResponse' smart constructor.
+data DeleteAgreementResponse = DeleteAgreementResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteAgreementResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newDeleteAgreementResponse ::
+  DeleteAgreementResponse
+newDeleteAgreementResponse = DeleteAgreementResponse'
+
+instance Prelude.NFData DeleteAgreementResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/Transfer/DeleteCertificate.hs b/gen/Amazonka/Transfer/DeleteCertificate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/DeleteCertificate.hs
@@ -0,0 +1,137 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.DeleteCertificate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes the certificate that\'s specified in the @CertificateId@
+-- parameter.
+module Amazonka.Transfer.DeleteCertificate
+  ( -- * Creating a Request
+    DeleteCertificate (..),
+    newDeleteCertificate,
+
+    -- * Request Lenses
+    deleteCertificate_certificateId,
+
+    -- * Destructuring the Response
+    DeleteCertificateResponse (..),
+    newDeleteCertificateResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newDeleteCertificate' smart constructor.
+data DeleteCertificate = DeleteCertificate'
+  { -- | The identifier of the certificate object that you are deleting.
+    certificateId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteCertificate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificateId', 'deleteCertificate_certificateId' - The identifier of the certificate object that you are deleting.
+newDeleteCertificate ::
+  -- | 'certificateId'
+  Prelude.Text ->
+  DeleteCertificate
+newDeleteCertificate pCertificateId_ =
+  DeleteCertificate' {certificateId = pCertificateId_}
+
+-- | The identifier of the certificate object that you are deleting.
+deleteCertificate_certificateId :: Lens.Lens' DeleteCertificate Prelude.Text
+deleteCertificate_certificateId = Lens.lens (\DeleteCertificate' {certificateId} -> certificateId) (\s@DeleteCertificate' {} a -> s {certificateId = a} :: DeleteCertificate)
+
+instance Core.AWSRequest DeleteCertificate where
+  type
+    AWSResponse DeleteCertificate =
+      DeleteCertificateResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveNull DeleteCertificateResponse'
+
+instance Prelude.Hashable DeleteCertificate where
+  hashWithSalt _salt DeleteCertificate' {..} =
+    _salt `Prelude.hashWithSalt` certificateId
+
+instance Prelude.NFData DeleteCertificate where
+  rnf DeleteCertificate' {..} =
+    Prelude.rnf certificateId
+
+instance Data.ToHeaders DeleteCertificate where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.DeleteCertificate" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON DeleteCertificate where
+  toJSON DeleteCertificate' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just
+              ("CertificateId" Data..= certificateId)
+          ]
+      )
+
+instance Data.ToPath DeleteCertificate where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery DeleteCertificate where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteCertificateResponse' smart constructor.
+data DeleteCertificateResponse = DeleteCertificateResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteCertificateResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newDeleteCertificateResponse ::
+  DeleteCertificateResponse
+newDeleteCertificateResponse =
+  DeleteCertificateResponse'
+
+instance Prelude.NFData DeleteCertificateResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/Transfer/DeleteConnector.hs b/gen/Amazonka/Transfer/DeleteConnector.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/DeleteConnector.hs
@@ -0,0 +1,132 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.DeleteConnector
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes the agreement that\'s specified in the provided @ConnectorId@.
+module Amazonka.Transfer.DeleteConnector
+  ( -- * Creating a Request
+    DeleteConnector (..),
+    newDeleteConnector,
+
+    -- * Request Lenses
+    deleteConnector_connectorId,
+
+    -- * Destructuring the Response
+    DeleteConnectorResponse (..),
+    newDeleteConnectorResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newDeleteConnector' smart constructor.
+data DeleteConnector = DeleteConnector'
+  { -- | The unique identifier for the connector.
+    connectorId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteConnector' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'connectorId', 'deleteConnector_connectorId' - The unique identifier for the connector.
+newDeleteConnector ::
+  -- | 'connectorId'
+  Prelude.Text ->
+  DeleteConnector
+newDeleteConnector pConnectorId_ =
+  DeleteConnector' {connectorId = pConnectorId_}
+
+-- | The unique identifier for the connector.
+deleteConnector_connectorId :: Lens.Lens' DeleteConnector Prelude.Text
+deleteConnector_connectorId = Lens.lens (\DeleteConnector' {connectorId} -> connectorId) (\s@DeleteConnector' {} a -> s {connectorId = a} :: DeleteConnector)
+
+instance Core.AWSRequest DeleteConnector where
+  type
+    AWSResponse DeleteConnector =
+      DeleteConnectorResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveNull DeleteConnectorResponse'
+
+instance Prelude.Hashable DeleteConnector where
+  hashWithSalt _salt DeleteConnector' {..} =
+    _salt `Prelude.hashWithSalt` connectorId
+
+instance Prelude.NFData DeleteConnector where
+  rnf DeleteConnector' {..} = Prelude.rnf connectorId
+
+instance Data.ToHeaders DeleteConnector where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.DeleteConnector" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON DeleteConnector where
+  toJSON DeleteConnector' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [Prelude.Just ("ConnectorId" Data..= connectorId)]
+      )
+
+instance Data.ToPath DeleteConnector where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery DeleteConnector where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteConnectorResponse' smart constructor.
+data DeleteConnectorResponse = DeleteConnectorResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteConnectorResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newDeleteConnectorResponse ::
+  DeleteConnectorResponse
+newDeleteConnectorResponse = DeleteConnectorResponse'
+
+instance Prelude.NFData DeleteConnectorResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/Transfer/DeleteHostKey.hs b/gen/Amazonka/Transfer/DeleteHostKey.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/DeleteHostKey.hs
@@ -0,0 +1,155 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.DeleteHostKey
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes the host key that\'s specified in the @HoskKeyId@ parameter.
+module Amazonka.Transfer.DeleteHostKey
+  ( -- * Creating a Request
+    DeleteHostKey (..),
+    newDeleteHostKey,
+
+    -- * Request Lenses
+    deleteHostKey_serverId,
+    deleteHostKey_hostKeyId,
+
+    -- * Destructuring the Response
+    DeleteHostKeyResponse (..),
+    newDeleteHostKeyResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newDeleteHostKey' smart constructor.
+data DeleteHostKey = DeleteHostKey'
+  { -- | The identifier of the server that contains the host key that you are
+    -- deleting.
+    serverId :: Prelude.Text,
+    -- | The identifier of the host key that you are deleting.
+    hostKeyId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteHostKey' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'serverId', 'deleteHostKey_serverId' - The identifier of the server that contains the host key that you are
+-- deleting.
+--
+-- 'hostKeyId', 'deleteHostKey_hostKeyId' - The identifier of the host key that you are deleting.
+newDeleteHostKey ::
+  -- | 'serverId'
+  Prelude.Text ->
+  -- | 'hostKeyId'
+  Prelude.Text ->
+  DeleteHostKey
+newDeleteHostKey pServerId_ pHostKeyId_ =
+  DeleteHostKey'
+    { serverId = pServerId_,
+      hostKeyId = pHostKeyId_
+    }
+
+-- | The identifier of the server that contains the host key that you are
+-- deleting.
+deleteHostKey_serverId :: Lens.Lens' DeleteHostKey Prelude.Text
+deleteHostKey_serverId = Lens.lens (\DeleteHostKey' {serverId} -> serverId) (\s@DeleteHostKey' {} a -> s {serverId = a} :: DeleteHostKey)
+
+-- | The identifier of the host key that you are deleting.
+deleteHostKey_hostKeyId :: Lens.Lens' DeleteHostKey Prelude.Text
+deleteHostKey_hostKeyId = Lens.lens (\DeleteHostKey' {hostKeyId} -> hostKeyId) (\s@DeleteHostKey' {} a -> s {hostKeyId = a} :: DeleteHostKey)
+
+instance Core.AWSRequest DeleteHostKey where
+  type
+    AWSResponse DeleteHostKey =
+      DeleteHostKeyResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveNull DeleteHostKeyResponse'
+
+instance Prelude.Hashable DeleteHostKey where
+  hashWithSalt _salt DeleteHostKey' {..} =
+    _salt
+      `Prelude.hashWithSalt` serverId
+      `Prelude.hashWithSalt` hostKeyId
+
+instance Prelude.NFData DeleteHostKey where
+  rnf DeleteHostKey' {..} =
+    Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf hostKeyId
+
+instance Data.ToHeaders DeleteHostKey where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.DeleteHostKey" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON DeleteHostKey where
+  toJSON DeleteHostKey' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("ServerId" Data..= serverId),
+            Prelude.Just ("HostKeyId" Data..= hostKeyId)
+          ]
+      )
+
+instance Data.ToPath DeleteHostKey where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery DeleteHostKey where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteHostKeyResponse' smart constructor.
+data DeleteHostKeyResponse = DeleteHostKeyResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteHostKeyResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newDeleteHostKeyResponse ::
+  DeleteHostKeyResponse
+newDeleteHostKeyResponse = DeleteHostKeyResponse'
+
+instance Prelude.NFData DeleteHostKeyResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/Transfer/DeleteProfile.hs b/gen/Amazonka/Transfer/DeleteProfile.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/DeleteProfile.hs
@@ -0,0 +1,132 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.DeleteProfile
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes the profile that\'s specified in the @ProfileId@ parameter.
+module Amazonka.Transfer.DeleteProfile
+  ( -- * Creating a Request
+    DeleteProfile (..),
+    newDeleteProfile,
+
+    -- * Request Lenses
+    deleteProfile_profileId,
+
+    -- * Destructuring the Response
+    DeleteProfileResponse (..),
+    newDeleteProfileResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newDeleteProfile' smart constructor.
+data DeleteProfile = DeleteProfile'
+  { -- | The identifier of the profile that you are deleting.
+    profileId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteProfile' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'profileId', 'deleteProfile_profileId' - The identifier of the profile that you are deleting.
+newDeleteProfile ::
+  -- | 'profileId'
+  Prelude.Text ->
+  DeleteProfile
+newDeleteProfile pProfileId_ =
+  DeleteProfile' {profileId = pProfileId_}
+
+-- | The identifier of the profile that you are deleting.
+deleteProfile_profileId :: Lens.Lens' DeleteProfile Prelude.Text
+deleteProfile_profileId = Lens.lens (\DeleteProfile' {profileId} -> profileId) (\s@DeleteProfile' {} a -> s {profileId = a} :: DeleteProfile)
+
+instance Core.AWSRequest DeleteProfile where
+  type
+    AWSResponse DeleteProfile =
+      DeleteProfileResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveNull DeleteProfileResponse'
+
+instance Prelude.Hashable DeleteProfile where
+  hashWithSalt _salt DeleteProfile' {..} =
+    _salt `Prelude.hashWithSalt` profileId
+
+instance Prelude.NFData DeleteProfile where
+  rnf DeleteProfile' {..} = Prelude.rnf profileId
+
+instance Data.ToHeaders DeleteProfile where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.DeleteProfile" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON DeleteProfile where
+  toJSON DeleteProfile' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [Prelude.Just ("ProfileId" Data..= profileId)]
+      )
+
+instance Data.ToPath DeleteProfile where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery DeleteProfile where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteProfileResponse' smart constructor.
+data DeleteProfileResponse = DeleteProfileResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteProfileResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newDeleteProfileResponse ::
+  DeleteProfileResponse
+newDeleteProfileResponse = DeleteProfileResponse'
+
+instance Prelude.NFData DeleteProfileResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/Transfer/DeleteServer.hs b/gen/Amazonka/Transfer/DeleteServer.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/DeleteServer.hs
@@ -0,0 +1,131 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.DeleteServer
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes the file transfer protocol-enabled server that you specify.
+--
+-- No response returns from this operation.
+module Amazonka.Transfer.DeleteServer
+  ( -- * Creating a Request
+    DeleteServer (..),
+    newDeleteServer,
+
+    -- * Request Lenses
+    deleteServer_serverId,
+
+    -- * Destructuring the Response
+    DeleteServerResponse (..),
+    newDeleteServerResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newDeleteServer' smart constructor.
+data DeleteServer = DeleteServer'
+  { -- | A unique system-assigned identifier for a server instance.
+    serverId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteServer' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'serverId', 'deleteServer_serverId' - A unique system-assigned identifier for a server instance.
+newDeleteServer ::
+  -- | 'serverId'
+  Prelude.Text ->
+  DeleteServer
+newDeleteServer pServerId_ =
+  DeleteServer' {serverId = pServerId_}
+
+-- | A unique system-assigned identifier for a server instance.
+deleteServer_serverId :: Lens.Lens' DeleteServer Prelude.Text
+deleteServer_serverId = Lens.lens (\DeleteServer' {serverId} -> serverId) (\s@DeleteServer' {} a -> s {serverId = a} :: DeleteServer)
+
+instance Core.AWSRequest DeleteServer where
+  type AWSResponse DeleteServer = DeleteServerResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response = Response.receiveNull DeleteServerResponse'
+
+instance Prelude.Hashable DeleteServer where
+  hashWithSalt _salt DeleteServer' {..} =
+    _salt `Prelude.hashWithSalt` serverId
+
+instance Prelude.NFData DeleteServer where
+  rnf DeleteServer' {..} = Prelude.rnf serverId
+
+instance Data.ToHeaders DeleteServer where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.DeleteServer" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON DeleteServer where
+  toJSON DeleteServer' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [Prelude.Just ("ServerId" Data..= serverId)]
+      )
+
+instance Data.ToPath DeleteServer where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery DeleteServer where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteServerResponse' smart constructor.
+data DeleteServerResponse = DeleteServerResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteServerResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newDeleteServerResponse ::
+  DeleteServerResponse
+newDeleteServerResponse = DeleteServerResponse'
+
+instance Prelude.NFData DeleteServerResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/Transfer/DeleteSshPublicKey.hs b/gen/Amazonka/Transfer/DeleteSshPublicKey.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/DeleteSshPublicKey.hs
@@ -0,0 +1,178 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.DeleteSshPublicKey
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes a user\'s Secure Shell (SSH) public key.
+module Amazonka.Transfer.DeleteSshPublicKey
+  ( -- * Creating a Request
+    DeleteSshPublicKey (..),
+    newDeleteSshPublicKey,
+
+    -- * Request Lenses
+    deleteSshPublicKey_serverId,
+    deleteSshPublicKey_sshPublicKeyId,
+    deleteSshPublicKey_userName,
+
+    -- * Destructuring the Response
+    DeleteSshPublicKeyResponse (..),
+    newDeleteSshPublicKeyResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newDeleteSshPublicKey' smart constructor.
+data DeleteSshPublicKey = DeleteSshPublicKey'
+  { -- | A system-assigned unique identifier for a file transfer protocol-enabled
+    -- server instance that has the user assigned to it.
+    serverId :: Prelude.Text,
+    -- | A unique identifier used to reference your user\'s specific SSH key.
+    sshPublicKeyId :: Prelude.Text,
+    -- | A unique string that identifies a user whose public key is being
+    -- deleted.
+    userName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteSshPublicKey' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'serverId', 'deleteSshPublicKey_serverId' - A system-assigned unique identifier for a file transfer protocol-enabled
+-- server instance that has the user assigned to it.
+--
+-- 'sshPublicKeyId', 'deleteSshPublicKey_sshPublicKeyId' - A unique identifier used to reference your user\'s specific SSH key.
+--
+-- 'userName', 'deleteSshPublicKey_userName' - A unique string that identifies a user whose public key is being
+-- deleted.
+newDeleteSshPublicKey ::
+  -- | 'serverId'
+  Prelude.Text ->
+  -- | 'sshPublicKeyId'
+  Prelude.Text ->
+  -- | 'userName'
+  Prelude.Text ->
+  DeleteSshPublicKey
+newDeleteSshPublicKey
+  pServerId_
+  pSshPublicKeyId_
+  pUserName_ =
+    DeleteSshPublicKey'
+      { serverId = pServerId_,
+        sshPublicKeyId = pSshPublicKeyId_,
+        userName = pUserName_
+      }
+
+-- | A system-assigned unique identifier for a file transfer protocol-enabled
+-- server instance that has the user assigned to it.
+deleteSshPublicKey_serverId :: Lens.Lens' DeleteSshPublicKey Prelude.Text
+deleteSshPublicKey_serverId = Lens.lens (\DeleteSshPublicKey' {serverId} -> serverId) (\s@DeleteSshPublicKey' {} a -> s {serverId = a} :: DeleteSshPublicKey)
+
+-- | A unique identifier used to reference your user\'s specific SSH key.
+deleteSshPublicKey_sshPublicKeyId :: Lens.Lens' DeleteSshPublicKey Prelude.Text
+deleteSshPublicKey_sshPublicKeyId = Lens.lens (\DeleteSshPublicKey' {sshPublicKeyId} -> sshPublicKeyId) (\s@DeleteSshPublicKey' {} a -> s {sshPublicKeyId = a} :: DeleteSshPublicKey)
+
+-- | A unique string that identifies a user whose public key is being
+-- deleted.
+deleteSshPublicKey_userName :: Lens.Lens' DeleteSshPublicKey Prelude.Text
+deleteSshPublicKey_userName = Lens.lens (\DeleteSshPublicKey' {userName} -> userName) (\s@DeleteSshPublicKey' {} a -> s {userName = a} :: DeleteSshPublicKey)
+
+instance Core.AWSRequest DeleteSshPublicKey where
+  type
+    AWSResponse DeleteSshPublicKey =
+      DeleteSshPublicKeyResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveNull DeleteSshPublicKeyResponse'
+
+instance Prelude.Hashable DeleteSshPublicKey where
+  hashWithSalt _salt DeleteSshPublicKey' {..} =
+    _salt
+      `Prelude.hashWithSalt` serverId
+      `Prelude.hashWithSalt` sshPublicKeyId
+      `Prelude.hashWithSalt` userName
+
+instance Prelude.NFData DeleteSshPublicKey where
+  rnf DeleteSshPublicKey' {..} =
+    Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf sshPublicKeyId
+      `Prelude.seq` Prelude.rnf userName
+
+instance Data.ToHeaders DeleteSshPublicKey where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.DeleteSshPublicKey" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON DeleteSshPublicKey where
+  toJSON DeleteSshPublicKey' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("ServerId" Data..= serverId),
+            Prelude.Just
+              ("SshPublicKeyId" Data..= sshPublicKeyId),
+            Prelude.Just ("UserName" Data..= userName)
+          ]
+      )
+
+instance Data.ToPath DeleteSshPublicKey where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery DeleteSshPublicKey where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteSshPublicKeyResponse' smart constructor.
+data DeleteSshPublicKeyResponse = DeleteSshPublicKeyResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteSshPublicKeyResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newDeleteSshPublicKeyResponse ::
+  DeleteSshPublicKeyResponse
+newDeleteSshPublicKeyResponse =
+  DeleteSshPublicKeyResponse'
+
+instance Prelude.NFData DeleteSshPublicKeyResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/Transfer/DeleteUser.hs b/gen/Amazonka/Transfer/DeleteUser.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/DeleteUser.hs
@@ -0,0 +1,158 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.DeleteUser
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes the user belonging to a file transfer protocol-enabled server
+-- you specify.
+--
+-- No response returns from this operation.
+--
+-- When you delete a user from a server, the user\'s information is lost.
+module Amazonka.Transfer.DeleteUser
+  ( -- * Creating a Request
+    DeleteUser (..),
+    newDeleteUser,
+
+    -- * Request Lenses
+    deleteUser_serverId,
+    deleteUser_userName,
+
+    -- * Destructuring the Response
+    DeleteUserResponse (..),
+    newDeleteUserResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newDeleteUser' smart constructor.
+data DeleteUser = DeleteUser'
+  { -- | A system-assigned unique identifier for a server instance that has the
+    -- user assigned to it.
+    serverId :: Prelude.Text,
+    -- | A unique string that identifies a user that is being deleted from a
+    -- server.
+    userName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteUser' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'serverId', 'deleteUser_serverId' - A system-assigned unique identifier for a server instance that has the
+-- user assigned to it.
+--
+-- 'userName', 'deleteUser_userName' - A unique string that identifies a user that is being deleted from a
+-- server.
+newDeleteUser ::
+  -- | 'serverId'
+  Prelude.Text ->
+  -- | 'userName'
+  Prelude.Text ->
+  DeleteUser
+newDeleteUser pServerId_ pUserName_ =
+  DeleteUser'
+    { serverId = pServerId_,
+      userName = pUserName_
+    }
+
+-- | A system-assigned unique identifier for a server instance that has the
+-- user assigned to it.
+deleteUser_serverId :: Lens.Lens' DeleteUser Prelude.Text
+deleteUser_serverId = Lens.lens (\DeleteUser' {serverId} -> serverId) (\s@DeleteUser' {} a -> s {serverId = a} :: DeleteUser)
+
+-- | A unique string that identifies a user that is being deleted from a
+-- server.
+deleteUser_userName :: Lens.Lens' DeleteUser Prelude.Text
+deleteUser_userName = Lens.lens (\DeleteUser' {userName} -> userName) (\s@DeleteUser' {} a -> s {userName = a} :: DeleteUser)
+
+instance Core.AWSRequest DeleteUser where
+  type AWSResponse DeleteUser = DeleteUserResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response = Response.receiveNull DeleteUserResponse'
+
+instance Prelude.Hashable DeleteUser where
+  hashWithSalt _salt DeleteUser' {..} =
+    _salt
+      `Prelude.hashWithSalt` serverId
+      `Prelude.hashWithSalt` userName
+
+instance Prelude.NFData DeleteUser where
+  rnf DeleteUser' {..} =
+    Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf userName
+
+instance Data.ToHeaders DeleteUser where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ("TransferService.DeleteUser" :: Prelude.ByteString),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON DeleteUser where
+  toJSON DeleteUser' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("ServerId" Data..= serverId),
+            Prelude.Just ("UserName" Data..= userName)
+          ]
+      )
+
+instance Data.ToPath DeleteUser where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery DeleteUser where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteUserResponse' smart constructor.
+data DeleteUserResponse = DeleteUserResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteUserResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newDeleteUserResponse ::
+  DeleteUserResponse
+newDeleteUserResponse = DeleteUserResponse'
+
+instance Prelude.NFData DeleteUserResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/Transfer/DeleteWorkflow.hs b/gen/Amazonka/Transfer/DeleteWorkflow.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/DeleteWorkflow.hs
@@ -0,0 +1,132 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.DeleteWorkflow
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes the specified workflow.
+module Amazonka.Transfer.DeleteWorkflow
+  ( -- * Creating a Request
+    DeleteWorkflow (..),
+    newDeleteWorkflow,
+
+    -- * Request Lenses
+    deleteWorkflow_workflowId,
+
+    -- * Destructuring the Response
+    DeleteWorkflowResponse (..),
+    newDeleteWorkflowResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newDeleteWorkflow' smart constructor.
+data DeleteWorkflow = DeleteWorkflow'
+  { -- | A unique identifier for the workflow.
+    workflowId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteWorkflow' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'workflowId', 'deleteWorkflow_workflowId' - A unique identifier for the workflow.
+newDeleteWorkflow ::
+  -- | 'workflowId'
+  Prelude.Text ->
+  DeleteWorkflow
+newDeleteWorkflow pWorkflowId_ =
+  DeleteWorkflow' {workflowId = pWorkflowId_}
+
+-- | A unique identifier for the workflow.
+deleteWorkflow_workflowId :: Lens.Lens' DeleteWorkflow Prelude.Text
+deleteWorkflow_workflowId = Lens.lens (\DeleteWorkflow' {workflowId} -> workflowId) (\s@DeleteWorkflow' {} a -> s {workflowId = a} :: DeleteWorkflow)
+
+instance Core.AWSRequest DeleteWorkflow where
+  type
+    AWSResponse DeleteWorkflow =
+      DeleteWorkflowResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveNull DeleteWorkflowResponse'
+
+instance Prelude.Hashable DeleteWorkflow where
+  hashWithSalt _salt DeleteWorkflow' {..} =
+    _salt `Prelude.hashWithSalt` workflowId
+
+instance Prelude.NFData DeleteWorkflow where
+  rnf DeleteWorkflow' {..} = Prelude.rnf workflowId
+
+instance Data.ToHeaders DeleteWorkflow where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.DeleteWorkflow" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON DeleteWorkflow where
+  toJSON DeleteWorkflow' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [Prelude.Just ("WorkflowId" Data..= workflowId)]
+      )
+
+instance Data.ToPath DeleteWorkflow where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery DeleteWorkflow where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteWorkflowResponse' smart constructor.
+data DeleteWorkflowResponse = DeleteWorkflowResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteWorkflowResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newDeleteWorkflowResponse ::
+  DeleteWorkflowResponse
+newDeleteWorkflowResponse = DeleteWorkflowResponse'
+
+instance Prelude.NFData DeleteWorkflowResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/Transfer/DescribeAccess.hs b/gen/Amazonka/Transfer/DescribeAccess.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/DescribeAccess.hs
@@ -0,0 +1,259 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.DescribeAccess
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Describes the access that is assigned to the specific file transfer
+-- protocol-enabled server, as identified by its @ServerId@ property and
+-- its @ExternalId@.
+--
+-- The response from this call returns the properties of the access that is
+-- associated with the @ServerId@ value that was specified.
+module Amazonka.Transfer.DescribeAccess
+  ( -- * Creating a Request
+    DescribeAccess (..),
+    newDescribeAccess,
+
+    -- * Request Lenses
+    describeAccess_serverId,
+    describeAccess_externalId,
+
+    -- * Destructuring the Response
+    DescribeAccessResponse (..),
+    newDescribeAccessResponse,
+
+    -- * Response Lenses
+    describeAccessResponse_httpStatus,
+    describeAccessResponse_serverId,
+    describeAccessResponse_access,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newDescribeAccess' smart constructor.
+data DescribeAccess = DescribeAccess'
+  { -- | A system-assigned unique identifier for a server that has this access
+    -- assigned.
+    serverId :: Prelude.Text,
+    -- | A unique identifier that is required to identify specific groups within
+    -- your directory. The users of the group that you associate have access to
+    -- your Amazon S3 or Amazon EFS resources over the enabled protocols using
+    -- Transfer Family. If you know the group name, you can view the SID values
+    -- by running the following command using Windows PowerShell.
+    --
+    -- @Get-ADGroup -Filter {samAccountName -like \"@/@YourGroupName@/@*\"} -Properties * | Select SamAccountName,ObjectSid@
+    --
+    -- In that command, replace /YourGroupName/ with the name of your Active
+    -- Directory group.
+    --
+    -- The regular expression used to validate this parameter is a string of
+    -- characters consisting of uppercase and lowercase alphanumeric characters
+    -- with no spaces. You can also include underscores or any of the following
+    -- characters: =,.\@:\/-
+    externalId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeAccess' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'serverId', 'describeAccess_serverId' - A system-assigned unique identifier for a server that has this access
+-- assigned.
+--
+-- 'externalId', 'describeAccess_externalId' - A unique identifier that is required to identify specific groups within
+-- your directory. The users of the group that you associate have access to
+-- your Amazon S3 or Amazon EFS resources over the enabled protocols using
+-- Transfer Family. If you know the group name, you can view the SID values
+-- by running the following command using Windows PowerShell.
+--
+-- @Get-ADGroup -Filter {samAccountName -like \"@/@YourGroupName@/@*\"} -Properties * | Select SamAccountName,ObjectSid@
+--
+-- In that command, replace /YourGroupName/ with the name of your Active
+-- Directory group.
+--
+-- The regular expression used to validate this parameter is a string of
+-- characters consisting of uppercase and lowercase alphanumeric characters
+-- with no spaces. You can also include underscores or any of the following
+-- characters: =,.\@:\/-
+newDescribeAccess ::
+  -- | 'serverId'
+  Prelude.Text ->
+  -- | 'externalId'
+  Prelude.Text ->
+  DescribeAccess
+newDescribeAccess pServerId_ pExternalId_ =
+  DescribeAccess'
+    { serverId = pServerId_,
+      externalId = pExternalId_
+    }
+
+-- | A system-assigned unique identifier for a server that has this access
+-- assigned.
+describeAccess_serverId :: Lens.Lens' DescribeAccess Prelude.Text
+describeAccess_serverId = Lens.lens (\DescribeAccess' {serverId} -> serverId) (\s@DescribeAccess' {} a -> s {serverId = a} :: DescribeAccess)
+
+-- | A unique identifier that is required to identify specific groups within
+-- your directory. The users of the group that you associate have access to
+-- your Amazon S3 or Amazon EFS resources over the enabled protocols using
+-- Transfer Family. If you know the group name, you can view the SID values
+-- by running the following command using Windows PowerShell.
+--
+-- @Get-ADGroup -Filter {samAccountName -like \"@/@YourGroupName@/@*\"} -Properties * | Select SamAccountName,ObjectSid@
+--
+-- In that command, replace /YourGroupName/ with the name of your Active
+-- Directory group.
+--
+-- The regular expression used to validate this parameter is a string of
+-- characters consisting of uppercase and lowercase alphanumeric characters
+-- with no spaces. You can also include underscores or any of the following
+-- characters: =,.\@:\/-
+describeAccess_externalId :: Lens.Lens' DescribeAccess Prelude.Text
+describeAccess_externalId = Lens.lens (\DescribeAccess' {externalId} -> externalId) (\s@DescribeAccess' {} a -> s {externalId = a} :: DescribeAccess)
+
+instance Core.AWSRequest DescribeAccess where
+  type
+    AWSResponse DescribeAccess =
+      DescribeAccessResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeAccessResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "ServerId")
+            Prelude.<*> (x Data..:> "Access")
+      )
+
+instance Prelude.Hashable DescribeAccess where
+  hashWithSalt _salt DescribeAccess' {..} =
+    _salt
+      `Prelude.hashWithSalt` serverId
+      `Prelude.hashWithSalt` externalId
+
+instance Prelude.NFData DescribeAccess where
+  rnf DescribeAccess' {..} =
+    Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf externalId
+
+instance Data.ToHeaders DescribeAccess where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.DescribeAccess" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON DescribeAccess where
+  toJSON DescribeAccess' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("ServerId" Data..= serverId),
+            Prelude.Just ("ExternalId" Data..= externalId)
+          ]
+      )
+
+instance Data.ToPath DescribeAccess where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery DescribeAccess where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeAccessResponse' smart constructor.
+data DescribeAccessResponse = DescribeAccessResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | A system-assigned unique identifier for a server that has this access
+    -- assigned.
+    serverId :: Prelude.Text,
+    -- | The external identifier of the server that the access is attached to.
+    access :: DescribedAccess
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeAccessResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'describeAccessResponse_httpStatus' - The response's http status code.
+--
+-- 'serverId', 'describeAccessResponse_serverId' - A system-assigned unique identifier for a server that has this access
+-- assigned.
+--
+-- 'access', 'describeAccessResponse_access' - The external identifier of the server that the access is attached to.
+newDescribeAccessResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'serverId'
+  Prelude.Text ->
+  -- | 'access'
+  DescribedAccess ->
+  DescribeAccessResponse
+newDescribeAccessResponse
+  pHttpStatus_
+  pServerId_
+  pAccess_ =
+    DescribeAccessResponse'
+      { httpStatus = pHttpStatus_,
+        serverId = pServerId_,
+        access = pAccess_
+      }
+
+-- | The response's http status code.
+describeAccessResponse_httpStatus :: Lens.Lens' DescribeAccessResponse Prelude.Int
+describeAccessResponse_httpStatus = Lens.lens (\DescribeAccessResponse' {httpStatus} -> httpStatus) (\s@DescribeAccessResponse' {} a -> s {httpStatus = a} :: DescribeAccessResponse)
+
+-- | A system-assigned unique identifier for a server that has this access
+-- assigned.
+describeAccessResponse_serverId :: Lens.Lens' DescribeAccessResponse Prelude.Text
+describeAccessResponse_serverId = Lens.lens (\DescribeAccessResponse' {serverId} -> serverId) (\s@DescribeAccessResponse' {} a -> s {serverId = a} :: DescribeAccessResponse)
+
+-- | The external identifier of the server that the access is attached to.
+describeAccessResponse_access :: Lens.Lens' DescribeAccessResponse DescribedAccess
+describeAccessResponse_access = Lens.lens (\DescribeAccessResponse' {access} -> access) (\s@DescribeAccessResponse' {} a -> s {access = a} :: DescribeAccessResponse)
+
+instance Prelude.NFData DescribeAccessResponse where
+  rnf DescribeAccessResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf access
diff --git a/gen/Amazonka/Transfer/DescribeAgreement.hs b/gen/Amazonka/Transfer/DescribeAgreement.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/DescribeAgreement.hs
@@ -0,0 +1,196 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.DescribeAgreement
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Describes the agreement that\'s identified by the @AgreementId@.
+module Amazonka.Transfer.DescribeAgreement
+  ( -- * Creating a Request
+    DescribeAgreement (..),
+    newDescribeAgreement,
+
+    -- * Request Lenses
+    describeAgreement_agreementId,
+    describeAgreement_serverId,
+
+    -- * Destructuring the Response
+    DescribeAgreementResponse (..),
+    newDescribeAgreementResponse,
+
+    -- * Response Lenses
+    describeAgreementResponse_httpStatus,
+    describeAgreementResponse_agreement,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newDescribeAgreement' smart constructor.
+data DescribeAgreement = DescribeAgreement'
+  { -- | A unique identifier for the agreement. This identifier is returned when
+    -- you create an agreement.
+    agreementId :: Prelude.Text,
+    -- | The server identifier that\'s associated with the agreement.
+    serverId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeAgreement' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'agreementId', 'describeAgreement_agreementId' - A unique identifier for the agreement. This identifier is returned when
+-- you create an agreement.
+--
+-- 'serverId', 'describeAgreement_serverId' - The server identifier that\'s associated with the agreement.
+newDescribeAgreement ::
+  -- | 'agreementId'
+  Prelude.Text ->
+  -- | 'serverId'
+  Prelude.Text ->
+  DescribeAgreement
+newDescribeAgreement pAgreementId_ pServerId_ =
+  DescribeAgreement'
+    { agreementId = pAgreementId_,
+      serverId = pServerId_
+    }
+
+-- | A unique identifier for the agreement. This identifier is returned when
+-- you create an agreement.
+describeAgreement_agreementId :: Lens.Lens' DescribeAgreement Prelude.Text
+describeAgreement_agreementId = Lens.lens (\DescribeAgreement' {agreementId} -> agreementId) (\s@DescribeAgreement' {} a -> s {agreementId = a} :: DescribeAgreement)
+
+-- | The server identifier that\'s associated with the agreement.
+describeAgreement_serverId :: Lens.Lens' DescribeAgreement Prelude.Text
+describeAgreement_serverId = Lens.lens (\DescribeAgreement' {serverId} -> serverId) (\s@DescribeAgreement' {} a -> s {serverId = a} :: DescribeAgreement)
+
+instance Core.AWSRequest DescribeAgreement where
+  type
+    AWSResponse DescribeAgreement =
+      DescribeAgreementResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeAgreementResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "Agreement")
+      )
+
+instance Prelude.Hashable DescribeAgreement where
+  hashWithSalt _salt DescribeAgreement' {..} =
+    _salt
+      `Prelude.hashWithSalt` agreementId
+      `Prelude.hashWithSalt` serverId
+
+instance Prelude.NFData DescribeAgreement where
+  rnf DescribeAgreement' {..} =
+    Prelude.rnf agreementId
+      `Prelude.seq` Prelude.rnf serverId
+
+instance Data.ToHeaders DescribeAgreement where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.DescribeAgreement" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON DescribeAgreement where
+  toJSON DescribeAgreement' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("AgreementId" Data..= agreementId),
+            Prelude.Just ("ServerId" Data..= serverId)
+          ]
+      )
+
+instance Data.ToPath DescribeAgreement where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery DescribeAgreement where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeAgreementResponse' smart constructor.
+data DescribeAgreementResponse = DescribeAgreementResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The details for the specified agreement, returned as a
+    -- @DescribedAgreement@ object.
+    agreement :: DescribedAgreement
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeAgreementResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'describeAgreementResponse_httpStatus' - The response's http status code.
+--
+-- 'agreement', 'describeAgreementResponse_agreement' - The details for the specified agreement, returned as a
+-- @DescribedAgreement@ object.
+newDescribeAgreementResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'agreement'
+  DescribedAgreement ->
+  DescribeAgreementResponse
+newDescribeAgreementResponse pHttpStatus_ pAgreement_ =
+  DescribeAgreementResponse'
+    { httpStatus =
+        pHttpStatus_,
+      agreement = pAgreement_
+    }
+
+-- | The response's http status code.
+describeAgreementResponse_httpStatus :: Lens.Lens' DescribeAgreementResponse Prelude.Int
+describeAgreementResponse_httpStatus = Lens.lens (\DescribeAgreementResponse' {httpStatus} -> httpStatus) (\s@DescribeAgreementResponse' {} a -> s {httpStatus = a} :: DescribeAgreementResponse)
+
+-- | The details for the specified agreement, returned as a
+-- @DescribedAgreement@ object.
+describeAgreementResponse_agreement :: Lens.Lens' DescribeAgreementResponse DescribedAgreement
+describeAgreementResponse_agreement = Lens.lens (\DescribeAgreementResponse' {agreement} -> agreement) (\s@DescribeAgreementResponse' {} a -> s {agreement = a} :: DescribeAgreementResponse)
+
+instance Prelude.NFData DescribeAgreementResponse where
+  rnf DescribeAgreementResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf agreement
diff --git a/gen/Amazonka/Transfer/DescribeCertificate.hs b/gen/Amazonka/Transfer/DescribeCertificate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/DescribeCertificate.hs
@@ -0,0 +1,181 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.DescribeCertificate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Describes the certificate that\'s identified by the @CertificateId@.
+module Amazonka.Transfer.DescribeCertificate
+  ( -- * Creating a Request
+    DescribeCertificate (..),
+    newDescribeCertificate,
+
+    -- * Request Lenses
+    describeCertificate_certificateId,
+
+    -- * Destructuring the Response
+    DescribeCertificateResponse (..),
+    newDescribeCertificateResponse,
+
+    -- * Response Lenses
+    describeCertificateResponse_httpStatus,
+    describeCertificateResponse_certificate,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newDescribeCertificate' smart constructor.
+data DescribeCertificate = DescribeCertificate'
+  { -- | An array of identifiers for the imported certificates. You use this
+    -- identifier for working with profiles and partner profiles.
+    certificateId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeCertificate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificateId', 'describeCertificate_certificateId' - An array of identifiers for the imported certificates. You use this
+-- identifier for working with profiles and partner profiles.
+newDescribeCertificate ::
+  -- | 'certificateId'
+  Prelude.Text ->
+  DescribeCertificate
+newDescribeCertificate pCertificateId_ =
+  DescribeCertificate'
+    { certificateId =
+        pCertificateId_
+    }
+
+-- | An array of identifiers for the imported certificates. You use this
+-- identifier for working with profiles and partner profiles.
+describeCertificate_certificateId :: Lens.Lens' DescribeCertificate Prelude.Text
+describeCertificate_certificateId = Lens.lens (\DescribeCertificate' {certificateId} -> certificateId) (\s@DescribeCertificate' {} a -> s {certificateId = a} :: DescribeCertificate)
+
+instance Core.AWSRequest DescribeCertificate where
+  type
+    AWSResponse DescribeCertificate =
+      DescribeCertificateResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeCertificateResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "Certificate")
+      )
+
+instance Prelude.Hashable DescribeCertificate where
+  hashWithSalt _salt DescribeCertificate' {..} =
+    _salt `Prelude.hashWithSalt` certificateId
+
+instance Prelude.NFData DescribeCertificate where
+  rnf DescribeCertificate' {..} =
+    Prelude.rnf certificateId
+
+instance Data.ToHeaders DescribeCertificate where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.DescribeCertificate" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON DescribeCertificate where
+  toJSON DescribeCertificate' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just
+              ("CertificateId" Data..= certificateId)
+          ]
+      )
+
+instance Data.ToPath DescribeCertificate where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery DescribeCertificate where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeCertificateResponse' smart constructor.
+data DescribeCertificateResponse = DescribeCertificateResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The details for the specified certificate, returned as an object.
+    certificate :: DescribedCertificate
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeCertificateResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'describeCertificateResponse_httpStatus' - The response's http status code.
+--
+-- 'certificate', 'describeCertificateResponse_certificate' - The details for the specified certificate, returned as an object.
+newDescribeCertificateResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'certificate'
+  DescribedCertificate ->
+  DescribeCertificateResponse
+newDescribeCertificateResponse
+  pHttpStatus_
+  pCertificate_ =
+    DescribeCertificateResponse'
+      { httpStatus =
+          pHttpStatus_,
+        certificate = pCertificate_
+      }
+
+-- | The response's http status code.
+describeCertificateResponse_httpStatus :: Lens.Lens' DescribeCertificateResponse Prelude.Int
+describeCertificateResponse_httpStatus = Lens.lens (\DescribeCertificateResponse' {httpStatus} -> httpStatus) (\s@DescribeCertificateResponse' {} a -> s {httpStatus = a} :: DescribeCertificateResponse)
+
+-- | The details for the specified certificate, returned as an object.
+describeCertificateResponse_certificate :: Lens.Lens' DescribeCertificateResponse DescribedCertificate
+describeCertificateResponse_certificate = Lens.lens (\DescribeCertificateResponse' {certificate} -> certificate) (\s@DescribeCertificateResponse' {} a -> s {certificate = a} :: DescribeCertificateResponse)
+
+instance Prelude.NFData DescribeCertificateResponse where
+  rnf DescribeCertificateResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf certificate
diff --git a/gen/Amazonka/Transfer/DescribeConnector.hs b/gen/Amazonka/Transfer/DescribeConnector.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/DescribeConnector.hs
@@ -0,0 +1,170 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.DescribeConnector
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Describes the connector that\'s identified by the @ConnectorId.@
+module Amazonka.Transfer.DescribeConnector
+  ( -- * Creating a Request
+    DescribeConnector (..),
+    newDescribeConnector,
+
+    -- * Request Lenses
+    describeConnector_connectorId,
+
+    -- * Destructuring the Response
+    DescribeConnectorResponse (..),
+    newDescribeConnectorResponse,
+
+    -- * Response Lenses
+    describeConnectorResponse_httpStatus,
+    describeConnectorResponse_connector,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newDescribeConnector' smart constructor.
+data DescribeConnector = DescribeConnector'
+  { -- | The unique identifier for the connector.
+    connectorId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeConnector' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'connectorId', 'describeConnector_connectorId' - The unique identifier for the connector.
+newDescribeConnector ::
+  -- | 'connectorId'
+  Prelude.Text ->
+  DescribeConnector
+newDescribeConnector pConnectorId_ =
+  DescribeConnector' {connectorId = pConnectorId_}
+
+-- | The unique identifier for the connector.
+describeConnector_connectorId :: Lens.Lens' DescribeConnector Prelude.Text
+describeConnector_connectorId = Lens.lens (\DescribeConnector' {connectorId} -> connectorId) (\s@DescribeConnector' {} a -> s {connectorId = a} :: DescribeConnector)
+
+instance Core.AWSRequest DescribeConnector where
+  type
+    AWSResponse DescribeConnector =
+      DescribeConnectorResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeConnectorResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "Connector")
+      )
+
+instance Prelude.Hashable DescribeConnector where
+  hashWithSalt _salt DescribeConnector' {..} =
+    _salt `Prelude.hashWithSalt` connectorId
+
+instance Prelude.NFData DescribeConnector where
+  rnf DescribeConnector' {..} = Prelude.rnf connectorId
+
+instance Data.ToHeaders DescribeConnector where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.DescribeConnector" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON DescribeConnector where
+  toJSON DescribeConnector' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [Prelude.Just ("ConnectorId" Data..= connectorId)]
+      )
+
+instance Data.ToPath DescribeConnector where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery DescribeConnector where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeConnectorResponse' smart constructor.
+data DescribeConnectorResponse = DescribeConnectorResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The structure that contains the details of the connector.
+    connector :: DescribedConnector
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeConnectorResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'describeConnectorResponse_httpStatus' - The response's http status code.
+--
+-- 'connector', 'describeConnectorResponse_connector' - The structure that contains the details of the connector.
+newDescribeConnectorResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'connector'
+  DescribedConnector ->
+  DescribeConnectorResponse
+newDescribeConnectorResponse pHttpStatus_ pConnector_ =
+  DescribeConnectorResponse'
+    { httpStatus =
+        pHttpStatus_,
+      connector = pConnector_
+    }
+
+-- | The response's http status code.
+describeConnectorResponse_httpStatus :: Lens.Lens' DescribeConnectorResponse Prelude.Int
+describeConnectorResponse_httpStatus = Lens.lens (\DescribeConnectorResponse' {httpStatus} -> httpStatus) (\s@DescribeConnectorResponse' {} a -> s {httpStatus = a} :: DescribeConnectorResponse)
+
+-- | The structure that contains the details of the connector.
+describeConnectorResponse_connector :: Lens.Lens' DescribeConnectorResponse DescribedConnector
+describeConnectorResponse_connector = Lens.lens (\DescribeConnectorResponse' {connector} -> connector) (\s@DescribeConnectorResponse' {} a -> s {connector = a} :: DescribeConnectorResponse)
+
+instance Prelude.NFData DescribeConnectorResponse where
+  rnf DescribeConnectorResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf connector
diff --git a/gen/Amazonka/Transfer/DescribeExecution.hs b/gen/Amazonka/Transfer/DescribeExecution.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/DescribeExecution.hs
@@ -0,0 +1,208 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.DescribeExecution
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- You can use @DescribeExecution@ to check the details of the execution of
+-- the specified workflow.
+module Amazonka.Transfer.DescribeExecution
+  ( -- * Creating a Request
+    DescribeExecution (..),
+    newDescribeExecution,
+
+    -- * Request Lenses
+    describeExecution_executionId,
+    describeExecution_workflowId,
+
+    -- * Destructuring the Response
+    DescribeExecutionResponse (..),
+    newDescribeExecutionResponse,
+
+    -- * Response Lenses
+    describeExecutionResponse_httpStatus,
+    describeExecutionResponse_workflowId,
+    describeExecutionResponse_execution,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newDescribeExecution' smart constructor.
+data DescribeExecution = DescribeExecution'
+  { -- | A unique identifier for the execution of a workflow.
+    executionId :: Prelude.Text,
+    -- | A unique identifier for the workflow.
+    workflowId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeExecution' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'executionId', 'describeExecution_executionId' - A unique identifier for the execution of a workflow.
+--
+-- 'workflowId', 'describeExecution_workflowId' - A unique identifier for the workflow.
+newDescribeExecution ::
+  -- | 'executionId'
+  Prelude.Text ->
+  -- | 'workflowId'
+  Prelude.Text ->
+  DescribeExecution
+newDescribeExecution pExecutionId_ pWorkflowId_ =
+  DescribeExecution'
+    { executionId = pExecutionId_,
+      workflowId = pWorkflowId_
+    }
+
+-- | A unique identifier for the execution of a workflow.
+describeExecution_executionId :: Lens.Lens' DescribeExecution Prelude.Text
+describeExecution_executionId = Lens.lens (\DescribeExecution' {executionId} -> executionId) (\s@DescribeExecution' {} a -> s {executionId = a} :: DescribeExecution)
+
+-- | A unique identifier for the workflow.
+describeExecution_workflowId :: Lens.Lens' DescribeExecution Prelude.Text
+describeExecution_workflowId = Lens.lens (\DescribeExecution' {workflowId} -> workflowId) (\s@DescribeExecution' {} a -> s {workflowId = a} :: DescribeExecution)
+
+instance Core.AWSRequest DescribeExecution where
+  type
+    AWSResponse DescribeExecution =
+      DescribeExecutionResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeExecutionResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "WorkflowId")
+            Prelude.<*> (x Data..:> "Execution")
+      )
+
+instance Prelude.Hashable DescribeExecution where
+  hashWithSalt _salt DescribeExecution' {..} =
+    _salt
+      `Prelude.hashWithSalt` executionId
+      `Prelude.hashWithSalt` workflowId
+
+instance Prelude.NFData DescribeExecution where
+  rnf DescribeExecution' {..} =
+    Prelude.rnf executionId
+      `Prelude.seq` Prelude.rnf workflowId
+
+instance Data.ToHeaders DescribeExecution where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.DescribeExecution" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON DescribeExecution where
+  toJSON DescribeExecution' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("ExecutionId" Data..= executionId),
+            Prelude.Just ("WorkflowId" Data..= workflowId)
+          ]
+      )
+
+instance Data.ToPath DescribeExecution where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery DescribeExecution where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeExecutionResponse' smart constructor.
+data DescribeExecutionResponse = DescribeExecutionResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | A unique identifier for the workflow.
+    workflowId :: Prelude.Text,
+    -- | The structure that contains the details of the workflow\' execution.
+    execution :: DescribedExecution
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeExecutionResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'describeExecutionResponse_httpStatus' - The response's http status code.
+--
+-- 'workflowId', 'describeExecutionResponse_workflowId' - A unique identifier for the workflow.
+--
+-- 'execution', 'describeExecutionResponse_execution' - The structure that contains the details of the workflow\' execution.
+newDescribeExecutionResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'workflowId'
+  Prelude.Text ->
+  -- | 'execution'
+  DescribedExecution ->
+  DescribeExecutionResponse
+newDescribeExecutionResponse
+  pHttpStatus_
+  pWorkflowId_
+  pExecution_ =
+    DescribeExecutionResponse'
+      { httpStatus =
+          pHttpStatus_,
+        workflowId = pWorkflowId_,
+        execution = pExecution_
+      }
+
+-- | The response's http status code.
+describeExecutionResponse_httpStatus :: Lens.Lens' DescribeExecutionResponse Prelude.Int
+describeExecutionResponse_httpStatus = Lens.lens (\DescribeExecutionResponse' {httpStatus} -> httpStatus) (\s@DescribeExecutionResponse' {} a -> s {httpStatus = a} :: DescribeExecutionResponse)
+
+-- | A unique identifier for the workflow.
+describeExecutionResponse_workflowId :: Lens.Lens' DescribeExecutionResponse Prelude.Text
+describeExecutionResponse_workflowId = Lens.lens (\DescribeExecutionResponse' {workflowId} -> workflowId) (\s@DescribeExecutionResponse' {} a -> s {workflowId = a} :: DescribeExecutionResponse)
+
+-- | The structure that contains the details of the workflow\' execution.
+describeExecutionResponse_execution :: Lens.Lens' DescribeExecutionResponse DescribedExecution
+describeExecutionResponse_execution = Lens.lens (\DescribeExecutionResponse' {execution} -> execution) (\s@DescribeExecutionResponse' {} a -> s {execution = a} :: DescribeExecutionResponse)
+
+instance Prelude.NFData DescribeExecutionResponse where
+  rnf DescribeExecutionResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf workflowId
+      `Prelude.seq` Prelude.rnf execution
diff --git a/gen/Amazonka/Transfer/DescribeHostKey.hs b/gen/Amazonka/Transfer/DescribeHostKey.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/DescribeHostKey.hs
@@ -0,0 +1,193 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.DescribeHostKey
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Returns the details of the host key that\'s specified by the @HostKeyId@
+-- and @ServerId@.
+module Amazonka.Transfer.DescribeHostKey
+  ( -- * Creating a Request
+    DescribeHostKey (..),
+    newDescribeHostKey,
+
+    -- * Request Lenses
+    describeHostKey_serverId,
+    describeHostKey_hostKeyId,
+
+    -- * Destructuring the Response
+    DescribeHostKeyResponse (..),
+    newDescribeHostKeyResponse,
+
+    -- * Response Lenses
+    describeHostKeyResponse_httpStatus,
+    describeHostKeyResponse_hostKey,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newDescribeHostKey' smart constructor.
+data DescribeHostKey = DescribeHostKey'
+  { -- | The identifier of the server that contains the host key that you want
+    -- described.
+    serverId :: Prelude.Text,
+    -- | The identifier of the host key that you want described.
+    hostKeyId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeHostKey' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'serverId', 'describeHostKey_serverId' - The identifier of the server that contains the host key that you want
+-- described.
+--
+-- 'hostKeyId', 'describeHostKey_hostKeyId' - The identifier of the host key that you want described.
+newDescribeHostKey ::
+  -- | 'serverId'
+  Prelude.Text ->
+  -- | 'hostKeyId'
+  Prelude.Text ->
+  DescribeHostKey
+newDescribeHostKey pServerId_ pHostKeyId_ =
+  DescribeHostKey'
+    { serverId = pServerId_,
+      hostKeyId = pHostKeyId_
+    }
+
+-- | The identifier of the server that contains the host key that you want
+-- described.
+describeHostKey_serverId :: Lens.Lens' DescribeHostKey Prelude.Text
+describeHostKey_serverId = Lens.lens (\DescribeHostKey' {serverId} -> serverId) (\s@DescribeHostKey' {} a -> s {serverId = a} :: DescribeHostKey)
+
+-- | The identifier of the host key that you want described.
+describeHostKey_hostKeyId :: Lens.Lens' DescribeHostKey Prelude.Text
+describeHostKey_hostKeyId = Lens.lens (\DescribeHostKey' {hostKeyId} -> hostKeyId) (\s@DescribeHostKey' {} a -> s {hostKeyId = a} :: DescribeHostKey)
+
+instance Core.AWSRequest DescribeHostKey where
+  type
+    AWSResponse DescribeHostKey =
+      DescribeHostKeyResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeHostKeyResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "HostKey")
+      )
+
+instance Prelude.Hashable DescribeHostKey where
+  hashWithSalt _salt DescribeHostKey' {..} =
+    _salt
+      `Prelude.hashWithSalt` serverId
+      `Prelude.hashWithSalt` hostKeyId
+
+instance Prelude.NFData DescribeHostKey where
+  rnf DescribeHostKey' {..} =
+    Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf hostKeyId
+
+instance Data.ToHeaders DescribeHostKey where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.DescribeHostKey" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON DescribeHostKey where
+  toJSON DescribeHostKey' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("ServerId" Data..= serverId),
+            Prelude.Just ("HostKeyId" Data..= hostKeyId)
+          ]
+      )
+
+instance Data.ToPath DescribeHostKey where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery DescribeHostKey where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeHostKeyResponse' smart constructor.
+data DescribeHostKeyResponse = DescribeHostKeyResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | Returns the details for the specified host key.
+    hostKey :: DescribedHostKey
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeHostKeyResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'describeHostKeyResponse_httpStatus' - The response's http status code.
+--
+-- 'hostKey', 'describeHostKeyResponse_hostKey' - Returns the details for the specified host key.
+newDescribeHostKeyResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'hostKey'
+  DescribedHostKey ->
+  DescribeHostKeyResponse
+newDescribeHostKeyResponse pHttpStatus_ pHostKey_ =
+  DescribeHostKeyResponse'
+    { httpStatus = pHttpStatus_,
+      hostKey = pHostKey_
+    }
+
+-- | The response's http status code.
+describeHostKeyResponse_httpStatus :: Lens.Lens' DescribeHostKeyResponse Prelude.Int
+describeHostKeyResponse_httpStatus = Lens.lens (\DescribeHostKeyResponse' {httpStatus} -> httpStatus) (\s@DescribeHostKeyResponse' {} a -> s {httpStatus = a} :: DescribeHostKeyResponse)
+
+-- | Returns the details for the specified host key.
+describeHostKeyResponse_hostKey :: Lens.Lens' DescribeHostKeyResponse DescribedHostKey
+describeHostKeyResponse_hostKey = Lens.lens (\DescribeHostKeyResponse' {hostKey} -> hostKey) (\s@DescribeHostKeyResponse' {} a -> s {hostKey = a} :: DescribeHostKeyResponse)
+
+instance Prelude.NFData DescribeHostKeyResponse where
+  rnf DescribeHostKeyResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf hostKey
diff --git a/gen/Amazonka/Transfer/DescribeProfile.hs b/gen/Amazonka/Transfer/DescribeProfile.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/DescribeProfile.hs
@@ -0,0 +1,169 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.DescribeProfile
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Returns the details of the profile that\'s specified by the @ProfileId@.
+module Amazonka.Transfer.DescribeProfile
+  ( -- * Creating a Request
+    DescribeProfile (..),
+    newDescribeProfile,
+
+    -- * Request Lenses
+    describeProfile_profileId,
+
+    -- * Destructuring the Response
+    DescribeProfileResponse (..),
+    newDescribeProfileResponse,
+
+    -- * Response Lenses
+    describeProfileResponse_httpStatus,
+    describeProfileResponse_profile,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newDescribeProfile' smart constructor.
+data DescribeProfile = DescribeProfile'
+  { -- | The identifier of the profile that you want described.
+    profileId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeProfile' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'profileId', 'describeProfile_profileId' - The identifier of the profile that you want described.
+newDescribeProfile ::
+  -- | 'profileId'
+  Prelude.Text ->
+  DescribeProfile
+newDescribeProfile pProfileId_ =
+  DescribeProfile' {profileId = pProfileId_}
+
+-- | The identifier of the profile that you want described.
+describeProfile_profileId :: Lens.Lens' DescribeProfile Prelude.Text
+describeProfile_profileId = Lens.lens (\DescribeProfile' {profileId} -> profileId) (\s@DescribeProfile' {} a -> s {profileId = a} :: DescribeProfile)
+
+instance Core.AWSRequest DescribeProfile where
+  type
+    AWSResponse DescribeProfile =
+      DescribeProfileResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeProfileResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "Profile")
+      )
+
+instance Prelude.Hashable DescribeProfile where
+  hashWithSalt _salt DescribeProfile' {..} =
+    _salt `Prelude.hashWithSalt` profileId
+
+instance Prelude.NFData DescribeProfile where
+  rnf DescribeProfile' {..} = Prelude.rnf profileId
+
+instance Data.ToHeaders DescribeProfile where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.DescribeProfile" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON DescribeProfile where
+  toJSON DescribeProfile' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [Prelude.Just ("ProfileId" Data..= profileId)]
+      )
+
+instance Data.ToPath DescribeProfile where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery DescribeProfile where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeProfileResponse' smart constructor.
+data DescribeProfileResponse = DescribeProfileResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The details of the specified profile, returned as an object.
+    profile :: DescribedProfile
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeProfileResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'describeProfileResponse_httpStatus' - The response's http status code.
+--
+-- 'profile', 'describeProfileResponse_profile' - The details of the specified profile, returned as an object.
+newDescribeProfileResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'profile'
+  DescribedProfile ->
+  DescribeProfileResponse
+newDescribeProfileResponse pHttpStatus_ pProfile_ =
+  DescribeProfileResponse'
+    { httpStatus = pHttpStatus_,
+      profile = pProfile_
+    }
+
+-- | The response's http status code.
+describeProfileResponse_httpStatus :: Lens.Lens' DescribeProfileResponse Prelude.Int
+describeProfileResponse_httpStatus = Lens.lens (\DescribeProfileResponse' {httpStatus} -> httpStatus) (\s@DescribeProfileResponse' {} a -> s {httpStatus = a} :: DescribeProfileResponse)
+
+-- | The details of the specified profile, returned as an object.
+describeProfileResponse_profile :: Lens.Lens' DescribeProfileResponse DescribedProfile
+describeProfileResponse_profile = Lens.lens (\DescribeProfileResponse' {profile} -> profile) (\s@DescribeProfileResponse' {} a -> s {profile = a} :: DescribeProfileResponse)
+
+instance Prelude.NFData DescribeProfileResponse where
+  rnf DescribeProfileResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf profile
diff --git a/gen/Amazonka/Transfer/DescribeSecurityPolicy.hs b/gen/Amazonka/Transfer/DescribeSecurityPolicy.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/DescribeSecurityPolicy.hs
@@ -0,0 +1,188 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.DescribeSecurityPolicy
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Describes the security policy that is attached to your file transfer
+-- protocol-enabled server. The response contains a description of the
+-- security policy\'s properties. For more information about security
+-- policies, see
+-- <https://docs.aws.amazon.com/transfer/latest/userguide/security-policies.html Working with security policies>.
+module Amazonka.Transfer.DescribeSecurityPolicy
+  ( -- * Creating a Request
+    DescribeSecurityPolicy (..),
+    newDescribeSecurityPolicy,
+
+    -- * Request Lenses
+    describeSecurityPolicy_securityPolicyName,
+
+    -- * Destructuring the Response
+    DescribeSecurityPolicyResponse (..),
+    newDescribeSecurityPolicyResponse,
+
+    -- * Response Lenses
+    describeSecurityPolicyResponse_httpStatus,
+    describeSecurityPolicyResponse_securityPolicy,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newDescribeSecurityPolicy' smart constructor.
+data DescribeSecurityPolicy = DescribeSecurityPolicy'
+  { -- | Specifies the name of the security policy that is attached to the
+    -- server.
+    securityPolicyName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeSecurityPolicy' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'securityPolicyName', 'describeSecurityPolicy_securityPolicyName' - Specifies the name of the security policy that is attached to the
+-- server.
+newDescribeSecurityPolicy ::
+  -- | 'securityPolicyName'
+  Prelude.Text ->
+  DescribeSecurityPolicy
+newDescribeSecurityPolicy pSecurityPolicyName_ =
+  DescribeSecurityPolicy'
+    { securityPolicyName =
+        pSecurityPolicyName_
+    }
+
+-- | Specifies the name of the security policy that is attached to the
+-- server.
+describeSecurityPolicy_securityPolicyName :: Lens.Lens' DescribeSecurityPolicy Prelude.Text
+describeSecurityPolicy_securityPolicyName = Lens.lens (\DescribeSecurityPolicy' {securityPolicyName} -> securityPolicyName) (\s@DescribeSecurityPolicy' {} a -> s {securityPolicyName = a} :: DescribeSecurityPolicy)
+
+instance Core.AWSRequest DescribeSecurityPolicy where
+  type
+    AWSResponse DescribeSecurityPolicy =
+      DescribeSecurityPolicyResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeSecurityPolicyResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "SecurityPolicy")
+      )
+
+instance Prelude.Hashable DescribeSecurityPolicy where
+  hashWithSalt _salt DescribeSecurityPolicy' {..} =
+    _salt `Prelude.hashWithSalt` securityPolicyName
+
+instance Prelude.NFData DescribeSecurityPolicy where
+  rnf DescribeSecurityPolicy' {..} =
+    Prelude.rnf securityPolicyName
+
+instance Data.ToHeaders DescribeSecurityPolicy where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.DescribeSecurityPolicy" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON DescribeSecurityPolicy where
+  toJSON DescribeSecurityPolicy' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just
+              ("SecurityPolicyName" Data..= securityPolicyName)
+          ]
+      )
+
+instance Data.ToPath DescribeSecurityPolicy where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery DescribeSecurityPolicy where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeSecurityPolicyResponse' smart constructor.
+data DescribeSecurityPolicyResponse = DescribeSecurityPolicyResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | An array containing the properties of the security policy.
+    securityPolicy :: DescribedSecurityPolicy
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeSecurityPolicyResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'describeSecurityPolicyResponse_httpStatus' - The response's http status code.
+--
+-- 'securityPolicy', 'describeSecurityPolicyResponse_securityPolicy' - An array containing the properties of the security policy.
+newDescribeSecurityPolicyResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'securityPolicy'
+  DescribedSecurityPolicy ->
+  DescribeSecurityPolicyResponse
+newDescribeSecurityPolicyResponse
+  pHttpStatus_
+  pSecurityPolicy_ =
+    DescribeSecurityPolicyResponse'
+      { httpStatus =
+          pHttpStatus_,
+        securityPolicy = pSecurityPolicy_
+      }
+
+-- | The response's http status code.
+describeSecurityPolicyResponse_httpStatus :: Lens.Lens' DescribeSecurityPolicyResponse Prelude.Int
+describeSecurityPolicyResponse_httpStatus = Lens.lens (\DescribeSecurityPolicyResponse' {httpStatus} -> httpStatus) (\s@DescribeSecurityPolicyResponse' {} a -> s {httpStatus = a} :: DescribeSecurityPolicyResponse)
+
+-- | An array containing the properties of the security policy.
+describeSecurityPolicyResponse_securityPolicy :: Lens.Lens' DescribeSecurityPolicyResponse DescribedSecurityPolicy
+describeSecurityPolicyResponse_securityPolicy = Lens.lens (\DescribeSecurityPolicyResponse' {securityPolicy} -> securityPolicy) (\s@DescribeSecurityPolicyResponse' {} a -> s {securityPolicy = a} :: DescribeSecurityPolicyResponse)
+
+instance
+  Prelude.NFData
+    DescribeSecurityPolicyResponse
+  where
+  rnf DescribeSecurityPolicyResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf securityPolicy
diff --git a/gen/Amazonka/Transfer/DescribeServer.hs b/gen/Amazonka/Transfer/DescribeServer.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/DescribeServer.hs
@@ -0,0 +1,177 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.DescribeServer
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Describes a file transfer protocol-enabled server that you specify by
+-- passing the @ServerId@ parameter.
+--
+-- The response contains a description of a server\'s properties. When you
+-- set @EndpointType@ to VPC, the response will contain the
+-- @EndpointDetails@.
+module Amazonka.Transfer.DescribeServer
+  ( -- * Creating a Request
+    DescribeServer (..),
+    newDescribeServer,
+
+    -- * Request Lenses
+    describeServer_serverId,
+
+    -- * Destructuring the Response
+    DescribeServerResponse (..),
+    newDescribeServerResponse,
+
+    -- * Response Lenses
+    describeServerResponse_httpStatus,
+    describeServerResponse_server,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newDescribeServer' smart constructor.
+data DescribeServer = DescribeServer'
+  { -- | A system-assigned unique identifier for a server.
+    serverId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeServer' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'serverId', 'describeServer_serverId' - A system-assigned unique identifier for a server.
+newDescribeServer ::
+  -- | 'serverId'
+  Prelude.Text ->
+  DescribeServer
+newDescribeServer pServerId_ =
+  DescribeServer' {serverId = pServerId_}
+
+-- | A system-assigned unique identifier for a server.
+describeServer_serverId :: Lens.Lens' DescribeServer Prelude.Text
+describeServer_serverId = Lens.lens (\DescribeServer' {serverId} -> serverId) (\s@DescribeServer' {} a -> s {serverId = a} :: DescribeServer)
+
+instance Core.AWSRequest DescribeServer where
+  type
+    AWSResponse DescribeServer =
+      DescribeServerResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeServerResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "Server")
+      )
+
+instance Prelude.Hashable DescribeServer where
+  hashWithSalt _salt DescribeServer' {..} =
+    _salt `Prelude.hashWithSalt` serverId
+
+instance Prelude.NFData DescribeServer where
+  rnf DescribeServer' {..} = Prelude.rnf serverId
+
+instance Data.ToHeaders DescribeServer where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.DescribeServer" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON DescribeServer where
+  toJSON DescribeServer' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [Prelude.Just ("ServerId" Data..= serverId)]
+      )
+
+instance Data.ToPath DescribeServer where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery DescribeServer where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeServerResponse' smart constructor.
+data DescribeServerResponse = DescribeServerResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | An array containing the properties of a server with the @ServerID@ you
+    -- specified.
+    server :: DescribedServer
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeServerResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'describeServerResponse_httpStatus' - The response's http status code.
+--
+-- 'server', 'describeServerResponse_server' - An array containing the properties of a server with the @ServerID@ you
+-- specified.
+newDescribeServerResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'server'
+  DescribedServer ->
+  DescribeServerResponse
+newDescribeServerResponse pHttpStatus_ pServer_ =
+  DescribeServerResponse'
+    { httpStatus = pHttpStatus_,
+      server = pServer_
+    }
+
+-- | The response's http status code.
+describeServerResponse_httpStatus :: Lens.Lens' DescribeServerResponse Prelude.Int
+describeServerResponse_httpStatus = Lens.lens (\DescribeServerResponse' {httpStatus} -> httpStatus) (\s@DescribeServerResponse' {} a -> s {httpStatus = a} :: DescribeServerResponse)
+
+-- | An array containing the properties of a server with the @ServerID@ you
+-- specified.
+describeServerResponse_server :: Lens.Lens' DescribeServerResponse DescribedServer
+describeServerResponse_server = Lens.lens (\DescribeServerResponse' {server} -> server) (\s@DescribeServerResponse' {} a -> s {server = a} :: DescribeServerResponse)
+
+instance Prelude.NFData DescribeServerResponse where
+  rnf DescribeServerResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf server
diff --git a/gen/Amazonka/Transfer/DescribeUser.hs b/gen/Amazonka/Transfer/DescribeUser.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/DescribeUser.hs
@@ -0,0 +1,223 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.DescribeUser
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Describes the user assigned to the specific file transfer
+-- protocol-enabled server, as identified by its @ServerId@ property.
+--
+-- The response from this call returns the properties of the user
+-- associated with the @ServerId@ value that was specified.
+module Amazonka.Transfer.DescribeUser
+  ( -- * Creating a Request
+    DescribeUser (..),
+    newDescribeUser,
+
+    -- * Request Lenses
+    describeUser_serverId,
+    describeUser_userName,
+
+    -- * Destructuring the Response
+    DescribeUserResponse (..),
+    newDescribeUserResponse,
+
+    -- * Response Lenses
+    describeUserResponse_httpStatus,
+    describeUserResponse_serverId,
+    describeUserResponse_user,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newDescribeUser' smart constructor.
+data DescribeUser = DescribeUser'
+  { -- | A system-assigned unique identifier for a server that has this user
+    -- assigned.
+    serverId :: Prelude.Text,
+    -- | The name of the user assigned to one or more servers. User names are
+    -- part of the sign-in credentials to use the Transfer Family service and
+    -- perform file transfer tasks.
+    userName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeUser' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'serverId', 'describeUser_serverId' - A system-assigned unique identifier for a server that has this user
+-- assigned.
+--
+-- 'userName', 'describeUser_userName' - The name of the user assigned to one or more servers. User names are
+-- part of the sign-in credentials to use the Transfer Family service and
+-- perform file transfer tasks.
+newDescribeUser ::
+  -- | 'serverId'
+  Prelude.Text ->
+  -- | 'userName'
+  Prelude.Text ->
+  DescribeUser
+newDescribeUser pServerId_ pUserName_ =
+  DescribeUser'
+    { serverId = pServerId_,
+      userName = pUserName_
+    }
+
+-- | A system-assigned unique identifier for a server that has this user
+-- assigned.
+describeUser_serverId :: Lens.Lens' DescribeUser Prelude.Text
+describeUser_serverId = Lens.lens (\DescribeUser' {serverId} -> serverId) (\s@DescribeUser' {} a -> s {serverId = a} :: DescribeUser)
+
+-- | The name of the user assigned to one or more servers. User names are
+-- part of the sign-in credentials to use the Transfer Family service and
+-- perform file transfer tasks.
+describeUser_userName :: Lens.Lens' DescribeUser Prelude.Text
+describeUser_userName = Lens.lens (\DescribeUser' {userName} -> userName) (\s@DescribeUser' {} a -> s {userName = a} :: DescribeUser)
+
+instance Core.AWSRequest DescribeUser where
+  type AWSResponse DescribeUser = DescribeUserResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeUserResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "ServerId")
+            Prelude.<*> (x Data..:> "User")
+      )
+
+instance Prelude.Hashable DescribeUser where
+  hashWithSalt _salt DescribeUser' {..} =
+    _salt
+      `Prelude.hashWithSalt` serverId
+      `Prelude.hashWithSalt` userName
+
+instance Prelude.NFData DescribeUser where
+  rnf DescribeUser' {..} =
+    Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf userName
+
+instance Data.ToHeaders DescribeUser where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.DescribeUser" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON DescribeUser where
+  toJSON DescribeUser' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("ServerId" Data..= serverId),
+            Prelude.Just ("UserName" Data..= userName)
+          ]
+      )
+
+instance Data.ToPath DescribeUser where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery DescribeUser where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeUserResponse' smart constructor.
+data DescribeUserResponse = DescribeUserResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | A system-assigned unique identifier for a server that has this user
+    -- assigned.
+    serverId :: Prelude.Text,
+    -- | An array containing the properties of the user account for the
+    -- @ServerID@ value that you specified.
+    user :: DescribedUser
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeUserResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'describeUserResponse_httpStatus' - The response's http status code.
+--
+-- 'serverId', 'describeUserResponse_serverId' - A system-assigned unique identifier for a server that has this user
+-- assigned.
+--
+-- 'user', 'describeUserResponse_user' - An array containing the properties of the user account for the
+-- @ServerID@ value that you specified.
+newDescribeUserResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'serverId'
+  Prelude.Text ->
+  -- | 'user'
+  DescribedUser ->
+  DescribeUserResponse
+newDescribeUserResponse
+  pHttpStatus_
+  pServerId_
+  pUser_ =
+    DescribeUserResponse'
+      { httpStatus = pHttpStatus_,
+        serverId = pServerId_,
+        user = pUser_
+      }
+
+-- | The response's http status code.
+describeUserResponse_httpStatus :: Lens.Lens' DescribeUserResponse Prelude.Int
+describeUserResponse_httpStatus = Lens.lens (\DescribeUserResponse' {httpStatus} -> httpStatus) (\s@DescribeUserResponse' {} a -> s {httpStatus = a} :: DescribeUserResponse)
+
+-- | A system-assigned unique identifier for a server that has this user
+-- assigned.
+describeUserResponse_serverId :: Lens.Lens' DescribeUserResponse Prelude.Text
+describeUserResponse_serverId = Lens.lens (\DescribeUserResponse' {serverId} -> serverId) (\s@DescribeUserResponse' {} a -> s {serverId = a} :: DescribeUserResponse)
+
+-- | An array containing the properties of the user account for the
+-- @ServerID@ value that you specified.
+describeUserResponse_user :: Lens.Lens' DescribeUserResponse DescribedUser
+describeUserResponse_user = Lens.lens (\DescribeUserResponse' {user} -> user) (\s@DescribeUserResponse' {} a -> s {user = a} :: DescribeUserResponse)
+
+instance Prelude.NFData DescribeUserResponse where
+  rnf DescribeUserResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf user
diff --git a/gen/Amazonka/Transfer/DescribeWorkflow.hs b/gen/Amazonka/Transfer/DescribeWorkflow.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/DescribeWorkflow.hs
@@ -0,0 +1,170 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.DescribeWorkflow
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Describes the specified workflow.
+module Amazonka.Transfer.DescribeWorkflow
+  ( -- * Creating a Request
+    DescribeWorkflow (..),
+    newDescribeWorkflow,
+
+    -- * Request Lenses
+    describeWorkflow_workflowId,
+
+    -- * Destructuring the Response
+    DescribeWorkflowResponse (..),
+    newDescribeWorkflowResponse,
+
+    -- * Response Lenses
+    describeWorkflowResponse_httpStatus,
+    describeWorkflowResponse_workflow,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newDescribeWorkflow' smart constructor.
+data DescribeWorkflow = DescribeWorkflow'
+  { -- | A unique identifier for the workflow.
+    workflowId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeWorkflow' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'workflowId', 'describeWorkflow_workflowId' - A unique identifier for the workflow.
+newDescribeWorkflow ::
+  -- | 'workflowId'
+  Prelude.Text ->
+  DescribeWorkflow
+newDescribeWorkflow pWorkflowId_ =
+  DescribeWorkflow' {workflowId = pWorkflowId_}
+
+-- | A unique identifier for the workflow.
+describeWorkflow_workflowId :: Lens.Lens' DescribeWorkflow Prelude.Text
+describeWorkflow_workflowId = Lens.lens (\DescribeWorkflow' {workflowId} -> workflowId) (\s@DescribeWorkflow' {} a -> s {workflowId = a} :: DescribeWorkflow)
+
+instance Core.AWSRequest DescribeWorkflow where
+  type
+    AWSResponse DescribeWorkflow =
+      DescribeWorkflowResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          DescribeWorkflowResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "Workflow")
+      )
+
+instance Prelude.Hashable DescribeWorkflow where
+  hashWithSalt _salt DescribeWorkflow' {..} =
+    _salt `Prelude.hashWithSalt` workflowId
+
+instance Prelude.NFData DescribeWorkflow where
+  rnf DescribeWorkflow' {..} = Prelude.rnf workflowId
+
+instance Data.ToHeaders DescribeWorkflow where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.DescribeWorkflow" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON DescribeWorkflow where
+  toJSON DescribeWorkflow' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [Prelude.Just ("WorkflowId" Data..= workflowId)]
+      )
+
+instance Data.ToPath DescribeWorkflow where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery DescribeWorkflow where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDescribeWorkflowResponse' smart constructor.
+data DescribeWorkflowResponse = DescribeWorkflowResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The structure that contains the details of the workflow.
+    workflow :: DescribedWorkflow
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribeWorkflowResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'describeWorkflowResponse_httpStatus' - The response's http status code.
+--
+-- 'workflow', 'describeWorkflowResponse_workflow' - The structure that contains the details of the workflow.
+newDescribeWorkflowResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'workflow'
+  DescribedWorkflow ->
+  DescribeWorkflowResponse
+newDescribeWorkflowResponse pHttpStatus_ pWorkflow_ =
+  DescribeWorkflowResponse'
+    { httpStatus =
+        pHttpStatus_,
+      workflow = pWorkflow_
+    }
+
+-- | The response's http status code.
+describeWorkflowResponse_httpStatus :: Lens.Lens' DescribeWorkflowResponse Prelude.Int
+describeWorkflowResponse_httpStatus = Lens.lens (\DescribeWorkflowResponse' {httpStatus} -> httpStatus) (\s@DescribeWorkflowResponse' {} a -> s {httpStatus = a} :: DescribeWorkflowResponse)
+
+-- | The structure that contains the details of the workflow.
+describeWorkflowResponse_workflow :: Lens.Lens' DescribeWorkflowResponse DescribedWorkflow
+describeWorkflowResponse_workflow = Lens.lens (\DescribeWorkflowResponse' {workflow} -> workflow) (\s@DescribeWorkflowResponse' {} a -> s {workflow = a} :: DescribeWorkflowResponse)
+
+instance Prelude.NFData DescribeWorkflowResponse where
+  rnf DescribeWorkflowResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf workflow
diff --git a/gen/Amazonka/Transfer/ImportCertificate.hs b/gen/Amazonka/Transfer/ImportCertificate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/ImportCertificate.hs
@@ -0,0 +1,281 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.ImportCertificate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Imports the signing and encryption certificates that you need to create
+-- local (AS2) profiles and partner profiles.
+module Amazonka.Transfer.ImportCertificate
+  ( -- * Creating a Request
+    ImportCertificate (..),
+    newImportCertificate,
+
+    -- * Request Lenses
+    importCertificate_activeDate,
+    importCertificate_certificateChain,
+    importCertificate_description,
+    importCertificate_inactiveDate,
+    importCertificate_privateKey,
+    importCertificate_tags,
+    importCertificate_usage,
+    importCertificate_certificate,
+
+    -- * Destructuring the Response
+    ImportCertificateResponse (..),
+    newImportCertificateResponse,
+
+    -- * Response Lenses
+    importCertificateResponse_httpStatus,
+    importCertificateResponse_certificateId,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newImportCertificate' smart constructor.
+data ImportCertificate = ImportCertificate'
+  { -- | An optional date that specifies when the certificate becomes active.
+    activeDate :: Prelude.Maybe Data.POSIX,
+    -- | An optional list of certificates that make up the chain for the
+    -- certificate that\'s being imported.
+    certificateChain :: Prelude.Maybe (Data.Sensitive Prelude.Text),
+    -- | A short description that helps identify the certificate.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | An optional date that specifies when the certificate becomes inactive.
+    inactiveDate :: Prelude.Maybe Data.POSIX,
+    -- | The file that contains the private key for the certificate that\'s being
+    -- imported.
+    privateKey :: Prelude.Maybe (Data.Sensitive Prelude.Text),
+    -- | Key-value pairs that can be used to group and search for certificates.
+    tags :: Prelude.Maybe (Prelude.NonEmpty Tag),
+    -- | Specifies whether this certificate is used for signing or encryption.
+    usage :: CertificateUsageType,
+    -- | The file that contains the certificate to import.
+    certificate :: Data.Sensitive Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ImportCertificate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'activeDate', 'importCertificate_activeDate' - An optional date that specifies when the certificate becomes active.
+--
+-- 'certificateChain', 'importCertificate_certificateChain' - An optional list of certificates that make up the chain for the
+-- certificate that\'s being imported.
+--
+-- 'description', 'importCertificate_description' - A short description that helps identify the certificate.
+--
+-- 'inactiveDate', 'importCertificate_inactiveDate' - An optional date that specifies when the certificate becomes inactive.
+--
+-- 'privateKey', 'importCertificate_privateKey' - The file that contains the private key for the certificate that\'s being
+-- imported.
+--
+-- 'tags', 'importCertificate_tags' - Key-value pairs that can be used to group and search for certificates.
+--
+-- 'usage', 'importCertificate_usage' - Specifies whether this certificate is used for signing or encryption.
+--
+-- 'certificate', 'importCertificate_certificate' - The file that contains the certificate to import.
+newImportCertificate ::
+  -- | 'usage'
+  CertificateUsageType ->
+  -- | 'certificate'
+  Prelude.Text ->
+  ImportCertificate
+newImportCertificate pUsage_ pCertificate_ =
+  ImportCertificate'
+    { activeDate = Prelude.Nothing,
+      certificateChain = Prelude.Nothing,
+      description = Prelude.Nothing,
+      inactiveDate = Prelude.Nothing,
+      privateKey = Prelude.Nothing,
+      tags = Prelude.Nothing,
+      usage = pUsage_,
+      certificate = Data._Sensitive Lens.# pCertificate_
+    }
+
+-- | An optional date that specifies when the certificate becomes active.
+importCertificate_activeDate :: Lens.Lens' ImportCertificate (Prelude.Maybe Prelude.UTCTime)
+importCertificate_activeDate = Lens.lens (\ImportCertificate' {activeDate} -> activeDate) (\s@ImportCertificate' {} a -> s {activeDate = a} :: ImportCertificate) Prelude.. Lens.mapping Data._Time
+
+-- | An optional list of certificates that make up the chain for the
+-- certificate that\'s being imported.
+importCertificate_certificateChain :: Lens.Lens' ImportCertificate (Prelude.Maybe Prelude.Text)
+importCertificate_certificateChain = Lens.lens (\ImportCertificate' {certificateChain} -> certificateChain) (\s@ImportCertificate' {} a -> s {certificateChain = a} :: ImportCertificate) Prelude.. Lens.mapping Data._Sensitive
+
+-- | A short description that helps identify the certificate.
+importCertificate_description :: Lens.Lens' ImportCertificate (Prelude.Maybe Prelude.Text)
+importCertificate_description = Lens.lens (\ImportCertificate' {description} -> description) (\s@ImportCertificate' {} a -> s {description = a} :: ImportCertificate)
+
+-- | An optional date that specifies when the certificate becomes inactive.
+importCertificate_inactiveDate :: Lens.Lens' ImportCertificate (Prelude.Maybe Prelude.UTCTime)
+importCertificate_inactiveDate = Lens.lens (\ImportCertificate' {inactiveDate} -> inactiveDate) (\s@ImportCertificate' {} a -> s {inactiveDate = a} :: ImportCertificate) Prelude.. Lens.mapping Data._Time
+
+-- | The file that contains the private key for the certificate that\'s being
+-- imported.
+importCertificate_privateKey :: Lens.Lens' ImportCertificate (Prelude.Maybe Prelude.Text)
+importCertificate_privateKey = Lens.lens (\ImportCertificate' {privateKey} -> privateKey) (\s@ImportCertificate' {} a -> s {privateKey = a} :: ImportCertificate) Prelude.. Lens.mapping Data._Sensitive
+
+-- | Key-value pairs that can be used to group and search for certificates.
+importCertificate_tags :: Lens.Lens' ImportCertificate (Prelude.Maybe (Prelude.NonEmpty Tag))
+importCertificate_tags = Lens.lens (\ImportCertificate' {tags} -> tags) (\s@ImportCertificate' {} a -> s {tags = a} :: ImportCertificate) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies whether this certificate is used for signing or encryption.
+importCertificate_usage :: Lens.Lens' ImportCertificate CertificateUsageType
+importCertificate_usage = Lens.lens (\ImportCertificate' {usage} -> usage) (\s@ImportCertificate' {} a -> s {usage = a} :: ImportCertificate)
+
+-- | The file that contains the certificate to import.
+importCertificate_certificate :: Lens.Lens' ImportCertificate Prelude.Text
+importCertificate_certificate = Lens.lens (\ImportCertificate' {certificate} -> certificate) (\s@ImportCertificate' {} a -> s {certificate = a} :: ImportCertificate) Prelude.. Data._Sensitive
+
+instance Core.AWSRequest ImportCertificate where
+  type
+    AWSResponse ImportCertificate =
+      ImportCertificateResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ImportCertificateResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "CertificateId")
+      )
+
+instance Prelude.Hashable ImportCertificate where
+  hashWithSalt _salt ImportCertificate' {..} =
+    _salt
+      `Prelude.hashWithSalt` activeDate
+      `Prelude.hashWithSalt` certificateChain
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` inactiveDate
+      `Prelude.hashWithSalt` privateKey
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` usage
+      `Prelude.hashWithSalt` certificate
+
+instance Prelude.NFData ImportCertificate where
+  rnf ImportCertificate' {..} =
+    Prelude.rnf activeDate
+      `Prelude.seq` Prelude.rnf certificateChain
+      `Prelude.seq` Prelude.rnf description
+      `Prelude.seq` Prelude.rnf inactiveDate
+      `Prelude.seq` Prelude.rnf privateKey
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf usage
+      `Prelude.seq` Prelude.rnf certificate
+
+instance Data.ToHeaders ImportCertificate where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.ImportCertificate" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON ImportCertificate where
+  toJSON ImportCertificate' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("ActiveDate" Data..=) Prelude.<$> activeDate,
+            ("CertificateChain" Data..=)
+              Prelude.<$> certificateChain,
+            ("Description" Data..=) Prelude.<$> description,
+            ("InactiveDate" Data..=) Prelude.<$> inactiveDate,
+            ("PrivateKey" Data..=) Prelude.<$> privateKey,
+            ("Tags" Data..=) Prelude.<$> tags,
+            Prelude.Just ("Usage" Data..= usage),
+            Prelude.Just ("Certificate" Data..= certificate)
+          ]
+      )
+
+instance Data.ToPath ImportCertificate where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery ImportCertificate where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newImportCertificateResponse' smart constructor.
+data ImportCertificateResponse = ImportCertificateResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | An array of identifiers for the imported certificates. You use this
+    -- identifier for working with profiles and partner profiles.
+    certificateId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ImportCertificateResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'importCertificateResponse_httpStatus' - The response's http status code.
+--
+-- 'certificateId', 'importCertificateResponse_certificateId' - An array of identifiers for the imported certificates. You use this
+-- identifier for working with profiles and partner profiles.
+newImportCertificateResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'certificateId'
+  Prelude.Text ->
+  ImportCertificateResponse
+newImportCertificateResponse
+  pHttpStatus_
+  pCertificateId_ =
+    ImportCertificateResponse'
+      { httpStatus =
+          pHttpStatus_,
+        certificateId = pCertificateId_
+      }
+
+-- | The response's http status code.
+importCertificateResponse_httpStatus :: Lens.Lens' ImportCertificateResponse Prelude.Int
+importCertificateResponse_httpStatus = Lens.lens (\ImportCertificateResponse' {httpStatus} -> httpStatus) (\s@ImportCertificateResponse' {} a -> s {httpStatus = a} :: ImportCertificateResponse)
+
+-- | An array of identifiers for the imported certificates. You use this
+-- identifier for working with profiles and partner profiles.
+importCertificateResponse_certificateId :: Lens.Lens' ImportCertificateResponse Prelude.Text
+importCertificateResponse_certificateId = Lens.lens (\ImportCertificateResponse' {certificateId} -> certificateId) (\s@ImportCertificateResponse' {} a -> s {certificateId = a} :: ImportCertificateResponse)
+
+instance Prelude.NFData ImportCertificateResponse where
+  rnf ImportCertificateResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf certificateId
diff --git a/gen/Amazonka/Transfer/ImportHostKey.hs b/gen/Amazonka/Transfer/ImportHostKey.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/ImportHostKey.hs
@@ -0,0 +1,242 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.ImportHostKey
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Adds a host key to the server that\'s specified by the @ServerId@
+-- parameter.
+module Amazonka.Transfer.ImportHostKey
+  ( -- * Creating a Request
+    ImportHostKey (..),
+    newImportHostKey,
+
+    -- * Request Lenses
+    importHostKey_description,
+    importHostKey_tags,
+    importHostKey_serverId,
+    importHostKey_hostKeyBody,
+
+    -- * Destructuring the Response
+    ImportHostKeyResponse (..),
+    newImportHostKeyResponse,
+
+    -- * Response Lenses
+    importHostKeyResponse_httpStatus,
+    importHostKeyResponse_serverId,
+    importHostKeyResponse_hostKeyId,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newImportHostKey' smart constructor.
+data ImportHostKey = ImportHostKey'
+  { -- | The text description that identifies this host key.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | Key-value pairs that can be used to group and search for host keys.
+    tags :: Prelude.Maybe (Prelude.NonEmpty Tag),
+    -- | The identifier of the server that contains the host key that you are
+    -- importing.
+    serverId :: Prelude.Text,
+    -- | The public key portion of an SSH key pair.
+    --
+    -- Transfer Family accepts RSA, ECDSA, and ED25519 keys.
+    hostKeyBody :: Data.Sensitive Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ImportHostKey' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'description', 'importHostKey_description' - The text description that identifies this host key.
+--
+-- 'tags', 'importHostKey_tags' - Key-value pairs that can be used to group and search for host keys.
+--
+-- 'serverId', 'importHostKey_serverId' - The identifier of the server that contains the host key that you are
+-- importing.
+--
+-- 'hostKeyBody', 'importHostKey_hostKeyBody' - The public key portion of an SSH key pair.
+--
+-- Transfer Family accepts RSA, ECDSA, and ED25519 keys.
+newImportHostKey ::
+  -- | 'serverId'
+  Prelude.Text ->
+  -- | 'hostKeyBody'
+  Prelude.Text ->
+  ImportHostKey
+newImportHostKey pServerId_ pHostKeyBody_ =
+  ImportHostKey'
+    { description = Prelude.Nothing,
+      tags = Prelude.Nothing,
+      serverId = pServerId_,
+      hostKeyBody = Data._Sensitive Lens.# pHostKeyBody_
+    }
+
+-- | The text description that identifies this host key.
+importHostKey_description :: Lens.Lens' ImportHostKey (Prelude.Maybe Prelude.Text)
+importHostKey_description = Lens.lens (\ImportHostKey' {description} -> description) (\s@ImportHostKey' {} a -> s {description = a} :: ImportHostKey)
+
+-- | Key-value pairs that can be used to group and search for host keys.
+importHostKey_tags :: Lens.Lens' ImportHostKey (Prelude.Maybe (Prelude.NonEmpty Tag))
+importHostKey_tags = Lens.lens (\ImportHostKey' {tags} -> tags) (\s@ImportHostKey' {} a -> s {tags = a} :: ImportHostKey) Prelude.. Lens.mapping Lens.coerced
+
+-- | The identifier of the server that contains the host key that you are
+-- importing.
+importHostKey_serverId :: Lens.Lens' ImportHostKey Prelude.Text
+importHostKey_serverId = Lens.lens (\ImportHostKey' {serverId} -> serverId) (\s@ImportHostKey' {} a -> s {serverId = a} :: ImportHostKey)
+
+-- | The public key portion of an SSH key pair.
+--
+-- Transfer Family accepts RSA, ECDSA, and ED25519 keys.
+importHostKey_hostKeyBody :: Lens.Lens' ImportHostKey Prelude.Text
+importHostKey_hostKeyBody = Lens.lens (\ImportHostKey' {hostKeyBody} -> hostKeyBody) (\s@ImportHostKey' {} a -> s {hostKeyBody = a} :: ImportHostKey) Prelude.. Data._Sensitive
+
+instance Core.AWSRequest ImportHostKey where
+  type
+    AWSResponse ImportHostKey =
+      ImportHostKeyResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ImportHostKeyResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "ServerId")
+            Prelude.<*> (x Data..:> "HostKeyId")
+      )
+
+instance Prelude.Hashable ImportHostKey where
+  hashWithSalt _salt ImportHostKey' {..} =
+    _salt
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` serverId
+      `Prelude.hashWithSalt` hostKeyBody
+
+instance Prelude.NFData ImportHostKey where
+  rnf ImportHostKey' {..} =
+    Prelude.rnf description
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf hostKeyBody
+
+instance Data.ToHeaders ImportHostKey where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.ImportHostKey" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON ImportHostKey where
+  toJSON ImportHostKey' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("Description" Data..=) Prelude.<$> description,
+            ("Tags" Data..=) Prelude.<$> tags,
+            Prelude.Just ("ServerId" Data..= serverId),
+            Prelude.Just ("HostKeyBody" Data..= hostKeyBody)
+          ]
+      )
+
+instance Data.ToPath ImportHostKey where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery ImportHostKey where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newImportHostKeyResponse' smart constructor.
+data ImportHostKeyResponse = ImportHostKeyResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | Returns the server identifier that contains the imported key.
+    serverId :: Prelude.Text,
+    -- | Returns the host key identifier for the imported key.
+    hostKeyId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ImportHostKeyResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'importHostKeyResponse_httpStatus' - The response's http status code.
+--
+-- 'serverId', 'importHostKeyResponse_serverId' - Returns the server identifier that contains the imported key.
+--
+-- 'hostKeyId', 'importHostKeyResponse_hostKeyId' - Returns the host key identifier for the imported key.
+newImportHostKeyResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'serverId'
+  Prelude.Text ->
+  -- | 'hostKeyId'
+  Prelude.Text ->
+  ImportHostKeyResponse
+newImportHostKeyResponse
+  pHttpStatus_
+  pServerId_
+  pHostKeyId_ =
+    ImportHostKeyResponse'
+      { httpStatus = pHttpStatus_,
+        serverId = pServerId_,
+        hostKeyId = pHostKeyId_
+      }
+
+-- | The response's http status code.
+importHostKeyResponse_httpStatus :: Lens.Lens' ImportHostKeyResponse Prelude.Int
+importHostKeyResponse_httpStatus = Lens.lens (\ImportHostKeyResponse' {httpStatus} -> httpStatus) (\s@ImportHostKeyResponse' {} a -> s {httpStatus = a} :: ImportHostKeyResponse)
+
+-- | Returns the server identifier that contains the imported key.
+importHostKeyResponse_serverId :: Lens.Lens' ImportHostKeyResponse Prelude.Text
+importHostKeyResponse_serverId = Lens.lens (\ImportHostKeyResponse' {serverId} -> serverId) (\s@ImportHostKeyResponse' {} a -> s {serverId = a} :: ImportHostKeyResponse)
+
+-- | Returns the host key identifier for the imported key.
+importHostKeyResponse_hostKeyId :: Lens.Lens' ImportHostKeyResponse Prelude.Text
+importHostKeyResponse_hostKeyId = Lens.lens (\ImportHostKeyResponse' {hostKeyId} -> hostKeyId) (\s@ImportHostKeyResponse' {} a -> s {hostKeyId = a} :: ImportHostKeyResponse)
+
+instance Prelude.NFData ImportHostKeyResponse where
+  rnf ImportHostKeyResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf hostKeyId
diff --git a/gen/Amazonka/Transfer/ImportSshPublicKey.hs b/gen/Amazonka/Transfer/ImportSshPublicKey.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/ImportSshPublicKey.hs
@@ -0,0 +1,256 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.ImportSshPublicKey
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Adds a Secure Shell (SSH) public key to a user account identified by a
+-- @UserName@ value assigned to the specific file transfer protocol-enabled
+-- server, identified by @ServerId@.
+--
+-- The response returns the @UserName@ value, the @ServerId@ value, and the
+-- name of the @SshPublicKeyId@.
+module Amazonka.Transfer.ImportSshPublicKey
+  ( -- * Creating a Request
+    ImportSshPublicKey (..),
+    newImportSshPublicKey,
+
+    -- * Request Lenses
+    importSshPublicKey_serverId,
+    importSshPublicKey_sshPublicKeyBody,
+    importSshPublicKey_userName,
+
+    -- * Destructuring the Response
+    ImportSshPublicKeyResponse (..),
+    newImportSshPublicKeyResponse,
+
+    -- * Response Lenses
+    importSshPublicKeyResponse_httpStatus,
+    importSshPublicKeyResponse_serverId,
+    importSshPublicKeyResponse_sshPublicKeyId,
+    importSshPublicKeyResponse_userName,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newImportSshPublicKey' smart constructor.
+data ImportSshPublicKey = ImportSshPublicKey'
+  { -- | A system-assigned unique identifier for a server.
+    serverId :: Prelude.Text,
+    -- | The public key portion of an SSH key pair.
+    --
+    -- Transfer Family accepts RSA, ECDSA, and ED25519 keys.
+    sshPublicKeyBody :: Prelude.Text,
+    -- | The name of the user account that is assigned to one or more servers.
+    userName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ImportSshPublicKey' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'serverId', 'importSshPublicKey_serverId' - A system-assigned unique identifier for a server.
+--
+-- 'sshPublicKeyBody', 'importSshPublicKey_sshPublicKeyBody' - The public key portion of an SSH key pair.
+--
+-- Transfer Family accepts RSA, ECDSA, and ED25519 keys.
+--
+-- 'userName', 'importSshPublicKey_userName' - The name of the user account that is assigned to one or more servers.
+newImportSshPublicKey ::
+  -- | 'serverId'
+  Prelude.Text ->
+  -- | 'sshPublicKeyBody'
+  Prelude.Text ->
+  -- | 'userName'
+  Prelude.Text ->
+  ImportSshPublicKey
+newImportSshPublicKey
+  pServerId_
+  pSshPublicKeyBody_
+  pUserName_ =
+    ImportSshPublicKey'
+      { serverId = pServerId_,
+        sshPublicKeyBody = pSshPublicKeyBody_,
+        userName = pUserName_
+      }
+
+-- | A system-assigned unique identifier for a server.
+importSshPublicKey_serverId :: Lens.Lens' ImportSshPublicKey Prelude.Text
+importSshPublicKey_serverId = Lens.lens (\ImportSshPublicKey' {serverId} -> serverId) (\s@ImportSshPublicKey' {} a -> s {serverId = a} :: ImportSshPublicKey)
+
+-- | The public key portion of an SSH key pair.
+--
+-- Transfer Family accepts RSA, ECDSA, and ED25519 keys.
+importSshPublicKey_sshPublicKeyBody :: Lens.Lens' ImportSshPublicKey Prelude.Text
+importSshPublicKey_sshPublicKeyBody = Lens.lens (\ImportSshPublicKey' {sshPublicKeyBody} -> sshPublicKeyBody) (\s@ImportSshPublicKey' {} a -> s {sshPublicKeyBody = a} :: ImportSshPublicKey)
+
+-- | The name of the user account that is assigned to one or more servers.
+importSshPublicKey_userName :: Lens.Lens' ImportSshPublicKey Prelude.Text
+importSshPublicKey_userName = Lens.lens (\ImportSshPublicKey' {userName} -> userName) (\s@ImportSshPublicKey' {} a -> s {userName = a} :: ImportSshPublicKey)
+
+instance Core.AWSRequest ImportSshPublicKey where
+  type
+    AWSResponse ImportSshPublicKey =
+      ImportSshPublicKeyResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ImportSshPublicKeyResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "ServerId")
+            Prelude.<*> (x Data..:> "SshPublicKeyId")
+            Prelude.<*> (x Data..:> "UserName")
+      )
+
+instance Prelude.Hashable ImportSshPublicKey where
+  hashWithSalt _salt ImportSshPublicKey' {..} =
+    _salt
+      `Prelude.hashWithSalt` serverId
+      `Prelude.hashWithSalt` sshPublicKeyBody
+      `Prelude.hashWithSalt` userName
+
+instance Prelude.NFData ImportSshPublicKey where
+  rnf ImportSshPublicKey' {..} =
+    Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf sshPublicKeyBody
+      `Prelude.seq` Prelude.rnf userName
+
+instance Data.ToHeaders ImportSshPublicKey where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.ImportSshPublicKey" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON ImportSshPublicKey where
+  toJSON ImportSshPublicKey' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("ServerId" Data..= serverId),
+            Prelude.Just
+              ("SshPublicKeyBody" Data..= sshPublicKeyBody),
+            Prelude.Just ("UserName" Data..= userName)
+          ]
+      )
+
+instance Data.ToPath ImportSshPublicKey where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery ImportSshPublicKey where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | Identifies the user, the server they belong to, and the identifier of
+-- the SSH public key associated with that user. A user can have more than
+-- one key on each server that they are associated with.
+--
+-- /See:/ 'newImportSshPublicKeyResponse' smart constructor.
+data ImportSshPublicKeyResponse = ImportSshPublicKeyResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | A system-assigned unique identifier for a server.
+    serverId :: Prelude.Text,
+    -- | The name given to a public key by the system that was imported.
+    sshPublicKeyId :: Prelude.Text,
+    -- | A user name assigned to the @ServerID@ value that you specified.
+    userName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ImportSshPublicKeyResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'importSshPublicKeyResponse_httpStatus' - The response's http status code.
+--
+-- 'serverId', 'importSshPublicKeyResponse_serverId' - A system-assigned unique identifier for a server.
+--
+-- 'sshPublicKeyId', 'importSshPublicKeyResponse_sshPublicKeyId' - The name given to a public key by the system that was imported.
+--
+-- 'userName', 'importSshPublicKeyResponse_userName' - A user name assigned to the @ServerID@ value that you specified.
+newImportSshPublicKeyResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'serverId'
+  Prelude.Text ->
+  -- | 'sshPublicKeyId'
+  Prelude.Text ->
+  -- | 'userName'
+  Prelude.Text ->
+  ImportSshPublicKeyResponse
+newImportSshPublicKeyResponse
+  pHttpStatus_
+  pServerId_
+  pSshPublicKeyId_
+  pUserName_ =
+    ImportSshPublicKeyResponse'
+      { httpStatus =
+          pHttpStatus_,
+        serverId = pServerId_,
+        sshPublicKeyId = pSshPublicKeyId_,
+        userName = pUserName_
+      }
+
+-- | The response's http status code.
+importSshPublicKeyResponse_httpStatus :: Lens.Lens' ImportSshPublicKeyResponse Prelude.Int
+importSshPublicKeyResponse_httpStatus = Lens.lens (\ImportSshPublicKeyResponse' {httpStatus} -> httpStatus) (\s@ImportSshPublicKeyResponse' {} a -> s {httpStatus = a} :: ImportSshPublicKeyResponse)
+
+-- | A system-assigned unique identifier for a server.
+importSshPublicKeyResponse_serverId :: Lens.Lens' ImportSshPublicKeyResponse Prelude.Text
+importSshPublicKeyResponse_serverId = Lens.lens (\ImportSshPublicKeyResponse' {serverId} -> serverId) (\s@ImportSshPublicKeyResponse' {} a -> s {serverId = a} :: ImportSshPublicKeyResponse)
+
+-- | The name given to a public key by the system that was imported.
+importSshPublicKeyResponse_sshPublicKeyId :: Lens.Lens' ImportSshPublicKeyResponse Prelude.Text
+importSshPublicKeyResponse_sshPublicKeyId = Lens.lens (\ImportSshPublicKeyResponse' {sshPublicKeyId} -> sshPublicKeyId) (\s@ImportSshPublicKeyResponse' {} a -> s {sshPublicKeyId = a} :: ImportSshPublicKeyResponse)
+
+-- | A user name assigned to the @ServerID@ value that you specified.
+importSshPublicKeyResponse_userName :: Lens.Lens' ImportSshPublicKeyResponse Prelude.Text
+importSshPublicKeyResponse_userName = Lens.lens (\ImportSshPublicKeyResponse' {userName} -> userName) (\s@ImportSshPublicKeyResponse' {} a -> s {userName = a} :: ImportSshPublicKeyResponse)
+
+instance Prelude.NFData ImportSshPublicKeyResponse where
+  rnf ImportSshPublicKeyResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf sshPublicKeyId
+      `Prelude.seq` Prelude.rnf userName
diff --git a/gen/Amazonka/Transfer/Lens.hs b/gen/Amazonka/Transfer/Lens.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Lens.hs
@@ -0,0 +1,898 @@
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-duplicate-exports #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Lens
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Lens
+  ( -- * Operations
+
+    -- ** CreateAccess
+    createAccess_homeDirectory,
+    createAccess_homeDirectoryMappings,
+    createAccess_homeDirectoryType,
+    createAccess_policy,
+    createAccess_posixProfile,
+    createAccess_role,
+    createAccess_serverId,
+    createAccess_externalId,
+    createAccessResponse_httpStatus,
+    createAccessResponse_serverId,
+    createAccessResponse_externalId,
+
+    -- ** CreateAgreement
+    createAgreement_description,
+    createAgreement_status,
+    createAgreement_tags,
+    createAgreement_serverId,
+    createAgreement_localProfileId,
+    createAgreement_partnerProfileId,
+    createAgreement_baseDirectory,
+    createAgreement_accessRole,
+    createAgreementResponse_httpStatus,
+    createAgreementResponse_agreementId,
+
+    -- ** CreateConnector
+    createConnector_loggingRole,
+    createConnector_tags,
+    createConnector_url,
+    createConnector_as2Config,
+    createConnector_accessRole,
+    createConnectorResponse_httpStatus,
+    createConnectorResponse_connectorId,
+
+    -- ** CreateProfile
+    createProfile_certificateIds,
+    createProfile_tags,
+    createProfile_as2Id,
+    createProfile_profileType,
+    createProfileResponse_httpStatus,
+    createProfileResponse_profileId,
+
+    -- ** CreateServer
+    createServer_certificate,
+    createServer_domain,
+    createServer_endpointDetails,
+    createServer_endpointType,
+    createServer_hostKey,
+    createServer_identityProviderDetails,
+    createServer_identityProviderType,
+    createServer_loggingRole,
+    createServer_postAuthenticationLoginBanner,
+    createServer_preAuthenticationLoginBanner,
+    createServer_protocolDetails,
+    createServer_protocols,
+    createServer_securityPolicyName,
+    createServer_tags,
+    createServer_workflowDetails,
+    createServerResponse_httpStatus,
+    createServerResponse_serverId,
+
+    -- ** CreateUser
+    createUser_homeDirectory,
+    createUser_homeDirectoryMappings,
+    createUser_homeDirectoryType,
+    createUser_policy,
+    createUser_posixProfile,
+    createUser_sshPublicKeyBody,
+    createUser_tags,
+    createUser_role,
+    createUser_serverId,
+    createUser_userName,
+    createUserResponse_httpStatus,
+    createUserResponse_serverId,
+    createUserResponse_userName,
+
+    -- ** CreateWorkflow
+    createWorkflow_description,
+    createWorkflow_onExceptionSteps,
+    createWorkflow_tags,
+    createWorkflow_steps,
+    createWorkflowResponse_httpStatus,
+    createWorkflowResponse_workflowId,
+
+    -- ** DeleteAccess
+    deleteAccess_serverId,
+    deleteAccess_externalId,
+
+    -- ** DeleteAgreement
+    deleteAgreement_agreementId,
+    deleteAgreement_serverId,
+
+    -- ** DeleteCertificate
+    deleteCertificate_certificateId,
+
+    -- ** DeleteConnector
+    deleteConnector_connectorId,
+
+    -- ** DeleteHostKey
+    deleteHostKey_serverId,
+    deleteHostKey_hostKeyId,
+
+    -- ** DeleteProfile
+    deleteProfile_profileId,
+
+    -- ** DeleteServer
+    deleteServer_serverId,
+
+    -- ** DeleteSshPublicKey
+    deleteSshPublicKey_serverId,
+    deleteSshPublicKey_sshPublicKeyId,
+    deleteSshPublicKey_userName,
+
+    -- ** DeleteUser
+    deleteUser_serverId,
+    deleteUser_userName,
+
+    -- ** DeleteWorkflow
+    deleteWorkflow_workflowId,
+
+    -- ** DescribeAccess
+    describeAccess_serverId,
+    describeAccess_externalId,
+    describeAccessResponse_httpStatus,
+    describeAccessResponse_serverId,
+    describeAccessResponse_access,
+
+    -- ** DescribeAgreement
+    describeAgreement_agreementId,
+    describeAgreement_serverId,
+    describeAgreementResponse_httpStatus,
+    describeAgreementResponse_agreement,
+
+    -- ** DescribeCertificate
+    describeCertificate_certificateId,
+    describeCertificateResponse_httpStatus,
+    describeCertificateResponse_certificate,
+
+    -- ** DescribeConnector
+    describeConnector_connectorId,
+    describeConnectorResponse_httpStatus,
+    describeConnectorResponse_connector,
+
+    -- ** DescribeExecution
+    describeExecution_executionId,
+    describeExecution_workflowId,
+    describeExecutionResponse_httpStatus,
+    describeExecutionResponse_workflowId,
+    describeExecutionResponse_execution,
+
+    -- ** DescribeHostKey
+    describeHostKey_serverId,
+    describeHostKey_hostKeyId,
+    describeHostKeyResponse_httpStatus,
+    describeHostKeyResponse_hostKey,
+
+    -- ** DescribeProfile
+    describeProfile_profileId,
+    describeProfileResponse_httpStatus,
+    describeProfileResponse_profile,
+
+    -- ** DescribeSecurityPolicy
+    describeSecurityPolicy_securityPolicyName,
+    describeSecurityPolicyResponse_httpStatus,
+    describeSecurityPolicyResponse_securityPolicy,
+
+    -- ** DescribeServer
+    describeServer_serverId,
+    describeServerResponse_httpStatus,
+    describeServerResponse_server,
+
+    -- ** DescribeUser
+    describeUser_serverId,
+    describeUser_userName,
+    describeUserResponse_httpStatus,
+    describeUserResponse_serverId,
+    describeUserResponse_user,
+
+    -- ** DescribeWorkflow
+    describeWorkflow_workflowId,
+    describeWorkflowResponse_httpStatus,
+    describeWorkflowResponse_workflow,
+
+    -- ** ImportCertificate
+    importCertificate_activeDate,
+    importCertificate_certificateChain,
+    importCertificate_description,
+    importCertificate_inactiveDate,
+    importCertificate_privateKey,
+    importCertificate_tags,
+    importCertificate_usage,
+    importCertificate_certificate,
+    importCertificateResponse_httpStatus,
+    importCertificateResponse_certificateId,
+
+    -- ** ImportHostKey
+    importHostKey_description,
+    importHostKey_tags,
+    importHostKey_serverId,
+    importHostKey_hostKeyBody,
+    importHostKeyResponse_httpStatus,
+    importHostKeyResponse_serverId,
+    importHostKeyResponse_hostKeyId,
+
+    -- ** ImportSshPublicKey
+    importSshPublicKey_serverId,
+    importSshPublicKey_sshPublicKeyBody,
+    importSshPublicKey_userName,
+    importSshPublicKeyResponse_httpStatus,
+    importSshPublicKeyResponse_serverId,
+    importSshPublicKeyResponse_sshPublicKeyId,
+    importSshPublicKeyResponse_userName,
+
+    -- ** ListAccesses
+    listAccesses_maxResults,
+    listAccesses_nextToken,
+    listAccesses_serverId,
+    listAccessesResponse_nextToken,
+    listAccessesResponse_httpStatus,
+    listAccessesResponse_serverId,
+    listAccessesResponse_accesses,
+
+    -- ** ListAgreements
+    listAgreements_maxResults,
+    listAgreements_nextToken,
+    listAgreements_serverId,
+    listAgreementsResponse_nextToken,
+    listAgreementsResponse_httpStatus,
+    listAgreementsResponse_agreements,
+
+    -- ** ListCertificates
+    listCertificates_maxResults,
+    listCertificates_nextToken,
+    listCertificatesResponse_nextToken,
+    listCertificatesResponse_httpStatus,
+    listCertificatesResponse_certificates,
+
+    -- ** ListConnectors
+    listConnectors_maxResults,
+    listConnectors_nextToken,
+    listConnectorsResponse_nextToken,
+    listConnectorsResponse_httpStatus,
+    listConnectorsResponse_connectors,
+
+    -- ** ListExecutions
+    listExecutions_maxResults,
+    listExecutions_nextToken,
+    listExecutions_workflowId,
+    listExecutionsResponse_nextToken,
+    listExecutionsResponse_httpStatus,
+    listExecutionsResponse_workflowId,
+    listExecutionsResponse_executions,
+
+    -- ** ListHostKeys
+    listHostKeys_maxResults,
+    listHostKeys_nextToken,
+    listHostKeys_serverId,
+    listHostKeysResponse_nextToken,
+    listHostKeysResponse_httpStatus,
+    listHostKeysResponse_serverId,
+    listHostKeysResponse_hostKeys,
+
+    -- ** ListProfiles
+    listProfiles_maxResults,
+    listProfiles_nextToken,
+    listProfiles_profileType,
+    listProfilesResponse_nextToken,
+    listProfilesResponse_httpStatus,
+    listProfilesResponse_profiles,
+
+    -- ** ListSecurityPolicies
+    listSecurityPolicies_maxResults,
+    listSecurityPolicies_nextToken,
+    listSecurityPoliciesResponse_nextToken,
+    listSecurityPoliciesResponse_httpStatus,
+    listSecurityPoliciesResponse_securityPolicyNames,
+
+    -- ** ListServers
+    listServers_maxResults,
+    listServers_nextToken,
+    listServersResponse_nextToken,
+    listServersResponse_httpStatus,
+    listServersResponse_servers,
+
+    -- ** ListTagsForResource
+    listTagsForResource_maxResults,
+    listTagsForResource_nextToken,
+    listTagsForResource_arn,
+    listTagsForResourceResponse_arn,
+    listTagsForResourceResponse_nextToken,
+    listTagsForResourceResponse_tags,
+    listTagsForResourceResponse_httpStatus,
+
+    -- ** ListUsers
+    listUsers_maxResults,
+    listUsers_nextToken,
+    listUsers_serverId,
+    listUsersResponse_nextToken,
+    listUsersResponse_httpStatus,
+    listUsersResponse_serverId,
+    listUsersResponse_users,
+
+    -- ** ListWorkflows
+    listWorkflows_maxResults,
+    listWorkflows_nextToken,
+    listWorkflowsResponse_nextToken,
+    listWorkflowsResponse_httpStatus,
+    listWorkflowsResponse_workflows,
+
+    -- ** SendWorkflowStepState
+    sendWorkflowStepState_workflowId,
+    sendWorkflowStepState_executionId,
+    sendWorkflowStepState_token,
+    sendWorkflowStepState_status,
+    sendWorkflowStepStateResponse_httpStatus,
+
+    -- ** StartFileTransfer
+    startFileTransfer_connectorId,
+    startFileTransfer_sendFilePaths,
+    startFileTransferResponse_httpStatus,
+    startFileTransferResponse_transferId,
+
+    -- ** StartServer
+    startServer_serverId,
+
+    -- ** StopServer
+    stopServer_serverId,
+
+    -- ** TagResource
+    tagResource_arn,
+    tagResource_tags,
+
+    -- ** TestIdentityProvider
+    testIdentityProvider_serverProtocol,
+    testIdentityProvider_sourceIp,
+    testIdentityProvider_userPassword,
+    testIdentityProvider_serverId,
+    testIdentityProvider_userName,
+    testIdentityProviderResponse_message,
+    testIdentityProviderResponse_response,
+    testIdentityProviderResponse_httpStatus,
+    testIdentityProviderResponse_statusCode,
+    testIdentityProviderResponse_url,
+
+    -- ** UntagResource
+    untagResource_arn,
+    untagResource_tagKeys,
+
+    -- ** UpdateAccess
+    updateAccess_homeDirectory,
+    updateAccess_homeDirectoryMappings,
+    updateAccess_homeDirectoryType,
+    updateAccess_policy,
+    updateAccess_posixProfile,
+    updateAccess_role,
+    updateAccess_serverId,
+    updateAccess_externalId,
+    updateAccessResponse_httpStatus,
+    updateAccessResponse_serverId,
+    updateAccessResponse_externalId,
+
+    -- ** UpdateAgreement
+    updateAgreement_accessRole,
+    updateAgreement_baseDirectory,
+    updateAgreement_description,
+    updateAgreement_localProfileId,
+    updateAgreement_partnerProfileId,
+    updateAgreement_status,
+    updateAgreement_agreementId,
+    updateAgreement_serverId,
+    updateAgreementResponse_httpStatus,
+    updateAgreementResponse_agreementId,
+
+    -- ** UpdateCertificate
+    updateCertificate_activeDate,
+    updateCertificate_description,
+    updateCertificate_inactiveDate,
+    updateCertificate_certificateId,
+    updateCertificateResponse_httpStatus,
+    updateCertificateResponse_certificateId,
+
+    -- ** UpdateConnector
+    updateConnector_accessRole,
+    updateConnector_as2Config,
+    updateConnector_loggingRole,
+    updateConnector_url,
+    updateConnector_connectorId,
+    updateConnectorResponse_httpStatus,
+    updateConnectorResponse_connectorId,
+
+    -- ** UpdateHostKey
+    updateHostKey_serverId,
+    updateHostKey_hostKeyId,
+    updateHostKey_description,
+    updateHostKeyResponse_httpStatus,
+    updateHostKeyResponse_serverId,
+    updateHostKeyResponse_hostKeyId,
+
+    -- ** UpdateProfile
+    updateProfile_certificateIds,
+    updateProfile_profileId,
+    updateProfileResponse_httpStatus,
+    updateProfileResponse_profileId,
+
+    -- ** UpdateServer
+    updateServer_certificate,
+    updateServer_endpointDetails,
+    updateServer_endpointType,
+    updateServer_hostKey,
+    updateServer_identityProviderDetails,
+    updateServer_loggingRole,
+    updateServer_postAuthenticationLoginBanner,
+    updateServer_preAuthenticationLoginBanner,
+    updateServer_protocolDetails,
+    updateServer_protocols,
+    updateServer_securityPolicyName,
+    updateServer_workflowDetails,
+    updateServer_serverId,
+    updateServerResponse_httpStatus,
+    updateServerResponse_serverId,
+
+    -- ** UpdateUser
+    updateUser_homeDirectory,
+    updateUser_homeDirectoryMappings,
+    updateUser_homeDirectoryType,
+    updateUser_policy,
+    updateUser_posixProfile,
+    updateUser_role,
+    updateUser_serverId,
+    updateUser_userName,
+    updateUserResponse_httpStatus,
+    updateUserResponse_serverId,
+    updateUserResponse_userName,
+
+    -- * Types
+
+    -- ** As2ConnectorConfig
+    as2ConnectorConfig_compression,
+    as2ConnectorConfig_encryptionAlgorithm,
+    as2ConnectorConfig_localProfileId,
+    as2ConnectorConfig_mdnResponse,
+    as2ConnectorConfig_mdnSigningAlgorithm,
+    as2ConnectorConfig_messageSubject,
+    as2ConnectorConfig_partnerProfileId,
+    as2ConnectorConfig_signingAlgorithm,
+
+    -- ** CopyStepDetails
+    copyStepDetails_destinationFileLocation,
+    copyStepDetails_name,
+    copyStepDetails_overwriteExisting,
+    copyStepDetails_sourceFileLocation,
+
+    -- ** CustomStepDetails
+    customStepDetails_name,
+    customStepDetails_sourceFileLocation,
+    customStepDetails_target,
+    customStepDetails_timeoutSeconds,
+
+    -- ** DecryptStepDetails
+    decryptStepDetails_name,
+    decryptStepDetails_overwriteExisting,
+    decryptStepDetails_sourceFileLocation,
+    decryptStepDetails_type,
+    decryptStepDetails_destinationFileLocation,
+
+    -- ** DeleteStepDetails
+    deleteStepDetails_name,
+    deleteStepDetails_sourceFileLocation,
+
+    -- ** DescribedAccess
+    describedAccess_externalId,
+    describedAccess_homeDirectory,
+    describedAccess_homeDirectoryMappings,
+    describedAccess_homeDirectoryType,
+    describedAccess_policy,
+    describedAccess_posixProfile,
+    describedAccess_role,
+
+    -- ** DescribedAgreement
+    describedAgreement_accessRole,
+    describedAgreement_agreementId,
+    describedAgreement_baseDirectory,
+    describedAgreement_description,
+    describedAgreement_localProfileId,
+    describedAgreement_partnerProfileId,
+    describedAgreement_serverId,
+    describedAgreement_status,
+    describedAgreement_tags,
+    describedAgreement_arn,
+
+    -- ** DescribedCertificate
+    describedCertificate_activeDate,
+    describedCertificate_certificate,
+    describedCertificate_certificateChain,
+    describedCertificate_certificateId,
+    describedCertificate_description,
+    describedCertificate_inactiveDate,
+    describedCertificate_notAfterDate,
+    describedCertificate_notBeforeDate,
+    describedCertificate_serial,
+    describedCertificate_status,
+    describedCertificate_tags,
+    describedCertificate_type,
+    describedCertificate_usage,
+    describedCertificate_arn,
+
+    -- ** DescribedConnector
+    describedConnector_accessRole,
+    describedConnector_as2Config,
+    describedConnector_connectorId,
+    describedConnector_loggingRole,
+    describedConnector_tags,
+    describedConnector_url,
+    describedConnector_arn,
+
+    -- ** DescribedExecution
+    describedExecution_executionId,
+    describedExecution_executionRole,
+    describedExecution_initialFileLocation,
+    describedExecution_loggingConfiguration,
+    describedExecution_posixProfile,
+    describedExecution_results,
+    describedExecution_serviceMetadata,
+    describedExecution_status,
+
+    -- ** DescribedHostKey
+    describedHostKey_dateImported,
+    describedHostKey_description,
+    describedHostKey_hostKeyFingerprint,
+    describedHostKey_hostKeyId,
+    describedHostKey_tags,
+    describedHostKey_type,
+    describedHostKey_arn,
+
+    -- ** DescribedProfile
+    describedProfile_as2Id,
+    describedProfile_certificateIds,
+    describedProfile_profileId,
+    describedProfile_profileType,
+    describedProfile_tags,
+    describedProfile_arn,
+
+    -- ** DescribedSecurityPolicy
+    describedSecurityPolicy_fips,
+    describedSecurityPolicy_sshCiphers,
+    describedSecurityPolicy_sshKexs,
+    describedSecurityPolicy_sshMacs,
+    describedSecurityPolicy_tlsCiphers,
+    describedSecurityPolicy_securityPolicyName,
+
+    -- ** DescribedServer
+    describedServer_certificate,
+    describedServer_domain,
+    describedServer_endpointDetails,
+    describedServer_endpointType,
+    describedServer_hostKeyFingerprint,
+    describedServer_identityProviderDetails,
+    describedServer_identityProviderType,
+    describedServer_loggingRole,
+    describedServer_postAuthenticationLoginBanner,
+    describedServer_preAuthenticationLoginBanner,
+    describedServer_protocolDetails,
+    describedServer_protocols,
+    describedServer_securityPolicyName,
+    describedServer_serverId,
+    describedServer_state,
+    describedServer_tags,
+    describedServer_userCount,
+    describedServer_workflowDetails,
+    describedServer_arn,
+
+    -- ** DescribedUser
+    describedUser_homeDirectory,
+    describedUser_homeDirectoryMappings,
+    describedUser_homeDirectoryType,
+    describedUser_policy,
+    describedUser_posixProfile,
+    describedUser_role,
+    describedUser_sshPublicKeys,
+    describedUser_tags,
+    describedUser_userName,
+    describedUser_arn,
+
+    -- ** DescribedWorkflow
+    describedWorkflow_description,
+    describedWorkflow_onExceptionSteps,
+    describedWorkflow_steps,
+    describedWorkflow_tags,
+    describedWorkflow_workflowId,
+    describedWorkflow_arn,
+
+    -- ** EfsFileLocation
+    efsFileLocation_fileSystemId,
+    efsFileLocation_path,
+
+    -- ** EndpointDetails
+    endpointDetails_addressAllocationIds,
+    endpointDetails_securityGroupIds,
+    endpointDetails_subnetIds,
+    endpointDetails_vpcEndpointId,
+    endpointDetails_vpcId,
+
+    -- ** ExecutionError
+    executionError_type,
+    executionError_message,
+
+    -- ** ExecutionResults
+    executionResults_onExceptionSteps,
+    executionResults_steps,
+
+    -- ** ExecutionStepResult
+    executionStepResult_error,
+    executionStepResult_outputs,
+    executionStepResult_stepType,
+
+    -- ** FileLocation
+    fileLocation_efsFileLocation,
+    fileLocation_s3FileLocation,
+
+    -- ** HomeDirectoryMapEntry
+    homeDirectoryMapEntry_entry,
+    homeDirectoryMapEntry_target,
+
+    -- ** IdentityProviderDetails
+    identityProviderDetails_directoryId,
+    identityProviderDetails_function,
+    identityProviderDetails_invocationRole,
+    identityProviderDetails_url,
+
+    -- ** InputFileLocation
+    inputFileLocation_efsFileLocation,
+    inputFileLocation_s3FileLocation,
+
+    -- ** ListedAccess
+    listedAccess_externalId,
+    listedAccess_homeDirectory,
+    listedAccess_homeDirectoryType,
+    listedAccess_role,
+
+    -- ** ListedAgreement
+    listedAgreement_agreementId,
+    listedAgreement_arn,
+    listedAgreement_description,
+    listedAgreement_localProfileId,
+    listedAgreement_partnerProfileId,
+    listedAgreement_serverId,
+    listedAgreement_status,
+
+    -- ** ListedCertificate
+    listedCertificate_activeDate,
+    listedCertificate_arn,
+    listedCertificate_certificateId,
+    listedCertificate_description,
+    listedCertificate_inactiveDate,
+    listedCertificate_status,
+    listedCertificate_type,
+    listedCertificate_usage,
+
+    -- ** ListedConnector
+    listedConnector_arn,
+    listedConnector_connectorId,
+    listedConnector_url,
+
+    -- ** ListedExecution
+    listedExecution_executionId,
+    listedExecution_initialFileLocation,
+    listedExecution_serviceMetadata,
+    listedExecution_status,
+
+    -- ** ListedHostKey
+    listedHostKey_dateImported,
+    listedHostKey_description,
+    listedHostKey_fingerprint,
+    listedHostKey_hostKeyId,
+    listedHostKey_type,
+    listedHostKey_arn,
+
+    -- ** ListedProfile
+    listedProfile_arn,
+    listedProfile_as2Id,
+    listedProfile_profileId,
+    listedProfile_profileType,
+
+    -- ** ListedServer
+    listedServer_domain,
+    listedServer_endpointType,
+    listedServer_identityProviderType,
+    listedServer_loggingRole,
+    listedServer_serverId,
+    listedServer_state,
+    listedServer_userCount,
+    listedServer_arn,
+
+    -- ** ListedUser
+    listedUser_homeDirectory,
+    listedUser_homeDirectoryType,
+    listedUser_role,
+    listedUser_sshPublicKeyCount,
+    listedUser_userName,
+    listedUser_arn,
+
+    -- ** ListedWorkflow
+    listedWorkflow_arn,
+    listedWorkflow_description,
+    listedWorkflow_workflowId,
+
+    -- ** LoggingConfiguration
+    loggingConfiguration_logGroupName,
+    loggingConfiguration_loggingRole,
+
+    -- ** PosixProfile
+    posixProfile_secondaryGids,
+    posixProfile_uid,
+    posixProfile_gid,
+
+    -- ** ProtocolDetails
+    protocolDetails_as2Transports,
+    protocolDetails_passiveIp,
+    protocolDetails_setStatOption,
+    protocolDetails_tlsSessionResumptionMode,
+
+    -- ** S3FileLocation
+    s3FileLocation_bucket,
+    s3FileLocation_etag,
+    s3FileLocation_key,
+    s3FileLocation_versionId,
+
+    -- ** S3InputFileLocation
+    s3InputFileLocation_bucket,
+    s3InputFileLocation_key,
+
+    -- ** S3Tag
+    s3Tag_key,
+    s3Tag_value,
+
+    -- ** ServiceMetadata
+    serviceMetadata_userDetails,
+
+    -- ** SshPublicKey
+    sshPublicKey_dateImported,
+    sshPublicKey_sshPublicKeyBody,
+    sshPublicKey_sshPublicKeyId,
+
+    -- ** Tag
+    tag_key,
+    tag_value,
+
+    -- ** TagStepDetails
+    tagStepDetails_name,
+    tagStepDetails_sourceFileLocation,
+    tagStepDetails_tags,
+
+    -- ** UserDetails
+    userDetails_sessionId,
+    userDetails_userName,
+    userDetails_serverId,
+
+    -- ** WorkflowDetail
+    workflowDetail_workflowId,
+    workflowDetail_executionRole,
+
+    -- ** WorkflowDetails
+    workflowDetails_onPartialUpload,
+    workflowDetails_onUpload,
+
+    -- ** WorkflowStep
+    workflowStep_copyStepDetails,
+    workflowStep_customStepDetails,
+    workflowStep_decryptStepDetails,
+    workflowStep_deleteStepDetails,
+    workflowStep_tagStepDetails,
+    workflowStep_type,
+  )
+where
+
+import Amazonka.Transfer.CreateAccess
+import Amazonka.Transfer.CreateAgreement
+import Amazonka.Transfer.CreateConnector
+import Amazonka.Transfer.CreateProfile
+import Amazonka.Transfer.CreateServer
+import Amazonka.Transfer.CreateUser
+import Amazonka.Transfer.CreateWorkflow
+import Amazonka.Transfer.DeleteAccess
+import Amazonka.Transfer.DeleteAgreement
+import Amazonka.Transfer.DeleteCertificate
+import Amazonka.Transfer.DeleteConnector
+import Amazonka.Transfer.DeleteHostKey
+import Amazonka.Transfer.DeleteProfile
+import Amazonka.Transfer.DeleteServer
+import Amazonka.Transfer.DeleteSshPublicKey
+import Amazonka.Transfer.DeleteUser
+import Amazonka.Transfer.DeleteWorkflow
+import Amazonka.Transfer.DescribeAccess
+import Amazonka.Transfer.DescribeAgreement
+import Amazonka.Transfer.DescribeCertificate
+import Amazonka.Transfer.DescribeConnector
+import Amazonka.Transfer.DescribeExecution
+import Amazonka.Transfer.DescribeHostKey
+import Amazonka.Transfer.DescribeProfile
+import Amazonka.Transfer.DescribeSecurityPolicy
+import Amazonka.Transfer.DescribeServer
+import Amazonka.Transfer.DescribeUser
+import Amazonka.Transfer.DescribeWorkflow
+import Amazonka.Transfer.ImportCertificate
+import Amazonka.Transfer.ImportHostKey
+import Amazonka.Transfer.ImportSshPublicKey
+import Amazonka.Transfer.ListAccesses
+import Amazonka.Transfer.ListAgreements
+import Amazonka.Transfer.ListCertificates
+import Amazonka.Transfer.ListConnectors
+import Amazonka.Transfer.ListExecutions
+import Amazonka.Transfer.ListHostKeys
+import Amazonka.Transfer.ListProfiles
+import Amazonka.Transfer.ListSecurityPolicies
+import Amazonka.Transfer.ListServers
+import Amazonka.Transfer.ListTagsForResource
+import Amazonka.Transfer.ListUsers
+import Amazonka.Transfer.ListWorkflows
+import Amazonka.Transfer.SendWorkflowStepState
+import Amazonka.Transfer.StartFileTransfer
+import Amazonka.Transfer.StartServer
+import Amazonka.Transfer.StopServer
+import Amazonka.Transfer.TagResource
+import Amazonka.Transfer.TestIdentityProvider
+import Amazonka.Transfer.Types.As2ConnectorConfig
+import Amazonka.Transfer.Types.CopyStepDetails
+import Amazonka.Transfer.Types.CustomStepDetails
+import Amazonka.Transfer.Types.DecryptStepDetails
+import Amazonka.Transfer.Types.DeleteStepDetails
+import Amazonka.Transfer.Types.DescribedAccess
+import Amazonka.Transfer.Types.DescribedAgreement
+import Amazonka.Transfer.Types.DescribedCertificate
+import Amazonka.Transfer.Types.DescribedConnector
+import Amazonka.Transfer.Types.DescribedExecution
+import Amazonka.Transfer.Types.DescribedHostKey
+import Amazonka.Transfer.Types.DescribedProfile
+import Amazonka.Transfer.Types.DescribedSecurityPolicy
+import Amazonka.Transfer.Types.DescribedServer
+import Amazonka.Transfer.Types.DescribedUser
+import Amazonka.Transfer.Types.DescribedWorkflow
+import Amazonka.Transfer.Types.EfsFileLocation
+import Amazonka.Transfer.Types.EndpointDetails
+import Amazonka.Transfer.Types.ExecutionError
+import Amazonka.Transfer.Types.ExecutionResults
+import Amazonka.Transfer.Types.ExecutionStepResult
+import Amazonka.Transfer.Types.FileLocation
+import Amazonka.Transfer.Types.HomeDirectoryMapEntry
+import Amazonka.Transfer.Types.IdentityProviderDetails
+import Amazonka.Transfer.Types.InputFileLocation
+import Amazonka.Transfer.Types.ListedAccess
+import Amazonka.Transfer.Types.ListedAgreement
+import Amazonka.Transfer.Types.ListedCertificate
+import Amazonka.Transfer.Types.ListedConnector
+import Amazonka.Transfer.Types.ListedExecution
+import Amazonka.Transfer.Types.ListedHostKey
+import Amazonka.Transfer.Types.ListedProfile
+import Amazonka.Transfer.Types.ListedServer
+import Amazonka.Transfer.Types.ListedUser
+import Amazonka.Transfer.Types.ListedWorkflow
+import Amazonka.Transfer.Types.LoggingConfiguration
+import Amazonka.Transfer.Types.PosixProfile
+import Amazonka.Transfer.Types.ProtocolDetails
+import Amazonka.Transfer.Types.S3FileLocation
+import Amazonka.Transfer.Types.S3InputFileLocation
+import Amazonka.Transfer.Types.S3Tag
+import Amazonka.Transfer.Types.ServiceMetadata
+import Amazonka.Transfer.Types.SshPublicKey
+import Amazonka.Transfer.Types.Tag
+import Amazonka.Transfer.Types.TagStepDetails
+import Amazonka.Transfer.Types.UserDetails
+import Amazonka.Transfer.Types.WorkflowDetail
+import Amazonka.Transfer.Types.WorkflowDetails
+import Amazonka.Transfer.Types.WorkflowStep
+import Amazonka.Transfer.UntagResource
+import Amazonka.Transfer.UpdateAccess
+import Amazonka.Transfer.UpdateAgreement
+import Amazonka.Transfer.UpdateCertificate
+import Amazonka.Transfer.UpdateConnector
+import Amazonka.Transfer.UpdateHostKey
+import Amazonka.Transfer.UpdateProfile
+import Amazonka.Transfer.UpdateServer
+import Amazonka.Transfer.UpdateUser
diff --git a/gen/Amazonka/Transfer/ListAccesses.hs b/gen/Amazonka/Transfer/ListAccesses.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/ListAccesses.hs
@@ -0,0 +1,270 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.ListAccesses
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the details for all the accesses you have on your server.
+--
+-- This operation returns paginated results.
+module Amazonka.Transfer.ListAccesses
+  ( -- * Creating a Request
+    ListAccesses (..),
+    newListAccesses,
+
+    -- * Request Lenses
+    listAccesses_maxResults,
+    listAccesses_nextToken,
+    listAccesses_serverId,
+
+    -- * Destructuring the Response
+    ListAccessesResponse (..),
+    newListAccessesResponse,
+
+    -- * Response Lenses
+    listAccessesResponse_nextToken,
+    listAccessesResponse_httpStatus,
+    listAccessesResponse_serverId,
+    listAccessesResponse_accesses,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newListAccesses' smart constructor.
+data ListAccesses = ListAccesses'
+  { -- | Specifies the maximum number of access SIDs to return.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | When you can get additional results from the @ListAccesses@ call, a
+    -- @NextToken@ parameter is returned in the output. You can then pass in a
+    -- subsequent command to the @NextToken@ parameter to continue listing
+    -- additional accesses.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | A system-assigned unique identifier for a server that has users assigned
+    -- to it.
+    serverId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListAccesses' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listAccesses_maxResults' - Specifies the maximum number of access SIDs to return.
+--
+-- 'nextToken', 'listAccesses_nextToken' - When you can get additional results from the @ListAccesses@ call, a
+-- @NextToken@ parameter is returned in the output. You can then pass in a
+-- subsequent command to the @NextToken@ parameter to continue listing
+-- additional accesses.
+--
+-- 'serverId', 'listAccesses_serverId' - A system-assigned unique identifier for a server that has users assigned
+-- to it.
+newListAccesses ::
+  -- | 'serverId'
+  Prelude.Text ->
+  ListAccesses
+newListAccesses pServerId_ =
+  ListAccesses'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      serverId = pServerId_
+    }
+
+-- | Specifies the maximum number of access SIDs to return.
+listAccesses_maxResults :: Lens.Lens' ListAccesses (Prelude.Maybe Prelude.Natural)
+listAccesses_maxResults = Lens.lens (\ListAccesses' {maxResults} -> maxResults) (\s@ListAccesses' {} a -> s {maxResults = a} :: ListAccesses)
+
+-- | When you can get additional results from the @ListAccesses@ call, a
+-- @NextToken@ parameter is returned in the output. You can then pass in a
+-- subsequent command to the @NextToken@ parameter to continue listing
+-- additional accesses.
+listAccesses_nextToken :: Lens.Lens' ListAccesses (Prelude.Maybe Prelude.Text)
+listAccesses_nextToken = Lens.lens (\ListAccesses' {nextToken} -> nextToken) (\s@ListAccesses' {} a -> s {nextToken = a} :: ListAccesses)
+
+-- | A system-assigned unique identifier for a server that has users assigned
+-- to it.
+listAccesses_serverId :: Lens.Lens' ListAccesses Prelude.Text
+listAccesses_serverId = Lens.lens (\ListAccesses' {serverId} -> serverId) (\s@ListAccesses' {} a -> s {serverId = a} :: ListAccesses)
+
+instance Core.AWSPager ListAccesses where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listAccessesResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        (rs Lens.^. listAccessesResponse_accesses) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listAccesses_nextToken
+          Lens..~ rs
+          Lens.^? listAccessesResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListAccesses where
+  type AWSResponse ListAccesses = ListAccessesResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListAccessesResponse'
+            Prelude.<$> (x Data..?> "NextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "ServerId")
+            Prelude.<*> (x Data..?> "Accesses" Core..!@ Prelude.mempty)
+      )
+
+instance Prelude.Hashable ListAccesses where
+  hashWithSalt _salt ListAccesses' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` serverId
+
+instance Prelude.NFData ListAccesses where
+  rnf ListAccesses' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf serverId
+
+instance Data.ToHeaders ListAccesses where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.ListAccesses" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON ListAccesses where
+  toJSON ListAccesses' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("MaxResults" Data..=) Prelude.<$> maxResults,
+            ("NextToken" Data..=) Prelude.<$> nextToken,
+            Prelude.Just ("ServerId" Data..= serverId)
+          ]
+      )
+
+instance Data.ToPath ListAccesses where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery ListAccesses where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newListAccessesResponse' smart constructor.
+data ListAccessesResponse = ListAccessesResponse'
+  { -- | When you can get additional results from the @ListAccesses@ call, a
+    -- @NextToken@ parameter is returned in the output. You can then pass in a
+    -- subsequent command to the @NextToken@ parameter to continue listing
+    -- additional accesses.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | A system-assigned unique identifier for a server that has users assigned
+    -- to it.
+    serverId :: Prelude.Text,
+    -- | Returns the accesses and their properties for the @ServerId@ value that
+    -- you specify.
+    accesses :: [ListedAccess]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListAccessesResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listAccessesResponse_nextToken' - When you can get additional results from the @ListAccesses@ call, a
+-- @NextToken@ parameter is returned in the output. You can then pass in a
+-- subsequent command to the @NextToken@ parameter to continue listing
+-- additional accesses.
+--
+-- 'httpStatus', 'listAccessesResponse_httpStatus' - The response's http status code.
+--
+-- 'serverId', 'listAccessesResponse_serverId' - A system-assigned unique identifier for a server that has users assigned
+-- to it.
+--
+-- 'accesses', 'listAccessesResponse_accesses' - Returns the accesses and their properties for the @ServerId@ value that
+-- you specify.
+newListAccessesResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'serverId'
+  Prelude.Text ->
+  ListAccessesResponse
+newListAccessesResponse pHttpStatus_ pServerId_ =
+  ListAccessesResponse'
+    { nextToken = Prelude.Nothing,
+      httpStatus = pHttpStatus_,
+      serverId = pServerId_,
+      accesses = Prelude.mempty
+    }
+
+-- | When you can get additional results from the @ListAccesses@ call, a
+-- @NextToken@ parameter is returned in the output. You can then pass in a
+-- subsequent command to the @NextToken@ parameter to continue listing
+-- additional accesses.
+listAccessesResponse_nextToken :: Lens.Lens' ListAccessesResponse (Prelude.Maybe Prelude.Text)
+listAccessesResponse_nextToken = Lens.lens (\ListAccessesResponse' {nextToken} -> nextToken) (\s@ListAccessesResponse' {} a -> s {nextToken = a} :: ListAccessesResponse)
+
+-- | The response's http status code.
+listAccessesResponse_httpStatus :: Lens.Lens' ListAccessesResponse Prelude.Int
+listAccessesResponse_httpStatus = Lens.lens (\ListAccessesResponse' {httpStatus} -> httpStatus) (\s@ListAccessesResponse' {} a -> s {httpStatus = a} :: ListAccessesResponse)
+
+-- | A system-assigned unique identifier for a server that has users assigned
+-- to it.
+listAccessesResponse_serverId :: Lens.Lens' ListAccessesResponse Prelude.Text
+listAccessesResponse_serverId = Lens.lens (\ListAccessesResponse' {serverId} -> serverId) (\s@ListAccessesResponse' {} a -> s {serverId = a} :: ListAccessesResponse)
+
+-- | Returns the accesses and their properties for the @ServerId@ value that
+-- you specify.
+listAccessesResponse_accesses :: Lens.Lens' ListAccessesResponse [ListedAccess]
+listAccessesResponse_accesses = Lens.lens (\ListAccessesResponse' {accesses} -> accesses) (\s@ListAccessesResponse' {} a -> s {accesses = a} :: ListAccessesResponse) Prelude.. Lens.coerced
+
+instance Prelude.NFData ListAccessesResponse where
+  rnf ListAccessesResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf accesses
diff --git a/gen/Amazonka/Transfer/ListAgreements.hs b/gen/Amazonka/Transfer/ListAgreements.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/ListAgreements.hs
@@ -0,0 +1,249 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.ListAgreements
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Returns a list of the agreements for the server that\'s identified by
+-- the @ServerId@ that you supply. If you want to limit the results to a
+-- certain number, supply a value for the @MaxResults@ parameter. If you
+-- ran the command previously and received a value for @NextToken@, you can
+-- supply that value to continue listing agreements from where you left
+-- off.
+--
+-- This operation returns paginated results.
+module Amazonka.Transfer.ListAgreements
+  ( -- * Creating a Request
+    ListAgreements (..),
+    newListAgreements,
+
+    -- * Request Lenses
+    listAgreements_maxResults,
+    listAgreements_nextToken,
+    listAgreements_serverId,
+
+    -- * Destructuring the Response
+    ListAgreementsResponse (..),
+    newListAgreementsResponse,
+
+    -- * Response Lenses
+    listAgreementsResponse_nextToken,
+    listAgreementsResponse_httpStatus,
+    listAgreementsResponse_agreements,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newListAgreements' smart constructor.
+data ListAgreements = ListAgreements'
+  { -- | The maximum number of agreements to return.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | When you can get additional results from the @ListAgreements@ call, a
+    -- @NextToken@ parameter is returned in the output. You can then pass in a
+    -- subsequent command to the @NextToken@ parameter to continue listing
+    -- additional agreements.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The identifier of the server for which you want a list of agreements.
+    serverId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListAgreements' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listAgreements_maxResults' - The maximum number of agreements to return.
+--
+-- 'nextToken', 'listAgreements_nextToken' - When you can get additional results from the @ListAgreements@ call, a
+-- @NextToken@ parameter is returned in the output. You can then pass in a
+-- subsequent command to the @NextToken@ parameter to continue listing
+-- additional agreements.
+--
+-- 'serverId', 'listAgreements_serverId' - The identifier of the server for which you want a list of agreements.
+newListAgreements ::
+  -- | 'serverId'
+  Prelude.Text ->
+  ListAgreements
+newListAgreements pServerId_ =
+  ListAgreements'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      serverId = pServerId_
+    }
+
+-- | The maximum number of agreements to return.
+listAgreements_maxResults :: Lens.Lens' ListAgreements (Prelude.Maybe Prelude.Natural)
+listAgreements_maxResults = Lens.lens (\ListAgreements' {maxResults} -> maxResults) (\s@ListAgreements' {} a -> s {maxResults = a} :: ListAgreements)
+
+-- | When you can get additional results from the @ListAgreements@ call, a
+-- @NextToken@ parameter is returned in the output. You can then pass in a
+-- subsequent command to the @NextToken@ parameter to continue listing
+-- additional agreements.
+listAgreements_nextToken :: Lens.Lens' ListAgreements (Prelude.Maybe Prelude.Text)
+listAgreements_nextToken = Lens.lens (\ListAgreements' {nextToken} -> nextToken) (\s@ListAgreements' {} a -> s {nextToken = a} :: ListAgreements)
+
+-- | The identifier of the server for which you want a list of agreements.
+listAgreements_serverId :: Lens.Lens' ListAgreements Prelude.Text
+listAgreements_serverId = Lens.lens (\ListAgreements' {serverId} -> serverId) (\s@ListAgreements' {} a -> s {serverId = a} :: ListAgreements)
+
+instance Core.AWSPager ListAgreements where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listAgreementsResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        (rs Lens.^. listAgreementsResponse_agreements) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listAgreements_nextToken
+          Lens..~ rs
+          Lens.^? listAgreementsResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListAgreements where
+  type
+    AWSResponse ListAgreements =
+      ListAgreementsResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListAgreementsResponse'
+            Prelude.<$> (x Data..?> "NextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..?> "Agreements" Core..!@ Prelude.mempty)
+      )
+
+instance Prelude.Hashable ListAgreements where
+  hashWithSalt _salt ListAgreements' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` serverId
+
+instance Prelude.NFData ListAgreements where
+  rnf ListAgreements' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf serverId
+
+instance Data.ToHeaders ListAgreements where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.ListAgreements" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON ListAgreements where
+  toJSON ListAgreements' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("MaxResults" Data..=) Prelude.<$> maxResults,
+            ("NextToken" Data..=) Prelude.<$> nextToken,
+            Prelude.Just ("ServerId" Data..= serverId)
+          ]
+      )
+
+instance Data.ToPath ListAgreements where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery ListAgreements where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newListAgreementsResponse' smart constructor.
+data ListAgreementsResponse = ListAgreementsResponse'
+  { -- | Returns a token that you can use to call @ListAgreements@ again and
+    -- receive additional results, if there are any.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | Returns an array, where each item contains the details of an agreement.
+    agreements :: [ListedAgreement]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListAgreementsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listAgreementsResponse_nextToken' - Returns a token that you can use to call @ListAgreements@ again and
+-- receive additional results, if there are any.
+--
+-- 'httpStatus', 'listAgreementsResponse_httpStatus' - The response's http status code.
+--
+-- 'agreements', 'listAgreementsResponse_agreements' - Returns an array, where each item contains the details of an agreement.
+newListAgreementsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListAgreementsResponse
+newListAgreementsResponse pHttpStatus_ =
+  ListAgreementsResponse'
+    { nextToken =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_,
+      agreements = Prelude.mempty
+    }
+
+-- | Returns a token that you can use to call @ListAgreements@ again and
+-- receive additional results, if there are any.
+listAgreementsResponse_nextToken :: Lens.Lens' ListAgreementsResponse (Prelude.Maybe Prelude.Text)
+listAgreementsResponse_nextToken = Lens.lens (\ListAgreementsResponse' {nextToken} -> nextToken) (\s@ListAgreementsResponse' {} a -> s {nextToken = a} :: ListAgreementsResponse)
+
+-- | The response's http status code.
+listAgreementsResponse_httpStatus :: Lens.Lens' ListAgreementsResponse Prelude.Int
+listAgreementsResponse_httpStatus = Lens.lens (\ListAgreementsResponse' {httpStatus} -> httpStatus) (\s@ListAgreementsResponse' {} a -> s {httpStatus = a} :: ListAgreementsResponse)
+
+-- | Returns an array, where each item contains the details of an agreement.
+listAgreementsResponse_agreements :: Lens.Lens' ListAgreementsResponse [ListedAgreement]
+listAgreementsResponse_agreements = Lens.lens (\ListAgreementsResponse' {agreements} -> agreements) (\s@ListAgreementsResponse' {} a -> s {agreements = a} :: ListAgreementsResponse) Prelude.. Lens.coerced
+
+instance Prelude.NFData ListAgreementsResponse where
+  rnf ListAgreementsResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf agreements
diff --git a/gen/Amazonka/Transfer/ListCertificates.hs b/gen/Amazonka/Transfer/ListCertificates.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/ListCertificates.hs
@@ -0,0 +1,234 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.ListCertificates
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Returns a list of the current certificates that have been imported into
+-- Transfer Family. If you want to limit the results to a certain number,
+-- supply a value for the @MaxResults@ parameter. If you ran the command
+-- previously and received a value for the @NextToken@ parameter, you can
+-- supply that value to continue listing certificates from where you left
+-- off.
+--
+-- This operation returns paginated results.
+module Amazonka.Transfer.ListCertificates
+  ( -- * Creating a Request
+    ListCertificates (..),
+    newListCertificates,
+
+    -- * Request Lenses
+    listCertificates_maxResults,
+    listCertificates_nextToken,
+
+    -- * Destructuring the Response
+    ListCertificatesResponse (..),
+    newListCertificatesResponse,
+
+    -- * Response Lenses
+    listCertificatesResponse_nextToken,
+    listCertificatesResponse_httpStatus,
+    listCertificatesResponse_certificates,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newListCertificates' smart constructor.
+data ListCertificates = ListCertificates'
+  { -- | The maximum number of certificates to return.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | When you can get additional results from the @ListCertificates@ call, a
+    -- @NextToken@ parameter is returned in the output. You can then pass in a
+    -- subsequent command to the @NextToken@ parameter to continue listing
+    -- additional certificates.
+    nextToken :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListCertificates' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listCertificates_maxResults' - The maximum number of certificates to return.
+--
+-- 'nextToken', 'listCertificates_nextToken' - When you can get additional results from the @ListCertificates@ call, a
+-- @NextToken@ parameter is returned in the output. You can then pass in a
+-- subsequent command to the @NextToken@ parameter to continue listing
+-- additional certificates.
+newListCertificates ::
+  ListCertificates
+newListCertificates =
+  ListCertificates'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing
+    }
+
+-- | The maximum number of certificates to return.
+listCertificates_maxResults :: Lens.Lens' ListCertificates (Prelude.Maybe Prelude.Natural)
+listCertificates_maxResults = Lens.lens (\ListCertificates' {maxResults} -> maxResults) (\s@ListCertificates' {} a -> s {maxResults = a} :: ListCertificates)
+
+-- | When you can get additional results from the @ListCertificates@ call, a
+-- @NextToken@ parameter is returned in the output. You can then pass in a
+-- subsequent command to the @NextToken@ parameter to continue listing
+-- additional certificates.
+listCertificates_nextToken :: Lens.Lens' ListCertificates (Prelude.Maybe Prelude.Text)
+listCertificates_nextToken = Lens.lens (\ListCertificates' {nextToken} -> nextToken) (\s@ListCertificates' {} a -> s {nextToken = a} :: ListCertificates)
+
+instance Core.AWSPager ListCertificates where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listCertificatesResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        (rs Lens.^. listCertificatesResponse_certificates) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listCertificates_nextToken
+          Lens..~ rs
+          Lens.^? listCertificatesResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListCertificates where
+  type
+    AWSResponse ListCertificates =
+      ListCertificatesResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListCertificatesResponse'
+            Prelude.<$> (x Data..?> "NextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..?> "Certificates" Core..!@ Prelude.mempty)
+      )
+
+instance Prelude.Hashable ListCertificates where
+  hashWithSalt _salt ListCertificates' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+
+instance Prelude.NFData ListCertificates where
+  rnf ListCertificates' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+
+instance Data.ToHeaders ListCertificates where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.ListCertificates" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON ListCertificates where
+  toJSON ListCertificates' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("MaxResults" Data..=) Prelude.<$> maxResults,
+            ("NextToken" Data..=) Prelude.<$> nextToken
+          ]
+      )
+
+instance Data.ToPath ListCertificates where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery ListCertificates where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newListCertificatesResponse' smart constructor.
+data ListCertificatesResponse = ListCertificatesResponse'
+  { -- | Returns the next token, which you can use to list the next certificate.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | Returns an array of the certificates that are specified in the
+    -- @ListCertificates@ call.
+    certificates :: [ListedCertificate]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListCertificatesResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listCertificatesResponse_nextToken' - Returns the next token, which you can use to list the next certificate.
+--
+-- 'httpStatus', 'listCertificatesResponse_httpStatus' - The response's http status code.
+--
+-- 'certificates', 'listCertificatesResponse_certificates' - Returns an array of the certificates that are specified in the
+-- @ListCertificates@ call.
+newListCertificatesResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListCertificatesResponse
+newListCertificatesResponse pHttpStatus_ =
+  ListCertificatesResponse'
+    { nextToken =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_,
+      certificates = Prelude.mempty
+    }
+
+-- | Returns the next token, which you can use to list the next certificate.
+listCertificatesResponse_nextToken :: Lens.Lens' ListCertificatesResponse (Prelude.Maybe Prelude.Text)
+listCertificatesResponse_nextToken = Lens.lens (\ListCertificatesResponse' {nextToken} -> nextToken) (\s@ListCertificatesResponse' {} a -> s {nextToken = a} :: ListCertificatesResponse)
+
+-- | The response's http status code.
+listCertificatesResponse_httpStatus :: Lens.Lens' ListCertificatesResponse Prelude.Int
+listCertificatesResponse_httpStatus = Lens.lens (\ListCertificatesResponse' {httpStatus} -> httpStatus) (\s@ListCertificatesResponse' {} a -> s {httpStatus = a} :: ListCertificatesResponse)
+
+-- | Returns an array of the certificates that are specified in the
+-- @ListCertificates@ call.
+listCertificatesResponse_certificates :: Lens.Lens' ListCertificatesResponse [ListedCertificate]
+listCertificatesResponse_certificates = Lens.lens (\ListCertificatesResponse' {certificates} -> certificates) (\s@ListCertificatesResponse' {} a -> s {certificates = a} :: ListCertificatesResponse) Prelude.. Lens.coerced
+
+instance Prelude.NFData ListCertificatesResponse where
+  rnf ListCertificatesResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf certificates
diff --git a/gen/Amazonka/Transfer/ListConnectors.hs b/gen/Amazonka/Transfer/ListConnectors.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/ListConnectors.hs
@@ -0,0 +1,229 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.ListConnectors
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the connectors for the specified Region.
+--
+-- This operation returns paginated results.
+module Amazonka.Transfer.ListConnectors
+  ( -- * Creating a Request
+    ListConnectors (..),
+    newListConnectors,
+
+    -- * Request Lenses
+    listConnectors_maxResults,
+    listConnectors_nextToken,
+
+    -- * Destructuring the Response
+    ListConnectorsResponse (..),
+    newListConnectorsResponse,
+
+    -- * Response Lenses
+    listConnectorsResponse_nextToken,
+    listConnectorsResponse_httpStatus,
+    listConnectorsResponse_connectors,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newListConnectors' smart constructor.
+data ListConnectors = ListConnectors'
+  { -- | The maximum number of connectors to return.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | When you can get additional results from the @ListConnectors@ call, a
+    -- @NextToken@ parameter is returned in the output. You can then pass in a
+    -- subsequent command to the @NextToken@ parameter to continue listing
+    -- additional connectors.
+    nextToken :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListConnectors' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listConnectors_maxResults' - The maximum number of connectors to return.
+--
+-- 'nextToken', 'listConnectors_nextToken' - When you can get additional results from the @ListConnectors@ call, a
+-- @NextToken@ parameter is returned in the output. You can then pass in a
+-- subsequent command to the @NextToken@ parameter to continue listing
+-- additional connectors.
+newListConnectors ::
+  ListConnectors
+newListConnectors =
+  ListConnectors'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing
+    }
+
+-- | The maximum number of connectors to return.
+listConnectors_maxResults :: Lens.Lens' ListConnectors (Prelude.Maybe Prelude.Natural)
+listConnectors_maxResults = Lens.lens (\ListConnectors' {maxResults} -> maxResults) (\s@ListConnectors' {} a -> s {maxResults = a} :: ListConnectors)
+
+-- | When you can get additional results from the @ListConnectors@ call, a
+-- @NextToken@ parameter is returned in the output. You can then pass in a
+-- subsequent command to the @NextToken@ parameter to continue listing
+-- additional connectors.
+listConnectors_nextToken :: Lens.Lens' ListConnectors (Prelude.Maybe Prelude.Text)
+listConnectors_nextToken = Lens.lens (\ListConnectors' {nextToken} -> nextToken) (\s@ListConnectors' {} a -> s {nextToken = a} :: ListConnectors)
+
+instance Core.AWSPager ListConnectors where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listConnectorsResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        (rs Lens.^. listConnectorsResponse_connectors) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listConnectors_nextToken
+          Lens..~ rs
+          Lens.^? listConnectorsResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListConnectors where
+  type
+    AWSResponse ListConnectors =
+      ListConnectorsResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListConnectorsResponse'
+            Prelude.<$> (x Data..?> "NextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..?> "Connectors" Core..!@ Prelude.mempty)
+      )
+
+instance Prelude.Hashable ListConnectors where
+  hashWithSalt _salt ListConnectors' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+
+instance Prelude.NFData ListConnectors where
+  rnf ListConnectors' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+
+instance Data.ToHeaders ListConnectors where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.ListConnectors" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON ListConnectors where
+  toJSON ListConnectors' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("MaxResults" Data..=) Prelude.<$> maxResults,
+            ("NextToken" Data..=) Prelude.<$> nextToken
+          ]
+      )
+
+instance Data.ToPath ListConnectors where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery ListConnectors where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newListConnectorsResponse' smart constructor.
+data ListConnectorsResponse = ListConnectorsResponse'
+  { -- | Returns a token that you can use to call @ListConnectors@ again and
+    -- receive additional results, if there are any.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | Returns an array, where each item contains the details of a connector.
+    connectors :: [ListedConnector]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListConnectorsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listConnectorsResponse_nextToken' - Returns a token that you can use to call @ListConnectors@ again and
+-- receive additional results, if there are any.
+--
+-- 'httpStatus', 'listConnectorsResponse_httpStatus' - The response's http status code.
+--
+-- 'connectors', 'listConnectorsResponse_connectors' - Returns an array, where each item contains the details of a connector.
+newListConnectorsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListConnectorsResponse
+newListConnectorsResponse pHttpStatus_ =
+  ListConnectorsResponse'
+    { nextToken =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_,
+      connectors = Prelude.mempty
+    }
+
+-- | Returns a token that you can use to call @ListConnectors@ again and
+-- receive additional results, if there are any.
+listConnectorsResponse_nextToken :: Lens.Lens' ListConnectorsResponse (Prelude.Maybe Prelude.Text)
+listConnectorsResponse_nextToken = Lens.lens (\ListConnectorsResponse' {nextToken} -> nextToken) (\s@ListConnectorsResponse' {} a -> s {nextToken = a} :: ListConnectorsResponse)
+
+-- | The response's http status code.
+listConnectorsResponse_httpStatus :: Lens.Lens' ListConnectorsResponse Prelude.Int
+listConnectorsResponse_httpStatus = Lens.lens (\ListConnectorsResponse' {httpStatus} -> httpStatus) (\s@ListConnectorsResponse' {} a -> s {httpStatus = a} :: ListConnectorsResponse)
+
+-- | Returns an array, where each item contains the details of a connector.
+listConnectorsResponse_connectors :: Lens.Lens' ListConnectorsResponse [ListedConnector]
+listConnectorsResponse_connectors = Lens.lens (\ListConnectorsResponse' {connectors} -> connectors) (\s@ListConnectorsResponse' {} a -> s {connectors = a} :: ListConnectorsResponse) Prelude.. Lens.coerced
+
+instance Prelude.NFData ListConnectorsResponse where
+  rnf ListConnectorsResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf connectors
diff --git a/gen/Amazonka/Transfer/ListExecutions.hs b/gen/Amazonka/Transfer/ListExecutions.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/ListExecutions.hs
@@ -0,0 +1,342 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.ListExecutions
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists all executions for the specified workflow.
+--
+-- This operation returns paginated results.
+module Amazonka.Transfer.ListExecutions
+  ( -- * Creating a Request
+    ListExecutions (..),
+    newListExecutions,
+
+    -- * Request Lenses
+    listExecutions_maxResults,
+    listExecutions_nextToken,
+    listExecutions_workflowId,
+
+    -- * Destructuring the Response
+    ListExecutionsResponse (..),
+    newListExecutionsResponse,
+
+    -- * Response Lenses
+    listExecutionsResponse_nextToken,
+    listExecutionsResponse_httpStatus,
+    listExecutionsResponse_workflowId,
+    listExecutionsResponse_executions,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newListExecutions' smart constructor.
+data ListExecutions = ListExecutions'
+  { -- | Specifies the maximum number of executions to return.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | @ListExecutions@ returns the @NextToken@ parameter in the output. You
+    -- can then pass the @NextToken@ parameter in a subsequent command to
+    -- continue listing additional executions.
+    --
+    -- This is useful for pagination, for instance. If you have 100 executions
+    -- for a workflow, you might only want to list first 10. If so, call the
+    -- API by specifying the @max-results@:
+    --
+    -- @aws transfer list-executions --max-results 10@
+    --
+    -- This returns details for the first 10 executions, as well as the pointer
+    -- (@NextToken@) to the eleventh execution. You can now call the API again,
+    -- supplying the @NextToken@ value you received:
+    --
+    -- @aws transfer list-executions --max-results 10 --next-token $somePointerReturnedFromPreviousListResult@
+    --
+    -- This call returns the next 10 executions, the 11th through the 20th. You
+    -- can then repeat the call until the details for all 100 executions have
+    -- been returned.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | A unique identifier for the workflow.
+    workflowId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListExecutions' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listExecutions_maxResults' - Specifies the maximum number of executions to return.
+--
+-- 'nextToken', 'listExecutions_nextToken' - @ListExecutions@ returns the @NextToken@ parameter in the output. You
+-- can then pass the @NextToken@ parameter in a subsequent command to
+-- continue listing additional executions.
+--
+-- This is useful for pagination, for instance. If you have 100 executions
+-- for a workflow, you might only want to list first 10. If so, call the
+-- API by specifying the @max-results@:
+--
+-- @aws transfer list-executions --max-results 10@
+--
+-- This returns details for the first 10 executions, as well as the pointer
+-- (@NextToken@) to the eleventh execution. You can now call the API again,
+-- supplying the @NextToken@ value you received:
+--
+-- @aws transfer list-executions --max-results 10 --next-token $somePointerReturnedFromPreviousListResult@
+--
+-- This call returns the next 10 executions, the 11th through the 20th. You
+-- can then repeat the call until the details for all 100 executions have
+-- been returned.
+--
+-- 'workflowId', 'listExecutions_workflowId' - A unique identifier for the workflow.
+newListExecutions ::
+  -- | 'workflowId'
+  Prelude.Text ->
+  ListExecutions
+newListExecutions pWorkflowId_ =
+  ListExecutions'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      workflowId = pWorkflowId_
+    }
+
+-- | Specifies the maximum number of executions to return.
+listExecutions_maxResults :: Lens.Lens' ListExecutions (Prelude.Maybe Prelude.Natural)
+listExecutions_maxResults = Lens.lens (\ListExecutions' {maxResults} -> maxResults) (\s@ListExecutions' {} a -> s {maxResults = a} :: ListExecutions)
+
+-- | @ListExecutions@ returns the @NextToken@ parameter in the output. You
+-- can then pass the @NextToken@ parameter in a subsequent command to
+-- continue listing additional executions.
+--
+-- This is useful for pagination, for instance. If you have 100 executions
+-- for a workflow, you might only want to list first 10. If so, call the
+-- API by specifying the @max-results@:
+--
+-- @aws transfer list-executions --max-results 10@
+--
+-- This returns details for the first 10 executions, as well as the pointer
+-- (@NextToken@) to the eleventh execution. You can now call the API again,
+-- supplying the @NextToken@ value you received:
+--
+-- @aws transfer list-executions --max-results 10 --next-token $somePointerReturnedFromPreviousListResult@
+--
+-- This call returns the next 10 executions, the 11th through the 20th. You
+-- can then repeat the call until the details for all 100 executions have
+-- been returned.
+listExecutions_nextToken :: Lens.Lens' ListExecutions (Prelude.Maybe Prelude.Text)
+listExecutions_nextToken = Lens.lens (\ListExecutions' {nextToken} -> nextToken) (\s@ListExecutions' {} a -> s {nextToken = a} :: ListExecutions)
+
+-- | A unique identifier for the workflow.
+listExecutions_workflowId :: Lens.Lens' ListExecutions Prelude.Text
+listExecutions_workflowId = Lens.lens (\ListExecutions' {workflowId} -> workflowId) (\s@ListExecutions' {} a -> s {workflowId = a} :: ListExecutions)
+
+instance Core.AWSPager ListExecutions where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listExecutionsResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        (rs Lens.^. listExecutionsResponse_executions) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listExecutions_nextToken
+          Lens..~ rs
+          Lens.^? listExecutionsResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListExecutions where
+  type
+    AWSResponse ListExecutions =
+      ListExecutionsResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListExecutionsResponse'
+            Prelude.<$> (x Data..?> "NextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "WorkflowId")
+            Prelude.<*> (x Data..?> "Executions" Core..!@ Prelude.mempty)
+      )
+
+instance Prelude.Hashable ListExecutions where
+  hashWithSalt _salt ListExecutions' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` workflowId
+
+instance Prelude.NFData ListExecutions where
+  rnf ListExecutions' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf workflowId
+
+instance Data.ToHeaders ListExecutions where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.ListExecutions" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON ListExecutions where
+  toJSON ListExecutions' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("MaxResults" Data..=) Prelude.<$> maxResults,
+            ("NextToken" Data..=) Prelude.<$> nextToken,
+            Prelude.Just ("WorkflowId" Data..= workflowId)
+          ]
+      )
+
+instance Data.ToPath ListExecutions where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery ListExecutions where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newListExecutionsResponse' smart constructor.
+data ListExecutionsResponse = ListExecutionsResponse'
+  { -- | @ListExecutions@ returns the @NextToken@ parameter in the output. You
+    -- can then pass the @NextToken@ parameter in a subsequent command to
+    -- continue listing additional executions.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | A unique identifier for the workflow.
+    workflowId :: Prelude.Text,
+    -- | Returns the details for each execution.
+    --
+    -- -   __NextToken__: returned from a call to several APIs, you can use
+    --     pass it to a subsequent command to continue listing additional
+    --     executions.
+    --
+    -- -   __StartTime__: timestamp indicating when the execution began.
+    --
+    -- -   __Executions__: details of the execution, including the execution
+    --     ID, initial file location, and Service metadata.
+    --
+    -- -   __Status__: one of the following values: @IN_PROGRESS@, @COMPLETED@,
+    --     @EXCEPTION@, @HANDLING_EXEPTION@.
+    executions :: [ListedExecution]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListExecutionsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listExecutionsResponse_nextToken' - @ListExecutions@ returns the @NextToken@ parameter in the output. You
+-- can then pass the @NextToken@ parameter in a subsequent command to
+-- continue listing additional executions.
+--
+-- 'httpStatus', 'listExecutionsResponse_httpStatus' - The response's http status code.
+--
+-- 'workflowId', 'listExecutionsResponse_workflowId' - A unique identifier for the workflow.
+--
+-- 'executions', 'listExecutionsResponse_executions' - Returns the details for each execution.
+--
+-- -   __NextToken__: returned from a call to several APIs, you can use
+--     pass it to a subsequent command to continue listing additional
+--     executions.
+--
+-- -   __StartTime__: timestamp indicating when the execution began.
+--
+-- -   __Executions__: details of the execution, including the execution
+--     ID, initial file location, and Service metadata.
+--
+-- -   __Status__: one of the following values: @IN_PROGRESS@, @COMPLETED@,
+--     @EXCEPTION@, @HANDLING_EXEPTION@.
+newListExecutionsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'workflowId'
+  Prelude.Text ->
+  ListExecutionsResponse
+newListExecutionsResponse pHttpStatus_ pWorkflowId_ =
+  ListExecutionsResponse'
+    { nextToken =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_,
+      workflowId = pWorkflowId_,
+      executions = Prelude.mempty
+    }
+
+-- | @ListExecutions@ returns the @NextToken@ parameter in the output. You
+-- can then pass the @NextToken@ parameter in a subsequent command to
+-- continue listing additional executions.
+listExecutionsResponse_nextToken :: Lens.Lens' ListExecutionsResponse (Prelude.Maybe Prelude.Text)
+listExecutionsResponse_nextToken = Lens.lens (\ListExecutionsResponse' {nextToken} -> nextToken) (\s@ListExecutionsResponse' {} a -> s {nextToken = a} :: ListExecutionsResponse)
+
+-- | The response's http status code.
+listExecutionsResponse_httpStatus :: Lens.Lens' ListExecutionsResponse Prelude.Int
+listExecutionsResponse_httpStatus = Lens.lens (\ListExecutionsResponse' {httpStatus} -> httpStatus) (\s@ListExecutionsResponse' {} a -> s {httpStatus = a} :: ListExecutionsResponse)
+
+-- | A unique identifier for the workflow.
+listExecutionsResponse_workflowId :: Lens.Lens' ListExecutionsResponse Prelude.Text
+listExecutionsResponse_workflowId = Lens.lens (\ListExecutionsResponse' {workflowId} -> workflowId) (\s@ListExecutionsResponse' {} a -> s {workflowId = a} :: ListExecutionsResponse)
+
+-- | Returns the details for each execution.
+--
+-- -   __NextToken__: returned from a call to several APIs, you can use
+--     pass it to a subsequent command to continue listing additional
+--     executions.
+--
+-- -   __StartTime__: timestamp indicating when the execution began.
+--
+-- -   __Executions__: details of the execution, including the execution
+--     ID, initial file location, and Service metadata.
+--
+-- -   __Status__: one of the following values: @IN_PROGRESS@, @COMPLETED@,
+--     @EXCEPTION@, @HANDLING_EXEPTION@.
+listExecutionsResponse_executions :: Lens.Lens' ListExecutionsResponse [ListedExecution]
+listExecutionsResponse_executions = Lens.lens (\ListExecutionsResponse' {executions} -> executions) (\s@ListExecutionsResponse' {} a -> s {executions = a} :: ListExecutionsResponse) Prelude.. Lens.coerced
+
+instance Prelude.NFData ListExecutionsResponse where
+  rnf ListExecutionsResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf workflowId
+      `Prelude.seq` Prelude.rnf executions
diff --git a/gen/Amazonka/Transfer/ListHostKeys.hs b/gen/Amazonka/Transfer/ListHostKeys.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/ListHostKeys.hs
@@ -0,0 +1,235 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.ListHostKeys
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Returns a list of host keys for the server that\'s specified by the
+-- @ServerId@ parameter.
+module Amazonka.Transfer.ListHostKeys
+  ( -- * Creating a Request
+    ListHostKeys (..),
+    newListHostKeys,
+
+    -- * Request Lenses
+    listHostKeys_maxResults,
+    listHostKeys_nextToken,
+    listHostKeys_serverId,
+
+    -- * Destructuring the Response
+    ListHostKeysResponse (..),
+    newListHostKeysResponse,
+
+    -- * Response Lenses
+    listHostKeysResponse_nextToken,
+    listHostKeysResponse_httpStatus,
+    listHostKeysResponse_serverId,
+    listHostKeysResponse_hostKeys,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newListHostKeys' smart constructor.
+data ListHostKeys = ListHostKeys'
+  { -- | The maximum number of host keys to return.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | When there are additional results that were not returned, a @NextToken@
+    -- parameter is returned. You can use that value for a subsequent call to
+    -- @ListHostKeys@ to continue listing results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The identifier of the server that contains the host keys that you want
+    -- to view.
+    serverId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListHostKeys' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listHostKeys_maxResults' - The maximum number of host keys to return.
+--
+-- 'nextToken', 'listHostKeys_nextToken' - When there are additional results that were not returned, a @NextToken@
+-- parameter is returned. You can use that value for a subsequent call to
+-- @ListHostKeys@ to continue listing results.
+--
+-- 'serverId', 'listHostKeys_serverId' - The identifier of the server that contains the host keys that you want
+-- to view.
+newListHostKeys ::
+  -- | 'serverId'
+  Prelude.Text ->
+  ListHostKeys
+newListHostKeys pServerId_ =
+  ListHostKeys'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      serverId = pServerId_
+    }
+
+-- | The maximum number of host keys to return.
+listHostKeys_maxResults :: Lens.Lens' ListHostKeys (Prelude.Maybe Prelude.Natural)
+listHostKeys_maxResults = Lens.lens (\ListHostKeys' {maxResults} -> maxResults) (\s@ListHostKeys' {} a -> s {maxResults = a} :: ListHostKeys)
+
+-- | When there are additional results that were not returned, a @NextToken@
+-- parameter is returned. You can use that value for a subsequent call to
+-- @ListHostKeys@ to continue listing results.
+listHostKeys_nextToken :: Lens.Lens' ListHostKeys (Prelude.Maybe Prelude.Text)
+listHostKeys_nextToken = Lens.lens (\ListHostKeys' {nextToken} -> nextToken) (\s@ListHostKeys' {} a -> s {nextToken = a} :: ListHostKeys)
+
+-- | The identifier of the server that contains the host keys that you want
+-- to view.
+listHostKeys_serverId :: Lens.Lens' ListHostKeys Prelude.Text
+listHostKeys_serverId = Lens.lens (\ListHostKeys' {serverId} -> serverId) (\s@ListHostKeys' {} a -> s {serverId = a} :: ListHostKeys)
+
+instance Core.AWSRequest ListHostKeys where
+  type AWSResponse ListHostKeys = ListHostKeysResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListHostKeysResponse'
+            Prelude.<$> (x Data..?> "NextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "ServerId")
+            Prelude.<*> (x Data..?> "HostKeys" Core..!@ Prelude.mempty)
+      )
+
+instance Prelude.Hashable ListHostKeys where
+  hashWithSalt _salt ListHostKeys' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` serverId
+
+instance Prelude.NFData ListHostKeys where
+  rnf ListHostKeys' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf serverId
+
+instance Data.ToHeaders ListHostKeys where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.ListHostKeys" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON ListHostKeys where
+  toJSON ListHostKeys' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("MaxResults" Data..=) Prelude.<$> maxResults,
+            ("NextToken" Data..=) Prelude.<$> nextToken,
+            Prelude.Just ("ServerId" Data..= serverId)
+          ]
+      )
+
+instance Data.ToPath ListHostKeys where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery ListHostKeys where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newListHostKeysResponse' smart constructor.
+data ListHostKeysResponse = ListHostKeysResponse'
+  { -- | Returns a token that you can use to call @ListHostKeys@ again and
+    -- receive additional results, if there are any.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | Returns the server identifier that contains the listed host keys.
+    serverId :: Prelude.Text,
+    -- | Returns an array, where each item contains the details of a host key.
+    hostKeys :: [ListedHostKey]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListHostKeysResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listHostKeysResponse_nextToken' - Returns a token that you can use to call @ListHostKeys@ again and
+-- receive additional results, if there are any.
+--
+-- 'httpStatus', 'listHostKeysResponse_httpStatus' - The response's http status code.
+--
+-- 'serverId', 'listHostKeysResponse_serverId' - Returns the server identifier that contains the listed host keys.
+--
+-- 'hostKeys', 'listHostKeysResponse_hostKeys' - Returns an array, where each item contains the details of a host key.
+newListHostKeysResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'serverId'
+  Prelude.Text ->
+  ListHostKeysResponse
+newListHostKeysResponse pHttpStatus_ pServerId_ =
+  ListHostKeysResponse'
+    { nextToken = Prelude.Nothing,
+      httpStatus = pHttpStatus_,
+      serverId = pServerId_,
+      hostKeys = Prelude.mempty
+    }
+
+-- | Returns a token that you can use to call @ListHostKeys@ again and
+-- receive additional results, if there are any.
+listHostKeysResponse_nextToken :: Lens.Lens' ListHostKeysResponse (Prelude.Maybe Prelude.Text)
+listHostKeysResponse_nextToken = Lens.lens (\ListHostKeysResponse' {nextToken} -> nextToken) (\s@ListHostKeysResponse' {} a -> s {nextToken = a} :: ListHostKeysResponse)
+
+-- | The response's http status code.
+listHostKeysResponse_httpStatus :: Lens.Lens' ListHostKeysResponse Prelude.Int
+listHostKeysResponse_httpStatus = Lens.lens (\ListHostKeysResponse' {httpStatus} -> httpStatus) (\s@ListHostKeysResponse' {} a -> s {httpStatus = a} :: ListHostKeysResponse)
+
+-- | Returns the server identifier that contains the listed host keys.
+listHostKeysResponse_serverId :: Lens.Lens' ListHostKeysResponse Prelude.Text
+listHostKeysResponse_serverId = Lens.lens (\ListHostKeysResponse' {serverId} -> serverId) (\s@ListHostKeysResponse' {} a -> s {serverId = a} :: ListHostKeysResponse)
+
+-- | Returns an array, where each item contains the details of a host key.
+listHostKeysResponse_hostKeys :: Lens.Lens' ListHostKeysResponse [ListedHostKey]
+listHostKeysResponse_hostKeys = Lens.lens (\ListHostKeysResponse' {hostKeys} -> hostKeys) (\s@ListHostKeysResponse' {} a -> s {hostKeys = a} :: ListHostKeysResponse) Prelude.. Lens.coerced
+
+instance Prelude.NFData ListHostKeysResponse where
+  rnf ListHostKeysResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf hostKeys
diff --git a/gen/Amazonka/Transfer/ListProfiles.hs b/gen/Amazonka/Transfer/ListProfiles.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/ListProfiles.hs
@@ -0,0 +1,246 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.ListProfiles
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Returns a list of the profiles for your system. If you want to limit the
+-- results to a certain number, supply a value for the @MaxResults@
+-- parameter. If you ran the command previously and received a value for
+-- @NextToken@, you can supply that value to continue listing profiles from
+-- where you left off.
+--
+-- This operation returns paginated results.
+module Amazonka.Transfer.ListProfiles
+  ( -- * Creating a Request
+    ListProfiles (..),
+    newListProfiles,
+
+    -- * Request Lenses
+    listProfiles_maxResults,
+    listProfiles_nextToken,
+    listProfiles_profileType,
+
+    -- * Destructuring the Response
+    ListProfilesResponse (..),
+    newListProfilesResponse,
+
+    -- * Response Lenses
+    listProfilesResponse_nextToken,
+    listProfilesResponse_httpStatus,
+    listProfilesResponse_profiles,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newListProfiles' smart constructor.
+data ListProfiles = ListProfiles'
+  { -- | The maximum number of profiles to return.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | When there are additional results that were not returned, a @NextToken@
+    -- parameter is returned. You can use that value for a subsequent call to
+    -- @ListProfiles@ to continue listing results.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | Indicates whether to list only @LOCAL@ type profiles or only @PARTNER@
+    -- type profiles. If not supplied in the request, the command lists all
+    -- types of profiles.
+    profileType :: Prelude.Maybe ProfileType
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListProfiles' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listProfiles_maxResults' - The maximum number of profiles to return.
+--
+-- 'nextToken', 'listProfiles_nextToken' - When there are additional results that were not returned, a @NextToken@
+-- parameter is returned. You can use that value for a subsequent call to
+-- @ListProfiles@ to continue listing results.
+--
+-- 'profileType', 'listProfiles_profileType' - Indicates whether to list only @LOCAL@ type profiles or only @PARTNER@
+-- type profiles. If not supplied in the request, the command lists all
+-- types of profiles.
+newListProfiles ::
+  ListProfiles
+newListProfiles =
+  ListProfiles'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      profileType = Prelude.Nothing
+    }
+
+-- | The maximum number of profiles to return.
+listProfiles_maxResults :: Lens.Lens' ListProfiles (Prelude.Maybe Prelude.Natural)
+listProfiles_maxResults = Lens.lens (\ListProfiles' {maxResults} -> maxResults) (\s@ListProfiles' {} a -> s {maxResults = a} :: ListProfiles)
+
+-- | When there are additional results that were not returned, a @NextToken@
+-- parameter is returned. You can use that value for a subsequent call to
+-- @ListProfiles@ to continue listing results.
+listProfiles_nextToken :: Lens.Lens' ListProfiles (Prelude.Maybe Prelude.Text)
+listProfiles_nextToken = Lens.lens (\ListProfiles' {nextToken} -> nextToken) (\s@ListProfiles' {} a -> s {nextToken = a} :: ListProfiles)
+
+-- | Indicates whether to list only @LOCAL@ type profiles or only @PARTNER@
+-- type profiles. If not supplied in the request, the command lists all
+-- types of profiles.
+listProfiles_profileType :: Lens.Lens' ListProfiles (Prelude.Maybe ProfileType)
+listProfiles_profileType = Lens.lens (\ListProfiles' {profileType} -> profileType) (\s@ListProfiles' {} a -> s {profileType = a} :: ListProfiles)
+
+instance Core.AWSPager ListProfiles where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listProfilesResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        (rs Lens.^. listProfilesResponse_profiles) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listProfiles_nextToken
+          Lens..~ rs
+          Lens.^? listProfilesResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListProfiles where
+  type AWSResponse ListProfiles = ListProfilesResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListProfilesResponse'
+            Prelude.<$> (x Data..?> "NextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..?> "Profiles" Core..!@ Prelude.mempty)
+      )
+
+instance Prelude.Hashable ListProfiles where
+  hashWithSalt _salt ListProfiles' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` profileType
+
+instance Prelude.NFData ListProfiles where
+  rnf ListProfiles' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf profileType
+
+instance Data.ToHeaders ListProfiles where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.ListProfiles" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON ListProfiles where
+  toJSON ListProfiles' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("MaxResults" Data..=) Prelude.<$> maxResults,
+            ("NextToken" Data..=) Prelude.<$> nextToken,
+            ("ProfileType" Data..=) Prelude.<$> profileType
+          ]
+      )
+
+instance Data.ToPath ListProfiles where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery ListProfiles where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newListProfilesResponse' smart constructor.
+data ListProfilesResponse = ListProfilesResponse'
+  { -- | Returns a token that you can use to call @ListProfiles@ again and
+    -- receive additional results, if there are any.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | Returns an array, where each item contains the details of a profile.
+    profiles :: [ListedProfile]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListProfilesResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listProfilesResponse_nextToken' - Returns a token that you can use to call @ListProfiles@ again and
+-- receive additional results, if there are any.
+--
+-- 'httpStatus', 'listProfilesResponse_httpStatus' - The response's http status code.
+--
+-- 'profiles', 'listProfilesResponse_profiles' - Returns an array, where each item contains the details of a profile.
+newListProfilesResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListProfilesResponse
+newListProfilesResponse pHttpStatus_ =
+  ListProfilesResponse'
+    { nextToken = Prelude.Nothing,
+      httpStatus = pHttpStatus_,
+      profiles = Prelude.mempty
+    }
+
+-- | Returns a token that you can use to call @ListProfiles@ again and
+-- receive additional results, if there are any.
+listProfilesResponse_nextToken :: Lens.Lens' ListProfilesResponse (Prelude.Maybe Prelude.Text)
+listProfilesResponse_nextToken = Lens.lens (\ListProfilesResponse' {nextToken} -> nextToken) (\s@ListProfilesResponse' {} a -> s {nextToken = a} :: ListProfilesResponse)
+
+-- | The response's http status code.
+listProfilesResponse_httpStatus :: Lens.Lens' ListProfilesResponse Prelude.Int
+listProfilesResponse_httpStatus = Lens.lens (\ListProfilesResponse' {httpStatus} -> httpStatus) (\s@ListProfilesResponse' {} a -> s {httpStatus = a} :: ListProfilesResponse)
+
+-- | Returns an array, where each item contains the details of a profile.
+listProfilesResponse_profiles :: Lens.Lens' ListProfilesResponse [ListedProfile]
+listProfilesResponse_profiles = Lens.lens (\ListProfilesResponse' {profiles} -> profiles) (\s@ListProfilesResponse' {} a -> s {profiles = a} :: ListProfilesResponse) Prelude.. Lens.coerced
+
+instance Prelude.NFData ListProfilesResponse where
+  rnf ListProfilesResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf profiles
diff --git a/gen/Amazonka/Transfer/ListSecurityPolicies.hs b/gen/Amazonka/Transfer/ListSecurityPolicies.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/ListSecurityPolicies.hs
@@ -0,0 +1,244 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.ListSecurityPolicies
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the security policies that are attached to your file transfer
+-- protocol-enabled servers.
+--
+-- This operation returns paginated results.
+module Amazonka.Transfer.ListSecurityPolicies
+  ( -- * Creating a Request
+    ListSecurityPolicies (..),
+    newListSecurityPolicies,
+
+    -- * Request Lenses
+    listSecurityPolicies_maxResults,
+    listSecurityPolicies_nextToken,
+
+    -- * Destructuring the Response
+    ListSecurityPoliciesResponse (..),
+    newListSecurityPoliciesResponse,
+
+    -- * Response Lenses
+    listSecurityPoliciesResponse_nextToken,
+    listSecurityPoliciesResponse_httpStatus,
+    listSecurityPoliciesResponse_securityPolicyNames,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newListSecurityPolicies' smart constructor.
+data ListSecurityPolicies = ListSecurityPolicies'
+  { -- | Specifies the number of security policies to return as a response to the
+    -- @ListSecurityPolicies@ query.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | When additional results are obtained from the @ListSecurityPolicies@
+    -- command, a @NextToken@ parameter is returned in the output. You can then
+    -- pass the @NextToken@ parameter in a subsequent command to continue
+    -- listing additional security policies.
+    nextToken :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListSecurityPolicies' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listSecurityPolicies_maxResults' - Specifies the number of security policies to return as a response to the
+-- @ListSecurityPolicies@ query.
+--
+-- 'nextToken', 'listSecurityPolicies_nextToken' - When additional results are obtained from the @ListSecurityPolicies@
+-- command, a @NextToken@ parameter is returned in the output. You can then
+-- pass the @NextToken@ parameter in a subsequent command to continue
+-- listing additional security policies.
+newListSecurityPolicies ::
+  ListSecurityPolicies
+newListSecurityPolicies =
+  ListSecurityPolicies'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing
+    }
+
+-- | Specifies the number of security policies to return as a response to the
+-- @ListSecurityPolicies@ query.
+listSecurityPolicies_maxResults :: Lens.Lens' ListSecurityPolicies (Prelude.Maybe Prelude.Natural)
+listSecurityPolicies_maxResults = Lens.lens (\ListSecurityPolicies' {maxResults} -> maxResults) (\s@ListSecurityPolicies' {} a -> s {maxResults = a} :: ListSecurityPolicies)
+
+-- | When additional results are obtained from the @ListSecurityPolicies@
+-- command, a @NextToken@ parameter is returned in the output. You can then
+-- pass the @NextToken@ parameter in a subsequent command to continue
+-- listing additional security policies.
+listSecurityPolicies_nextToken :: Lens.Lens' ListSecurityPolicies (Prelude.Maybe Prelude.Text)
+listSecurityPolicies_nextToken = Lens.lens (\ListSecurityPolicies' {nextToken} -> nextToken) (\s@ListSecurityPolicies' {} a -> s {nextToken = a} :: ListSecurityPolicies)
+
+instance Core.AWSPager ListSecurityPolicies where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listSecurityPoliciesResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^. listSecurityPoliciesResponse_securityPolicyNames
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listSecurityPolicies_nextToken
+          Lens..~ rs
+          Lens.^? listSecurityPoliciesResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListSecurityPolicies where
+  type
+    AWSResponse ListSecurityPolicies =
+      ListSecurityPoliciesResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListSecurityPoliciesResponse'
+            Prelude.<$> (x Data..?> "NextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> ( x
+                            Data..?> "SecurityPolicyNames"
+                            Core..!@ Prelude.mempty
+                        )
+      )
+
+instance Prelude.Hashable ListSecurityPolicies where
+  hashWithSalt _salt ListSecurityPolicies' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+
+instance Prelude.NFData ListSecurityPolicies where
+  rnf ListSecurityPolicies' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+
+instance Data.ToHeaders ListSecurityPolicies where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.ListSecurityPolicies" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON ListSecurityPolicies where
+  toJSON ListSecurityPolicies' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("MaxResults" Data..=) Prelude.<$> maxResults,
+            ("NextToken" Data..=) Prelude.<$> nextToken
+          ]
+      )
+
+instance Data.ToPath ListSecurityPolicies where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery ListSecurityPolicies where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newListSecurityPoliciesResponse' smart constructor.
+data ListSecurityPoliciesResponse = ListSecurityPoliciesResponse'
+  { -- | When you can get additional results from the @ListSecurityPolicies@
+    -- operation, a @NextToken@ parameter is returned in the output. In a
+    -- following command, you can pass in the @NextToken@ parameter to continue
+    -- listing security policies.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | An array of security policies that were listed.
+    securityPolicyNames :: [Prelude.Text]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListSecurityPoliciesResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listSecurityPoliciesResponse_nextToken' - When you can get additional results from the @ListSecurityPolicies@
+-- operation, a @NextToken@ parameter is returned in the output. In a
+-- following command, you can pass in the @NextToken@ parameter to continue
+-- listing security policies.
+--
+-- 'httpStatus', 'listSecurityPoliciesResponse_httpStatus' - The response's http status code.
+--
+-- 'securityPolicyNames', 'listSecurityPoliciesResponse_securityPolicyNames' - An array of security policies that were listed.
+newListSecurityPoliciesResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListSecurityPoliciesResponse
+newListSecurityPoliciesResponse pHttpStatus_ =
+  ListSecurityPoliciesResponse'
+    { nextToken =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_,
+      securityPolicyNames = Prelude.mempty
+    }
+
+-- | When you can get additional results from the @ListSecurityPolicies@
+-- operation, a @NextToken@ parameter is returned in the output. In a
+-- following command, you can pass in the @NextToken@ parameter to continue
+-- listing security policies.
+listSecurityPoliciesResponse_nextToken :: Lens.Lens' ListSecurityPoliciesResponse (Prelude.Maybe Prelude.Text)
+listSecurityPoliciesResponse_nextToken = Lens.lens (\ListSecurityPoliciesResponse' {nextToken} -> nextToken) (\s@ListSecurityPoliciesResponse' {} a -> s {nextToken = a} :: ListSecurityPoliciesResponse)
+
+-- | The response's http status code.
+listSecurityPoliciesResponse_httpStatus :: Lens.Lens' ListSecurityPoliciesResponse Prelude.Int
+listSecurityPoliciesResponse_httpStatus = Lens.lens (\ListSecurityPoliciesResponse' {httpStatus} -> httpStatus) (\s@ListSecurityPoliciesResponse' {} a -> s {httpStatus = a} :: ListSecurityPoliciesResponse)
+
+-- | An array of security policies that were listed.
+listSecurityPoliciesResponse_securityPolicyNames :: Lens.Lens' ListSecurityPoliciesResponse [Prelude.Text]
+listSecurityPoliciesResponse_securityPolicyNames = Lens.lens (\ListSecurityPoliciesResponse' {securityPolicyNames} -> securityPolicyNames) (\s@ListSecurityPoliciesResponse' {} a -> s {securityPolicyNames = a} :: ListSecurityPoliciesResponse) Prelude.. Lens.coerced
+
+instance Prelude.NFData ListSecurityPoliciesResponse where
+  rnf ListSecurityPoliciesResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf securityPolicyNames
diff --git a/gen/Amazonka/Transfer/ListServers.hs b/gen/Amazonka/Transfer/ListServers.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/ListServers.hs
@@ -0,0 +1,235 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.ListServers
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the file transfer protocol-enabled servers that are associated
+-- with your Amazon Web Services account.
+--
+-- This operation returns paginated results.
+module Amazonka.Transfer.ListServers
+  ( -- * Creating a Request
+    ListServers (..),
+    newListServers,
+
+    -- * Request Lenses
+    listServers_maxResults,
+    listServers_nextToken,
+
+    -- * Destructuring the Response
+    ListServersResponse (..),
+    newListServersResponse,
+
+    -- * Response Lenses
+    listServersResponse_nextToken,
+    listServersResponse_httpStatus,
+    listServersResponse_servers,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newListServers' smart constructor.
+data ListServers = ListServers'
+  { -- | Specifies the number of servers to return as a response to the
+    -- @ListServers@ query.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | When additional results are obtained from the @ListServers@ command, a
+    -- @NextToken@ parameter is returned in the output. You can then pass the
+    -- @NextToken@ parameter in a subsequent command to continue listing
+    -- additional servers.
+    nextToken :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListServers' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listServers_maxResults' - Specifies the number of servers to return as a response to the
+-- @ListServers@ query.
+--
+-- 'nextToken', 'listServers_nextToken' - When additional results are obtained from the @ListServers@ command, a
+-- @NextToken@ parameter is returned in the output. You can then pass the
+-- @NextToken@ parameter in a subsequent command to continue listing
+-- additional servers.
+newListServers ::
+  ListServers
+newListServers =
+  ListServers'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing
+    }
+
+-- | Specifies the number of servers to return as a response to the
+-- @ListServers@ query.
+listServers_maxResults :: Lens.Lens' ListServers (Prelude.Maybe Prelude.Natural)
+listServers_maxResults = Lens.lens (\ListServers' {maxResults} -> maxResults) (\s@ListServers' {} a -> s {maxResults = a} :: ListServers)
+
+-- | When additional results are obtained from the @ListServers@ command, a
+-- @NextToken@ parameter is returned in the output. You can then pass the
+-- @NextToken@ parameter in a subsequent command to continue listing
+-- additional servers.
+listServers_nextToken :: Lens.Lens' ListServers (Prelude.Maybe Prelude.Text)
+listServers_nextToken = Lens.lens (\ListServers' {nextToken} -> nextToken) (\s@ListServers' {} a -> s {nextToken = a} :: ListServers)
+
+instance Core.AWSPager ListServers where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listServersResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop (rs Lens.^. listServersResponse_servers) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listServers_nextToken
+          Lens..~ rs
+          Lens.^? listServersResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListServers where
+  type AWSResponse ListServers = ListServersResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListServersResponse'
+            Prelude.<$> (x Data..?> "NextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..?> "Servers" Core..!@ Prelude.mempty)
+      )
+
+instance Prelude.Hashable ListServers where
+  hashWithSalt _salt ListServers' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+
+instance Prelude.NFData ListServers where
+  rnf ListServers' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+
+instance Data.ToHeaders ListServers where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.ListServers" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON ListServers where
+  toJSON ListServers' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("MaxResults" Data..=) Prelude.<$> maxResults,
+            ("NextToken" Data..=) Prelude.<$> nextToken
+          ]
+      )
+
+instance Data.ToPath ListServers where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery ListServers where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newListServersResponse' smart constructor.
+data ListServersResponse = ListServersResponse'
+  { -- | When you can get additional results from the @ListServers@ operation, a
+    -- @NextToken@ parameter is returned in the output. In a following command,
+    -- you can pass in the @NextToken@ parameter to continue listing additional
+    -- servers.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | An array of servers that were listed.
+    servers :: [ListedServer]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListServersResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listServersResponse_nextToken' - When you can get additional results from the @ListServers@ operation, a
+-- @NextToken@ parameter is returned in the output. In a following command,
+-- you can pass in the @NextToken@ parameter to continue listing additional
+-- servers.
+--
+-- 'httpStatus', 'listServersResponse_httpStatus' - The response's http status code.
+--
+-- 'servers', 'listServersResponse_servers' - An array of servers that were listed.
+newListServersResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListServersResponse
+newListServersResponse pHttpStatus_ =
+  ListServersResponse'
+    { nextToken = Prelude.Nothing,
+      httpStatus = pHttpStatus_,
+      servers = Prelude.mempty
+    }
+
+-- | When you can get additional results from the @ListServers@ operation, a
+-- @NextToken@ parameter is returned in the output. In a following command,
+-- you can pass in the @NextToken@ parameter to continue listing additional
+-- servers.
+listServersResponse_nextToken :: Lens.Lens' ListServersResponse (Prelude.Maybe Prelude.Text)
+listServersResponse_nextToken = Lens.lens (\ListServersResponse' {nextToken} -> nextToken) (\s@ListServersResponse' {} a -> s {nextToken = a} :: ListServersResponse)
+
+-- | The response's http status code.
+listServersResponse_httpStatus :: Lens.Lens' ListServersResponse Prelude.Int
+listServersResponse_httpStatus = Lens.lens (\ListServersResponse' {httpStatus} -> httpStatus) (\s@ListServersResponse' {} a -> s {httpStatus = a} :: ListServersResponse)
+
+-- | An array of servers that were listed.
+listServersResponse_servers :: Lens.Lens' ListServersResponse [ListedServer]
+listServersResponse_servers = Lens.lens (\ListServersResponse' {servers} -> servers) (\s@ListServersResponse' {} a -> s {servers = a} :: ListServersResponse) Prelude.. Lens.coerced
+
+instance Prelude.NFData ListServersResponse where
+  rnf ListServersResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf servers
diff --git a/gen/Amazonka/Transfer/ListTagsForResource.hs b/gen/Amazonka/Transfer/ListTagsForResource.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/ListTagsForResource.hs
@@ -0,0 +1,278 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.ListTagsForResource
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists all of the tags associated with the Amazon Resource Name (ARN)
+-- that you specify. The resource can be a user, server, or role.
+--
+-- This operation returns paginated results.
+module Amazonka.Transfer.ListTagsForResource
+  ( -- * Creating a Request
+    ListTagsForResource (..),
+    newListTagsForResource,
+
+    -- * Request Lenses
+    listTagsForResource_maxResults,
+    listTagsForResource_nextToken,
+    listTagsForResource_arn,
+
+    -- * Destructuring the Response
+    ListTagsForResourceResponse (..),
+    newListTagsForResourceResponse,
+
+    -- * Response Lenses
+    listTagsForResourceResponse_arn,
+    listTagsForResourceResponse_nextToken,
+    listTagsForResourceResponse_tags,
+    listTagsForResourceResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newListTagsForResource' smart constructor.
+data ListTagsForResource = ListTagsForResource'
+  { -- | Specifies the number of tags to return as a response to the
+    -- @ListTagsForResource@ request.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | When you request additional results from the @ListTagsForResource@
+    -- operation, a @NextToken@ parameter is returned in the input. You can
+    -- then pass in a subsequent command to the @NextToken@ parameter to
+    -- continue listing additional tags.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | Requests the tags associated with a particular Amazon Resource Name
+    -- (ARN). An ARN is an identifier for a specific Amazon Web Services
+    -- resource, such as a server, user, or role.
+    arn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListTagsForResource' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listTagsForResource_maxResults' - Specifies the number of tags to return as a response to the
+-- @ListTagsForResource@ request.
+--
+-- 'nextToken', 'listTagsForResource_nextToken' - When you request additional results from the @ListTagsForResource@
+-- operation, a @NextToken@ parameter is returned in the input. You can
+-- then pass in a subsequent command to the @NextToken@ parameter to
+-- continue listing additional tags.
+--
+-- 'arn', 'listTagsForResource_arn' - Requests the tags associated with a particular Amazon Resource Name
+-- (ARN). An ARN is an identifier for a specific Amazon Web Services
+-- resource, such as a server, user, or role.
+newListTagsForResource ::
+  -- | 'arn'
+  Prelude.Text ->
+  ListTagsForResource
+newListTagsForResource pArn_ =
+  ListTagsForResource'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      arn = pArn_
+    }
+
+-- | Specifies the number of tags to return as a response to the
+-- @ListTagsForResource@ request.
+listTagsForResource_maxResults :: Lens.Lens' ListTagsForResource (Prelude.Maybe Prelude.Natural)
+listTagsForResource_maxResults = Lens.lens (\ListTagsForResource' {maxResults} -> maxResults) (\s@ListTagsForResource' {} a -> s {maxResults = a} :: ListTagsForResource)
+
+-- | When you request additional results from the @ListTagsForResource@
+-- operation, a @NextToken@ parameter is returned in the input. You can
+-- then pass in a subsequent command to the @NextToken@ parameter to
+-- continue listing additional tags.
+listTagsForResource_nextToken :: Lens.Lens' ListTagsForResource (Prelude.Maybe Prelude.Text)
+listTagsForResource_nextToken = Lens.lens (\ListTagsForResource' {nextToken} -> nextToken) (\s@ListTagsForResource' {} a -> s {nextToken = a} :: ListTagsForResource)
+
+-- | Requests the tags associated with a particular Amazon Resource Name
+-- (ARN). An ARN is an identifier for a specific Amazon Web Services
+-- resource, such as a server, user, or role.
+listTagsForResource_arn :: Lens.Lens' ListTagsForResource Prelude.Text
+listTagsForResource_arn = Lens.lens (\ListTagsForResource' {arn} -> arn) (\s@ListTagsForResource' {} a -> s {arn = a} :: ListTagsForResource)
+
+instance Core.AWSPager ListTagsForResource where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listTagsForResourceResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        ( rs
+            Lens.^? listTagsForResourceResponse_tags
+            Prelude.. Lens._Just
+            Prelude.. Lens.to Prelude.toList
+        ) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listTagsForResource_nextToken
+          Lens..~ rs
+          Lens.^? listTagsForResourceResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListTagsForResource where
+  type
+    AWSResponse ListTagsForResource =
+      ListTagsForResourceResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListTagsForResourceResponse'
+            Prelude.<$> (x Data..?> "Arn")
+            Prelude.<*> (x Data..?> "NextToken")
+            Prelude.<*> (x Data..?> "Tags")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListTagsForResource where
+  hashWithSalt _salt ListTagsForResource' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` arn
+
+instance Prelude.NFData ListTagsForResource where
+  rnf ListTagsForResource' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf arn
+
+instance Data.ToHeaders ListTagsForResource where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.ListTagsForResource" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON ListTagsForResource where
+  toJSON ListTagsForResource' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("MaxResults" Data..=) Prelude.<$> maxResults,
+            ("NextToken" Data..=) Prelude.<$> nextToken,
+            Prelude.Just ("Arn" Data..= arn)
+          ]
+      )
+
+instance Data.ToPath ListTagsForResource where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery ListTagsForResource where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newListTagsForResourceResponse' smart constructor.
+data ListTagsForResourceResponse = ListTagsForResourceResponse'
+  { -- | The ARN you specified to list the tags of.
+    arn :: Prelude.Maybe Prelude.Text,
+    -- | When you can get additional results from the @ListTagsForResource@ call,
+    -- a @NextToken@ parameter is returned in the output. You can then pass in
+    -- a subsequent command to the @NextToken@ parameter to continue listing
+    -- additional tags.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | Key-value pairs that are assigned to a resource, usually for the purpose
+    -- of grouping and searching for items. Tags are metadata that you define.
+    tags :: Prelude.Maybe (Prelude.NonEmpty Tag),
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListTagsForResourceResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'arn', 'listTagsForResourceResponse_arn' - The ARN you specified to list the tags of.
+--
+-- 'nextToken', 'listTagsForResourceResponse_nextToken' - When you can get additional results from the @ListTagsForResource@ call,
+-- a @NextToken@ parameter is returned in the output. You can then pass in
+-- a subsequent command to the @NextToken@ parameter to continue listing
+-- additional tags.
+--
+-- 'tags', 'listTagsForResourceResponse_tags' - Key-value pairs that are assigned to a resource, usually for the purpose
+-- of grouping and searching for items. Tags are metadata that you define.
+--
+-- 'httpStatus', 'listTagsForResourceResponse_httpStatus' - The response's http status code.
+newListTagsForResourceResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListTagsForResourceResponse
+newListTagsForResourceResponse pHttpStatus_ =
+  ListTagsForResourceResponse'
+    { arn = Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      tags = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The ARN you specified to list the tags of.
+listTagsForResourceResponse_arn :: Lens.Lens' ListTagsForResourceResponse (Prelude.Maybe Prelude.Text)
+listTagsForResourceResponse_arn = Lens.lens (\ListTagsForResourceResponse' {arn} -> arn) (\s@ListTagsForResourceResponse' {} a -> s {arn = a} :: ListTagsForResourceResponse)
+
+-- | When you can get additional results from the @ListTagsForResource@ call,
+-- a @NextToken@ parameter is returned in the output. You can then pass in
+-- a subsequent command to the @NextToken@ parameter to continue listing
+-- additional tags.
+listTagsForResourceResponse_nextToken :: Lens.Lens' ListTagsForResourceResponse (Prelude.Maybe Prelude.Text)
+listTagsForResourceResponse_nextToken = Lens.lens (\ListTagsForResourceResponse' {nextToken} -> nextToken) (\s@ListTagsForResourceResponse' {} a -> s {nextToken = a} :: ListTagsForResourceResponse)
+
+-- | Key-value pairs that are assigned to a resource, usually for the purpose
+-- of grouping and searching for items. Tags are metadata that you define.
+listTagsForResourceResponse_tags :: Lens.Lens' ListTagsForResourceResponse (Prelude.Maybe (Prelude.NonEmpty Tag))
+listTagsForResourceResponse_tags = Lens.lens (\ListTagsForResourceResponse' {tags} -> tags) (\s@ListTagsForResourceResponse' {} a -> s {tags = a} :: ListTagsForResourceResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listTagsForResourceResponse_httpStatus :: Lens.Lens' ListTagsForResourceResponse Prelude.Int
+listTagsForResourceResponse_httpStatus = Lens.lens (\ListTagsForResourceResponse' {httpStatus} -> httpStatus) (\s@ListTagsForResourceResponse' {} a -> s {httpStatus = a} :: ListTagsForResourceResponse)
+
+instance Prelude.NFData ListTagsForResourceResponse where
+  rnf ListTagsForResourceResponse' {..} =
+    Prelude.rnf arn
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/Transfer/ListUsers.hs b/gen/Amazonka/Transfer/ListUsers.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/ListUsers.hs
@@ -0,0 +1,271 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.ListUsers
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists the users for a file transfer protocol-enabled server that you
+-- specify by passing the @ServerId@ parameter.
+--
+-- This operation returns paginated results.
+module Amazonka.Transfer.ListUsers
+  ( -- * Creating a Request
+    ListUsers (..),
+    newListUsers,
+
+    -- * Request Lenses
+    listUsers_maxResults,
+    listUsers_nextToken,
+    listUsers_serverId,
+
+    -- * Destructuring the Response
+    ListUsersResponse (..),
+    newListUsersResponse,
+
+    -- * Response Lenses
+    listUsersResponse_nextToken,
+    listUsersResponse_httpStatus,
+    listUsersResponse_serverId,
+    listUsersResponse_users,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newListUsers' smart constructor.
+data ListUsers = ListUsers'
+  { -- | Specifies the number of users to return as a response to the @ListUsers@
+    -- request.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | When you can get additional results from the @ListUsers@ call, a
+    -- @NextToken@ parameter is returned in the output. You can then pass in a
+    -- subsequent command to the @NextToken@ parameter to continue listing
+    -- additional users.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | A system-assigned unique identifier for a server that has users assigned
+    -- to it.
+    serverId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListUsers' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listUsers_maxResults' - Specifies the number of users to return as a response to the @ListUsers@
+-- request.
+--
+-- 'nextToken', 'listUsers_nextToken' - When you can get additional results from the @ListUsers@ call, a
+-- @NextToken@ parameter is returned in the output. You can then pass in a
+-- subsequent command to the @NextToken@ parameter to continue listing
+-- additional users.
+--
+-- 'serverId', 'listUsers_serverId' - A system-assigned unique identifier for a server that has users assigned
+-- to it.
+newListUsers ::
+  -- | 'serverId'
+  Prelude.Text ->
+  ListUsers
+newListUsers pServerId_ =
+  ListUsers'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      serverId = pServerId_
+    }
+
+-- | Specifies the number of users to return as a response to the @ListUsers@
+-- request.
+listUsers_maxResults :: Lens.Lens' ListUsers (Prelude.Maybe Prelude.Natural)
+listUsers_maxResults = Lens.lens (\ListUsers' {maxResults} -> maxResults) (\s@ListUsers' {} a -> s {maxResults = a} :: ListUsers)
+
+-- | When you can get additional results from the @ListUsers@ call, a
+-- @NextToken@ parameter is returned in the output. You can then pass in a
+-- subsequent command to the @NextToken@ parameter to continue listing
+-- additional users.
+listUsers_nextToken :: Lens.Lens' ListUsers (Prelude.Maybe Prelude.Text)
+listUsers_nextToken = Lens.lens (\ListUsers' {nextToken} -> nextToken) (\s@ListUsers' {} a -> s {nextToken = a} :: ListUsers)
+
+-- | A system-assigned unique identifier for a server that has users assigned
+-- to it.
+listUsers_serverId :: Lens.Lens' ListUsers Prelude.Text
+listUsers_serverId = Lens.lens (\ListUsers' {serverId} -> serverId) (\s@ListUsers' {} a -> s {serverId = a} :: ListUsers)
+
+instance Core.AWSPager ListUsers where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listUsersResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop (rs Lens.^. listUsersResponse_users) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listUsers_nextToken
+          Lens..~ rs
+          Lens.^? listUsersResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListUsers where
+  type AWSResponse ListUsers = ListUsersResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListUsersResponse'
+            Prelude.<$> (x Data..?> "NextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "ServerId")
+            Prelude.<*> (x Data..?> "Users" Core..!@ Prelude.mempty)
+      )
+
+instance Prelude.Hashable ListUsers where
+  hashWithSalt _salt ListUsers' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` serverId
+
+instance Prelude.NFData ListUsers where
+  rnf ListUsers' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf serverId
+
+instance Data.ToHeaders ListUsers where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ("TransferService.ListUsers" :: Prelude.ByteString),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON ListUsers where
+  toJSON ListUsers' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("MaxResults" Data..=) Prelude.<$> maxResults,
+            ("NextToken" Data..=) Prelude.<$> nextToken,
+            Prelude.Just ("ServerId" Data..= serverId)
+          ]
+      )
+
+instance Data.ToPath ListUsers where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery ListUsers where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newListUsersResponse' smart constructor.
+data ListUsersResponse = ListUsersResponse'
+  { -- | When you can get additional results from the @ListUsers@ call, a
+    -- @NextToken@ parameter is returned in the output. You can then pass in a
+    -- subsequent command to the @NextToken@ parameter to continue listing
+    -- additional users.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | A system-assigned unique identifier for a server that the users are
+    -- assigned to.
+    serverId :: Prelude.Text,
+    -- | Returns the user accounts and their properties for the @ServerId@ value
+    -- that you specify.
+    users :: [ListedUser]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListUsersResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listUsersResponse_nextToken' - When you can get additional results from the @ListUsers@ call, a
+-- @NextToken@ parameter is returned in the output. You can then pass in a
+-- subsequent command to the @NextToken@ parameter to continue listing
+-- additional users.
+--
+-- 'httpStatus', 'listUsersResponse_httpStatus' - The response's http status code.
+--
+-- 'serverId', 'listUsersResponse_serverId' - A system-assigned unique identifier for a server that the users are
+-- assigned to.
+--
+-- 'users', 'listUsersResponse_users' - Returns the user accounts and their properties for the @ServerId@ value
+-- that you specify.
+newListUsersResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'serverId'
+  Prelude.Text ->
+  ListUsersResponse
+newListUsersResponse pHttpStatus_ pServerId_ =
+  ListUsersResponse'
+    { nextToken = Prelude.Nothing,
+      httpStatus = pHttpStatus_,
+      serverId = pServerId_,
+      users = Prelude.mempty
+    }
+
+-- | When you can get additional results from the @ListUsers@ call, a
+-- @NextToken@ parameter is returned in the output. You can then pass in a
+-- subsequent command to the @NextToken@ parameter to continue listing
+-- additional users.
+listUsersResponse_nextToken :: Lens.Lens' ListUsersResponse (Prelude.Maybe Prelude.Text)
+listUsersResponse_nextToken = Lens.lens (\ListUsersResponse' {nextToken} -> nextToken) (\s@ListUsersResponse' {} a -> s {nextToken = a} :: ListUsersResponse)
+
+-- | The response's http status code.
+listUsersResponse_httpStatus :: Lens.Lens' ListUsersResponse Prelude.Int
+listUsersResponse_httpStatus = Lens.lens (\ListUsersResponse' {httpStatus} -> httpStatus) (\s@ListUsersResponse' {} a -> s {httpStatus = a} :: ListUsersResponse)
+
+-- | A system-assigned unique identifier for a server that the users are
+-- assigned to.
+listUsersResponse_serverId :: Lens.Lens' ListUsersResponse Prelude.Text
+listUsersResponse_serverId = Lens.lens (\ListUsersResponse' {serverId} -> serverId) (\s@ListUsersResponse' {} a -> s {serverId = a} :: ListUsersResponse)
+
+-- | Returns the user accounts and their properties for the @ServerId@ value
+-- that you specify.
+listUsersResponse_users :: Lens.Lens' ListUsersResponse [ListedUser]
+listUsersResponse_users = Lens.lens (\ListUsersResponse' {users} -> users) (\s@ListUsersResponse' {} a -> s {users = a} :: ListUsersResponse) Prelude.. Lens.coerced
+
+instance Prelude.NFData ListUsersResponse where
+  rnf ListUsersResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf users
diff --git a/gen/Amazonka/Transfer/ListWorkflows.hs b/gen/Amazonka/Transfer/ListWorkflows.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/ListWorkflows.hs
@@ -0,0 +1,228 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.ListWorkflows
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Lists all of your workflows.
+--
+-- This operation returns paginated results.
+module Amazonka.Transfer.ListWorkflows
+  ( -- * Creating a Request
+    ListWorkflows (..),
+    newListWorkflows,
+
+    -- * Request Lenses
+    listWorkflows_maxResults,
+    listWorkflows_nextToken,
+
+    -- * Destructuring the Response
+    ListWorkflowsResponse (..),
+    newListWorkflowsResponse,
+
+    -- * Response Lenses
+    listWorkflowsResponse_nextToken,
+    listWorkflowsResponse_httpStatus,
+    listWorkflowsResponse_workflows,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newListWorkflows' smart constructor.
+data ListWorkflows = ListWorkflows'
+  { -- | Specifies the maximum number of workflows to return.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | @ListWorkflows@ returns the @NextToken@ parameter in the output. You can
+    -- then pass the @NextToken@ parameter in a subsequent command to continue
+    -- listing additional workflows.
+    nextToken :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListWorkflows' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listWorkflows_maxResults' - Specifies the maximum number of workflows to return.
+--
+-- 'nextToken', 'listWorkflows_nextToken' - @ListWorkflows@ returns the @NextToken@ parameter in the output. You can
+-- then pass the @NextToken@ parameter in a subsequent command to continue
+-- listing additional workflows.
+newListWorkflows ::
+  ListWorkflows
+newListWorkflows =
+  ListWorkflows'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing
+    }
+
+-- | Specifies the maximum number of workflows to return.
+listWorkflows_maxResults :: Lens.Lens' ListWorkflows (Prelude.Maybe Prelude.Natural)
+listWorkflows_maxResults = Lens.lens (\ListWorkflows' {maxResults} -> maxResults) (\s@ListWorkflows' {} a -> s {maxResults = a} :: ListWorkflows)
+
+-- | @ListWorkflows@ returns the @NextToken@ parameter in the output. You can
+-- then pass the @NextToken@ parameter in a subsequent command to continue
+-- listing additional workflows.
+listWorkflows_nextToken :: Lens.Lens' ListWorkflows (Prelude.Maybe Prelude.Text)
+listWorkflows_nextToken = Lens.lens (\ListWorkflows' {nextToken} -> nextToken) (\s@ListWorkflows' {} a -> s {nextToken = a} :: ListWorkflows)
+
+instance Core.AWSPager ListWorkflows where
+  page rq rs
+    | Core.stop
+        ( rs
+            Lens.^? listWorkflowsResponse_nextToken
+            Prelude.. Lens._Just
+        ) =
+        Prelude.Nothing
+    | Core.stop
+        (rs Lens.^. listWorkflowsResponse_workflows) =
+        Prelude.Nothing
+    | Prelude.otherwise =
+        Prelude.Just
+          Prelude.$ rq
+          Prelude.& listWorkflows_nextToken
+          Lens..~ rs
+          Lens.^? listWorkflowsResponse_nextToken
+          Prelude.. Lens._Just
+
+instance Core.AWSRequest ListWorkflows where
+  type
+    AWSResponse ListWorkflows =
+      ListWorkflowsResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListWorkflowsResponse'
+            Prelude.<$> (x Data..?> "NextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..?> "Workflows" Core..!@ Prelude.mempty)
+      )
+
+instance Prelude.Hashable ListWorkflows where
+  hashWithSalt _salt ListWorkflows' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+
+instance Prelude.NFData ListWorkflows where
+  rnf ListWorkflows' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+
+instance Data.ToHeaders ListWorkflows where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.ListWorkflows" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON ListWorkflows where
+  toJSON ListWorkflows' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("MaxResults" Data..=) Prelude.<$> maxResults,
+            ("NextToken" Data..=) Prelude.<$> nextToken
+          ]
+      )
+
+instance Data.ToPath ListWorkflows where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery ListWorkflows where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newListWorkflowsResponse' smart constructor.
+data ListWorkflowsResponse = ListWorkflowsResponse'
+  { -- | @ListWorkflows@ returns the @NextToken@ parameter in the output. You can
+    -- then pass the @NextToken@ parameter in a subsequent command to continue
+    -- listing additional workflows.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | Returns the @Arn@, @WorkflowId@, and @Description@ for each workflow.
+    workflows :: [ListedWorkflow]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListWorkflowsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listWorkflowsResponse_nextToken' - @ListWorkflows@ returns the @NextToken@ parameter in the output. You can
+-- then pass the @NextToken@ parameter in a subsequent command to continue
+-- listing additional workflows.
+--
+-- 'httpStatus', 'listWorkflowsResponse_httpStatus' - The response's http status code.
+--
+-- 'workflows', 'listWorkflowsResponse_workflows' - Returns the @Arn@, @WorkflowId@, and @Description@ for each workflow.
+newListWorkflowsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListWorkflowsResponse
+newListWorkflowsResponse pHttpStatus_ =
+  ListWorkflowsResponse'
+    { nextToken = Prelude.Nothing,
+      httpStatus = pHttpStatus_,
+      workflows = Prelude.mempty
+    }
+
+-- | @ListWorkflows@ returns the @NextToken@ parameter in the output. You can
+-- then pass the @NextToken@ parameter in a subsequent command to continue
+-- listing additional workflows.
+listWorkflowsResponse_nextToken :: Lens.Lens' ListWorkflowsResponse (Prelude.Maybe Prelude.Text)
+listWorkflowsResponse_nextToken = Lens.lens (\ListWorkflowsResponse' {nextToken} -> nextToken) (\s@ListWorkflowsResponse' {} a -> s {nextToken = a} :: ListWorkflowsResponse)
+
+-- | The response's http status code.
+listWorkflowsResponse_httpStatus :: Lens.Lens' ListWorkflowsResponse Prelude.Int
+listWorkflowsResponse_httpStatus = Lens.lens (\ListWorkflowsResponse' {httpStatus} -> httpStatus) (\s@ListWorkflowsResponse' {} a -> s {httpStatus = a} :: ListWorkflowsResponse)
+
+-- | Returns the @Arn@, @WorkflowId@, and @Description@ for each workflow.
+listWorkflowsResponse_workflows :: Lens.Lens' ListWorkflowsResponse [ListedWorkflow]
+listWorkflowsResponse_workflows = Lens.lens (\ListWorkflowsResponse' {workflows} -> workflows) (\s@ListWorkflowsResponse' {} a -> s {workflows = a} :: ListWorkflowsResponse) Prelude.. Lens.coerced
+
+instance Prelude.NFData ListWorkflowsResponse where
+  rnf ListWorkflowsResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf workflows
diff --git a/gen/Amazonka/Transfer/SendWorkflowStepState.hs b/gen/Amazonka/Transfer/SendWorkflowStepState.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/SendWorkflowStepState.hs
@@ -0,0 +1,217 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.SendWorkflowStepState
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Sends a callback for asynchronous custom steps.
+--
+-- The @ExecutionId@, @WorkflowId@, and @Token@ are passed to the target
+-- resource during execution of a custom step of a workflow. You must
+-- include those with their callback as well as providing a status.
+module Amazonka.Transfer.SendWorkflowStepState
+  ( -- * Creating a Request
+    SendWorkflowStepState (..),
+    newSendWorkflowStepState,
+
+    -- * Request Lenses
+    sendWorkflowStepState_workflowId,
+    sendWorkflowStepState_executionId,
+    sendWorkflowStepState_token,
+    sendWorkflowStepState_status,
+
+    -- * Destructuring the Response
+    SendWorkflowStepStateResponse (..),
+    newSendWorkflowStepStateResponse,
+
+    -- * Response Lenses
+    sendWorkflowStepStateResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newSendWorkflowStepState' smart constructor.
+data SendWorkflowStepState = SendWorkflowStepState'
+  { -- | A unique identifier for the workflow.
+    workflowId :: Prelude.Text,
+    -- | A unique identifier for the execution of a workflow.
+    executionId :: Prelude.Text,
+    -- | Used to distinguish between multiple callbacks for multiple Lambda steps
+    -- within the same execution.
+    token :: Prelude.Text,
+    -- | Indicates whether the specified step succeeded or failed.
+    status :: CustomStepStatus
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'SendWorkflowStepState' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'workflowId', 'sendWorkflowStepState_workflowId' - A unique identifier for the workflow.
+--
+-- 'executionId', 'sendWorkflowStepState_executionId' - A unique identifier for the execution of a workflow.
+--
+-- 'token', 'sendWorkflowStepState_token' - Used to distinguish between multiple callbacks for multiple Lambda steps
+-- within the same execution.
+--
+-- 'status', 'sendWorkflowStepState_status' - Indicates whether the specified step succeeded or failed.
+newSendWorkflowStepState ::
+  -- | 'workflowId'
+  Prelude.Text ->
+  -- | 'executionId'
+  Prelude.Text ->
+  -- | 'token'
+  Prelude.Text ->
+  -- | 'status'
+  CustomStepStatus ->
+  SendWorkflowStepState
+newSendWorkflowStepState
+  pWorkflowId_
+  pExecutionId_
+  pToken_
+  pStatus_ =
+    SendWorkflowStepState'
+      { workflowId = pWorkflowId_,
+        executionId = pExecutionId_,
+        token = pToken_,
+        status = pStatus_
+      }
+
+-- | A unique identifier for the workflow.
+sendWorkflowStepState_workflowId :: Lens.Lens' SendWorkflowStepState Prelude.Text
+sendWorkflowStepState_workflowId = Lens.lens (\SendWorkflowStepState' {workflowId} -> workflowId) (\s@SendWorkflowStepState' {} a -> s {workflowId = a} :: SendWorkflowStepState)
+
+-- | A unique identifier for the execution of a workflow.
+sendWorkflowStepState_executionId :: Lens.Lens' SendWorkflowStepState Prelude.Text
+sendWorkflowStepState_executionId = Lens.lens (\SendWorkflowStepState' {executionId} -> executionId) (\s@SendWorkflowStepState' {} a -> s {executionId = a} :: SendWorkflowStepState)
+
+-- | Used to distinguish between multiple callbacks for multiple Lambda steps
+-- within the same execution.
+sendWorkflowStepState_token :: Lens.Lens' SendWorkflowStepState Prelude.Text
+sendWorkflowStepState_token = Lens.lens (\SendWorkflowStepState' {token} -> token) (\s@SendWorkflowStepState' {} a -> s {token = a} :: SendWorkflowStepState)
+
+-- | Indicates whether the specified step succeeded or failed.
+sendWorkflowStepState_status :: Lens.Lens' SendWorkflowStepState CustomStepStatus
+sendWorkflowStepState_status = Lens.lens (\SendWorkflowStepState' {status} -> status) (\s@SendWorkflowStepState' {} a -> s {status = a} :: SendWorkflowStepState)
+
+instance Core.AWSRequest SendWorkflowStepState where
+  type
+    AWSResponse SendWorkflowStepState =
+      SendWorkflowStepStateResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          SendWorkflowStepStateResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable SendWorkflowStepState where
+  hashWithSalt _salt SendWorkflowStepState' {..} =
+    _salt
+      `Prelude.hashWithSalt` workflowId
+      `Prelude.hashWithSalt` executionId
+      `Prelude.hashWithSalt` token
+      `Prelude.hashWithSalt` status
+
+instance Prelude.NFData SendWorkflowStepState where
+  rnf SendWorkflowStepState' {..} =
+    Prelude.rnf workflowId
+      `Prelude.seq` Prelude.rnf executionId
+      `Prelude.seq` Prelude.rnf token
+      `Prelude.seq` Prelude.rnf status
+
+instance Data.ToHeaders SendWorkflowStepState where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.SendWorkflowStepState" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON SendWorkflowStepState where
+  toJSON SendWorkflowStepState' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("WorkflowId" Data..= workflowId),
+            Prelude.Just ("ExecutionId" Data..= executionId),
+            Prelude.Just ("Token" Data..= token),
+            Prelude.Just ("Status" Data..= status)
+          ]
+      )
+
+instance Data.ToPath SendWorkflowStepState where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery SendWorkflowStepState where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newSendWorkflowStepStateResponse' smart constructor.
+data SendWorkflowStepStateResponse = SendWorkflowStepStateResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'SendWorkflowStepStateResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'sendWorkflowStepStateResponse_httpStatus' - The response's http status code.
+newSendWorkflowStepStateResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  SendWorkflowStepStateResponse
+newSendWorkflowStepStateResponse pHttpStatus_ =
+  SendWorkflowStepStateResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+sendWorkflowStepStateResponse_httpStatus :: Lens.Lens' SendWorkflowStepStateResponse Prelude.Int
+sendWorkflowStepStateResponse_httpStatus = Lens.lens (\SendWorkflowStepStateResponse' {httpStatus} -> httpStatus) (\s@SendWorkflowStepStateResponse' {} a -> s {httpStatus = a} :: SendWorkflowStepStateResponse)
+
+instance Prelude.NFData SendWorkflowStepStateResponse where
+  rnf SendWorkflowStepStateResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/Transfer/StartFileTransfer.hs b/gen/Amazonka/Transfer/StartFileTransfer.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/StartFileTransfer.hs
@@ -0,0 +1,200 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.StartFileTransfer
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Begins an outbound file transfer to a remote AS2 server. You specify the
+-- @ConnectorId@ and the file paths for where to send the files.
+module Amazonka.Transfer.StartFileTransfer
+  ( -- * Creating a Request
+    StartFileTransfer (..),
+    newStartFileTransfer,
+
+    -- * Request Lenses
+    startFileTransfer_connectorId,
+    startFileTransfer_sendFilePaths,
+
+    -- * Destructuring the Response
+    StartFileTransferResponse (..),
+    newStartFileTransferResponse,
+
+    -- * Response Lenses
+    startFileTransferResponse_httpStatus,
+    startFileTransferResponse_transferId,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newStartFileTransfer' smart constructor.
+data StartFileTransfer = StartFileTransfer'
+  { -- | The unique identifier for the connector.
+    connectorId :: Prelude.Text,
+    -- | An array of strings. Each string represents the absolute path for one
+    -- outbound file transfer. For example,
+    -- @ @/@DOC-EXAMPLE-BUCKET@/@\/@/@myfile.txt@/@ @.
+    sendFilePaths :: Prelude.NonEmpty Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'StartFileTransfer' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'connectorId', 'startFileTransfer_connectorId' - The unique identifier for the connector.
+--
+-- 'sendFilePaths', 'startFileTransfer_sendFilePaths' - An array of strings. Each string represents the absolute path for one
+-- outbound file transfer. For example,
+-- @ @/@DOC-EXAMPLE-BUCKET@/@\/@/@myfile.txt@/@ @.
+newStartFileTransfer ::
+  -- | 'connectorId'
+  Prelude.Text ->
+  -- | 'sendFilePaths'
+  Prelude.NonEmpty Prelude.Text ->
+  StartFileTransfer
+newStartFileTransfer pConnectorId_ pSendFilePaths_ =
+  StartFileTransfer'
+    { connectorId = pConnectorId_,
+      sendFilePaths = Lens.coerced Lens.# pSendFilePaths_
+    }
+
+-- | The unique identifier for the connector.
+startFileTransfer_connectorId :: Lens.Lens' StartFileTransfer Prelude.Text
+startFileTransfer_connectorId = Lens.lens (\StartFileTransfer' {connectorId} -> connectorId) (\s@StartFileTransfer' {} a -> s {connectorId = a} :: StartFileTransfer)
+
+-- | An array of strings. Each string represents the absolute path for one
+-- outbound file transfer. For example,
+-- @ @/@DOC-EXAMPLE-BUCKET@/@\/@/@myfile.txt@/@ @.
+startFileTransfer_sendFilePaths :: Lens.Lens' StartFileTransfer (Prelude.NonEmpty Prelude.Text)
+startFileTransfer_sendFilePaths = Lens.lens (\StartFileTransfer' {sendFilePaths} -> sendFilePaths) (\s@StartFileTransfer' {} a -> s {sendFilePaths = a} :: StartFileTransfer) Prelude.. Lens.coerced
+
+instance Core.AWSRequest StartFileTransfer where
+  type
+    AWSResponse StartFileTransfer =
+      StartFileTransferResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          StartFileTransferResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "TransferId")
+      )
+
+instance Prelude.Hashable StartFileTransfer where
+  hashWithSalt _salt StartFileTransfer' {..} =
+    _salt
+      `Prelude.hashWithSalt` connectorId
+      `Prelude.hashWithSalt` sendFilePaths
+
+instance Prelude.NFData StartFileTransfer where
+  rnf StartFileTransfer' {..} =
+    Prelude.rnf connectorId
+      `Prelude.seq` Prelude.rnf sendFilePaths
+
+instance Data.ToHeaders StartFileTransfer where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.StartFileTransfer" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON StartFileTransfer where
+  toJSON StartFileTransfer' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("ConnectorId" Data..= connectorId),
+            Prelude.Just
+              ("SendFilePaths" Data..= sendFilePaths)
+          ]
+      )
+
+instance Data.ToPath StartFileTransfer where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery StartFileTransfer where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newStartFileTransferResponse' smart constructor.
+data StartFileTransferResponse = StartFileTransferResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | Returns the unique identifier for this file transfer.
+    transferId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'StartFileTransferResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'startFileTransferResponse_httpStatus' - The response's http status code.
+--
+-- 'transferId', 'startFileTransferResponse_transferId' - Returns the unique identifier for this file transfer.
+newStartFileTransferResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'transferId'
+  Prelude.Text ->
+  StartFileTransferResponse
+newStartFileTransferResponse
+  pHttpStatus_
+  pTransferId_ =
+    StartFileTransferResponse'
+      { httpStatus =
+          pHttpStatus_,
+        transferId = pTransferId_
+      }
+
+-- | The response's http status code.
+startFileTransferResponse_httpStatus :: Lens.Lens' StartFileTransferResponse Prelude.Int
+startFileTransferResponse_httpStatus = Lens.lens (\StartFileTransferResponse' {httpStatus} -> httpStatus) (\s@StartFileTransferResponse' {} a -> s {httpStatus = a} :: StartFileTransferResponse)
+
+-- | Returns the unique identifier for this file transfer.
+startFileTransferResponse_transferId :: Lens.Lens' StartFileTransferResponse Prelude.Text
+startFileTransferResponse_transferId = Lens.lens (\StartFileTransferResponse' {transferId} -> transferId) (\s@StartFileTransferResponse' {} a -> s {transferId = a} :: StartFileTransferResponse)
+
+instance Prelude.NFData StartFileTransferResponse where
+  rnf StartFileTransferResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf transferId
diff --git a/gen/Amazonka/Transfer/StartServer.hs b/gen/Amazonka/Transfer/StartServer.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/StartServer.hs
@@ -0,0 +1,137 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.StartServer
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Changes the state of a file transfer protocol-enabled server from
+-- @OFFLINE@ to @ONLINE@. It has no impact on a server that is already
+-- @ONLINE@. An @ONLINE@ server can accept and process file transfer jobs.
+--
+-- The state of @STARTING@ indicates that the server is in an intermediate
+-- state, either not fully able to respond, or not fully online. The values
+-- of @START_FAILED@ can indicate an error condition.
+--
+-- No response is returned from this call.
+module Amazonka.Transfer.StartServer
+  ( -- * Creating a Request
+    StartServer (..),
+    newStartServer,
+
+    -- * Request Lenses
+    startServer_serverId,
+
+    -- * Destructuring the Response
+    StartServerResponse (..),
+    newStartServerResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newStartServer' smart constructor.
+data StartServer = StartServer'
+  { -- | A system-assigned unique identifier for a server that you start.
+    serverId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'StartServer' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'serverId', 'startServer_serverId' - A system-assigned unique identifier for a server that you start.
+newStartServer ::
+  -- | 'serverId'
+  Prelude.Text ->
+  StartServer
+newStartServer pServerId_ =
+  StartServer' {serverId = pServerId_}
+
+-- | A system-assigned unique identifier for a server that you start.
+startServer_serverId :: Lens.Lens' StartServer Prelude.Text
+startServer_serverId = Lens.lens (\StartServer' {serverId} -> serverId) (\s@StartServer' {} a -> s {serverId = a} :: StartServer)
+
+instance Core.AWSRequest StartServer where
+  type AWSResponse StartServer = StartServerResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response = Response.receiveNull StartServerResponse'
+
+instance Prelude.Hashable StartServer where
+  hashWithSalt _salt StartServer' {..} =
+    _salt `Prelude.hashWithSalt` serverId
+
+instance Prelude.NFData StartServer where
+  rnf StartServer' {..} = Prelude.rnf serverId
+
+instance Data.ToHeaders StartServer where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.StartServer" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON StartServer where
+  toJSON StartServer' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [Prelude.Just ("ServerId" Data..= serverId)]
+      )
+
+instance Data.ToPath StartServer where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery StartServer where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newStartServerResponse' smart constructor.
+data StartServerResponse = StartServerResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'StartServerResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newStartServerResponse ::
+  StartServerResponse
+newStartServerResponse = StartServerResponse'
+
+instance Prelude.NFData StartServerResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/Transfer/StopServer.hs b/gen/Amazonka/Transfer/StopServer.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/StopServer.hs
@@ -0,0 +1,140 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.StopServer
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Changes the state of a file transfer protocol-enabled server from
+-- @ONLINE@ to @OFFLINE@. An @OFFLINE@ server cannot accept and process
+-- file transfer jobs. Information tied to your server, such as server and
+-- user properties, are not affected by stopping your server.
+--
+-- Stopping the server does not reduce or impact your file transfer
+-- protocol endpoint billing; you must delete the server to stop being
+-- billed.
+--
+-- The state of @STOPPING@ indicates that the server is in an intermediate
+-- state, either not fully able to respond, or not fully offline. The
+-- values of @STOP_FAILED@ can indicate an error condition.
+--
+-- No response is returned from this call.
+module Amazonka.Transfer.StopServer
+  ( -- * Creating a Request
+    StopServer (..),
+    newStopServer,
+
+    -- * Request Lenses
+    stopServer_serverId,
+
+    -- * Destructuring the Response
+    StopServerResponse (..),
+    newStopServerResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newStopServer' smart constructor.
+data StopServer = StopServer'
+  { -- | A system-assigned unique identifier for a server that you stopped.
+    serverId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'StopServer' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'serverId', 'stopServer_serverId' - A system-assigned unique identifier for a server that you stopped.
+newStopServer ::
+  -- | 'serverId'
+  Prelude.Text ->
+  StopServer
+newStopServer pServerId_ =
+  StopServer' {serverId = pServerId_}
+
+-- | A system-assigned unique identifier for a server that you stopped.
+stopServer_serverId :: Lens.Lens' StopServer Prelude.Text
+stopServer_serverId = Lens.lens (\StopServer' {serverId} -> serverId) (\s@StopServer' {} a -> s {serverId = a} :: StopServer)
+
+instance Core.AWSRequest StopServer where
+  type AWSResponse StopServer = StopServerResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response = Response.receiveNull StopServerResponse'
+
+instance Prelude.Hashable StopServer where
+  hashWithSalt _salt StopServer' {..} =
+    _salt `Prelude.hashWithSalt` serverId
+
+instance Prelude.NFData StopServer where
+  rnf StopServer' {..} = Prelude.rnf serverId
+
+instance Data.ToHeaders StopServer where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ("TransferService.StopServer" :: Prelude.ByteString),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON StopServer where
+  toJSON StopServer' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [Prelude.Just ("ServerId" Data..= serverId)]
+      )
+
+instance Data.ToPath StopServer where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery StopServer where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newStopServerResponse' smart constructor.
+data StopServerResponse = StopServerResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'StopServerResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newStopServerResponse ::
+  StopServerResponse
+newStopServerResponse = StopServerResponse'
+
+instance Prelude.NFData StopServerResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/Transfer/TagResource.hs b/gen/Amazonka/Transfer/TagResource.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/TagResource.hs
@@ -0,0 +1,161 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.TagResource
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Attaches a key-value pair to a resource, as identified by its Amazon
+-- Resource Name (ARN). Resources are users, servers, roles, and other
+-- entities.
+--
+-- There is no response returned from this call.
+module Amazonka.Transfer.TagResource
+  ( -- * Creating a Request
+    TagResource (..),
+    newTagResource,
+
+    -- * Request Lenses
+    tagResource_arn,
+    tagResource_tags,
+
+    -- * Destructuring the Response
+    TagResourceResponse (..),
+    newTagResourceResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newTagResource' smart constructor.
+data TagResource = TagResource'
+  { -- | An Amazon Resource Name (ARN) for a specific Amazon Web Services
+    -- resource, such as a server, user, or role.
+    arn :: Prelude.Text,
+    -- | Key-value pairs assigned to ARNs that you can use to group and search
+    -- for resources by type. You can attach this metadata to user accounts for
+    -- any purpose.
+    tags :: Prelude.NonEmpty Tag
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TagResource' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'arn', 'tagResource_arn' - An Amazon Resource Name (ARN) for a specific Amazon Web Services
+-- resource, such as a server, user, or role.
+--
+-- 'tags', 'tagResource_tags' - Key-value pairs assigned to ARNs that you can use to group and search
+-- for resources by type. You can attach this metadata to user accounts for
+-- any purpose.
+newTagResource ::
+  -- | 'arn'
+  Prelude.Text ->
+  -- | 'tags'
+  Prelude.NonEmpty Tag ->
+  TagResource
+newTagResource pArn_ pTags_ =
+  TagResource'
+    { arn = pArn_,
+      tags = Lens.coerced Lens.# pTags_
+    }
+
+-- | An Amazon Resource Name (ARN) for a specific Amazon Web Services
+-- resource, such as a server, user, or role.
+tagResource_arn :: Lens.Lens' TagResource Prelude.Text
+tagResource_arn = Lens.lens (\TagResource' {arn} -> arn) (\s@TagResource' {} a -> s {arn = a} :: TagResource)
+
+-- | Key-value pairs assigned to ARNs that you can use to group and search
+-- for resources by type. You can attach this metadata to user accounts for
+-- any purpose.
+tagResource_tags :: Lens.Lens' TagResource (Prelude.NonEmpty Tag)
+tagResource_tags = Lens.lens (\TagResource' {tags} -> tags) (\s@TagResource' {} a -> s {tags = a} :: TagResource) Prelude.. Lens.coerced
+
+instance Core.AWSRequest TagResource where
+  type AWSResponse TagResource = TagResourceResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response = Response.receiveNull TagResourceResponse'
+
+instance Prelude.Hashable TagResource where
+  hashWithSalt _salt TagResource' {..} =
+    _salt
+      `Prelude.hashWithSalt` arn
+      `Prelude.hashWithSalt` tags
+
+instance Prelude.NFData TagResource where
+  rnf TagResource' {..} =
+    Prelude.rnf arn `Prelude.seq` Prelude.rnf tags
+
+instance Data.ToHeaders TagResource where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.TagResource" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON TagResource where
+  toJSON TagResource' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("Arn" Data..= arn),
+            Prelude.Just ("Tags" Data..= tags)
+          ]
+      )
+
+instance Data.ToPath TagResource where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery TagResource where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newTagResourceResponse' smart constructor.
+data TagResourceResponse = TagResourceResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TagResourceResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newTagResourceResponse ::
+  TagResourceResponse
+newTagResourceResponse = TagResourceResponse'
+
+instance Prelude.NFData TagResourceResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/Transfer/TestIdentityProvider.hs b/gen/Amazonka/Transfer/TestIdentityProvider.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/TestIdentityProvider.hs
@@ -0,0 +1,334 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.TestIdentityProvider
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- If the @IdentityProviderType@ of a file transfer protocol-enabled server
+-- is @AWS_DIRECTORY_SERVICE@ or @API_Gateway@, tests whether your identity
+-- provider is set up successfully. We highly recommend that you call this
+-- operation to test your authentication method as soon as you create your
+-- server. By doing so, you can troubleshoot issues with the identity
+-- provider integration to ensure that your users can successfully use the
+-- service.
+--
+-- The @ServerId@ and @UserName@ parameters are required. The
+-- @ServerProtocol@, @SourceIp@, and @UserPassword@ are all optional.
+--
+-- You cannot use @TestIdentityProvider@ if the @IdentityProviderType@ of
+-- your server is @SERVICE_MANAGED@.
+--
+-- -   If you provide any incorrect values for any parameters, the
+--     @Response@ field is empty.
+--
+-- -   If you provide a server ID for a server that uses service-managed
+--     users, you get an error:
+--
+--     @ An error occurred (InvalidRequestException) when calling the TestIdentityProvider operation: s-@/@server-ID@/@ not configured for external auth @
+--
+-- -   If you enter a Server ID for the @--server-id@ parameter that does
+--     not identify an actual Transfer server, you receive the following
+--     error:
+--
+--     @An error occurred (ResourceNotFoundException) when calling the TestIdentityProvider operation: Unknown server@
+module Amazonka.Transfer.TestIdentityProvider
+  ( -- * Creating a Request
+    TestIdentityProvider (..),
+    newTestIdentityProvider,
+
+    -- * Request Lenses
+    testIdentityProvider_serverProtocol,
+    testIdentityProvider_sourceIp,
+    testIdentityProvider_userPassword,
+    testIdentityProvider_serverId,
+    testIdentityProvider_userName,
+
+    -- * Destructuring the Response
+    TestIdentityProviderResponse (..),
+    newTestIdentityProviderResponse,
+
+    -- * Response Lenses
+    testIdentityProviderResponse_message,
+    testIdentityProviderResponse_response,
+    testIdentityProviderResponse_httpStatus,
+    testIdentityProviderResponse_statusCode,
+    testIdentityProviderResponse_url,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newTestIdentityProvider' smart constructor.
+data TestIdentityProvider = TestIdentityProvider'
+  { -- | The type of file transfer protocol to be tested.
+    --
+    -- The available protocols are:
+    --
+    -- -   Secure Shell (SSH) File Transfer Protocol (SFTP)
+    --
+    -- -   File Transfer Protocol Secure (FTPS)
+    --
+    -- -   File Transfer Protocol (FTP)
+    serverProtocol :: Prelude.Maybe Protocol,
+    -- | The source IP address of the user account to be tested.
+    sourceIp :: Prelude.Maybe Prelude.Text,
+    -- | The password of the user account to be tested.
+    userPassword :: Prelude.Maybe (Data.Sensitive Prelude.Text),
+    -- | A system-assigned identifier for a specific server. That server\'s user
+    -- authentication method is tested with a user name and password.
+    serverId :: Prelude.Text,
+    -- | The name of the user account to be tested.
+    userName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TestIdentityProvider' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'serverProtocol', 'testIdentityProvider_serverProtocol' - The type of file transfer protocol to be tested.
+--
+-- The available protocols are:
+--
+-- -   Secure Shell (SSH) File Transfer Protocol (SFTP)
+--
+-- -   File Transfer Protocol Secure (FTPS)
+--
+-- -   File Transfer Protocol (FTP)
+--
+-- 'sourceIp', 'testIdentityProvider_sourceIp' - The source IP address of the user account to be tested.
+--
+-- 'userPassword', 'testIdentityProvider_userPassword' - The password of the user account to be tested.
+--
+-- 'serverId', 'testIdentityProvider_serverId' - A system-assigned identifier for a specific server. That server\'s user
+-- authentication method is tested with a user name and password.
+--
+-- 'userName', 'testIdentityProvider_userName' - The name of the user account to be tested.
+newTestIdentityProvider ::
+  -- | 'serverId'
+  Prelude.Text ->
+  -- | 'userName'
+  Prelude.Text ->
+  TestIdentityProvider
+newTestIdentityProvider pServerId_ pUserName_ =
+  TestIdentityProvider'
+    { serverProtocol =
+        Prelude.Nothing,
+      sourceIp = Prelude.Nothing,
+      userPassword = Prelude.Nothing,
+      serverId = pServerId_,
+      userName = pUserName_
+    }
+
+-- | The type of file transfer protocol to be tested.
+--
+-- The available protocols are:
+--
+-- -   Secure Shell (SSH) File Transfer Protocol (SFTP)
+--
+-- -   File Transfer Protocol Secure (FTPS)
+--
+-- -   File Transfer Protocol (FTP)
+testIdentityProvider_serverProtocol :: Lens.Lens' TestIdentityProvider (Prelude.Maybe Protocol)
+testIdentityProvider_serverProtocol = Lens.lens (\TestIdentityProvider' {serverProtocol} -> serverProtocol) (\s@TestIdentityProvider' {} a -> s {serverProtocol = a} :: TestIdentityProvider)
+
+-- | The source IP address of the user account to be tested.
+testIdentityProvider_sourceIp :: Lens.Lens' TestIdentityProvider (Prelude.Maybe Prelude.Text)
+testIdentityProvider_sourceIp = Lens.lens (\TestIdentityProvider' {sourceIp} -> sourceIp) (\s@TestIdentityProvider' {} a -> s {sourceIp = a} :: TestIdentityProvider)
+
+-- | The password of the user account to be tested.
+testIdentityProvider_userPassword :: Lens.Lens' TestIdentityProvider (Prelude.Maybe Prelude.Text)
+testIdentityProvider_userPassword = Lens.lens (\TestIdentityProvider' {userPassword} -> userPassword) (\s@TestIdentityProvider' {} a -> s {userPassword = a} :: TestIdentityProvider) Prelude.. Lens.mapping Data._Sensitive
+
+-- | A system-assigned identifier for a specific server. That server\'s user
+-- authentication method is tested with a user name and password.
+testIdentityProvider_serverId :: Lens.Lens' TestIdentityProvider Prelude.Text
+testIdentityProvider_serverId = Lens.lens (\TestIdentityProvider' {serverId} -> serverId) (\s@TestIdentityProvider' {} a -> s {serverId = a} :: TestIdentityProvider)
+
+-- | The name of the user account to be tested.
+testIdentityProvider_userName :: Lens.Lens' TestIdentityProvider Prelude.Text
+testIdentityProvider_userName = Lens.lens (\TestIdentityProvider' {userName} -> userName) (\s@TestIdentityProvider' {} a -> s {userName = a} :: TestIdentityProvider)
+
+instance Core.AWSRequest TestIdentityProvider where
+  type
+    AWSResponse TestIdentityProvider =
+      TestIdentityProviderResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          TestIdentityProviderResponse'
+            Prelude.<$> (x Data..?> "Message")
+            Prelude.<*> (x Data..?> "Response")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "StatusCode")
+            Prelude.<*> (x Data..:> "Url")
+      )
+
+instance Prelude.Hashable TestIdentityProvider where
+  hashWithSalt _salt TestIdentityProvider' {..} =
+    _salt
+      `Prelude.hashWithSalt` serverProtocol
+      `Prelude.hashWithSalt` sourceIp
+      `Prelude.hashWithSalt` userPassword
+      `Prelude.hashWithSalt` serverId
+      `Prelude.hashWithSalt` userName
+
+instance Prelude.NFData TestIdentityProvider where
+  rnf TestIdentityProvider' {..} =
+    Prelude.rnf serverProtocol
+      `Prelude.seq` Prelude.rnf sourceIp
+      `Prelude.seq` Prelude.rnf userPassword
+      `Prelude.seq` Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf userName
+
+instance Data.ToHeaders TestIdentityProvider where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.TestIdentityProvider" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON TestIdentityProvider where
+  toJSON TestIdentityProvider' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("ServerProtocol" Data..=)
+              Prelude.<$> serverProtocol,
+            ("SourceIp" Data..=) Prelude.<$> sourceIp,
+            ("UserPassword" Data..=) Prelude.<$> userPassword,
+            Prelude.Just ("ServerId" Data..= serverId),
+            Prelude.Just ("UserName" Data..= userName)
+          ]
+      )
+
+instance Data.ToPath TestIdentityProvider where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery TestIdentityProvider where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newTestIdentityProviderResponse' smart constructor.
+data TestIdentityProviderResponse = TestIdentityProviderResponse'
+  { -- | A message that indicates whether the test was successful or not.
+    --
+    -- If an empty string is returned, the most likely cause is that the
+    -- authentication failed due to an incorrect username or password.
+    message :: Prelude.Maybe Prelude.Text,
+    -- | The response that is returned from your API Gateway.
+    response :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The HTTP status code that is the response from your API Gateway.
+    statusCode :: Prelude.Int,
+    -- | The endpoint of the service used to authenticate a user.
+    url :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TestIdentityProviderResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'message', 'testIdentityProviderResponse_message' - A message that indicates whether the test was successful or not.
+--
+-- If an empty string is returned, the most likely cause is that the
+-- authentication failed due to an incorrect username or password.
+--
+-- 'response', 'testIdentityProviderResponse_response' - The response that is returned from your API Gateway.
+--
+-- 'httpStatus', 'testIdentityProviderResponse_httpStatus' - The response's http status code.
+--
+-- 'statusCode', 'testIdentityProviderResponse_statusCode' - The HTTP status code that is the response from your API Gateway.
+--
+-- 'url', 'testIdentityProviderResponse_url' - The endpoint of the service used to authenticate a user.
+newTestIdentityProviderResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'statusCode'
+  Prelude.Int ->
+  -- | 'url'
+  Prelude.Text ->
+  TestIdentityProviderResponse
+newTestIdentityProviderResponse
+  pHttpStatus_
+  pStatusCode_
+  pUrl_ =
+    TestIdentityProviderResponse'
+      { message =
+          Prelude.Nothing,
+        response = Prelude.Nothing,
+        httpStatus = pHttpStatus_,
+        statusCode = pStatusCode_,
+        url = pUrl_
+      }
+
+-- | A message that indicates whether the test was successful or not.
+--
+-- If an empty string is returned, the most likely cause is that the
+-- authentication failed due to an incorrect username or password.
+testIdentityProviderResponse_message :: Lens.Lens' TestIdentityProviderResponse (Prelude.Maybe Prelude.Text)
+testIdentityProviderResponse_message = Lens.lens (\TestIdentityProviderResponse' {message} -> message) (\s@TestIdentityProviderResponse' {} a -> s {message = a} :: TestIdentityProviderResponse)
+
+-- | The response that is returned from your API Gateway.
+testIdentityProviderResponse_response :: Lens.Lens' TestIdentityProviderResponse (Prelude.Maybe Prelude.Text)
+testIdentityProviderResponse_response = Lens.lens (\TestIdentityProviderResponse' {response} -> response) (\s@TestIdentityProviderResponse' {} a -> s {response = a} :: TestIdentityProviderResponse)
+
+-- | The response's http status code.
+testIdentityProviderResponse_httpStatus :: Lens.Lens' TestIdentityProviderResponse Prelude.Int
+testIdentityProviderResponse_httpStatus = Lens.lens (\TestIdentityProviderResponse' {httpStatus} -> httpStatus) (\s@TestIdentityProviderResponse' {} a -> s {httpStatus = a} :: TestIdentityProviderResponse)
+
+-- | The HTTP status code that is the response from your API Gateway.
+testIdentityProviderResponse_statusCode :: Lens.Lens' TestIdentityProviderResponse Prelude.Int
+testIdentityProviderResponse_statusCode = Lens.lens (\TestIdentityProviderResponse' {statusCode} -> statusCode) (\s@TestIdentityProviderResponse' {} a -> s {statusCode = a} :: TestIdentityProviderResponse)
+
+-- | The endpoint of the service used to authenticate a user.
+testIdentityProviderResponse_url :: Lens.Lens' TestIdentityProviderResponse Prelude.Text
+testIdentityProviderResponse_url = Lens.lens (\TestIdentityProviderResponse' {url} -> url) (\s@TestIdentityProviderResponse' {} a -> s {url = a} :: TestIdentityProviderResponse)
+
+instance Prelude.NFData TestIdentityProviderResponse where
+  rnf TestIdentityProviderResponse' {..} =
+    Prelude.rnf message
+      `Prelude.seq` Prelude.rnf response
+      `Prelude.seq` Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf statusCode
+      `Prelude.seq` Prelude.rnf url
diff --git a/gen/Amazonka/Transfer/Types.hs b/gen/Amazonka/Transfer/Types.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types.hs
@@ -0,0 +1,758 @@
+{-# LANGUAGE DisambiguateRecordFields #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types
+  ( -- * Service Configuration
+    defaultService,
+
+    -- * Errors
+    _AccessDeniedException,
+    _ConflictException,
+    _InternalServiceError,
+    _InvalidNextTokenException,
+    _InvalidRequestException,
+    _ResourceExistsException,
+    _ResourceNotFoundException,
+    _ServiceUnavailableException,
+    _ThrottlingException,
+
+    -- * AgreementStatusType
+    AgreementStatusType (..),
+
+    -- * As2Transport
+    As2Transport (..),
+
+    -- * CertificateStatusType
+    CertificateStatusType (..),
+
+    -- * CertificateType
+    CertificateType (..),
+
+    -- * CertificateUsageType
+    CertificateUsageType (..),
+
+    -- * CompressionEnum
+    CompressionEnum (..),
+
+    -- * CustomStepStatus
+    CustomStepStatus (..),
+
+    -- * Domain
+    Domain (..),
+
+    -- * EncryptionAlg
+    EncryptionAlg (..),
+
+    -- * EncryptionType
+    EncryptionType (..),
+
+    -- * EndpointType
+    EndpointType (..),
+
+    -- * ExecutionErrorType
+    ExecutionErrorType (..),
+
+    -- * ExecutionStatus
+    ExecutionStatus (..),
+
+    -- * HomeDirectoryType
+    HomeDirectoryType (..),
+
+    -- * IdentityProviderType
+    IdentityProviderType (..),
+
+    -- * MdnResponse
+    MdnResponse (..),
+
+    -- * MdnSigningAlg
+    MdnSigningAlg (..),
+
+    -- * OverwriteExisting
+    OverwriteExisting (..),
+
+    -- * ProfileType
+    ProfileType (..),
+
+    -- * Protocol
+    Protocol (..),
+
+    -- * SetStatOption
+    SetStatOption (..),
+
+    -- * SigningAlg
+    SigningAlg (..),
+
+    -- * State
+    State (..),
+
+    -- * TlsSessionResumptionMode
+    TlsSessionResumptionMode (..),
+
+    -- * WorkflowStepType
+    WorkflowStepType (..),
+
+    -- * As2ConnectorConfig
+    As2ConnectorConfig (..),
+    newAs2ConnectorConfig,
+    as2ConnectorConfig_compression,
+    as2ConnectorConfig_encryptionAlgorithm,
+    as2ConnectorConfig_localProfileId,
+    as2ConnectorConfig_mdnResponse,
+    as2ConnectorConfig_mdnSigningAlgorithm,
+    as2ConnectorConfig_messageSubject,
+    as2ConnectorConfig_partnerProfileId,
+    as2ConnectorConfig_signingAlgorithm,
+
+    -- * CopyStepDetails
+    CopyStepDetails (..),
+    newCopyStepDetails,
+    copyStepDetails_destinationFileLocation,
+    copyStepDetails_name,
+    copyStepDetails_overwriteExisting,
+    copyStepDetails_sourceFileLocation,
+
+    -- * CustomStepDetails
+    CustomStepDetails (..),
+    newCustomStepDetails,
+    customStepDetails_name,
+    customStepDetails_sourceFileLocation,
+    customStepDetails_target,
+    customStepDetails_timeoutSeconds,
+
+    -- * DecryptStepDetails
+    DecryptStepDetails (..),
+    newDecryptStepDetails,
+    decryptStepDetails_name,
+    decryptStepDetails_overwriteExisting,
+    decryptStepDetails_sourceFileLocation,
+    decryptStepDetails_type,
+    decryptStepDetails_destinationFileLocation,
+
+    -- * DeleteStepDetails
+    DeleteStepDetails (..),
+    newDeleteStepDetails,
+    deleteStepDetails_name,
+    deleteStepDetails_sourceFileLocation,
+
+    -- * DescribedAccess
+    DescribedAccess (..),
+    newDescribedAccess,
+    describedAccess_externalId,
+    describedAccess_homeDirectory,
+    describedAccess_homeDirectoryMappings,
+    describedAccess_homeDirectoryType,
+    describedAccess_policy,
+    describedAccess_posixProfile,
+    describedAccess_role,
+
+    -- * DescribedAgreement
+    DescribedAgreement (..),
+    newDescribedAgreement,
+    describedAgreement_accessRole,
+    describedAgreement_agreementId,
+    describedAgreement_baseDirectory,
+    describedAgreement_description,
+    describedAgreement_localProfileId,
+    describedAgreement_partnerProfileId,
+    describedAgreement_serverId,
+    describedAgreement_status,
+    describedAgreement_tags,
+    describedAgreement_arn,
+
+    -- * DescribedCertificate
+    DescribedCertificate (..),
+    newDescribedCertificate,
+    describedCertificate_activeDate,
+    describedCertificate_certificate,
+    describedCertificate_certificateChain,
+    describedCertificate_certificateId,
+    describedCertificate_description,
+    describedCertificate_inactiveDate,
+    describedCertificate_notAfterDate,
+    describedCertificate_notBeforeDate,
+    describedCertificate_serial,
+    describedCertificate_status,
+    describedCertificate_tags,
+    describedCertificate_type,
+    describedCertificate_usage,
+    describedCertificate_arn,
+
+    -- * DescribedConnector
+    DescribedConnector (..),
+    newDescribedConnector,
+    describedConnector_accessRole,
+    describedConnector_as2Config,
+    describedConnector_connectorId,
+    describedConnector_loggingRole,
+    describedConnector_tags,
+    describedConnector_url,
+    describedConnector_arn,
+
+    -- * DescribedExecution
+    DescribedExecution (..),
+    newDescribedExecution,
+    describedExecution_executionId,
+    describedExecution_executionRole,
+    describedExecution_initialFileLocation,
+    describedExecution_loggingConfiguration,
+    describedExecution_posixProfile,
+    describedExecution_results,
+    describedExecution_serviceMetadata,
+    describedExecution_status,
+
+    -- * DescribedHostKey
+    DescribedHostKey (..),
+    newDescribedHostKey,
+    describedHostKey_dateImported,
+    describedHostKey_description,
+    describedHostKey_hostKeyFingerprint,
+    describedHostKey_hostKeyId,
+    describedHostKey_tags,
+    describedHostKey_type,
+    describedHostKey_arn,
+
+    -- * DescribedProfile
+    DescribedProfile (..),
+    newDescribedProfile,
+    describedProfile_as2Id,
+    describedProfile_certificateIds,
+    describedProfile_profileId,
+    describedProfile_profileType,
+    describedProfile_tags,
+    describedProfile_arn,
+
+    -- * DescribedSecurityPolicy
+    DescribedSecurityPolicy (..),
+    newDescribedSecurityPolicy,
+    describedSecurityPolicy_fips,
+    describedSecurityPolicy_sshCiphers,
+    describedSecurityPolicy_sshKexs,
+    describedSecurityPolicy_sshMacs,
+    describedSecurityPolicy_tlsCiphers,
+    describedSecurityPolicy_securityPolicyName,
+
+    -- * DescribedServer
+    DescribedServer (..),
+    newDescribedServer,
+    describedServer_certificate,
+    describedServer_domain,
+    describedServer_endpointDetails,
+    describedServer_endpointType,
+    describedServer_hostKeyFingerprint,
+    describedServer_identityProviderDetails,
+    describedServer_identityProviderType,
+    describedServer_loggingRole,
+    describedServer_postAuthenticationLoginBanner,
+    describedServer_preAuthenticationLoginBanner,
+    describedServer_protocolDetails,
+    describedServer_protocols,
+    describedServer_securityPolicyName,
+    describedServer_serverId,
+    describedServer_state,
+    describedServer_tags,
+    describedServer_userCount,
+    describedServer_workflowDetails,
+    describedServer_arn,
+
+    -- * DescribedUser
+    DescribedUser (..),
+    newDescribedUser,
+    describedUser_homeDirectory,
+    describedUser_homeDirectoryMappings,
+    describedUser_homeDirectoryType,
+    describedUser_policy,
+    describedUser_posixProfile,
+    describedUser_role,
+    describedUser_sshPublicKeys,
+    describedUser_tags,
+    describedUser_userName,
+    describedUser_arn,
+
+    -- * DescribedWorkflow
+    DescribedWorkflow (..),
+    newDescribedWorkflow,
+    describedWorkflow_description,
+    describedWorkflow_onExceptionSteps,
+    describedWorkflow_steps,
+    describedWorkflow_tags,
+    describedWorkflow_workflowId,
+    describedWorkflow_arn,
+
+    -- * EfsFileLocation
+    EfsFileLocation (..),
+    newEfsFileLocation,
+    efsFileLocation_fileSystemId,
+    efsFileLocation_path,
+
+    -- * EndpointDetails
+    EndpointDetails (..),
+    newEndpointDetails,
+    endpointDetails_addressAllocationIds,
+    endpointDetails_securityGroupIds,
+    endpointDetails_subnetIds,
+    endpointDetails_vpcEndpointId,
+    endpointDetails_vpcId,
+
+    -- * ExecutionError
+    ExecutionError (..),
+    newExecutionError,
+    executionError_type,
+    executionError_message,
+
+    -- * ExecutionResults
+    ExecutionResults (..),
+    newExecutionResults,
+    executionResults_onExceptionSteps,
+    executionResults_steps,
+
+    -- * ExecutionStepResult
+    ExecutionStepResult (..),
+    newExecutionStepResult,
+    executionStepResult_error,
+    executionStepResult_outputs,
+    executionStepResult_stepType,
+
+    -- * FileLocation
+    FileLocation (..),
+    newFileLocation,
+    fileLocation_efsFileLocation,
+    fileLocation_s3FileLocation,
+
+    -- * HomeDirectoryMapEntry
+    HomeDirectoryMapEntry (..),
+    newHomeDirectoryMapEntry,
+    homeDirectoryMapEntry_entry,
+    homeDirectoryMapEntry_target,
+
+    -- * IdentityProviderDetails
+    IdentityProviderDetails (..),
+    newIdentityProviderDetails,
+    identityProviderDetails_directoryId,
+    identityProviderDetails_function,
+    identityProviderDetails_invocationRole,
+    identityProviderDetails_url,
+
+    -- * InputFileLocation
+    InputFileLocation (..),
+    newInputFileLocation,
+    inputFileLocation_efsFileLocation,
+    inputFileLocation_s3FileLocation,
+
+    -- * ListedAccess
+    ListedAccess (..),
+    newListedAccess,
+    listedAccess_externalId,
+    listedAccess_homeDirectory,
+    listedAccess_homeDirectoryType,
+    listedAccess_role,
+
+    -- * ListedAgreement
+    ListedAgreement (..),
+    newListedAgreement,
+    listedAgreement_agreementId,
+    listedAgreement_arn,
+    listedAgreement_description,
+    listedAgreement_localProfileId,
+    listedAgreement_partnerProfileId,
+    listedAgreement_serverId,
+    listedAgreement_status,
+
+    -- * ListedCertificate
+    ListedCertificate (..),
+    newListedCertificate,
+    listedCertificate_activeDate,
+    listedCertificate_arn,
+    listedCertificate_certificateId,
+    listedCertificate_description,
+    listedCertificate_inactiveDate,
+    listedCertificate_status,
+    listedCertificate_type,
+    listedCertificate_usage,
+
+    -- * ListedConnector
+    ListedConnector (..),
+    newListedConnector,
+    listedConnector_arn,
+    listedConnector_connectorId,
+    listedConnector_url,
+
+    -- * ListedExecution
+    ListedExecution (..),
+    newListedExecution,
+    listedExecution_executionId,
+    listedExecution_initialFileLocation,
+    listedExecution_serviceMetadata,
+    listedExecution_status,
+
+    -- * ListedHostKey
+    ListedHostKey (..),
+    newListedHostKey,
+    listedHostKey_dateImported,
+    listedHostKey_description,
+    listedHostKey_fingerprint,
+    listedHostKey_hostKeyId,
+    listedHostKey_type,
+    listedHostKey_arn,
+
+    -- * ListedProfile
+    ListedProfile (..),
+    newListedProfile,
+    listedProfile_arn,
+    listedProfile_as2Id,
+    listedProfile_profileId,
+    listedProfile_profileType,
+
+    -- * ListedServer
+    ListedServer (..),
+    newListedServer,
+    listedServer_domain,
+    listedServer_endpointType,
+    listedServer_identityProviderType,
+    listedServer_loggingRole,
+    listedServer_serverId,
+    listedServer_state,
+    listedServer_userCount,
+    listedServer_arn,
+
+    -- * ListedUser
+    ListedUser (..),
+    newListedUser,
+    listedUser_homeDirectory,
+    listedUser_homeDirectoryType,
+    listedUser_role,
+    listedUser_sshPublicKeyCount,
+    listedUser_userName,
+    listedUser_arn,
+
+    -- * ListedWorkflow
+    ListedWorkflow (..),
+    newListedWorkflow,
+    listedWorkflow_arn,
+    listedWorkflow_description,
+    listedWorkflow_workflowId,
+
+    -- * LoggingConfiguration
+    LoggingConfiguration (..),
+    newLoggingConfiguration,
+    loggingConfiguration_logGroupName,
+    loggingConfiguration_loggingRole,
+
+    -- * PosixProfile
+    PosixProfile (..),
+    newPosixProfile,
+    posixProfile_secondaryGids,
+    posixProfile_uid,
+    posixProfile_gid,
+
+    -- * ProtocolDetails
+    ProtocolDetails (..),
+    newProtocolDetails,
+    protocolDetails_as2Transports,
+    protocolDetails_passiveIp,
+    protocolDetails_setStatOption,
+    protocolDetails_tlsSessionResumptionMode,
+
+    -- * S3FileLocation
+    S3FileLocation (..),
+    newS3FileLocation,
+    s3FileLocation_bucket,
+    s3FileLocation_etag,
+    s3FileLocation_key,
+    s3FileLocation_versionId,
+
+    -- * S3InputFileLocation
+    S3InputFileLocation (..),
+    newS3InputFileLocation,
+    s3InputFileLocation_bucket,
+    s3InputFileLocation_key,
+
+    -- * S3Tag
+    S3Tag (..),
+    newS3Tag,
+    s3Tag_key,
+    s3Tag_value,
+
+    -- * ServiceMetadata
+    ServiceMetadata (..),
+    newServiceMetadata,
+    serviceMetadata_userDetails,
+
+    -- * SshPublicKey
+    SshPublicKey (..),
+    newSshPublicKey,
+    sshPublicKey_dateImported,
+    sshPublicKey_sshPublicKeyBody,
+    sshPublicKey_sshPublicKeyId,
+
+    -- * Tag
+    Tag (..),
+    newTag,
+    tag_key,
+    tag_value,
+
+    -- * TagStepDetails
+    TagStepDetails (..),
+    newTagStepDetails,
+    tagStepDetails_name,
+    tagStepDetails_sourceFileLocation,
+    tagStepDetails_tags,
+
+    -- * UserDetails
+    UserDetails (..),
+    newUserDetails,
+    userDetails_sessionId,
+    userDetails_userName,
+    userDetails_serverId,
+
+    -- * WorkflowDetail
+    WorkflowDetail (..),
+    newWorkflowDetail,
+    workflowDetail_workflowId,
+    workflowDetail_executionRole,
+
+    -- * WorkflowDetails
+    WorkflowDetails (..),
+    newWorkflowDetails,
+    workflowDetails_onPartialUpload,
+    workflowDetails_onUpload,
+
+    -- * WorkflowStep
+    WorkflowStep (..),
+    newWorkflowStep,
+    workflowStep_copyStepDetails,
+    workflowStep_customStepDetails,
+    workflowStep_decryptStepDetails,
+    workflowStep_deleteStepDetails,
+    workflowStep_tagStepDetails,
+    workflowStep_type,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Sign.V4 as Sign
+import Amazonka.Transfer.Types.AgreementStatusType
+import Amazonka.Transfer.Types.As2ConnectorConfig
+import Amazonka.Transfer.Types.As2Transport
+import Amazonka.Transfer.Types.CertificateStatusType
+import Amazonka.Transfer.Types.CertificateType
+import Amazonka.Transfer.Types.CertificateUsageType
+import Amazonka.Transfer.Types.CompressionEnum
+import Amazonka.Transfer.Types.CopyStepDetails
+import Amazonka.Transfer.Types.CustomStepDetails
+import Amazonka.Transfer.Types.CustomStepStatus
+import Amazonka.Transfer.Types.DecryptStepDetails
+import Amazonka.Transfer.Types.DeleteStepDetails
+import Amazonka.Transfer.Types.DescribedAccess
+import Amazonka.Transfer.Types.DescribedAgreement
+import Amazonka.Transfer.Types.DescribedCertificate
+import Amazonka.Transfer.Types.DescribedConnector
+import Amazonka.Transfer.Types.DescribedExecution
+import Amazonka.Transfer.Types.DescribedHostKey
+import Amazonka.Transfer.Types.DescribedProfile
+import Amazonka.Transfer.Types.DescribedSecurityPolicy
+import Amazonka.Transfer.Types.DescribedServer
+import Amazonka.Transfer.Types.DescribedUser
+import Amazonka.Transfer.Types.DescribedWorkflow
+import Amazonka.Transfer.Types.Domain
+import Amazonka.Transfer.Types.EfsFileLocation
+import Amazonka.Transfer.Types.EncryptionAlg
+import Amazonka.Transfer.Types.EncryptionType
+import Amazonka.Transfer.Types.EndpointDetails
+import Amazonka.Transfer.Types.EndpointType
+import Amazonka.Transfer.Types.ExecutionError
+import Amazonka.Transfer.Types.ExecutionErrorType
+import Amazonka.Transfer.Types.ExecutionResults
+import Amazonka.Transfer.Types.ExecutionStatus
+import Amazonka.Transfer.Types.ExecutionStepResult
+import Amazonka.Transfer.Types.FileLocation
+import Amazonka.Transfer.Types.HomeDirectoryMapEntry
+import Amazonka.Transfer.Types.HomeDirectoryType
+import Amazonka.Transfer.Types.IdentityProviderDetails
+import Amazonka.Transfer.Types.IdentityProviderType
+import Amazonka.Transfer.Types.InputFileLocation
+import Amazonka.Transfer.Types.ListedAccess
+import Amazonka.Transfer.Types.ListedAgreement
+import Amazonka.Transfer.Types.ListedCertificate
+import Amazonka.Transfer.Types.ListedConnector
+import Amazonka.Transfer.Types.ListedExecution
+import Amazonka.Transfer.Types.ListedHostKey
+import Amazonka.Transfer.Types.ListedProfile
+import Amazonka.Transfer.Types.ListedServer
+import Amazonka.Transfer.Types.ListedUser
+import Amazonka.Transfer.Types.ListedWorkflow
+import Amazonka.Transfer.Types.LoggingConfiguration
+import Amazonka.Transfer.Types.MdnResponse
+import Amazonka.Transfer.Types.MdnSigningAlg
+import Amazonka.Transfer.Types.OverwriteExisting
+import Amazonka.Transfer.Types.PosixProfile
+import Amazonka.Transfer.Types.ProfileType
+import Amazonka.Transfer.Types.Protocol
+import Amazonka.Transfer.Types.ProtocolDetails
+import Amazonka.Transfer.Types.S3FileLocation
+import Amazonka.Transfer.Types.S3InputFileLocation
+import Amazonka.Transfer.Types.S3Tag
+import Amazonka.Transfer.Types.ServiceMetadata
+import Amazonka.Transfer.Types.SetStatOption
+import Amazonka.Transfer.Types.SigningAlg
+import Amazonka.Transfer.Types.SshPublicKey
+import Amazonka.Transfer.Types.State
+import Amazonka.Transfer.Types.Tag
+import Amazonka.Transfer.Types.TagStepDetails
+import Amazonka.Transfer.Types.TlsSessionResumptionMode
+import Amazonka.Transfer.Types.UserDetails
+import Amazonka.Transfer.Types.WorkflowDetail
+import Amazonka.Transfer.Types.WorkflowDetails
+import Amazonka.Transfer.Types.WorkflowStep
+import Amazonka.Transfer.Types.WorkflowStepType
+
+-- | API version @2018-11-05@ of the Amazon Transfer Family SDK configuration.
+defaultService :: Core.Service
+defaultService =
+  Core.Service
+    { Core.abbrev = "Transfer",
+      Core.signer = Sign.v4,
+      Core.endpointPrefix = "transfer",
+      Core.signingName = "transfer",
+      Core.version = "2018-11-05",
+      Core.s3AddressingStyle = Core.S3AddressingStyleAuto,
+      Core.endpoint = Core.defaultEndpoint defaultService,
+      Core.timeout = Prelude.Just 70,
+      Core.check = Core.statusSuccess,
+      Core.error = Core.parseJSONError "Transfer",
+      Core.retry = retry
+    }
+  where
+    retry =
+      Core.Exponential
+        { Core.base = 5.0e-2,
+          Core.growth = 2,
+          Core.attempts = 5,
+          Core.check = check
+        }
+    check e
+      | Lens.has (Core.hasStatus 502) e =
+          Prelude.Just "bad_gateway"
+      | Lens.has (Core.hasStatus 504) e =
+          Prelude.Just "gateway_timeout"
+      | Lens.has (Core.hasStatus 500) e =
+          Prelude.Just "general_server_error"
+      | Lens.has (Core.hasStatus 509) e =
+          Prelude.Just "limit_exceeded"
+      | Lens.has
+          ( Core.hasCode "RequestThrottledException"
+              Prelude.. Core.hasStatus 400
+          )
+          e =
+          Prelude.Just "request_throttled_exception"
+      | Lens.has (Core.hasStatus 503) e =
+          Prelude.Just "service_unavailable"
+      | Lens.has
+          ( Core.hasCode "ThrottledException"
+              Prelude.. Core.hasStatus 400
+          )
+          e =
+          Prelude.Just "throttled_exception"
+      | Lens.has
+          ( Core.hasCode "Throttling"
+              Prelude.. Core.hasStatus 400
+          )
+          e =
+          Prelude.Just "throttling"
+      | Lens.has
+          ( Core.hasCode "ThrottlingException"
+              Prelude.. Core.hasStatus 400
+          )
+          e =
+          Prelude.Just "throttling_exception"
+      | Lens.has
+          ( Core.hasCode
+              "ProvisionedThroughputExceededException"
+              Prelude.. Core.hasStatus 400
+          )
+          e =
+          Prelude.Just "throughput_exceeded"
+      | Lens.has (Core.hasStatus 429) e =
+          Prelude.Just "too_many_requests"
+      | Prelude.otherwise = Prelude.Nothing
+
+-- | You do not have sufficient access to perform this action.
+_AccessDeniedException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_AccessDeniedException =
+  Core._MatchServiceError
+    defaultService
+    "AccessDeniedException"
+
+-- | This exception is thrown when the @UpdateServer@ is called for a file
+-- transfer protocol-enabled server that has VPC as the endpoint type and
+-- the server\'s @VpcEndpointID@ is not in the available state.
+_ConflictException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_ConflictException =
+  Core._MatchServiceError
+    defaultService
+    "ConflictException"
+
+-- | This exception is thrown when an error occurs in the Amazon Web
+-- ServicesTransfer Family service.
+_InternalServiceError :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_InternalServiceError =
+  Core._MatchServiceError
+    defaultService
+    "InternalServiceError"
+
+-- | The @NextToken@ parameter that was passed is invalid.
+_InvalidNextTokenException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_InvalidNextTokenException =
+  Core._MatchServiceError
+    defaultService
+    "InvalidNextTokenException"
+
+-- | This exception is thrown when the client submits a malformed request.
+_InvalidRequestException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_InvalidRequestException =
+  Core._MatchServiceError
+    defaultService
+    "InvalidRequestException"
+
+-- | The requested resource does not exist.
+_ResourceExistsException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_ResourceExistsException =
+  Core._MatchServiceError
+    defaultService
+    "ResourceExistsException"
+
+-- | This exception is thrown when a resource is not found by the Amazon Web
+-- ServicesTransfer Family service.
+_ResourceNotFoundException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_ResourceNotFoundException =
+  Core._MatchServiceError
+    defaultService
+    "ResourceNotFoundException"
+
+-- | The request has failed because the Amazon Web ServicesTransfer Family
+-- service is not available.
+_ServiceUnavailableException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_ServiceUnavailableException =
+  Core._MatchServiceError
+    defaultService
+    "ServiceUnavailableException"
+
+-- | The request was denied due to request throttling.
+_ThrottlingException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_ThrottlingException =
+  Core._MatchServiceError
+    defaultService
+    "ThrottlingException"
diff --git a/gen/Amazonka/Transfer/Types/AgreementStatusType.hs b/gen/Amazonka/Transfer/Types/AgreementStatusType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/AgreementStatusType.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.AgreementStatusType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.AgreementStatusType
+  ( AgreementStatusType
+      ( ..,
+        AgreementStatusType_ACTIVE,
+        AgreementStatusType_INACTIVE
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype AgreementStatusType = AgreementStatusType'
+  { fromAgreementStatusType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern AgreementStatusType_ACTIVE :: AgreementStatusType
+pattern AgreementStatusType_ACTIVE = AgreementStatusType' "ACTIVE"
+
+pattern AgreementStatusType_INACTIVE :: AgreementStatusType
+pattern AgreementStatusType_INACTIVE = AgreementStatusType' "INACTIVE"
+
+{-# COMPLETE
+  AgreementStatusType_ACTIVE,
+  AgreementStatusType_INACTIVE,
+  AgreementStatusType'
+  #-}
diff --git a/gen/Amazonka/Transfer/Types/As2ConnectorConfig.hs b/gen/Amazonka/Transfer/Types/As2ConnectorConfig.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/As2ConnectorConfig.hs
@@ -0,0 +1,220 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.As2ConnectorConfig
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.As2ConnectorConfig where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.CompressionEnum
+import Amazonka.Transfer.Types.EncryptionAlg
+import Amazonka.Transfer.Types.MdnResponse
+import Amazonka.Transfer.Types.MdnSigningAlg
+import Amazonka.Transfer.Types.SigningAlg
+
+-- | Contains the details for a connector object. The connector object is
+-- used for AS2 outbound processes, to connect the Transfer Family customer
+-- with the trading partner.
+--
+-- /See:/ 'newAs2ConnectorConfig' smart constructor.
+data As2ConnectorConfig = As2ConnectorConfig'
+  { -- | Specifies whether the AS2 file is compressed.
+    compression :: Prelude.Maybe CompressionEnum,
+    -- | The algorithm that is used to encrypt the file.
+    encryptionAlgorithm :: Prelude.Maybe EncryptionAlg,
+    -- | A unique identifier for the AS2 local profile.
+    localProfileId :: Prelude.Maybe Prelude.Text,
+    -- | Used for outbound requests (from an Transfer Family server to a partner
+    -- AS2 server) to determine whether the partner response for transfers is
+    -- synchronous or asynchronous. Specify either of the following values:
+    --
+    -- -   @SYNC@: The system expects a synchronous MDN response, confirming
+    --     that the file was transferred successfully (or not).
+    --
+    -- -   @NONE@: Specifies that no MDN response is required.
+    mdnResponse :: Prelude.Maybe MdnResponse,
+    -- | The signing algorithm for the MDN response.
+    --
+    -- If set to DEFAULT (or not set at all), the value for @SigningAlogorithm@
+    -- is used.
+    mdnSigningAlgorithm :: Prelude.Maybe MdnSigningAlg,
+    -- | Used as the @Subject@ HTTP header attribute in AS2 messages that are
+    -- being sent with the connector.
+    messageSubject :: Prelude.Maybe Prelude.Text,
+    -- | A unique identifier for the partner profile for the connector.
+    partnerProfileId :: Prelude.Maybe Prelude.Text,
+    -- | The algorithm that is used to sign the AS2 messages sent with the
+    -- connector.
+    signingAlgorithm :: Prelude.Maybe SigningAlg
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'As2ConnectorConfig' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'compression', 'as2ConnectorConfig_compression' - Specifies whether the AS2 file is compressed.
+--
+-- 'encryptionAlgorithm', 'as2ConnectorConfig_encryptionAlgorithm' - The algorithm that is used to encrypt the file.
+--
+-- 'localProfileId', 'as2ConnectorConfig_localProfileId' - A unique identifier for the AS2 local profile.
+--
+-- 'mdnResponse', 'as2ConnectorConfig_mdnResponse' - Used for outbound requests (from an Transfer Family server to a partner
+-- AS2 server) to determine whether the partner response for transfers is
+-- synchronous or asynchronous. Specify either of the following values:
+--
+-- -   @SYNC@: The system expects a synchronous MDN response, confirming
+--     that the file was transferred successfully (or not).
+--
+-- -   @NONE@: Specifies that no MDN response is required.
+--
+-- 'mdnSigningAlgorithm', 'as2ConnectorConfig_mdnSigningAlgorithm' - The signing algorithm for the MDN response.
+--
+-- If set to DEFAULT (or not set at all), the value for @SigningAlogorithm@
+-- is used.
+--
+-- 'messageSubject', 'as2ConnectorConfig_messageSubject' - Used as the @Subject@ HTTP header attribute in AS2 messages that are
+-- being sent with the connector.
+--
+-- 'partnerProfileId', 'as2ConnectorConfig_partnerProfileId' - A unique identifier for the partner profile for the connector.
+--
+-- 'signingAlgorithm', 'as2ConnectorConfig_signingAlgorithm' - The algorithm that is used to sign the AS2 messages sent with the
+-- connector.
+newAs2ConnectorConfig ::
+  As2ConnectorConfig
+newAs2ConnectorConfig =
+  As2ConnectorConfig'
+    { compression = Prelude.Nothing,
+      encryptionAlgorithm = Prelude.Nothing,
+      localProfileId = Prelude.Nothing,
+      mdnResponse = Prelude.Nothing,
+      mdnSigningAlgorithm = Prelude.Nothing,
+      messageSubject = Prelude.Nothing,
+      partnerProfileId = Prelude.Nothing,
+      signingAlgorithm = Prelude.Nothing
+    }
+
+-- | Specifies whether the AS2 file is compressed.
+as2ConnectorConfig_compression :: Lens.Lens' As2ConnectorConfig (Prelude.Maybe CompressionEnum)
+as2ConnectorConfig_compression = Lens.lens (\As2ConnectorConfig' {compression} -> compression) (\s@As2ConnectorConfig' {} a -> s {compression = a} :: As2ConnectorConfig)
+
+-- | The algorithm that is used to encrypt the file.
+as2ConnectorConfig_encryptionAlgorithm :: Lens.Lens' As2ConnectorConfig (Prelude.Maybe EncryptionAlg)
+as2ConnectorConfig_encryptionAlgorithm = Lens.lens (\As2ConnectorConfig' {encryptionAlgorithm} -> encryptionAlgorithm) (\s@As2ConnectorConfig' {} a -> s {encryptionAlgorithm = a} :: As2ConnectorConfig)
+
+-- | A unique identifier for the AS2 local profile.
+as2ConnectorConfig_localProfileId :: Lens.Lens' As2ConnectorConfig (Prelude.Maybe Prelude.Text)
+as2ConnectorConfig_localProfileId = Lens.lens (\As2ConnectorConfig' {localProfileId} -> localProfileId) (\s@As2ConnectorConfig' {} a -> s {localProfileId = a} :: As2ConnectorConfig)
+
+-- | Used for outbound requests (from an Transfer Family server to a partner
+-- AS2 server) to determine whether the partner response for transfers is
+-- synchronous or asynchronous. Specify either of the following values:
+--
+-- -   @SYNC@: The system expects a synchronous MDN response, confirming
+--     that the file was transferred successfully (or not).
+--
+-- -   @NONE@: Specifies that no MDN response is required.
+as2ConnectorConfig_mdnResponse :: Lens.Lens' As2ConnectorConfig (Prelude.Maybe MdnResponse)
+as2ConnectorConfig_mdnResponse = Lens.lens (\As2ConnectorConfig' {mdnResponse} -> mdnResponse) (\s@As2ConnectorConfig' {} a -> s {mdnResponse = a} :: As2ConnectorConfig)
+
+-- | The signing algorithm for the MDN response.
+--
+-- If set to DEFAULT (or not set at all), the value for @SigningAlogorithm@
+-- is used.
+as2ConnectorConfig_mdnSigningAlgorithm :: Lens.Lens' As2ConnectorConfig (Prelude.Maybe MdnSigningAlg)
+as2ConnectorConfig_mdnSigningAlgorithm = Lens.lens (\As2ConnectorConfig' {mdnSigningAlgorithm} -> mdnSigningAlgorithm) (\s@As2ConnectorConfig' {} a -> s {mdnSigningAlgorithm = a} :: As2ConnectorConfig)
+
+-- | Used as the @Subject@ HTTP header attribute in AS2 messages that are
+-- being sent with the connector.
+as2ConnectorConfig_messageSubject :: Lens.Lens' As2ConnectorConfig (Prelude.Maybe Prelude.Text)
+as2ConnectorConfig_messageSubject = Lens.lens (\As2ConnectorConfig' {messageSubject} -> messageSubject) (\s@As2ConnectorConfig' {} a -> s {messageSubject = a} :: As2ConnectorConfig)
+
+-- | A unique identifier for the partner profile for the connector.
+as2ConnectorConfig_partnerProfileId :: Lens.Lens' As2ConnectorConfig (Prelude.Maybe Prelude.Text)
+as2ConnectorConfig_partnerProfileId = Lens.lens (\As2ConnectorConfig' {partnerProfileId} -> partnerProfileId) (\s@As2ConnectorConfig' {} a -> s {partnerProfileId = a} :: As2ConnectorConfig)
+
+-- | The algorithm that is used to sign the AS2 messages sent with the
+-- connector.
+as2ConnectorConfig_signingAlgorithm :: Lens.Lens' As2ConnectorConfig (Prelude.Maybe SigningAlg)
+as2ConnectorConfig_signingAlgorithm = Lens.lens (\As2ConnectorConfig' {signingAlgorithm} -> signingAlgorithm) (\s@As2ConnectorConfig' {} a -> s {signingAlgorithm = a} :: As2ConnectorConfig)
+
+instance Data.FromJSON As2ConnectorConfig where
+  parseJSON =
+    Data.withObject
+      "As2ConnectorConfig"
+      ( \x ->
+          As2ConnectorConfig'
+            Prelude.<$> (x Data..:? "Compression")
+            Prelude.<*> (x Data..:? "EncryptionAlgorithm")
+            Prelude.<*> (x Data..:? "LocalProfileId")
+            Prelude.<*> (x Data..:? "MdnResponse")
+            Prelude.<*> (x Data..:? "MdnSigningAlgorithm")
+            Prelude.<*> (x Data..:? "MessageSubject")
+            Prelude.<*> (x Data..:? "PartnerProfileId")
+            Prelude.<*> (x Data..:? "SigningAlgorithm")
+      )
+
+instance Prelude.Hashable As2ConnectorConfig where
+  hashWithSalt _salt As2ConnectorConfig' {..} =
+    _salt
+      `Prelude.hashWithSalt` compression
+      `Prelude.hashWithSalt` encryptionAlgorithm
+      `Prelude.hashWithSalt` localProfileId
+      `Prelude.hashWithSalt` mdnResponse
+      `Prelude.hashWithSalt` mdnSigningAlgorithm
+      `Prelude.hashWithSalt` messageSubject
+      `Prelude.hashWithSalt` partnerProfileId
+      `Prelude.hashWithSalt` signingAlgorithm
+
+instance Prelude.NFData As2ConnectorConfig where
+  rnf As2ConnectorConfig' {..} =
+    Prelude.rnf compression
+      `Prelude.seq` Prelude.rnf encryptionAlgorithm
+      `Prelude.seq` Prelude.rnf localProfileId
+      `Prelude.seq` Prelude.rnf mdnResponse
+      `Prelude.seq` Prelude.rnf mdnSigningAlgorithm
+      `Prelude.seq` Prelude.rnf messageSubject
+      `Prelude.seq` Prelude.rnf partnerProfileId
+      `Prelude.seq` Prelude.rnf signingAlgorithm
+
+instance Data.ToJSON As2ConnectorConfig where
+  toJSON As2ConnectorConfig' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("Compression" Data..=) Prelude.<$> compression,
+            ("EncryptionAlgorithm" Data..=)
+              Prelude.<$> encryptionAlgorithm,
+            ("LocalProfileId" Data..=)
+              Prelude.<$> localProfileId,
+            ("MdnResponse" Data..=) Prelude.<$> mdnResponse,
+            ("MdnSigningAlgorithm" Data..=)
+              Prelude.<$> mdnSigningAlgorithm,
+            ("MessageSubject" Data..=)
+              Prelude.<$> messageSubject,
+            ("PartnerProfileId" Data..=)
+              Prelude.<$> partnerProfileId,
+            ("SigningAlgorithm" Data..=)
+              Prelude.<$> signingAlgorithm
+          ]
+      )
diff --git a/gen/Amazonka/Transfer/Types/As2Transport.hs b/gen/Amazonka/Transfer/Types/As2Transport.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/As2Transport.hs
@@ -0,0 +1,66 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.As2Transport
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.As2Transport
+  ( As2Transport
+      ( ..,
+        As2Transport_HTTP
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype As2Transport = As2Transport'
+  { fromAs2Transport ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern As2Transport_HTTP :: As2Transport
+pattern As2Transport_HTTP = As2Transport' "HTTP"
+
+{-# COMPLETE
+  As2Transport_HTTP,
+  As2Transport'
+  #-}
diff --git a/gen/Amazonka/Transfer/Types/CertificateStatusType.hs b/gen/Amazonka/Transfer/Types/CertificateStatusType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/CertificateStatusType.hs
@@ -0,0 +1,76 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.CertificateStatusType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.CertificateStatusType
+  ( CertificateStatusType
+      ( ..,
+        CertificateStatusType_ACTIVE,
+        CertificateStatusType_INACTIVE,
+        CertificateStatusType_PENDING_ROTATION
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype CertificateStatusType = CertificateStatusType'
+  { fromCertificateStatusType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern CertificateStatusType_ACTIVE :: CertificateStatusType
+pattern CertificateStatusType_ACTIVE = CertificateStatusType' "ACTIVE"
+
+pattern CertificateStatusType_INACTIVE :: CertificateStatusType
+pattern CertificateStatusType_INACTIVE = CertificateStatusType' "INACTIVE"
+
+pattern CertificateStatusType_PENDING_ROTATION :: CertificateStatusType
+pattern CertificateStatusType_PENDING_ROTATION = CertificateStatusType' "PENDING_ROTATION"
+
+{-# COMPLETE
+  CertificateStatusType_ACTIVE,
+  CertificateStatusType_INACTIVE,
+  CertificateStatusType_PENDING_ROTATION,
+  CertificateStatusType'
+  #-}
diff --git a/gen/Amazonka/Transfer/Types/CertificateType.hs b/gen/Amazonka/Transfer/Types/CertificateType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/CertificateType.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.CertificateType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.CertificateType
+  ( CertificateType
+      ( ..,
+        CertificateType_CERTIFICATE,
+        CertificateType_CERTIFICATE_WITH_PRIVATE_KEY
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype CertificateType = CertificateType'
+  { fromCertificateType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern CertificateType_CERTIFICATE :: CertificateType
+pattern CertificateType_CERTIFICATE = CertificateType' "CERTIFICATE"
+
+pattern CertificateType_CERTIFICATE_WITH_PRIVATE_KEY :: CertificateType
+pattern CertificateType_CERTIFICATE_WITH_PRIVATE_KEY = CertificateType' "CERTIFICATE_WITH_PRIVATE_KEY"
+
+{-# COMPLETE
+  CertificateType_CERTIFICATE,
+  CertificateType_CERTIFICATE_WITH_PRIVATE_KEY,
+  CertificateType'
+  #-}
diff --git a/gen/Amazonka/Transfer/Types/CertificateUsageType.hs b/gen/Amazonka/Transfer/Types/CertificateUsageType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/CertificateUsageType.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.CertificateUsageType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.CertificateUsageType
+  ( CertificateUsageType
+      ( ..,
+        CertificateUsageType_ENCRYPTION,
+        CertificateUsageType_SIGNING
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype CertificateUsageType = CertificateUsageType'
+  { fromCertificateUsageType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern CertificateUsageType_ENCRYPTION :: CertificateUsageType
+pattern CertificateUsageType_ENCRYPTION = CertificateUsageType' "ENCRYPTION"
+
+pattern CertificateUsageType_SIGNING :: CertificateUsageType
+pattern CertificateUsageType_SIGNING = CertificateUsageType' "SIGNING"
+
+{-# COMPLETE
+  CertificateUsageType_ENCRYPTION,
+  CertificateUsageType_SIGNING,
+  CertificateUsageType'
+  #-}
diff --git a/gen/Amazonka/Transfer/Types/CompressionEnum.hs b/gen/Amazonka/Transfer/Types/CompressionEnum.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/CompressionEnum.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.CompressionEnum
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.CompressionEnum
+  ( CompressionEnum
+      ( ..,
+        CompressionEnum_DISABLED,
+        CompressionEnum_ZLIB
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype CompressionEnum = CompressionEnum'
+  { fromCompressionEnum ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern CompressionEnum_DISABLED :: CompressionEnum
+pattern CompressionEnum_DISABLED = CompressionEnum' "DISABLED"
+
+pattern CompressionEnum_ZLIB :: CompressionEnum
+pattern CompressionEnum_ZLIB = CompressionEnum' "ZLIB"
+
+{-# COMPLETE
+  CompressionEnum_DISABLED,
+  CompressionEnum_ZLIB,
+  CompressionEnum'
+  #-}
diff --git a/gen/Amazonka/Transfer/Types/CopyStepDetails.hs b/gen/Amazonka/Transfer/Types/CopyStepDetails.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/CopyStepDetails.hs
@@ -0,0 +1,161 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.CopyStepDetails
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.CopyStepDetails where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.InputFileLocation
+import Amazonka.Transfer.Types.OverwriteExisting
+
+-- | Each step type has its own @StepDetails@ structure.
+--
+-- /See:/ 'newCopyStepDetails' smart constructor.
+data CopyStepDetails = CopyStepDetails'
+  { -- | Specifies the location for the file being copied. Only applicable for
+    -- Copy type workflow steps. Use @${Transfer:username}@ in this field to
+    -- parametrize the destination prefix by username.
+    destinationFileLocation :: Prelude.Maybe InputFileLocation,
+    -- | The name of the step, used as an identifier.
+    name :: Prelude.Maybe Prelude.Text,
+    -- | A flag that indicates whether or not to overwrite an existing file of
+    -- the same name. The default is @FALSE@.
+    overwriteExisting :: Prelude.Maybe OverwriteExisting,
+    -- | Specifies which file to use as input to the workflow step: either the
+    -- output from the previous step, or the originally uploaded file for the
+    -- workflow.
+    --
+    -- -   Enter @${previous.file}@ to use the previous file as the input. In
+    --     this case, this workflow step uses the output file from the previous
+    --     workflow step as input. This is the default value.
+    --
+    -- -   Enter @${original.file}@ to use the originally-uploaded file
+    --     location as input for this step.
+    sourceFileLocation :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CopyStepDetails' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'destinationFileLocation', 'copyStepDetails_destinationFileLocation' - Specifies the location for the file being copied. Only applicable for
+-- Copy type workflow steps. Use @${Transfer:username}@ in this field to
+-- parametrize the destination prefix by username.
+--
+-- 'name', 'copyStepDetails_name' - The name of the step, used as an identifier.
+--
+-- 'overwriteExisting', 'copyStepDetails_overwriteExisting' - A flag that indicates whether or not to overwrite an existing file of
+-- the same name. The default is @FALSE@.
+--
+-- 'sourceFileLocation', 'copyStepDetails_sourceFileLocation' - Specifies which file to use as input to the workflow step: either the
+-- output from the previous step, or the originally uploaded file for the
+-- workflow.
+--
+-- -   Enter @${previous.file}@ to use the previous file as the input. In
+--     this case, this workflow step uses the output file from the previous
+--     workflow step as input. This is the default value.
+--
+-- -   Enter @${original.file}@ to use the originally-uploaded file
+--     location as input for this step.
+newCopyStepDetails ::
+  CopyStepDetails
+newCopyStepDetails =
+  CopyStepDetails'
+    { destinationFileLocation =
+        Prelude.Nothing,
+      name = Prelude.Nothing,
+      overwriteExisting = Prelude.Nothing,
+      sourceFileLocation = Prelude.Nothing
+    }
+
+-- | Specifies the location for the file being copied. Only applicable for
+-- Copy type workflow steps. Use @${Transfer:username}@ in this field to
+-- parametrize the destination prefix by username.
+copyStepDetails_destinationFileLocation :: Lens.Lens' CopyStepDetails (Prelude.Maybe InputFileLocation)
+copyStepDetails_destinationFileLocation = Lens.lens (\CopyStepDetails' {destinationFileLocation} -> destinationFileLocation) (\s@CopyStepDetails' {} a -> s {destinationFileLocation = a} :: CopyStepDetails)
+
+-- | The name of the step, used as an identifier.
+copyStepDetails_name :: Lens.Lens' CopyStepDetails (Prelude.Maybe Prelude.Text)
+copyStepDetails_name = Lens.lens (\CopyStepDetails' {name} -> name) (\s@CopyStepDetails' {} a -> s {name = a} :: CopyStepDetails)
+
+-- | A flag that indicates whether or not to overwrite an existing file of
+-- the same name. The default is @FALSE@.
+copyStepDetails_overwriteExisting :: Lens.Lens' CopyStepDetails (Prelude.Maybe OverwriteExisting)
+copyStepDetails_overwriteExisting = Lens.lens (\CopyStepDetails' {overwriteExisting} -> overwriteExisting) (\s@CopyStepDetails' {} a -> s {overwriteExisting = a} :: CopyStepDetails)
+
+-- | Specifies which file to use as input to the workflow step: either the
+-- output from the previous step, or the originally uploaded file for the
+-- workflow.
+--
+-- -   Enter @${previous.file}@ to use the previous file as the input. In
+--     this case, this workflow step uses the output file from the previous
+--     workflow step as input. This is the default value.
+--
+-- -   Enter @${original.file}@ to use the originally-uploaded file
+--     location as input for this step.
+copyStepDetails_sourceFileLocation :: Lens.Lens' CopyStepDetails (Prelude.Maybe Prelude.Text)
+copyStepDetails_sourceFileLocation = Lens.lens (\CopyStepDetails' {sourceFileLocation} -> sourceFileLocation) (\s@CopyStepDetails' {} a -> s {sourceFileLocation = a} :: CopyStepDetails)
+
+instance Data.FromJSON CopyStepDetails where
+  parseJSON =
+    Data.withObject
+      "CopyStepDetails"
+      ( \x ->
+          CopyStepDetails'
+            Prelude.<$> (x Data..:? "DestinationFileLocation")
+            Prelude.<*> (x Data..:? "Name")
+            Prelude.<*> (x Data..:? "OverwriteExisting")
+            Prelude.<*> (x Data..:? "SourceFileLocation")
+      )
+
+instance Prelude.Hashable CopyStepDetails where
+  hashWithSalt _salt CopyStepDetails' {..} =
+    _salt
+      `Prelude.hashWithSalt` destinationFileLocation
+      `Prelude.hashWithSalt` name
+      `Prelude.hashWithSalt` overwriteExisting
+      `Prelude.hashWithSalt` sourceFileLocation
+
+instance Prelude.NFData CopyStepDetails where
+  rnf CopyStepDetails' {..} =
+    Prelude.rnf destinationFileLocation
+      `Prelude.seq` Prelude.rnf name
+      `Prelude.seq` Prelude.rnf overwriteExisting
+      `Prelude.seq` Prelude.rnf sourceFileLocation
+
+instance Data.ToJSON CopyStepDetails where
+  toJSON CopyStepDetails' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("DestinationFileLocation" Data..=)
+              Prelude.<$> destinationFileLocation,
+            ("Name" Data..=) Prelude.<$> name,
+            ("OverwriteExisting" Data..=)
+              Prelude.<$> overwriteExisting,
+            ("SourceFileLocation" Data..=)
+              Prelude.<$> sourceFileLocation
+          ]
+      )
diff --git a/gen/Amazonka/Transfer/Types/CustomStepDetails.hs b/gen/Amazonka/Transfer/Types/CustomStepDetails.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/CustomStepDetails.hs
@@ -0,0 +1,148 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.CustomStepDetails
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.CustomStepDetails where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Each step type has its own @StepDetails@ structure.
+--
+-- /See:/ 'newCustomStepDetails' smart constructor.
+data CustomStepDetails = CustomStepDetails'
+  { -- | The name of the step, used as an identifier.
+    name :: Prelude.Maybe Prelude.Text,
+    -- | Specifies which file to use as input to the workflow step: either the
+    -- output from the previous step, or the originally uploaded file for the
+    -- workflow.
+    --
+    -- -   Enter @${previous.file}@ to use the previous file as the input. In
+    --     this case, this workflow step uses the output file from the previous
+    --     workflow step as input. This is the default value.
+    --
+    -- -   Enter @${original.file}@ to use the originally-uploaded file
+    --     location as input for this step.
+    sourceFileLocation :: Prelude.Maybe Prelude.Text,
+    -- | The ARN for the lambda function that is being called.
+    target :: Prelude.Maybe Prelude.Text,
+    -- | Timeout, in seconds, for the step.
+    timeoutSeconds :: Prelude.Maybe Prelude.Natural
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CustomStepDetails' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'name', 'customStepDetails_name' - The name of the step, used as an identifier.
+--
+-- 'sourceFileLocation', 'customStepDetails_sourceFileLocation' - Specifies which file to use as input to the workflow step: either the
+-- output from the previous step, or the originally uploaded file for the
+-- workflow.
+--
+-- -   Enter @${previous.file}@ to use the previous file as the input. In
+--     this case, this workflow step uses the output file from the previous
+--     workflow step as input. This is the default value.
+--
+-- -   Enter @${original.file}@ to use the originally-uploaded file
+--     location as input for this step.
+--
+-- 'target', 'customStepDetails_target' - The ARN for the lambda function that is being called.
+--
+-- 'timeoutSeconds', 'customStepDetails_timeoutSeconds' - Timeout, in seconds, for the step.
+newCustomStepDetails ::
+  CustomStepDetails
+newCustomStepDetails =
+  CustomStepDetails'
+    { name = Prelude.Nothing,
+      sourceFileLocation = Prelude.Nothing,
+      target = Prelude.Nothing,
+      timeoutSeconds = Prelude.Nothing
+    }
+
+-- | The name of the step, used as an identifier.
+customStepDetails_name :: Lens.Lens' CustomStepDetails (Prelude.Maybe Prelude.Text)
+customStepDetails_name = Lens.lens (\CustomStepDetails' {name} -> name) (\s@CustomStepDetails' {} a -> s {name = a} :: CustomStepDetails)
+
+-- | Specifies which file to use as input to the workflow step: either the
+-- output from the previous step, or the originally uploaded file for the
+-- workflow.
+--
+-- -   Enter @${previous.file}@ to use the previous file as the input. In
+--     this case, this workflow step uses the output file from the previous
+--     workflow step as input. This is the default value.
+--
+-- -   Enter @${original.file}@ to use the originally-uploaded file
+--     location as input for this step.
+customStepDetails_sourceFileLocation :: Lens.Lens' CustomStepDetails (Prelude.Maybe Prelude.Text)
+customStepDetails_sourceFileLocation = Lens.lens (\CustomStepDetails' {sourceFileLocation} -> sourceFileLocation) (\s@CustomStepDetails' {} a -> s {sourceFileLocation = a} :: CustomStepDetails)
+
+-- | The ARN for the lambda function that is being called.
+customStepDetails_target :: Lens.Lens' CustomStepDetails (Prelude.Maybe Prelude.Text)
+customStepDetails_target = Lens.lens (\CustomStepDetails' {target} -> target) (\s@CustomStepDetails' {} a -> s {target = a} :: CustomStepDetails)
+
+-- | Timeout, in seconds, for the step.
+customStepDetails_timeoutSeconds :: Lens.Lens' CustomStepDetails (Prelude.Maybe Prelude.Natural)
+customStepDetails_timeoutSeconds = Lens.lens (\CustomStepDetails' {timeoutSeconds} -> timeoutSeconds) (\s@CustomStepDetails' {} a -> s {timeoutSeconds = a} :: CustomStepDetails)
+
+instance Data.FromJSON CustomStepDetails where
+  parseJSON =
+    Data.withObject
+      "CustomStepDetails"
+      ( \x ->
+          CustomStepDetails'
+            Prelude.<$> (x Data..:? "Name")
+            Prelude.<*> (x Data..:? "SourceFileLocation")
+            Prelude.<*> (x Data..:? "Target")
+            Prelude.<*> (x Data..:? "TimeoutSeconds")
+      )
+
+instance Prelude.Hashable CustomStepDetails where
+  hashWithSalt _salt CustomStepDetails' {..} =
+    _salt
+      `Prelude.hashWithSalt` name
+      `Prelude.hashWithSalt` sourceFileLocation
+      `Prelude.hashWithSalt` target
+      `Prelude.hashWithSalt` timeoutSeconds
+
+instance Prelude.NFData CustomStepDetails where
+  rnf CustomStepDetails' {..} =
+    Prelude.rnf name
+      `Prelude.seq` Prelude.rnf sourceFileLocation
+      `Prelude.seq` Prelude.rnf target
+      `Prelude.seq` Prelude.rnf timeoutSeconds
+
+instance Data.ToJSON CustomStepDetails where
+  toJSON CustomStepDetails' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("Name" Data..=) Prelude.<$> name,
+            ("SourceFileLocation" Data..=)
+              Prelude.<$> sourceFileLocation,
+            ("Target" Data..=) Prelude.<$> target,
+            ("TimeoutSeconds" Data..=)
+              Prelude.<$> timeoutSeconds
+          ]
+      )
diff --git a/gen/Amazonka/Transfer/Types/CustomStepStatus.hs b/gen/Amazonka/Transfer/Types/CustomStepStatus.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/CustomStepStatus.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.CustomStepStatus
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.CustomStepStatus
+  ( CustomStepStatus
+      ( ..,
+        CustomStepStatus_FAILURE,
+        CustomStepStatus_SUCCESS
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype CustomStepStatus = CustomStepStatus'
+  { fromCustomStepStatus ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern CustomStepStatus_FAILURE :: CustomStepStatus
+pattern CustomStepStatus_FAILURE = CustomStepStatus' "FAILURE"
+
+pattern CustomStepStatus_SUCCESS :: CustomStepStatus
+pattern CustomStepStatus_SUCCESS = CustomStepStatus' "SUCCESS"
+
+{-# COMPLETE
+  CustomStepStatus_FAILURE,
+  CustomStepStatus_SUCCESS,
+  CustomStepStatus'
+  #-}
diff --git a/gen/Amazonka/Transfer/Types/DecryptStepDetails.hs b/gen/Amazonka/Transfer/Types/DecryptStepDetails.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/DecryptStepDetails.hs
@@ -0,0 +1,139 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.DecryptStepDetails
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.DecryptStepDetails where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.EncryptionType
+import Amazonka.Transfer.Types.InputFileLocation
+import Amazonka.Transfer.Types.OverwriteExisting
+
+-- | /See:/ 'newDecryptStepDetails' smart constructor.
+data DecryptStepDetails = DecryptStepDetails'
+  { name :: Prelude.Maybe Prelude.Text,
+    overwriteExisting :: Prelude.Maybe OverwriteExisting,
+    sourceFileLocation :: Prelude.Maybe Prelude.Text,
+    type' :: EncryptionType,
+    destinationFileLocation :: InputFileLocation
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DecryptStepDetails' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'name', 'decryptStepDetails_name' - Undocumented member.
+--
+-- 'overwriteExisting', 'decryptStepDetails_overwriteExisting' - Undocumented member.
+--
+-- 'sourceFileLocation', 'decryptStepDetails_sourceFileLocation' - Undocumented member.
+--
+-- 'type'', 'decryptStepDetails_type' - Undocumented member.
+--
+-- 'destinationFileLocation', 'decryptStepDetails_destinationFileLocation' - Undocumented member.
+newDecryptStepDetails ::
+  -- | 'type''
+  EncryptionType ->
+  -- | 'destinationFileLocation'
+  InputFileLocation ->
+  DecryptStepDetails
+newDecryptStepDetails
+  pType_
+  pDestinationFileLocation_ =
+    DecryptStepDetails'
+      { name = Prelude.Nothing,
+        overwriteExisting = Prelude.Nothing,
+        sourceFileLocation = Prelude.Nothing,
+        type' = pType_,
+        destinationFileLocation = pDestinationFileLocation_
+      }
+
+-- | Undocumented member.
+decryptStepDetails_name :: Lens.Lens' DecryptStepDetails (Prelude.Maybe Prelude.Text)
+decryptStepDetails_name = Lens.lens (\DecryptStepDetails' {name} -> name) (\s@DecryptStepDetails' {} a -> s {name = a} :: DecryptStepDetails)
+
+-- | Undocumented member.
+decryptStepDetails_overwriteExisting :: Lens.Lens' DecryptStepDetails (Prelude.Maybe OverwriteExisting)
+decryptStepDetails_overwriteExisting = Lens.lens (\DecryptStepDetails' {overwriteExisting} -> overwriteExisting) (\s@DecryptStepDetails' {} a -> s {overwriteExisting = a} :: DecryptStepDetails)
+
+-- | Undocumented member.
+decryptStepDetails_sourceFileLocation :: Lens.Lens' DecryptStepDetails (Prelude.Maybe Prelude.Text)
+decryptStepDetails_sourceFileLocation = Lens.lens (\DecryptStepDetails' {sourceFileLocation} -> sourceFileLocation) (\s@DecryptStepDetails' {} a -> s {sourceFileLocation = a} :: DecryptStepDetails)
+
+-- | Undocumented member.
+decryptStepDetails_type :: Lens.Lens' DecryptStepDetails EncryptionType
+decryptStepDetails_type = Lens.lens (\DecryptStepDetails' {type'} -> type') (\s@DecryptStepDetails' {} a -> s {type' = a} :: DecryptStepDetails)
+
+-- | Undocumented member.
+decryptStepDetails_destinationFileLocation :: Lens.Lens' DecryptStepDetails InputFileLocation
+decryptStepDetails_destinationFileLocation = Lens.lens (\DecryptStepDetails' {destinationFileLocation} -> destinationFileLocation) (\s@DecryptStepDetails' {} a -> s {destinationFileLocation = a} :: DecryptStepDetails)
+
+instance Data.FromJSON DecryptStepDetails where
+  parseJSON =
+    Data.withObject
+      "DecryptStepDetails"
+      ( \x ->
+          DecryptStepDetails'
+            Prelude.<$> (x Data..:? "Name")
+            Prelude.<*> (x Data..:? "OverwriteExisting")
+            Prelude.<*> (x Data..:? "SourceFileLocation")
+            Prelude.<*> (x Data..: "Type")
+            Prelude.<*> (x Data..: "DestinationFileLocation")
+      )
+
+instance Prelude.Hashable DecryptStepDetails where
+  hashWithSalt _salt DecryptStepDetails' {..} =
+    _salt
+      `Prelude.hashWithSalt` name
+      `Prelude.hashWithSalt` overwriteExisting
+      `Prelude.hashWithSalt` sourceFileLocation
+      `Prelude.hashWithSalt` type'
+      `Prelude.hashWithSalt` destinationFileLocation
+
+instance Prelude.NFData DecryptStepDetails where
+  rnf DecryptStepDetails' {..} =
+    Prelude.rnf name
+      `Prelude.seq` Prelude.rnf overwriteExisting
+      `Prelude.seq` Prelude.rnf sourceFileLocation
+      `Prelude.seq` Prelude.rnf type'
+      `Prelude.seq` Prelude.rnf destinationFileLocation
+
+instance Data.ToJSON DecryptStepDetails where
+  toJSON DecryptStepDetails' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("Name" Data..=) Prelude.<$> name,
+            ("OverwriteExisting" Data..=)
+              Prelude.<$> overwriteExisting,
+            ("SourceFileLocation" Data..=)
+              Prelude.<$> sourceFileLocation,
+            Prelude.Just ("Type" Data..= type'),
+            Prelude.Just
+              ( "DestinationFileLocation"
+                  Data..= destinationFileLocation
+              )
+          ]
+      )
diff --git a/gen/Amazonka/Transfer/Types/DeleteStepDetails.hs b/gen/Amazonka/Transfer/Types/DeleteStepDetails.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/DeleteStepDetails.hs
@@ -0,0 +1,121 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.DeleteStepDetails
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.DeleteStepDetails where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The name of the step, used to identify the delete step.
+--
+-- /See:/ 'newDeleteStepDetails' smart constructor.
+data DeleteStepDetails = DeleteStepDetails'
+  { -- | The name of the step, used as an identifier.
+    name :: Prelude.Maybe Prelude.Text,
+    -- | Specifies which file to use as input to the workflow step: either the
+    -- output from the previous step, or the originally uploaded file for the
+    -- workflow.
+    --
+    -- -   Enter @${previous.file}@ to use the previous file as the input. In
+    --     this case, this workflow step uses the output file from the previous
+    --     workflow step as input. This is the default value.
+    --
+    -- -   Enter @${original.file}@ to use the originally-uploaded file
+    --     location as input for this step.
+    sourceFileLocation :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteStepDetails' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'name', 'deleteStepDetails_name' - The name of the step, used as an identifier.
+--
+-- 'sourceFileLocation', 'deleteStepDetails_sourceFileLocation' - Specifies which file to use as input to the workflow step: either the
+-- output from the previous step, or the originally uploaded file for the
+-- workflow.
+--
+-- -   Enter @${previous.file}@ to use the previous file as the input. In
+--     this case, this workflow step uses the output file from the previous
+--     workflow step as input. This is the default value.
+--
+-- -   Enter @${original.file}@ to use the originally-uploaded file
+--     location as input for this step.
+newDeleteStepDetails ::
+  DeleteStepDetails
+newDeleteStepDetails =
+  DeleteStepDetails'
+    { name = Prelude.Nothing,
+      sourceFileLocation = Prelude.Nothing
+    }
+
+-- | The name of the step, used as an identifier.
+deleteStepDetails_name :: Lens.Lens' DeleteStepDetails (Prelude.Maybe Prelude.Text)
+deleteStepDetails_name = Lens.lens (\DeleteStepDetails' {name} -> name) (\s@DeleteStepDetails' {} a -> s {name = a} :: DeleteStepDetails)
+
+-- | Specifies which file to use as input to the workflow step: either the
+-- output from the previous step, or the originally uploaded file for the
+-- workflow.
+--
+-- -   Enter @${previous.file}@ to use the previous file as the input. In
+--     this case, this workflow step uses the output file from the previous
+--     workflow step as input. This is the default value.
+--
+-- -   Enter @${original.file}@ to use the originally-uploaded file
+--     location as input for this step.
+deleteStepDetails_sourceFileLocation :: Lens.Lens' DeleteStepDetails (Prelude.Maybe Prelude.Text)
+deleteStepDetails_sourceFileLocation = Lens.lens (\DeleteStepDetails' {sourceFileLocation} -> sourceFileLocation) (\s@DeleteStepDetails' {} a -> s {sourceFileLocation = a} :: DeleteStepDetails)
+
+instance Data.FromJSON DeleteStepDetails where
+  parseJSON =
+    Data.withObject
+      "DeleteStepDetails"
+      ( \x ->
+          DeleteStepDetails'
+            Prelude.<$> (x Data..:? "Name")
+            Prelude.<*> (x Data..:? "SourceFileLocation")
+      )
+
+instance Prelude.Hashable DeleteStepDetails where
+  hashWithSalt _salt DeleteStepDetails' {..} =
+    _salt
+      `Prelude.hashWithSalt` name
+      `Prelude.hashWithSalt` sourceFileLocation
+
+instance Prelude.NFData DeleteStepDetails where
+  rnf DeleteStepDetails' {..} =
+    Prelude.rnf name
+      `Prelude.seq` Prelude.rnf sourceFileLocation
+
+instance Data.ToJSON DeleteStepDetails where
+  toJSON DeleteStepDetails' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("Name" Data..=) Prelude.<$> name,
+            ("SourceFileLocation" Data..=)
+              Prelude.<$> sourceFileLocation
+          ]
+      )
diff --git a/gen/Amazonka/Transfer/Types/DescribedAccess.hs b/gen/Amazonka/Transfer/Types/DescribedAccess.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/DescribedAccess.hs
@@ -0,0 +1,281 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.DescribedAccess
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.DescribedAccess where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.HomeDirectoryMapEntry
+import Amazonka.Transfer.Types.HomeDirectoryType
+import Amazonka.Transfer.Types.PosixProfile
+
+-- | Describes the properties of the access that was specified.
+--
+-- /See:/ 'newDescribedAccess' smart constructor.
+data DescribedAccess = DescribedAccess'
+  { -- | A unique identifier that is required to identify specific groups within
+    -- your directory. The users of the group that you associate have access to
+    -- your Amazon S3 or Amazon EFS resources over the enabled protocols using
+    -- Transfer Family. If you know the group name, you can view the SID values
+    -- by running the following command using Windows PowerShell.
+    --
+    -- @Get-ADGroup -Filter {samAccountName -like \"@/@YourGroupName@/@*\"} -Properties * | Select SamAccountName,ObjectSid@
+    --
+    -- In that command, replace /YourGroupName/ with the name of your Active
+    -- Directory group.
+    --
+    -- The regular expression used to validate this parameter is a string of
+    -- characters consisting of uppercase and lowercase alphanumeric characters
+    -- with no spaces. You can also include underscores or any of the following
+    -- characters: =,.\@:\/-
+    externalId :: Prelude.Maybe Prelude.Text,
+    -- | The landing directory (folder) for a user when they log in to the server
+    -- using the client.
+    --
+    -- A @HomeDirectory@ example is @\/bucket_name\/home\/mydirectory@.
+    homeDirectory :: Prelude.Maybe Prelude.Text,
+    -- | Logical directory mappings that specify what Amazon S3 or Amazon EFS
+    -- paths and keys should be visible to your user and how you want to make
+    -- them visible. You must specify the @Entry@ and @Target@ pair, where
+    -- @Entry@ shows how the path is made visible and @Target@ is the actual
+    -- Amazon S3 or Amazon EFS path. If you only specify a target, it is
+    -- displayed as is. You also must ensure that your Identity and Access
+    -- Management (IAM) role provides access to paths in @Target@. This value
+    -- can be set only when @HomeDirectoryType@ is set to /LOGICAL/.
+    --
+    -- In most cases, you can use this value instead of the session policy to
+    -- lock down the associated access to the designated home directory
+    -- (\"@chroot@\"). To do this, you can set @Entry@ to \'\/\' and set
+    -- @Target@ to the @HomeDirectory@ parameter value.
+    homeDirectoryMappings :: Prelude.Maybe (Prelude.NonEmpty HomeDirectoryMapEntry),
+    -- | The type of landing directory (folder) that you want your users\' home
+    -- directory to be when they log in to the server. If you set it to @PATH@,
+    -- the user will see the absolute Amazon S3 bucket or EFS paths as is in
+    -- their file transfer protocol clients. If you set it @LOGICAL@, you need
+    -- to provide mappings in the @HomeDirectoryMappings@ for how you want to
+    -- make Amazon S3 or Amazon EFS paths visible to your users.
+    homeDirectoryType :: Prelude.Maybe HomeDirectoryType,
+    -- | A session policy for your user so that you can use the same Identity and
+    -- Access Management (IAM) role across multiple users. This policy scopes
+    -- down a user\'s access to portions of their Amazon S3 bucket. Variables
+    -- that you can use inside this policy include @${Transfer:UserName}@,
+    -- @${Transfer:HomeDirectory}@, and @${Transfer:HomeBucket}@.
+    policy :: Prelude.Maybe Prelude.Text,
+    posixProfile :: Prelude.Maybe PosixProfile,
+    -- | The Amazon Resource Name (ARN) of the Identity and Access Management
+    -- (IAM) role that controls your users\' access to your Amazon S3 bucket or
+    -- Amazon EFS file system. The policies attached to this role determine the
+    -- level of access that you want to provide your users when transferring
+    -- files into and out of your Amazon S3 bucket or Amazon EFS file system.
+    -- The IAM role should also contain a trust relationship that allows the
+    -- server to access your resources when servicing your users\' transfer
+    -- requests.
+    role' :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribedAccess' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'externalId', 'describedAccess_externalId' - A unique identifier that is required to identify specific groups within
+-- your directory. The users of the group that you associate have access to
+-- your Amazon S3 or Amazon EFS resources over the enabled protocols using
+-- Transfer Family. If you know the group name, you can view the SID values
+-- by running the following command using Windows PowerShell.
+--
+-- @Get-ADGroup -Filter {samAccountName -like \"@/@YourGroupName@/@*\"} -Properties * | Select SamAccountName,ObjectSid@
+--
+-- In that command, replace /YourGroupName/ with the name of your Active
+-- Directory group.
+--
+-- The regular expression used to validate this parameter is a string of
+-- characters consisting of uppercase and lowercase alphanumeric characters
+-- with no spaces. You can also include underscores or any of the following
+-- characters: =,.\@:\/-
+--
+-- 'homeDirectory', 'describedAccess_homeDirectory' - The landing directory (folder) for a user when they log in to the server
+-- using the client.
+--
+-- A @HomeDirectory@ example is @\/bucket_name\/home\/mydirectory@.
+--
+-- 'homeDirectoryMappings', 'describedAccess_homeDirectoryMappings' - Logical directory mappings that specify what Amazon S3 or Amazon EFS
+-- paths and keys should be visible to your user and how you want to make
+-- them visible. You must specify the @Entry@ and @Target@ pair, where
+-- @Entry@ shows how the path is made visible and @Target@ is the actual
+-- Amazon S3 or Amazon EFS path. If you only specify a target, it is
+-- displayed as is. You also must ensure that your Identity and Access
+-- Management (IAM) role provides access to paths in @Target@. This value
+-- can be set only when @HomeDirectoryType@ is set to /LOGICAL/.
+--
+-- In most cases, you can use this value instead of the session policy to
+-- lock down the associated access to the designated home directory
+-- (\"@chroot@\"). To do this, you can set @Entry@ to \'\/\' and set
+-- @Target@ to the @HomeDirectory@ parameter value.
+--
+-- 'homeDirectoryType', 'describedAccess_homeDirectoryType' - The type of landing directory (folder) that you want your users\' home
+-- directory to be when they log in to the server. If you set it to @PATH@,
+-- the user will see the absolute Amazon S3 bucket or EFS paths as is in
+-- their file transfer protocol clients. If you set it @LOGICAL@, you need
+-- to provide mappings in the @HomeDirectoryMappings@ for how you want to
+-- make Amazon S3 or Amazon EFS paths visible to your users.
+--
+-- 'policy', 'describedAccess_policy' - A session policy for your user so that you can use the same Identity and
+-- Access Management (IAM) role across multiple users. This policy scopes
+-- down a user\'s access to portions of their Amazon S3 bucket. Variables
+-- that you can use inside this policy include @${Transfer:UserName}@,
+-- @${Transfer:HomeDirectory}@, and @${Transfer:HomeBucket}@.
+--
+-- 'posixProfile', 'describedAccess_posixProfile' - Undocumented member.
+--
+-- 'role'', 'describedAccess_role' - The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that controls your users\' access to your Amazon S3 bucket or
+-- Amazon EFS file system. The policies attached to this role determine the
+-- level of access that you want to provide your users when transferring
+-- files into and out of your Amazon S3 bucket or Amazon EFS file system.
+-- The IAM role should also contain a trust relationship that allows the
+-- server to access your resources when servicing your users\' transfer
+-- requests.
+newDescribedAccess ::
+  DescribedAccess
+newDescribedAccess =
+  DescribedAccess'
+    { externalId = Prelude.Nothing,
+      homeDirectory = Prelude.Nothing,
+      homeDirectoryMappings = Prelude.Nothing,
+      homeDirectoryType = Prelude.Nothing,
+      policy = Prelude.Nothing,
+      posixProfile = Prelude.Nothing,
+      role' = Prelude.Nothing
+    }
+
+-- | A unique identifier that is required to identify specific groups within
+-- your directory. The users of the group that you associate have access to
+-- your Amazon S3 or Amazon EFS resources over the enabled protocols using
+-- Transfer Family. If you know the group name, you can view the SID values
+-- by running the following command using Windows PowerShell.
+--
+-- @Get-ADGroup -Filter {samAccountName -like \"@/@YourGroupName@/@*\"} -Properties * | Select SamAccountName,ObjectSid@
+--
+-- In that command, replace /YourGroupName/ with the name of your Active
+-- Directory group.
+--
+-- The regular expression used to validate this parameter is a string of
+-- characters consisting of uppercase and lowercase alphanumeric characters
+-- with no spaces. You can also include underscores or any of the following
+-- characters: =,.\@:\/-
+describedAccess_externalId :: Lens.Lens' DescribedAccess (Prelude.Maybe Prelude.Text)
+describedAccess_externalId = Lens.lens (\DescribedAccess' {externalId} -> externalId) (\s@DescribedAccess' {} a -> s {externalId = a} :: DescribedAccess)
+
+-- | The landing directory (folder) for a user when they log in to the server
+-- using the client.
+--
+-- A @HomeDirectory@ example is @\/bucket_name\/home\/mydirectory@.
+describedAccess_homeDirectory :: Lens.Lens' DescribedAccess (Prelude.Maybe Prelude.Text)
+describedAccess_homeDirectory = Lens.lens (\DescribedAccess' {homeDirectory} -> homeDirectory) (\s@DescribedAccess' {} a -> s {homeDirectory = a} :: DescribedAccess)
+
+-- | Logical directory mappings that specify what Amazon S3 or Amazon EFS
+-- paths and keys should be visible to your user and how you want to make
+-- them visible. You must specify the @Entry@ and @Target@ pair, where
+-- @Entry@ shows how the path is made visible and @Target@ is the actual
+-- Amazon S3 or Amazon EFS path. If you only specify a target, it is
+-- displayed as is. You also must ensure that your Identity and Access
+-- Management (IAM) role provides access to paths in @Target@. This value
+-- can be set only when @HomeDirectoryType@ is set to /LOGICAL/.
+--
+-- In most cases, you can use this value instead of the session policy to
+-- lock down the associated access to the designated home directory
+-- (\"@chroot@\"). To do this, you can set @Entry@ to \'\/\' and set
+-- @Target@ to the @HomeDirectory@ parameter value.
+describedAccess_homeDirectoryMappings :: Lens.Lens' DescribedAccess (Prelude.Maybe (Prelude.NonEmpty HomeDirectoryMapEntry))
+describedAccess_homeDirectoryMappings = Lens.lens (\DescribedAccess' {homeDirectoryMappings} -> homeDirectoryMappings) (\s@DescribedAccess' {} a -> s {homeDirectoryMappings = a} :: DescribedAccess) Prelude.. Lens.mapping Lens.coerced
+
+-- | The type of landing directory (folder) that you want your users\' home
+-- directory to be when they log in to the server. If you set it to @PATH@,
+-- the user will see the absolute Amazon S3 bucket or EFS paths as is in
+-- their file transfer protocol clients. If you set it @LOGICAL@, you need
+-- to provide mappings in the @HomeDirectoryMappings@ for how you want to
+-- make Amazon S3 or Amazon EFS paths visible to your users.
+describedAccess_homeDirectoryType :: Lens.Lens' DescribedAccess (Prelude.Maybe HomeDirectoryType)
+describedAccess_homeDirectoryType = Lens.lens (\DescribedAccess' {homeDirectoryType} -> homeDirectoryType) (\s@DescribedAccess' {} a -> s {homeDirectoryType = a} :: DescribedAccess)
+
+-- | A session policy for your user so that you can use the same Identity and
+-- Access Management (IAM) role across multiple users. This policy scopes
+-- down a user\'s access to portions of their Amazon S3 bucket. Variables
+-- that you can use inside this policy include @${Transfer:UserName}@,
+-- @${Transfer:HomeDirectory}@, and @${Transfer:HomeBucket}@.
+describedAccess_policy :: Lens.Lens' DescribedAccess (Prelude.Maybe Prelude.Text)
+describedAccess_policy = Lens.lens (\DescribedAccess' {policy} -> policy) (\s@DescribedAccess' {} a -> s {policy = a} :: DescribedAccess)
+
+-- | Undocumented member.
+describedAccess_posixProfile :: Lens.Lens' DescribedAccess (Prelude.Maybe PosixProfile)
+describedAccess_posixProfile = Lens.lens (\DescribedAccess' {posixProfile} -> posixProfile) (\s@DescribedAccess' {} a -> s {posixProfile = a} :: DescribedAccess)
+
+-- | The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that controls your users\' access to your Amazon S3 bucket or
+-- Amazon EFS file system. The policies attached to this role determine the
+-- level of access that you want to provide your users when transferring
+-- files into and out of your Amazon S3 bucket or Amazon EFS file system.
+-- The IAM role should also contain a trust relationship that allows the
+-- server to access your resources when servicing your users\' transfer
+-- requests.
+describedAccess_role :: Lens.Lens' DescribedAccess (Prelude.Maybe Prelude.Text)
+describedAccess_role = Lens.lens (\DescribedAccess' {role'} -> role') (\s@DescribedAccess' {} a -> s {role' = a} :: DescribedAccess)
+
+instance Data.FromJSON DescribedAccess where
+  parseJSON =
+    Data.withObject
+      "DescribedAccess"
+      ( \x ->
+          DescribedAccess'
+            Prelude.<$> (x Data..:? "ExternalId")
+            Prelude.<*> (x Data..:? "HomeDirectory")
+            Prelude.<*> (x Data..:? "HomeDirectoryMappings")
+            Prelude.<*> (x Data..:? "HomeDirectoryType")
+            Prelude.<*> (x Data..:? "Policy")
+            Prelude.<*> (x Data..:? "PosixProfile")
+            Prelude.<*> (x Data..:? "Role")
+      )
+
+instance Prelude.Hashable DescribedAccess where
+  hashWithSalt _salt DescribedAccess' {..} =
+    _salt
+      `Prelude.hashWithSalt` externalId
+      `Prelude.hashWithSalt` homeDirectory
+      `Prelude.hashWithSalt` homeDirectoryMappings
+      `Prelude.hashWithSalt` homeDirectoryType
+      `Prelude.hashWithSalt` policy
+      `Prelude.hashWithSalt` posixProfile
+      `Prelude.hashWithSalt` role'
+
+instance Prelude.NFData DescribedAccess where
+  rnf DescribedAccess' {..} =
+    Prelude.rnf externalId
+      `Prelude.seq` Prelude.rnf homeDirectory
+      `Prelude.seq` Prelude.rnf homeDirectoryMappings
+      `Prelude.seq` Prelude.rnf homeDirectoryType
+      `Prelude.seq` Prelude.rnf policy
+      `Prelude.seq` Prelude.rnf posixProfile
+      `Prelude.seq` Prelude.rnf role'
diff --git a/gen/Amazonka/Transfer/Types/DescribedAgreement.hs b/gen/Amazonka/Transfer/Types/DescribedAgreement.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/DescribedAgreement.hs
@@ -0,0 +1,223 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.DescribedAgreement
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.DescribedAgreement where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.AgreementStatusType
+import Amazonka.Transfer.Types.Tag
+
+-- | Describes the properties of an agreement.
+--
+-- /See:/ 'newDescribedAgreement' smart constructor.
+data DescribedAgreement = DescribedAgreement'
+  { -- | With AS2, you can send files by calling @StartFileTransfer@ and
+    -- specifying the file paths in the request parameter, @SendFilePaths@. We
+    -- use the file’s parent directory (for example, for
+    -- @--send-file-paths \/bucket\/dir\/file.txt@, parent directory is
+    -- @\/bucket\/dir\/@) to temporarily store a processed AS2 message file,
+    -- store the MDN when we receive them from the partner, and write a final
+    -- JSON file containing relevant metadata of the transmission. So, the
+    -- @AccessRole@ needs to provide read and write access to the parent
+    -- directory of the file location used in the @StartFileTransfer@ request.
+    -- Additionally, you need to provide read and write access to the parent
+    -- directory of the files that you intend to send with @StartFileTransfer@.
+    accessRole :: Prelude.Maybe Prelude.Text,
+    -- | A unique identifier for the agreement. This identifier is returned when
+    -- you create an agreement.
+    agreementId :: Prelude.Maybe Prelude.Text,
+    -- | The landing directory (folder) for files that are transferred by using
+    -- the AS2 protocol.
+    baseDirectory :: Prelude.Maybe Prelude.Text,
+    -- | The name or short description that\'s used to identify the agreement.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | A unique identifier for the AS2 local profile.
+    localProfileId :: Prelude.Maybe Prelude.Text,
+    -- | A unique identifier for the partner profile used in the agreement.
+    partnerProfileId :: Prelude.Maybe Prelude.Text,
+    -- | A system-assigned unique identifier for a server instance. This
+    -- identifier indicates the specific server that the agreement uses.
+    serverId :: Prelude.Maybe Prelude.Text,
+    -- | The current status of the agreement, either @ACTIVE@ or @INACTIVE@.
+    status :: Prelude.Maybe AgreementStatusType,
+    -- | Key-value pairs that can be used to group and search for agreements.
+    tags :: Prelude.Maybe (Prelude.NonEmpty Tag),
+    -- | The unique Amazon Resource Name (ARN) for the agreement.
+    arn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribedAgreement' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'accessRole', 'describedAgreement_accessRole' - With AS2, you can send files by calling @StartFileTransfer@ and
+-- specifying the file paths in the request parameter, @SendFilePaths@. We
+-- use the file’s parent directory (for example, for
+-- @--send-file-paths \/bucket\/dir\/file.txt@, parent directory is
+-- @\/bucket\/dir\/@) to temporarily store a processed AS2 message file,
+-- store the MDN when we receive them from the partner, and write a final
+-- JSON file containing relevant metadata of the transmission. So, the
+-- @AccessRole@ needs to provide read and write access to the parent
+-- directory of the file location used in the @StartFileTransfer@ request.
+-- Additionally, you need to provide read and write access to the parent
+-- directory of the files that you intend to send with @StartFileTransfer@.
+--
+-- 'agreementId', 'describedAgreement_agreementId' - A unique identifier for the agreement. This identifier is returned when
+-- you create an agreement.
+--
+-- 'baseDirectory', 'describedAgreement_baseDirectory' - The landing directory (folder) for files that are transferred by using
+-- the AS2 protocol.
+--
+-- 'description', 'describedAgreement_description' - The name or short description that\'s used to identify the agreement.
+--
+-- 'localProfileId', 'describedAgreement_localProfileId' - A unique identifier for the AS2 local profile.
+--
+-- 'partnerProfileId', 'describedAgreement_partnerProfileId' - A unique identifier for the partner profile used in the agreement.
+--
+-- 'serverId', 'describedAgreement_serverId' - A system-assigned unique identifier for a server instance. This
+-- identifier indicates the specific server that the agreement uses.
+--
+-- 'status', 'describedAgreement_status' - The current status of the agreement, either @ACTIVE@ or @INACTIVE@.
+--
+-- 'tags', 'describedAgreement_tags' - Key-value pairs that can be used to group and search for agreements.
+--
+-- 'arn', 'describedAgreement_arn' - The unique Amazon Resource Name (ARN) for the agreement.
+newDescribedAgreement ::
+  -- | 'arn'
+  Prelude.Text ->
+  DescribedAgreement
+newDescribedAgreement pArn_ =
+  DescribedAgreement'
+    { accessRole = Prelude.Nothing,
+      agreementId = Prelude.Nothing,
+      baseDirectory = Prelude.Nothing,
+      description = Prelude.Nothing,
+      localProfileId = Prelude.Nothing,
+      partnerProfileId = Prelude.Nothing,
+      serverId = Prelude.Nothing,
+      status = Prelude.Nothing,
+      tags = Prelude.Nothing,
+      arn = pArn_
+    }
+
+-- | With AS2, you can send files by calling @StartFileTransfer@ and
+-- specifying the file paths in the request parameter, @SendFilePaths@. We
+-- use the file’s parent directory (for example, for
+-- @--send-file-paths \/bucket\/dir\/file.txt@, parent directory is
+-- @\/bucket\/dir\/@) to temporarily store a processed AS2 message file,
+-- store the MDN when we receive them from the partner, and write a final
+-- JSON file containing relevant metadata of the transmission. So, the
+-- @AccessRole@ needs to provide read and write access to the parent
+-- directory of the file location used in the @StartFileTransfer@ request.
+-- Additionally, you need to provide read and write access to the parent
+-- directory of the files that you intend to send with @StartFileTransfer@.
+describedAgreement_accessRole :: Lens.Lens' DescribedAgreement (Prelude.Maybe Prelude.Text)
+describedAgreement_accessRole = Lens.lens (\DescribedAgreement' {accessRole} -> accessRole) (\s@DescribedAgreement' {} a -> s {accessRole = a} :: DescribedAgreement)
+
+-- | A unique identifier for the agreement. This identifier is returned when
+-- you create an agreement.
+describedAgreement_agreementId :: Lens.Lens' DescribedAgreement (Prelude.Maybe Prelude.Text)
+describedAgreement_agreementId = Lens.lens (\DescribedAgreement' {agreementId} -> agreementId) (\s@DescribedAgreement' {} a -> s {agreementId = a} :: DescribedAgreement)
+
+-- | The landing directory (folder) for files that are transferred by using
+-- the AS2 protocol.
+describedAgreement_baseDirectory :: Lens.Lens' DescribedAgreement (Prelude.Maybe Prelude.Text)
+describedAgreement_baseDirectory = Lens.lens (\DescribedAgreement' {baseDirectory} -> baseDirectory) (\s@DescribedAgreement' {} a -> s {baseDirectory = a} :: DescribedAgreement)
+
+-- | The name or short description that\'s used to identify the agreement.
+describedAgreement_description :: Lens.Lens' DescribedAgreement (Prelude.Maybe Prelude.Text)
+describedAgreement_description = Lens.lens (\DescribedAgreement' {description} -> description) (\s@DescribedAgreement' {} a -> s {description = a} :: DescribedAgreement)
+
+-- | A unique identifier for the AS2 local profile.
+describedAgreement_localProfileId :: Lens.Lens' DescribedAgreement (Prelude.Maybe Prelude.Text)
+describedAgreement_localProfileId = Lens.lens (\DescribedAgreement' {localProfileId} -> localProfileId) (\s@DescribedAgreement' {} a -> s {localProfileId = a} :: DescribedAgreement)
+
+-- | A unique identifier for the partner profile used in the agreement.
+describedAgreement_partnerProfileId :: Lens.Lens' DescribedAgreement (Prelude.Maybe Prelude.Text)
+describedAgreement_partnerProfileId = Lens.lens (\DescribedAgreement' {partnerProfileId} -> partnerProfileId) (\s@DescribedAgreement' {} a -> s {partnerProfileId = a} :: DescribedAgreement)
+
+-- | A system-assigned unique identifier for a server instance. This
+-- identifier indicates the specific server that the agreement uses.
+describedAgreement_serverId :: Lens.Lens' DescribedAgreement (Prelude.Maybe Prelude.Text)
+describedAgreement_serverId = Lens.lens (\DescribedAgreement' {serverId} -> serverId) (\s@DescribedAgreement' {} a -> s {serverId = a} :: DescribedAgreement)
+
+-- | The current status of the agreement, either @ACTIVE@ or @INACTIVE@.
+describedAgreement_status :: Lens.Lens' DescribedAgreement (Prelude.Maybe AgreementStatusType)
+describedAgreement_status = Lens.lens (\DescribedAgreement' {status} -> status) (\s@DescribedAgreement' {} a -> s {status = a} :: DescribedAgreement)
+
+-- | Key-value pairs that can be used to group and search for agreements.
+describedAgreement_tags :: Lens.Lens' DescribedAgreement (Prelude.Maybe (Prelude.NonEmpty Tag))
+describedAgreement_tags = Lens.lens (\DescribedAgreement' {tags} -> tags) (\s@DescribedAgreement' {} a -> s {tags = a} :: DescribedAgreement) Prelude.. Lens.mapping Lens.coerced
+
+-- | The unique Amazon Resource Name (ARN) for the agreement.
+describedAgreement_arn :: Lens.Lens' DescribedAgreement Prelude.Text
+describedAgreement_arn = Lens.lens (\DescribedAgreement' {arn} -> arn) (\s@DescribedAgreement' {} a -> s {arn = a} :: DescribedAgreement)
+
+instance Data.FromJSON DescribedAgreement where
+  parseJSON =
+    Data.withObject
+      "DescribedAgreement"
+      ( \x ->
+          DescribedAgreement'
+            Prelude.<$> (x Data..:? "AccessRole")
+            Prelude.<*> (x Data..:? "AgreementId")
+            Prelude.<*> (x Data..:? "BaseDirectory")
+            Prelude.<*> (x Data..:? "Description")
+            Prelude.<*> (x Data..:? "LocalProfileId")
+            Prelude.<*> (x Data..:? "PartnerProfileId")
+            Prelude.<*> (x Data..:? "ServerId")
+            Prelude.<*> (x Data..:? "Status")
+            Prelude.<*> (x Data..:? "Tags")
+            Prelude.<*> (x Data..: "Arn")
+      )
+
+instance Prelude.Hashable DescribedAgreement where
+  hashWithSalt _salt DescribedAgreement' {..} =
+    _salt
+      `Prelude.hashWithSalt` accessRole
+      `Prelude.hashWithSalt` agreementId
+      `Prelude.hashWithSalt` baseDirectory
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` localProfileId
+      `Prelude.hashWithSalt` partnerProfileId
+      `Prelude.hashWithSalt` serverId
+      `Prelude.hashWithSalt` status
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` arn
+
+instance Prelude.NFData DescribedAgreement where
+  rnf DescribedAgreement' {..} =
+    Prelude.rnf accessRole
+      `Prelude.seq` Prelude.rnf agreementId
+      `Prelude.seq` Prelude.rnf baseDirectory
+      `Prelude.seq` Prelude.rnf description
+      `Prelude.seq` Prelude.rnf localProfileId
+      `Prelude.seq` Prelude.rnf partnerProfileId
+      `Prelude.seq` Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf status
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf arn
diff --git a/gen/Amazonka/Transfer/Types/DescribedCertificate.hs b/gen/Amazonka/Transfer/Types/DescribedCertificate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/DescribedCertificate.hs
@@ -0,0 +1,249 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.DescribedCertificate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.DescribedCertificate where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.CertificateStatusType
+import Amazonka.Transfer.Types.CertificateType
+import Amazonka.Transfer.Types.CertificateUsageType
+import Amazonka.Transfer.Types.Tag
+
+-- | Describes the properties of a certificate.
+--
+-- /See:/ 'newDescribedCertificate' smart constructor.
+data DescribedCertificate = DescribedCertificate'
+  { -- | An optional date that specifies when the certificate becomes active.
+    activeDate :: Prelude.Maybe Data.POSIX,
+    -- | The file name for the certificate.
+    certificate :: Prelude.Maybe (Data.Sensitive Prelude.Text),
+    -- | The list of certificates that make up the chain for the certificate.
+    certificateChain :: Prelude.Maybe (Data.Sensitive Prelude.Text),
+    -- | An array of identifiers for the imported certificates. You use this
+    -- identifier for working with profiles and partner profiles.
+    certificateId :: Prelude.Maybe Prelude.Text,
+    -- | The name or description that\'s used to identity the certificate.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | An optional date that specifies when the certificate becomes inactive.
+    inactiveDate :: Prelude.Maybe Data.POSIX,
+    -- | The final date that the certificate is valid.
+    notAfterDate :: Prelude.Maybe Data.POSIX,
+    -- | The earliest date that the certificate is valid.
+    notBeforeDate :: Prelude.Maybe Data.POSIX,
+    -- | The serial number for the certificate.
+    serial :: Prelude.Maybe Prelude.Text,
+    -- | The certificate can be either @ACTIVE@, @PENDING_ROTATION@, or
+    -- @INACTIVE@. @PENDING_ROTATION@ means that this certificate will replace
+    -- the current certificate when it expires.
+    status :: Prelude.Maybe CertificateStatusType,
+    -- | Key-value pairs that can be used to group and search for certificates.
+    tags :: Prelude.Maybe (Prelude.NonEmpty Tag),
+    -- | If a private key has been specified for the certificate, its type is
+    -- @CERTIFICATE_WITH_PRIVATE_KEY@. If there is no private key, the type is
+    -- @CERTIFICATE@.
+    type' :: Prelude.Maybe CertificateType,
+    -- | Specifies whether this certificate is used for signing or encryption.
+    usage :: Prelude.Maybe CertificateUsageType,
+    -- | The unique Amazon Resource Name (ARN) for the certificate.
+    arn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribedCertificate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'activeDate', 'describedCertificate_activeDate' - An optional date that specifies when the certificate becomes active.
+--
+-- 'certificate', 'describedCertificate_certificate' - The file name for the certificate.
+--
+-- 'certificateChain', 'describedCertificate_certificateChain' - The list of certificates that make up the chain for the certificate.
+--
+-- 'certificateId', 'describedCertificate_certificateId' - An array of identifiers for the imported certificates. You use this
+-- identifier for working with profiles and partner profiles.
+--
+-- 'description', 'describedCertificate_description' - The name or description that\'s used to identity the certificate.
+--
+-- 'inactiveDate', 'describedCertificate_inactiveDate' - An optional date that specifies when the certificate becomes inactive.
+--
+-- 'notAfterDate', 'describedCertificate_notAfterDate' - The final date that the certificate is valid.
+--
+-- 'notBeforeDate', 'describedCertificate_notBeforeDate' - The earliest date that the certificate is valid.
+--
+-- 'serial', 'describedCertificate_serial' - The serial number for the certificate.
+--
+-- 'status', 'describedCertificate_status' - The certificate can be either @ACTIVE@, @PENDING_ROTATION@, or
+-- @INACTIVE@. @PENDING_ROTATION@ means that this certificate will replace
+-- the current certificate when it expires.
+--
+-- 'tags', 'describedCertificate_tags' - Key-value pairs that can be used to group and search for certificates.
+--
+-- 'type'', 'describedCertificate_type' - If a private key has been specified for the certificate, its type is
+-- @CERTIFICATE_WITH_PRIVATE_KEY@. If there is no private key, the type is
+-- @CERTIFICATE@.
+--
+-- 'usage', 'describedCertificate_usage' - Specifies whether this certificate is used for signing or encryption.
+--
+-- 'arn', 'describedCertificate_arn' - The unique Amazon Resource Name (ARN) for the certificate.
+newDescribedCertificate ::
+  -- | 'arn'
+  Prelude.Text ->
+  DescribedCertificate
+newDescribedCertificate pArn_ =
+  DescribedCertificate'
+    { activeDate = Prelude.Nothing,
+      certificate = Prelude.Nothing,
+      certificateChain = Prelude.Nothing,
+      certificateId = Prelude.Nothing,
+      description = Prelude.Nothing,
+      inactiveDate = Prelude.Nothing,
+      notAfterDate = Prelude.Nothing,
+      notBeforeDate = Prelude.Nothing,
+      serial = Prelude.Nothing,
+      status = Prelude.Nothing,
+      tags = Prelude.Nothing,
+      type' = Prelude.Nothing,
+      usage = Prelude.Nothing,
+      arn = pArn_
+    }
+
+-- | An optional date that specifies when the certificate becomes active.
+describedCertificate_activeDate :: Lens.Lens' DescribedCertificate (Prelude.Maybe Prelude.UTCTime)
+describedCertificate_activeDate = Lens.lens (\DescribedCertificate' {activeDate} -> activeDate) (\s@DescribedCertificate' {} a -> s {activeDate = a} :: DescribedCertificate) Prelude.. Lens.mapping Data._Time
+
+-- | The file name for the certificate.
+describedCertificate_certificate :: Lens.Lens' DescribedCertificate (Prelude.Maybe Prelude.Text)
+describedCertificate_certificate = Lens.lens (\DescribedCertificate' {certificate} -> certificate) (\s@DescribedCertificate' {} a -> s {certificate = a} :: DescribedCertificate) Prelude.. Lens.mapping Data._Sensitive
+
+-- | The list of certificates that make up the chain for the certificate.
+describedCertificate_certificateChain :: Lens.Lens' DescribedCertificate (Prelude.Maybe Prelude.Text)
+describedCertificate_certificateChain = Lens.lens (\DescribedCertificate' {certificateChain} -> certificateChain) (\s@DescribedCertificate' {} a -> s {certificateChain = a} :: DescribedCertificate) Prelude.. Lens.mapping Data._Sensitive
+
+-- | An array of identifiers for the imported certificates. You use this
+-- identifier for working with profiles and partner profiles.
+describedCertificate_certificateId :: Lens.Lens' DescribedCertificate (Prelude.Maybe Prelude.Text)
+describedCertificate_certificateId = Lens.lens (\DescribedCertificate' {certificateId} -> certificateId) (\s@DescribedCertificate' {} a -> s {certificateId = a} :: DescribedCertificate)
+
+-- | The name or description that\'s used to identity the certificate.
+describedCertificate_description :: Lens.Lens' DescribedCertificate (Prelude.Maybe Prelude.Text)
+describedCertificate_description = Lens.lens (\DescribedCertificate' {description} -> description) (\s@DescribedCertificate' {} a -> s {description = a} :: DescribedCertificate)
+
+-- | An optional date that specifies when the certificate becomes inactive.
+describedCertificate_inactiveDate :: Lens.Lens' DescribedCertificate (Prelude.Maybe Prelude.UTCTime)
+describedCertificate_inactiveDate = Lens.lens (\DescribedCertificate' {inactiveDate} -> inactiveDate) (\s@DescribedCertificate' {} a -> s {inactiveDate = a} :: DescribedCertificate) Prelude.. Lens.mapping Data._Time
+
+-- | The final date that the certificate is valid.
+describedCertificate_notAfterDate :: Lens.Lens' DescribedCertificate (Prelude.Maybe Prelude.UTCTime)
+describedCertificate_notAfterDate = Lens.lens (\DescribedCertificate' {notAfterDate} -> notAfterDate) (\s@DescribedCertificate' {} a -> s {notAfterDate = a} :: DescribedCertificate) Prelude.. Lens.mapping Data._Time
+
+-- | The earliest date that the certificate is valid.
+describedCertificate_notBeforeDate :: Lens.Lens' DescribedCertificate (Prelude.Maybe Prelude.UTCTime)
+describedCertificate_notBeforeDate = Lens.lens (\DescribedCertificate' {notBeforeDate} -> notBeforeDate) (\s@DescribedCertificate' {} a -> s {notBeforeDate = a} :: DescribedCertificate) Prelude.. Lens.mapping Data._Time
+
+-- | The serial number for the certificate.
+describedCertificate_serial :: Lens.Lens' DescribedCertificate (Prelude.Maybe Prelude.Text)
+describedCertificate_serial = Lens.lens (\DescribedCertificate' {serial} -> serial) (\s@DescribedCertificate' {} a -> s {serial = a} :: DescribedCertificate)
+
+-- | The certificate can be either @ACTIVE@, @PENDING_ROTATION@, or
+-- @INACTIVE@. @PENDING_ROTATION@ means that this certificate will replace
+-- the current certificate when it expires.
+describedCertificate_status :: Lens.Lens' DescribedCertificate (Prelude.Maybe CertificateStatusType)
+describedCertificate_status = Lens.lens (\DescribedCertificate' {status} -> status) (\s@DescribedCertificate' {} a -> s {status = a} :: DescribedCertificate)
+
+-- | Key-value pairs that can be used to group and search for certificates.
+describedCertificate_tags :: Lens.Lens' DescribedCertificate (Prelude.Maybe (Prelude.NonEmpty Tag))
+describedCertificate_tags = Lens.lens (\DescribedCertificate' {tags} -> tags) (\s@DescribedCertificate' {} a -> s {tags = a} :: DescribedCertificate) Prelude.. Lens.mapping Lens.coerced
+
+-- | If a private key has been specified for the certificate, its type is
+-- @CERTIFICATE_WITH_PRIVATE_KEY@. If there is no private key, the type is
+-- @CERTIFICATE@.
+describedCertificate_type :: Lens.Lens' DescribedCertificate (Prelude.Maybe CertificateType)
+describedCertificate_type = Lens.lens (\DescribedCertificate' {type'} -> type') (\s@DescribedCertificate' {} a -> s {type' = a} :: DescribedCertificate)
+
+-- | Specifies whether this certificate is used for signing or encryption.
+describedCertificate_usage :: Lens.Lens' DescribedCertificate (Prelude.Maybe CertificateUsageType)
+describedCertificate_usage = Lens.lens (\DescribedCertificate' {usage} -> usage) (\s@DescribedCertificate' {} a -> s {usage = a} :: DescribedCertificate)
+
+-- | The unique Amazon Resource Name (ARN) for the certificate.
+describedCertificate_arn :: Lens.Lens' DescribedCertificate Prelude.Text
+describedCertificate_arn = Lens.lens (\DescribedCertificate' {arn} -> arn) (\s@DescribedCertificate' {} a -> s {arn = a} :: DescribedCertificate)
+
+instance Data.FromJSON DescribedCertificate where
+  parseJSON =
+    Data.withObject
+      "DescribedCertificate"
+      ( \x ->
+          DescribedCertificate'
+            Prelude.<$> (x Data..:? "ActiveDate")
+            Prelude.<*> (x Data..:? "Certificate")
+            Prelude.<*> (x Data..:? "CertificateChain")
+            Prelude.<*> (x Data..:? "CertificateId")
+            Prelude.<*> (x Data..:? "Description")
+            Prelude.<*> (x Data..:? "InactiveDate")
+            Prelude.<*> (x Data..:? "NotAfterDate")
+            Prelude.<*> (x Data..:? "NotBeforeDate")
+            Prelude.<*> (x Data..:? "Serial")
+            Prelude.<*> (x Data..:? "Status")
+            Prelude.<*> (x Data..:? "Tags")
+            Prelude.<*> (x Data..:? "Type")
+            Prelude.<*> (x Data..:? "Usage")
+            Prelude.<*> (x Data..: "Arn")
+      )
+
+instance Prelude.Hashable DescribedCertificate where
+  hashWithSalt _salt DescribedCertificate' {..} =
+    _salt
+      `Prelude.hashWithSalt` activeDate
+      `Prelude.hashWithSalt` certificate
+      `Prelude.hashWithSalt` certificateChain
+      `Prelude.hashWithSalt` certificateId
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` inactiveDate
+      `Prelude.hashWithSalt` notAfterDate
+      `Prelude.hashWithSalt` notBeforeDate
+      `Prelude.hashWithSalt` serial
+      `Prelude.hashWithSalt` status
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` type'
+      `Prelude.hashWithSalt` usage
+      `Prelude.hashWithSalt` arn
+
+instance Prelude.NFData DescribedCertificate where
+  rnf DescribedCertificate' {..} =
+    Prelude.rnf activeDate
+      `Prelude.seq` Prelude.rnf certificate
+      `Prelude.seq` Prelude.rnf certificateChain
+      `Prelude.seq` Prelude.rnf certificateId
+      `Prelude.seq` Prelude.rnf description
+      `Prelude.seq` Prelude.rnf inactiveDate
+      `Prelude.seq` Prelude.rnf notAfterDate
+      `Prelude.seq` Prelude.rnf notBeforeDate
+      `Prelude.seq` Prelude.rnf serial
+      `Prelude.seq` Prelude.rnf status
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf type'
+      `Prelude.seq` Prelude.rnf usage
+      `Prelude.seq` Prelude.rnf arn
diff --git a/gen/Amazonka/Transfer/Types/DescribedConnector.hs b/gen/Amazonka/Transfer/Types/DescribedConnector.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/DescribedConnector.hs
@@ -0,0 +1,188 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.DescribedConnector
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.DescribedConnector where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.As2ConnectorConfig
+import Amazonka.Transfer.Types.Tag
+
+-- | Describes the parameters for the connector, as identified by the
+-- @ConnectorId@.
+--
+-- /See:/ 'newDescribedConnector' smart constructor.
+data DescribedConnector = DescribedConnector'
+  { -- | With AS2, you can send files by calling @StartFileTransfer@ and
+    -- specifying the file paths in the request parameter, @SendFilePaths@. We
+    -- use the file’s parent directory (for example, for
+    -- @--send-file-paths \/bucket\/dir\/file.txt@, parent directory is
+    -- @\/bucket\/dir\/@) to temporarily store a processed AS2 message file,
+    -- store the MDN when we receive them from the partner, and write a final
+    -- JSON file containing relevant metadata of the transmission. So, the
+    -- @AccessRole@ needs to provide read and write access to the parent
+    -- directory of the file location used in the @StartFileTransfer@ request.
+    -- Additionally, you need to provide read and write access to the parent
+    -- directory of the files that you intend to send with @StartFileTransfer@.
+    accessRole :: Prelude.Maybe Prelude.Text,
+    -- | A structure that contains the parameters for a connector object.
+    as2Config :: Prelude.Maybe As2ConnectorConfig,
+    -- | The unique identifier for the connector.
+    connectorId :: Prelude.Maybe Prelude.Text,
+    -- | The Amazon Resource Name (ARN) of the Identity and Access Management
+    -- (IAM) role that allows a connector to turn on CloudWatch logging for
+    -- Amazon S3 events. When set, you can view connector activity in your
+    -- CloudWatch logs.
+    loggingRole :: Prelude.Maybe Prelude.Text,
+    -- | Key-value pairs that can be used to group and search for connectors.
+    tags :: Prelude.Maybe (Prelude.NonEmpty Tag),
+    -- | The URL of the partner\'s AS2 endpoint.
+    url :: Prelude.Maybe Prelude.Text,
+    -- | The unique Amazon Resource Name (ARN) for the connector.
+    arn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribedConnector' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'accessRole', 'describedConnector_accessRole' - With AS2, you can send files by calling @StartFileTransfer@ and
+-- specifying the file paths in the request parameter, @SendFilePaths@. We
+-- use the file’s parent directory (for example, for
+-- @--send-file-paths \/bucket\/dir\/file.txt@, parent directory is
+-- @\/bucket\/dir\/@) to temporarily store a processed AS2 message file,
+-- store the MDN when we receive them from the partner, and write a final
+-- JSON file containing relevant metadata of the transmission. So, the
+-- @AccessRole@ needs to provide read and write access to the parent
+-- directory of the file location used in the @StartFileTransfer@ request.
+-- Additionally, you need to provide read and write access to the parent
+-- directory of the files that you intend to send with @StartFileTransfer@.
+--
+-- 'as2Config', 'describedConnector_as2Config' - A structure that contains the parameters for a connector object.
+--
+-- 'connectorId', 'describedConnector_connectorId' - The unique identifier for the connector.
+--
+-- 'loggingRole', 'describedConnector_loggingRole' - The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that allows a connector to turn on CloudWatch logging for
+-- Amazon S3 events. When set, you can view connector activity in your
+-- CloudWatch logs.
+--
+-- 'tags', 'describedConnector_tags' - Key-value pairs that can be used to group and search for connectors.
+--
+-- 'url', 'describedConnector_url' - The URL of the partner\'s AS2 endpoint.
+--
+-- 'arn', 'describedConnector_arn' - The unique Amazon Resource Name (ARN) for the connector.
+newDescribedConnector ::
+  -- | 'arn'
+  Prelude.Text ->
+  DescribedConnector
+newDescribedConnector pArn_ =
+  DescribedConnector'
+    { accessRole = Prelude.Nothing,
+      as2Config = Prelude.Nothing,
+      connectorId = Prelude.Nothing,
+      loggingRole = Prelude.Nothing,
+      tags = Prelude.Nothing,
+      url = Prelude.Nothing,
+      arn = pArn_
+    }
+
+-- | With AS2, you can send files by calling @StartFileTransfer@ and
+-- specifying the file paths in the request parameter, @SendFilePaths@. We
+-- use the file’s parent directory (for example, for
+-- @--send-file-paths \/bucket\/dir\/file.txt@, parent directory is
+-- @\/bucket\/dir\/@) to temporarily store a processed AS2 message file,
+-- store the MDN when we receive them from the partner, and write a final
+-- JSON file containing relevant metadata of the transmission. So, the
+-- @AccessRole@ needs to provide read and write access to the parent
+-- directory of the file location used in the @StartFileTransfer@ request.
+-- Additionally, you need to provide read and write access to the parent
+-- directory of the files that you intend to send with @StartFileTransfer@.
+describedConnector_accessRole :: Lens.Lens' DescribedConnector (Prelude.Maybe Prelude.Text)
+describedConnector_accessRole = Lens.lens (\DescribedConnector' {accessRole} -> accessRole) (\s@DescribedConnector' {} a -> s {accessRole = a} :: DescribedConnector)
+
+-- | A structure that contains the parameters for a connector object.
+describedConnector_as2Config :: Lens.Lens' DescribedConnector (Prelude.Maybe As2ConnectorConfig)
+describedConnector_as2Config = Lens.lens (\DescribedConnector' {as2Config} -> as2Config) (\s@DescribedConnector' {} a -> s {as2Config = a} :: DescribedConnector)
+
+-- | The unique identifier for the connector.
+describedConnector_connectorId :: Lens.Lens' DescribedConnector (Prelude.Maybe Prelude.Text)
+describedConnector_connectorId = Lens.lens (\DescribedConnector' {connectorId} -> connectorId) (\s@DescribedConnector' {} a -> s {connectorId = a} :: DescribedConnector)
+
+-- | The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that allows a connector to turn on CloudWatch logging for
+-- Amazon S3 events. When set, you can view connector activity in your
+-- CloudWatch logs.
+describedConnector_loggingRole :: Lens.Lens' DescribedConnector (Prelude.Maybe Prelude.Text)
+describedConnector_loggingRole = Lens.lens (\DescribedConnector' {loggingRole} -> loggingRole) (\s@DescribedConnector' {} a -> s {loggingRole = a} :: DescribedConnector)
+
+-- | Key-value pairs that can be used to group and search for connectors.
+describedConnector_tags :: Lens.Lens' DescribedConnector (Prelude.Maybe (Prelude.NonEmpty Tag))
+describedConnector_tags = Lens.lens (\DescribedConnector' {tags} -> tags) (\s@DescribedConnector' {} a -> s {tags = a} :: DescribedConnector) Prelude.. Lens.mapping Lens.coerced
+
+-- | The URL of the partner\'s AS2 endpoint.
+describedConnector_url :: Lens.Lens' DescribedConnector (Prelude.Maybe Prelude.Text)
+describedConnector_url = Lens.lens (\DescribedConnector' {url} -> url) (\s@DescribedConnector' {} a -> s {url = a} :: DescribedConnector)
+
+-- | The unique Amazon Resource Name (ARN) for the connector.
+describedConnector_arn :: Lens.Lens' DescribedConnector Prelude.Text
+describedConnector_arn = Lens.lens (\DescribedConnector' {arn} -> arn) (\s@DescribedConnector' {} a -> s {arn = a} :: DescribedConnector)
+
+instance Data.FromJSON DescribedConnector where
+  parseJSON =
+    Data.withObject
+      "DescribedConnector"
+      ( \x ->
+          DescribedConnector'
+            Prelude.<$> (x Data..:? "AccessRole")
+            Prelude.<*> (x Data..:? "As2Config")
+            Prelude.<*> (x Data..:? "ConnectorId")
+            Prelude.<*> (x Data..:? "LoggingRole")
+            Prelude.<*> (x Data..:? "Tags")
+            Prelude.<*> (x Data..:? "Url")
+            Prelude.<*> (x Data..: "Arn")
+      )
+
+instance Prelude.Hashable DescribedConnector where
+  hashWithSalt _salt DescribedConnector' {..} =
+    _salt
+      `Prelude.hashWithSalt` accessRole
+      `Prelude.hashWithSalt` as2Config
+      `Prelude.hashWithSalt` connectorId
+      `Prelude.hashWithSalt` loggingRole
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` url
+      `Prelude.hashWithSalt` arn
+
+instance Prelude.NFData DescribedConnector where
+  rnf DescribedConnector' {..} =
+    Prelude.rnf accessRole
+      `Prelude.seq` Prelude.rnf as2Config
+      `Prelude.seq` Prelude.rnf connectorId
+      `Prelude.seq` Prelude.rnf loggingRole
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf url
+      `Prelude.seq` Prelude.rnf arn
diff --git a/gen/Amazonka/Transfer/Types/DescribedExecution.hs b/gen/Amazonka/Transfer/Types/DescribedExecution.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/DescribedExecution.hs
@@ -0,0 +1,179 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.DescribedExecution
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.DescribedExecution where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.ExecutionResults
+import Amazonka.Transfer.Types.ExecutionStatus
+import Amazonka.Transfer.Types.FileLocation
+import Amazonka.Transfer.Types.LoggingConfiguration
+import Amazonka.Transfer.Types.PosixProfile
+import Amazonka.Transfer.Types.ServiceMetadata
+
+-- | The details for an execution object.
+--
+-- /See:/ 'newDescribedExecution' smart constructor.
+data DescribedExecution = DescribedExecution'
+  { -- | A unique identifier for the execution of a workflow.
+    executionId :: Prelude.Maybe Prelude.Text,
+    -- | The IAM role associated with the execution.
+    executionRole :: Prelude.Maybe Prelude.Text,
+    -- | A structure that describes the Amazon S3 or EFS file location. This is
+    -- the file location when the execution begins: if the file is being
+    -- copied, this is the initial (as opposed to destination) file location.
+    initialFileLocation :: Prelude.Maybe FileLocation,
+    -- | The IAM logging role associated with the execution.
+    loggingConfiguration :: Prelude.Maybe LoggingConfiguration,
+    posixProfile :: Prelude.Maybe PosixProfile,
+    -- | A structure that describes the execution results. This includes a list
+    -- of the steps along with the details of each step, error type and message
+    -- (if any), and the @OnExceptionSteps@ structure.
+    results :: Prelude.Maybe ExecutionResults,
+    -- | A container object for the session details that are associated with a
+    -- workflow.
+    serviceMetadata :: Prelude.Maybe ServiceMetadata,
+    -- | The status is one of the execution. Can be in progress, completed,
+    -- exception encountered, or handling the exception.
+    status :: Prelude.Maybe ExecutionStatus
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribedExecution' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'executionId', 'describedExecution_executionId' - A unique identifier for the execution of a workflow.
+--
+-- 'executionRole', 'describedExecution_executionRole' - The IAM role associated with the execution.
+--
+-- 'initialFileLocation', 'describedExecution_initialFileLocation' - A structure that describes the Amazon S3 or EFS file location. This is
+-- the file location when the execution begins: if the file is being
+-- copied, this is the initial (as opposed to destination) file location.
+--
+-- 'loggingConfiguration', 'describedExecution_loggingConfiguration' - The IAM logging role associated with the execution.
+--
+-- 'posixProfile', 'describedExecution_posixProfile' - Undocumented member.
+--
+-- 'results', 'describedExecution_results' - A structure that describes the execution results. This includes a list
+-- of the steps along with the details of each step, error type and message
+-- (if any), and the @OnExceptionSteps@ structure.
+--
+-- 'serviceMetadata', 'describedExecution_serviceMetadata' - A container object for the session details that are associated with a
+-- workflow.
+--
+-- 'status', 'describedExecution_status' - The status is one of the execution. Can be in progress, completed,
+-- exception encountered, or handling the exception.
+newDescribedExecution ::
+  DescribedExecution
+newDescribedExecution =
+  DescribedExecution'
+    { executionId = Prelude.Nothing,
+      executionRole = Prelude.Nothing,
+      initialFileLocation = Prelude.Nothing,
+      loggingConfiguration = Prelude.Nothing,
+      posixProfile = Prelude.Nothing,
+      results = Prelude.Nothing,
+      serviceMetadata = Prelude.Nothing,
+      status = Prelude.Nothing
+    }
+
+-- | A unique identifier for the execution of a workflow.
+describedExecution_executionId :: Lens.Lens' DescribedExecution (Prelude.Maybe Prelude.Text)
+describedExecution_executionId = Lens.lens (\DescribedExecution' {executionId} -> executionId) (\s@DescribedExecution' {} a -> s {executionId = a} :: DescribedExecution)
+
+-- | The IAM role associated with the execution.
+describedExecution_executionRole :: Lens.Lens' DescribedExecution (Prelude.Maybe Prelude.Text)
+describedExecution_executionRole = Lens.lens (\DescribedExecution' {executionRole} -> executionRole) (\s@DescribedExecution' {} a -> s {executionRole = a} :: DescribedExecution)
+
+-- | A structure that describes the Amazon S3 or EFS file location. This is
+-- the file location when the execution begins: if the file is being
+-- copied, this is the initial (as opposed to destination) file location.
+describedExecution_initialFileLocation :: Lens.Lens' DescribedExecution (Prelude.Maybe FileLocation)
+describedExecution_initialFileLocation = Lens.lens (\DescribedExecution' {initialFileLocation} -> initialFileLocation) (\s@DescribedExecution' {} a -> s {initialFileLocation = a} :: DescribedExecution)
+
+-- | The IAM logging role associated with the execution.
+describedExecution_loggingConfiguration :: Lens.Lens' DescribedExecution (Prelude.Maybe LoggingConfiguration)
+describedExecution_loggingConfiguration = Lens.lens (\DescribedExecution' {loggingConfiguration} -> loggingConfiguration) (\s@DescribedExecution' {} a -> s {loggingConfiguration = a} :: DescribedExecution)
+
+-- | Undocumented member.
+describedExecution_posixProfile :: Lens.Lens' DescribedExecution (Prelude.Maybe PosixProfile)
+describedExecution_posixProfile = Lens.lens (\DescribedExecution' {posixProfile} -> posixProfile) (\s@DescribedExecution' {} a -> s {posixProfile = a} :: DescribedExecution)
+
+-- | A structure that describes the execution results. This includes a list
+-- of the steps along with the details of each step, error type and message
+-- (if any), and the @OnExceptionSteps@ structure.
+describedExecution_results :: Lens.Lens' DescribedExecution (Prelude.Maybe ExecutionResults)
+describedExecution_results = Lens.lens (\DescribedExecution' {results} -> results) (\s@DescribedExecution' {} a -> s {results = a} :: DescribedExecution)
+
+-- | A container object for the session details that are associated with a
+-- workflow.
+describedExecution_serviceMetadata :: Lens.Lens' DescribedExecution (Prelude.Maybe ServiceMetadata)
+describedExecution_serviceMetadata = Lens.lens (\DescribedExecution' {serviceMetadata} -> serviceMetadata) (\s@DescribedExecution' {} a -> s {serviceMetadata = a} :: DescribedExecution)
+
+-- | The status is one of the execution. Can be in progress, completed,
+-- exception encountered, or handling the exception.
+describedExecution_status :: Lens.Lens' DescribedExecution (Prelude.Maybe ExecutionStatus)
+describedExecution_status = Lens.lens (\DescribedExecution' {status} -> status) (\s@DescribedExecution' {} a -> s {status = a} :: DescribedExecution)
+
+instance Data.FromJSON DescribedExecution where
+  parseJSON =
+    Data.withObject
+      "DescribedExecution"
+      ( \x ->
+          DescribedExecution'
+            Prelude.<$> (x Data..:? "ExecutionId")
+            Prelude.<*> (x Data..:? "ExecutionRole")
+            Prelude.<*> (x Data..:? "InitialFileLocation")
+            Prelude.<*> (x Data..:? "LoggingConfiguration")
+            Prelude.<*> (x Data..:? "PosixProfile")
+            Prelude.<*> (x Data..:? "Results")
+            Prelude.<*> (x Data..:? "ServiceMetadata")
+            Prelude.<*> (x Data..:? "Status")
+      )
+
+instance Prelude.Hashable DescribedExecution where
+  hashWithSalt _salt DescribedExecution' {..} =
+    _salt
+      `Prelude.hashWithSalt` executionId
+      `Prelude.hashWithSalt` executionRole
+      `Prelude.hashWithSalt` initialFileLocation
+      `Prelude.hashWithSalt` loggingConfiguration
+      `Prelude.hashWithSalt` posixProfile
+      `Prelude.hashWithSalt` results
+      `Prelude.hashWithSalt` serviceMetadata
+      `Prelude.hashWithSalt` status
+
+instance Prelude.NFData DescribedExecution where
+  rnf DescribedExecution' {..} =
+    Prelude.rnf executionId
+      `Prelude.seq` Prelude.rnf executionRole
+      `Prelude.seq` Prelude.rnf initialFileLocation
+      `Prelude.seq` Prelude.rnf loggingConfiguration
+      `Prelude.seq` Prelude.rnf posixProfile
+      `Prelude.seq` Prelude.rnf results
+      `Prelude.seq` Prelude.rnf serviceMetadata
+      `Prelude.seq` Prelude.rnf status
diff --git a/gen/Amazonka/Transfer/Types/DescribedHostKey.hs b/gen/Amazonka/Transfer/Types/DescribedHostKey.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/DescribedHostKey.hs
@@ -0,0 +1,183 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.DescribedHostKey
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.DescribedHostKey where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.Tag
+
+-- | The details for a server host key.
+--
+-- /See:/ 'newDescribedHostKey' smart constructor.
+data DescribedHostKey = DescribedHostKey'
+  { -- | The date on which the host key was added to the server.
+    dateImported :: Prelude.Maybe Data.POSIX,
+    -- | The text description for this host key.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | The public key fingerprint, which is a short sequence of bytes used to
+    -- identify the longer public key.
+    hostKeyFingerprint :: Prelude.Maybe Prelude.Text,
+    -- | A unique identifier for the host key.
+    hostKeyId :: Prelude.Maybe Prelude.Text,
+    -- | Key-value pairs that can be used to group and search for host keys.
+    tags :: Prelude.Maybe (Prelude.NonEmpty Tag),
+    -- | The encryption algorithm that is used for the host key. The @Type@
+    -- parameter is specified by using one of the following values:
+    --
+    -- -   @ssh-rsa@
+    --
+    -- -   @ssh-ed25519@
+    --
+    -- -   @ecdsa-sha2-nistp256@
+    --
+    -- -   @ecdsa-sha2-nistp384@
+    --
+    -- -   @ecdsa-sha2-nistp521@
+    type' :: Prelude.Maybe Prelude.Text,
+    -- | The unique Amazon Resource Name (ARN) for the host key.
+    arn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribedHostKey' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'dateImported', 'describedHostKey_dateImported' - The date on which the host key was added to the server.
+--
+-- 'description', 'describedHostKey_description' - The text description for this host key.
+--
+-- 'hostKeyFingerprint', 'describedHostKey_hostKeyFingerprint' - The public key fingerprint, which is a short sequence of bytes used to
+-- identify the longer public key.
+--
+-- 'hostKeyId', 'describedHostKey_hostKeyId' - A unique identifier for the host key.
+--
+-- 'tags', 'describedHostKey_tags' - Key-value pairs that can be used to group and search for host keys.
+--
+-- 'type'', 'describedHostKey_type' - The encryption algorithm that is used for the host key. The @Type@
+-- parameter is specified by using one of the following values:
+--
+-- -   @ssh-rsa@
+--
+-- -   @ssh-ed25519@
+--
+-- -   @ecdsa-sha2-nistp256@
+--
+-- -   @ecdsa-sha2-nistp384@
+--
+-- -   @ecdsa-sha2-nistp521@
+--
+-- 'arn', 'describedHostKey_arn' - The unique Amazon Resource Name (ARN) for the host key.
+newDescribedHostKey ::
+  -- | 'arn'
+  Prelude.Text ->
+  DescribedHostKey
+newDescribedHostKey pArn_ =
+  DescribedHostKey'
+    { dateImported = Prelude.Nothing,
+      description = Prelude.Nothing,
+      hostKeyFingerprint = Prelude.Nothing,
+      hostKeyId = Prelude.Nothing,
+      tags = Prelude.Nothing,
+      type' = Prelude.Nothing,
+      arn = pArn_
+    }
+
+-- | The date on which the host key was added to the server.
+describedHostKey_dateImported :: Lens.Lens' DescribedHostKey (Prelude.Maybe Prelude.UTCTime)
+describedHostKey_dateImported = Lens.lens (\DescribedHostKey' {dateImported} -> dateImported) (\s@DescribedHostKey' {} a -> s {dateImported = a} :: DescribedHostKey) Prelude.. Lens.mapping Data._Time
+
+-- | The text description for this host key.
+describedHostKey_description :: Lens.Lens' DescribedHostKey (Prelude.Maybe Prelude.Text)
+describedHostKey_description = Lens.lens (\DescribedHostKey' {description} -> description) (\s@DescribedHostKey' {} a -> s {description = a} :: DescribedHostKey)
+
+-- | The public key fingerprint, which is a short sequence of bytes used to
+-- identify the longer public key.
+describedHostKey_hostKeyFingerprint :: Lens.Lens' DescribedHostKey (Prelude.Maybe Prelude.Text)
+describedHostKey_hostKeyFingerprint = Lens.lens (\DescribedHostKey' {hostKeyFingerprint} -> hostKeyFingerprint) (\s@DescribedHostKey' {} a -> s {hostKeyFingerprint = a} :: DescribedHostKey)
+
+-- | A unique identifier for the host key.
+describedHostKey_hostKeyId :: Lens.Lens' DescribedHostKey (Prelude.Maybe Prelude.Text)
+describedHostKey_hostKeyId = Lens.lens (\DescribedHostKey' {hostKeyId} -> hostKeyId) (\s@DescribedHostKey' {} a -> s {hostKeyId = a} :: DescribedHostKey)
+
+-- | Key-value pairs that can be used to group and search for host keys.
+describedHostKey_tags :: Lens.Lens' DescribedHostKey (Prelude.Maybe (Prelude.NonEmpty Tag))
+describedHostKey_tags = Lens.lens (\DescribedHostKey' {tags} -> tags) (\s@DescribedHostKey' {} a -> s {tags = a} :: DescribedHostKey) Prelude.. Lens.mapping Lens.coerced
+
+-- | The encryption algorithm that is used for the host key. The @Type@
+-- parameter is specified by using one of the following values:
+--
+-- -   @ssh-rsa@
+--
+-- -   @ssh-ed25519@
+--
+-- -   @ecdsa-sha2-nistp256@
+--
+-- -   @ecdsa-sha2-nistp384@
+--
+-- -   @ecdsa-sha2-nistp521@
+describedHostKey_type :: Lens.Lens' DescribedHostKey (Prelude.Maybe Prelude.Text)
+describedHostKey_type = Lens.lens (\DescribedHostKey' {type'} -> type') (\s@DescribedHostKey' {} a -> s {type' = a} :: DescribedHostKey)
+
+-- | The unique Amazon Resource Name (ARN) for the host key.
+describedHostKey_arn :: Lens.Lens' DescribedHostKey Prelude.Text
+describedHostKey_arn = Lens.lens (\DescribedHostKey' {arn} -> arn) (\s@DescribedHostKey' {} a -> s {arn = a} :: DescribedHostKey)
+
+instance Data.FromJSON DescribedHostKey where
+  parseJSON =
+    Data.withObject
+      "DescribedHostKey"
+      ( \x ->
+          DescribedHostKey'
+            Prelude.<$> (x Data..:? "DateImported")
+            Prelude.<*> (x Data..:? "Description")
+            Prelude.<*> (x Data..:? "HostKeyFingerprint")
+            Prelude.<*> (x Data..:? "HostKeyId")
+            Prelude.<*> (x Data..:? "Tags")
+            Prelude.<*> (x Data..:? "Type")
+            Prelude.<*> (x Data..: "Arn")
+      )
+
+instance Prelude.Hashable DescribedHostKey where
+  hashWithSalt _salt DescribedHostKey' {..} =
+    _salt
+      `Prelude.hashWithSalt` dateImported
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` hostKeyFingerprint
+      `Prelude.hashWithSalt` hostKeyId
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` type'
+      `Prelude.hashWithSalt` arn
+
+instance Prelude.NFData DescribedHostKey where
+  rnf DescribedHostKey' {..} =
+    Prelude.rnf dateImported
+      `Prelude.seq` Prelude.rnf description
+      `Prelude.seq` Prelude.rnf hostKeyFingerprint
+      `Prelude.seq` Prelude.rnf hostKeyId
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf type'
+      `Prelude.seq` Prelude.rnf arn
diff --git a/gen/Amazonka/Transfer/Types/DescribedProfile.hs b/gen/Amazonka/Transfer/Types/DescribedProfile.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/DescribedProfile.hs
@@ -0,0 +1,160 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.DescribedProfile
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.DescribedProfile where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.ProfileType
+import Amazonka.Transfer.Types.Tag
+
+-- | The details for a local or partner AS2 profile.
+--
+-- /See:/ 'newDescribedProfile' smart constructor.
+data DescribedProfile = DescribedProfile'
+  { -- | The @As2Id@ is the /AS2-name/, as defined in the
+    -- <https://datatracker.ietf.org/doc/html/rfc4130 RFC 4130>. For inbound
+    -- transfers, this is the @AS2-From@ header for the AS2 messages sent from
+    -- the partner. For outbound connectors, this is the @AS2-To@ header for
+    -- the AS2 messages sent to the partner using the @StartFileTransfer@ API
+    -- operation. This ID cannot include spaces.
+    as2Id :: Prelude.Maybe Prelude.Text,
+    -- | An array of identifiers for the imported certificates. You use this
+    -- identifier for working with profiles and partner profiles.
+    certificateIds :: Prelude.Maybe [Prelude.Text],
+    -- | A unique identifier for the local or partner AS2 profile.
+    profileId :: Prelude.Maybe Prelude.Text,
+    -- | Indicates whether to list only @LOCAL@ type profiles or only @PARTNER@
+    -- type profiles. If not supplied in the request, the command lists all
+    -- types of profiles.
+    profileType :: Prelude.Maybe ProfileType,
+    -- | Key-value pairs that can be used to group and search for profiles.
+    tags :: Prelude.Maybe (Prelude.NonEmpty Tag),
+    -- | The unique Amazon Resource Name (ARN) for the profile.
+    arn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribedProfile' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'as2Id', 'describedProfile_as2Id' - The @As2Id@ is the /AS2-name/, as defined in the
+-- <https://datatracker.ietf.org/doc/html/rfc4130 RFC 4130>. For inbound
+-- transfers, this is the @AS2-From@ header for the AS2 messages sent from
+-- the partner. For outbound connectors, this is the @AS2-To@ header for
+-- the AS2 messages sent to the partner using the @StartFileTransfer@ API
+-- operation. This ID cannot include spaces.
+--
+-- 'certificateIds', 'describedProfile_certificateIds' - An array of identifiers for the imported certificates. You use this
+-- identifier for working with profiles and partner profiles.
+--
+-- 'profileId', 'describedProfile_profileId' - A unique identifier for the local or partner AS2 profile.
+--
+-- 'profileType', 'describedProfile_profileType' - Indicates whether to list only @LOCAL@ type profiles or only @PARTNER@
+-- type profiles. If not supplied in the request, the command lists all
+-- types of profiles.
+--
+-- 'tags', 'describedProfile_tags' - Key-value pairs that can be used to group and search for profiles.
+--
+-- 'arn', 'describedProfile_arn' - The unique Amazon Resource Name (ARN) for the profile.
+newDescribedProfile ::
+  -- | 'arn'
+  Prelude.Text ->
+  DescribedProfile
+newDescribedProfile pArn_ =
+  DescribedProfile'
+    { as2Id = Prelude.Nothing,
+      certificateIds = Prelude.Nothing,
+      profileId = Prelude.Nothing,
+      profileType = Prelude.Nothing,
+      tags = Prelude.Nothing,
+      arn = pArn_
+    }
+
+-- | The @As2Id@ is the /AS2-name/, as defined in the
+-- <https://datatracker.ietf.org/doc/html/rfc4130 RFC 4130>. For inbound
+-- transfers, this is the @AS2-From@ header for the AS2 messages sent from
+-- the partner. For outbound connectors, this is the @AS2-To@ header for
+-- the AS2 messages sent to the partner using the @StartFileTransfer@ API
+-- operation. This ID cannot include spaces.
+describedProfile_as2Id :: Lens.Lens' DescribedProfile (Prelude.Maybe Prelude.Text)
+describedProfile_as2Id = Lens.lens (\DescribedProfile' {as2Id} -> as2Id) (\s@DescribedProfile' {} a -> s {as2Id = a} :: DescribedProfile)
+
+-- | An array of identifiers for the imported certificates. You use this
+-- identifier for working with profiles and partner profiles.
+describedProfile_certificateIds :: Lens.Lens' DescribedProfile (Prelude.Maybe [Prelude.Text])
+describedProfile_certificateIds = Lens.lens (\DescribedProfile' {certificateIds} -> certificateIds) (\s@DescribedProfile' {} a -> s {certificateIds = a} :: DescribedProfile) Prelude.. Lens.mapping Lens.coerced
+
+-- | A unique identifier for the local or partner AS2 profile.
+describedProfile_profileId :: Lens.Lens' DescribedProfile (Prelude.Maybe Prelude.Text)
+describedProfile_profileId = Lens.lens (\DescribedProfile' {profileId} -> profileId) (\s@DescribedProfile' {} a -> s {profileId = a} :: DescribedProfile)
+
+-- | Indicates whether to list only @LOCAL@ type profiles or only @PARTNER@
+-- type profiles. If not supplied in the request, the command lists all
+-- types of profiles.
+describedProfile_profileType :: Lens.Lens' DescribedProfile (Prelude.Maybe ProfileType)
+describedProfile_profileType = Lens.lens (\DescribedProfile' {profileType} -> profileType) (\s@DescribedProfile' {} a -> s {profileType = a} :: DescribedProfile)
+
+-- | Key-value pairs that can be used to group and search for profiles.
+describedProfile_tags :: Lens.Lens' DescribedProfile (Prelude.Maybe (Prelude.NonEmpty Tag))
+describedProfile_tags = Lens.lens (\DescribedProfile' {tags} -> tags) (\s@DescribedProfile' {} a -> s {tags = a} :: DescribedProfile) Prelude.. Lens.mapping Lens.coerced
+
+-- | The unique Amazon Resource Name (ARN) for the profile.
+describedProfile_arn :: Lens.Lens' DescribedProfile Prelude.Text
+describedProfile_arn = Lens.lens (\DescribedProfile' {arn} -> arn) (\s@DescribedProfile' {} a -> s {arn = a} :: DescribedProfile)
+
+instance Data.FromJSON DescribedProfile where
+  parseJSON =
+    Data.withObject
+      "DescribedProfile"
+      ( \x ->
+          DescribedProfile'
+            Prelude.<$> (x Data..:? "As2Id")
+            Prelude.<*> (x Data..:? "CertificateIds" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..:? "ProfileId")
+            Prelude.<*> (x Data..:? "ProfileType")
+            Prelude.<*> (x Data..:? "Tags")
+            Prelude.<*> (x Data..: "Arn")
+      )
+
+instance Prelude.Hashable DescribedProfile where
+  hashWithSalt _salt DescribedProfile' {..} =
+    _salt
+      `Prelude.hashWithSalt` as2Id
+      `Prelude.hashWithSalt` certificateIds
+      `Prelude.hashWithSalt` profileId
+      `Prelude.hashWithSalt` profileType
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` arn
+
+instance Prelude.NFData DescribedProfile where
+  rnf DescribedProfile' {..} =
+    Prelude.rnf as2Id
+      `Prelude.seq` Prelude.rnf certificateIds
+      `Prelude.seq` Prelude.rnf profileId
+      `Prelude.seq` Prelude.rnf profileType
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf arn
diff --git a/gen/Amazonka/Transfer/Types/DescribedSecurityPolicy.hs b/gen/Amazonka/Transfer/Types/DescribedSecurityPolicy.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/DescribedSecurityPolicy.hs
@@ -0,0 +1,154 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.DescribedSecurityPolicy
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.DescribedSecurityPolicy where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes the properties of a security policy that was specified. For
+-- more information about security policies, see
+-- <https://docs.aws.amazon.com/transfer/latest/userguide/security-policies.html Working with security policies>.
+--
+-- /See:/ 'newDescribedSecurityPolicy' smart constructor.
+data DescribedSecurityPolicy = DescribedSecurityPolicy'
+  { -- | Specifies whether this policy enables Federal Information Processing
+    -- Standards (FIPS).
+    fips :: Prelude.Maybe Prelude.Bool,
+    -- | Specifies the enabled Secure Shell (SSH) cipher encryption algorithms in
+    -- the security policy that is attached to the server.
+    sshCiphers :: Prelude.Maybe [Prelude.Text],
+    -- | Specifies the enabled SSH key exchange (KEX) encryption algorithms in
+    -- the security policy that is attached to the server.
+    sshKexs :: Prelude.Maybe [Prelude.Text],
+    -- | Specifies the enabled SSH message authentication code (MAC) encryption
+    -- algorithms in the security policy that is attached to the server.
+    sshMacs :: Prelude.Maybe [Prelude.Text],
+    -- | Specifies the enabled Transport Layer Security (TLS) cipher encryption
+    -- algorithms in the security policy that is attached to the server.
+    tlsCiphers :: Prelude.Maybe [Prelude.Text],
+    -- | Specifies the name of the security policy that is attached to the
+    -- server.
+    securityPolicyName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribedSecurityPolicy' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'fips', 'describedSecurityPolicy_fips' - Specifies whether this policy enables Federal Information Processing
+-- Standards (FIPS).
+--
+-- 'sshCiphers', 'describedSecurityPolicy_sshCiphers' - Specifies the enabled Secure Shell (SSH) cipher encryption algorithms in
+-- the security policy that is attached to the server.
+--
+-- 'sshKexs', 'describedSecurityPolicy_sshKexs' - Specifies the enabled SSH key exchange (KEX) encryption algorithms in
+-- the security policy that is attached to the server.
+--
+-- 'sshMacs', 'describedSecurityPolicy_sshMacs' - Specifies the enabled SSH message authentication code (MAC) encryption
+-- algorithms in the security policy that is attached to the server.
+--
+-- 'tlsCiphers', 'describedSecurityPolicy_tlsCiphers' - Specifies the enabled Transport Layer Security (TLS) cipher encryption
+-- algorithms in the security policy that is attached to the server.
+--
+-- 'securityPolicyName', 'describedSecurityPolicy_securityPolicyName' - Specifies the name of the security policy that is attached to the
+-- server.
+newDescribedSecurityPolicy ::
+  -- | 'securityPolicyName'
+  Prelude.Text ->
+  DescribedSecurityPolicy
+newDescribedSecurityPolicy pSecurityPolicyName_ =
+  DescribedSecurityPolicy'
+    { fips = Prelude.Nothing,
+      sshCiphers = Prelude.Nothing,
+      sshKexs = Prelude.Nothing,
+      sshMacs = Prelude.Nothing,
+      tlsCiphers = Prelude.Nothing,
+      securityPolicyName = pSecurityPolicyName_
+    }
+
+-- | Specifies whether this policy enables Federal Information Processing
+-- Standards (FIPS).
+describedSecurityPolicy_fips :: Lens.Lens' DescribedSecurityPolicy (Prelude.Maybe Prelude.Bool)
+describedSecurityPolicy_fips = Lens.lens (\DescribedSecurityPolicy' {fips} -> fips) (\s@DescribedSecurityPolicy' {} a -> s {fips = a} :: DescribedSecurityPolicy)
+
+-- | Specifies the enabled Secure Shell (SSH) cipher encryption algorithms in
+-- the security policy that is attached to the server.
+describedSecurityPolicy_sshCiphers :: Lens.Lens' DescribedSecurityPolicy (Prelude.Maybe [Prelude.Text])
+describedSecurityPolicy_sshCiphers = Lens.lens (\DescribedSecurityPolicy' {sshCiphers} -> sshCiphers) (\s@DescribedSecurityPolicy' {} a -> s {sshCiphers = a} :: DescribedSecurityPolicy) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies the enabled SSH key exchange (KEX) encryption algorithms in
+-- the security policy that is attached to the server.
+describedSecurityPolicy_sshKexs :: Lens.Lens' DescribedSecurityPolicy (Prelude.Maybe [Prelude.Text])
+describedSecurityPolicy_sshKexs = Lens.lens (\DescribedSecurityPolicy' {sshKexs} -> sshKexs) (\s@DescribedSecurityPolicy' {} a -> s {sshKexs = a} :: DescribedSecurityPolicy) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies the enabled SSH message authentication code (MAC) encryption
+-- algorithms in the security policy that is attached to the server.
+describedSecurityPolicy_sshMacs :: Lens.Lens' DescribedSecurityPolicy (Prelude.Maybe [Prelude.Text])
+describedSecurityPolicy_sshMacs = Lens.lens (\DescribedSecurityPolicy' {sshMacs} -> sshMacs) (\s@DescribedSecurityPolicy' {} a -> s {sshMacs = a} :: DescribedSecurityPolicy) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies the enabled Transport Layer Security (TLS) cipher encryption
+-- algorithms in the security policy that is attached to the server.
+describedSecurityPolicy_tlsCiphers :: Lens.Lens' DescribedSecurityPolicy (Prelude.Maybe [Prelude.Text])
+describedSecurityPolicy_tlsCiphers = Lens.lens (\DescribedSecurityPolicy' {tlsCiphers} -> tlsCiphers) (\s@DescribedSecurityPolicy' {} a -> s {tlsCiphers = a} :: DescribedSecurityPolicy) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies the name of the security policy that is attached to the
+-- server.
+describedSecurityPolicy_securityPolicyName :: Lens.Lens' DescribedSecurityPolicy Prelude.Text
+describedSecurityPolicy_securityPolicyName = Lens.lens (\DescribedSecurityPolicy' {securityPolicyName} -> securityPolicyName) (\s@DescribedSecurityPolicy' {} a -> s {securityPolicyName = a} :: DescribedSecurityPolicy)
+
+instance Data.FromJSON DescribedSecurityPolicy where
+  parseJSON =
+    Data.withObject
+      "DescribedSecurityPolicy"
+      ( \x ->
+          DescribedSecurityPolicy'
+            Prelude.<$> (x Data..:? "Fips")
+            Prelude.<*> (x Data..:? "SshCiphers" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..:? "SshKexs" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..:? "SshMacs" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..:? "TlsCiphers" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..: "SecurityPolicyName")
+      )
+
+instance Prelude.Hashable DescribedSecurityPolicy where
+  hashWithSalt _salt DescribedSecurityPolicy' {..} =
+    _salt
+      `Prelude.hashWithSalt` fips
+      `Prelude.hashWithSalt` sshCiphers
+      `Prelude.hashWithSalt` sshKexs
+      `Prelude.hashWithSalt` sshMacs
+      `Prelude.hashWithSalt` tlsCiphers
+      `Prelude.hashWithSalt` securityPolicyName
+
+instance Prelude.NFData DescribedSecurityPolicy where
+  rnf DescribedSecurityPolicy' {..} =
+    Prelude.rnf fips
+      `Prelude.seq` Prelude.rnf sshCiphers
+      `Prelude.seq` Prelude.rnf sshKexs
+      `Prelude.seq` Prelude.rnf sshMacs
+      `Prelude.seq` Prelude.rnf tlsCiphers
+      `Prelude.seq` Prelude.rnf securityPolicyName
diff --git a/gen/Amazonka/Transfer/Types/DescribedServer.hs b/gen/Amazonka/Transfer/Types/DescribedServer.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/DescribedServer.hs
@@ -0,0 +1,634 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.DescribedServer
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.DescribedServer where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.Domain
+import Amazonka.Transfer.Types.EndpointDetails
+import Amazonka.Transfer.Types.EndpointType
+import Amazonka.Transfer.Types.IdentityProviderDetails
+import Amazonka.Transfer.Types.IdentityProviderType
+import Amazonka.Transfer.Types.Protocol
+import Amazonka.Transfer.Types.ProtocolDetails
+import Amazonka.Transfer.Types.State
+import Amazonka.Transfer.Types.Tag
+import Amazonka.Transfer.Types.WorkflowDetails
+
+-- | Describes the properties of a file transfer protocol-enabled server that
+-- was specified.
+--
+-- /See:/ 'newDescribedServer' smart constructor.
+data DescribedServer = DescribedServer'
+  { -- | Specifies the ARN of the Amazon Web ServicesCertificate Manager (ACM)
+    -- certificate. Required when @Protocols@ is set to @FTPS@.
+    certificate :: Prelude.Maybe Prelude.Text,
+    -- | Specifies the domain of the storage system that is used for file
+    -- transfers.
+    domain :: Prelude.Maybe Domain,
+    -- | The virtual private cloud (VPC) endpoint settings that are configured
+    -- for your server. When you host your endpoint within your VPC, you can
+    -- make your endpoint accessible only to resources within your VPC, or you
+    -- can attach Elastic IP addresses and make your endpoint accessible to
+    -- clients over the internet. Your VPC\'s default security groups are
+    -- automatically assigned to your endpoint.
+    endpointDetails :: Prelude.Maybe EndpointDetails,
+    -- | Defines the type of endpoint that your server is connected to. If your
+    -- server is connected to a VPC endpoint, your server isn\'t accessible
+    -- over the public internet.
+    endpointType :: Prelude.Maybe EndpointType,
+    -- | Specifies the Base64-encoded SHA256 fingerprint of the server\'s host
+    -- key. This value is equivalent to the output of the
+    -- @ssh-keygen -l -f my-new-server-key@ command.
+    hostKeyFingerprint :: Prelude.Maybe Prelude.Text,
+    -- | Specifies information to call a customer-supplied authentication API.
+    -- This field is not populated when the @IdentityProviderType@ of a server
+    -- is @AWS_DIRECTORY_SERVICE@ or @SERVICE_MANAGED@.
+    identityProviderDetails :: Prelude.Maybe IdentityProviderDetails,
+    -- | The mode of authentication for a server. The default value is
+    -- @SERVICE_MANAGED@, which allows you to store and access user credentials
+    -- within the Transfer Family service.
+    --
+    -- Use @AWS_DIRECTORY_SERVICE@ to provide access to Active Directory groups
+    -- in Directory Service for Microsoft Active Directory or Microsoft Active
+    -- Directory in your on-premises environment or in Amazon Web Services
+    -- using AD Connector. This option also requires you to provide a Directory
+    -- ID by using the @IdentityProviderDetails@ parameter.
+    --
+    -- Use the @API_GATEWAY@ value to integrate with an identity provider of
+    -- your choosing. The @API_GATEWAY@ setting requires you to provide an
+    -- Amazon API Gateway endpoint URL to call for authentication by using the
+    -- @IdentityProviderDetails@ parameter.
+    --
+    -- Use the @AWS_LAMBDA@ value to directly use an Lambda function as your
+    -- identity provider. If you choose this value, you must specify the ARN
+    -- for the Lambda function in the @Function@ parameter or the
+    -- @IdentityProviderDetails@ data type.
+    identityProviderType :: Prelude.Maybe IdentityProviderType,
+    -- | The Amazon Resource Name (ARN) of the Identity and Access Management
+    -- (IAM) role that allows a server to turn on Amazon CloudWatch logging for
+    -- Amazon S3 or Amazon EFSevents. When set, you can view user activity in
+    -- your CloudWatch logs.
+    loggingRole :: Prelude.Maybe Prelude.Text,
+    -- | Specifies a string to display when users connect to a server. This
+    -- string is displayed after the user authenticates.
+    --
+    -- The SFTP protocol does not support post-authentication display banners.
+    postAuthenticationLoginBanner :: Prelude.Maybe Prelude.Text,
+    -- | Specifies a string to display when users connect to a server. This
+    -- string is displayed before the user authenticates. For example, the
+    -- following banner displays details about using the system:
+    --
+    -- @This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.@
+    preAuthenticationLoginBanner :: Prelude.Maybe Prelude.Text,
+    -- | The protocol settings that are configured for your server.
+    --
+    -- -   To indicate passive mode (for FTP and FTPS protocols), use the
+    --     @PassiveIp@ parameter. Enter a single dotted-quad IPv4 address, such
+    --     as the external IP address of a firewall, router, or load balancer.
+    --
+    -- -   To ignore the error that is generated when the client attempts to
+    --     use the @SETSTAT@ command on a file that you are uploading to an
+    --     Amazon S3 bucket, use the @SetStatOption@ parameter. To have the
+    --     Transfer Family server ignore the @SETSTAT@ command and upload files
+    --     without needing to make any changes to your SFTP client, set the
+    --     value to @ENABLE_NO_OP@. If you set the @SetStatOption@ parameter to
+    --     @ENABLE_NO_OP@, Transfer Family generates a log entry to Amazon
+    --     CloudWatch Logs, so that you can determine when the client is making
+    --     a @SETSTAT@ call.
+    --
+    -- -   To determine whether your Transfer Family server resumes recent,
+    --     negotiated sessions through a unique session ID, use the
+    --     @TlsSessionResumptionMode@ parameter.
+    --
+    -- -   @As2Transports@ indicates the transport method for the AS2 messages.
+    --     Currently, only HTTP is supported.
+    protocolDetails :: Prelude.Maybe ProtocolDetails,
+    -- | Specifies the file transfer protocol or protocols over which your file
+    -- transfer protocol client can connect to your server\'s endpoint. The
+    -- available protocols are:
+    --
+    -- -   @SFTP@ (Secure Shell (SSH) File Transfer Protocol): File transfer
+    --     over SSH
+    --
+    -- -   @FTPS@ (File Transfer Protocol Secure): File transfer with TLS
+    --     encryption
+    --
+    -- -   @FTP@ (File Transfer Protocol): Unencrypted file transfer
+    --
+    -- -   @AS2@ (Applicability Statement 2): used for transporting structured
+    --     business-to-business data
+    --
+    -- -   If you select @FTPS@, you must choose a certificate stored in
+    --     Certificate Manager (ACM) which is used to identify your server when
+    --     clients connect to it over FTPS.
+    --
+    -- -   If @Protocol@ includes either @FTP@ or @FTPS@, then the
+    --     @EndpointType@ must be @VPC@ and the @IdentityProviderType@ must be
+    --     @AWS_DIRECTORY_SERVICE@ or @API_GATEWAY@.
+    --
+    -- -   If @Protocol@ includes @FTP@, then @AddressAllocationIds@ cannot be
+    --     associated.
+    --
+    -- -   If @Protocol@ is set only to @SFTP@, the @EndpointType@ can be set
+    --     to @PUBLIC@ and the @IdentityProviderType@ can be set to
+    --     @SERVICE_MANAGED@.
+    --
+    -- -   If @Protocol@ includes @AS2@, then the @EndpointType@ must be @VPC@,
+    --     and domain must be Amazon S3.
+    protocols :: Prelude.Maybe (Prelude.NonEmpty Protocol),
+    -- | Specifies the name of the security policy that is attached to the
+    -- server.
+    securityPolicyName :: Prelude.Maybe Prelude.Text,
+    -- | Specifies the unique system-assigned identifier for a server that you
+    -- instantiate.
+    serverId :: Prelude.Maybe Prelude.Text,
+    -- | The condition of the server that was described. A value of @ONLINE@
+    -- indicates that the server can accept jobs and transfer files. A @State@
+    -- value of @OFFLINE@ means that the server cannot perform file transfer
+    -- operations.
+    --
+    -- The states of @STARTING@ and @STOPPING@ indicate that the server is in
+    -- an intermediate state, either not fully able to respond, or not fully
+    -- offline. The values of @START_FAILED@ or @STOP_FAILED@ can indicate an
+    -- error condition.
+    state :: Prelude.Maybe State,
+    -- | Specifies the key-value pairs that you can use to search for and group
+    -- servers that were assigned to the server that was described.
+    tags :: Prelude.Maybe (Prelude.NonEmpty Tag),
+    -- | Specifies the number of users that are assigned to a server you
+    -- specified with the @ServerId@.
+    userCount :: Prelude.Maybe Prelude.Int,
+    -- | Specifies the workflow ID for the workflow to assign and the execution
+    -- role that\'s used for executing the workflow.
+    --
+    -- In additon to a workflow to execute when a file is uploaded completely,
+    -- @WorkflowDeatails@ can also contain a workflow ID (and execution role)
+    -- for a workflow to execute on partial upload. A partial upload occurs
+    -- when a file is open when the session disconnects.
+    workflowDetails :: Prelude.Maybe WorkflowDetails,
+    -- | Specifies the unique Amazon Resource Name (ARN) of the server.
+    arn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribedServer' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificate', 'describedServer_certificate' - Specifies the ARN of the Amazon Web ServicesCertificate Manager (ACM)
+-- certificate. Required when @Protocols@ is set to @FTPS@.
+--
+-- 'domain', 'describedServer_domain' - Specifies the domain of the storage system that is used for file
+-- transfers.
+--
+-- 'endpointDetails', 'describedServer_endpointDetails' - The virtual private cloud (VPC) endpoint settings that are configured
+-- for your server. When you host your endpoint within your VPC, you can
+-- make your endpoint accessible only to resources within your VPC, or you
+-- can attach Elastic IP addresses and make your endpoint accessible to
+-- clients over the internet. Your VPC\'s default security groups are
+-- automatically assigned to your endpoint.
+--
+-- 'endpointType', 'describedServer_endpointType' - Defines the type of endpoint that your server is connected to. If your
+-- server is connected to a VPC endpoint, your server isn\'t accessible
+-- over the public internet.
+--
+-- 'hostKeyFingerprint', 'describedServer_hostKeyFingerprint' - Specifies the Base64-encoded SHA256 fingerprint of the server\'s host
+-- key. This value is equivalent to the output of the
+-- @ssh-keygen -l -f my-new-server-key@ command.
+--
+-- 'identityProviderDetails', 'describedServer_identityProviderDetails' - Specifies information to call a customer-supplied authentication API.
+-- This field is not populated when the @IdentityProviderType@ of a server
+-- is @AWS_DIRECTORY_SERVICE@ or @SERVICE_MANAGED@.
+--
+-- 'identityProviderType', 'describedServer_identityProviderType' - The mode of authentication for a server. The default value is
+-- @SERVICE_MANAGED@, which allows you to store and access user credentials
+-- within the Transfer Family service.
+--
+-- Use @AWS_DIRECTORY_SERVICE@ to provide access to Active Directory groups
+-- in Directory Service for Microsoft Active Directory or Microsoft Active
+-- Directory in your on-premises environment or in Amazon Web Services
+-- using AD Connector. This option also requires you to provide a Directory
+-- ID by using the @IdentityProviderDetails@ parameter.
+--
+-- Use the @API_GATEWAY@ value to integrate with an identity provider of
+-- your choosing. The @API_GATEWAY@ setting requires you to provide an
+-- Amazon API Gateway endpoint URL to call for authentication by using the
+-- @IdentityProviderDetails@ parameter.
+--
+-- Use the @AWS_LAMBDA@ value to directly use an Lambda function as your
+-- identity provider. If you choose this value, you must specify the ARN
+-- for the Lambda function in the @Function@ parameter or the
+-- @IdentityProviderDetails@ data type.
+--
+-- 'loggingRole', 'describedServer_loggingRole' - The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that allows a server to turn on Amazon CloudWatch logging for
+-- Amazon S3 or Amazon EFSevents. When set, you can view user activity in
+-- your CloudWatch logs.
+--
+-- 'postAuthenticationLoginBanner', 'describedServer_postAuthenticationLoginBanner' - Specifies a string to display when users connect to a server. This
+-- string is displayed after the user authenticates.
+--
+-- The SFTP protocol does not support post-authentication display banners.
+--
+-- 'preAuthenticationLoginBanner', 'describedServer_preAuthenticationLoginBanner' - Specifies a string to display when users connect to a server. This
+-- string is displayed before the user authenticates. For example, the
+-- following banner displays details about using the system:
+--
+-- @This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.@
+--
+-- 'protocolDetails', 'describedServer_protocolDetails' - The protocol settings that are configured for your server.
+--
+-- -   To indicate passive mode (for FTP and FTPS protocols), use the
+--     @PassiveIp@ parameter. Enter a single dotted-quad IPv4 address, such
+--     as the external IP address of a firewall, router, or load balancer.
+--
+-- -   To ignore the error that is generated when the client attempts to
+--     use the @SETSTAT@ command on a file that you are uploading to an
+--     Amazon S3 bucket, use the @SetStatOption@ parameter. To have the
+--     Transfer Family server ignore the @SETSTAT@ command and upload files
+--     without needing to make any changes to your SFTP client, set the
+--     value to @ENABLE_NO_OP@. If you set the @SetStatOption@ parameter to
+--     @ENABLE_NO_OP@, Transfer Family generates a log entry to Amazon
+--     CloudWatch Logs, so that you can determine when the client is making
+--     a @SETSTAT@ call.
+--
+-- -   To determine whether your Transfer Family server resumes recent,
+--     negotiated sessions through a unique session ID, use the
+--     @TlsSessionResumptionMode@ parameter.
+--
+-- -   @As2Transports@ indicates the transport method for the AS2 messages.
+--     Currently, only HTTP is supported.
+--
+-- 'protocols', 'describedServer_protocols' - Specifies the file transfer protocol or protocols over which your file
+-- transfer protocol client can connect to your server\'s endpoint. The
+-- available protocols are:
+--
+-- -   @SFTP@ (Secure Shell (SSH) File Transfer Protocol): File transfer
+--     over SSH
+--
+-- -   @FTPS@ (File Transfer Protocol Secure): File transfer with TLS
+--     encryption
+--
+-- -   @FTP@ (File Transfer Protocol): Unencrypted file transfer
+--
+-- -   @AS2@ (Applicability Statement 2): used for transporting structured
+--     business-to-business data
+--
+-- -   If you select @FTPS@, you must choose a certificate stored in
+--     Certificate Manager (ACM) which is used to identify your server when
+--     clients connect to it over FTPS.
+--
+-- -   If @Protocol@ includes either @FTP@ or @FTPS@, then the
+--     @EndpointType@ must be @VPC@ and the @IdentityProviderType@ must be
+--     @AWS_DIRECTORY_SERVICE@ or @API_GATEWAY@.
+--
+-- -   If @Protocol@ includes @FTP@, then @AddressAllocationIds@ cannot be
+--     associated.
+--
+-- -   If @Protocol@ is set only to @SFTP@, the @EndpointType@ can be set
+--     to @PUBLIC@ and the @IdentityProviderType@ can be set to
+--     @SERVICE_MANAGED@.
+--
+-- -   If @Protocol@ includes @AS2@, then the @EndpointType@ must be @VPC@,
+--     and domain must be Amazon S3.
+--
+-- 'securityPolicyName', 'describedServer_securityPolicyName' - Specifies the name of the security policy that is attached to the
+-- server.
+--
+-- 'serverId', 'describedServer_serverId' - Specifies the unique system-assigned identifier for a server that you
+-- instantiate.
+--
+-- 'state', 'describedServer_state' - The condition of the server that was described. A value of @ONLINE@
+-- indicates that the server can accept jobs and transfer files. A @State@
+-- value of @OFFLINE@ means that the server cannot perform file transfer
+-- operations.
+--
+-- The states of @STARTING@ and @STOPPING@ indicate that the server is in
+-- an intermediate state, either not fully able to respond, or not fully
+-- offline. The values of @START_FAILED@ or @STOP_FAILED@ can indicate an
+-- error condition.
+--
+-- 'tags', 'describedServer_tags' - Specifies the key-value pairs that you can use to search for and group
+-- servers that were assigned to the server that was described.
+--
+-- 'userCount', 'describedServer_userCount' - Specifies the number of users that are assigned to a server you
+-- specified with the @ServerId@.
+--
+-- 'workflowDetails', 'describedServer_workflowDetails' - Specifies the workflow ID for the workflow to assign and the execution
+-- role that\'s used for executing the workflow.
+--
+-- In additon to a workflow to execute when a file is uploaded completely,
+-- @WorkflowDeatails@ can also contain a workflow ID (and execution role)
+-- for a workflow to execute on partial upload. A partial upload occurs
+-- when a file is open when the session disconnects.
+--
+-- 'arn', 'describedServer_arn' - Specifies the unique Amazon Resource Name (ARN) of the server.
+newDescribedServer ::
+  -- | 'arn'
+  Prelude.Text ->
+  DescribedServer
+newDescribedServer pArn_ =
+  DescribedServer'
+    { certificate = Prelude.Nothing,
+      domain = Prelude.Nothing,
+      endpointDetails = Prelude.Nothing,
+      endpointType = Prelude.Nothing,
+      hostKeyFingerprint = Prelude.Nothing,
+      identityProviderDetails = Prelude.Nothing,
+      identityProviderType = Prelude.Nothing,
+      loggingRole = Prelude.Nothing,
+      postAuthenticationLoginBanner = Prelude.Nothing,
+      preAuthenticationLoginBanner = Prelude.Nothing,
+      protocolDetails = Prelude.Nothing,
+      protocols = Prelude.Nothing,
+      securityPolicyName = Prelude.Nothing,
+      serverId = Prelude.Nothing,
+      state = Prelude.Nothing,
+      tags = Prelude.Nothing,
+      userCount = Prelude.Nothing,
+      workflowDetails = Prelude.Nothing,
+      arn = pArn_
+    }
+
+-- | Specifies the ARN of the Amazon Web ServicesCertificate Manager (ACM)
+-- certificate. Required when @Protocols@ is set to @FTPS@.
+describedServer_certificate :: Lens.Lens' DescribedServer (Prelude.Maybe Prelude.Text)
+describedServer_certificate = Lens.lens (\DescribedServer' {certificate} -> certificate) (\s@DescribedServer' {} a -> s {certificate = a} :: DescribedServer)
+
+-- | Specifies the domain of the storage system that is used for file
+-- transfers.
+describedServer_domain :: Lens.Lens' DescribedServer (Prelude.Maybe Domain)
+describedServer_domain = Lens.lens (\DescribedServer' {domain} -> domain) (\s@DescribedServer' {} a -> s {domain = a} :: DescribedServer)
+
+-- | The virtual private cloud (VPC) endpoint settings that are configured
+-- for your server. When you host your endpoint within your VPC, you can
+-- make your endpoint accessible only to resources within your VPC, or you
+-- can attach Elastic IP addresses and make your endpoint accessible to
+-- clients over the internet. Your VPC\'s default security groups are
+-- automatically assigned to your endpoint.
+describedServer_endpointDetails :: Lens.Lens' DescribedServer (Prelude.Maybe EndpointDetails)
+describedServer_endpointDetails = Lens.lens (\DescribedServer' {endpointDetails} -> endpointDetails) (\s@DescribedServer' {} a -> s {endpointDetails = a} :: DescribedServer)
+
+-- | Defines the type of endpoint that your server is connected to. If your
+-- server is connected to a VPC endpoint, your server isn\'t accessible
+-- over the public internet.
+describedServer_endpointType :: Lens.Lens' DescribedServer (Prelude.Maybe EndpointType)
+describedServer_endpointType = Lens.lens (\DescribedServer' {endpointType} -> endpointType) (\s@DescribedServer' {} a -> s {endpointType = a} :: DescribedServer)
+
+-- | Specifies the Base64-encoded SHA256 fingerprint of the server\'s host
+-- key. This value is equivalent to the output of the
+-- @ssh-keygen -l -f my-new-server-key@ command.
+describedServer_hostKeyFingerprint :: Lens.Lens' DescribedServer (Prelude.Maybe Prelude.Text)
+describedServer_hostKeyFingerprint = Lens.lens (\DescribedServer' {hostKeyFingerprint} -> hostKeyFingerprint) (\s@DescribedServer' {} a -> s {hostKeyFingerprint = a} :: DescribedServer)
+
+-- | Specifies information to call a customer-supplied authentication API.
+-- This field is not populated when the @IdentityProviderType@ of a server
+-- is @AWS_DIRECTORY_SERVICE@ or @SERVICE_MANAGED@.
+describedServer_identityProviderDetails :: Lens.Lens' DescribedServer (Prelude.Maybe IdentityProviderDetails)
+describedServer_identityProviderDetails = Lens.lens (\DescribedServer' {identityProviderDetails} -> identityProviderDetails) (\s@DescribedServer' {} a -> s {identityProviderDetails = a} :: DescribedServer)
+
+-- | The mode of authentication for a server. The default value is
+-- @SERVICE_MANAGED@, which allows you to store and access user credentials
+-- within the Transfer Family service.
+--
+-- Use @AWS_DIRECTORY_SERVICE@ to provide access to Active Directory groups
+-- in Directory Service for Microsoft Active Directory or Microsoft Active
+-- Directory in your on-premises environment or in Amazon Web Services
+-- using AD Connector. This option also requires you to provide a Directory
+-- ID by using the @IdentityProviderDetails@ parameter.
+--
+-- Use the @API_GATEWAY@ value to integrate with an identity provider of
+-- your choosing. The @API_GATEWAY@ setting requires you to provide an
+-- Amazon API Gateway endpoint URL to call for authentication by using the
+-- @IdentityProviderDetails@ parameter.
+--
+-- Use the @AWS_LAMBDA@ value to directly use an Lambda function as your
+-- identity provider. If you choose this value, you must specify the ARN
+-- for the Lambda function in the @Function@ parameter or the
+-- @IdentityProviderDetails@ data type.
+describedServer_identityProviderType :: Lens.Lens' DescribedServer (Prelude.Maybe IdentityProviderType)
+describedServer_identityProviderType = Lens.lens (\DescribedServer' {identityProviderType} -> identityProviderType) (\s@DescribedServer' {} a -> s {identityProviderType = a} :: DescribedServer)
+
+-- | The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that allows a server to turn on Amazon CloudWatch logging for
+-- Amazon S3 or Amazon EFSevents. When set, you can view user activity in
+-- your CloudWatch logs.
+describedServer_loggingRole :: Lens.Lens' DescribedServer (Prelude.Maybe Prelude.Text)
+describedServer_loggingRole = Lens.lens (\DescribedServer' {loggingRole} -> loggingRole) (\s@DescribedServer' {} a -> s {loggingRole = a} :: DescribedServer)
+
+-- | Specifies a string to display when users connect to a server. This
+-- string is displayed after the user authenticates.
+--
+-- The SFTP protocol does not support post-authentication display banners.
+describedServer_postAuthenticationLoginBanner :: Lens.Lens' DescribedServer (Prelude.Maybe Prelude.Text)
+describedServer_postAuthenticationLoginBanner = Lens.lens (\DescribedServer' {postAuthenticationLoginBanner} -> postAuthenticationLoginBanner) (\s@DescribedServer' {} a -> s {postAuthenticationLoginBanner = a} :: DescribedServer)
+
+-- | Specifies a string to display when users connect to a server. This
+-- string is displayed before the user authenticates. For example, the
+-- following banner displays details about using the system:
+--
+-- @This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.@
+describedServer_preAuthenticationLoginBanner :: Lens.Lens' DescribedServer (Prelude.Maybe Prelude.Text)
+describedServer_preAuthenticationLoginBanner = Lens.lens (\DescribedServer' {preAuthenticationLoginBanner} -> preAuthenticationLoginBanner) (\s@DescribedServer' {} a -> s {preAuthenticationLoginBanner = a} :: DescribedServer)
+
+-- | The protocol settings that are configured for your server.
+--
+-- -   To indicate passive mode (for FTP and FTPS protocols), use the
+--     @PassiveIp@ parameter. Enter a single dotted-quad IPv4 address, such
+--     as the external IP address of a firewall, router, or load balancer.
+--
+-- -   To ignore the error that is generated when the client attempts to
+--     use the @SETSTAT@ command on a file that you are uploading to an
+--     Amazon S3 bucket, use the @SetStatOption@ parameter. To have the
+--     Transfer Family server ignore the @SETSTAT@ command and upload files
+--     without needing to make any changes to your SFTP client, set the
+--     value to @ENABLE_NO_OP@. If you set the @SetStatOption@ parameter to
+--     @ENABLE_NO_OP@, Transfer Family generates a log entry to Amazon
+--     CloudWatch Logs, so that you can determine when the client is making
+--     a @SETSTAT@ call.
+--
+-- -   To determine whether your Transfer Family server resumes recent,
+--     negotiated sessions through a unique session ID, use the
+--     @TlsSessionResumptionMode@ parameter.
+--
+-- -   @As2Transports@ indicates the transport method for the AS2 messages.
+--     Currently, only HTTP is supported.
+describedServer_protocolDetails :: Lens.Lens' DescribedServer (Prelude.Maybe ProtocolDetails)
+describedServer_protocolDetails = Lens.lens (\DescribedServer' {protocolDetails} -> protocolDetails) (\s@DescribedServer' {} a -> s {protocolDetails = a} :: DescribedServer)
+
+-- | Specifies the file transfer protocol or protocols over which your file
+-- transfer protocol client can connect to your server\'s endpoint. The
+-- available protocols are:
+--
+-- -   @SFTP@ (Secure Shell (SSH) File Transfer Protocol): File transfer
+--     over SSH
+--
+-- -   @FTPS@ (File Transfer Protocol Secure): File transfer with TLS
+--     encryption
+--
+-- -   @FTP@ (File Transfer Protocol): Unencrypted file transfer
+--
+-- -   @AS2@ (Applicability Statement 2): used for transporting structured
+--     business-to-business data
+--
+-- -   If you select @FTPS@, you must choose a certificate stored in
+--     Certificate Manager (ACM) which is used to identify your server when
+--     clients connect to it over FTPS.
+--
+-- -   If @Protocol@ includes either @FTP@ or @FTPS@, then the
+--     @EndpointType@ must be @VPC@ and the @IdentityProviderType@ must be
+--     @AWS_DIRECTORY_SERVICE@ or @API_GATEWAY@.
+--
+-- -   If @Protocol@ includes @FTP@, then @AddressAllocationIds@ cannot be
+--     associated.
+--
+-- -   If @Protocol@ is set only to @SFTP@, the @EndpointType@ can be set
+--     to @PUBLIC@ and the @IdentityProviderType@ can be set to
+--     @SERVICE_MANAGED@.
+--
+-- -   If @Protocol@ includes @AS2@, then the @EndpointType@ must be @VPC@,
+--     and domain must be Amazon S3.
+describedServer_protocols :: Lens.Lens' DescribedServer (Prelude.Maybe (Prelude.NonEmpty Protocol))
+describedServer_protocols = Lens.lens (\DescribedServer' {protocols} -> protocols) (\s@DescribedServer' {} a -> s {protocols = a} :: DescribedServer) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies the name of the security policy that is attached to the
+-- server.
+describedServer_securityPolicyName :: Lens.Lens' DescribedServer (Prelude.Maybe Prelude.Text)
+describedServer_securityPolicyName = Lens.lens (\DescribedServer' {securityPolicyName} -> securityPolicyName) (\s@DescribedServer' {} a -> s {securityPolicyName = a} :: DescribedServer)
+
+-- | Specifies the unique system-assigned identifier for a server that you
+-- instantiate.
+describedServer_serverId :: Lens.Lens' DescribedServer (Prelude.Maybe Prelude.Text)
+describedServer_serverId = Lens.lens (\DescribedServer' {serverId} -> serverId) (\s@DescribedServer' {} a -> s {serverId = a} :: DescribedServer)
+
+-- | The condition of the server that was described. A value of @ONLINE@
+-- indicates that the server can accept jobs and transfer files. A @State@
+-- value of @OFFLINE@ means that the server cannot perform file transfer
+-- operations.
+--
+-- The states of @STARTING@ and @STOPPING@ indicate that the server is in
+-- an intermediate state, either not fully able to respond, or not fully
+-- offline. The values of @START_FAILED@ or @STOP_FAILED@ can indicate an
+-- error condition.
+describedServer_state :: Lens.Lens' DescribedServer (Prelude.Maybe State)
+describedServer_state = Lens.lens (\DescribedServer' {state} -> state) (\s@DescribedServer' {} a -> s {state = a} :: DescribedServer)
+
+-- | Specifies the key-value pairs that you can use to search for and group
+-- servers that were assigned to the server that was described.
+describedServer_tags :: Lens.Lens' DescribedServer (Prelude.Maybe (Prelude.NonEmpty Tag))
+describedServer_tags = Lens.lens (\DescribedServer' {tags} -> tags) (\s@DescribedServer' {} a -> s {tags = a} :: DescribedServer) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies the number of users that are assigned to a server you
+-- specified with the @ServerId@.
+describedServer_userCount :: Lens.Lens' DescribedServer (Prelude.Maybe Prelude.Int)
+describedServer_userCount = Lens.lens (\DescribedServer' {userCount} -> userCount) (\s@DescribedServer' {} a -> s {userCount = a} :: DescribedServer)
+
+-- | Specifies the workflow ID for the workflow to assign and the execution
+-- role that\'s used for executing the workflow.
+--
+-- In additon to a workflow to execute when a file is uploaded completely,
+-- @WorkflowDeatails@ can also contain a workflow ID (and execution role)
+-- for a workflow to execute on partial upload. A partial upload occurs
+-- when a file is open when the session disconnects.
+describedServer_workflowDetails :: Lens.Lens' DescribedServer (Prelude.Maybe WorkflowDetails)
+describedServer_workflowDetails = Lens.lens (\DescribedServer' {workflowDetails} -> workflowDetails) (\s@DescribedServer' {} a -> s {workflowDetails = a} :: DescribedServer)
+
+-- | Specifies the unique Amazon Resource Name (ARN) of the server.
+describedServer_arn :: Lens.Lens' DescribedServer Prelude.Text
+describedServer_arn = Lens.lens (\DescribedServer' {arn} -> arn) (\s@DescribedServer' {} a -> s {arn = a} :: DescribedServer)
+
+instance Data.FromJSON DescribedServer where
+  parseJSON =
+    Data.withObject
+      "DescribedServer"
+      ( \x ->
+          DescribedServer'
+            Prelude.<$> (x Data..:? "Certificate")
+            Prelude.<*> (x Data..:? "Domain")
+            Prelude.<*> (x Data..:? "EndpointDetails")
+            Prelude.<*> (x Data..:? "EndpointType")
+            Prelude.<*> (x Data..:? "HostKeyFingerprint")
+            Prelude.<*> (x Data..:? "IdentityProviderDetails")
+            Prelude.<*> (x Data..:? "IdentityProviderType")
+            Prelude.<*> (x Data..:? "LoggingRole")
+            Prelude.<*> (x Data..:? "PostAuthenticationLoginBanner")
+            Prelude.<*> (x Data..:? "PreAuthenticationLoginBanner")
+            Prelude.<*> (x Data..:? "ProtocolDetails")
+            Prelude.<*> (x Data..:? "Protocols")
+            Prelude.<*> (x Data..:? "SecurityPolicyName")
+            Prelude.<*> (x Data..:? "ServerId")
+            Prelude.<*> (x Data..:? "State")
+            Prelude.<*> (x Data..:? "Tags")
+            Prelude.<*> (x Data..:? "UserCount")
+            Prelude.<*> (x Data..:? "WorkflowDetails")
+            Prelude.<*> (x Data..: "Arn")
+      )
+
+instance Prelude.Hashable DescribedServer where
+  hashWithSalt _salt DescribedServer' {..} =
+    _salt
+      `Prelude.hashWithSalt` certificate
+      `Prelude.hashWithSalt` domain
+      `Prelude.hashWithSalt` endpointDetails
+      `Prelude.hashWithSalt` endpointType
+      `Prelude.hashWithSalt` hostKeyFingerprint
+      `Prelude.hashWithSalt` identityProviderDetails
+      `Prelude.hashWithSalt` identityProviderType
+      `Prelude.hashWithSalt` loggingRole
+      `Prelude.hashWithSalt` postAuthenticationLoginBanner
+      `Prelude.hashWithSalt` preAuthenticationLoginBanner
+      `Prelude.hashWithSalt` protocolDetails
+      `Prelude.hashWithSalt` protocols
+      `Prelude.hashWithSalt` securityPolicyName
+      `Prelude.hashWithSalt` serverId
+      `Prelude.hashWithSalt` state
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` userCount
+      `Prelude.hashWithSalt` workflowDetails
+      `Prelude.hashWithSalt` arn
+
+instance Prelude.NFData DescribedServer where
+  rnf DescribedServer' {..} =
+    Prelude.rnf certificate
+      `Prelude.seq` Prelude.rnf domain
+      `Prelude.seq` Prelude.rnf endpointDetails
+      `Prelude.seq` Prelude.rnf endpointType
+      `Prelude.seq` Prelude.rnf hostKeyFingerprint
+      `Prelude.seq` Prelude.rnf identityProviderDetails
+      `Prelude.seq` Prelude.rnf identityProviderType
+      `Prelude.seq` Prelude.rnf loggingRole
+      `Prelude.seq` Prelude.rnf postAuthenticationLoginBanner
+      `Prelude.seq` Prelude.rnf preAuthenticationLoginBanner
+      `Prelude.seq` Prelude.rnf protocolDetails
+      `Prelude.seq` Prelude.rnf protocols
+      `Prelude.seq` Prelude.rnf securityPolicyName
+      `Prelude.seq` Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf state
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf userCount
+      `Prelude.seq` Prelude.rnf workflowDetails
+      `Prelude.seq` Prelude.rnf arn
diff --git a/gen/Amazonka/Transfer/Types/DescribedUser.hs b/gen/Amazonka/Transfer/Types/DescribedUser.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/DescribedUser.hs
@@ -0,0 +1,310 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.DescribedUser
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.DescribedUser where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.HomeDirectoryMapEntry
+import Amazonka.Transfer.Types.HomeDirectoryType
+import Amazonka.Transfer.Types.PosixProfile
+import Amazonka.Transfer.Types.SshPublicKey
+import Amazonka.Transfer.Types.Tag
+
+-- | Describes the properties of a user that was specified.
+--
+-- /See:/ 'newDescribedUser' smart constructor.
+data DescribedUser = DescribedUser'
+  { -- | The landing directory (folder) for a user when they log in to the server
+    -- using the client.
+    --
+    -- A @HomeDirectory@ example is @\/bucket_name\/home\/mydirectory@.
+    homeDirectory :: Prelude.Maybe Prelude.Text,
+    -- | Logical directory mappings that specify what Amazon S3 or Amazon EFS
+    -- paths and keys should be visible to your user and how you want to make
+    -- them visible. You must specify the @Entry@ and @Target@ pair, where
+    -- @Entry@ shows how the path is made visible and @Target@ is the actual
+    -- Amazon S3 or Amazon EFS path. If you only specify a target, it is
+    -- displayed as is. You also must ensure that your Identity and Access
+    -- Management (IAM) role provides access to paths in @Target@. This value
+    -- can be set only when @HomeDirectoryType@ is set to /LOGICAL/.
+    --
+    -- In most cases, you can use this value instead of the session policy to
+    -- lock your user down to the designated home directory (\"@chroot@\"). To
+    -- do this, you can set @Entry@ to \'\/\' and set @Target@ to the
+    -- HomeDirectory parameter value.
+    homeDirectoryMappings :: Prelude.Maybe (Prelude.NonEmpty HomeDirectoryMapEntry),
+    -- | The type of landing directory (folder) that you want your users\' home
+    -- directory to be when they log in to the server. If you set it to @PATH@,
+    -- the user will see the absolute Amazon S3 bucket or EFS paths as is in
+    -- their file transfer protocol clients. If you set it @LOGICAL@, you need
+    -- to provide mappings in the @HomeDirectoryMappings@ for how you want to
+    -- make Amazon S3 or Amazon EFS paths visible to your users.
+    homeDirectoryType :: Prelude.Maybe HomeDirectoryType,
+    -- | A session policy for your user so that you can use the same Identity and
+    -- Access Management (IAM) role across multiple users. This policy scopes
+    -- down a user\'s access to portions of their Amazon S3 bucket. Variables
+    -- that you can use inside this policy include @${Transfer:UserName}@,
+    -- @${Transfer:HomeDirectory}@, and @${Transfer:HomeBucket}@.
+    policy :: Prelude.Maybe Prelude.Text,
+    -- | Specifies the full POSIX identity, including user ID (@Uid@), group ID
+    -- (@Gid@), and any secondary groups IDs (@SecondaryGids@), that controls
+    -- your users\' access to your Amazon Elastic File System (Amazon EFS) file
+    -- systems. The POSIX permissions that are set on files and directories in
+    -- your file system determine the level of access your users get when
+    -- transferring files into and out of your Amazon EFS file systems.
+    posixProfile :: Prelude.Maybe PosixProfile,
+    -- | The Amazon Resource Name (ARN) of the Identity and Access Management
+    -- (IAM) role that controls your users\' access to your Amazon S3 bucket or
+    -- Amazon EFS file system. The policies attached to this role determine the
+    -- level of access that you want to provide your users when transferring
+    -- files into and out of your Amazon S3 bucket or Amazon EFS file system.
+    -- The IAM role should also contain a trust relationship that allows the
+    -- server to access your resources when servicing your users\' transfer
+    -- requests.
+    role' :: Prelude.Maybe Prelude.Text,
+    -- | Specifies the public key portion of the Secure Shell (SSH) keys stored
+    -- for the described user.
+    sshPublicKeys :: Prelude.Maybe [SshPublicKey],
+    -- | Specifies the key-value pairs for the user requested. Tag can be used to
+    -- search for and group users for a variety of purposes.
+    tags :: Prelude.Maybe (Prelude.NonEmpty Tag),
+    -- | Specifies the name of the user that was requested to be described. User
+    -- names are used for authentication purposes. This is the string that will
+    -- be used by your user when they log in to your server.
+    userName :: Prelude.Maybe Prelude.Text,
+    -- | Specifies the unique Amazon Resource Name (ARN) for the user that was
+    -- requested to be described.
+    arn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribedUser' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'homeDirectory', 'describedUser_homeDirectory' - The landing directory (folder) for a user when they log in to the server
+-- using the client.
+--
+-- A @HomeDirectory@ example is @\/bucket_name\/home\/mydirectory@.
+--
+-- 'homeDirectoryMappings', 'describedUser_homeDirectoryMappings' - Logical directory mappings that specify what Amazon S3 or Amazon EFS
+-- paths and keys should be visible to your user and how you want to make
+-- them visible. You must specify the @Entry@ and @Target@ pair, where
+-- @Entry@ shows how the path is made visible and @Target@ is the actual
+-- Amazon S3 or Amazon EFS path. If you only specify a target, it is
+-- displayed as is. You also must ensure that your Identity and Access
+-- Management (IAM) role provides access to paths in @Target@. This value
+-- can be set only when @HomeDirectoryType@ is set to /LOGICAL/.
+--
+-- In most cases, you can use this value instead of the session policy to
+-- lock your user down to the designated home directory (\"@chroot@\"). To
+-- do this, you can set @Entry@ to \'\/\' and set @Target@ to the
+-- HomeDirectory parameter value.
+--
+-- 'homeDirectoryType', 'describedUser_homeDirectoryType' - The type of landing directory (folder) that you want your users\' home
+-- directory to be when they log in to the server. If you set it to @PATH@,
+-- the user will see the absolute Amazon S3 bucket or EFS paths as is in
+-- their file transfer protocol clients. If you set it @LOGICAL@, you need
+-- to provide mappings in the @HomeDirectoryMappings@ for how you want to
+-- make Amazon S3 or Amazon EFS paths visible to your users.
+--
+-- 'policy', 'describedUser_policy' - A session policy for your user so that you can use the same Identity and
+-- Access Management (IAM) role across multiple users. This policy scopes
+-- down a user\'s access to portions of their Amazon S3 bucket. Variables
+-- that you can use inside this policy include @${Transfer:UserName}@,
+-- @${Transfer:HomeDirectory}@, and @${Transfer:HomeBucket}@.
+--
+-- 'posixProfile', 'describedUser_posixProfile' - Specifies the full POSIX identity, including user ID (@Uid@), group ID
+-- (@Gid@), and any secondary groups IDs (@SecondaryGids@), that controls
+-- your users\' access to your Amazon Elastic File System (Amazon EFS) file
+-- systems. The POSIX permissions that are set on files and directories in
+-- your file system determine the level of access your users get when
+-- transferring files into and out of your Amazon EFS file systems.
+--
+-- 'role'', 'describedUser_role' - The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that controls your users\' access to your Amazon S3 bucket or
+-- Amazon EFS file system. The policies attached to this role determine the
+-- level of access that you want to provide your users when transferring
+-- files into and out of your Amazon S3 bucket or Amazon EFS file system.
+-- The IAM role should also contain a trust relationship that allows the
+-- server to access your resources when servicing your users\' transfer
+-- requests.
+--
+-- 'sshPublicKeys', 'describedUser_sshPublicKeys' - Specifies the public key portion of the Secure Shell (SSH) keys stored
+-- for the described user.
+--
+-- 'tags', 'describedUser_tags' - Specifies the key-value pairs for the user requested. Tag can be used to
+-- search for and group users for a variety of purposes.
+--
+-- 'userName', 'describedUser_userName' - Specifies the name of the user that was requested to be described. User
+-- names are used for authentication purposes. This is the string that will
+-- be used by your user when they log in to your server.
+--
+-- 'arn', 'describedUser_arn' - Specifies the unique Amazon Resource Name (ARN) for the user that was
+-- requested to be described.
+newDescribedUser ::
+  -- | 'arn'
+  Prelude.Text ->
+  DescribedUser
+newDescribedUser pArn_ =
+  DescribedUser'
+    { homeDirectory = Prelude.Nothing,
+      homeDirectoryMappings = Prelude.Nothing,
+      homeDirectoryType = Prelude.Nothing,
+      policy = Prelude.Nothing,
+      posixProfile = Prelude.Nothing,
+      role' = Prelude.Nothing,
+      sshPublicKeys = Prelude.Nothing,
+      tags = Prelude.Nothing,
+      userName = Prelude.Nothing,
+      arn = pArn_
+    }
+
+-- | The landing directory (folder) for a user when they log in to the server
+-- using the client.
+--
+-- A @HomeDirectory@ example is @\/bucket_name\/home\/mydirectory@.
+describedUser_homeDirectory :: Lens.Lens' DescribedUser (Prelude.Maybe Prelude.Text)
+describedUser_homeDirectory = Lens.lens (\DescribedUser' {homeDirectory} -> homeDirectory) (\s@DescribedUser' {} a -> s {homeDirectory = a} :: DescribedUser)
+
+-- | Logical directory mappings that specify what Amazon S3 or Amazon EFS
+-- paths and keys should be visible to your user and how you want to make
+-- them visible. You must specify the @Entry@ and @Target@ pair, where
+-- @Entry@ shows how the path is made visible and @Target@ is the actual
+-- Amazon S3 or Amazon EFS path. If you only specify a target, it is
+-- displayed as is. You also must ensure that your Identity and Access
+-- Management (IAM) role provides access to paths in @Target@. This value
+-- can be set only when @HomeDirectoryType@ is set to /LOGICAL/.
+--
+-- In most cases, you can use this value instead of the session policy to
+-- lock your user down to the designated home directory (\"@chroot@\"). To
+-- do this, you can set @Entry@ to \'\/\' and set @Target@ to the
+-- HomeDirectory parameter value.
+describedUser_homeDirectoryMappings :: Lens.Lens' DescribedUser (Prelude.Maybe (Prelude.NonEmpty HomeDirectoryMapEntry))
+describedUser_homeDirectoryMappings = Lens.lens (\DescribedUser' {homeDirectoryMappings} -> homeDirectoryMappings) (\s@DescribedUser' {} a -> s {homeDirectoryMappings = a} :: DescribedUser) Prelude.. Lens.mapping Lens.coerced
+
+-- | The type of landing directory (folder) that you want your users\' home
+-- directory to be when they log in to the server. If you set it to @PATH@,
+-- the user will see the absolute Amazon S3 bucket or EFS paths as is in
+-- their file transfer protocol clients. If you set it @LOGICAL@, you need
+-- to provide mappings in the @HomeDirectoryMappings@ for how you want to
+-- make Amazon S3 or Amazon EFS paths visible to your users.
+describedUser_homeDirectoryType :: Lens.Lens' DescribedUser (Prelude.Maybe HomeDirectoryType)
+describedUser_homeDirectoryType = Lens.lens (\DescribedUser' {homeDirectoryType} -> homeDirectoryType) (\s@DescribedUser' {} a -> s {homeDirectoryType = a} :: DescribedUser)
+
+-- | A session policy for your user so that you can use the same Identity and
+-- Access Management (IAM) role across multiple users. This policy scopes
+-- down a user\'s access to portions of their Amazon S3 bucket. Variables
+-- that you can use inside this policy include @${Transfer:UserName}@,
+-- @${Transfer:HomeDirectory}@, and @${Transfer:HomeBucket}@.
+describedUser_policy :: Lens.Lens' DescribedUser (Prelude.Maybe Prelude.Text)
+describedUser_policy = Lens.lens (\DescribedUser' {policy} -> policy) (\s@DescribedUser' {} a -> s {policy = a} :: DescribedUser)
+
+-- | Specifies the full POSIX identity, including user ID (@Uid@), group ID
+-- (@Gid@), and any secondary groups IDs (@SecondaryGids@), that controls
+-- your users\' access to your Amazon Elastic File System (Amazon EFS) file
+-- systems. The POSIX permissions that are set on files and directories in
+-- your file system determine the level of access your users get when
+-- transferring files into and out of your Amazon EFS file systems.
+describedUser_posixProfile :: Lens.Lens' DescribedUser (Prelude.Maybe PosixProfile)
+describedUser_posixProfile = Lens.lens (\DescribedUser' {posixProfile} -> posixProfile) (\s@DescribedUser' {} a -> s {posixProfile = a} :: DescribedUser)
+
+-- | The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that controls your users\' access to your Amazon S3 bucket or
+-- Amazon EFS file system. The policies attached to this role determine the
+-- level of access that you want to provide your users when transferring
+-- files into and out of your Amazon S3 bucket or Amazon EFS file system.
+-- The IAM role should also contain a trust relationship that allows the
+-- server to access your resources when servicing your users\' transfer
+-- requests.
+describedUser_role :: Lens.Lens' DescribedUser (Prelude.Maybe Prelude.Text)
+describedUser_role = Lens.lens (\DescribedUser' {role'} -> role') (\s@DescribedUser' {} a -> s {role' = a} :: DescribedUser)
+
+-- | Specifies the public key portion of the Secure Shell (SSH) keys stored
+-- for the described user.
+describedUser_sshPublicKeys :: Lens.Lens' DescribedUser (Prelude.Maybe [SshPublicKey])
+describedUser_sshPublicKeys = Lens.lens (\DescribedUser' {sshPublicKeys} -> sshPublicKeys) (\s@DescribedUser' {} a -> s {sshPublicKeys = a} :: DescribedUser) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies the key-value pairs for the user requested. Tag can be used to
+-- search for and group users for a variety of purposes.
+describedUser_tags :: Lens.Lens' DescribedUser (Prelude.Maybe (Prelude.NonEmpty Tag))
+describedUser_tags = Lens.lens (\DescribedUser' {tags} -> tags) (\s@DescribedUser' {} a -> s {tags = a} :: DescribedUser) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies the name of the user that was requested to be described. User
+-- names are used for authentication purposes. This is the string that will
+-- be used by your user when they log in to your server.
+describedUser_userName :: Lens.Lens' DescribedUser (Prelude.Maybe Prelude.Text)
+describedUser_userName = Lens.lens (\DescribedUser' {userName} -> userName) (\s@DescribedUser' {} a -> s {userName = a} :: DescribedUser)
+
+-- | Specifies the unique Amazon Resource Name (ARN) for the user that was
+-- requested to be described.
+describedUser_arn :: Lens.Lens' DescribedUser Prelude.Text
+describedUser_arn = Lens.lens (\DescribedUser' {arn} -> arn) (\s@DescribedUser' {} a -> s {arn = a} :: DescribedUser)
+
+instance Data.FromJSON DescribedUser where
+  parseJSON =
+    Data.withObject
+      "DescribedUser"
+      ( \x ->
+          DescribedUser'
+            Prelude.<$> (x Data..:? "HomeDirectory")
+            Prelude.<*> (x Data..:? "HomeDirectoryMappings")
+            Prelude.<*> (x Data..:? "HomeDirectoryType")
+            Prelude.<*> (x Data..:? "Policy")
+            Prelude.<*> (x Data..:? "PosixProfile")
+            Prelude.<*> (x Data..:? "Role")
+            Prelude.<*> (x Data..:? "SshPublicKeys" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..:? "Tags")
+            Prelude.<*> (x Data..:? "UserName")
+            Prelude.<*> (x Data..: "Arn")
+      )
+
+instance Prelude.Hashable DescribedUser where
+  hashWithSalt _salt DescribedUser' {..} =
+    _salt
+      `Prelude.hashWithSalt` homeDirectory
+      `Prelude.hashWithSalt` homeDirectoryMappings
+      `Prelude.hashWithSalt` homeDirectoryType
+      `Prelude.hashWithSalt` policy
+      `Prelude.hashWithSalt` posixProfile
+      `Prelude.hashWithSalt` role'
+      `Prelude.hashWithSalt` sshPublicKeys
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` userName
+      `Prelude.hashWithSalt` arn
+
+instance Prelude.NFData DescribedUser where
+  rnf DescribedUser' {..} =
+    Prelude.rnf homeDirectory
+      `Prelude.seq` Prelude.rnf homeDirectoryMappings
+      `Prelude.seq` Prelude.rnf homeDirectoryType
+      `Prelude.seq` Prelude.rnf policy
+      `Prelude.seq` Prelude.rnf posixProfile
+      `Prelude.seq` Prelude.rnf role'
+      `Prelude.seq` Prelude.rnf sshPublicKeys
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf userName
+      `Prelude.seq` Prelude.rnf arn
diff --git a/gen/Amazonka/Transfer/Types/DescribedWorkflow.hs b/gen/Amazonka/Transfer/Types/DescribedWorkflow.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/DescribedWorkflow.hs
@@ -0,0 +1,145 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.DescribedWorkflow
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.DescribedWorkflow where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.Tag
+import Amazonka.Transfer.Types.WorkflowStep
+
+-- | Describes the properties of the specified workflow
+--
+-- /See:/ 'newDescribedWorkflow' smart constructor.
+data DescribedWorkflow = DescribedWorkflow'
+  { -- | Specifies the text description for the workflow.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | Specifies the steps (actions) to take if errors are encountered during
+    -- execution of the workflow.
+    onExceptionSteps :: Prelude.Maybe [WorkflowStep],
+    -- | Specifies the details for the steps that are in the specified workflow.
+    steps :: Prelude.Maybe [WorkflowStep],
+    -- | Key-value pairs that can be used to group and search for workflows. Tags
+    -- are metadata attached to workflows for any purpose.
+    tags :: Prelude.Maybe (Prelude.NonEmpty Tag),
+    -- | A unique identifier for the workflow.
+    workflowId :: Prelude.Maybe Prelude.Text,
+    -- | Specifies the unique Amazon Resource Name (ARN) for the workflow.
+    arn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DescribedWorkflow' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'description', 'describedWorkflow_description' - Specifies the text description for the workflow.
+--
+-- 'onExceptionSteps', 'describedWorkflow_onExceptionSteps' - Specifies the steps (actions) to take if errors are encountered during
+-- execution of the workflow.
+--
+-- 'steps', 'describedWorkflow_steps' - Specifies the details for the steps that are in the specified workflow.
+--
+-- 'tags', 'describedWorkflow_tags' - Key-value pairs that can be used to group and search for workflows. Tags
+-- are metadata attached to workflows for any purpose.
+--
+-- 'workflowId', 'describedWorkflow_workflowId' - A unique identifier for the workflow.
+--
+-- 'arn', 'describedWorkflow_arn' - Specifies the unique Amazon Resource Name (ARN) for the workflow.
+newDescribedWorkflow ::
+  -- | 'arn'
+  Prelude.Text ->
+  DescribedWorkflow
+newDescribedWorkflow pArn_ =
+  DescribedWorkflow'
+    { description = Prelude.Nothing,
+      onExceptionSteps = Prelude.Nothing,
+      steps = Prelude.Nothing,
+      tags = Prelude.Nothing,
+      workflowId = Prelude.Nothing,
+      arn = pArn_
+    }
+
+-- | Specifies the text description for the workflow.
+describedWorkflow_description :: Lens.Lens' DescribedWorkflow (Prelude.Maybe Prelude.Text)
+describedWorkflow_description = Lens.lens (\DescribedWorkflow' {description} -> description) (\s@DescribedWorkflow' {} a -> s {description = a} :: DescribedWorkflow)
+
+-- | Specifies the steps (actions) to take if errors are encountered during
+-- execution of the workflow.
+describedWorkflow_onExceptionSteps :: Lens.Lens' DescribedWorkflow (Prelude.Maybe [WorkflowStep])
+describedWorkflow_onExceptionSteps = Lens.lens (\DescribedWorkflow' {onExceptionSteps} -> onExceptionSteps) (\s@DescribedWorkflow' {} a -> s {onExceptionSteps = a} :: DescribedWorkflow) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies the details for the steps that are in the specified workflow.
+describedWorkflow_steps :: Lens.Lens' DescribedWorkflow (Prelude.Maybe [WorkflowStep])
+describedWorkflow_steps = Lens.lens (\DescribedWorkflow' {steps} -> steps) (\s@DescribedWorkflow' {} a -> s {steps = a} :: DescribedWorkflow) Prelude.. Lens.mapping Lens.coerced
+
+-- | Key-value pairs that can be used to group and search for workflows. Tags
+-- are metadata attached to workflows for any purpose.
+describedWorkflow_tags :: Lens.Lens' DescribedWorkflow (Prelude.Maybe (Prelude.NonEmpty Tag))
+describedWorkflow_tags = Lens.lens (\DescribedWorkflow' {tags} -> tags) (\s@DescribedWorkflow' {} a -> s {tags = a} :: DescribedWorkflow) Prelude.. Lens.mapping Lens.coerced
+
+-- | A unique identifier for the workflow.
+describedWorkflow_workflowId :: Lens.Lens' DescribedWorkflow (Prelude.Maybe Prelude.Text)
+describedWorkflow_workflowId = Lens.lens (\DescribedWorkflow' {workflowId} -> workflowId) (\s@DescribedWorkflow' {} a -> s {workflowId = a} :: DescribedWorkflow)
+
+-- | Specifies the unique Amazon Resource Name (ARN) for the workflow.
+describedWorkflow_arn :: Lens.Lens' DescribedWorkflow Prelude.Text
+describedWorkflow_arn = Lens.lens (\DescribedWorkflow' {arn} -> arn) (\s@DescribedWorkflow' {} a -> s {arn = a} :: DescribedWorkflow)
+
+instance Data.FromJSON DescribedWorkflow where
+  parseJSON =
+    Data.withObject
+      "DescribedWorkflow"
+      ( \x ->
+          DescribedWorkflow'
+            Prelude.<$> (x Data..:? "Description")
+            Prelude.<*> ( x
+                            Data..:? "OnExceptionSteps"
+                            Data..!= Prelude.mempty
+                        )
+            Prelude.<*> (x Data..:? "Steps" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..:? "Tags")
+            Prelude.<*> (x Data..:? "WorkflowId")
+            Prelude.<*> (x Data..: "Arn")
+      )
+
+instance Prelude.Hashable DescribedWorkflow where
+  hashWithSalt _salt DescribedWorkflow' {..} =
+    _salt
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` onExceptionSteps
+      `Prelude.hashWithSalt` steps
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` workflowId
+      `Prelude.hashWithSalt` arn
+
+instance Prelude.NFData DescribedWorkflow where
+  rnf DescribedWorkflow' {..} =
+    Prelude.rnf description
+      `Prelude.seq` Prelude.rnf onExceptionSteps
+      `Prelude.seq` Prelude.rnf steps
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf workflowId
+      `Prelude.seq` Prelude.rnf arn
diff --git a/gen/Amazonka/Transfer/Types/Domain.hs b/gen/Amazonka/Transfer/Types/Domain.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/Domain.hs
@@ -0,0 +1,68 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.Domain
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.Domain
+  ( Domain
+      ( ..,
+        Domain_EFS,
+        Domain_S3
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype Domain = Domain' {fromDomain :: Data.Text}
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern Domain_EFS :: Domain
+pattern Domain_EFS = Domain' "EFS"
+
+pattern Domain_S3 :: Domain
+pattern Domain_S3 = Domain' "S3"
+
+{-# COMPLETE
+  Domain_EFS,
+  Domain_S3,
+  Domain'
+  #-}
diff --git a/gen/Amazonka/Transfer/Types/EfsFileLocation.hs b/gen/Amazonka/Transfer/Types/EfsFileLocation.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/EfsFileLocation.hs
@@ -0,0 +1,93 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.EfsFileLocation
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.EfsFileLocation where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Reserved for future use.
+--
+-- /See:/ 'newEfsFileLocation' smart constructor.
+data EfsFileLocation = EfsFileLocation'
+  { -- | The identifier of the file system, assigned by Amazon EFS.
+    fileSystemId :: Prelude.Maybe Prelude.Text,
+    -- | The pathname for the folder being used by a workflow.
+    path :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'EfsFileLocation' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'fileSystemId', 'efsFileLocation_fileSystemId' - The identifier of the file system, assigned by Amazon EFS.
+--
+-- 'path', 'efsFileLocation_path' - The pathname for the folder being used by a workflow.
+newEfsFileLocation ::
+  EfsFileLocation
+newEfsFileLocation =
+  EfsFileLocation'
+    { fileSystemId = Prelude.Nothing,
+      path = Prelude.Nothing
+    }
+
+-- | The identifier of the file system, assigned by Amazon EFS.
+efsFileLocation_fileSystemId :: Lens.Lens' EfsFileLocation (Prelude.Maybe Prelude.Text)
+efsFileLocation_fileSystemId = Lens.lens (\EfsFileLocation' {fileSystemId} -> fileSystemId) (\s@EfsFileLocation' {} a -> s {fileSystemId = a} :: EfsFileLocation)
+
+-- | The pathname for the folder being used by a workflow.
+efsFileLocation_path :: Lens.Lens' EfsFileLocation (Prelude.Maybe Prelude.Text)
+efsFileLocation_path = Lens.lens (\EfsFileLocation' {path} -> path) (\s@EfsFileLocation' {} a -> s {path = a} :: EfsFileLocation)
+
+instance Data.FromJSON EfsFileLocation where
+  parseJSON =
+    Data.withObject
+      "EfsFileLocation"
+      ( \x ->
+          EfsFileLocation'
+            Prelude.<$> (x Data..:? "FileSystemId")
+            Prelude.<*> (x Data..:? "Path")
+      )
+
+instance Prelude.Hashable EfsFileLocation where
+  hashWithSalt _salt EfsFileLocation' {..} =
+    _salt
+      `Prelude.hashWithSalt` fileSystemId
+      `Prelude.hashWithSalt` path
+
+instance Prelude.NFData EfsFileLocation where
+  rnf EfsFileLocation' {..} =
+    Prelude.rnf fileSystemId
+      `Prelude.seq` Prelude.rnf path
+
+instance Data.ToJSON EfsFileLocation where
+  toJSON EfsFileLocation' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("FileSystemId" Data..=) Prelude.<$> fileSystemId,
+            ("Path" Data..=) Prelude.<$> path
+          ]
+      )
diff --git a/gen/Amazonka/Transfer/Types/EncryptionAlg.hs b/gen/Amazonka/Transfer/Types/EncryptionAlg.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/EncryptionAlg.hs
@@ -0,0 +1,81 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.EncryptionAlg
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.EncryptionAlg
+  ( EncryptionAlg
+      ( ..,
+        EncryptionAlg_AES128_CBC,
+        EncryptionAlg_AES192_CBC,
+        EncryptionAlg_AES256_CBC,
+        EncryptionAlg_NONE
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype EncryptionAlg = EncryptionAlg'
+  { fromEncryptionAlg ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern EncryptionAlg_AES128_CBC :: EncryptionAlg
+pattern EncryptionAlg_AES128_CBC = EncryptionAlg' "AES128_CBC"
+
+pattern EncryptionAlg_AES192_CBC :: EncryptionAlg
+pattern EncryptionAlg_AES192_CBC = EncryptionAlg' "AES192_CBC"
+
+pattern EncryptionAlg_AES256_CBC :: EncryptionAlg
+pattern EncryptionAlg_AES256_CBC = EncryptionAlg' "AES256_CBC"
+
+pattern EncryptionAlg_NONE :: EncryptionAlg
+pattern EncryptionAlg_NONE = EncryptionAlg' "NONE"
+
+{-# COMPLETE
+  EncryptionAlg_AES128_CBC,
+  EncryptionAlg_AES192_CBC,
+  EncryptionAlg_AES256_CBC,
+  EncryptionAlg_NONE,
+  EncryptionAlg'
+  #-}
diff --git a/gen/Amazonka/Transfer/Types/EncryptionType.hs b/gen/Amazonka/Transfer/Types/EncryptionType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/EncryptionType.hs
@@ -0,0 +1,66 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.EncryptionType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.EncryptionType
+  ( EncryptionType
+      ( ..,
+        EncryptionType_PGP
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype EncryptionType = EncryptionType'
+  { fromEncryptionType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern EncryptionType_PGP :: EncryptionType
+pattern EncryptionType_PGP = EncryptionType' "PGP"
+
+{-# COMPLETE
+  EncryptionType_PGP,
+  EncryptionType'
+  #-}
diff --git a/gen/Amazonka/Transfer/Types/EndpointDetails.hs b/gen/Amazonka/Transfer/Types/EndpointDetails.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/EndpointDetails.hs
@@ -0,0 +1,236 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.EndpointDetails
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.EndpointDetails where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The virtual private cloud (VPC) endpoint settings that are configured
+-- for your file transfer protocol-enabled server. With a VPC endpoint, you
+-- can restrict access to your server and resources only within your VPC.
+-- To control incoming internet traffic, invoke the @UpdateServer@ API and
+-- attach an Elastic IP address to your server\'s endpoint.
+--
+-- After May 19, 2021, you won\'t be able to create a server using
+-- @EndpointType=VPC_ENDPOINT@ in your Amazon Web Servicesaccount if your
+-- account hasn\'t already done so before May 19, 2021. If you have already
+-- created servers with @EndpointType=VPC_ENDPOINT@ in your Amazon Web
+-- Servicesaccount on or before May 19, 2021, you will not be affected.
+-- After this date, use @EndpointType@=@VPC@.
+--
+-- For more information, see
+-- https:\/\/docs.aws.amazon.com\/transfer\/latest\/userguide\/create-server-in-vpc.html#deprecate-vpc-endpoint.
+--
+-- /See:/ 'newEndpointDetails' smart constructor.
+data EndpointDetails = EndpointDetails'
+  { -- | A list of address allocation IDs that are required to attach an Elastic
+    -- IP address to your server\'s endpoint.
+    --
+    -- This property can only be set when @EndpointType@ is set to @VPC@ and it
+    -- is only valid in the @UpdateServer@ API.
+    addressAllocationIds :: Prelude.Maybe [Prelude.Text],
+    -- | A list of security groups IDs that are available to attach to your
+    -- server\'s endpoint.
+    --
+    -- This property can only be set when @EndpointType@ is set to @VPC@.
+    --
+    -- You can edit the @SecurityGroupIds@ property in the
+    -- <https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateServer.html UpdateServer>
+    -- API only if you are changing the @EndpointType@ from @PUBLIC@ or
+    -- @VPC_ENDPOINT@ to @VPC@. To change security groups associated with your
+    -- server\'s VPC endpoint after creation, use the Amazon EC2
+    -- <https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcEndpoint.html ModifyVpcEndpoint>
+    -- API.
+    securityGroupIds :: Prelude.Maybe [Prelude.Text],
+    -- | A list of subnet IDs that are required to host your server endpoint in
+    -- your VPC.
+    --
+    -- This property can only be set when @EndpointType@ is set to @VPC@.
+    subnetIds :: Prelude.Maybe [Prelude.Text],
+    -- | The identifier of the VPC endpoint.
+    --
+    -- This property can only be set when @EndpointType@ is set to
+    -- @VPC_ENDPOINT@.
+    --
+    -- For more information, see
+    -- https:\/\/docs.aws.amazon.com\/transfer\/latest\/userguide\/create-server-in-vpc.html#deprecate-vpc-endpoint.
+    vpcEndpointId :: Prelude.Maybe Prelude.Text,
+    -- | The VPC identifier of the VPC in which a server\'s endpoint will be
+    -- hosted.
+    --
+    -- This property can only be set when @EndpointType@ is set to @VPC@.
+    vpcId :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'EndpointDetails' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'addressAllocationIds', 'endpointDetails_addressAllocationIds' - A list of address allocation IDs that are required to attach an Elastic
+-- IP address to your server\'s endpoint.
+--
+-- This property can only be set when @EndpointType@ is set to @VPC@ and it
+-- is only valid in the @UpdateServer@ API.
+--
+-- 'securityGroupIds', 'endpointDetails_securityGroupIds' - A list of security groups IDs that are available to attach to your
+-- server\'s endpoint.
+--
+-- This property can only be set when @EndpointType@ is set to @VPC@.
+--
+-- You can edit the @SecurityGroupIds@ property in the
+-- <https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateServer.html UpdateServer>
+-- API only if you are changing the @EndpointType@ from @PUBLIC@ or
+-- @VPC_ENDPOINT@ to @VPC@. To change security groups associated with your
+-- server\'s VPC endpoint after creation, use the Amazon EC2
+-- <https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcEndpoint.html ModifyVpcEndpoint>
+-- API.
+--
+-- 'subnetIds', 'endpointDetails_subnetIds' - A list of subnet IDs that are required to host your server endpoint in
+-- your VPC.
+--
+-- This property can only be set when @EndpointType@ is set to @VPC@.
+--
+-- 'vpcEndpointId', 'endpointDetails_vpcEndpointId' - The identifier of the VPC endpoint.
+--
+-- This property can only be set when @EndpointType@ is set to
+-- @VPC_ENDPOINT@.
+--
+-- For more information, see
+-- https:\/\/docs.aws.amazon.com\/transfer\/latest\/userguide\/create-server-in-vpc.html#deprecate-vpc-endpoint.
+--
+-- 'vpcId', 'endpointDetails_vpcId' - The VPC identifier of the VPC in which a server\'s endpoint will be
+-- hosted.
+--
+-- This property can only be set when @EndpointType@ is set to @VPC@.
+newEndpointDetails ::
+  EndpointDetails
+newEndpointDetails =
+  EndpointDetails'
+    { addressAllocationIds =
+        Prelude.Nothing,
+      securityGroupIds = Prelude.Nothing,
+      subnetIds = Prelude.Nothing,
+      vpcEndpointId = Prelude.Nothing,
+      vpcId = Prelude.Nothing
+    }
+
+-- | A list of address allocation IDs that are required to attach an Elastic
+-- IP address to your server\'s endpoint.
+--
+-- This property can only be set when @EndpointType@ is set to @VPC@ and it
+-- is only valid in the @UpdateServer@ API.
+endpointDetails_addressAllocationIds :: Lens.Lens' EndpointDetails (Prelude.Maybe [Prelude.Text])
+endpointDetails_addressAllocationIds = Lens.lens (\EndpointDetails' {addressAllocationIds} -> addressAllocationIds) (\s@EndpointDetails' {} a -> s {addressAllocationIds = a} :: EndpointDetails) Prelude.. Lens.mapping Lens.coerced
+
+-- | A list of security groups IDs that are available to attach to your
+-- server\'s endpoint.
+--
+-- This property can only be set when @EndpointType@ is set to @VPC@.
+--
+-- You can edit the @SecurityGroupIds@ property in the
+-- <https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateServer.html UpdateServer>
+-- API only if you are changing the @EndpointType@ from @PUBLIC@ or
+-- @VPC_ENDPOINT@ to @VPC@. To change security groups associated with your
+-- server\'s VPC endpoint after creation, use the Amazon EC2
+-- <https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcEndpoint.html ModifyVpcEndpoint>
+-- API.
+endpointDetails_securityGroupIds :: Lens.Lens' EndpointDetails (Prelude.Maybe [Prelude.Text])
+endpointDetails_securityGroupIds = Lens.lens (\EndpointDetails' {securityGroupIds} -> securityGroupIds) (\s@EndpointDetails' {} a -> s {securityGroupIds = a} :: EndpointDetails) Prelude.. Lens.mapping Lens.coerced
+
+-- | A list of subnet IDs that are required to host your server endpoint in
+-- your VPC.
+--
+-- This property can only be set when @EndpointType@ is set to @VPC@.
+endpointDetails_subnetIds :: Lens.Lens' EndpointDetails (Prelude.Maybe [Prelude.Text])
+endpointDetails_subnetIds = Lens.lens (\EndpointDetails' {subnetIds} -> subnetIds) (\s@EndpointDetails' {} a -> s {subnetIds = a} :: EndpointDetails) Prelude.. Lens.mapping Lens.coerced
+
+-- | The identifier of the VPC endpoint.
+--
+-- This property can only be set when @EndpointType@ is set to
+-- @VPC_ENDPOINT@.
+--
+-- For more information, see
+-- https:\/\/docs.aws.amazon.com\/transfer\/latest\/userguide\/create-server-in-vpc.html#deprecate-vpc-endpoint.
+endpointDetails_vpcEndpointId :: Lens.Lens' EndpointDetails (Prelude.Maybe Prelude.Text)
+endpointDetails_vpcEndpointId = Lens.lens (\EndpointDetails' {vpcEndpointId} -> vpcEndpointId) (\s@EndpointDetails' {} a -> s {vpcEndpointId = a} :: EndpointDetails)
+
+-- | The VPC identifier of the VPC in which a server\'s endpoint will be
+-- hosted.
+--
+-- This property can only be set when @EndpointType@ is set to @VPC@.
+endpointDetails_vpcId :: Lens.Lens' EndpointDetails (Prelude.Maybe Prelude.Text)
+endpointDetails_vpcId = Lens.lens (\EndpointDetails' {vpcId} -> vpcId) (\s@EndpointDetails' {} a -> s {vpcId = a} :: EndpointDetails)
+
+instance Data.FromJSON EndpointDetails where
+  parseJSON =
+    Data.withObject
+      "EndpointDetails"
+      ( \x ->
+          EndpointDetails'
+            Prelude.<$> ( x
+                            Data..:? "AddressAllocationIds"
+                            Data..!= Prelude.mempty
+                        )
+            Prelude.<*> ( x
+                            Data..:? "SecurityGroupIds"
+                            Data..!= Prelude.mempty
+                        )
+            Prelude.<*> (x Data..:? "SubnetIds" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..:? "VpcEndpointId")
+            Prelude.<*> (x Data..:? "VpcId")
+      )
+
+instance Prelude.Hashable EndpointDetails where
+  hashWithSalt _salt EndpointDetails' {..} =
+    _salt
+      `Prelude.hashWithSalt` addressAllocationIds
+      `Prelude.hashWithSalt` securityGroupIds
+      `Prelude.hashWithSalt` subnetIds
+      `Prelude.hashWithSalt` vpcEndpointId
+      `Prelude.hashWithSalt` vpcId
+
+instance Prelude.NFData EndpointDetails where
+  rnf EndpointDetails' {..} =
+    Prelude.rnf addressAllocationIds
+      `Prelude.seq` Prelude.rnf securityGroupIds
+      `Prelude.seq` Prelude.rnf subnetIds
+      `Prelude.seq` Prelude.rnf vpcEndpointId
+      `Prelude.seq` Prelude.rnf vpcId
+
+instance Data.ToJSON EndpointDetails where
+  toJSON EndpointDetails' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("AddressAllocationIds" Data..=)
+              Prelude.<$> addressAllocationIds,
+            ("SecurityGroupIds" Data..=)
+              Prelude.<$> securityGroupIds,
+            ("SubnetIds" Data..=) Prelude.<$> subnetIds,
+            ("VpcEndpointId" Data..=) Prelude.<$> vpcEndpointId,
+            ("VpcId" Data..=) Prelude.<$> vpcId
+          ]
+      )
diff --git a/gen/Amazonka/Transfer/Types/EndpointType.hs b/gen/Amazonka/Transfer/Types/EndpointType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/EndpointType.hs
@@ -0,0 +1,76 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.EndpointType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.EndpointType
+  ( EndpointType
+      ( ..,
+        EndpointType_PUBLIC,
+        EndpointType_VPC,
+        EndpointType_VPC_ENDPOINT
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype EndpointType = EndpointType'
+  { fromEndpointType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern EndpointType_PUBLIC :: EndpointType
+pattern EndpointType_PUBLIC = EndpointType' "PUBLIC"
+
+pattern EndpointType_VPC :: EndpointType
+pattern EndpointType_VPC = EndpointType' "VPC"
+
+pattern EndpointType_VPC_ENDPOINT :: EndpointType
+pattern EndpointType_VPC_ENDPOINT = EndpointType' "VPC_ENDPOINT"
+
+{-# COMPLETE
+  EndpointType_PUBLIC,
+  EndpointType_VPC,
+  EndpointType_VPC_ENDPOINT,
+  EndpointType'
+  #-}
diff --git a/gen/Amazonka/Transfer/Types/ExecutionError.hs b/gen/Amazonka/Transfer/Types/ExecutionError.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/ExecutionError.hs
@@ -0,0 +1,176 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.ExecutionError
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.ExecutionError where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.ExecutionErrorType
+
+-- | Specifies the error message and type, for an error that occurs during
+-- the execution of the workflow.
+--
+-- /See:/ 'newExecutionError' smart constructor.
+data ExecutionError = ExecutionError'
+  { -- | Specifies the error type.
+    --
+    -- -   @ALREADY_EXISTS@: occurs for a copy step, if the overwrite option is
+    --     not selected and a file with the same name already exists in the
+    --     target location.
+    --
+    -- -   @BAD_REQUEST@: a general bad request: for example, a step that
+    --     attempts to tag an EFS file returns @BAD_REQUEST@, as only S3 files
+    --     can be tagged.
+    --
+    -- -   @CUSTOM_STEP_FAILED@: occurs when the custom step provided a
+    --     callback that indicates failure.
+    --
+    -- -   @INTERNAL_SERVER_ERROR@: a catch-all error that can occur for a
+    --     variety of reasons.
+    --
+    -- -   @NOT_FOUND@: occurs when a requested entity, for example a source
+    --     file for a copy step, does not exist.
+    --
+    -- -   @PERMISSION_DENIED@: occurs if your policy does not contain the
+    --     correct permissions to complete one or more of the steps in the
+    --     workflow.
+    --
+    -- -   @TIMEOUT@: occurs when the execution times out.
+    --
+    --     You can set the @TimeoutSeconds@ for a custom step, anywhere from 1
+    --     second to 1800 seconds (30 minutes).
+    --
+    -- -   @THROTTLED@: occurs if you exceed the new execution refill rate of
+    --     one workflow per second.
+    type' :: ExecutionErrorType,
+    -- | Specifies the descriptive message that corresponds to the @ErrorType@.
+    message :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ExecutionError' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'type'', 'executionError_type' - Specifies the error type.
+--
+-- -   @ALREADY_EXISTS@: occurs for a copy step, if the overwrite option is
+--     not selected and a file with the same name already exists in the
+--     target location.
+--
+-- -   @BAD_REQUEST@: a general bad request: for example, a step that
+--     attempts to tag an EFS file returns @BAD_REQUEST@, as only S3 files
+--     can be tagged.
+--
+-- -   @CUSTOM_STEP_FAILED@: occurs when the custom step provided a
+--     callback that indicates failure.
+--
+-- -   @INTERNAL_SERVER_ERROR@: a catch-all error that can occur for a
+--     variety of reasons.
+--
+-- -   @NOT_FOUND@: occurs when a requested entity, for example a source
+--     file for a copy step, does not exist.
+--
+-- -   @PERMISSION_DENIED@: occurs if your policy does not contain the
+--     correct permissions to complete one or more of the steps in the
+--     workflow.
+--
+-- -   @TIMEOUT@: occurs when the execution times out.
+--
+--     You can set the @TimeoutSeconds@ for a custom step, anywhere from 1
+--     second to 1800 seconds (30 minutes).
+--
+-- -   @THROTTLED@: occurs if you exceed the new execution refill rate of
+--     one workflow per second.
+--
+-- 'message', 'executionError_message' - Specifies the descriptive message that corresponds to the @ErrorType@.
+newExecutionError ::
+  -- | 'type''
+  ExecutionErrorType ->
+  -- | 'message'
+  Prelude.Text ->
+  ExecutionError
+newExecutionError pType_ pMessage_ =
+  ExecutionError'
+    { type' = pType_,
+      message = pMessage_
+    }
+
+-- | Specifies the error type.
+--
+-- -   @ALREADY_EXISTS@: occurs for a copy step, if the overwrite option is
+--     not selected and a file with the same name already exists in the
+--     target location.
+--
+-- -   @BAD_REQUEST@: a general bad request: for example, a step that
+--     attempts to tag an EFS file returns @BAD_REQUEST@, as only S3 files
+--     can be tagged.
+--
+-- -   @CUSTOM_STEP_FAILED@: occurs when the custom step provided a
+--     callback that indicates failure.
+--
+-- -   @INTERNAL_SERVER_ERROR@: a catch-all error that can occur for a
+--     variety of reasons.
+--
+-- -   @NOT_FOUND@: occurs when a requested entity, for example a source
+--     file for a copy step, does not exist.
+--
+-- -   @PERMISSION_DENIED@: occurs if your policy does not contain the
+--     correct permissions to complete one or more of the steps in the
+--     workflow.
+--
+-- -   @TIMEOUT@: occurs when the execution times out.
+--
+--     You can set the @TimeoutSeconds@ for a custom step, anywhere from 1
+--     second to 1800 seconds (30 minutes).
+--
+-- -   @THROTTLED@: occurs if you exceed the new execution refill rate of
+--     one workflow per second.
+executionError_type :: Lens.Lens' ExecutionError ExecutionErrorType
+executionError_type = Lens.lens (\ExecutionError' {type'} -> type') (\s@ExecutionError' {} a -> s {type' = a} :: ExecutionError)
+
+-- | Specifies the descriptive message that corresponds to the @ErrorType@.
+executionError_message :: Lens.Lens' ExecutionError Prelude.Text
+executionError_message = Lens.lens (\ExecutionError' {message} -> message) (\s@ExecutionError' {} a -> s {message = a} :: ExecutionError)
+
+instance Data.FromJSON ExecutionError where
+  parseJSON =
+    Data.withObject
+      "ExecutionError"
+      ( \x ->
+          ExecutionError'
+            Prelude.<$> (x Data..: "Type")
+            Prelude.<*> (x Data..: "Message")
+      )
+
+instance Prelude.Hashable ExecutionError where
+  hashWithSalt _salt ExecutionError' {..} =
+    _salt
+      `Prelude.hashWithSalt` type'
+      `Prelude.hashWithSalt` message
+
+instance Prelude.NFData ExecutionError where
+  rnf ExecutionError' {..} =
+    Prelude.rnf type' `Prelude.seq` Prelude.rnf message
diff --git a/gen/Amazonka/Transfer/Types/ExecutionErrorType.hs b/gen/Amazonka/Transfer/Types/ExecutionErrorType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/ExecutionErrorType.hs
@@ -0,0 +1,101 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.ExecutionErrorType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.ExecutionErrorType
+  ( ExecutionErrorType
+      ( ..,
+        ExecutionErrorType_ALREADY_EXISTS,
+        ExecutionErrorType_BAD_REQUEST,
+        ExecutionErrorType_CUSTOM_STEP_FAILED,
+        ExecutionErrorType_INTERNAL_SERVER_ERROR,
+        ExecutionErrorType_NOT_FOUND,
+        ExecutionErrorType_PERMISSION_DENIED,
+        ExecutionErrorType_THROTTLED,
+        ExecutionErrorType_TIMEOUT
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype ExecutionErrorType = ExecutionErrorType'
+  { fromExecutionErrorType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern ExecutionErrorType_ALREADY_EXISTS :: ExecutionErrorType
+pattern ExecutionErrorType_ALREADY_EXISTS = ExecutionErrorType' "ALREADY_EXISTS"
+
+pattern ExecutionErrorType_BAD_REQUEST :: ExecutionErrorType
+pattern ExecutionErrorType_BAD_REQUEST = ExecutionErrorType' "BAD_REQUEST"
+
+pattern ExecutionErrorType_CUSTOM_STEP_FAILED :: ExecutionErrorType
+pattern ExecutionErrorType_CUSTOM_STEP_FAILED = ExecutionErrorType' "CUSTOM_STEP_FAILED"
+
+pattern ExecutionErrorType_INTERNAL_SERVER_ERROR :: ExecutionErrorType
+pattern ExecutionErrorType_INTERNAL_SERVER_ERROR = ExecutionErrorType' "INTERNAL_SERVER_ERROR"
+
+pattern ExecutionErrorType_NOT_FOUND :: ExecutionErrorType
+pattern ExecutionErrorType_NOT_FOUND = ExecutionErrorType' "NOT_FOUND"
+
+pattern ExecutionErrorType_PERMISSION_DENIED :: ExecutionErrorType
+pattern ExecutionErrorType_PERMISSION_DENIED = ExecutionErrorType' "PERMISSION_DENIED"
+
+pattern ExecutionErrorType_THROTTLED :: ExecutionErrorType
+pattern ExecutionErrorType_THROTTLED = ExecutionErrorType' "THROTTLED"
+
+pattern ExecutionErrorType_TIMEOUT :: ExecutionErrorType
+pattern ExecutionErrorType_TIMEOUT = ExecutionErrorType' "TIMEOUT"
+
+{-# COMPLETE
+  ExecutionErrorType_ALREADY_EXISTS,
+  ExecutionErrorType_BAD_REQUEST,
+  ExecutionErrorType_CUSTOM_STEP_FAILED,
+  ExecutionErrorType_INTERNAL_SERVER_ERROR,
+  ExecutionErrorType_NOT_FOUND,
+  ExecutionErrorType_PERMISSION_DENIED,
+  ExecutionErrorType_THROTTLED,
+  ExecutionErrorType_TIMEOUT,
+  ExecutionErrorType'
+  #-}
diff --git a/gen/Amazonka/Transfer/Types/ExecutionResults.hs b/gen/Amazonka/Transfer/Types/ExecutionResults.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/ExecutionResults.hs
@@ -0,0 +1,90 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.ExecutionResults
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.ExecutionResults where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.ExecutionStepResult
+
+-- | Specifies the steps in the workflow, as well as the steps to execute in
+-- case of any errors during workflow execution.
+--
+-- /See:/ 'newExecutionResults' smart constructor.
+data ExecutionResults = ExecutionResults'
+  { -- | Specifies the steps (actions) to take if errors are encountered during
+    -- execution of the workflow.
+    onExceptionSteps :: Prelude.Maybe (Prelude.NonEmpty ExecutionStepResult),
+    -- | Specifies the details for the steps that are in the specified workflow.
+    steps :: Prelude.Maybe (Prelude.NonEmpty ExecutionStepResult)
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ExecutionResults' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'onExceptionSteps', 'executionResults_onExceptionSteps' - Specifies the steps (actions) to take if errors are encountered during
+-- execution of the workflow.
+--
+-- 'steps', 'executionResults_steps' - Specifies the details for the steps that are in the specified workflow.
+newExecutionResults ::
+  ExecutionResults
+newExecutionResults =
+  ExecutionResults'
+    { onExceptionSteps =
+        Prelude.Nothing,
+      steps = Prelude.Nothing
+    }
+
+-- | Specifies the steps (actions) to take if errors are encountered during
+-- execution of the workflow.
+executionResults_onExceptionSteps :: Lens.Lens' ExecutionResults (Prelude.Maybe (Prelude.NonEmpty ExecutionStepResult))
+executionResults_onExceptionSteps = Lens.lens (\ExecutionResults' {onExceptionSteps} -> onExceptionSteps) (\s@ExecutionResults' {} a -> s {onExceptionSteps = a} :: ExecutionResults) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies the details for the steps that are in the specified workflow.
+executionResults_steps :: Lens.Lens' ExecutionResults (Prelude.Maybe (Prelude.NonEmpty ExecutionStepResult))
+executionResults_steps = Lens.lens (\ExecutionResults' {steps} -> steps) (\s@ExecutionResults' {} a -> s {steps = a} :: ExecutionResults) Prelude.. Lens.mapping Lens.coerced
+
+instance Data.FromJSON ExecutionResults where
+  parseJSON =
+    Data.withObject
+      "ExecutionResults"
+      ( \x ->
+          ExecutionResults'
+            Prelude.<$> (x Data..:? "OnExceptionSteps")
+            Prelude.<*> (x Data..:? "Steps")
+      )
+
+instance Prelude.Hashable ExecutionResults where
+  hashWithSalt _salt ExecutionResults' {..} =
+    _salt
+      `Prelude.hashWithSalt` onExceptionSteps
+      `Prelude.hashWithSalt` steps
+
+instance Prelude.NFData ExecutionResults where
+  rnf ExecutionResults' {..} =
+    Prelude.rnf onExceptionSteps
+      `Prelude.seq` Prelude.rnf steps
diff --git a/gen/Amazonka/Transfer/Types/ExecutionStatus.hs b/gen/Amazonka/Transfer/Types/ExecutionStatus.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/ExecutionStatus.hs
@@ -0,0 +1,81 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.ExecutionStatus
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.ExecutionStatus
+  ( ExecutionStatus
+      ( ..,
+        ExecutionStatus_COMPLETED,
+        ExecutionStatus_EXCEPTION,
+        ExecutionStatus_HANDLING_EXCEPTION,
+        ExecutionStatus_IN_PROGRESS
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype ExecutionStatus = ExecutionStatus'
+  { fromExecutionStatus ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern ExecutionStatus_COMPLETED :: ExecutionStatus
+pattern ExecutionStatus_COMPLETED = ExecutionStatus' "COMPLETED"
+
+pattern ExecutionStatus_EXCEPTION :: ExecutionStatus
+pattern ExecutionStatus_EXCEPTION = ExecutionStatus' "EXCEPTION"
+
+pattern ExecutionStatus_HANDLING_EXCEPTION :: ExecutionStatus
+pattern ExecutionStatus_HANDLING_EXCEPTION = ExecutionStatus' "HANDLING_EXCEPTION"
+
+pattern ExecutionStatus_IN_PROGRESS :: ExecutionStatus
+pattern ExecutionStatus_IN_PROGRESS = ExecutionStatus' "IN_PROGRESS"
+
+{-# COMPLETE
+  ExecutionStatus_COMPLETED,
+  ExecutionStatus_EXCEPTION,
+  ExecutionStatus_HANDLING_EXCEPTION,
+  ExecutionStatus_IN_PROGRESS,
+  ExecutionStatus'
+  #-}
diff --git a/gen/Amazonka/Transfer/Types/ExecutionStepResult.hs b/gen/Amazonka/Transfer/Types/ExecutionStepResult.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/ExecutionStepResult.hs
@@ -0,0 +1,129 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.ExecutionStepResult
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.ExecutionStepResult where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.ExecutionError
+import Amazonka.Transfer.Types.WorkflowStepType
+
+-- | Specifies the following details for the step: error (if any), outputs
+-- (if any), and the step type.
+--
+-- /See:/ 'newExecutionStepResult' smart constructor.
+data ExecutionStepResult = ExecutionStepResult'
+  { -- | Specifies the details for an error, if it occurred during execution of
+    -- the specified workflow step.
+    error :: Prelude.Maybe ExecutionError,
+    -- | The values for the key\/value pair applied as a tag to the file. Only
+    -- applicable if the step type is @TAG@.
+    outputs :: Prelude.Maybe Prelude.Text,
+    -- | One of the available step types.
+    --
+    -- -   /COPY/: Copy the file to another location.
+    --
+    -- -   /CUSTOM/: Perform a custom step with an Lambda function target.
+    --
+    -- -   /DELETE/: Delete the file.
+    --
+    -- -   /TAG/: Add a tag to the file.
+    stepType :: Prelude.Maybe WorkflowStepType
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ExecutionStepResult' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'error', 'executionStepResult_error' - Specifies the details for an error, if it occurred during execution of
+-- the specified workflow step.
+--
+-- 'outputs', 'executionStepResult_outputs' - The values for the key\/value pair applied as a tag to the file. Only
+-- applicable if the step type is @TAG@.
+--
+-- 'stepType', 'executionStepResult_stepType' - One of the available step types.
+--
+-- -   /COPY/: Copy the file to another location.
+--
+-- -   /CUSTOM/: Perform a custom step with an Lambda function target.
+--
+-- -   /DELETE/: Delete the file.
+--
+-- -   /TAG/: Add a tag to the file.
+newExecutionStepResult ::
+  ExecutionStepResult
+newExecutionStepResult =
+  ExecutionStepResult'
+    { error = Prelude.Nothing,
+      outputs = Prelude.Nothing,
+      stepType = Prelude.Nothing
+    }
+
+-- | Specifies the details for an error, if it occurred during execution of
+-- the specified workflow step.
+executionStepResult_error :: Lens.Lens' ExecutionStepResult (Prelude.Maybe ExecutionError)
+executionStepResult_error = Lens.lens (\ExecutionStepResult' {error} -> error) (\s@ExecutionStepResult' {} a -> s {error = a} :: ExecutionStepResult)
+
+-- | The values for the key\/value pair applied as a tag to the file. Only
+-- applicable if the step type is @TAG@.
+executionStepResult_outputs :: Lens.Lens' ExecutionStepResult (Prelude.Maybe Prelude.Text)
+executionStepResult_outputs = Lens.lens (\ExecutionStepResult' {outputs} -> outputs) (\s@ExecutionStepResult' {} a -> s {outputs = a} :: ExecutionStepResult)
+
+-- | One of the available step types.
+--
+-- -   /COPY/: Copy the file to another location.
+--
+-- -   /CUSTOM/: Perform a custom step with an Lambda function target.
+--
+-- -   /DELETE/: Delete the file.
+--
+-- -   /TAG/: Add a tag to the file.
+executionStepResult_stepType :: Lens.Lens' ExecutionStepResult (Prelude.Maybe WorkflowStepType)
+executionStepResult_stepType = Lens.lens (\ExecutionStepResult' {stepType} -> stepType) (\s@ExecutionStepResult' {} a -> s {stepType = a} :: ExecutionStepResult)
+
+instance Data.FromJSON ExecutionStepResult where
+  parseJSON =
+    Data.withObject
+      "ExecutionStepResult"
+      ( \x ->
+          ExecutionStepResult'
+            Prelude.<$> (x Data..:? "Error")
+            Prelude.<*> (x Data..:? "Outputs")
+            Prelude.<*> (x Data..:? "StepType")
+      )
+
+instance Prelude.Hashable ExecutionStepResult where
+  hashWithSalt _salt ExecutionStepResult' {..} =
+    _salt
+      `Prelude.hashWithSalt` error
+      `Prelude.hashWithSalt` outputs
+      `Prelude.hashWithSalt` stepType
+
+instance Prelude.NFData ExecutionStepResult where
+  rnf ExecutionStepResult' {..} =
+    Prelude.rnf error
+      `Prelude.seq` Prelude.rnf outputs
+      `Prelude.seq` Prelude.rnf stepType
diff --git a/gen/Amazonka/Transfer/Types/FileLocation.hs b/gen/Amazonka/Transfer/Types/FileLocation.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/FileLocation.hs
@@ -0,0 +1,92 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.FileLocation
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.FileLocation where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.EfsFileLocation
+import Amazonka.Transfer.Types.S3FileLocation
+
+-- | Specifies the Amazon S3 or EFS file details to be used in the step.
+--
+-- /See:/ 'newFileLocation' smart constructor.
+data FileLocation = FileLocation'
+  { -- | Specifies the Amazon EFS identifier and the path for the file being
+    -- used.
+    efsFileLocation :: Prelude.Maybe EfsFileLocation,
+    -- | Specifies the S3 details for the file being used, such as bucket, ETag,
+    -- and so forth.
+    s3FileLocation :: Prelude.Maybe S3FileLocation
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'FileLocation' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'efsFileLocation', 'fileLocation_efsFileLocation' - Specifies the Amazon EFS identifier and the path for the file being
+-- used.
+--
+-- 's3FileLocation', 'fileLocation_s3FileLocation' - Specifies the S3 details for the file being used, such as bucket, ETag,
+-- and so forth.
+newFileLocation ::
+  FileLocation
+newFileLocation =
+  FileLocation'
+    { efsFileLocation = Prelude.Nothing,
+      s3FileLocation = Prelude.Nothing
+    }
+
+-- | Specifies the Amazon EFS identifier and the path for the file being
+-- used.
+fileLocation_efsFileLocation :: Lens.Lens' FileLocation (Prelude.Maybe EfsFileLocation)
+fileLocation_efsFileLocation = Lens.lens (\FileLocation' {efsFileLocation} -> efsFileLocation) (\s@FileLocation' {} a -> s {efsFileLocation = a} :: FileLocation)
+
+-- | Specifies the S3 details for the file being used, such as bucket, ETag,
+-- and so forth.
+fileLocation_s3FileLocation :: Lens.Lens' FileLocation (Prelude.Maybe S3FileLocation)
+fileLocation_s3FileLocation = Lens.lens (\FileLocation' {s3FileLocation} -> s3FileLocation) (\s@FileLocation' {} a -> s {s3FileLocation = a} :: FileLocation)
+
+instance Data.FromJSON FileLocation where
+  parseJSON =
+    Data.withObject
+      "FileLocation"
+      ( \x ->
+          FileLocation'
+            Prelude.<$> (x Data..:? "EfsFileLocation")
+            Prelude.<*> (x Data..:? "S3FileLocation")
+      )
+
+instance Prelude.Hashable FileLocation where
+  hashWithSalt _salt FileLocation' {..} =
+    _salt
+      `Prelude.hashWithSalt` efsFileLocation
+      `Prelude.hashWithSalt` s3FileLocation
+
+instance Prelude.NFData FileLocation where
+  rnf FileLocation' {..} =
+    Prelude.rnf efsFileLocation
+      `Prelude.seq` Prelude.rnf s3FileLocation
diff --git a/gen/Amazonka/Transfer/Types/HomeDirectoryMapEntry.hs b/gen/Amazonka/Transfer/Types/HomeDirectoryMapEntry.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/HomeDirectoryMapEntry.hs
@@ -0,0 +1,101 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.HomeDirectoryMapEntry
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.HomeDirectoryMapEntry where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Represents an object that contains entries and targets for
+-- @HomeDirectoryMappings@.
+--
+-- The following is an @Entry@ and @Target@ pair example for @chroot@.
+--
+-- @[ { \"Entry\": \"\/\", \"Target\": \"\/bucket_name\/home\/mydirectory\" } ]@
+--
+-- /See:/ 'newHomeDirectoryMapEntry' smart constructor.
+data HomeDirectoryMapEntry = HomeDirectoryMapEntry'
+  { -- | Represents an entry for @HomeDirectoryMappings@.
+    entry :: Prelude.Text,
+    -- | Represents the map target that is used in a @HomeDirectorymapEntry@.
+    target :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'HomeDirectoryMapEntry' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'entry', 'homeDirectoryMapEntry_entry' - Represents an entry for @HomeDirectoryMappings@.
+--
+-- 'target', 'homeDirectoryMapEntry_target' - Represents the map target that is used in a @HomeDirectorymapEntry@.
+newHomeDirectoryMapEntry ::
+  -- | 'entry'
+  Prelude.Text ->
+  -- | 'target'
+  Prelude.Text ->
+  HomeDirectoryMapEntry
+newHomeDirectoryMapEntry pEntry_ pTarget_ =
+  HomeDirectoryMapEntry'
+    { entry = pEntry_,
+      target = pTarget_
+    }
+
+-- | Represents an entry for @HomeDirectoryMappings@.
+homeDirectoryMapEntry_entry :: Lens.Lens' HomeDirectoryMapEntry Prelude.Text
+homeDirectoryMapEntry_entry = Lens.lens (\HomeDirectoryMapEntry' {entry} -> entry) (\s@HomeDirectoryMapEntry' {} a -> s {entry = a} :: HomeDirectoryMapEntry)
+
+-- | Represents the map target that is used in a @HomeDirectorymapEntry@.
+homeDirectoryMapEntry_target :: Lens.Lens' HomeDirectoryMapEntry Prelude.Text
+homeDirectoryMapEntry_target = Lens.lens (\HomeDirectoryMapEntry' {target} -> target) (\s@HomeDirectoryMapEntry' {} a -> s {target = a} :: HomeDirectoryMapEntry)
+
+instance Data.FromJSON HomeDirectoryMapEntry where
+  parseJSON =
+    Data.withObject
+      "HomeDirectoryMapEntry"
+      ( \x ->
+          HomeDirectoryMapEntry'
+            Prelude.<$> (x Data..: "Entry")
+            Prelude.<*> (x Data..: "Target")
+      )
+
+instance Prelude.Hashable HomeDirectoryMapEntry where
+  hashWithSalt _salt HomeDirectoryMapEntry' {..} =
+    _salt
+      `Prelude.hashWithSalt` entry
+      `Prelude.hashWithSalt` target
+
+instance Prelude.NFData HomeDirectoryMapEntry where
+  rnf HomeDirectoryMapEntry' {..} =
+    Prelude.rnf entry `Prelude.seq` Prelude.rnf target
+
+instance Data.ToJSON HomeDirectoryMapEntry where
+  toJSON HomeDirectoryMapEntry' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("Entry" Data..= entry),
+            Prelude.Just ("Target" Data..= target)
+          ]
+      )
diff --git a/gen/Amazonka/Transfer/Types/HomeDirectoryType.hs b/gen/Amazonka/Transfer/Types/HomeDirectoryType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/HomeDirectoryType.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.HomeDirectoryType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.HomeDirectoryType
+  ( HomeDirectoryType
+      ( ..,
+        HomeDirectoryType_LOGICAL,
+        HomeDirectoryType_PATH
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype HomeDirectoryType = HomeDirectoryType'
+  { fromHomeDirectoryType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern HomeDirectoryType_LOGICAL :: HomeDirectoryType
+pattern HomeDirectoryType_LOGICAL = HomeDirectoryType' "LOGICAL"
+
+pattern HomeDirectoryType_PATH :: HomeDirectoryType
+pattern HomeDirectoryType_PATH = HomeDirectoryType' "PATH"
+
+{-# COMPLETE
+  HomeDirectoryType_LOGICAL,
+  HomeDirectoryType_PATH,
+  HomeDirectoryType'
+  #-}
diff --git a/gen/Amazonka/Transfer/Types/IdentityProviderDetails.hs b/gen/Amazonka/Transfer/Types/IdentityProviderDetails.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/IdentityProviderDetails.hs
@@ -0,0 +1,132 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.IdentityProviderDetails
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.IdentityProviderDetails where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Returns information related to the type of user authentication that is
+-- in use for a file transfer protocol-enabled server\'s users. A server
+-- can have only one method of authentication.
+--
+-- /See:/ 'newIdentityProviderDetails' smart constructor.
+data IdentityProviderDetails = IdentityProviderDetails'
+  { -- | The identifier of the Directory Service directory that you want to stop
+    -- sharing.
+    directoryId :: Prelude.Maybe Prelude.Text,
+    -- | The ARN for a lambda function to use for the Identity provider.
+    function :: Prelude.Maybe Prelude.Text,
+    -- | Provides the type of @InvocationRole@ used to authenticate the user
+    -- account.
+    invocationRole :: Prelude.Maybe Prelude.Text,
+    -- | Provides the location of the service endpoint used to authenticate
+    -- users.
+    url :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'IdentityProviderDetails' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'directoryId', 'identityProviderDetails_directoryId' - The identifier of the Directory Service directory that you want to stop
+-- sharing.
+--
+-- 'function', 'identityProviderDetails_function' - The ARN for a lambda function to use for the Identity provider.
+--
+-- 'invocationRole', 'identityProviderDetails_invocationRole' - Provides the type of @InvocationRole@ used to authenticate the user
+-- account.
+--
+-- 'url', 'identityProviderDetails_url' - Provides the location of the service endpoint used to authenticate
+-- users.
+newIdentityProviderDetails ::
+  IdentityProviderDetails
+newIdentityProviderDetails =
+  IdentityProviderDetails'
+    { directoryId =
+        Prelude.Nothing,
+      function = Prelude.Nothing,
+      invocationRole = Prelude.Nothing,
+      url = Prelude.Nothing
+    }
+
+-- | The identifier of the Directory Service directory that you want to stop
+-- sharing.
+identityProviderDetails_directoryId :: Lens.Lens' IdentityProviderDetails (Prelude.Maybe Prelude.Text)
+identityProviderDetails_directoryId = Lens.lens (\IdentityProviderDetails' {directoryId} -> directoryId) (\s@IdentityProviderDetails' {} a -> s {directoryId = a} :: IdentityProviderDetails)
+
+-- | The ARN for a lambda function to use for the Identity provider.
+identityProviderDetails_function :: Lens.Lens' IdentityProviderDetails (Prelude.Maybe Prelude.Text)
+identityProviderDetails_function = Lens.lens (\IdentityProviderDetails' {function} -> function) (\s@IdentityProviderDetails' {} a -> s {function = a} :: IdentityProviderDetails)
+
+-- | Provides the type of @InvocationRole@ used to authenticate the user
+-- account.
+identityProviderDetails_invocationRole :: Lens.Lens' IdentityProviderDetails (Prelude.Maybe Prelude.Text)
+identityProviderDetails_invocationRole = Lens.lens (\IdentityProviderDetails' {invocationRole} -> invocationRole) (\s@IdentityProviderDetails' {} a -> s {invocationRole = a} :: IdentityProviderDetails)
+
+-- | Provides the location of the service endpoint used to authenticate
+-- users.
+identityProviderDetails_url :: Lens.Lens' IdentityProviderDetails (Prelude.Maybe Prelude.Text)
+identityProviderDetails_url = Lens.lens (\IdentityProviderDetails' {url} -> url) (\s@IdentityProviderDetails' {} a -> s {url = a} :: IdentityProviderDetails)
+
+instance Data.FromJSON IdentityProviderDetails where
+  parseJSON =
+    Data.withObject
+      "IdentityProviderDetails"
+      ( \x ->
+          IdentityProviderDetails'
+            Prelude.<$> (x Data..:? "DirectoryId")
+            Prelude.<*> (x Data..:? "Function")
+            Prelude.<*> (x Data..:? "InvocationRole")
+            Prelude.<*> (x Data..:? "Url")
+      )
+
+instance Prelude.Hashable IdentityProviderDetails where
+  hashWithSalt _salt IdentityProviderDetails' {..} =
+    _salt
+      `Prelude.hashWithSalt` directoryId
+      `Prelude.hashWithSalt` function
+      `Prelude.hashWithSalt` invocationRole
+      `Prelude.hashWithSalt` url
+
+instance Prelude.NFData IdentityProviderDetails where
+  rnf IdentityProviderDetails' {..} =
+    Prelude.rnf directoryId
+      `Prelude.seq` Prelude.rnf function
+      `Prelude.seq` Prelude.rnf invocationRole
+      `Prelude.seq` Prelude.rnf url
+
+instance Data.ToJSON IdentityProviderDetails where
+  toJSON IdentityProviderDetails' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("DirectoryId" Data..=) Prelude.<$> directoryId,
+            ("Function" Data..=) Prelude.<$> function,
+            ("InvocationRole" Data..=)
+              Prelude.<$> invocationRole,
+            ("Url" Data..=) Prelude.<$> url
+          ]
+      )
diff --git a/gen/Amazonka/Transfer/Types/IdentityProviderType.hs b/gen/Amazonka/Transfer/Types/IdentityProviderType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/IdentityProviderType.hs
@@ -0,0 +1,88 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.IdentityProviderType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.IdentityProviderType
+  ( IdentityProviderType
+      ( ..,
+        IdentityProviderType_API_GATEWAY,
+        IdentityProviderType_AWS_DIRECTORY_SERVICE,
+        IdentityProviderType_AWS_LAMBDA,
+        IdentityProviderType_SERVICE_MANAGED
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Returns information related to the type of user authentication that is
+-- in use for a file transfer protocol-enabled server\'s users. For
+-- @AWS_DIRECTORY_SERVICE@ or @SERVICE_MANAGED@ authentication, the Secure
+-- Shell (SSH) public keys are stored with a user on the server instance.
+-- For @API_GATEWAY@ authentication, your custom authentication method is
+-- implemented by using an API call. The server can have only one method of
+-- authentication.
+newtype IdentityProviderType = IdentityProviderType'
+  { fromIdentityProviderType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern IdentityProviderType_API_GATEWAY :: IdentityProviderType
+pattern IdentityProviderType_API_GATEWAY = IdentityProviderType' "API_GATEWAY"
+
+pattern IdentityProviderType_AWS_DIRECTORY_SERVICE :: IdentityProviderType
+pattern IdentityProviderType_AWS_DIRECTORY_SERVICE = IdentityProviderType' "AWS_DIRECTORY_SERVICE"
+
+pattern IdentityProviderType_AWS_LAMBDA :: IdentityProviderType
+pattern IdentityProviderType_AWS_LAMBDA = IdentityProviderType' "AWS_LAMBDA"
+
+pattern IdentityProviderType_SERVICE_MANAGED :: IdentityProviderType
+pattern IdentityProviderType_SERVICE_MANAGED = IdentityProviderType' "SERVICE_MANAGED"
+
+{-# COMPLETE
+  IdentityProviderType_API_GATEWAY,
+  IdentityProviderType_AWS_DIRECTORY_SERVICE,
+  IdentityProviderType_AWS_LAMBDA,
+  IdentityProviderType_SERVICE_MANAGED,
+  IdentityProviderType'
+  #-}
diff --git a/gen/Amazonka/Transfer/Types/InputFileLocation.hs b/gen/Amazonka/Transfer/Types/InputFileLocation.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/InputFileLocation.hs
@@ -0,0 +1,99 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.InputFileLocation
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.InputFileLocation where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.EfsFileLocation
+import Amazonka.Transfer.Types.S3InputFileLocation
+
+-- | Specifies the location for the file being copied. Only applicable for
+-- the Copy type of workflow steps.
+--
+-- /See:/ 'newInputFileLocation' smart constructor.
+data InputFileLocation = InputFileLocation'
+  { -- | Reserved for future use.
+    efsFileLocation :: Prelude.Maybe EfsFileLocation,
+    -- | Specifies the details for the S3 file being copied.
+    s3FileLocation :: Prelude.Maybe S3InputFileLocation
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'InputFileLocation' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'efsFileLocation', 'inputFileLocation_efsFileLocation' - Reserved for future use.
+--
+-- 's3FileLocation', 'inputFileLocation_s3FileLocation' - Specifies the details for the S3 file being copied.
+newInputFileLocation ::
+  InputFileLocation
+newInputFileLocation =
+  InputFileLocation'
+    { efsFileLocation =
+        Prelude.Nothing,
+      s3FileLocation = Prelude.Nothing
+    }
+
+-- | Reserved for future use.
+inputFileLocation_efsFileLocation :: Lens.Lens' InputFileLocation (Prelude.Maybe EfsFileLocation)
+inputFileLocation_efsFileLocation = Lens.lens (\InputFileLocation' {efsFileLocation} -> efsFileLocation) (\s@InputFileLocation' {} a -> s {efsFileLocation = a} :: InputFileLocation)
+
+-- | Specifies the details for the S3 file being copied.
+inputFileLocation_s3FileLocation :: Lens.Lens' InputFileLocation (Prelude.Maybe S3InputFileLocation)
+inputFileLocation_s3FileLocation = Lens.lens (\InputFileLocation' {s3FileLocation} -> s3FileLocation) (\s@InputFileLocation' {} a -> s {s3FileLocation = a} :: InputFileLocation)
+
+instance Data.FromJSON InputFileLocation where
+  parseJSON =
+    Data.withObject
+      "InputFileLocation"
+      ( \x ->
+          InputFileLocation'
+            Prelude.<$> (x Data..:? "EfsFileLocation")
+            Prelude.<*> (x Data..:? "S3FileLocation")
+      )
+
+instance Prelude.Hashable InputFileLocation where
+  hashWithSalt _salt InputFileLocation' {..} =
+    _salt
+      `Prelude.hashWithSalt` efsFileLocation
+      `Prelude.hashWithSalt` s3FileLocation
+
+instance Prelude.NFData InputFileLocation where
+  rnf InputFileLocation' {..} =
+    Prelude.rnf efsFileLocation
+      `Prelude.seq` Prelude.rnf s3FileLocation
+
+instance Data.ToJSON InputFileLocation where
+  toJSON InputFileLocation' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("EfsFileLocation" Data..=)
+              Prelude.<$> efsFileLocation,
+            ("S3FileLocation" Data..=)
+              Prelude.<$> s3FileLocation
+          ]
+      )
diff --git a/gen/Amazonka/Transfer/Types/ListedAccess.hs b/gen/Amazonka/Transfer/Types/ListedAccess.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/ListedAccess.hs
@@ -0,0 +1,196 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.ListedAccess
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.ListedAccess where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.HomeDirectoryType
+
+-- | Lists the properties for one or more specified associated accesses.
+--
+-- /See:/ 'newListedAccess' smart constructor.
+data ListedAccess = ListedAccess'
+  { -- | A unique identifier that is required to identify specific groups within
+    -- your directory. The users of the group that you associate have access to
+    -- your Amazon S3 or Amazon EFS resources over the enabled protocols using
+    -- Transfer Family. If you know the group name, you can view the SID values
+    -- by running the following command using Windows PowerShell.
+    --
+    -- @Get-ADGroup -Filter {samAccountName -like \"@/@YourGroupName@/@*\"} -Properties * | Select SamAccountName,ObjectSid@
+    --
+    -- In that command, replace /YourGroupName/ with the name of your Active
+    -- Directory group.
+    --
+    -- The regular expression used to validate this parameter is a string of
+    -- characters consisting of uppercase and lowercase alphanumeric characters
+    -- with no spaces. You can also include underscores or any of the following
+    -- characters: =,.\@:\/-
+    externalId :: Prelude.Maybe Prelude.Text,
+    -- | The landing directory (folder) for a user when they log in to the server
+    -- using the client.
+    --
+    -- A @HomeDirectory@ example is @\/bucket_name\/home\/mydirectory@.
+    homeDirectory :: Prelude.Maybe Prelude.Text,
+    -- | The type of landing directory (folder) that you want your users\' home
+    -- directory to be when they log in to the server. If you set it to @PATH@,
+    -- the user will see the absolute Amazon S3 bucket or EFS paths as is in
+    -- their file transfer protocol clients. If you set it @LOGICAL@, you need
+    -- to provide mappings in the @HomeDirectoryMappings@ for how you want to
+    -- make Amazon S3 or Amazon EFS paths visible to your users.
+    homeDirectoryType :: Prelude.Maybe HomeDirectoryType,
+    -- | The Amazon Resource Name (ARN) of the Identity and Access Management
+    -- (IAM) role that controls your users\' access to your Amazon S3 bucket or
+    -- Amazon EFS file system. The policies attached to this role determine the
+    -- level of access that you want to provide your users when transferring
+    -- files into and out of your Amazon S3 bucket or Amazon EFS file system.
+    -- The IAM role should also contain a trust relationship that allows the
+    -- server to access your resources when servicing your users\' transfer
+    -- requests.
+    role' :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListedAccess' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'externalId', 'listedAccess_externalId' - A unique identifier that is required to identify specific groups within
+-- your directory. The users of the group that you associate have access to
+-- your Amazon S3 or Amazon EFS resources over the enabled protocols using
+-- Transfer Family. If you know the group name, you can view the SID values
+-- by running the following command using Windows PowerShell.
+--
+-- @Get-ADGroup -Filter {samAccountName -like \"@/@YourGroupName@/@*\"} -Properties * | Select SamAccountName,ObjectSid@
+--
+-- In that command, replace /YourGroupName/ with the name of your Active
+-- Directory group.
+--
+-- The regular expression used to validate this parameter is a string of
+-- characters consisting of uppercase and lowercase alphanumeric characters
+-- with no spaces. You can also include underscores or any of the following
+-- characters: =,.\@:\/-
+--
+-- 'homeDirectory', 'listedAccess_homeDirectory' - The landing directory (folder) for a user when they log in to the server
+-- using the client.
+--
+-- A @HomeDirectory@ example is @\/bucket_name\/home\/mydirectory@.
+--
+-- 'homeDirectoryType', 'listedAccess_homeDirectoryType' - The type of landing directory (folder) that you want your users\' home
+-- directory to be when they log in to the server. If you set it to @PATH@,
+-- the user will see the absolute Amazon S3 bucket or EFS paths as is in
+-- their file transfer protocol clients. If you set it @LOGICAL@, you need
+-- to provide mappings in the @HomeDirectoryMappings@ for how you want to
+-- make Amazon S3 or Amazon EFS paths visible to your users.
+--
+-- 'role'', 'listedAccess_role' - The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that controls your users\' access to your Amazon S3 bucket or
+-- Amazon EFS file system. The policies attached to this role determine the
+-- level of access that you want to provide your users when transferring
+-- files into and out of your Amazon S3 bucket or Amazon EFS file system.
+-- The IAM role should also contain a trust relationship that allows the
+-- server to access your resources when servicing your users\' transfer
+-- requests.
+newListedAccess ::
+  ListedAccess
+newListedAccess =
+  ListedAccess'
+    { externalId = Prelude.Nothing,
+      homeDirectory = Prelude.Nothing,
+      homeDirectoryType = Prelude.Nothing,
+      role' = Prelude.Nothing
+    }
+
+-- | A unique identifier that is required to identify specific groups within
+-- your directory. The users of the group that you associate have access to
+-- your Amazon S3 or Amazon EFS resources over the enabled protocols using
+-- Transfer Family. If you know the group name, you can view the SID values
+-- by running the following command using Windows PowerShell.
+--
+-- @Get-ADGroup -Filter {samAccountName -like \"@/@YourGroupName@/@*\"} -Properties * | Select SamAccountName,ObjectSid@
+--
+-- In that command, replace /YourGroupName/ with the name of your Active
+-- Directory group.
+--
+-- The regular expression used to validate this parameter is a string of
+-- characters consisting of uppercase and lowercase alphanumeric characters
+-- with no spaces. You can also include underscores or any of the following
+-- characters: =,.\@:\/-
+listedAccess_externalId :: Lens.Lens' ListedAccess (Prelude.Maybe Prelude.Text)
+listedAccess_externalId = Lens.lens (\ListedAccess' {externalId} -> externalId) (\s@ListedAccess' {} a -> s {externalId = a} :: ListedAccess)
+
+-- | The landing directory (folder) for a user when they log in to the server
+-- using the client.
+--
+-- A @HomeDirectory@ example is @\/bucket_name\/home\/mydirectory@.
+listedAccess_homeDirectory :: Lens.Lens' ListedAccess (Prelude.Maybe Prelude.Text)
+listedAccess_homeDirectory = Lens.lens (\ListedAccess' {homeDirectory} -> homeDirectory) (\s@ListedAccess' {} a -> s {homeDirectory = a} :: ListedAccess)
+
+-- | The type of landing directory (folder) that you want your users\' home
+-- directory to be when they log in to the server. If you set it to @PATH@,
+-- the user will see the absolute Amazon S3 bucket or EFS paths as is in
+-- their file transfer protocol clients. If you set it @LOGICAL@, you need
+-- to provide mappings in the @HomeDirectoryMappings@ for how you want to
+-- make Amazon S3 or Amazon EFS paths visible to your users.
+listedAccess_homeDirectoryType :: Lens.Lens' ListedAccess (Prelude.Maybe HomeDirectoryType)
+listedAccess_homeDirectoryType = Lens.lens (\ListedAccess' {homeDirectoryType} -> homeDirectoryType) (\s@ListedAccess' {} a -> s {homeDirectoryType = a} :: ListedAccess)
+
+-- | The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that controls your users\' access to your Amazon S3 bucket or
+-- Amazon EFS file system. The policies attached to this role determine the
+-- level of access that you want to provide your users when transferring
+-- files into and out of your Amazon S3 bucket or Amazon EFS file system.
+-- The IAM role should also contain a trust relationship that allows the
+-- server to access your resources when servicing your users\' transfer
+-- requests.
+listedAccess_role :: Lens.Lens' ListedAccess (Prelude.Maybe Prelude.Text)
+listedAccess_role = Lens.lens (\ListedAccess' {role'} -> role') (\s@ListedAccess' {} a -> s {role' = a} :: ListedAccess)
+
+instance Data.FromJSON ListedAccess where
+  parseJSON =
+    Data.withObject
+      "ListedAccess"
+      ( \x ->
+          ListedAccess'
+            Prelude.<$> (x Data..:? "ExternalId")
+            Prelude.<*> (x Data..:? "HomeDirectory")
+            Prelude.<*> (x Data..:? "HomeDirectoryType")
+            Prelude.<*> (x Data..:? "Role")
+      )
+
+instance Prelude.Hashable ListedAccess where
+  hashWithSalt _salt ListedAccess' {..} =
+    _salt
+      `Prelude.hashWithSalt` externalId
+      `Prelude.hashWithSalt` homeDirectory
+      `Prelude.hashWithSalt` homeDirectoryType
+      `Prelude.hashWithSalt` role'
+
+instance Prelude.NFData ListedAccess where
+  rnf ListedAccess' {..} =
+    Prelude.rnf externalId
+      `Prelude.seq` Prelude.rnf homeDirectory
+      `Prelude.seq` Prelude.rnf homeDirectoryType
+      `Prelude.seq` Prelude.rnf role'
diff --git a/gen/Amazonka/Transfer/Types/ListedAgreement.hs b/gen/Amazonka/Transfer/Types/ListedAgreement.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/ListedAgreement.hs
@@ -0,0 +1,151 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.ListedAgreement
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.ListedAgreement where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.AgreementStatusType
+
+-- | Describes the properties of an agreement.
+--
+-- /See:/ 'newListedAgreement' smart constructor.
+data ListedAgreement = ListedAgreement'
+  { -- | A unique identifier for the agreement. This identifier is returned when
+    -- you create an agreement.
+    agreementId :: Prelude.Maybe Prelude.Text,
+    -- | The Amazon Resource Name (ARN) of the specified agreement.
+    arn :: Prelude.Maybe Prelude.Text,
+    -- | The current description for the agreement. You can change it by calling
+    -- the @UpdateAgreement@ operation and providing a new description.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | A unique identifier for the AS2 local profile.
+    localProfileId :: Prelude.Maybe Prelude.Text,
+    -- | A unique identifier for the partner profile.
+    partnerProfileId :: Prelude.Maybe Prelude.Text,
+    -- | The unique identifier for the agreement.
+    serverId :: Prelude.Maybe Prelude.Text,
+    -- | The agreement can be either @ACTIVE@ or @INACTIVE@.
+    status :: Prelude.Maybe AgreementStatusType
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListedAgreement' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'agreementId', 'listedAgreement_agreementId' - A unique identifier for the agreement. This identifier is returned when
+-- you create an agreement.
+--
+-- 'arn', 'listedAgreement_arn' - The Amazon Resource Name (ARN) of the specified agreement.
+--
+-- 'description', 'listedAgreement_description' - The current description for the agreement. You can change it by calling
+-- the @UpdateAgreement@ operation and providing a new description.
+--
+-- 'localProfileId', 'listedAgreement_localProfileId' - A unique identifier for the AS2 local profile.
+--
+-- 'partnerProfileId', 'listedAgreement_partnerProfileId' - A unique identifier for the partner profile.
+--
+-- 'serverId', 'listedAgreement_serverId' - The unique identifier for the agreement.
+--
+-- 'status', 'listedAgreement_status' - The agreement can be either @ACTIVE@ or @INACTIVE@.
+newListedAgreement ::
+  ListedAgreement
+newListedAgreement =
+  ListedAgreement'
+    { agreementId = Prelude.Nothing,
+      arn = Prelude.Nothing,
+      description = Prelude.Nothing,
+      localProfileId = Prelude.Nothing,
+      partnerProfileId = Prelude.Nothing,
+      serverId = Prelude.Nothing,
+      status = Prelude.Nothing
+    }
+
+-- | A unique identifier for the agreement. This identifier is returned when
+-- you create an agreement.
+listedAgreement_agreementId :: Lens.Lens' ListedAgreement (Prelude.Maybe Prelude.Text)
+listedAgreement_agreementId = Lens.lens (\ListedAgreement' {agreementId} -> agreementId) (\s@ListedAgreement' {} a -> s {agreementId = a} :: ListedAgreement)
+
+-- | The Amazon Resource Name (ARN) of the specified agreement.
+listedAgreement_arn :: Lens.Lens' ListedAgreement (Prelude.Maybe Prelude.Text)
+listedAgreement_arn = Lens.lens (\ListedAgreement' {arn} -> arn) (\s@ListedAgreement' {} a -> s {arn = a} :: ListedAgreement)
+
+-- | The current description for the agreement. You can change it by calling
+-- the @UpdateAgreement@ operation and providing a new description.
+listedAgreement_description :: Lens.Lens' ListedAgreement (Prelude.Maybe Prelude.Text)
+listedAgreement_description = Lens.lens (\ListedAgreement' {description} -> description) (\s@ListedAgreement' {} a -> s {description = a} :: ListedAgreement)
+
+-- | A unique identifier for the AS2 local profile.
+listedAgreement_localProfileId :: Lens.Lens' ListedAgreement (Prelude.Maybe Prelude.Text)
+listedAgreement_localProfileId = Lens.lens (\ListedAgreement' {localProfileId} -> localProfileId) (\s@ListedAgreement' {} a -> s {localProfileId = a} :: ListedAgreement)
+
+-- | A unique identifier for the partner profile.
+listedAgreement_partnerProfileId :: Lens.Lens' ListedAgreement (Prelude.Maybe Prelude.Text)
+listedAgreement_partnerProfileId = Lens.lens (\ListedAgreement' {partnerProfileId} -> partnerProfileId) (\s@ListedAgreement' {} a -> s {partnerProfileId = a} :: ListedAgreement)
+
+-- | The unique identifier for the agreement.
+listedAgreement_serverId :: Lens.Lens' ListedAgreement (Prelude.Maybe Prelude.Text)
+listedAgreement_serverId = Lens.lens (\ListedAgreement' {serverId} -> serverId) (\s@ListedAgreement' {} a -> s {serverId = a} :: ListedAgreement)
+
+-- | The agreement can be either @ACTIVE@ or @INACTIVE@.
+listedAgreement_status :: Lens.Lens' ListedAgreement (Prelude.Maybe AgreementStatusType)
+listedAgreement_status = Lens.lens (\ListedAgreement' {status} -> status) (\s@ListedAgreement' {} a -> s {status = a} :: ListedAgreement)
+
+instance Data.FromJSON ListedAgreement where
+  parseJSON =
+    Data.withObject
+      "ListedAgreement"
+      ( \x ->
+          ListedAgreement'
+            Prelude.<$> (x Data..:? "AgreementId")
+            Prelude.<*> (x Data..:? "Arn")
+            Prelude.<*> (x Data..:? "Description")
+            Prelude.<*> (x Data..:? "LocalProfileId")
+            Prelude.<*> (x Data..:? "PartnerProfileId")
+            Prelude.<*> (x Data..:? "ServerId")
+            Prelude.<*> (x Data..:? "Status")
+      )
+
+instance Prelude.Hashable ListedAgreement where
+  hashWithSalt _salt ListedAgreement' {..} =
+    _salt
+      `Prelude.hashWithSalt` agreementId
+      `Prelude.hashWithSalt` arn
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` localProfileId
+      `Prelude.hashWithSalt` partnerProfileId
+      `Prelude.hashWithSalt` serverId
+      `Prelude.hashWithSalt` status
+
+instance Prelude.NFData ListedAgreement where
+  rnf ListedAgreement' {..} =
+    Prelude.rnf agreementId
+      `Prelude.seq` Prelude.rnf arn
+      `Prelude.seq` Prelude.rnf description
+      `Prelude.seq` Prelude.rnf localProfileId
+      `Prelude.seq` Prelude.rnf partnerProfileId
+      `Prelude.seq` Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf status
diff --git a/gen/Amazonka/Transfer/Types/ListedCertificate.hs b/gen/Amazonka/Transfer/Types/ListedCertificate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/ListedCertificate.hs
@@ -0,0 +1,174 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.ListedCertificate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.ListedCertificate where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.CertificateStatusType
+import Amazonka.Transfer.Types.CertificateType
+import Amazonka.Transfer.Types.CertificateUsageType
+
+-- | Describes the properties of a certificate.
+--
+-- /See:/ 'newListedCertificate' smart constructor.
+data ListedCertificate = ListedCertificate'
+  { -- | An optional date that specifies when the certificate becomes active.
+    activeDate :: Prelude.Maybe Data.POSIX,
+    -- | The Amazon Resource Name (ARN) of the specified certificate.
+    arn :: Prelude.Maybe Prelude.Text,
+    -- | An array of identifiers for the imported certificates. You use this
+    -- identifier for working with profiles and partner profiles.
+    certificateId :: Prelude.Maybe Prelude.Text,
+    -- | The name or short description that\'s used to identify the certificate.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | An optional date that specifies when the certificate becomes inactive.
+    inactiveDate :: Prelude.Maybe Data.POSIX,
+    -- | The certificate can be either @ACTIVE@, @PENDING_ROTATION@, or
+    -- @INACTIVE@. @PENDING_ROTATION@ means that this certificate will replace
+    -- the current certificate when it expires.
+    status :: Prelude.Maybe CertificateStatusType,
+    -- | The type for the certificate. If a private key has been specified for
+    -- the certificate, its type is @CERTIFICATE_WITH_PRIVATE_KEY@. If there is
+    -- no private key, the type is @CERTIFICATE@.
+    type' :: Prelude.Maybe CertificateType,
+    -- | Specifies whether this certificate is used for signing or encryption.
+    usage :: Prelude.Maybe CertificateUsageType
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListedCertificate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'activeDate', 'listedCertificate_activeDate' - An optional date that specifies when the certificate becomes active.
+--
+-- 'arn', 'listedCertificate_arn' - The Amazon Resource Name (ARN) of the specified certificate.
+--
+-- 'certificateId', 'listedCertificate_certificateId' - An array of identifiers for the imported certificates. You use this
+-- identifier for working with profiles and partner profiles.
+--
+-- 'description', 'listedCertificate_description' - The name or short description that\'s used to identify the certificate.
+--
+-- 'inactiveDate', 'listedCertificate_inactiveDate' - An optional date that specifies when the certificate becomes inactive.
+--
+-- 'status', 'listedCertificate_status' - The certificate can be either @ACTIVE@, @PENDING_ROTATION@, or
+-- @INACTIVE@. @PENDING_ROTATION@ means that this certificate will replace
+-- the current certificate when it expires.
+--
+-- 'type'', 'listedCertificate_type' - The type for the certificate. If a private key has been specified for
+-- the certificate, its type is @CERTIFICATE_WITH_PRIVATE_KEY@. If there is
+-- no private key, the type is @CERTIFICATE@.
+--
+-- 'usage', 'listedCertificate_usage' - Specifies whether this certificate is used for signing or encryption.
+newListedCertificate ::
+  ListedCertificate
+newListedCertificate =
+  ListedCertificate'
+    { activeDate = Prelude.Nothing,
+      arn = Prelude.Nothing,
+      certificateId = Prelude.Nothing,
+      description = Prelude.Nothing,
+      inactiveDate = Prelude.Nothing,
+      status = Prelude.Nothing,
+      type' = Prelude.Nothing,
+      usage = Prelude.Nothing
+    }
+
+-- | An optional date that specifies when the certificate becomes active.
+listedCertificate_activeDate :: Lens.Lens' ListedCertificate (Prelude.Maybe Prelude.UTCTime)
+listedCertificate_activeDate = Lens.lens (\ListedCertificate' {activeDate} -> activeDate) (\s@ListedCertificate' {} a -> s {activeDate = a} :: ListedCertificate) Prelude.. Lens.mapping Data._Time
+
+-- | The Amazon Resource Name (ARN) of the specified certificate.
+listedCertificate_arn :: Lens.Lens' ListedCertificate (Prelude.Maybe Prelude.Text)
+listedCertificate_arn = Lens.lens (\ListedCertificate' {arn} -> arn) (\s@ListedCertificate' {} a -> s {arn = a} :: ListedCertificate)
+
+-- | An array of identifiers for the imported certificates. You use this
+-- identifier for working with profiles and partner profiles.
+listedCertificate_certificateId :: Lens.Lens' ListedCertificate (Prelude.Maybe Prelude.Text)
+listedCertificate_certificateId = Lens.lens (\ListedCertificate' {certificateId} -> certificateId) (\s@ListedCertificate' {} a -> s {certificateId = a} :: ListedCertificate)
+
+-- | The name or short description that\'s used to identify the certificate.
+listedCertificate_description :: Lens.Lens' ListedCertificate (Prelude.Maybe Prelude.Text)
+listedCertificate_description = Lens.lens (\ListedCertificate' {description} -> description) (\s@ListedCertificate' {} a -> s {description = a} :: ListedCertificate)
+
+-- | An optional date that specifies when the certificate becomes inactive.
+listedCertificate_inactiveDate :: Lens.Lens' ListedCertificate (Prelude.Maybe Prelude.UTCTime)
+listedCertificate_inactiveDate = Lens.lens (\ListedCertificate' {inactiveDate} -> inactiveDate) (\s@ListedCertificate' {} a -> s {inactiveDate = a} :: ListedCertificate) Prelude.. Lens.mapping Data._Time
+
+-- | The certificate can be either @ACTIVE@, @PENDING_ROTATION@, or
+-- @INACTIVE@. @PENDING_ROTATION@ means that this certificate will replace
+-- the current certificate when it expires.
+listedCertificate_status :: Lens.Lens' ListedCertificate (Prelude.Maybe CertificateStatusType)
+listedCertificate_status = Lens.lens (\ListedCertificate' {status} -> status) (\s@ListedCertificate' {} a -> s {status = a} :: ListedCertificate)
+
+-- | The type for the certificate. If a private key has been specified for
+-- the certificate, its type is @CERTIFICATE_WITH_PRIVATE_KEY@. If there is
+-- no private key, the type is @CERTIFICATE@.
+listedCertificate_type :: Lens.Lens' ListedCertificate (Prelude.Maybe CertificateType)
+listedCertificate_type = Lens.lens (\ListedCertificate' {type'} -> type') (\s@ListedCertificate' {} a -> s {type' = a} :: ListedCertificate)
+
+-- | Specifies whether this certificate is used for signing or encryption.
+listedCertificate_usage :: Lens.Lens' ListedCertificate (Prelude.Maybe CertificateUsageType)
+listedCertificate_usage = Lens.lens (\ListedCertificate' {usage} -> usage) (\s@ListedCertificate' {} a -> s {usage = a} :: ListedCertificate)
+
+instance Data.FromJSON ListedCertificate where
+  parseJSON =
+    Data.withObject
+      "ListedCertificate"
+      ( \x ->
+          ListedCertificate'
+            Prelude.<$> (x Data..:? "ActiveDate")
+            Prelude.<*> (x Data..:? "Arn")
+            Prelude.<*> (x Data..:? "CertificateId")
+            Prelude.<*> (x Data..:? "Description")
+            Prelude.<*> (x Data..:? "InactiveDate")
+            Prelude.<*> (x Data..:? "Status")
+            Prelude.<*> (x Data..:? "Type")
+            Prelude.<*> (x Data..:? "Usage")
+      )
+
+instance Prelude.Hashable ListedCertificate where
+  hashWithSalt _salt ListedCertificate' {..} =
+    _salt
+      `Prelude.hashWithSalt` activeDate
+      `Prelude.hashWithSalt` arn
+      `Prelude.hashWithSalt` certificateId
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` inactiveDate
+      `Prelude.hashWithSalt` status
+      `Prelude.hashWithSalt` type'
+      `Prelude.hashWithSalt` usage
+
+instance Prelude.NFData ListedCertificate where
+  rnf ListedCertificate' {..} =
+    Prelude.rnf activeDate
+      `Prelude.seq` Prelude.rnf arn
+      `Prelude.seq` Prelude.rnf certificateId
+      `Prelude.seq` Prelude.rnf description
+      `Prelude.seq` Prelude.rnf inactiveDate
+      `Prelude.seq` Prelude.rnf status
+      `Prelude.seq` Prelude.rnf type'
+      `Prelude.seq` Prelude.rnf usage
diff --git a/gen/Amazonka/Transfer/Types/ListedConnector.hs b/gen/Amazonka/Transfer/Types/ListedConnector.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/ListedConnector.hs
@@ -0,0 +1,96 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.ListedConnector
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.ListedConnector where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Returns details of the connector that is specified.
+--
+-- /See:/ 'newListedConnector' smart constructor.
+data ListedConnector = ListedConnector'
+  { -- | The Amazon Resource Name (ARN) of the specified connector.
+    arn :: Prelude.Maybe Prelude.Text,
+    -- | The unique identifier for the connector.
+    connectorId :: Prelude.Maybe Prelude.Text,
+    -- | The URL of the partner\'s AS2 endpoint.
+    url :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListedConnector' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'arn', 'listedConnector_arn' - The Amazon Resource Name (ARN) of the specified connector.
+--
+-- 'connectorId', 'listedConnector_connectorId' - The unique identifier for the connector.
+--
+-- 'url', 'listedConnector_url' - The URL of the partner\'s AS2 endpoint.
+newListedConnector ::
+  ListedConnector
+newListedConnector =
+  ListedConnector'
+    { arn = Prelude.Nothing,
+      connectorId = Prelude.Nothing,
+      url = Prelude.Nothing
+    }
+
+-- | The Amazon Resource Name (ARN) of the specified connector.
+listedConnector_arn :: Lens.Lens' ListedConnector (Prelude.Maybe Prelude.Text)
+listedConnector_arn = Lens.lens (\ListedConnector' {arn} -> arn) (\s@ListedConnector' {} a -> s {arn = a} :: ListedConnector)
+
+-- | The unique identifier for the connector.
+listedConnector_connectorId :: Lens.Lens' ListedConnector (Prelude.Maybe Prelude.Text)
+listedConnector_connectorId = Lens.lens (\ListedConnector' {connectorId} -> connectorId) (\s@ListedConnector' {} a -> s {connectorId = a} :: ListedConnector)
+
+-- | The URL of the partner\'s AS2 endpoint.
+listedConnector_url :: Lens.Lens' ListedConnector (Prelude.Maybe Prelude.Text)
+listedConnector_url = Lens.lens (\ListedConnector' {url} -> url) (\s@ListedConnector' {} a -> s {url = a} :: ListedConnector)
+
+instance Data.FromJSON ListedConnector where
+  parseJSON =
+    Data.withObject
+      "ListedConnector"
+      ( \x ->
+          ListedConnector'
+            Prelude.<$> (x Data..:? "Arn")
+            Prelude.<*> (x Data..:? "ConnectorId")
+            Prelude.<*> (x Data..:? "Url")
+      )
+
+instance Prelude.Hashable ListedConnector where
+  hashWithSalt _salt ListedConnector' {..} =
+    _salt
+      `Prelude.hashWithSalt` arn
+      `Prelude.hashWithSalt` connectorId
+      `Prelude.hashWithSalt` url
+
+instance Prelude.NFData ListedConnector where
+  rnf ListedConnector' {..} =
+    Prelude.rnf arn
+      `Prelude.seq` Prelude.rnf connectorId
+      `Prelude.seq` Prelude.rnf url
diff --git a/gen/Amazonka/Transfer/Types/ListedExecution.hs b/gen/Amazonka/Transfer/Types/ListedExecution.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/ListedExecution.hs
@@ -0,0 +1,123 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.ListedExecution
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.ListedExecution where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.ExecutionStatus
+import Amazonka.Transfer.Types.FileLocation
+import Amazonka.Transfer.Types.ServiceMetadata
+
+-- | Returns properties of the execution that is specified.
+--
+-- /See:/ 'newListedExecution' smart constructor.
+data ListedExecution = ListedExecution'
+  { -- | A unique identifier for the execution of a workflow.
+    executionId :: Prelude.Maybe Prelude.Text,
+    -- | A structure that describes the Amazon S3 or EFS file location. This is
+    -- the file location when the execution begins: if the file is being
+    -- copied, this is the initial (as opposed to destination) file location.
+    initialFileLocation :: Prelude.Maybe FileLocation,
+    -- | A container object for the session details that are associated with a
+    -- workflow.
+    serviceMetadata :: Prelude.Maybe ServiceMetadata,
+    -- | The status is one of the execution. Can be in progress, completed,
+    -- exception encountered, or handling the exception.
+    status :: Prelude.Maybe ExecutionStatus
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListedExecution' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'executionId', 'listedExecution_executionId' - A unique identifier for the execution of a workflow.
+--
+-- 'initialFileLocation', 'listedExecution_initialFileLocation' - A structure that describes the Amazon S3 or EFS file location. This is
+-- the file location when the execution begins: if the file is being
+-- copied, this is the initial (as opposed to destination) file location.
+--
+-- 'serviceMetadata', 'listedExecution_serviceMetadata' - A container object for the session details that are associated with a
+-- workflow.
+--
+-- 'status', 'listedExecution_status' - The status is one of the execution. Can be in progress, completed,
+-- exception encountered, or handling the exception.
+newListedExecution ::
+  ListedExecution
+newListedExecution =
+  ListedExecution'
+    { executionId = Prelude.Nothing,
+      initialFileLocation = Prelude.Nothing,
+      serviceMetadata = Prelude.Nothing,
+      status = Prelude.Nothing
+    }
+
+-- | A unique identifier for the execution of a workflow.
+listedExecution_executionId :: Lens.Lens' ListedExecution (Prelude.Maybe Prelude.Text)
+listedExecution_executionId = Lens.lens (\ListedExecution' {executionId} -> executionId) (\s@ListedExecution' {} a -> s {executionId = a} :: ListedExecution)
+
+-- | A structure that describes the Amazon S3 or EFS file location. This is
+-- the file location when the execution begins: if the file is being
+-- copied, this is the initial (as opposed to destination) file location.
+listedExecution_initialFileLocation :: Lens.Lens' ListedExecution (Prelude.Maybe FileLocation)
+listedExecution_initialFileLocation = Lens.lens (\ListedExecution' {initialFileLocation} -> initialFileLocation) (\s@ListedExecution' {} a -> s {initialFileLocation = a} :: ListedExecution)
+
+-- | A container object for the session details that are associated with a
+-- workflow.
+listedExecution_serviceMetadata :: Lens.Lens' ListedExecution (Prelude.Maybe ServiceMetadata)
+listedExecution_serviceMetadata = Lens.lens (\ListedExecution' {serviceMetadata} -> serviceMetadata) (\s@ListedExecution' {} a -> s {serviceMetadata = a} :: ListedExecution)
+
+-- | The status is one of the execution. Can be in progress, completed,
+-- exception encountered, or handling the exception.
+listedExecution_status :: Lens.Lens' ListedExecution (Prelude.Maybe ExecutionStatus)
+listedExecution_status = Lens.lens (\ListedExecution' {status} -> status) (\s@ListedExecution' {} a -> s {status = a} :: ListedExecution)
+
+instance Data.FromJSON ListedExecution where
+  parseJSON =
+    Data.withObject
+      "ListedExecution"
+      ( \x ->
+          ListedExecution'
+            Prelude.<$> (x Data..:? "ExecutionId")
+            Prelude.<*> (x Data..:? "InitialFileLocation")
+            Prelude.<*> (x Data..:? "ServiceMetadata")
+            Prelude.<*> (x Data..:? "Status")
+      )
+
+instance Prelude.Hashable ListedExecution where
+  hashWithSalt _salt ListedExecution' {..} =
+    _salt
+      `Prelude.hashWithSalt` executionId
+      `Prelude.hashWithSalt` initialFileLocation
+      `Prelude.hashWithSalt` serviceMetadata
+      `Prelude.hashWithSalt` status
+
+instance Prelude.NFData ListedExecution where
+  rnf ListedExecution' {..} =
+    Prelude.rnf executionId
+      `Prelude.seq` Prelude.rnf initialFileLocation
+      `Prelude.seq` Prelude.rnf serviceMetadata
+      `Prelude.seq` Prelude.rnf status
diff --git a/gen/Amazonka/Transfer/Types/ListedHostKey.hs b/gen/Amazonka/Transfer/Types/ListedHostKey.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/ListedHostKey.hs
@@ -0,0 +1,173 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.ListedHostKey
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.ListedHostKey where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Returns properties of the host key that\'s specified.
+--
+-- /See:/ 'newListedHostKey' smart constructor.
+data ListedHostKey = ListedHostKey'
+  { -- | The date on which the host key was added to the server.
+    dateImported :: Prelude.Maybe Data.POSIX,
+    -- | The current description for the host key. You can change it by calling
+    -- the @UpdateHostKey@ operation and providing a new description.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | The public key fingerprint, which is a short sequence of bytes used to
+    -- identify the longer public key.
+    fingerprint :: Prelude.Maybe Prelude.Text,
+    -- | A unique identifier for the host key.
+    hostKeyId :: Prelude.Maybe Prelude.Text,
+    -- | The encryption algorithm that is used for the host key. The @Type@
+    -- parameter is specified by using one of the following values:
+    --
+    -- -   @ssh-rsa@
+    --
+    -- -   @ssh-ed25519@
+    --
+    -- -   @ecdsa-sha2-nistp256@
+    --
+    -- -   @ecdsa-sha2-nistp384@
+    --
+    -- -   @ecdsa-sha2-nistp521@
+    type' :: Prelude.Maybe Prelude.Text,
+    -- | The unique Amazon Resource Name (ARN) of the host key.
+    arn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListedHostKey' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'dateImported', 'listedHostKey_dateImported' - The date on which the host key was added to the server.
+--
+-- 'description', 'listedHostKey_description' - The current description for the host key. You can change it by calling
+-- the @UpdateHostKey@ operation and providing a new description.
+--
+-- 'fingerprint', 'listedHostKey_fingerprint' - The public key fingerprint, which is a short sequence of bytes used to
+-- identify the longer public key.
+--
+-- 'hostKeyId', 'listedHostKey_hostKeyId' - A unique identifier for the host key.
+--
+-- 'type'', 'listedHostKey_type' - The encryption algorithm that is used for the host key. The @Type@
+-- parameter is specified by using one of the following values:
+--
+-- -   @ssh-rsa@
+--
+-- -   @ssh-ed25519@
+--
+-- -   @ecdsa-sha2-nistp256@
+--
+-- -   @ecdsa-sha2-nistp384@
+--
+-- -   @ecdsa-sha2-nistp521@
+--
+-- 'arn', 'listedHostKey_arn' - The unique Amazon Resource Name (ARN) of the host key.
+newListedHostKey ::
+  -- | 'arn'
+  Prelude.Text ->
+  ListedHostKey
+newListedHostKey pArn_ =
+  ListedHostKey'
+    { dateImported = Prelude.Nothing,
+      description = Prelude.Nothing,
+      fingerprint = Prelude.Nothing,
+      hostKeyId = Prelude.Nothing,
+      type' = Prelude.Nothing,
+      arn = pArn_
+    }
+
+-- | The date on which the host key was added to the server.
+listedHostKey_dateImported :: Lens.Lens' ListedHostKey (Prelude.Maybe Prelude.UTCTime)
+listedHostKey_dateImported = Lens.lens (\ListedHostKey' {dateImported} -> dateImported) (\s@ListedHostKey' {} a -> s {dateImported = a} :: ListedHostKey) Prelude.. Lens.mapping Data._Time
+
+-- | The current description for the host key. You can change it by calling
+-- the @UpdateHostKey@ operation and providing a new description.
+listedHostKey_description :: Lens.Lens' ListedHostKey (Prelude.Maybe Prelude.Text)
+listedHostKey_description = Lens.lens (\ListedHostKey' {description} -> description) (\s@ListedHostKey' {} a -> s {description = a} :: ListedHostKey)
+
+-- | The public key fingerprint, which is a short sequence of bytes used to
+-- identify the longer public key.
+listedHostKey_fingerprint :: Lens.Lens' ListedHostKey (Prelude.Maybe Prelude.Text)
+listedHostKey_fingerprint = Lens.lens (\ListedHostKey' {fingerprint} -> fingerprint) (\s@ListedHostKey' {} a -> s {fingerprint = a} :: ListedHostKey)
+
+-- | A unique identifier for the host key.
+listedHostKey_hostKeyId :: Lens.Lens' ListedHostKey (Prelude.Maybe Prelude.Text)
+listedHostKey_hostKeyId = Lens.lens (\ListedHostKey' {hostKeyId} -> hostKeyId) (\s@ListedHostKey' {} a -> s {hostKeyId = a} :: ListedHostKey)
+
+-- | The encryption algorithm that is used for the host key. The @Type@
+-- parameter is specified by using one of the following values:
+--
+-- -   @ssh-rsa@
+--
+-- -   @ssh-ed25519@
+--
+-- -   @ecdsa-sha2-nistp256@
+--
+-- -   @ecdsa-sha2-nistp384@
+--
+-- -   @ecdsa-sha2-nistp521@
+listedHostKey_type :: Lens.Lens' ListedHostKey (Prelude.Maybe Prelude.Text)
+listedHostKey_type = Lens.lens (\ListedHostKey' {type'} -> type') (\s@ListedHostKey' {} a -> s {type' = a} :: ListedHostKey)
+
+-- | The unique Amazon Resource Name (ARN) of the host key.
+listedHostKey_arn :: Lens.Lens' ListedHostKey Prelude.Text
+listedHostKey_arn = Lens.lens (\ListedHostKey' {arn} -> arn) (\s@ListedHostKey' {} a -> s {arn = a} :: ListedHostKey)
+
+instance Data.FromJSON ListedHostKey where
+  parseJSON =
+    Data.withObject
+      "ListedHostKey"
+      ( \x ->
+          ListedHostKey'
+            Prelude.<$> (x Data..:? "DateImported")
+            Prelude.<*> (x Data..:? "Description")
+            Prelude.<*> (x Data..:? "Fingerprint")
+            Prelude.<*> (x Data..:? "HostKeyId")
+            Prelude.<*> (x Data..:? "Type")
+            Prelude.<*> (x Data..: "Arn")
+      )
+
+instance Prelude.Hashable ListedHostKey where
+  hashWithSalt _salt ListedHostKey' {..} =
+    _salt
+      `Prelude.hashWithSalt` dateImported
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` fingerprint
+      `Prelude.hashWithSalt` hostKeyId
+      `Prelude.hashWithSalt` type'
+      `Prelude.hashWithSalt` arn
+
+instance Prelude.NFData ListedHostKey where
+  rnf ListedHostKey' {..} =
+    Prelude.rnf dateImported
+      `Prelude.seq` Prelude.rnf description
+      `Prelude.seq` Prelude.rnf fingerprint
+      `Prelude.seq` Prelude.rnf hostKeyId
+      `Prelude.seq` Prelude.rnf type'
+      `Prelude.seq` Prelude.rnf arn
diff --git a/gen/Amazonka/Transfer/Types/ListedProfile.hs b/gen/Amazonka/Transfer/Types/ListedProfile.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/ListedProfile.hs
@@ -0,0 +1,130 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.ListedProfile
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.ListedProfile where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.ProfileType
+
+-- | Returns the properties of the profile that was specified.
+--
+-- /See:/ 'newListedProfile' smart constructor.
+data ListedProfile = ListedProfile'
+  { -- | The Amazon Resource Name (ARN) of the specified profile.
+    arn :: Prelude.Maybe Prelude.Text,
+    -- | The @As2Id@ is the /AS2-name/, as defined in the
+    -- <https://datatracker.ietf.org/doc/html/rfc4130 RFC 4130>. For inbound
+    -- transfers, this is the @AS2-From@ header for the AS2 messages sent from
+    -- the partner. For outbound connectors, this is the @AS2-To@ header for
+    -- the AS2 messages sent to the partner using the @StartFileTransfer@ API
+    -- operation. This ID cannot include spaces.
+    as2Id :: Prelude.Maybe Prelude.Text,
+    -- | A unique identifier for the local or partner AS2 profile.
+    profileId :: Prelude.Maybe Prelude.Text,
+    -- | Indicates whether to list only @LOCAL@ type profiles or only @PARTNER@
+    -- type profiles. If not supplied in the request, the command lists all
+    -- types of profiles.
+    profileType :: Prelude.Maybe ProfileType
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListedProfile' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'arn', 'listedProfile_arn' - The Amazon Resource Name (ARN) of the specified profile.
+--
+-- 'as2Id', 'listedProfile_as2Id' - The @As2Id@ is the /AS2-name/, as defined in the
+-- <https://datatracker.ietf.org/doc/html/rfc4130 RFC 4130>. For inbound
+-- transfers, this is the @AS2-From@ header for the AS2 messages sent from
+-- the partner. For outbound connectors, this is the @AS2-To@ header for
+-- the AS2 messages sent to the partner using the @StartFileTransfer@ API
+-- operation. This ID cannot include spaces.
+--
+-- 'profileId', 'listedProfile_profileId' - A unique identifier for the local or partner AS2 profile.
+--
+-- 'profileType', 'listedProfile_profileType' - Indicates whether to list only @LOCAL@ type profiles or only @PARTNER@
+-- type profiles. If not supplied in the request, the command lists all
+-- types of profiles.
+newListedProfile ::
+  ListedProfile
+newListedProfile =
+  ListedProfile'
+    { arn = Prelude.Nothing,
+      as2Id = Prelude.Nothing,
+      profileId = Prelude.Nothing,
+      profileType = Prelude.Nothing
+    }
+
+-- | The Amazon Resource Name (ARN) of the specified profile.
+listedProfile_arn :: Lens.Lens' ListedProfile (Prelude.Maybe Prelude.Text)
+listedProfile_arn = Lens.lens (\ListedProfile' {arn} -> arn) (\s@ListedProfile' {} a -> s {arn = a} :: ListedProfile)
+
+-- | The @As2Id@ is the /AS2-name/, as defined in the
+-- <https://datatracker.ietf.org/doc/html/rfc4130 RFC 4130>. For inbound
+-- transfers, this is the @AS2-From@ header for the AS2 messages sent from
+-- the partner. For outbound connectors, this is the @AS2-To@ header for
+-- the AS2 messages sent to the partner using the @StartFileTransfer@ API
+-- operation. This ID cannot include spaces.
+listedProfile_as2Id :: Lens.Lens' ListedProfile (Prelude.Maybe Prelude.Text)
+listedProfile_as2Id = Lens.lens (\ListedProfile' {as2Id} -> as2Id) (\s@ListedProfile' {} a -> s {as2Id = a} :: ListedProfile)
+
+-- | A unique identifier for the local or partner AS2 profile.
+listedProfile_profileId :: Lens.Lens' ListedProfile (Prelude.Maybe Prelude.Text)
+listedProfile_profileId = Lens.lens (\ListedProfile' {profileId} -> profileId) (\s@ListedProfile' {} a -> s {profileId = a} :: ListedProfile)
+
+-- | Indicates whether to list only @LOCAL@ type profiles or only @PARTNER@
+-- type profiles. If not supplied in the request, the command lists all
+-- types of profiles.
+listedProfile_profileType :: Lens.Lens' ListedProfile (Prelude.Maybe ProfileType)
+listedProfile_profileType = Lens.lens (\ListedProfile' {profileType} -> profileType) (\s@ListedProfile' {} a -> s {profileType = a} :: ListedProfile)
+
+instance Data.FromJSON ListedProfile where
+  parseJSON =
+    Data.withObject
+      "ListedProfile"
+      ( \x ->
+          ListedProfile'
+            Prelude.<$> (x Data..:? "Arn")
+            Prelude.<*> (x Data..:? "As2Id")
+            Prelude.<*> (x Data..:? "ProfileId")
+            Prelude.<*> (x Data..:? "ProfileType")
+      )
+
+instance Prelude.Hashable ListedProfile where
+  hashWithSalt _salt ListedProfile' {..} =
+    _salt
+      `Prelude.hashWithSalt` arn
+      `Prelude.hashWithSalt` as2Id
+      `Prelude.hashWithSalt` profileId
+      `Prelude.hashWithSalt` profileType
+
+instance Prelude.NFData ListedProfile where
+  rnf ListedProfile' {..} =
+    Prelude.rnf arn
+      `Prelude.seq` Prelude.rnf as2Id
+      `Prelude.seq` Prelude.rnf profileId
+      `Prelude.seq` Prelude.rnf profileType
diff --git a/gen/Amazonka/Transfer/Types/ListedServer.hs b/gen/Amazonka/Transfer/Types/ListedServer.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/ListedServer.hs
@@ -0,0 +1,268 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.ListedServer
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.ListedServer where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.Domain
+import Amazonka.Transfer.Types.EndpointType
+import Amazonka.Transfer.Types.IdentityProviderType
+import Amazonka.Transfer.Types.State
+
+-- | Returns properties of a file transfer protocol-enabled server that was
+-- specified.
+--
+-- /See:/ 'newListedServer' smart constructor.
+data ListedServer = ListedServer'
+  { -- | Specifies the domain of the storage system that is used for file
+    -- transfers.
+    domain :: Prelude.Maybe Domain,
+    -- | Specifies the type of VPC endpoint that your server is connected to. If
+    -- your server is connected to a VPC endpoint, your server isn\'t
+    -- accessible over the public internet.
+    endpointType :: Prelude.Maybe EndpointType,
+    -- | The mode of authentication for a server. The default value is
+    -- @SERVICE_MANAGED@, which allows you to store and access user credentials
+    -- within the Transfer Family service.
+    --
+    -- Use @AWS_DIRECTORY_SERVICE@ to provide access to Active Directory groups
+    -- in Directory Service for Microsoft Active Directory or Microsoft Active
+    -- Directory in your on-premises environment or in Amazon Web Services
+    -- using AD Connector. This option also requires you to provide a Directory
+    -- ID by using the @IdentityProviderDetails@ parameter.
+    --
+    -- Use the @API_GATEWAY@ value to integrate with an identity provider of
+    -- your choosing. The @API_GATEWAY@ setting requires you to provide an
+    -- Amazon API Gateway endpoint URL to call for authentication by using the
+    -- @IdentityProviderDetails@ parameter.
+    --
+    -- Use the @AWS_LAMBDA@ value to directly use an Lambda function as your
+    -- identity provider. If you choose this value, you must specify the ARN
+    -- for the Lambda function in the @Function@ parameter or the
+    -- @IdentityProviderDetails@ data type.
+    identityProviderType :: Prelude.Maybe IdentityProviderType,
+    -- | The Amazon Resource Name (ARN) of the Identity and Access Management
+    -- (IAM) role that allows a server to turn on Amazon CloudWatch logging for
+    -- Amazon S3 or Amazon EFSevents. When set, you can view user activity in
+    -- your CloudWatch logs.
+    loggingRole :: Prelude.Maybe Prelude.Text,
+    -- | Specifies the unique system assigned identifier for the servers that
+    -- were listed.
+    serverId :: Prelude.Maybe Prelude.Text,
+    -- | The condition of the server that was described. A value of @ONLINE@
+    -- indicates that the server can accept jobs and transfer files. A @State@
+    -- value of @OFFLINE@ means that the server cannot perform file transfer
+    -- operations.
+    --
+    -- The states of @STARTING@ and @STOPPING@ indicate that the server is in
+    -- an intermediate state, either not fully able to respond, or not fully
+    -- offline. The values of @START_FAILED@ or @STOP_FAILED@ can indicate an
+    -- error condition.
+    state :: Prelude.Maybe State,
+    -- | Specifies the number of users that are assigned to a server you
+    -- specified with the @ServerId@.
+    userCount :: Prelude.Maybe Prelude.Int,
+    -- | Specifies the unique Amazon Resource Name (ARN) for a server to be
+    -- listed.
+    arn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListedServer' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'domain', 'listedServer_domain' - Specifies the domain of the storage system that is used for file
+-- transfers.
+--
+-- 'endpointType', 'listedServer_endpointType' - Specifies the type of VPC endpoint that your server is connected to. If
+-- your server is connected to a VPC endpoint, your server isn\'t
+-- accessible over the public internet.
+--
+-- 'identityProviderType', 'listedServer_identityProviderType' - The mode of authentication for a server. The default value is
+-- @SERVICE_MANAGED@, which allows you to store and access user credentials
+-- within the Transfer Family service.
+--
+-- Use @AWS_DIRECTORY_SERVICE@ to provide access to Active Directory groups
+-- in Directory Service for Microsoft Active Directory or Microsoft Active
+-- Directory in your on-premises environment or in Amazon Web Services
+-- using AD Connector. This option also requires you to provide a Directory
+-- ID by using the @IdentityProviderDetails@ parameter.
+--
+-- Use the @API_GATEWAY@ value to integrate with an identity provider of
+-- your choosing. The @API_GATEWAY@ setting requires you to provide an
+-- Amazon API Gateway endpoint URL to call for authentication by using the
+-- @IdentityProviderDetails@ parameter.
+--
+-- Use the @AWS_LAMBDA@ value to directly use an Lambda function as your
+-- identity provider. If you choose this value, you must specify the ARN
+-- for the Lambda function in the @Function@ parameter or the
+-- @IdentityProviderDetails@ data type.
+--
+-- 'loggingRole', 'listedServer_loggingRole' - The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that allows a server to turn on Amazon CloudWatch logging for
+-- Amazon S3 or Amazon EFSevents. When set, you can view user activity in
+-- your CloudWatch logs.
+--
+-- 'serverId', 'listedServer_serverId' - Specifies the unique system assigned identifier for the servers that
+-- were listed.
+--
+-- 'state', 'listedServer_state' - The condition of the server that was described. A value of @ONLINE@
+-- indicates that the server can accept jobs and transfer files. A @State@
+-- value of @OFFLINE@ means that the server cannot perform file transfer
+-- operations.
+--
+-- The states of @STARTING@ and @STOPPING@ indicate that the server is in
+-- an intermediate state, either not fully able to respond, or not fully
+-- offline. The values of @START_FAILED@ or @STOP_FAILED@ can indicate an
+-- error condition.
+--
+-- 'userCount', 'listedServer_userCount' - Specifies the number of users that are assigned to a server you
+-- specified with the @ServerId@.
+--
+-- 'arn', 'listedServer_arn' - Specifies the unique Amazon Resource Name (ARN) for a server to be
+-- listed.
+newListedServer ::
+  -- | 'arn'
+  Prelude.Text ->
+  ListedServer
+newListedServer pArn_ =
+  ListedServer'
+    { domain = Prelude.Nothing,
+      endpointType = Prelude.Nothing,
+      identityProviderType = Prelude.Nothing,
+      loggingRole = Prelude.Nothing,
+      serverId = Prelude.Nothing,
+      state = Prelude.Nothing,
+      userCount = Prelude.Nothing,
+      arn = pArn_
+    }
+
+-- | Specifies the domain of the storage system that is used for file
+-- transfers.
+listedServer_domain :: Lens.Lens' ListedServer (Prelude.Maybe Domain)
+listedServer_domain = Lens.lens (\ListedServer' {domain} -> domain) (\s@ListedServer' {} a -> s {domain = a} :: ListedServer)
+
+-- | Specifies the type of VPC endpoint that your server is connected to. If
+-- your server is connected to a VPC endpoint, your server isn\'t
+-- accessible over the public internet.
+listedServer_endpointType :: Lens.Lens' ListedServer (Prelude.Maybe EndpointType)
+listedServer_endpointType = Lens.lens (\ListedServer' {endpointType} -> endpointType) (\s@ListedServer' {} a -> s {endpointType = a} :: ListedServer)
+
+-- | The mode of authentication for a server. The default value is
+-- @SERVICE_MANAGED@, which allows you to store and access user credentials
+-- within the Transfer Family service.
+--
+-- Use @AWS_DIRECTORY_SERVICE@ to provide access to Active Directory groups
+-- in Directory Service for Microsoft Active Directory or Microsoft Active
+-- Directory in your on-premises environment or in Amazon Web Services
+-- using AD Connector. This option also requires you to provide a Directory
+-- ID by using the @IdentityProviderDetails@ parameter.
+--
+-- Use the @API_GATEWAY@ value to integrate with an identity provider of
+-- your choosing. The @API_GATEWAY@ setting requires you to provide an
+-- Amazon API Gateway endpoint URL to call for authentication by using the
+-- @IdentityProviderDetails@ parameter.
+--
+-- Use the @AWS_LAMBDA@ value to directly use an Lambda function as your
+-- identity provider. If you choose this value, you must specify the ARN
+-- for the Lambda function in the @Function@ parameter or the
+-- @IdentityProviderDetails@ data type.
+listedServer_identityProviderType :: Lens.Lens' ListedServer (Prelude.Maybe IdentityProviderType)
+listedServer_identityProviderType = Lens.lens (\ListedServer' {identityProviderType} -> identityProviderType) (\s@ListedServer' {} a -> s {identityProviderType = a} :: ListedServer)
+
+-- | The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that allows a server to turn on Amazon CloudWatch logging for
+-- Amazon S3 or Amazon EFSevents. When set, you can view user activity in
+-- your CloudWatch logs.
+listedServer_loggingRole :: Lens.Lens' ListedServer (Prelude.Maybe Prelude.Text)
+listedServer_loggingRole = Lens.lens (\ListedServer' {loggingRole} -> loggingRole) (\s@ListedServer' {} a -> s {loggingRole = a} :: ListedServer)
+
+-- | Specifies the unique system assigned identifier for the servers that
+-- were listed.
+listedServer_serverId :: Lens.Lens' ListedServer (Prelude.Maybe Prelude.Text)
+listedServer_serverId = Lens.lens (\ListedServer' {serverId} -> serverId) (\s@ListedServer' {} a -> s {serverId = a} :: ListedServer)
+
+-- | The condition of the server that was described. A value of @ONLINE@
+-- indicates that the server can accept jobs and transfer files. A @State@
+-- value of @OFFLINE@ means that the server cannot perform file transfer
+-- operations.
+--
+-- The states of @STARTING@ and @STOPPING@ indicate that the server is in
+-- an intermediate state, either not fully able to respond, or not fully
+-- offline. The values of @START_FAILED@ or @STOP_FAILED@ can indicate an
+-- error condition.
+listedServer_state :: Lens.Lens' ListedServer (Prelude.Maybe State)
+listedServer_state = Lens.lens (\ListedServer' {state} -> state) (\s@ListedServer' {} a -> s {state = a} :: ListedServer)
+
+-- | Specifies the number of users that are assigned to a server you
+-- specified with the @ServerId@.
+listedServer_userCount :: Lens.Lens' ListedServer (Prelude.Maybe Prelude.Int)
+listedServer_userCount = Lens.lens (\ListedServer' {userCount} -> userCount) (\s@ListedServer' {} a -> s {userCount = a} :: ListedServer)
+
+-- | Specifies the unique Amazon Resource Name (ARN) for a server to be
+-- listed.
+listedServer_arn :: Lens.Lens' ListedServer Prelude.Text
+listedServer_arn = Lens.lens (\ListedServer' {arn} -> arn) (\s@ListedServer' {} a -> s {arn = a} :: ListedServer)
+
+instance Data.FromJSON ListedServer where
+  parseJSON =
+    Data.withObject
+      "ListedServer"
+      ( \x ->
+          ListedServer'
+            Prelude.<$> (x Data..:? "Domain")
+            Prelude.<*> (x Data..:? "EndpointType")
+            Prelude.<*> (x Data..:? "IdentityProviderType")
+            Prelude.<*> (x Data..:? "LoggingRole")
+            Prelude.<*> (x Data..:? "ServerId")
+            Prelude.<*> (x Data..:? "State")
+            Prelude.<*> (x Data..:? "UserCount")
+            Prelude.<*> (x Data..: "Arn")
+      )
+
+instance Prelude.Hashable ListedServer where
+  hashWithSalt _salt ListedServer' {..} =
+    _salt
+      `Prelude.hashWithSalt` domain
+      `Prelude.hashWithSalt` endpointType
+      `Prelude.hashWithSalt` identityProviderType
+      `Prelude.hashWithSalt` loggingRole
+      `Prelude.hashWithSalt` serverId
+      `Prelude.hashWithSalt` state
+      `Prelude.hashWithSalt` userCount
+      `Prelude.hashWithSalt` arn
+
+instance Prelude.NFData ListedServer where
+  rnf ListedServer' {..} =
+    Prelude.rnf domain
+      `Prelude.seq` Prelude.rnf endpointType
+      `Prelude.seq` Prelude.rnf identityProviderType
+      `Prelude.seq` Prelude.rnf loggingRole
+      `Prelude.seq` Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf state
+      `Prelude.seq` Prelude.rnf userCount
+      `Prelude.seq` Prelude.rnf arn
diff --git a/gen/Amazonka/Transfer/Types/ListedUser.hs b/gen/Amazonka/Transfer/Types/ListedUser.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/ListedUser.hs
@@ -0,0 +1,213 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.ListedUser
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.ListedUser where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.HomeDirectoryType
+
+-- | Returns properties of the user that you specify.
+--
+-- /See:/ 'newListedUser' smart constructor.
+data ListedUser = ListedUser'
+  { -- | The landing directory (folder) for a user when they log in to the server
+    -- using the client.
+    --
+    -- A @HomeDirectory@ example is @\/bucket_name\/home\/mydirectory@.
+    homeDirectory :: Prelude.Maybe Prelude.Text,
+    -- | The type of landing directory (folder) that you want your users\' home
+    -- directory to be when they log in to the server. If you set it to @PATH@,
+    -- the user will see the absolute Amazon S3 bucket or EFS paths as is in
+    -- their file transfer protocol clients. If you set it @LOGICAL@, you need
+    -- to provide mappings in the @HomeDirectoryMappings@ for how you want to
+    -- make Amazon S3 or Amazon EFS paths visible to your users.
+    homeDirectoryType :: Prelude.Maybe HomeDirectoryType,
+    -- | The Amazon Resource Name (ARN) of the Identity and Access Management
+    -- (IAM) role that controls your users\' access to your Amazon S3 bucket or
+    -- Amazon EFS file system. The policies attached to this role determine the
+    -- level of access that you want to provide your users when transferring
+    -- files into and out of your Amazon S3 bucket or Amazon EFS file system.
+    -- The IAM role should also contain a trust relationship that allows the
+    -- server to access your resources when servicing your users\' transfer
+    -- requests.
+    --
+    -- The IAM role that controls your users\' access to your Amazon S3 bucket
+    -- for servers with @Domain=S3@, or your EFS file system for servers with
+    -- @Domain=EFS@.
+    --
+    -- The policies attached to this role determine the level of access you
+    -- want to provide your users when transferring files into and out of your
+    -- S3 buckets or EFS file systems.
+    role' :: Prelude.Maybe Prelude.Text,
+    -- | Specifies the number of SSH public keys stored for the user you
+    -- specified.
+    sshPublicKeyCount :: Prelude.Maybe Prelude.Int,
+    -- | Specifies the name of the user whose ARN was specified. User names are
+    -- used for authentication purposes.
+    userName :: Prelude.Maybe Prelude.Text,
+    -- | Provides the unique Amazon Resource Name (ARN) for the user that you
+    -- want to learn about.
+    arn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListedUser' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'homeDirectory', 'listedUser_homeDirectory' - The landing directory (folder) for a user when they log in to the server
+-- using the client.
+--
+-- A @HomeDirectory@ example is @\/bucket_name\/home\/mydirectory@.
+--
+-- 'homeDirectoryType', 'listedUser_homeDirectoryType' - The type of landing directory (folder) that you want your users\' home
+-- directory to be when they log in to the server. If you set it to @PATH@,
+-- the user will see the absolute Amazon S3 bucket or EFS paths as is in
+-- their file transfer protocol clients. If you set it @LOGICAL@, you need
+-- to provide mappings in the @HomeDirectoryMappings@ for how you want to
+-- make Amazon S3 or Amazon EFS paths visible to your users.
+--
+-- 'role'', 'listedUser_role' - The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that controls your users\' access to your Amazon S3 bucket or
+-- Amazon EFS file system. The policies attached to this role determine the
+-- level of access that you want to provide your users when transferring
+-- files into and out of your Amazon S3 bucket or Amazon EFS file system.
+-- The IAM role should also contain a trust relationship that allows the
+-- server to access your resources when servicing your users\' transfer
+-- requests.
+--
+-- The IAM role that controls your users\' access to your Amazon S3 bucket
+-- for servers with @Domain=S3@, or your EFS file system for servers with
+-- @Domain=EFS@.
+--
+-- The policies attached to this role determine the level of access you
+-- want to provide your users when transferring files into and out of your
+-- S3 buckets or EFS file systems.
+--
+-- 'sshPublicKeyCount', 'listedUser_sshPublicKeyCount' - Specifies the number of SSH public keys stored for the user you
+-- specified.
+--
+-- 'userName', 'listedUser_userName' - Specifies the name of the user whose ARN was specified. User names are
+-- used for authentication purposes.
+--
+-- 'arn', 'listedUser_arn' - Provides the unique Amazon Resource Name (ARN) for the user that you
+-- want to learn about.
+newListedUser ::
+  -- | 'arn'
+  Prelude.Text ->
+  ListedUser
+newListedUser pArn_ =
+  ListedUser'
+    { homeDirectory = Prelude.Nothing,
+      homeDirectoryType = Prelude.Nothing,
+      role' = Prelude.Nothing,
+      sshPublicKeyCount = Prelude.Nothing,
+      userName = Prelude.Nothing,
+      arn = pArn_
+    }
+
+-- | The landing directory (folder) for a user when they log in to the server
+-- using the client.
+--
+-- A @HomeDirectory@ example is @\/bucket_name\/home\/mydirectory@.
+listedUser_homeDirectory :: Lens.Lens' ListedUser (Prelude.Maybe Prelude.Text)
+listedUser_homeDirectory = Lens.lens (\ListedUser' {homeDirectory} -> homeDirectory) (\s@ListedUser' {} a -> s {homeDirectory = a} :: ListedUser)
+
+-- | The type of landing directory (folder) that you want your users\' home
+-- directory to be when they log in to the server. If you set it to @PATH@,
+-- the user will see the absolute Amazon S3 bucket or EFS paths as is in
+-- their file transfer protocol clients. If you set it @LOGICAL@, you need
+-- to provide mappings in the @HomeDirectoryMappings@ for how you want to
+-- make Amazon S3 or Amazon EFS paths visible to your users.
+listedUser_homeDirectoryType :: Lens.Lens' ListedUser (Prelude.Maybe HomeDirectoryType)
+listedUser_homeDirectoryType = Lens.lens (\ListedUser' {homeDirectoryType} -> homeDirectoryType) (\s@ListedUser' {} a -> s {homeDirectoryType = a} :: ListedUser)
+
+-- | The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that controls your users\' access to your Amazon S3 bucket or
+-- Amazon EFS file system. The policies attached to this role determine the
+-- level of access that you want to provide your users when transferring
+-- files into and out of your Amazon S3 bucket or Amazon EFS file system.
+-- The IAM role should also contain a trust relationship that allows the
+-- server to access your resources when servicing your users\' transfer
+-- requests.
+--
+-- The IAM role that controls your users\' access to your Amazon S3 bucket
+-- for servers with @Domain=S3@, or your EFS file system for servers with
+-- @Domain=EFS@.
+--
+-- The policies attached to this role determine the level of access you
+-- want to provide your users when transferring files into and out of your
+-- S3 buckets or EFS file systems.
+listedUser_role :: Lens.Lens' ListedUser (Prelude.Maybe Prelude.Text)
+listedUser_role = Lens.lens (\ListedUser' {role'} -> role') (\s@ListedUser' {} a -> s {role' = a} :: ListedUser)
+
+-- | Specifies the number of SSH public keys stored for the user you
+-- specified.
+listedUser_sshPublicKeyCount :: Lens.Lens' ListedUser (Prelude.Maybe Prelude.Int)
+listedUser_sshPublicKeyCount = Lens.lens (\ListedUser' {sshPublicKeyCount} -> sshPublicKeyCount) (\s@ListedUser' {} a -> s {sshPublicKeyCount = a} :: ListedUser)
+
+-- | Specifies the name of the user whose ARN was specified. User names are
+-- used for authentication purposes.
+listedUser_userName :: Lens.Lens' ListedUser (Prelude.Maybe Prelude.Text)
+listedUser_userName = Lens.lens (\ListedUser' {userName} -> userName) (\s@ListedUser' {} a -> s {userName = a} :: ListedUser)
+
+-- | Provides the unique Amazon Resource Name (ARN) for the user that you
+-- want to learn about.
+listedUser_arn :: Lens.Lens' ListedUser Prelude.Text
+listedUser_arn = Lens.lens (\ListedUser' {arn} -> arn) (\s@ListedUser' {} a -> s {arn = a} :: ListedUser)
+
+instance Data.FromJSON ListedUser where
+  parseJSON =
+    Data.withObject
+      "ListedUser"
+      ( \x ->
+          ListedUser'
+            Prelude.<$> (x Data..:? "HomeDirectory")
+            Prelude.<*> (x Data..:? "HomeDirectoryType")
+            Prelude.<*> (x Data..:? "Role")
+            Prelude.<*> (x Data..:? "SshPublicKeyCount")
+            Prelude.<*> (x Data..:? "UserName")
+            Prelude.<*> (x Data..: "Arn")
+      )
+
+instance Prelude.Hashable ListedUser where
+  hashWithSalt _salt ListedUser' {..} =
+    _salt
+      `Prelude.hashWithSalt` homeDirectory
+      `Prelude.hashWithSalt` homeDirectoryType
+      `Prelude.hashWithSalt` role'
+      `Prelude.hashWithSalt` sshPublicKeyCount
+      `Prelude.hashWithSalt` userName
+      `Prelude.hashWithSalt` arn
+
+instance Prelude.NFData ListedUser where
+  rnf ListedUser' {..} =
+    Prelude.rnf homeDirectory
+      `Prelude.seq` Prelude.rnf homeDirectoryType
+      `Prelude.seq` Prelude.rnf role'
+      `Prelude.seq` Prelude.rnf sshPublicKeyCount
+      `Prelude.seq` Prelude.rnf userName
+      `Prelude.seq` Prelude.rnf arn
diff --git a/gen/Amazonka/Transfer/Types/ListedWorkflow.hs b/gen/Amazonka/Transfer/Types/ListedWorkflow.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/ListedWorkflow.hs
@@ -0,0 +1,97 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.ListedWorkflow
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.ListedWorkflow where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Contains the identifier, text description, and Amazon Resource Name
+-- (ARN) for the workflow.
+--
+-- /See:/ 'newListedWorkflow' smart constructor.
+data ListedWorkflow = ListedWorkflow'
+  { -- | Specifies the unique Amazon Resource Name (ARN) for the workflow.
+    arn :: Prelude.Maybe Prelude.Text,
+    -- | Specifies the text description for the workflow.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | A unique identifier for the workflow.
+    workflowId :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListedWorkflow' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'arn', 'listedWorkflow_arn' - Specifies the unique Amazon Resource Name (ARN) for the workflow.
+--
+-- 'description', 'listedWorkflow_description' - Specifies the text description for the workflow.
+--
+-- 'workflowId', 'listedWorkflow_workflowId' - A unique identifier for the workflow.
+newListedWorkflow ::
+  ListedWorkflow
+newListedWorkflow =
+  ListedWorkflow'
+    { arn = Prelude.Nothing,
+      description = Prelude.Nothing,
+      workflowId = Prelude.Nothing
+    }
+
+-- | Specifies the unique Amazon Resource Name (ARN) for the workflow.
+listedWorkflow_arn :: Lens.Lens' ListedWorkflow (Prelude.Maybe Prelude.Text)
+listedWorkflow_arn = Lens.lens (\ListedWorkflow' {arn} -> arn) (\s@ListedWorkflow' {} a -> s {arn = a} :: ListedWorkflow)
+
+-- | Specifies the text description for the workflow.
+listedWorkflow_description :: Lens.Lens' ListedWorkflow (Prelude.Maybe Prelude.Text)
+listedWorkflow_description = Lens.lens (\ListedWorkflow' {description} -> description) (\s@ListedWorkflow' {} a -> s {description = a} :: ListedWorkflow)
+
+-- | A unique identifier for the workflow.
+listedWorkflow_workflowId :: Lens.Lens' ListedWorkflow (Prelude.Maybe Prelude.Text)
+listedWorkflow_workflowId = Lens.lens (\ListedWorkflow' {workflowId} -> workflowId) (\s@ListedWorkflow' {} a -> s {workflowId = a} :: ListedWorkflow)
+
+instance Data.FromJSON ListedWorkflow where
+  parseJSON =
+    Data.withObject
+      "ListedWorkflow"
+      ( \x ->
+          ListedWorkflow'
+            Prelude.<$> (x Data..:? "Arn")
+            Prelude.<*> (x Data..:? "Description")
+            Prelude.<*> (x Data..:? "WorkflowId")
+      )
+
+instance Prelude.Hashable ListedWorkflow where
+  hashWithSalt _salt ListedWorkflow' {..} =
+    _salt
+      `Prelude.hashWithSalt` arn
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` workflowId
+
+instance Prelude.NFData ListedWorkflow where
+  rnf ListedWorkflow' {..} =
+    Prelude.rnf arn
+      `Prelude.seq` Prelude.rnf description
+      `Prelude.seq` Prelude.rnf workflowId
diff --git a/gen/Amazonka/Transfer/Types/LoggingConfiguration.hs b/gen/Amazonka/Transfer/Types/LoggingConfiguration.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/LoggingConfiguration.hs
@@ -0,0 +1,97 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.LoggingConfiguration
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.LoggingConfiguration where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Consists of the logging role and the log group name.
+--
+-- /See:/ 'newLoggingConfiguration' smart constructor.
+data LoggingConfiguration = LoggingConfiguration'
+  { -- | The name of the CloudWatch logging group for the Transfer Family server
+    -- to which this workflow belongs.
+    logGroupName :: Prelude.Maybe Prelude.Text,
+    -- | The Amazon Resource Name (ARN) of the Identity and Access Management
+    -- (IAM) role that allows a server to turn on Amazon CloudWatch logging for
+    -- Amazon S3 or Amazon EFSevents. When set, you can view user activity in
+    -- your CloudWatch logs.
+    loggingRole :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'LoggingConfiguration' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'logGroupName', 'loggingConfiguration_logGroupName' - The name of the CloudWatch logging group for the Transfer Family server
+-- to which this workflow belongs.
+--
+-- 'loggingRole', 'loggingConfiguration_loggingRole' - The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that allows a server to turn on Amazon CloudWatch logging for
+-- Amazon S3 or Amazon EFSevents. When set, you can view user activity in
+-- your CloudWatch logs.
+newLoggingConfiguration ::
+  LoggingConfiguration
+newLoggingConfiguration =
+  LoggingConfiguration'
+    { logGroupName =
+        Prelude.Nothing,
+      loggingRole = Prelude.Nothing
+    }
+
+-- | The name of the CloudWatch logging group for the Transfer Family server
+-- to which this workflow belongs.
+loggingConfiguration_logGroupName :: Lens.Lens' LoggingConfiguration (Prelude.Maybe Prelude.Text)
+loggingConfiguration_logGroupName = Lens.lens (\LoggingConfiguration' {logGroupName} -> logGroupName) (\s@LoggingConfiguration' {} a -> s {logGroupName = a} :: LoggingConfiguration)
+
+-- | The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that allows a server to turn on Amazon CloudWatch logging for
+-- Amazon S3 or Amazon EFSevents. When set, you can view user activity in
+-- your CloudWatch logs.
+loggingConfiguration_loggingRole :: Lens.Lens' LoggingConfiguration (Prelude.Maybe Prelude.Text)
+loggingConfiguration_loggingRole = Lens.lens (\LoggingConfiguration' {loggingRole} -> loggingRole) (\s@LoggingConfiguration' {} a -> s {loggingRole = a} :: LoggingConfiguration)
+
+instance Data.FromJSON LoggingConfiguration where
+  parseJSON =
+    Data.withObject
+      "LoggingConfiguration"
+      ( \x ->
+          LoggingConfiguration'
+            Prelude.<$> (x Data..:? "LogGroupName")
+            Prelude.<*> (x Data..:? "LoggingRole")
+      )
+
+instance Prelude.Hashable LoggingConfiguration where
+  hashWithSalt _salt LoggingConfiguration' {..} =
+    _salt
+      `Prelude.hashWithSalt` logGroupName
+      `Prelude.hashWithSalt` loggingRole
+
+instance Prelude.NFData LoggingConfiguration where
+  rnf LoggingConfiguration' {..} =
+    Prelude.rnf logGroupName
+      `Prelude.seq` Prelude.rnf loggingRole
diff --git a/gen/Amazonka/Transfer/Types/MdnResponse.hs b/gen/Amazonka/Transfer/Types/MdnResponse.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/MdnResponse.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.MdnResponse
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.MdnResponse
+  ( MdnResponse
+      ( ..,
+        MdnResponse_NONE,
+        MdnResponse_SYNC
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype MdnResponse = MdnResponse'
+  { fromMdnResponse ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern MdnResponse_NONE :: MdnResponse
+pattern MdnResponse_NONE = MdnResponse' "NONE"
+
+pattern MdnResponse_SYNC :: MdnResponse
+pattern MdnResponse_SYNC = MdnResponse' "SYNC"
+
+{-# COMPLETE
+  MdnResponse_NONE,
+  MdnResponse_SYNC,
+  MdnResponse'
+  #-}
diff --git a/gen/Amazonka/Transfer/Types/MdnSigningAlg.hs b/gen/Amazonka/Transfer/Types/MdnSigningAlg.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/MdnSigningAlg.hs
@@ -0,0 +1,91 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.MdnSigningAlg
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.MdnSigningAlg
+  ( MdnSigningAlg
+      ( ..,
+        MdnSigningAlg_DEFAULT,
+        MdnSigningAlg_NONE,
+        MdnSigningAlg_SHA1,
+        MdnSigningAlg_SHA256,
+        MdnSigningAlg_SHA384,
+        MdnSigningAlg_SHA512
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype MdnSigningAlg = MdnSigningAlg'
+  { fromMdnSigningAlg ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern MdnSigningAlg_DEFAULT :: MdnSigningAlg
+pattern MdnSigningAlg_DEFAULT = MdnSigningAlg' "DEFAULT"
+
+pattern MdnSigningAlg_NONE :: MdnSigningAlg
+pattern MdnSigningAlg_NONE = MdnSigningAlg' "NONE"
+
+pattern MdnSigningAlg_SHA1 :: MdnSigningAlg
+pattern MdnSigningAlg_SHA1 = MdnSigningAlg' "SHA1"
+
+pattern MdnSigningAlg_SHA256 :: MdnSigningAlg
+pattern MdnSigningAlg_SHA256 = MdnSigningAlg' "SHA256"
+
+pattern MdnSigningAlg_SHA384 :: MdnSigningAlg
+pattern MdnSigningAlg_SHA384 = MdnSigningAlg' "SHA384"
+
+pattern MdnSigningAlg_SHA512 :: MdnSigningAlg
+pattern MdnSigningAlg_SHA512 = MdnSigningAlg' "SHA512"
+
+{-# COMPLETE
+  MdnSigningAlg_DEFAULT,
+  MdnSigningAlg_NONE,
+  MdnSigningAlg_SHA1,
+  MdnSigningAlg_SHA256,
+  MdnSigningAlg_SHA384,
+  MdnSigningAlg_SHA512,
+  MdnSigningAlg'
+  #-}
diff --git a/gen/Amazonka/Transfer/Types/OverwriteExisting.hs b/gen/Amazonka/Transfer/Types/OverwriteExisting.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/OverwriteExisting.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.OverwriteExisting
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.OverwriteExisting
+  ( OverwriteExisting
+      ( ..,
+        OverwriteExisting_FALSE,
+        OverwriteExisting_TRUE
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype OverwriteExisting = OverwriteExisting'
+  { fromOverwriteExisting ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern OverwriteExisting_FALSE :: OverwriteExisting
+pattern OverwriteExisting_FALSE = OverwriteExisting' "FALSE"
+
+pattern OverwriteExisting_TRUE :: OverwriteExisting
+pattern OverwriteExisting_TRUE = OverwriteExisting' "TRUE"
+
+{-# COMPLETE
+  OverwriteExisting_FALSE,
+  OverwriteExisting_TRUE,
+  OverwriteExisting'
+  #-}
diff --git a/gen/Amazonka/Transfer/Types/PosixProfile.hs b/gen/Amazonka/Transfer/Types/PosixProfile.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/PosixProfile.hs
@@ -0,0 +1,115 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.PosixProfile
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.PosixProfile where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The full POSIX identity, including user ID (@Uid@), group ID (@Gid@),
+-- and any secondary groups IDs (@SecondaryGids@), that controls your
+-- users\' access to your Amazon EFS file systems. The POSIX permissions
+-- that are set on files and directories in your file system determine the
+-- level of access your users get when transferring files into and out of
+-- your Amazon EFS file systems.
+--
+-- /See:/ 'newPosixProfile' smart constructor.
+data PosixProfile = PosixProfile'
+  { -- | The secondary POSIX group IDs used for all EFS operations by this user.
+    secondaryGids :: Prelude.Maybe [Prelude.Natural],
+    -- | The POSIX user ID used for all EFS operations by this user.
+    uid :: Prelude.Natural,
+    -- | The POSIX group ID used for all EFS operations by this user.
+    gid :: Prelude.Natural
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'PosixProfile' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'secondaryGids', 'posixProfile_secondaryGids' - The secondary POSIX group IDs used for all EFS operations by this user.
+--
+-- 'uid', 'posixProfile_uid' - The POSIX user ID used for all EFS operations by this user.
+--
+-- 'gid', 'posixProfile_gid' - The POSIX group ID used for all EFS operations by this user.
+newPosixProfile ::
+  -- | 'uid'
+  Prelude.Natural ->
+  -- | 'gid'
+  Prelude.Natural ->
+  PosixProfile
+newPosixProfile pUid_ pGid_ =
+  PosixProfile'
+    { secondaryGids = Prelude.Nothing,
+      uid = pUid_,
+      gid = pGid_
+    }
+
+-- | The secondary POSIX group IDs used for all EFS operations by this user.
+posixProfile_secondaryGids :: Lens.Lens' PosixProfile (Prelude.Maybe [Prelude.Natural])
+posixProfile_secondaryGids = Lens.lens (\PosixProfile' {secondaryGids} -> secondaryGids) (\s@PosixProfile' {} a -> s {secondaryGids = a} :: PosixProfile) Prelude.. Lens.mapping Lens.coerced
+
+-- | The POSIX user ID used for all EFS operations by this user.
+posixProfile_uid :: Lens.Lens' PosixProfile Prelude.Natural
+posixProfile_uid = Lens.lens (\PosixProfile' {uid} -> uid) (\s@PosixProfile' {} a -> s {uid = a} :: PosixProfile)
+
+-- | The POSIX group ID used for all EFS operations by this user.
+posixProfile_gid :: Lens.Lens' PosixProfile Prelude.Natural
+posixProfile_gid = Lens.lens (\PosixProfile' {gid} -> gid) (\s@PosixProfile' {} a -> s {gid = a} :: PosixProfile)
+
+instance Data.FromJSON PosixProfile where
+  parseJSON =
+    Data.withObject
+      "PosixProfile"
+      ( \x ->
+          PosixProfile'
+            Prelude.<$> (x Data..:? "SecondaryGids" Data..!= Prelude.mempty)
+            Prelude.<*> (x Data..: "Uid")
+            Prelude.<*> (x Data..: "Gid")
+      )
+
+instance Prelude.Hashable PosixProfile where
+  hashWithSalt _salt PosixProfile' {..} =
+    _salt
+      `Prelude.hashWithSalt` secondaryGids
+      `Prelude.hashWithSalt` uid
+      `Prelude.hashWithSalt` gid
+
+instance Prelude.NFData PosixProfile where
+  rnf PosixProfile' {..} =
+    Prelude.rnf secondaryGids
+      `Prelude.seq` Prelude.rnf uid
+      `Prelude.seq` Prelude.rnf gid
+
+instance Data.ToJSON PosixProfile where
+  toJSON PosixProfile' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("SecondaryGids" Data..=) Prelude.<$> secondaryGids,
+            Prelude.Just ("Uid" Data..= uid),
+            Prelude.Just ("Gid" Data..= gid)
+          ]
+      )
diff --git a/gen/Amazonka/Transfer/Types/ProfileType.hs b/gen/Amazonka/Transfer/Types/ProfileType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/ProfileType.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.ProfileType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.ProfileType
+  ( ProfileType
+      ( ..,
+        ProfileType_LOCAL,
+        ProfileType_PARTNER
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype ProfileType = ProfileType'
+  { fromProfileType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern ProfileType_LOCAL :: ProfileType
+pattern ProfileType_LOCAL = ProfileType' "LOCAL"
+
+pattern ProfileType_PARTNER :: ProfileType
+pattern ProfileType_PARTNER = ProfileType' "PARTNER"
+
+{-# COMPLETE
+  ProfileType_LOCAL,
+  ProfileType_PARTNER,
+  ProfileType'
+  #-}
diff --git a/gen/Amazonka/Transfer/Types/Protocol.hs b/gen/Amazonka/Transfer/Types/Protocol.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/Protocol.hs
@@ -0,0 +1,81 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.Protocol
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.Protocol
+  ( Protocol
+      ( ..,
+        Protocol_AS2,
+        Protocol_FTP,
+        Protocol_FTPS,
+        Protocol_SFTP
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype Protocol = Protocol'
+  { fromProtocol ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern Protocol_AS2 :: Protocol
+pattern Protocol_AS2 = Protocol' "AS2"
+
+pattern Protocol_FTP :: Protocol
+pattern Protocol_FTP = Protocol' "FTP"
+
+pattern Protocol_FTPS :: Protocol
+pattern Protocol_FTPS = Protocol' "FTPS"
+
+pattern Protocol_SFTP :: Protocol
+pattern Protocol_SFTP = Protocol' "SFTP"
+
+{-# COMPLETE
+  Protocol_AS2,
+  Protocol_FTP,
+  Protocol_FTPS,
+  Protocol_SFTP,
+  Protocol'
+  #-}
diff --git a/gen/Amazonka/Transfer/Types/ProtocolDetails.hs b/gen/Amazonka/Transfer/Types/ProtocolDetails.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/ProtocolDetails.hs
@@ -0,0 +1,354 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.ProtocolDetails
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.ProtocolDetails where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.As2Transport
+import Amazonka.Transfer.Types.SetStatOption
+import Amazonka.Transfer.Types.TlsSessionResumptionMode
+
+-- | The protocol settings that are configured for your server.
+--
+-- /See:/ 'newProtocolDetails' smart constructor.
+data ProtocolDetails = ProtocolDetails'
+  { -- | Indicates the transport method for the AS2 messages. Currently, only
+    -- HTTP is supported.
+    as2Transports :: Prelude.Maybe (Prelude.NonEmpty As2Transport),
+    -- | Indicates passive mode, for FTP and FTPS protocols. Enter a single IPv4
+    -- address, such as the public IP address of a firewall, router, or load
+    -- balancer. For example:
+    --
+    -- @aws transfer update-server --protocol-details PassiveIp=0.0.0.0@
+    --
+    -- Replace @0.0.0.0@ in the example above with the actual IP address you
+    -- want to use.
+    --
+    -- If you change the @PassiveIp@ value, you must stop and then restart your
+    -- Transfer Family server for the change to take effect. For details on
+    -- using passive mode (PASV) in a NAT environment, see
+    -- <http://aws.amazon.com/blogs/storage/configuring-your-ftps-server-behind-a-firewall-or-nat-with-aws-transfer-family/ Configuring your FTPS server behind a firewall or NAT with Transfer Family>.
+    --
+    -- /Special values/
+    --
+    -- The @AUTO@ and @0.0.0.0@ are special values for the @PassiveIp@
+    -- parameter. The value @PassiveIp=AUTO@ is assigned by default to FTP and
+    -- FTPS type servers. In this case, the server automatically responds with
+    -- one of the endpoint IPs within the PASV response. @PassiveIp=0.0.0.0@
+    -- has a more unique application for its usage. For example, if you have a
+    -- High Availability (HA) Network Load Balancer (NLB) environment, where
+    -- you have 3 subnets, you can only specify a single IP address using the
+    -- @PassiveIp@ parameter. This reduces the effectiveness of having High
+    -- Availability. In this case, you can specify @PassiveIp=0.0.0.0@. This
+    -- tells the client to use the same IP address as the Control connection
+    -- and utilize all AZs for their connections. Note, however, that not all
+    -- FTP clients support the @PassiveIp=0.0.0.0@ response. FileZilla and
+    -- WinSCP do support it. If you are using other clients, check to see if
+    -- your client supports the @PassiveIp=0.0.0.0@ response.
+    passiveIp :: Prelude.Maybe Prelude.Text,
+    -- | Use the @SetStatOption@ to ignore the error that is generated when the
+    -- client attempts to use @SETSTAT@ on a file you are uploading to an S3
+    -- bucket.
+    --
+    -- Some SFTP file transfer clients can attempt to change the attributes of
+    -- remote files, including timestamp and permissions, using commands, such
+    -- as @SETSTAT@ when uploading the file. However, these commands are not
+    -- compatible with object storage systems, such as Amazon S3. Due to this
+    -- incompatibility, file uploads from these clients can result in errors
+    -- even when the file is otherwise successfully uploaded.
+    --
+    -- Set the value to @ENABLE_NO_OP@ to have the Transfer Family server
+    -- ignore the @SETSTAT@ command, and upload files without needing to make
+    -- any changes to your SFTP client. While the @SetStatOption@
+    -- @ENABLE_NO_OP@ setting ignores the error, it does generate a log entry
+    -- in Amazon CloudWatch Logs, so you can determine when the client is
+    -- making a @SETSTAT@ call.
+    --
+    -- If you want to preserve the original timestamp for your file, and modify
+    -- other file attributes using @SETSTAT@, you can use Amazon EFS as backend
+    -- storage with Transfer Family.
+    setStatOption :: Prelude.Maybe SetStatOption,
+    -- | A property used with Transfer Family servers that use the FTPS protocol.
+    -- TLS Session Resumption provides a mechanism to resume or share a
+    -- negotiated secret key between the control and data connection for an
+    -- FTPS session. @TlsSessionResumptionMode@ determines whether or not the
+    -- server resumes recent, negotiated sessions through a unique session ID.
+    -- This property is available during @CreateServer@ and @UpdateServer@
+    -- calls. If a @TlsSessionResumptionMode@ value is not specified during
+    -- @CreateServer@, it is set to @ENFORCED@ by default.
+    --
+    -- -   @DISABLED@: the server does not process TLS session resumption
+    --     client requests and creates a new TLS session for each request.
+    --
+    -- -   @ENABLED@: the server processes and accepts clients that are
+    --     performing TLS session resumption. The server doesn\'t reject client
+    --     data connections that do not perform the TLS session resumption
+    --     client processing.
+    --
+    -- -   @ENFORCED@: the server processes and accepts clients that are
+    --     performing TLS session resumption. The server rejects client data
+    --     connections that do not perform the TLS session resumption client
+    --     processing. Before you set the value to @ENFORCED@, test your
+    --     clients.
+    --
+    --     Not all FTPS clients perform TLS session resumption. So, if you
+    --     choose to enforce TLS session resumption, you prevent any
+    --     connections from FTPS clients that don\'t perform the protocol
+    --     negotiation. To determine whether or not you can use the @ENFORCED@
+    --     value, you need to test your clients.
+    tlsSessionResumptionMode :: Prelude.Maybe TlsSessionResumptionMode
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ProtocolDetails' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'as2Transports', 'protocolDetails_as2Transports' - Indicates the transport method for the AS2 messages. Currently, only
+-- HTTP is supported.
+--
+-- 'passiveIp', 'protocolDetails_passiveIp' - Indicates passive mode, for FTP and FTPS protocols. Enter a single IPv4
+-- address, such as the public IP address of a firewall, router, or load
+-- balancer. For example:
+--
+-- @aws transfer update-server --protocol-details PassiveIp=0.0.0.0@
+--
+-- Replace @0.0.0.0@ in the example above with the actual IP address you
+-- want to use.
+--
+-- If you change the @PassiveIp@ value, you must stop and then restart your
+-- Transfer Family server for the change to take effect. For details on
+-- using passive mode (PASV) in a NAT environment, see
+-- <http://aws.amazon.com/blogs/storage/configuring-your-ftps-server-behind-a-firewall-or-nat-with-aws-transfer-family/ Configuring your FTPS server behind a firewall or NAT with Transfer Family>.
+--
+-- /Special values/
+--
+-- The @AUTO@ and @0.0.0.0@ are special values for the @PassiveIp@
+-- parameter. The value @PassiveIp=AUTO@ is assigned by default to FTP and
+-- FTPS type servers. In this case, the server automatically responds with
+-- one of the endpoint IPs within the PASV response. @PassiveIp=0.0.0.0@
+-- has a more unique application for its usage. For example, if you have a
+-- High Availability (HA) Network Load Balancer (NLB) environment, where
+-- you have 3 subnets, you can only specify a single IP address using the
+-- @PassiveIp@ parameter. This reduces the effectiveness of having High
+-- Availability. In this case, you can specify @PassiveIp=0.0.0.0@. This
+-- tells the client to use the same IP address as the Control connection
+-- and utilize all AZs for their connections. Note, however, that not all
+-- FTP clients support the @PassiveIp=0.0.0.0@ response. FileZilla and
+-- WinSCP do support it. If you are using other clients, check to see if
+-- your client supports the @PassiveIp=0.0.0.0@ response.
+--
+-- 'setStatOption', 'protocolDetails_setStatOption' - Use the @SetStatOption@ to ignore the error that is generated when the
+-- client attempts to use @SETSTAT@ on a file you are uploading to an S3
+-- bucket.
+--
+-- Some SFTP file transfer clients can attempt to change the attributes of
+-- remote files, including timestamp and permissions, using commands, such
+-- as @SETSTAT@ when uploading the file. However, these commands are not
+-- compatible with object storage systems, such as Amazon S3. Due to this
+-- incompatibility, file uploads from these clients can result in errors
+-- even when the file is otherwise successfully uploaded.
+--
+-- Set the value to @ENABLE_NO_OP@ to have the Transfer Family server
+-- ignore the @SETSTAT@ command, and upload files without needing to make
+-- any changes to your SFTP client. While the @SetStatOption@
+-- @ENABLE_NO_OP@ setting ignores the error, it does generate a log entry
+-- in Amazon CloudWatch Logs, so you can determine when the client is
+-- making a @SETSTAT@ call.
+--
+-- If you want to preserve the original timestamp for your file, and modify
+-- other file attributes using @SETSTAT@, you can use Amazon EFS as backend
+-- storage with Transfer Family.
+--
+-- 'tlsSessionResumptionMode', 'protocolDetails_tlsSessionResumptionMode' - A property used with Transfer Family servers that use the FTPS protocol.
+-- TLS Session Resumption provides a mechanism to resume or share a
+-- negotiated secret key between the control and data connection for an
+-- FTPS session. @TlsSessionResumptionMode@ determines whether or not the
+-- server resumes recent, negotiated sessions through a unique session ID.
+-- This property is available during @CreateServer@ and @UpdateServer@
+-- calls. If a @TlsSessionResumptionMode@ value is not specified during
+-- @CreateServer@, it is set to @ENFORCED@ by default.
+--
+-- -   @DISABLED@: the server does not process TLS session resumption
+--     client requests and creates a new TLS session for each request.
+--
+-- -   @ENABLED@: the server processes and accepts clients that are
+--     performing TLS session resumption. The server doesn\'t reject client
+--     data connections that do not perform the TLS session resumption
+--     client processing.
+--
+-- -   @ENFORCED@: the server processes and accepts clients that are
+--     performing TLS session resumption. The server rejects client data
+--     connections that do not perform the TLS session resumption client
+--     processing. Before you set the value to @ENFORCED@, test your
+--     clients.
+--
+--     Not all FTPS clients perform TLS session resumption. So, if you
+--     choose to enforce TLS session resumption, you prevent any
+--     connections from FTPS clients that don\'t perform the protocol
+--     negotiation. To determine whether or not you can use the @ENFORCED@
+--     value, you need to test your clients.
+newProtocolDetails ::
+  ProtocolDetails
+newProtocolDetails =
+  ProtocolDetails'
+    { as2Transports = Prelude.Nothing,
+      passiveIp = Prelude.Nothing,
+      setStatOption = Prelude.Nothing,
+      tlsSessionResumptionMode = Prelude.Nothing
+    }
+
+-- | Indicates the transport method for the AS2 messages. Currently, only
+-- HTTP is supported.
+protocolDetails_as2Transports :: Lens.Lens' ProtocolDetails (Prelude.Maybe (Prelude.NonEmpty As2Transport))
+protocolDetails_as2Transports = Lens.lens (\ProtocolDetails' {as2Transports} -> as2Transports) (\s@ProtocolDetails' {} a -> s {as2Transports = a} :: ProtocolDetails) Prelude.. Lens.mapping Lens.coerced
+
+-- | Indicates passive mode, for FTP and FTPS protocols. Enter a single IPv4
+-- address, such as the public IP address of a firewall, router, or load
+-- balancer. For example:
+--
+-- @aws transfer update-server --protocol-details PassiveIp=0.0.0.0@
+--
+-- Replace @0.0.0.0@ in the example above with the actual IP address you
+-- want to use.
+--
+-- If you change the @PassiveIp@ value, you must stop and then restart your
+-- Transfer Family server for the change to take effect. For details on
+-- using passive mode (PASV) in a NAT environment, see
+-- <http://aws.amazon.com/blogs/storage/configuring-your-ftps-server-behind-a-firewall-or-nat-with-aws-transfer-family/ Configuring your FTPS server behind a firewall or NAT with Transfer Family>.
+--
+-- /Special values/
+--
+-- The @AUTO@ and @0.0.0.0@ are special values for the @PassiveIp@
+-- parameter. The value @PassiveIp=AUTO@ is assigned by default to FTP and
+-- FTPS type servers. In this case, the server automatically responds with
+-- one of the endpoint IPs within the PASV response. @PassiveIp=0.0.0.0@
+-- has a more unique application for its usage. For example, if you have a
+-- High Availability (HA) Network Load Balancer (NLB) environment, where
+-- you have 3 subnets, you can only specify a single IP address using the
+-- @PassiveIp@ parameter. This reduces the effectiveness of having High
+-- Availability. In this case, you can specify @PassiveIp=0.0.0.0@. This
+-- tells the client to use the same IP address as the Control connection
+-- and utilize all AZs for their connections. Note, however, that not all
+-- FTP clients support the @PassiveIp=0.0.0.0@ response. FileZilla and
+-- WinSCP do support it. If you are using other clients, check to see if
+-- your client supports the @PassiveIp=0.0.0.0@ response.
+protocolDetails_passiveIp :: Lens.Lens' ProtocolDetails (Prelude.Maybe Prelude.Text)
+protocolDetails_passiveIp = Lens.lens (\ProtocolDetails' {passiveIp} -> passiveIp) (\s@ProtocolDetails' {} a -> s {passiveIp = a} :: ProtocolDetails)
+
+-- | Use the @SetStatOption@ to ignore the error that is generated when the
+-- client attempts to use @SETSTAT@ on a file you are uploading to an S3
+-- bucket.
+--
+-- Some SFTP file transfer clients can attempt to change the attributes of
+-- remote files, including timestamp and permissions, using commands, such
+-- as @SETSTAT@ when uploading the file. However, these commands are not
+-- compatible with object storage systems, such as Amazon S3. Due to this
+-- incompatibility, file uploads from these clients can result in errors
+-- even when the file is otherwise successfully uploaded.
+--
+-- Set the value to @ENABLE_NO_OP@ to have the Transfer Family server
+-- ignore the @SETSTAT@ command, and upload files without needing to make
+-- any changes to your SFTP client. While the @SetStatOption@
+-- @ENABLE_NO_OP@ setting ignores the error, it does generate a log entry
+-- in Amazon CloudWatch Logs, so you can determine when the client is
+-- making a @SETSTAT@ call.
+--
+-- If you want to preserve the original timestamp for your file, and modify
+-- other file attributes using @SETSTAT@, you can use Amazon EFS as backend
+-- storage with Transfer Family.
+protocolDetails_setStatOption :: Lens.Lens' ProtocolDetails (Prelude.Maybe SetStatOption)
+protocolDetails_setStatOption = Lens.lens (\ProtocolDetails' {setStatOption} -> setStatOption) (\s@ProtocolDetails' {} a -> s {setStatOption = a} :: ProtocolDetails)
+
+-- | A property used with Transfer Family servers that use the FTPS protocol.
+-- TLS Session Resumption provides a mechanism to resume or share a
+-- negotiated secret key between the control and data connection for an
+-- FTPS session. @TlsSessionResumptionMode@ determines whether or not the
+-- server resumes recent, negotiated sessions through a unique session ID.
+-- This property is available during @CreateServer@ and @UpdateServer@
+-- calls. If a @TlsSessionResumptionMode@ value is not specified during
+-- @CreateServer@, it is set to @ENFORCED@ by default.
+--
+-- -   @DISABLED@: the server does not process TLS session resumption
+--     client requests and creates a new TLS session for each request.
+--
+-- -   @ENABLED@: the server processes and accepts clients that are
+--     performing TLS session resumption. The server doesn\'t reject client
+--     data connections that do not perform the TLS session resumption
+--     client processing.
+--
+-- -   @ENFORCED@: the server processes and accepts clients that are
+--     performing TLS session resumption. The server rejects client data
+--     connections that do not perform the TLS session resumption client
+--     processing. Before you set the value to @ENFORCED@, test your
+--     clients.
+--
+--     Not all FTPS clients perform TLS session resumption. So, if you
+--     choose to enforce TLS session resumption, you prevent any
+--     connections from FTPS clients that don\'t perform the protocol
+--     negotiation. To determine whether or not you can use the @ENFORCED@
+--     value, you need to test your clients.
+protocolDetails_tlsSessionResumptionMode :: Lens.Lens' ProtocolDetails (Prelude.Maybe TlsSessionResumptionMode)
+protocolDetails_tlsSessionResumptionMode = Lens.lens (\ProtocolDetails' {tlsSessionResumptionMode} -> tlsSessionResumptionMode) (\s@ProtocolDetails' {} a -> s {tlsSessionResumptionMode = a} :: ProtocolDetails)
+
+instance Data.FromJSON ProtocolDetails where
+  parseJSON =
+    Data.withObject
+      "ProtocolDetails"
+      ( \x ->
+          ProtocolDetails'
+            Prelude.<$> (x Data..:? "As2Transports")
+            Prelude.<*> (x Data..:? "PassiveIp")
+            Prelude.<*> (x Data..:? "SetStatOption")
+            Prelude.<*> (x Data..:? "TlsSessionResumptionMode")
+      )
+
+instance Prelude.Hashable ProtocolDetails where
+  hashWithSalt _salt ProtocolDetails' {..} =
+    _salt
+      `Prelude.hashWithSalt` as2Transports
+      `Prelude.hashWithSalt` passiveIp
+      `Prelude.hashWithSalt` setStatOption
+      `Prelude.hashWithSalt` tlsSessionResumptionMode
+
+instance Prelude.NFData ProtocolDetails where
+  rnf ProtocolDetails' {..} =
+    Prelude.rnf as2Transports
+      `Prelude.seq` Prelude.rnf passiveIp
+      `Prelude.seq` Prelude.rnf setStatOption
+      `Prelude.seq` Prelude.rnf tlsSessionResumptionMode
+
+instance Data.ToJSON ProtocolDetails where
+  toJSON ProtocolDetails' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("As2Transports" Data..=) Prelude.<$> as2Transports,
+            ("PassiveIp" Data..=) Prelude.<$> passiveIp,
+            ("SetStatOption" Data..=) Prelude.<$> setStatOption,
+            ("TlsSessionResumptionMode" Data..=)
+              Prelude.<$> tlsSessionResumptionMode
+          ]
+      )
diff --git a/gen/Amazonka/Transfer/Types/S3FileLocation.hs b/gen/Amazonka/Transfer/Types/S3FileLocation.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/S3FileLocation.hs
@@ -0,0 +1,115 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.S3FileLocation
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.S3FileLocation where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Specifies the details for the file location for the file that\'s being
+-- used in the workflow. Only applicable if you are using S3 storage.
+--
+-- /See:/ 'newS3FileLocation' smart constructor.
+data S3FileLocation = S3FileLocation'
+  { -- | Specifies the S3 bucket that contains the file being used.
+    bucket :: Prelude.Maybe Prelude.Text,
+    -- | The entity tag is a hash of the object. The ETag reflects changes only
+    -- to the contents of an object, not its metadata.
+    etag :: Prelude.Maybe Prelude.Text,
+    -- | The name assigned to the file when it was created in Amazon S3. You use
+    -- the object key to retrieve the object.
+    key :: Prelude.Maybe Prelude.Text,
+    -- | Specifies the file version.
+    versionId :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'S3FileLocation' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'bucket', 's3FileLocation_bucket' - Specifies the S3 bucket that contains the file being used.
+--
+-- 'etag', 's3FileLocation_etag' - The entity tag is a hash of the object. The ETag reflects changes only
+-- to the contents of an object, not its metadata.
+--
+-- 'key', 's3FileLocation_key' - The name assigned to the file when it was created in Amazon S3. You use
+-- the object key to retrieve the object.
+--
+-- 'versionId', 's3FileLocation_versionId' - Specifies the file version.
+newS3FileLocation ::
+  S3FileLocation
+newS3FileLocation =
+  S3FileLocation'
+    { bucket = Prelude.Nothing,
+      etag = Prelude.Nothing,
+      key = Prelude.Nothing,
+      versionId = Prelude.Nothing
+    }
+
+-- | Specifies the S3 bucket that contains the file being used.
+s3FileLocation_bucket :: Lens.Lens' S3FileLocation (Prelude.Maybe Prelude.Text)
+s3FileLocation_bucket = Lens.lens (\S3FileLocation' {bucket} -> bucket) (\s@S3FileLocation' {} a -> s {bucket = a} :: S3FileLocation)
+
+-- | The entity tag is a hash of the object. The ETag reflects changes only
+-- to the contents of an object, not its metadata.
+s3FileLocation_etag :: Lens.Lens' S3FileLocation (Prelude.Maybe Prelude.Text)
+s3FileLocation_etag = Lens.lens (\S3FileLocation' {etag} -> etag) (\s@S3FileLocation' {} a -> s {etag = a} :: S3FileLocation)
+
+-- | The name assigned to the file when it was created in Amazon S3. You use
+-- the object key to retrieve the object.
+s3FileLocation_key :: Lens.Lens' S3FileLocation (Prelude.Maybe Prelude.Text)
+s3FileLocation_key = Lens.lens (\S3FileLocation' {key} -> key) (\s@S3FileLocation' {} a -> s {key = a} :: S3FileLocation)
+
+-- | Specifies the file version.
+s3FileLocation_versionId :: Lens.Lens' S3FileLocation (Prelude.Maybe Prelude.Text)
+s3FileLocation_versionId = Lens.lens (\S3FileLocation' {versionId} -> versionId) (\s@S3FileLocation' {} a -> s {versionId = a} :: S3FileLocation)
+
+instance Data.FromJSON S3FileLocation where
+  parseJSON =
+    Data.withObject
+      "S3FileLocation"
+      ( \x ->
+          S3FileLocation'
+            Prelude.<$> (x Data..:? "Bucket")
+            Prelude.<*> (x Data..:? "Etag")
+            Prelude.<*> (x Data..:? "Key")
+            Prelude.<*> (x Data..:? "VersionId")
+      )
+
+instance Prelude.Hashable S3FileLocation where
+  hashWithSalt _salt S3FileLocation' {..} =
+    _salt
+      `Prelude.hashWithSalt` bucket
+      `Prelude.hashWithSalt` etag
+      `Prelude.hashWithSalt` key
+      `Prelude.hashWithSalt` versionId
+
+instance Prelude.NFData S3FileLocation where
+  rnf S3FileLocation' {..} =
+    Prelude.rnf bucket
+      `Prelude.seq` Prelude.rnf etag
+      `Prelude.seq` Prelude.rnf key
+      `Prelude.seq` Prelude.rnf versionId
diff --git a/gen/Amazonka/Transfer/Types/S3InputFileLocation.hs b/gen/Amazonka/Transfer/Types/S3InputFileLocation.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/S3InputFileLocation.hs
@@ -0,0 +1,111 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.S3InputFileLocation
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.S3InputFileLocation where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Specifies the customer input S3 file location. If it is used inside
+-- @copyStepDetails.DestinationFileLocation@, it should be the S3 copy
+-- destination.
+--
+-- You need to provide the bucket and key. The key can represent either a
+-- path or a file. This is determined by whether or not you end the key
+-- value with the forward slash (\/) character. If the final character is
+-- \"\/\", then your file is copied to the folder, and its name does not
+-- change. If, rather, the final character is alphanumeric, your uploaded
+-- file is renamed to the path value. In this case, if a file with that
+-- name already exists, it is overwritten.
+--
+-- For example, if your path is @shared-files\/bob\/@, your uploaded files
+-- are copied to the @shared-files\/bob\/@, folder. If your path is
+-- @shared-files\/today@, each uploaded file is copied to the
+-- @shared-files@ folder and named @today@: each upload overwrites the
+-- previous version of the /bob/ file.
+--
+-- /See:/ 'newS3InputFileLocation' smart constructor.
+data S3InputFileLocation = S3InputFileLocation'
+  { -- | Specifies the S3 bucket for the customer input file.
+    bucket :: Prelude.Maybe Prelude.Text,
+    -- | The name assigned to the file when it was created in Amazon S3. You use
+    -- the object key to retrieve the object.
+    key :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'S3InputFileLocation' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'bucket', 's3InputFileLocation_bucket' - Specifies the S3 bucket for the customer input file.
+--
+-- 'key', 's3InputFileLocation_key' - The name assigned to the file when it was created in Amazon S3. You use
+-- the object key to retrieve the object.
+newS3InputFileLocation ::
+  S3InputFileLocation
+newS3InputFileLocation =
+  S3InputFileLocation'
+    { bucket = Prelude.Nothing,
+      key = Prelude.Nothing
+    }
+
+-- | Specifies the S3 bucket for the customer input file.
+s3InputFileLocation_bucket :: Lens.Lens' S3InputFileLocation (Prelude.Maybe Prelude.Text)
+s3InputFileLocation_bucket = Lens.lens (\S3InputFileLocation' {bucket} -> bucket) (\s@S3InputFileLocation' {} a -> s {bucket = a} :: S3InputFileLocation)
+
+-- | The name assigned to the file when it was created in Amazon S3. You use
+-- the object key to retrieve the object.
+s3InputFileLocation_key :: Lens.Lens' S3InputFileLocation (Prelude.Maybe Prelude.Text)
+s3InputFileLocation_key = Lens.lens (\S3InputFileLocation' {key} -> key) (\s@S3InputFileLocation' {} a -> s {key = a} :: S3InputFileLocation)
+
+instance Data.FromJSON S3InputFileLocation where
+  parseJSON =
+    Data.withObject
+      "S3InputFileLocation"
+      ( \x ->
+          S3InputFileLocation'
+            Prelude.<$> (x Data..:? "Bucket")
+            Prelude.<*> (x Data..:? "Key")
+      )
+
+instance Prelude.Hashable S3InputFileLocation where
+  hashWithSalt _salt S3InputFileLocation' {..} =
+    _salt
+      `Prelude.hashWithSalt` bucket
+      `Prelude.hashWithSalt` key
+
+instance Prelude.NFData S3InputFileLocation where
+  rnf S3InputFileLocation' {..} =
+    Prelude.rnf bucket `Prelude.seq` Prelude.rnf key
+
+instance Data.ToJSON S3InputFileLocation where
+  toJSON S3InputFileLocation' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("Bucket" Data..=) Prelude.<$> bucket,
+            ("Key" Data..=) Prelude.<$> key
+          ]
+      )
diff --git a/gen/Amazonka/Transfer/Types/S3Tag.hs b/gen/Amazonka/Transfer/Types/S3Tag.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/S3Tag.hs
@@ -0,0 +1,94 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.S3Tag
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.S3Tag where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Specifies the key-value pair that are assigned to a file during the
+-- execution of a Tagging step.
+--
+-- /See:/ 'newS3Tag' smart constructor.
+data S3Tag = S3Tag'
+  { -- | The name assigned to the tag that you create.
+    key :: Prelude.Text,
+    -- | The value that corresponds to the key.
+    value :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'S3Tag' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'key', 's3Tag_key' - The name assigned to the tag that you create.
+--
+-- 'value', 's3Tag_value' - The value that corresponds to the key.
+newS3Tag ::
+  -- | 'key'
+  Prelude.Text ->
+  -- | 'value'
+  Prelude.Text ->
+  S3Tag
+newS3Tag pKey_ pValue_ =
+  S3Tag' {key = pKey_, value = pValue_}
+
+-- | The name assigned to the tag that you create.
+s3Tag_key :: Lens.Lens' S3Tag Prelude.Text
+s3Tag_key = Lens.lens (\S3Tag' {key} -> key) (\s@S3Tag' {} a -> s {key = a} :: S3Tag)
+
+-- | The value that corresponds to the key.
+s3Tag_value :: Lens.Lens' S3Tag Prelude.Text
+s3Tag_value = Lens.lens (\S3Tag' {value} -> value) (\s@S3Tag' {} a -> s {value = a} :: S3Tag)
+
+instance Data.FromJSON S3Tag where
+  parseJSON =
+    Data.withObject
+      "S3Tag"
+      ( \x ->
+          S3Tag'
+            Prelude.<$> (x Data..: "Key")
+            Prelude.<*> (x Data..: "Value")
+      )
+
+instance Prelude.Hashable S3Tag where
+  hashWithSalt _salt S3Tag' {..} =
+    _salt
+      `Prelude.hashWithSalt` key
+      `Prelude.hashWithSalt` value
+
+instance Prelude.NFData S3Tag where
+  rnf S3Tag' {..} =
+    Prelude.rnf key `Prelude.seq` Prelude.rnf value
+
+instance Data.ToJSON S3Tag where
+  toJSON S3Tag' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("Key" Data..= key),
+            Prelude.Just ("Value" Data..= value)
+          ]
+      )
diff --git a/gen/Amazonka/Transfer/Types/ServiceMetadata.hs b/gen/Amazonka/Transfer/Types/ServiceMetadata.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/ServiceMetadata.hs
@@ -0,0 +1,75 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.ServiceMetadata
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.ServiceMetadata where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.UserDetails
+
+-- | A container object for the session details that are associated with a
+-- workflow.
+--
+-- /See:/ 'newServiceMetadata' smart constructor.
+data ServiceMetadata = ServiceMetadata'
+  { -- | The Server ID (@ServerId@), Session ID (@SessionId@) and user
+    -- (@UserName@) make up the @UserDetails@.
+    userDetails :: UserDetails
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ServiceMetadata' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'userDetails', 'serviceMetadata_userDetails' - The Server ID (@ServerId@), Session ID (@SessionId@) and user
+-- (@UserName@) make up the @UserDetails@.
+newServiceMetadata ::
+  -- | 'userDetails'
+  UserDetails ->
+  ServiceMetadata
+newServiceMetadata pUserDetails_ =
+  ServiceMetadata' {userDetails = pUserDetails_}
+
+-- | The Server ID (@ServerId@), Session ID (@SessionId@) and user
+-- (@UserName@) make up the @UserDetails@.
+serviceMetadata_userDetails :: Lens.Lens' ServiceMetadata UserDetails
+serviceMetadata_userDetails = Lens.lens (\ServiceMetadata' {userDetails} -> userDetails) (\s@ServiceMetadata' {} a -> s {userDetails = a} :: ServiceMetadata)
+
+instance Data.FromJSON ServiceMetadata where
+  parseJSON =
+    Data.withObject
+      "ServiceMetadata"
+      ( \x ->
+          ServiceMetadata'
+            Prelude.<$> (x Data..: "UserDetails")
+      )
+
+instance Prelude.Hashable ServiceMetadata where
+  hashWithSalt _salt ServiceMetadata' {..} =
+    _salt `Prelude.hashWithSalt` userDetails
+
+instance Prelude.NFData ServiceMetadata where
+  rnf ServiceMetadata' {..} = Prelude.rnf userDetails
diff --git a/gen/Amazonka/Transfer/Types/SetStatOption.hs b/gen/Amazonka/Transfer/Types/SetStatOption.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/SetStatOption.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.SetStatOption
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.SetStatOption
+  ( SetStatOption
+      ( ..,
+        SetStatOption_DEFAULT,
+        SetStatOption_ENABLE_NO_OP
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype SetStatOption = SetStatOption'
+  { fromSetStatOption ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern SetStatOption_DEFAULT :: SetStatOption
+pattern SetStatOption_DEFAULT = SetStatOption' "DEFAULT"
+
+pattern SetStatOption_ENABLE_NO_OP :: SetStatOption
+pattern SetStatOption_ENABLE_NO_OP = SetStatOption' "ENABLE_NO_OP"
+
+{-# COMPLETE
+  SetStatOption_DEFAULT,
+  SetStatOption_ENABLE_NO_OP,
+  SetStatOption'
+  #-}
diff --git a/gen/Amazonka/Transfer/Types/SigningAlg.hs b/gen/Amazonka/Transfer/Types/SigningAlg.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/SigningAlg.hs
@@ -0,0 +1,86 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.SigningAlg
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.SigningAlg
+  ( SigningAlg
+      ( ..,
+        SigningAlg_NONE,
+        SigningAlg_SHA1,
+        SigningAlg_SHA256,
+        SigningAlg_SHA384,
+        SigningAlg_SHA512
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype SigningAlg = SigningAlg'
+  { fromSigningAlg ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern SigningAlg_NONE :: SigningAlg
+pattern SigningAlg_NONE = SigningAlg' "NONE"
+
+pattern SigningAlg_SHA1 :: SigningAlg
+pattern SigningAlg_SHA1 = SigningAlg' "SHA1"
+
+pattern SigningAlg_SHA256 :: SigningAlg
+pattern SigningAlg_SHA256 = SigningAlg' "SHA256"
+
+pattern SigningAlg_SHA384 :: SigningAlg
+pattern SigningAlg_SHA384 = SigningAlg' "SHA384"
+
+pattern SigningAlg_SHA512 :: SigningAlg
+pattern SigningAlg_SHA512 = SigningAlg' "SHA512"
+
+{-# COMPLETE
+  SigningAlg_NONE,
+  SigningAlg_SHA1,
+  SigningAlg_SHA256,
+  SigningAlg_SHA384,
+  SigningAlg_SHA512,
+  SigningAlg'
+  #-}
diff --git a/gen/Amazonka/Transfer/Types/SshPublicKey.hs b/gen/Amazonka/Transfer/Types/SshPublicKey.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/SshPublicKey.hs
@@ -0,0 +1,123 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.SshPublicKey
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.SshPublicKey where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Provides information about the public Secure Shell (SSH) key that is
+-- associated with a user account for the specific file transfer
+-- protocol-enabled server (as identified by @ServerId@). The information
+-- returned includes the date the key was imported, the public key
+-- contents, and the public key ID. A user can store more than one SSH
+-- public key associated with their user name on a specific server.
+--
+-- /See:/ 'newSshPublicKey' smart constructor.
+data SshPublicKey = SshPublicKey'
+  { -- | Specifies the date that the public key was added to the user account.
+    dateImported :: Data.POSIX,
+    -- | Specifies the content of the SSH public key as specified by the
+    -- @PublicKeyId@.
+    --
+    -- Transfer Family accepts RSA, ECDSA, and ED25519 keys.
+    sshPublicKeyBody :: Prelude.Text,
+    -- | Specifies the @SshPublicKeyId@ parameter contains the identifier of the
+    -- public key.
+    sshPublicKeyId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'SshPublicKey' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'dateImported', 'sshPublicKey_dateImported' - Specifies the date that the public key was added to the user account.
+--
+-- 'sshPublicKeyBody', 'sshPublicKey_sshPublicKeyBody' - Specifies the content of the SSH public key as specified by the
+-- @PublicKeyId@.
+--
+-- Transfer Family accepts RSA, ECDSA, and ED25519 keys.
+--
+-- 'sshPublicKeyId', 'sshPublicKey_sshPublicKeyId' - Specifies the @SshPublicKeyId@ parameter contains the identifier of the
+-- public key.
+newSshPublicKey ::
+  -- | 'dateImported'
+  Prelude.UTCTime ->
+  -- | 'sshPublicKeyBody'
+  Prelude.Text ->
+  -- | 'sshPublicKeyId'
+  Prelude.Text ->
+  SshPublicKey
+newSshPublicKey
+  pDateImported_
+  pSshPublicKeyBody_
+  pSshPublicKeyId_ =
+    SshPublicKey'
+      { dateImported =
+          Data._Time Lens.# pDateImported_,
+        sshPublicKeyBody = pSshPublicKeyBody_,
+        sshPublicKeyId = pSshPublicKeyId_
+      }
+
+-- | Specifies the date that the public key was added to the user account.
+sshPublicKey_dateImported :: Lens.Lens' SshPublicKey Prelude.UTCTime
+sshPublicKey_dateImported = Lens.lens (\SshPublicKey' {dateImported} -> dateImported) (\s@SshPublicKey' {} a -> s {dateImported = a} :: SshPublicKey) Prelude.. Data._Time
+
+-- | Specifies the content of the SSH public key as specified by the
+-- @PublicKeyId@.
+--
+-- Transfer Family accepts RSA, ECDSA, and ED25519 keys.
+sshPublicKey_sshPublicKeyBody :: Lens.Lens' SshPublicKey Prelude.Text
+sshPublicKey_sshPublicKeyBody = Lens.lens (\SshPublicKey' {sshPublicKeyBody} -> sshPublicKeyBody) (\s@SshPublicKey' {} a -> s {sshPublicKeyBody = a} :: SshPublicKey)
+
+-- | Specifies the @SshPublicKeyId@ parameter contains the identifier of the
+-- public key.
+sshPublicKey_sshPublicKeyId :: Lens.Lens' SshPublicKey Prelude.Text
+sshPublicKey_sshPublicKeyId = Lens.lens (\SshPublicKey' {sshPublicKeyId} -> sshPublicKeyId) (\s@SshPublicKey' {} a -> s {sshPublicKeyId = a} :: SshPublicKey)
+
+instance Data.FromJSON SshPublicKey where
+  parseJSON =
+    Data.withObject
+      "SshPublicKey"
+      ( \x ->
+          SshPublicKey'
+            Prelude.<$> (x Data..: "DateImported")
+            Prelude.<*> (x Data..: "SshPublicKeyBody")
+            Prelude.<*> (x Data..: "SshPublicKeyId")
+      )
+
+instance Prelude.Hashable SshPublicKey where
+  hashWithSalt _salt SshPublicKey' {..} =
+    _salt
+      `Prelude.hashWithSalt` dateImported
+      `Prelude.hashWithSalt` sshPublicKeyBody
+      `Prelude.hashWithSalt` sshPublicKeyId
+
+instance Prelude.NFData SshPublicKey where
+  rnf SshPublicKey' {..} =
+    Prelude.rnf dateImported
+      `Prelude.seq` Prelude.rnf sshPublicKeyBody
+      `Prelude.seq` Prelude.rnf sshPublicKeyId
diff --git a/gen/Amazonka/Transfer/Types/State.hs b/gen/Amazonka/Transfer/Types/State.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/State.hs
@@ -0,0 +1,100 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.State
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.State
+  ( State
+      ( ..,
+        State_OFFLINE,
+        State_ONLINE,
+        State_STARTING,
+        State_START_FAILED,
+        State_STOPPING,
+        State_STOP_FAILED
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Describes the condition of a file transfer protocol-enabled server with
+-- respect to its ability to perform file operations. There are six
+-- possible states: @OFFLINE@, @ONLINE@, @STARTING@, @STOPPING@,
+-- @START_FAILED@, and @STOP_FAILED@.
+--
+-- @OFFLINE@ indicates that the server exists, but that it is not available
+-- for file operations. @ONLINE@ indicates that the server is available to
+-- perform file operations. @STARTING@ indicates that the server\'s was
+-- instantiated, but the server is not yet available to perform file
+-- operations. Under normal conditions, it can take a couple of minutes for
+-- the server to be completely operational. Both @START_FAILED@ and
+-- @STOP_FAILED@ are error conditions.
+newtype State = State' {fromState :: Data.Text}
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern State_OFFLINE :: State
+pattern State_OFFLINE = State' "OFFLINE"
+
+pattern State_ONLINE :: State
+pattern State_ONLINE = State' "ONLINE"
+
+pattern State_STARTING :: State
+pattern State_STARTING = State' "STARTING"
+
+pattern State_START_FAILED :: State
+pattern State_START_FAILED = State' "START_FAILED"
+
+pattern State_STOPPING :: State
+pattern State_STOPPING = State' "STOPPING"
+
+pattern State_STOP_FAILED :: State
+pattern State_STOP_FAILED = State' "STOP_FAILED"
+
+{-# COMPLETE
+  State_OFFLINE,
+  State_ONLINE,
+  State_STARTING,
+  State_START_FAILED,
+  State_STOPPING,
+  State_STOP_FAILED,
+  State'
+  #-}
diff --git a/gen/Amazonka/Transfer/Types/Tag.hs b/gen/Amazonka/Transfer/Types/Tag.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/Tag.hs
@@ -0,0 +1,101 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.Tag
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.Tag where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Creates a key-value pair for a specific resource. Tags are metadata that
+-- you can use to search for and group a resource for various purposes. You
+-- can apply tags to servers, users, and roles. A tag key can take more
+-- than one value. For example, to group servers for accounting purposes,
+-- you might create a tag called @Group@ and assign the values @Research@
+-- and @Accounting@ to that group.
+--
+-- /See:/ 'newTag' smart constructor.
+data Tag = Tag'
+  { -- | The name assigned to the tag that you create.
+    key :: Prelude.Text,
+    -- | Contains one or more values that you assigned to the key name you
+    -- create.
+    value :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'Tag' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'key', 'tag_key' - The name assigned to the tag that you create.
+--
+-- 'value', 'tag_value' - Contains one or more values that you assigned to the key name you
+-- create.
+newTag ::
+  -- | 'key'
+  Prelude.Text ->
+  -- | 'value'
+  Prelude.Text ->
+  Tag
+newTag pKey_ pValue_ =
+  Tag' {key = pKey_, value = pValue_}
+
+-- | The name assigned to the tag that you create.
+tag_key :: Lens.Lens' Tag Prelude.Text
+tag_key = Lens.lens (\Tag' {key} -> key) (\s@Tag' {} a -> s {key = a} :: Tag)
+
+-- | Contains one or more values that you assigned to the key name you
+-- create.
+tag_value :: Lens.Lens' Tag Prelude.Text
+tag_value = Lens.lens (\Tag' {value} -> value) (\s@Tag' {} a -> s {value = a} :: Tag)
+
+instance Data.FromJSON Tag where
+  parseJSON =
+    Data.withObject
+      "Tag"
+      ( \x ->
+          Tag'
+            Prelude.<$> (x Data..: "Key")
+            Prelude.<*> (x Data..: "Value")
+      )
+
+instance Prelude.Hashable Tag where
+  hashWithSalt _salt Tag' {..} =
+    _salt
+      `Prelude.hashWithSalt` key
+      `Prelude.hashWithSalt` value
+
+instance Prelude.NFData Tag where
+  rnf Tag' {..} =
+    Prelude.rnf key `Prelude.seq` Prelude.rnf value
+
+instance Data.ToJSON Tag where
+  toJSON Tag' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("Key" Data..= key),
+            Prelude.Just ("Value" Data..= value)
+          ]
+      )
diff --git a/gen/Amazonka/Transfer/Types/TagStepDetails.hs b/gen/Amazonka/Transfer/Types/TagStepDetails.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/TagStepDetails.hs
@@ -0,0 +1,138 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.TagStepDetails
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.TagStepDetails where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.S3Tag
+
+-- | Each step type has its own @StepDetails@ structure.
+--
+-- The key\/value pairs used to tag a file during the execution of a
+-- workflow step.
+--
+-- /See:/ 'newTagStepDetails' smart constructor.
+data TagStepDetails = TagStepDetails'
+  { -- | The name of the step, used as an identifier.
+    name :: Prelude.Maybe Prelude.Text,
+    -- | Specifies which file to use as input to the workflow step: either the
+    -- output from the previous step, or the originally uploaded file for the
+    -- workflow.
+    --
+    -- -   Enter @${previous.file}@ to use the previous file as the input. In
+    --     this case, this workflow step uses the output file from the previous
+    --     workflow step as input. This is the default value.
+    --
+    -- -   Enter @${original.file}@ to use the originally-uploaded file
+    --     location as input for this step.
+    sourceFileLocation :: Prelude.Maybe Prelude.Text,
+    -- | Array that contains from 1 to 10 key\/value pairs.
+    tags :: Prelude.Maybe (Prelude.NonEmpty S3Tag)
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TagStepDetails' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'name', 'tagStepDetails_name' - The name of the step, used as an identifier.
+--
+-- 'sourceFileLocation', 'tagStepDetails_sourceFileLocation' - Specifies which file to use as input to the workflow step: either the
+-- output from the previous step, or the originally uploaded file for the
+-- workflow.
+--
+-- -   Enter @${previous.file}@ to use the previous file as the input. In
+--     this case, this workflow step uses the output file from the previous
+--     workflow step as input. This is the default value.
+--
+-- -   Enter @${original.file}@ to use the originally-uploaded file
+--     location as input for this step.
+--
+-- 'tags', 'tagStepDetails_tags' - Array that contains from 1 to 10 key\/value pairs.
+newTagStepDetails ::
+  TagStepDetails
+newTagStepDetails =
+  TagStepDetails'
+    { name = Prelude.Nothing,
+      sourceFileLocation = Prelude.Nothing,
+      tags = Prelude.Nothing
+    }
+
+-- | The name of the step, used as an identifier.
+tagStepDetails_name :: Lens.Lens' TagStepDetails (Prelude.Maybe Prelude.Text)
+tagStepDetails_name = Lens.lens (\TagStepDetails' {name} -> name) (\s@TagStepDetails' {} a -> s {name = a} :: TagStepDetails)
+
+-- | Specifies which file to use as input to the workflow step: either the
+-- output from the previous step, or the originally uploaded file for the
+-- workflow.
+--
+-- -   Enter @${previous.file}@ to use the previous file as the input. In
+--     this case, this workflow step uses the output file from the previous
+--     workflow step as input. This is the default value.
+--
+-- -   Enter @${original.file}@ to use the originally-uploaded file
+--     location as input for this step.
+tagStepDetails_sourceFileLocation :: Lens.Lens' TagStepDetails (Prelude.Maybe Prelude.Text)
+tagStepDetails_sourceFileLocation = Lens.lens (\TagStepDetails' {sourceFileLocation} -> sourceFileLocation) (\s@TagStepDetails' {} a -> s {sourceFileLocation = a} :: TagStepDetails)
+
+-- | Array that contains from 1 to 10 key\/value pairs.
+tagStepDetails_tags :: Lens.Lens' TagStepDetails (Prelude.Maybe (Prelude.NonEmpty S3Tag))
+tagStepDetails_tags = Lens.lens (\TagStepDetails' {tags} -> tags) (\s@TagStepDetails' {} a -> s {tags = a} :: TagStepDetails) Prelude.. Lens.mapping Lens.coerced
+
+instance Data.FromJSON TagStepDetails where
+  parseJSON =
+    Data.withObject
+      "TagStepDetails"
+      ( \x ->
+          TagStepDetails'
+            Prelude.<$> (x Data..:? "Name")
+            Prelude.<*> (x Data..:? "SourceFileLocation")
+            Prelude.<*> (x Data..:? "Tags")
+      )
+
+instance Prelude.Hashable TagStepDetails where
+  hashWithSalt _salt TagStepDetails' {..} =
+    _salt
+      `Prelude.hashWithSalt` name
+      `Prelude.hashWithSalt` sourceFileLocation
+      `Prelude.hashWithSalt` tags
+
+instance Prelude.NFData TagStepDetails where
+  rnf TagStepDetails' {..} =
+    Prelude.rnf name
+      `Prelude.seq` Prelude.rnf sourceFileLocation
+      `Prelude.seq` Prelude.rnf tags
+
+instance Data.ToJSON TagStepDetails where
+  toJSON TagStepDetails' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("Name" Data..=) Prelude.<$> name,
+            ("SourceFileLocation" Data..=)
+              Prelude.<$> sourceFileLocation,
+            ("Tags" Data..=) Prelude.<$> tags
+          ]
+      )
diff --git a/gen/Amazonka/Transfer/Types/TlsSessionResumptionMode.hs b/gen/Amazonka/Transfer/Types/TlsSessionResumptionMode.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/TlsSessionResumptionMode.hs
@@ -0,0 +1,76 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.TlsSessionResumptionMode
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.TlsSessionResumptionMode
+  ( TlsSessionResumptionMode
+      ( ..,
+        TlsSessionResumptionMode_DISABLED,
+        TlsSessionResumptionMode_ENABLED,
+        TlsSessionResumptionMode_ENFORCED
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype TlsSessionResumptionMode = TlsSessionResumptionMode'
+  { fromTlsSessionResumptionMode ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern TlsSessionResumptionMode_DISABLED :: TlsSessionResumptionMode
+pattern TlsSessionResumptionMode_DISABLED = TlsSessionResumptionMode' "DISABLED"
+
+pattern TlsSessionResumptionMode_ENABLED :: TlsSessionResumptionMode
+pattern TlsSessionResumptionMode_ENABLED = TlsSessionResumptionMode' "ENABLED"
+
+pattern TlsSessionResumptionMode_ENFORCED :: TlsSessionResumptionMode
+pattern TlsSessionResumptionMode_ENFORCED = TlsSessionResumptionMode' "ENFORCED"
+
+{-# COMPLETE
+  TlsSessionResumptionMode_DISABLED,
+  TlsSessionResumptionMode_ENABLED,
+  TlsSessionResumptionMode_ENFORCED,
+  TlsSessionResumptionMode'
+  #-}
diff --git a/gen/Amazonka/Transfer/Types/UserDetails.hs b/gen/Amazonka/Transfer/Types/UserDetails.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/UserDetails.hs
@@ -0,0 +1,103 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.UserDetails
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.UserDetails where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Specifies the user name, server ID, and session ID for a workflow.
+--
+-- /See:/ 'newUserDetails' smart constructor.
+data UserDetails = UserDetails'
+  { -- | The system-assigned unique identifier for a session that corresponds to
+    -- the workflow.
+    sessionId :: Prelude.Maybe Prelude.Text,
+    -- | A unique string that identifies a user account associated with a server.
+    userName :: Prelude.Text,
+    -- | The system-assigned unique identifier for a Transfer server instance.
+    serverId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UserDetails' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'sessionId', 'userDetails_sessionId' - The system-assigned unique identifier for a session that corresponds to
+-- the workflow.
+--
+-- 'userName', 'userDetails_userName' - A unique string that identifies a user account associated with a server.
+--
+-- 'serverId', 'userDetails_serverId' - The system-assigned unique identifier for a Transfer server instance.
+newUserDetails ::
+  -- | 'userName'
+  Prelude.Text ->
+  -- | 'serverId'
+  Prelude.Text ->
+  UserDetails
+newUserDetails pUserName_ pServerId_ =
+  UserDetails'
+    { sessionId = Prelude.Nothing,
+      userName = pUserName_,
+      serverId = pServerId_
+    }
+
+-- | The system-assigned unique identifier for a session that corresponds to
+-- the workflow.
+userDetails_sessionId :: Lens.Lens' UserDetails (Prelude.Maybe Prelude.Text)
+userDetails_sessionId = Lens.lens (\UserDetails' {sessionId} -> sessionId) (\s@UserDetails' {} a -> s {sessionId = a} :: UserDetails)
+
+-- | A unique string that identifies a user account associated with a server.
+userDetails_userName :: Lens.Lens' UserDetails Prelude.Text
+userDetails_userName = Lens.lens (\UserDetails' {userName} -> userName) (\s@UserDetails' {} a -> s {userName = a} :: UserDetails)
+
+-- | The system-assigned unique identifier for a Transfer server instance.
+userDetails_serverId :: Lens.Lens' UserDetails Prelude.Text
+userDetails_serverId = Lens.lens (\UserDetails' {serverId} -> serverId) (\s@UserDetails' {} a -> s {serverId = a} :: UserDetails)
+
+instance Data.FromJSON UserDetails where
+  parseJSON =
+    Data.withObject
+      "UserDetails"
+      ( \x ->
+          UserDetails'
+            Prelude.<$> (x Data..:? "SessionId")
+            Prelude.<*> (x Data..: "UserName")
+            Prelude.<*> (x Data..: "ServerId")
+      )
+
+instance Prelude.Hashable UserDetails where
+  hashWithSalt _salt UserDetails' {..} =
+    _salt
+      `Prelude.hashWithSalt` sessionId
+      `Prelude.hashWithSalt` userName
+      `Prelude.hashWithSalt` serverId
+
+instance Prelude.NFData UserDetails where
+  rnf UserDetails' {..} =
+    Prelude.rnf sessionId
+      `Prelude.seq` Prelude.rnf userName
+      `Prelude.seq` Prelude.rnf serverId
diff --git a/gen/Amazonka/Transfer/Types/WorkflowDetail.hs b/gen/Amazonka/Transfer/Types/WorkflowDetail.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/WorkflowDetail.hs
@@ -0,0 +1,110 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.WorkflowDetail
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.WorkflowDetail where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | Specifies the workflow ID for the workflow to assign and the execution
+-- role that\'s used for executing the workflow.
+--
+-- In additon to a workflow to execute when a file is uploaded completely,
+-- @WorkflowDeatails@ can also contain a workflow ID (and execution role)
+-- for a workflow to execute on partial upload. A partial upload occurs
+-- when a file is open when the session disconnects.
+--
+-- /See:/ 'newWorkflowDetail' smart constructor.
+data WorkflowDetail = WorkflowDetail'
+  { -- | A unique identifier for the workflow.
+    workflowId :: Prelude.Text,
+    -- | Includes the necessary permissions for S3, EFS, and Lambda operations
+    -- that Transfer can assume, so that all workflow steps can operate on the
+    -- required resources
+    executionRole :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'WorkflowDetail' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'workflowId', 'workflowDetail_workflowId' - A unique identifier for the workflow.
+--
+-- 'executionRole', 'workflowDetail_executionRole' - Includes the necessary permissions for S3, EFS, and Lambda operations
+-- that Transfer can assume, so that all workflow steps can operate on the
+-- required resources
+newWorkflowDetail ::
+  -- | 'workflowId'
+  Prelude.Text ->
+  -- | 'executionRole'
+  Prelude.Text ->
+  WorkflowDetail
+newWorkflowDetail pWorkflowId_ pExecutionRole_ =
+  WorkflowDetail'
+    { workflowId = pWorkflowId_,
+      executionRole = pExecutionRole_
+    }
+
+-- | A unique identifier for the workflow.
+workflowDetail_workflowId :: Lens.Lens' WorkflowDetail Prelude.Text
+workflowDetail_workflowId = Lens.lens (\WorkflowDetail' {workflowId} -> workflowId) (\s@WorkflowDetail' {} a -> s {workflowId = a} :: WorkflowDetail)
+
+-- | Includes the necessary permissions for S3, EFS, and Lambda operations
+-- that Transfer can assume, so that all workflow steps can operate on the
+-- required resources
+workflowDetail_executionRole :: Lens.Lens' WorkflowDetail Prelude.Text
+workflowDetail_executionRole = Lens.lens (\WorkflowDetail' {executionRole} -> executionRole) (\s@WorkflowDetail' {} a -> s {executionRole = a} :: WorkflowDetail)
+
+instance Data.FromJSON WorkflowDetail where
+  parseJSON =
+    Data.withObject
+      "WorkflowDetail"
+      ( \x ->
+          WorkflowDetail'
+            Prelude.<$> (x Data..: "WorkflowId")
+            Prelude.<*> (x Data..: "ExecutionRole")
+      )
+
+instance Prelude.Hashable WorkflowDetail where
+  hashWithSalt _salt WorkflowDetail' {..} =
+    _salt
+      `Prelude.hashWithSalt` workflowId
+      `Prelude.hashWithSalt` executionRole
+
+instance Prelude.NFData WorkflowDetail where
+  rnf WorkflowDetail' {..} =
+    Prelude.rnf workflowId
+      `Prelude.seq` Prelude.rnf executionRole
+
+instance Data.ToJSON WorkflowDetail where
+  toJSON WorkflowDetail' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("WorkflowId" Data..= workflowId),
+            Prelude.Just
+              ("ExecutionRole" Data..= executionRole)
+          ]
+      )
diff --git a/gen/Amazonka/Transfer/Types/WorkflowDetails.hs b/gen/Amazonka/Transfer/Types/WorkflowDetails.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/WorkflowDetails.hs
@@ -0,0 +1,132 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.WorkflowDetails
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.WorkflowDetails where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.WorkflowDetail
+
+-- | Container for the @WorkflowDetail@ data type. It is used by actions that
+-- trigger a workflow to begin execution.
+--
+-- /See:/ 'newWorkflowDetails' smart constructor.
+data WorkflowDetails = WorkflowDetails'
+  { -- | A trigger that starts a workflow if a file is only partially uploaded.
+    -- You can attach a workflow to a server that executes whenever there is a
+    -- partial upload.
+    --
+    -- A /partial upload/ occurs when a file is open when the session
+    -- disconnects.
+    onPartialUpload :: Prelude.Maybe [WorkflowDetail],
+    -- | A trigger that starts a workflow: the workflow begins to execute after a
+    -- file is uploaded.
+    --
+    -- To remove an associated workflow from a server, you can provide an empty
+    -- @OnUpload@ object, as in the following example.
+    --
+    -- @aws transfer update-server --server-id s-01234567890abcdef --workflow-details \'{\"OnUpload\":[]}\'@
+    onUpload :: Prelude.Maybe [WorkflowDetail]
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'WorkflowDetails' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'onPartialUpload', 'workflowDetails_onPartialUpload' - A trigger that starts a workflow if a file is only partially uploaded.
+-- You can attach a workflow to a server that executes whenever there is a
+-- partial upload.
+--
+-- A /partial upload/ occurs when a file is open when the session
+-- disconnects.
+--
+-- 'onUpload', 'workflowDetails_onUpload' - A trigger that starts a workflow: the workflow begins to execute after a
+-- file is uploaded.
+--
+-- To remove an associated workflow from a server, you can provide an empty
+-- @OnUpload@ object, as in the following example.
+--
+-- @aws transfer update-server --server-id s-01234567890abcdef --workflow-details \'{\"OnUpload\":[]}\'@
+newWorkflowDetails ::
+  WorkflowDetails
+newWorkflowDetails =
+  WorkflowDetails'
+    { onPartialUpload = Prelude.Nothing,
+      onUpload = Prelude.Nothing
+    }
+
+-- | A trigger that starts a workflow if a file is only partially uploaded.
+-- You can attach a workflow to a server that executes whenever there is a
+-- partial upload.
+--
+-- A /partial upload/ occurs when a file is open when the session
+-- disconnects.
+workflowDetails_onPartialUpload :: Lens.Lens' WorkflowDetails (Prelude.Maybe [WorkflowDetail])
+workflowDetails_onPartialUpload = Lens.lens (\WorkflowDetails' {onPartialUpload} -> onPartialUpload) (\s@WorkflowDetails' {} a -> s {onPartialUpload = a} :: WorkflowDetails) Prelude.. Lens.mapping Lens.coerced
+
+-- | A trigger that starts a workflow: the workflow begins to execute after a
+-- file is uploaded.
+--
+-- To remove an associated workflow from a server, you can provide an empty
+-- @OnUpload@ object, as in the following example.
+--
+-- @aws transfer update-server --server-id s-01234567890abcdef --workflow-details \'{\"OnUpload\":[]}\'@
+workflowDetails_onUpload :: Lens.Lens' WorkflowDetails (Prelude.Maybe [WorkflowDetail])
+workflowDetails_onUpload = Lens.lens (\WorkflowDetails' {onUpload} -> onUpload) (\s@WorkflowDetails' {} a -> s {onUpload = a} :: WorkflowDetails) Prelude.. Lens.mapping Lens.coerced
+
+instance Data.FromJSON WorkflowDetails where
+  parseJSON =
+    Data.withObject
+      "WorkflowDetails"
+      ( \x ->
+          WorkflowDetails'
+            Prelude.<$> ( x
+                            Data..:? "OnPartialUpload"
+                            Data..!= Prelude.mempty
+                        )
+            Prelude.<*> (x Data..:? "OnUpload" Data..!= Prelude.mempty)
+      )
+
+instance Prelude.Hashable WorkflowDetails where
+  hashWithSalt _salt WorkflowDetails' {..} =
+    _salt
+      `Prelude.hashWithSalt` onPartialUpload
+      `Prelude.hashWithSalt` onUpload
+
+instance Prelude.NFData WorkflowDetails where
+  rnf WorkflowDetails' {..} =
+    Prelude.rnf onPartialUpload
+      `Prelude.seq` Prelude.rnf onUpload
+
+instance Data.ToJSON WorkflowDetails where
+  toJSON WorkflowDetails' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("OnPartialUpload" Data..=)
+              Prelude.<$> onPartialUpload,
+            ("OnUpload" Data..=) Prelude.<$> onUpload
+          ]
+      )
diff --git a/gen/Amazonka/Transfer/Types/WorkflowStep.hs b/gen/Amazonka/Transfer/Types/WorkflowStep.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/WorkflowStep.hs
@@ -0,0 +1,218 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.WorkflowStep
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.WorkflowStep where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.Types.CopyStepDetails
+import Amazonka.Transfer.Types.CustomStepDetails
+import Amazonka.Transfer.Types.DecryptStepDetails
+import Amazonka.Transfer.Types.DeleteStepDetails
+import Amazonka.Transfer.Types.TagStepDetails
+import Amazonka.Transfer.Types.WorkflowStepType
+
+-- | The basic building block of a workflow.
+--
+-- /See:/ 'newWorkflowStep' smart constructor.
+data WorkflowStep = WorkflowStep'
+  { -- | Details for a step that performs a file copy.
+    --
+    -- Consists of the following values:
+    --
+    -- -   A description
+    --
+    -- -   An S3 location for the destination of the file copy.
+    --
+    -- -   A flag that indicates whether or not to overwrite an existing file
+    --     of the same name. The default is @FALSE@.
+    copyStepDetails :: Prelude.Maybe CopyStepDetails,
+    -- | Details for a step that invokes a lambda function.
+    --
+    -- Consists of the lambda function name, target, and timeout (in seconds).
+    customStepDetails :: Prelude.Maybe CustomStepDetails,
+    decryptStepDetails :: Prelude.Maybe DecryptStepDetails,
+    -- | Details for a step that deletes the file.
+    deleteStepDetails :: Prelude.Maybe DeleteStepDetails,
+    -- | Details for a step that creates one or more tags.
+    --
+    -- You specify one or more tags: each tag contains a key\/value pair.
+    tagStepDetails :: Prelude.Maybe TagStepDetails,
+    -- | Currently, the following step types are supported.
+    --
+    -- -   /COPY/: Copy the file to another location.
+    --
+    -- -   /CUSTOM/: Perform a custom step with an Lambda function target.
+    --
+    -- -   /DELETE/: Delete the file.
+    --
+    -- -   /TAG/: Add a tag to the file.
+    type' :: Prelude.Maybe WorkflowStepType
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'WorkflowStep' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'copyStepDetails', 'workflowStep_copyStepDetails' - Details for a step that performs a file copy.
+--
+-- Consists of the following values:
+--
+-- -   A description
+--
+-- -   An S3 location for the destination of the file copy.
+--
+-- -   A flag that indicates whether or not to overwrite an existing file
+--     of the same name. The default is @FALSE@.
+--
+-- 'customStepDetails', 'workflowStep_customStepDetails' - Details for a step that invokes a lambda function.
+--
+-- Consists of the lambda function name, target, and timeout (in seconds).
+--
+-- 'decryptStepDetails', 'workflowStep_decryptStepDetails' - Undocumented member.
+--
+-- 'deleteStepDetails', 'workflowStep_deleteStepDetails' - Details for a step that deletes the file.
+--
+-- 'tagStepDetails', 'workflowStep_tagStepDetails' - Details for a step that creates one or more tags.
+--
+-- You specify one or more tags: each tag contains a key\/value pair.
+--
+-- 'type'', 'workflowStep_type' - Currently, the following step types are supported.
+--
+-- -   /COPY/: Copy the file to another location.
+--
+-- -   /CUSTOM/: Perform a custom step with an Lambda function target.
+--
+-- -   /DELETE/: Delete the file.
+--
+-- -   /TAG/: Add a tag to the file.
+newWorkflowStep ::
+  WorkflowStep
+newWorkflowStep =
+  WorkflowStep'
+    { copyStepDetails = Prelude.Nothing,
+      customStepDetails = Prelude.Nothing,
+      decryptStepDetails = Prelude.Nothing,
+      deleteStepDetails = Prelude.Nothing,
+      tagStepDetails = Prelude.Nothing,
+      type' = Prelude.Nothing
+    }
+
+-- | Details for a step that performs a file copy.
+--
+-- Consists of the following values:
+--
+-- -   A description
+--
+-- -   An S3 location for the destination of the file copy.
+--
+-- -   A flag that indicates whether or not to overwrite an existing file
+--     of the same name. The default is @FALSE@.
+workflowStep_copyStepDetails :: Lens.Lens' WorkflowStep (Prelude.Maybe CopyStepDetails)
+workflowStep_copyStepDetails = Lens.lens (\WorkflowStep' {copyStepDetails} -> copyStepDetails) (\s@WorkflowStep' {} a -> s {copyStepDetails = a} :: WorkflowStep)
+
+-- | Details for a step that invokes a lambda function.
+--
+-- Consists of the lambda function name, target, and timeout (in seconds).
+workflowStep_customStepDetails :: Lens.Lens' WorkflowStep (Prelude.Maybe CustomStepDetails)
+workflowStep_customStepDetails = Lens.lens (\WorkflowStep' {customStepDetails} -> customStepDetails) (\s@WorkflowStep' {} a -> s {customStepDetails = a} :: WorkflowStep)
+
+-- | Undocumented member.
+workflowStep_decryptStepDetails :: Lens.Lens' WorkflowStep (Prelude.Maybe DecryptStepDetails)
+workflowStep_decryptStepDetails = Lens.lens (\WorkflowStep' {decryptStepDetails} -> decryptStepDetails) (\s@WorkflowStep' {} a -> s {decryptStepDetails = a} :: WorkflowStep)
+
+-- | Details for a step that deletes the file.
+workflowStep_deleteStepDetails :: Lens.Lens' WorkflowStep (Prelude.Maybe DeleteStepDetails)
+workflowStep_deleteStepDetails = Lens.lens (\WorkflowStep' {deleteStepDetails} -> deleteStepDetails) (\s@WorkflowStep' {} a -> s {deleteStepDetails = a} :: WorkflowStep)
+
+-- | Details for a step that creates one or more tags.
+--
+-- You specify one or more tags: each tag contains a key\/value pair.
+workflowStep_tagStepDetails :: Lens.Lens' WorkflowStep (Prelude.Maybe TagStepDetails)
+workflowStep_tagStepDetails = Lens.lens (\WorkflowStep' {tagStepDetails} -> tagStepDetails) (\s@WorkflowStep' {} a -> s {tagStepDetails = a} :: WorkflowStep)
+
+-- | Currently, the following step types are supported.
+--
+-- -   /COPY/: Copy the file to another location.
+--
+-- -   /CUSTOM/: Perform a custom step with an Lambda function target.
+--
+-- -   /DELETE/: Delete the file.
+--
+-- -   /TAG/: Add a tag to the file.
+workflowStep_type :: Lens.Lens' WorkflowStep (Prelude.Maybe WorkflowStepType)
+workflowStep_type = Lens.lens (\WorkflowStep' {type'} -> type') (\s@WorkflowStep' {} a -> s {type' = a} :: WorkflowStep)
+
+instance Data.FromJSON WorkflowStep where
+  parseJSON =
+    Data.withObject
+      "WorkflowStep"
+      ( \x ->
+          WorkflowStep'
+            Prelude.<$> (x Data..:? "CopyStepDetails")
+            Prelude.<*> (x Data..:? "CustomStepDetails")
+            Prelude.<*> (x Data..:? "DecryptStepDetails")
+            Prelude.<*> (x Data..:? "DeleteStepDetails")
+            Prelude.<*> (x Data..:? "TagStepDetails")
+            Prelude.<*> (x Data..:? "Type")
+      )
+
+instance Prelude.Hashable WorkflowStep where
+  hashWithSalt _salt WorkflowStep' {..} =
+    _salt
+      `Prelude.hashWithSalt` copyStepDetails
+      `Prelude.hashWithSalt` customStepDetails
+      `Prelude.hashWithSalt` decryptStepDetails
+      `Prelude.hashWithSalt` deleteStepDetails
+      `Prelude.hashWithSalt` tagStepDetails
+      `Prelude.hashWithSalt` type'
+
+instance Prelude.NFData WorkflowStep where
+  rnf WorkflowStep' {..} =
+    Prelude.rnf copyStepDetails
+      `Prelude.seq` Prelude.rnf customStepDetails
+      `Prelude.seq` Prelude.rnf decryptStepDetails
+      `Prelude.seq` Prelude.rnf deleteStepDetails
+      `Prelude.seq` Prelude.rnf tagStepDetails
+      `Prelude.seq` Prelude.rnf type'
+
+instance Data.ToJSON WorkflowStep where
+  toJSON WorkflowStep' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("CopyStepDetails" Data..=)
+              Prelude.<$> copyStepDetails,
+            ("CustomStepDetails" Data..=)
+              Prelude.<$> customStepDetails,
+            ("DecryptStepDetails" Data..=)
+              Prelude.<$> decryptStepDetails,
+            ("DeleteStepDetails" Data..=)
+              Prelude.<$> deleteStepDetails,
+            ("TagStepDetails" Data..=)
+              Prelude.<$> tagStepDetails,
+            ("Type" Data..=) Prelude.<$> type'
+          ]
+      )
diff --git a/gen/Amazonka/Transfer/Types/WorkflowStepType.hs b/gen/Amazonka/Transfer/Types/WorkflowStepType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Types/WorkflowStepType.hs
@@ -0,0 +1,86 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Types.WorkflowStepType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Types.WorkflowStepType
+  ( WorkflowStepType
+      ( ..,
+        WorkflowStepType_COPY,
+        WorkflowStepType_CUSTOM,
+        WorkflowStepType_DECRYPT,
+        WorkflowStepType_DELETE,
+        WorkflowStepType_TAG
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype WorkflowStepType = WorkflowStepType'
+  { fromWorkflowStepType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern WorkflowStepType_COPY :: WorkflowStepType
+pattern WorkflowStepType_COPY = WorkflowStepType' "COPY"
+
+pattern WorkflowStepType_CUSTOM :: WorkflowStepType
+pattern WorkflowStepType_CUSTOM = WorkflowStepType' "CUSTOM"
+
+pattern WorkflowStepType_DECRYPT :: WorkflowStepType
+pattern WorkflowStepType_DECRYPT = WorkflowStepType' "DECRYPT"
+
+pattern WorkflowStepType_DELETE :: WorkflowStepType
+pattern WorkflowStepType_DELETE = WorkflowStepType' "DELETE"
+
+pattern WorkflowStepType_TAG :: WorkflowStepType
+pattern WorkflowStepType_TAG = WorkflowStepType' "TAG"
+
+{-# COMPLETE
+  WorkflowStepType_COPY,
+  WorkflowStepType_CUSTOM,
+  WorkflowStepType_DECRYPT,
+  WorkflowStepType_DELETE,
+  WorkflowStepType_TAG,
+  WorkflowStepType'
+  #-}
diff --git a/gen/Amazonka/Transfer/UntagResource.hs b/gen/Amazonka/Transfer/UntagResource.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/UntagResource.hs
@@ -0,0 +1,167 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.UntagResource
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Detaches a key-value pair from a resource, as identified by its Amazon
+-- Resource Name (ARN). Resources are users, servers, roles, and other
+-- entities.
+--
+-- No response is returned from this call.
+module Amazonka.Transfer.UntagResource
+  ( -- * Creating a Request
+    UntagResource (..),
+    newUntagResource,
+
+    -- * Request Lenses
+    untagResource_arn,
+    untagResource_tagKeys,
+
+    -- * Destructuring the Response
+    UntagResourceResponse (..),
+    newUntagResourceResponse,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newUntagResource' smart constructor.
+data UntagResource = UntagResource'
+  { -- | The value of the resource that will have the tag removed. An Amazon
+    -- Resource Name (ARN) is an identifier for a specific Amazon Web Services
+    -- resource, such as a server, user, or role.
+    arn :: Prelude.Text,
+    -- | TagKeys are key-value pairs assigned to ARNs that can be used to group
+    -- and search for resources by type. This metadata can be attached to
+    -- resources for any purpose.
+    tagKeys :: Prelude.NonEmpty Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UntagResource' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'arn', 'untagResource_arn' - The value of the resource that will have the tag removed. An Amazon
+-- Resource Name (ARN) is an identifier for a specific Amazon Web Services
+-- resource, such as a server, user, or role.
+--
+-- 'tagKeys', 'untagResource_tagKeys' - TagKeys are key-value pairs assigned to ARNs that can be used to group
+-- and search for resources by type. This metadata can be attached to
+-- resources for any purpose.
+newUntagResource ::
+  -- | 'arn'
+  Prelude.Text ->
+  -- | 'tagKeys'
+  Prelude.NonEmpty Prelude.Text ->
+  UntagResource
+newUntagResource pArn_ pTagKeys_ =
+  UntagResource'
+    { arn = pArn_,
+      tagKeys = Lens.coerced Lens.# pTagKeys_
+    }
+
+-- | The value of the resource that will have the tag removed. An Amazon
+-- Resource Name (ARN) is an identifier for a specific Amazon Web Services
+-- resource, such as a server, user, or role.
+untagResource_arn :: Lens.Lens' UntagResource Prelude.Text
+untagResource_arn = Lens.lens (\UntagResource' {arn} -> arn) (\s@UntagResource' {} a -> s {arn = a} :: UntagResource)
+
+-- | TagKeys are key-value pairs assigned to ARNs that can be used to group
+-- and search for resources by type. This metadata can be attached to
+-- resources for any purpose.
+untagResource_tagKeys :: Lens.Lens' UntagResource (Prelude.NonEmpty Prelude.Text)
+untagResource_tagKeys = Lens.lens (\UntagResource' {tagKeys} -> tagKeys) (\s@UntagResource' {} a -> s {tagKeys = a} :: UntagResource) Prelude.. Lens.coerced
+
+instance Core.AWSRequest UntagResource where
+  type
+    AWSResponse UntagResource =
+      UntagResourceResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveNull UntagResourceResponse'
+
+instance Prelude.Hashable UntagResource where
+  hashWithSalt _salt UntagResource' {..} =
+    _salt
+      `Prelude.hashWithSalt` arn
+      `Prelude.hashWithSalt` tagKeys
+
+instance Prelude.NFData UntagResource where
+  rnf UntagResource' {..} =
+    Prelude.rnf arn `Prelude.seq` Prelude.rnf tagKeys
+
+instance Data.ToHeaders UntagResource where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.UntagResource" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON UntagResource where
+  toJSON UntagResource' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("Arn" Data..= arn),
+            Prelude.Just ("TagKeys" Data..= tagKeys)
+          ]
+      )
+
+instance Data.ToPath UntagResource where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery UntagResource where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUntagResourceResponse' smart constructor.
+data UntagResourceResponse = UntagResourceResponse'
+  {
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UntagResourceResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+newUntagResourceResponse ::
+  UntagResourceResponse
+newUntagResourceResponse = UntagResourceResponse'
+
+instance Prelude.NFData UntagResourceResponse where
+  rnf _ = ()
diff --git a/gen/Amazonka/Transfer/UpdateAccess.hs b/gen/Amazonka/Transfer/UpdateAccess.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/UpdateAccess.hs
@@ -0,0 +1,494 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.UpdateAccess
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Allows you to update parameters for the access specified in the
+-- @ServerID@ and @ExternalID@ parameters.
+module Amazonka.Transfer.UpdateAccess
+  ( -- * Creating a Request
+    UpdateAccess (..),
+    newUpdateAccess,
+
+    -- * Request Lenses
+    updateAccess_homeDirectory,
+    updateAccess_homeDirectoryMappings,
+    updateAccess_homeDirectoryType,
+    updateAccess_policy,
+    updateAccess_posixProfile,
+    updateAccess_role,
+    updateAccess_serverId,
+    updateAccess_externalId,
+
+    -- * Destructuring the Response
+    UpdateAccessResponse (..),
+    newUpdateAccessResponse,
+
+    -- * Response Lenses
+    updateAccessResponse_httpStatus,
+    updateAccessResponse_serverId,
+    updateAccessResponse_externalId,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newUpdateAccess' smart constructor.
+data UpdateAccess = UpdateAccess'
+  { -- | The landing directory (folder) for a user when they log in to the server
+    -- using the client.
+    --
+    -- A @HomeDirectory@ example is @\/bucket_name\/home\/mydirectory@.
+    homeDirectory :: Prelude.Maybe Prelude.Text,
+    -- | Logical directory mappings that specify what Amazon S3 or Amazon EFS
+    -- paths and keys should be visible to your user and how you want to make
+    -- them visible. You must specify the @Entry@ and @Target@ pair, where
+    -- @Entry@ shows how the path is made visible and @Target@ is the actual
+    -- Amazon S3 or Amazon EFS path. If you only specify a target, it is
+    -- displayed as is. You also must ensure that your Identity and Access
+    -- Management (IAM) role provides access to paths in @Target@. This value
+    -- can be set only when @HomeDirectoryType@ is set to /LOGICAL/.
+    --
+    -- The following is an @Entry@ and @Target@ pair example.
+    --
+    -- @[ { \"Entry\": \"\/directory1\", \"Target\": \"\/bucket_name\/home\/mydirectory\" } ]@
+    --
+    -- In most cases, you can use this value instead of the session policy to
+    -- lock down your user to the designated home directory (\"@chroot@\"). To
+    -- do this, you can set @Entry@ to @\/@ and set @Target@ to the
+    -- @HomeDirectory@ parameter value.
+    --
+    -- The following is an @Entry@ and @Target@ pair example for @chroot@.
+    --
+    -- @[ { \"Entry\": \"\/\", \"Target\": \"\/bucket_name\/home\/mydirectory\" } ]@
+    homeDirectoryMappings :: Prelude.Maybe (Prelude.NonEmpty HomeDirectoryMapEntry),
+    -- | The type of landing directory (folder) that you want your users\' home
+    -- directory to be when they log in to the server. If you set it to @PATH@,
+    -- the user will see the absolute Amazon S3 bucket or EFS paths as is in
+    -- their file transfer protocol clients. If you set it @LOGICAL@, you need
+    -- to provide mappings in the @HomeDirectoryMappings@ for how you want to
+    -- make Amazon S3 or Amazon EFS paths visible to your users.
+    homeDirectoryType :: Prelude.Maybe HomeDirectoryType,
+    -- | A session policy for your user so that you can use the same Identity and
+    -- Access Management (IAM) role across multiple users. This policy scopes
+    -- down a user\'s access to portions of their Amazon S3 bucket. Variables
+    -- that you can use inside this policy include @${Transfer:UserName}@,
+    -- @${Transfer:HomeDirectory}@, and @${Transfer:HomeBucket}@.
+    --
+    -- This policy applies only when the domain of @ServerId@ is Amazon S3.
+    -- Amazon EFS does not use session policies.
+    --
+    -- For session policies, Transfer Family stores the policy as a JSON blob,
+    -- instead of the Amazon Resource Name (ARN) of the policy. You save the
+    -- policy as a JSON blob and pass it in the @Policy@ argument.
+    --
+    -- For an example of a session policy, see
+    -- <https://docs.aws.amazon.com/transfer/latest/userguide/session-policy.html Example session policy>.
+    --
+    -- For more information, see
+    -- <https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html AssumeRole>
+    -- in the /Amazon Web ServicesSecurity Token Service API Reference/.
+    policy :: Prelude.Maybe Prelude.Text,
+    posixProfile :: Prelude.Maybe PosixProfile,
+    -- | The Amazon Resource Name (ARN) of the Identity and Access Management
+    -- (IAM) role that controls your users\' access to your Amazon S3 bucket or
+    -- Amazon EFS file system. The policies attached to this role determine the
+    -- level of access that you want to provide your users when transferring
+    -- files into and out of your Amazon S3 bucket or Amazon EFS file system.
+    -- The IAM role should also contain a trust relationship that allows the
+    -- server to access your resources when servicing your users\' transfer
+    -- requests.
+    role' :: Prelude.Maybe Prelude.Text,
+    -- | A system-assigned unique identifier for a server instance. This is the
+    -- specific server that you added your user to.
+    serverId :: Prelude.Text,
+    -- | A unique identifier that is required to identify specific groups within
+    -- your directory. The users of the group that you associate have access to
+    -- your Amazon S3 or Amazon EFS resources over the enabled protocols using
+    -- Transfer Family. If you know the group name, you can view the SID values
+    -- by running the following command using Windows PowerShell.
+    --
+    -- @Get-ADGroup -Filter {samAccountName -like \"@/@YourGroupName@/@*\"} -Properties * | Select SamAccountName,ObjectSid@
+    --
+    -- In that command, replace /YourGroupName/ with the name of your Active
+    -- Directory group.
+    --
+    -- The regular expression used to validate this parameter is a string of
+    -- characters consisting of uppercase and lowercase alphanumeric characters
+    -- with no spaces. You can also include underscores or any of the following
+    -- characters: =,.\@:\/-
+    externalId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateAccess' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'homeDirectory', 'updateAccess_homeDirectory' - The landing directory (folder) for a user when they log in to the server
+-- using the client.
+--
+-- A @HomeDirectory@ example is @\/bucket_name\/home\/mydirectory@.
+--
+-- 'homeDirectoryMappings', 'updateAccess_homeDirectoryMappings' - Logical directory mappings that specify what Amazon S3 or Amazon EFS
+-- paths and keys should be visible to your user and how you want to make
+-- them visible. You must specify the @Entry@ and @Target@ pair, where
+-- @Entry@ shows how the path is made visible and @Target@ is the actual
+-- Amazon S3 or Amazon EFS path. If you only specify a target, it is
+-- displayed as is. You also must ensure that your Identity and Access
+-- Management (IAM) role provides access to paths in @Target@. This value
+-- can be set only when @HomeDirectoryType@ is set to /LOGICAL/.
+--
+-- The following is an @Entry@ and @Target@ pair example.
+--
+-- @[ { \"Entry\": \"\/directory1\", \"Target\": \"\/bucket_name\/home\/mydirectory\" } ]@
+--
+-- In most cases, you can use this value instead of the session policy to
+-- lock down your user to the designated home directory (\"@chroot@\"). To
+-- do this, you can set @Entry@ to @\/@ and set @Target@ to the
+-- @HomeDirectory@ parameter value.
+--
+-- The following is an @Entry@ and @Target@ pair example for @chroot@.
+--
+-- @[ { \"Entry\": \"\/\", \"Target\": \"\/bucket_name\/home\/mydirectory\" } ]@
+--
+-- 'homeDirectoryType', 'updateAccess_homeDirectoryType' - The type of landing directory (folder) that you want your users\' home
+-- directory to be when they log in to the server. If you set it to @PATH@,
+-- the user will see the absolute Amazon S3 bucket or EFS paths as is in
+-- their file transfer protocol clients. If you set it @LOGICAL@, you need
+-- to provide mappings in the @HomeDirectoryMappings@ for how you want to
+-- make Amazon S3 or Amazon EFS paths visible to your users.
+--
+-- 'policy', 'updateAccess_policy' - A session policy for your user so that you can use the same Identity and
+-- Access Management (IAM) role across multiple users. This policy scopes
+-- down a user\'s access to portions of their Amazon S3 bucket. Variables
+-- that you can use inside this policy include @${Transfer:UserName}@,
+-- @${Transfer:HomeDirectory}@, and @${Transfer:HomeBucket}@.
+--
+-- This policy applies only when the domain of @ServerId@ is Amazon S3.
+-- Amazon EFS does not use session policies.
+--
+-- For session policies, Transfer Family stores the policy as a JSON blob,
+-- instead of the Amazon Resource Name (ARN) of the policy. You save the
+-- policy as a JSON blob and pass it in the @Policy@ argument.
+--
+-- For an example of a session policy, see
+-- <https://docs.aws.amazon.com/transfer/latest/userguide/session-policy.html Example session policy>.
+--
+-- For more information, see
+-- <https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html AssumeRole>
+-- in the /Amazon Web ServicesSecurity Token Service API Reference/.
+--
+-- 'posixProfile', 'updateAccess_posixProfile' - Undocumented member.
+--
+-- 'role'', 'updateAccess_role' - The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that controls your users\' access to your Amazon S3 bucket or
+-- Amazon EFS file system. The policies attached to this role determine the
+-- level of access that you want to provide your users when transferring
+-- files into and out of your Amazon S3 bucket or Amazon EFS file system.
+-- The IAM role should also contain a trust relationship that allows the
+-- server to access your resources when servicing your users\' transfer
+-- requests.
+--
+-- 'serverId', 'updateAccess_serverId' - A system-assigned unique identifier for a server instance. This is the
+-- specific server that you added your user to.
+--
+-- 'externalId', 'updateAccess_externalId' - A unique identifier that is required to identify specific groups within
+-- your directory. The users of the group that you associate have access to
+-- your Amazon S3 or Amazon EFS resources over the enabled protocols using
+-- Transfer Family. If you know the group name, you can view the SID values
+-- by running the following command using Windows PowerShell.
+--
+-- @Get-ADGroup -Filter {samAccountName -like \"@/@YourGroupName@/@*\"} -Properties * | Select SamAccountName,ObjectSid@
+--
+-- In that command, replace /YourGroupName/ with the name of your Active
+-- Directory group.
+--
+-- The regular expression used to validate this parameter is a string of
+-- characters consisting of uppercase and lowercase alphanumeric characters
+-- with no spaces. You can also include underscores or any of the following
+-- characters: =,.\@:\/-
+newUpdateAccess ::
+  -- | 'serverId'
+  Prelude.Text ->
+  -- | 'externalId'
+  Prelude.Text ->
+  UpdateAccess
+newUpdateAccess pServerId_ pExternalId_ =
+  UpdateAccess'
+    { homeDirectory = Prelude.Nothing,
+      homeDirectoryMappings = Prelude.Nothing,
+      homeDirectoryType = Prelude.Nothing,
+      policy = Prelude.Nothing,
+      posixProfile = Prelude.Nothing,
+      role' = Prelude.Nothing,
+      serverId = pServerId_,
+      externalId = pExternalId_
+    }
+
+-- | The landing directory (folder) for a user when they log in to the server
+-- using the client.
+--
+-- A @HomeDirectory@ example is @\/bucket_name\/home\/mydirectory@.
+updateAccess_homeDirectory :: Lens.Lens' UpdateAccess (Prelude.Maybe Prelude.Text)
+updateAccess_homeDirectory = Lens.lens (\UpdateAccess' {homeDirectory} -> homeDirectory) (\s@UpdateAccess' {} a -> s {homeDirectory = a} :: UpdateAccess)
+
+-- | Logical directory mappings that specify what Amazon S3 or Amazon EFS
+-- paths and keys should be visible to your user and how you want to make
+-- them visible. You must specify the @Entry@ and @Target@ pair, where
+-- @Entry@ shows how the path is made visible and @Target@ is the actual
+-- Amazon S3 or Amazon EFS path. If you only specify a target, it is
+-- displayed as is. You also must ensure that your Identity and Access
+-- Management (IAM) role provides access to paths in @Target@. This value
+-- can be set only when @HomeDirectoryType@ is set to /LOGICAL/.
+--
+-- The following is an @Entry@ and @Target@ pair example.
+--
+-- @[ { \"Entry\": \"\/directory1\", \"Target\": \"\/bucket_name\/home\/mydirectory\" } ]@
+--
+-- In most cases, you can use this value instead of the session policy to
+-- lock down your user to the designated home directory (\"@chroot@\"). To
+-- do this, you can set @Entry@ to @\/@ and set @Target@ to the
+-- @HomeDirectory@ parameter value.
+--
+-- The following is an @Entry@ and @Target@ pair example for @chroot@.
+--
+-- @[ { \"Entry\": \"\/\", \"Target\": \"\/bucket_name\/home\/mydirectory\" } ]@
+updateAccess_homeDirectoryMappings :: Lens.Lens' UpdateAccess (Prelude.Maybe (Prelude.NonEmpty HomeDirectoryMapEntry))
+updateAccess_homeDirectoryMappings = Lens.lens (\UpdateAccess' {homeDirectoryMappings} -> homeDirectoryMappings) (\s@UpdateAccess' {} a -> s {homeDirectoryMappings = a} :: UpdateAccess) Prelude.. Lens.mapping Lens.coerced
+
+-- | The type of landing directory (folder) that you want your users\' home
+-- directory to be when they log in to the server. If you set it to @PATH@,
+-- the user will see the absolute Amazon S3 bucket or EFS paths as is in
+-- their file transfer protocol clients. If you set it @LOGICAL@, you need
+-- to provide mappings in the @HomeDirectoryMappings@ for how you want to
+-- make Amazon S3 or Amazon EFS paths visible to your users.
+updateAccess_homeDirectoryType :: Lens.Lens' UpdateAccess (Prelude.Maybe HomeDirectoryType)
+updateAccess_homeDirectoryType = Lens.lens (\UpdateAccess' {homeDirectoryType} -> homeDirectoryType) (\s@UpdateAccess' {} a -> s {homeDirectoryType = a} :: UpdateAccess)
+
+-- | A session policy for your user so that you can use the same Identity and
+-- Access Management (IAM) role across multiple users. This policy scopes
+-- down a user\'s access to portions of their Amazon S3 bucket. Variables
+-- that you can use inside this policy include @${Transfer:UserName}@,
+-- @${Transfer:HomeDirectory}@, and @${Transfer:HomeBucket}@.
+--
+-- This policy applies only when the domain of @ServerId@ is Amazon S3.
+-- Amazon EFS does not use session policies.
+--
+-- For session policies, Transfer Family stores the policy as a JSON blob,
+-- instead of the Amazon Resource Name (ARN) of the policy. You save the
+-- policy as a JSON blob and pass it in the @Policy@ argument.
+--
+-- For an example of a session policy, see
+-- <https://docs.aws.amazon.com/transfer/latest/userguide/session-policy.html Example session policy>.
+--
+-- For more information, see
+-- <https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html AssumeRole>
+-- in the /Amazon Web ServicesSecurity Token Service API Reference/.
+updateAccess_policy :: Lens.Lens' UpdateAccess (Prelude.Maybe Prelude.Text)
+updateAccess_policy = Lens.lens (\UpdateAccess' {policy} -> policy) (\s@UpdateAccess' {} a -> s {policy = a} :: UpdateAccess)
+
+-- | Undocumented member.
+updateAccess_posixProfile :: Lens.Lens' UpdateAccess (Prelude.Maybe PosixProfile)
+updateAccess_posixProfile = Lens.lens (\UpdateAccess' {posixProfile} -> posixProfile) (\s@UpdateAccess' {} a -> s {posixProfile = a} :: UpdateAccess)
+
+-- | The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that controls your users\' access to your Amazon S3 bucket or
+-- Amazon EFS file system. The policies attached to this role determine the
+-- level of access that you want to provide your users when transferring
+-- files into and out of your Amazon S3 bucket or Amazon EFS file system.
+-- The IAM role should also contain a trust relationship that allows the
+-- server to access your resources when servicing your users\' transfer
+-- requests.
+updateAccess_role :: Lens.Lens' UpdateAccess (Prelude.Maybe Prelude.Text)
+updateAccess_role = Lens.lens (\UpdateAccess' {role'} -> role') (\s@UpdateAccess' {} a -> s {role' = a} :: UpdateAccess)
+
+-- | A system-assigned unique identifier for a server instance. This is the
+-- specific server that you added your user to.
+updateAccess_serverId :: Lens.Lens' UpdateAccess Prelude.Text
+updateAccess_serverId = Lens.lens (\UpdateAccess' {serverId} -> serverId) (\s@UpdateAccess' {} a -> s {serverId = a} :: UpdateAccess)
+
+-- | A unique identifier that is required to identify specific groups within
+-- your directory. The users of the group that you associate have access to
+-- your Amazon S3 or Amazon EFS resources over the enabled protocols using
+-- Transfer Family. If you know the group name, you can view the SID values
+-- by running the following command using Windows PowerShell.
+--
+-- @Get-ADGroup -Filter {samAccountName -like \"@/@YourGroupName@/@*\"} -Properties * | Select SamAccountName,ObjectSid@
+--
+-- In that command, replace /YourGroupName/ with the name of your Active
+-- Directory group.
+--
+-- The regular expression used to validate this parameter is a string of
+-- characters consisting of uppercase and lowercase alphanumeric characters
+-- with no spaces. You can also include underscores or any of the following
+-- characters: =,.\@:\/-
+updateAccess_externalId :: Lens.Lens' UpdateAccess Prelude.Text
+updateAccess_externalId = Lens.lens (\UpdateAccess' {externalId} -> externalId) (\s@UpdateAccess' {} a -> s {externalId = a} :: UpdateAccess)
+
+instance Core.AWSRequest UpdateAccess where
+  type AWSResponse UpdateAccess = UpdateAccessResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdateAccessResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "ServerId")
+            Prelude.<*> (x Data..:> "ExternalId")
+      )
+
+instance Prelude.Hashable UpdateAccess where
+  hashWithSalt _salt UpdateAccess' {..} =
+    _salt
+      `Prelude.hashWithSalt` homeDirectory
+      `Prelude.hashWithSalt` homeDirectoryMappings
+      `Prelude.hashWithSalt` homeDirectoryType
+      `Prelude.hashWithSalt` policy
+      `Prelude.hashWithSalt` posixProfile
+      `Prelude.hashWithSalt` role'
+      `Prelude.hashWithSalt` serverId
+      `Prelude.hashWithSalt` externalId
+
+instance Prelude.NFData UpdateAccess where
+  rnf UpdateAccess' {..} =
+    Prelude.rnf homeDirectory
+      `Prelude.seq` Prelude.rnf homeDirectoryMappings
+      `Prelude.seq` Prelude.rnf homeDirectoryType
+      `Prelude.seq` Prelude.rnf policy
+      `Prelude.seq` Prelude.rnf posixProfile
+      `Prelude.seq` Prelude.rnf role'
+      `Prelude.seq` Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf externalId
+
+instance Data.ToHeaders UpdateAccess where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.UpdateAccess" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON UpdateAccess where
+  toJSON UpdateAccess' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("HomeDirectory" Data..=) Prelude.<$> homeDirectory,
+            ("HomeDirectoryMappings" Data..=)
+              Prelude.<$> homeDirectoryMappings,
+            ("HomeDirectoryType" Data..=)
+              Prelude.<$> homeDirectoryType,
+            ("Policy" Data..=) Prelude.<$> policy,
+            ("PosixProfile" Data..=) Prelude.<$> posixProfile,
+            ("Role" Data..=) Prelude.<$> role',
+            Prelude.Just ("ServerId" Data..= serverId),
+            Prelude.Just ("ExternalId" Data..= externalId)
+          ]
+      )
+
+instance Data.ToPath UpdateAccess where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery UpdateAccess where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateAccessResponse' smart constructor.
+data UpdateAccessResponse = UpdateAccessResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The identifier of the server that the user is attached to.
+    serverId :: Prelude.Text,
+    -- | The external identifier of the group whose users have access to your
+    -- Amazon S3 or Amazon EFS resources over the enabled protocols using
+    -- Amazon Web ServicesTransfer Family.
+    externalId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateAccessResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'updateAccessResponse_httpStatus' - The response's http status code.
+--
+-- 'serverId', 'updateAccessResponse_serverId' - The identifier of the server that the user is attached to.
+--
+-- 'externalId', 'updateAccessResponse_externalId' - The external identifier of the group whose users have access to your
+-- Amazon S3 or Amazon EFS resources over the enabled protocols using
+-- Amazon Web ServicesTransfer Family.
+newUpdateAccessResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'serverId'
+  Prelude.Text ->
+  -- | 'externalId'
+  Prelude.Text ->
+  UpdateAccessResponse
+newUpdateAccessResponse
+  pHttpStatus_
+  pServerId_
+  pExternalId_ =
+    UpdateAccessResponse'
+      { httpStatus = pHttpStatus_,
+        serverId = pServerId_,
+        externalId = pExternalId_
+      }
+
+-- | The response's http status code.
+updateAccessResponse_httpStatus :: Lens.Lens' UpdateAccessResponse Prelude.Int
+updateAccessResponse_httpStatus = Lens.lens (\UpdateAccessResponse' {httpStatus} -> httpStatus) (\s@UpdateAccessResponse' {} a -> s {httpStatus = a} :: UpdateAccessResponse)
+
+-- | The identifier of the server that the user is attached to.
+updateAccessResponse_serverId :: Lens.Lens' UpdateAccessResponse Prelude.Text
+updateAccessResponse_serverId = Lens.lens (\UpdateAccessResponse' {serverId} -> serverId) (\s@UpdateAccessResponse' {} a -> s {serverId = a} :: UpdateAccessResponse)
+
+-- | The external identifier of the group whose users have access to your
+-- Amazon S3 or Amazon EFS resources over the enabled protocols using
+-- Amazon Web ServicesTransfer Family.
+updateAccessResponse_externalId :: Lens.Lens' UpdateAccessResponse Prelude.Text
+updateAccessResponse_externalId = Lens.lens (\UpdateAccessResponse' {externalId} -> externalId) (\s@UpdateAccessResponse' {} a -> s {externalId = a} :: UpdateAccessResponse)
+
+instance Prelude.NFData UpdateAccessResponse where
+  rnf UpdateAccessResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf externalId
diff --git a/gen/Amazonka/Transfer/UpdateAgreement.hs b/gen/Amazonka/Transfer/UpdateAgreement.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/UpdateAgreement.hs
@@ -0,0 +1,331 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.UpdateAgreement
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates some of the parameters for an existing agreement. Provide the
+-- @AgreementId@ and the @ServerId@ for the agreement that you want to
+-- update, along with the new values for the parameters to update.
+module Amazonka.Transfer.UpdateAgreement
+  ( -- * Creating a Request
+    UpdateAgreement (..),
+    newUpdateAgreement,
+
+    -- * Request Lenses
+    updateAgreement_accessRole,
+    updateAgreement_baseDirectory,
+    updateAgreement_description,
+    updateAgreement_localProfileId,
+    updateAgreement_partnerProfileId,
+    updateAgreement_status,
+    updateAgreement_agreementId,
+    updateAgreement_serverId,
+
+    -- * Destructuring the Response
+    UpdateAgreementResponse (..),
+    newUpdateAgreementResponse,
+
+    -- * Response Lenses
+    updateAgreementResponse_httpStatus,
+    updateAgreementResponse_agreementId,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newUpdateAgreement' smart constructor.
+data UpdateAgreement = UpdateAgreement'
+  { -- | With AS2, you can send files by calling @StartFileTransfer@ and
+    -- specifying the file paths in the request parameter, @SendFilePaths@. We
+    -- use the file’s parent directory (for example, for
+    -- @--send-file-paths \/bucket\/dir\/file.txt@, parent directory is
+    -- @\/bucket\/dir\/@) to temporarily store a processed AS2 message file,
+    -- store the MDN when we receive them from the partner, and write a final
+    -- JSON file containing relevant metadata of the transmission. So, the
+    -- @AccessRole@ needs to provide read and write access to the parent
+    -- directory of the file location used in the @StartFileTransfer@ request.
+    -- Additionally, you need to provide read and write access to the parent
+    -- directory of the files that you intend to send with @StartFileTransfer@.
+    accessRole :: Prelude.Maybe Prelude.Text,
+    -- | To change the landing directory (folder) for files that are transferred,
+    -- provide the bucket folder that you want to use; for example,
+    -- @\/@/@DOC-EXAMPLE-BUCKET@/@\/@/@home@/@\/@/@mydirectory@/@ @.
+    baseDirectory :: Prelude.Maybe Prelude.Text,
+    -- | To replace the existing description, provide a short description for the
+    -- agreement.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | A unique identifier for the AS2 local profile.
+    --
+    -- To change the local profile identifier, provide a new value here.
+    localProfileId :: Prelude.Maybe Prelude.Text,
+    -- | A unique identifier for the partner profile. To change the partner
+    -- profile identifier, provide a new value here.
+    partnerProfileId :: Prelude.Maybe Prelude.Text,
+    -- | You can update the status for the agreement, either activating an
+    -- inactive agreement or the reverse.
+    status :: Prelude.Maybe AgreementStatusType,
+    -- | A unique identifier for the agreement. This identifier is returned when
+    -- you create an agreement.
+    agreementId :: Prelude.Text,
+    -- | A system-assigned unique identifier for a server instance. This is the
+    -- specific server that the agreement uses.
+    serverId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateAgreement' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'accessRole', 'updateAgreement_accessRole' - With AS2, you can send files by calling @StartFileTransfer@ and
+-- specifying the file paths in the request parameter, @SendFilePaths@. We
+-- use the file’s parent directory (for example, for
+-- @--send-file-paths \/bucket\/dir\/file.txt@, parent directory is
+-- @\/bucket\/dir\/@) to temporarily store a processed AS2 message file,
+-- store the MDN when we receive them from the partner, and write a final
+-- JSON file containing relevant metadata of the transmission. So, the
+-- @AccessRole@ needs to provide read and write access to the parent
+-- directory of the file location used in the @StartFileTransfer@ request.
+-- Additionally, you need to provide read and write access to the parent
+-- directory of the files that you intend to send with @StartFileTransfer@.
+--
+-- 'baseDirectory', 'updateAgreement_baseDirectory' - To change the landing directory (folder) for files that are transferred,
+-- provide the bucket folder that you want to use; for example,
+-- @\/@/@DOC-EXAMPLE-BUCKET@/@\/@/@home@/@\/@/@mydirectory@/@ @.
+--
+-- 'description', 'updateAgreement_description' - To replace the existing description, provide a short description for the
+-- agreement.
+--
+-- 'localProfileId', 'updateAgreement_localProfileId' - A unique identifier for the AS2 local profile.
+--
+-- To change the local profile identifier, provide a new value here.
+--
+-- 'partnerProfileId', 'updateAgreement_partnerProfileId' - A unique identifier for the partner profile. To change the partner
+-- profile identifier, provide a new value here.
+--
+-- 'status', 'updateAgreement_status' - You can update the status for the agreement, either activating an
+-- inactive agreement or the reverse.
+--
+-- 'agreementId', 'updateAgreement_agreementId' - A unique identifier for the agreement. This identifier is returned when
+-- you create an agreement.
+--
+-- 'serverId', 'updateAgreement_serverId' - A system-assigned unique identifier for a server instance. This is the
+-- specific server that the agreement uses.
+newUpdateAgreement ::
+  -- | 'agreementId'
+  Prelude.Text ->
+  -- | 'serverId'
+  Prelude.Text ->
+  UpdateAgreement
+newUpdateAgreement pAgreementId_ pServerId_ =
+  UpdateAgreement'
+    { accessRole = Prelude.Nothing,
+      baseDirectory = Prelude.Nothing,
+      description = Prelude.Nothing,
+      localProfileId = Prelude.Nothing,
+      partnerProfileId = Prelude.Nothing,
+      status = Prelude.Nothing,
+      agreementId = pAgreementId_,
+      serverId = pServerId_
+    }
+
+-- | With AS2, you can send files by calling @StartFileTransfer@ and
+-- specifying the file paths in the request parameter, @SendFilePaths@. We
+-- use the file’s parent directory (for example, for
+-- @--send-file-paths \/bucket\/dir\/file.txt@, parent directory is
+-- @\/bucket\/dir\/@) to temporarily store a processed AS2 message file,
+-- store the MDN when we receive them from the partner, and write a final
+-- JSON file containing relevant metadata of the transmission. So, the
+-- @AccessRole@ needs to provide read and write access to the parent
+-- directory of the file location used in the @StartFileTransfer@ request.
+-- Additionally, you need to provide read and write access to the parent
+-- directory of the files that you intend to send with @StartFileTransfer@.
+updateAgreement_accessRole :: Lens.Lens' UpdateAgreement (Prelude.Maybe Prelude.Text)
+updateAgreement_accessRole = Lens.lens (\UpdateAgreement' {accessRole} -> accessRole) (\s@UpdateAgreement' {} a -> s {accessRole = a} :: UpdateAgreement)
+
+-- | To change the landing directory (folder) for files that are transferred,
+-- provide the bucket folder that you want to use; for example,
+-- @\/@/@DOC-EXAMPLE-BUCKET@/@\/@/@home@/@\/@/@mydirectory@/@ @.
+updateAgreement_baseDirectory :: Lens.Lens' UpdateAgreement (Prelude.Maybe Prelude.Text)
+updateAgreement_baseDirectory = Lens.lens (\UpdateAgreement' {baseDirectory} -> baseDirectory) (\s@UpdateAgreement' {} a -> s {baseDirectory = a} :: UpdateAgreement)
+
+-- | To replace the existing description, provide a short description for the
+-- agreement.
+updateAgreement_description :: Lens.Lens' UpdateAgreement (Prelude.Maybe Prelude.Text)
+updateAgreement_description = Lens.lens (\UpdateAgreement' {description} -> description) (\s@UpdateAgreement' {} a -> s {description = a} :: UpdateAgreement)
+
+-- | A unique identifier for the AS2 local profile.
+--
+-- To change the local profile identifier, provide a new value here.
+updateAgreement_localProfileId :: Lens.Lens' UpdateAgreement (Prelude.Maybe Prelude.Text)
+updateAgreement_localProfileId = Lens.lens (\UpdateAgreement' {localProfileId} -> localProfileId) (\s@UpdateAgreement' {} a -> s {localProfileId = a} :: UpdateAgreement)
+
+-- | A unique identifier for the partner profile. To change the partner
+-- profile identifier, provide a new value here.
+updateAgreement_partnerProfileId :: Lens.Lens' UpdateAgreement (Prelude.Maybe Prelude.Text)
+updateAgreement_partnerProfileId = Lens.lens (\UpdateAgreement' {partnerProfileId} -> partnerProfileId) (\s@UpdateAgreement' {} a -> s {partnerProfileId = a} :: UpdateAgreement)
+
+-- | You can update the status for the agreement, either activating an
+-- inactive agreement or the reverse.
+updateAgreement_status :: Lens.Lens' UpdateAgreement (Prelude.Maybe AgreementStatusType)
+updateAgreement_status = Lens.lens (\UpdateAgreement' {status} -> status) (\s@UpdateAgreement' {} a -> s {status = a} :: UpdateAgreement)
+
+-- | A unique identifier for the agreement. This identifier is returned when
+-- you create an agreement.
+updateAgreement_agreementId :: Lens.Lens' UpdateAgreement Prelude.Text
+updateAgreement_agreementId = Lens.lens (\UpdateAgreement' {agreementId} -> agreementId) (\s@UpdateAgreement' {} a -> s {agreementId = a} :: UpdateAgreement)
+
+-- | A system-assigned unique identifier for a server instance. This is the
+-- specific server that the agreement uses.
+updateAgreement_serverId :: Lens.Lens' UpdateAgreement Prelude.Text
+updateAgreement_serverId = Lens.lens (\UpdateAgreement' {serverId} -> serverId) (\s@UpdateAgreement' {} a -> s {serverId = a} :: UpdateAgreement)
+
+instance Core.AWSRequest UpdateAgreement where
+  type
+    AWSResponse UpdateAgreement =
+      UpdateAgreementResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdateAgreementResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "AgreementId")
+      )
+
+instance Prelude.Hashable UpdateAgreement where
+  hashWithSalt _salt UpdateAgreement' {..} =
+    _salt
+      `Prelude.hashWithSalt` accessRole
+      `Prelude.hashWithSalt` baseDirectory
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` localProfileId
+      `Prelude.hashWithSalt` partnerProfileId
+      `Prelude.hashWithSalt` status
+      `Prelude.hashWithSalt` agreementId
+      `Prelude.hashWithSalt` serverId
+
+instance Prelude.NFData UpdateAgreement where
+  rnf UpdateAgreement' {..} =
+    Prelude.rnf accessRole
+      `Prelude.seq` Prelude.rnf baseDirectory
+      `Prelude.seq` Prelude.rnf description
+      `Prelude.seq` Prelude.rnf localProfileId
+      `Prelude.seq` Prelude.rnf partnerProfileId
+      `Prelude.seq` Prelude.rnf status
+      `Prelude.seq` Prelude.rnf agreementId
+      `Prelude.seq` Prelude.rnf serverId
+
+instance Data.ToHeaders UpdateAgreement where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.UpdateAgreement" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON UpdateAgreement where
+  toJSON UpdateAgreement' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("AccessRole" Data..=) Prelude.<$> accessRole,
+            ("BaseDirectory" Data..=) Prelude.<$> baseDirectory,
+            ("Description" Data..=) Prelude.<$> description,
+            ("LocalProfileId" Data..=)
+              Prelude.<$> localProfileId,
+            ("PartnerProfileId" Data..=)
+              Prelude.<$> partnerProfileId,
+            ("Status" Data..=) Prelude.<$> status,
+            Prelude.Just ("AgreementId" Data..= agreementId),
+            Prelude.Just ("ServerId" Data..= serverId)
+          ]
+      )
+
+instance Data.ToPath UpdateAgreement where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery UpdateAgreement where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateAgreementResponse' smart constructor.
+data UpdateAgreementResponse = UpdateAgreementResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | A unique identifier for the agreement. This identifier is returned when
+    -- you create an agreement.
+    agreementId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateAgreementResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'updateAgreementResponse_httpStatus' - The response's http status code.
+--
+-- 'agreementId', 'updateAgreementResponse_agreementId' - A unique identifier for the agreement. This identifier is returned when
+-- you create an agreement.
+newUpdateAgreementResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'agreementId'
+  Prelude.Text ->
+  UpdateAgreementResponse
+newUpdateAgreementResponse pHttpStatus_ pAgreementId_ =
+  UpdateAgreementResponse'
+    { httpStatus = pHttpStatus_,
+      agreementId = pAgreementId_
+    }
+
+-- | The response's http status code.
+updateAgreementResponse_httpStatus :: Lens.Lens' UpdateAgreementResponse Prelude.Int
+updateAgreementResponse_httpStatus = Lens.lens (\UpdateAgreementResponse' {httpStatus} -> httpStatus) (\s@UpdateAgreementResponse' {} a -> s {httpStatus = a} :: UpdateAgreementResponse)
+
+-- | A unique identifier for the agreement. This identifier is returned when
+-- you create an agreement.
+updateAgreementResponse_agreementId :: Lens.Lens' UpdateAgreementResponse Prelude.Text
+updateAgreementResponse_agreementId = Lens.lens (\UpdateAgreementResponse' {agreementId} -> agreementId) (\s@UpdateAgreementResponse' {} a -> s {agreementId = a} :: UpdateAgreementResponse)
+
+instance Prelude.NFData UpdateAgreementResponse where
+  rnf UpdateAgreementResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf agreementId
diff --git a/gen/Amazonka/Transfer/UpdateCertificate.hs b/gen/Amazonka/Transfer/UpdateCertificate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/UpdateCertificate.hs
@@ -0,0 +1,217 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.UpdateCertificate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates the active and inactive dates for a certificate.
+module Amazonka.Transfer.UpdateCertificate
+  ( -- * Creating a Request
+    UpdateCertificate (..),
+    newUpdateCertificate,
+
+    -- * Request Lenses
+    updateCertificate_activeDate,
+    updateCertificate_description,
+    updateCertificate_inactiveDate,
+    updateCertificate_certificateId,
+
+    -- * Destructuring the Response
+    UpdateCertificateResponse (..),
+    newUpdateCertificateResponse,
+
+    -- * Response Lenses
+    updateCertificateResponse_httpStatus,
+    updateCertificateResponse_certificateId,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newUpdateCertificate' smart constructor.
+data UpdateCertificate = UpdateCertificate'
+  { -- | An optional date that specifies when the certificate becomes active.
+    activeDate :: Prelude.Maybe Data.POSIX,
+    -- | A short description to help identify the certificate.
+    description :: Prelude.Maybe Prelude.Text,
+    -- | An optional date that specifies when the certificate becomes inactive.
+    inactiveDate :: Prelude.Maybe Data.POSIX,
+    -- | The identifier of the certificate object that you are updating.
+    certificateId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateCertificate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'activeDate', 'updateCertificate_activeDate' - An optional date that specifies when the certificate becomes active.
+--
+-- 'description', 'updateCertificate_description' - A short description to help identify the certificate.
+--
+-- 'inactiveDate', 'updateCertificate_inactiveDate' - An optional date that specifies when the certificate becomes inactive.
+--
+-- 'certificateId', 'updateCertificate_certificateId' - The identifier of the certificate object that you are updating.
+newUpdateCertificate ::
+  -- | 'certificateId'
+  Prelude.Text ->
+  UpdateCertificate
+newUpdateCertificate pCertificateId_ =
+  UpdateCertificate'
+    { activeDate = Prelude.Nothing,
+      description = Prelude.Nothing,
+      inactiveDate = Prelude.Nothing,
+      certificateId = pCertificateId_
+    }
+
+-- | An optional date that specifies when the certificate becomes active.
+updateCertificate_activeDate :: Lens.Lens' UpdateCertificate (Prelude.Maybe Prelude.UTCTime)
+updateCertificate_activeDate = Lens.lens (\UpdateCertificate' {activeDate} -> activeDate) (\s@UpdateCertificate' {} a -> s {activeDate = a} :: UpdateCertificate) Prelude.. Lens.mapping Data._Time
+
+-- | A short description to help identify the certificate.
+updateCertificate_description :: Lens.Lens' UpdateCertificate (Prelude.Maybe Prelude.Text)
+updateCertificate_description = Lens.lens (\UpdateCertificate' {description} -> description) (\s@UpdateCertificate' {} a -> s {description = a} :: UpdateCertificate)
+
+-- | An optional date that specifies when the certificate becomes inactive.
+updateCertificate_inactiveDate :: Lens.Lens' UpdateCertificate (Prelude.Maybe Prelude.UTCTime)
+updateCertificate_inactiveDate = Lens.lens (\UpdateCertificate' {inactiveDate} -> inactiveDate) (\s@UpdateCertificate' {} a -> s {inactiveDate = a} :: UpdateCertificate) Prelude.. Lens.mapping Data._Time
+
+-- | The identifier of the certificate object that you are updating.
+updateCertificate_certificateId :: Lens.Lens' UpdateCertificate Prelude.Text
+updateCertificate_certificateId = Lens.lens (\UpdateCertificate' {certificateId} -> certificateId) (\s@UpdateCertificate' {} a -> s {certificateId = a} :: UpdateCertificate)
+
+instance Core.AWSRequest UpdateCertificate where
+  type
+    AWSResponse UpdateCertificate =
+      UpdateCertificateResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdateCertificateResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "CertificateId")
+      )
+
+instance Prelude.Hashable UpdateCertificate where
+  hashWithSalt _salt UpdateCertificate' {..} =
+    _salt
+      `Prelude.hashWithSalt` activeDate
+      `Prelude.hashWithSalt` description
+      `Prelude.hashWithSalt` inactiveDate
+      `Prelude.hashWithSalt` certificateId
+
+instance Prelude.NFData UpdateCertificate where
+  rnf UpdateCertificate' {..} =
+    Prelude.rnf activeDate
+      `Prelude.seq` Prelude.rnf description
+      `Prelude.seq` Prelude.rnf inactiveDate
+      `Prelude.seq` Prelude.rnf certificateId
+
+instance Data.ToHeaders UpdateCertificate where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.UpdateCertificate" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON UpdateCertificate where
+  toJSON UpdateCertificate' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("ActiveDate" Data..=) Prelude.<$> activeDate,
+            ("Description" Data..=) Prelude.<$> description,
+            ("InactiveDate" Data..=) Prelude.<$> inactiveDate,
+            Prelude.Just
+              ("CertificateId" Data..= certificateId)
+          ]
+      )
+
+instance Data.ToPath UpdateCertificate where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery UpdateCertificate where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateCertificateResponse' smart constructor.
+data UpdateCertificateResponse = UpdateCertificateResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | Returns the identifier of the certificate object that you are updating.
+    certificateId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateCertificateResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'updateCertificateResponse_httpStatus' - The response's http status code.
+--
+-- 'certificateId', 'updateCertificateResponse_certificateId' - Returns the identifier of the certificate object that you are updating.
+newUpdateCertificateResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'certificateId'
+  Prelude.Text ->
+  UpdateCertificateResponse
+newUpdateCertificateResponse
+  pHttpStatus_
+  pCertificateId_ =
+    UpdateCertificateResponse'
+      { httpStatus =
+          pHttpStatus_,
+        certificateId = pCertificateId_
+      }
+
+-- | The response's http status code.
+updateCertificateResponse_httpStatus :: Lens.Lens' UpdateCertificateResponse Prelude.Int
+updateCertificateResponse_httpStatus = Lens.lens (\UpdateCertificateResponse' {httpStatus} -> httpStatus) (\s@UpdateCertificateResponse' {} a -> s {httpStatus = a} :: UpdateCertificateResponse)
+
+-- | Returns the identifier of the certificate object that you are updating.
+updateCertificateResponse_certificateId :: Lens.Lens' UpdateCertificateResponse Prelude.Text
+updateCertificateResponse_certificateId = Lens.lens (\UpdateCertificateResponse' {certificateId} -> certificateId) (\s@UpdateCertificateResponse' {} a -> s {certificateId = a} :: UpdateCertificateResponse)
+
+instance Prelude.NFData UpdateCertificateResponse where
+  rnf UpdateCertificateResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf certificateId
diff --git a/gen/Amazonka/Transfer/UpdateConnector.hs b/gen/Amazonka/Transfer/UpdateConnector.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/UpdateConnector.hs
@@ -0,0 +1,267 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.UpdateConnector
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates some of the parameters for an existing connector. Provide the
+-- @ConnectorId@ for the connector that you want to update, along with the
+-- new values for the parameters to update.
+module Amazonka.Transfer.UpdateConnector
+  ( -- * Creating a Request
+    UpdateConnector (..),
+    newUpdateConnector,
+
+    -- * Request Lenses
+    updateConnector_accessRole,
+    updateConnector_as2Config,
+    updateConnector_loggingRole,
+    updateConnector_url,
+    updateConnector_connectorId,
+
+    -- * Destructuring the Response
+    UpdateConnectorResponse (..),
+    newUpdateConnectorResponse,
+
+    -- * Response Lenses
+    updateConnectorResponse_httpStatus,
+    updateConnectorResponse_connectorId,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newUpdateConnector' smart constructor.
+data UpdateConnector = UpdateConnector'
+  { -- | With AS2, you can send files by calling @StartFileTransfer@ and
+    -- specifying the file paths in the request parameter, @SendFilePaths@. We
+    -- use the file’s parent directory (for example, for
+    -- @--send-file-paths \/bucket\/dir\/file.txt@, parent directory is
+    -- @\/bucket\/dir\/@) to temporarily store a processed AS2 message file,
+    -- store the MDN when we receive them from the partner, and write a final
+    -- JSON file containing relevant metadata of the transmission. So, the
+    -- @AccessRole@ needs to provide read and write access to the parent
+    -- directory of the file location used in the @StartFileTransfer@ request.
+    -- Additionally, you need to provide read and write access to the parent
+    -- directory of the files that you intend to send with @StartFileTransfer@.
+    accessRole :: Prelude.Maybe Prelude.Text,
+    -- | A structure that contains the parameters for a connector object.
+    as2Config :: Prelude.Maybe As2ConnectorConfig,
+    -- | The Amazon Resource Name (ARN) of the Identity and Access Management
+    -- (IAM) role that allows a connector to turn on CloudWatch logging for
+    -- Amazon S3 events. When set, you can view connector activity in your
+    -- CloudWatch logs.
+    loggingRole :: Prelude.Maybe Prelude.Text,
+    -- | The URL of the partner\'s AS2 endpoint.
+    url :: Prelude.Maybe Prelude.Text,
+    -- | The unique identifier for the connector.
+    connectorId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateConnector' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'accessRole', 'updateConnector_accessRole' - With AS2, you can send files by calling @StartFileTransfer@ and
+-- specifying the file paths in the request parameter, @SendFilePaths@. We
+-- use the file’s parent directory (for example, for
+-- @--send-file-paths \/bucket\/dir\/file.txt@, parent directory is
+-- @\/bucket\/dir\/@) to temporarily store a processed AS2 message file,
+-- store the MDN when we receive them from the partner, and write a final
+-- JSON file containing relevant metadata of the transmission. So, the
+-- @AccessRole@ needs to provide read and write access to the parent
+-- directory of the file location used in the @StartFileTransfer@ request.
+-- Additionally, you need to provide read and write access to the parent
+-- directory of the files that you intend to send with @StartFileTransfer@.
+--
+-- 'as2Config', 'updateConnector_as2Config' - A structure that contains the parameters for a connector object.
+--
+-- 'loggingRole', 'updateConnector_loggingRole' - The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that allows a connector to turn on CloudWatch logging for
+-- Amazon S3 events. When set, you can view connector activity in your
+-- CloudWatch logs.
+--
+-- 'url', 'updateConnector_url' - The URL of the partner\'s AS2 endpoint.
+--
+-- 'connectorId', 'updateConnector_connectorId' - The unique identifier for the connector.
+newUpdateConnector ::
+  -- | 'connectorId'
+  Prelude.Text ->
+  UpdateConnector
+newUpdateConnector pConnectorId_ =
+  UpdateConnector'
+    { accessRole = Prelude.Nothing,
+      as2Config = Prelude.Nothing,
+      loggingRole = Prelude.Nothing,
+      url = Prelude.Nothing,
+      connectorId = pConnectorId_
+    }
+
+-- | With AS2, you can send files by calling @StartFileTransfer@ and
+-- specifying the file paths in the request parameter, @SendFilePaths@. We
+-- use the file’s parent directory (for example, for
+-- @--send-file-paths \/bucket\/dir\/file.txt@, parent directory is
+-- @\/bucket\/dir\/@) to temporarily store a processed AS2 message file,
+-- store the MDN when we receive them from the partner, and write a final
+-- JSON file containing relevant metadata of the transmission. So, the
+-- @AccessRole@ needs to provide read and write access to the parent
+-- directory of the file location used in the @StartFileTransfer@ request.
+-- Additionally, you need to provide read and write access to the parent
+-- directory of the files that you intend to send with @StartFileTransfer@.
+updateConnector_accessRole :: Lens.Lens' UpdateConnector (Prelude.Maybe Prelude.Text)
+updateConnector_accessRole = Lens.lens (\UpdateConnector' {accessRole} -> accessRole) (\s@UpdateConnector' {} a -> s {accessRole = a} :: UpdateConnector)
+
+-- | A structure that contains the parameters for a connector object.
+updateConnector_as2Config :: Lens.Lens' UpdateConnector (Prelude.Maybe As2ConnectorConfig)
+updateConnector_as2Config = Lens.lens (\UpdateConnector' {as2Config} -> as2Config) (\s@UpdateConnector' {} a -> s {as2Config = a} :: UpdateConnector)
+
+-- | The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that allows a connector to turn on CloudWatch logging for
+-- Amazon S3 events. When set, you can view connector activity in your
+-- CloudWatch logs.
+updateConnector_loggingRole :: Lens.Lens' UpdateConnector (Prelude.Maybe Prelude.Text)
+updateConnector_loggingRole = Lens.lens (\UpdateConnector' {loggingRole} -> loggingRole) (\s@UpdateConnector' {} a -> s {loggingRole = a} :: UpdateConnector)
+
+-- | The URL of the partner\'s AS2 endpoint.
+updateConnector_url :: Lens.Lens' UpdateConnector (Prelude.Maybe Prelude.Text)
+updateConnector_url = Lens.lens (\UpdateConnector' {url} -> url) (\s@UpdateConnector' {} a -> s {url = a} :: UpdateConnector)
+
+-- | The unique identifier for the connector.
+updateConnector_connectorId :: Lens.Lens' UpdateConnector Prelude.Text
+updateConnector_connectorId = Lens.lens (\UpdateConnector' {connectorId} -> connectorId) (\s@UpdateConnector' {} a -> s {connectorId = a} :: UpdateConnector)
+
+instance Core.AWSRequest UpdateConnector where
+  type
+    AWSResponse UpdateConnector =
+      UpdateConnectorResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdateConnectorResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "ConnectorId")
+      )
+
+instance Prelude.Hashable UpdateConnector where
+  hashWithSalt _salt UpdateConnector' {..} =
+    _salt
+      `Prelude.hashWithSalt` accessRole
+      `Prelude.hashWithSalt` as2Config
+      `Prelude.hashWithSalt` loggingRole
+      `Prelude.hashWithSalt` url
+      `Prelude.hashWithSalt` connectorId
+
+instance Prelude.NFData UpdateConnector where
+  rnf UpdateConnector' {..} =
+    Prelude.rnf accessRole
+      `Prelude.seq` Prelude.rnf as2Config
+      `Prelude.seq` Prelude.rnf loggingRole
+      `Prelude.seq` Prelude.rnf url
+      `Prelude.seq` Prelude.rnf connectorId
+
+instance Data.ToHeaders UpdateConnector where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.UpdateConnector" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON UpdateConnector where
+  toJSON UpdateConnector' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("AccessRole" Data..=) Prelude.<$> accessRole,
+            ("As2Config" Data..=) Prelude.<$> as2Config,
+            ("LoggingRole" Data..=) Prelude.<$> loggingRole,
+            ("Url" Data..=) Prelude.<$> url,
+            Prelude.Just ("ConnectorId" Data..= connectorId)
+          ]
+      )
+
+instance Data.ToPath UpdateConnector where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery UpdateConnector where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateConnectorResponse' smart constructor.
+data UpdateConnectorResponse = UpdateConnectorResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | Returns the identifier of the connector object that you are updating.
+    connectorId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateConnectorResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'updateConnectorResponse_httpStatus' - The response's http status code.
+--
+-- 'connectorId', 'updateConnectorResponse_connectorId' - Returns the identifier of the connector object that you are updating.
+newUpdateConnectorResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'connectorId'
+  Prelude.Text ->
+  UpdateConnectorResponse
+newUpdateConnectorResponse pHttpStatus_ pConnectorId_ =
+  UpdateConnectorResponse'
+    { httpStatus = pHttpStatus_,
+      connectorId = pConnectorId_
+    }
+
+-- | The response's http status code.
+updateConnectorResponse_httpStatus :: Lens.Lens' UpdateConnectorResponse Prelude.Int
+updateConnectorResponse_httpStatus = Lens.lens (\UpdateConnectorResponse' {httpStatus} -> httpStatus) (\s@UpdateConnectorResponse' {} a -> s {httpStatus = a} :: UpdateConnectorResponse)
+
+-- | Returns the identifier of the connector object that you are updating.
+updateConnectorResponse_connectorId :: Lens.Lens' UpdateConnectorResponse Prelude.Text
+updateConnectorResponse_connectorId = Lens.lens (\UpdateConnectorResponse' {connectorId} -> connectorId) (\s@UpdateConnectorResponse' {} a -> s {connectorId = a} :: UpdateConnectorResponse)
+
+instance Prelude.NFData UpdateConnectorResponse where
+  rnf UpdateConnectorResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf connectorId
diff --git a/gen/Amazonka/Transfer/UpdateHostKey.hs b/gen/Amazonka/Transfer/UpdateHostKey.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/UpdateHostKey.hs
@@ -0,0 +1,228 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.UpdateHostKey
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates the description for the host key that\'s specified by the
+-- @ServerId@ and @HostKeyId@ parameters.
+module Amazonka.Transfer.UpdateHostKey
+  ( -- * Creating a Request
+    UpdateHostKey (..),
+    newUpdateHostKey,
+
+    -- * Request Lenses
+    updateHostKey_serverId,
+    updateHostKey_hostKeyId,
+    updateHostKey_description,
+
+    -- * Destructuring the Response
+    UpdateHostKeyResponse (..),
+    newUpdateHostKeyResponse,
+
+    -- * Response Lenses
+    updateHostKeyResponse_httpStatus,
+    updateHostKeyResponse_serverId,
+    updateHostKeyResponse_hostKeyId,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newUpdateHostKey' smart constructor.
+data UpdateHostKey = UpdateHostKey'
+  { -- | The identifier of the server that contains the host key that you are
+    -- updating.
+    serverId :: Prelude.Text,
+    -- | The identifier of the host key that you are updating.
+    hostKeyId :: Prelude.Text,
+    -- | An updated description for the host key.
+    description :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateHostKey' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'serverId', 'updateHostKey_serverId' - The identifier of the server that contains the host key that you are
+-- updating.
+--
+-- 'hostKeyId', 'updateHostKey_hostKeyId' - The identifier of the host key that you are updating.
+--
+-- 'description', 'updateHostKey_description' - An updated description for the host key.
+newUpdateHostKey ::
+  -- | 'serverId'
+  Prelude.Text ->
+  -- | 'hostKeyId'
+  Prelude.Text ->
+  -- | 'description'
+  Prelude.Text ->
+  UpdateHostKey
+newUpdateHostKey pServerId_ pHostKeyId_ pDescription_ =
+  UpdateHostKey'
+    { serverId = pServerId_,
+      hostKeyId = pHostKeyId_,
+      description = pDescription_
+    }
+
+-- | The identifier of the server that contains the host key that you are
+-- updating.
+updateHostKey_serverId :: Lens.Lens' UpdateHostKey Prelude.Text
+updateHostKey_serverId = Lens.lens (\UpdateHostKey' {serverId} -> serverId) (\s@UpdateHostKey' {} a -> s {serverId = a} :: UpdateHostKey)
+
+-- | The identifier of the host key that you are updating.
+updateHostKey_hostKeyId :: Lens.Lens' UpdateHostKey Prelude.Text
+updateHostKey_hostKeyId = Lens.lens (\UpdateHostKey' {hostKeyId} -> hostKeyId) (\s@UpdateHostKey' {} a -> s {hostKeyId = a} :: UpdateHostKey)
+
+-- | An updated description for the host key.
+updateHostKey_description :: Lens.Lens' UpdateHostKey Prelude.Text
+updateHostKey_description = Lens.lens (\UpdateHostKey' {description} -> description) (\s@UpdateHostKey' {} a -> s {description = a} :: UpdateHostKey)
+
+instance Core.AWSRequest UpdateHostKey where
+  type
+    AWSResponse UpdateHostKey =
+      UpdateHostKeyResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdateHostKeyResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "ServerId")
+            Prelude.<*> (x Data..:> "HostKeyId")
+      )
+
+instance Prelude.Hashable UpdateHostKey where
+  hashWithSalt _salt UpdateHostKey' {..} =
+    _salt
+      `Prelude.hashWithSalt` serverId
+      `Prelude.hashWithSalt` hostKeyId
+      `Prelude.hashWithSalt` description
+
+instance Prelude.NFData UpdateHostKey where
+  rnf UpdateHostKey' {..} =
+    Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf hostKeyId
+      `Prelude.seq` Prelude.rnf description
+
+instance Data.ToHeaders UpdateHostKey where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.UpdateHostKey" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON UpdateHostKey where
+  toJSON UpdateHostKey' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("ServerId" Data..= serverId),
+            Prelude.Just ("HostKeyId" Data..= hostKeyId),
+            Prelude.Just ("Description" Data..= description)
+          ]
+      )
+
+instance Data.ToPath UpdateHostKey where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery UpdateHostKey where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateHostKeyResponse' smart constructor.
+data UpdateHostKeyResponse = UpdateHostKeyResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | Returns the server identifier for the server that contains the updated
+    -- host key.
+    serverId :: Prelude.Text,
+    -- | Returns the host key identifier for the updated host key.
+    hostKeyId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateHostKeyResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'updateHostKeyResponse_httpStatus' - The response's http status code.
+--
+-- 'serverId', 'updateHostKeyResponse_serverId' - Returns the server identifier for the server that contains the updated
+-- host key.
+--
+-- 'hostKeyId', 'updateHostKeyResponse_hostKeyId' - Returns the host key identifier for the updated host key.
+newUpdateHostKeyResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'serverId'
+  Prelude.Text ->
+  -- | 'hostKeyId'
+  Prelude.Text ->
+  UpdateHostKeyResponse
+newUpdateHostKeyResponse
+  pHttpStatus_
+  pServerId_
+  pHostKeyId_ =
+    UpdateHostKeyResponse'
+      { httpStatus = pHttpStatus_,
+        serverId = pServerId_,
+        hostKeyId = pHostKeyId_
+      }
+
+-- | The response's http status code.
+updateHostKeyResponse_httpStatus :: Lens.Lens' UpdateHostKeyResponse Prelude.Int
+updateHostKeyResponse_httpStatus = Lens.lens (\UpdateHostKeyResponse' {httpStatus} -> httpStatus) (\s@UpdateHostKeyResponse' {} a -> s {httpStatus = a} :: UpdateHostKeyResponse)
+
+-- | Returns the server identifier for the server that contains the updated
+-- host key.
+updateHostKeyResponse_serverId :: Lens.Lens' UpdateHostKeyResponse Prelude.Text
+updateHostKeyResponse_serverId = Lens.lens (\UpdateHostKeyResponse' {serverId} -> serverId) (\s@UpdateHostKeyResponse' {} a -> s {serverId = a} :: UpdateHostKeyResponse)
+
+-- | Returns the host key identifier for the updated host key.
+updateHostKeyResponse_hostKeyId :: Lens.Lens' UpdateHostKeyResponse Prelude.Text
+updateHostKeyResponse_hostKeyId = Lens.lens (\UpdateHostKeyResponse' {hostKeyId} -> hostKeyId) (\s@UpdateHostKeyResponse' {} a -> s {hostKeyId = a} :: UpdateHostKeyResponse)
+
+instance Prelude.NFData UpdateHostKeyResponse where
+  rnf UpdateHostKeyResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf hostKeyId
diff --git a/gen/Amazonka/Transfer/UpdateProfile.hs b/gen/Amazonka/Transfer/UpdateProfile.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/UpdateProfile.hs
@@ -0,0 +1,193 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.UpdateProfile
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates some of the parameters for an existing profile. Provide the
+-- @ProfileId@ for the profile that you want to update, along with the new
+-- values for the parameters to update.
+module Amazonka.Transfer.UpdateProfile
+  ( -- * Creating a Request
+    UpdateProfile (..),
+    newUpdateProfile,
+
+    -- * Request Lenses
+    updateProfile_certificateIds,
+    updateProfile_profileId,
+
+    -- * Destructuring the Response
+    UpdateProfileResponse (..),
+    newUpdateProfileResponse,
+
+    -- * Response Lenses
+    updateProfileResponse_httpStatus,
+    updateProfileResponse_profileId,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newUpdateProfile' smart constructor.
+data UpdateProfile = UpdateProfile'
+  { -- | An array of identifiers for the imported certificates. You use this
+    -- identifier for working with profiles and partner profiles.
+    certificateIds :: Prelude.Maybe [Prelude.Text],
+    -- | The identifier of the profile object that you are updating.
+    profileId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateProfile' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificateIds', 'updateProfile_certificateIds' - An array of identifiers for the imported certificates. You use this
+-- identifier for working with profiles and partner profiles.
+--
+-- 'profileId', 'updateProfile_profileId' - The identifier of the profile object that you are updating.
+newUpdateProfile ::
+  -- | 'profileId'
+  Prelude.Text ->
+  UpdateProfile
+newUpdateProfile pProfileId_ =
+  UpdateProfile'
+    { certificateIds = Prelude.Nothing,
+      profileId = pProfileId_
+    }
+
+-- | An array of identifiers for the imported certificates. You use this
+-- identifier for working with profiles and partner profiles.
+updateProfile_certificateIds :: Lens.Lens' UpdateProfile (Prelude.Maybe [Prelude.Text])
+updateProfile_certificateIds = Lens.lens (\UpdateProfile' {certificateIds} -> certificateIds) (\s@UpdateProfile' {} a -> s {certificateIds = a} :: UpdateProfile) Prelude.. Lens.mapping Lens.coerced
+
+-- | The identifier of the profile object that you are updating.
+updateProfile_profileId :: Lens.Lens' UpdateProfile Prelude.Text
+updateProfile_profileId = Lens.lens (\UpdateProfile' {profileId} -> profileId) (\s@UpdateProfile' {} a -> s {profileId = a} :: UpdateProfile)
+
+instance Core.AWSRequest UpdateProfile where
+  type
+    AWSResponse UpdateProfile =
+      UpdateProfileResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdateProfileResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "ProfileId")
+      )
+
+instance Prelude.Hashable UpdateProfile where
+  hashWithSalt _salt UpdateProfile' {..} =
+    _salt
+      `Prelude.hashWithSalt` certificateIds
+      `Prelude.hashWithSalt` profileId
+
+instance Prelude.NFData UpdateProfile where
+  rnf UpdateProfile' {..} =
+    Prelude.rnf certificateIds
+      `Prelude.seq` Prelude.rnf profileId
+
+instance Data.ToHeaders UpdateProfile where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.UpdateProfile" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON UpdateProfile where
+  toJSON UpdateProfile' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("CertificateIds" Data..=)
+              Prelude.<$> certificateIds,
+            Prelude.Just ("ProfileId" Data..= profileId)
+          ]
+      )
+
+instance Data.ToPath UpdateProfile where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery UpdateProfile where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateProfileResponse' smart constructor.
+data UpdateProfileResponse = UpdateProfileResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | Returns the identifier for the profile that\'s being updated.
+    profileId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateProfileResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'updateProfileResponse_httpStatus' - The response's http status code.
+--
+-- 'profileId', 'updateProfileResponse_profileId' - Returns the identifier for the profile that\'s being updated.
+newUpdateProfileResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'profileId'
+  Prelude.Text ->
+  UpdateProfileResponse
+newUpdateProfileResponse pHttpStatus_ pProfileId_ =
+  UpdateProfileResponse'
+    { httpStatus = pHttpStatus_,
+      profileId = pProfileId_
+    }
+
+-- | The response's http status code.
+updateProfileResponse_httpStatus :: Lens.Lens' UpdateProfileResponse Prelude.Int
+updateProfileResponse_httpStatus = Lens.lens (\UpdateProfileResponse' {httpStatus} -> httpStatus) (\s@UpdateProfileResponse' {} a -> s {httpStatus = a} :: UpdateProfileResponse)
+
+-- | Returns the identifier for the profile that\'s being updated.
+updateProfileResponse_profileId :: Lens.Lens' UpdateProfileResponse Prelude.Text
+updateProfileResponse_profileId = Lens.lens (\UpdateProfileResponse' {profileId} -> profileId) (\s@UpdateProfileResponse' {} a -> s {profileId = a} :: UpdateProfileResponse)
+
+instance Prelude.NFData UpdateProfileResponse where
+  rnf UpdateProfileResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf profileId
diff --git a/gen/Amazonka/Transfer/UpdateServer.hs b/gen/Amazonka/Transfer/UpdateServer.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/UpdateServer.hs
@@ -0,0 +1,837 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.UpdateServer
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates the file transfer protocol-enabled server\'s properties after
+-- that server has been created.
+--
+-- The @UpdateServer@ call returns the @ServerId@ of the server you
+-- updated.
+module Amazonka.Transfer.UpdateServer
+  ( -- * Creating a Request
+    UpdateServer (..),
+    newUpdateServer,
+
+    -- * Request Lenses
+    updateServer_certificate,
+    updateServer_endpointDetails,
+    updateServer_endpointType,
+    updateServer_hostKey,
+    updateServer_identityProviderDetails,
+    updateServer_loggingRole,
+    updateServer_postAuthenticationLoginBanner,
+    updateServer_preAuthenticationLoginBanner,
+    updateServer_protocolDetails,
+    updateServer_protocols,
+    updateServer_securityPolicyName,
+    updateServer_workflowDetails,
+    updateServer_serverId,
+
+    -- * Destructuring the Response
+    UpdateServerResponse (..),
+    newUpdateServerResponse,
+
+    -- * Response Lenses
+    updateServerResponse_httpStatus,
+    updateServerResponse_serverId,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newUpdateServer' smart constructor.
+data UpdateServer = UpdateServer'
+  { -- | The Amazon Resource Name (ARN) of the Amazon Web ServicesCertificate
+    -- Manager (ACM) certificate. Required when @Protocols@ is set to @FTPS@.
+    --
+    -- To request a new public certificate, see
+    -- <https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html Request a public certificate>
+    -- in the /Amazon Web ServicesCertificate Manager User Guide/.
+    --
+    -- To import an existing certificate into ACM, see
+    -- <https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html Importing certificates into ACM>
+    -- in the /Amazon Web ServicesCertificate Manager User Guide/.
+    --
+    -- To request a private certificate to use FTPS through private IP
+    -- addresses, see
+    -- <https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html Request a private certificate>
+    -- in the /Amazon Web ServicesCertificate Manager User Guide/.
+    --
+    -- Certificates with the following cryptographic algorithms and key sizes
+    -- are supported:
+    --
+    -- -   2048-bit RSA (RSA_2048)
+    --
+    -- -   4096-bit RSA (RSA_4096)
+    --
+    -- -   Elliptic Prime Curve 256 bit (EC_prime256v1)
+    --
+    -- -   Elliptic Prime Curve 384 bit (EC_secp384r1)
+    --
+    -- -   Elliptic Prime Curve 521 bit (EC_secp521r1)
+    --
+    -- The certificate must be a valid SSL\/TLS X.509 version 3 certificate
+    -- with FQDN or IP address specified and information about the issuer.
+    certificate :: Prelude.Maybe Prelude.Text,
+    -- | The virtual private cloud (VPC) endpoint settings that are configured
+    -- for your server. When you host your endpoint within your VPC, you can
+    -- make your endpoint accessible only to resources within your VPC, or you
+    -- can attach Elastic IP addresses and make your endpoint accessible to
+    -- clients over the internet. Your VPC\'s default security groups are
+    -- automatically assigned to your endpoint.
+    endpointDetails :: Prelude.Maybe EndpointDetails,
+    -- | The type of endpoint that you want your server to use. You can choose to
+    -- make your server\'s endpoint publicly accessible (PUBLIC) or host it
+    -- inside your VPC. With an endpoint that is hosted in a VPC, you can
+    -- restrict access to your server and resources only within your VPC or
+    -- choose to make it internet facing by attaching Elastic IP addresses
+    -- directly to it.
+    --
+    -- After May 19, 2021, you won\'t be able to create a server using
+    -- @EndpointType=VPC_ENDPOINT@ in your Amazon Web Servicesaccount if your
+    -- account hasn\'t already done so before May 19, 2021. If you have already
+    -- created servers with @EndpointType=VPC_ENDPOINT@ in your Amazon Web
+    -- Servicesaccount on or before May 19, 2021, you will not be affected.
+    -- After this date, use @EndpointType@=@VPC@.
+    --
+    -- For more information, see
+    -- https:\/\/docs.aws.amazon.com\/transfer\/latest\/userguide\/create-server-in-vpc.html#deprecate-vpc-endpoint.
+    --
+    -- It is recommended that you use @VPC@ as the @EndpointType@. With this
+    -- endpoint type, you have the option to directly associate up to three
+    -- Elastic IPv4 addresses (BYO IP included) with your server\'s endpoint
+    -- and use VPC security groups to restrict traffic by the client\'s public
+    -- IP address. This is not possible with @EndpointType@ set to
+    -- @VPC_ENDPOINT@.
+    endpointType :: Prelude.Maybe EndpointType,
+    -- | The RSA, ECDSA, or ED25519 private key to use for your SFTP-enabled
+    -- server. You can add multiple host keys, in case you want to rotate keys,
+    -- or have a set of active keys that use different algorithms.
+    --
+    -- Use the following command to generate an RSA 2048 bit key with no
+    -- passphrase:
+    --
+    -- @ssh-keygen -t rsa -b 2048 -N \"\" -m PEM -f my-new-server-key@.
+    --
+    -- Use a minimum value of 2048 for the @-b@ option. You can create a
+    -- stronger key by using 3072 or 4096.
+    --
+    -- Use the following command to generate an ECDSA 256 bit key with no
+    -- passphrase:
+    --
+    -- @ssh-keygen -t ecdsa -b 256 -N \"\" -m PEM -f my-new-server-key@.
+    --
+    -- Valid values for the @-b@ option for ECDSA are 256, 384, and 521.
+    --
+    -- Use the following command to generate an ED25519 key with no passphrase:
+    --
+    -- @ssh-keygen -t ed25519 -N \"\" -f my-new-server-key@.
+    --
+    -- For all of these commands, you can replace /my-new-server-key/ with a
+    -- string of your choice.
+    --
+    -- If you aren\'t planning to migrate existing users from an existing
+    -- SFTP-enabled server to a new server, don\'t update the host key.
+    -- Accidentally changing a server\'s host key can be disruptive.
+    --
+    -- For more information, see
+    -- <https://docs.aws.amazon.com/transfer/latest/userguide/edit-server-config.html#configuring-servers-change-host-key Update host keys for your SFTP-enabled server>
+    -- in the /Transfer Family User Guide/.
+    hostKey :: Prelude.Maybe (Data.Sensitive Prelude.Text),
+    -- | An array containing all of the information required to call a
+    -- customer\'s authentication API method.
+    identityProviderDetails :: Prelude.Maybe IdentityProviderDetails,
+    -- | The Amazon Resource Name (ARN) of the Identity and Access Management
+    -- (IAM) role that allows a server to turn on Amazon CloudWatch logging for
+    -- Amazon S3 or Amazon EFSevents. When set, you can view user activity in
+    -- your CloudWatch logs.
+    loggingRole :: Prelude.Maybe Prelude.Text,
+    -- | Specifies a string to display when users connect to a server. This
+    -- string is displayed after the user authenticates.
+    --
+    -- The SFTP protocol does not support post-authentication display banners.
+    postAuthenticationLoginBanner :: Prelude.Maybe Prelude.Text,
+    -- | Specifies a string to display when users connect to a server. This
+    -- string is displayed before the user authenticates. For example, the
+    -- following banner displays details about using the system:
+    --
+    -- @This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.@
+    preAuthenticationLoginBanner :: Prelude.Maybe Prelude.Text,
+    -- | The protocol settings that are configured for your server.
+    --
+    -- -   To indicate passive mode (for FTP and FTPS protocols), use the
+    --     @PassiveIp@ parameter. Enter a single dotted-quad IPv4 address, such
+    --     as the external IP address of a firewall, router, or load balancer.
+    --
+    -- -   To ignore the error that is generated when the client attempts to
+    --     use the @SETSTAT@ command on a file that you are uploading to an
+    --     Amazon S3 bucket, use the @SetStatOption@ parameter. To have the
+    --     Transfer Family server ignore the @SETSTAT@ command and upload files
+    --     without needing to make any changes to your SFTP client, set the
+    --     value to @ENABLE_NO_OP@. If you set the @SetStatOption@ parameter to
+    --     @ENABLE_NO_OP@, Transfer Family generates a log entry to Amazon
+    --     CloudWatch Logs, so that you can determine when the client is making
+    --     a @SETSTAT@ call.
+    --
+    -- -   To determine whether your Transfer Family server resumes recent,
+    --     negotiated sessions through a unique session ID, use the
+    --     @TlsSessionResumptionMode@ parameter.
+    --
+    -- -   @As2Transports@ indicates the transport method for the AS2 messages.
+    --     Currently, only HTTP is supported.
+    protocolDetails :: Prelude.Maybe ProtocolDetails,
+    -- | Specifies the file transfer protocol or protocols over which your file
+    -- transfer protocol client can connect to your server\'s endpoint. The
+    -- available protocols are:
+    --
+    -- -   @SFTP@ (Secure Shell (SSH) File Transfer Protocol): File transfer
+    --     over SSH
+    --
+    -- -   @FTPS@ (File Transfer Protocol Secure): File transfer with TLS
+    --     encryption
+    --
+    -- -   @FTP@ (File Transfer Protocol): Unencrypted file transfer
+    --
+    -- -   @AS2@ (Applicability Statement 2): used for transporting structured
+    --     business-to-business data
+    --
+    -- -   If you select @FTPS@, you must choose a certificate stored in
+    --     Certificate Manager (ACM) which is used to identify your server when
+    --     clients connect to it over FTPS.
+    --
+    -- -   If @Protocol@ includes either @FTP@ or @FTPS@, then the
+    --     @EndpointType@ must be @VPC@ and the @IdentityProviderType@ must be
+    --     @AWS_DIRECTORY_SERVICE@ or @API_GATEWAY@.
+    --
+    -- -   If @Protocol@ includes @FTP@, then @AddressAllocationIds@ cannot be
+    --     associated.
+    --
+    -- -   If @Protocol@ is set only to @SFTP@, the @EndpointType@ can be set
+    --     to @PUBLIC@ and the @IdentityProviderType@ can be set to
+    --     @SERVICE_MANAGED@.
+    --
+    -- -   If @Protocol@ includes @AS2@, then the @EndpointType@ must be @VPC@,
+    --     and domain must be Amazon S3.
+    protocols :: Prelude.Maybe (Prelude.NonEmpty Protocol),
+    -- | Specifies the name of the security policy that is attached to the
+    -- server.
+    securityPolicyName :: Prelude.Maybe Prelude.Text,
+    -- | Specifies the workflow ID for the workflow to assign and the execution
+    -- role that\'s used for executing the workflow.
+    --
+    -- In additon to a workflow to execute when a file is uploaded completely,
+    -- @WorkflowDeatails@ can also contain a workflow ID (and execution role)
+    -- for a workflow to execute on partial upload. A partial upload occurs
+    -- when a file is open when the session disconnects.
+    --
+    -- To remove an associated workflow from a server, you can provide an empty
+    -- @OnUpload@ object, as in the following example.
+    --
+    -- @aws transfer update-server --server-id s-01234567890abcdef --workflow-details \'{\"OnUpload\":[]}\'@
+    workflowDetails :: Prelude.Maybe WorkflowDetails,
+    -- | A system-assigned unique identifier for a server instance that the user
+    -- account is assigned to.
+    serverId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateServer' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificate', 'updateServer_certificate' - The Amazon Resource Name (ARN) of the Amazon Web ServicesCertificate
+-- Manager (ACM) certificate. Required when @Protocols@ is set to @FTPS@.
+--
+-- To request a new public certificate, see
+-- <https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html Request a public certificate>
+-- in the /Amazon Web ServicesCertificate Manager User Guide/.
+--
+-- To import an existing certificate into ACM, see
+-- <https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html Importing certificates into ACM>
+-- in the /Amazon Web ServicesCertificate Manager User Guide/.
+--
+-- To request a private certificate to use FTPS through private IP
+-- addresses, see
+-- <https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html Request a private certificate>
+-- in the /Amazon Web ServicesCertificate Manager User Guide/.
+--
+-- Certificates with the following cryptographic algorithms and key sizes
+-- are supported:
+--
+-- -   2048-bit RSA (RSA_2048)
+--
+-- -   4096-bit RSA (RSA_4096)
+--
+-- -   Elliptic Prime Curve 256 bit (EC_prime256v1)
+--
+-- -   Elliptic Prime Curve 384 bit (EC_secp384r1)
+--
+-- -   Elliptic Prime Curve 521 bit (EC_secp521r1)
+--
+-- The certificate must be a valid SSL\/TLS X.509 version 3 certificate
+-- with FQDN or IP address specified and information about the issuer.
+--
+-- 'endpointDetails', 'updateServer_endpointDetails' - The virtual private cloud (VPC) endpoint settings that are configured
+-- for your server. When you host your endpoint within your VPC, you can
+-- make your endpoint accessible only to resources within your VPC, or you
+-- can attach Elastic IP addresses and make your endpoint accessible to
+-- clients over the internet. Your VPC\'s default security groups are
+-- automatically assigned to your endpoint.
+--
+-- 'endpointType', 'updateServer_endpointType' - The type of endpoint that you want your server to use. You can choose to
+-- make your server\'s endpoint publicly accessible (PUBLIC) or host it
+-- inside your VPC. With an endpoint that is hosted in a VPC, you can
+-- restrict access to your server and resources only within your VPC or
+-- choose to make it internet facing by attaching Elastic IP addresses
+-- directly to it.
+--
+-- After May 19, 2021, you won\'t be able to create a server using
+-- @EndpointType=VPC_ENDPOINT@ in your Amazon Web Servicesaccount if your
+-- account hasn\'t already done so before May 19, 2021. If you have already
+-- created servers with @EndpointType=VPC_ENDPOINT@ in your Amazon Web
+-- Servicesaccount on or before May 19, 2021, you will not be affected.
+-- After this date, use @EndpointType@=@VPC@.
+--
+-- For more information, see
+-- https:\/\/docs.aws.amazon.com\/transfer\/latest\/userguide\/create-server-in-vpc.html#deprecate-vpc-endpoint.
+--
+-- It is recommended that you use @VPC@ as the @EndpointType@. With this
+-- endpoint type, you have the option to directly associate up to three
+-- Elastic IPv4 addresses (BYO IP included) with your server\'s endpoint
+-- and use VPC security groups to restrict traffic by the client\'s public
+-- IP address. This is not possible with @EndpointType@ set to
+-- @VPC_ENDPOINT@.
+--
+-- 'hostKey', 'updateServer_hostKey' - The RSA, ECDSA, or ED25519 private key to use for your SFTP-enabled
+-- server. You can add multiple host keys, in case you want to rotate keys,
+-- or have a set of active keys that use different algorithms.
+--
+-- Use the following command to generate an RSA 2048 bit key with no
+-- passphrase:
+--
+-- @ssh-keygen -t rsa -b 2048 -N \"\" -m PEM -f my-new-server-key@.
+--
+-- Use a minimum value of 2048 for the @-b@ option. You can create a
+-- stronger key by using 3072 or 4096.
+--
+-- Use the following command to generate an ECDSA 256 bit key with no
+-- passphrase:
+--
+-- @ssh-keygen -t ecdsa -b 256 -N \"\" -m PEM -f my-new-server-key@.
+--
+-- Valid values for the @-b@ option for ECDSA are 256, 384, and 521.
+--
+-- Use the following command to generate an ED25519 key with no passphrase:
+--
+-- @ssh-keygen -t ed25519 -N \"\" -f my-new-server-key@.
+--
+-- For all of these commands, you can replace /my-new-server-key/ with a
+-- string of your choice.
+--
+-- If you aren\'t planning to migrate existing users from an existing
+-- SFTP-enabled server to a new server, don\'t update the host key.
+-- Accidentally changing a server\'s host key can be disruptive.
+--
+-- For more information, see
+-- <https://docs.aws.amazon.com/transfer/latest/userguide/edit-server-config.html#configuring-servers-change-host-key Update host keys for your SFTP-enabled server>
+-- in the /Transfer Family User Guide/.
+--
+-- 'identityProviderDetails', 'updateServer_identityProviderDetails' - An array containing all of the information required to call a
+-- customer\'s authentication API method.
+--
+-- 'loggingRole', 'updateServer_loggingRole' - The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that allows a server to turn on Amazon CloudWatch logging for
+-- Amazon S3 or Amazon EFSevents. When set, you can view user activity in
+-- your CloudWatch logs.
+--
+-- 'postAuthenticationLoginBanner', 'updateServer_postAuthenticationLoginBanner' - Specifies a string to display when users connect to a server. This
+-- string is displayed after the user authenticates.
+--
+-- The SFTP protocol does not support post-authentication display banners.
+--
+-- 'preAuthenticationLoginBanner', 'updateServer_preAuthenticationLoginBanner' - Specifies a string to display when users connect to a server. This
+-- string is displayed before the user authenticates. For example, the
+-- following banner displays details about using the system:
+--
+-- @This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.@
+--
+-- 'protocolDetails', 'updateServer_protocolDetails' - The protocol settings that are configured for your server.
+--
+-- -   To indicate passive mode (for FTP and FTPS protocols), use the
+--     @PassiveIp@ parameter. Enter a single dotted-quad IPv4 address, such
+--     as the external IP address of a firewall, router, or load balancer.
+--
+-- -   To ignore the error that is generated when the client attempts to
+--     use the @SETSTAT@ command on a file that you are uploading to an
+--     Amazon S3 bucket, use the @SetStatOption@ parameter. To have the
+--     Transfer Family server ignore the @SETSTAT@ command and upload files
+--     without needing to make any changes to your SFTP client, set the
+--     value to @ENABLE_NO_OP@. If you set the @SetStatOption@ parameter to
+--     @ENABLE_NO_OP@, Transfer Family generates a log entry to Amazon
+--     CloudWatch Logs, so that you can determine when the client is making
+--     a @SETSTAT@ call.
+--
+-- -   To determine whether your Transfer Family server resumes recent,
+--     negotiated sessions through a unique session ID, use the
+--     @TlsSessionResumptionMode@ parameter.
+--
+-- -   @As2Transports@ indicates the transport method for the AS2 messages.
+--     Currently, only HTTP is supported.
+--
+-- 'protocols', 'updateServer_protocols' - Specifies the file transfer protocol or protocols over which your file
+-- transfer protocol client can connect to your server\'s endpoint. The
+-- available protocols are:
+--
+-- -   @SFTP@ (Secure Shell (SSH) File Transfer Protocol): File transfer
+--     over SSH
+--
+-- -   @FTPS@ (File Transfer Protocol Secure): File transfer with TLS
+--     encryption
+--
+-- -   @FTP@ (File Transfer Protocol): Unencrypted file transfer
+--
+-- -   @AS2@ (Applicability Statement 2): used for transporting structured
+--     business-to-business data
+--
+-- -   If you select @FTPS@, you must choose a certificate stored in
+--     Certificate Manager (ACM) which is used to identify your server when
+--     clients connect to it over FTPS.
+--
+-- -   If @Protocol@ includes either @FTP@ or @FTPS@, then the
+--     @EndpointType@ must be @VPC@ and the @IdentityProviderType@ must be
+--     @AWS_DIRECTORY_SERVICE@ or @API_GATEWAY@.
+--
+-- -   If @Protocol@ includes @FTP@, then @AddressAllocationIds@ cannot be
+--     associated.
+--
+-- -   If @Protocol@ is set only to @SFTP@, the @EndpointType@ can be set
+--     to @PUBLIC@ and the @IdentityProviderType@ can be set to
+--     @SERVICE_MANAGED@.
+--
+-- -   If @Protocol@ includes @AS2@, then the @EndpointType@ must be @VPC@,
+--     and domain must be Amazon S3.
+--
+-- 'securityPolicyName', 'updateServer_securityPolicyName' - Specifies the name of the security policy that is attached to the
+-- server.
+--
+-- 'workflowDetails', 'updateServer_workflowDetails' - Specifies the workflow ID for the workflow to assign and the execution
+-- role that\'s used for executing the workflow.
+--
+-- In additon to a workflow to execute when a file is uploaded completely,
+-- @WorkflowDeatails@ can also contain a workflow ID (and execution role)
+-- for a workflow to execute on partial upload. A partial upload occurs
+-- when a file is open when the session disconnects.
+--
+-- To remove an associated workflow from a server, you can provide an empty
+-- @OnUpload@ object, as in the following example.
+--
+-- @aws transfer update-server --server-id s-01234567890abcdef --workflow-details \'{\"OnUpload\":[]}\'@
+--
+-- 'serverId', 'updateServer_serverId' - A system-assigned unique identifier for a server instance that the user
+-- account is assigned to.
+newUpdateServer ::
+  -- | 'serverId'
+  Prelude.Text ->
+  UpdateServer
+newUpdateServer pServerId_ =
+  UpdateServer'
+    { certificate = Prelude.Nothing,
+      endpointDetails = Prelude.Nothing,
+      endpointType = Prelude.Nothing,
+      hostKey = Prelude.Nothing,
+      identityProviderDetails = Prelude.Nothing,
+      loggingRole = Prelude.Nothing,
+      postAuthenticationLoginBanner = Prelude.Nothing,
+      preAuthenticationLoginBanner = Prelude.Nothing,
+      protocolDetails = Prelude.Nothing,
+      protocols = Prelude.Nothing,
+      securityPolicyName = Prelude.Nothing,
+      workflowDetails = Prelude.Nothing,
+      serverId = pServerId_
+    }
+
+-- | The Amazon Resource Name (ARN) of the Amazon Web ServicesCertificate
+-- Manager (ACM) certificate. Required when @Protocols@ is set to @FTPS@.
+--
+-- To request a new public certificate, see
+-- <https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html Request a public certificate>
+-- in the /Amazon Web ServicesCertificate Manager User Guide/.
+--
+-- To import an existing certificate into ACM, see
+-- <https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html Importing certificates into ACM>
+-- in the /Amazon Web ServicesCertificate Manager User Guide/.
+--
+-- To request a private certificate to use FTPS through private IP
+-- addresses, see
+-- <https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html Request a private certificate>
+-- in the /Amazon Web ServicesCertificate Manager User Guide/.
+--
+-- Certificates with the following cryptographic algorithms and key sizes
+-- are supported:
+--
+-- -   2048-bit RSA (RSA_2048)
+--
+-- -   4096-bit RSA (RSA_4096)
+--
+-- -   Elliptic Prime Curve 256 bit (EC_prime256v1)
+--
+-- -   Elliptic Prime Curve 384 bit (EC_secp384r1)
+--
+-- -   Elliptic Prime Curve 521 bit (EC_secp521r1)
+--
+-- The certificate must be a valid SSL\/TLS X.509 version 3 certificate
+-- with FQDN or IP address specified and information about the issuer.
+updateServer_certificate :: Lens.Lens' UpdateServer (Prelude.Maybe Prelude.Text)
+updateServer_certificate = Lens.lens (\UpdateServer' {certificate} -> certificate) (\s@UpdateServer' {} a -> s {certificate = a} :: UpdateServer)
+
+-- | The virtual private cloud (VPC) endpoint settings that are configured
+-- for your server. When you host your endpoint within your VPC, you can
+-- make your endpoint accessible only to resources within your VPC, or you
+-- can attach Elastic IP addresses and make your endpoint accessible to
+-- clients over the internet. Your VPC\'s default security groups are
+-- automatically assigned to your endpoint.
+updateServer_endpointDetails :: Lens.Lens' UpdateServer (Prelude.Maybe EndpointDetails)
+updateServer_endpointDetails = Lens.lens (\UpdateServer' {endpointDetails} -> endpointDetails) (\s@UpdateServer' {} a -> s {endpointDetails = a} :: UpdateServer)
+
+-- | The type of endpoint that you want your server to use. You can choose to
+-- make your server\'s endpoint publicly accessible (PUBLIC) or host it
+-- inside your VPC. With an endpoint that is hosted in a VPC, you can
+-- restrict access to your server and resources only within your VPC or
+-- choose to make it internet facing by attaching Elastic IP addresses
+-- directly to it.
+--
+-- After May 19, 2021, you won\'t be able to create a server using
+-- @EndpointType=VPC_ENDPOINT@ in your Amazon Web Servicesaccount if your
+-- account hasn\'t already done so before May 19, 2021. If you have already
+-- created servers with @EndpointType=VPC_ENDPOINT@ in your Amazon Web
+-- Servicesaccount on or before May 19, 2021, you will not be affected.
+-- After this date, use @EndpointType@=@VPC@.
+--
+-- For more information, see
+-- https:\/\/docs.aws.amazon.com\/transfer\/latest\/userguide\/create-server-in-vpc.html#deprecate-vpc-endpoint.
+--
+-- It is recommended that you use @VPC@ as the @EndpointType@. With this
+-- endpoint type, you have the option to directly associate up to three
+-- Elastic IPv4 addresses (BYO IP included) with your server\'s endpoint
+-- and use VPC security groups to restrict traffic by the client\'s public
+-- IP address. This is not possible with @EndpointType@ set to
+-- @VPC_ENDPOINT@.
+updateServer_endpointType :: Lens.Lens' UpdateServer (Prelude.Maybe EndpointType)
+updateServer_endpointType = Lens.lens (\UpdateServer' {endpointType} -> endpointType) (\s@UpdateServer' {} a -> s {endpointType = a} :: UpdateServer)
+
+-- | The RSA, ECDSA, or ED25519 private key to use for your SFTP-enabled
+-- server. You can add multiple host keys, in case you want to rotate keys,
+-- or have a set of active keys that use different algorithms.
+--
+-- Use the following command to generate an RSA 2048 bit key with no
+-- passphrase:
+--
+-- @ssh-keygen -t rsa -b 2048 -N \"\" -m PEM -f my-new-server-key@.
+--
+-- Use a minimum value of 2048 for the @-b@ option. You can create a
+-- stronger key by using 3072 or 4096.
+--
+-- Use the following command to generate an ECDSA 256 bit key with no
+-- passphrase:
+--
+-- @ssh-keygen -t ecdsa -b 256 -N \"\" -m PEM -f my-new-server-key@.
+--
+-- Valid values for the @-b@ option for ECDSA are 256, 384, and 521.
+--
+-- Use the following command to generate an ED25519 key with no passphrase:
+--
+-- @ssh-keygen -t ed25519 -N \"\" -f my-new-server-key@.
+--
+-- For all of these commands, you can replace /my-new-server-key/ with a
+-- string of your choice.
+--
+-- If you aren\'t planning to migrate existing users from an existing
+-- SFTP-enabled server to a new server, don\'t update the host key.
+-- Accidentally changing a server\'s host key can be disruptive.
+--
+-- For more information, see
+-- <https://docs.aws.amazon.com/transfer/latest/userguide/edit-server-config.html#configuring-servers-change-host-key Update host keys for your SFTP-enabled server>
+-- in the /Transfer Family User Guide/.
+updateServer_hostKey :: Lens.Lens' UpdateServer (Prelude.Maybe Prelude.Text)
+updateServer_hostKey = Lens.lens (\UpdateServer' {hostKey} -> hostKey) (\s@UpdateServer' {} a -> s {hostKey = a} :: UpdateServer) Prelude.. Lens.mapping Data._Sensitive
+
+-- | An array containing all of the information required to call a
+-- customer\'s authentication API method.
+updateServer_identityProviderDetails :: Lens.Lens' UpdateServer (Prelude.Maybe IdentityProviderDetails)
+updateServer_identityProviderDetails = Lens.lens (\UpdateServer' {identityProviderDetails} -> identityProviderDetails) (\s@UpdateServer' {} a -> s {identityProviderDetails = a} :: UpdateServer)
+
+-- | The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that allows a server to turn on Amazon CloudWatch logging for
+-- Amazon S3 or Amazon EFSevents. When set, you can view user activity in
+-- your CloudWatch logs.
+updateServer_loggingRole :: Lens.Lens' UpdateServer (Prelude.Maybe Prelude.Text)
+updateServer_loggingRole = Lens.lens (\UpdateServer' {loggingRole} -> loggingRole) (\s@UpdateServer' {} a -> s {loggingRole = a} :: UpdateServer)
+
+-- | Specifies a string to display when users connect to a server. This
+-- string is displayed after the user authenticates.
+--
+-- The SFTP protocol does not support post-authentication display banners.
+updateServer_postAuthenticationLoginBanner :: Lens.Lens' UpdateServer (Prelude.Maybe Prelude.Text)
+updateServer_postAuthenticationLoginBanner = Lens.lens (\UpdateServer' {postAuthenticationLoginBanner} -> postAuthenticationLoginBanner) (\s@UpdateServer' {} a -> s {postAuthenticationLoginBanner = a} :: UpdateServer)
+
+-- | Specifies a string to display when users connect to a server. This
+-- string is displayed before the user authenticates. For example, the
+-- following banner displays details about using the system:
+--
+-- @This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.@
+updateServer_preAuthenticationLoginBanner :: Lens.Lens' UpdateServer (Prelude.Maybe Prelude.Text)
+updateServer_preAuthenticationLoginBanner = Lens.lens (\UpdateServer' {preAuthenticationLoginBanner} -> preAuthenticationLoginBanner) (\s@UpdateServer' {} a -> s {preAuthenticationLoginBanner = a} :: UpdateServer)
+
+-- | The protocol settings that are configured for your server.
+--
+-- -   To indicate passive mode (for FTP and FTPS protocols), use the
+--     @PassiveIp@ parameter. Enter a single dotted-quad IPv4 address, such
+--     as the external IP address of a firewall, router, or load balancer.
+--
+-- -   To ignore the error that is generated when the client attempts to
+--     use the @SETSTAT@ command on a file that you are uploading to an
+--     Amazon S3 bucket, use the @SetStatOption@ parameter. To have the
+--     Transfer Family server ignore the @SETSTAT@ command and upload files
+--     without needing to make any changes to your SFTP client, set the
+--     value to @ENABLE_NO_OP@. If you set the @SetStatOption@ parameter to
+--     @ENABLE_NO_OP@, Transfer Family generates a log entry to Amazon
+--     CloudWatch Logs, so that you can determine when the client is making
+--     a @SETSTAT@ call.
+--
+-- -   To determine whether your Transfer Family server resumes recent,
+--     negotiated sessions through a unique session ID, use the
+--     @TlsSessionResumptionMode@ parameter.
+--
+-- -   @As2Transports@ indicates the transport method for the AS2 messages.
+--     Currently, only HTTP is supported.
+updateServer_protocolDetails :: Lens.Lens' UpdateServer (Prelude.Maybe ProtocolDetails)
+updateServer_protocolDetails = Lens.lens (\UpdateServer' {protocolDetails} -> protocolDetails) (\s@UpdateServer' {} a -> s {protocolDetails = a} :: UpdateServer)
+
+-- | Specifies the file transfer protocol or protocols over which your file
+-- transfer protocol client can connect to your server\'s endpoint. The
+-- available protocols are:
+--
+-- -   @SFTP@ (Secure Shell (SSH) File Transfer Protocol): File transfer
+--     over SSH
+--
+-- -   @FTPS@ (File Transfer Protocol Secure): File transfer with TLS
+--     encryption
+--
+-- -   @FTP@ (File Transfer Protocol): Unencrypted file transfer
+--
+-- -   @AS2@ (Applicability Statement 2): used for transporting structured
+--     business-to-business data
+--
+-- -   If you select @FTPS@, you must choose a certificate stored in
+--     Certificate Manager (ACM) which is used to identify your server when
+--     clients connect to it over FTPS.
+--
+-- -   If @Protocol@ includes either @FTP@ or @FTPS@, then the
+--     @EndpointType@ must be @VPC@ and the @IdentityProviderType@ must be
+--     @AWS_DIRECTORY_SERVICE@ or @API_GATEWAY@.
+--
+-- -   If @Protocol@ includes @FTP@, then @AddressAllocationIds@ cannot be
+--     associated.
+--
+-- -   If @Protocol@ is set only to @SFTP@, the @EndpointType@ can be set
+--     to @PUBLIC@ and the @IdentityProviderType@ can be set to
+--     @SERVICE_MANAGED@.
+--
+-- -   If @Protocol@ includes @AS2@, then the @EndpointType@ must be @VPC@,
+--     and domain must be Amazon S3.
+updateServer_protocols :: Lens.Lens' UpdateServer (Prelude.Maybe (Prelude.NonEmpty Protocol))
+updateServer_protocols = Lens.lens (\UpdateServer' {protocols} -> protocols) (\s@UpdateServer' {} a -> s {protocols = a} :: UpdateServer) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies the name of the security policy that is attached to the
+-- server.
+updateServer_securityPolicyName :: Lens.Lens' UpdateServer (Prelude.Maybe Prelude.Text)
+updateServer_securityPolicyName = Lens.lens (\UpdateServer' {securityPolicyName} -> securityPolicyName) (\s@UpdateServer' {} a -> s {securityPolicyName = a} :: UpdateServer)
+
+-- | Specifies the workflow ID for the workflow to assign and the execution
+-- role that\'s used for executing the workflow.
+--
+-- In additon to a workflow to execute when a file is uploaded completely,
+-- @WorkflowDeatails@ can also contain a workflow ID (and execution role)
+-- for a workflow to execute on partial upload. A partial upload occurs
+-- when a file is open when the session disconnects.
+--
+-- To remove an associated workflow from a server, you can provide an empty
+-- @OnUpload@ object, as in the following example.
+--
+-- @aws transfer update-server --server-id s-01234567890abcdef --workflow-details \'{\"OnUpload\":[]}\'@
+updateServer_workflowDetails :: Lens.Lens' UpdateServer (Prelude.Maybe WorkflowDetails)
+updateServer_workflowDetails = Lens.lens (\UpdateServer' {workflowDetails} -> workflowDetails) (\s@UpdateServer' {} a -> s {workflowDetails = a} :: UpdateServer)
+
+-- | A system-assigned unique identifier for a server instance that the user
+-- account is assigned to.
+updateServer_serverId :: Lens.Lens' UpdateServer Prelude.Text
+updateServer_serverId = Lens.lens (\UpdateServer' {serverId} -> serverId) (\s@UpdateServer' {} a -> s {serverId = a} :: UpdateServer)
+
+instance Core.AWSRequest UpdateServer where
+  type AWSResponse UpdateServer = UpdateServerResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdateServerResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "ServerId")
+      )
+
+instance Prelude.Hashable UpdateServer where
+  hashWithSalt _salt UpdateServer' {..} =
+    _salt
+      `Prelude.hashWithSalt` certificate
+      `Prelude.hashWithSalt` endpointDetails
+      `Prelude.hashWithSalt` endpointType
+      `Prelude.hashWithSalt` hostKey
+      `Prelude.hashWithSalt` identityProviderDetails
+      `Prelude.hashWithSalt` loggingRole
+      `Prelude.hashWithSalt` postAuthenticationLoginBanner
+      `Prelude.hashWithSalt` preAuthenticationLoginBanner
+      `Prelude.hashWithSalt` protocolDetails
+      `Prelude.hashWithSalt` protocols
+      `Prelude.hashWithSalt` securityPolicyName
+      `Prelude.hashWithSalt` workflowDetails
+      `Prelude.hashWithSalt` serverId
+
+instance Prelude.NFData UpdateServer where
+  rnf UpdateServer' {..} =
+    Prelude.rnf certificate
+      `Prelude.seq` Prelude.rnf endpointDetails
+      `Prelude.seq` Prelude.rnf endpointType
+      `Prelude.seq` Prelude.rnf hostKey
+      `Prelude.seq` Prelude.rnf identityProviderDetails
+      `Prelude.seq` Prelude.rnf loggingRole
+      `Prelude.seq` Prelude.rnf postAuthenticationLoginBanner
+      `Prelude.seq` Prelude.rnf preAuthenticationLoginBanner
+      `Prelude.seq` Prelude.rnf protocolDetails
+      `Prelude.seq` Prelude.rnf protocols
+      `Prelude.seq` Prelude.rnf securityPolicyName
+      `Prelude.seq` Prelude.rnf workflowDetails
+      `Prelude.seq` Prelude.rnf serverId
+
+instance Data.ToHeaders UpdateServer where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ( "TransferService.UpdateServer" ::
+                          Prelude.ByteString
+                      ),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON UpdateServer where
+  toJSON UpdateServer' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("Certificate" Data..=) Prelude.<$> certificate,
+            ("EndpointDetails" Data..=)
+              Prelude.<$> endpointDetails,
+            ("EndpointType" Data..=) Prelude.<$> endpointType,
+            ("HostKey" Data..=) Prelude.<$> hostKey,
+            ("IdentityProviderDetails" Data..=)
+              Prelude.<$> identityProviderDetails,
+            ("LoggingRole" Data..=) Prelude.<$> loggingRole,
+            ("PostAuthenticationLoginBanner" Data..=)
+              Prelude.<$> postAuthenticationLoginBanner,
+            ("PreAuthenticationLoginBanner" Data..=)
+              Prelude.<$> preAuthenticationLoginBanner,
+            ("ProtocolDetails" Data..=)
+              Prelude.<$> protocolDetails,
+            ("Protocols" Data..=) Prelude.<$> protocols,
+            ("SecurityPolicyName" Data..=)
+              Prelude.<$> securityPolicyName,
+            ("WorkflowDetails" Data..=)
+              Prelude.<$> workflowDetails,
+            Prelude.Just ("ServerId" Data..= serverId)
+          ]
+      )
+
+instance Data.ToPath UpdateServer where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery UpdateServer where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateServerResponse' smart constructor.
+data UpdateServerResponse = UpdateServerResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | A system-assigned unique identifier for a server that the user account
+    -- is assigned to.
+    serverId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateServerResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'updateServerResponse_httpStatus' - The response's http status code.
+--
+-- 'serverId', 'updateServerResponse_serverId' - A system-assigned unique identifier for a server that the user account
+-- is assigned to.
+newUpdateServerResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'serverId'
+  Prelude.Text ->
+  UpdateServerResponse
+newUpdateServerResponse pHttpStatus_ pServerId_ =
+  UpdateServerResponse'
+    { httpStatus = pHttpStatus_,
+      serverId = pServerId_
+    }
+
+-- | The response's http status code.
+updateServerResponse_httpStatus :: Lens.Lens' UpdateServerResponse Prelude.Int
+updateServerResponse_httpStatus = Lens.lens (\UpdateServerResponse' {httpStatus} -> httpStatus) (\s@UpdateServerResponse' {} a -> s {httpStatus = a} :: UpdateServerResponse)
+
+-- | A system-assigned unique identifier for a server that the user account
+-- is assigned to.
+updateServerResponse_serverId :: Lens.Lens' UpdateServerResponse Prelude.Text
+updateServerResponse_serverId = Lens.lens (\UpdateServerResponse' {serverId} -> serverId) (\s@UpdateServerResponse' {} a -> s {serverId = a} :: UpdateServerResponse)
+
+instance Prelude.NFData UpdateServerResponse where
+  rnf UpdateServerResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf serverId
diff --git a/gen/Amazonka/Transfer/UpdateUser.hs b/gen/Amazonka/Transfer/UpdateUser.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/UpdateUser.hs
@@ -0,0 +1,488 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.UpdateUser
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Assigns new properties to a user. Parameters you pass modify any or all
+-- of the following: the home directory, role, and policy for the
+-- @UserName@ and @ServerId@ you specify.
+--
+-- The response returns the @ServerId@ and the @UserName@ for the updated
+-- user.
+module Amazonka.Transfer.UpdateUser
+  ( -- * Creating a Request
+    UpdateUser (..),
+    newUpdateUser,
+
+    -- * Request Lenses
+    updateUser_homeDirectory,
+    updateUser_homeDirectoryMappings,
+    updateUser_homeDirectoryType,
+    updateUser_policy,
+    updateUser_posixProfile,
+    updateUser_role,
+    updateUser_serverId,
+    updateUser_userName,
+
+    -- * Destructuring the Response
+    UpdateUserResponse (..),
+    newUpdateUserResponse,
+
+    -- * Response Lenses
+    updateUserResponse_httpStatus,
+    updateUserResponse_serverId,
+    updateUserResponse_userName,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.Transfer.Types
+
+-- | /See:/ 'newUpdateUser' smart constructor.
+data UpdateUser = UpdateUser'
+  { -- | The landing directory (folder) for a user when they log in to the server
+    -- using the client.
+    --
+    -- A @HomeDirectory@ example is @\/bucket_name\/home\/mydirectory@.
+    homeDirectory :: Prelude.Maybe Prelude.Text,
+    -- | Logical directory mappings that specify what Amazon S3 or Amazon EFS
+    -- paths and keys should be visible to your user and how you want to make
+    -- them visible. You must specify the @Entry@ and @Target@ pair, where
+    -- @Entry@ shows how the path is made visible and @Target@ is the actual
+    -- Amazon S3 or Amazon EFS path. If you only specify a target, it is
+    -- displayed as is. You also must ensure that your Identity and Access
+    -- Management (IAM) role provides access to paths in @Target@. This value
+    -- can be set only when @HomeDirectoryType@ is set to /LOGICAL/.
+    --
+    -- The following is an @Entry@ and @Target@ pair example.
+    --
+    -- @[ { \"Entry\": \"\/directory1\", \"Target\": \"\/bucket_name\/home\/mydirectory\" } ]@
+    --
+    -- In most cases, you can use this value instead of the session policy to
+    -- lock down your user to the designated home directory (\"@chroot@\"). To
+    -- do this, you can set @Entry@ to \'\/\' and set @Target@ to the
+    -- HomeDirectory parameter value.
+    --
+    -- The following is an @Entry@ and @Target@ pair example for @chroot@.
+    --
+    -- @[ { \"Entry\": \"\/\", \"Target\": \"\/bucket_name\/home\/mydirectory\" } ]@
+    homeDirectoryMappings :: Prelude.Maybe (Prelude.NonEmpty HomeDirectoryMapEntry),
+    -- | The type of landing directory (folder) that you want your users\' home
+    -- directory to be when they log in to the server. If you set it to @PATH@,
+    -- the user will see the absolute Amazon S3 bucket or EFS paths as is in
+    -- their file transfer protocol clients. If you set it @LOGICAL@, you need
+    -- to provide mappings in the @HomeDirectoryMappings@ for how you want to
+    -- make Amazon S3 or Amazon EFS paths visible to your users.
+    homeDirectoryType :: Prelude.Maybe HomeDirectoryType,
+    -- | A session policy for your user so that you can use the same Identity and
+    -- Access Management (IAM) role across multiple users. This policy scopes
+    -- down a user\'s access to portions of their Amazon S3 bucket. Variables
+    -- that you can use inside this policy include @${Transfer:UserName}@,
+    -- @${Transfer:HomeDirectory}@, and @${Transfer:HomeBucket}@.
+    --
+    -- This policy applies only when the domain of @ServerId@ is Amazon S3.
+    -- Amazon EFS does not use session policies.
+    --
+    -- For session policies, Transfer Family stores the policy as a JSON blob,
+    -- instead of the Amazon Resource Name (ARN) of the policy. You save the
+    -- policy as a JSON blob and pass it in the @Policy@ argument.
+    --
+    -- For an example of a session policy, see
+    -- <https://docs.aws.amazon.com/transfer/latest/userguide/session-policy Creating a session policy>.
+    --
+    -- For more information, see
+    -- <https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html AssumeRole>
+    -- in the /Amazon Web Services Security Token Service API Reference/.
+    policy :: Prelude.Maybe Prelude.Text,
+    -- | Specifies the full POSIX identity, including user ID (@Uid@), group ID
+    -- (@Gid@), and any secondary groups IDs (@SecondaryGids@), that controls
+    -- your users\' access to your Amazon Elastic File Systems (Amazon EFS).
+    -- The POSIX permissions that are set on files and directories in your file
+    -- system determines the level of access your users get when transferring
+    -- files into and out of your Amazon EFS file systems.
+    posixProfile :: Prelude.Maybe PosixProfile,
+    -- | The Amazon Resource Name (ARN) of the Identity and Access Management
+    -- (IAM) role that controls your users\' access to your Amazon S3 bucket or
+    -- Amazon EFS file system. The policies attached to this role determine the
+    -- level of access that you want to provide your users when transferring
+    -- files into and out of your Amazon S3 bucket or Amazon EFS file system.
+    -- The IAM role should also contain a trust relationship that allows the
+    -- server to access your resources when servicing your users\' transfer
+    -- requests.
+    role' :: Prelude.Maybe Prelude.Text,
+    -- | A system-assigned unique identifier for a server instance that the user
+    -- account is assigned to.
+    serverId :: Prelude.Text,
+    -- | A unique string that identifies a user and is associated with a server
+    -- as specified by the @ServerId@. This user name must be a minimum of 3
+    -- and a maximum of 100 characters long. The following are valid
+    -- characters: a-z, A-Z, 0-9, underscore \'_\', hyphen \'-\', period \'.\',
+    -- and at sign \'\@\'. The user name can\'t start with a hyphen, period, or
+    -- at sign.
+    userName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateUser' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'homeDirectory', 'updateUser_homeDirectory' - The landing directory (folder) for a user when they log in to the server
+-- using the client.
+--
+-- A @HomeDirectory@ example is @\/bucket_name\/home\/mydirectory@.
+--
+-- 'homeDirectoryMappings', 'updateUser_homeDirectoryMappings' - Logical directory mappings that specify what Amazon S3 or Amazon EFS
+-- paths and keys should be visible to your user and how you want to make
+-- them visible. You must specify the @Entry@ and @Target@ pair, where
+-- @Entry@ shows how the path is made visible and @Target@ is the actual
+-- Amazon S3 or Amazon EFS path. If you only specify a target, it is
+-- displayed as is. You also must ensure that your Identity and Access
+-- Management (IAM) role provides access to paths in @Target@. This value
+-- can be set only when @HomeDirectoryType@ is set to /LOGICAL/.
+--
+-- The following is an @Entry@ and @Target@ pair example.
+--
+-- @[ { \"Entry\": \"\/directory1\", \"Target\": \"\/bucket_name\/home\/mydirectory\" } ]@
+--
+-- In most cases, you can use this value instead of the session policy to
+-- lock down your user to the designated home directory (\"@chroot@\"). To
+-- do this, you can set @Entry@ to \'\/\' and set @Target@ to the
+-- HomeDirectory parameter value.
+--
+-- The following is an @Entry@ and @Target@ pair example for @chroot@.
+--
+-- @[ { \"Entry\": \"\/\", \"Target\": \"\/bucket_name\/home\/mydirectory\" } ]@
+--
+-- 'homeDirectoryType', 'updateUser_homeDirectoryType' - The type of landing directory (folder) that you want your users\' home
+-- directory to be when they log in to the server. If you set it to @PATH@,
+-- the user will see the absolute Amazon S3 bucket or EFS paths as is in
+-- their file transfer protocol clients. If you set it @LOGICAL@, you need
+-- to provide mappings in the @HomeDirectoryMappings@ for how you want to
+-- make Amazon S3 or Amazon EFS paths visible to your users.
+--
+-- 'policy', 'updateUser_policy' - A session policy for your user so that you can use the same Identity and
+-- Access Management (IAM) role across multiple users. This policy scopes
+-- down a user\'s access to portions of their Amazon S3 bucket. Variables
+-- that you can use inside this policy include @${Transfer:UserName}@,
+-- @${Transfer:HomeDirectory}@, and @${Transfer:HomeBucket}@.
+--
+-- This policy applies only when the domain of @ServerId@ is Amazon S3.
+-- Amazon EFS does not use session policies.
+--
+-- For session policies, Transfer Family stores the policy as a JSON blob,
+-- instead of the Amazon Resource Name (ARN) of the policy. You save the
+-- policy as a JSON blob and pass it in the @Policy@ argument.
+--
+-- For an example of a session policy, see
+-- <https://docs.aws.amazon.com/transfer/latest/userguide/session-policy Creating a session policy>.
+--
+-- For more information, see
+-- <https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html AssumeRole>
+-- in the /Amazon Web Services Security Token Service API Reference/.
+--
+-- 'posixProfile', 'updateUser_posixProfile' - Specifies the full POSIX identity, including user ID (@Uid@), group ID
+-- (@Gid@), and any secondary groups IDs (@SecondaryGids@), that controls
+-- your users\' access to your Amazon Elastic File Systems (Amazon EFS).
+-- The POSIX permissions that are set on files and directories in your file
+-- system determines the level of access your users get when transferring
+-- files into and out of your Amazon EFS file systems.
+--
+-- 'role'', 'updateUser_role' - The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that controls your users\' access to your Amazon S3 bucket or
+-- Amazon EFS file system. The policies attached to this role determine the
+-- level of access that you want to provide your users when transferring
+-- files into and out of your Amazon S3 bucket or Amazon EFS file system.
+-- The IAM role should also contain a trust relationship that allows the
+-- server to access your resources when servicing your users\' transfer
+-- requests.
+--
+-- 'serverId', 'updateUser_serverId' - A system-assigned unique identifier for a server instance that the user
+-- account is assigned to.
+--
+-- 'userName', 'updateUser_userName' - A unique string that identifies a user and is associated with a server
+-- as specified by the @ServerId@. This user name must be a minimum of 3
+-- and a maximum of 100 characters long. The following are valid
+-- characters: a-z, A-Z, 0-9, underscore \'_\', hyphen \'-\', period \'.\',
+-- and at sign \'\@\'. The user name can\'t start with a hyphen, period, or
+-- at sign.
+newUpdateUser ::
+  -- | 'serverId'
+  Prelude.Text ->
+  -- | 'userName'
+  Prelude.Text ->
+  UpdateUser
+newUpdateUser pServerId_ pUserName_ =
+  UpdateUser'
+    { homeDirectory = Prelude.Nothing,
+      homeDirectoryMappings = Prelude.Nothing,
+      homeDirectoryType = Prelude.Nothing,
+      policy = Prelude.Nothing,
+      posixProfile = Prelude.Nothing,
+      role' = Prelude.Nothing,
+      serverId = pServerId_,
+      userName = pUserName_
+    }
+
+-- | The landing directory (folder) for a user when they log in to the server
+-- using the client.
+--
+-- A @HomeDirectory@ example is @\/bucket_name\/home\/mydirectory@.
+updateUser_homeDirectory :: Lens.Lens' UpdateUser (Prelude.Maybe Prelude.Text)
+updateUser_homeDirectory = Lens.lens (\UpdateUser' {homeDirectory} -> homeDirectory) (\s@UpdateUser' {} a -> s {homeDirectory = a} :: UpdateUser)
+
+-- | Logical directory mappings that specify what Amazon S3 or Amazon EFS
+-- paths and keys should be visible to your user and how you want to make
+-- them visible. You must specify the @Entry@ and @Target@ pair, where
+-- @Entry@ shows how the path is made visible and @Target@ is the actual
+-- Amazon S3 or Amazon EFS path. If you only specify a target, it is
+-- displayed as is. You also must ensure that your Identity and Access
+-- Management (IAM) role provides access to paths in @Target@. This value
+-- can be set only when @HomeDirectoryType@ is set to /LOGICAL/.
+--
+-- The following is an @Entry@ and @Target@ pair example.
+--
+-- @[ { \"Entry\": \"\/directory1\", \"Target\": \"\/bucket_name\/home\/mydirectory\" } ]@
+--
+-- In most cases, you can use this value instead of the session policy to
+-- lock down your user to the designated home directory (\"@chroot@\"). To
+-- do this, you can set @Entry@ to \'\/\' and set @Target@ to the
+-- HomeDirectory parameter value.
+--
+-- The following is an @Entry@ and @Target@ pair example for @chroot@.
+--
+-- @[ { \"Entry\": \"\/\", \"Target\": \"\/bucket_name\/home\/mydirectory\" } ]@
+updateUser_homeDirectoryMappings :: Lens.Lens' UpdateUser (Prelude.Maybe (Prelude.NonEmpty HomeDirectoryMapEntry))
+updateUser_homeDirectoryMappings = Lens.lens (\UpdateUser' {homeDirectoryMappings} -> homeDirectoryMappings) (\s@UpdateUser' {} a -> s {homeDirectoryMappings = a} :: UpdateUser) Prelude.. Lens.mapping Lens.coerced
+
+-- | The type of landing directory (folder) that you want your users\' home
+-- directory to be when they log in to the server. If you set it to @PATH@,
+-- the user will see the absolute Amazon S3 bucket or EFS paths as is in
+-- their file transfer protocol clients. If you set it @LOGICAL@, you need
+-- to provide mappings in the @HomeDirectoryMappings@ for how you want to
+-- make Amazon S3 or Amazon EFS paths visible to your users.
+updateUser_homeDirectoryType :: Lens.Lens' UpdateUser (Prelude.Maybe HomeDirectoryType)
+updateUser_homeDirectoryType = Lens.lens (\UpdateUser' {homeDirectoryType} -> homeDirectoryType) (\s@UpdateUser' {} a -> s {homeDirectoryType = a} :: UpdateUser)
+
+-- | A session policy for your user so that you can use the same Identity and
+-- Access Management (IAM) role across multiple users. This policy scopes
+-- down a user\'s access to portions of their Amazon S3 bucket. Variables
+-- that you can use inside this policy include @${Transfer:UserName}@,
+-- @${Transfer:HomeDirectory}@, and @${Transfer:HomeBucket}@.
+--
+-- This policy applies only when the domain of @ServerId@ is Amazon S3.
+-- Amazon EFS does not use session policies.
+--
+-- For session policies, Transfer Family stores the policy as a JSON blob,
+-- instead of the Amazon Resource Name (ARN) of the policy. You save the
+-- policy as a JSON blob and pass it in the @Policy@ argument.
+--
+-- For an example of a session policy, see
+-- <https://docs.aws.amazon.com/transfer/latest/userguide/session-policy Creating a session policy>.
+--
+-- For more information, see
+-- <https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html AssumeRole>
+-- in the /Amazon Web Services Security Token Service API Reference/.
+updateUser_policy :: Lens.Lens' UpdateUser (Prelude.Maybe Prelude.Text)
+updateUser_policy = Lens.lens (\UpdateUser' {policy} -> policy) (\s@UpdateUser' {} a -> s {policy = a} :: UpdateUser)
+
+-- | Specifies the full POSIX identity, including user ID (@Uid@), group ID
+-- (@Gid@), and any secondary groups IDs (@SecondaryGids@), that controls
+-- your users\' access to your Amazon Elastic File Systems (Amazon EFS).
+-- The POSIX permissions that are set on files and directories in your file
+-- system determines the level of access your users get when transferring
+-- files into and out of your Amazon EFS file systems.
+updateUser_posixProfile :: Lens.Lens' UpdateUser (Prelude.Maybe PosixProfile)
+updateUser_posixProfile = Lens.lens (\UpdateUser' {posixProfile} -> posixProfile) (\s@UpdateUser' {} a -> s {posixProfile = a} :: UpdateUser)
+
+-- | The Amazon Resource Name (ARN) of the Identity and Access Management
+-- (IAM) role that controls your users\' access to your Amazon S3 bucket or
+-- Amazon EFS file system. The policies attached to this role determine the
+-- level of access that you want to provide your users when transferring
+-- files into and out of your Amazon S3 bucket or Amazon EFS file system.
+-- The IAM role should also contain a trust relationship that allows the
+-- server to access your resources when servicing your users\' transfer
+-- requests.
+updateUser_role :: Lens.Lens' UpdateUser (Prelude.Maybe Prelude.Text)
+updateUser_role = Lens.lens (\UpdateUser' {role'} -> role') (\s@UpdateUser' {} a -> s {role' = a} :: UpdateUser)
+
+-- | A system-assigned unique identifier for a server instance that the user
+-- account is assigned to.
+updateUser_serverId :: Lens.Lens' UpdateUser Prelude.Text
+updateUser_serverId = Lens.lens (\UpdateUser' {serverId} -> serverId) (\s@UpdateUser' {} a -> s {serverId = a} :: UpdateUser)
+
+-- | A unique string that identifies a user and is associated with a server
+-- as specified by the @ServerId@. This user name must be a minimum of 3
+-- and a maximum of 100 characters long. The following are valid
+-- characters: a-z, A-Z, 0-9, underscore \'_\', hyphen \'-\', period \'.\',
+-- and at sign \'\@\'. The user name can\'t start with a hyphen, period, or
+-- at sign.
+updateUser_userName :: Lens.Lens' UpdateUser Prelude.Text
+updateUser_userName = Lens.lens (\UpdateUser' {userName} -> userName) (\s@UpdateUser' {} a -> s {userName = a} :: UpdateUser)
+
+instance Core.AWSRequest UpdateUser where
+  type AWSResponse UpdateUser = UpdateUserResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdateUserResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "ServerId")
+            Prelude.<*> (x Data..:> "UserName")
+      )
+
+instance Prelude.Hashable UpdateUser where
+  hashWithSalt _salt UpdateUser' {..} =
+    _salt
+      `Prelude.hashWithSalt` homeDirectory
+      `Prelude.hashWithSalt` homeDirectoryMappings
+      `Prelude.hashWithSalt` homeDirectoryType
+      `Prelude.hashWithSalt` policy
+      `Prelude.hashWithSalt` posixProfile
+      `Prelude.hashWithSalt` role'
+      `Prelude.hashWithSalt` serverId
+      `Prelude.hashWithSalt` userName
+
+instance Prelude.NFData UpdateUser where
+  rnf UpdateUser' {..} =
+    Prelude.rnf homeDirectory
+      `Prelude.seq` Prelude.rnf homeDirectoryMappings
+      `Prelude.seq` Prelude.rnf homeDirectoryType
+      `Prelude.seq` Prelude.rnf policy
+      `Prelude.seq` Prelude.rnf posixProfile
+      `Prelude.seq` Prelude.rnf role'
+      `Prelude.seq` Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf userName
+
+instance Data.ToHeaders UpdateUser where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "X-Amz-Target"
+              Data.=# ("TransferService.UpdateUser" :: Prelude.ByteString),
+            "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON UpdateUser where
+  toJSON UpdateUser' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("HomeDirectory" Data..=) Prelude.<$> homeDirectory,
+            ("HomeDirectoryMappings" Data..=)
+              Prelude.<$> homeDirectoryMappings,
+            ("HomeDirectoryType" Data..=)
+              Prelude.<$> homeDirectoryType,
+            ("Policy" Data..=) Prelude.<$> policy,
+            ("PosixProfile" Data..=) Prelude.<$> posixProfile,
+            ("Role" Data..=) Prelude.<$> role',
+            Prelude.Just ("ServerId" Data..= serverId),
+            Prelude.Just ("UserName" Data..= userName)
+          ]
+      )
+
+instance Data.ToPath UpdateUser where
+  toPath = Prelude.const "/"
+
+instance Data.ToQuery UpdateUser where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | @UpdateUserResponse@ returns the user name and identifier for the
+-- request to update a user\'s properties.
+--
+-- /See:/ 'newUpdateUserResponse' smart constructor.
+data UpdateUserResponse = UpdateUserResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | A system-assigned unique identifier for a server instance that the user
+    -- account is assigned to.
+    serverId :: Prelude.Text,
+    -- | The unique identifier for a user that is assigned to a server instance
+    -- that was specified in the request.
+    userName :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateUserResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'updateUserResponse_httpStatus' - The response's http status code.
+--
+-- 'serverId', 'updateUserResponse_serverId' - A system-assigned unique identifier for a server instance that the user
+-- account is assigned to.
+--
+-- 'userName', 'updateUserResponse_userName' - The unique identifier for a user that is assigned to a server instance
+-- that was specified in the request.
+newUpdateUserResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'serverId'
+  Prelude.Text ->
+  -- | 'userName'
+  Prelude.Text ->
+  UpdateUserResponse
+newUpdateUserResponse
+  pHttpStatus_
+  pServerId_
+  pUserName_ =
+    UpdateUserResponse'
+      { httpStatus = pHttpStatus_,
+        serverId = pServerId_,
+        userName = pUserName_
+      }
+
+-- | The response's http status code.
+updateUserResponse_httpStatus :: Lens.Lens' UpdateUserResponse Prelude.Int
+updateUserResponse_httpStatus = Lens.lens (\UpdateUserResponse' {httpStatus} -> httpStatus) (\s@UpdateUserResponse' {} a -> s {httpStatus = a} :: UpdateUserResponse)
+
+-- | A system-assigned unique identifier for a server instance that the user
+-- account is assigned to.
+updateUserResponse_serverId :: Lens.Lens' UpdateUserResponse Prelude.Text
+updateUserResponse_serverId = Lens.lens (\UpdateUserResponse' {serverId} -> serverId) (\s@UpdateUserResponse' {} a -> s {serverId = a} :: UpdateUserResponse)
+
+-- | The unique identifier for a user that is assigned to a server instance
+-- that was specified in the request.
+updateUserResponse_userName :: Lens.Lens' UpdateUserResponse Prelude.Text
+updateUserResponse_userName = Lens.lens (\UpdateUserResponse' {userName} -> userName) (\s@UpdateUserResponse' {} a -> s {userName = a} :: UpdateUserResponse)
+
+instance Prelude.NFData UpdateUserResponse where
+  rnf UpdateUserResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf serverId
+      `Prelude.seq` Prelude.rnf userName
diff --git a/gen/Amazonka/Transfer/Waiters.hs b/gen/Amazonka/Transfer/Waiters.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/Transfer/Waiters.hs
@@ -0,0 +1,79 @@
+{-# LANGUAGE DisambiguateRecordFields #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.Transfer.Waiters
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.Transfer.Waiters where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.Transfer.DescribeServer
+import Amazonka.Transfer.Lens
+import Amazonka.Transfer.Types
+
+-- | Polls 'Amazonka.Transfer.DescribeServer' every 30 seconds until a successful state is reached. An error is returned after 120 failed checks.
+newServerOffline :: Core.Wait DescribeServer
+newServerOffline =
+  Core.Wait
+    { Core.name = "ServerOffline",
+      Core.attempts = 120,
+      Core.delay = 30,
+      Core.acceptors =
+        [ Core.matchAll
+            "OFFLINE"
+            Core.AcceptSuccess
+            ( describeServerResponse_server
+                Prelude.. describedServer_state
+                Prelude.. Lens._Just
+                Prelude.. Lens.to Data.toTextCI
+            ),
+          Core.matchAll
+            "STOP_FAILED"
+            Core.AcceptFailure
+            ( describeServerResponse_server
+                Prelude.. describedServer_state
+                Prelude.. Lens._Just
+                Prelude.. Lens.to Data.toTextCI
+            )
+        ]
+    }
+
+-- | Polls 'Amazonka.Transfer.DescribeServer' every 30 seconds until a successful state is reached. An error is returned after 120 failed checks.
+newServerOnline :: Core.Wait DescribeServer
+newServerOnline =
+  Core.Wait
+    { Core.name = "ServerOnline",
+      Core.attempts = 120,
+      Core.delay = 30,
+      Core.acceptors =
+        [ Core.matchAll
+            "ONLINE"
+            Core.AcceptSuccess
+            ( describeServerResponse_server
+                Prelude.. describedServer_state
+                Prelude.. Lens._Just
+                Prelude.. Lens.to Data.toTextCI
+            ),
+          Core.matchAll
+            "START_FAILED"
+            Core.AcceptFailure
+            ( describeServerResponse_server
+                Prelude.. describedServer_state
+                Prelude.. Lens._Just
+                Prelude.. Lens.to Data.toTextCI
+            )
+        ]
+    }
diff --git a/src/.gitkeep b/src/.gitkeep
new file mode 100644
--- /dev/null
+++ b/src/.gitkeep
diff --git a/test/Main.hs b/test/Main.hs
new file mode 100644
--- /dev/null
+++ b/test/Main.hs
@@ -0,0 +1,23 @@
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- |
+-- Module      : Main
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Main (main) where
+
+import Test.Amazonka.Transfer
+import Test.Amazonka.Transfer.Internal
+import Test.Tasty
+
+main :: IO ()
+main =
+  defaultMain $
+    testGroup
+      "Transfer"
+      [ testGroup "tests" tests,
+        testGroup "fixtures" fixtures
+      ]
diff --git a/test/Test/Amazonka/Gen/Transfer.hs b/test/Test/Amazonka/Gen/Transfer.hs
new file mode 100644
--- /dev/null
+++ b/test/Test/Amazonka/Gen/Transfer.hs
@@ -0,0 +1,1198 @@
+{-# OPTIONS_GHC -fno-warn-orphans #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Test.Amazonka.Gen.Transfer
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Test.Amazonka.Gen.Transfer where
+
+import Amazonka.Transfer
+import qualified Data.Proxy as Proxy
+import Test.Amazonka.Fixture
+import Test.Amazonka.Prelude
+import Test.Amazonka.Transfer.Internal
+import Test.Tasty
+
+-- Auto-generated: the actual test selection needs to be manually placed into
+-- the top-level so that real test data can be incrementally added.
+--
+-- This commented snippet is what the entire set should look like:
+
+-- fixtures :: TestTree
+-- fixtures =
+--     [ testGroup "request"
+--         [ requestCreateAccess $
+--             newCreateAccess
+--
+--         , requestCreateAgreement $
+--             newCreateAgreement
+--
+--         , requestCreateConnector $
+--             newCreateConnector
+--
+--         , requestCreateProfile $
+--             newCreateProfile
+--
+--         , requestCreateServer $
+--             newCreateServer
+--
+--         , requestCreateUser $
+--             newCreateUser
+--
+--         , requestCreateWorkflow $
+--             newCreateWorkflow
+--
+--         , requestDeleteAccess $
+--             newDeleteAccess
+--
+--         , requestDeleteAgreement $
+--             newDeleteAgreement
+--
+--         , requestDeleteCertificate $
+--             newDeleteCertificate
+--
+--         , requestDeleteConnector $
+--             newDeleteConnector
+--
+--         , requestDeleteHostKey $
+--             newDeleteHostKey
+--
+--         , requestDeleteProfile $
+--             newDeleteProfile
+--
+--         , requestDeleteServer $
+--             newDeleteServer
+--
+--         , requestDeleteSshPublicKey $
+--             newDeleteSshPublicKey
+--
+--         , requestDeleteUser $
+--             newDeleteUser
+--
+--         , requestDeleteWorkflow $
+--             newDeleteWorkflow
+--
+--         , requestDescribeAccess $
+--             newDescribeAccess
+--
+--         , requestDescribeAgreement $
+--             newDescribeAgreement
+--
+--         , requestDescribeCertificate $
+--             newDescribeCertificate
+--
+--         , requestDescribeConnector $
+--             newDescribeConnector
+--
+--         , requestDescribeExecution $
+--             newDescribeExecution
+--
+--         , requestDescribeHostKey $
+--             newDescribeHostKey
+--
+--         , requestDescribeProfile $
+--             newDescribeProfile
+--
+--         , requestDescribeSecurityPolicy $
+--             newDescribeSecurityPolicy
+--
+--         , requestDescribeServer $
+--             newDescribeServer
+--
+--         , requestDescribeUser $
+--             newDescribeUser
+--
+--         , requestDescribeWorkflow $
+--             newDescribeWorkflow
+--
+--         , requestImportCertificate $
+--             newImportCertificate
+--
+--         , requestImportHostKey $
+--             newImportHostKey
+--
+--         , requestImportSshPublicKey $
+--             newImportSshPublicKey
+--
+--         , requestListAccesses $
+--             newListAccesses
+--
+--         , requestListAgreements $
+--             newListAgreements
+--
+--         , requestListCertificates $
+--             newListCertificates
+--
+--         , requestListConnectors $
+--             newListConnectors
+--
+--         , requestListExecutions $
+--             newListExecutions
+--
+--         , requestListHostKeys $
+--             newListHostKeys
+--
+--         , requestListProfiles $
+--             newListProfiles
+--
+--         , requestListSecurityPolicies $
+--             newListSecurityPolicies
+--
+--         , requestListServers $
+--             newListServers
+--
+--         , requestListTagsForResource $
+--             newListTagsForResource
+--
+--         , requestListUsers $
+--             newListUsers
+--
+--         , requestListWorkflows $
+--             newListWorkflows
+--
+--         , requestSendWorkflowStepState $
+--             newSendWorkflowStepState
+--
+--         , requestStartFileTransfer $
+--             newStartFileTransfer
+--
+--         , requestStartServer $
+--             newStartServer
+--
+--         , requestStopServer $
+--             newStopServer
+--
+--         , requestTagResource $
+--             newTagResource
+--
+--         , requestTestIdentityProvider $
+--             newTestIdentityProvider
+--
+--         , requestUntagResource $
+--             newUntagResource
+--
+--         , requestUpdateAccess $
+--             newUpdateAccess
+--
+--         , requestUpdateAgreement $
+--             newUpdateAgreement
+--
+--         , requestUpdateCertificate $
+--             newUpdateCertificate
+--
+--         , requestUpdateConnector $
+--             newUpdateConnector
+--
+--         , requestUpdateHostKey $
+--             newUpdateHostKey
+--
+--         , requestUpdateProfile $
+--             newUpdateProfile
+--
+--         , requestUpdateServer $
+--             newUpdateServer
+--
+--         , requestUpdateUser $
+--             newUpdateUser
+--
+--           ]
+
+--     , testGroup "response"
+--         [ responseCreateAccess $
+--             newCreateAccessResponse
+--
+--         , responseCreateAgreement $
+--             newCreateAgreementResponse
+--
+--         , responseCreateConnector $
+--             newCreateConnectorResponse
+--
+--         , responseCreateProfile $
+--             newCreateProfileResponse
+--
+--         , responseCreateServer $
+--             newCreateServerResponse
+--
+--         , responseCreateUser $
+--             newCreateUserResponse
+--
+--         , responseCreateWorkflow $
+--             newCreateWorkflowResponse
+--
+--         , responseDeleteAccess $
+--             newDeleteAccessResponse
+--
+--         , responseDeleteAgreement $
+--             newDeleteAgreementResponse
+--
+--         , responseDeleteCertificate $
+--             newDeleteCertificateResponse
+--
+--         , responseDeleteConnector $
+--             newDeleteConnectorResponse
+--
+--         , responseDeleteHostKey $
+--             newDeleteHostKeyResponse
+--
+--         , responseDeleteProfile $
+--             newDeleteProfileResponse
+--
+--         , responseDeleteServer $
+--             newDeleteServerResponse
+--
+--         , responseDeleteSshPublicKey $
+--             newDeleteSshPublicKeyResponse
+--
+--         , responseDeleteUser $
+--             newDeleteUserResponse
+--
+--         , responseDeleteWorkflow $
+--             newDeleteWorkflowResponse
+--
+--         , responseDescribeAccess $
+--             newDescribeAccessResponse
+--
+--         , responseDescribeAgreement $
+--             newDescribeAgreementResponse
+--
+--         , responseDescribeCertificate $
+--             newDescribeCertificateResponse
+--
+--         , responseDescribeConnector $
+--             newDescribeConnectorResponse
+--
+--         , responseDescribeExecution $
+--             newDescribeExecutionResponse
+--
+--         , responseDescribeHostKey $
+--             newDescribeHostKeyResponse
+--
+--         , responseDescribeProfile $
+--             newDescribeProfileResponse
+--
+--         , responseDescribeSecurityPolicy $
+--             newDescribeSecurityPolicyResponse
+--
+--         , responseDescribeServer $
+--             newDescribeServerResponse
+--
+--         , responseDescribeUser $
+--             newDescribeUserResponse
+--
+--         , responseDescribeWorkflow $
+--             newDescribeWorkflowResponse
+--
+--         , responseImportCertificate $
+--             newImportCertificateResponse
+--
+--         , responseImportHostKey $
+--             newImportHostKeyResponse
+--
+--         , responseImportSshPublicKey $
+--             newImportSshPublicKeyResponse
+--
+--         , responseListAccesses $
+--             newListAccessesResponse
+--
+--         , responseListAgreements $
+--             newListAgreementsResponse
+--
+--         , responseListCertificates $
+--             newListCertificatesResponse
+--
+--         , responseListConnectors $
+--             newListConnectorsResponse
+--
+--         , responseListExecutions $
+--             newListExecutionsResponse
+--
+--         , responseListHostKeys $
+--             newListHostKeysResponse
+--
+--         , responseListProfiles $
+--             newListProfilesResponse
+--
+--         , responseListSecurityPolicies $
+--             newListSecurityPoliciesResponse
+--
+--         , responseListServers $
+--             newListServersResponse
+--
+--         , responseListTagsForResource $
+--             newListTagsForResourceResponse
+--
+--         , responseListUsers $
+--             newListUsersResponse
+--
+--         , responseListWorkflows $
+--             newListWorkflowsResponse
+--
+--         , responseSendWorkflowStepState $
+--             newSendWorkflowStepStateResponse
+--
+--         , responseStartFileTransfer $
+--             newStartFileTransferResponse
+--
+--         , responseStartServer $
+--             newStartServerResponse
+--
+--         , responseStopServer $
+--             newStopServerResponse
+--
+--         , responseTagResource $
+--             newTagResourceResponse
+--
+--         , responseTestIdentityProvider $
+--             newTestIdentityProviderResponse
+--
+--         , responseUntagResource $
+--             newUntagResourceResponse
+--
+--         , responseUpdateAccess $
+--             newUpdateAccessResponse
+--
+--         , responseUpdateAgreement $
+--             newUpdateAgreementResponse
+--
+--         , responseUpdateCertificate $
+--             newUpdateCertificateResponse
+--
+--         , responseUpdateConnector $
+--             newUpdateConnectorResponse
+--
+--         , responseUpdateHostKey $
+--             newUpdateHostKeyResponse
+--
+--         , responseUpdateProfile $
+--             newUpdateProfileResponse
+--
+--         , responseUpdateServer $
+--             newUpdateServerResponse
+--
+--         , responseUpdateUser $
+--             newUpdateUserResponse
+--
+--           ]
+--     ]
+
+-- Requests
+
+requestCreateAccess :: CreateAccess -> TestTree
+requestCreateAccess =
+  req
+    "CreateAccess"
+    "fixture/CreateAccess.yaml"
+
+requestCreateAgreement :: CreateAgreement -> TestTree
+requestCreateAgreement =
+  req
+    "CreateAgreement"
+    "fixture/CreateAgreement.yaml"
+
+requestCreateConnector :: CreateConnector -> TestTree
+requestCreateConnector =
+  req
+    "CreateConnector"
+    "fixture/CreateConnector.yaml"
+
+requestCreateProfile :: CreateProfile -> TestTree
+requestCreateProfile =
+  req
+    "CreateProfile"
+    "fixture/CreateProfile.yaml"
+
+requestCreateServer :: CreateServer -> TestTree
+requestCreateServer =
+  req
+    "CreateServer"
+    "fixture/CreateServer.yaml"
+
+requestCreateUser :: CreateUser -> TestTree
+requestCreateUser =
+  req
+    "CreateUser"
+    "fixture/CreateUser.yaml"
+
+requestCreateWorkflow :: CreateWorkflow -> TestTree
+requestCreateWorkflow =
+  req
+    "CreateWorkflow"
+    "fixture/CreateWorkflow.yaml"
+
+requestDeleteAccess :: DeleteAccess -> TestTree
+requestDeleteAccess =
+  req
+    "DeleteAccess"
+    "fixture/DeleteAccess.yaml"
+
+requestDeleteAgreement :: DeleteAgreement -> TestTree
+requestDeleteAgreement =
+  req
+    "DeleteAgreement"
+    "fixture/DeleteAgreement.yaml"
+
+requestDeleteCertificate :: DeleteCertificate -> TestTree
+requestDeleteCertificate =
+  req
+    "DeleteCertificate"
+    "fixture/DeleteCertificate.yaml"
+
+requestDeleteConnector :: DeleteConnector -> TestTree
+requestDeleteConnector =
+  req
+    "DeleteConnector"
+    "fixture/DeleteConnector.yaml"
+
+requestDeleteHostKey :: DeleteHostKey -> TestTree
+requestDeleteHostKey =
+  req
+    "DeleteHostKey"
+    "fixture/DeleteHostKey.yaml"
+
+requestDeleteProfile :: DeleteProfile -> TestTree
+requestDeleteProfile =
+  req
+    "DeleteProfile"
+    "fixture/DeleteProfile.yaml"
+
+requestDeleteServer :: DeleteServer -> TestTree
+requestDeleteServer =
+  req
+    "DeleteServer"
+    "fixture/DeleteServer.yaml"
+
+requestDeleteSshPublicKey :: DeleteSshPublicKey -> TestTree
+requestDeleteSshPublicKey =
+  req
+    "DeleteSshPublicKey"
+    "fixture/DeleteSshPublicKey.yaml"
+
+requestDeleteUser :: DeleteUser -> TestTree
+requestDeleteUser =
+  req
+    "DeleteUser"
+    "fixture/DeleteUser.yaml"
+
+requestDeleteWorkflow :: DeleteWorkflow -> TestTree
+requestDeleteWorkflow =
+  req
+    "DeleteWorkflow"
+    "fixture/DeleteWorkflow.yaml"
+
+requestDescribeAccess :: DescribeAccess -> TestTree
+requestDescribeAccess =
+  req
+    "DescribeAccess"
+    "fixture/DescribeAccess.yaml"
+
+requestDescribeAgreement :: DescribeAgreement -> TestTree
+requestDescribeAgreement =
+  req
+    "DescribeAgreement"
+    "fixture/DescribeAgreement.yaml"
+
+requestDescribeCertificate :: DescribeCertificate -> TestTree
+requestDescribeCertificate =
+  req
+    "DescribeCertificate"
+    "fixture/DescribeCertificate.yaml"
+
+requestDescribeConnector :: DescribeConnector -> TestTree
+requestDescribeConnector =
+  req
+    "DescribeConnector"
+    "fixture/DescribeConnector.yaml"
+
+requestDescribeExecution :: DescribeExecution -> TestTree
+requestDescribeExecution =
+  req
+    "DescribeExecution"
+    "fixture/DescribeExecution.yaml"
+
+requestDescribeHostKey :: DescribeHostKey -> TestTree
+requestDescribeHostKey =
+  req
+    "DescribeHostKey"
+    "fixture/DescribeHostKey.yaml"
+
+requestDescribeProfile :: DescribeProfile -> TestTree
+requestDescribeProfile =
+  req
+    "DescribeProfile"
+    "fixture/DescribeProfile.yaml"
+
+requestDescribeSecurityPolicy :: DescribeSecurityPolicy -> TestTree
+requestDescribeSecurityPolicy =
+  req
+    "DescribeSecurityPolicy"
+    "fixture/DescribeSecurityPolicy.yaml"
+
+requestDescribeServer :: DescribeServer -> TestTree
+requestDescribeServer =
+  req
+    "DescribeServer"
+    "fixture/DescribeServer.yaml"
+
+requestDescribeUser :: DescribeUser -> TestTree
+requestDescribeUser =
+  req
+    "DescribeUser"
+    "fixture/DescribeUser.yaml"
+
+requestDescribeWorkflow :: DescribeWorkflow -> TestTree
+requestDescribeWorkflow =
+  req
+    "DescribeWorkflow"
+    "fixture/DescribeWorkflow.yaml"
+
+requestImportCertificate :: ImportCertificate -> TestTree
+requestImportCertificate =
+  req
+    "ImportCertificate"
+    "fixture/ImportCertificate.yaml"
+
+requestImportHostKey :: ImportHostKey -> TestTree
+requestImportHostKey =
+  req
+    "ImportHostKey"
+    "fixture/ImportHostKey.yaml"
+
+requestImportSshPublicKey :: ImportSshPublicKey -> TestTree
+requestImportSshPublicKey =
+  req
+    "ImportSshPublicKey"
+    "fixture/ImportSshPublicKey.yaml"
+
+requestListAccesses :: ListAccesses -> TestTree
+requestListAccesses =
+  req
+    "ListAccesses"
+    "fixture/ListAccesses.yaml"
+
+requestListAgreements :: ListAgreements -> TestTree
+requestListAgreements =
+  req
+    "ListAgreements"
+    "fixture/ListAgreements.yaml"
+
+requestListCertificates :: ListCertificates -> TestTree
+requestListCertificates =
+  req
+    "ListCertificates"
+    "fixture/ListCertificates.yaml"
+
+requestListConnectors :: ListConnectors -> TestTree
+requestListConnectors =
+  req
+    "ListConnectors"
+    "fixture/ListConnectors.yaml"
+
+requestListExecutions :: ListExecutions -> TestTree
+requestListExecutions =
+  req
+    "ListExecutions"
+    "fixture/ListExecutions.yaml"
+
+requestListHostKeys :: ListHostKeys -> TestTree
+requestListHostKeys =
+  req
+    "ListHostKeys"
+    "fixture/ListHostKeys.yaml"
+
+requestListProfiles :: ListProfiles -> TestTree
+requestListProfiles =
+  req
+    "ListProfiles"
+    "fixture/ListProfiles.yaml"
+
+requestListSecurityPolicies :: ListSecurityPolicies -> TestTree
+requestListSecurityPolicies =
+  req
+    "ListSecurityPolicies"
+    "fixture/ListSecurityPolicies.yaml"
+
+requestListServers :: ListServers -> TestTree
+requestListServers =
+  req
+    "ListServers"
+    "fixture/ListServers.yaml"
+
+requestListTagsForResource :: ListTagsForResource -> TestTree
+requestListTagsForResource =
+  req
+    "ListTagsForResource"
+    "fixture/ListTagsForResource.yaml"
+
+requestListUsers :: ListUsers -> TestTree
+requestListUsers =
+  req
+    "ListUsers"
+    "fixture/ListUsers.yaml"
+
+requestListWorkflows :: ListWorkflows -> TestTree
+requestListWorkflows =
+  req
+    "ListWorkflows"
+    "fixture/ListWorkflows.yaml"
+
+requestSendWorkflowStepState :: SendWorkflowStepState -> TestTree
+requestSendWorkflowStepState =
+  req
+    "SendWorkflowStepState"
+    "fixture/SendWorkflowStepState.yaml"
+
+requestStartFileTransfer :: StartFileTransfer -> TestTree
+requestStartFileTransfer =
+  req
+    "StartFileTransfer"
+    "fixture/StartFileTransfer.yaml"
+
+requestStartServer :: StartServer -> TestTree
+requestStartServer =
+  req
+    "StartServer"
+    "fixture/StartServer.yaml"
+
+requestStopServer :: StopServer -> TestTree
+requestStopServer =
+  req
+    "StopServer"
+    "fixture/StopServer.yaml"
+
+requestTagResource :: TagResource -> TestTree
+requestTagResource =
+  req
+    "TagResource"
+    "fixture/TagResource.yaml"
+
+requestTestIdentityProvider :: TestIdentityProvider -> TestTree
+requestTestIdentityProvider =
+  req
+    "TestIdentityProvider"
+    "fixture/TestIdentityProvider.yaml"
+
+requestUntagResource :: UntagResource -> TestTree
+requestUntagResource =
+  req
+    "UntagResource"
+    "fixture/UntagResource.yaml"
+
+requestUpdateAccess :: UpdateAccess -> TestTree
+requestUpdateAccess =
+  req
+    "UpdateAccess"
+    "fixture/UpdateAccess.yaml"
+
+requestUpdateAgreement :: UpdateAgreement -> TestTree
+requestUpdateAgreement =
+  req
+    "UpdateAgreement"
+    "fixture/UpdateAgreement.yaml"
+
+requestUpdateCertificate :: UpdateCertificate -> TestTree
+requestUpdateCertificate =
+  req
+    "UpdateCertificate"
+    "fixture/UpdateCertificate.yaml"
+
+requestUpdateConnector :: UpdateConnector -> TestTree
+requestUpdateConnector =
+  req
+    "UpdateConnector"
+    "fixture/UpdateConnector.yaml"
+
+requestUpdateHostKey :: UpdateHostKey -> TestTree
+requestUpdateHostKey =
+  req
+    "UpdateHostKey"
+    "fixture/UpdateHostKey.yaml"
+
+requestUpdateProfile :: UpdateProfile -> TestTree
+requestUpdateProfile =
+  req
+    "UpdateProfile"
+    "fixture/UpdateProfile.yaml"
+
+requestUpdateServer :: UpdateServer -> TestTree
+requestUpdateServer =
+  req
+    "UpdateServer"
+    "fixture/UpdateServer.yaml"
+
+requestUpdateUser :: UpdateUser -> TestTree
+requestUpdateUser =
+  req
+    "UpdateUser"
+    "fixture/UpdateUser.yaml"
+
+-- Responses
+
+responseCreateAccess :: CreateAccessResponse -> TestTree
+responseCreateAccess =
+  res
+    "CreateAccessResponse"
+    "fixture/CreateAccessResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateAccess)
+
+responseCreateAgreement :: CreateAgreementResponse -> TestTree
+responseCreateAgreement =
+  res
+    "CreateAgreementResponse"
+    "fixture/CreateAgreementResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateAgreement)
+
+responseCreateConnector :: CreateConnectorResponse -> TestTree
+responseCreateConnector =
+  res
+    "CreateConnectorResponse"
+    "fixture/CreateConnectorResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateConnector)
+
+responseCreateProfile :: CreateProfileResponse -> TestTree
+responseCreateProfile =
+  res
+    "CreateProfileResponse"
+    "fixture/CreateProfileResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateProfile)
+
+responseCreateServer :: CreateServerResponse -> TestTree
+responseCreateServer =
+  res
+    "CreateServerResponse"
+    "fixture/CreateServerResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateServer)
+
+responseCreateUser :: CreateUserResponse -> TestTree
+responseCreateUser =
+  res
+    "CreateUserResponse"
+    "fixture/CreateUserResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateUser)
+
+responseCreateWorkflow :: CreateWorkflowResponse -> TestTree
+responseCreateWorkflow =
+  res
+    "CreateWorkflowResponse"
+    "fixture/CreateWorkflowResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateWorkflow)
+
+responseDeleteAccess :: DeleteAccessResponse -> TestTree
+responseDeleteAccess =
+  res
+    "DeleteAccessResponse"
+    "fixture/DeleteAccessResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteAccess)
+
+responseDeleteAgreement :: DeleteAgreementResponse -> TestTree
+responseDeleteAgreement =
+  res
+    "DeleteAgreementResponse"
+    "fixture/DeleteAgreementResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteAgreement)
+
+responseDeleteCertificate :: DeleteCertificateResponse -> TestTree
+responseDeleteCertificate =
+  res
+    "DeleteCertificateResponse"
+    "fixture/DeleteCertificateResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteCertificate)
+
+responseDeleteConnector :: DeleteConnectorResponse -> TestTree
+responseDeleteConnector =
+  res
+    "DeleteConnectorResponse"
+    "fixture/DeleteConnectorResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteConnector)
+
+responseDeleteHostKey :: DeleteHostKeyResponse -> TestTree
+responseDeleteHostKey =
+  res
+    "DeleteHostKeyResponse"
+    "fixture/DeleteHostKeyResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteHostKey)
+
+responseDeleteProfile :: DeleteProfileResponse -> TestTree
+responseDeleteProfile =
+  res
+    "DeleteProfileResponse"
+    "fixture/DeleteProfileResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteProfile)
+
+responseDeleteServer :: DeleteServerResponse -> TestTree
+responseDeleteServer =
+  res
+    "DeleteServerResponse"
+    "fixture/DeleteServerResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteServer)
+
+responseDeleteSshPublicKey :: DeleteSshPublicKeyResponse -> TestTree
+responseDeleteSshPublicKey =
+  res
+    "DeleteSshPublicKeyResponse"
+    "fixture/DeleteSshPublicKeyResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteSshPublicKey)
+
+responseDeleteUser :: DeleteUserResponse -> TestTree
+responseDeleteUser =
+  res
+    "DeleteUserResponse"
+    "fixture/DeleteUserResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteUser)
+
+responseDeleteWorkflow :: DeleteWorkflowResponse -> TestTree
+responseDeleteWorkflow =
+  res
+    "DeleteWorkflowResponse"
+    "fixture/DeleteWorkflowResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteWorkflow)
+
+responseDescribeAccess :: DescribeAccessResponse -> TestTree
+responseDescribeAccess =
+  res
+    "DescribeAccessResponse"
+    "fixture/DescribeAccessResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeAccess)
+
+responseDescribeAgreement :: DescribeAgreementResponse -> TestTree
+responseDescribeAgreement =
+  res
+    "DescribeAgreementResponse"
+    "fixture/DescribeAgreementResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeAgreement)
+
+responseDescribeCertificate :: DescribeCertificateResponse -> TestTree
+responseDescribeCertificate =
+  res
+    "DescribeCertificateResponse"
+    "fixture/DescribeCertificateResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeCertificate)
+
+responseDescribeConnector :: DescribeConnectorResponse -> TestTree
+responseDescribeConnector =
+  res
+    "DescribeConnectorResponse"
+    "fixture/DescribeConnectorResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeConnector)
+
+responseDescribeExecution :: DescribeExecutionResponse -> TestTree
+responseDescribeExecution =
+  res
+    "DescribeExecutionResponse"
+    "fixture/DescribeExecutionResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeExecution)
+
+responseDescribeHostKey :: DescribeHostKeyResponse -> TestTree
+responseDescribeHostKey =
+  res
+    "DescribeHostKeyResponse"
+    "fixture/DescribeHostKeyResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeHostKey)
+
+responseDescribeProfile :: DescribeProfileResponse -> TestTree
+responseDescribeProfile =
+  res
+    "DescribeProfileResponse"
+    "fixture/DescribeProfileResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeProfile)
+
+responseDescribeSecurityPolicy :: DescribeSecurityPolicyResponse -> TestTree
+responseDescribeSecurityPolicy =
+  res
+    "DescribeSecurityPolicyResponse"
+    "fixture/DescribeSecurityPolicyResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeSecurityPolicy)
+
+responseDescribeServer :: DescribeServerResponse -> TestTree
+responseDescribeServer =
+  res
+    "DescribeServerResponse"
+    "fixture/DescribeServerResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeServer)
+
+responseDescribeUser :: DescribeUserResponse -> TestTree
+responseDescribeUser =
+  res
+    "DescribeUserResponse"
+    "fixture/DescribeUserResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeUser)
+
+responseDescribeWorkflow :: DescribeWorkflowResponse -> TestTree
+responseDescribeWorkflow =
+  res
+    "DescribeWorkflowResponse"
+    "fixture/DescribeWorkflowResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DescribeWorkflow)
+
+responseImportCertificate :: ImportCertificateResponse -> TestTree
+responseImportCertificate =
+  res
+    "ImportCertificateResponse"
+    "fixture/ImportCertificateResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ImportCertificate)
+
+responseImportHostKey :: ImportHostKeyResponse -> TestTree
+responseImportHostKey =
+  res
+    "ImportHostKeyResponse"
+    "fixture/ImportHostKeyResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ImportHostKey)
+
+responseImportSshPublicKey :: ImportSshPublicKeyResponse -> TestTree
+responseImportSshPublicKey =
+  res
+    "ImportSshPublicKeyResponse"
+    "fixture/ImportSshPublicKeyResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ImportSshPublicKey)
+
+responseListAccesses :: ListAccessesResponse -> TestTree
+responseListAccesses =
+  res
+    "ListAccessesResponse"
+    "fixture/ListAccessesResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListAccesses)
+
+responseListAgreements :: ListAgreementsResponse -> TestTree
+responseListAgreements =
+  res
+    "ListAgreementsResponse"
+    "fixture/ListAgreementsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListAgreements)
+
+responseListCertificates :: ListCertificatesResponse -> TestTree
+responseListCertificates =
+  res
+    "ListCertificatesResponse"
+    "fixture/ListCertificatesResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListCertificates)
+
+responseListConnectors :: ListConnectorsResponse -> TestTree
+responseListConnectors =
+  res
+    "ListConnectorsResponse"
+    "fixture/ListConnectorsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListConnectors)
+
+responseListExecutions :: ListExecutionsResponse -> TestTree
+responseListExecutions =
+  res
+    "ListExecutionsResponse"
+    "fixture/ListExecutionsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListExecutions)
+
+responseListHostKeys :: ListHostKeysResponse -> TestTree
+responseListHostKeys =
+  res
+    "ListHostKeysResponse"
+    "fixture/ListHostKeysResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListHostKeys)
+
+responseListProfiles :: ListProfilesResponse -> TestTree
+responseListProfiles =
+  res
+    "ListProfilesResponse"
+    "fixture/ListProfilesResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListProfiles)
+
+responseListSecurityPolicies :: ListSecurityPoliciesResponse -> TestTree
+responseListSecurityPolicies =
+  res
+    "ListSecurityPoliciesResponse"
+    "fixture/ListSecurityPoliciesResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListSecurityPolicies)
+
+responseListServers :: ListServersResponse -> TestTree
+responseListServers =
+  res
+    "ListServersResponse"
+    "fixture/ListServersResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListServers)
+
+responseListTagsForResource :: ListTagsForResourceResponse -> TestTree
+responseListTagsForResource =
+  res
+    "ListTagsForResourceResponse"
+    "fixture/ListTagsForResourceResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListTagsForResource)
+
+responseListUsers :: ListUsersResponse -> TestTree
+responseListUsers =
+  res
+    "ListUsersResponse"
+    "fixture/ListUsersResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListUsers)
+
+responseListWorkflows :: ListWorkflowsResponse -> TestTree
+responseListWorkflows =
+  res
+    "ListWorkflowsResponse"
+    "fixture/ListWorkflowsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListWorkflows)
+
+responseSendWorkflowStepState :: SendWorkflowStepStateResponse -> TestTree
+responseSendWorkflowStepState =
+  res
+    "SendWorkflowStepStateResponse"
+    "fixture/SendWorkflowStepStateResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy SendWorkflowStepState)
+
+responseStartFileTransfer :: StartFileTransferResponse -> TestTree
+responseStartFileTransfer =
+  res
+    "StartFileTransferResponse"
+    "fixture/StartFileTransferResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy StartFileTransfer)
+
+responseStartServer :: StartServerResponse -> TestTree
+responseStartServer =
+  res
+    "StartServerResponse"
+    "fixture/StartServerResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy StartServer)
+
+responseStopServer :: StopServerResponse -> TestTree
+responseStopServer =
+  res
+    "StopServerResponse"
+    "fixture/StopServerResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy StopServer)
+
+responseTagResource :: TagResourceResponse -> TestTree
+responseTagResource =
+  res
+    "TagResourceResponse"
+    "fixture/TagResourceResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy TagResource)
+
+responseTestIdentityProvider :: TestIdentityProviderResponse -> TestTree
+responseTestIdentityProvider =
+  res
+    "TestIdentityProviderResponse"
+    "fixture/TestIdentityProviderResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy TestIdentityProvider)
+
+responseUntagResource :: UntagResourceResponse -> TestTree
+responseUntagResource =
+  res
+    "UntagResourceResponse"
+    "fixture/UntagResourceResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UntagResource)
+
+responseUpdateAccess :: UpdateAccessResponse -> TestTree
+responseUpdateAccess =
+  res
+    "UpdateAccessResponse"
+    "fixture/UpdateAccessResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateAccess)
+
+responseUpdateAgreement :: UpdateAgreementResponse -> TestTree
+responseUpdateAgreement =
+  res
+    "UpdateAgreementResponse"
+    "fixture/UpdateAgreementResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateAgreement)
+
+responseUpdateCertificate :: UpdateCertificateResponse -> TestTree
+responseUpdateCertificate =
+  res
+    "UpdateCertificateResponse"
+    "fixture/UpdateCertificateResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateCertificate)
+
+responseUpdateConnector :: UpdateConnectorResponse -> TestTree
+responseUpdateConnector =
+  res
+    "UpdateConnectorResponse"
+    "fixture/UpdateConnectorResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateConnector)
+
+responseUpdateHostKey :: UpdateHostKeyResponse -> TestTree
+responseUpdateHostKey =
+  res
+    "UpdateHostKeyResponse"
+    "fixture/UpdateHostKeyResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateHostKey)
+
+responseUpdateProfile :: UpdateProfileResponse -> TestTree
+responseUpdateProfile =
+  res
+    "UpdateProfileResponse"
+    "fixture/UpdateProfileResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateProfile)
+
+responseUpdateServer :: UpdateServerResponse -> TestTree
+responseUpdateServer =
+  res
+    "UpdateServerResponse"
+    "fixture/UpdateServerResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateServer)
+
+responseUpdateUser :: UpdateUserResponse -> TestTree
+responseUpdateUser =
+  res
+    "UpdateUserResponse"
+    "fixture/UpdateUserResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateUser)
diff --git a/test/Test/Amazonka/Transfer.hs b/test/Test/Amazonka/Transfer.hs
new file mode 100644
--- /dev/null
+++ b/test/Test/Amazonka/Transfer.hs
@@ -0,0 +1,20 @@
+-- |
+-- Module      : Test.Amazonka.Transfer
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Test.Amazonka.Transfer
+  ( tests,
+    fixtures,
+  )
+where
+
+import Test.Tasty (TestTree)
+
+tests :: [TestTree]
+tests = []
+
+fixtures :: [TestTree]
+fixtures = []
diff --git a/test/Test/Amazonka/Transfer/Internal.hs b/test/Test/Amazonka/Transfer/Internal.hs
new file mode 100644
--- /dev/null
+++ b/test/Test/Amazonka/Transfer/Internal.hs
@@ -0,0 +1,8 @@
+-- |
+-- Module      : Test.Amazonka.Transfer.Internal
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Test.Amazonka.Transfer.Internal where
